diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 16:14:31 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 16:14:31 +0000 |
| commit | 2d5707c7479eacb3b1ad98e01b53f56a88f8fb78 (patch) | |
| tree | d9c334e83692851c02e3e1b8e65570c97bc82481 /packaging/systemd/rsync@.service | |
| parent | Initial commit. (diff) | |
| download | rsync-2d5707c7479eacb3b1ad98e01b53f56a88f8fb78.tar.xz rsync-2d5707c7479eacb3b1ad98e01b53f56a88f8fb78.zip | |
Adding upstream version 3.2.7.upstream/3.2.7
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
| -rw-r--r-- | packaging/systemd/rsync@.service | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/packaging/systemd/rsync@.service b/packaging/systemd/rsync@.service new file mode 100644 index 0000000..63ba0c7 --- /dev/null +++ b/packaging/systemd/rsync@.service @@ -0,0 +1,28 @@ +[Unit] +Description=fast remote file copy program daemon +After=network.target + +[Service] +ExecStart=-/usr/bin/rsync --daemon +StandardInput=socket +StandardOutput=inherit +StandardError=journal + +# Citing README.md: +# +# [...] Using ssh is recommended for its security features. +# +# Alternatively, rsync can run in `daemon' mode, listening on a socket. +# This is generally used for public file distribution, [...] +# +# So let's assume some extra security is more than welcome here. We do full +# system protection (which makes /usr, /boot, & /etc read-only) and hide +# devices. To override these defaults, it's best to do so in the drop-in +# directory, often done via `systemctl edit rsync@.service`. The file needs +# just the bare minimum of the right [heading] and override values. +# See systemd.unit(5) and search for "drop-in" for full details. + +ProtectSystem=full +#ProtectHome=on|off|read-only +PrivateDevices=on +NoNewPrivileges=on |