* [PATCH] tor: Fix tor permissions if presant via update.sh @ 2019-06-10 11:36 Erik Kapfer 2019-06-10 14:31 ` Michael Tremer 0 siblings, 1 reply; 9+ messages in thread From: Erik Kapfer @ 2019-06-10 11:36 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 659 bytes --] Signed-off-by: Erik Kapfer <ummeegge(a)ipfire.org> --- config/rootfiles/core/133/update.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/config/rootfiles/core/133/update.sh b/config/rootfiles/core/133/update.sh index a05ad0741..3ecb5651b 100644 --- a/config/rootfiles/core/133/update.sh +++ b/config/rootfiles/core/133/update.sh @@ -71,6 +71,11 @@ sudo -u nobody /srv/web/ipfire/cgi-bin/vpnmain.cgi /etc/init.d/squid start /etc/init.d/collectd restart +# Set new permissions for tor +if [ -d "/var/lib/tor" ]; then + chown -R tor:tor /var/lib/tor +fi + # Finish /etc/init.d/fireinfo start sendprofile -- 2.12.2 ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] tor: Fix tor permissions if presant via update.sh 2019-06-10 11:36 [PATCH] tor: Fix tor permissions if presant via update.sh Erik Kapfer @ 2019-06-10 14:31 ` Michael Tremer 2019-06-10 18:12 ` Peter Müller 0 siblings, 1 reply; 9+ messages in thread From: Michael Tremer @ 2019-06-10 14:31 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 947 bytes --] Hi, Thanks for sending in that patch. But I think instead of doing this in the Core Update, this change should be applied in the tor update scripts. -Michael > On 10 Jun 2019, at 12:36, Erik Kapfer <ummeegge(a)ipfire.org> wrote: > > Signed-off-by: Erik Kapfer <ummeegge(a)ipfire.org> > --- > config/rootfiles/core/133/update.sh | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/config/rootfiles/core/133/update.sh b/config/rootfiles/core/133/update.sh > index a05ad0741..3ecb5651b 100644 > --- a/config/rootfiles/core/133/update.sh > +++ b/config/rootfiles/core/133/update.sh > @@ -71,6 +71,11 @@ sudo -u nobody /srv/web/ipfire/cgi-bin/vpnmain.cgi > /etc/init.d/squid start > /etc/init.d/collectd restart > > +# Set new permissions for tor > +if [ -d "/var/lib/tor" ]; then > + chown -R tor:tor /var/lib/tor > +fi > + > # Finish > /etc/init.d/fireinfo start > sendprofile > -- > 2.12.2 > ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] tor: Fix tor permissions if presant via update.sh 2019-06-10 14:31 ` Michael Tremer @ 2019-06-10 18:12 ` Peter Müller 2019-06-10 18:36 ` Paul Simmons 2019-06-10 19:10 ` [PATCH] tor: Fix tor permissions if presant via update.sh ummeegge 0 siblings, 2 replies; 9+ messages in thread From: Peter Müller @ 2019-06-10 18:12 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 1499 bytes --] Hello Michael, as mentioned in https://bugzilla.ipfire.org/show_bug.cgi?id=12088#c11 , the "install.sh" script of the Tor addon contains all required steps. Since "update.sh" calls "install.sh" at the end of the file, everything should be fine after an update as well - which is not. However, due to this, I do not think putting it into "update.sh" makes sense either. Thanks, and best regards, Peter Müller Michael Tremer: > Hi, > > Thanks for sending in that patch. > > But I think instead of doing this in the Core Update, this change should be applied in the tor update scripts. > > -Michael > >> On 10 Jun 2019, at 12:36, Erik Kapfer <ummeegge(a)ipfire.org> wrote: >> >> Signed-off-by: Erik Kapfer <ummeegge(a)ipfire.org> >> --- >> config/rootfiles/core/133/update.sh | 5 +++++ >> 1 file changed, 5 insertions(+) >> >> diff --git a/config/rootfiles/core/133/update.sh b/config/rootfiles/core/133/update.sh >> index a05ad0741..3ecb5651b 100644 >> --- a/config/rootfiles/core/133/update.sh >> +++ b/config/rootfiles/core/133/update.sh >> @@ -71,6 +71,11 @@ sudo -u nobody /srv/web/ipfire/cgi-bin/vpnmain.cgi >> /etc/init.d/squid start >> /etc/init.d/collectd restart >> >> +# Set new permissions for tor >> +if [ -d "/var/lib/tor" ]; then >> + chown -R tor:tor /var/lib/tor >> +fi >> + >> # Finish >> /etc/init.d/fireinfo