On Thu, Oct 22, 2020 at 02:43:41PM +0300, Arseny Maslennikov wrote:
> From: Alexey Gladkov <legion@altlinux.org>
> 
> Signed-off-by: Alexey Gladkov <legion@altlinux.org>
Signed-off-by: Arseny Maslennikov <arseny@altlinux.org>
> ---
>  hasher-priv/Makefile              |   6 ++
>  hasher-priv/hasher-priv.spec      |   9 ++-
>  hasher-priv/hasher-privd.service  |  14 ++++
>  hasher-priv/hasher-privd.sysvinit | 103 ++++++++++++++++++++++++++++++
>  4 files changed, 131 insertions(+), 1 deletion(-)
>  create mode 100644 hasher-priv/hasher-privd.service
>  create mode 100755 hasher-priv/hasher-privd.sysvinit
> 
> diff --git a/hasher-priv/Makefile b/hasher-priv/Makefile
> index 283249b..6e6b1e5 100644
> --- a/hasher-priv/Makefile
> +++ b/hasher-priv/Makefile
> @@ -14,6 +14,8 @@ MAN8PAGES = $(PROJECT).8 hasher-useradd.8
>  TARGETS = $(PROJECT) hasher-privd hasher-useradd $(HELPERS) $(MAN5PAGES) $(MAN8PAGES)
>  
>  sysconfdir = /etc
> +initdir=$(sysconfdir)/rc.d/init.d
> +systemd_unitdir=/lib/systemd/system
>  libexecdir = /usr/lib
>  sbindir = /usr/sbin
>  mandir = /usr/share/man
> @@ -73,6 +75,10 @@ install: all
>  	$(MKDIR_P) -m750 $(DESTDIR)$(helperdir)
>  	$(INSTALL) -p -m700 $(PROJECT) $(DESTDIR)$(helperdir)/
>  	$(INSTALL) -p -m755 $(HELPERS) $(DESTDIR)$(helperdir)/
> +	$(MKDIR_P) -m755 $(DESTDIR)$(systemd_unitdir)
> +	$(INSTALL) -p -m644 hasher-privd.service $(DESTDIR)$(systemd_unitdir)/
> +	$(MKDIR_P) -m755 $(DESTDIR)$(initdir)
> +	$(INSTALL) -p -m755 hasher-privd.sysvinit $(DESTDIR)$(initdir)/hasher-privd
>  	$(MKDIR_P) -m755 $(DESTDIR)$(sbindir)
>  	$(INSTALL) -p -m755 hasher-privd $(DESTDIR)$(sbindir)/
>  	$(INSTALL) -p -m755 hasher-useradd $(DESTDIR)$(sbindir)/
> diff --git a/hasher-priv/hasher-priv.spec b/hasher-priv/hasher-priv.spec
> index fac25cd..c4f0e0e 100644
> --- a/hasher-priv/hasher-priv.spec
> +++ b/hasher-priv/hasher-priv.spec
> @@ -33,7 +33,9 @@ required by hasher utilities.
