diff --git a/trunk/PKGBUILD b/trunk/PKGBUILD index d411316..92d629c 100644 --- a/trunk/PKGBUILD +++ b/trunk/PKGBUILD @@ -45,7 +45,7 @@ optdepends=('mariadb: lease information database' checkdepends=('gtest' 'procps-ng') # procps-ng needed for 'pgrep' source=( "https://ftp.isc.org/isc/${pkgbase}/${_upstreamver}/${pkgbase}-${_upstreamver}.tar.gz"{,.asc} - 'tmpfiles-kea.conf' + 'sysusers-kea.conf' 'kea-dhcp4.service' 'kea-dhcp6.service' 'kea-dhcp-ddns.service' @@ -53,11 +53,11 @@ source=( ) b2sums=('10b4bca1a135c6d146490f8c4c7bd4d56c1c03e2b4cc88a6888fcad5d1a5c2ee2d2c0215cb345b53a2a4262dbd02516d75d5778835d45384a7d69a062b8696b9' 'SKIP' - '7ac151ae19093350e75112ab1fba38561f6f986a8ac333ada91b86819abd65559e31cec86ef19fce68e0e56cbae7ed28858654507c4d975985db4d34ee0184fb' - 'b25f29b3cd8657508d766eb4c92c8c2b9ebebd60c3639930cb0439f69d205352b6ef066409d704228721ae252b0d954e5f6a3a26bb46c33bbc9ede4170c22e94' - '60167919868547b03bfd37ffdd88a636019f1b6340aadd5c44fa99e77f66f47595fe89830bb53de11b91702d1dff986988d4c7df29a16e9456b1976760496259' - '01035d110b87bed6664e49f11d3d483a4e6a7b9290b05c85a43e485b309c8f15dc00b09959804f5dc3d7590abea36334300010e557988de587a2bf9043966d67' - 'f7be743d8b90ffc82551c3afc28477c8bef10596c77368ccb63e61de7355518e5e668429ab277e3f1a994cdc8b3ef542867ddb91bc7f23860dfe2d72f67b99ba') + '0a0c869032d7191c7701e1c3db20528fb1c674c9464a748380e5672ec4021b8261db4d001ea22409163e0211f77d65cc953d9a7efd749c702b971a40f49ea1ca' + '6558a2e32a4062084dd1f530e6eba5bda346bda614c6e905a09f4bc32b25c9154083759ffad6d987f474ed904120898b052e0e5bdd6e50187d8a9d53c2bdbaa6' + '086a75586ccebad4e3504ae05a10b48434fde8eb5a8afa10fb202703f8fa6b6139b1d23f47ade153866b8d5f67a41c81d8282838ccefd5de7f4e5548bb0cb60e' + '5a859ef3843e9dc1c2854a94204267951f24a54c0bbbcfaf0af2087a16fa4d4553189bdf4fde652f9f86023c2a637a49a563c9f12733503f23c4a7b9f0a828ba' + '66cdf36432cc2f67db807dce5d3bf836154c74a6b9ec143ebf12321e0151b23df7048ce34a92ce56417c6273f32a612dda99d80701b63e0ee4f05bba8b1f64e7') validpgpkeys=('BE0E9748B718253A28BB89FFF1B11BF05CF02E57' # Internet Systems Consortium, Inc. (Signing key, 2017-2018) 'AE3FAC796711EC59FC007AA474BB6B9A4CBB3D38' # Internet Systems Consortium, Inc. (Signing key, 2019-2020) '7E1C91AC8030A5A59D1EFAB9750F3C87723E4012') # Internet Systems Consortium, Inc. (Signing key, 2021-2022) @@ -113,7 +113,7 @@ package_kea() { make DESTDIR="${pkgdir}" install # Do not package /run rm -rf "${pkgdir}"/run - install -Dm644 "${srcdir}"/tmpfiles-kea.conf "${pkgdir}"/usr/lib/tmpfiles.d/${pkgname}.conf + install -Dm644 "${srcdir}"/sysusers-kea.conf "${pkgdir}"/usr/lib/sysusers.d/${pkgname}.conf # Systemd service files install -Dm644 "${srcdir}"/kea-dhcp4.service "${pkgdir}"/usr/lib/systemd/system/kea-dhcp4.service install -Dm644 "${srcdir}"/kea-dhcp6.service "${pkgdir}"/usr/lib/systemd/system/kea-dhcp6.service diff --git a/trunk/kea-ctrl-agent.service b/trunk/kea-ctrl-agent.service index ba38497..fe10c85 100644 --- a/trunk/kea-ctrl-agent.service +++ b/trunk/kea-ctrl-agent.service @@ -6,8 +6,13 @@ After=network-online.target After=time-sync.target [Service] +User=kea Environment="KEA_PIDFILE_DIR=/run" Environment="KEA_LOCKFILE_DIR=/run/lock/kea" +ConfigurationDirectory=kea +RuntimeDirectory=kea lock/kea +RuntimeDirectoryPreserve=yes +StateDirectory=kea ExecStart=/usr/bin/kea-ctrl-agent -c /etc/kea/kea-ctrl-agent.conf [Install] diff --git a/trunk/kea-dhcp-ddns.service b/trunk/kea-dhcp-ddns.service index 7e45763..b2ab70a 100644 --- a/trunk/kea-dhcp-ddns.service +++ b/trunk/kea-dhcp-ddns.service @@ -6,8 +6,14 @@ After=network-online.target After=time-sync.target [Service] +User=kea +AmbientCapabilities=CAP_NET_BIND_SERVICE Environment="KEA_PIDFILE_DIR=/run" Environment="KEA_LOCKFILE_DIR=/run/lock/kea" +ConfigurationDirectory=kea +RuntimeDirectory=kea lock/kea +RuntimeDirectoryPreserve=yes +StateDirectory=kea ExecStart=/usr/bin/kea-dhcp-ddns -c /etc/kea/kea-dhcp-ddns.conf [Install] diff --git a/trunk/kea-dhcp4.service b/trunk/kea-dhcp4.service index 448b123..b62b24c 100644 --- a/trunk/kea-dhcp4.service +++ b/trunk/kea-dhcp4.service @@ -6,8 +6,14 @@ After=network-online.target After=time-sync.target [Service] +User=kea +AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_NET_RAW Environment="KEA_PIDFILE_DIR=/run" Environment="KEA_LOCKFILE_DIR=/run/lock/kea" +ConfigurationDirectory=kea +RuntimeDirectory=kea lock/kea +RuntimeDirectoryPreserve=yes +StateDirectory=kea ExecStart=/usr/bin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf [Install] diff --git a/trunk/kea-dhcp6.service b/trunk/kea-dhcp6.service index b5216ce..6ed3b04 100644 --- a/trunk/kea-dhcp6.service +++ b/trunk/kea-dhcp6.service @@ -6,8 +6,14 @@ After=network-online.target After=time-sync.target [Service] +User=kea +AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_NET_RAW Environment="KEA_PIDFILE_DIR=/run" Environment="KEA_LOCKFILE_DIR=/run/lock/kea" +ConfigurationDirectory=kea +RuntimeDirectory=kea lock/kea +RuntimeDirectoryPreserve=yes +StateDirectory=kea ExecStart=/usr/bin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf [Install] diff --git a/trunk/sysusers-kea.conf b/trunk/sysusers-kea.conf new file mode 100644 index 0000000..6be21f1 --- /dev/null +++ b/trunk/sysusers-kea.conf @@ -0,0 +1 @@ +u kea - "Kea DHCP User" diff --git a/trunk/tmpfiles-kea.conf b/trunk/tmpfiles-kea.conf deleted file mode 100644 index 2d252a8..0000000 --- a/trunk/tmpfiles-kea.conf +++ /dev/null @@ -1,2 +0,0 @@ -d /run/kea 0755 root root - -d /run/lock/kea 0755 root root -