From dff8815192ae84880be8ead2aac1ce475f5a464b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C2=A9TriMoon=E2=84=A2?= <TriMoon@users.noreply.github.com>
Date: Tue, 15 Aug 2023 18:45:32 +0300
Subject: [PATCH] Update opensnitchd.service

See: #1018
---
 daemon/opensnitchd.service | 34 ++++++++++++++++++++++++++++------
 1 file changed, 28 insertions(+), 6 deletions(-)

diff --git a/daemon/opensnitchd.service b/daemon/opensnitchd.service
index 3f05fad264..e5d81439c0 100644
--- a/daemon/opensnitchd.service
+++ b/daemon/opensnitchd.service
@@ -1,15 +1,37 @@
 [Unit]
 Description=Application firewall OpenSnitch
-Documentation=https://github.com/evilsocket/opensnitch/wiki
+Documentation=https://github.com/gustavo-iniguez-goya/opensnitch/wiki
+Documentation=man:systemd.special
+Documentation=man:systemd.service
+Documentation=man:systemd.exec
+Documentation=man:systemd.unit
+
+DefaultDependencies=no
+Before=network-pre.target shutdown.target
+Wants=network-pre.target
+Conflicts=shutdown.target
+# Don't start when 'no-appfw` is in kernel command-line, to allow booting without it.
+ConditionKernelCommandLine=!no-appfw
 
 [Service]
-Type=simple
-PermissionsStartOnly=true
-ExecStartPre=/bin/mkdir -p /etc/opensnitchd/rules
-ExecStart=/usr/local/bin/opensnitchd -rules-path /etc/opensnitchd/rules
+Type=exec
+ConfigurationDirectory=%N/rules
+ConfigurationDirectoryMode=0700
+
+Environment='custom_cfg=%E/%N/rules'
+# Environment='opts=-debug'
+
+ExecCondition=%N -check-requirements
+ExecStart=%N -rules-path $custom_cfg $opts
+
+# Signal-info was taken from the init.d script, but it just exits and then systemd restarts the service...
+ExecReload=kill -HUP $MAINPID
 Restart=always
 RestartSec=30
 TimeoutStopSec=10
+# Ensure it is not killed by the Linux kernel's Out-Of-Memory (OOM) killer.
+# https://www.freedesktop.org/software/systemd/man/systemd.exec.html#OOMScoreAdjust=
+OOMScoreAdjust=-1000
 
 [Install]
-WantedBy=multi-user.target
+WantedBy=basic.target