Run torified-updates-proxy-check under user `updatesproxycheck`.

No longer use sudo inside `torified-updates-proxy-check`.
No longer run `torified-updates-proxy-check` as root.

This is to avoid some corner cases with authentication / PAM.

Thanks to @marmarek for the suggestion!

https://phabricator.whonix.org/T1001

etc/uwt.d/40_qubes.conf

@@ -44,13 +44,13 @@ fi
 qubes_torified_updates_proxy_wait_counter=0
 while true; do
    ## Determine if torified Qubes updates proxy was detected.
-   if [ -e "/run/qubes-service/whonix-secure-proxy" ]; then
+   if [ -e "/run/updatesproxycheck/whonix-secure-proxy" ]; then
       ## Torified Qubes updates proxy was detected.
       ## Therefore exit from this torified Qubes updates proxy waiting loop.
       break
    fi
 
-   if [ -e /run/qubes-service/whonix-secure-proxy-check-done ]; then
+   if [ -e /run/updatesproxycheck/whonix-secure-proxy-check-done ]; then
       ## Skip waiting if torified Qubes updates proxy test is already done.
       qubes_torified_updates_proxy_not_detected
    fi
@@ -76,9 +76,9 @@ done
 ##
 ## This configuration snippets configures [[#uwt|uwt]] to wait before running
 ## <code>apt</code> until status file
-## <code>/run/qubes-service/whonix-secure-proxy</code> or
+## <code>/run/updatesproxycheck/whonix-secure-proxy</code> or
 ## status file
-## <code>/run/qubes-service/whonix-secure-proxy-check-done</code>
+## <code>/run/updatesproxycheck/whonix-secure-proxy-check-done</code>
 ## exists. It will timeout after <code>120</code> seconds.
 ##
 ## This is to determine if torified Qubes updates proxy was detected.

lib/systemd/system/qubes-whonix-torified-updates-proxy-check.service

@@ -2,7 +2,7 @@
 ## License: GPL-2+
 
 ## When running in a TemplateVM,
-## creates /run/qubes-service/whonix-secure-proxy if tinyproxy's http
+## creates /run/updatesproxycheck/whonix-secure-proxy if tinyproxy's http
 ## header contains 'tor'.
 
 [Unit]
@@ -22,6 +22,7 @@ Wants=network-online.target
 Type=oneshot
 RemainAfterExit=yes
 ExecStart=/usr/lib/qubes-whonix/init/torified-updates-proxy-check
+User=updatesproxycheck
 TimeoutStartSec=120
 
 [Install]

usr/lib/qubes-whonix/init/torified-updates-proxy-check

@@ -29,6 +29,15 @@ if [ ! "$qubes_vm_type" = "TemplateVM" ]; then
    exit 0
 fi
 
+who_ami="$(whoami)"
+
+if [ ! "$who_ami" = "updatesproxycheck" ]; then
+   true "$0: ERROR: This script is expected to be run under user updatesproxycheck by
+/lib/systemd/system/qubes-whonix-torified-updates-proxy-check.service
+Instead this script is running under user '$who_ami'." >&2
+   exit 1
+fi
+
 signal_sigterm() {
    exit 143
 }
@@ -36,25 +45,25 @@ signal_sigterm() {
 trap "signal_sigterm" SIGTERM
 
 exithandler() {
-   touch /run/qubes-service/whonix-secure-proxy-check-done
+   touch /run/updatesproxycheck/whonix-secure-proxy-check-done
 }
 
 trap "exithandler" EXIT
 
-if [ -e /run/qubes-service/whonix-secure-proxy ]; then
+if [ -e /run/updatesproxycheck/whonix-secure-proxy ]; then
    exit 0
 fi
 
-rm -f /run/qubes-service/whonix-secure-proxy-check-done
+rm -f /run/updatesproxycheck/whonix-secure-proxy-check-done
 
 source /usr/lib/qubes-whonix/utility_functions.sh
 
 ## Since curl does not timeout, handling timeout is left to the systemd unit.
 while true; do
    ## Check if a secure Tor update server is available
-   if curl_output="$(sudo -u updatesproxycheck UWT_DEV_PASSTHROUGH="1" curl --silent "${PROXY_SERVER}")" ; then
+   if curl_output="$(UWT_DEV_PASSTHROUGH="1" curl --silent "${PROXY_SERVER}")" ; then
       if echo "$curl_output" | grep -q "${PROXY_META}" ; then
-          touch /run/qubes-service/whonix-secure-proxy
+          touch /run/updatesproxycheck/whonix-secure-proxy
       fi
       break
    fi

usr/lib/qubes-whonix/qubes-whonixsetup

@@ -33,14 +33,14 @@ if [ "$qubes_vm_type" = "TemplateVM" ]; then
    timeout_seconds=120
 
    for (( i=1 ; i<=$timeout_seconds ; i++)); do
-      if [ -e '/run/qubes-service/whonix-secure-proxy' ]; then
+      if [ -e '/run/updatesproxycheck/whonix-secure-proxy' ]; then
          break
       fi
       sleep 1 &
       wait "$!"
    done
 
-    if [ ! -e '/run/qubes-service/whonix-secure-proxy' ]; then
+    if [ ! -e '/run/updatesproxycheck/whonix-secure-proxy' ]; then
          # Display warning that TemplateVM is not connected to a Tor update proxy.
         /usr/lib/qubes-whonix/alert update /usr/lib/qubes-whonix/messages.yaml
     fi

usr/lib/tmpfiles.d/qubes-whonix.conf

+## Copyright (C) 2020 - 2020 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>
+## See the file COPYING for copying conditions.
+
+d /run/updatesproxycheck 0755 updatesproxycheck updatesproxycheck
+f /run/updatesproxycheck/status 0644 updatesproxycheck updatesproxycheck