blob: 832e5603bbd76368e9311d45ed54feced74a9e0e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
[Unit]
Description=Falco: Cloud Native Runtime Security with ebpf
Documentation=https://falco.org/docs/
[Service]
Type=simple
User=root
ExecStart=/usr/bin/falco -o engine.kind=ebpf
ExecReload=kill -1 $MAINPID
UMask=0077
TimeoutSec=30
RestartSec=15s
Restart=on-failure
PrivateTmp=true
NoNewPrivileges=yes
ProtectHome=read-only
ProtectSystem=full
ProtectKernelTunables=true
RestrictRealtime=true
RestrictAddressFamilies=~AF_PACKET
StandardOutput=null
[Install]
WantedBy=multi-user.target
|