diff options
Diffstat (limited to 'tor.service')
| -rw-r--r-- | tor.service | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/tor.service b/tor.service index 6aa6e8b66151..ee40d39b3fec 100644 --- a/tor.service +++ b/tor.service @@ -5,18 +5,21 @@ After=syslog.target network.target nss-lookup.target [Service] Type=notify NotifyAccess=all -ExecStartPre=/usr/bin/tor -f /etc/tor/torrc --verify-config -ExecStart=/usr/bin/tor -f /etc/tor/torrc +ExecStartPre=/usr/bin/tor --runasdaemon 0 -f /etc/tor/torrc --verify-config +ExecStart=/usr/bin/tor --runasdaemon 0 -f /etc/tor/torrc ExecReload=/bin/kill -HUP ${MAINPID} KillSignal=SIGINT -TimeoutSec=60 +TimeoutSec=30 Restart=on-failure +RestartSec=1 WatchdogSec=1m LimitNOFILE=32768 # Hardening PrivateTmp=yes PrivateDevices=yes +DeviceAllow=/dev/null rw +DeviceAllow=/dev/urandom r ProtectHome=yes ProtectSystem=full ProtectKernelTunables=yes |