16 lines
453 B
SYSTEMD
16 lines
453 B
SYSTEMD
|
[Unit]
|
||
|
Description=Update bogon list.
|
||
|
|
||
|
[Service]
|
||
|
# See systemd.exec(5) and systemd.service(5) for a description of the options
|
||
|
Type=oneshot
|
||
|
ExecStart=/usr/local/bin/updateBogons
|
||
|
|
||
|
# DynamicUser implies RemoveIPC, PrivateTmp, NoNewPrivileges, RestrictSUIDSGID (and cannot be disabled)
|
||
|
# It also implies ProtectSystem=strict and ProtectHome=read-only
|
||
|
DynamicUser=yes
|
||
|
ReadWritePaths=/var/cache/updateBogons/
|
||
|
ProtectHome=yes
|
||
|
User=updateBogons
|
||
|
Group=nftables
|