| 1234567891011121314151617181920212223242526272829303132333435363738394041 |
- # SPDX-License-Identifier: LGPL-2.1+
- #
- # This file is part of systemd.
- #
- # systemd is free software; you can redistribute it and/or modify it
- # under the terms of the GNU Lesser General Public License as published by
- # the Free Software Foundation; either version 2.1 of the License, or
- # (at your option) any later version.
- [Unit]
- Description=Locale Service
- Documentation=man:systemd-localed.service(8) man:locale.conf(5) man:vconsole.conf(5)
- Documentation=https://www.freedesktop.org/wiki/Software/systemd/localed
- [Service]
- BusName=org.freedesktop.locale1
- CapabilityBoundingSet=
- ExecStart=/lib/systemd/systemd-localed
- IPAddressDeny=any
- LockPersonality=yes
- MemoryDenyWriteExecute=yes
- NoNewPrivileges=yes
- PrivateDevices=yes
- PrivateNetwork=yes
- PrivateTmp=yes
- ProtectControlGroups=yes
- ProtectHome=yes
- ProtectHostname=yes
- ProtectKernelModules=yes
- ProtectKernelTunables=yes
- ProtectKernelLogs=yes
- ProtectSystem=strict
- ReadWritePaths=/etc
- RestrictAddressFamilies=AF_UNIX
- RestrictNamespaces=yes
- RestrictRealtime=yes
- RestrictSUIDSGID=yes
- SystemCallArchitectures=native
- SystemCallErrorNumber=EPERM
- SystemCallFilter=@system-service
- WatchdogSec=3min
|
