summaryrefslogtreecommitdiff
path: root/usr
diff options
context:
space:
mode:
authorChristian Pointner <equinox@anytun.org>2016-07-08 00:44:50 +0200
committerChristian Pointner <equinox@anytun.org>2016-07-08 00:44:50 +0200
commit0ec00df24d857bbfa995c3c365ed43e4d9acb7bb (patch)
treedd6f662efed90714a83e3560744fd03b68a04be5 /usr
parentactually install anytun-launcher into lib dir (diff)
added global anytun systemd targed, improved device file handling
Diffstat (limited to 'usr')
-rw-r--r--usr/lib/systemd/system/anytun-control@.service6
-rw-r--r--usr/lib/systemd/system/anytun.service13
-rw-r--r--usr/lib/systemd/system/anytun@.service9
3 files changed, 23 insertions, 5 deletions
diff --git a/usr/lib/systemd/system/anytun-control@.service b/usr/lib/systemd/system/anytun-control@.service
index e8a2289..4a4fd5e 100644
--- a/usr/lib/systemd/system/anytun-control@.service
+++ b/usr/lib/systemd/system/anytun-control@.service
@@ -1,7 +1,9 @@
[Unit]
-Description=secure anycast tunneling config daemon
-After=syslog.target network.target
+Description=secure anycast tunneling config daemon for %i
+PartOf=anytun.service
+ReloadPropagatedFrom=anytun.service
Requires=anytun@%i.service
+Documentation=man:anytun-controld(8)
[Service]
Type=simple
diff --git a/usr/lib/systemd/system/anytun.service b/usr/lib/systemd/system/anytun.service
new file mode 100644
index 0000000..46386f4
--- /dev/null
+++ b/usr/lib/systemd/system/anytun.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=Anytun Service
+After=network.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/bin/true
+ExecReload=/bin/true
+WorkingDirectory=/etc/anytun
+
+[Install]
+WantedBy=multi-user.target
diff --git a/usr/lib/systemd/system/anytun@.service b/usr/lib/systemd/system/anytun@.service
index 70fbd17..4b09163 100644
--- a/usr/lib/systemd/system/anytun@.service
+++ b/usr/lib/systemd/system/anytun@.service
@@ -1,6 +1,8 @@
[Unit]
-Description=secure anycast tunneling daemon
-After=syslog.target network.target
+Description=secure anycast tunneling daemon for %i
+PartOf=anytun.service
+ReloadPropagatedFrom=anytun.service
+Documentation=man:anytun(8)
[Service]
Type=simple
@@ -9,9 +11,10 @@ Environment="NAME=%i" "DAEMONOPTS=-D -L stdout:3 --username anytun"
ExecStart=/usr/local/lib/anytun-launcher vpn
Restart=on-failure
PrivateTmp=yes
-PrivateDevices=yes
ProtectSystem=full
ProtectHome=yes
+DeviceAllow=/dev/net/tun rw
+DevicePolicy=closed
[Install]
WantedBy=multi-user.target