Accepting request 787151 from home:kukuk:container

- Use sysusers.d to create named user - Have only one package creating the user - coreutils are not used in %post, remove Requires. - Use systemd_ordering instead of hard requiring systemd OBS-URL: https://build.opensuse.org/request/show/787151 OBS-URL: https://build.opensuse.org/package/show/network/bind?expand=0&rev=269
2020-03-23 07:34:53 +00:00 · 2020-03-23 07:34:53 +00:00 · c79f35c371
commit c79f35c371
parent 96b63d7058
3 changed files with 39 additions and 16 deletions
--- a/bind.changes
+++ b/bind.changes
@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Sat Mar 21 08:56:28 UTC 2020 - Thorsten Kukuk <kukuk@suse.com>
+
+- Use sysusers.d to create named user
+- Have only one package creating the user
+
+-------------------------------------------------------------------
+Fri Mar 20 09:00:07 UTC 2020 - Thorsten Kukuk <kukuk@suse.com>
+
+- coreutils are not used in %post, remove Requires.
+- Use systemd_ordering instead of hard requiring systemd
+
 -------------------------------------------------------------------
 Fri Mar 20 08:04:19 UTC 2020 - Josef Möllers <josef.moellers@suse.com>

--- a/bind.spec
+++ b/bind.spec
@ -33,6 +33,10 @@
 %define libns_sonum 1601

 %define	VENDOR SUSE
+%if 0%{?suse_version} >= 1500
+%define with_systemd 1
+%else
+%define with_systemd 0
 # Defines for user and group add
 %define	NAMED_UID 44
 %define	NAMED_UID_NAME named
@ -44,10 +48,6 @@
 %define	GROUPADD_NAMED getent group %{NAMED_GID_NAME} >/dev/null || %{_sbindir}/groupadd -g %{NAMED_GID} -o -r %{NAMED_GID_NAME}
 %define	USERADD_NAMED getent passwd %{NAMED_UID_NAME} >/dev/null || %{_sbindir}/useradd -r -o -g %{NAMED_GID_NAME} -u %{NAMED_UID} -s %{NAMED_SHELL} -c "%{NAMED_COMMENT}" -d %{NAMED_HOMEDIR} %{NAMED_UID_NAME}
 %define	USERMOD_NAMED getent passwd %{NAMED_UID_NAME} >/dev/null || %{_sbindir}/usermod -s %{NAMED_SHELL} -d  %{NAMED_HOMEDIR} %{NAMED_UID_NAME}
-%if 0%{?suse_version} >= 1500
-%define with_systemd 1
-%else
-%define with_systemd 0
 %endif
 %if 0%{?suse_version} < 1315
 %define with_sfw2 1
@ -78,6 +78,7 @@ Source60:       dlz-schema.txt
 # configuation files for systemd-tmpfiles
 Source70:       bind.conf
 Source71:       bind-chrootenv.conf
+Source72:       named.conf
 Patch1:         Makefile.in.diff
 Patch51:        pie_compile.diff
 Patch52:        named-bootconf.diff
@ -102,8 +103,6 @@ Requires:       %{name}-chrootenv
 Requires:       %{name}-utils
 Requires(post): %fillup_prereq
 Requires(post): bind-utils
-Requires(post): coreutils
-Requires(pre):  shadow
 Provides:       bind8 = %{version}
 Provides:       bind9 = %{version}
 Provides:       dns_daemon
@ -111,11 +110,15 @@ Obsoletes:      bind8 < %{version}
 Obsoletes:      bind9 < %{version}
 %if %{with_systemd}
 BuildRequires:  systemd-rpm-macros
+BuildRequires:  sysuser-shadow
+BuildRequires:  sysuser-tools
 BuildRequires:  pkgconfig(libsystemd)
 BuildRequires:  pkgconfig(systemd)
-%{?systemd_requires}
+%{?systemd_ordering}
+%sysusers_requires
 %else
 Requires(post): %insserv_prereq
+Requires(pre):  shadow
 %endif

 %description
@ -204,8 +207,9 @@ This BIND library contains the configuration file parser.

 %package chrootenv
 Summary:        Chroot environment for BIND named
+# We need the named user and group, have only one authoritative place
 Group:          Productivity/Networking/DNS/Servers
-Requires(pre):  shadow
+Requires(pre):  %{name}

 %description chrootenv
 This package contains all directories and files which are common to the
@ -331,6 +335,9 @@ sed -i '
  s|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g
 ' libtool
 make %{?_smp_mflags}
+%if %{with_systemd}
+%sysusers_generate_pre %{SOURCE72} named
+%endif

 %install
 mkdir -p \
@ -417,14 +424,20 @@ for file in CHANGES COPYRIGHT README version contrib doc/{arm,misc} vendor-files
 done
 # ---------------------------------------------------------------------------
 install -m 0644 bind.keys %{buildroot}%{_localstatedir}/lib/named/named.root.key
+%if %{with_systemd}
+mkdir -p %{buildroot}%{_sysusersdir}
+install -m 644 %{SOURCE72} %{buildroot}%{_sysusersdir}/
+%endif

+%if %{with_systemd}
+%pre -f named.pre
+%service_add_pre named.service
+%else
 %pre
 %{GROUPADD_NAMED}
 %{USERADD_NAMED}
 # Might be an update.
 %{USERMOD_NAMED}
-%if %{with_systemd}
-%service_add_pre named.service
 %endif

 %preun
@ -470,10 +483,6 @@ fi
 %postun -n %{libisccc} -p /sbin/ldconfig
 %post   -n %{libisccfg} -p /sbin/ldconfig
 %postun -n %{libisccfg} -p /sbin/ldconfig
-%pre chrootenv
-%{GROUPADD_NAMED}
-%{USERADD_NAMED}
-
 %post chrootenv
 %{fillup_only -nsa named common}
 %{fillup_only -nsa syslog named}
@ -481,8 +490,6 @@ fi
 %tmpfiles_create bind-chrootenv.conf
 %endif

-%post utils
-
 %files
 %license LICENSE
 %attr(0644,root,named) %config(noreplace) /%{_sysconfdir}/named.conf
@ -493,6 +500,7 @@ fi
 %config %{_unitdir}/named.service
 %{_sbindir}/named.init
 %{_prefix}/lib/tmpfiles.d/bind.conf
+%{_sysusersdir}/named.conf
 %{_datadir}/factory
 %else
 %config /%{_sysconfdir}/init.d/named
--- a/named.conf
+++ b/named.conf
@ -0,0 +1,3 @@
+# Type Name ID GECOS [HOME]
+g named 44 - -
+u named 44 "Name server daemon" /var/lib/named