| Linux premium331.web-hosting.com 4.18.0-553.80.1.lve.el8.x86_64 #1 SMP Wed Oct 22 19:29:36 UTC 2025 x86_64 Path : /usr/lib/systemd/system/ |
| Current File : //usr/lib/systemd/system/hc-ftpd-auth-proxy.service |
[Unit] Description=pure-ftpd / pure-authd authentication proxy (per-rule IP restrictions) # Wants: order the proxy after pure-authd without binding to its lifecycle. After=pure-authd.service Wants=pure-authd.service [Service] Type=simple # --check-config gates startup: a broken config fails here (ExecStartPre) so a # bad deploy never brings FTP auth down with the daemon half-up. ExecStartPre=/usr/src/hc-ftpd-auth-proxy/hc-ftpd-auth-proxy --config /etc/hc-ftpd-auth-proxy/config.yaml --check-config ExecStart=/usr/src/hc-ftpd-auth-proxy/hc-ftpd-auth-proxy --config /etc/hc-ftpd-auth-proxy/config.yaml # Runs as root (no User=) so it can bind /var/run/ftpd.sock — pure-authd's old # path — which lets pure-ftpd reach the proxy with no reconfiguration. /run is # root:root 0755, so an unprivileged user could not create that socket. The # sandbox below contains the root process. NoNewPrivileges=true ProtectSystem=strict # ProtectSystem=strict mounts the whole tree read-only; carve out the only paths # the daemon must write: /run to bind /var/run/ftpd.sock, and /var/log for the # optional log_file (omit /var/log if you only log to journald via stderr). ReadWritePaths=/run /var/log ProtectHome=true PrivateTmp=true PrivateDevices=true ProtectKernelTunables=true ProtectKernelModules=true ProtectControlGroups=true RestrictAddressFamilies=AF_UNIX SystemCallFilter=@system-service SystemCallErrorNumber=EPERM LockPersonality=true MemoryDenyWriteExecute=true Restart=always RestartSec=3 # CPython exits 120 when flushing stdout/stderr fails during interpreter # finalization (e.g. a long-lived process whose journald stream was severed). # The drain still completed; don't let that artifact register as a failure. SuccessExitStatus=120 # Allow the graceful drain (request + backend timeout + slack) to finish before # systemd escalates to SIGKILL. The Python side computes its grace as # `request_timeout_seconds + backend_timeout_seconds + 2s`; with the shipped # defaults that's 17s. The 60s cap leaves headroom for operators who tune the # timeouts upward (e.g. backend_timeout=30 + request_timeout=10 -> 42s grace). # Keep this comfortably above the worst configured grace, or systemd will # SIGKILL mid-drain and drop in-flight auth requests. KillMode=mixed TimeoutStopSec=60 [Install] WantedBy=multi-user.target