summaryrefslogtreecommitdiffstats
path: root/config/chroot_local-includes/lib/systemd/system/htpdate.service
blob: 6d956c6e4d027a436ae382928e7c32db26f83287 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
[Unit]
Description=Setting time using HTP
Documentation=https://tails.boum.org/contribute/design/Time_syncing/
Before=time-sync.target
Wants=time-sync.target

[Service]
Type=oneshot
Environment=DONE_FILE=/run/htpdate/done
Environment=SUCCESS_FILE=/run/htpdate/success
Environment=LOG=/var/log/htpdate.log
EnvironmentFile=/etc/default/htpdate.*
ExecStartPre=/bin/sh -c \
    '[ -n "${HTTP_USER_AGENT}"  ] && \
     [ -n "${HTP_POOL_PAL}"     ] && \
     [ -n "${HTP_POOL_NEUTRAL}" ] && \
     [ -n "${HTP_POOL_FOE}"     ]'
ExecStartPre=/bin/rm -f "${DONE_FILE}"
ExecStartPre=/bin/rm -f "${SUCCESS_FILE}"
ExecStartPre=/usr/bin/install -o htp -g nogroup -m 0644 /dev/null "${LOG}"
ExecStart=/usr/local/sbin/htpdate                   \
              --debug                               \
              --log_file "${LOG}"                   \
              --user_agent "${HTTP_USER_AGENT}"     \
              --allowed_per_pool_failure_ratio 0.34 \
              --user htp                            \
              --done_file    "${DONE_FILE}"         \
              --success_file "${SUCCESS_FILE}"      \
              --pal_pool     "${HTP_POOL_PAL}"      \
              --neutral_pool "${HTP_POOL_NEUTRAL}"  \
              --foe_pool     "${HTP_POOL_FOE}"      \
              --proxy        127.0.0.1:9062
RemainAfterExit=yes
CapabilityBoundingSet=CAP_CHOWN CAP_FOWNER CAP_SETUID CAP_SYS_TIME
PrivateDevices=yes
PrivateTmp=yes
ProtectHome=yes
ProtectSystem=full