coturn: Define and use a non-root user

To: pkgsrc-wip-changes%NetBSD.org@localhost
Subject: coturn: Define and use a non-root user
From: Greg Troxel (via pkgsrc-wip) <commit-notify%pkgsrc.org@localhost>
Date: Mon, 20 Jan 2025 00:22:08 +0000

Module Name:	pkgsrc-wip
Committed By:	Greg Troxel <gdt%lexort.com@localhost>
Pushed By:	gdt
Date:		Sun Jan 19 19:18:27 2025 -0500
Changeset:	7deae963790f314d1e9692afe9f623e388d36ae2

Modified Files:
	coturn/Makefile
	coturn/files/turnserver.sh

Log Message:
coturn: Define and use a non-root user

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=7deae963790f314d1e9692afe9f623e388d36ae2

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 coturn/Makefile            | 26 ++++++++++++++++++++------
 coturn/files/turnserver.sh |  8 +++++---
 2 files changed, 25 insertions(+), 9 deletions(-)

diffs:
diff --git a/coturn/Makefile b/coturn/Makefile
index ca51ab8192..1279f46143 100644
--- a/coturn/Makefile
+++ b/coturn/Makefile
@@ -1,7 +1,7 @@
 # $NetBSD$
 
 DISTNAME=	coturn-4.6.3
-PKGREVISION=	3
+PKGREVISION=	4
 CATEGORIES=	net
 MASTER_SITES=	${MASTER_SITE_GITHUB:=coturn/}
 GITHUB_PROJECT=	coturn
@@ -19,20 +19,36 @@ USE_LIBTOOL=	yes
 
 HAS_CONFIGURE=	yes
 
+.include "../../mk/bsd.prefs.mk"
+.include "options.mk"
+
+COTURN_USER?=	coturn
+COTURN_GROUP?=	${COTURN_USER}
+COTURN_DATA?=	${VARBASE}/coturn
+BUILD_DEFS+=	COTURN_USER COTURN_GROUP COTURN_DATA VARBASE
+
+PKG_USERS_VARS=			COTURN_USER
+PKG_GROUPS_VARS=		COTURN_GROUP
+PKG_GROUPS=			${COTURN_GROUP}
+PKG_USERS=			${COTURN_USER}:${COTURN_GROUP}
+PKG_GECOS.${COTURN_USER}=	coturn daemon user
+PKG_HOME.${COTURN_USER}=	${COTURN_DATA}
+PKG_SHELL.${COTURN_USER}=	${NOLOGIN}
+
+RCD_SCRIPTS=		turnserver
+
 # Pass cflags/libs
 CONFIGURE_ENV+=		PTHREAD_LIBS=-pthread TURN_DISABLE_RPATH=1
 CONFIGURE_ENV+=		LIBEVENT_OPENSSL_CFLAGS="-I${BUILDLINK_PREFIX.libevent}/include"
 CONFIGURE_ENV+=		LIBEVENT_OPENSSL_LIBS="-L${BUILDLINK_PREFIX.libevent}/lib -levent_openssl -levent"
 
-BUILD_DEFS+=		VARBASE
-
 CONFIGURE_ARGS+=	--prefix=${PREFIX}
 # Use coturn as docs/examples subdir name.  \todo No command-line argument?
 CONFIGURE_ENV+=		PORTNAME=coturn
 # Defaults to ${PREFIX}/etc; respect pkgsrc tunable.
 CONFIGURE_ARGS+=	--confdir=${PKG_SYSCONFDIR}
 # Defaults to ${PREFIX}/var; give it a subdirectory.
-CONFIGURE_ARGS+=	--localstatedir=${VARBASE}/coturn
+CONFIGURE_ARGS+=	--localstatedir=${COTURN_DATA}
 
 # \todo Why is there a db installed in /var?  Won't that overwrite the user's database?
 
@@ -40,9 +56,7 @@ post-install:
 	${RM} ${DESTDIR}${PKG_SYSCONFDIR}/turnserver.conf.default
 
 CONF_FILES+=		${PREFIX}/share/examples/coturn/etc/turnserver.conf ${PKG_SYSCONFDIR}/turnserver.conf
-RCD_SCRIPTS=		turnserver
 
-.include "options.mk"
 
 .include "../../security/openssl/buildlink3.mk"
 .include "../../devel/libevent/buildlink3.mk"
diff --git a/coturn/files/turnserver.sh b/coturn/files/turnserver.sh
index 0f7188ef81..7ee7a1ca0e 100644
--- a/coturn/files/turnserver.sh
+++ b/coturn/files/turnserver.sh
@@ -19,13 +19,15 @@
 name="turnserver"
 rcvar=$name
 
-load_rc_config $name
-
 : ${turnserver:=no}
 : ${turnserver_config=@PREFIX@/etc/turnserver.conf}
+: ${coturn_user:=@COTURN_USER@}
+: ${synapse_group:=@SYNAPSE_GROUP@}
+
+load_rc_config $name
 
 command="@PREFIX@/bin/${name}"
-command_args="--daemon -c ${turnserver_config}"
+command_args="--daemon --proc-user ${coturn_user} --proc-group ${coturn_user} -c ${turnserver_config}"
 required_files=${turnserver_config}
 
 run_rc_command "$1"

Prev by Date: cargo-c: update to 0.10.9
Next by Date: coturn: Fix non-root user
Previous by Thread: cargo-c: update to 0.10.9
Next by Thread: coturn: Fix non-root user
Indexes:

Home | Main Index | Thread Index | Old Index