[pkgsrc/trunk]: pkgsrc/www/goaccess goaccess: Add patch for user-name options...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/www/goaccess goaccess: Add patch for user-name options...
From: roy <roy%pkgsrc.org@localhost>
Date: Mon, 06 Apr 2020 13:25:19 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/80b27ee87f70
branches:  trunk
changeset: 426297:80b27ee87f70
user:      roy <roy%pkgsrc.org@localhost>
date:      Mon Mar 30 11:31:25 2020 +0000

description:
goaccess: Add patch for user-name options and rc.d script

Patch accepted upstream.
This allows goaccess to run on demand html reports as the unpriviledged
user from rc.d

diffstat:

 www/goaccess/Makefile               |  19 +++++++-
 www/goaccess/distinfo               |   3 +-
 www/goaccess/files/goaccess.sh      |  52 ++++++++++++++++++++++
 www/goaccess/patches/patch-username |  86 +++++++++++++++++++++++++++++++++++++
 4 files changed, 157 insertions(+), 3 deletions(-)

diffs (195 lines):

diff -r 7da1eea1ac40 -r 80b27ee87f70 www/goaccess/Makefile
--- a/www/goaccess/Makefile     Mon Mar 30 11:07:18 2020 +0000
+++ b/www/goaccess/Makefile     Mon Mar 30 11:31:25 2020 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.25 2020/03/24 11:50:10 roy Exp $
+# $NetBSD: Makefile,v 1.26 2020/03/30 11:31:25 roy Exp $
 
 DISTNAME=      goaccess-1.3
-PKGREVISION=   4
+PKGREVISION=   5
 CATEGORIES=    www
 MASTER_SITES=  http://tar.goaccess.io/
 
@@ -28,6 +28,21 @@
 
 BROKEN_GETTEXT_DETECTION=      yes
 
+.include "../../mk/bsd.prefs.mk"
+
+GOACCESS_USER?=                ${APACHE_USER}
+GOACCESS_GROUP?=       ${APACHE_GROUP}
+
+BUILD_DEFS+=           VARBASE GOACCESS_USER GOACCESS_GROUP
+
+PKG_USERS_VARS=                GOACCESS_USER
+PKG_GROUPS_VARS=       GOACCESS_GROUP
+PKG_GROUPS=            ${GOACCESS_GROUP}
+PKG_USERS=             ${GOACCESS_USER}:${GOACCESS_GROUP}
+
+RCD_SCRIPTS+=          goaccess
+FILES_SUBST+=          GOACCESS_USER=${GOACCESS_USER:Q}
+
 .include "options.mk"
 
 pre-configure:
diff -r 7da1eea1ac40 -r 80b27ee87f70 www/goaccess/distinfo
--- a/www/goaccess/distinfo     Mon Mar 30 11:07:18 2020 +0000
+++ b/www/goaccess/distinfo     Mon Mar 30 11:31:25 2020 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.17 2020/03/23 17:15:56 roy Exp $
+$NetBSD: distinfo,v 1.18 2020/03/30 11:31:25 roy Exp $
 
 SHA1 (goaccess-1.3.tar.gz) = 24e889533e8d7a0fc533e7a0ad1bb303b2bb1af4
 RMD160 (goaccess-1.3.tar.gz) = b4744d1500a86ab56c94ce3612a8121b38cb3a37
@@ -10,3 +10,4 @@
 SHA1 (patch-src_error.c) = 522ea4010c86914715cdb40c1ac33045d4342daa
 SHA1 (patch-src_json.c) = ab8575a654299a5d08de635ca5bb71093419ca8e
 SHA1 (patch-src_tcbtdb.c) = fb0005899b08f74d0d3e6be4d5947a39fabdf278
+SHA1 (patch-username) = 6ac114fac0f86d9a3387edd93b40f12e4222be8f
diff -r 7da1eea1ac40 -r 80b27ee87f70 www/goaccess/files/goaccess.sh
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/www/goaccess/files/goaccess.sh    Mon Mar 30 11:31:25 2020 +0000
@@ -0,0 +1,52 @@
+#!@RCD_SCRIPTS_SHELL@
+
+# REQUIRE: DAEMON
+# PROVIDE: goaccess
+# KEYWORD: shutdown
+
+$_rc_subr_loaded . /etc/rc.subr
+
+name="goaccess"
+command="@PREFIX@/bin/$name"
+pidfile="/var/run/goaccess/$name.pid"
+start_precmd="goaccess_prestart"
+stop_postcmd="goaccess_poststop"
+
+: ${goaccess_username:=@GOACCESS_USER@}
+: ${goaccess_outfile:=/var/www/$name.html}
+
+goaccess_prestart()
+{
+       if [ -z "$goaccess_logfile" ]; then
+               echo "goacess_logfile is not set" >&2
+               return 1
+       fi
+
+       mkdir -p /var/run/goaccess
+       chown $goaccess_username /var/run/goaccess
+
+       rc_flags="-o $goaccess_outfile"
+       rc_flags="--real-time-html $rc_flags"
+       if [ -n "$goaccess_username" ]; then
+               rc_flags="--user-name $goaccess_username $rc_flags"
+       fi
+       rc_flags="--daemonize --pid-file $pidfile $rc_flags"
+
+       rc_flags="$rc_flags $goaccess_logfile"
+}
+
+goaccess_poststop()
+{
+       checkyesno goaccess_logrotate || return 0
+       [ -n "$goaccess_logfile " ] || return 0
+
+       echo "Rotating $goaccess_logfile"
+       if [ -x /usr/bin/newsyslog ]; then
+               /usr/bin/newsyslog -F $goaccess_logfile
+       else
+               echo "No logrotate mechanism!" >&2
+       fi
+}
+
+load_rc_config $name
+run_rc_command "$1"
diff -r 7da1eea1ac40 -r 80b27ee87f70 www/goaccess/patches/patch-username
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/www/goaccess/patches/patch-username       Mon Mar 30 11:31:25 2020 +0000
@@ -0,0 +1,86 @@
+$NetBSD: patch-username,v 1.1 2020/03/30 11:31:25 roy Exp $
+
+Accepted upstream here:
+https://github.com/allinurl/goaccess/pull/1718
+
+--- src/settings.h.orig        2020-03-24 14:02:12.012898702 +0000
++++ src/settings.h     2020-03-24 14:02:53.094348769 +0000
+@@ -147,6 +147,7 @@
+   int color_scheme;                 /* color scheme */
+   int crawlers_only ;               /* crawlers only */
+   int daemonize;                    /* run program as a Unix daemon */
++  const char *username;                   /* user to run program as */
+   int double_decode;                /* need to double decode */
+   int enable_html_resolver;         /* html/json/csv resolver */
+   int geo_db;                       /* legacy geoip db */
+--- src/options.c.orig 2020-03-24 14:01:49.531659575 +0000
++++ src/options.c      2020-03-24 14:02:51.274006910 +0000
+@@ -133,6 +133,7 @@
+   {"real-time-html"       , no_argument       , 0 ,  0  } ,
+   {"sort-panel"           , required_argument , 0 ,  0  } ,
+   {"static-file"          , required_argument , 0 ,  0  } ,
++  {"user-name"            , required_argument , 0 ,  0  } ,
+ #ifdef HAVE_LIBSSL
+   {"ssl-cert"             , required_argument , 0 ,  0  } ,
+   {"ssl-key"              , required_argument , 0 ,  0  } ,
+@@ -457,6 +458,9 @@
+   if (!strcmp ("daemonize", name))
+     conf.daemonize = 1;
+ 
++  if (!strcmp ("user-name", name))
++    conf.username = oarg;
++
+   /* WebSocket origin */
+   if (!strcmp ("origin", name))
+     conf.origin = oarg;
+--- src/goaccess.c.orig        2018-11-23 02:15:07.000000000 +0000
++++ src/goaccess.c     2020-03-27 11:28:44.797783056 +0000
+@@ -44,6 +44,7 @@
+ 
+ #include <fcntl.h>
+ #include <pthread.h>
++#include <pwd.h>
+ #include <signal.h>
+ #include <stdint.h>
+ #include <stdio.h>
+@@ -205,6 +206,27 @@
+   free (gwsreader);
+ }
+ 
++/* Drop permissions to the user specified. */
++static void
++drop_permissions(void)
++{
++  struct passwd *pw;
++
++  errno = 0;
++  if ((pw = getpwnam(conf.username)) == NULL) {
++    if (errno == 0)
++      FATAL ("No such user %s", conf.username);
++    FATAL ("Unable to retreive user %s: %s", conf.username, strerror (errno));
++  }
++
++  if (setgroups (1, &pw->pw_gid) == -1)
++    FATAL ("setgroups: %s", strerror (errno));
++  if (setgid (pw->pw_gid) == -1)
++    FATAL ("setgid: %s", strerror (errno));
++  if (setuid (pw->pw_uid) == -1)
++    FATAL ("setuid: %s", strerror (errno));
++}
++
+ /* Open the pidfile whose name is specified in the given path and write
+  * the daemonized given pid. */
+ static void
+@@ -1369,7 +1391,11 @@
+ static void
+ initializer (void)
+ {
+-  /* initialize modules and set first */
++  /* drop permissions right away */
++  if (conf.username)
++    drop_permissions ();
++
++  /* then initialize modules and set */
+   gscroll.current = init_modules ();
+   /* setup to use the current locale */
+   set_locale ();

Prev by Date: [pkgsrc/trunk]: pkgsrc/chat/weechat weechat: Drop patches that are no longer ...
Next by Date: [pkgsrc/trunk]: pkgsrc subversion-base: add option for plaintext password sto...
Previous by Thread: [pkgsrc/trunk]: pkgsrc/chat/weechat weechat: Drop patches that are no longer ...
Next by Thread: [pkgsrc/trunk]: pkgsrc subversion-base: add option for plaintext password sto...
Indexes:

Home | Main Index | Thread Index | Old Index