Merge "Make /usr readonly to support OSTree"
This commit is contained in:
commit
11999e9c0a
@ -29,6 +29,8 @@ Requires: puppet-concat
|
||||
%description
|
||||
A Puppet module for managing PostgreSQL databases
|
||||
|
||||
%define local_bindir /usr/local/bin
|
||||
|
||||
%prep
|
||||
%setup -n %{prefix}-%{module_dir}
|
||||
%patch0001 -p1
|
||||
@ -45,8 +47,10 @@ find . \( -name spec -o -name ext \) | xargs rm -rf
|
||||
rm -rf %{buildroot}
|
||||
install -d -m 0755 %{buildroot}/%{_datadir}/puppet/modules/%{module_dir}
|
||||
cp -rp * %{buildroot}/%{_datadir}/puppet/modules/%{module_dir}/
|
||||
install -d -m 0755 %{buildroot}%{local_bindir}/
|
||||
install -p -D -m 755 files/validate_postgresql_connection.sh %{buildroot}%{local_bindir}/
|
||||
|
||||
%files
|
||||
%license %{_datadir}/puppet/modules/%{module_dir}/LICENSE
|
||||
%{_datadir}/puppet/modules/%{module_dir}
|
||||
|
||||
%{local_bindir}/validate_postgresql_connection.sh
|
||||
|
@ -77,8 +77,8 @@ for d in $PLUGINS; do
|
||||
done
|
||||
|
||||
%install
|
||||
install -d -p %{buildroot}%{_libexecdir}/cni/
|
||||
install -p -m 0755 bin/* %{buildroot}/%{_libexecdir}/cni
|
||||
install -d -p %{buildroot}/opt/cni/bin
|
||||
install -p -m 0755 bin/* %{buildroot}/opt/cni/bin
|
||||
|
||||
%check
|
||||
%if 0%{?with_check}
|
||||
@ -119,8 +119,8 @@ install -p -m 0755 bin/* %{buildroot}/%{_libexecdir}/cni
|
||||
%files
|
||||
%license LICENSE
|
||||
%doc *.md
|
||||
%dir %{_libexecdir}/cni
|
||||
%{_libexecdir}/cni/*
|
||||
%dir /opt/cni/bin
|
||||
/opt/cni/bin/*
|
||||
|
||||
%changelog
|
||||
* Thu Feb 17 2022 Steven Webster <steven.webster@windriver.com> - 1.0.1
|
||||
|
@ -1 +1 @@
|
||||
usr/bin/* usr/libexec/cni/
|
||||
usr/bin/* opt/cni/bin
|
||||
|
@ -20,6 +20,7 @@ Patch1: sudo-delete-support.patch
|
||||
Patch2: log_timestamp.patch
|
||||
Patch3: ldap-user-setup-support.patch
|
||||
Patch4: allow-anonymous-bind-for-ldap-search.patch
|
||||
Patch5: install-ldapscripts-files-to-etc.patch
|
||||
|
||||
%define debug_package %{nil}
|
||||
|
||||
@ -36,6 +37,7 @@ Shell scripts that allow to manage POSIX accounts (users, groups, machines) in a
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
%patch5 -p1
|
||||
|
||||
%build
|
||||
|
||||
@ -46,21 +48,22 @@ rm -Rf %{buildroot}/usr/local/man
|
||||
rm -f %{buildroot}/usr/local/sbin/*machine*
|
||||
rm -f %{buildroot}/usr/local/etc/ldapscripts/ldapaddmachine.template.sample
|
||||
install -d %{buildroot}/usr/local/etc/
|
||||
install -m 644 %{SOURCE1} %{buildroot}/usr/local/etc/ldapscripts/ldapscripts.conf
|
||||
install -m 644 %{SOURCE2} %{buildroot}/usr/local/etc/ldapscripts/ldapadduser.template.cgcs
|
||||
install -m 644 %{SOURCE3} %{buildroot}/usr/local/etc/ldapscripts/ldapaddgroup.template.cgcs
|
||||
install -m 644 %{SOURCE4} %{buildroot}/usr/local/etc/ldapscripts/ldapmoduser.template.cgcs
|
||||
install -m 644 %{SOURCE5} %{buildroot}/usr/local/etc/ldapscripts/ldapaddsudo.template.cgcs
|
||||
install -m 644 %{SOURCE6} %{buildroot}/usr/local/etc/ldapscripts/ldapmodsudo.template.cgcs
|
||||
install -m 600 %{SOURCE7} %{buildroot}/usr/local/etc/ldapscripts/ldapscripts.passwd
|
||||
install -d %{buildroot}/etc/ldapscripts/
|
||||
install -m 644 %{SOURCE1} %{buildroot}/etc/ldapscripts/ldapscripts.conf
|
||||
install -m 644 %{SOURCE2} %{buildroot}/etc/ldapscripts/ldapadduser.template.cgcs
|
||||
install -m 644 %{SOURCE3} %{buildroot}/etc/ldapscripts/ldapaddgroup.template.cgcs
|
||||
install -m 644 %{SOURCE4} %{buildroot}/etc/ldapscripts/ldapmoduser.template.cgcs
|
||||
install -m 644 %{SOURCE5} %{buildroot}/etc/ldapscripts/ldapaddsudo.template.cgcs
|
||||
install -m 644 %{SOURCE6} %{buildroot}/etc/ldapscripts/ldapmodsudo.template.cgcs
|
||||
install -m 600 %{SOURCE7} %{buildroot}/etc/ldapscripts/ldapscripts.passwd
|
||||
|
||||
%files
|
||||
%defattr(-,root,root,-)
|
||||
%dir /usr/local/etc/ldapscripts/
|
||||
%dir /etc/ldapscripts/
|
||||
%dir /usr/local/lib/ldapscripts/
|
||||
/usr/local/sbin/*
|
||||
%config(noreplace) /usr/local/etc/ldapscripts/ldapscripts.passwd
|
||||
/usr/local/etc/ldapscripts/*
|
||||
%config(noreplace) /etc/ldapscripts/ldapscripts.passwd
|
||||
/etc/ldapscripts/*
|
||||
/usr/local/lib/ldapscripts/*
|
||||
|
||||
|
||||
|
@ -0,0 +1,53 @@
|
||||
From c3f8f0bae32fb59eb9f7e4be7b88e9e8931a9711 Mon Sep 17 00:00:00 2001
|
||||
From: Bin Qian <bin.qian@windriver.com>
|
||||
Date: Wed, 27 Apr 2022 22:08:59 +0000
|
||||
Subject: [PATCH] install ldapscripts files to /etc
|
||||
|
||||
Install ldapscripts files to /etc where they originally deployed to.
|
||||
As /usr needs to be readonly to support OSTree
|
||||
|
||||
Signed-off-by: Bin Qian <bin.qian@windriver.com>
|
||||
---
|
||||
debian/rules | 22 +++++++++++-----------
|
||||
1 file changed, 11 insertions(+), 11 deletions(-)
|
||||
|
||||
diff --git a/debian/rules b/debian/rules
|
||||
index cad1a0f..1388e4c 100755
|
||||
--- a/debian/rules
|
||||
+++ b/debian/rules
|
||||
@@ -9,14 +9,14 @@ override_dh_auto_install:
|
||||
$(MAKE) install DESTDIR=debian/ldapscripts PREFIX=/usr ETCDIR=/etc/ldapscripts LIBDIR=/usr/share/ldapscripts MANDIR=/usr/share/man
|
||||
cp debian/runtime.debian debian/ldapscripts/usr/share/ldapscripts
|
||||
rm debian/ldapscripts/etc/ldapscripts/*.sample
|
||||
- $(MAKE) install DESTDIR=debian/ldapscripts PREFIX=/usr ETCDIR=/usr/local/etc/ldapscripts
|
||||
- install -m 644 ldapscripts.conf.cgcs debian/ldapscripts/usr/local/etc/ldapscripts
|
||||
- install -m 644 ldapadduser.template.cgcs debian/ldapscripts/usr/local/etc/ldapscripts
|
||||
- install -m 644 ldapaddgroup.template.cgcs debian/ldapscripts/usr/local/etc/ldapscripts
|
||||
- install -m 644 ldapmoduser.template.cgcs debian/ldapscripts/usr/local/etc/ldapscripts
|
||||
- install -m 644 ldapaddsudo.template.cgcs debian/ldapscripts/usr/local/etc/ldapscripts
|
||||
- install -m 644 ldapmodsudo.template.cgcs debian/ldapscripts/usr/local/etc/ldapscripts
|
||||
- install -m 600 ldapscripts.passwd debian/ldapscripts/usr/local/etc/ldapscripts
|
||||
+ $(MAKE) install DESTDIR=debian/ldapscripts PREFIX=/usr ETCDIR=/etc/ldapscripts
|
||||
+ install -m 644 ldapscripts.conf.cgcs debian/ldapscripts/etc/ldapscripts
|
||||
+ install -m 644 ldapadduser.template.cgcs debian/ldapscripts/etc/ldapscripts
|
||||
+ install -m 644 ldapaddgroup.template.cgcs debian/ldapscripts/etc/ldapscripts
|
||||
+ install -m 644 ldapmoduser.template.cgcs debian/ldapscripts//etc/ldapscripts
|
||||
+ install -m 644 ldapaddsudo.template.cgcs debian/ldapscripts/etc/ldapscripts
|
||||
