Accepting request 1153587 from home:ateixeira:branches:security:sensor

- Reintroduce system-user-velociraptor package due to client %pre and %postun scripts depending on velociraptor user and group. OBS-URL: https://build.opensuse.org/request/show/1153587 OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=64
2024-02-29 19:22:00 +00:00 · 2024-02-29 19:22:00 +00:00 · 5968657952
commit 5968657952
parent b0c8b246d2
2 changed files with 26 additions and 11 deletions
--- a/velociraptor.changes
+++ b/velociraptor.changes
@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Thu Feb 29 18:48:52 UTC 2024 - Antonio Teixeira <antonio.teixeira@suse.com>
+
+- Reintroduce system-user-velociraptor package due to client %pre
+  and %postun scripts depending on velociraptor user and group.
+
 -------------------------------------------------------------------
 Tue Feb 27 22:37:09 UTC 2024 - Antonio Teixeira <antonio.teixeira@suse.com>

--- a/velociraptor.spec
+++ b/velociraptor.spec
@ -1,5 +1,5 @@
 #
-# spec file
+# spec file for package velociraptor
 #
 # Copyright (c) 2024 SUSE LLC
 #
@ -53,6 +53,7 @@

 %if "%{_vendor}" == "debbuild"
 %define _unitdir /usr/lib/systemd/system
+%define VERSION %{version}
 %endif

 #Compat macro for new _fillupdir macro introduced in Nov 2017
@ -1037,8 +1038,6 @@ BuildRequires:  zlib-devel
 BuildRequires:  sysuser-tools
 Requires:       group(velociraptor)
 Requires:       user(velociraptor)
-Provides:       system-user-velociraptor = 1.0.1
-Obsoletes:      system-user-velociraptor < 1.0.1
 %{?sysusers_requires}
 %endif

@ -1079,6 +1078,17 @@ https://docs.velociraptor.app/
 This package contains the velociraptor server and full console GUI.
 For just the endpoint agent, please install the 'velociraptor-client' package.

+%package -n system-user-velociraptor
+Summary:        System user and group 'velociraptor'
+Version:        1.0.0
+License:        Apache-2.0
+Group:          System/Monitoring
+Provides:       group(velociraptor)
+Provides:       user(velociraptor)
+
+%description -n system-user-velociraptor
+This package provides a shared system user for all velociraptor components
+
 %endif

 %if %{build_client}
@ -1095,11 +1105,11 @@ console, please install the 'velociraptor' package.
 %endif

 %prep
-%setup -q -a 1 -a 2 -n %{projname}-%{version}
+%setup -q -a 1 -a 2 -n %{projname}-%{VERSION}
 %autopatch -p1

 # Set the version to something more specific than <next-tag>-dev
-sed -ie "s/\([[:space:]]VERSION *= \).*/\1 \"%{version}\"/" constants/constants.go
+sed -ie "s/\([[:space:]]VERSION *= \).*/\1 \"%{VERSION}\"/" constants/constants.go

 %if %{with bpf}
 mkdir -p third_party/libbpfgo/output
@ -1178,7 +1188,7 @@ install -D -m 0644 "$sysconfig_file_source" %{buildroot}/%{_sysconfdir}/default/

 install -D -m 0644 "$service_file_source" %{buildroot}%{_unitdir}/%{name}.service
 install -D -m 0640 "$config_file_source" "%{buildroot}%{_sysconfdir}/velociraptor/$config_file"
-install -D -m 0755 output/velociraptor-v%{version}-linux-* %buildroot/%{_bindir}/%{name}
+install -D -m 0755 output/velociraptor-v%{VERSION}-linux-* %buildroot/%{_bindir}/%{name}

 %files
 %defattr(-, root, root)
@ -1202,16 +1212,15 @@ install -D -m 0755 output/velociraptor-v%{version}-linux-* %buildroot/%{_bindir}
 %dir %attr(%{state_dir_perms}) %{_sharedstatedir}/%{name}/tmp

 %if %{build_server}
+%files -n system-user-velociraptor
+%defattr(-, root, root)
 %{_sysusersdir}/system-user-velociraptor.conf
+
+%pre -n system-user-velociraptor -f velociraptor-user.pre
 %endif

 %if 0%{?suse_version}
-%if %{build_server}
-%pre -f velociraptor-user.pre
-%else
-
 %pre
-%endif
 %service_add_pre %{name}.service

 %post