From 0b8d58570a655b3b0161eba28b687ce33b614038 Mon Sep 17 00:00:00 2001
From: Jakub Jirutka <jakub@jirutka.cz>
Date: Thu, 4 May 2017 23:53:34 +0200
Subject: main/dkimproxy: rewrite runscripts, run as dkimproxy user/group

When user upgrade this package and do not update confd files, then
it will still run as root, for backward compatibility.
---
 main/dkimproxy/APKBUILD              | 11 ++++++-----
 main/dkimproxy/dkimproxy.in.confd    | 16 ++++++++++++---
 main/dkimproxy/dkimproxy.in.initd    | 38 ++++++++++++++----------------------
 main/dkimproxy/dkimproxy.out.confd   | 16 ++++++++++++---
 main/dkimproxy/dkimproxy.out.initd   | 38 ++++++++++++++----------------------
 main/dkimproxy/dkimproxy.pre-install |  7 +++++++
 6 files changed, 69 insertions(+), 57 deletions(-)
 create mode 100644 main/dkimproxy/dkimproxy.pre-install

(limited to 'main')

diff --git a/main/dkimproxy/APKBUILD b/main/dkimproxy/APKBUILD
index f5898b7694..c11df01f58 100644
--- a/main/dkimproxy/APKBUILD
+++ b/main/dkimproxy/APKBUILD
@@ -2,13 +2,14 @@
 # Maintainer: Leonardo Arena <rnalrd@alpinelinux.org>
 pkgname=dkimproxy
 pkgver=1.4.1
-pkgrel=4
+pkgrel=5
 pkgdesc="SMTP-proxy that signs and/or verifies emails, using the Mail::DKIM module"
 url="http://dkimproxy.sourceforge.net/"
 arch="noarch"
 license="GPL"
 depends="perl-mail-dkim perl-net-server perl-error"
 subpackages="$pkgname-doc"
+install="$pkgname.pre-install"
 source="http://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz
 	dkimproxy.in.initd
 	dkimproxy.out.initd
@@ -52,7 +53,7 @@ package() {
 }
 
 sha512sums="ad5ac961ea25cdd7ccc763521d1fa5e143ef93056ca4bdace1d0d8f564ab85cb128b4c97ace310bcbf9e4d49430dd5baf1e9f836f5a44a4b3f1e7498ebc352b6  dkimproxy-1.4.1.tar.gz
-35368ff9d63103c7a17ce4320ad434daad1e0039d19e6777e0d226befdcc290c0737baf856a384bb915b0ca8f0311b10259fb2c0df1c9896445e748622b66a64  dkimproxy.in.initd
-31a91b1bccb76210aad13329c55a0f1c9d499188fd73b0bc4fb2160790885e1f74a27328c8864744bdc4610b27fba1f13b10494ad9d789599c58bb1dbf33a5f5  dkimproxy.out.initd
-aaea5eb0e7b7d400e2774a60c39d55fe9c905336f416db7dfe5477b6ffa6e243ba3897a7e0ce8bdb485a9b730a9b0d6531bd31c49af8cef9f208f895a19b483d  dkimproxy.in.confd
-2882eebaf991b8b236cb345ec421c1ead103d2b6cd3e60203d9351587381a25d470c470f8869ce29f6a1cdbc3b9657378787d43da846efad93712983d7a56b32  dkimproxy.out.confd"
+3b0032aa1187e75c890f573bcfc4f582648dca734286f50db2ea49caec8070d9a8b2dd6a9041c94e69bd2b89ad469296fb34cb6559f8d62c2579c687462f8dfa  dkimproxy.in.initd
+fad58eff8c25b6c2ac711a82f94ec313ad8fbd4acadd3c2ee80be69dfca444de3aaf9e199d6e8cca58e0b977f4fa8e403f936f75e7f98545592ebc8ee1be3c53  dkimproxy.out.initd
+d1e9a491b5c63b26c4d59a8dc79e6539e60f1e82f93911b0cd0384ea4200b2494ca5bff41f29c994b0f706d11bcf603504e532801c62f207c227a6040b057e89  dkimproxy.in.confd
+27f7bec93906a2a8bda742afbed2cd972b36439c3241a89d20883c2c0a1ab340820055370e379daa9fe78e334f2723e8a48a99be504ddd2544c5f3356ec9578f  dkimproxy.out.confd"
diff --git a/main/dkimproxy/dkimproxy.in.confd b/main/dkimproxy/dkimproxy.in.confd
index e10508a436..d1ff7ad7bb 100644
--- a/main/dkimproxy/dkimproxy.in.confd
+++ b/main/dkimproxy/dkimproxy.in.confd
@@ -1,3 +1,13 @@
-#OPTS=""
-CONFIGFILE="/etc/dkimproxy/dkimproxy_in.conf"
-PIDFILE="/var/run/dkimproxy_in.pid"
+# Configuration for /etc/init.d/dkimproxy_in
+
+# The user to run dkimproxy_in as. Defaults to root.
+user="dkimproxy"
+
+# The group to run dkimproxy_in as.
+#group="$user"
+
+# Location of the configuration file.
+#cfgfile="/etc/dkimproxy/dkimproxy_in.conf"
+
+# Additional options to pass to the dkimproxy_in command.
+#command_args=""
diff --git a/main/dkimproxy/dkimproxy.in.initd b/main/dkimproxy/dkimproxy.in.initd
index f7932ef467..915e36a740 100644
--- a/main/dkimproxy/dkimproxy.in.initd
+++ b/main/dkimproxy/dkimproxy.in.initd
@@ -1,31 +1,23 @@
 #!/sbin/openrc-run
 
