diff options
| author | roy <roy@pkgsrc.org> | 2020-03-30 11:31:25 +0000 |
|---|---|---|
| committer | roy <roy@pkgsrc.org> | 2020-03-30 11:31:25 +0000 |
| commit | b7df56a93bf55455944f26b7182a9598547d158f (patch) | |
| tree | 640be29498573369329c73319f20cfb7dd0634ef | |
| parent | 6e74eee0cb5ebee59f81f722a0176d30783b1ef6 (diff) | |
| download | pkgsrc-b7df56a93bf55455944f26b7182a9598547d158f.tar.gz | |
goaccess: Add patch for user-name options and rc.d script
Patch accepted upstream.
This allows goaccess to run on demand html reports as the unpriviledged
user from rc.d
| -rw-r--r-- | www/goaccess/Makefile | 19 | ||||
| -rw-r--r-- | www/goaccess/distinfo | 3 | ||||
| -rwxr-xr-x | www/goaccess/files/goaccess.sh | 52 | ||||
| -rw-r--r-- | www/goaccess/patches/patch-username | 86 |
4 files changed, 157 insertions, 3 deletions
diff --git a/www/goaccess/Makefile b/www/goaccess/Makefile index d984c3b9f36..4e6a820c797 100644 --- a/www/goaccess/Makefile +++ b/www/goaccess/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.25 2020/03/24 11:50:10 roy Exp $ +# $NetBSD: Makefile,v 1.26 2020/03/30 11:31:25 roy Exp $ DISTNAME= goaccess-1.3 -PKGREVISION= 4 +PKGREVISION= 5 CATEGORIES= www MASTER_SITES= http://tar.goaccess.io/ @@ -28,6 +28,21 @@ CPPFLAGS.SunOS+= -D__EXTENSIONS__ BROKEN_GETTEXT_DETECTION= yes +.include "../../mk/bsd.prefs.mk" + +GOACCESS_USER?= ${APACHE_USER} +GOACCESS_GROUP?= ${APACHE_GROUP} + +BUILD_DEFS+= VARBASE GOACCESS_USER GOACCESS_GROUP + +PKG_USERS_VARS= GOACCESS_USER +PKG_GROUPS_VARS= GOACCESS_GROUP +PKG_GROUPS= ${GOACCESS_GROUP} +PKG_USERS= ${GOACCESS_USER}:${GOACCESS_GROUP} + +RCD_SCRIPTS+= goaccess +FILES_SUBST+= GOACCESS_USER=${GOACCESS_USER:Q} + .include "options.mk" pre-configure: diff --git a/www/goaccess/distinfo b/www/goaccess/distinfo index 022c6e12829..bd8b1cfbd90 100644 --- a/www/goaccess/distinfo +++ b/www/goaccess/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.17 2020/03/23 17:15:56 roy Exp $ +$NetBSD: distinfo,v 1.18 2020/03/30 11:31:25 roy Exp $ SHA1 (goaccess-1.3.tar.gz) = 24e889533e8d7a0fc533e7a0ad1bb303b2bb1af4 RMD160 (goaccess-1.3.tar.gz) = b4744d1500a86ab56c94ce3612a8121b38cb3a37 @@ -10,3 +10,4 @@ SHA1 (patch-configure.ac) = 7cf4b8b57e2f335a81cfd81f929aafe7aa41aa79 SHA1 (patch-src_error.c) = 522ea4010c86914715cdb40c1ac33045d4342daa SHA1 (patch-src_json.c) = ab8575a654299a5d08de635ca5bb71093419ca8e SHA1 (patch-src_tcbtdb.c) = fb0005899b08f74d0d3e6be4d5947a39fabdf278 +SHA1 (patch-username) = 6ac114fac0f86d9a3387edd93b40f12e4222be8f diff --git a/www/goaccess/files/goaccess.sh b/www/goaccess/files/goaccess.sh new file mode 100755 index 00000000000..d1567a0c838 --- /dev/null +++ b/www/goaccess/files/goaccess.sh @@ -0,0 +1,52 @@ +#!@RCD_SCRIPTS_SHELL@ + +# REQUIRE: DAEMON +# PROVIDE: goaccess +# KEYWORD: shutdown + +$_rc_subr_loaded . /etc/rc.subr + +name="goaccess" +command="@PREFIX@/bin/$name" +pidfile="/var/run/goaccess/$name.pid" +start_precmd="goaccess_prestart" +stop_postcmd="goaccess_poststop" + +: ${goaccess_username:=@GOACCESS_USER@} +: ${goaccess_outfile:=/var/www/$name.html} + +goaccess_prestart() +{ + if [ -z "$goaccess_logfile" ]; then + echo "goacess_logfile is not set" >&2 + return 1 + fi + + mkdir -p /var/run/goaccess + chown $goaccess_username /var/run/goaccess + + rc_flags="-o $goaccess_outfile" + rc_flags="--real-time-html $rc_flags" + if [ -n "$goaccess_username" ]; then + rc_flags="--user-name $goaccess_username $rc_flags" + fi + rc_flags="--daemonize --pid-file $pidfile $rc_flags" + + rc_flags="$rc_flags $goaccess_logfile" +} + +goaccess_poststop() +{ + checkyesno goaccess_logrotate || return 0 + [ -n "$goaccess_logfile " ] || return 0 + + echo "Rotating $goaccess_logfile" + if [ -x /usr/bin/newsyslog ]; then + /usr/bin/newsyslog -F $goaccess_logfile + else + echo "No logrotate mechanism!" >&2 + fi +} + +load_rc_config $name +run_rc_command "$1" diff --git a/www/goaccess/patches/patch-username b/www/goaccess/patches/patch-username new file mode 100644 index 00000000000..6fbac95500d --- /dev/null +++ b/www/goaccess/patches/patch-username @@ -0,0 +1,86 @@ +$NetBSD: patch-username,v 1.1 2020/03/30 11:31:25 roy Exp $ + +Accepted upstream here: +https://github.com/allinurl/goaccess/pull/1718 + +--- src/settings.h.orig 2020-03-24 14:02:12.012898702 +0000 ++++ src/settings.h 2020-03-24 14:02:53.094348769 +0000 +@@ -147,6 +147,7 @@ + int color_scheme; /* color scheme */ + int crawlers_only ; /* crawlers only */ + int daemonize; /* run program as a Unix daemon */ ++ const char *username; /* user to run program as */ + int double_decode; /* need to double decode */ + int enable_html_resolver; /* html/json/csv resolver */ + int geo_db; /* legacy geoip db */ +--- src/options.c.orig 2020-03-24 14:01:49.531659575 +0000 ++++ src/options.c 2020-03-24 14:02:51.274006910 +0000 +@@ -133,6 +133,7 @@ + {"real-time-html" , no_argument , 0 , 0 } , + {"sort-panel" , required_argument , 0 , 0 } , + {"static-file" , required_argument , 0 , 0 } , ++ {"user-name" , required_argument , 0 , 0 } , + #ifdef HAVE_LIBSSL + {"ssl-cert" , required_argument , 0 , 0 } , + {"ssl-key" , required_argument , 0 , 0 } , +@@ -457,6 +458,9 @@ + if (!strcmp ("daemonize", name)) + conf.daemonize = 1; + ++ if (!strcmp ("user-name", name)) ++ conf.username = oarg; ++ + /* WebSocket origin */ + if (!strcmp ("origin", name)) + conf.origin = oarg; +--- src/goaccess.c.orig 2018-11-23 02:15:07.000000000 +0000 ++++ src/goaccess.c 2020-03-27 11:28:44.797783056 +0000 +@@ -44,6 +44,7 @@ + + #include <fcntl.h> + #include <pthread.h> ++#include <pwd.h> + #include <signal.h> + #include <stdint.h> + #include <stdio.h> +@@ -205,6 +206,27 @@ + free (gwsreader); + } + ++/* Drop permissions to the user specified. */ ++static void ++drop_permissions(void) ++{ ++ struct passwd *pw; ++ ++ errno = 0; ++ if ((pw = getpwnam(conf.username)) == NULL) { ++ if (errno == 0) ++ FATAL ("No such user %s", conf.username); ++ FATAL ("Unable to retreive user %s: %s", conf.username, strerror (errno)); ++ } ++ ++ if (setgroups (1, &pw->pw_gid) == -1) ++ FATAL ("setgroups: %s", strerror (errno)); ++ if (setgid (pw->pw_gid) == -1) ++ FATAL ("setgid: %s", strerror (errno)); ++ if (setuid (pw->pw_uid) == -1) ++ FATAL ("setuid: %s", strerror (errno)); ++} ++ + /* Open the pidfile whose name is specified in the given path and write + * the daemonized given pid. */ + static void +@@ -1369,7 +1391,11 @@ + static void + initializer (void) + { +- /* initialize modules and set first */ ++ /* drop permissions right away */ ++ if (conf.username) ++ drop_permissions (); ++ ++ /* then initialize modules and set */ + gscroll.current = init_modules (); + /* setup to use the current locale */ + set_locale (); |