⚝
One Hat Cyber Team
⚝
Your IP:
18.119.255.127
Server IP:
97.74.87.16
Server:
Linux 16.87.74.97.host.secureserver.net 5.14.0-503.38.1.el9_5.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Apr 18 08:52:10 EDT 2025 x86_64
Server Software:
Apache
PHP Version:
8.2.28
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
lib
/
systemd
/
system
/
View File Name :
nm-priv-helper.service
[Unit] Description=NetworkManager Privileged Helper # # nm-priv-helper exists for privilege separation. It allows to run # NetworkManager without certain capabilities, and ask nm-priv-helper # for special operations where more privileges are required. # # While nm-priv-helper has privileges that NetworkManager has not, it # does not mean that itself should run totally unconstrained. On the # contrary, it also should only have permissions it requires. # # nm-priv-helper rejects all requests that come from any other than the # name owner of "org.freedesktop.NetworkManager" (that is, # NetworkManager process itself). It is thus only an implementation # detail and provides no public API to the user. [Service] Type=dbus BusName=org.freedesktop.nm_priv_helper ExecStart=/usr/libexec/nm-priv-helper NotifyAccess=main # Extra configuration options. Set via `systemctl edit # nm-priv-helper.service`: # # FOR TESTING ONLY: disable authentication to allow requests from # everybody. Don't set this outside of testing! #Environment=NM_PRIV_HELPER_NO_AUTH_FOR_TESTING=1 # # The logging level for debug messages (to stdout). #Environment=NM_PRIV_HELPER_LOG=TRACE # # nm-priv-helper will exit on idle after timeout. Set timeout here or # set to 2147483647 for infinity. #Environment=NM_PRIV_HELPER_IDLE_TIMEOUT_MSEC=10000 # Restrict: AmbientCapabilities= CapabilityBoundingSet= PrivateDevices=true PrivateMounts=true PrivateNetwork=true PrivateTmp=true ProtectClock=true ProtectControlGroups=true ProtectHome=true ProtectHostname=true ProtectKernelLogs=true ProtectKernelModules=true ProtectKernelTunables=true ProtectSystem=strict RestrictAddressFamilies= RestrictNamespaces=true SystemCallFilter=~@clock SystemCallFilter=~@cpu-emulation SystemCallFilter=~@debug SystemCallFilter=~@module SystemCallFilter=~@mount SystemCallFilter=~@obsolete SystemCallFilter=~@privileged SystemCallFilter=~@raw-io SystemCallFilter=~@reboot SystemCallFilter=~@swap NoNewPrivileges=true SupplementaryGroups= # Grant: CapabilityBoundingSet=CAP_DAC_OVERRIDE PrivateUsers=no RestrictAddressFamilies=AF_UNIX SystemCallFilter=@resources