From patchwork Tue Oct 29 18:37:00 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= X-Patchwork-Id: 2557 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 472gM86GHGz3yqX for ; Tue, 29 Oct 2019 18:38:12 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail02.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 472gM74v4vz3xG; Tue, 29 Oct 2019 18:38:11 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=201909ed25519; t=1572374292; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=laGHfasbmDufWENePfo6rL74dUa4Zypku3m/sSoxwJI=; b=y6BVDjg0fIOg4HNAvPJfKweZHIB1c3M4AZ6oFS8F8EvnNcoUB1wJ2p9rqx4fTU3v9Yec5Z df7Hv3aB8qg//XAA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201909rsa; t=1572374292; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=laGHfasbmDufWENePfo6rL74dUa4Zypku3m/sSoxwJI=; b=IOgIBX2bAuy6uQckQdKZmd9foeVhO99sbqNz1FkcC3/ENaUsQ/wTqpn3iXOrEkt9jVnSqe m/iHrPcMgEyGsk1v5Pb0Wbnv30jgyIaOBfUUJOVtBMt1IpgOhQTsvhhWSeQbkiZOpenY/i GTOPI5KDRkaVYlunATKxz938shOQxG6oYSWVvDjHfjGL+Bhv78qyv5OCzPAaOp4oN5f5FN Yq98amn9RQOw+u6SyhB3z6aJqtTzmYbywc4yO4PSwiG59E/VXD4UWroArzjNLa5VdRZ6LQ +MiEc4xssLkkIuwO64esEanVK7o7ugs7y+foUi9tAnYPtXkyzfd1qW/4FyRaxg== Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 472gM73w9hz2yCV; Tue, 29 Oct 2019 18:38:11 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 472gM52zvSz2yCV for ; Tue, 29 Oct 2019 18:38:09 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 472gM410Y2z2bZ for ; Tue, 29 Oct 2019 18:38:07 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=201909ed25519; t=1572374288; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=laGHfasbmDufWENePfo6rL74dUa4Zypku3m/sSoxwJI=; b=MgRe012Q+F+oRaErLVVssNDeJ1+7LouKifq+q4uhXvvxe3zljB34XR+yyDs4zG9zUhJxQt PjVXWcMhcN8CVjCA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201909rsa; t=1572374288; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=laGHfasbmDufWENePfo6rL74dUa4Zypku3m/sSoxwJI=; b=P7jpKn/6/GU1d1sqbQ7bZwE3N9xQg4WT1qNSbwcbzmYARMmrqkS2+8ZH82DPCxv10NtXyi xOxBBht4dolieT1VWYCvDjuspz7RiEi3Kw9/ba05PXrOrT4aH5sS6l/v5yufay/YUDT8PE Uk+7eRC3ToO+b3jurqgOiLXmAJJ2svftSnvAMf9LyX1fQroJWYBF9GHVUgxb5jLXk0op0A tmb4MwotDVWQMeZ6LCjx64q2N2rZtUUWyu2lrqptEbNbwZlHgDFnVuF0wKykFjyBn6o4Td O2l6QZVqNrkOIZcfyWIvxNPfHx3xcGisT7cKzN817aCeaVNQupXTzeSH5zasaA== To: "IPFire: Development-List" From: peter.mueller@ipfire.org Subject: [PATCH] Tor: fix permissions of /var/ipfire/tor/torrc after installation Message-ID: <8ccc8c62-b96d-9154-c17e-abad5c975536@ipfire.org> Date: Tue, 29 Oct 2019 18:37:00 +0000 MIME-Version: 1.0 Content-Language: en-US Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=pmueller smtp.mailfrom=peter.mueller@ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Fixes #12220 Reported-by: Michael Tremer Signed-off-by: Peter Müller --- lfs/tor | 2 +- src/paks/tor/install.sh | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/lfs/tor b/lfs/tor index ea07f6ce2..178f84be9 100644 --- a/lfs/tor +++ b/lfs/tor @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = tor -PAK_VER = 43 +PAK_VER = 44 DEPS = "libseccomp" diff --git a/src/paks/tor/install.sh b/src/paks/tor/install.sh index 4d0353155..369b65f71 100644 --- a/src/paks/tor/install.sh +++ b/src/paks/tor/install.sh @@ -36,10 +36,10 @@ extract_files restore_backup ${NAME} # Adjust some folder permission for new UID/GID -chown -R tor:tor /var/lib/tor /var/ipfire/tor +chown -R tor:tor /var/lib/tor +chown -R tor:nobody /var/ipfire/tor -# Tor settings file needs to be writeable by nobody group for WebUI -chown tor:nobody /var/ipfire/tor/settings -chmod 664 /var/ipfire/tor/settings +# Tor settings files needs to be writeable by nobody group for WebUI +chmod 664 /var/ipfire/tor/{settings,torrc} start_service --background ${NAME}