]> git.ipfire.org Git - people/ms/network.git/blob - src/networkd/networkd.service.in
projects / people / ms / network.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Makefile: Fix typo in localstatedir
[people/ms/network.git] / src / networkd / networkd.service.in
1 [Unit]
2 Description=Network Configuration
3 Documentation=man:networkd.service(8)
4
5 ConditionCapability=CAP_NET_ADMIN
6 DefaultDependencies=no
7 # systemd-udevd.service can be dropped once tuntap is moved to netlink
8 After=systemd-udevd.service network-pre.target systemd-sysusers.service systemd-sysctl.service
9 Before=network.target multi-user.target shutdown.target
10 Conflicts=shutdown.target
11 Wants=network.target
12
13 [Service]
14 AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW
15 BusName=org.ipfire.network1
16 CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW
17 DeviceAllow=char-* rw
18 ExecStart=@networkdir@/networkd
19 FileDescriptorStoreMax=512
20 LockPersonality=yes
21 MemoryDenyWriteExecute=yes
22 NoNewPrivileges=yes
23 ProtectProc=invisible
24 ProtectClock=yes
25 ProtectControlGroups=yes
26 ProtectHome=yes
27 ProtectKernelLogs=yes
28 ProtectKernelModules=yes
29 ProtectSystem=strict
30 Restart=on-failure
31 RestartSec=0
32 RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 AF_PACKET
33 RestrictNamespaces=yes
34 RestrictRealtime=yes
35 RestrictSUIDSGID=yes
36 SystemCallArchitectures=native
37 SystemCallErrorNumber=EPERM
38 SystemCallFilter=@system-service
39 Type=notify-reload
40 User=network
41 WatchdogSec=3min
42
43 [Install]
44 WantedBy=multi-user.target
45 Alias=dbus-org.ipfire.network1.service
Networking code of IPFire 3.x.