diff options
| author | Michał Zieliński <michal@zielinscy.org.pl> | 2016-10-16 13:35:29 +0200 |
|---|---|---|
| committer | Michał Zieliński <michal@zielinscy.org.pl> | 2016-10-16 13:53:44 +0200 |
| commit | 344a25c133ab8195d8b16bb922c951ca6d604057 (patch) | |
| tree | 36cc0e148f41111ddc805cb62e468719392b6f5f /debian | |
| parent | 88e3fe699c685f74d3cc568a50967859fa15db5b (diff) | |
| download | infinitytier-344a25c133ab8195d8b16bb922c951ca6d604057.tar.gz infinitytier-344a25c133ab8195d8b16bb922c951ca6d604057.zip | |
Run as nonroot user on Linux (with CAP_NET_ADMIN and CAP_NET_RAW added).
- ZT will only drop root privileges if zerotier-one user exists. It is created by
Debian postinst script - in other cases the user has to be created by administrator.
- Linux >=4.3 with ambient capabilities is required, otherwise ZT will silently
- "-U" option now also disables privileges dropping
Diffstat (limited to 'debian')
| -rw-r--r-- | debian/postinst | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/debian/postinst b/debian/postinst new file mode 100644 index 00000000..ecd148a4 --- /dev/null +++ b/debian/postinst @@ -0,0 +1,9 @@ +#!/bin/sh -e + +case "$1" in + configure) + adduser --system --group --home /var/lib/zerotier-one --no-create-home zerotier-one + ;; +esac + +#DEBHELPER# |