Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #
- # /etc/systemd/system/wavid.service
- # usage:
- # systemctl daemon-reload
- # systemctl enable wavid
- # systemctl start wavid
- #
- [Unit]
- Description=Wavi daemon
- After=network.target
- [Service]
- Environment=MALLOC_ARENA_MAX=1
- ExecStart=/usr/local/bin/wavid -conf=/root/.wavicore/wavi.conf -pid=/run/wavid/wavid.pid -disablewallet
- ExecStop=/usr/local/bin/wavi-cli stop
- RuntimeDirectory=wavid
- User=root
- Type=forking
- PIDFile=/run/wavid/wavid.pid
- Restart=on-failure
- # Hardening measures
- ####################
- # Provide a private /tmp and /var/tmp.
- PrivateTmp=true
- # Mount /usr, /boot/ and /etc read-only for the process.
- ProtectSystem=full
- # Disallow the process and all of its children to gain
- # new privileges through execve().
- NoNewPrivileges=true
- # Use a new /dev namespace only populated with API pseudo devices
- # such as /dev/null, /dev/zero and /dev/random.
- PrivateDevices=true
- # Deny the creation of writable and executable memory mappings.
- MemoryDenyWriteExecute=true
- [Install]
- WantedBy=multi-user.target
Add Comment
Please, Sign In to add comment
