diff --git a/velociraptor-client.service b/velociraptor-client.service index 19ede17..4ec6a93 100644 --- a/velociraptor-client.service +++ b/velociraptor-client.service @@ -9,6 +9,7 @@ UMask=0027 MemoryHigh=4G MemoryMax=8G EnvironmentFile=-/etc/sysconfig/velociraptor-client +EnvironmentFile=-/etc/default/velociraptor-client Environment=TMPDIR=/var/lib/velociraptor-client/tmp ExecStart=/usr/bin/velociraptor-client client --config /etc/velociraptor/client.config $VELOCIRAPTOR_CLIENT_OPTS diff --git a/velociraptor.changes b/velociraptor.changes index 6d2f739..92514d7 100644 --- a/velociraptor.changes +++ b/velociraptor.changes @@ -1,3 +1,29 @@ +------------------------------------------------------------------- +Wed Dec 20 21:08:36 UTC 2023 - Jeff Mahoney + +- Added workaround for missing Maintainers tag in Debian-based packages. + obs-service-format_spec_file strips the Packager tag from the spec file + before committing. The build service replaces it with its own. debbuild + expects the Packager field to be present to generate the Maintainers tag + in the output but it only receives the "cleaned" spec file. + +------------------------------------------------------------------- +Tue Dec 19 21:53:37 UTC 2023 - Jeff Mahoney + +- Added Recommends: auditd + - Technically not *required* but Velociraptor's audit client enables + audit and then listens on the multicast socket. Without a listener + on the unicast socket, the kernel will spam the system log with events. + +------------------------------------------------------------------- +Tue Dec 19 19:29:06 UTC 2023 - Jeff Mahoney + +- Fixed debian packaging: + * /etc/sysconfig -> /etc/default + * %postun for systemd service cleanup + * Note: obs-service-format_spec_file strips the Packager tag that + debbuild uses to generate the Maintainer tag + ------------------------------------------------------------------- Tue Dec 19 14:24:44 UTC 2023 - Jeff Mahoney diff --git a/velociraptor.service b/velociraptor.service index 0e11022..95f9039 100644 --- a/velociraptor.service +++ b/velociraptor.service @@ -7,6 +7,7 @@ UMask=0027 User=velociraptor Group=velociraptor EnvironmentFile=-/etc/sysconfig/velociraptor +EnvironmentFile=-/etc/default/velociraptor Environment=TMPDIR=/var/lib/velociraptor/tmp ExecStart=/usr/bin/velociraptor frontend --verbose --config /etc/velociraptor/server.config $VELOCIRAPTOR_OPTS diff --git a/velociraptor.spec b/velociraptor.spec index c03ff6c..03a246e 100644 --- a/velociraptor.spec +++ b/velociraptor.spec @@ -1057,6 +1057,14 @@ ExclusiveArch: x86_64 ppc64le aarch64 s390x ExclusiveArch: do_not_build %endif +# Not *required* but without it, we spam the system log +Recommends: auditd + +%if "%{vendor}" == "debbuild" +%define mtag Packager: https://www.suse.com +%mtag +%endif + %if %{build_server} %description Velociraptor is a tool for collecting host based state information @@ -1159,8 +1167,14 @@ sysconfig_file_source=%{SOURCE8} config_file=client.config %endif -install -D -m 0644 "$service_file_source" %{buildroot}%{_unitdir}/%{name}.service +%if 0%{?suse_version} install -D -m 0644 "$sysconfig_file_source" %{buildroot}%{_fillupdir}/sysconfig.%{name} +%endif +%if "%{vendor}" == "debbuild" +install -D -m 0644 "$sysconfig_file_source" %{buildroot}/%{_sysconfdir}/default/%{name} +%endif + +install -D -m 0644 "$service_file_source" %{buildroot}%{_unitdir}/%{name}.service install -D -m 0640 "$config_file_source" "%{buildroot}%{_sysconfdir}/velociraptor/$config_file" install -D -m 0755 output/velociraptor-v%{version}-linux-* %buildroot/%{_bindir}/%{name} @@ -1170,7 +1184,12 @@ install -D -m 0755 output/velociraptor-v%{version}-linux-* %buildroot/%{_bindir} %doc README.md %{_bindir}/%{name} %{_unitdir}/%{name}.service +%if 0%{?suse_version} %{_fillupdir}/sysconfig.%{name} +%endif +%if "%{vendor}" == "debbuild" +%{_sysconfdir}/default/%{name} +%endif %dir %attr(-, root, velociraptor) %{_sysconfdir}/velociraptor @@ -1184,7 +1203,7 @@ install -D -m 0755 output/velociraptor-v%{version}-linux-* %buildroot/%{_bindir} %{_sysusersdir}/system-user-velociraptor.conf %endif -%if "%{_vendor}" != "debbuild" +%if 0%{?suse_version} %if %{build_server} %pre -f velociraptor-user.pre %else @@ -1202,7 +1221,22 @@ install -D -m 0755 output/velociraptor-v%{version}-linux-* %buildroot/%{_bindir} %postun %service_del_postun %{name}.service +%endif +%if "%{_vendor}" != "debbuild" +%postun +# Automatically added by dh_installsystemd/13.11.4 +if [ "$1" = remove ] && [ -d /run/systemd/system ] ; then + systemctl --system daemon-reload >/dev/null || true +fi +# End automatically added section +# Automatically added by dh_installsystemd/13.11.4 +if [ "$1" = "purge" ]; then + if [ -x "/usr/bin/deb-systemd-helper" ]; then + deb-systemd-helper purge 'velociraptor-client.service' >/dev/null || true + fi +fi +# End automatically added section %endif %changelog