[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-exchange] branch master updated: improve Debian package
From: |
gnunet |
Subject: |
[taler-exchange] branch master updated: improve Debian package |
Date: |
Sat, 09 Sep 2023 15:03:16 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository exchange.
The following commit(s) were added to refs/heads/master by this push:
new 5f17d63c improve Debian package
5f17d63c is described below
commit 5f17d63c4cc7721a752c48170a66cb076040e1e0
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Sat Sep 9 15:03:13 2023 +0200
improve Debian package
---
contrib/taler-exchange-dbconfig | 22 +++++++++++++---------
debian/taler-auditor.postinst | 2 +-
debian/taler-auditor.postrm | 9 ++++++++-
debian/taler-exchange.postinst | 4 ++--
debian/taler-exchange.postrm | 24 ++++++++++++++++++++++++
5 files changed, 48 insertions(+), 13 deletions(-)
diff --git a/contrib/taler-exchange-dbconfig b/contrib/taler-exchange-dbconfig
index 7d33aa64..dc92abbd 100755
--- a/contrib/taler-exchange-dbconfig
+++ b/contrib/taler-exchange-dbconfig
@@ -22,15 +22,17 @@ set -eu
RESET_DB=0
SKIP_DBINIT=0
DBUSER="taler-exchange-httpd"
+DBGROUP="taler-exchange-db"
DBNAME="exchange"
CFGFILE="/etc/taler/secrets/exchange-db.secret.conf"
# Parse command-line options
-while getopts ':hn:rsu:' OPTION; do
+while getopts ':g:hn:rsu:' OPTION; do
case "$OPTION" in
h)
echo 'Supported options:'
echo " -c FILENAME -- write configuration to FILENAME (default:
$CFGFILE)"
+ echo " -g GROUP -- taler-exchange to be run by GROUP
(default: $DBGROUP)"
echo " -h -- print this help text"
echo " -n NAME -- user NAME for database name (default:
$DBNAME)"
echo " -r -- reset database (dangerous)"
@@ -86,7 +88,7 @@ if sudo -i -u postgres psql "$DBNAME" < /dev/null 2> /dev/null
then
if [ 1 = "$RESET_DB" ]
then
- echo "Deleting existing database $DBNAME." 1>&2
+ echo "Deleting existing database '$DBNAME'." 1>&2
sudo -i -u postgres dropdb "$DBNAME"
else
echo "Database '$DBNAME' already exists, refusing to setup again."
@@ -95,14 +97,14 @@ then
fi
fi
-echo "Setting up database user $DBUSER." 1>&2
+echo "Setting up database user '$DBUSER'." 1>&2
if ! sudo -i -u postgres createuser "$DBUSER" 2> /dev/null
then
echo "Database user '$DBUSER' already existed. Continuing anyway." 1>&2
fi
-echo "Creating database $DBNAME." 1>&2
+echo "Creating database '$DBNAME'." 1>&2
if ! sudo -i -u postgres createdb -O "$DBUSER" "$DBNAME"
then
@@ -112,19 +114,21 @@ fi
if [ -f "$CFGFILE" ]
then
- echo "Adding database configuration to $CFGFILE." 1>&2
+ echo "Adding database configuration to '$CFGFILE'." 1>&2
echo -e "[exchangedb-postgres]\nCONFIG=postgres:///$DBNAME\n" >> "$CFGFILE"
+ chown root:"$DBGROUP" "$CFGFILE"
+ chmod 640 "$CFGFILE"
else
- echo "Configuration $CFGFILE does not yet exist, creating it." 1>&2
+ echo "Configuration '$CFGFILE' does not yet exist, creating it." 1>&2
mkdir -p "$(dirname "$CFGFILE")"
echo -e "[exchangedb-postgres]\nCONFIG=postgres:///$DBNAME\n" >> "$CFGFILE"
- chown "$DBUSER":root "$CFGFILE"
- chmod 460 "$CFGFILE"
+ chown root:"$DBGROUP" "$CFGFILE"
+ chmod 640 "$CFGFILE"
fi
if [ 0 = "$SKIP_DBINIT" ]
then
- echo "Initializing database $DBNAME." 1>&2
+ echo "Initializing database '$DBNAME'." 1>&2
sudo -u "$DBUSER" taler-exchange-dbinit
fi
diff --git a/debian/taler-auditor.postinst b/debian/taler-auditor.postinst
