summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorintrigeri <intrigeri@boum.org>2018-03-22 08:27:09 +0000
committerintrigeri <intrigeri@boum.org>2018-03-22 08:27:09 +0000
commit7d8f7feb612368d008d420606dd2473f44d416ab (patch)
tree6af567ddd8e170d8706d1bf381585616ba9798c5
parent649eeafd34ed99b808ee7e4aa641a2a355711910 (diff)
Add comments to explain why we're doing that (refs: #15424)bug/15424-check-if-tor-uid-changed
-rwxr-xr-xconfig/chroot_local-hooks/04-change-gids-and-uids10
1 files changed, 8 insertions, 2 deletions
diff --git a/config/chroot_local-hooks/04-change-gids-and-uids b/config/chroot_local-hooks/04-change-gids-and-uids
index f6fde39..32719e2 100755
--- a/config/chroot_local-hooks/04-change-gids-and-uids
+++ b/config/chroot_local-hooks/04-change-gids-and-uids
@@ -2,10 +2,11 @@
set -e
-# Free the fixed GIDs and UIDs we're using.
-
echo "Change GIDs and UIDs"
+### Free fixed UID/GID we want to give users and groups that when we create
+### them in later hooks.
+
TPS_GROUP_STEALER=$(getent group 122 | awk -F ':' '{print $1}')
if [ -n "$TPS_GROUP_STEALER" ]; then
groupmod --gid 150 "$TPS_GROUP_STEALER"
@@ -18,6 +19,11 @@ if [ -n "$TPS_USER_STEALER" ]; then
find / -wholename /proc -prune -o \( \! -type l -a -uid 115 -exec chown 150 '{}' \; \)
fi
+### Set fixed UID/GID for the debian-tor user and group, that were already
+### created at package installation time: if their UID/GID changes accross
+### releases, due to an aufs bug Tor won't start after an automated upgrade
+### (see #15419 for details).
+
TOR_NEW_GID=114
TOR_OLD_GID=$(getent passwd debian-tor | awk -F ':' '{print $4}')