From 445acc325b91afa63a89a19843fdf0c1d03ce596 Mon Sep 17 00:00:00 2001
From: Jacquin Antoine <antoine@arkel.fr>
Date: Sun, 1 Mar 2026 00:44:19 +0100
Subject: [PATCH] fix: systemd service hardening and correct config path
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Fix config path: .conf → .yml
- Add /etc/logcorrelator to ReadWritePaths (config reload)
- Add TimeoutStartSec=10 (matches systemd expectations)
- Add TimeoutStopSec=30 (aligned with code shutdown timeout)

These changes ensure proper systemd integration and security.

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
---
 logcorrelator.service | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/logcorrelator.service b/logcorrelator.service
index 50484df..c40b105 100644
--- a/logcorrelator.service
+++ b/logcorrelator.service
@@ -6,7 +6,7 @@ After=network.target
 Type=simple
 User=logcorrelator
 Group=logcorrelator
-ExecStart=/usr/bin/logcorrelator -config /etc/logcorrelator/logcorrelator.conf
+ExecStart=/usr/bin/logcorrelator -config /etc/logcorrelator/logcorrelator.yml
 Restart=on-failure
 RestartSec=5
 
@@ -14,10 +14,14 @@ RestartSec=5
 NoNewPrivileges=true
 ProtectSystem=strict
 ProtectHome=true
-ReadWritePaths=/var/log/logcorrelator /var/run/logcorrelator
+ReadWritePaths=/var/log/logcorrelator /var/run/logcorrelator /etc/logcorrelator
 
 # Resource limits
 LimitNOFILE=65536
 
+# Systemd timeouts
+TimeoutStartSec=10
+TimeoutStopSec=30
+
 [Install]
 WantedBy=multi-user.target