1# SPDX-License-Identifier: LGPL-2.1-or-later 2# 3# This file is part of systemd. 4# 5# systemd is free software; you can redistribute it and/or modify it 6# under the terms of the GNU Lesser General Public License as published by 7# the Free Software Foundation; either version 2.1 of the License, or 8# (at your option) any later version. 9 10[Unit] 11Description=Hostname Service 12Documentation=man:systemd-hostnamed.service(8) 13Documentation=man:hostname(5) 14Documentation=man:machine-info(5) 15Documentation=man:org.freedesktop.resolve1(5) 16 17[Service] 18BusName=org.freedesktop.hostname1 19CapabilityBoundingSet=CAP_SYS_ADMIN 20ExecStart={{ROOTLIBEXECDIR}}/systemd-hostnamed 21IPAddressDeny=any 22LockPersonality=yes 23MemoryDenyWriteExecute=yes 24NoNewPrivileges=yes 25PrivateDevices=yes 26PrivateNetwork=yes 27PrivateTmp=yes 28ProtectProc=invisible 29ProtectControlGroups=yes 30ProtectHome=yes 31ProtectKernelLogs=yes 32ProtectKernelModules=yes 33ProtectKernelTunables=yes 34ProtectSystem=strict 35ReadWritePaths=/etc /run/systemd 36RestrictAddressFamilies=AF_UNIX 37RestrictNamespaces=yes 38RestrictRealtime=yes 39RestrictSUIDSGID=yes 40SystemCallArchitectures=native 41SystemCallErrorNumber=EPERM 42SystemCallFilter=@system-service sethostname 43{{SERVICE_WATCHDOG}} 44