cjdns/cjdns.genconf.patch
2019-05-08 12:10:06 -04:00

37 lines
1.9 KiB
Diff

diff -up ./client/cjdroute2.c.genconf ./client/cjdroute2.c
--- ./client/cjdroute2.c.genconf 2018-04-18 03:35:41.000000000 -0400
+++ ./client/cjdroute2.c 2019-05-04 12:57:06.880045566 -0400
@@ -334,7 +334,7 @@ static int genconf(struct Random* rand,
" // and ETHInterface will be unable to hot-add new interfaces\n"
" // Use { \"setuser\": 0 } to disable.\n"
" // Default: enabled with keepNetAdmin\n"
- " { \"setuser\": \"nobody\", \"keepNetAdmin\": 1 },\n"
+ " { \"setuser\": \"cjdns\", \"keepNetAdmin\": 1 },\n"
"\n"
" // Chroot changes the filesystem root directory which cjdns sees, blocking it\n"
" // from accessing files outside of the chroot sandbox, if the user does not\n"
@@ -346,7 +346,7 @@ static int genconf(struct Random* rand,
}
else {
printf(" // Default: enabled (using \"/var/run\")\n"
- " { \"chroot\": \"/var/run/\" },\n");
+ " { \"chroot\": \"/var/empty/cjdns\" },\n");
}
printf("\n"
" // Nofiles is a deprecated security feature which prevents cjdns from opening\n"
@@ -647,11 +647,12 @@ int main(int argc, char** argv)
char corePipeName[64] = "client-core-";
Random_base32(rand, (uint8_t*)corePipeName+CString_strlen(corePipeName), 31);
String* pipePath = Dict_getStringC(&config, "pipe");
+ String* path = String_CONST(Pipe_PATH);
if (!pipePath) {
- pipePath = String_CONST(Pipe_PATH);
+ pipePath = path;
}
if (!Defined(win32) && access(pipePath->bytes, W_OK)) {
- Except_throw(eh, "Can't have writable permission to pipe directory.");
+ Except_throw(eh, "Pipe directory not writable: [%s]",pipePath->bytes);
}
Assert_ifParanoid(EventBase_eventCount(eventBase) == 0);
struct Pipe* corePipe = Pipe_named(pipePath->bytes, corePipeName, eventBase,