diff options
Diffstat (limited to 'debian/openvpn@.service')
-rw-r--r-- | debian/openvpn@.service | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/debian/openvpn@.service b/debian/openvpn@.service index 07f9e5b..b438168 100644 --- a/debian/openvpn@.service +++ b/debian/openvpn@.service @@ -7,12 +7,16 @@ Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO [Service] +PrivateTmp=true +KillMode=mixed Type=forking -ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --config /etc/openvpn/%i.conf +ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --config /etc/openvpn/%i.conf --writepid /run/openvpn-%i.pid +PIDFile=/run/openvpn-%i.pid ExecReload=/bin/kill -HUP $MAINPID WorkingDirectory=/etc/openvpn ProtectSystem=yes CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH +LimitNPROC=10 DeviceAllow=/dev/null rw DeviceAllow=/dev/net/tun rw |