cwinfo/yggdrasil-go
5
0
Fork 0
mirror of https://github.com/cwinfo/yggdrasil-go.git synced 2024-11-09 16:20:26 +00:00
Code Releases Activity

Systemd: tun module and capabilities

Browse Source 
- Enable (and limit to) capabilities that require to setup tun/tap interface.
- Ensure that tun module is active.
This commit is contained in:
Arano-kai 2019-10-02 00:36:33 +03:00
parent 6ddb0f93f3
commit 045a24d74e
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
contrib/systemd/yggdrasil.service
View File

@ -8,6 +8,8 @@ Group=yggdrasil
ProtectHome=true
ProtectSystem=true
SyslogIdentifier=yggdrasil
CapabilityBoundSet=CAP_NET_ADMIN
ExecStartPre=+/sbin/modprobe tun
ExecStartPre=/bin/sh -ec "if ! test -s /etc/yggdrasil.conf; \
then umask 077; \
yggdrasil -genconf > /etc/yggdrasil.conf; \