From 1e7e2d5ed86a7f5a784e897d75a89eb2cf28e2de Mon Sep 17 00:00:00 2001 From: wnlen <544241974@qq.com> Date: Thu, 15 Jan 2026 22:50:05 +0800 Subject: [PATCH] root --- install.sh | 16 ++--------- scripts/install_systemd.sh | 28 ++----------------- start.sh | 55 +++++++++++--------------------------- uninstall.sh | 28 +++---------------- 4 files changed, 22 insertions(+), 105 deletions(-) diff --git a/install.sh b/install.sh index 634dd8a..c187b7d 100755 --- a/install.sh +++ b/install.sh @@ -7,8 +7,8 @@ set -euo pipefail Server_Dir=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd) Install_Dir="${CLASH_INSTALL_DIR:-/opt/clash-for-linux}" Service_Name="clash-for-linux" -Service_User="${CLASH_SERVICE_USER:-clash}" -Service_Group="${CLASH_SERVICE_GROUP:-$Service_User}" +Service_User="root" +Service_Group="root" # ========================= # 彩色输出(统一 printf + 自动降级 + 手动关色) @@ -217,19 +217,7 @@ if [ "${#Port_Conflicts[@]}" -ne 0 ]; then warn "检测到端口冲突: ${Port_Conflicts[*]},运行时将自动分配可用端口" fi -# ========================= -# 创建运行用户/组 -# ========================= -if ! getent group "$Service_Group" >/dev/null 2>&1; then - groupadd --system "$Service_Group" -fi - -if ! id "$Service_User" >/dev/null 2>&1; then - useradd --system --no-create-home --shell /usr/sbin/nologin --gid "$Service_Group" "$Service_User" -fi - install -d -m 0755 "$Install_Dir/conf" "$Install_Dir/logs" "$Install_Dir/temp" -chown -R "$Service_User:$Service_Group" "$Install_Dir/conf" "$Install_Dir/logs" "$Install_Dir/temp" # ========================= # Clash 内核就绪检查/下载 diff --git a/scripts/install_systemd.sh b/scripts/install_systemd.sh index e9c6b53..04b99e9 100755 --- a/scripts/install_systemd.sh +++ b/scripts/install_systemd.sh @@ -6,8 +6,8 @@ set -euo pipefail Server_Dir="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" Service_Name="clash-for-linux" -Service_User="${CLASH_SERVICE_USER:-clash}" -Service_Group="${CLASH_SERVICE_GROUP:-$Service_User}" +Service_User="root" +Service_Group="root" Unit_Path="/etc/systemd/system/${Service_Name}.service" PID_FILE="$Server_Dir/temp/clash.pid" @@ -19,21 +19,6 @@ if [ "$(id -u)" -ne 0 ]; then exit 1 fi -#################### 用户 / 组 #################### - -if ! getent group "$Service_Group" >/dev/null 2>&1; then - groupadd --system "$Service_Group" -fi - -if ! id "$Service_User" >/dev/null 2>&1; then - useradd \ - --system \ - --no-create-home \ - --shell /usr/sbin/nologin \ - --gid "$Service_Group" \ - "$Service_User" -fi - #################### 目录初始化 #################### install -d -m 0755 \ @@ -41,11 +26,6 @@ install -d -m 0755 \ "$Server_Dir/logs" \ "$Server_Dir/temp" -chown -R "$Service_User:$Service_Group" \ - "$Server_Dir/conf" \ - "$Server_Dir/logs" \ - "$Server_Dir/temp" - #################### 生成 systemd Unit #################### cat >"$Unit_Path"<&2 + exit 2 +fi + # 给二进制启动程序、脚本等添加可执行权限 chmod +x "$Server_Dir/bin/"* 2>/dev/null || true chmod +x "$Server_Dir/scripts/"* 2>/dev/null || true @@ -46,14 +52,9 @@ fi Conf_Dir="$Server_Dir/conf" -# systemd + 非 root 运行(clash 用户)时,临时目录与日志目录必须可写 -if [ "${SYSTEMD_MODE:-false}" = "true" ] && [ "$(id -u)" -ne 0 ]; then - Temp_Dir="/tmp/clash-for-linux" - Log_Dir="/tmp/clash-for-linux/logs" -else - Temp_Dir="$Server_Dir/temp" - Log_Dir="$Server_Dir/logs" -fi +# root-only:统一使用安装目录下的 temp/logs +Temp_Dir="$Server_Dir/temp" +Log_Dir="$Server_Dir/logs" mkdir -p "$Conf_Dir" "$Temp_Dir" "$Log_Dir" || { echo "[ERR] cannot create dirs: Conf_Dir=$Conf_Dir Temp_Dir=$Temp_Dir Log_Dir=$Log_Dir" @@ -161,23 +162,12 @@ upsert_yaml_kv() { } ensure_ui_links() { - # 你的真实 UI 产物目录(你已确认一直在这里) local ui_src="${UI_SRC_DIR:-$Server_Dir/dashboard/public}" - # 稳定 UI 入口:/opt/clash-for-linux/conf/ui -> /opt/clash-for-linux/dashboard/public mkdir -p "$Conf_Dir" 2>/dev/null || true if [ -d "$ui_src" ]; then ln -sfn "$ui_src" "$Conf_Dir/ui" 2>/dev/null || true fi - - # 运行态兼容:/tmp/clash-for-linux/ui -> /opt/clash-for-linux/conf/ui - mkdir -p "$Temp_Dir" 2>/dev/null || true - if [ -e "$Conf_Dir/ui" ]; then - ln -sfn "$Conf_Dir/ui" "$Temp_Dir/ui" 2>/dev/null || true - fi - - # 可选:把权限尽量理顺(不强制失败) - chown -h clash:clash "$Conf_Dir/ui" "$Temp_Dir/ui" 2>/dev/null || true } force_write_controller_and_ui() { @@ -491,15 +481,11 @@ if grep -qE '^(proxies:|proxy-providers:|mixed-port:|port:)' "$Temp_Dir/clash.ya # 创建 UI 软链(systemd non-root 用 /tmp) Dashboard_Src="$Server_Dir/dashboard/public" if [ -d "$Dashboard_Src" ]; then - if [ "${SYSTEMD_MODE:-false}" = "true" ] && [ "$(id -u)" -ne 0 ]; then - ln -sfn "$Dashboard_Src" "$Temp_Dir/ui" 2>/dev/null || true - else - ln -sfn "$Dashboard_Src" "$Conf_Dir/ui" 2>/dev/null || true - fi + ln -sfn "$Dashboard_Src" "$Conf_Dir/ui" 2>/dev/null || true fi - SKIP_CONFIG_REBUILD=true -fi + SKIP_CONFIG_REBUILD=true + fi #################### 订阅转换/拼接(非兜底路径) #################### if [ "$SKIP_CONFIG_REBUILD" != "true" ]; then @@ -576,11 +562,7 @@ if [ "$SKIP_CONFIG_REBUILD" != "true" ]; then apply_mixin_config "$CONFIG_FILE" "$Server_Dir" # 6) 是否同步到 conf(root/非 systemd 时才做;systemd+非root跳过) - if [ "${SYSTEMD_MODE:-false}" = "true" ] && [ "$(id -u)" -ne 0 ]; then - echo "[WARN] systemd(non-root): skip copying config to $Conf_Dir" - else - \cp "$CONFIG_FILE" "$Conf_Dir/" - fi + \cp "$CONFIG_FILE" "$Conf_Dir/" # 7) Dashboard external-ui(systemd+非root:把 ui 放 Temp_Dir 下,避免写 conf) Work_Dir="$(cd "$(dirname "$0")" && pwd)" @@ -626,15 +608,8 @@ fi #################### 启动Clash服务 #################### # 选择运行期配置文件与工作目录 -# - systemd + 非 root(通常 User=clash):用 Temp_Dir 下的运行态配置,工作目录也用 Temp_Dir(可写) -# - 其他情况:用 Conf_Dir/config.yaml,工作目录用 Conf_Dir -if [ "${SYSTEMD_MODE:-false}" = "true" ] && [ "$(id -u)" -ne 0 ]; then - CONFIG_FILE="${CONFIG_FILE:-$Temp_Dir/config.yaml}" - RUNTIME_DIR="${Temp_Dir}" -else - CONFIG_FILE="${CONFIG_FILE:-$Conf_Dir/config.yaml}" - RUNTIME_DIR="${Conf_Dir}" -fi +CONFIG_FILE="${CONFIG_FILE:-$Conf_Dir/config.yaml}" +RUNTIME_DIR="${Conf_Dir}" # 启动前确保配置文件存在且非空 if [ ! -s "$CONFIG_FILE" ]; then diff --git a/uninstall.sh b/uninstall.sh index b82a1a6..117944f 100755 --- a/uninstall.sh +++ b/uninstall.sh @@ -6,13 +6,10 @@ set -euo pipefail # ========================= Install_Dir="${CLASH_INSTALL_DIR:-/opt/clash-for-linux}" Service_Name="clash-for-linux" -Service_User="${CLASH_SERVICE_USER:-clash}" -Service_Group="${CLASH_SERVICE_GROUP:-$Service_User}" +Service_User="root" +Service_Group="root" Unit_Path="/etc/systemd/system/${Service_Name}.service" -# 可选:删除运行用户/组(默认不删) -CLASH_REMOVE_USER="${CLASH_REMOVE_USER:-false}" - # ========================= # 彩色输出 # ========================= @@ -133,25 +130,6 @@ else warn "未找到安装目录: ${Install_Dir}" fi -# ========================= -# 6) 可选:删除运行用户/组(默认不删) -# ========================= -if [ "$CLASH_REMOVE_USER" = "true" ]; then - warn "CLASH_REMOVE_USER=true:将尝试删除运行用户/组(若存在且无依赖)" - - if id "$Service_User" >/dev/null 2>&1; then - userdel "$Service_User" >/dev/null 2>&1 || true - ok "已尝试删除用户: ${Service_User}" - fi - - if getent group "$Service_Group" >/dev/null 2>&1; then - groupdel "$Service_Group" >/dev/null 2>&1 || true - ok "已尝试删除组: ${Service_Group}" - fi -else - info "默认不删除用户/组。若确认无其它用途,可用:CLASH_REMOVE_USER=true sudo bash uninstall.sh" -fi - # ========================= # 7) 提示:当前终端代理变量需要手动清 # ========================= @@ -161,4 +139,4 @@ echo " unset http_proxy https_proxy no_proxy HTTP_PROXY HTTPS_PROXY NO_PROXY" echo " # 或关闭终端重新打开" echo -ok "卸载完成 ✅" +ok "卸载完成(root-only 模式)✅"