On Wed, 12 Aug 2015, intrigeri wrote: > Control: tag -1 + patch > > Hi weasel, > > this does the job for me: > > --- a/debian/tor.service > +++ b/debian/tor.service > @@ -17,11 +17,13 @@ Restart=on-failure > LimitNOFILE=65536 > > # Hardening > +AppArmorProfile=system_tor
The Debian package for Tor now supports multiple instances. https://gitweb.torproject.org/debian/tor.git/tree/debian/tor-instance-create.8.txt https://gitweb.torproject.org/debian/tor.git/tree/debian/tor-instance-create https://gitweb.torproject.org/debian/tor.git/tree/debian/systemd Any idea how to best deal with apparmor here? Should we create one /etc/apparmor.d/system_tor like system for each instance? Can we create them at service start time or do we have to create them at instance creation time? Is there some templating magic we can use? Cheers, -- | .''`. ** Debian ** Peter Palfrader | : :' : The universal https://www.palfrader.org/ | `. `' Operating System | `- https://www.debian.org/
