[Unit]
Description=Fingerprint Authentication Daemon
Documentation=man:fprintd(1)
[Service]
Type=dbus
BusName=net.reactivated.Fprint
ExecStart=/usr/libexec/fprintd
# Filesystem lockdown
ProtectSystem=true
ProtectHome=true
PrivateTmp=true
# Network
PrivateNetwork=true
RestrictAddressFamilies=AF_UNIX AF_LOCAL AF_NETLINK
# Privilege escalation
NoNewPrivileges=true