Made possible to run the daemon under its own user

other/bootstrap_daemon/README.md

@@ -1,62 +1,72 @@
 ##Instructions for Debian
 
-The following commands are to be executed as root:
+For security reasons we run the daemon under its own user.
-
+Create a new user by executing the following:
-1. In `tox-bootstrapd.sh` file change:
+```sh
-  - `CFG` to where your config file (`conf`) will be; read rights required
+sudo useradd --system --shell /sbin/nologin --comment "Account to run Tox's DHT bootstrap daemon" --user-group tox-bootstrapd
-  - `DAEMON` to point to the executable
-  - `PIDFILE` to point to a pid file daemon would have rights to create
-
-2. Go over everything in `conf`. Make sure `pid_file_path` matches `PIDFILE` from `tox-bootstrapd.sh`
-
-3. Execute: 
-```
-mv tox-bootstrapd.sh /etc/init.d/tox-bootstrapd
-```
-*(note that we removed `.sh` ending)*
-
-4. Give the right permissions to this file: 
-```
-chmod 755 /etc/init.d/tox-bootstrapd
 ```
 
-5. Execute: 
+Create a directory where the daemon will store its keys:
-```
+```sh
-update-rc.d tox-bootstrapd defaults
+sudo mkdir /var/lib/tox-bootstrapd/
 ```
 
-6. Start the service: 
+Restrain other users from accessing the directory:
-```
+```sh
-service tox-bootstrapd start
+sudo chown tox-bootstrapd:tox-bootstrapd /var/lib/tox-bootstrapd/
+sudo chmod 700 /var/lib/tox-bootstrapd/
 ```
 
-7. Verify that the service is running: 
+Look at the variable declarations in the beginning of `tox-bootstrapd.sh` init script to see if you need to change anything for it to work for you. The default values must be fine for most users and we assume that you use those next.
-```
+
-service tox-bootstrapd status
+Go over everything in `conf`. Make sure `pid_file_path` matches `PIDFILE` from `tox-bootstrapd.sh`.
+
+Place `conf` file to where `CFGFILE` variable from `tox-bootstrapd` tells. By default it's `/etc/tox-bootstrapd.conf`.
+
+Place `tox-bootstrapd.sh` init file at `/etc/init.d/tox-bootstrapd`.
+
+Set permissions for the init system to run the script:
+```sh
+sudo chmod 755 /etc/init.d/tox-bootstrapd
 ```
 
---
+Make the init system aware of the script:
-
+```sh
-You can see daemon's log with
+sudo update-rc.d tox-bootstrapd defaults
-```
-grep "tox-bootstrapd" /var/log/syslog
 ```
 
-**Note that system log is where you find your public key**
+Start the daemon:
+```sh
+sudo service tox-bootstrapd start
+```
+
+Verify it's running:
+```sh
+sudo service tox-bootstrapd status
+```
+
+Get your public key and check that the daemon initialized correctly:
+```sh
+sudo grep "tox-bootstrapd" /var/log/syslog
+```
 
---
 
 ###Troubleshooting:
 
-1. Check the log for errors with 
+- Check daemon's status:
-```
+```sh
-grep "tox-bootstrapd" /var/log/syslog
+sudo service tox-bootstrapd status
 ```
 
-2. Check that paths in the beginning of `/etc/init.d/tox-bootstrapd` are valid
+- Check the log for errors: 
+```sh
+sudo grep "tox-bootstrapd" /var/log/syslog
+```
 
-3. Make sure that `PIDFILE` from `/etc/init.d/tox-bootstrapd` matches with the `pid_file_path` from `conf`
+- Check that variables in the beginning of `/etc/init.d/tox-bootstrapd` are valid.
 
-4. Make sure you have write permission to keys and pid files
+- Make sure `pid_file_path` in `/etc/tox-bootstrapd.conf` matches `PIDFILE` from  `/etc/init.d/tox-bootstrapd`.
 
-5. Make sure you have read permission for config file
+- Make sure you have write permission for keys and pid files.
+
+- Make sure you have read permission for the config file.

other/bootstrap_daemon/conf

@@ -1,18 +1,17 @@
-// ProjectTox dht bootstrap node daemon configuration file.
+// Tox DHT bootstrap daemon configuration file.
 
