a23a59181e
- Full factory recon from fresh Hivemapper Bee (HDC-S) - OS: Intel ESE Reference Distro (Yocto dunfell), kernel 5.10.32 - WiFi: NXP 9098 (changed from Marvell 88W8997 on prev unit) - New services: jpeg-recorder, video-processor, beekeeper-plugin - GNSS on /dev/ttyS2 (UART), IMU on /dev/spidev0.0 - AP currently 192.168.0.10/24 - will move to 10.42.0.0/24 in liberate.sh - recon.sh: read-only recon script for future devices
27 lines
704 B
Desktop File
27 lines
704 B
Desktop File
[Unit]
|
|
Description=Rotate log files
|
|
Documentation=man:logrotate(8) man:logrotate.conf(5)
|
|
RequiresMountsFor=/var/log
|
|
ConditionACPower=true
|
|
|
|
[Service]
|
|
Type=oneshot
|
|
ExecStart=/usr/sbin/logrotate /etc/logrotate.conf
|
|
|
|
# performance options
|
|
Nice=19
|
|
IOSchedulingClass=best-effort
|
|
IOSchedulingPriority=7
|
|
|
|
# hardening options
|
|
# details: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
|
|
# no ProtectHome for userdir logs
|
|
# no PrivateNetwork for mail deliviery
|
|
# no ProtectKernelTunables for working SELinux with systemd older than 235
|
|
MemoryDenyWriteExecute=true
|
|
PrivateDevices=true
|
|
PrivateTmp=true
|
|
ProtectControlGroups=true
|
|
ProtectKernelModules=true
|
|
ProtectSystem=full
|
|
RestrictRealtime=true
|