diff options
-rw-r--r-- | .SRCINFO | 2 | ||||
-rw-r--r-- | PKGBUILD | 2 | ||||
-rw-r--r-- | tor.service | 9 |
3 files changed, 8 insertions, 5 deletions
@@ -43,7 +43,7 @@ pkgbase = tor-git sha256sums = 7fbb63e9411eee2176964449a3d6809d16e1120152c6ff201ecea1d1f97f102b sha256sums = 748b7264b49b12d5252d688b8859820046413938c5fde91578da0d5b95594c2e sha256sums = d447227fcc2756778a1be143b8975d67b25ea15688cde2291185b3c71d0f6e34 - sha256sums = 5306e144bb79a89bdc19a79987d690a7ab34eb1564125723b90de96f53365a4e + sha256sums = ebd5c845ca5ff9be01747465b41959171bd6a8093317cc382c34a9b8a7198d27 sha256sums = 06c00318d84ead3f939b267c7ae9e4cc1cd90c534d0b57ddd2595fee9065ee7f sha256sums = 231405d1fbbcc68168248f93edd19ae14b60f66bb4d1c8e46ead1d4cd8e0ae7c @@ -46,7 +46,7 @@ sha256sums=('SKIP' '7fbb63e9411eee2176964449a3d6809d16e1120152c6ff201ecea1d1f97f102b' '748b7264b49b12d5252d688b8859820046413938c5fde91578da0d5b95594c2e' 'd447227fcc2756778a1be143b8975d67b25ea15688cde2291185b3c71d0f6e34' - '5306e144bb79a89bdc19a79987d690a7ab34eb1564125723b90de96f53365a4e' + 'ebd5c845ca5ff9be01747465b41959171bd6a8093317cc382c34a9b8a7198d27' '06c00318d84ead3f939b267c7ae9e4cc1cd90c534d0b57ddd2595fee9065ee7f' '231405d1fbbcc68168248f93edd19ae14b60f66bb4d1c8e46ead1d4cd8e0ae7c') diff --git a/tor.service b/tor.service index 6aa6e8b66151..ee40d39b3fec 100644 --- a/tor.service +++ b/tor.service @@ -5,18 +5,21 @@ After=syslog.target network.target nss-lookup.target [Service] Type=notify NotifyAccess=all -ExecStartPre=/usr/bin/tor -f /etc/tor/torrc --verify-config -ExecStart=/usr/bin/tor -f /etc/tor/torrc +ExecStartPre=/usr/bin/tor --runasdaemon 0 -f /etc/tor/torrc --verify-config +ExecStart=/usr/bin/tor --runasdaemon 0 -f /etc/tor/torrc ExecReload=/bin/kill -HUP ${MAINPID} KillSignal=SIGINT -TimeoutSec=60 +TimeoutSec=30 Restart=on-failure +RestartSec=1 WatchdogSec=1m LimitNOFILE=32768 # Hardening PrivateTmp=yes PrivateDevices=yes +DeviceAllow=/dev/null rw +DeviceAllow=/dev/urandom r ProtectHome=yes ProtectSystem=full ProtectKernelTunables=yes |