OpenPKG Specs / file revision

openpkg/rc.openpkg@0ba300bdf30a

openpkg/rc.openpkg

Mon, 20 Apr 2009 19:22:00 +0200

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Mon, 20 Apr 2009 19:22:00 +0200
changeset 178
0ba300bdf30a
child 427
71503088f51b
permissions
-rw-r--r--

Change unfortunate but partly useful overreaching security tradeoff.
The principle of allocating each running process an individual system
user and group can have security benefits, however maintining a plethora
of users, groups, processes, file modes, file permissions, and even
nonportable file ACLs on a host serving from a hundred processes has
some security disadvantages. This tradeoff is even worse for systems
like OpenPKG which benefit from administration transparency through the
use of minimal system intrusion and only three usage privilege levels.

     1 #!@l_prefix@/bin/openpkg rc

     2 ##

     3 ##  rc.openpkg -- Run-Commands

     4 ##

     5 

     6 %config

     7     openpkg_rc_def="yes"

     8     openpkg_rc_all="$openpkg_rc_def"

     9     openpkg_enable="$openpkg_rc_def"

    10     openpkg_envprio="high"

    11     openpkg_reghour="3"

    12     openpkg_regrand="1"

    13 

    14 %status -o

    15     openpkg_usable="unknown"

    16     openpkg_active="unknown"

    17     echo "openpkg_enable=\"$openpkg_enable\""

    18     echo "openpkg_usable=\"$openpkg_usable\""

    19     echo "openpkg_active=\"$openpkg_active\""

    20 

    21 %info -o

    22     @l_prefix@/bin/openpkg uuid info

    23 

    24 %start -p0

    25     rcService openpkg enable yes || exit 0

    26     #   update UUID information (in background to not slow down boot sequences)

    27     (nohup @l_prefix@/bin/openpkg uuid update </dev/null >/dev/null 2>&1 &) >/dev/null 2>&1

    28 

    29 %hourly -u @l_musr@

    30     rcService openpkg enable yes || exit 0

    31     #   automatic (re-)registration

    32     reregister=0

    33     #   re-register if previously registered

    34     @l_prefix@/bin/openpkg register --printstatus >/dev/null 2>&1 && reregister=1

    35     #   re-register if "openpkg" executable from community series

    36     [ $reregister -eq 0 ] && @l_prefix@/bin/openpkg --license 2>/dev/null \

    37     | sed -e 'q' | egrep '[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*-C' >/dev/null && reregister=1

    38     #   re-register if "openpkg release" configured to pull packages directly from openpkg.(org|com|net)

    39     [ $reregister -eq 0 ] && @l_prefix@/bin/openpkg release --fmt='%u' \

    40     | egrep '^[^:]*://(([^:]*:)?([^@]*@)?)?([^/]*\.)?openpkg\.(com|org|net)/' >/dev/null && reregister=1

    41     #   perform (re-)registration

    42     if [ $reregister -eq 1 ]; then

    43         [ $openpkg_reghour -lt 00 -o $openpkg_reghour -gt 23 ] && openpkg_reghour="3"

    44         now=`date '+%H'`

    45         [ $openpkg_reghour -eq $now ] || exit 0

    46         [ $openpkg_regrand -lt 01 -o $openpkg_regrand -gt 04 ] && openpkg_regrand="1"

    47         rnd=`expr $RANDOM \* 3600 \* $openpkg_regrand / 32768`

    48         (nohup @l_prefix@/lib/openpkg/bash -c "sleep $rnd; @l_prefix@/bin/openpkg register" </dev/null >/dev/null 2>&1 &) >/dev/null 2>&1

    49     fi

    50 

    51 %daily -p0

    52     rcService openpkg enable yes || exit 0

    53     #   update UUID information

    54     @l_prefix@/bin/openpkg uuid update >/dev/null 2>&1 || true

    55 

    56 %env -p0

    57     rcService openpkg enable yes || exit 0

    58 

    59     #   determine append (low prio) or prepend (high prio) mode

    60     opt_prepend=""

    61     if [ ".$openpkg_envprio" = ".high" ]; then

    62         opt_prepend="-p"

    63     fi

    64 

    65     #   make sure the software package executables are found

    66     export PATH

    67     rcPath -a -e PATH \

    68         /bin /sbin /usr/bin /usr/sbin

    69     rcPath -a ${opt_prepend} PATH \

    70         @l_prefix@/bin @l_prefix@/sbin \

    71         @l_prefix@/local/bin @l_prefix@/local/sbin

    72 

    73     #   make sure the software package manual pages are found

    74     export MANPATH

    75     rcPath -a -e MANPATH \

    76         /usr/man /usr/share/man

    77     rcPath -a ${opt_prepend} MANPATH \

    78         @l_prefix@/man @l_prefix@/local/man

    79 

    80     #   make sure the software package info pages are found

    81     export INFOPATH

    82     rcPath -a -e INFOPATH \

    83         /usr/info /usr/share/info

    84     rcPath -a ${opt_prepend} INFOPATH \

    85         @l_prefix@/info @l_prefix@/local/info

    86 

    87     #   make sure the software package libraries are found

    88     export LD_LIBRARY_PATH

    89     rcPath -a -e LD_LIBRARY_PATH \

    90         /lib /usr/lib

    91     rcPath -a ${opt_prepend} LD_LIBRARY_PATH \

    92         @l_prefix@/lib @l_prefix@/local/lib

    93 

    94     #   cleanup

    95     unset opt_prepend

    96

Mercurial Repository: OpenPKG Specs

Europalab SCM Repository Server

mercurial