HEX
Server: LiteSpeed
System: Linux sg-cp4.cloudnetwork.vn 4.18.0-553.69.1.lve.el8.x86_64 #1 SMP Wed Aug 13 19:53:59 UTC 2025 x86_64
User: thu28850 (1134)
PHP: 7.4.33
Disabled: NONE
$ pwd: /proc/thread-self/root/proc/thread-self/root/usr/lib/systemd/system/
Upload Files
File: //proc/thread-self/root/proc/thread-self/root/usr/lib/systemd/system/imunify-antivirus.service
[Unit]
Description=ImunifyAV
After=network.target
Requires=imunify-antivirus.socket imunify-antivirus-user.socket imunify-antivirus-sensor.socket
Wants=imunify-notifier.socket
# Service will NOT start if this file exists
ConditionPathExists=!/var/lib/rpm-state/imunify360-transaction-in-progress

[Service]
Environment=PROTOCOL_BUFFERS_PYTHON_IMPLEMENTATION=cpp
Environment=LANG=en_US.UTF-8
Environment=LC_ALL=en_US.UTF-8
Environment=PYTHONNOUSERSITE=1
Environment=SQLITE_TMPDIR=/var/imunify360/tmp
Type=simple
ExecStart=/usr/bin/imunify-service
ExecStartPost=/bin/bash -c "echo $MAINPID > /var/run/imunify-antivirus.pid"
PIDFile=/var/run/imunify-antivirus.pid
#TODO: must be not less than defence360agent/cli/server.py:stop(seconds=8)
TimeoutStopSec=90
RestartSec=5
StartLimitInterval=600s
StartLimitBurst=5
# Orphans child processes instead of killing them when the main process is shut down.
KillMode=process
NoNewPrivileges=true
CapabilityBoundingSet=CAP_BPF CAP_CHOWN CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH CAP_FOWNER CAP_KILL CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_PERFMON CAP_SETGID CAP_SETUID CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYS_RESOURCE
AmbientCapabilities=CAP_BPF CAP_CHOWN CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH CAP_FOWNER CAP_KILL CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_PERFMON CAP_SETGID CAP_SETUID CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYS_RESOURCE
ProtectSystem=true
# AV runs the same Python package but only the AV-relevant subsystems;
# /etc/init is the upstart override dir for legacy distros (pure-ftpd).
# /etc/imunify360 is needed for user_config writes triggered by the
# shared 'config update --user' RPC and migrations under
# defence360agent/migrations/ (e.g. 153_migrate_config_default_action).
ReadWritePaths=/etc/sysconfig/imunify360
ReadWritePaths=/etc/imunify360
ReadWritePaths=/etc/imunify-agent-proxy
ReadWritePaths=/etc/cron.d
ReadWritePaths=-/etc/init
# iMAV runs the same proactive code path on solo cPanel and writes
# the malware-list tempfiles in the Plesk modsec dir.
ReadWritePaths=-/usr/share/i360-php-opts
ReadWritePaths=-/etc/httpd/conf/modsecurity.d
# iMAV solo-cPanel hits the same cPanel hook installer; cagefs lines
# are harmless and future-proof on AV configs that don't use cagefs.
ReadWritePaths=-/usr/local/cpanel
ReadWritePaths=-/etc/cagefs
ReadWritePaths=-/var/cagefs
ReadWritePaths=-/usr/share/cagefs
# Plesk plugin scripts dir: the agent installs/updates the
# imunify360 Plesk extension's PHP scripts here.
ReadWritePaths=-/usr/local/psa/admin/plib/modules/imunify360
# Plesk runtime state — notification log written by send-notifications.php
# (/usr/local/psa/var/modules/imunify360/imunify360-local.log) and the
# plesk-sendmail spool/tempfile dir. ProtectSystem=true bind-mounts /usr
# read-only and CAP_DAC_OVERRIDE cannot bypass a mount-layer RO, so the
# Plesk notification hook fails with EACCES without this entry.
ReadWritePaths=-/usr/local/psa/var
# PrivateTmp= deliberately not set — see imunify360.service for the
# rationale (shared /tmp is required for the Sample backup backend
# fixture and for inotify-watching user-writable /tmp on hosts).

[Install]
WantedBy=multi-user.target
# Alias does not work in ubuntu. Used [Socket]Service= in imunify-antivirus-user.socket instead
#Alias=imunify-antivirus-user.service
@ Telegram