This unit is provided by:
Options
-
[Install]-
WantedBy=sysinit.target
-
-
[Service]-
CapabilityBoundingSet=CAP_SYS_ADMIN -
CapabilityBoundingSet=CAP_SYS_ADMIN CAP_SYS_CHROOT -
EnvironmentFile=-/etc/default/haveged -
ExecStart=/usr/bin/haveged -w 1024 -v 1 --Foreground -v 64 -
ExecStart=/usr/sbin/haveged --Foreground --verbose=1 $DAEMON_ARGS -
ExecStart=/usr/sbin/haveged -w 1024 -v 0 -F -
ExecStart=/usr/sbin/haveged -w 1024 -v 1 --Foreground -v 64 -
LockPersonalityIntroduced in systemd 235=yes -
MemoryDenyWriteExecuteIntroduced in systemd 231=yes -
PrivateDevicesIntroduced in systemd 209=yes -
PrivateNetwork=yes -
PrivateTmp=no -
PrivateTmp=yes -
ProtectClockIntroduced in systemd 245=yes -
ProtectControlGroupsIntroduced in systemd 232=yes -
ProtectHomeIntroduced in systemd 214=yes -
ProtectHostnameIntroduced in systemd 242=yes -
ProtectKernelLogsIntroduced in systemd 244=yes -
ProtectKernelModulesIntroduced in systemd 232=yes -
ProtectSystemIntroduced in systemd 214=full -
Restart=always -
RestrictNamespacesIntroduced in systemd 233=yes -
RestrictRealtimeIntroduced in systemd 231=yes -
SecureBits=noroot-locked -
SuccessExitStatus=137 143 -
SystemCallArchitectures=native -
SystemCallErrorNumber=EPERM -
SystemCallFilter=@basic-io @file-system @io-event @network-io @signal arch_prctl brk ioctl mprotect sysinfo -
SystemCallFilter=@system-service ~@mount
-
-
[Unit]-
After=apparmor.service systemd-tmpfiles-setup.service systemd-tmpfiles-setup-dev.service -
After=systemd-tmpfiles-setup-dev.service -
Before=sysinit.target shutdown.target -
Before=sysinit.target shutdown.target systemd-journald.service -
ConditionKernelVersion=<5.6 -
ConditionVirtualization=!container -
DefaultDependencies=no -
Description=Entropy Daemon based on the HAVEGE algorithm -
Documentation=man:haveged(8) http://www.issihosts.com/haveged/
-
Additionnal notes
Nothing here.