Run torified-updates-proxy-check under user `updatesproxycheck`.

No longer use sudo inside `torified-updates-proxy-check`.
No longer run `torified-updates-proxy-check` as root.

This is to avoid some corner cases with authentication / PAM.

Thanks to @marmarek for the suggestion!

https://phabricator.whonix.org/T1001
parent e52ef06a
......@@ -44,13 +44,13 @@ fi
qubes_torified_updates_proxy_wait_counter=0
while true; do
## Determine if torified Qubes updates proxy was detected.
if [ -e "/run/qubes-service/whonix-secure-proxy" ]; then
if [ -e "/run/updatesproxycheck/whonix-secure-proxy" ]; then
## Torified Qubes updates proxy was detected.
## Therefore exit from this torified Qubes updates proxy waiting loop.
break
fi
if [ -e /run/qubes-service/whonix-secure-proxy-check-done ]; then
if [ -e /run/updatesproxycheck/whonix-secure-proxy-check-done ]; then
## Skip waiting if torified Qubes updates proxy test is already done.
qubes_torified_updates_proxy_not_detected
fi
......@@ -76,9 +76,9 @@ done
##
## This configuration snippets configures [[#uwt|uwt]] to wait before running
## <code>apt</code> until status file
## <code>/run/qubes-service/whonix-secure-proxy</code> or
## <code>/run/updatesproxycheck/whonix-secure-proxy</code> or
## status file
## <code>/run/qubes-service/whonix-secure-proxy-check-done</code>
## <code>/run/updatesproxycheck/whonix-secure-proxy-check-done</code>
## exists. It will timeout after <code>120</code> seconds.
##
## This is to determine if torified Qubes updates proxy was detected.
......
......@@ -2,7 +2,7 @@
## License: GPL-2+
## When running in a TemplateVM,
## creates /run/qubes-service/whonix-secure-proxy if tinyproxy's http
## creates /run/updatesproxycheck/whonix-secure-proxy if tinyproxy's http
## header contains 'tor'.
[Unit]
......@@ -22,6 +22,7 @@ Wants=network-online.target
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/lib/qubes-whonix/init/torified-updates-proxy-check
User=updatesproxycheck
TimeoutStartSec=120
[Install]
......
......@@ -29,6 +29,15 @@ if [ ! "$qubes_vm_type" = "TemplateVM" ]; then
exit 0
fi
who_ami="$(whoami)"
if [ ! "$who_ami" = "updatesproxycheck" ]; then
true "$0: ERROR: This script is expected to be run under user updatesproxycheck by
/lib/systemd/system/qubes-whonix-torified-updates-proxy-check.service
Instead this script is running under user '$who_ami'." >&2
exit 1
fi
signal_sigterm() {
exit 143
}
......@@ -36,25 +45,25 @@ signal_sigterm() {
trap "signal_sigterm" SIGTERM
exithandler() {
touch /run/qubes-service/whonix-secure-proxy-check-done
touch /run/updatesproxycheck/whonix-secure-proxy-check-done
}
trap "exithandler" EXIT
if [ -e /run/qubes-service/whonix-secure-proxy ]; then
if [ -e /run/updatesproxycheck/whonix-secure-proxy ]; then
exit 0
fi
rm -f /run/qubes-service/whonix-secure-proxy-check-done
rm -f /run/updatesproxycheck/whonix-secure-proxy-check-done
source /usr/lib/qubes-whonix/utility_functions.sh
## Since curl does not timeout, handling timeout is left to the systemd unit.
while true; do
## Check if a secure Tor update server is available
if curl_output="$(sudo -u updatesproxycheck UWT_DEV_PASSTHROUGH="1" curl --silent "${PROXY_SERVER}")" ; then
if curl_output="$(UWT_DEV_PASSTHROUGH="1" curl --silent "${PROXY_SERVER}")" ; then
if echo "$curl_output" | grep -q "${PROXY_META}" ; then
touch /run/qubes-service/whonix-secure-proxy
touch /run/updatesproxycheck/whonix-secure-proxy
fi
break
fi
......
......@@ -33,14 +33,14 @@ if [ "$qubes_vm_type" = "TemplateVM" ]; then
timeout_seconds=120
for (( i=1 ; i<=$timeout_seconds ; i++)); do
if [ -e '/run/qubes-service/whonix-secure-proxy' ]; then
if [ -e '/run/updatesproxycheck/whonix-secure-proxy' ]; then
break
fi
sleep 1 &
wait "$!"
done
if [ ! -e '/run/qubes-service/whonix-secure-proxy' ]; then
if [ ! -e '/run/updatesproxycheck/whonix-secure-proxy' ]; then
# Display warning that TemplateVM is not connected to a Tor update proxy.
/usr/lib/qubes-whonix/alert update /usr/lib/qubes-whonix/messages.yaml
fi
......
## Copyright (C) 2020 - 2020 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>
## See the file COPYING for copying conditions.
d /run/updatesproxycheck 0755 updatesproxycheck updatesproxycheck
f /run/updatesproxycheck/status 0644 updatesproxycheck updatesproxycheck
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment