diff --git a/trunk/PKGBUILD b/trunk/PKGBUILD index d411316..3a4b3bf 100644 --- a/trunk/PKGBUILD +++ b/trunk/PKGBUILD @@ -45,7 +45,7 @@ optdepends=('mariadb: lease information database' checkdepends=('gtest' 'procps-ng') # procps-ng needed for 'pgrep' source=( "https://ftp.isc.org/isc/${pkgbase}/${_upstreamver}/${pkgbase}-${_upstreamver}.tar.gz"{,.asc} - 'tmpfiles-kea.conf' + 'sysusers-kea.conf' 'kea-dhcp4.service' 'kea-dhcp6.service' 'kea-dhcp-ddns.service' @@ -53,17 +53,18 @@ source=( ) b2sums=('10b4bca1a135c6d146490f8c4c7bd4d56c1c03e2b4cc88a6888fcad5d1a5c2ee2d2c0215cb345b53a2a4262dbd02516d75d5778835d45384a7d69a062b8696b9' 'SKIP' - '7ac151ae19093350e75112ab1fba38561f6f986a8ac333ada91b86819abd65559e31cec86ef19fce68e0e56cbae7ed28858654507c4d975985db4d34ee0184fb' - 'b25f29b3cd8657508d766eb4c92c8c2b9ebebd60c3639930cb0439f69d205352b6ef066409d704228721ae252b0d954e5f6a3a26bb46c33bbc9ede4170c22e94' - '60167919868547b03bfd37ffdd88a636019f1b6340aadd5c44fa99e77f66f47595fe89830bb53de11b91702d1dff986988d4c7df29a16e9456b1976760496259' - '01035d110b87bed6664e49f11d3d483a4e6a7b9290b05c85a43e485b309c8f15dc00b09959804f5dc3d7590abea36334300010e557988de587a2bf9043966d67' - 'f7be743d8b90ffc82551c3afc28477c8bef10596c77368ccb63e61de7355518e5e668429ab277e3f1a994cdc8b3ef542867ddb91bc7f23860dfe2d72f67b99ba') + '0a0c869032d7191c7701e1c3db20528fb1c674c9464a748380e5672ec4021b8261db4d001ea22409163e0211f77d65cc953d9a7efd749c702b971a40f49ea1ca' + '40ff459fb6cf652b1a3ba121446c17d1682d546ec05b27dff781488fe343d84ece541146a7153c7d87c5b08c3cf6373075a58ebfc415dc6d26835d0734e6a083' + '63703fee08ddb9b8d77673bad2f0e1249d69734a0b8b45c0a18921d2ed1776b44a3740d842f3577aecd90bfa9443d286bba19a66890b83c20b74ec21227eaf40' + 'aed807fb6714efe5f2f87b39d52136c96a8482bc15353d23979f6b40082f84f749e050ff31ced22a62da232d67dcb45ad826fe0f8fb5606ddf18afe08666eee6' + 'f7b1d620ea42a27f83cc5eec4f26b7eba3a028aa5be6f1821db1056a4ab5c369e16fa97e3781029f4d57fee64660a7b6f81369af2dd2543ebdc0c5df95b8a5a2') validpgpkeys=('BE0E9748B718253A28BB89FFF1B11BF05CF02E57' # Internet Systems Consortium, Inc. (Signing key, 2017-2018) 'AE3FAC796711EC59FC007AA474BB6B9A4CBB3D38' # Internet Systems Consortium, Inc. (Signing key, 2019-2020) '7E1C91AC8030A5A59D1EFAB9750F3C87723E4012') # Internet Systems Consortium, Inc. (Signing key, 2021-2022) build() { cd "${srcdir}/${pkgbase}-${_upstreamver}" + sed -i 's|@localstatedir@/log|@localstatedir@/log/kea|' src/bin/keactrl/kea-{ctrl-agent,netconf,dhcp{4,6,-ddns}}.conf.pre ./configure \ --prefix='/usr' \ --sbindir='/usr/bin' \ @@ -113,7 +114,7 @@ package_kea() { make DESTDIR="${pkgdir}" install # Do not package /run rm -rf "${pkgdir}"/run - install -Dm644 "${srcdir}"/tmpfiles-kea.conf "${pkgdir}"/usr/lib/tmpfiles.d/${pkgname}.conf + install -Dm644 "${srcdir}"/sysusers-kea.conf "${pkgdir}"/usr/lib/sysusers.d/${pkgname}.conf # Systemd service files install -Dm644 "${srcdir}"/kea-dhcp4.service "${pkgdir}"/usr/lib/systemd/system/kea-dhcp4.service install -Dm644 "${srcdir}"/kea-dhcp6.service "${pkgdir}"/usr/lib/systemd/system/kea-dhcp6.service