[med-svn] [Git][med-team/orthanc][master] 3 commits: added orthanc_upgrade.sh, improved permissions of /etc/orthanc
Sebastien Jodogne
gitlab at salsa.debian.org
Fri Apr 10 08:35:08 BST 2020
Sebastien Jodogne pushed to branch master at Debian Med / orthanc
Commits:
bc7e343b by jodogne-guest at 2020-04-10T08:13:39+02:00
added orthanc_upgrade.sh, improved permissions of /etc/orthanc
- - - - -
9247ed58 by jodogne-guest at 2020-04-10T08:44:42+02:00
fixing lintian warnings
- - - - -
24842d52 by jodogne-guest at 2020-04-10T09:34:14+02:00
Upload to unstable
- - - - -
12 changed files:
- debian/README.Debian
- debian/changelog
- + debian/configuration/credentials.json
- debian/configuration/orthanc.json
- + debian/configuration/orthanc_upgrade
- debian/control
- + debian/docs/orthanc_upgrade.8
- debian/orthanc-doc.README.Debian
- debian/orthanc.install
- debian/orthanc.manpages
- debian/postinst
- debian/upstream/metadata
Changes:
=====================================
debian/README.Debian
=====================================
@@ -37,3 +37,25 @@ provided that the 2 following conditions are both met:
(1) Orthanc uses SQLite OR an external PostgreSQL server, AND
(2) the local "postgresql" package is installed.
+
+
+
+Upgrading the Orthanc database
+==============================
+
+[ This section was contributed by Karsten Hilbert
+<karsten.hilbert at gmx.net>. For more context, check out the Debian
+issue #829380 (orthanc: please provide orthanc_upgrade script). ]
+
+
+As explained in the Orthanc Book, the schema of the Orthanc database
+has evolved over time:
+https://book.orthanc-server.com/developers/db-versioning.html
+
+The latest versions of Orthanc still use the same schema as Orthanc
+0.9.5, that was released back in December 2015. If you need to upgrade
+an Orthanc server from some version < 0.9.5, you'll have to start the
+new version of Orthanc with the "--upgrade" command-line argument:
+https://book.orthanc-server.com/users/replication.html#upgrade-the-database-schema
+
+The script "/usr/sbin/orthanc_upgrade.sh" automates this call.
=====================================
debian/changelog
=====================================
@@ -1,8 +1,11 @@
-orthanc (1.6.0+dfsg-2) UNRELEASED; urgency=medium
+orthanc (1.6.0+dfsg-2) unstable; urgency=medium
- * Added sample in README.Debian about database upgrade. Closes: #829380
+ * Added script "/usr/sbin/orthanc_upgrade.sh" to upgrade the database schema,
+ as provided by Karsten Hilbert <karsten.hilbert at gmx.net>. Closes: #829380
+ * Fix permissions of "/etc/orthanc/", as recommended by
+ W. Adam Koszek <wkoszek at segmed.ai>
- -- Sebastien Jodogne <s.jodogne at gmail.com> Wed, 08 Apr 2020 07:33:51 +0200
+ -- Sebastien Jodogne <s.jodogne at gmail.com> Fri, 10 Apr 2020 07:47:01 +0200
orthanc (1.6.0+dfsg-1) unstable; urgency=medium
=====================================
debian/configuration/credentials.json
=====================================
@@ -0,0 +1,13 @@
+{
+ /**
+ * Sensitive configuration options. This file must *not* be
+ * publicly-readable. It must only be readable by the users that run
+ * the "orthanc" service.
+ **/
+
+ // The list of the registered users. Because Orthanc uses HTTP
+ // Basic Authentication, the passwords are stored as plain text.
+ "RegisteredUsers" : {
+ // "alice" : "alicePassword"
+ }
+}
=====================================
debian/configuration/orthanc.json
=====================================
@@ -161,12 +161,6 @@
"AuthenticationEnabled" : false,
**/
- // The list of the registered users. Because Orthanc uses HTTP
- // Basic Authentication, the passwords are stored as plain text.
- "RegisteredUsers" : {
- // "alice" : "alicePassword"
- },
-
/**
=====================================
debian/configuration/orthanc_upgrade
=====================================
@@ -0,0 +1,29 @@
+#!/bin/bash
+
+# This file is a contribution by Karsten Hilbert
+# <karsten.hilbert at gmx.net>.
+
+# This script automates the upgrade the schema of the database of
+# Orthanc. Check out the file /usr/share/doc/orthanc/README.Debian and
+# Debian issue #829380 ("orthanc: please provide orthanc_upgrade
+# script") for more information.
+
+set -ex
+
+if [ "$(id -u)" -ne 0 ]; then
+ echo "This script must be run as root."
+ exit -1
+fi
+
+systemctl stop orthanc.service
+
+su orthanc -c "/usr/sbin/Orthanc --upgrade --verbose --logfile=/var/log/orthanc/upgrade.log /etc/orthanc/"
+RESULT=$?
