Summary: | net-irc/unrealircd server.key.pem symlink and server.cert.key permission problems | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Attila Tóth <atoth> |
Component: | Current packages | Assignee: | Packages in net-irc <net-irc> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | stefan.becker, ulm |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
Certification postinstall: corrected location and owner
Proposed change for unrealircd-3.2.7-r1.ebuild |
Description
Attila Tóth
2007-12-11 23:20:57 UTC
Hello, > Steps to Reproduce: > 1. emerge net-irc/unrealircd-3.2.7-r1 > 2. ebuild ...net-irc/unrealircd-3.2.7-r1.ebuild postinst > 3. /etc/init.d/unrealircd start obiously there is a problem with generating and linking the new certificates/keys in the right place. I think this is strongly related to the change from do_cert to install_cert in the ebuild (btw. shouldn't that be noted in the changelog?). The second problem is that all files within /etc/unrealircd/ are chowned to unrealircd during pkg_install. But the certificates are now generated during pkg_postinstall and there is no chown there, so the files will still be owned by root after the merge to the live-filesystem is made. I wrote a patch (3.2.7-r1) for both problems. It testet it on two x86 systems without problems. PS: I'm sorry to say this but why the hell is such a packet, with an easy to see error is marked stable?! --------- PATCH ------------- 127c127 < install_cert /etc/unrealircd/server.cert --- > install_cert ${D}/etc/unrealircd/server.cert 128a129 > chown -R unrealircd "${D}"/etc/unrealircd/server.* Hi again,
I'm very sorry, but I made a mistake in the previous patch. I'm not that expirienced with the portage system and overlooked that postinst is executed _after_ the merge.
So I have to reformulate my statement:
The files were created in the right place, but not with the right owner and the symlink wasn't placed in /etc/unrealircd but in the builddirectory.
I think this happend due to the fact that dosym handles $D transparently. I'm not sure if dosym can be used for this purpose, so I circumvented the use of it.
Here is another patch (to the orignial 3.2.7-r1 file. Sorry for the inconvenience.
----------- PATCH ---------------
128c128,129
< dosym server.cert.key /etc/unrealircd/server.key.pem
---
> ln -s /etc/unrealircd/server.cert.key /etc/unrealircd/server.key.pem
> chown -R unrealircd /etc/unrealircd/server.*
(In reply to comment #1) > Hello, > > > Steps to Reproduce: > > 1. emerge net-irc/unrealircd-3.2.7-r1 > > 2. ebuild ...net-irc/unrealircd-3.2.7-r1.ebuild postinst > > 3. /etc/init.d/unrealircd start > > obiously there is a problem with generating and linking the new > certificates/keys in the right place. I think this is strongly related to the > change from do_cert to install_cert in the ebuild (btw. shouldn't that be noted > in the changelog?). > > The second problem is that all files within /etc/unrealircd/ are chowned to > unrealircd during pkg_install. But the certificates are now generated during > pkg_postinstall and there is no chown there, so the files will still be owned > by root after the merge to the live-filesystem is made. > > I wrote a patch (3.2.7-r1) for both problems. It testet it on two x86 systems > without problems. > > PS: I'm sorry to say this but why the hell is such a packet, with an easy to > see error is marked stable?! > > > --------- PATCH ------------- > 127c127 > < install_cert /etc/unrealircd/server.cert > --- > > install_cert ${D}/etc/unrealircd/server.cert > 128a129 > > chown -R unrealircd "${D}"/etc/unrealircd/server.* > This symptom has popped up probably because they simply moved this part of the ebuild in the postinstall section... Created attachment 138309 [details, diff]
Certification postinstall: corrected location and owner
Proposed modification of the ebuild.
I've created a diff of these changes. Thank you for your contribution. I hope, the maintainer will include this soon and push it alive. Regards, Dw. (In reply to comment #2) > Hi again, > > I'm very sorry, but I made a mistake in the previous patch. I'm not that > expirienced with the portage system and overlooked that postinst is executed > _after_ the merge. > > So I have to reformulate my statement: > > The files were created in the right place, but not with the right owner and the > symlink wasn't placed in /etc/unrealircd but in the builddirectory. > > I think this happend due to the fact that dosym handles $D transparently. I'm > not sure if dosym can be used for this purpose, so I circumvented the use of > it. > > Here is another patch (to the orignial 3.2.7-r1 file. Sorry for the > inconvenience. > > ----------- PATCH --------------- > 128c128,129 > < dosym server.cert.key /etc/unrealircd/server.key.pem > --- > > ln -s /etc/unrealircd/server.cert.key /etc/unrealircd/server.key.pem > > chown -R unrealircd /etc/unrealircd/server.* > Created attachment 138315 [details, diff]
Proposed change for unrealircd-3.2.7-r1.ebuild
This takes care of ${ROOT} for the symlink destination.
@net-irc: Do you mind if I commit this myself?
Fixed and revbumped to -r2, as discussed on IRC with cla. |