[connid] 01/01: Run service as connid user

Thu Aug 17 07:18:36 UTC 2017

This is an automated email from the git hooks/post-receive script.

mans0954 pushed a commit to branch master
in repository connid.

commit 9a47c703512a9a5e9b4c220f8e8081b9e48ca0b1
Author: Christopher Hoskin <christopher.hoskin at gmail.com>
Date:   Thu Aug 17 08:18:06 2017 +0100

    Run service as connid user
---
 debian/changelog                       |  1 +
 debian/connid-server.lintian-overrides |  5 +++++
 debian/connid-server.postinst          | 40 ++++++++++++++++++++++++++++++++++
 debian/connid-server.service           |  1 +
 debian/control                         |  2 +-
 5 files changed, 48 insertions(+), 1 deletion(-)

diff --git a/debian/changelog b/debian/changelog
index b107866..1f88bba 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -11,5 +11,6 @@ connid (1.4.3.0-1) UNRELEASED; urgency=medium
   * Bump Standards-Version from 3.9.8 to 4.0.0 (no change required)
   * Add connid-server package 
   * Update compat to 10, add systemd service 
+  * Run service as connid user 
 
  -- Christopher Hoskin <mans0954 at debian.org>  Sun, 13 Aug 2017 18:18:22 +0100
diff --git a/debian/connid-server.lintian-overrides b/debian/connid-server.lintian-overrides
new file mode 100644
index 0000000..28fdf3d
--- /dev/null
+++ b/debian/connid-server.lintian-overrides
@@ -0,0 +1,5 @@
+# See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=800043
+
+connid-server: init.d-script-not-marked-as-conffile etc/init.d/connid-server
+connid-server: init.d-script-not-included-in-package etc/init.d/connid-server
+
diff --git a/debian/connid-server.postinst b/debian/connid-server.postinst
new file mode 100644
index 0000000..51b41c3
--- /dev/null
+++ b/debian/connid-server.postinst
@@ -0,0 +1,40 @@
+#!/bin/sh
+# postinst script for connid-server
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+#        * <postinst> `configure' <most-recently-configured-version>
+#        * <old-postinst> `abort-upgrade' <new version>
+#        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
+#          <new-version>
+#        * <postinst> `abort-remove'
+#        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
+#          <failed-install-package> <version> `removing'
+#          <conflicting-package> <version>
+# for details, see https://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+
+case "$1" in
+    configure)
+	adduser --system --no-create-home --home /nonexistent connid
+    ;;
+
+    abort-upgrade|abort-remove|abort-deconfigure)
+    ;;
+
+    *)
+        echo "postinst called with unknown argument \`$1'" >&2
+        exit 1
+    ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
diff --git a/debian/connid-server.service b/debian/connid-server.service
index 89eeef9..8a271de 100644
--- a/debian/connid-server.service
+++ b/debian/connid-server.service
@@ -3,6 +3,7 @@ Description=ConnId (Connectors for Identity Management) Service
 After=network.target
 
 [Service]
+User=connid
 ExecStart=/usr/bin/connid-server -run
 
 [Install]
diff --git a/debian/control b/debian/control
index 6a25178..d06cb73 100644
--- a/debian/control
+++ b/debian/control
@@ -30,7 +30,7 @@ Description: framework for provisioning identities to repositories
 
 Package: connid-server
 Architecture: all
-Depends: ${misc:Depends}, libconnid-java
+Depends: ${misc:Depends}, libconnid-java, adduser
 Description: ConnId Java Connection Server
  A connector server is required when a connector bundle is not directly executed
  within your application. By using one or more connector servers, the connector

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/connid.git

