Blame - poky/meta/recipes-support/rng-tools/rng-tools/rng-tools.service - openbmc/openbmc

blob: 568686e80e64fe90bb7f75f01c4c2c79a7c08248 [file] [log] [blame]

Brad Bishop	d7bf8c1	2018-02-25 22:55:05 -0500	[diff] [blame]	1	[Unit]
				2	Description=Hardware RNG Entropy Gatherer Daemon
Brad Bishop	08902b0	2019-08-20 09:16:51 -0400	[diff] [blame]	3	DefaultDependencies=no
				4	After=systemd-udev-settle.service
				5	Before=sysinit.target shutdown.target
Andrew Geissler	5199d83	2021-09-24 16:47:35 -0500	[diff] [blame]	6	Wants=systemd-udev-settle.service
Brad Bishop	08902b0	2019-08-20 09:16:51 -0400	[diff] [blame]	7	Conflicts=shutdown.target
Brad Bishop	d7bf8c1	2018-02-25 22:55:05 -0500	[diff] [blame]	8
				9	[Service]
Brad Bishop	15ae250	2019-06-18 21:44:24 -0400	[diff] [blame]	10	EnvironmentFile=-@SYSCONFDIR@/default/rng-tools
				11	ExecStart=@SBINDIR@/rngd -f $EXTRA_ARGS
Andrew Geissler	82c905d	2020-04-13 13:39:40 -0500	[diff] [blame]	12	CapabilityBoundingSet=CAP_SYS_ADMIN
				13	IPAddressDeny=any
				14	LockPersonality=yes
				15	MemoryDenyWriteExecute=yes
				16	NoNewPrivileges=yes
				17	PrivateTmp=yes
				18	ProtectControlGroups=yes
				19	ProtectHome=yes
				20	ProtectHostname=yes
				21	ProtectKernelModules=yes
				22	ProtectKernelLogs=yes
				23	ProtectSystem=strict
				24	RestrictAddressFamilies=AF_UNIX
				25	RestrictNamespaces=yes
				26	RestrictRealtime=yes
				27	RestrictSUIDSGID=yes
				28	SystemCallArchitectures=native
				29	SystemCallErrorNumber=EPERM
				30	SystemCallFilter=@system-service
Brad Bishop	d7bf8c1	2018-02-25 22:55:05 -0500	[diff] [blame]	31
				32	[Install]
Andrew Geissler	82c905d	2020-04-13 13:39:40 -0500	[diff] [blame]	33	WantedBy=sysinit.target