pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/devel/monotone-server Adapt to recent changes in monot...
details: https://anonhg.NetBSD.org/pkgsrc/rev/f2cb5f5f53b4
branches: trunk
changeset: 508559:f2cb5f5f53b4
user: jmmv <jmmv%pkgsrc.org@localhost>
date: Tue Feb 21 16:09:16 2006 +0000
description:
Adapt to recent changes in monotone as the current package does not work
appropriately otherwise.
- The server keypair is now stored and read from ${PKG_SYSCONFDIR}/keys
instead of being inside the database.
- Provide and use two files (read-permissions and write-permissions) to
set up netsync's access control.
- During monotone-server-init, run monotone under the unprivileged user
so that it creates files in the correct places (if any).
- Add a note to monotone-server-init to let the user ensure that the
UID and GID are correct. (I always get them wrong otherwise.)
- Make the rc.d script print a "divisory" line in the log file so that
different sections are easy to distinguish.
Bump PKGREVISION to 2.
diffstat:
devel/monotone-server/Makefile | 19 ++++++++-
devel/monotone-server/PLIST | 4 +-
devel/monotone-server/files/hooks.conf | 26 ++------------
devel/monotone-server/files/monotone-server-init.sh | 38 ++++++++++++++++----
devel/monotone-server/files/monotone.sh | 13 ++++++-
devel/monotone-server/files/read-permissions | 7 +++
devel/monotone-server/files/write-permissions | 2 +
7 files changed, 72 insertions(+), 37 deletions(-)
diffs (241 lines):
diff -r bec0d130ac99 -r f2cb5f5f53b4 devel/monotone-server/Makefile
--- a/devel/monotone-server/Makefile Tue Feb 21 15:50:49 2006 +0000
+++ b/devel/monotone-server/Makefile Tue Feb 21 16:09:16 2006 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.15 2006/02/05 23:08:48 joerg Exp $
+# $NetBSD: Makefile,v 1.16 2006/02/21 16:09:16 jmmv Exp $
#
DISTNAME= monotone-server-0.25
-PKGREVISION= 1
+PKGREVISION= 2
CATEGORIES= devel
MASTER_SITES= # empty
DISTFILES= # empty
@@ -21,6 +21,8 @@
RCD_SCRIPTS= monotone
PKG_SYSCONFSUBDIR= monotone-server
+OWN_DIRS_PERMS= ${PKG_SYSCONFDIR}/keys \
+ ${MONOTONE_USER} ${MONOTONE_GROUP} 700
BUILD_DEFS+= MONOTONE_GROUP MONOTONE_USER
@@ -31,6 +33,12 @@
CONF_FILES_PERMS+= ${EXAMPLEDIR}/hooks.conf \
${PKG_SYSCONFDIR}/hooks.conf \
${MONOTONE_USER} ${MONOTONE_GROUP} 600
+CONF_FILES_PERMS+= ${EXAMPLEDIR}/read-permissions \
+ ${PKG_SYSCONFDIR}/read-permissions \
+ ${MONOTONE_USER} ${MONOTONE_GROUP} 600
+CONF_FILES_PERMS+= ${EXAMPLEDIR}/write-permissions \
+ ${PKG_SYSCONFDIR}/write-permissions \
+ ${MONOTONE_USER} ${MONOTONE_GROUP} 600
PKG_USERS= ${MONOTONE_USER}:${MONOTONE_GROUP}::Monotone\ dedicated\ server:${VARBASE}/monotone:${SH}
PKG_GROUPS= ${MONOTONE_GROUP}
@@ -52,7 +60,8 @@
INSTALLATION_DIRS= sbin
do-extract:
-.for f in branches.conf hooks.conf monotone-server-init.sh
+.for f in branches.conf hooks.conf monotone-server-init.sh read-permissions \
+ write-permissions
${CP} ${FILESDIR}/${f} ${WRKSRC}
.endfor
@@ -62,5 +71,9 @@
${INSTALL_DATA_DIR} ${EXAMPLEDIR}
${INSTALL_DATA} ${WRKSRC}/branches.conf ${EXAMPLEDIR}/branches.conf
${INSTALL_DATA} ${WRKSRC}/hooks.conf ${EXAMPLEDIR}/hooks.conf
+ ${INSTALL_DATA} ${WRKSRC}/read-permissions \
+ ${EXAMPLEDIR}/read-permissions
