drygdryg/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2024-11-26 20:20:53 +03:00
Code Issues Packages Projects Releases Wiki Activity

init.d: sysv extreme passwd survival

Browse Source
This commit is contained in:
bol-van 2021-11-06 22:11:29 +03:00
parent 9df16b8578
commit cc6d8d9636
1 changed files with 18 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
init.d/sysv/functions
View File

@ -52,19 +52,33 @@ prepare_user()
# also its good idea not to run tpws as root # also its good idea not to run tpws as root
user_exists $WS_USER || { user_exists $WS_USER || {
# fallback to daemon if we cant add WS_USER # fallback to daemon if we cant add WS_USER
useradd_compat $WS_USER || WS_USER=daemon useradd_compat $WS_USER || {
for user in daemon nobody; do
user_exists $user && {
WS_USER=$user
return 0
}
done
return 1
}
} }
} }
# this complex user selection allows to survive in any locked/readonly/minimalistic environment
[ -n "$WS_USER" ] || WS_USER=tpws [ -n "$WS_USER" ] || WS_USER=tpws
prepare_user if prepare_user; then
USEROPT="--user=$WS_USER"
else
WS_USER=1
USEROPT="--uid $WS_USER:$WS_USER"
fi
PIDDIR=/var/run PIDDIR=/var/run
IPSET_CR="$ZAPRET_BASE/ipset/create_ipset.sh" IPSET_CR="$ZAPRET_BASE/ipset/create_ipset.sh"
[ -n "$QNUM" ] || QNUM=200 [ -n "$QNUM" ] || QNUM=200
[ -n "$NFQWS" ] || NFQWS="$ZAPRET_BASE/nfq/nfqws" [ -n "$NFQWS" ] || NFQWS="$ZAPRET_BASE/nfq/nfqws"
NFQWS_OPT_BASE="--user=$WS_USER --dpi-desync-fwmark=$DESYNC_MARK" NFQWS_OPT_BASE="$USEROPT --dpi-desync-fwmark=$DESYNC_MARK"
NFQWS_OPT_DESYNC_HTTP="${NFQWS_OPT_DESYNC_HTTP:-$NFQWS_OPT_DESYNC}" NFQWS_OPT_DESYNC_HTTP="${NFQWS_OPT_DESYNC_HTTP:-$NFQWS_OPT_DESYNC}"
NFQWS_OPT_DESYNC_HTTPS="${NFQWS_OPT_DESYNC_HTTPS:-$NFQWS_OPT_DESYNC}" NFQWS_OPT_DESYNC_HTTPS="${NFQWS_OPT_DESYNC_HTTPS:-$NFQWS_OPT_DESYNC}"
@ -75,7 +89,7 @@ HOSTLIST="$ZAPRET_BASE/ipset/zapret-hosts.txt.gz"
[ -f "$HOSTLIST" ] || HOSTLIST="$ZAPRET_BASE/ipset/zapret-hosts.txt" [ -f "$HOSTLIST" ] || HOSTLIST="$ZAPRET_BASE/ipset/zapret-hosts.txt"
[ -f "$HOSTLIST" ] || HOSTLIST="$ZAPRET_BASE/ipset/zapret-hosts-user.txt" [ -f "$HOSTLIST" ] || HOSTLIST="$ZAPRET_BASE/ipset/zapret-hosts-user.txt"
TPWS_OPT_BASE="--user=$WS_USER" TPWS_OPT_BASE="$USEROPT"
TPWS_OPT_BASE4="--bind-addr=$TPWS_LOCALHOST4" TPWS_OPT_BASE4="--bind-addr=$TPWS_LOCALHOST4"
TPWS_OPT_BASE6="--bind-addr=::1" TPWS_OPT_BASE6="--bind-addr=::1"
TPWS_WAIT="--bind-wait-ifup=30 --bind-wait-ip=30" TPWS_WAIT="--bind-wait-ifup=30 --bind-wait-ip=30"