diff options
author | Dmitry Bogatov <KAction@debian.org> | 2018-12-12 02:24:26 +0000 |
---|---|---|
committer | Dmitry Bogatov <KAction@debian.org> | 2018-12-12 02:24:32 +0000 |
commit | 1432d897faea22299d253b3cfad8c94cd751ed1f (patch) | |
tree | 7fd27a5a65c86dd4c5942fa8c92c00f3e2862977 | |
parent | c870dcaa53988f709b1152221e76992972365fb5 (diff) |
Make auto-generated runscripts invoke svlogd(8) as `runit-log' user.
* Make auto-generated runscripts invoke svlogd(8) as `runit-log' user.
* Impose dependency on (runit >= 2.1.2-20), which provides `runit-log'
user.
-rw-r--r-- | debian/changelog | 8 | ||||
-rw-r--r-- | debian/control | 1 | ||||
-rwxr-xr-x | dh_runit | 12 | ||||
-rwxr-xr-x | runit-helper | 15 |
4 files changed, 15 insertions, 21 deletions
diff --git a/debian/changelog b/debian/changelog index 578581d..0a35570 100644 --- a/debian/changelog +++ b/debian/changelog | |||
@@ -1,3 +1,11 @@ | |||
1 | dh-runit (2.8.1) UNRELEASED; urgency=medium | ||
2 | |||
3 | * Make auto-generated runscripts invoke svlogd(8) as `runit-log' user. | ||
4 | * Impose dependency on (runit >= 2.1.2-20), which provides `runit-log' | ||
5 | user. | ||
6 | |||
7 | -- Dmitry Bogatov <KAction@debian.org> Wed, 12 Dec 2018 02:15:19 +0000 | ||
8 | |||
1 | dh-runit (2.7.3) unstable; urgency=medium | 9 | dh-runit (2.7.3) unstable; urgency=medium |
2 | 10 | ||
3 | * Do not re-enable serice on upgrade, if it was disable by local | 11 | * Do not re-enable serice on upgrade, if it was disable by local |
diff --git a/debian/control b/debian/control index 20dde40..b3f58df 100644 --- a/debian/control +++ b/debian/control | |||
@@ -11,7 +11,6 @@ Homepage: https://salsa.debian.org/runit-team/dh-runit | |||
11 | Package: dh-runit | 11 | Package: dh-runit |
12 | Architecture: all | 12 | Architecture: all |
13 | Depends: debhelper (>= 9), | 13 | Depends: debhelper (>= 9), |
14 | dh-sysuser, | ||
15 | ${misc:Depends}, | 14 | ${misc:Depends}, |
16 | ${shlibs:Depends} | 15 | ${shlibs:Depends} |
17 | Description: debhelper add-on to handle runit runscripts | 16 | Description: debhelper add-on to handle runit runscripts |
@@ -87,23 +87,23 @@ PKG: foreach my $pkg (@{$dh{DOPACKAGES}}) { | |||
87 | install_dir($tmp . $logdir); | 87 | install_dir($tmp . $logdir); |
88 | 88 | ||
89 | my $run_log = "$sv_dir/$name/log/run"; | 89 | my $run_log = "$sv_dir/$name/log/run"; |
90 | my $log_user = "_log-". $name; | ||
91 | open(RUN_LOG, ">$run_log") || die $!; | 90 | open(RUN_LOG, ">$run_log") || die $!; |
92 | print RUN_LOG << "HERE"; | 91 | print RUN_LOG << "HERE"; |
93 | #!/bin/sh | 92 | #!/bin/sh |
94 | chown -R '$log_user' '$logdir' | 93 | chown -R runit-log:adm '$logdir' |
95 | exec chpst -u '$log_user' svlogd -tt '$logdir' | 94 | chmod 750 '$logdir' |
95 | chmod u+rw,g+r,o-rwx '$logdir'/* | ||
96 | exec chpst -u runit-log svlogd -tt '$logdir' | ||
96 | HERE | 97 | HERE |
97 | close(RUN_LOG); | 98 | close(RUN_LOG); |
98 | chmod(0755, $run_log); | 99 | chmod(0755, $run_log); |
99 | doit('dh_sysuser', '-p', $pkg, $log_user, 'defaults'); | ||
100 | make_symlink("/etc/sv/$name/log/supervise", | 100 | make_symlink("/etc/sv/$name/log/supervise", |
101 | "/var/lib/runit/log/supervise/$name", $tmp); | 101 | "/var/lib/runit/log/supervise/$name", $tmp); |
102 | install_dir("$tmp/var/lib/runit/log/supervise/$name"); | 102 | install_dir("$tmp/var/lib/runit/log/supervise/$name"); |
103 | } | 103 | } |
104 | } | 104 | } |
105 | addsubstvar($pkg, 'misc:Depends', 'runit', '>= 2.1.2-7'); | 105 | addsubstvar($pkg, 'misc:Depends', 'runit', '>= 2.1.2-20~'); |
106 | addsubstvar($pkg, 'misc:Depends', 'runit-helper', '>= 2.7.3'); | 106 | addsubstvar($pkg, 'misc:Depends', 'runit-helper', '>= 2.8.1~'); |
107 | } | 107 | } |
108 | 108 | ||
109 | # PROMISE: DH NOOP WITHOUT runit | 109 | # PROMISE: DH NOOP WITHOUT runit |
diff --git a/runit-helper b/runit-helper index 05724af..051cbfa 100755 --- a/runit-helper +++ b/runit-helper | |||
@@ -38,24 +38,11 @@ postrm () { | |||
38 | # Links in other runsvdirs is responsibility of administrator. | 38 | # Links in other runsvdirs is responsibility of administrator. |
39 | rm -f "/etc/runit/runsvdir/default/$NAME" | 39 | rm -f "/etc/runit/runsvdir/default/$NAME" |
40 | 40 | ||
41 | # Following code makes sure, that after removal of package, in default | ||
42 | # setup, the only files belonged to log user, belong to root. | ||
43 | # | ||
44 | # This way user can be safely removed, solving part of #848239 (need | ||
45 | # interoperation from dh-sysuser). | ||
46 | # | ||
47 | # Sure, system administrator can make stupid thing and chown some file | ||
48 | # to log user, but consequences do not seem to be so severe. After | ||
49 | # all, with great power comes great responsibility. | ||
50 | if [ -d "/var/log/runit/$NAME" ] ; then | ||
51 | chown --recursive root:root "/var/log/runit/$NAME" | ||
52 | fi | ||
53 | |||
54 | # If runscript was never invoked, there will be no files | 41 | # If runscript was never invoked, there will be no files |
55 | # in this directory, and `dpkg' will remove it. In this case, | 42 | # in this directory, and `dpkg' will remove it. In this case, |
56 | # we have nothing to do. | 43 | # we have nothing to do. |
57 | for supervise in "/var/lib/runit/supervise/$NAME" \ | 44 | for supervise in "/var/lib/runit/supervise/$NAME" \ |
58 | "/var/lib/runit/log/supervise/$NAME" ; do | 45 | "/var/lib/runit/log/supervise/$NAME" ; do |
59 | if [ -d "$supervise" ] ; then | 46 | if [ -d "$supervise" ] ; then |
60 | 47 | ||
61 | # Actually only `down' may be absent, but it does not | 48 | # Actually only `down' may be absent, but it does not |