+ ${INSTALL_DATA} ${WRKSRC}/write-permissions \
+ ${EXAMPLEDIR}/write-permissions
.include "../../mk/bsd.pkg.mk"
diff -r bec0d130ac99 -r f2cb5f5f53b4 devel/monotone-server/PLIST
--- a/devel/monotone-server/PLIST Tue Feb 21 15:50:49 2006 +0000
+++ b/devel/monotone-server/PLIST Tue Feb 21 16:09:16 2006 +0000
@@ -1,6 +1,8 @@
-@comment $NetBSD: PLIST,v 1.2 2005/05/02 20:33:59 reed Exp $
+@comment $NetBSD: PLIST,v 1.3 2006/02/21 16:09:16 jmmv Exp $
sbin/monotone-server-init
share/examples/monotone-server/branches.conf
share/examples/monotone-server/hooks.conf
+share/examples/monotone-server/read-permissions
+share/examples/monotone-server/write-permissions
share/examples/rc.d/monotone
@dirrm share/examples/monotone-server
diff -r bec0d130ac99 -r f2cb5f5f53b4 devel/monotone-server/files/hooks.conf
--- a/devel/monotone-server/files/hooks.conf Tue Feb 21 15:50:49 2006 +0000
+++ b/devel/monotone-server/files/hooks.conf Tue Feb 21 16:09:16 2006 +0000
@@ -1,30 +1,12 @@
--- $NetBSD: hooks.conf,v 1.3 2005/08/13 11:19:44 jmmv Exp $
+-- $NetBSD: hooks.conf,v 1.4 2006/02/21 16:09:16 jmmv Exp $
--
-- This file belongs to the monotone-server package. This is the typical
-- ~/.monotonerc configuration file, but is system-wide.
--
function get_passphrase(identity)
--- if (identity == "PUT_KEYNAME_HERE") then
--- return "PUT_PASSPHRASE_HERE"
--- end
+ if (identity == "PUT_KEYNAME_HERE") then
+ return "PUT_PASSPHRASE_HERE"
+ end
return false
end
-
-function get_netsync_read_permitted (branch, identity)
--- if (branch == "net.example.project1") then
--- if (identity == nil) then return true end
--- if (identity == "user1%example.org@localhost") then return true end
--- end
--- if (branch == "net.example.project2.subbranch") then
--- if (identity == "user1%example.org@localhost") then return true end
--- if (identity == "user2%example.org@localhost") then return true end
--- end
- return false
-end
-
-function get_netsync_write_permitted (identity)
--- if (identity == "user1%example.org@localhost") then return true end
--- if (identity == "user2%example.org@localhost") then return true end
- return false
-end
diff -r bec0d130ac99 -r f2cb5f5f53b4 devel/monotone-server/files/monotone-server-init.sh
--- a/devel/monotone-server/files/monotone-server-init.sh Tue Feb 21 15:50:49 2006 +0000
+++ b/devel/monotone-server/files/monotone-server-init.sh Tue Feb 21 16:09:16 2006 +0000
@@ -1,6 +1,6 @@
#!@SH@
#
-# $NetBSD: monotone-server-init.sh,v 1.2 2006/02/20 16:54:42 jmmv Exp $
+# $NetBSD: monotone-server-init.sh,v 1.3 2006/02/21 16:09:16 jmmv Exp $
#
progname=$(basename $0)
@@ -17,6 +17,21 @@
fi
cat <<EOF
+The following user and group will be used to run the monotone server
+process under a restricted account:
+
+ User name \`${MONOTONE_USER}', UID \``id -u monotone`'
+ Group name \`${MONOTONE_GROUP}', GID \``id -g monotone`'
+
+If either the UID or the GID are inappropriate, please abort this
+script now, correct them and restart the utility so that all the
+files are created with the correct ownerships.
+
+Press RETURN to continue or CTRL-C to abort.
+EOF
+read key
+
+cat <<EOF
The monotone package is currently configured to use the
${VARBASE}/monotone directory to hold the public database.
