From cd0b52445f8f8a6208e524335f6de9ca0854f94c Mon Sep 17 00:00:00 2001
From: Jakub Jirutka <jakub@jirutka.cz>
Date: Thu, 25 Aug 2016 17:05:15 +0200
Subject: community/tor: run as unprivileged user

---
 community/tor/tor.initd | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'community/tor/tor.initd')

diff --git a/community/tor/tor.initd b/community/tor/tor.initd
index 16faa64bc66..99ec8ae853b 100644
--- a/community/tor/tor.initd
+++ b/community/tor/tor.initd
@@ -2,12 +2,14 @@
 
 conffile="/etc/tor/torrc"
 pidfile="/run/tor/tor.pid"
-graceful_timeout=${GRACEFUL_TIMEOUT:-60}
+user="${user:-tor}"
+graceful_timeout="${GRACEFUL_TIMEOUT:-60}"
 
 command="/usr/bin/tor"
 command_args="-f $conffile"
 command_background="yes"
 start_stop_daemon_args="
+	--user $user
 	--chdir /var/lib/tor
 	--env HOME=/var/lib/tor"
 
@@ -43,7 +45,7 @@ checkconfig() {
 
 start_pre() {
 	checkconfig || return 1
-	checkpath -d -m 0755 -o tor "$(dirname "$pidfile")"
+	checkpath -d -m 0755 -o "$user" "$(dirname "$pidfile")"
 }
 
 gracefulstop() {
-- 
cgit v1.2.3