fix: proper Tor user and directory permissions
- Add User tor to torrc for privilege dropping - chown /var/lib/tor to tor:nogroup before Tor starts - chmod 755 on hostname directories so root can read them - Remove invalid chown tor:tor (tor group doesn't exist in Alpine)
This commit is contained in:
@@ -31,11 +31,9 @@ if [ "$SSH_HOST_IP" = "host.docker.internal" ]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
mkdir -p /var/lib/tor/ssh /var/lib/tor/admin
|
mkdir -p /var/lib/tor/ssh /var/lib/tor/admin
|
||||||
chmod 700 /var/lib/tor/ssh /var/lib/tor/admin
|
chown -R tor:nogroup /var/lib/tor
|
||||||
|
chmod 700 /var/lib/tor
|
||||||
if id tor >/dev/null 2>&1; then
|
chmod 755 /var/lib/tor/ssh /var/lib/tor/admin
|
||||||
chown -R tor:tor /var/lib/tor
|
|
||||||
fi
|
|
||||||
|
|
||||||
cat > /etc/tor/torrc <<EOF
|
cat > /etc/tor/torrc <<EOF
|
||||||
# Generated by entrypoint.sh at container start
|
# Generated by entrypoint.sh at container start
|
||||||
@@ -59,10 +57,6 @@ cat /etc/tor/torrc
|
|||||||
|
|
||||||
mkdir -p /onion-hosts
|
mkdir -p /onion-hosts
|
||||||
|
|
||||||
if id tor >/dev/null 2>&1; then
|
|
||||||
chown -R tor:tor /onion-hosts
|
|
||||||
fi
|
|
||||||
|
|
||||||
( \
|
( \
|
||||||
echo "Waiting for onion addresses..."; \
|
echo "Waiting for onion addresses..."; \
|
||||||
for i in $(seq 1 120); do \
|
for i in $(seq 1 120); do \
|
||||||
|
|||||||
Reference in New Issue
Block a user