[amanda/f21] add kamanda unit files (#1077642)

Petr Hracek phracek at fedoraproject.org
Mon Nov 24 08:32:24 UTC 2014 

commit 72d4bcd2e4c6f68e6c375a00e6a9e03978defb1c
Author: Petr Hracek <phracek at redhat.com>
Date:   Fri Nov 21 16:39:44 2014 +0100

    add kamanda unit files (#1077642)

 amanda-krb5.patch |   56 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 amanda.spec       |   16 ++++++++++++++-
 kamanda.socket    |    9 ++++++++
 kamanda at .service  |    9 ++++++++
 4 files changed, 89 insertions(+), 1 deletions(-)
---
diff --git a/amanda-krb5.patch b/amanda-krb5.patch
new file mode 100644
index 0000000..f3e237a
--- /dev/null
+++ b/amanda-krb5.patch
@@ -0,0 +1,56 @@
+diff --git a/amandad-src/amandad.c b/amandad-src/amandad.c
+index d864c3f..4a899fb 100644
+--- a/amandad-src/amandad.c
++++ b/amandad-src/amandad.c
+@@ -456,7 +456,7 @@ main(
+     }
+ 
+ #ifndef SINGLE_USERID
+-    if (geteuid() == 0) {
++    if (getuid() == 0) {
+ 	if (strcasecmp(auth, "krb5") != 0) {
+ 	    struct passwd *pwd;
+ 	    /* lookup our local user name */
+diff --git a/common-src/krb5-security.c b/common-src/krb5-security.c
+index c3075fa..8d3b18a 100644
+--- a/common-src/krb5-security.c
++++ b/common-src/krb5-security.c
+@@ -334,6 +334,7 @@ krb5_accept(
+     char hostname[NI_MAXHOST];
+     int result;
+     char *errmsg = NULL;
++    struct passwd *pw;
+ 
+     krb5_init();
+ 
+@@ -372,6 +373,12 @@ krb5_accept(
+ 	error("gss_server failed: %s\n", rc->errmsg);
+     rc->accept_fn = fn;
+     sec_tcp_conn_read(rc);
++
++    /* totally drop privileges at this point
++     *(making the userid equal to the dumpuser)
++     */
++    pw = getpwnam(CLIENT_LOGIN);
++    setreuid(pw->pw_uid, pw->pw_uid);
+ }
+ 
+ /*
+@@ -712,7 +719,7 @@ krb5_init(void)
+     beenhere = 1;
+ 
+ #ifndef BROKEN_MEMORY_CCACHE
+-    putenv(stralloc("KRB5_ENV_CCNAME=MEMORY:amanda_ccache"));
++    putenv(stralloc(KRB5_ENV_CCNAME"=MEMORY:amanda_ccache"));
+ #else
+     /*
+      * MEMORY ccaches seem buggy and cause a lot of internal heap
+@@ -727,7 +734,7 @@ krb5_init(void)
+ 	char *ccache;
+ 	ccache = malloc(128);
+ 	g_snprintf(ccache, SIZEOF(ccache),
+-		 "KRB5_ENV_CCNAME=FILE:/tmp/amanda_ccache.%ld.%ld",
++		 KRB5_ENV_CCNAME"=FILE:/tmp/amanda_ccache.%ld.%ld",
+ 		 (long)geteuid(), (long)getpid());
+ 	putenv(ccache);
+     }
diff --git a/amanda.spec b/amanda.spec
index 20c95fd..2152dc0 100644
--- a/amanda.spec
+++ b/amanda.spec
@@ -10,7 +10,7 @@
 Summary: A network-capable tape backup solution
 Name: amanda
 Version: 3.3.6
-Release: 4%{?dist}
+Release: 5%{?dist}
 Source: http://downloads.sourceforge.net/amanda/amanda-%{version}.tar.gz
 Source1: amanda.crontab
 Source4: disklist
@@ -21,10 +21,13 @@ Source11: activate-devpay.1.gz
 Source12: killpgrp.8
 Source13: amanda-udp.socket
 Source14: amanda-udp.service
+Source15: kamanda.socket
+Source16: kamanda at .service
 Patch2: amanda-3.1.1-xattrs.patch
 Patch3: amanda-3.1.1-tcpport.patch
 Patch6: amanda-3.2.0-config-dir.patch
 Patch11: amanda-3.3.2-autogen.patch
+Patch12: amanda-krb5.patch
 
