[Unit]
Description=Intel(R) TD Quoting Generation Service 
After=syslog.target network.target auditd.service mpa_registration.service
ConditionPathExists=/dev/sgx_enclave
Requires=mpa_registration.service

[Service]
Type=simple
User=qgs
EnvironmentFile=-/etc/sysconfig/qgs
ExecStartPre=+mkdir -p /var/run/tdx-qgs
ExecStartPre=+chown qgs.qgs /var/run/tdx-qgs
ExecStart=/usr/sbin/qgs --no-daemon $QGS_ARGS
# qgs fails to delete the socket on stop and
# won't delete it on startup either :-(
ExecStopPost=rm -f /var/run/tdx-qgs/qgs.socket
ExecReload=/bin/kill -SIGHUP $MAINPID
Restart=on-failure
RestartSec=15s

WorkingDirectory=/var/lib/qgs
InaccessibleDirectories=/home
DevicePolicy=closed
DeviceAllow=/dev/sgx_enclave rw
DeviceAllow=/dev/sgx_provision rw

[Install]
WantedBy=multi-user.target