Linux altar53.supremepanel53.com 4.18.0-553.8.1.lve.el8.x86_64 #1 SMP Thu Jul 4 16:24:39 UTC 2024 x86_64
/ usr/ lib/ systemd/ system/ |
|
[Unit] Description=Entropy Daemon based on the HAVEGE algorithm Documentation=man:haveged(8) http://www.issihosts.com/haveged/ DefaultDependencies=no After=systemd-tmpfiles-setup-dev.service Before=sysinit.target shutdown.target systemd-journald.service [Service] ExecStart=/usr/sbin/haveged -w 1024 -v 1 --Foreground Restart=always SuccessExitStatus=137 143 SecureBits=noroot-locked CapabilityBoundingSet=CAP_SYS_ADMIN CAP_SYS_CHROOT # We can *not* set PrivateTmp=true as it can cause an ordering cycle. PrivateTmp=false PrivateDevices=true # We can *not* set PrivateNetwork=true to allow command mode (chroot when included in initramfs) #PrivateNetwork=true ProtectSystem=full ProtectHome=true ProtectKernelModules=true RestrictNamespaces=true RestrictRealtime=true LockPersonality=true MemoryDenyWriteExecute=true SystemCallArchitectures=native SystemCallFilter=@system-service SystemCallFilter=~@mount SystemCallErrorNumber=EPERM [Install] WantedBy=sysinit.target