tails-shutdown-on-media-removal.service 422 Bytes
Newer Older
1 2
[Unit]
Description=Wipe memory on live media removal
3
Documentation=https://tails.boum.org/contribute/design/memory_erasure/
4
After=memlockd.service initramfs-shutdown.service
5
ConditionKernelCommandLine=!toram
6 7 8

[Service]
Type=simple
9
ExecStart=/usr/local/lib/udev-watchdog-wrapper
10 11 12 13 14
CapabilityBoundingSet=~CAP_SYS_ADMIN
PrivateNetwork=yes
PrivateTmp=yes
ProtectHome=yes
ProtectSystem=full
15 16 17

[Install]
WantedBy=multi-user.target