Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/mumble-voip/mumble.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/auxiliary_files/config_files/mumble-server.service.in
diff options
context:
space:
mode:
Diffstat (limited to 'auxiliary_files/config_files/mumble-server.service.in')
-rw-r--r--auxiliary_files/config_files/mumble-server.service.in36
1 files changed, 36 insertions, 0 deletions
diff --git a/auxiliary_files/config_files/mumble-server.service.in b/auxiliary_files/config_files/mumble-server.service.in
new file mode 100644
index 000000000..0447a022e
--- /dev/null
+++ b/auxiliary_files/config_files/mumble-server.service.in
@@ -0,0 +1,36 @@
+[Unit]
+Description=Mumble server
+After=network.target
+Wants=network-online.target
+
+[Service]
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+ExecStart=@MUMBLE_INSTALL_ABS_EXECUTABLEDIR@/@MUMBLE_SERVER_BINARY_NAME@ -ini @MUMBLE_INSTALL_ABS_SYSCONFDIR@/mumble-server.ini -fg
+Group=_mumble-server
+LockPersonality=yes
+MemoryDenyWriteExecute=yes
+NoNewPrivileges=yes
+PrivateDevices=true
+PrivateTmp=true
+ProtectClock=yes
+ProtectControlGroups=yes
+ProtectHome=true
+ProtectHostname=yes
+ProtectKernelLogs=yes
+ProtectKernelModules=yes
+ProtectKernelTunables=yes
+ProtectSystem=full
+RestrictAddressFamilies=~AF_PACKET AF_NETLINK
+RestrictNamespaces=yes
+RestrictSUIDSGID=yes
+RestrictRealtime=yes
+Restart=always
+SystemCallArchitectures=native
+SystemCallFilter=@system-service
+Type=simple
+User=_mumble-server
+
+[Install]
+WantedBy=multi-user.target
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-10 02:59:38 +0300