This unit is provided by:
Options
-
[Install]-
WantedBy=multi-user.target
-
-
[Service]-
AmbientCapabilities=CAP_NET_BIND_SERVICE -
AmbientCapabilities=cap_net_raw -
CapabilityBoundingSet=CAP_NET_BIND_SERVICE -
CapabilityBoundingSet=cap_net_raw -
EnvironmentFile=/etc/conf.d/gortr -
EnvironmentFile=/etc/default/gortr -
ExecStart=/usr/bin/gortr $GORTR_ARGS -
LockPersonalityIntroduced in systemd 235=yes -
MemoryDenyWriteExecuteIntroduced in systemd 231=yes -
NoNewPrivilegesIntroduced in systemd 239=yes -
PrivateDevicesIntroduced in systemd 209=yes -
PrivateTmp=yes -
ProtectClockIntroduced in systemd 245=yes -
ProtectControlGroupsIntroduced in systemd 232=yes -
ProtectHomeIntroduced in systemd 214=yes -
ProtectHostnameIntroduced in systemd 242=yes -
ProtectKernelLogsIntroduced in systemd 244=yes -
ProtectKernelModulesIntroduced in systemd 232=yes -
ProtectKernelTunablesIntroduced in systemd 232=yes -
ProtectSystemIntroduced in systemd 214=full -
ProtectSystemIntroduced in systemd 214=strict -
Restart=on-failure -
RestartSec=10s -
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX -
RestrictNamespacesIntroduced in systemd 233=yes -
RestrictRealtimeIntroduced in systemd 231=yes -
RestrictSUIDSGIDIntroduced in systemd 242=yes -
SystemCallArchitectures=native -
SystemCallErrorNumber=EPERM -
SystemCallFilter=@system-service -
Type=exec -
Type=simple -
User=_cfrpki -
User=gortr -
WorkingDirectory=/usr/lib/gortr
-
-
[Unit]-
After=network.target -
Description=GoRTR -
Description=GoRTR RPKI to router server -
Wants=network-online.target
-
Additionnal notes
Nothing here.