mirror of
https://github.com/ZeroTier/ZeroTierOne
synced 2025-08-14 10:37:33 -07:00
Run as nonroot user on Linux (with CAP_NET_ADMIN and CAP_NET_RAW added).
- ZT will only drop root privileges if zerotier-one user exists. It is created by Debian postinst script - in other cases the user has to be created by administrator. - Linux >=4.3 with ambient capabilities is required, otherwise ZT will silently - "-U" option now also disables privileges dropping
This commit is contained in:
Michał Zieliński
parent
88e3fe699c
commit
344a25c133
5 changed files with 197 additions and 3 deletions
9
debian/postinst
vendored
Normal file
9
debian/postinst
vendored
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
case "$1" in
|
||||
configure)
|
||||
adduser --system --group --home /var/lib/zerotier-one --no-create-home zerotier-one
|
||||
;;
|
||||
esac
|
||||
|
||||
#DEBHELPER#
|
||||
Loading…
Add table
Add a link
Reference in a new issue