projects / thirdparty / systemd.git / blame
| Commit | Line | Data |
|---|---|---|
| ee9b9875 TG |
1 | # This file is part of systemd. |
| 2 | # | |
| 3 | # systemd is free software; you can redistribute it and/or modify it | |
| 4 | # under the terms of the GNU Lesser General Public License as published by | |
| 5 | # the Free Software Foundation; either version 2.1 of the License, or | |
| 6 | # (at your option) any later version. | |
| ee9b9875 | 7 | |
| 091a364c TG |
8 | [Unit] |
| 9 | Description=Network Name Resolution | |
| 10 | Documentation=man:systemd-resolved.service(8) | |
| 45bd4854 LP |
11 | Documentation=http://www.freedesktop.org/wiki/Software/systemd/resolved |
| 12 | Documentation=http://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers | |
| 13 | Documentation=http://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients | |
| 1dff3202 | 14 | After=systemd-networkd.service network.target |
| 091a364c | 15 | |
| 78ad7cf1 LP |
16 | # On kdbus systems we pull in the busname explicitly, because it |
| 17 | # carries policy that allows the daemon to acquire its name. | |
| 18 | Wants=org.freedesktop.resolve1.busname | |
| 19 | After=org.freedesktop.resolve1.busname | |
| 20 | ||
| 091a364c TG |
21 | [Service] |
| 22 | Type=notify | |
| 23 | Restart=always | |
| 24 | RestartSec=0 | |
| 25 | ExecStart=@rootlibexecdir@/systemd-resolved | |
| b30bf55d | 26 | CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_SETPCAP CAP_CHOWN CAP_DAC_OVERRIDE CAP_FOWNER CAP_NET_RAW CAP_NET_BIND_SERVICE |
| 1b8689f9 LP |
27 | ProtectSystem=full |
| 28 | ProtectHome=yes | |
| c2fc2c25 | 29 | WatchdogSec=3min |
| 40652ca4 | 30 | MemoryDenyWriteExecute=yes |
| 4e069746 | 31 | SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io |
| 091a364c TG |
32 | |
| 33 | [Install] | |
| 34 | WantedBy=multi-user.target |