blob: 6302c0a945bac01073d7bc415d666e75b06e3b38 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
# This file is shipped as part of the salt-netbox-roleproxy package.
# Author: Georg Pfuetzenreuter <mail+rpm@georg-pfuetzenreuter.net>
[Unit]
Description=Salt NetBox Role Proxy
[Service]
User=_roleproxy
Group=_roleproxy
EnvironmentFile=/etc/sysconfig/roleproxy
ExecStart=/usr/local/bin/roleproxy.py
ProtectSystem=strict
ProtectHome=yes
PrivateDevices=yes
PrivateTmp=yes
PrivateUsers=yes
ProtectKernelTunables=yes
ProtectKernelLogs=yes
ProtectControlGroups=yes
RestrictAddressFamilies=AF_INET6 AF_INET
SystemCallArchitectures=native
SystemCallFilter=@system-service
[Install]
WantedBy=multi-user.target
|