NotAShelf
bfd9fa485e
Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Id9e80fa744f3b7e3b8abc260efdc9dd66a6a6964
34 lines
650 B
Desktop File
34 lines
650 B
Desktop File
[Unit]
|
|
Description=Pluggable System Condition Monitoring Daemon
|
|
Documentation=https://github.com/pscand/pscand
|
|
After=network.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
ExecStart=pscand run --config /etc/pscand/pscand.toml
|
|
Restart=on-failure
|
|
RestartSec=5
|
|
User=root
|
|
Group=root
|
|
|
|
# Log to journal
|
|
StandardOutput=journal
|
|
StandardError=journal
|
|
|
|
# Capabilities for sensor access
|
|
AmbientCapabilities=CAP_SYS_ADMIN CAP_DAC_OVERRIDE
|
|
|
|
# Security hardening
|
|
ProtectSystem=full
|
|
ProtectHome=true
|
|
NoNewPrivileges=false
|
|
|
|
# Runtime directory
|
|
RuntimeDirectory=pscand
|
|
RuntimeDirectoryMode=0755
|
|
|
|
# Tempfs for sensitive /proc data
|
|
PrivateTmp=true
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|