[couchdb/f20] - SELinux: Use /usr/libexec/couchdb wrapper for systemd ExecStart, executes as couchdb_t Additiona
Warren Togami
wtogami at fedoraproject.org
Mon Jul 7 05:52:43 UTC 2014
commit e4f42ac873869f586d44eb8c73c5a2c60d7aef82
Author: Warren Togami <wtogami at gmail.com>
Date: Sun Jul 6 19:52:28 2014 -1000
- SELinux: Use /usr/libexec/couchdb wrapper for systemd ExecStart, executes as couchdb_t
Additional fixes to selinux-policy are required,
see latest status http://wtogami.fedorapeople.org/a/2014/couchdb.txt
- Remove -heart from ExecStart, systemd handles service runtime
- default.ini contains default configuration from upstream.
It has previously warned users to not modify it as it will be overwritten on package upgrade.
Now package upgrades really will overwrite default.ini.
- Configuration is read during CouchDB startup in this order:
default.ini -> default.d/*.ini -> local.d/*.ini -> local.ini
Other packages are meant to drop configuration into default.d/
Users can modify local.ini or add new files in local.d/
- CouchDB runtime config changes are written to local.ini
...passing-directories-as-the-config-sources.patch | 51 ---------
couchdb-0012-Expand-.d-directories-in-erlang.patch | 112 ++++++++++++++++++++
couchdb.service | 2 +-
couchdb.spec | 34 +++---
4 files changed, 131 insertions(+), 68 deletions(-)
---
diff --git a/couchdb-0012-Expand-.d-directories-in-erlang.patch b/couchdb-0012-Expand-.d-directories-in-erlang.patch
new file mode 100644
index 0000000..16c365a
--- /dev/null
+++ b/couchdb-0012-Expand-.d-directories-in-erlang.patch
@@ -0,0 +1,112 @@
+From c530313acb1c8ed59962eae676f919e1ea53bf96 Mon Sep 17 00:00:00 2001
+From: Robert Newson <rnewson at apache.org>
+Date: Sun, 6 Jul 2014 23:47:23 +0100
+Subject: [PATCH 12/12] Expand .d directories in erlang
+
+---
+ bin/couchdb.tpl.in | 26 +++++++++-----------------
+ src/couchdb/couch_app.erl | 12 +++++++++++-
+ 2 files changed, 20 insertions(+), 18 deletions(-)
+
+diff --git a/bin/couchdb.tpl.in b/bin/couchdb.tpl.in
+index ba034cc..ffdbb17 100644
+--- a/bin/couchdb.tpl.in
++++ b/bin/couchdb.tpl.in
+@@ -120,7 +120,7 @@ _get_pid () {
+ echo $PID
+ }
+
+-_add_config_file () {
++_add_config_path () {
+ if test -z "$print_arguments"; then
+ print_arguments="$1"
+ else
+@@ -134,14 +134,6 @@ EOF
+ background_start_arguments="$background_start_arguments -a $1"
+ }
+
+-_add_config_dir () {
+- for file in "$1"/*.ini; do
+- if [ -r "$file" ]; then
+- _add_config_file "$file"
+- fi
+- done
+-}
+-
+ _add_erlang_config () {
+ if [ -r "$1" ]; then
+ ERL_START_OPTIONS="$ERL_START_OPTIONS -config '$1'"
+@@ -149,15 +141,15 @@ _add_erlang_config () {
+ }
+
+ _load_config () {
+- _add_config_file "$DEFAULT_CONFIG_FILE"
+- _add_config_dir "$DEFAULT_CONFIG_DIR"
++ _add_config_path "$DEFAULT_CONFIG_FILE"
++ _add_config_path "$DEFAULT_CONFIG_DIR"
+ # We initialize plugins here to get the desired default config load order
+ _find_plugins
+- _add_config_file "$LOCAL_CONFIG_FILE"
+- _add_config_dir "$LOCAL_CONFIG_DIR"
++ _add_config_path "$LOCAL_CONFIG_DIR"
++ _add_config_path "$LOCAL_CONFIG_FILE"
