From 54521d35d239c2e62d42e9c77690b9d1bc94f7db Mon Sep 17 00:00:00 2001
From: Ivan Alejandro <ivanalejandro0@gmail.com>
Date: Wed, 7 Jan 2015 18:49:26 -0300
Subject: [PATCH] Support for 'nobody' (used on Arch) group name.
---
changes/feature_support-arch-nobody | 1 +
pkg/linux/bitmask-root | 30 ++++++++++++++++++++++++++---
2 files changed, 28 insertions(+), 3 deletions(-)
create mode 100644 changes/feature_support-arch-nobody
diff --git a/changes/feature_support-arch-nobody b/changes/feature_support-arch-nobody
new file mode 100644
index 000000000..6aa587a33
--- /dev/null
+++ b/changes/feature_support-arch-nobody
@@ -0,0 +1 @@
+- Support 'nobody' (used on Arch) as well as 'nogroup' as group names. Related to #6058.
diff --git a/pkg/linux/bitmask-root b/pkg/linux/bitmask-root
index 622a0b8a6..6fb1f0b32 100755
--- a/pkg/linux/bitmask-root
+++ b/pkg/linux/bitmask-root
@@ -51,7 +51,29 @@ cmdcheck = subprocess.check_output
# CONSTANTS
#
-VERSION = "4"
+
+def get_no_group_name():
+ """
+ Return the right group name to use for the current OS.
+ Examples:
+ - Ubuntu: nogroup
+ - Arch: nobody
+
+ :rtype: str or None
+ """
+ import grp
+ try:
+ grp.getgrnam('nobody')
+ return 'nobody'
+ except KeyError:
+ try:
+ grp.getgrnam('nogroup')
+ return 'nogroup'
+ except KeyError:
+ return None
+
+
+VERSION = "5"
SCRIPT = "bitmask-root"
NAMESERVER = "10.42.0.1"
BITMASK_CHAIN = "bitmask"
@@ -68,7 +90,7 @@ IPTABLES = "/sbin/iptables"
IP6TABLES = "/sbin/ip6tables"
OPENVPN_USER = "nobody"
-OPENVPN_GROUP = "nogroup"
+OPENVPN_GROUP = get_no_group_name()
LEAPOPENVPN = "LEAPOPENVPN"
OPENVPN_SYSTEM_BIN = "/usr/sbin/openvpn" # Debian location
OPENVPN_LEAP_BIN = "/usr/local/sbin/leap-openvpn" # installed by bundle
@@ -83,10 +105,12 @@ FIXED_FLAGS = [
"--management-signal",
"--script-security", "1",
"--user", "nobody",
- "--group", "nogroup",
"--remap-usr1", "SIGTERM",
]
+if OPENVPN_GROUP is not None:
+ FIXED_FLAGS.extend(["--group", OPENVPN_GROUP])
+
ALLOWED_FLAGS = {
"--remote": ["IP", "NUMBER", "PROTO"],
"--tls-cipher": ["CIPHER"],
--
GitLab