aboutsummaryrefslogtreecommitdiff
path: root/contrib/dist/tor.service.in
AgeCommit message (Collapse)Author
2014-09-19systemd unit file: set up /var/run/tor as writable for the Tor service.intrigeri
For some strange reason, this was not needed with systemd v208. But it's needed with systemd v215 on current Debian sid, and entirely makes sense.
2014-09-03Merge remote-tracking branch 'intrigeri/bug12939-systemd-no-new-privileges'Nick Mathewson
Conflicts: contrib/dist/tor.service.in
2014-08-27systemd unit file: ensures that the process and all its children can never gainintrigeri
new privileges (#12939).
2014-08-27systemd unit file: only allow tor to write to /var/lib/tor and /var/log/tor ↵intrigeri
(#12751). The rest of the filesystem is accessible for reading only. Still, quoting systemd.exec(5): Note that restricting access with these options does not extend to submounts of a directory that are created later on.
2014-07-30Merge remote-tracking branch 'intrigeri/bug12731-systemd-no-run-as-daemon' ↵Nick Mathewson
into maint-0.2.5 Conflicts: contrib/dist/tor.service.in
2014-07-30Verify configuration file via ExecStartPre in the systemd unit file (#12730).intrigeri
2014-07-30Explicitly disable RunAsDaemon in the systemd unit file (#12731).intrigeri
Our current systemd unit uses "Type = simple", so systemd does not expect tor to fork. If the user has "RunAsDaemon 1" in their torrc, then things won't work as expected. This is e.g. the case on Debian (and derivatives), since there we pass "--defaults-torrc /usr/share/tor/tor-service-defaults-torrc" (that contains "RunAsDaemon 1") by default. The only solution I could find is to explicitly pass "--RunAsDaemon 0" when starting tor from the systemd unit file, which this commit does.
2014-04-29Put tor.service in the right place, and autoconfify itNick Mathewson
This closes 8368.
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion