summaryrefslogtreecommitdiffstats
path: root/contrib/Kali_Linux_Raspberry_armhf/haveged.service
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/Kali_Linux_Raspberry_armhf/haveged.service')
-rw-r--r--contrib/Kali_Linux_Raspberry_armhf/haveged.service33
1 files changed, 33 insertions, 0 deletions
diff --git a/contrib/Kali_Linux_Raspberry_armhf/haveged.service b/contrib/Kali_Linux_Raspberry_armhf/haveged.service
new file mode 100644
index 0000000..9c599ee
--- /dev/null
+++ b/contrib/Kali_Linux_Raspberry_armhf/haveged.service
@@ -0,0 +1,33 @@
+[Unit]
+Description=Entropy Daemon based on the HAVEGE algorithm
+Documentation=man:haveged(8) http://www.issihosts.com/haveged/
+DefaultDependencies=no
+After=apparmor.service systemd-tmpfiles-setup.service systemd-tmpfiles-setup-dev.service
+Before=sysinit.target shutdown.target
+
+[Service]
+EnvironmentFile=-/etc/default/haveged
+ExecStart=/usr/sbin/haveged --Foreground --verbose=1 $DAEMON_ARGS
+Restart=always
+SuccessExitStatus=137 143
+SecureBits=noroot-locked
+CapabilityBoundingSet=CAP_SYS_ADMIN CAP_SYS_CHROOT
+PrivateTmp=false
+PrivateDevices=true
+PrivateNetwork=false
+ProtectSystem=full
+ProtectHome=true
+ProtectHostname=true
+ProtectKernelLogs=true
+ProtectKernelModules=true
+RestrictNamespaces=true
+RestrictRealtime=true
+
+LockPersonality=true
+MemoryDenyWriteExecute=true
+SystemCallArchitectures=native
+# SystemCallFilter=@basic-io @file-system @io-event @network-io @signal
+# SystemCallFilter=arch_prctl brk ioctl mprotect sysinfo
+
+[Install]
+WantedBy=sysinit.target
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-18 07:51:56 +0100