 // Listening port.
 port = 33445
 
 // A key file is like a password, so keep it where no one can read it.
+// If there is no key file, a new one will be generated.
 // The daemon should have permission to read/write to it.
-// Remember to replace the provided example with your own path.
+keys_file_path = "/var/lib/tox-bootstrapd/keys"
-keys_file_path = "/home/tom/.tox-bootstrapd/.tox-bootstrapd.keys"
 
 // The PID file written to by daemon.
 // Make sure that the user who runs the daemon has permissions to write to the
 // PID file.
-// Remember to replace the provided example with your own path.
+pid_file_path = "/var/run/tox-bootstrapd/tox-bootstrapd.pid"
-pid_file_path = "/home/tom/.tox-bootstrapd/.tox-bootstrapd.pid"
 
 // Enable IPv6.
 enable_ipv6 = false
@@ -32,16 +31,17 @@ enable_motd = true
 
 motd = "tox-bootstrapd"
 
-// Any number of nodes the daemon will bootstrap itself from.
+// Any number of nodes the daemon will bootstrap itself off.
 // Remember to replace the provided example with your own node list.
-// There is a maintained list of bootstrap nodes on Tox's wiki, if you need it.
+// There is a maintained list of bootstrap nodes on Tox's wiki, if you need it
+// (http://wiki.tox.im/Nodes).
 // You may leave the list empty or remove "bootstrap_nodes" complitely,
 // in both cases this will be interpreted as if you don't want to bootstrap
 // from anyone.
 bootstrap_nodes = (
   { // Node 1
-    // Any ipv4 or ipv6, depending on whether `enable_ipv6` is set or not, and
+    // Any ipv4 or ipv6, depending on whether `enable_ipv6` is set or not,
-    // also any US-ASCII domain name.
+    // and also any US-ASCII domain name.
     address = "198.46.136.167"
     port = 33445
     public_key = "728925473812C7AAC482BE7250BCCAD0B8CB9F737BF3D42ABD34459C1768F854"

other/bootstrap_daemon/tox-bootstrapd.sh

@@ -13,19 +13,17 @@
 PATH=/sbin:/usr/sbin:/bin:/usr/bin
 DESC="Tox DHT bootstrap daemon"
 NAME=tox-bootstrapd
-# You may want to change USER if you are using it anywhere else
+DAEMON=/usr/local/bin/$NAME
-USER=tom
+CFGFILE=/etc/$NAME.conf
-CFG=/home/$USER/.$NAME/conf
+DAEMON_ARGS="$CFGFILE"
-DAEMON=/home/$USER/.$NAME/$NAME
+PIDDIR=/var/run/$NAME
-DAEMON_ARGS="$CFG"
+PIDFILE=$PIDDIR/$NAME.pid
-PIDFILE=/home/$USER/.$NAME/."$NAME".pid
 SCRIPTNAME=/etc/init.d/$NAME
+USER=tox-bootstrapd
+GROUP=tox-bootstrapd
 
 # Exit if the package is not installed
-[ -x "$DAEMON" ] || exit 0
+[ -x "$DAEMON" ] || exit 5
-
-# Read configuration variable file if it is present
-#[ -r /etc/default/$NAME ] && . /etc/default/$NAME
 
 # Load the VERBOSE setting and other rcS variables
 . /lib/init/vars.sh
@@ -40,12 +38,17 @@ SCRIPTNAME=/etc/init.d/$NAME
 #
 do_start()
 {
-	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
+	# Return
-		|| return 1
+	#   0 if daemon has been started
-	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+	#   1 if daemon was already running
-		$DAEMON_ARGS \
+	#   2 if daemon could not be started
-		|| return 2
+	if [ ! -d $PIDDIR ]
-	sleep 1
+	then
+		mkdir $PIDDIR
+	fi
+	chown $USER:$GROUP $PIDDIR
+	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test --chuid $USER > /dev/null || return 1
+	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --chuid $USER -- $DAEMON_ARGS || return 2
 }
 
 #
@@ -53,11 +56,16 @@ do_start()
 #
 do_stop()
 {
-	start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --exec $DAEMON
+	# Return
+	#   0 if daemon has been stopped
+	#   1 if daemon was already stopped
+	#   2 if daemon could not be stopped
+	#   other if a failure occurred
+	start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME --chuid $USER
 	RETVAL="$?"
 	[ "$RETVAL" = 2 ] && return 2
 
-	start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
+	start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON --chuid $USER
 	[ "$?" = 2 ] && return 2
 	# Many daemons don't delete their pidfiles when they exit.
 	rm -f $PIDFILE
@@ -85,7 +93,7 @@ case "$1" in
 	status_of_proc -p $PIDFILE "$DAEMON" "$NAME" && exit 0 || exit $?
 	;;
 
-  restart) #|force-reload)
+  restart)
 	log_daemon_msg "Restarting $DESC" "$NAME"
 	do_stop
 	case "$?" in