+ install -m 644 ldapmodsudo.template.cgcs debian/ldapscripts/etc/ldapscripts
|
||||
+ install -m 600 ldapscripts.passwd debian/ldapscripts/etc/ldapscripts
|
||||
rm -rf ./debian/ldapscripts/usr/local/etc/ldapscripts/ldapaddmachine.template.sample
|
||||
|
||||
override_dh_installdocs:
|
||||
@@ -31,6 +31,6 @@ override_dh_installexamples:
|
||||
override_dh_fixperms:
|
||||
dh_fixperms --exclude etc/ldapscripts/ldapscripts.passwd
|
||||
chmod 440 ./debian/ldapscripts/usr/lib/ldapscripts/runtime
|
||||
- chmod 440 ./debian/ldapscripts/usr/local/etc/ldapscripts/ldapaddgroup.template.sample
|
||||
- chmod 440 ./debian/ldapscripts/usr/local/etc/ldapscripts/ldapadduser.template.sample
|
||||
- chmod 440 ./debian/ldapscripts/usr/local/etc/ldapscripts/ldapscripts.conf.sample
|
||||
+ chmod 440 ./debian/ldapscripts/etc/ldapscripts/ldapaddgroup.template.sample
|
||||
+ chmod 440 ./debian/ldapscripts/etc/ldapscripts/ldapadduser.template.sample
|
||||
+ chmod 440 ./debian/ldapscripts/etc/ldapscripts/ldapscripts.conf.sample
|
||||
--
|
||||
2.30.2
|
||||
|
@ -1,2 +1,3 @@
|
||||
debian-install-cgcs-files.patch
|
||||
debian-align-permission-with-centos.patch
|
||||
install-ldapscripts-files-to-etc.patch
|
||||
|
@ -0,0 +1,38 @@
|
||||
From afac530d7bd2754980d519e479777b918db18cd0 Mon Sep 17 00:00:00 2001
|
||||
From: Bin Qian <bin.qian@windriver.com>
|
||||
Date: Wed, 27 Apr 2022 22:06:27 +0000
|
||||
Subject: [PATCH] install ldapscripts files to /etc
|
||||
|
||||
Deploy ldapscripts config files to /etc/ldapscripts as it was done
|
||||
originally. We no longer need to use sed to modify the path.
|
||||
|
||||
Signed-off-by: Bin Qian <bin.qian@windriver.com>
|
||||
---
|
||||
Makefile | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/Makefile b/Makefile
|
||||
index d490f9e..ba1d93e 100644
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -30,7 +30,7 @@ VERSION = 2.0.8
|
||||
# Default installation paths
|
||||
SBINDIR = $(PREFIX)/sbin
|
||||
MANDIR = $(PREFIX)/man
|
||||
-ETCDIR = $(PREFIX)/etc/$(NAME)
|
||||
+ETCDIR = /etc/$(NAME)
|
||||
LIBDIR = $(PREFIX)/lib/$(NAME)
|
||||
|
||||
# Files to install
|
||||
@@ -84,7 +84,7 @@ help:
|
||||
configure:
|
||||
@echo -n 'Configuring scripts... '
|
||||
@sed 's|^BINDPWDFILE=.*|BINDPWDFILE="$(ETCDIR)/$(PWDFILE)"|g' 'etc/$(ETCFILE)' > 'etc/$(ETCFILE).patched'
|
||||
- @sed '/^_CONFIGFILE=/s|^\(.*"\).*\(".*\)|\1$(ETCDIR)/$(ETCFILE)\2|g' 'lib/$(RUNFILE)' > 'lib/$(RUNFILE).patched'
|
||||
+ @cp 'lib/$(RUNFILE)' 'lib/$(RUNFILE).patched'
|
||||
@for i in $(SBINFILES) ; do \
|
||||
sed 's|^_RUNTIMEFILE=.*|_RUNTIMEFILE="$(LIBDIR)/$(RUNFILE)"|g' "sbin/$$i" > "sbin/$$i.patched" ; \
|
||||
done
|
||||
--
|
||||
2.30.2
|
||||
|
@ -4,3 +4,4 @@ log_timestamp.patch
|
||||
ldap-user-setup-support.patch
|
||||
allow-anonymous-bind-for-ldap-search.patch
|
||||
ldapscripts-templates.patch
|
||||
install-ldapscripts-files-to-etc.patch
|
||||
|
@ -0,0 +1,38 @@
|
||||
From ff3f64dadeb81a9224acaf62ce564d940f582d7c Mon Sep 17 00:00:00 2001
|
||||
From: Bin Qian <bin.qian@windriver.com>
|
||||
Date: Fri, 29 Apr 2022 10:54:08 -0400
|
||||
Subject: [PATCH] install ldapscripts files to /etc
|
||||
|
||||
Deploy ldapscripts config files to /etc/ldapscripts as it was done
|
||||
originally. We no longer need to use sed to modify the path.
