Control: tag -1 + moreinfo Hi Arto,
Arto Jantunen wrote (30 Apr 2015 17:46:00 GMT) : > Attached is a patch to enable the systemd service file, and modify it to > mimick the behavior of the current initscript. Thanks! Two questions: 1. Was this tested with pluggable transports, e.g. obfs4proxy? I've seen occurences in the past of hardening features of systemd breaking such things. 2. The unit file doesn't seem to confine the Tor service with AppArmor when available, which is a regression vs. the current initscript, right? It might be that `AppArmorProfile = system_tor' is enough to make this work with systemd v217+ (in experimental), although in the past it wasn't compatible with `NoNewPrivileges = yes'. See the discussion on Debian#760526, and the one in the "[PATCH] Move apparmor code before the namespace setup" thread on the [email protected] mailing-list for details. Cheers, -- intrigeri -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

