commit 0a58a28b3456aa761c2c7693fa72ba3b87b5d98a Author: Damian Johnson atagar@torproject.org Date: Sun May 17 14:07:07 2015 -0700
Drop advise that we run as tor's user
This is something Roger has long advised against...
https://trac.torproject.org/projects/tor/ticket/10702
I don't recall what in particular we needed to run as the tor user for, so plan is to drop this advise. If anything breaks we'll cross that bridge when we come to it. --- nyx/config/strings.cfg | 2 +- nyx/starter.py | 7 ++----- 2 files changed, 3 insertions(+), 6 deletions(-)
diff --git a/nyx/config/strings.cfg b/nyx/config/strings.cfg index 7660bfb..9cd217f 100644 --- a/nyx/config/strings.cfg +++ b/nyx/config/strings.cfg @@ -26,7 +26,7 @@ msg.panel.header.fd_used_at_sixty_percent Tor's file descriptor usage is at {per msg.panel.header.fd_used_at_ninety_percent Tor's file descriptor usage is at {percentage}%. If you run out Tor will be unable to continue functioning. msg.panel.log.read_from_log_file Read {count} entries from tor's log file: {path} (read limit: {read_limit}, runtime: {runtime})
-msg.setup.nyx_is_running_as_root Nyx is currently running with root permissions. This isn't a good idea, nor should it be necessary. Try starting nyx with "sudo -u {tor_user} nyx" instead. +msg.setup.nyx_is_running_as_root Nyx is currently running with root permissions. This isn't a good idea, nor should it be necessary. msg.setup.chroot_doesnt_exist The chroot path set in your config ({path}) doesn't exist. msg.setup.set_freebsd_chroot Adjusting paths to account for Tor running in a FreeBSD jail at: {path} msg.setup.tor_is_running_as_root Tor is currently running with root permissions. This isn't a good idea, nor should it be necessary. See the 'User UID' option on Tor's man page for an easy method of reducing its permissions after startup. diff --git a/nyx/starter.py b/nyx/starter.py index 3b56742..87937ed 100644 --- a/nyx/starter.py +++ b/nyx/starter.py @@ -174,13 +174,10 @@ def _warn_if_root(controller): Give a notice if tor or nyx are running with root. """
- tor_user = controller.get_user(None) - - if tor_user == 'root': + if controller.get_user(None) == 'root': log.notice('setup.tor_is_running_as_root') elif os.getuid() == 0: - tor_user = tor_user if tor_user else '<tor user>' - log.notice('setup.nyx_is_running_as_root', tor_user = tor_user) + log.notice('setup.nyx_is_running_as_root')
def _warn_if_unable_to_get_pid(controller):