diff options
| author | Jakub Jirutka <jakub@jirutka.cz> | 2021-12-26 01:34:47 +0100 |
|---|---|---|
| committer | Jakub Jirutka <jakub@jirutka.cz> | 2021-12-26 01:35:49 +0100 |
| commit | bfcba31818ae891ae0d4820c36c5aa95197d5f5a (patch) | |
| tree | b52f4edbeecf985c4dfb74b00578473c8ee251b8 | |
| parent | 424bd3149ef177892552a01018edba33616ec3ef (diff) | |
community/connman: run openvpn under unprivileged user by default
| -rw-r--r-- | community/connman/APKBUILD | 5 | ||||
| -rw-r--r-- | community/connman/openvpn.conf | 7 |
2 files changed, 12 insertions, 0 deletions
diff --git a/community/connman/APKBUILD b/community/connman/APKBUILD index 7dddc55246f..9e0caeff439 100644 --- a/community/connman/APKBUILD +++ b/community/connman/APKBUILD @@ -41,6 +41,7 @@ subpackages=" source="https://www.kernel.org/pub/linux/network/connman/connman-$pkgver.tar.xz libresolv.patch dbus-rules.patch + openvpn.conf $pkgname.initd $pkgname.confd " @@ -98,6 +99,8 @@ package() { make install DESTDIR="$pkgdir" install -Dm644 src/main.conf "$pkgdir"/etc/$pkgname/main.conf + install -Dm644 "$srcdir"/openvpn.conf -t "$pkgdir"/etc/$pkgname/vpn-plugin/ + mv "$pkgdir"/usr/sbin/connmand "$pkgdir"/usr/sbin/connmand.iptables install -D -m 755 "$builddir~nftables"/src/connmand "$pkgdir"/usr/sbin/connmand.nftables @@ -138,6 +141,7 @@ openvpn() { depends="$pkgname=$pkgver-r$pkgrel openvpn" replaces="$pkgname" # for backward compatibility + amove etc/connman/vpn-plugin/openvpn.conf amove usr/lib/connman/plugins-vpn/openvpn.so amove usr/lib/connman/scripts/openvpn-script } @@ -161,6 +165,7 @@ sha512sums=" 33df90814b7499aeafcd51fca4f8ffbc07efacfa29dda46d3b9bcd3ff26264dc53c3991e7e53a8563ca403015c345e59c7ad29427c38ee3d88dd282479db7a0f connman-1.40.tar.xz 122b48fc9e25354e25ba3a3e0864bdd84da84457fed94aeea726bcb189b2f05f2cc361ae15f44af5c49bcee572e91e4c0488ef3b0bc79d20f6efe15853fb6b3a libresolv.patch 0223dba51be67c131c297d0e865fe1276e4800be5eee25c4f142df8e651318bf5dae98c1d559bb70c002cdfc3ce3c24d12128ddca5656192f962d91af6906caa dbus-rules.patch +7f90bfdbe27a468c401bde04ccedc7d15afba11ca460ee6155233c3ef99285033303cbf7afac3849cbcd6e95a90eae5bdc772e416aef57e5ada7c4eed38f4de9 openvpn.conf 4bedfb21a941f6fc1f854a565dcdb1b8675888c23a112ad60645c56e7c602029089a067d0317cc156a3edf624ebbc8d0696bfb61a4b09c9becd04ee3b1d65a29 connman.initd 73f505a777df04039ca51bc3959aa89969a0bbc21ea971fb98e04e9b5851553de35955453ed859f5a6273724bbcce38f13012950c6cb4e0a2bc80bc531ccff1e connman.confd " diff --git a/community/connman/openvpn.conf b/community/connman/openvpn.conf new file mode 100644 index 00000000000..9b81abc7b85 --- /dev/null +++ b/community/connman/openvpn.conf @@ -0,0 +1,7 @@ +# Configuration file for ConnMan-VPN plugin for OpenVPN. + +[DACPrivileges] +# User on the system to use for running openvpn binary. +User = openvpn +# The main group to use for running openvpn binary. +Group = openvpn |