systemd: Add comments with integration considerations.
This commit is contained in:
Brett Smith
parent
4f96088167
commit
d522327e2d
1 changed files with 10 additions and 0 deletions
|
|
@ -7,8 +7,16 @@ After=network-online.target
|
|||
WantedBy=default.target
|
||||
|
||||
[Service]
|
||||
## If you installed ForwardXMPP in a virtualenv, you will probably want to
|
||||
## override this line so the executable is the python inside your virtualenv.
|
||||
## If you did not install ForwardXMPP system-wide, you can set
|
||||
## Environment=PYTHONPATH=<directory of your source checkout>
|
||||
## and this ExecStart should work.
|
||||
ExecStart=/usr/bin/python3 -m forwardxmpp --config-file /etc/forwardxmpp/config.ini
|
||||
|
||||
## Generally the only privileged operation ForwardXMPP needs to do is read
|
||||
## its configuration file (which has a password in it). If DynamicUser can't
|
||||
## read it, you can turn that off and set a low-privileged static User.
|
||||
DynamicUser=true
|
||||
|
||||
DevicePolicy=closed
|
||||
|
|
@ -29,4 +37,6 @@ RestrictRealtime=true
|
|||
CapabilityBoundingSet=
|
||||
NoNewPrivileges=true
|
||||
|
||||
## This is just a list of very privileged syscall groups.
|
||||
## This list could be tightened further if desired.
|
||||
SystemCallFilter=~@clock @cpu-emulation @debug @module @mount @obsolete
|
||||
|
|
|
|||
Loading…
Reference in a new issue