From 54521d35d239c2e62d42e9c77690b9d1bc94f7db Mon Sep 17 00:00:00 2001
From: Ivan Alejandro <ivanalejandro0@gmail.com>
Date: Wed, 7 Jan 2015 18:49:26 -0300
Subject: Support for 'nobody' (used on Arch) group name.

---
 pkg/linux/bitmask-root | 30 +++++++++++++++++++++++++++---
 1 file changed, 27 insertions(+), 3 deletions(-)

(limited to 'pkg')

diff --git a/pkg/linux/bitmask-root b/pkg/linux/bitmask-root
index 622a0b8a..6fb1f0b3 100755
--- a/pkg/linux/bitmask-root
+++ b/pkg/linux/bitmask-root
@@ -51,7 +51,29 @@ cmdcheck = subprocess.check_output
 # CONSTANTS
 #
 
-VERSION = "4"
+
+def get_no_group_name():
+    """
+    Return the right group name to use for the current OS.
+    Examples:
+        - Ubuntu: nogroup
+        - Arch: nobody
+
+    :rtype: str or None
+    """
+    import grp
+    try:
+        grp.getgrnam('nobody')
+        return 'nobody'
+    except KeyError:
+        try:
+            grp.getgrnam('nogroup')
+            return 'nogroup'
+        except KeyError:
+            return None
+
+
+VERSION = "5"
 SCRIPT = "bitmask-root"
 NAMESERVER = "10.42.0.1"
 BITMASK_CHAIN = "bitmask"
@@ -68,7 +90,7 @@ IPTABLES = "/sbin/iptables"
 IP6TABLES = "/sbin/ip6tables"
 
 OPENVPN_USER = "nobody"
-OPENVPN_GROUP = "nogroup"
+OPENVPN_GROUP = get_no_group_name()
 LEAPOPENVPN = "LEAPOPENVPN"
 OPENVPN_SYSTEM_BIN = "/usr/sbin/openvpn"  # Debian location
 OPENVPN_LEAP_BIN = "/usr/local/sbin/leap-openvpn"  # installed by bundle
@@ -83,10 +105,12 @@ FIXED_FLAGS = [
     "--management-signal",
     "--script-security", "1",
     "--user", "nobody",
-    "--group", "nogroup",
     "--remap-usr1", "SIGTERM",
 ]
 
+if OPENVPN_GROUP is not None:
+    FIXED_FLAGS.extend(["--group", OPENVPN_GROUP])
+
 ALLOWED_FLAGS = {
     "--remote": ["IP", "NUMBER", "PROTO"],
     "--tls-cipher": ["CIPHER"],
-- 
cgit v1.2.3


From 6941519e60fcd071b2a3370a188a393de6717c91 Mon Sep 17 00:00:00 2001
From: Ivan Alejandro <ivanalejandro0@gmail.com>
Date: Wed, 14 Jan 2015 15:24:50 -0300
Subject: Pin/unpin dependencies.

Unpin python-dateutil since is no longer a problem.
Pin python-daemon since latest version (2.0.3 as today) fails to get
installed wich causes problems with the bundle and the bootstrapper
script.
---
 pkg/requirements.pip | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

(limited to 'pkg')

diff --git a/pkg/requirements.pip b/pkg/requirements.pip
index 8ce1793e..37cc18a3 100644
--- a/pkg/requirements.pip
+++ b/pkg/requirements.pip
@@ -10,15 +10,14 @@ requests>=1.1.0
 srp>=1.0.2
 pyopenssl
 
-# This won't be needed after we refactor leap.common.events
-# to use zmq.
-python-dateutil==1.4  # See  https://leap.se/code/issues/6099
+# This won't be needed after we refactor leap.common.events to use zmq.
+python-dateutil
 
 psutil
 
 ipaddr
 twisted
-python-daemon # this should not be needed for Windows.
+python-daemon==1.6.1 # this should not be needed for Windows.
 keyring
 zope.proxy
 
-- 
cgit v1.2.3