From 961ed91fa17ecc4349a8a942e78db50288bd7d61 Mon Sep 17 00:00:00 2001 From: Luke Shumaker Date: Wed, 2 Sep 2015 13:46:05 -0600 Subject: Make the daemon user and group compile-time configurable --- .gitignore | 1 + Makefile | 22 +++++++++++++++------- nshd.service.in | 4 ++-- nshd.socket | 13 ------------- nshd.socket.in | 13 +++++++++++++ 5 files changed, 31 insertions(+), 22 deletions(-) delete mode 100644 nshd.socket create mode 100644 nshd.socket.in diff --git a/.gitignore b/.gitignore index 131b639..b4d898a 100644 --- a/.gitignore +++ b/.gitignore @@ -2,5 +2,6 @@ /bin /src/*.*/ /nshd.service +/nshd.socket /.Makefile.var.* /.tmp.Makefile.var.* diff --git a/Makefile b/Makefile index 15c1c43..688a695 100644 --- a/Makefile +++ b/Makefile @@ -3,14 +3,20 @@ bindir = $(prefix)/bin libdir = $(prefix)/lib systemddir = $(libdir)/systemd -GOPATH := $(realpath $(dir $(lastword $(MAKEFILE_LIST)))) +user = nshd +group = nshd CFLAGS = -std=c99 -Wall -Wextra -Werror -pedantic CGO_CFLAGS = $(CFLAGS) -Wno-unused-parameter -export CGO_ENABLED = 1 - +CGO_ENABLED = 1 +export CGO_ENABLED + cgo_variables = CGO_ENABLED CGO_CFLAGS CGO_CPPFLAGS CGO_CXXFLAGS CGO_LDFLAGS CC CXX +GOPATH := $(realpath $(dir $(lastword $(MAKEFILE_LIST)))) + +vp = .Makefile.var.% + deps = gopkg.in/yaml.v2 subdirs = src/nslcd_proto @@ -21,7 +27,7 @@ include $(addsuffix /Makefile,$(subdirs)) secondary += download += $(addprefix src/,$(deps)) generate += -build += bin/nshd nshd.service +build += bin/nshd nshd.service nshd.socket install += $(addprefix $(DESTDIR),$(bindir)/nshd $(systemddir)/system/nshd.socket $(systemddir)/system/nshd.service) download: $(download) @@ -44,11 +50,13 @@ $(foreach d,$(deps),$(eval src/$d: NET; GOPATH='$(GOPATH)' go get -d -u $d)) .PHONY: NET bin/nshd: $(download) $(generate) $(shell find src -name .git -prune -o -print) $(addprefix .Makefile.var.,$(cgo_variables)) - @true $(foreach f,$(filter .Makefile.var.%,$^), && test $@ -nt $f ) || rm -rf -- bin pkg + @true $(foreach f,$(filter $(vp),$^), && test $@ -nt $f ) || rm -rf -- bin pkg GOPATH='$(GOPATH)' CGO_CFLAGS='$(CGO_CFLAGS)' go install nshd -nshd.service: nshd.service.in .Makefile.var.bindir - < $< sed 's|@bindir@|$(bindir)|g' > $@ +%: %.in + < $< sed $(foreach v,$(patsubst $(vp),%,$(filter $(vp),$^)), -e 's|@$v@|$($v)|g' ) > $@ +nshd.service: .Makefile.var.bindir .Makefile.var.user .Makefile.var.group +nshd.socket: .Makefile.var.user .Makefile.var.group $(DESTDIR)$(bindir)/%: bin/% install -Dm755 $< $@ diff --git a/nshd.service.in b/nshd.service.in index 3446c7e..caf5508 100644 --- a/nshd.service.in +++ b/nshd.service.in @@ -8,8 +8,8 @@ Type=notify Sockets=nshd.socket ExecStart=@bindir@/nshd -User=nshd -Group=nshd +User=@user@ +Group=@group@ [Install] WantedBy=multi-user.target diff --git a/nshd.socket b/nshd.socket deleted file mode 100644 index 4893bc6..0000000 --- a/nshd.socket +++ /dev/null @@ -1,13 +0,0 @@ -[Unit] -Description=Parabola hackers.git authentication - -[Socket] -ListenStream=/var/run/nslcd/socket -PassCredentials=yes -PassSecurity=yes - -SocketUser=nshd -SocketGroup=nshd - -[Install] -WantedBy=sockets.target diff --git a/nshd.socket.in b/nshd.socket.in new file mode 100644 index 0000000..a514391 --- /dev/null +++ b/nshd.socket.in @@ -0,0 +1,13 @@ +[Unit] +Description=Parabola hackers.git authentication + +[Socket] +ListenStream=/var/run/nslcd/socket +PassCredentials=yes +PassSecurity=yes + +SocketUser=@user@ +SocketGroup=@group@ + +[Install] +WantedBy=sockets.target -- cgit v1.2.2