diff --git a/trunk/kea-ctrl-agent.service b/trunk/kea-ctrl-agent.service index ba38497..28fddbc 100644 --- a/trunk/kea-ctrl-agent.service +++ b/trunk/kea-ctrl-agent.service @@ -6,8 +6,15 @@ After=network-online.target After=time-sync.target [Service] -Environment="KEA_PIDFILE_DIR=/run" +User=kea +Environment="KEA_PIDFILE_DIR=/run/kea" Environment="KEA_LOCKFILE_DIR=/run/lock/kea" +ConfigurationDirectory=kea +RuntimeDirectory=kea lock/kea +RuntimeDirectoryPreserve=yes +LogsDirectory=kea +LogsDirectoryMode=0750 +StateDirectory=kea ExecStart=/usr/bin/kea-ctrl-agent -c /etc/kea/kea-ctrl-agent.conf [Install] diff --git a/trunk/kea-dhcp-ddns.service b/trunk/kea-dhcp-ddns.service index 7e45763..7d26371 100644 --- a/trunk/kea-dhcp-ddns.service +++ b/trunk/kea-dhcp-ddns.service @@ -6,8 +6,16 @@ After=network-online.target After=time-sync.target [Service] -Environment="KEA_PIDFILE_DIR=/run" +User=kea +AmbientCapabilities=CAP_NET_BIND_SERVICE +Environment="KEA_PIDFILE_DIR=/run/kea" Environment="KEA_LOCKFILE_DIR=/run/lock/kea" +ConfigurationDirectory=kea +RuntimeDirectory=kea lock/kea +RuntimeDirectoryPreserve=yes +LogsDirectory=kea +LogsDirectoryMode=0750 +StateDirectory=kea ExecStart=/usr/bin/kea-dhcp-ddns -c /etc/kea/kea-dhcp-ddns.conf [Install] diff --git a/trunk/kea-dhcp4.service b/trunk/kea-dhcp4.service index 448b123..f46b978 100644 --- a/trunk/kea-dhcp4.service +++ b/trunk/kea-dhcp4.service @@ -6,8 +6,16 @@ After=network-online.target After=time-sync.target [Service] -Environment="KEA_PIDFILE_DIR=/run" +User=kea +AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_NET_RAW +Environment="KEA_PIDFILE_DIR=/run/kea" Environment="KEA_LOCKFILE_DIR=/run/lock/kea" +ConfigurationDirectory=kea +RuntimeDirectory=kea lock/kea +RuntimeDirectoryPreserve=yes +LogsDirectory=kea +LogsDirectoryMode=0750 +StateDirectory=kea ExecStart=/usr/bin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf [Install] diff --git a/trunk/kea-dhcp6.service b/trunk/kea-dhcp6.service index b5216ce..d30860d 100644 --- a/trunk/kea-dhcp6.service +++ b/trunk/kea-dhcp6.service @@ -6,8 +6,16 @@ After=network-online.target After=time-sync.target [Service] -Environment="KEA_PIDFILE_DIR=/run" +User=kea +AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_NET_RAW +Environment="KEA_PIDFILE_DIR=/run/kea" Environment="KEA_LOCKFILE_DIR=/run/lock/kea" +ConfigurationDirectory=kea +RuntimeDirectory=kea lock/kea +RuntimeDirectoryPreserve=yes +LogsDirectory=kea +LogsDirectoryMode=0750 +StateDirectory=kea ExecStart=/usr/bin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf [Install] diff --git a/trunk/sysusers-kea.conf b/trunk/sysusers-kea.conf new file mode 100644 index 0000000..6be21f1 --- /dev/null +++ b/trunk/sysusers-kea.conf @@ -0,0 +1 @@ +u kea - "Kea DHCP User" diff --git a/trunk/tmpfiles-kea.conf b/trunk/tmpfiles-kea.conf deleted file mode 100644 index 2d252a8..0000000 --- a/trunk/tmpfiles-kea.conf +++ /dev/null @@ -1,2 +0,0 @@ -d /run/kea 0755 root root - -d /run/lock/kea 0755 root root -