Blame - poky/meta/recipes-support/rng-tools/rng-tools/rngd.service - openbmc/openbmc

blob: 0559b97991546405e4e63f7e9b6e299e72bbf805 [file] [log] [blame]

Brad Bishop	d7bf8c1	2018-02-25 22:55:05 -0500	[diff] [blame]	1	[Unit]
				2	Description=Hardware RNG Entropy Gatherer Daemon
Brad Bishop	08902b0	2019-08-20 09:16:51 -0400	[diff] [blame]	3	DefaultDependencies=no
				4	After=systemd-udev-settle.service
				5	Before=sysinit.target shutdown.target
				6	Conflicts=shutdown.target
Brad Bishop	d7bf8c1	2018-02-25 22:55:05 -0500	[diff] [blame]	7
				8	[Service]
Brad Bishop	15ae250	2019-06-18 21:44:24 -0400	[diff] [blame]	9	EnvironmentFile=-@SYSCONFDIR@/default/rng-tools
				10	ExecStart=@SBINDIR@/rngd -f $EXTRA_ARGS
Andrew Geissler	82c905d	2020-04-13 13:39:40 -0500	[diff] [blame^]	11	CapabilityBoundingSet=CAP_SYS_ADMIN
				12	IPAddressDeny=any
				13	LockPersonality=yes
				14	MemoryDenyWriteExecute=yes
				15	NoNewPrivileges=yes
				16	PrivateTmp=yes
				17	ProtectControlGroups=yes
				18	ProtectHome=yes
				19	ProtectHostname=yes
				20	ProtectKernelModules=yes
				21	ProtectKernelLogs=yes
				22	ProtectSystem=strict
				23	RestrictAddressFamilies=AF_UNIX
				24	RestrictNamespaces=yes
				25	RestrictRealtime=yes
				26	RestrictSUIDSGID=yes
				27	SystemCallArchitectures=native
				28	SystemCallErrorNumber=EPERM
				29	SystemCallFilter=@system-service
Brad Bishop	d7bf8c1	2018-02-25 22:55:05 -0500	[diff] [blame]	30
				31	[Install]
Andrew Geissler	82c905d	2020-04-13 13:39:40 -0500	[diff] [blame^]	32	WantedBy=sysinit.target