diff options
author | xrs <xrs@mail36.net> | 2020-04-02 09:26:25 +0200 |
---|---|---|
committer | xrs - <xrs@mail36.net> | 2020-05-08 13:01:43 +0000 |
commit | 41103bc3f23927112e4a57582cc202d8a2299adf (patch) | |
tree | 61f56fb2d906486df37236ead94646f88531501f /testing/gnunet | |
parent | 1269edced8f355b21dacb87d4532ed191fefed7a (diff) | |
download | aports-41103bc3f23927112e4a57582cc202d8a2299adf.tar.bz2 aports-41103bc3f23927112e4a57582cc202d8a2299adf.tar.xz |
testing/gnunet: add support for user services
- add gnunet-user-setup script
- add interactive support for GNU Name System proxy to setup script
- add home directory for system services (/var/lib/gnunet)
- improve post install guide
Diffstat (limited to 'testing/gnunet')
-rw-r--r-- | testing/gnunet/APKBUILD | 16 | ||||
-rw-r--r-- | testing/gnunet/gnunet-system-services.initd | 7 | ||||
-rw-r--r-- | testing/gnunet/gnunet-user-services.initd | 16 | ||||
-rw-r--r-- | testing/gnunet/gnunet.post-install | 20 | ||||
-rw-r--r-- | testing/gnunet/gnunet.pre-install | 6 | ||||
-rw-r--r-- | testing/gnunet/setup-gnunet-user | 90 |
6 files changed, 139 insertions, 16 deletions
diff --git a/testing/gnunet/APKBUILD b/testing/gnunet/APKBUILD index f798066610..1b7bbfc912 100644 --- a/testing/gnunet/APKBUILD +++ b/testing/gnunet/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: xrs <xrs@mail36.net> pkgname=gnunet pkgver=0.12.2 -pkgrel=0 +pkgrel=1 pkgdesc="A framework for secure and privacy enhancing peer-to-peer networking" url="https://gnunet.org" arch="all !mips !mips64" # blocked by texlive @@ -20,8 +20,10 @@ pkggroups="gnunet gnunetdns" subpackages="$pkgname-dev $pkgname-doc $pkgname-lang $pkgname-openrc" options="!check suid" # No check because The GNUnet project lacks a good CI at the moment. source="https://mirrors.ocf.berkeley.edu/gnu/gnunet/gnunet-$pkgver.tar.gz - gnunet-system.conf - gnunet-system-services.initd + $pkgname-system.conf + $pkgname-system-services.initd + $pkgname-user-services.initd + setup-$pkgname-user " build() { @@ -63,6 +65,10 @@ package() { $pkgdir/etc/$pkgname.conf install -m755 -D $srcdir/$pkgname-system-services.initd \ $pkgdir/etc/init.d/$pkgname-system-services + install -m755 -D $srcdir/$pkgname-user-services.initd \ + $pkgdir/etc/init.d/$pkgname-user-services + install -m755 -D $srcdir/setup-$pkgname-user \ + $pkgdir/usr/bin/setup-$pkgname-user } dev() { @@ -76,4 +82,6 @@ dev() { sha512sums="210a9f06679d32dbb399a056e7a20e411cbfacf7945a282bd7e63eb8bfd7a324815efc48caedff32894d0a3f7a4ba9d1e879e2e04db0222282399ae6fc065c7b gnunet-0.12.2.tar.gz a0f55413ed2c6edd6746a751d92ddac95ba70f20eefb07330817870d749456448f44bba95d245911a00f6078e0c2ac626004e3b764be5e5e049c00626c4c5ac0 gnunet-system.conf -63f7c17a83fa6b44f2c4c9f067ac600904dacd7faf04515293544c4b001ee5e0c360894589b46175957971101f212879cc757af8e282b4e44aa4e4abdab9b4dc gnunet-system-services.initd" +24d230b077c7a47a116ac428c411e0fc62b9c019ac97f95d27a0e57112d554734d9b9bfd1e0b22366b387074b621f98d11fbf87f2c6fbafcc2888acda630b54d