[SCM] Debian packaging for the 2.0 Apache Shibboleth SP branch, master, updated. debian/2.2.1+dfsg-2-11-g0336242
Russ Allbery
rra at debian.org
Tue Nov 10 23:57:06 UTC 2009
The following commit has been merged in the master branch:
commit 03362422ca718405bc6ea12df57c74ae63010b50
Merge: 317bfa4284332407ec6ae78211854441c6699c40 86b8a8edb8cded41e67f4e544133dfea11942d9f
Author: Russ Allbery <rra at debian.org>
Date: Tue Nov 10 15:45:09 2009 -0800
Merge branch 'debian'
Conflicts:
configs/shibd-debian.in
diff --combined configs/shibd-debian.in
index d8d05f5,6404233..870afaa
--- a/configs/shibd-debian.in
+++ b/configs/shibd-debian.in
@@@ -29,6 -29,7 +29,7 @@@ DAEMON=@-PREFIX-@/sbin/$NAM
SCRIPTNAME=/etc/init.d/$NAME
PIDFILE=@-PKGRUNDIR-@/$NAME.pid
DAEMON_OPTS=""
+ DAEMON_USER=_shibd
# Force removal of socket
DAEMON_OPTS="$DAEMON_OPTS -f"
@@@ -51,36 -52,57 +52,56 @@@ DAEMON_OPTS="$DAEMON_OPTS -w 30
# Get the setting of VERBOSE and other rcS variables.
[ -f /etc/default/rcS ] && . /etc/default/rcS
- case "$1" in
- start)
+ prepare_environment () {
# Ensure @-PKGRUNDIR-@ exists. /var/run may be on a tmpfs file system.
[ -d '@-PKGRUNDIR-@' ] || mkdir -p '@-PKGRUNDIR-@'
+ if [ -n "$DAEMON_USER" ]; then
+ if DIAG=$(su -s $DAEMON $DAEMON_USER -- -t $DAEMON_OPTS 2>/dev/null); then
+ # openssl errstr 200100D (hex for 33558541) says:
+ # error:0200100D:system library:fopen:Permission denied
+ if echo "$DIAG" | fgrep -q 'ERROR OpenSSL : error code: 33558541 '; then
+ unset DAEMON_USER
+ echo "$NAME warning: file permissions require running as root"
+ else
+ chown -R "$DAEMON_USER" '@-PKGRUNDIR-@' '@-PKGLOGDIR-@'
+ fi
+ else
+ unset DAEMON_USER
+ echo "$NAME error: unable to run config check as user $DAEMON_USER"
+ fi
+ unset DIAG
+ fi
+ }
+
+ case "$1" in
+ start)
+ prepare_environment
+
# Don't start shibd if NO_START is set.
if [ "$NO_START" = 1 ] ; then
echo "Not starting $DESC (see /etc/default/$NAME)"
exit 0
fi
echo -n "Starting $DESC: "
- start-stop-daemon --start --quiet \
+ start-stop-daemon --start --quiet ${DAEMON_USER:+--chuid $DAEMON_USER} \
--pidfile $PIDFILE --exec $DAEMON -- $DAEMON_OPTS
echo "$NAME."
;;
stop)
echo -n "Stopping $DESC: "
start-stop-daemon --stop --quiet --pidfile $PIDFILE \
- --exec $DAEMON
+ --retry TERM/30/KILL/5 --exec $DAEMON
echo "$NAME."
;;
restart|force-reload)
- # Ensure @-PKGRUNDIR-@ exists. /var/run may be on a tmpfs file system.
- [ -d '@-PKGRUNDIR-@' ] || mkdir -p '@-PKGRUNDIR-@'
+ prepare_environment
echo -n "Restarting $DESC: "
start-stop-daemon --stop --quiet --pidfile $PIDFILE \
- --exec $DAEMON
- sleep 1
+ --retry TERM/30/KILL/5 --exec $DAEMON
- start-stop-daemon --start --quiet --pidfile $PIDFILE \
- --exec $DAEMON -- $DAEMON_OPTS
+ start-stop-daemon --start --quiet ${DAEMON_USER:+--chuid $DAEMON_USER} \
- --pidfile $PIDFILE --exec $DAEMON -- $DAEMON_OPTS
++ -- pidfile $PIDFILE --exec $DAEMON -- $DAEMON_OPTS
echo "$NAME."
;;
*)
--
Debian packaging for the 2.0 Apache Shibboleth SP
More information about the Pkg-shibboleth-devel
mailing list