Overview

File nikau-client.service of Package nikau

[Unit]
Description=Start nikau KVM client
PartOf=graphical-session.target
After=graphical-session.target
# Set this variable e.g. in $HOME/.config/environment.d
ConditionEnvironment=NIKAU_SERVER
# Make sure the unit isn't restarted endlessly, see RestartSec= below.
StartLimitInterval=60
StartLimitBurst=2

[Service]
Type=simple
ExecStart=/bin/sh -c \
    "/usr/bin/run0 --pipe --unit nikau-client-%u.service \
    --setenv XAUTHORITY --setenv DISPLAY \
    --property ProtectSystem=strict\
    --property ProtectHome=read-only\
    --property ProtectClock=yes\
    --property ProtectKernelTunables=yes\
    --property ProtectKernelModules=yes\
    --property ProtectKernelLogs=yes\
    --property ProtectControlGroups=yes\
    --property RestrictNamespaces=yes\
    --property LockPersonality=yes\
    --property PrivateTmp=no\
    --property RestrictNamespaces=yes\
    --property RestrictRealtime=yes\
    --property RestrictSUIDSGID=yes\
    --property MemoryDenyWriteExecute=yes\
    --property SystemCallFilter=@system-service\
    --property SystemCallErrorNumber=EPERM\
    --property DeviceAllow='/dev/uinput rw'\
    /usr/bin/nikau client ${NIKAU_SERVER}"
ExecStop=/usr/bin/systemctl stop nikau-client-%u.service
# Under GNOME/X11, the unit may fail to start the polkit dialog
# during session initialization. See StartLimitBurst= above.
Restart=on-failure
RestartSec=10

[Install]
WantedBy=graphical-session.target
openSUSE Build Service is sponsored by
Places