40 lines
908 B
Desktop File
40 lines
908 B
Desktop File
##########################################################################
|
|
# whois42d example service file
|
|
##########################################################################
|
|
|
|
[Unit]
|
|
Description=Whois dn42 daemon
|
|
After=network.target
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
|
|
[Service]
|
|
|
|
# running as an unprivileged user requires the whois42d binary
|
|
# to be installed with additional capabilities for port 43 binding
|
|
#
|
|
# setcap 'cap_net_bind_service=+ep' ./whois42d
|
|
#
|
|
User=whoisd
|
|
Group=whoisd
|
|
|
|
Type=simple
|
|
Restart=on-failure
|
|
|
|
# service hardening
|
|
ProtectSystem=strict
|
|
ReadOnlyPaths=/home/whoisd/registry
|
|
NoNewPrivileges=yes
|
|
ProtectControlGroups=yes
|
|
PrivateTmp=yes
|
|
PrivateDevices=yes
|
|
DevicePolicy=closed
|
|
MemoryDenyWriteExecute=yes
|
|
|
|
# exec func
|
|
ExecStart=/usr/local/bin/whois42d \
|
|
-registry /home/whoisd/registry
|
|
|
|
##########################################################################
|
|
# end of file |