This unit is provided by:
Options
-
[Install]-
WantedBy=multi-user.target
-
-
[Service]-
CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_DAC_READ_SEARCH -
DeviceAllow=/dev/null rw /dev/urandom r -
ExecReload=/bin/kill -HUP ${MAINPID} -
ExecReload=/bin/true -
ExecStart=/bin/true -
ExecStart=/usr/bin/tor --runasdaemon 0 --defaults-torrc /usr/share/tor/defaults-torrc -f /etc/tor/torrc -
ExecStart=/usr/bin/tor --runasdaemon 0 --defaults-torrc /usr/share/tor/defaults-torrc -f /etc/tor/torrc --user tor --hush -
ExecStart=/usr/bin/tor -f /etc/tor/torrc -
ExecStartPre=/usr/bin/tor --runasdaemon 0 --defaults-torrc /usr/share/tor/defaults-torrc -f /etc/tor/torrc --verify-config -
ExecStartPre=/usr/bin/tor --runasdaemon 0 --defaults-torrc /usr/share/tor/defaults-torrc -f /etc/tor/torrc --verify-config --user tor --hush -
ExecStartPre=/usr/bin/tor -f /etc/tor/torrc --verify-config -
KillSignal=SIGINT -
LimitNOFILE=32768 -
LockPersonalityIntroduced in systemd 235=yes -
MemoryDenyWriteExecuteIntroduced in systemd 231=yes -
NoNewPrivilegesIntroduced in systemd 239=yes -
NotifyAccess=all -
PermissionsStartOnly=yes -
PrivateDevicesIntroduced in systemd 209=yes -
PrivateNetwork=no -
PrivateTmp=yes -
PrivateUsers=no -
ProtectClockIntroduced in systemd 245=yes -
ProtectControlGroupsIntroduced in systemd 232=yes -
ProtectHomeIntroduced in systemd 214=yes -
ProtectHostnameIntroduced in systemd 242=yes -
ProtectKernelLogsIntroduced in systemd 244=yes -
ProtectKernelModulesIntroduced in systemd 232=yes -
ProtectKernelTunablesIntroduced in systemd 232=yes -
ProtectSystemIntroduced in systemd 214=full -
ProtectSystemIntroduced in systemd 214=strict -
ReadOnlyDirectories=/ -
ReadOnlyDirectories=/run /var -
ReadWriteDirectories=-/var/lib/tor -/var/log/tor -
ReadWriteDirectories=/run/tor /var/lib/tor /var/log/tor -
RemainAfterExit=yes -
RemoveIPCIntroduced in systemd 232=yes -
Restart=on-failure -
RestartSec=1 -
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 -
RestrictNamespacesIntroduced in systemd 233=yes -
RestrictRealtimeIntroduced in systemd 231=yes -
RestrictSUIDSGIDIntroduced in systemd 242=yes -
SystemCallArchitectures=native -
SystemCallFilter=~@cpu-emulation @obsolete @raw-io @mount @module @debug @clock @reboot @swap -
TimeoutSec=30 -
TimeoutSec=60 -
Type=notify -
Type=oneshot -
UMask=77 -
WatchdogSec=1m
-
-
[Unit]-
After=syslog.target network.target nss-lookup.target -
Description=Anonymizing overlay network for TCP -
Description=Anonymizing overlay network for TCP (multi-instance-master) -
PartOf=tor-master.service -
ReloadPropagatedFrom=tor-master.service
-
Additionnal notes
Nothing here.