This unit is provided by:
Options
-
[Install]-
WantedBy=default.target
-
-
[Service]-
CapabilityBoundingSet=~CAP_SETUID CAP_SETGID CAP_SETPCAP CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_CHOWN CAP_FSETID CAP_SETFCAP CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH CAP_FOWNER CAP_IPC_OWNER CAP_NET_ADMIN CAP_SYS_TIME CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE CAP_KILL CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_RESOURCE CAP_MAC_ADMIN CAP_MAC_OVERRIDE CAP_SYS_BOOT CAP_LINUX_IMMUTABLE CAP_IPC_LOCK CAP_SYS_CHROOT CAP_BLOCK_SUSPEND CAP_LEASE CAP_SYS_PACCT CAP_SYS_TTY_CONFIG CAP_WAKE_ALARM -
DevicePolicy=closed -
DynamicUser=yes -
ExecStart=/usr/bin/piping-server --http-port 8181 -
LockPersonalityIntroduced in systemd 235=yes -
MemoryDenyWriteExecuteIntroduced in systemd 231=yes -
NoNewPrivilegesIntroduced in systemd 239=yes -
PrivateDevicesIntroduced in systemd 209=yes -
PrivateTmp=yes -
PrivateUsers=yes -
ProtectClockIntroduced in systemd 245=yes -
ProtectControlGroupsIntroduced in systemd 232=yes -
ProtectHomeIntroduced in systemd 214=read-only -
ProtectHostnameIntroduced in systemd 242=yes -
ProtectKernelLogsIntroduced in systemd 244=yes -
ProtectKernelModulesIntroduced in systemd 232=yes -
ProtectKernelTunablesIntroduced in systemd 232=yes -
ProtectSystemIntroduced in systemd 214=strict -
RemoveIPCIntroduced in systemd 232=yes -
Restart=on-failure -
RestrictAddressFamilies=~AF_AX25 AF_IPX AF_APPLETALK AF_X25 AF_DECnet AF_KEY AF_NETLINK AF_PACKET AF_RDS AF_PPPOX AF_LLC AF_IB AF_MPLS AF_CAN AF_TIPC AF_BLUETOOTH AF_ALG AF_VSOCK AF_KCM AF_UNIX AF_XDP -
RestrictNamespacesIntroduced in systemd 233=yes -
RestrictRealtimeIntroduced in systemd 231=yes -
RestrictSUIDSGIDIntroduced in systemd 242=yes -
SystemCallArchitectures=native -
SystemCallFilter=@system-service ~@resources @privileged
-
-
[Unit]-
Description=piping-server -
Documentation=https://github.com/nwtgck/piping-server-rust
-
Additionnal notes
Nothing here.