diff --git a/debian/changelog b/debian/changelog
index 61d09bfc5..63c2bcac9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+tor (0.2.0.20-rc-1+XX) XXperimental; urgency=low
+
+  * Run --verify-config before start/reload/restart as root.  No longer
+    su - to debian-tor tor run it.  Given that we now even start Tor as
+    root (it setuids later on) this should be fine (closes: #468566).
+
+ -- Peter Palfrader <weasel@debian.org>  Sat,  1 Mar 2008 01:49:58 +0100
+
 tor (0.2.0.20-rc-1) experimental; urgency=low
 
   * New upstream version.
diff --git a/debian/tor.init b/debian/tor.init
index 38712ceb7..cef735fe3 100644
--- a/debian/tor.init
+++ b/debian/tor.init
@@ -89,6 +89,14 @@ check_torpiddir () {
 	fi
 }
 
+check_config () {
+	if ! "$DAEMON --verify-config" > /dev/null; then
+		echo "ABORTED: Tor configuration invalid:" >&2
+		$DAEMON --verify-config >&2
+		exit 1
+	fi
+}
+
 
 case "$1" in
   start)
@@ -109,11 +117,7 @@ case "$1" in
 	check_torpiddir
 
 	echo "Starting $DESC: $NAME..."
-	if ! su -s /bin/sh -c "$DAEMON --verify-config" debian-tor > /dev/null; then
-		echo "ABORTED: Tor configuration invalid:" >&2
-		su -s /bin/sh -c "$DAEMON --verify-config" debian-tor >&2
-		exit 1
-	fi
+	check_config
 
 	start-stop-daemon --start --quiet --oknodo \
 		--pidfile $TORPID \
@@ -149,11 +153,7 @@ case "$1" in
 		exit 0
 	fi
 
-	if ! su -s /bin/sh -c "$DAEMON --verify-config" debian-tor > /dev/null; then
-		echo "ABORTED: Tor configuration invalid:" >&2
-		su -s /bin/sh -c "$DAEMON --verify-config" debian-tor >&2
-		exit 1
-	fi
+	check_config
 
 	if start-stop-daemon --stop --signal 1 --quiet --pidfile $TORPID --exec $DAEMON
 	then
@@ -166,11 +166,7 @@ case "$1" in
 	fi
 	;;
   restart)
-	if ! su -s /bin/sh -c "$DAEMON --verify-config" debian-tor > /dev/null; then
-		echo "Restarting Tor ABORTED: Tor configuration invalid:" >&2
-		su -s /bin/sh -c "$DAEMON --verify-config" debian-tor >&2
-		exit 1
-	fi
+	check_config
 
 	$0 stop
 	sleep 1