From 1432d897faea22299d253b3cfad8c94cd751ed1f Mon Sep 17 00:00:00 2001
From: Dmitry Bogatov <KAction@debian.org>
Date: Wed, 12 Dec 2018 02:24:26 +0000
Subject: Make auto-generated runscripts invoke svlogd(8) as `runit-log' user.

 * Make auto-generated runscripts invoke svlogd(8) as `runit-log' user.
 * Impose dependency on (runit >= 2.1.2-20), which provides `runit-log'
   user.
---
 debian/changelog |  8 ++++++++
 debian/control   |  1 -
 dh_runit         | 12 ++++++------
 runit-helper     | 15 +--------------
 4 files changed, 15 insertions(+), 21 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 578581d..0a35570 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+dh-runit (2.8.1) UNRELEASED; urgency=medium
+
+  * Make auto-generated runscripts invoke svlogd(8) as `runit-log' user.
+  * Impose dependency on (runit >= 2.1.2-20), which provides `runit-log'
+    user.
+
+ -- Dmitry Bogatov <KAction@debian.org>  Wed, 12 Dec 2018 02:15:19 +0000
+
 dh-runit (2.7.3) unstable; urgency=medium
 
   * Do not re-enable serice on upgrade, if it was disable by local
diff --git a/debian/control b/debian/control
index 20dde40..b3f58df 100644
--- a/debian/control
+++ b/debian/control
@@ -11,7 +11,6 @@ Homepage: https://salsa.debian.org/runit-team/dh-runit
 Package: dh-runit
 Architecture: all
 Depends: debhelper (>= 9),
-         dh-sysuser,
          ${misc:Depends},
          ${shlibs:Depends}
 Description: debhelper add-on to handle runit runscripts
diff --git a/dh_runit b/dh_runit
index e0a8d7e..bf2a49a 100755
--- a/dh_runit
+++ b/dh_runit
@@ -87,23 +87,23 @@ PKG: foreach my $pkg (@{$dh{DOPACKAGES}}) {
             install_dir($tmp . $logdir);
 
             my $run_log = "$sv_dir/$name/log/run";
-            my $log_user = "_log-". $name;
             open(RUN_LOG, ">$run_log") || die $!;
             print RUN_LOG << "HERE";
 #!/bin/sh
-chown -R '$log_user' '$logdir'
-exec chpst -u '$log_user' svlogd -tt '$logdir'
+chown -R runit-log:adm '$logdir'
+chmod 750 '$logdir'
+chmod u+rw,g+r,o-rwx '$logdir'/*
+exec chpst -u runit-log svlogd -tt '$logdir'
 HERE
             close(RUN_LOG);
             chmod(0755, $run_log);
-            doit('dh_sysuser', '-p', $pkg, $log_user, 'defaults');
             make_symlink("/etc/sv/$name/log/supervise",
                          "/var/lib/runit/log/supervise/$name", $tmp);
             install_dir("$tmp/var/lib/runit/log/supervise/$name");
         }
     }
-    addsubstvar($pkg, 'misc:Depends', 'runit', '>= 2.1.2-7');
-    addsubstvar($pkg, 'misc:Depends', 'runit-helper', '>= 2.7.3');
+    addsubstvar($pkg, 'misc:Depends', 'runit', '>= 2.1.2-20~');
+    addsubstvar($pkg, 'misc:Depends', 'runit-helper', '>= 2.8.1~');
 }
 
 # PROMISE: DH NOOP WITHOUT runit
diff --git a/runit-helper b/runit-helper
index 05724af..051cbfa 100755
--- a/runit-helper
+++ b/runit-helper
@@ -38,24 +38,11 @@ postrm () {
 	# Links in other runsvdirs is responsibility of administrator.
 	rm -f "/etc/runit/runsvdir/default/$NAME"
 
-	# Following code makes sure, that after removal of package, in default
-	# setup, the only files belonged to log user, belong to root.
-	#
-	# This way user can be safely removed, solving part of #848239 (need
-	# interoperation from dh-sysuser).
-	#
-	# Sure, system administrator can make stupid thing and chown some file
-	# to log user, but consequences do not seem to be so severe. After
-	# all, with great power comes great responsibility.
-	if [ -d "/var/log/runit/$NAME" ] ; then
-		chown --recursive root:root "/var/log/runit/$NAME"
-	fi
-
 	# If runscript was never invoked, there will be no files
 	# in this directory, and `dpkg' will remove it. In this case,
 	# we have nothing to do.
 	for supervise in "/var/lib/runit/supervise/$NAME" \
-		             "/var/lib/runit/log/supervise/$NAME" ; do
+	                 "/var/lib/runit/log/supervise/$NAME" ; do
 		if [ -d "$supervise" ] ; then
 
 			# Actually only `down' may be absent, but it does not
-- 
cgit v1.2.3