On Wed, 04 Jan 2017, Laurent Bigonville wrote:
> Yes I tried that, deleting the /var/run/tor directory completely and then
> restarting the service and the directory is created. A side note is that we
> should maybe use a tmpfiles config here, that way is more "systemd'ish" and
> then we are sure
Le 04/01/17 à 10:13, Peter Palfrader a écrit :
On Wed, 04 Jan 2017, Laurent Bigonville wrote:
ReadWriteDirectories=-/var/lib/tor
ReadWriteDirectories=-/var/log/tor
#ReadWriteDirectories=-/var/run
ReadWriteDirectories=-/var/run/tor
Can we still create the directory if it isn't there yet?
On Wed, 04 Jan 2017, Laurent Bigonville wrote:
> reopen 800385
Don't, let's take it to #847477.
> >># Hardening
> >>AppArmorProfile=system_tor
> >>NoNewPrivileges=yes
> >>PrivateTmp=yes
> >>PrivateDevices=yes
> >>ProtectHome=yes
> >>ProtectControlGroups=yes #added
> >>ProtectKernelTunables=yes
3 matches
Mail list logo