aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorxrs <xrs@mail36.net>2020-04-02 09:26:25 +0200
committerxrs - <xrs@mail36.net>2020-05-08 13:01:43 +0000
commit41103bc3f23927112e4a57582cc202d8a2299adf (patch)
tree61f56fb2d906486df37236ead94646f88531501f
parent1269edced8f355b21dacb87d4532ed191fefed7a (diff)
downloadaports-41103bc3f23927112e4a57582cc202d8a2299adf.tar.gz
aports-41103bc3f23927112e4a57582cc202d8a2299adf.tar.bz2
aports-41103bc3f23927112e4a57582cc202d8a2299adf.tar.xz
testing/gnunet: add support for user services
- add gnunet-user-setup script - add interactive support for GNU Name System proxy to setup script - add home directory for system services (/var/lib/gnunet) - improve post install guide
-rw-r--r--testing/gnunet/APKBUILD16
-rw-r--r--testing/gnunet/gnunet-system-services.initd7
-rw-r--r--testing/gnunet/gnunet-user-services.initd16
-rw-r--r--testing/gnunet/gnunet.post-install20
-rw-r--r--testing/gnunet/gnunet.pre-install6
-rw-r--r--testing/gnunet/setup-gnunet-user90
6 files changed, 139 insertions, 16 deletions
diff --git a/testing/gnunet/APKBUILD b/testing/gnunet/APKBUILD
index f798066610..1b7bbfc912 100644
--- a/testing/gnunet/APKBUILD
+++ b/testing/gnunet/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: xrs <xrs@mail36.net>
pkgname=gnunet
pkgver=0.12.2
-pkgrel=0
+pkgrel=1
pkgdesc="A framework for secure and privacy enhancing peer-to-peer networking"
url="https://gnunet.org"
arch="all !mips !mips64" # blocked by texlive
@@ -20,8 +20,10 @@ pkggroups="gnunet gnunetdns"
subpackages="$pkgname-dev $pkgname-doc $pkgname-lang $pkgname-openrc"
options="!check suid" # No check because The GNUnet project lacks a good CI at the moment.
source="https://mirrors.ocf.berkeley.edu/gnu/gnunet/gnunet-$pkgver.tar.gz
- gnunet-system.conf
- gnunet-system-services.initd
+ $pkgname-system.conf
+ $pkgname-system-services.initd
+ $pkgname-user-services.initd
+ setup-$pkgname-user
"
build() {
@@ -63,6 +65,10 @@ package() {
$pkgdir/etc/$pkgname.conf
install -m755 -D $srcdir/$pkgname-system-services.initd \
$pkgdir/etc/init.d/$pkgname-system-services
+ install -m755 -D $srcdir/$pkgname-user-services.initd \
+ $pkgdir/etc/init.d/$pkgname-user-services
+ install -m755 -D $srcdir/setup-$pkgname-user \
+ $pkgdir/usr/bin/setup-$pkgname-user
}
dev() {
@@ -76,4 +82,6 @@ dev() {
sha512sums="210a9f06679d32dbb399a056e7a20e411cbfacf7945a282bd7e63eb8bfd7a324815efc48caedff32894d0a3f7a4ba9d1e879e2e04db0222282399ae6fc065c7b gnunet-0.12.2.tar.gz
a0f55413ed2c6edd6746a751d92ddac95ba70f20eefb07330817870d749456448f44bba95d245911a00f6078e0c2ac626004e3b764be5e5e049c00626c4c5ac0 gnunet-system.conf
-63f7c17a83fa6b44f2c4c9f067ac600904dacd7faf04515293544c4b001ee5e0c360894589b46175957971101f212879cc757af8e282b4e44aa4e4abdab9b4dc gnunet-system-services.initd"
+24d230b077c7a47a116ac428c411e0fc62b9c019ac97f95d27a0e57112d554734d9b9bfd1e0b22366b387074b621f98d11fbf87f2c6fbafcc2888acda630b54d gnunet-system-services.initd
+8daf862f7c81bd5b143a05f786c4edce76c91d4d226903288a4d2d88898b9b7ba017cf683a20d918b9ad93aff5f391eb5f928843a2fcd35e6e48f3a611dc9d8d gnunet-user-services.initd
+ed4db7f7500e02fecb8c54ba629d91ae3bb69b6ed61c25831f7c21b6c446b4210af0efea5fac6fb13f14422723b85a742ae63a6ecd60bf5daadfd43abb658d25 setup-gnunet-user"