gnunet-system-services.initd +8daf862f7c81bd5b143a05f786c4edce76c91d4d226903288a4d2d88898b9b7ba017cf683a20d918b9ad93aff5f391eb5f928843a2fcd35e6e48f3a611dc9d8d gnunet-user-services.initd +ed4db7f7500e02fecb8c54ba629d91ae3bb69b6ed61c25831f7c21b6c446b4210af0efea5fac6fb13f14422723b85a742ae63a6ecd60bf5daadfd43abb658d25 setup-gnunet-user" diff --git a/testing/gnunet/gnunet-system-services.initd b/testing/gnunet/gnunet-system-services.initd index c28d7d3129..6bc42e6f15 100644 --- a/testing/gnunet/gnunet-system-services.initd +++ b/testing/gnunet/gnunet-system-services.initd @@ -1,6 +1,6 @@ #!/sbin/openrc-run -name="gnunet-system-service" +name="gnunet-system-services" description="A secure and privacy enhancing peer-to-peer overlay network" command="/usr/lib/gnunet/libexec/gnunet-service-arm" command_args="-c /etc/gnunet.conf" @@ -11,3 +11,8 @@ pidfile="/run/${SVCNAME}.pid" depend() { need net } + +start_pre() { + checkpath --directory --owner $command_user --mode 2755 \ + /var/lib/gnunet +} diff --git a/testing/gnunet/gnunet-user-services.initd b/testing/gnunet/gnunet-user-services.initd new file mode 100644 index 0000000000..04188ade25 --- /dev/null +++ b/testing/gnunet/gnunet-user-services.initd @@ -0,0 +1,16 @@ +#!/sbin/openrc-run + +# Extract user name from file name. +user="${SVCNAME#gnunet-}" # Cut off prefix. +user="${user%-services}" # Cut off suffix. + +description="GNUnet user services for $user" +command="/usr/lib/gnunet/libexec/gnunet-service-arm" +command_args="-c /home/$user/.config/gnunet.conf" +command_user="$user:$user" +command_background="yes" +pidfile="/run/${SVCNAME}.$user.pid" + +depend() { + need gnunet-system-services +} diff --git a/testing/gnunet/gnunet.post-install b/testing/gnunet/gnunet.post-install index 9b01778a3a..893f8cdc43 100644 --- a/testing/gnunet/gnunet.post-install +++ b/testing/gnunet/gnunet.post-install @@ -1,12 +1,16 @@ #!/bin/sh -printf " *\n * To setup GNUnet user services, regular users must do the following steps:\n" -printf " * add user to 'gnunet' group\n" -printf " * add the following lines to /home/USER/.config/gnunet.conf\n" -printf " [arm]\n" -printf " START_SYSTEM_SERVICES = NO\n" -printf " START_USER_SERVICES = YES\n" -printf " * start GNUnet system services with openrc\n" -printf " * start GNUnet user services with 'gnunet-arm -s'\n *\n" +cat << TEXT + + To start GNUnet system services: + > sudo rc-service gnunet-system-services start + + To setup GNUnet user services for a regular user: + > sudo setup-gnunet-user -u USER + + To start GNUnet user services for 'USER': + > sudo rc-service gnunet-USER-services start + +TEXT exit 0 diff --git a/testing/gnunet/gnunet.pre-install b/testing/gnunet/gnunet.pre-install index 7eea70e752..cdbff43faf 100644 --- a/testing/gnunet/gnunet.pre-install +++ b/testing/gnunet/gnunet.pre-install @@ -2,10 +2,10 @@ # Add special group gnunetdns for controlling access to "gnunet-helper-dns". addgroup -S