config/chroot_local-hooks/99-permissions

   1 #!/bin/sh
   2
   3 set -e
   4
   5 echo "Setting correct file permissions"
   6
   7 chmod 00440 /etc/sudoers.d/*
   8
   9 # NetworkManager requires these permissions
  10 chmod 00600 /etc/NetworkManager/system-connections/*
  11
  12 # For persistent Tor settings via Tor Launcher, the debian-tor user
  13 # must be able to write into `/etc/tor`.
  14 chown -R debian-tor:debian-tor /etc/tor
  15
  16 # Otherwise, such files may be copied to /home/amnesia, and in turn
  17 # to the persistent volume, with unsafe permissions. That's no big deal
  18 # in /home/amnesia (that is itself not world-readable), *but* the root
  19 # of the persistent volume has to be world-readable.
  20 chmod -R go= /etc/skel/* /etc/skel/.[a-z]*