HEX
Server: nginx/1.24.0
System: Linux localhost 5.15.0-46-generic #49-Ubuntu SMP Thu Aug 4 18:03:25 UTC 2022 x86_64
User: www (1000)
PHP: 8.3.27
Disabled: passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
$ pwd: /lib/systemd/system/
Upload Files
File: //lib/systemd/system/upower.service
[Unit]
Description=Daemon for power management
Documentation=man:upowerd(8)

[Service]
Type=dbus
BusName=org.freedesktop.UPower
ExecStart=/usr/libexec/upowerd
Restart=on-failure

# Filesystem lockdown
ProtectSystem=strict
# Needed by keyboard backlight support
ProtectKernelTunables=false
ProtectControlGroups=true
ReadWritePaths=/var/lib/upower
StateDirectory=upower
ProtectHome=true
PrivateTmp=true

# Network
# PrivateNetwork=true would block udev's netlink socket
IPAddressDeny=any
RestrictAddressFamilies=AF_UNIX AF_NETLINK

# Execute Mappings
MemoryDenyWriteExecute=true

# Modules
ProtectKernelModules=true

# Real-time
RestrictRealtime=true

# Privilege escalation
NoNewPrivileges=true

# Capabilities
CapabilityBoundingSet=

# System call interfaces
LockPersonality=yes
SystemCallArchitectures=native
SystemCallFilter=@system-service
SystemCallFilter=ioprio_get

# Namespaces
PrivateUsers=yes
RestrictNamespaces=yes

# Locked memory
LimitMEMLOCK=0

[Install]
WantedBy=graphical.target
@ Telegram