-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 > 'systemctl reload tor' fails due to hardening restrictions in tor's > systemd service file [1]: > > CapabilityBoundingSet = CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE
This configuration restricts not only the service (tor) but also the ExecReload commands (kill), so the somewhat obvious fix was to add "CAP_KILL". -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJVCXaCAAoJEFv7XvVCELh0tdQP/2EVKAnufPJ2eJa2j5LyT8oA h0t0jsNZ19C9bbJMXsZhuzS97wtMzqWisWwKbtErdbtatoqXE2ZwL8+hnfTQ7mhQ O4b3tUZftUpKAaKvI49/Z1VmtbtWouuQu94ucKhPmi2K3RspQDmuSQSmqQiFo9xx wSBaak2DneRpNcMYlOLc4JN2VLLcsub/fKL8vW/cO63z5n87NmbAkGrcWCIfCyx8 YBu9VTijmWRvzEkPqcMmBa58R2yOBc5I7BSOPD8R4sTlotbE4CSipciHr/ja+G2Y 34K3yaVnCDI+lpGU0YVY3nLyTg/u/izjIG8zFodsOJh9NXBB40nDLbBm88sxjuhL gctzuV4AvC6rkQ7aWNRLQeFaxaeHoCa2EvvAS3rM1QTC+RVB+HNiiz4DA3wHuz7s arOu93GDhO7ix7+r9g1Uje1X2S5vKqhSNshx1pHVd/aRyDq7lCBgvBu6574FDuT/ T328b1hA0au7mU0LSOXofMEWZHSNYnYEdtAG2kRdBKmeeIa4IlawXxA+kAnx0D1/ QC4OvtE5DhLhnD7BPirHSCC8ju65d2LlpdjD4DER5+p27j83rwi0myIXM1/oD2CO d9lBTGyyc/sHfwRU7NkcXl5RWDq8IMDcbT8LLFdbQR0PYLGrSs5yvy9HXT/A5VMb TJKcrOXxblb3SRzlGSjr =i8ta -----END PGP SIGNATURE----- _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev