Skip to content

Commit

Permalink
Create home directory for daemon users in LinuxPlugin (#1536)
Browse files Browse the repository at this point in the history
  • Loading branch information
@andrew-nowak
andrew-nowak committed Feb 19, 2023
1 parent 3561d0b commit 5216d42
Show file tree
Hide file tree
Showing 12 changed files with 58 additions and 5 deletions.
6 changes: 5 additions & 1 deletion src/main/mima-filters/1.3.15.backward.excludes
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,4 +74,8 @@ ProblemFilters.exclude[DirectMissingMethodProblem]("com.typesafe.sbt.packager.do
ProblemFilters.exclude[DirectMissingMethodProblem]("com.typesafe.sbt.packager.docker.ExecCmd.apply")
ProblemFilters.exclude[DirectMissingMethodProblem]("com.typesafe.sbt.packager.docker.CombinedCmd.apply")
ProblemFilters.exclude[DirectMissingMethodProblem]("com.typesafe.sbt.packager.docker.Cmd.apply")
ProblemFilters.exclude[DirectMissingMethodProblem]("com.typesafe.sbt.packager.docker.DockerPlugin.publishDocker")
ProblemFilters.exclude[DirectMissingMethodProblem]("com.typesafe.sbt.packager.docker.DockerPlugin.publishDocker")

ProblemFilters.exclude[ReversedMissingMethodProblem]("com.typesafe.sbt.packager.linux.LinuxKeys.com$typesafe$sbt$packager$linux$LinuxKeys$_setter_$daemonHome_=")
ProblemFilters.exclude[ReversedMissingMethodProblem]("com.typesafe.sbt.packager.linux.LinuxKeys.daemonHome")
ProblemFilters.exclude[DirectMissingMethodProblem]("com.typesafe.sbt.packager.linux.LinuxPlugin.makeReplacements")
2 changes: 1 addition & 1 deletion src/main/resources/com/typesafe/sbt/packager/archetypes/java_server/rpm/pre-template
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ then
# Adding system user/group : ${{daemon_user}} and ${{daemon_group}}

addGroup ${{daemon_group}} "${{daemon_group_gid}}"
addUser ${{daemon_user}} "${{daemon_user_uid}}" ${{daemon_group}} "${{app_name}} user-daemon" "${{daemon_shell}}"
addUser ${{daemon_user}} "${{daemon_user_uid}}" ${{daemon_group}} "${{app_name}} user-daemon" "${{daemon_shell}}" "${{daemon_home}}"
fi

if [ -e /etc/sysconfig/${{app_name}} ] ;
Expand Down
2 changes: 1 addition & 1 deletion src/main/resources/com/typesafe/sbt/packager/debian/postinst-template
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,6 @@ ${{header}}
${{control-functions}}

addGroup ${{daemon_group}} "${{daemon_group_gid}}"
addUser ${{daemon_user}} "${{daemon_user_uid}}" ${{daemon_group}} "${{app_name}} daemon-user" "${{daemon_shell}}"
addUser ${{daemon_user}} "${{daemon_user_uid}}" ${{daemon_group}} "${{app_name}} daemon-user" "${{daemon_shell}}" "${{daemon_home}}"

${{chown-paths}}
4 changes: 3 additions & 1 deletion src/main/resources/com/typesafe/sbt/packager/linux/control-functions
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
# $3 = group
# $4 = description
# $5 = shell (defaults to /bin/false)
# $6 = home directory (defaults to /var/lib/$user)
addUser() {
user="$1"
if [ -z "$user" ]; then
Expand All @@ -23,10 +24,11 @@ addUser() {
group=${3:-$user}
descr=${4:-No description}
shell=${5:-/bin/false}
homedir=${6:-/var/lib/$user}
if ! getent passwd | grep -q "^$user:";
then
echo "Creating system user: $user in $group with $descr and shell $shell"
useradd $uid_flags --gid $group -r --shell $shell -c "$descr" $user
useradd $uid_flags --gid $group -r --shell $shell -c "$descr" -d "$homedir" -m $user
fi
}

