[crux-commits] ports/opt (3.3): chrony: run the daemon as system user chrony

commit 35af3bca43e5207b1f889d3a2e7e8ef6301a54d4 Author: Juergen Daubert <jue@jue.li> Date: Fri Nov 25 17:51:29 2016 +0100 chrony: run the daemon as system user chrony diff --git a/chrony/.footprint b/chrony/.footprint index 53004ba..b122ba1 100644 --- a/chrony/.footprint +++ b/chrony/.footprint @@ -17,8 +17,8 @@ drwxr-xr-x root/root usr/share/man/man8/ -rw-r--r-- root/root usr/share/man/man8/chronyd.8.gz drwxr-xr-x root/root var/ drwxr-xr-x root/root var/lib/ -drwxr-xr-x root/root var/lib/chrony/ +drwxr-x--- chrony/chrony var/lib/chrony/ drwxr-xr-x root/root var/log/ -drwxr-xr-x root/root var/log/chrony/ +drwxr-x--- chrony/chrony var/log/chrony/ drwxr-xr-x root/root var/run/ -drwxr-x--- root/root var/run/chrony/ +drwxr-x--- chrony/chrony var/run/chrony/ diff --git a/chrony/.md5sum b/chrony/.md5sum index babd259..718e57d 100644 --- a/chrony/.md5sum +++ b/chrony/.md5sum @@ -1,2 +1,2 @@ d08dd5a7d79a89891d119adcccb4397d chrony-2.4.1.tar.gz -4bdea4aea28853c7be54ffdb9f6b87a8 chronyd +b34048039655b0eba564f10cca23e3ce chronyd diff --git a/chrony/Pkgfile b/chrony/Pkgfile index 63dbb52..fbbd172 100644 --- a/chrony/Pkgfile +++ b/chrony/Pkgfile @@ -5,19 +5,19 @@ name=chrony version=2.4.1 -release=1 +release=2 source=(http://download.tuxfamily.org/$name/$name-$version.tar.gz chronyd) build () { cd $name-$version - ./configure --prefix=/usr + ./configure --prefix=/usr --with-user=chrony + make make DESTDIR=$PKG install - install -d $PKG/var/{lib,log}/chrony - install -d -m 0750 $PKG/var/run/chrony + install -d -o chrony -g chrony -m 0750 $PKG/var/{lib,log,run}/chrony install -D -m 0755 $SRC/chronyd $PKG/etc/rc.d/chronyd install examples/chrony.conf.example1 $PKG/etc/chrony.conf } diff --git a/chrony/README b/chrony/README new file mode 100644 index 0000000..752308b --- /dev/null +++ b/chrony/README @@ -0,0 +1,15 @@ +README for chrony 2.4.x + +REQUIREMENTS + +PRE-INSTALL + Run the included pre-install script to create a new + user/group chrony. + +PRECAUTION + As of version 2.4.1-2 chrony no longer runs as root + but as a dedicated user/group chrony. + Chown all files and directories created by chrony + to chrony:chrony or run the supplied post-install + script. + diff --git a/chrony/chronyd b/chrony/chronyd index b9bcac1..e6629e7 100644 --- a/chrony/chronyd +++ b/chrony/chronyd @@ -13,7 +13,7 @@ start) $SSD --start --pidfile $PID --exec $PROG -- $OPTS ;; stop) - $SSD --stop --retry 10 --pidfile $PID + $SSD --stop --remove-pidfile --retry 10 --pidfile $PID ;; restart) $0 stop diff --git a/chrony/post-install b/chrony/post-install new file mode 100644 index 0000000..cd6276a --- /dev/null +++ b/chrony/post-install @@ -0,0 +1,4 @@ +#!/bin/sh + +chown -R chrony:chrony /var/lib/chrony /var/log/chrony + diff --git a/chrony/pre-install b/chrony/pre-install new file mode 100644 index 0000000..b8b8f93 --- /dev/null +++ b/chrony/pre-install @@ -0,0 +1,6 @@ +#!/bin/sh + +getent group chrony || /usr/sbin/groupadd -g 55 chrony +getent passwd chrony || /usr/sbin/useradd -g chrony -u 55 -d /var/lib/chrony -s /bin/false chrony +/usr/bin/passwd -l chrony +