Accepting request 1144367 from home:cunix:server_dns
use systemd sysusers OBS-URL: https://build.opensuse.org/request/show/1144367 OBS-URL: https://build.opensuse.org/package/show/server:dns/dnscrypt-proxy?expand=0&rev=49
This commit is contained in:
parent
9ca52812b2
commit
f41cf1a154
@ -1,3 +1,8 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Feb 5 12:00:00 UTC 2024 - cunix@mail.de
|
||||||
|
|
||||||
|
- use systemd sysusers
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Sun Aug 13 12:00:00 UTC 2023 - cunix@mail.de - 2.1.5
|
Sun Aug 13 12:00:00 UTC 2023 - cunix@mail.de - 2.1.5
|
||||||
|
|
||||||
|
@ -20,6 +20,7 @@
|
|||||||
%define user_group dnscrypt
|
%define user_group dnscrypt
|
||||||
%define config_dir %{_sysconfdir}/%{name}
|
%define config_dir %{_sysconfdir}/%{name}
|
||||||
%define home_dir %{_localstatedir}/lib/%{name}
|
%define home_dir %{_localstatedir}/lib/%{name}
|
||||||
|
%define home_dir_escaped \\%{_localstatedir}\\/lib\\/%{name}
|
||||||
%define log_dir %{_localstatedir}/log/%{name}
|
%define log_dir %{_localstatedir}/log/%{name}
|
||||||
%define services %{name}.socket %{name}.service %{name}-resolvconf.service
|
%define services %{name}.socket %{name}.service %{name}-resolvconf.service
|
||||||
|
|
||||||
@ -40,18 +41,19 @@ Source4: example-dnscrypt-proxy.toml.sed
|
|||||||
Source5: README.openSUSE
|
Source5: README.openSUSE
|
||||||
# Example how to override socket unit
|
# Example how to override socket unit
|
||||||
Source6: %{name}.socket.conf
|
Source6: %{name}.socket.conf
|
||||||
|
# dnscrypt user configuration
|
||||||
|
Source7: %{user_group}-user.conf
|
||||||
BuildRequires: golang-packaging
|
BuildRequires: golang-packaging
|
||||||
BuildRequires: pkgconfig
|
BuildRequires: pkgconfig
|
||||||
BuildRequires: shadow
|
|
||||||
BuildRequires: systemd-rpm-macros
|
BuildRequires: systemd-rpm-macros
|
||||||
|
BuildRequires: sysuser-tools
|
||||||
BuildRequires: golang(API) >= 1.20
|
BuildRequires: golang(API) >= 1.20
|
||||||
BuildRequires: pkgconfig(libsystemd)
|
BuildRequires: pkgconfig(libsystemd)
|
||||||
BuildRequires: vendored_licenses_packager
|
BuildRequires: vendored_licenses_packager
|
||||||
|
%sysusers_requires
|
||||||
|
%{?systemd_requires}
|
||||||
# For systemd pidfile solution.
|
# For systemd pidfile solution.
|
||||||
Requires: bash
|
Requires: bash
|
||||||
# for daemon group/user
|
|
||||||
Requires(pre): shadow
|
|
||||||
%{?systemd_requires}
|
|
||||||
Recommends: ca-certificates
|
Recommends: ca-certificates
|
||||||
# needed for resolvconf support
|
# needed for resolvconf support
|
||||||
Suggests: openresolv
|
Suggests: openresolv
|
||||||
@ -67,6 +69,9 @@ and ODoH (Oblivious DoH).
|
|||||||
%prep
|
%prep
|
||||||
%setup -q -n %{name}-%{version}
|
%setup -q -n %{name}-%{version}
|
||||||
|
|
||||||
|
# replace with home directory from spec
|
||||||
|
sed -i "s/home_dir_placeholder/%{home_dir_escaped}/" %{SOURCE7}
|
||||||
|
|
||||||
# duplicate original config file
|
# duplicate original config file
|
||||||
cp ./%{name}/example-%{name}.toml ./%{name}.toml.default
|
cp ./%{name}/example-%{name}.toml ./%{name}.toml.default
|
||||||
|
|
||||||
@ -85,6 +90,7 @@ sed -i "1s/#! \/usr\/bin\/env python3/#! \/usr\/bin\/python3/" utils/generate-do
|
|||||||
%vendored_licenses_packager_prep
|
%vendored_licenses_packager_prep
|
||||||
|
|
||||||
%build
|
%build
|
||||||
|
%sysusers_generate_pre %{SOURCE7} %{user_group} %{user_group}.conf
|
||||||
cd %{name}
|
cd %{name}
|
||||||
go build -mod=vendor -buildmode=pie
|
go build -mod=vendor -buildmode=pie
|
||||||
|
|
||||||
@ -119,6 +125,9 @@ install -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
|
|||||||
install -D -m 0644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.socket
|
install -D -m 0644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.socket
|
||||||
install -D -m 0644 %{SOURCE3} %{buildroot}%{_unitdir}/%{name}-resolvconf.service
|
install -D -m 0644 %{SOURCE3} %{buildroot}%{_unitdir}/%{name}-resolvconf.service
|
||||||
|
|
||||||
|
# sysuser
|
||||||
|
install -D -m 0644 %{SOURCE7} %{buildroot}%{_sysusersdir}/%{user_group}.conf
|
||||||
|
|
||||||
# service link
|
# service link
|
||||||
ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}
|
ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}
|
||||||
ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}-resolvconf
|
ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}-resolvconf
|
||||||
@ -131,12 +140,7 @@ cp %{SOURCE5} README.openSUSE
|
|||||||
# Example drop-in.
|
# Example drop-in.
|
||||||
cp %{SOURCE6} %{name}.socket.conf
|
cp %{SOURCE6} %{name}.socket.conf
|
||||||
|
|
||||||
%pre
|
%pre -f %{user_group}.pre
|
||||||
# group and user
|
|
||||||
getent group %{user_group} >/dev/null || %{_sbindir}/groupadd -r %{user_group}
|
|
||||||
getent passwd %{user_group} >/dev/null || %{_sbindir}/useradd -r -g %{user_group} \
|
|
||||||
-d %{home_dir} -s /bin/false -c "DNScrypt Proxy" %{user_group}
|
|
||||||
|
|
||||||
%service_add_pre %{services}
|
%service_add_pre %{services}
|
||||||
|
|
||||||
%post
|
%post
|
||||||
@ -160,6 +164,7 @@ getent passwd %{user_group} >/dev/null || %{_sbindir}/useradd -r -g %{user_group
|
|||||||
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/captive-portals.txt
|
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/captive-portals.txt
|
||||||
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/cloaking-rules.txt
|
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/cloaking-rules.txt
|
||||||
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/forwarding-rules.txt
|
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/forwarding-rules.txt
|
||||||
|
%{_sysusersdir}/%{user_group}.conf
|
||||||
%{_sbindir}/%{name}
|
%{_sbindir}/%{name}
|
||||||
%{_sbindir}/rc%{name}
|
%{_sbindir}/rc%{name}
|
||||||
%{_sbindir}/rc%{name}-resolvconf
|
%{_sbindir}/rc%{name}-resolvconf
|
||||||
|
2
dnscrypt-user.conf
Normal file
2
dnscrypt-user.conf
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
#Type Name ID GECOS Home directory Shell
|
||||||
|
u dnscrypt - "DNScrypt Proxy" home_dir_placeholder /usr/sbin/nologin
|
Loading…
Reference in New Issue
Block a user