You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
149 lines
4.9 KiB
149 lines
4.9 KiB
2 years ago
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||
|
From: Robbie Harwood <rharwood@redhat.com>
|
||
|
Date: Mon, 8 Nov 2021 17:58:09 -0500
|
||
|
Subject: [PATCH] Replace /var/run with /run
|
||
|
|
||
|
This change is in violation of the FHS and is forced by systemd being
|
||
|
obnoxious and logging warnings about it as if it's some kind of problem.
|
||
|
|
||
|
This commit is a subset of the work in
|
||
|
02d473fbfd782863a0dcef7e44822d1e7e56a4b3,
|
||
|
f97d3b04a2eafb42272ede24e1353dd0a7f4347c,
|
||
|
5f9058677e7241cc88b4e8620654bbaa08a4bce4, and
|
||
|
cffa10d9b5eec9a9def3533b181a32b64fc29913 (all by pjones) because they
|
||
|
don't backport well.
|
||
|
|
||
|
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
|
||
|
---
|
||
|
src/daemon.h | 4 ++--
|
||
|
src/Makefile | 2 +-
|
||
|
src/macros.pesign | 12 ++++++------
|
||
|
src/pesign-authorize | 2 +-
|
||
|
src/pesign.service.in | 2 +-
|
||
|
src/pesign.sysvinit.in | 10 +++++-----
|
||
|
src/tmpfiles.conf | 2 +-
|
||
|
7 files changed, 17 insertions(+), 17 deletions(-)
|
||
|
|
||
|
diff --git a/src/daemon.h b/src/daemon.h
|
||
|
index d97eab9..db42c16 100644
|
||
|
--- a/src/daemon.h
|
||
|
+++ b/src/daemon.h
|
||
|
@@ -49,7 +49,7 @@ typedef enum {
|
||
|
} pesignd_cmd;
|
||
|
|
||
|
#define PESIGND_VERSION 0x2a9edaf0
|
||
|
-#define SOCKPATH "/var/run/pesign/socket"
|
||
|
-#define PIDFILE "/var/run/pesign.pid"
|
||
|
+#define SOCKPATH "/run/pesign/socket"
|
||
|
+#define PIDFILE "/run/pesign.pid"
|
||
|
|
||
|
#endif /* DAEMON_H */
|
||
|
diff --git a/src/Makefile b/src/Makefile
|
||
|
index 7d68fa1..a11e2b4 100644
|
||
|
--- a/src/Makefile
|
||
|
+++ b/src/Makefile
|
||
|
@@ -68,7 +68,7 @@ install_sysvinit: pesign.sysvinit
|
||
|
install :
|
||
|
$(INSTALL) -d -m 700 $(INSTALLROOT)/etc/pki/pesign/
|
||
|
$(INSTALL) -d -m 700 $(INSTALLROOT)/etc/pki/pesign-rh-test/
|
||
|
- $(INSTALL) -d -m 770 $(INSTALLROOT)/var/run/pesign/
|
||
|
+ $(INSTALL) -d -m 770 $(INSTALLROOT)/run/pesign/
|
||
|
$(INSTALL) -d -m 755 $(INSTALLROOT)$(bindir)
|
||
|
$(INSTALL) -m 755 authvar $(INSTALLROOT)$(bindir)
|
||
|
$(INSTALL) -m 755 pesign $(INSTALLROOT)$(bindir)
|
||
|
diff --git a/src/macros.pesign b/src/macros.pesign
|
||
|
index dfdac02..f135c29 100644
|
||
|
--- a/src/macros.pesign
|
||
|
+++ b/src/macros.pesign
|
||
|
@@ -48,17 +48,17 @@
|
||
|
"$(uname -m)" == "x86_64" ] && \\\
|
||
|
grep -q ID=fedora /etc/os-release && \\\
|
||
|
[[ "%{_buildhost}" =~ ^bkernel.* ]] && \\\
|
||
|
- ! [ -S /var/run/pesign/socket ]; then \
|
||
|
+ ! [ -S /run/pesign/socket ]; then \
|
||
|
echo "No socket even though this is %{_buildhost}" \
|
||
|
- ls -ld /var/run/pesign || : \
|
||
|
- getfacl /var/run/pesign || : \
|
||
|
