systemd service - don't use deprecated PermissionsStartOnly

- elevate Prestart and Poststop script permissions using "+" prefix instead,
as per https://www.freedesktop.org/software/systemd/man/latest/systemd.service.html#Command%20lines

( PermissionsStartOnly was deprecated in systemd 241 and no longer appears in
documentation since 2018 https://github.com/systemd/systemd/pull/10802 )

Signed-off-by: Rob Gill <rrobgill@protonmail.com>

diff --git a/advanced/Templates/pihole-FTL.systemd b/advanced/Templates/pihole-FTL.systemd
index fcbb8d8ddb9d080efe3d50190aae28ee11a76bea..29470c5ae2902490ba18d2dc77e2c614815a2c27 100644 (file)
--- a/advanced/Templates/pihole-FTL.systemd
+++ b/advanced/Templates/pihole-FTL.systemd
@@ -17,15 +17,15 @@ StartLimitIntervalSec=60s
 
 [Service]
 User=pihole
-PermissionsStartOnly=true
 AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_NET_ADMIN CAP_SYS_NICE CAP_IPC_LOCK CAP_CHOWN CAP_SYS_TIME
 
-ExecStartPre=/opt/pihole/pihole-FTL-prestart.sh
+# Run prestart with elevated permissions
+ExecStartPre=+/opt/pihole/pihole-FTL-prestart.sh
 ExecStart=/usr/bin/pihole-FTL -f
 Restart=on-failure
 RestartSec=5s
 ExecReload=/bin/kill -HUP $MAINPID
-ExecStopPost=/opt/pihole/pihole-FTL-poststop.sh
+ExecStopPost=+/opt/pihole/pihole-FTL-poststop.sh
 
 # Use graceful shutdown with a reasonable timeout
 TimeoutStopSec=60s