From fd6ea8a3f4999133f8ac036a23584c3e5f9e9b3f Mon Sep 17 00:00:00 2001 From: Luke Shumaker Date: Sat, 17 Dec 2016 03:04:41 -0500 Subject: ./tools/notsd-move --- .../systemd-logind/systemd-logind.service.in | 35 ++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 src/grp-login/systemd-logind/systemd-logind.service.in (limited to 'src/grp-login/systemd-logind/systemd-logind.service.in') diff --git a/src/grp-login/systemd-logind/systemd-logind.service.in b/src/grp-login/systemd-logind/systemd-logind.service.in new file mode 100644 index 0000000000..0b6de35733 --- /dev/null +++ b/src/grp-login/systemd-logind/systemd-logind.service.in @@ -0,0 +1,35 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Login Service +Documentation=man:systemd-logind.service(8) man:logind.conf(5) +Documentation=http://www.freedesktop.org/wiki/Software/systemd/logind +Documentation=http://www.freedesktop.org/wiki/Software/systemd/multiseat +Wants=user.slice +After=nss-user-lookup.target user.slice + +# Ask for the dbus socket. If running over kdbus, the socket will +# not be actually used. +Wants=dbus.socket +After=dbus.socket + +[Service] +ExecStart=@rootlibexecdir@/systemd-logind +Restart=always +RestartSec=0 +BusName=org.freedesktop.login1 +WatchdogSec=3min +CapabilityBoundingSet=CAP_SYS_ADMIN CAP_MAC_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG +MemoryDenyWriteExecute=yes +RestrictRealtime=yes +RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 +SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @obsolete @raw-io + +# Increase the default a bit in order to allow many simultaneous +# logins since we keep one fd open per session. +LimitNOFILE=16384 -- cgit v1.2.3-54-g00ecf