net-irc/unrealircd-3.2.7-r1: Even after running the ebuild's postinst functions, the server fails to start along with the following error messages: [date and time] - Failed to load SSL private key server.key.pem or [date and time] - Failed to load SSL certificate server.cert.pem The first one is caused by a missing symlink, and the second is because the certificate file is accessible only by root. Reproducible: Always Steps to Reproduce: 1. emerge net-irc/unrealircd-3.2.7-r1 2. ebuild ...net-irc/unrealircd-3.2.7-r1.ebuild postinst 3. /etc/init.d/unrealircd start
Hello, > Steps to Reproduce: > 1. emerge net-irc/unrealircd-3.2.7-r1 > 2. ebuild ...net-irc/unrealircd-3.2.7-r1.ebuild postinst > 3. /etc/init.d/unrealircd start obiously there is a problem with generating and linking the new certificates/keys in the right place. I think this is strongly related to the change from do_cert to install_cert in the ebuild (btw. shouldn't that be noted in the changelog?). The second problem is that all files within /etc/unrealircd/ are chowned to unrealircd during pkg_install. But the certificates are now generated during pkg_postinstall and there is no chown there, so the files will still be owned by root after the merge to the live-filesystem is made. I wrote a patch (3.2.7-r1) for both problems. It testet it on two x86 systems without problems. PS: I'm sorry to say this but why the hell is such a packet, with an easy to see error is marked stable?! --------- PATCH ------------- 127c127 < install_cert /etc/unrealircd/server.cert --- > install_cert ${D}/etc/unrealircd/server.cert 128a129 > chown -R unrealircd "${D}"/etc/unrealircd/server.*
Hi again, I'm very sorry, but I made a mistake in the previous patch. I'm not that expirienced with the portage system and overlooked that postinst is executed _after_ the merge. So I have to reformulate my statement: The files were created in the right place, but not with the right owner and the symlink wasn't placed in /etc/unrealircd but in the builddirectory. I think this happend due to the fact that dosym handles $D transparently. I'm not sure if dosym can be used for this purpose, so I circumvented the use of it. Here is another patch (to the orignial 3.2.7-r1 file. Sorry for the inconvenience. ----------- PATCH --------------- 128c128,129 < dosym server.cert.key /etc/unrealircd/server.key.pem --- > ln -s /etc/unrealircd/server.cert.key /etc/unrealircd/server.key.pem > chown -R unrealircd /etc/unrealircd/server.*
(In reply to comment #1) > Hello, > > > Steps to Reproduce: > > 1. emerge net-irc/unrealircd-3.2.7-r1 > > 2. ebuild ...net-irc/unrealircd-3.2.7-r1.ebuild postinst > > 3. /etc/init.d/unrealircd start > > obiously there is a problem with generating and linking the new > certificates/keys in the right place. I think this is strongly related to the > change from do_cert to install_cert in the ebuild (btw. shouldn't that be noted > in the changelog?). > > The second problem is that all files within /etc/unrealircd/ are chowned to > unrealircd during pkg_install. But the certificates are now generated during > pkg_postinstall and there is no chown there, so the files will still be owned > by root after the merge to the live-filesystem is made. > > I wrote a patch (3.2.7-r1) for both problems. It testet it on two x86 systems > without problems. > > PS: I'm sorry to say this but why the hell is such a packet, with an easy to > see error is marked stable?! > > > --------- PATCH ------------- > 127c127 > < install_cert /etc/unrealircd/server.cert > --- > > install_cert ${D}/etc/unrealircd/server.cert > 128a129 > > chown -R unrealircd "${D}"/etc/unrealircd/server.* > This symptom has popped up probably because they simply moved this part of the ebuild in the postinstall section...
Created attachment 138309 [details, diff] Certification postinstall: corrected location and owner Proposed modification of the ebuild.
I've created a diff of these changes. Thank you for your contribution. I hope, the maintainer will include this soon and push it alive. Regards, Dw. (In reply to comment #2) > Hi again, > > I'm very sorry, but I made a mistake in the previous patch. I'm not that > expirienced with the portage system and overlooked that postinst is executed > _after_ the merge. > > So I have to reformulate my statement: > > The files were created in the right place, but not with the right owner and the > symlink wasn't placed in /etc/unrealircd but in the builddirectory. > > I think this happend due to the fact that dosym handles $D transparently. I'm > not sure if dosym can be used for this purpose, so I circumvented the use of > it. > > Here is another patch (to the orignial 3.2.7-r1 file. Sorry for the > inconvenience. > > ----------- PATCH --------------- > 128c128,129 > < dosym server.cert.key /etc/unrealircd/server.key.pem > --- > > ln -s /etc/unrealircd/server.cert.key /etc/unrealircd/server.key.pem > > chown -R unrealircd /etc/unrealircd/server.* >
Created attachment 138315 [details, diff] Proposed change for unrealircd-3.2.7-r1.ebuild This takes care of ${ROOT} for the symlink destination. @net-irc: Do you mind if I commit this myself?
Fixed and revbumped to -r2, as discussed on IRC with cla.