From 8fd32a3697b2f1506abc22af71f210a0121297a0fd542c708034d5c4c4873dee Mon Sep 17 00:00:00 2001 From: Egbert Eich Date: Wed, 10 Jan 2018 21:22:38 +0000 Subject: [PATCH] Accepting request 563443 from home:eeich:branches:network:cluster - Fix conman for non-root user: * create rundir * create logdir * set user/group only when set to non-root * fix rundir and logdir in config file on update. OBS-URL: https://build.opensuse.org/request/show/563443 OBS-URL: https://build.opensuse.org/package/show/network:cluster/conman?expand=0&rev=19 --- conman.changes | 9 +++++++++ conman.spec | 40 ++++++++++++++++++++++++++++++++++------ 2 files changed, 43 insertions(+), 6 deletions(-) diff --git a/conman.changes b/conman.changes index e43b8f1..9eb8a34 100644 --- a/conman.changes +++ b/conman.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Wed Jan 10 19:27:27 UTC 2018 - eich@suse.com + +- Fix conman for non-root user: + * create rundir + * create logdir + * set user/group only when set to non-root + * fix rundir and logdir in config file on update. + ------------------------------------------------------------------- Thu Nov 23 13:54:08 UTC 2017 - rbrown@suse.com diff --git a/conman.spec b/conman.spec index 1980cb9..fbc8315 100644 --- a/conman.spec +++ b/conman.spec @@ -1,7 +1,7 @@ # # spec file for package conman # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -31,6 +31,7 @@ %if 0%{?have_systemd} %if 0%{?sle_version} >= 150000 || 0%{?is_opensuse} + %define conmandir conman/ %define conman_g %name %define conman_u %name %else @@ -130,14 +131,21 @@ for i in $(find %{buildroot}/usr/lib/conman) ; do fi fi done + +%if 0%{?conmandir:1} +mkdir -p %{buildroot}%{_tmpfilesdir} +cat >> %{buildroot}%{_tmpfilesdir}/%{name}.conf < /dev/null; then cat <> %{buildroot}/etc/conman.conf SERVER keepalive=ON -SERVER logdir="/var/log/conman" -SERVER logfile="/var/log/conman.log" +SERVER logdir="/var/log/%{conmandir}" +SERVER logfile="/var/log/%{conmandir}conman.log" SERVER loopback=ON -SERVER pidfile="/var/run/conman.pid" -SERVER resetcmd="powerman -0 %N; sleep 3; powerman -1 %N" +SERVER pidfile="/var/run/%{conmandir}conman.pid" SERVER tcpwrappers=ON SERVER timestamp=1h GLOBAL seropts="115200,8n1" @@ -149,10 +157,12 @@ fi %if 0%{?have_systemd} %pre %service_add_pre conman.service -%define conman_home "%_localstatedir%_rundir/conman" +%if 0%{?conmandir:1} +%define conman_home "%_localstatedir%_rundir/%conmandir" %define conman_descr "Connection Manager service" getent group %conman_g >/dev/null || groupadd -r %conman_g getent passwd %conman_u >/dev/null || useradd -r -g %conman_g -d %conman_home -s /bin/false -c %conman_descr %conman_u +%endif exit 0 %endif @@ -166,7 +176,21 @@ exit 0 %post %fillup_only conman %if 0%{?have_systemd} +%{?tmpfiles_create:%{tmpfiles_create %{_tmpfilesdir}/%{name}.conf}} %service_add_post conman.service +if [ $1 -eq 2 ]; then + tmpfile=$(mktemp /tmp/tmp-XXXX) + sed -e "s@^\(server\)\|\(SERVER\) \+logdir=.*@SERVER logdir=\"/var/log/%{conmandir}\"@" \ + -e "s@^\(server\)\|\(SERVER\) \+logfile=.*@SERVER logfile=\"/var/log/%{conmandir}conman.log\"@" \ + -e "s@^\(server\)\|\(SERVER\) \+pidfile=.*@SERVER pidfile=\"/var/run/%{conmandir}conman.pid\"@" \ + < /etc/conman.conf > $tmpfile + if ! cmp /etc/conman.conf $tmpfile; then + mv $tmpfile /etc/conman.conf + chown %conman_u:%conman_g /etc/conman.conf + else + rm $tmpfile + fi +fi %endif %postun @@ -189,6 +213,10 @@ exit 0 %doc THANKS %config(noreplace) %attr(-,%conman_u,%conman_g) %{_sysconfdir}/conman.conf %config(noreplace) %{_sysconfdir}/logrotate.d/conman +%if 0%{?conmandir:1} +%dir %attr(-,%conman_u,%conman_g) %{_localstatedir}/log/conman +%{_tmpfilesdir}/%{name}.conf +%endif %{_fillupdir}/sysconfig.conman %{_bindir}/* %{_sbindir}/*