1
0

Accepting request 895954 from home:gladiac:mailman3

- Remove the hyperkitty-admin user

OBS-URL: https://build.opensuse.org/request/show/895954
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:mailman/python-HyperKitty?expand=0&rev=39
This commit is contained in:
2021-05-28 11:34:18 +00:00
committed by Git OBS Bridge
parent 732d2c9a52
commit e3409ce788
5 changed files with 14 additions and 46 deletions

View File

@@ -1,3 +1,3 @@
#!/bin/bash
sudo -u hyperkitty-admin /usr/bin/python3 /srv/www/webapps/mailman/hyperkitty/manage.py "$@"
sudo -u hyperkitty /usr/bin/python3 /srv/www/webapps/mailman/hyperkitty/manage.py "$@"

View File

@@ -1,30 +0,0 @@
#!/bin/sh
LOG_DIR="/var/log/hyperkitty"
LIB_DIR="/var/lib/hyperkitty"
DATA_DIR="${LIB_DIR}/data"
chown hyperkitty-admin:hyperkitty-admin ${LIB_DIR}
chmod u=rwX,g=rwX,o= ${LIB_DIR}
chown hyperkitty:hyperkitty ${DATA_DIR}
chmod u=rwX,g=rwX,o= ${DATA_DIR}
chown hyperkitty:hyperkitty ${DATA_DIR}/hyperkitty.db 2>/dev/null
chmod u=rwX,g=rwX,o= ${DATA_DIR}/hyperkitty.db 2>/dev/null
setfacl --no-mask -m u:hyperkitty:rwX ${DATA_DIR}
setfacl -d --no-mask -m u:hyperkitty:rwX ${DATA_DIR}
setfacl --no-mask -m u:hyperkitty-admin:rwX ${DATA_DIR}
setfacl -d --no-mask -m u:hyperkitty-admin:rwX ${DATA_DIR}
setfacl --no-mask -m u:hyperkitty-admin:rwX ${DATA_DIR}/hyperkitty.db 2>/dev/null
chown hyperkitty-admin:hyperkitty-admin ${LOG_DIR}
chmod u=rwX,g=rwX,o= ${LOG_DIR}
chown hyperkitty-admin:hyperkitty-admin ${LOG_DIR}/hyperkitty.log 2>/dev/null
chmod u=rwX,g=rwX,o= ${LOG_DIR}/hyperkitty.log 2>/dev/null
setfacl --no-mask -m u:hyperkitty:rwX ${LOG_DIR}
setfacl -d --no-mask -m u:hyperkitty:rwX ${LOG_DIR}
setfacl --no-mask -m u:hyperkitty:rwX ${LOG_DIR}/hyperkitty.log 2>/dev/null
setfacl --no-mask -m u:hyperkitty-admin:rwX ${LOG_DIR}
setfacl -d --no-mask -m u:hyperkitty-admin:rwX ${LOG_DIR}

View File

@@ -4,5 +4,5 @@ Description=HyperKitty runjob @HYPERKITTY_RUNJOB@
[Service]
Type=oneshot
ExecStart=/usr/bin/python3 /srv/www/webapps/mailman/hyperkitty/manage.py runjob @HYPERKITTY_RUNJOB@ --pythonpath /srv/www/webapps/mailman/hyperkitty/ --settings settings
User=hyperkitty-admin
Group=hyperkitty-admin
User=hyperkitty
Group=hyperkitty

View File

@@ -1,3 +1,8 @@
-------------------------------------------------------------------
Wed May 26 14:04:05 UTC 2021 - Andreas Schneider <asn@cryptomilk.org>
- Remove the hyperkitty-admin user
-------------------------------------------------------------------
Tue May 25 18:55:19 UTC 2021 - Andreas Schneider <asn@cryptomilk.org>

