This unit is provided by:
Options
-
[Install]-
WantedBy=multi-user.target
-
-
[Service]-
CacheDirectory=onionprobe -
CapabilityBoundingSet= -
ConfigurationDirectory=onionprobe -
DeviceAllow=/dev/null rw -
DevicePolicy=closed -
EnvironmentFile=/etc/default/onionprobe -
ExecStart=/usr/bin/onionprobe -c $CONFIG $DAEMON_OPTS -
Group=_onionprobe -
InaccessibleDirectories=/home -
LockPersonalityIntroduced in systemd 235=yes -
LogsDirectory=onionprobe -
MemoryDenyWriteExecuteIntroduced in systemd 231=yes -
NoNewPrivilegesIntroduced in systemd 239=yes -
PrivateDevicesIntroduced in systemd 209=yes -
PrivateTmp=yes -
PrivateUsers=yes -
ProcSubsetIntroduced in systemd 247=pid -
ProtectClockIntroduced in systemd 245=yes -
ProtectControlGroupsIntroduced in systemd 232=true true -
ProtectHomeIntroduced in systemd 214=yes -
ProtectHostnameIntroduced in systemd 242=yes -
ProtectKernelLogsIntroduced in systemd 244=yes -
ProtectKernelModulesIntroduced in systemd 232=yes -
ProtectKernelTunablesIntroduced in systemd 232=yes -
ProtectProcIntroduced in systemd 247=invisible -
ProtectSystemIntroduced in systemd 214=full -
ReadOnlyDirectories=/ -
RemoveIPCIntroduced in systemd 232=yes -
RestrictAddressFamilies=AF_INET AF_INET6 -
RestrictNamespacesIntroduced in systemd 233=yes -
RestrictRealtimeIntroduced in systemd 231=yes -
RestrictSUIDSGIDIntroduced in systemd 242=yes -
RuntimeDirectory=onionprobe -
StateDirectory=onionprobe -
SystemCallArchitectures=native -
UMask=0077 -
User=_onionprobe
-
-
[Unit]-
After=network.target -
Description=Onionprobe -
Documentation=file:///usr/share/doc/onionprobe/README.Debian man:onionprobe(1) https://gitlab.torproject.org/tpo/onion-services/onionprobe
-
Additionnal notes
Nothing here.