Overview

File salt-broker.service of Package salt-broker

[Unit]
Description=Salt ZeroMQ Proxy (broker)
After=network.target

[Service]
Type=simple
User=salt-broker
LimitNOFILE=51200
Environment=SALT_BROKER_LOGFILE=/var/log/salt-broker/salt-broker.log SALT_BROKER_CONF_FILE=/etc/salt-broker/config
ExecStart=/usr/sbin/salt-broker
NoNewPrivileges=yes
ProtectSystem=full
ProtectHome=true
RestrictNamespaces=true
#RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
PrivateTmp=true
ProtectClock=true
ProtectControlGroups=true
ProtectKernelTunables=true
ProtectKernelLogs=true
ProtectKernelModules=true
LockPersonality=true
RestrictSUIDSGID=true
RemoveIPC=true
RestrictRealtime=true
PrivateDevices=true
SystemCallFilter=@system-service
SystemCallArchitectures=native
MemoryDenyWriteExecute=true

[Install]
WantedBy=multi-user.target
openSUSE Build Service is sponsored by
Places