commit: 5dfa1de38dfbaf3e3e70bd0151d36dab66adc0fa Author: Alexey Korepanov <kaikaikai <AT> yandex <DOT> ru> AuthorDate: Thu May 27 20:35:37 2021 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Fri May 28 02:00:24 2021 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5dfa1de3
net-vpn/i2pd: update systemd service Signed-off-by: Alexey Korepanov <kaikaikai <AT> yandex.ru> Closes: https://github.com/gentoo/gentoo/pull/21009 Signed-off-by: Sam James <sam <AT> gentoo.org> net-vpn/i2pd/files/i2pd-2.38.0.service | 37 ++++++++++++++++++++++++++++++++ net-vpn/i2pd/files/i2pd-2.6.0-r3.service | 21 ------------------ net-vpn/i2pd/i2pd-2.38.0.ebuild | 2 +- 3 files changed, 38 insertions(+), 22 deletions(-) diff --git a/net-vpn/i2pd/files/i2pd-2.38.0.service b/net-vpn/i2pd/files/i2pd-2.38.0.service new file mode 100644 index 00000000000..99c1bf20225 --- /dev/null +++ b/net-vpn/i2pd/files/i2pd-2.38.0.service @@ -0,0 +1,37 @@ +[Unit] +Description=C++ daemon for accessing the I2P network +After=network.target + +[Service] +Type=forking +Restart=on-abnormal +User=i2pd +Group=i2pd +LimitNOFILE=4096 + +# restrictions +ProtectSystem=full +ProtectHome=yes +ProtectControlGroups=yes +ProtectKernelLogs=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +ProtectClock=yes +PrivateUsers=yes +PrivateDevices=yes +PrivateTmp=yes +RestrictNamespaces=yes +RestrictSUIDSGID=yes +CapabilityBoundingSet= +NoNewPrivileges=yes + +RuntimeDirectory=i2pd +RuntimeDirectoryMode=0700 +PIDFile=/run/i2pd/i2pd.pid +ExecStartPre=+/bin/touch /var/log/i2pd.log +ExecStartPre=+/bin/chown i2pd:i2pd /var/log/i2pd.log +ExecStartPre=+/bin/chmod 600 /var/log/i2pd.log +ExecStart=/usr/bin/i2pd --daemon --service --pidfile=${RUNTIME_DIRECTORY}/i2pd.pid --log=file --logfile=/var/log/i2pd.log --conf=/etc/i2pd/i2pd.conf --tunconf=/etc/i2pd/tunnels.conf + +[Install] +WantedBy=multi-user.target diff --git a/net-vpn/i2pd/files/i2pd-2.6.0-r3.service b/net-vpn/i2pd/files/i2pd-2.6.0-r3.service deleted file mode 100644 index 6821a00552d..00000000000 --- a/net-vpn/i2pd/files/i2pd-2.6.0-r3.service +++ /dev/null @@ -1,21 +0,0 @@ -[Unit] -Description=C++ daemon for accessing the I2P network -After=network.target - -[Service] -Type=forking -Restart=on-abnormal -PIDFile=/run/i2pd/i2pd.pid -User=i2pd -Group=i2pd -LimitNOFILE=4096 -PermissionsStartOnly=yes -ExecStartPre=/bin/mkdir -p /run/i2pd -ExecStartPre=/bin/chown i2pd:i2pd /run/i2pd -ExecStartPre=/bin/touch /run/i2pd/i2pd.pid /var/log/i2pd.log -ExecStartPre=/bin/chown i2pd:i2pd /run/i2pd/i2pd.pid /var/log/i2pd.log -ExecStart=/usr/bin/i2pd --daemon --service --pidfile=/run/i2pd/i2pd.pid --log=file --logfile=/var/log/i2pd.log --conf=/etc/i2pd/i2pd.conf --tunconf=/etc/i2pd/tunnels.conf - -[Install] -WantedBy=multi-user.target - diff --git a/net-vpn/i2pd/i2pd-2.38.0.ebuild b/net-vpn/i2pd/i2pd-2.38.0.ebuild index 2422eec0aa6..847dab8ce29 100644 --- a/net-vpn/i2pd/i2pd-2.38.0.ebuild +++ b/net-vpn/i2pd/i2pd-2.38.0.ebuild @@ -75,7 +75,7 @@ src_install() { # openrc and systemd daemon routines newconfd "${FILESDIR}/i2pd-2.6.0-r3.confd" i2pd newinitd "${FILESDIR}/i2pd-2.6.0-r3.initd" i2pd - systemd_newunit "${FILESDIR}/i2pd-2.6.0-r3.service" i2pd.service + systemd_newunit "${FILESDIR}/i2pd-2.38.0.service" i2pd.service # logrotate insinto /etc/logrotate.d
