diff options
| author |   Craig Andrews <candrews@gentoo.org> | 2024-05-17 15:25:19 -0400 |
|---|---|---|
| committer | Craig Andrews <candrews@gentoo.org> | 2024-05-17 15:27:26 -0400 |
| commit | 2069b41a2cd93fde9598508690671175b38e1cd0 (patch) | |
| tree | d693ead6b8f99817cbbeda44ef62d5b6d703d142 /net-misc/sslh | |
| parent | sci-chemistry/pymol: Update to 3.0.0 and drop old (diff) | |
| download | gentoo-2069b41a2cd93fde9598508690671175b38e1cd0.tar.gz gentoo-2069b41a2cd93fde9598508690671175b38e1cd0.tar.bz2 gentoo-2069b41a2cd93fde9598508690671175b38e1cd0.zip | |
net-misc/sslh: fix systemd service installation
https://bugs.gentoo.org/932015
Signed-off-by: Craig Andrews <candrews@gentoo.org>
Diffstat (limited to 'net-misc/sslh')
| -rw-r--r-- | net-misc/sslh/files/sslh.service | 28 | ||||
| -rw-r--r-- | net-misc/sslh/sslh-2.1.2.ebuild | 3 | ||||
| -rw-r--r-- | net-misc/sslh/sslh-9999.ebuild | 3 |
3 files changed, 30 insertions, 4 deletions
diff --git a/net-misc/sslh/files/sslh.service b/net-misc/sslh/files/sslh.service new file mode 100644 index 000000000000..9d58362220f0 --- /dev/null +++ b/net-misc/sslh/files/sslh.service @@ -0,0 +1,28 @@ +# /etc/systemd/system/sslh.service +[Unit] +Description=SSL/SSH multiplexer (fork mode) for %I +After=network.target + +[Service] +EnvironmentFile=/etc/conf.d/sslh +ExecStart=/usr/sbin/sslh -f $DAEMON_OPTS +KillMode=process +#Hardening +PrivateTmp=true +CapabilityBoundingSet=CAP_NET_BIND_SERVICE +AmbientCapabilities=CAP_NET_BIND_SERVICE +SecureBits=noroot-locked +ProtectSystem=strict +ProtectHome=true +ProtectKernelModules=true +ProtectKernelTunables=true +ProtectControlGroups=true +MountFlags=private +NoNewPrivileges=true +PrivateDevices=true +RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX +MemoryDenyWriteExecute=true +DynamicUser=true + +[Install] +WantedBy=multi-user.target diff --git a/net-misc/sslh/sslh-2.1.2.ebuild b/net-misc/sslh/sslh-2.1.2.ebuild index 1a3dc9b9f8e3..efb4eb40c48d 100644 --- a/net-misc/sslh/sslh-2.1.2.ebuild +++ b/net-misc/sslh/sslh-2.1.2.ebuild @@ -76,8 +76,7 @@ src_install() { if use systemd; then # Gentoo puts the binaries in /usr/sbin, but upstream puts them in /usr/bin - sed -i -e 's~/usr/bin/~/usr/sbin/~g' scripts/systemd.sslh.service || die - systemd_newunit scripts/systemd.sslh.service sslh.service + systemd_newunit "${FILESDIR}/sslh.service" sslh.service exeinto /usr/lib/systemd/system-generators/ doexe systemd-sslh-generator fi diff --git a/net-misc/sslh/sslh-9999.ebuild b/net-misc/sslh/sslh-9999.ebuild index 1a3dc9b9f8e3..efb4eb40c48d 100644 --- a/net-misc/sslh/sslh-9999.ebuild +++ b/net-misc/sslh/sslh-9999.ebuild @@ -76,8 +76,7 @@ src_install() { if use systemd; then # Gentoo puts the binaries in /usr/sbin, but upstream puts them in /usr/bin - sed -i -e 's~/usr/bin/~/usr/sbin/~g' scripts/systemd.sslh.service || die - systemd_newunit scripts/systemd.sslh.service sslh.service + systemd_newunit "${FILESDIR}/sslh.service" sslh.service exeinto /usr/lib/systemd/system-generators/ doexe systemd-sslh-generator fi |