39 lines
1.1 KiB
SYSTEMD
39 lines
1.1 KiB
SYSTEMD
|
[Unit]
|
||
|
Description=Albatross VMM daemon (albatrossd)
|
||
|
Requires=albatross_console.service albatross_log.service albatross_stat.service
|
||
|
After=syslog.target albatross_console.service albatross_log.service albatross_stat.service
|
||
|
[Service]
|
||
|
Type=simple
|
||
|
|
||
|
# TODO not necessarily needs to be run as root, anything that can solo5-spt/hvt,
|
||
|
# create tap interfaces should be fine!
|
||
|
#Environment=albatross_daemon_user=root
|
||
|
#User=${albatross_daemon_user}
|
||
|
User=root
|
||
|
|
||
|
WorkingDirectory=/
|
||
|
|
||
|
#ExecStartPre=id # the fbsd scripts do something here, not sure what
|
||
|
ExecStart=/usr/local/sbin/albatrossd.exe --tmpdir="%t/albatross/" -vv
|
||
|
#--dbdir (defaults to /run/albatross)
|
||
|
|
||
|
RuntimeDirectoryPreserve=yes
|
||
|
RuntimeDirectory=albatross albatross/fifo albatross/util
|
||
|
PIDFile=/%t/albatross/daemon.pid
|
||
|
|
||
|
## hardening stuff
|
||
|
ProtectSystem=full
|
||
|
ProtectHome=true
|
||
|
UMask=0077
|
||
|
OOMScoreAdjust=-1000
|
||
|
#AppArmorProfile=
|
||
|
#SmackProcessLabel=albatross_vmm
|
||
|
IgnoreSIGPIPE=true
|
||
|
#SystemCallFilter=~reboot
|
||
|
#SystemCallFilter=
|
||
|
RestrictAddressFamilies=AF_UNIX AF_INET
|
||
|
#RuntimeDirectoryMode=0700
|
||
|
|
||
|
[Install]
|
||
|
WantedBy=multi-user.target
|