units/systemd-udevd.service.in

   1 #  SPDX-License-Identifier: LGPL-2.1-or-later
   2 #
   3 #  This file is part of systemd.
   4 #
   5 #  systemd is free software; you can redistribute it and/or modify it
   6 #  under the terms of the GNU Lesser General Public License as published by
   7 #  the Free Software Foundation; either version 2.1 of the License, or
   8 #  (at your option) any later version.
   9
  10 [Unit]
  11 Description=Rule-based Manager for Device Events and Files
  12 Documentation=man:systemd-udevd.service(8) man:udev(7)
  13 DefaultDependencies=no
  14 After=systemd-sysusers.service systemd-hwdb-update.service
  15 Before=sysinit.target
  16 ConditionPathIsReadWrite=/sys
  17
  18 [Service]
  19 Delegate=pids
  20 Type=notify
  21 # Note that udev will reset the value internally for its workers
  22 OOMScoreAdjust=-1000
  23 Sockets=systemd-udevd-control.socket systemd-udevd-kernel.socket
  24 Restart=always
  25 RestartSec=0
  26 ExecStart={{ROOTLIBEXECDIR}}/systemd-udevd
  27 ExecReload=udevadm control --reload --timeout 0
  28 KillMode=mixed
  29 TasksMax=infinity
  30 PrivateMounts=yes
  31 ProtectHostname=yes
  32 MemoryDenyWriteExecute=yes
  33 RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
  34 RestrictRealtime=yes
  35 RestrictSUIDSGID=yes
  36 SystemCallFilter=@system-service @module @raw-io bpf
  37 SystemCallErrorNumber=EPERM
  38 SystemCallArchitectures=native
  39 LockPersonality=yes
  40 IPAddressDeny=any
  41 {{SERVICE_WATCHDOG}}