rpms/freeradius
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Use sysusers.d format for user and group creation

Browse Source 
Resolves: 2095741
Signed-off-by: Antonio Torres <antorres@redhat.com>
This commit is contained in:
Antonio Torres 2022-06-24 14:00:48 +02:00
parent 3e1b0c3e5c
commit a688847dcf
No known key found for this signature in database
GPG Key ID: 359FAF777296F653
2 changed files with 12 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
freeradius.spec
View File

@ -1,7 +1,7 @@
Summary: High-performance and highly configurable free RADIUS server Summary: High-performance and highly configurable free RADIUS server
Name: freeradius Name: freeradius
Version: 3.0.25 Version: 3.0.25
Release: 6%{?dist} Release: 7%{?dist}
License: GPLv2+ and LGPLv2+ License: GPLv2+ and LGPLv2+
URL: http://www.freeradius.org/ URL: http://www.freeradius.org/
@ -19,6 +19,7 @@ Source100: radiusd.service
Source102: freeradius-logrotate Source102: freeradius-logrotate
Source103: freeradius-pam-conf Source103: freeradius-pam-conf
Source104: freeradius-tmpfiles.conf Source104: freeradius-tmpfiles.conf
Source105: freeradius.sysusers
Patch1: freeradius-Adjust-configuration-to-fit-Red-Hat-specifics.patch Patch1: freeradius-Adjust-configuration-to-fit-Red-Hat-specifics.patch
Patch2: freeradius-Use-system-crypto-policy-by-default.patch Patch2: freeradius-Use-system-crypto-policy-by-default.patch
@ -45,6 +46,7 @@ BuildRequires: systemd-units
BuildRequires: libtalloc-devel BuildRequires: libtalloc-devel
BuildRequires: pcre-devel BuildRequires: pcre-devel
BuildRequires: chrpath BuildRequires: chrpath
BuildRequires: systemd-rpm-macros
%if ! 0%{?rhel} %if ! 0%{?rhel}
BuildRequires: libyubikey-devel BuildRequires: libyubikey-devel
@ -275,6 +277,7 @@ mkdir -p %{buildroot}%{_localstatedir}/run/
install -d -m 0710 %{buildroot}%{_localstatedir}/run/radiusd/ install -d -m 0710 %{buildroot}%{_localstatedir}/run/radiusd/
install -d -m 0700 %{buildroot}%{_localstatedir}/run/radiusd/tmp install -d -m 0700 %{buildroot}%{_localstatedir}/run/radiusd/tmp
install -m 0644 %{SOURCE104} %{buildroot}%{_tmpfilesdir}/radiusd.conf install -m 0644 %{SOURCE104} %{buildroot}%{_tmpfilesdir}/radiusd.conf
install -p -D -m 0644 %{SOURCE105} %{buildroot}%{_sysusersdir}/freeradius.conf
# install SNMP MIB files # install SNMP MIB files
mkdir -p $RPM_BUILD_ROOT%{_datadir}/snmp/mibs/ mkdir -p $RPM_BUILD_ROOT%{_datadir}/snmp/mibs/
@ -358,20 +361,13 @@ EOF
# Make sure our user/group is present prior to any package or subpackage installation # Make sure our user/group is present prior to any package or subpackage installation
%pre %pre
getent group radiusd >/dev/null || /usr/sbin/groupadd -r -g 95 radiusd > /dev/null 2>&1 %sysusers_create_compat %{SOURCE105}
getent passwd radiusd >/dev/null || /usr/sbin/useradd -r -g radiusd -u 95 -c "radiusd user" -d %{_localstatedir}/lib/radiusd -s /sbin/nologin radiusd > /dev/null 2>&1
exit 0
%preun %preun
%systemd_preun radiusd.service %systemd_preun radiusd.service
%postun %postun
%systemd_postun_with_restart radiusd.service %systemd_postun_with_restart radiusd.service
if [ $1 -eq 0 ]; then # uninstall
getent passwd radiusd >/dev/null && /usr/sbin/userdel radiusd > /dev/null 2>&1
getent group radiusd >/dev/null && /usr/sbin/groupdel radiusd > /dev/null 2>&1
fi
exit 0
/bin/systemctl try-restart radiusd.service >/dev/null 2>&1 || : /bin/systemctl try-restart radiusd.service >/dev/null 2>&1 || :
@ -390,6 +386,7 @@ exit 0
%config(noreplace) %{_sysconfdir}/ld.so.conf.d/%{name}-%{_arch}.conf %config(noreplace) %{_sysconfdir}/ld.so.conf.d/%{name}-%{_arch}.conf
%{_unitdir}/radiusd.service %{_unitdir}/radiusd.service
%{_tmpfilesdir}/radiusd.conf %{_tmpfilesdir}/radiusd.conf
%{_sysusersdir}/freeradius.conf
%dir %attr(710,radiusd,radiusd) %{_localstatedir}/run/radiusd %dir %attr(710,radiusd,radiusd) %{_localstatedir}/run/radiusd
%dir %attr(700,radiusd,radiusd) %{_localstatedir}/run/radiusd/tmp %dir %attr(700,radiusd,radiusd) %{_localstatedir}/run/radiusd/tmp
%dir %attr(755,radiusd,radiusd) %{_localstatedir}/lib/radiusd %dir %attr(755,radiusd,radiusd) %{_localstatedir}/lib/radiusd
@ -899,6 +896,10 @@ exit 0
%attr(640,root,radiusd) %config(noreplace) /etc/raddb/mods-available/rest %attr(640,root,radiusd) %config(noreplace) /etc/raddb/mods-available/rest
%changelog %changelog
* Fri Jun 24 2022 Antonio Torres <antorres@redhat.com> - 3.0.25-7
- Dynamically allocate users using sysusers.d format
Related: #2095741
* Mon Jun 13 2022 Python Maint <python-maint@redhat.com> - 3.0.25-6 * Mon Jun 13 2022 Python Maint <python-maint@redhat.com> - 3.0.25-6
- Rebuilt for Python 3.11 - Rebuilt for Python 3.11

2
freeradius.sysusers Normal file
View File

@ -0,0 +1,2 @@
#Type Name ID GECOS Home directory Shell
u radiusd - "radiusd user" /var/lib/radiusd /sbin/nologin