|
||||
|
||||
Signed-off-by: Bin Qian <bin.qian@windriver.com>
|
||||
---
|
||||
Makefile | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/Makefile b/Makefile
|
||||
index 6e5b193..7585602 100644
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -30,7 +30,7 @@ VERSION = 2.0.8
|
||||
# Default installation paths
|
||||
SBINDIR = $(PREFIX)/sbin
|
||||
MANDIR = $(PREFIX)/man
|
||||
-ETCDIR = $(PREFIX)/etc/$(NAME)
|
||||
+ETCDIR = /etc/$(NAME)
|
||||
LIBDIR = $(PREFIX)/lib/$(NAME)
|
||||
|
||||
# Files to install
|
||||
@@ -85,7 +85,7 @@ help:
|
||||
configure:
|
||||
@echo -n 'Configuring scripts... '
|
||||
@sed 's|^BINDPWDFILE=.*|BINDPWDFILE="$(ETCDIR)/$(PWDFILE)"|g' 'etc/$(ETCFILE)' > 'etc/$(ETCFILE).patched'
|
||||
- @sed '/^_CONFIGFILE=/s|^\(.*"\).*\(".*\)|\1$(ETCDIR)/$(ETCFILE)\2|g' 'lib/$(RUNFILE)' > 'lib/$(RUNFILE).patched'
|
||||
+ @cp 'lib/$(RUNFILE)' 'lib/$(RUNFILE).patched'
|
||||
@for i in $(SBINFILES) ; do \
|
||||
sed 's|^_RUNTIMEFILE=.*|_RUNTIMEFILE="$(LIBDIR)/$(RUNFILE)"|g' "sbin/$$i" > "sbin/$$i.patched" ; \
|
||||
done
|
||||
--
|
||||
2.29.2
|
||||
|
@ -37,7 +37,7 @@ BINDDN="cn=ldapadmin,dc=cgcs,dc=local"
|
||||
# The following file contains the raw password of the BINDDN
|
||||
# Create it with something like : echo -n 'secret' > $BINDPWDFILE
|
||||
# WARNING !!!! Be careful not to make this file world-readable
|
||||
BINDPWDFILE="/usr/local/etc/ldapscripts/ldapscripts.passwd"
|
||||
BINDPWDFILE="/etc/ldapscripts/ldapscripts.passwd"
|
||||
# For older versions of OpenLDAP, it is still possible to use
|
||||
# unsecure command-line passwords by defining the following option
|
||||
# AND commenting the previous one (BINDPWDFILE takes precedence)
|
||||
@ -144,9 +144,9 @@ GETENTGRCMD="getent group"
|
||||
#GTEMPLATE="/path/to/ldapaddgroup.template"
|
||||
#UTEMPLATE="/path/to/ldapadduser.template"
|
||||
#MTEMPLATE="/path/to/ldapaddmachine.template"
|
||||
GTEMPLATE="/usr/local/etc/ldapscripts/ldapaddgroup.template.cgcs"
|
||||
UTEMPLATE="/usr/local/etc/ldapscripts/ldapadduser.template.cgcs"
|
||||
UMTEMPLATE="/usr/local/etc/ldapscripts/ldapmoduser.template.cgcs"
|
||||
STEMPLATE="/usr/local/etc/ldapscripts/ldapaddsudo.template.cgcs"
|
||||
SMTEMPLATE="/usr/local/etc/ldapscripts/ldapmodsudo.template.cgcs"
|
||||
GTEMPLATE="/etc/ldapscripts/ldapaddgroup.template.cgcs"
|
||||
UTEMPLATE="/etc/ldapscripts/ldapadduser.template.cgcs"
|
||||
UMTEMPLATE="/etc/ldapscripts/ldapmoduser.template.cgcs"
|
||||
STEMPLATE="/etc/ldapscripts/ldapaddsudo.template.cgcs"
|
||||
SMTEMPLATE="/etc/ldapscripts/ldapmodsudo.template.cgcs"
|
||||
MTEMPLATE=""
|
||||
|
Loading…
Reference in New Issue
Block a user