Commit graph

25 commits

Author SHA1 Message Date
setpill
870d4152df Set ProtectHome in systemd service file
Further hardening; the service should be run with as many restrictions
as possible without breaking it.
2019-08-20 10:54:14 +02:00
setpill
639a416e37 Chgrp config dir to bitcoin in systemd service
Rather than making the config dir world-readable, which potentially
leaks RPC credentials, the group of the directory is changed to the one
the service is executed as.
2019-08-20 10:54:14 +02:00
setpill
aded0528f0 Improve clarity of systemd service file comments
The phrasing seemed to indicate that the options specified in
ExecStart= could not be specified in the config file, necessitating
their inclusion in the service file. However, the options in the
config file simply get overridden by any specified in ExecStart=.
2019-08-20 10:54:14 +02:00
Carl Dong
b0c7b54d0c init: Use systemd automatic directory creation
Tell systemd to create, set, and ensure the right mode for the PID,
configuration, and data directories.

Only the exec bit is set for groups for the aforementioned directories.
This is the least privilege perm that allows for the
reading/writing/execing of files under the directory _if_ the files
themselves give permission to its group to do so (e.g. when -sysperms is
specified). Note that this does not allow for the listing of files under
the directory.
2019-01-05 13:21:44 +08:00
Harry Moreno
053b6f42d2
align items in contrib init 2018-10-30 14:27:37 -04:00
DesWurstes
000000035b Obsolete #!/bin/bash shebang 2018-06-20 11:12:41 +03:00
Giulio Lombardo
989c8990bb Rename “OS X” to the newer “macOS” convention 2018-06-04 13:04:04 +02:00
Florian Schmaus
79ddfad486 Apply hardening measurements in bitcoind systemd service file
Adds typical systemd hardening measurements for network services.
2018-03-14 08:11:07 +01:00
MarcoFalke
5e468994fb
Merge #11676: contrib/init: Update openrc-run filename
2f041f0e7 contrib/init: Update openrc-run filename (Luke Dashjr)

Pull request description:

  OpenRC changed their program binary names in 2014 (3 years ago), and using the old names has loud warnings now

Tree-SHA512: 2b81802b21c32b8df6010142f9593c0b6cc814a052f83b7f5654f6885566e8dbcaf4da772145fa2cf5d94c16c2fb488c5d4879f71021407c4d7b3a3b7e7ed21e
2017-11-13 17:01:46 -05:00
Luke Dashjr
2f041f0e7d contrib/init: Update openrc-run filename
OpenRC changed their program binary names in 2014 (3 years ago), and using the old names has loud warnings now
2017-11-13 15:46:25 +00:00
Wladimir J. van der Laan
331352f99f
Merge #10529: Improve bitcoind systemd service file
16be7dd Improve bitcoind systemd service file (Florian Schmaus)

Pull request description:

  Add comment how further options can be added or existing ones
  modified. Use /run/${RuntimeDirectory} for PID file.

  Remove TimeoutStopSec, TimeoutStartSec, StartLimitInterval,
  StartLimitBurst directives as those should be set indivdually.

  Remove Group to user the bitcoin user's default group.

  Changed Restart from 'always' to 'on-failure' (can also be overwritten
  individually).

Tree-SHA512: f76674c11fd6e3faaf786aa05686926523d9c875aad6b776337f800108fdb716470286805c532b494f8cf713cb5eea6b735e1c7c238ffb407a5cc909dda41aa4
2017-11-09 13:17:05 +01:00
Alejandro Avilés
ab5bba7783 Fix launchctl not being able to stop bitcoind
bitcoind should not be launched as daemon from launchctl. Otherwise, the
process cannot be stopped from launchctl.
2017-09-29 10:54:10 +02:00
MeshCollider
41f3e84aac Fix inconsistencies and grammar in various files 2017-06-27 19:59:07 +12:00
Florian Schmaus
16be7ddbaa Improve bitcoind systemd service file
Add comment how further options can be added or existing ones
modified. Use /run/${RuntimeDirectory} for PID file.

Remove TimeoutStopSec, TimeoutStartSec, StartLimitInterval,
StartLimitBurst directives as those should be set indivdually.

Remove Group to user the bitcoin user's default group.

Changed Restart from 'always' to 'on-failure' (can also be overwritten
individually).
2017-06-05 12:10:08 +02:00
Wladimir J. van der Laan
27b99312bf
Merge #10451: contrib/init/bitcoind.openrcconf: Don't disable wallet by default
afc693d contrib/init/bitcoind.openrcconf: Don't disable wallet by default (Luke Dashjr)

Tree-SHA512: 1763a9e91788485b079b96239cf09f1557b338e5045aa4ffbad3908f88c4e362b9b5d86a8a0f33734899de244e76e7ced02a6be8e52b3fb69258a5101d6445ef
2017-06-01 15:05:18 +02:00
Luke Dashjr
afc693dea6 contrib/init/bitcoind.openrcconf: Don't disable wallet by default
It's harmless if it goes unused, and confused when a wallet is desired
2017-05-25 01:56:57 +00:00
Jameson Lopp
b99fbadfad Fix init README format to render correctly on github 2017-03-19 09:09:25 -04:00
Kevin Cooper
d4aa54c5af added org.bitcoin.bitcoind.plist for launchd (OS X) 2015-09-02 09:48:40 -07:00
Florian Schmaus
8c44e63077 Add BITCOIND_SIGTERM_TIMEOUT to OpenRC init scripts
This allows users to specify, e.g. raise, the default timeout of 60
seconds. Some bitcoind instances, especially long running ones on slow
hardware, require a higher timeout for a clean shut down.

Also add a comment to bitcoind.openrc's 'retry=', since it is not
obvious from the variable name what it does.
2015-07-08 22:53:22 +02:00
sandakersmann
78f44b60d5 Capitalized P2P
Capitalized P2P
2015-05-14 01:02:00 -04:00
sandakersmann
8e9248d96b [Trivial] Cryptocurrency is one word
Cryptocurrency was added to Oxford Dictionaries Online in May 2014.
2015-05-14 01:02:00 -04:00
Wladimir J. van der Laan
f238add26a
Merge pull request #5847
723664b startup script for centos, with documentation. (joshr)
2015-03-16 12:32:21 +01:00
joshr
723664b5db startup script for centos, with documentation. 2015-03-03 11:23:54 -05:00
Luke Dashjr
3c6d594e64 contrib/init/bitcoind.openrc: Compatibility with previous OpenRC init script variables 2015-03-03 09:52:21 +00:00
Adam Weiss
234bfbf6a5 Add init scripts and docs for Upstart and OpenRC 2014-09-09 16:58:06 -04:00