|
Server IP : 87.107.10.74 / Your IP : 216.73.216.213 Web Server : LiteSpeed System : Linux box401.parsvds.com 4.18.0-553.30.1.lve.el8.x86_64 #1 SMP Tue Dec 3 01:21:19 UTC 2024 x86_64 User : aubxzmbu ( 3121) PHP Version : 7.4.33 Disable Function : exec,shell_exec,system,passthru,popen,eval,proc_close,proc_open,pcntl_exec,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_getpriority,pcntl_setpriority MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON Directory (0755) : /lib/systemd/system/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
[Unit] Description=PowerDNS Authoritative Server Documentation=man:pdns_server(1) man:pdns_control(1) Documentation=https://doc.powerdns.com Wants=network-online.target After=network-online.target time-sync.target Conflicts=named.service [Service] ExecStart=/usr/sbin/pdns_server --socket-dir=%t/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no SyslogIdentifier=pdns_server User=named Group=named Type=notify Restart=on-failure RestartSec=1 StartLimitInterval=0 RuntimeDirectory=pdns # Sandboxing CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_CHOWN AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_CHOWN LockPersonality=true NoNewPrivileges=true PrivateDevices=true PrivateTmp=true # Setting PrivateUsers=true prevents us from opening our sockets ProtectControlGroups=true ProtectHome=true ProtectKernelModules=true ProtectKernelTunables=true # ProtectSystem=full will disallow write access to /etc and /usr, possibly # not being able to write slaved-zones into sqlite3 or zonefiles. ProtectSystem=full RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 RestrictNamespaces=true RestrictRealtime=true SystemCallArchitectures=native SystemCallFilter=~ @clock @debug @module @mount @raw-io @reboot @swap @cpu-emulation @obsolete RemoveIPC=true DevicePolicy=closed # Not enabled by default because it does not play well with LuaJIT # MemoryDenyWriteExecute=true [Install] WantedBy=multi-user.target