Overview

File nikau-server.service of Package nikau

[Unit]
Description=Start nikau KVM server
PartOf=graphical-session.target
After=graphical-session.target
# Make sure the unit isn't restarted endlessly, see RestartSec= below.
StartLimitInterval=60
StartLimitBurst=2

[Service]
Type=simple
EnvironmentFile=%h/.config/nikau/server_environment
ExecStart=/bin/sh -c \
    "/usr/bin/run0 --pipe --unit nikau-server-%u.service \
    --setenv XAUTHORITY --setenv DISPLAY \
    --property ProtectSystem=strict\
    --property ProtectHome=read-only\
    --property ProtectClock=yes\
    --property ProtectKernelTunables=yes\
    --property ProtectKernelModules=yes\
    --property ProtectKernelLogs=yes\
    --property ProtectControlGroups=yes\
    --property RestrictNamespaces=yes\
    --property LockPersonality=yes\
    --property PrivateTmp=no\
    --property RestrictNamespaces=yes\
    --property RestrictRealtime=yes\
    --property RestrictSUIDSGID=yes\
    --property MemoryDenyWriteExecute=yes\
    --property SystemCallFilter=@system-service\
    --property SystemCallErrorNumber=EPERM\
    --property DeviceAllow='char-input r'\
    --property DeviceAllow='/dev/uinput rw'\
    /usr/bin/nikau server ${NIKAU_SERVER_OPTS}"
ExecStop=/usr/bin/systemctl stop nikau-server-%u.service
# Under GNOME/X11, the unit may fail to start the polkit dialog
# during session initialization. See StartLimitBurst= above.
Restart=on-failure
RestartSec=10

[Install]
WantedBy=graphical-session.target
openSUSE Build Service is sponsored by
Places