Congegni
/
libretime
mirror of https://github.com/libretime/libretime.git
7
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Yet another attempt to run upstart jobs as unprivileged user

This commit is contained in:
Duncan Sommerville 2015-01-12 09:48:08 -05:00
parent 24123ef45d
commit bf1355a203
8 changed files with 15 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
installer/install
View File

@ -322,6 +322,7 @@ verbose "...Done"
verbose "\n * Creating /usr/lib/airtime..."
mkdir -p /usr/lib/airtime
mkdir -p /var/www/.init
verbose "...Done"
verbose "\n * Creating /run/airtime..."
@ -372,12 +373,11 @@ verbose "\n * Creating liquidsoap symlink..."
ln -sf /usr/bin/liquidsoap /usr/bin/airtime-liquidsoap
verbose "...Done"
sed "s@WEB_USER@${web_user}@g" ${SCRIPT_DIR}/lib/airtime-session-init-setup.conf > /etc/init/airtime-session-init-setup.conf
cp ${SCRIPT_DIR}/lib/airtime-session-init.conf /etc/init/airtime-session-init.conf
chmod 644 /usr/share/upstart/sessions/airtime*
for i in /var/www/.init/airtime*; do
sed -i 's/WEB_USER/${web_user}/g' $i
done
initctl reload-configuration
service airtime-session-init-setup start
if [ ! -d /var/log/airtime ]; then
loud "\n-----------------------------------------------------"

22
installer/lib/airtime-session-init-setup.conf
View File

@ -1,22 +0,0 @@
start on runlevel [2345]
stop on runlevel [!2345]
task
env user=WEB_USER
export user
script
uid=$(getent passwd "$user"|cut -d: -f3)
gid=$(getent passwd "$user"|cut -d: -f4)
# Create directory that would normally be
# created by PAM when a user logs in.
export XDG_RUNTIME_DIR="/run/user/$uid"
mkdir -p "$XDG_RUNTIME_DIR"
chmod 0700 "$XDG_RUNTIME_DIR"
chown "$uid:$gid" "$XDG_RUNTIME_DIR"
start airtime-session-init user="$user"
end script

15
installer/lib/airtime-session-init.conf
View File

@ -1,15 +0,0 @@
instance $user
stop on runlevel [016]
script
uid=$(getent passwd "$user"|cut -d: -f3)
HOME=$(getent passwd "$user"|cut -d: -f6)
export XDG_RUNTIME_DIR="/run/user/$uid"
export HOME
echo $HOME
exec su -s /bin/sh -c 'exec "$0" "$@"' $user -- init --user --confdir /usr/share/upstart/sessions/
end script

5
python_apps/media-monitor/install/airtime-media-monitor.conf
View File

@ -6,10 +6,11 @@ stop on runlevel [!2345]
respawn
setuid www-data
setgid www-data
setuid WEB_USER
setgid WEB_USER
env LANG='en_US.UTF-8'
env LC_ALL='en_US.UTF-8'
env HOME='/var/www/.init'
exec airtime-media-monitor

2
python_apps/media-monitor/setup.py
View File

@ -12,7 +12,7 @@ if '--no-init-script' in sys.argv:
data_files = []
sys.argv.remove('--no-init-script') # super hax
else:
data_files = [('/usr/share/upstart/sessions', ['install/airtime-media-monitor.conf'])]
data_files = [('/var/www/.init', ['install/airtime-media-monitor.conf'])]
print data_files
setup(name='airtime-media-monitor',

5
python_apps/pypo/install/airtime-liquidsoap.conf
View File

@ -6,10 +6,11 @@ stop on runlevel [!2345]
respawn
setuid www-data
setgid www-data
setuid WEB_USER
setgid WEB_USER
env LANG='en_US.UTF-8'
env LC_ALL='en_US.UTF-8'
env HOME='/var/www/.init'
exec airtime-liquidsoap

5
python_apps/pypo/install/airtime-playout.conf
View File

@ -6,10 +6,11 @@ stop on runlevel [!2345]
respawn
setuid www-data
setgid www-data
setuid WEB_USER
setgid WEB_USER
env LANG='en_US.UTF-8'
env LC_ALL='en_US.UTF-8'
env HOME='/var/www/.init'
exec airtime-playout

2
python_apps/pypo/setup.py
View File

@ -12,7 +12,7 @@ if '--no-init-script' in sys.argv:
data_files = []
sys.argv.remove('--no-init-script') # super hax
else:
data_files = [('/usr/share/upstart/sessions', ['install/airtime-playout.conf', 'install/airtime-liquidsoap.conf'])]
data_files = [('/var/www/.init', ['install/airtime-playout.conf', 'install/airtime-liquidsoap.conf'])]
print data_files
setup(name='airtime-playout',