search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
upgpkg: wordpress 6.2.1-1
[ArchLinux/community.git] / pesign / repos / community-x86_64 / pesign-create-db.service
blob32b65fa45a6b8c35fce19a87aa2f56e6d280cca0
1 [Unit]
2 Description=Pesign database generation
3 Documentation=man:certutil(1)
4 ConditionPathExists=|!/etc/pki/pesign/cert9.db
5 ConditionPathExists=|!/etc/pki/pesign/key4.db
6 ConditionPathExists=|!/etc/pki/pesign/pkcs11.txt
7
8 [Service]
9 Type=oneshot
10 RemainAfterExit=yes
11 User=pesign
12 Group=pesign
13 ExecStart=/usr/bin/certutil -N -d sql:/etc/pki/pesign --empty-password
14 ProtectSystem=strict
15 ProtectHome=true
16 PrivateTmp=true
17 PrivateDevices=true
18 ProtectKernelTunables=true
19 ProtectControlGroups=true
20 NoNewPrivileges=true
21 MemoryDenyWriteExecute=true
22 LockPersonality=true
23 ProtectHostname=true
24 ProtectKernelLogs=true
25 ProtectKernelModules=true
26 RemoveIPC=true
27 RestrictNamespaces=true
28 RestrictRealtime=true
29 RestrictSUIDSGID=true
30 SystemCallArchitectures=native
31 SystemCallFilter=@system-service
32 SystemCallFilter=~@resources
33 ReadWritePaths=/etc/pki/pesign
Automatic import of svn 'community' repo (read-only mirror)