cjdroute can drop privileges itself, so removing the custom user code

This commit is contained in:
Jack L. Frost 2013-12-24 19:13:49 +04:00
parent a589260459
commit 6c075e4169

View File

@ -4,24 +4,13 @@ unset reload
service_username='cjdns' service_username='cjdns'
service_command='/usr/local/sbin/cjdroute' service_command='/usr/local/sbin/cjdroute'
service_args='< /etc/cjdns/cjdroute.conf'
cjdroute_tun_interface='cjd0' cjdroute_config='/etc/cjdroute.conf'
cjdroute_ipv6_addr='fca7:8aef:6571:63c5:b23c:2fbc:8dea:e207/8' cjdroute_tun_interface='cjdns0'
cjdroute_listen_port='11270' cjdroute_listen_port=''
service_pid=`lsof -i :"$cjdroute_listen_port" | tail -1 | cut -d ' ' -f 2` service_pid=`lsof -i :"$cjdroute_listen_port" | tail -1 | cut -d ' ' -f 2`
cjdroute.create_tun() {
ip tuntap add mode tun user "$service_username" group "$service_username" "$cjdroute_tun_interface"
ip a add "$cjdroute_ipv6_addr" dev "$cjdroute_tun_interface"
ip link set "$cjdroute_tun_interface" up
}
cjdroute.destroy_tun() {
ip tuntap del mode tun "$cjdroute_tun_interface"
}
cjdroute.check_tun_module() { cjdroute.check_tun_module() {
[[ -e '/dev/net/tun' ]] || { [[ -e '/dev/net/tun' ]] || {
modprobe tun || { modprobe tun || {
@ -33,16 +22,5 @@ cjdroute.check_tun_module() {
start() { start() {
cjdroute.check_tun_module || { return 1; } cjdroute.check_tun_module || { return 1; }
"$service_command" < "$cjdroute_config"
[[ "$service_username" ]] && {
cjdroute.create_tun || { return 1; }
}
watchman.start
}
stop() {
watchman.stop
[[ "$service_username" ]] && { cjdroute.destroy_tun; }
} }