| Server IP : 195.201.23.43 / Your IP : 3.139.108.138 Web Server : Apache System : Linux webserver2.vercom.be 5.4.0-192-generic #212-Ubuntu SMP Fri Jul 5 09:47:39 UTC 2024 x86_64 User : kdecoratie ( 1041) PHP Version : 7.1.33-63+ubuntu20.04.1+deb.sury.org+1 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals, MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /usr/lib/systemd/system/ |
Upload File : |
# APT News is hosted at https://motd.ubuntu.com/aptnews.json and can include # timely information related to apt updates available to your system. # This service runs in the background during an `apt update` to download the # latest news and set it to appear in the output of the next `apt upgrade`. # The script won't do anything if you've run: `pro config set apt_news=false`. # The script will limit network requests to at most once per 24 hours. # You can also host your own aptnews.json and configure your system to use it # with the command: # `pro config set apt_news_url=https://yourhostname/path/to/aptnews.json` [Unit] Description=Update APT News [Service] Type=oneshot ExecStart=/usr/bin/python3 /usr/lib/ubuntu-advantage/apt_news.py AppArmorProfile=-ubuntu_pro_apt_news CapabilityBoundingSet=~CAP_SYS_ADMIN CapabilityBoundingSet=~CAP_NET_ADMIN CapabilityBoundingSet=~CAP_NET_BIND_SERVICE CapabilityBoundingSet=~CAP_SYS_PTRACE CapabilityBoundingSet=~CAP_NET_RAW PrivateTmp=true RestrictAddressFamilies=~AF_NETLINK RestrictAddressFamilies=~AF_PACKET # These may break some tests, and should be enabled carefully #NoNewPrivileges=true #PrivateDevices=true #ProtectControlGroups=true # ProtectHome=true seems to reliably break the GH integration test with a lunar lxd on jammy host #ProtectHome=true #ProtectKernelModules=true #ProtectKernelTunables=true #ProtectSystem=full #RestrictSUIDSGID=true # Unsupported in bionic # Suggestion from systemd.exec(5) manpage on SystemCallFilter #SystemCallFilter=@system-service #SystemCallFilter=~@mount #SystemCallErrorNumber=EPERM #ProtectClock=true #ProtectKernelLogs=truePrivate