This unit is provided by:
Options
-
[Install]-
WantedBy=multi-user.target
-
-
[Service]-
ExecStart=/usr/bin/pesign --daemonize
-
ExecStart=/usr/bin/pesign --daemonize --nofork -
ExecStartPost=/usr/libexec//pesign/pesign-authorize -
ExecStartPost=/usr/share/pesign/pesign-authorize-users /usr/share/pesign/pesign-authorize-groups -
Group=pesign -
LockPersonalityIntroduced in systemd 235=yes -
LogsDirectory=pesign -
MemoryDenyWriteExecuteIntroduced in systemd 231=yes -
NoNewPrivilegesIntroduced in systemd 239=yes -
PIDFile=/run//pesign.pid -
PIDFile=/run/pesign.pid -
PIDFile=/run/pesign/pesign.pid -
PIDFile=/var/run/pesign.pid -
PrivateDevicesIntroduced in systemd 209=yes -
PrivateTmp=yes -
ProtectClockIntroduced in systemd 245=yes -
ProtectControlGroupsIntroduced in systemd 232=yes -
ProtectHomeIntroduced in systemd 214=yes -
ProtectHostnameIntroduced in systemd 242=yes -
ProtectKernelLogsIntroduced in systemd 244=yes -
ProtectKernelModulesIntroduced in systemd 232=yes -
ProtectKernelTunablesIntroduced in systemd 232=yes -
ProtectSystemIntroduced in systemd 214=full -
ProtectSystemIntroduced in systemd 214=strict -
ReadWritePaths=/run/pesign -
RemoveIPCIntroduced in systemd 232=yes -
RestrictNamespacesIntroduced in systemd 233=yes -
RestrictRealtimeIntroduced in systemd 231=yes -
RestrictSUIDSGIDIntroduced in systemd 242=yes -
RuntimeDirectory=pesign -
StateDirectory=pesign -
SystemCallArchitectures=native -
SystemCallFilter=@system-service ~@resources -
Type=forking -
User=pesign
-
-
[Unit]-
After=pesign-create-db.service -
Description=Pesign signing daemon -
Documentation=man:pesign(1) -
Wants=pesign-create-db.service
-
Additionnal notes
Nothing here.