Current File : //lib/systemd/system/geoipupdate.service

[Unit]
Description=Weekly GeoIP update
Documentation=man:geoipupdate(1)
ConditionPathExists=/etc/GeoIP.conf

[Service]
Type=oneshot
ExecCondition=grep -q '^AccountID .*[^0]\\+' /etc/GeoIP.conf
ExecStart=/usr/bin/geoipupdate
User=root
ProtectSystem=strict
ProtectHome=true
PrivateDevices=true
PrivateTmp=true
PrivateUsers=true
ProtectKernelTunables=true
ProtectKernelModules=true
ProtectControlGroups=true
ProtectClock=true
ProtectKernelLogs=true
LockPersonality=true
MemoryDenyWriteExecute=true
NoNewPrivileges=true
RestrictNamespaces=true
RestrictRealtime=true
SystemCallFilter=@default @file-system @basic-io @system-service @signal @io-event @network-io
ReadWritePaths=/var/lib/GeoIP/