blob: 1f379de84993e5f9a70d912adaf3a4c7b2a45304 (
plain) (
tree)
|
|
[Unit]
Description=Update he-ipv6 tunnel end point
After=network-online.target
[Service]
Type=oneshot
ExecStart=curl --silent "https://USERNAME:PASSWORD@ipv4.tunnelbroker.net/nic/update?hostname=582358"
NoNewPrivileges=yes # Prevent acquiring new privileges. Warning: breaks execution of SUID binaries
PermissionsStartOnly=true
PrivateDevices=yes # Prevent access to /dev
PrivateTmp=yes # Use dedicated /tmp
PrivateUsers=true
ProtectHome=yes # Hide user homes
ProtectKernelModules=yes # Prevent loading or reading kernel modules
ProtectKernelTunables=yes # Prevent altering kernel tunables
ProtectSystem=strict # strict or full, see docs
[Install]
WantedBy=network-online.target
|