From 73aebacf35d506f974998a4a9e35b1a577b0c506 Mon Sep 17 00:00:00 2001 From: Daniel Baker Date: Tue, 4 Dec 2001 01:43:20 +0000 Subject: Create a "dnetc" user and group that owns relevant dnetc directories, files, and runs the client. This removes all reliance on the "nobody" account so that the account doesn't own any files or run any processes. --- misc/dnetc/Makefile | 22 ++++++++++++++-------- misc/dnetc/files/dnetc.sh | 2 +- misc/dnetc/pkg-install | 32 ++++++++++++++++++++++++++++++++ 3 files changed, 47 insertions(+), 9 deletions(-) create mode 100644 misc/dnetc/pkg-install (limited to 'misc/dnetc') diff --git a/misc/dnetc/Makefile b/misc/dnetc/Makefile index 7e917773889a..47f8d501fad7 100644 --- a/misc/dnetc/Makefile +++ b/misc/dnetc/Makefile @@ -40,8 +40,10 @@ NO_BUILD= yes BINDIR= ${PREFIX}/distributed.net LIBDIR= ${PREFIX}/etc/rc.d -CLIENTUID= nobody -CLIENTGID= daemon +CLIENTUSER= dnetc +CLIENTUID= 26 +CLIENTGROUP= ${CLIENTUSER} +CLIENTGID= ${CLIENTUID} SBINMODE= 700 BINMODE= 700 @@ -49,23 +51,27 @@ BINMODE= 700 MAN1= dnetc.1 do-configure: - if [ ! -f ${PREFIX}/dnetc.ini ]; then \ + @if [ ! -f ${PREFIX}/dnetc.ini ]; then \ ${INSTALL} -c -m 644 ${FILESDIR}/dnetc.ini ${WRKSRC}; \ fi +pre-install: + @${ECHO} "==> Creating custom user to run dnetc..." + ${PKGINSTALL} ${PKGNAME} PRE-INSTALL "${CLIENTUSER}" "${CLIENTUID}" "${CLIENTGROUP}" "${CLIENTGID}" + do-install: - if [ ! -d ${BINDIR} ]; then \ + @if [ ! -d ${BINDIR} ]; then \ ${MKDIR} ${BINDIR}; \ fi - ${INSTALL} -c -m ${SBINMODE} -o ${CLIENTUID} -g ${CLIENTGID} ${WRKSRC}/dnetc ${BINDIR} + ${INSTALL} -c -m ${SBINMODE} -o ${CLIENTUSER} -g ${CLIENTGROUP} ${WRKSRC}/dnetc ${BINDIR} ${SED} s#CHANGETHIS#${BINDIR}# < ${FILESDIR}/dnetc.sh > ${WRKSRC}/dnetc.sh.pathnames ${INSTALL} -c -m ${SBINMODE} ${WRKSRC}/dnetc.sh.pathnames ${LIBDIR}/dnetc.sh ${INSTALL_DATA} ${FILESDIR}/INFO ${BINDIR} - ${CHOWN} ${CLIENTUID}:${CLIENTGID} ${BINDIR} + ${CHOWN} ${CLIENTUSER}:${CLIENTGROUP} ${BINDIR} ${CHMOD} 775 ${BINDIR} if [ ! -f ${BINDIR}/dnetc.sh ]; then \ @@ -73,7 +79,7 @@ do-install: fi ${INSTALL_MAN} ${WRKSRC}/${MAN1} ${PREFIX}/man/man1 - ${INSTALL} -c -m 644 -o ${CLIENTUID} -g ${CLIENTGID} ${WRKDIR}/dnetc.ini ${BINDIR}/dnetc.ini.default + ${INSTALL} -c -m 644 -o ${CLIENTUSER} -g ${CLIENTGROUP} ${WRKDIR}/dnetc.ini ${BINDIR}/dnetc.ini.default .if !exists(${BINDIR}/dnetc.ini) @echo "" @echo "" @@ -89,7 +95,7 @@ do-install: @echo "" @echo "" @echo "" - ${INSTALL} -c -m 644 -o ${CLIENTUID} -g ${CLIENTGID} ${WRKDIR}/dnetc.ini ${BINDIR} + ${INSTALL} -c -m 644 -o ${CLIENTUSER} -g ${CLIENTGROUP} ${WRKDIR}/dnetc.ini ${BINDIR} .endif .include diff --git a/misc/dnetc/files/dnetc.sh b/misc/dnetc/files/dnetc.sh index cccb86d62263..919e6f4c71c9 100644 --- a/misc/dnetc/files/dnetc.sh +++ b/misc/dnetc/files/dnetc.sh @@ -26,7 +26,7 @@ start) fi echo -n " dnetc" - su -m nobody -c "$dir/dnetc -quiet" 2>/dev/null >/dev/null & + su -m dnetc -c "$dir/dnetc -quiet" 2>/dev/null >/dev/null & ;; stop) killall dnetc && echo -n " dnetc" diff --git a/misc/dnetc/pkg-install b/misc/dnetc/pkg-install new file mode 100644 index 000000000000..d837ae3a40c4 --- /dev/null +++ b/misc/dnetc/pkg-install @@ -0,0 +1,32 @@ +#!/bin/sh + +if [ "$2" != "PRE-INSTALL" ]; then + exit 0 +fi + +CLIENTUSER=$3 +CLIENTUID=$4 +CLIENTGROUP=$5 +CLIENTGID=$6 + +if ! pw groupshow "$CLIENTGROUP" 2>/dev/null 1>&2; then + if pw groupadd $CLIENTGROUP -g $CLIENTGID; then + echo "=> Added group \"$CLIENTGROUP\"." + else + echo "=> Adding group \"$CLIENTGROUP\" failed..." + exit 1 + fi +fi + +if ! pw usershow "$CLIENTUSER" 2>/dev/null 1>&2; then + if pw useradd $CLIENTUSER -u $CLIENTUID -g $CLIENTGROUP -h - \ + -s "/sbin/nologin" -d "/nonexistent" \ + -c "distributed.net client and proxy pseudo-user"; \ + then + echo "=> Added user \"$CLIENTUSER\"." + else + echo "=> Adding user \"$CLIENTUSER\" failed..." + exit 1 + fi +fi +exit 0 -- cgit v1.2.3