ÿØÿà JFIF    ÿÛ C    !"$"$ÿÛ C  ÿ p " ÿÄ     ÿÄ   ÿÚ   ÕÔË® (% aA*‚XYD¡(J„¡E¢RE,P€XYae )(E¤²€B¤R¥ BQ¤¢ X«)X…€¤  @ .............................................................................................................................................................................. ............................................................................. ÿØÿà JFIF    ÿÛ C    !"$"$ÿÛ C  ÿ p " ÿÄ     ÿÄ   ÿÚ   ÕÔË® (% aA*‚XYD¡(J„¡E¢RE,P€XYae )(E¤²€B¤R¥ BQ¤¢ X«)X…€¤  @ .............................................................................................................................................................................. ............................................................................. [Unit] Description=Authorization Manager Documentation=man:polkit(8) [Service] Type=dbus BusName=org.freedesktop.PolicyKit1 CapabilityBoundingSet=CAP_SETUID CAP_SETGID DeviceAllow=/dev/null rw DevicePolicy=strict ExecStart=/usr/lib/polkit-1/polkitd --no-debug User=polkitd LimitMEMLOCK=0 LockPersonality=yes MemoryDenyWriteExecute=yes NoNewPrivileges=yes PrivateDevices=yes PrivateTmp=yes ProtectControlGroups=yes ProtectHome=yes ProtectKernelModules=yes ProtectKernelLogs=yes ProtectKernelTunables=yes ProtectSystem=strict ProtectClock=yes ProtectHostname=yes RemoveIPC=yes RestrictAddressFamilies=AF_UNIX RestrictNamespaces=yes RestrictRealtime=yes RestrictSUIDSGID=yes SystemCallArchitectures=native SystemCallFilter=@system-service UMask=0077