Run onionr as user instead of system always

This commit is contained in:
Arinerron 2019-03-30 16:21:12 -07:00
parent 5cf082b884
commit 50d0366e47
No known key found for this signature in database
GPG Key ID: 99383627861C62F0
2 changed files with 19 additions and 12 deletions

View File

@ -5,7 +5,7 @@ OUTPUT_DIR='/usr/share/onionr'
DATA_DIR='/etc/onionr' DATA_DIR='/etc/onionr'
LOG_DIR='/var/log/onionr' LOG_DIR='/var/log/onionr'
BRANCH='master' BRANCH='easy-releases'
# setup error handlers # setup error handlers
@ -43,12 +43,10 @@ echo -e "\033[0;32mInstalling pip dependencies...\033[0m"
pip3 install --no-input -r "$OUTPUT_DIR/requirements.txt" --require-hashes > /dev/null pip3 install --no-input -r "$OUTPUT_DIR/requirements.txt" --require-hashes > /dev/null
# create nologin onionr user if not exists # set permissions on Onionr directory
id -u onionr &>/dev/null || useradd -r -s /sbin/nologin onionr
chmod 755 "$OUTPUT_DIR" chmod 755 "$OUTPUT_DIR"
chown -R onionr:onionr "$OUTPUT_DIR" chown -R root:root "$OUTPUT_DIR"
# create directories # create directories
@ -56,7 +54,7 @@ mkdir -p "$OUTPUT_DIR/onionr/data" "$LOG_DIR"
mv "$OUTPUT_DIR/onionr/data" "$DATA_DIR" mv "$OUTPUT_DIR/onionr/data" "$DATA_DIR"
chmod -R 750 "$DATA_DIR" "$LOG_DIR" chmod -R 750 "$DATA_DIR" "$LOG_DIR"
chown -R onionr:onionr "$DATA_DIR" "$LOG_DIR" chown -R root:root "$DATA_DIR" "$LOG_DIR"
# create executable # create executable
@ -67,6 +65,8 @@ chown root:root "$EXECUTABLE"
# create systemd service # create systemd service
echo -e "\033[0;32mCreating systemd unit...\033[0m"
SERVICE='/etc/systemd/system/onionr.service' SERVICE='/etc/systemd/system/onionr.service'
cp "$OUTPUT_DIR/install/onionr.service" "$SERVICE" cp "$OUTPUT_DIR/install/onionr.service" "$SERVICE"

View File

@ -5,11 +5,18 @@ set -e
[ "root" != "$USER" ] && exec sudo $0 "$@" [ "root" != "$USER" ] && exec sudo $0 "$@"
export OUTPUT_DIR=${OUTPUT_DIR:=/usr/share/onionr} export OUTPUT_DIR=${OUTPUT_DIR:=/usr/share/onionr}
export ONIONR_HOME=${ONIONR_HOME:=/etc/onionr}
export LOG_DIR=${LOG_DIR:=/var/log/onionr} if [ -n "$HOME" ]; then
export XDG_DATA_HOME=${XDG_DATA_HOME:=$HOME/.local/share/onionr}
export ONIONR_HOME=${ONIONR_HOME:=$XDG_DATA_HOME}
export LOG_DIR=${LOG_DIR:=$XDG_DATA_HOME/logs}
else
export ONIONR_HOME=${ONIONR_HOME:=/etc/onionr}
export LOG_DIR=${LOG_DIR:=/var/log/onionr}
fi
mkdir -p "$ONIONR_HOME" "$LOG_DIR"
cd "$OUTPUT_DIR/onionr" cd "$OUTPUT_DIR/onionr"
exec python3.7 onionr.py "$@"
command="python3.7 onionr.py '$@'"
echo $command
exec su onionr -s /bin/sh -c "$command"