From 344a25c133ab8195d8b16bb922c951ca6d604057 Mon Sep 17 00:00:00 2001
From: Michał Zieliński <michal@zielinscy.org.pl>
Date: Sun, 16 Oct 2016 13:35:29 +0200
Subject: Run as nonroot user on Linux (with CAP_NET_ADMIN and CAP_NET_RAW
 added).

- ZT will only drop root privileges if zerotier-one user exists. It is created by
Debian postinst script - in other cases the user has to be created by administrator.
- Linux >=4.3 with ambient capabilities is required, otherwise ZT will silently
- "-U" option now also disables privileges dropping
---
 debian/postinst | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 debian/postinst

(limited to 'debian')

diff --git a/debian/postinst b/debian/postinst
new file mode 100644
index 00000000..ecd148a4
--- /dev/null
+++ b/debian/postinst
@@ -0,0 +1,9 @@
+#!/bin/sh -e
+
+case "$1" in
+  configure)
+      adduser --system --group --home /var/lib/zerotier-one --no-create-home zerotier-one
+      ;;
+esac
+
+#DEBHELPER#
-- 
cgit v1.2.3