diff options
| author | Nick Mathewson <nickm@torproject.org> | 2015-01-11 11:26:08 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2015-01-11 11:26:08 -0500 |
| commit | 96a407a2435213a1b9a7e1f6373955fdce743d60 (patch) | |
| tree | 7799d42b2262337b7c10864eee34d581cb00f73c /contrib/dist | |
| parent | c98e075ebc17d7e5b4548cc58f58088cff83d0ca (diff) | |
| download | tor-96a407a2435213a1b9a7e1f6373955fdce743d60.tar.gz tor-96a407a2435213a1b9a7e1f6373955fdce743d60.zip | |
systemd changes for 13805 as recommened by Tomasz on that ticket.
Diffstat (limited to 'contrib/dist')
| -rw-r--r-- | contrib/dist/tor.service.in | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/contrib/dist/tor.service.in b/contrib/dist/tor.service.in index d7bf611846..93be702401 100644 --- a/contrib/dist/tor.service.in +++ b/contrib/dist/tor.service.in @@ -6,7 +6,7 @@ After = syslog.target network.target nss-lookup.target Type = notify NotifyAccess = all ExecStartPre = @BINDIR@/tor -f @CONFDIR@/torrc --verify-config -ExecStart = @BINDIR@/tor -f @CONFDIR@/torrc +ExecStart = @BINDIR@/tor -f @CONFDIR@/torrc ExecReload = /bin/kill -HUP ${MAINPID} KillSignal = SIGINT TimeoutSec = 30 @@ -22,8 +22,9 @@ ProtectSystem = full ReadOnlyDirectories = / ReadWriteDirectories = -@LOCALSTATEDIR@/lib/tor ReadWriteDirectories = -@LOCALSTATEDIR@/log/tor -ReadWriteDirectories = -@LOCALSTATEDIR@/run/tor NoNewPrivileges = yes +ReadWriteDirectories = -@LOCALSTATEDIR@/run/tor +CapabilityBoundingSet = CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE [Install] WantedBy = multi-user.target |