migrate to systemd-sysusers/systemd-tmpfiles

shibumi confirms post_upgrade is unnecessary for proper pacman installs
This commit is contained in:
Eli Schwartz 2018-01-09 14:04:37 +00:00
parent e24e6fba39
commit 83bb70b8a5
4 changed files with 10 additions and 25 deletions

View File

@ -1,8 +1,9 @@
# Maintainer : Christian Rebischke <Chris.Rebischke@archlinux.org> # Maintainer : Christian Rebischke <Chris.Rebischke@archlinux.org>
pkgname='vault' pkgname='vault'
pkgdesc='A tool for managing secrets' pkgdesc='A tool for managing secrets'
pkgver='0.9.0' pkgver='0.9.0'
pkgrel='3' pkgrel='4'
url='https://vaultproject.io/' url='https://vaultproject.io/'
license=('MPL') license=('MPL')
arch=('x86_64') arch=('x86_64')
@ -13,9 +14,13 @@ backup=('etc/vault.hcl')
_vault_commit='bdac1854478538052ba5b7ec9a9ec688d35a3335' _vault_commit='bdac1854478538052ba5b7ec9a9ec688d35a3335'
source=("git+https://github.com/hashicorp/vault#commit=${_vault_commit}" source=("git+https://github.com/hashicorp/vault#commit=${_vault_commit}"
'vault.service' 'vault.service'
'vault.sysusers'
'vault.tmpfiles'
'vault.hcl') 'vault.hcl')
sha512sums=('SKIP' sha512sums=('SKIP'
'6619cf57668e995cddb29fb6c388c18c21b251052a53832415e415bb4fe538361ef77b74536f5b082b9cda6cd71b598fc50d8b7f51092c4d60262052c5725af2' '6619cf57668e995cddb29fb6c388c18c21b251052a53832415e415bb4fe538361ef77b74536f5b082b9cda6cd71b598fc50d8b7f51092c4d60262052c5725af2'
'92616ccf83fa5ca9f8b0d022cf8ceb1f3549e12b66bf21d9f77f3eb26bd75ec1dc36c155948ec987c642067b85fbfc30a9217d6c503d952a402aa5ef63e50928'
'073f0f400cba78521cd2709ce86d88fbb14125117f9f3beca657f625d04eab8e00f7a01b5d9a1cfc03e9038844f5732bdbb1a85dd65a803d3f0b90f8bf87880e'
'46106cc76151eef2dd5e4b2caa6a96aae4d6ce1ecbf977dcc8667a3f6c829cbea95133622adafcb15cdfaa066ecc94c73c983e7613ee2f6573694981569729fe') '46106cc76151eef2dd5e4b2caa6a96aae4d6ce1ecbf977dcc8667a3f6c829cbea95133622adafcb15cdfaa066ecc94c73c983e7613ee2f6573694981569729fe')
prepare () { prepare () {
@ -36,6 +41,8 @@ package () {
install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
install -Dm644 "${srcdir}/vault.hcl" "${pkgdir}/etc/vault.hcl" install -Dm644 "${srcdir}/vault.hcl" "${pkgdir}/etc/vault.hcl"
install -Dm644 "${srcdir}/vault.service" "${pkgdir}/usr/lib/systemd/system/vault.service" install -Dm644 "${srcdir}/vault.service" "${pkgdir}/usr/lib/systemd/system/vault.service"
install -Dm644 "${srcdir}/vault.sysusers" "${pkgdir}/usr/lib/sysusers.d/vault.conf"
install -Dm644 "${srcdir}/vault.tmpfiles" "${pkgdir}/usr/lib/tmpfiles.d/vault.conf"
for file in README.md CHANGELOG.md ; do for file in README.md CHANGELOG.md ; do
install -Dm644 "${file}" "${pkgdir}/usr/share/doc/${pkgname}/${file}" install -Dm644 "${file}" "${pkgdir}/usr/share/doc/${pkgname}/${file}"
done done

View File

@ -1,29 +1,5 @@
# vim: ft=sh ts=4 sw=4 et # vim: ft=sh ts=4 sw=4 et
post_install () { post_install () {
getent passwd vault > /dev/null || useradd \
-s /bin/nologin -c 'Vault daemon' -d /var/lib/vault -M -r -U vault
if [[ ! -d /var/lib/vault ]] ; then
mkdir /var/lib/vault
chown vault:vault /var/lib/vault
fi
setcap cap_ipc_lock=+ep /usr/bin/vault setcap cap_ipc_lock=+ep /usr/bin/vault
} }
post_upgrade () {
if [[ -d /var/lib/vault ]] ; then
local badperms=false
while read -r path ; do
if [[ $(stat --format=%U:%G "${path}") != vault:vault ]]
then
badperms=true
break
fi
done < <( find /var/lib/vault )
if ${badperms} ; then
echo 'Bad permissions detected in /var/lib/vault, fixing...'
chown -R vault:vault /var/lib/vault
fi
fi
post_install
}

1
vault.sysusers Normal file
View File

@ -0,0 +1 @@
u vault - "Vault daemon" /var/lib/vault

1
vault.tmpfiles Normal file
View File

@ -0,0 +1 @@
d /var/lib/vault 0755 vault vault - -