diff --git a/testing/gnunet/gnunet-system-services.initd b/testing/gnunet/gnunet-system-services.initd
index c28d7d3129..6bc42e6f15 100644
--- a/testing/gnunet/gnunet-system-services.initd
+++ b/testing/gnunet/gnunet-system-services.initd
@@ -1,6 +1,6 @@
#!/sbin/openrc-run
-name="gnunet-system-service"
+name="gnunet-system-services"
description="A secure and privacy enhancing peer-to-peer overlay network"
command="/usr/lib/gnunet/libexec/gnunet-service-arm"
command_args="-c /etc/gnunet.conf"
@@ -11,3 +11,8 @@ pidfile="/run/${SVCNAME}.pid"
depend() {
need net
}
+
+start_pre() {
+ checkpath --directory --owner $command_user --mode 2755 \
+ /var/lib/gnunet
+}
diff --git a/testing/gnunet/gnunet-user-services.initd b/testing/gnunet/gnunet-user-services.initd
new file mode 100644
index 0000000000..04188ade25
--- /dev/null
+++ b/testing/gnunet/gnunet-user-services.initd
@@ -0,0 +1,16 @@
+#!/sbin/openrc-run
+
+# Extract user name from file name.
+user="${SVCNAME#gnunet-}" # Cut off prefix.
+user="${user%-services}" # Cut off suffix.
+
+description="GNUnet user services for $user"
+command="/usr/lib/gnunet/libexec/gnunet-service-arm"
+command_args="-c /home/$user/.config/gnunet.conf"
+command_user="$user:$user"
+command_background="yes"
+pidfile="/run/${SVCNAME}.$user.pid"
+
+depend() {
+ need gnunet-system-services
+}
diff --git a/testing/gnunet/gnunet.post-install b/testing/gnunet/gnunet.post-install
index 9b01778a3a..893f8cdc43 100644
--- a/testing/gnunet/gnunet.post-install
+++ b/testing/gnunet/gnunet.post-install
@@ -1,12 +1,16 @@
#!/bin/sh
-printf " *\n * To setup GNUnet user services, regular users must do the following steps:\n"
-printf " * add user to 'gnunet' group\n"
-printf " * add the following lines to /home/USER/.config/gnunet.conf\n"
-printf " [arm]\n"
-printf " START_SYSTEM_SERVICES = NO\n"
-printf " START_USER_SERVICES = YES\n"
-printf " * start GNUnet system services with openrc\n"
-printf " * start GNUnet user services with 'gnunet-arm -s'\n *\n"
+cat << TEXT
+
+ To start GNUnet system services:
+ > sudo rc-service gnunet-system-services start
+
+ To setup GNUnet user services for a regular user:
+ > sudo setup-gnunet-user -u USER
+
+ To start GNUnet user services for 'USER':
+ > sudo rc-service gnunet-USER-services start
+
+TEXT
exit 0
diff --git a/testing/gnunet/gnunet.pre-install b/testing/gnunet/gnunet.pre-install
index 7eea70e752..cdbff43faf 100644
--- a/testing/gnunet/gnunet.pre-install
+++ b/testing/gnunet/gnunet.pre-install
@@ -2,10 +2,10 @@
# Add special group gnunetdns for controlling access to "gnunet-helper-dns".
addgroup -S gnunetdns 2>/dev/null
-addgroup -S gnunet 2>/dev/null
# Add system user/group gnunet for system services
-adduser -S -h "/var/lib/gnunet" -s /bin/sh \
- -G gnunet -g gnunet gnunet 2>/dev/null
+addgroup -S gnunet 2>/dev/null
+adduser -S -h "/var/lib/gnunet" -s /bin/false -D gnunet 2>/dev/null
+adduser gnunet gnunet
exit 0
diff --git a/testing/gnunet/setup-gnunet-user b/testing/gnunet/setup-gnunet-user
new file mode 100644
index 0000000000..8d7b436578
--- /dev/null
+++ b/testing/gnunet/setup-gnunet-user
@@ -0,0 +1,90 @@
+#!/bin/sh
+
+# This scripts helps the user to automate the GNUnet setup for user services.
