python-talk/init-scripts/systemd-user.service

39 lines
863 B
SYSTEMD
Raw Permalink Normal View History

[Unit]
Description=firepup's python-talk
[Service]
2024-07-17 01:25:55 +00:00
WorkingDirectory=%h/python-talk
ExecStart=/usr/bin/python3 server.py --link=37.27.51.34:65048 --no-logs --no-cache --cwlgd
Restart=always
RestartSec=5
NoNewPrivileges=true
RestrictSUIDSGID=true
ProtectSystem=strict
2024-07-17 01:25:55 +00:00
ProtectHome=tmpfs
BindReadOnlyPaths=%h/python-talk
ProtectProc=ptraceable
ProcSubset=pid
PrivateTmp=true
CapabilityBoundingSet=
PrivateDevices=true
ProtectClock=true
ProtectKernelLogs=true
ProtectControlGroups=true
ProtectKernelModules=true
SystemCallArchitectures=native
# python.
MemoryDenyWriteExecute=false
RestrictNamespaces=true
ProtectHostname=true
LockPersonality=true
ProtectKernelTunables=true
RestrictAddressFamilies=AF_INET
RestrictRealtime=true
PrivateUsers=true
SystemCallFilter=@system-service
SystemCallFilter=~@privileged @resources
UMask=0077
[Install]
2024-07-17 01:25:55 +00:00
WantedBy=default.target