 License: BSD and GPLv3+ and GPLv2+ and GPLv2
 Group: Applications/System
@@ -106,6 +109,7 @@ server also needs to have the amanda-client package installed.
 %patch3 -p1 -b .tcpport
 %patch6 -p1 -b .config
 %patch11 -p1 -b .autogen
+%patch12 -p1 -b .krb5
 ./autogen
 
 %build
@@ -152,6 +156,8 @@ install -p -m 644 -D %{SOURCE9} %{buildroot}%{_unitdir}/amanda.socket
 install -p -m 644 -D %{SOURCE10} %{buildroot}%{_unitdir}/amanda at .service
 install -p -m 644 -D %{SOURCE13} %{buildroot}%{_unitdir}/amanda-udp.socket
 install -p -m 644 -D %{SOURCE14} %{buildroot}%{_unitdir}/amanda-udp.service
+install -p -m 644 -D %{SOURCE15} %{buildroot}%{_unitdir}/kamanda.socket
+install -p -m 644 -D %{SOURCE16} %{buildroot}%{_unitdir}/kamanda at .service
 install -D %{SOURCE11}  %{buildroot}/%{_mandir}/man1/activate-devpay.1.gz
 install -D %{SOURCE12}  %{buildroot}/%{_mandir}/man8/killpgrp.8
 
@@ -188,15 +194,18 @@ rm -rf ${RPM_BUILD_ROOT}
 /sbin/ldconfig
 %systemd_post amanda.socket
 %systemd_post amanda-udp.socket
+%systemd_post kamanda.socket
 
 %preun
 %systemd_preun amanda.socket
 %systemd_preun amanda-udp.socket
+%systemd_preun kamanda.socket
 
 %postun
 /sbin/ldconfig
 %systemd_postun_with_restart amanda.socket
 %systemd_postun_with_restart amanda-udp.socket
+%systemd_postun_with_restart kamanda.socket
 
 %post client -p /sbin/ldconfig
 
@@ -212,6 +221,8 @@ rm -rf ${RPM_BUILD_ROOT}
 %{_unitdir}/amanda.socket
 %{_unitdir}/amanda-udp.service
 %{_unitdir}/amanda-udp.socket
+%{_unitdir}/kamanda at .service
+%{_unitdir}/kamanda.socket
 
 %dir %{_libexecdir}/amanda
 %{_libexecdir}/amanda/amandad
@@ -470,6 +481,9 @@ rm -rf ${RPM_BUILD_ROOT}
 
 
 %changelog
+* Mon Nov 24 2014 Petr Hracek <phracek at redhat.com> - 3.3.6-5
+- add kamanda systemd unit files (#1077642)
+
 * Tue Nov 11 2014 Petr Hracek <phracek at redhat.com> - 3.3.6-4
 - Resolves #1033896 - add amindexd as argument to amandad
 
diff --git a/kamanda.socket b/kamanda.socket
new file mode 100644
index 0000000..13b786b
--- /dev/null
+++ b/kamanda.socket
@@ -0,0 +1,9 @@
+[Unit]
+Description=Amanda Kerberos Activation Socket
+
+[Socket]
+ListenStream=10082
+Accept=true
+
+[Install]
+WantedBy=sockets.target
diff --git a/kamanda at .service b/kamanda at .service
new file mode 100644
index 0000000..50007de
--- /dev/null
+++ b/kamanda at .service
@@ -0,0 +1,9 @@
+[Unit]
+Description=Amanda Backup System
+After=local-fs.target
+
+[Service]
+User=root
+Group=disk
+ExecStart=/usr/sbin/amandad -auth=krb5 amdump amindexd amidxtaped
+StandardInput=socket

More information about the scm-commits mailing list