diff --git a/redis-initscript.patch b/redis-initscript.patch index f9e8f55..82c58fa 100644 --- a/redis-initscript.patch +++ b/redis-initscript.patch @@ -40,7 +40,7 @@ Index: utils/redis_init_script - $EXEC $CONF - fi + echo -n "Starting service Redis " -+ /sbin/startproc -p $PIDFILE -s -e $EXEC $CONF ++ /sbin/startproc -u redis -g redis -p $PIDFILE -s -e $EXEC $CONF + rc_status -v ;; stop) diff --git a/redis.changes b/redis.changes index 96488db..91365f3 100644 --- a/redis.changes +++ b/redis.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Mon May 17 14:26:18 UTC 2010 - mrueckert@suse.de + +- dont run as root + ------------------------------------------------------------------- Mon May 17 14:10:31 UTC 2010 - mrueckert@suse.de diff --git a/redis.spec b/redis.spec index d58c17d..a5c58ee 100644 --- a/redis.spec +++ b/redis.spec @@ -27,6 +27,8 @@ Patch1: %{name}-conf.patch # for init script Requires: netcat BuildRoot: %{_tmppath}/%{name}-%{version}-build +%define pkg_homedir %{_var}/run/%{name} +%define pkg_datadir %{_var}/lib/%{name} %description Redis is an advanced key-value store. It is similar to memcached but the dataset @@ -60,11 +62,14 @@ install -D -m 0755 redis-server $RPM_BUILD_ROOT%{_sbindir}/redis-server install -D -m 0755 utils/redis_init_script $RPM_BUILD_ROOT%{_sysconfdir}/init.d/redis ln -s %{_sysconfdir}/init.d/redis $RPM_BUILD_ROOT%{_sbindir}/rcredis install -D -m 0644 redis.conf $RPM_BUILD_ROOT%{_sysconfdir}/redis.conf -mkdir -p $RPM_BUILD_ROOT/var/lib/redis +install -d $RPM_BUILD_ROOT%{pkg_homedir} $RPM_BUILD_ROOT%{pkg_datadir} %clean rm -rf $RPM_BUILD_ROOT +%pre +/usr/sbin/groupadd -r %{name} &>/dev/null || : +/usr/sbin/useradd -o -g %{name} -s /bin/false -r -c "User for Redis key-value store" -d %{pkg_homedir} %{name} &>/dev/null || : %post %fillup_and_insserv %{name} @@ -84,8 +89,9 @@ rm -rf $RPM_BUILD_ROOT %{_sbindir}/redis-server %{_sbindir}/rcredis %config(noreplace) %{_sysconfdir}/init.d/redis -%config(noreplace) %{_sysconfdir}/redis.conf -%dir /var/lib/redis +%config(noreplace) %attr(0640, %{name}, %{name}) %{_sysconfdir}/redis.conf +%dir %attr(0750, %{name}, %{name}) %{pkg_homedir} +%dir %attr(0750, %{name}, %{name}) %{pkg_datadir} %files doc %defattr(-,root,root)