2019-11-21 12:29:22 +00:00
|
|
|
[Unit]
|
|
|
|
Description=Albatross VMM daemon (albatrossd)
|
2020-11-11 13:31:26 +00:00
|
|
|
Requires=albatross_console.socket albatross_log.socket albatross_daemon.socket
|
2020-04-03 14:34:30 +00:00
|
|
|
After=syslog.target albatross_console.service albatross_log.service
|
|
|
|
|
2019-11-21 12:29:22 +00:00
|
|
|
[Service]
|
|
|
|
Type=simple
|
|
|
|
# TODO not necessarily needs to be run as root, anything that can solo5-spt/hvt,
|
|
|
|
# create tap interfaces should be fine!
|
|
|
|
User=root
|
2020-11-11 12:02:48 +00:00
|
|
|
ExecStart=/usr/local/sbin/albatrossd --systemd-socket-activation --tmpdir="%t/albatross/" -vv
|
2020-04-03 14:34:30 +00:00
|
|
|
#RuntimeDirectoryPreserve=yes
|
|
|
|
#RuntimeDirectory=albatross
|
|
|
|
PIDFile=%t/albatross/daemon.pid
|
2019-11-21 12:29:22 +00:00
|
|
|
|
|
|
|
## hardening stuff
|
|
|
|
ProtectSystem=full
|
|
|
|
ProtectHome=true
|
2020-04-03 14:34:30 +00:00
|
|
|
#UMask=0077
|
2019-11-21 12:29:22 +00:00
|
|
|
OOMScoreAdjust=-1000
|
|
|
|
#AppArmorProfile=
|
|
|
|
#SmackProcessLabel=albatross_vmm
|
|
|
|
IgnoreSIGPIPE=true
|
|
|
|
#SystemCallFilter=~reboot
|
|
|
|
#SystemCallFilter=
|
2020-04-03 14:34:30 +00:00
|
|
|
#RestrictAddressFamilies=AF_UNIX
|
2019-11-21 12:29:22 +00:00
|
|
|
#RuntimeDirectoryMode=0700
|
|
|
|
|
|
|
|
[Install]
|
2020-11-11 12:02:48 +00:00
|
|
|
Also=albatross_daemon.socket
|
2019-11-21 12:29:22 +00:00
|
|
|
WantedBy=multi-user.target
|