index 4e89be22..d65fd8c5 100644
--- a/debian/taler-auditor.postinst
+++ b/debian/taler-auditor.postinst
@@ -22,7 +22,7 @@ configure)
if ! dpkg-statoverride --list /etc/taler/secrets/auditor-db.secret.conf
>/dev/null 2>&1; then
dpkg-statoverride --add --update \
- ${_USERNAME} ${_GROUPNAME} 660 \
+ ${_USERNAME} ${_GROUPNAME} 640 \
/etc/taler/secrets/auditor-db.secret.conf
fi
diff --git a/debian/taler-auditor.postrm b/debian/taler-auditor.postrm
index 752510e6..639e3241 100644
--- a/debian/taler-auditor.postrm
+++ b/debian/taler-auditor.postrm
@@ -6,9 +6,16 @@ if [ -f /usr/share/debconf/confmodule ]; then
. /usr/share/debconf/confmodule
fi
+_USERNAME=taler-auditor-httpd
+_GROUPNAME=taler-auditor-httpd
+
case "${1}" in
purge)
- ;;
+ dpkg-statoverride --remove \
+ /etc/taler/secrets/auditor-db.secret.conf || true
+ deluser --system --quiet ${_USERNAME} || true
+ delgroup --only-if-empty --quiet ${_GROUPNAME} || true
+ ;;
remove | upgrade | failed-upgrade | abort-install | abort-upgrade | disappear)
;;
*)
diff --git a/debian/taler-exchange.postinst b/debian/taler-exchange.postinst
index 892e4847..6278dac1 100644
--- a/debian/taler-exchange.postinst
+++ b/debian/taler-exchange.postinst
@@ -56,13 +56,13 @@ configure)
if ! dpkg-statoverride --list
/etc/taler/secrets/exchange-accountcredentials-1.secret.conf >/dev/null 2>&1;
then
dpkg-statoverride --add --update \
- ${_WIREUSERNAME} root 460 \
+ ${_WIREUSERNAME} root 640 \
/etc/taler/secrets/exchange-accountcredentials-1.secret.conf
fi
if ! dpkg-statoverride --list /etc/taler/secrets/exchange-db.secret.conf
>/dev/null 2>&1; then
dpkg-statoverride --add --update \
- root ${_DBGROUPNAME} 660 \
+ root ${_DBGROUPNAME} 640 \
/etc/taler/secrets/exchange-db.secret.conf
fi
diff --git a/debian/taler-exchange.postrm b/debian/taler-exchange.postrm
index 6488d268..9edf548a 100644
--- a/debian/taler-exchange.postrm
+++ b/debian/taler-exchange.postrm
@@ -2,6 +2,17 @@
set -e
+_GROUPNAME=taler-exchange-secmod
+_DBGROUPNAME=taler-exchange-db
+_EUSERNAME=taler-exchange-httpd
+_CLOSERUSERNAME=taler-exchange-closer
+_CSECUSERNAME=taler-exchange-secmod-cs
+_RSECUSERNAME=taler-exchange-secmod-rsa
+_ESECUSERNAME=taler-exchange-secmod-eddsa
+_AGGRUSERNAME=taler-exchange-aggregator
+_WIREUSERNAME=taler-exchange-wire
+
+
if [ -f /usr/share/debconf/confmodule ]; then
. /usr/share/debconf/confmodule
fi
@@ -9,6 +20,19 @@ fi
case "${1}" in
purge)
rm -rf /var/lib/taler/exchange-offline /var/lib/taler/exchange-secmod-*
+ dpkg-statoverride --remove \
+ /etc/taler/secrets/exchange-accountcredentials-1.secret.conf || true
+ dpkg-statoverride --remove \
+ /etc/taler/secrets/exchange-db.secret.conf || true
+ deluser --quiet --system ${_CSECUSERNAME} || true
+ deluser --quiet --system ${_RSECUSERNAME} || true
+ deluser --quiet --system ${_ESECUSERNAME} || true
+ deluser --quiet --system ${_AGGRUSERNAME} || true
+ deluser --quiet --system ${_WIREUSERNAME} || true
+ deluser --quiet --system ${_CLOSERUSERNAME} || true
+ deluser --quiet --system ${_EUSERNAME} || true
+ delgroup --only-if-empty --quiet ${_DBGROUPNAME} || true
+ delgroup --only-if-empty --quiet ${_GROUPNAME} || true
;;
remove | upgrade | failed-upgrade | abort-install | abort-upgrade | disappear)
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-exchange] branch master updated: improve Debian package,
gnunet <=