Run onionr as user instead of system always
This commit is contained in:
parent
5cf082b884
commit
50d0366e47
@ -5,7 +5,7 @@ OUTPUT_DIR='/usr/share/onionr'
|
|||||||
DATA_DIR='/etc/onionr'
|
DATA_DIR='/etc/onionr'
|
||||||
LOG_DIR='/var/log/onionr'
|
LOG_DIR='/var/log/onionr'
|
||||||
|
|
||||||
BRANCH='master'
|
BRANCH='easy-releases'
|
||||||
|
|
||||||
# setup error handlers
|
# setup error handlers
|
||||||
|
|
||||||
@ -43,12 +43,10 @@ echo -e "\033[0;32mInstalling pip dependencies...\033[0m"
|
|||||||
|
|
||||||
pip3 install --no-input -r "$OUTPUT_DIR/requirements.txt" --require-hashes > /dev/null
|
pip3 install --no-input -r "$OUTPUT_DIR/requirements.txt" --require-hashes > /dev/null
|
||||||
|
|
||||||
# create nologin onionr user if not exists
|
# set permissions on Onionr directory
|
||||||
|
|
||||||
id -u onionr &>/dev/null || useradd -r -s /sbin/nologin onionr
|
|
||||||
|
|
||||||
chmod 755 "$OUTPUT_DIR"
|
chmod 755 "$OUTPUT_DIR"
|
||||||
chown -R onionr:onionr "$OUTPUT_DIR"
|
chown -R root:root "$OUTPUT_DIR"
|
||||||
|
|
||||||
# create directories
|
# create directories
|
||||||
|
|
||||||
@ -56,7 +54,7 @@ mkdir -p "$OUTPUT_DIR/onionr/data" "$LOG_DIR"
|
|||||||
mv "$OUTPUT_DIR/onionr/data" "$DATA_DIR"
|
mv "$OUTPUT_DIR/onionr/data" "$DATA_DIR"
|
||||||
|
|
||||||
chmod -R 750 "$DATA_DIR" "$LOG_DIR"
|
chmod -R 750 "$DATA_DIR" "$LOG_DIR"
|
||||||
chown -R onionr:onionr "$DATA_DIR" "$LOG_DIR"
|
chown -R root:root "$DATA_DIR" "$LOG_DIR"
|
||||||
|
|
||||||
# create executable
|
# create executable
|
||||||
|
|
||||||
@ -67,6 +65,8 @@ chown root:root "$EXECUTABLE"
|
|||||||
|
|
||||||
# create systemd service
|
# create systemd service
|
||||||
|
|
||||||
|
echo -e "\033[0;32mCreating systemd unit...\033[0m"
|
||||||
|
|
||||||
SERVICE='/etc/systemd/system/onionr.service'
|
SERVICE='/etc/systemd/system/onionr.service'
|
||||||
|
|
||||||
cp "$OUTPUT_DIR/install/onionr.service" "$SERVICE"
|
cp "$OUTPUT_DIR/install/onionr.service" "$SERVICE"
|
||||||
|
@ -5,11 +5,18 @@ set -e
|
|||||||
[ "root" != "$USER" ] && exec sudo $0 "$@"
|
[ "root" != "$USER" ] && exec sudo $0 "$@"
|
||||||
|
|
||||||
export OUTPUT_DIR=${OUTPUT_DIR:=/usr/share/onionr}
|
export OUTPUT_DIR=${OUTPUT_DIR:=/usr/share/onionr}
|
||||||
export ONIONR_HOME=${ONIONR_HOME:=/etc/onionr}
|
|
||||||
export LOG_DIR=${LOG_DIR:=/var/log/onionr}
|
if [ -n "$HOME" ]; then
|
||||||
|
export XDG_DATA_HOME=${XDG_DATA_HOME:=$HOME/.local/share/onionr}
|
||||||
|
|
||||||
|
export ONIONR_HOME=${ONIONR_HOME:=$XDG_DATA_HOME}
|
||||||
|
export LOG_DIR=${LOG_DIR:=$XDG_DATA_HOME/logs}
|
||||||
|
else
|
||||||
|
export ONIONR_HOME=${ONIONR_HOME:=/etc/onionr}
|
||||||
|
export LOG_DIR=${LOG_DIR:=/var/log/onionr}
|
||||||
|
fi
|
||||||
|
|
||||||
|
mkdir -p "$ONIONR_HOME" "$LOG_DIR"
|
||||||
|
|
||||||
cd "$OUTPUT_DIR/onionr"
|
cd "$OUTPUT_DIR/onionr"
|
||||||
|
exec python3.7 onionr.py "$@"
|
||||||
command="python3.7 onionr.py '$@'"
|
|
||||||
echo $command
|
|
||||||
exec su onionr -s /bin/sh -c "$command"
|
|
||||||
|
Loading…
Reference in New Issue
Block a user