From 9a0454cea2423fe944375bd8444e8276d420ed1f Mon Sep 17 00:00:00 2001
From: "peter.mueller@ipfire.org" <peter.mueller@ipfire.org>
Date: Sat, 7 Sep 2019 17:52:00 +0000
Subject: [PATCH] Tor: fix permission of /var/ipfire/tor/settings
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The settings file must be writeable for group "nobody" so
users can change their Tor settings via WebUI. Since other
files in /var/ipfire/tor/ does not need this workaround, only
the settings file permissions are changed.

Sorry for the late fix; this was reported by various people
in the forum, too (I was unaware of so many Tor users in our
community).

Fixes #12117

Reported-by: Erik Kapfer <erik.kapfer@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
---
 lfs/tor                 | 2 +-
 src/paks/tor/install.sh | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/lfs/tor b/lfs/tor
index d918910d4..1e234e0ab 100644
--- a/lfs/tor
+++ b/lfs/tor
@@ -32,7 +32,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = tor
-PAK_VER    = 40
+PAK_VER    = 41
 
 DEPS       = "libseccomp"
 
diff --git a/src/paks/tor/install.sh b/src/paks/tor/install.sh
index 1659871b6..4d0353155 100644
--- a/src/paks/tor/install.sh
+++ b/src/paks/tor/install.sh
@@ -38,4 +38,8 @@ restore_backup ${NAME}
 # Adjust some folder permission for new UID/GID
 chown -R tor:tor /var/lib/tor /var/ipfire/tor
 
+# Tor settings file needs to be writeable by nobody group for WebUI
+chown tor:nobody /var/ipfire/tor/settings
+chmod 664 /var/ipfire/tor/settings
+
 start_service --background ${NAME}