Resolves: rhbz#2095366 - [RFE] 389-ds-base systemd-sysusers

2023-03-08 15:06:11 -08:00 · 2023-03-08 15:06:11 -08:00 · a015873f47
parent 08a13cbd6e
commit a015873f47
2 changed files with 14 additions and 15 deletions
--- a/389-ds-base.spec
+++ b/389-ds-base.spec
@ -47,7 +47,7 @@ ExcludeArch: i686
 Summary:          389 Directory Server (base)
 Name:             389-ds-base
 Version:          2.2.4
-Release:          3%{?dist}
+Release:          4%{?dist}
 License:          GPLv3+ and (ASL 2.0 or MIT)
 URL:              https://www.port389.org
 Conflicts:        selinux-policy-base < 3.9.8
@ -175,6 +175,8 @@ BuildRequires:    openssl-devel
 BuildRequires:    pam-devel
 BuildRequires:    systemd-units
 BuildRequires:    systemd-devel
+BuildRequires:    systemd-rpm-macros
+%{?sysusers_requires_compat}
 %if %{use_asan}
 BuildRequires:    libasan
 %endif
@ -269,6 +271,7 @@ Source2:          %{name}-devel.README
 %if %{bundle_jemalloc}
 Source3:          https://github.com/jemalloc/%{jemalloc_name}/releases/download/%{jemalloc_ver}/%{jemalloc_name}-%{jemalloc_ver}.tar.bz2
 %endif
+Source4:          389-ds-base.sysusers
 Patch01:          0001-Issue-3729-cont-RFE-Extend-log-of-operations-statist.patch
 Patch02:          0002-Issue-5544-Increase-default-task-TTL.patch
 Patch03:          0003-Issue-5413-Allow-mutliple-MemberOf-fixup-tasks-with-.patch
@ -499,6 +502,7 @@ mkdir -p $RPM_BUILD_ROOT/var/lock/%{pkgname}

 # for systemd
 mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/systemd/system/%{groupname}.wants
+install -p -D -m 0644 %{SOURCE4} %{buildroot}%{_sysusersdir}/389-ds-base.conf

 # remove libtool archives and static libs
 rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/*.a
@ -533,20 +537,8 @@ fi

 # https://fedoraproject.org/wiki/Packaging:UsersAndGroups#Soft_static_allocation
 # Soft static allocation for UID and GID
-USERNAME="dirsrv"
-ALLOCATED_UID=389
-GROUPNAME="dirsrv"
-ALLOCATED_GID=389
-HOMEDIR="/usr/share/dirsrv"
-
-getent group $GROUPNAME >/dev/null || /usr/sbin/groupadd -f -g $ALLOCATED_GID -r $GROUPNAME
-if ! getent passwd $USERNAME >/dev/null ; then
-    if ! getent passwd $ALLOCATED_UID >/dev/null ; then
-      /usr/sbin/useradd -r -u $ALLOCATED_UID -g $GROUPNAME -d $HOMEDIR -s /sbin/nologin -c "user for 389-ds-base" $USERNAME
-    else
-      /usr/sbin/useradd -r -g $GROUPNAME -d $HOMEDIR -s /sbin/nologin -c "user for 389-ds-base" $USERNAME
-    fi
-fi
+# sysusers.d format https://fedoraproject.org/wiki/Changes/Adopting_sysusers.d_format
+%sysusers_create_compat %{SOURCE4}

 # Reload our sysctl before we restart (if we can)
 sysctl --system &> $output; true
@ -620,6 +612,7 @@ exit 0
 %config(noreplace)%{_sysconfdir}/%{pkgname}/schema/*.ldif
 %dir %{_sysconfdir}/%{pkgname}/config
 %dir %{_sysconfdir}/systemd/system/%{groupname}.wants
+%{_sysusersdir}/389-ds-base.conf
 %config(noreplace)%{_sysconfdir}/%{pkgname}/config/slapd-collations.conf
 %config(noreplace)%{_sysconfdir}/%{pkgname}/config/certmap.conf
 %{_datadir}/%{pkgname}
@ -723,6 +716,9 @@ exit 0
 %endif

 %changelog
+* Wed Mar 08 2023 Simon Pichugin <spichugi@redhat.com> - 2.2.4-4
+- Resolves: rhbz#2095366 - [RFE] 389-ds-base systemd-sysusers
+
 * Tue Dec 13 2022 Mark Reynolds <mreynolds@redhat.com> - 2.2.4-3
 - Bump version to 2.2.4-3
 - Resolves: rhbz#2142636 - pam mutex lock causing high etimes, affecting red hat internal sso
--- a/389-ds-base.sysusers
+++ b/389-ds-base.sysusers
@ -0,0 +1,3 @@
+#Type Name     ID             GECOS                   Home directory       Shell
+g     dirsrv   389
+u     dirsrv   389:389        "user for 389-ds-base"  /usr/share/dirsrv/   /sbin/nologin