Date: Wed, 4 Dec 2013 00:37:56 GMT From: Yuri <yuri@rawbw.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/184483: port security/arm: change user/group of 'arm' to _tor:_tor Message-ID: <201312040037.rB40bu2B057954@oldred.freebsd.org> Resent-Message-ID: <201312040040.rB40e0Lw060073@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 184483
>Category: ports
>Synopsis: port security/arm: change user/group of 'arm' to _tor:_tor
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Wed Dec 04 00:40:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Yuri
>Release: 9.2
>Organization:
n/a
>Environment:
>Description:
There are messages in the log complaining:
16:15:38 [ARM_NOTICE] Arm is currently running with root permissions. This is not a good idea, and will still work perfectly well if it's run
with the same user as Tor (ie, starting with "sudo -u _tor arm").
This patch fixes this.
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
--- security/arm/Makefile (revision 335545)
+++ security/arm/Makefile (working copy)
@@ -37,6 +37,8 @@
.if ${PORT_OPTIONS:MTOR}
RUN_DEPENDS+= lsof:${PORTSDIR}/sysutils/lsof \
tor:${PORTSDIR}/security/tor
+post-install:
+ ${CHOWN} _tor:_tor /usr/local/bin/arm
.endif
.include <bsd.port.pre.mk>
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201312040037.rB40bu2B057954>