+
+if [ $(id -u) -ne 0 ]; then
+ echo "Please run this script as root."
+ echo "Usage: "`basename $0`" -u USER"
+ exit
+fi
+if [ $# = 0 ]; then
+ echo "Usage: "`basename $0`" -u USER"
+ exit
+fi
+
+while getopts ':u:' OPTION ; do
+ case "$OPTION" in
+ u) USER="$OPTARG";;
+ *) echo "Unknown parameter"; exit;;
+ esac
+done
+
+CONFIG_PATH="/home/$USER/.config/gnunet.conf"
+DOASUSER="chpst -u $USER env HOME=/home/$USER"
+
+echo "Adding user to group gnunet"
+adduser $USER gnunet 2>/dev/null
+
+echo "Creating user config at $CONFIG_PATH"
+cat > $CONFIG_PATH << EOF
+[arm]
+START_SYSTEM_SERVICES = NO
+START_USER_SERVICES = YES
+EOF
+chown $USER.$USER $CONFIG_PATH
+
+echo "Creating symlink: gnunet-user-services -> gnunet-$USER-services"
+ln -s /etc/init.d/gnunet-user-services /etc/init.d/gnunet-$USER-services
+
+echo "Creating/Renewing GNS certificate authority (CA)"
+$DOASUSER gnunet-gns-proxy-setup-ca
+
+echo "Use GNU Name System in Firefox/Chromium by default? [y,N]"
+read -r yn
+case $yn in
+y|Y )
+ PORT=$((8000+$(id -u $USER)))
+ $DOASUSER gnunet-config -c $CONFIG_PATH \
+ --rewrite \
+ --section=gns-proxy \
+ --option=IMMEDIATE_START \
+ --value=YES
+ $DOASUSER gnunet-config -c $CONFIG_PATH \
+ --rewrite \
+ --section=gns-proxy \
+ --option=OPTIONS \
+ --value="-p $PORT"
+
+ # Firefox
+ if [ ! -d /home/$USER/.mozilla/firefox/*.default ];then
+ $DOASUSER timeout 3s firefox --headless # dirty: create profile if not existent
+ fi
+ for ffprofile in /home/$USER/.mozilla/firefox/*.*/; do
+ js=$ffprofile/user.js
+ if [ -f $js ]; then
+ sed -i '/Preferences for using the GNU Name System/d' $js
+ sed -i '/network.proxy.socks/d' $js
+ sed -i '/network.proxy.socks_port/d' $js
+ sed -i '/network.proxy.socks_remote_dns/d' $js
+ sed -i '/network.proxy.type/d' $js
+ fi
+ echo "// Preferences for using the GNU Name System" >> $js
+ echo "user_pref(\"network.proxy.socks\", \"localhost\");" >> $js
+ echo "user_pref(\"network.proxy.socks_port\", $PORT);" >> $js
+ echo "user_pref(\"network.proxy.socks_remote_dns\", true);" >> $js
+ echo "user_pref(\"network.proxy.type\", 1);" >> $js
+ done
+
+ # Chromium
+ PROFILE=/home/$USER/.profile
+ if [ -f $PROFILE ]; then
+ sed -i '/CHROMIUM_USER_FLAGS/d' $PROFILE
+ fi
+ echo "export CHROMIUM_USER_FLAGS=--proxy-server=socks5://localhost:$PORT" \
+ >> $PROFILE
+ ;;
+* )
+ ;;
+esac
+
+echo "Done."