You may now change this default path to something else that is
@@ -65,7 +80,8 @@
cd ${home}
echo "Initializing database: \`${home}/monotone.db'"
-${MONOTONE} --db=monotone.db db init
+su - ${MONOTONE_USER} -c "${MONOTONE} --confdir=${PKG_SYSCONFDIR} \
+ --db=monotone.db db init"
cat <<EOF
@@ -76,9 +92,12 @@
EOF
-${MONOTONE} --db=monotone.db genkey ${keyname}
-${MONOTONE} --db=monotone.db pubkey ${keyname} >${keyname}-public
-${MONOTONE} --db=monotone.db privkey ${keyname} >${keyname}-private
+su - ${MONOTONE_USER} -c "${MONOTONE} --confdir=${PKG_SYSCONFDIR} \
+ --db=monotone.db genkey ${keyname}"
+su - ${MONOTONE_USER} -c "${MONOTONE} --confdir=${PKG_SYSCONFDIR} \
+ --db=monotone.db pubkey ${keyname} >${keyname}-public"
+su - ${MONOTONE_USER} -c "${MONOTONE} --confdir=${PKG_SYSCONFDIR} \
+ --db=monotone.db privkey ${keyname} >${keyname}-private"
chown ${MONOTONE_USER}:${MONOTONE_GROUP} monotone.db \
${keyname}-public ${keyname}-private
@@ -90,17 +109,18 @@
Initialization process finished!
-You should now backup the following files and store them in a safe place
-in case you need to reconstruct the database from scratch:
+You should now backup the following file and store it in a safe place.
+It contains the key pair that authenticates your server:
- ${home}/${keyname}-public
- ${home}/${keyname}-private
+ ${PKG_SYSCONFDIR}/keys/${keyname}
At last, edit the following files to finish the configuration of your
new server:
${PKG_SYSCONFDIR}/branches.conf
${PKG_SYSCONFDIR}/hooks.conf
+ ${PKG_SYSCONFDIR}/read-permissions
+ ${PKG_SYSCONFDIR}/write-permissions
Once finished, use the installed rc.d script (monotone) to start the
dedicated server process.
diff -r bec0d130ac99 -r f2cb5f5f53b4 devel/monotone-server/files/monotone.sh
--- a/devel/monotone-server/files/monotone.sh Tue Feb 21 15:50:49 2006 +0000
+++ b/devel/monotone-server/files/monotone.sh Tue Feb 21 16:09:16 2006 +0000
@@ -1,6 +1,6 @@
#!@RCD_SCRIPTS_SHELL@
#
-# $NetBSD: monotone.sh,v 1.2 2005/12/02 17:56:25 jmmv Exp $
+# $NetBSD: monotone.sh,v 1.3 2006/02/21 16:09:16 jmmv Exp $
#
# PROVIDE: monotone
# REQUIRE: DAEMON
@@ -23,13 +23,22 @@
rcvar=${name}
command="@PREFIX@/bin/monotone"
command_args="--norc \
+ --confdir=@PKG_SYSCONFDIR@ \
+ --db=${monotone_home}/monotone.db \
--rcfile=@PKG_SYSCONFDIR@/hooks.conf \
- --db=${monotone_home}/monotone.db \
serve ${monotone_branches} \
>>${monotone_home}/monotone.log 2>&1 &"
+required_dirs="@PKG_SYSCONFDIR@/keys"
required_files="@PKG_SYSCONFDIR@/branches.conf \
@PKG_SYSCONFDIR@/hooks.conf \
+ @PKG_SYSCONFDIR@/read-permissions \
+ @PKG_SYSCONFDIR@/write-permissions \
${monotone_home}/monotone.db"
+start_precmd="monotone_start_precmd"
+
+monotone_start_precmd() {
+ echo "=> Session started at `date`" >>${monotone_home}/monotone.log
+}
load_rc_config $name
run_rc_command "$1"
diff -r bec0d130ac99 -r f2cb5f5f53b4 devel/monotone-server/files/read-permissions
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/monotone-server/files/read-permissions Tue Feb 21 16:09:16 2006 +0000
@@ -0,0 +1,7 @@
+pattern "net.example.project.{private,security}*"
+allow "joe%example.net@localhost"
+allow "jim%example.net@localhost"
+
+comment "everyone can read these branches"
+pattern "net.example.{public,project}*"
+allow "*"
diff -r bec0d130ac99 -r f2cb5f5f53b4 devel/monotone-server/files/write-permissions
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/monotone-server/files/write-permissions Tue Feb 21 16:09:16 2006 +0000
@@ -0,0 +1,2 @@
+joe%example.net@localhost
+jim%example.net@localhost
Home |
Main Index |
Thread Index |
Old Index