pool/dehydrated
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1144187 from security:dehydrated

Browse Source 
- switch to sysuser for user/group setup

OBS-URL: https://build.opensuse.org/request/show/1144187
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/dehydrated?expand=0&rev=27
This commit is contained in:
Ana Guerrero 2024-02-05 21:01:48 +00:00 committed by Git OBS Bridge
commit 858e09fd70
3 changed files with 17 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
dehydrated.changes
View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Mon Feb 5 10:38:26 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
- switch to sysuser for user/group setup
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Feb 2 17:34:54 UTC 2024 - Marcus Rueckert <mrueckert@suse.de> Fri Feb 2 17:34:54 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>

17
dehydrated.spec
View File

@ -77,6 +77,7 @@ Source17: dehydrated.target
Source18: dehydrated-postrun-hooks.service Source18: dehydrated-postrun-hooks.service
Source19: dehydrated-postrun-hooks@.service Source19: dehydrated-postrun-hooks@.service
Source20: README.postrun-hooks Source20: README.postrun-hooks
Source21: dehydrated.sysusers
BuildRequires: %{_apache} BuildRequires: %{_apache}
Requires: coreutils Requires: coreutils
Requires: curl Requires: curl
@ -88,8 +89,6 @@ Requires(pre): %{_sbindir}/useradd
Obsoletes: dehydrated-lighttpd < %{version}-%{release} Obsoletes: dehydrated-lighttpd < %{version}-%{release}
Obsoletes: letsencrypt.sh < %{version} Obsoletes: letsencrypt.sh < %{version}
Provides: letsencrypt.sh = %{version} Provides: letsencrypt.sh = %{version}
Provides: user(%{_user})
Provides: group(%{_user})
%if %{with nginx} %if %{with nginx}
BuildRequires: nginx BuildRequires: nginx
%endif %endif
@ -103,7 +102,10 @@ BuildRequires: shadow
%endif %endif
%if %{with systemd} %if %{with systemd}
BuildRequires: pkgconfig(systemd) BuildRequires: pkgconfig(systemd)
%{?systemd_requires} BuildRequires: sysuser-shadow
BuildRequires: sysuser-tools
%{?systemd_ordering}
%sysusers_requires
%else #with_systemd %else #with_systemd
%if 0%{?suse_version} %if 0%{?suse_version}
Requires: cron Requires: cron
@ -151,10 +153,7 @@ Provides: letsencrypt.sh-nginx = %{version}
This adds a configuration file for dehydrated's acme-challenge to nginx. This adds a configuration file for dehydrated's acme-challenge to nginx.
%endif #with nginx %endif #with nginx
%pre %pre -f %{name}.pre
getent group %{_user} >/dev/null || %{_sbindir}/groupadd -r %{_user}
getent passwd %{_user} >/dev/null || %{_sbindir}/useradd -g %{_user} \
-s /bin/false -r -c "%{_user}" -d %{_home} %{_user}
if [ -e %{_sysconfdir}/dehydrated/config.sh ]; then mv %{_sysconfdir}/dehydrated/config.sh %{_sysconfdir}/dehydrated/config; fi if [ -e %{_sysconfdir}/dehydrated/config.sh ]; then mv %{_sysconfdir}/dehydrated/config.sh %{_sysconfdir}/dehydrated/config; fi
%if %{with systemd} %if %{with systemd}
@ -178,6 +177,7 @@ cp %{SOURCE10} .
cp %{SOURCE20} . cp %{SOURCE20} .
%build %build
%sysusers_generate_pre %{SOURCE21} %{name} %{name}.conf
%install %install
# sensitive keys # sensitive keys
@ -259,6 +259,8 @@ perl -p -i -e 's|#DEHYDRATED_GROUP=|DEHYDRATED_GROUP="%{_user}"|' %{buildroot}%{
diff -urN docs/examples/config %{buildroot}%{_home}/config ||: diff -urN docs/examples/config %{buildroot}%{_home}/config ||:
install -Dpm0644 %{SOURCE21} %{buildroot}%{_sysusersdir}/%{name}.conf
# Rename existing config file config files fror nginx # Rename existing config file config files fror nginx
%if %{with nginx} %if %{with nginx}
%pre nginx %pre nginx
@ -294,6 +296,7 @@ diff -urN docs/examples/config %{buildroot}%{_home}/config ||:
%{_unitdir}/dehydrated*.timer %{_unitdir}/dehydrated*.timer
%if %{with instantiated_service} %if %{with instantiated_service}
%{_unitdir}/dehydrated.target %{_unitdir}/dehydrated.target
%{_sysusersdir}/%{name}.conf
%endif %endif
%if 0%{?suse_version} %if 0%{?suse_version}
%{_sbindir}/rcdehydrated %{_sbindir}/rcdehydrated

2
dehydrated.sysusers Normal file
View File

@ -0,0 +1,2 @@
# Type Name ID GECOS [HOME]
u dehydrated - "User for dehydrated" /etc/dehydrated