start >> sendprofile >> -- >> 2.12.2 >> > -- The road to Hades is easy to travel. -- Bion of Borysthenes ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] tor: Fix tor permissions if presant via update.sh 2019-06-10 18:12 ` Peter Müller @ 2019-06-10 18:36 ` Paul Simmons 2019-06-10 18:51 ` Michael Tremer 2019-06-10 19:10 ` [PATCH] tor: Fix tor permissions if presant via update.sh ummeegge 1 sibling, 1 reply; 9+ messages in thread From: Paul Simmons @ 2019-06-10 18:36 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 1607 bytes --] On 6/10/19 1:12 PM, Peter Müller wrote: > Hello Michael, > > as mentioned in https://bugzilla.ipfire.org/show_bug.cgi?id=12088#c11 , > the "install.sh" script of the Tor addon contains all required steps. > > Since "update.sh" calls "install.sh" at the end of the file, everything > should be fine after an update as well - which is not. However, due to > this, I do not think putting it into "update.sh" makes sense either. > > Thanks, and best regards, > Peter Müller > > Michael Tremer: >> Hi, >> >> Thanks for sending in that patch. >> >> But I think instead of doing this in the Core Update, this change should be applied in the tor update scripts. >> >> -Michael >> >>> On 10 Jun 2019, at 12:36, Erik Kapfer <ummeegge(a)ipfire.org> wrote: >>> >>> Signed-off-by: Erik Kapfer <ummeegge(a)ipfire.org> >>> --- >>> config/rootfiles/core/133/update.sh | 5 +++++ >>> 1 file changed, 5 insertions(+) >>> >>> diff --git a/config/rootfiles/core/133/update.sh b/config/rootfiles/core/133/update.sh >>> index a05ad0741..3ecb5651b 100644 >>> --- a/config/rootfiles/core/133/update.sh >>> +++ b/config/rootfiles/core/133/update.sh >>> @@ -71,6 +71,11 @@ sudo -u nobody /srv/web/ipfire/cgi-bin/vpnmain.cgi >>> /etc/init.d/squid start >>> /etc/init.d/collectd restart >>> >>> +# Set new permissions for tor >>> +if [ -d "/var/lib/tor" ]; then >>> + chown -R tor:tor /var/lib/tor >>> +fi >>> + >>> # Finish >>> /etc/init.d/fireinfo start >>> sendprofile >>> -- >>> 2.12.2 >>> >> > Perhaps the restore_backup in install.sh is undoing the ownership? p. ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] tor: Fix tor permissions if presant via update.sh 2019-06-10 18:36 ` Paul Simmons @ 2019-06-10 18:51 ` Michael Tremer 2019-06-10 19:02 ` [PATCH] Tor: fix permissions after updating, too Peter Müller 0 siblings, 1 reply; 9+ messages in thread From: Michael Tremer @ 2019-06-10 18:51 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 1932 bytes --] Hi, Yes that will be it. The backup stores permissions and ownership. Please move the chown line to after the backup is being restored and you will be fine. -Michael > On 10 Jun 2019, at 19:36, Paul Simmons <mbatranch(a)gmail.com> wrote: > > On 6/10/19 1:12 PM, Peter Müller wrote: >> Hello Michael, >> >> as mentioned in https://bugzilla.ipfire.org/show_bug.cgi?id=12088#c11 , >> the "install.sh" script of the Tor addon contains all required steps. >> >> Since "update.sh" calls "install.sh" at the end of the file, everything >> should be fine after an update as well - which is not. However, due to >> this, I do not think putting it into "update.sh" makes sense either. >> >> Thanks, and best regards, >> Peter Müller >> >> Michael Tremer: >>> Hi, >>> >>> Thanks for sending in that patch. >>> >>> But I think instead of doing this in the Core Update, this change should be applied in the tor update scripts. >>> >>> -Michael >>> >>>> On 10 Jun 2019, at 12:36, Erik Kapfer <ummeegge(a)ipfire.org> wrote: >>>> >>>> Signed-off-by: Erik Kapfer <ummeegge(a)ipfire.org> >>>> --- >>>> config/rootfiles/core/133/update.sh | 5 +++++ >>>> 1 file changed, 5 insertions(+) >>>> >>>> diff --git a/config/rootfiles/core/133/update.sh b/config/rootfiles/core/133/update.sh >>>> index a05ad0741..3ecb5651b 100644 >>>> --- a/config/rootfiles/core/133/update.sh >>>> +++ b/config/rootfiles/core/133/update.sh >>>> @@ -71,6 +71,11 @@ sudo -u nobody /srv/web/ipfire/cgi-bin/vpnmain.cgi >>>> /etc/init.d/squid start >>>> /etc/init.d/collectd restart >>>> >>>> +# Set new permissions for tor >>>> +if [ -d "/var/lib/tor" ]; then >>>> + chown -R tor:tor /var/lib/tor >>>> +fi >>>> + >>>> # Finish >>>> /etc/init.d/fireinfo start >>>> sendprofile >>>> -- >>>> 2.12.2 >>>> >>> >> > > Perhaps the restore_backup in install.sh is undoing the ownership? > > p. ^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH] Tor: fix permissions after updating, too 2019-06-10 18:51 ` Michael Tremer @ 2019-06-10 19:02 ` Peter Müller 2019-06-12 13:57 ` Peter Müller 0 siblings, 1 reply; 9+ messages in thread From: Peter Müller @ 2019-06-10 19:02 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 1097 bytes --] Fixes #12088 Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org> Reported-by: Erik Kapfer <ummeegge(a)ipfire.org> --- lfs/tor | 2 +- src/paks/tor/install.sh | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/lfs/tor b/lfs/tor index 1e8c3889d..d918910d4 100644 --- a/lfs/tor +++ b/lfs/tor @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = tor -PAK_VER = 39 +PAK_VER = 40 DEPS = "libseccomp" diff --git a/src/paks/tor/install.sh b/src/paks/tor/install.sh index 268bccecd..1659871b6 100644 --- a/src/paks/tor/install.sh +++ b/src/paks/tor/install.sh @@ -32,9 +32,10 @@ if ! getent passwd tor; then useradd -u 119 -g tor -c "Tor daemon user" -d /var/empty -s /bin/false tor fi +extract_files +restore_backup ${NAME} + # Adjust some folder permission for new UID/GID chown -R tor:tor /var/lib/tor /var/ipfire/tor -extract_files -restore_backup ${NAME} start_service --background ${NAME} -- 2.16.4 ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] Tor: fix permissions after updating, too 2019-06-10 19:02 ` [PATCH] Tor: fix permissions after updating, too Peter Müller @ 2019-06-12 13:57 ` Peter Müller 2019-06-12 14:12 ` Michael Tremer 0 siblings, 1 reply; 9+ messages in thread From: Peter Müller @ 2019-06-12 13:57 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 1368 bytes --] Hello, could somebody please merge this patch _before_ closing Core Update 133? Thanks, and best regards, Peter Müller > Fixes #12088 > > Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org> > Reported-by: Erik Kapfer <ummeegge(a)ipfire.org> > --- > lfs/tor | 2 +- > src/paks/tor/install.sh | 5 +++-- > 2 files changed, 4 insertions(+), 3 deletions(-) > > diff --git a/lfs/tor b/lfs/tor > index 1e8c3889d..d918910d4 100644 > --- a/lfs/tor > +++ b/lfs/tor > @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) > DIR_APP = $(DIR_SRC)/$(THISAPP) > TARGET = $(DIR_INFO)/$(THISAPP) > PROG = tor > -PAK_VER = 39 > +PAK_VER = 40 > > DEPS = "libseccomp" > > diff --git a/src/paks/tor/install.sh b/src/paks/tor/install.sh > index 268bccecd..1659871b6 100644 > --- a/src/paks/tor/install.sh > +++ b/src/paks/tor/install.sh > @@ -32,9 +32,10 @@ if ! getent passwd tor; then > useradd -u 119 -g tor -c "Tor daemon user" -d /var/empty -s /bin/false tor > fi > > +extract_files > +restore_backup ${NAME} > + > # Adjust some folder permission for new UID/GID > chown -R tor:tor /var/lib/tor /var/ipfire/tor > > -extract_files > -restore_backup ${NAME} > start_service --background ${NAME} > -- The road to Hades is easy to travel. -- Bion of Borysthenes ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] Tor: fix permissions after updating, too 2019-06-12 13:57 ` Peter Müller @ 2019-06-12 14:12 ` Michael Tremer 0 siblings, 0 replies; 9+ messages in thread From: Michael Tremer @ 2019-06-12 14:12 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 1641 bytes --] Hi, err, the update is closed and should be building right now. But tor is an add-on. So we can build this separately. -Michael > On 12 Jun 2019, at 14:57, Peter Müller <peter.mueller(a)ipfire.org> wrote: > > Hello, > > could somebody please merge this patch _before_ closing Core Update 133? > > Thanks, and best regards, > Peter Müller > > >> Fixes #12088 >> >> Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org> >> Reported-by: Erik Kapfer <ummeegge(a)ipfire.org> >> --- >> lfs/tor | 2 +- >> src/paks/tor/install.sh | 5 +++-- >> 2 files changed, 4 insertions(+), 3 deletions(-) >> >> diff --git a/lfs/tor b/lfs/tor >> index 1e8c3889d..d918910d4 100644 >> --- a/lfs/tor >> +++ b/lfs/tor >> @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) >> DIR_APP = $(DIR_SRC)/$(THISAPP) >> TARGET = $(DIR_INFO)/$(THISAPP) >> PROG = tor >> -PAK_VER = 39 >> +PAK_VER = 40 >> >> DEPS = "libseccomp" >> >> diff --git a/src/paks/tor/install.sh b/src/paks/tor/install.sh >> index 268bccecd..1659871b6 100644 >> --- a/src/paks/tor/install.sh >> +++ b/src/paks/tor/install.sh >> @@ -32,9 +32,10 @@ if ! getent passwd tor; then >> useradd -u 119 -g tor -c "Tor daemon user" -d /var/empty -s /bin/false tor >> fi >> >> +extract_files >> +restore_backup ${NAME} >> + >> # Adjust some folder permission for new UID/GID >> chown -R tor:tor /var/lib/tor /var/ipfire/tor >> >> -extract_files >> -restore_backup ${NAME} >> start_service --background ${NAME} >> > > -- > The road to Hades is easy to travel. > -- Bion of Borysthenes ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] tor: Fix tor permissions if presant via update.sh 2019-06-10 18:12 ` Peter Müller 2019-06-10 18:36 ` Paul Simmons @ 2019-06-10 19:10 ` ummeegge 1 sibling, 0 replies; 9+ messages in thread From: ummeegge @ 2019-06-10 19:10 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 1826 bytes --] Hello Michael & Peter, On Mo, 2019-06-10 at 18:12 +0000, Peter Müller wrote: > Hello Michael, > > as mentioned in https://bugzilla.ipfire.org/show_bug.cgi?id=12088#c11 > , > the "install.sh" script of the Tor addon contains all required steps. > > Since "update.sh" calls "install.sh" at the end of the file, > everything > should be fine after an update as well - which is not. However, due > to > this, I do not think putting it into "update.sh" makes sense either. Thought a little in the same way since there is also an update for tor whereby tor´s update.sh (includes install.sh then) should be executed. To stay save i used the core update.sh for this... Best, Erik > > Thanks, and best regards, > Peter Müller > > Michael Tremer: > > Hi, > > > > Thanks for sending in that patch. > > > > But I think instead of doing this in the Core Update, this change > > should be applied in the tor update scripts. > > > > -Michael > > > > > On 10 Jun 2019, at 12:36, Erik Kapfer <ummeegge(a)ipfire.org> > > > wrote: > > > > > > Signed-off-by: Erik Kapfer <ummeegge(a)ipfire.org> > > > --- > > > config/rootfiles/core/133/update.sh | 5 +++++ > > > 1 file changed, 5 insertions(+) > > > > > > diff --git a/config/rootfiles/core/133/update.sh > > > b/config/rootfiles/core/133/update.sh > > > index a05ad0741..3ecb5651b 100644 > > > --- a/config/rootfiles/core/133/update.sh > > > +++ b/config/rootfiles/core/133/update.sh > > > @@ -71,6 +71,11 @@ sudo -u nobody /srv/web/ipfire/cgi- > > > bin/vpnmain.cgi > > > /etc/init.d/squid start > > > /etc/init.d/collectd restart > > > > > > +# Set new permissions for tor > > > +if [ -d "/var/lib/tor" ]; then > > > + chown -R tor:tor /var/lib/tor > > > +fi > > > + > > > # Finish > > > /etc/init.d/fireinfo start > > > sendprofile > > > -- > > > 2.12.2 > > > > > ^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2019-06-12 14:12 UTC | newest] Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2019-06-10 11:36 [PATCH] tor: Fix tor permissions if presant via update.sh Erik Kapfer 2019-06-10 14:31 ` Michael Tremer 2019-06-10 18:12 ` Peter Müller 2019-06-10 18:36 ` Paul Simmons 2019-06-10 18:51 ` Michael Tremer 2019-06-10 19:02 ` [PATCH] Tor: fix permissions after updating, too Peter Müller 2019-06-12 13:57 ` Peter Müller 2019-06-12 14:12 ` Michael Tremer 2019-06-10 19:10 ` [PATCH] tor: Fix tor permissions if presant via update.sh ummeegge
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox