Annotation of embedaddon/rsync/packaging/systemd/rsync@.service, revision 1.1
1.1 ! misho 1: [Unit]
! 2: Description=fast remote file copy program daemon
! 3: After=network.target
! 4:
! 5: [Service]
! 6: ExecStart=-/usr/bin/rsync --daemon
! 7: StandardInput=socket
! 8: StandardOutput=inherit
! 9: StandardError=journal
! 10:
! 11: # Citing README.md:
! 12: #
! 13: # [...] Using ssh is recommended for its security features.
! 14: #
! 15: # Alternatively, rsync can run in `daemon' mode, listening on a socket.
! 16: # This is generally used for public file distribution, [...]
! 17: #
! 18: # So let's assume some extra security is more than welcome here. We do full
! 19: # system protection (which makes /usr, /boot, & /etc read-only) and hide
! 20: # devices. To override these defaults, it's best to do so in the drop-in
! 21: # directory, often done via `systemctl edit rsync@.service`. The file needs
! 22: # just the bare minimum of the right [heading] and override values.
! 23: # See systemd.unit(5) and search for "drop-in" for full details.
! 24:
! 25: ProtectSystem=full
! 26: #ProtectHome=on|off|read-only
! 27: PrivateDevices=on
! 28: NoNewPrivileges=on
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to rsync@.service CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / rsync / packaging / systemd