Home Explore Help
Register Sign In
wisejohn
/
buildtool
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 91b50992a4
Branches Tags
buildtool
/
linux
/
tools
/
x86_64-linux-gnu
/
sysroot
/
lib
/
systemd
/
system
/
systemd-networkd.service

systemd-networkd.service 2.0 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859 
  1. #  SPDX-License-Identifier: LGPL-2.1+
    2. 

  2. #
    3. 

  3. #  This file is part of systemd.
    4. 

  4. #
    5. 

  5. #  systemd is free software; you can redistribute it and/or modify it
    6. 

  6. #  under the terms of the GNU Lesser General Public License as published by
    7. 

  7. #  the Free Software Foundation; either version 2.1 of the License, or
    8. 

  8. #  (at your option) any later version.
    9. 

  9. 

  10. [Unit]
    11. 

  11. Description=Network Service
    12. 

  12. Documentation=man:systemd-networkd.service(8)
    13. 

  13. ConditionCapability=CAP_NET_ADMIN
    14. 

  14. DefaultDependencies=no
    15. 

  15. # systemd-udevd.service can be dropped once tuntap is moved to netlink
    16. 

  16. After=systemd-udevd.service network-pre.target systemd-sysusers.service systemd-sysctl.service
    17. 

  17. Before=network.target multi-user.target shutdown.target
    18. 

  18. Conflicts=shutdown.target
    19. 

  19. Wants=network.target
    20. 

  20. 

  21. [Service]
    22. 

  22. AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW
    23. 

  23. CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW
    24. 

  24. DeviceAllow=char-* rw
    25. 

  25. ExecStart=!!/lib/systemd/systemd-networkd
    26. 

  26. LockPersonality=yes
    27. 

  27. MemoryDenyWriteExecute=yes
    28. 

  28. NoNewPrivileges=yes
    29. 

  29. ProtectControlGroups=yes
    30. 

  30. ProtectHome=yes
    31. 

  31. ProtectKernelModules=yes
    32. 

  32. ProtectKernelLogs=yes
    33. 

  33. ProtectSystem=strict
    34. 

  34. Restart=on-failure
    35. 

  35. RestartSec=0
    36. 

  36. RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 AF_PACKET AF_ALG
    37. 

  37. RestrictNamespaces=yes
    38. 

  38. RestrictRealtime=yes
    39. 

  39. RestrictSUIDSGID=yes
    40. 

  40. RuntimeDirectory=systemd/netif
    41. 

  41. RuntimeDirectoryPreserve=yes
    42. 

  42. SystemCallArchitectures=native
    43. 

  43. SystemCallErrorNumber=EPERM
    44. 

  44. SystemCallFilter=@system-service
    45. 

  45. Type=notify
    46. 

  46. RestartKillSignal=SIGUSR2
    47. 

  47. User=systemd-network
    48. 

  48. WatchdogSec=3min
    49. 

  49. 

  50. [Install]
    51. 

  51. WantedBy=multi-user.target
    52. 

  52. Also=systemd-networkd.socket
    53. 

  53. Alias=dbus-org.freedesktop.network1.service
    54. 

  54. 

  55. # We want to enable systemd-networkd-wait-online.service whenever this service
    56. 

  56. # is enabled. systemd-networkd-wait-online.service has
    57. 

  57. # WantedBy=network-online.target, so enabling it only has an effect if
    58. 

  58. # network-online.target itself is enabled or pulled in by some other unit.
    59. 

  59. Also=systemd-networkd-wait-online.service
    60.