+# Upper case variables are here only for backward compatibility.
+: ${cfgfile:=${CONFIGFILE:-"/etc/dkimproxy/dkimproxy_in.conf"}}
+: ${user:="root"}  # root is default just for backward compatibility
+: ${group:="$user"}
+
 description="SMTP proxy that verifies signature on incoming messages"
 
-depend() {
-	need net
-	after firewall
-}
+command="/usr/sbin/dkimproxy.in"
+command_args="--conf_file=$cfgfile ${command_args:-${OPTS:-}}"
+command_background="yes"
 
-checkconfig() {
-	if [ ! -f ${CONFIGFILE} ]; then
-		eerror "Missing configuration file ${CONFIGFILE}"
-		return 1
-	fi
-}
-
-start() {
-	checkconfig || return 1
-	ebegin "Starting dkimproxy.in"
-	start-stop-daemon --start -q --exec /usr/sbin/dkimproxy.in \
-		--pidfile "${PIDFILE}" --make-pidfile --background \
-		-- --conf_file=${CONFIGFILE} ${OPTS}
-	eend $?
-}
+pidfile="/run/$RC_SVCNAME.pid"
+start_stop_daemon_args="--user $user --group $group"
 
+required_files="$cfgfile"
 
-stop() {
-	ebegin "Stopping dkimproxy.in"
-	start-stop-daemon --stop -q --pidfile "${PIDFILE}"
-	eend $?
+depend() {
+	need net
+	before opensmtpd postfix smtpd
+	after firewall
 }
diff --git a/main/dkimproxy/dkimproxy.out.confd b/main/dkimproxy/dkimproxy.out.confd
index 570b0bc078..5820f7abe0 100644
--- a/main/dkimproxy/dkimproxy.out.confd
+++ b/main/dkimproxy/dkimproxy.out.confd
@@ -1,3 +1,13 @@
-#OPTS=""
-CONFIGFILE="/etc/dkimproxy/dkimproxy_out.conf"
-PIDFILE="/var/run/dkimproxy_out.pid"
+# Configuration for /etc/init.d/dkimproxy_out
+
+# The user to run dkimproxy_in as. Defaults to root.
+user="dkimproxy"
+
+# The group to run dkimproxy_in as.
+#group="$user"
+
+# Location of the configuration file.
+#cfgfile="/etc/dkimproxy/dkimproxy_out.conf"
+
+# Additional options to pass to the dkimproxy_out command.
+#command_args=""
diff --git a/main/dkimproxy/dkimproxy.out.initd b/main/dkimproxy/dkimproxy.out.initd
index 87c5df94a3..ed8fdc356a 100644
--- a/main/dkimproxy/dkimproxy.out.initd
+++ b/main/dkimproxy/dkimproxy.out.initd
@@ -1,31 +1,23 @@
 #!/sbin/openrc-run
 
+# Upper case variables are here only for backward compatibility.
+: ${cfgfile:=${CONFIGFILE:-"/etc/dkimproxy/dkimproxy_out.conf"}}
+: ${user:="root"}  # root is default just for backward compatibility
+: ${group:="$user"}
+
 description="SMTP proxy that verifies signature on outgoing messages"
 
-depend() {
-	need net
-	after firewall
-}
+command="/usr/sbin/dkimproxy.out"
+command_args="--conf_file=$cfgfile ${command_args:-${OPTS:-}}"
+command_background="yes"
 
-checkconfig() {
-	if [ ! -f ${CONFIGFILE} ]; then
-		eerror "Missing configuration file ${CONFIGFILE}"
-		return 1
-	fi
-}
-
-start() {
-	checkconfig || return 1
-	ebegin "Starting dkimproxy.out"
-	start-stop-daemon --start -q --exec /usr/sbin/dkimproxy.out \
-		--pidfile "${PIDFILE}" --make-pidfile --background \
-		-- --conf_file=${CONFIGFILE} ${OPTS}
-	eend $?
-}
+pidfile="/run/$RC_SVCNAME.pid"
+start_stop_daemon_args="--user $user --group $group"
 
+required_files="$cfgfile"
 
-stop() {
-	ebegin "Stopping dkimproxy.out"
-	start-stop-daemon --stop -q --pidfile "${PIDFILE}"
-	eend $?
+depend() {
+	need net
+	before opensmtpd postfix smtpd
+	after firewall
 }
diff --git a/main/dkimproxy/dkimproxy.pre-install b/main/dkimproxy/dkimproxy.pre-install
new file mode 100644
index 0000000000..3c56dc00c1
--- /dev/null
+++ b/main/dkimproxy/dkimproxy.pre-install
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+addgroup -S dkimproxy 2>/dev/null
+adduser -SDH -h /dev/null -s /sbin/nologin -G dkimproxy -g dkimproxy dkimproxy 2>/dev/null
+adduser dkimproxy mail
+
+exit 0
-- 
cgit v1.2.3