From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Luca Boccassi Date: Sat, 25 Apr 2026 23:53:28 +0100 Subject: [PATCH] Install and use sysusers.d/tmpfiles.d config files sysusers.d/tmpfiles.d config files allow a package to use declarative configuration instead of manually written maintainer scripts. This also allows image-based systems to be created with /usr/ only, and also allows for factory resetting a system and recreating /etc/ on boot. https://www.freedesktop.org/software/systemd/man/latest/sysusers.d.html --- debian/control | 2 +- debian/extras/mumble-server.postinst | 20 +++---------------- debian/mumble-server.dirs | 1 - debian/mumble-server.postinst | 20 +++---------------- debian/patches/90-debianize-systemd-unit.diff | 7 +++++-- 5 files changed, 12 insertions(+), 38 deletions(-) delete mode 100644 debian/mumble-server.dirs diff --git a/debian/control b/debian/control index b3cd29e..90ed2e9 100644 --- a/debian/control +++ b/debian/control @@ -5,6 +5,7 @@ Uploaders: Christopher Knadle Rules-Requires-Root: no Build-Depends: debhelper-compat (= 13), cmake, + dh-sequence-installsysusers, libasound2-dev, libavahi-compat-libdnssd-dev, libboost-dev (>= 1.42), @@ -62,7 +63,6 @@ Package: mumble-server Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, - adduser, libqt5sql5-sqlite, sysvinit-utils (>= 2.96) Description: Low latency encrypted VoIP server diff --git a/debian/extras/mumble-server.postinst b/debian/extras/mumble-server.postinst index e95a22b..bae20fa 100644 --- a/debian/extras/mumble-server.postinst +++ b/debian/extras/mumble-server.postinst @@ -19,23 +19,6 @@ set -e case "$1" in configure) - # Add user and permanent directories - if [ ! $(getent group mumble-server) ]; then - adduser --system --quiet --home /var/lib/mumble-server --group mumble-server - fi - [ -d /var/lib/mumble-server ] || mkdir /var/lib/mumble-server - chmod 0750 /var/log/mumble-server - chmod 0750 /var/lib/mumble-server - chown mumble-server:adm /var/log/mumble-server - chown mumble-server:mumble-server /var/lib/mumble-server - if [ -f /etc/mumble/mumble-server.ini ]; then - chmod 0640 /etc/mumble/mumble-server.ini - chown root:mumble-server /etc/mumble/mumble-server.ini - fi - chown root:mumble-server /etc/mumble/ - # Workaround for when this was in .dirs - [ -d /run/mumble-server ] && chown mumble-server:adm /run/mumble-server - # Ensure the file we put in /etc/dbus-1/system.d is loaded # or mumble-server will fail to bind to dbus. invoke-rc.d --quiet dbus force-reload || true @@ -62,6 +45,9 @@ case "$1" in # likely to update it outside of debconf. db_get mumble-server/password if [ "$RET" != "" ] ; then + # Create system user before manually running the server + systemd-sysusers ${DPKG_ROOT:+--root="$DPKG_ROOT"} mumble-server.conf + echo $RET | su mumble-server -s /bin/sh -c "/usr/bin/mumble-server -ini /etc/mumble/mumble-server.ini -readsupw" if [ $? = 0 ] ; then db_set mumble-server/password "" diff --git a/debian/mumble-server.dirs b/debian/mumble-server.dirs deleted file mode 100644 index 8d544eb..0000000 --- a/debian/mumble-server.dirs +++ /dev/null @@ -1 +0,0 @@ -var/log/mumble-server diff --git a/debian/mumble-server.postinst b/debian/mumble-server.postinst index d8d7ec2..b8a9e25 100644 --- a/debian/mumble-server.postinst +++ b/debian/mumble-server.postinst @@ -19,23 +19,6 @@ set -e case "$1" in configure) - # Add user and permanent directories - if [ ! $(getent group mumble-server) ]; then - adduser --system --quiet --home /var/lib/mumble-server --group mumble-server - fi - [ -d /var/lib/mumble-server ] || mkdir /var/lib/mumble-server - chmod 0750 /var/log/mumble-server - chmod 0750 /var/lib/mumble-server - chown mumble-server:adm /var/log/mumble-server - chown mumble-server:mumble-server /var/lib/mumble-server - if [ -f /etc/mumble/mumble-server.ini ]; then - chmod 0640 /etc/mumble/mumble-server.ini - chown root:mumble-server /etc/mumble/mumble-server.ini - fi - chown root:mumble-server /etc/mumble/ - # Workaround for when this was in .dirs - [ -d /run/mumble-server ] && chown mumble-server:adm /run/mumble-server - # Ensure the file we put in /etc/dbus-1/system.d is loaded # or mumble-server will fail to bind to dbus. invoke-rc.d --quiet dbus force-reload || true @@ -45,6 +28,9 @@ case "$1" in # likely to update it outside of debconf. db_get mumble-server/password if [ "$RET" != "" ] ; then + # Create system user before manually running the server + systemd-sysusers ${DPKG_ROOT:+--root="$DPKG_ROOT"} mumble-server.conf + echo $RET | su mumble-server -s /bin/sh -c "/usr/bin/mumble-server -ini /etc/mumble/mumble-server.ini -readsupw" if [ $? = 0 ] ; then db_set mumble-server/password "" diff --git a/debian/patches/90-debianize-systemd-unit.diff b/debian/patches/90-debianize-systemd-unit.diff index 4af6674..8ece531 100644 --- a/debian/patches/90-debianize-systemd-unit.diff +++ b/debian/patches/90-debianize-systemd-unit.diff @@ -31,12 +31,15 @@ Last-Update: 2024-12-01 # Type # Name # ID # GECOS # Home # Shell -u _mumble-server - "Mumble server user" - - -+u mumble-server - "Mumble server user" - - ++u mumble-server - "Mumble server user" /var/lib/mumble-server - --- a/auxiliary_files/config_files/mumble-server.tmpfiles.in +++ b/auxiliary_files/config_files/mumble-server.tmpfiles.in -@@ -3,4 +3,4 @@ +@@ -3,4 +3,7 @@ # special user used to execute the Mumble server when started via systemd # Type # Path # Mode # User # Group -z @MUMBLE_INSTALL_ABS_SYSCONFDIR@/mumble-server.ini 0640 root _mumble-server +z @MUMBLE_INSTALL_ABS_SYSCONFDIR@/mumble-server.ini 0640 root mumble-server ++z @MUMBLE_INSTALL_ABS_SYSCONFDIR@ 0755 root mumble-server ++d /var/lib/mumble-server 0750 mumble-server mumble-server ++d /var/log/mumble-server 0750 mumble-server adm