Browse Source

Rework "Run as _tang user", set group in xinetd

Christoph Biedl 2 years ago
parent
commit
c517a28cb1

+ 2 - 1
debian/patches/debian/2021-09-30.xinetd-support.patch

@@ -9,7 +9,7 @@ Forwarded: not-needed
 
 --- a/units/tangdx
 +++ b/units/tangdx
-@@ -1,10 +1,10 @@
+@@ -1,10 +1,11 @@
  service tangd
  {
      port            = 8888
@@ -19,6 +19,7 @@ Forwarded: not-needed
      socket_type     = stream
 -    user            = root
 +    user            = _tang
++    group           = _tang
      wait            = no
      log_on_success  += USERID
      log_on_failure  += USERID

+ 4 - 5
debian/patches/debian/2021-09-30.run-as-tang-user.patch

@@ -1,13 +1,12 @@
 Subject: Run tang as the _tang system user
 Author: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
 Date: 2021-09-30
-Forwarded: not-needed
+Forwarded: https://github.com/latchset/tang/issues/82
 
 --- a/units/tangd@.service.in
 +++ b/units/tangd@.service.in
-@@ -7,3 +7,5 @@
- StandardOutput=socket
+@@ -8,3 +8,4 @@
  StandardError=journal
  ExecStart=@libexecdir@/tangd @jwkdir@
-+User=_tang
-+Group=_tang
+ User=@user@
++Group=@group@

+ 1 - 1
debian/patches/series

@@ -4,9 +4,9 @@
 # patches for upstream
 for-upstream/2018-08-11.use-asciidoctor-to-build-manpages.patch
 for-upstream/2018-08-12.add-systemd-documentation-key.patch
+for-upstream/2021-09-30.run-as-tang-user.patch
 
 # patches for Debian
 debian/2021-04-19.non-usrmerged.patch
-debian/2021-09-30.run-as-tang-user.patch
 debian/2021-09-30.use-var-lib.patch
 debian/2021-09-30.xinetd-support.patch

+ 5 - 0
debian/rules

@@ -7,6 +7,11 @@ include /usr/share/dpkg/buildflags.mk
 %:
 	dh $@ --buildsystem=meson
 
+override_dh_auto_configure:
+	dh_auto_configure -- \
+		-Duser=_tang \
+		-Dgroup=_tang
+
 override_dh_auto_install:
 	dh_auto_install --buildsystem=meson
 	[ -d debian/tmp/usr/share/licenses ]