View File

@@ -45,7 +45,6 @@ Source0: https://files.pythonhosted.org/packages/source/H/HyperKitty/Hype
Source1: python-HyperKitty-rpmlintrc
#
Source10: hyperkitty-manage.sh
Source11: hyperkitty-permissions.sh
Source12: hyperkitty.uwsgi
#
Source20: hyperkitty-qcluster.service
@@ -209,7 +208,6 @@ ln -svf %{hyperkitty_etcdir}/settings_local.py \
# Manage script
install -d -m 0755 %{buildroot}%{_sbindir}
install -m 0750 %{SOURCE10} %{buildroot}%{_sbindir}/hyperkitty-manage
install -m 0750 %{SOURCE11} %{buildroot}%{_sbindir}/hyperkitty-fix-permissions
install -d -m 0755 %{buildroot}%{_sysconfdir}/uwsgi/vassals
install -m 0644 %{SOURCE12} %{buildroot}%{_sysconfdir}/uwsgi/vassals/hyperkitty.ini
@@ -258,13 +256,9 @@ export PYTHONPATH=$(pwd)
/usr/sbin/groupadd -r hyperkitty &>/dev/null || :
/usr/sbin/useradd -g hyperkitty -s /bin/false -r -c "HyperKitty" -d %{hyperkitty_basedir} hyperkitty &>/dev/null || :
/usr/sbin/groupadd -r hyperkitty-admin &>/dev/null || :
/usr/sbin/useradd -g hyperkitty-admin -s /bin/bash -r -c "HyperKitty Admin" -d %{hyperkitty_basedir} hyperkitty-admin &>/dev/null || :
%service_add_pre %{hyperkitty_services}
%post -n %{hyperkitty_pkgname}-web
%{_sbindir}/hyperkitty-fix-permissions
# We need a SECRET_KEY for manage to work
if ! grep -q "^SECRET_KEY.*" %{hyperkitty_etcdir}/settings_local.py; then
echo "SECRET_KEY='$(openssl rand -base64 48)'" >> %{hyperkitty_etcdir}/settings_local.py
@@ -288,7 +282,6 @@ fi
%files -n %{hyperkitty_pkgname}-web
%doc README.SUSE.md
%{_sbindir}/hyperkitty-manage
%{_sbindir}/hyperkitty-fix-permissions
%{_sbindir}/rchyperkitty-qcluster
%{_sbindir}/rchyperkitty-runjob-*
%dir %{webapps_dir}
@@ -297,7 +290,7 @@ fi
%{_unitdir}/hyperkitty-runjob-*.service
%{_unitdir}/hyperkitty-runjob-*.timer
%defattr(-,hyperkitty-admin,hyperkitty)
%defattr(-,root,hyperkitty)
%dir %{hyperkitty_basedir}
%{hyperkitty_basedir}/__init__.py
%{hyperkitty_basedir}/manage.py
@@ -327,11 +320,11 @@ fi
%dir %{hyperkitty_localedir}
%attr(750,hyperkitty-admin,hyperkitty) %dir %{hyperkitty_etcdir}
%attr(640,hyperkitty-admin,hyperkitty) %config(noreplace) %{hyperkitty_etcdir}/settings_local.py
%attr(750,hyperkitty-admin,hyperkitty) %dir %{hyperkitty_libdir}
%attr(750,hyperkitty-admin,hyperkitty) %dir %{hyperkitty_datadir}
%attr(750,hyperkitty-admin,hyperkitty) %dir %{hyperkitty_logdir}
%attr(750,root,hyperkitty) %dir %{hyperkitty_etcdir}
%attr(640,root,hyperkitty) %config(noreplace) %{hyperkitty_etcdir}/settings_local.py
%attr(750,root,hyperkitty) %dir %{hyperkitty_libdir}
%attr(750,hyperkitty,hyperkitty) %dir %{hyperkitty_datadir}
%attr(770,root,hyperkitty) %dir %{hyperkitty_logdir}
%files -n %{hyperkitty_pkgname}-web-uwsgi
%dir %{_sysconfdir}/uwsgi