+ if [ "$COUCHDB_ADDITIONAL_CONFIG_FILE" != '' ]
+ then
+- _add_config_file "$COUCHDB_ADDITIONAL_CONFIG_FILE"
++ _add_config_path "$COUCHDB_ADDITIONAL_CONFIG_FILE"
+ fi
+ }
+
+@@ -238,7 +230,7 @@ _find_plugins () {
+ else
+ ERL_ZFLAGS="$ERL_ZFLAGS -pz '$plugin/ebin'"
+ fi
+- _add_config_dir "$plugin/priv/default.d"
++ _add_config_path "$plugin/priv/default.d"
+ _add_erlang_config "$plugin/priv/couch_plugin.config"
+ fi
+ done
+@@ -358,8 +350,8 @@ parse_script_option_list () {
+ case "$1" in
+ -h) shift; display_help; exit;;
+ -V) shift; display_version; exit;;
+- -a) shift; _add_config_file "$1"; shift;;
+- -A) shift; _add_config_dir "$1"; shift;;
++ -a) shift; _add_config_path "$1"; shift;;
++ -A) shift; _add_config_path "$1"; shift;;
+ -n) shift; _reset_config;;
+ -c) shift; _print_config; exit;;
+ -i) shift; INTERACTIVE=true;;
+diff --git a/src/couchdb/couch_app.erl b/src/couchdb/couch_app.erl
+index 42411a8..d6d8c0c 100644
+--- a/src/couchdb/couch_app.erl
++++ b/src/couchdb/couch_app.erl
+@@ -15,6 +15,7 @@
+ -behaviour(application).
+
+ -include("couch_db.hrl").
++-include_lib("kernel/include/file.hrl").
+
+ -export([start/2, stop/1]).
+
+@@ -37,7 +38,16 @@ get_ini_files(Default) ->
+ {ok, [[]]} ->
+ Default;
+ {ok, [Values]} ->
+- Values
++ lists:flatmap(fun(V) ->
++ case file:read_file_info(V) of
++ {ok, #file_info{type = regular}} ->
++ [V];
++ {ok, #file_info{type = directory}} ->
++ lists:sort(filelib:wildcard(filename:join([V, "*.ini"])));
++ {error, enoent} ->
++ []
++ end
++ end, Values)
+ end.
+
+ start_apps([]) ->
+--
+1.9.3
+
diff --git a/couchdb.service b/couchdb.service
index 5ae4674..d092eb9 100644
--- a/couchdb.service
+++ b/couchdb.service
@@ -12,7 +12,7 @@ Restart=always
StartLimitInterval=10
StartLimitBurst=5
PIDFile=/var/run/couchdb/couchdb.pid
-ExecStart=/usr/libexec/couchdb +Bd -noinput -sasl errlog_type error +K true +A 4 -couch_ini /etc/couchdb/default.ini /etc/couchdb/local.ini /etc/couchdb/local.d/ /etc/couchdb/self.ini -s couch -pidfile /var/run/couchdb/couchdb.pid -heart
+ExecStart=/usr/libexec/couchdb +Bd -noinput -sasl errlog_type error +K true +A 4 -couch_ini /etc/couchdb/default.ini /etc/couchdb/default.d/ /etc/couchdb/local.d/ /etc/couchdb/local.ini -s couch -pidfile /var/run/couchdb/couchdb.pid
[Install]
WantedBy=multi-user.target
diff --git a/couchdb.spec b/couchdb.spec
index 6201947..ebd1453 100644
--- a/couchdb.spec
+++ b/couchdb.spec
@@ -7,7 +7,7 @@
Name: couchdb
Version: 1.6.0
-Release: 6%{?dist}
+Release: 7%{?dist}
Summary: A document database server, accessible via a RESTful JSON API
Group: Applications/Databases
@@ -30,7 +30,7 @@ Patch8: couchdb-0008-Fix-for-Erlang-R16B01.patch
Patch9: couchdb-0009-README-was-renamed.patch
Patch10: couchdb-0010-Use-_DEFAULT_SOURCE-instead-of-obsolete-_BSD_SOURCE.patch
Patch11: couchdb-0011-Silence-redundant-logging-to-stdout-stderr.patch
-Patch12: couchdb-0012-Allow-passing-directories-as-the-config-sources.patch
+Patch12: couchdb-0012-Expand-.d-directories-in-erlang.patch
BuildRequires: autoconf
BuildRequires: autoconf-archive
@@ -105,13 +105,14 @@ JavaScript acting as the default view definition language.
