31 lines
1.3 KiB
Diff
31 lines
1.3 KiB
Diff
diff --git a/sing-box.service b/sing-box.service
|
|
--- a/sing-box.service
|
|
+++ b/sing-box.service
|
|
@@ -4,9 +4,10 @@ Documentation=https://sing-box.sagernet.org
|
|
After=network.target nss-lookup.target
|
|
|
|
[Service]
|
|
+User=sing-box
|
|
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
|
|
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
|
|
-ExecStart=/usr/bin/sing-box -D /var/lib/sing-box -C /etc/sing-box run
|
|
+ExecStart=/usr/bin/sing-box -D /var/lib/sing-box/sing-box -C /etc/sing-box run
|
|
ExecReload=/bin/kill -HUP $MAINPID
|
|
Restart=on-failure
|
|
RestartSec=10s
|
|
diff --git a/sing-box@.service b/sing-box@.service
|
|
--- a/sing-box@.service
|
|
+++ b/sing-box@.service
|
|
@@ -4,9 +4,10 @@ Documentation=https://sing-box.sagernet.org
|
|
After=network.target nss-lookup.target
|
|
|
|
[Service]
|
|
+User=sing-box
|
|
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
|
|
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
|
|
-ExecStart=/usr/bin/sing-box -D /var/lib/sing-box-%i -c /etc/sing-box/%i.json run
|
|
+ExecStart=/usr/bin/sing-box -D /var/lib/sing-box/sing-box-%i -c /etc/sing-box/%i.json run
|
|
ExecReload=/bin/kill -HUP $MAINPID
|
|
Restart=on-failure
|
|
RestartSec=10s
|