rpms/unbound
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Use systemd-sysusers for user creation (#2105416)

Browse Source
This commit is contained in:
Petr Menšík 2022-12-01 17:30:31 +01:00
parent e70e0f040e
commit 0953d81204
2 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
unbound.spec
View File

@ -53,6 +53,7 @@ Source17: unbound-anchor.service
Source18: https://nlnetlabs.nl/downloads/%{name}/%{name}-%{version}%{?extra_version}.tar.gz.asc Source18: https://nlnetlabs.nl/downloads/%{name}/%{name}-%{version}%{?extra_version}.tar.gz.asc
# source: https://nlnetlabs.nl/people/ # source: https://nlnetlabs.nl/people/
Source19: https://keys.openpgp.org/pks/lookup?op=get&search=0x9F6F1C2D7E045F8D#/wouter.nlnetlabs.nl.key Source19: https://keys.openpgp.org/pks/lookup?op=get&search=0x9F6F1C2D7E045F8D#/wouter.nlnetlabs.nl.key
Source20: unbound.sysusers
BuildRequires: gcc, make BuildRequires: gcc, make
@ -92,6 +93,7 @@ Requires: %{name}-anchor%{?_isa} = %{version}-%{release}
Recommends: %{name}-utils%{?_isa} = %{version}-%{release} Recommends: %{name}-utils%{?_isa} = %{version}-%{release}
# unbound-keygen.service requires it, bug #2116790 # unbound-keygen.service requires it, bug #2116790
Requires: openssl Requires: openssl
Requires(pre): systemd-sysusers
%description %description
Unbound is a validating, recursive, and caching DNS(SEC) resolver. Unbound is a validating, recursive, and caching DNS(SEC) resolver.
@ -290,6 +292,7 @@ install -p -m 0644 %{SOURCE17} %{buildroot}%{_unitdir}/unbound-anchor.service
install -p -m 0755 %{SOURCE2} %{buildroot}%{_sysconfdir}/unbound install -p -m 0755 %{SOURCE2} %{buildroot}%{_sysconfdir}/unbound
install -p -m 0644 %{SOURCE12} %{buildroot}%{_sysconfdir}/unbound install -p -m 0644 %{SOURCE12} %{buildroot}%{_sysconfdir}/unbound
install -p -m 0644 %{SOURCE14} %{buildroot}%{_sysconfdir}/sysconfig/unbound install -p -m 0644 %{SOURCE14} %{buildroot}%{_sysconfdir}/sysconfig/unbound
install -p -D -m 0644 %{SOURCE20} %{buildroot}%{_sysusersdir}/%{name}.sysusers
%if %{with_munin} %if %{with_munin}
# Install munin plugin and its softlinks # Install munin plugin and its softlinks
install -d -m 0755 %{buildroot}%{_sysconfdir}/munin/plugin-conf.d install -d -m 0755 %{buildroot}%{_sysconfdir}/munin/plugin-conf.d
@ -342,10 +345,7 @@ echo ".so man8/unbound-control.8" > %{buildroot}/%{_mandir}/man8/unbound-control
%pre libs %pre libs
getent group unbound >/dev/null || groupadd -r unbound %sysusers_create_compat %{SOURCE20}
getent passwd unbound >/dev/null || \
useradd -r -g unbound -d %{_sysconfdir}/unbound -s /sbin/nologin \
-c "Unbound DNS resolver" unbound
%post %post
%systemd_post unbound.service %systemd_post unbound.service
@ -452,7 +452,8 @@ popd
%doc doc/README %doc doc/README
%license doc/LICENSE %license doc/LICENSE
%attr(0755,root,root) %dir %{_sysconfdir}/%{name} %attr(0755,root,root) %dir %{_sysconfdir}/%{name}
%{_libdir}/libunbound.so.* %{_sysusersdir}/%{name}.sysusers
%{_libdir}/libunbound.so.8*
%dir %attr(0755,unbound,unbound) %{_sharedstatedir}/%{name} %dir %attr(0755,unbound,unbound) %{_sharedstatedir}/%{name}
%attr(0644,unbound,unbound) %config %{_sharedstatedir}/%{name}/root.key %attr(0644,unbound,unbound) %config %{_sharedstatedir}/%{name}/root.key
# just left for backwards compat with user changed unbound.conf files - format is different! # just left for backwards compat with user changed unbound.conf files - format is different!
@ -476,6 +477,7 @@ popd
%changelog %changelog
* Thu Dec 01 2022 Petr Menšík <pemensik@redhat.com> - 1.17.0-2 * Thu Dec 01 2022 Petr Menšík <pemensik@redhat.com> - 1.17.0-2
- Move unbound user creation to libs (#2149036) - Move unbound user creation to libs (#2149036)
- Use systemd-sysusers for user creation (#2105416)
* Tue Nov 01 2022 Petr Menšík <pemensik@redhat.com> - 1.17.0-1 * Tue Nov 01 2022 Petr Menšík <pemensik@redhat.com> - 1.17.0-1
- Update to 1.17.0 (#2134348) - Update to 1.17.0 (#2134348)

1
unbound.sysusers Normal file
View File

@ -0,0 +1 @@
u unbound - "Unbound DNS resolver" /var/lib/unbound /sbin/nologin