gnunetdns 2>/dev/null -addgroup -S gnunet 2>/dev/null # Add system user/group gnunet for system services -adduser -S -h "/var/lib/gnunet" -s /bin/sh \ - -G gnunet -g gnunet gnunet 2>/dev/null +addgroup -S gnunet 2>/dev/null +adduser -S -h "/var/lib/gnunet" -s /bin/false -D gnunet 2>/dev/null +adduser gnunet gnunet exit 0 diff --git a/testing/gnunet/setup-gnunet-user b/testing/gnunet/setup-gnunet-user new file mode 100644 index 0000000000..8d7b436578 --- /dev/null +++ b/testing/gnunet/setup-gnunet-user @@ -0,0 +1,90 @@ +#!/bin/sh + +# This scripts helps the user to automate the GNUnet setup for user services. + +if [ $(id -u) -ne 0 ]; then + echo "Please run this script as root." + echo "Usage: "`basename $0`" -u USER" + exit +fi +if [ $# = 0 ]; then + echo "Usage: "`basename $0`" -u USER" + exit +fi + +while getopts ':u:' OPTION ; do + case "$OPTION" in + u) USER="$OPTARG";; + *) echo "Unknown parameter"; exit;; + esac +done + +CONFIG_PATH="/home/$USER/.config/gnunet.conf" +DOASUSER="chpst -u $USER env HOME=/home/$USER" + +echo "Adding user to group gnunet" +adduser $USER gnunet 2>/dev/null + +echo "Creating user config at $CONFIG_PATH" +cat > $CONFIG_PATH << EOF +[arm] +START_SYSTEM_SERVICES = NO +START_USER_SERVICES = YES +EOF +chown $USER.$USER $CONFIG_PATH + +echo "Creating symlink: gnunet-user-services -> gnunet-$USER-services" +ln -s /etc/init.d/gnunet-user-services /etc/init.d/gnunet-$USER-services + +echo "Creating/Renewing GNS certificate authority (CA)" +$DOASUSER gnunet-gns-proxy-setup-ca + +echo "Use GNU Name System in Firefox/Chromium by default? [y,N]" +read -r yn +case $yn in +y|Y ) + PORT=$((8000+$(id -u $USER))) + $DOASUSER gnunet-config -c $CONFIG_PATH \ + --rewrite \ + --section=gns-proxy \ + --option=IMMEDIATE_START \ + --value=YES + $DOASUSER gnunet-config -c $CONFIG_PATH \ + --rewrite \ + --section=gns-proxy \ + --option=OPTIONS \ + --value="-p $PORT" + + # Firefox + if [ ! -d /home/$USER/.mozilla/firefox/*.default ];then + $DOASUSER timeout 3s firefox --headless # dirty: create profile if not existent + fi + for ffprofile in /home/$USER/.mozilla/firefox/*.*/; do + js=$ffprofile/user.js + if [ -f $js ]; then + sed -i '/Preferences for using the GNU Name System/d' $js + sed -i '/network.proxy.socks/d' $js + sed -i '/network.proxy.socks_port/d' $js + sed -i '/network.proxy.socks_remote_dns/d' $js + sed -i '/network.proxy.type/d' $js + fi + echo "// Preferences for using the GNU Name System" >> $js + echo "user_pref(\"network.proxy.socks\", \"localhost\");" >> $js + echo "user_pref(\"network.proxy.socks_port\", $PORT);" >> $js + echo "user_pref(\"network.proxy.socks_remote_dns\", true);" >> $js + echo "user_pref(\"network.proxy.type\", 1);" >> $js + done + + # Chromium + PROFILE=/home/$USER/.profile + if [ -f $PROFILE ]; then + sed -i '/CHROMIUM_USER_FLAGS/d' $PROFILE + fi + echo "export CHROMIUM_USER_FLAGS=--proxy-server=socks5://localhost:$PORT" \ + >> $PROFILE + ;; +* ) + ;; +esac + +echo "Done." |