1 |
commit: 5dfa1de38dfbaf3e3e70bd0151d36dab66adc0fa |
2 |
Author: Alexey Korepanov <kaikaikai <AT> yandex <DOT> ru> |
3 |
AuthorDate: Thu May 27 20:35:37 2021 +0000 |
4 |
Commit: Sam James <sam <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri May 28 02:00:24 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5dfa1de3 |
7 |
|
8 |
net-vpn/i2pd: update systemd service |
9 |
|
10 |
Signed-off-by: Alexey Korepanov <kaikaikai <AT> yandex.ru> |
11 |
Closes: https://github.com/gentoo/gentoo/pull/21009 |
12 |
Signed-off-by: Sam James <sam <AT> gentoo.org> |
13 |
|
14 |
net-vpn/i2pd/files/i2pd-2.38.0.service | 37 ++++++++++++++++++++++++++++++++ |
15 |
net-vpn/i2pd/files/i2pd-2.6.0-r3.service | 21 ------------------ |
16 |
net-vpn/i2pd/i2pd-2.38.0.ebuild | 2 +- |
17 |
3 files changed, 38 insertions(+), 22 deletions(-) |
18 |
|
19 |
diff --git a/net-vpn/i2pd/files/i2pd-2.38.0.service b/net-vpn/i2pd/files/i2pd-2.38.0.service |
20 |
new file mode 100644 |
21 |
index 00000000000..99c1bf20225 |
22 |
--- /dev/null |
23 |
+++ b/net-vpn/i2pd/files/i2pd-2.38.0.service |
24 |
@@ -0,0 +1,37 @@ |
25 |
+[Unit] |
26 |
+Description=C++ daemon for accessing the I2P network |
27 |
+After=network.target |
28 |
+ |
29 |
+[Service] |
30 |
+Type=forking |
31 |
+Restart=on-abnormal |
32 |
+User=i2pd |
33 |
+Group=i2pd |
34 |
+LimitNOFILE=4096 |
35 |
+ |
36 |
+# restrictions |
37 |
+ProtectSystem=full |
38 |
+ProtectHome=yes |
39 |
+ProtectControlGroups=yes |
40 |
+ProtectKernelLogs=yes |
41 |
+ProtectKernelModules=yes |
42 |
+ProtectKernelTunables=yes |
43 |
+ProtectClock=yes |
44 |
+PrivateUsers=yes |
45 |
+PrivateDevices=yes |
46 |
+PrivateTmp=yes |
47 |
+RestrictNamespaces=yes |
48 |
+RestrictSUIDSGID=yes |
49 |
+CapabilityBoundingSet= |
50 |
+NoNewPrivileges=yes |
51 |
+ |
52 |
+RuntimeDirectory=i2pd |
53 |
+RuntimeDirectoryMode=0700 |
54 |
+PIDFile=/run/i2pd/i2pd.pid |
55 |
+ExecStartPre=+/bin/touch /var/log/i2pd.log |
56 |
+ExecStartPre=+/bin/chown i2pd:i2pd /var/log/i2pd.log |
57 |
+ExecStartPre=+/bin/chmod 600 /var/log/i2pd.log |
58 |
+ExecStart=/usr/bin/i2pd --daemon --service --pidfile=${RUNTIME_DIRECTORY}/i2pd.pid --log=file --logfile=/var/log/i2pd.log --conf=/etc/i2pd/i2pd.conf --tunconf=/etc/i2pd/tunnels.conf |
59 |
+ |
60 |
+[Install] |
61 |
+WantedBy=multi-user.target |
62 |
|
63 |
diff --git a/net-vpn/i2pd/files/i2pd-2.6.0-r3.service b/net-vpn/i2pd/files/i2pd-2.6.0-r3.service |
64 |
deleted file mode 100644 |
65 |
index 6821a00552d..00000000000 |
66 |
--- a/net-vpn/i2pd/files/i2pd-2.6.0-r3.service |
67 |
+++ /dev/null |
68 |
@@ -1,21 +0,0 @@ |
69 |
-[Unit] |
70 |
-Description=C++ daemon for accessing the I2P network |
71 |
-After=network.target |
72 |
- |
73 |
-[Service] |
74 |
-Type=forking |
75 |
-Restart=on-abnormal |
76 |
-PIDFile=/run/i2pd/i2pd.pid |
77 |
-User=i2pd |
78 |
-Group=i2pd |
79 |
-LimitNOFILE=4096 |
80 |
-PermissionsStartOnly=yes |
81 |
-ExecStartPre=/bin/mkdir -p /run/i2pd |
82 |
-ExecStartPre=/bin/chown i2pd:i2pd /run/i2pd |
83 |
-ExecStartPre=/bin/touch /run/i2pd/i2pd.pid /var/log/i2pd.log |
84 |
-ExecStartPre=/bin/chown i2pd:i2pd /run/i2pd/i2pd.pid /var/log/i2pd.log |
85 |
-ExecStart=/usr/bin/i2pd --daemon --service --pidfile=/run/i2pd/i2pd.pid --log=file --logfile=/var/log/i2pd.log --conf=/etc/i2pd/i2pd.conf --tunconf=/etc/i2pd/tunnels.conf |
86 |
- |
87 |
-[Install] |
88 |
-WantedBy=multi-user.target |
89 |
- |
90 |
|
91 |
diff --git a/net-vpn/i2pd/i2pd-2.38.0.ebuild b/net-vpn/i2pd/i2pd-2.38.0.ebuild |
92 |
index 2422eec0aa6..847dab8ce29 100644 |
93 |
--- a/net-vpn/i2pd/i2pd-2.38.0.ebuild |
94 |
+++ b/net-vpn/i2pd/i2pd-2.38.0.ebuild |
95 |
@@ -75,7 +75,7 @@ src_install() { |
96 |
# openrc and systemd daemon routines |
97 |
newconfd "${FILESDIR}/i2pd-2.6.0-r3.confd" i2pd |
98 |
newinitd "${FILESDIR}/i2pd-2.6.0-r3.initd" i2pd |
99 |
- systemd_newunit "${FILESDIR}/i2pd-2.6.0-r3.service" i2pd.service |
100 |
+ systemd_newunit "${FILESDIR}/i2pd-2.38.0.service" i2pd.service |
101 |
|
102 |
# logrotate |
103 |
insinto /etc/logrotate.d |