>  %make_build CC="%__cc" CFLAGS="%optflags" libexecdir="%_libexecdir"
>  
>  %install
> -%makeinstall
> +%makeinstall \
> +	systemd_unitdir="%{?buildroot:%{buildroot}}%_unitdir" \
> +	#
>  
>  %pre
>  if getent group pkg-build > /dev/null; then
> @@ -52,10 +54,15 @@ groupadd -r -f hashman
>  %attr(750,root,hashman) %dir %configdir/user.d
>  %attr(640,root,hashman) %config(noreplace) %configdir/fstab
>  %attr(640,root,hashman) %config(noreplace) %configdir/system
> +%attr(640,root,hashman) %config(noreplace) %configdir/server
>  # helpers
>  %attr(750,root,hashman) %dir %helperdir
>  %attr(6710,root,hashman) %helperdir/%name
>  %attr(755,root,root) %helperdir/*.sh
> +# daemon
> +%_sbindir/hasher-privd
> +%_unitdir/hasher-privd.service
> +%_initdir/hasher-privd
>  
>  %doc DESIGN
>  
> diff --git a/hasher-priv/hasher-privd.service b/hasher-priv/hasher-privd.service
> new file mode 100644
> index 0000000..f44faa0
> --- /dev/null
> +++ b/hasher-priv/hasher-privd.service
> @@ -0,0 +1,14 @@
> +[Unit]
> +Description=A privileged helper for the hasher project
> +ConditionVirtualization=!container
> +Documentation=man:hasher-priv(8)
> +
> +[Service]
> +ExecStart=/usr/sbin/hasher-privd -f
> +Group=hashman
> +RuntimeDirectory=hasher-priv
> +RuntimeDirectoryMode=0710
> +Restart=on-failure
> +
> +[Install]
> +WantedBy=multi-user.target
> diff --git a/hasher-priv/hasher-privd.sysvinit b/hasher-priv/hasher-privd.sysvinit
> new file mode 100755
> index 0000000..263c9f7
> --- /dev/null
> +++ b/hasher-priv/hasher-privd.sysvinit
> @@ -0,0 +1,103 @@
> +#! /bin/sh
> +
> +### BEGIN INIT INFO
> +# Short-Description:    A privileged helper for the hasher project
> +# Description:          A privileged helper for the hasher project
> +# Provides:             hasher-priv
> +# Required-Start:       $remote_fs
> +# Required-Stop:        $remote_fs
> +# Default-Start:        2 3 4 5
> +# Default-Stop:         0 1 6
> +### END INIT INFO
> +
> +WITHOUT_RC_COMPAT=1
> +
> +# Source function library.
> +. /etc/init.d/functions
> +
> +NAME=hasher-privd
> +PIDFILE="/var/run/$NAME.pid"
> +LOCKFILE="/var/lock/subsys/$NAME"
> +RUNTIMEDIR="/run/hasher-priv"
> +RUNTIMEDIRMODE="0710"
> +GROUP=hashman
> +RETVAL=0
> +
> +ensure_runtime_directory()
> +{
> +	mkdir -p "$RUNTIMEDIR"
> +	chmod 0710 "$RUNTIMEDIR"
> +	chgrp "$GROUP" "$RUNTIMEDIR"
> +}
> +
> +ensure_no_runtime_directory()
> +{
> +	rm -rf "$RUNTIMEDIR"
> +}
> +
> +start()
> +{
> +	start_daemon --pidfile "$PIDFILE" --lockfile "$LOCKFILE" -- "$NAME"
> +	RETVAL=$?
> +	return $RETVAL
> +}
> +
> +stop()
> +{
> +	stop_daemon --pidfile "$PIDFILE" --lockfile "$LOCKFILE" "$NAME"
> +	RETVAL=$?
> +	return $RETVAL
> +}
> +
> +restart()
> +{
> +	stop
> +	start
> +}
> +
> +# See how we were called.
> +case "$1" in
> +	start)
> +		ensure_runtime_directory
> +		start
> +		;;
> +	stop)
> +		stop
> +		ensure_no_runtime_directory
> +		;;
> +	status)
> +		status --pidfile "$PIDFILE" "$NAME"
> +		RETVAL=$?
> +		;;
> +	restart)
> +		restart
> +		;;
> +	reload)
> +		restart
> +		;;
> +	condstart)
> +		if [ ! -e "$LOCKFILE" ]; then
> +			start
> +		fi
> +		;;
> +	condstop)
> +		if [ -e "$LOCKFILE" ]; then
> +			stop
> +		fi
> +		;;
> +	condrestart)
> +		if [ -e "$LOCKFILE" ]; then
> +			restart
> +		fi
> +		;;
> +	condreload)
> +		if [ -e "$LOCKFILE" ]; then
> +			reload
> +		fi
> +		;;
> +	*)
> +		msg_usage "${0##*/} {start|stop|status|restart|reload|condstart|condstop|condrestart|condreload}"
> +		RETVAL=1
> +esac
> +
> +exit $RETVAL
> -- 
> 2.25.4
> 
> _______________________________________________
> Devel mailing list
> Devel@lists.altlinux.org
> https://lists.altlinux.org/mailman/listinfo/devel