From 534f34a5bcc7112cbe7308eff7b961eee747fda3 Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Fri, 12 Oct 2018 23:10:48 +0300
Subject: [PATCH] add override.conf for tor.service for allowing binding to
 80/443

It took me some time a few days ago to figure out this (and notice that
port 80 was already used by automatically installed Apache that was
doing nothing).

I have understood that ports 443 (Orport) and 80 (Dirport) are the best
for users behind strict firewalls especially if they aren't needed for
anything else on the system running Tor relay.
---
 etc/systemd/system/tor.service.d/override.conf | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 etc/systemd/system/tor.service.d/override.conf

diff --git a/etc/systemd/system/tor.service.d/override.conf b/etc/systemd/system/tor.service.d/override.conf
new file mode 100644
index 00000000..c250b48d
--- /dev/null
+++ b/etc/systemd/system/tor.service.d/override.conf
@@ -0,0 +1,3 @@
+[Service]
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+NoNewPrivileges=yes