Accepting request 1120484 from server:proxy

- Fix boo#1216372 and boo#1216373, run systemd service as a dedicated user and group OBS-URL: https://build.opensuse.org/request/show/1120484 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/shadowsocks-rust?expand=0&rev=4
2023-10-26 15:14:51 +00:00 · 2023-10-26 15:14:51 +00:00 · 70aa2a0e41
commit 70aa2a0e41
parent b29e7c6475 1e68d5ca5d
5 changed files with 18 additions and 0 deletions
--- a/shadowsocks-rust-client.service
+++ b/shadowsocks-rust-client.service
@ -21,6 +21,8 @@ Type=forking
 PIDFile=/var/run/shadowsocks-rust-client.pid
 ExecStart=/usr/bin/sslocal --log-without-time -c /etc/shadowsocks/shadowsocks-rust.json --tcp-fast-open
 Restart=on-failure
 User=shadowsocks
 Group=shadowsocks
 [Install]
 WantedBy=multi-user.target
--- a/shadowsocks-rust-manager.service
+++ b/shadowsocks-rust-manager.service
@ -21,6 +21,8 @@ Type=forking
 PIDFile=/var/run/shadowsocks-rust-manager.pid
 ExecStart=/usr/bin/ssmanager --log-without-time -c /etc/shadowsocks/shadowsocks-rust.json --tcp-fast-open
 Restart=on-failure
 User=shadowsocks
 Group=shadowsocks
 [Install]
 WantedBy=multi-user.target
--- a/shadowsocks-rust-server.service
+++ b/shadowsocks-rust-server.service
@ -21,6 +21,8 @@ Type=forking
 PIDFile=/var/run/shadowsocks-rust-server.pid
 ExecStart=/usr/bin/ssserver --log-without-time -c /etc/shadowsocks/shadowsocks-rust.json --tcp-fast-open
 Restart=on-failure
 User=shadowsocks
 Group=shadowsocks
 [Install]
 WantedBy=multi-user.target
--- a/shadowsocks-rust.changes
+++ b/shadowsocks-rust.changes
@ -1,3 +1,8 @@
 -------------------------------------------------------------------
 Tue Oct 24 14:38:46 UTC 2023 - Hillwood Yang <hillwood@opensuse.org>
 - Fix boo#1216372 and boo#1216373, run systemd service as a dedicated user and group
 -------------------------------------------------------------------
 Mon Sep 25 14:02:49 UTC 2023 - Hillwood Yang <hillwood@opensuse.org>
--- a/shadowsocks-rust.spec
+++ b/shadowsocks-rust.spec
@ -33,6 +33,7 @@ BuildRequires:  cargo
 BuildRequires:  cargo-packaging
 BuildRequires:  systemd-rpm-macros
 BuildRequires:  pkgconfig(openssl)
 Requires(pre):  shadow
 Recommends:     shadowsocks-v2ray-plugin
 # ExcludeArch:    ppc ppc64 ppc64le s390 s390x
 %{?systemd_ordering}
@ -76,11 +77,16 @@ ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}-manager
 %service_add_pre %{name}-client.service
 %service_add_pre %{name}-server.service
 %service_add_pre %{name}-manager.service
 getent group shadowsocks >/dev/null || %{_sbindir}/groupadd --system shadowsocks
 getent passwd shadowsocks >/dev/null || %{_sbindir}/useradd --system -c "shadowsocks User" \
         -d %{_localstatedir}/shadowsocks -m -g shadowsocks -s %{_sbindir}/nologin \
         shadowsocks
 %post
 %service_add_post %{name}-client.service
 %service_add_post %{name}-server.service
 %service_add_post %{name}-manager.service
 chown root:shadowsocks %{_sysconfdir}/shadowsocks -R
 %preun
 %service_del_preun %{name}-client.service
@ -99,6 +105,7 @@ ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}-manager
 %{_sbindir}/rc%{name}-*
 %{_unitdir}/%{name}-*.service
 %dir %{_sysconfdir}/shadowsocks
 # %config(noreplace) %attr(660,%{name},root) %{_sysconfdir}/shadowsocks
 %config %{_sysconfdir}/shadowsocks/%{name}.json
 %changelog