- ls -l /var/run/pesign/socket || : \
|
||
|
- getfacl /var/run/pesign/socket || : \
|
||
|
+ ls -ld /run/pesign || : \
|
||
|
+ getfacl /run/pesign || : \
|
||
|
+ ls -l /run/pesign/socket || : \
|
||
|
+ getfacl /run/pesign/socket || : \
|
||
|
echo =========== env ============== \
|
||
|
set \
|
||
|
echo =========== env ============== \
|
||
|
exit 1 \
|
||
|
- elif [ -S /var/run/pesign/socket ]; then \
|
||
|
+ elif [ -S /run/pesign/socket ]; then \
|
||
|
%{_pesign_client} -t %{__pesign_client_token} \\\
|
||
|
-c %{__pesign_client_cert} \\\
|
||
|
%{-i} %{-o} %{-e} %{-s} %{-C} \
|
||
|
diff --git a/src/pesign-authorize b/src/pesign-authorize
|
||
|
index a496f60..83a30cd 100755
|
||
|
--- a/src/pesign-authorize
|
||
|
+++ b/src/pesign-authorize
|
||
|
@@ -47,7 +47,7 @@ update_subdir() {
|
||
|
done
|
||
|
}
|
||
|
|
||
|
-for x in /var/run/pesign/ /etc/pki/pesign*/ ; do
|
||
|
+for x in /run/pesign/ /etc/pki/pesign*/ ; do
|
||
|
if [ -d "${x}" ]; then
|
||
|
update_subdir "${x}"
|
||
|
else
|
||
|
diff --git a/src/pesign.service.in b/src/pesign.service.in
|
||
|
index c75a000..4ac2199 100644
|
||
|
--- a/src/pesign.service.in
|
||
|
+++ b/src/pesign.service.in
|
||
|
@@ -4,6 +4,6 @@ Description=Pesign signing daemon
|
||
|
[Service]
|
||
|
PrivateTmp=true
|
||
|
Type=forking
|
||
|
-PIDFile=/var/run/pesign.pid
|
||
|
+PIDFile=/run/pesign.pid
|
||
|
ExecStart=/usr/bin/pesign --daemonize
|
||
|
ExecStartPost=@@LIBEXECDIR@@/pesign/pesign-authorize
|
||
|
diff --git a/src/pesign.sysvinit.in b/src/pesign.sysvinit.in
|
||
|
index b0e0f84..bf8edec 100644
|
||
|
--- a/src/pesign.sysvinit.in
|
||
|
+++ b/src/pesign.sysvinit.in
|
||
|
@@ -4,7 +4,7 @@
|
||
|
#
|
||
|
# chkconfig: - 50 50
|
||
|
# processname: /usr/bin/pesign
|
||
|
-# pidfile: /var/run/pesign.pid
|
||
|
+# pidfile: /run/pesign.pid
|
||
|
### BEGIN INIT INFO
|
||
|
# Provides: pesign
|
||
|
# Default-Start:
|
||
|
@@ -20,9 +20,9 @@ RETVAL=0
|
||
|
|
||
|
start(){
|
||
|
echo -n "Starting pesign: "
|
||
|
- mkdir /var/run/pesign 2>/dev/null &&
|
||
|
- chown pesign:pesign /var/run/pesign &&
|
||
|
- chmod 0770 /var/run/pesign
|
||
|
+ mkdir /run/pesign 2>/dev/null &&
|
||
|
+ chown pesign:pesign /run/pesign &&
|
||
|
+ chmod 0770 /run/pesign
|
||
|
daemon /usr/bin/pesign --daemonize
|
||
|
RETVAL=$?
|
||
|
echo
|
||
|
@@ -32,7 +32,7 @@ start(){
|
||
|
|
||
|
stop(){
|
||
|
echo -n "Stopping pesign: "
|
||
|
- killproc -p /var/run/pesign.pid pesignd
|
||
|
+ killproc -p /run/pesign.pid pesignd
|
||
|
RETVAL=$?
|
||
|
echo
|
||
|
rm -f /var/lock/subsys/pesign
|
||
|
diff --git a/src/tmpfiles.conf b/src/tmpfiles.conf
|
||
|
index c1cf355..3375ad5 100644
|
||
|
--- a/src/tmpfiles.conf
|
||
|
+++ b/src/tmpfiles.conf
|
||
|
@@ -1 +1 @@
|
||
|
-D /var/run/pesign 0770 pesign pesign -
|
||
|
+D /run/pesign 0770 pesign pesign -
|