This unit is provided by:
Options
-
[Install]-
WantedBy=multi-user.target
-
-
[Service]-
CPUAccounting=yes -
CapabilityBoundingSet=~CAP_SETUID CAP_SETGID CAP_SETPCAP ~CAP_SYS_ADMIN ~CAP_SYS_PTRACE ~CAP_CHOWN CAP_FSETID CAP_SETFCAP ~CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH CAP_FOWNER CAP_IPC_OWNER ~CAP_NET_ADMIN ~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE ~CAP_KILL ~CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW ~CAP_SYS_NICE CAP_SYS_RESOURCE ~CAP_MAC_ADMIN CAP_MAC_OVERRIDE ~CAP_SYS_BOOT ~CAP_LINUX_IMMUTABLE ~CAP_IPC_LOCK ~CAP_SYS_CHROOT ~CAP_BLOCK_SUSPEND ~CAP_LEASE ~CAP_SYS_PACCT ~CAP_SYS_TTY_CONFIG -
DevicePolicy=closed -
ExecReload=/bin/kill -HUP $MAINPID -
ExecStart=/usr/bin/umurmurd -d -r -
ExecStartPre=/usr/bin/umurmurd -t -
Group=umurmur -
IPAccounting=yes -
LimitRTPRIO=1 -
LockPersonalityIntroduced in systemd 235=yes -
MemoryAccounting=yes -
MemoryDenyWriteExecuteIntroduced in systemd 231=yes -
NoNewPrivilegesIntroduced in systemd 239=yes -
PIDFile=/run/umurmurd.pid -
PrivateDevicesIntroduced in systemd 209=yes -
PrivateTmp=yes -
ProcSubsetIntroduced in systemd 247=pid -
ProtectClockIntroduced in systemd 245=yes -
ProtectControlGroupsIntroduced in systemd 232=yes -
ProtectHomeIntroduced in systemd 214=yes -
ProtectHostnameIntroduced in systemd 242=yes -
ProtectKernelLogsIntroduced in systemd 244=yes -
ProtectKernelModulesIntroduced in systemd 232=yes -
ProtectKernelTunablesIntroduced in systemd 232=yes -
ProtectProcIntroduced in systemd 247=invisible -
ProtectSystemIntroduced in systemd 214=strict -
ReadWritePaths=/etc/umurmur -
RemoveIPCIntroduced in systemd 232=yes -
RestrictAddressFamilies=AF_INET AF_INET6 -
RestrictNamespacesIntroduced in systemd 233=yes -
RestrictSUIDSGIDIntroduced in systemd 242=yes -
SystemCallArchitectures=native -
SystemCallFilter=@system-service ~@privileged -
UMask=007 -
User=umurmur
-
-
[Unit]-
After=network.target -
Description=Minimalistic Mumble server
-
Additionnal notes
Nothing here.