1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-22 17:39:53 +03:00
SoftEtherVPN/systemd/softether-vpnserver.service
Steve Muskiewicz af84a30adc Update softether-vpnserver.service files:
* change `ReadOnlyDirectories` -> `ReadOnlyPaths` and `ReadWriteDirectories` -> `ReadWritePaths`

 * add `ReadWritePaths` for other necessary directories (this should address #1111)
2021-06-30 11:48:45 -04:00

28 lines
832 B
Desktop File

[Unit]
Description=SoftEther VPN Server
After=network.target auditd.service
ConditionPathExists=!@DIR@/softether/vpnserver/do_not_run
[Service]
Type=forking
TasksMax=16777216
EnvironmentFile=-@DIR@/softether/vpnserver
ExecStart=@DIR@/softether/vpnserver/vpnserver start
ExecStop=@DIR@/softether/vpnserver/vpnserver stop
KillMode=process
Restart=on-failure
# Hardening
PrivateTmp=yes
ProtectHome=yes
ProtectSystem=full
ReadOnlyPaths=/
ReadWritePaths=-@DIR@/softether/vpnserver
ReadWritePaths=@CPACK_PACKAGING_INSTALL_PREFIX@/run/softether
ReadWritePaths=@CPACK_PACKAGING_INSTALL_PREFIX@/var/log/softether
ReadWritePaths=@CPACK_PACKAGING_INSTALL_PREFIX@/var/lib/softether
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYSLOG CAP_SETUID
[Install]
WantedBy=multi-user.target