A common and reliable pattern in service unit files is thus:
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict
#!/bin/bash | |
# Script for installing tmux on systems where you don't have root access. | |
# tmux will be installed in $HOME/local/bin. | |
# It's assumed that wget and a C/C++ compiler are installed. | |
# exit on error | |
set -e | |
TMUX_VERSION=1.8 |