+if [ $RESULT -ne 0 ] ; then
+ echo "error upgrading"
+ read -e
+ less /var/log/orthanc/upgrade.log
+ exit $RESULT
+fi
+
+systemctl start orthanc.service
=====================================
debian/control
=====================================
@@ -25,7 +25,7 @@ Build-Depends: cmake,
uuid-dev,
zlib1g-dev,
yui-compressor
-Standards-Version: 4.5.0
+Standards-Version: 4.5.0.1
Vcs-Browser: https://salsa.debian.org/med-team/orthanc
Vcs-Git: https://salsa.debian.org/med-team/orthanc.git
Homepage: http://www.orthanc-server.com/
=====================================
debian/docs/orthanc_upgrade.8
=====================================
@@ -0,0 +1,16 @@
+.TH ORTHANC "8" "April 2020" "Orthanc 1.6.0" "System Administration tools and Deamons"
+.SH NAME
+Orthanc \- Lightweight, RESTful DICOM server for healthcare and medical research
+.SH SYNOPSIS
+.B orthanc_upgrade
+.SH DESCRIPTION
+This is a maintenance script to upgrade the schema of the database
+used by Orthanc. Please refer to the
+/usr/share/doc/orthanc/README.Debian file for full instructions.
+.SS "Exit status:"
+.HP
+0 if success,
+.HP
+\fB\-1\fR if error.
+.SH AUTHOR
+Written by Karsten Hilbert <karsten.hilbert at gmx.net>.
=====================================
debian/orthanc-doc.README.Debian
=====================================
@@ -7,37 +7,3 @@ plugins), as well as the documentation of the Orthanc plugin SDK, can
be opened using the following command:
$ xdg-open file:///usr/share/doc/orthanc/index.html
-
-
-Upgrading the Orthanc database
-==============================
-
-[ This section was contributed by Karsten Hilbert
-<karsten.hilbert at gmx.net>. For more context, check out the Debian
-issue #829380 (orthanc: please provide orthanc_upgrade script). ]
-
-
-As explained in the Orthanc Book, the schema of the Orthanc database
-has evolved over time:
-https://book.orthanc-server.com/developers/db-versioning.html
-
-The latest versions of Orthanc still use the same schema as Orthanc
-0.9.5, that was released back in December 2015. If you need to upgrade
-an Orthanc server from some version < 0.9.5, you'll have to start the
-new version of Orthanc with the "--upgrade" command-line argument:
-https://book.orthanc-server.com/users/replication.html#upgrade-the-database-schema
-
-Here is a possible script to run such an upgrade in Debian, after
-having upgraded the "orthanc" package:
-
- systemctl stop orthanc.service
- /usr/sbin/Orthanc --upgrade --trace --logfile=/var/log/orthanc/upgrade.log /etc/orthanc/
- RESULT=$?
- if [ $RESULT -ne 0 ] ; then
- echo "error upgrading"
- read -e
- less /var/log/orthanc/upgrade.log
- exit $RESULT
- fi
- systemctl start orthanc.service
-
=====================================
debian/orthanc.install
=====================================
@@ -1,6 +1,8 @@
+debian/configuration/credentials.json etc/orthanc
debian/configuration/orthanc.json etc/orthanc
debian/configuration/serve-folders.json etc/orthanc
debian/configuration/worklists.json etc/orthanc
+debian/configuration/orthanc_upgrade usr/sbin
Build/Orthanc usr/sbin
Build/lib*.so.* usr/lib/orthanc
Build/OrthancRecoverCompressedFile usr/bin
=====================================
debian/orthanc.manpages
=====================================
@@ -1,2 +1,3 @@
debian/docs/Orthanc.8
debian/docs/OrthancRecoverCompressedFile.8
+debian/docs/orthanc_upgrade.8
=====================================
debian/postinst
=====================================
@@ -19,23 +19,18 @@ case $1 in
false
fi
- # Configure the permissions of the required directories
- chown orthanc:orthanc /etc/orthanc
+ # Configure the permissions of the working directories
chown orthanc:orthanc /var/lib/orthanc
chown orthanc:orthanc /var/log/orthanc
- chmod 0750 /etc/orthanc
chmod 0750 /var/lib/orthanc
chmod 0750 /var/log/orthanc
-
- # Configure the permissions of the configuration files
- chown orthanc:orthanc /etc/orthanc/orthanc.json
- chown orthanc:orthanc /etc/orthanc/serve-folders.json
- chown orthanc:orthanc /etc/orthanc/worklists.json
-
- chmod 0640 /etc/orthanc/orthanc.json
- chmod 0640 /etc/orthanc/serve-folders.json
- chmod 0640 /etc/orthanc/worklists.json
+
+ # The "credentials.json" contains unencrypted sensitive
+ # configuration options ("RegisteredUsers"): It must only be
+ # readble by the users running Orthanc.
+ chown root:orthanc /etc/orthanc/credentials.json
+ chmod 0640 /etc/orthanc/credentials.json
# Make sure the en_US locale has been generated (required for
# case-insensitive comparison of strings with accents)
=====================================
debian/upstream/metadata
=====================================
@@ -1,3 +1,4 @@
+Repository: https://hg.orthanc-server.com/orthanc/
Reference:
Author: Sebastien Jodogne
Title: The Orthanc Ecosystem for Medical Imaging
View it on GitLab: https://salsa.debian.org/med-team/orthanc/-/compare/9f004236c6190a4b3137d358b8de9d0cae498f90...24842d52ca55952c99598fac31cdc87741da6576
--
View it on GitLab: https://salsa.debian.org/med-team/orthanc/-/compare/9f004236c6190a4b3137d358b8de9d0cae498f90...24842d52ca55952c99598fac31cdc87741da6576
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-med-commit/attachments/20200410/55b74d5a/attachment-0001.html>
More information about the debian-med-commit
mailing list