diff mbox series

Tor: fix permission of /var/ipfire/tor/settings

Message ID 85f686b6-4b5d-ea51-9cbb-925bfe17f000@ipfire.org
State Accepted
Commit 9a0454cea2423fe944375bd8444e8276d420ed1f
Headers
Series Tor: fix permission of /var/ipfire/tor/settings |

Commit Message

Peter Müller Sept. 7, 2019, 5:52 p.m. UTC 
  The settings file must be writeable for group "nobody" so
users can change their Tor settings via WebUI. Since other
files in /var/ipfire/tor/ does not need this workaround, only
the settings file permissions are changed.

Sorry for the late fix; this was reported by various people
in the forum, too (I was unaware of so many Tor users in our
community).

Fixes #12117

Reported-by: Erik Kapfer <erik.kapfer@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
---
 lfs/tor                 | 2 +-
 src/paks/tor/install.sh | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/lfs/tor b/lfs/tor
index d918910d4..1e234e0ab 100644
--- a/lfs/tor
+++ b/lfs/tor
@@ -32,7 +32,7 @@  DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = tor
-PAK_VER    = 40
+PAK_VER    = 41
 
 DEPS       = "libseccomp"
 
diff --git a/src/paks/tor/install.sh b/src/paks/tor/install.sh
index 1659871b6..4d0353155 100644
--- a/src/paks/tor/install.sh
+++ b/src/paks/tor/install.sh
@@ -38,4 +38,8 @@  restore_backup ${NAME}
 # Adjust some folder permission for new UID/GID
 chown -R tor:tor /var/lib/tor /var/ipfire/tor
 
+# Tor settings file needs to be writeable by nobody group for WebUI
+chown tor:nobody /var/ipfire/tor/settings
+chmod 664 /var/ipfire/tor/settings
+
 start_service --background ${NAME}