Expand Down
2 changes: 2 additions & 0 deletions src/main/scala/com/typesafe/sbt/packager/linux/Keys.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ trait LinuxKeys {
SettingKey[Option[String]]("daemon-group-gid", "GID of daemonGroup")
val daemonShell =
SettingKey[String]("daemon-shell", "Shell provided for the daemon user")
val daemonHome =
SettingKey[String]("daemon-home", "Home directory provided for the daemon user")
val fileDescriptorLimit = SettingKey[Option[String]](
"file-descriptor-limit",
"Maximum number of open file descriptors for the spawned application"
Expand Down
4 changes: 4 additions & 0 deletions src/main/scala/com/typesafe/sbt/packager/linux/LinuxPlugin.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@ object LinuxPlugin extends AutoPlugin {
daemonGroup in Linux := daemonGroup.value,
daemonGroupGid in Linux := None,
daemonShell in Linux := "/bin/false",
daemonHome in Linux := s"/var/lib/${(daemonUser in Linux).value}",
defaultLinuxInstallLocation := "/usr/share",
defaultLinuxLogsLocation := "/var/log",
defaultLinuxConfigLocation := "/etc",
Expand All @@ -93,6 +94,7 @@ object LinuxPlugin extends AutoPlugin {
daemonGroup = (daemonGroup in Linux).value,
daemonGroupGid = (daemonGroupGid in Linux).value,
daemonShell = (daemonShell in Linux).value,
daemonHome = (daemonHome in Linux).value,
fileDescriptorLimit = (fileDescriptorLimit in Linux).value
),
linuxScriptReplacements += controlScriptFunctionsReplacement( /* Add key for control-functions */ ),
Expand Down Expand Up @@ -162,6 +164,7 @@ object LinuxPlugin extends AutoPlugin {
daemonGroup: String,
daemonGroupGid: Option[String],
daemonShell: String,
daemonHome: String,
fileDescriptorLimit: Option[String]
): Seq[(String, String)] =
Seq(
Expand All @@ -177,6 +180,7 @@ object LinuxPlugin extends AutoPlugin {
"daemon_group" -> daemonGroup,
"daemon_group_gid" -> daemonGroupGid.getOrElse(""),
"daemon_shell" -> daemonShell,
"daemon_home" -> daemonHome,
"file_descriptor_limit" -> fileDescriptorLimit.getOrElse("")
)

Expand Down
2 changes: 1 addition & 1 deletion src/sbt-test/debian/daemon-user-deb/build.sbt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ TaskKey[Unit]("checkControlFiles") := {
val postrm = IO.read(debian / "postrm")
assert(postinst contains """addGroup daemongroup """"", "postinst misses addgroup for daemongroup: " + postinst)
assert(
postinst contains """addUser daemonuser "" daemongroup "debian-test daemon-user" "/bin/false"""",
postinst contains """addUser daemonuser "" daemongroup "debian-test daemon-user" "/bin/false" "/var/lib/daemonuser""",
"postinst misses useradd for daemonuser: " + postinst
)
assert(
Expand Down
26 changes: 26 additions & 0 deletions src/sbt-test/debian/daemon-user-homedir-deb/build.sbt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
enablePlugins(JavaServerAppPackaging)

daemonUser in Linux := "daemonuser"
daemonGroup in Linux := "daemongroup"
daemonHome in Linux := "/var/lib/customdaemonhome"

mainClass in Compile := Some("empty")

name := "debian-test"
version := "0.1.0"
maintainer := "Josh Suereth <joshua.suereth@typesafe.com>"

packageSummary := "Test debian package"
packageDescription := """A fun package description of our software,
with multiple lines."""

TaskKey[Unit]("checkControlFiles") := {
val debian = target.value / "debian-test-0.1.0" / "DEBIAN"
val postinst = IO.read(debian / "postinst")
val postrm = IO.read(debian / "postrm")
assert(
postinst contains """addUser daemonuser "" daemongroup "debian-test daemon-user" "/bin/false" "/var/lib/customdaemonhome"""",
"postinst misses useradd for daemonuser with custom home directory: " + postinst
)
()
}
1 change: 1 addition & 0 deletions src/sbt-test/debian/daemon-user-homedir-deb/project/plugins.sbt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
addSbtPlugin("com.github.sbt" % "sbt-native-packager" % sys.props("project.version"))
10 changes: 10 additions & 0 deletions src/sbt-test/debian/daemon-user-homedir-deb/test
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
# Run the debian packaging.
> debian:packageBin
$ exists target/debian-test_0.1.0_all.deb

# Check defaults
$ exists target/debian-test-0.1.0/DEBIAN/prerm
$ exists target/debian-test-0.1.0/DEBIAN/postinst

# Check files for defaults
> checkControlFiles
1 change: 1 addition & 0 deletions src/sphinx/archetypes/cheatsheet.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -217,6 +217,7 @@ You can use ``${{variable_name}}`` to reference variables when writing your scri
* ``daemon_group`` - The group of the user that the service should run as; defined by ``Linux / daemonGroup``.
* ``daemon_group_gid`` - The group ID of the group of the user that the service should run as; defined by ``Linux / daemonGroupGid``.
* ``daemon_shell`` - The shell of the user that the service should run as; defined by ``Linux / daemonShell``.
* ``daemon_home`` - The home directory of the user that the service should run as; defined by ``Linux / daemonHome``.
* ``term_timeout`` - The timeout for the service to respond to a TERM signal; defined by ``Linux / termTimeout``, defaults to ``60``.
* ``kill_timeout`` - The timeout for the service to respond to a KILL signal; defined by ``Linux / killTimeout``, defaults to ``30``.
* ``start_facilities`` - Intended for the ``Required-Start:`` line in the ``INIT INFO`` block. Its value is automatically generated with respect to the chosen system loader.
Expand Down
3 changes: 3 additions & 0 deletions src/sphinx/archetypes/java_server/index.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,9 @@ have sensible defaults.
``daemonShell``
Shell provided for the daemon user

``daemonHome``
Home directory provided for the daemon user

``daemonStdoutLogFile``
Filename stdout/stderr of application daemon. Now it's supported only in SystemV

Expand Down

0 comments on commit 5216d42

Please sign in to comment.