2017-04-17 14:21:07 -04:00
|
|
|
[Unit]
|
2018-03-29 02:57:06 -04:00
|
|
|
Description=Protect Qubes VM execution environment at startup
|
2017-04-20 19:20:25 -04:00
|
|
|
After=qubes-sysinit.service
|
2017-04-21 11:26:55 -04:00
|
|
|
Before=qubes-mount-dirs.service
|
2018-03-29 02:57:06 -04:00
|
|
|
ConditionPathExists=|/var/run/qubes-service/vm-boot-protect
|
|
|
|
|
ConditionPathExists=|/var/run/qubes-service/vm-boot-protect-root
|
|
|
|
|
ConditionPathExists=|/var/run/qubes-service/vm-boot-protect-cli
|
2017-04-21 11:26:55 -04:00
|
|
|
DefaultDependencies=false
|
2017-05-09 19:02:54 -04:00
|
|
|
OnFailure=shutdown.target
|
|
|
|
|
OnFailureJobMode=replace-irreversibly
|
2017-04-17 14:21:07 -04:00
|
|
|
|
|
|
|
|
[Service]
|
|
|
|
|
Type=oneshot
|
|
|
|
|
RemainAfterExit=no
|
2018-03-29 09:54:31 -04:00
|
|
|
# privdirs must begin with /rw
|
2017-05-12 05:47:53 -04:00
|
|
|
#Environment="privdirs=/rw/config /rw/usrlocal /rw/bind-dirs"
|
2018-03-29 02:57:06 -04:00
|
|
|
ExecStart=/usr/lib/qubes/init/vm-boot-protect.sh
|
2017-04-17 14:21:07 -04:00
|
|
|
|
|
|
|
|
[Install]
|
2017-04-20 19:20:25 -04:00
|
|
|
WantedBy=sysinit.target
|