%patch7 -p1 -b .fix_respawn
%if 0%{?fedora}%{?el7}
%patch8 -p1 -b .r16b01
-%patch11 -p1 -b .redundant_logging
-%patch12 -p1 -b .ini_dirs
%endif
%patch9 -p1 -b .renamed
%if 0%{?fedora} > 20
%patch10 -p1 -b .default_instead_of_bsd
%endif
+%patch11 -p1 -b .redundant_logging
+%patch12 -p1 -b .expands_d
+
#gzip -d -k ./share/doc/build/latex/CouchDB.pdf.gz
# Remove bundled libraries
@@ -153,9 +154,6 @@ rm -rf %{buildroot}%{_sysconfdir}/default/
install -D -m 755 %{SOURCE5} %{buildroot}%{_libexecdir}/%{name}
%endif
-# CouchDB Self-modifying .ini
-echo "; COUCHDB WRITES RUNTIME CONFIG CHANGES HERE" > %{buildroot}%{_sysconfdir}/%{name}/self.ini
-
# Remove *.la files
find %{buildroot} -type f -name "*.la" -delete
@@ -211,9 +209,8 @@ fi
%dir %{_sysconfdir}/%{name}
%dir %{_sysconfdir}/%{name}/local.d
%dir %{_sysconfdir}/%{name}/default.d
-%config(noreplace) %attr(0644, %{name}, %{name}) %{_sysconfdir}/%{name}/default.ini
+%config %attr(0644, %{name}, %{name}) %{_sysconfdir}/%{name}/default.ini
%config(noreplace) %attr(0644, %{name}, %{name}) %{_sysconfdir}/%{name}/local.ini
-%config(noreplace) %attr(0644, %{name}, %{name}) %{_sysconfdir}/%{name}/self.ini
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
%if 0%{?el7}%{?fedora}
%{_tmpfilesdir}/%{name}.conf
@@ -243,13 +240,18 @@ fi
%changelog
* Sun Jul 06 2014 Warren Togami <wtogami at gmail.com> - 1.6.0-7
-- Add /usr/libexec/couchdb wrapper to ExecStart from systemd which executes couchdb with couchdb_t for the first time.
- Additional fixes to selinux-policy are required, see http://wtogami.fedorapeople.org/a/2014/couchdb-selinux.txt
-- Add /etc/couchdb/self.ini as last .ini, CouchDB writes to only the last .ini file during runtime.
-- default.d/ and local.d/ never worked with couchdb + systemd so we are dropping default.d/
- default.ini and local.ini are reference configuration from upstream.
- Users are meant to add overrides or custom configuration to local.d/*.ini files.
- self.ini is written to by CouchDB itself and overrides the previous *.ini.
+- SELinux: Use /usr/libexec/couchdb wrapper for systemd ExecStart, executes as couchdb_t
+ Additional fixes to selinux-policy are required,
+ see latest status http://wtogami.fedorapeople.org/a/2014/couchdb.txt
+- Remove -heart from ExecStart, systemd handles service runtime
+- default.ini contains default configuration from upstream.
+ It has previously warned users to not modify it as it will be overwritten on package upgrade.
+ Now package upgrades really will overwrite default.ini.
+- Configuration is read during CouchDB startup in this order:
+ default.ini -> default.d/*.ini -> local.d/*.ini -> local.ini
+ Other packages are meant to drop configuration into default.d/
+ Users can modify local.ini or add new files in local.d/
+- CouchDB runtime config changes are written to local.ini
* Thu Jul 03 2014 Warren Togami <wtogami at gmail.com> - 1.6.0-6
- silence stdout/stderr to prevent redundant flooding of /var/log/messages
More information about the scm-commits
mailing list