Last active
January 27, 2023 09:37
-
-
Save lucaswerkmeister/d92437166ab6021574a1c97cc111aa9f to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| DataDirectory /var/lib/tor | |
| #PidFile /var/run/tor/tor.pid | |
| #RunAsDaemon 1 | |
| #User debian-tor | |
| ControlSocket /var/run/tor/control | |
| ControlSocketsGroupWritable 1 | |
| CookieAuthentication 1 | |
| CookieAuthFileGroupReadable 1 | |
| CookieAuthFile /var/run/tor/control.authcookie | |
| Log notice file /var/log/tor/log | |
| Log notice syslog |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Unit] | |
| Description=Anonymizing Overlay Network | |
| Documentation=man:tor(1) | |
| Wants=network-online.target | |
| After=network-online.target | |
| [Service] | |
| User=debian-tor | |
| ExecStart=/usr/bin/tor -f /etc/tor/torrc --defaults-torrc /etc/tor/tor-service-defaults-torrc | |
| ExecReload=/bin/kill -HUP $MAINPID | |
| KillSignal=SIGINT | |
| RuntimeDirectory=tor | |
| RuntimeDirectoryMode=02750 | |
| TimeoutSec=5min | |
| LimitNOFILE=32768 | |
| PrivateDevices=yes | |
| PrivateTmp=yes | |
| ProtectSystem=full | |
| ProtectHome=yes | |
| NoNewPrivileges=yes | |
| [Install] | |
| WantedBy=multi-user.target |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
DO NOT USE. The Tor Project’s Debian package (instructions, see option 2) include a better set of unit files, which you should use instead of these ones. Their service file includes all protections listed here, and then some additional ones too.