From 1ec440700808146e9fbd9018a4471b1c88c308d7 Mon Sep 17 00:00:00 2001 From: kekskurse Date: Mon, 29 Nov 2021 06:12:26 +0100 Subject: [PATCH] Run as non-root-user --- .goreleaser.yml | 4 +++- init/http-server-status.service | 2 +- scripts/postinstall.sh | 2 +- scripts/postremove.sh | 1 + scripts/preinstall.sh | 4 ++++ 5 files changed, 10 insertions(+), 3 deletions(-) create mode 100644 scripts/postremove.sh create mode 100644 scripts/preinstall.sh diff --git a/.goreleaser.yml b/.goreleaser.yml index fb51e6f..26e325b 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -53,4 +53,6 @@ nfpms: - src: config.yml dst: /etc/http-server-status/config.yml.sample scripts: - postinstall: "scripts/postinstall.sh" \ No newline at end of file + postinstall: "scripts/postinstall.sh" + preinstall: "scripts/preinstall.sh" + postremove: "scripts/postremove.sh" \ No newline at end of file diff --git a/init/http-server-status.service b/init/http-server-status.service index c5bce00..10ef4ab 100644 --- a/init/http-server-status.service +++ b/init/http-server-status.service @@ -4,7 +4,7 @@ After=syslog.target [Service] Type=simple -User=root +User=http-server-status ExecStart=/usr/local/bin/http-server-status SyslogIdentifier=http-server-status StandardOutput=syslog diff --git a/scripts/postinstall.sh b/scripts/postinstall.sh index 6061044..fc2b05d 100644 --- a/scripts/postinstall.sh +++ b/scripts/postinstall.sh @@ -1,2 +1,2 @@ systemctl daemon-reload -systemctl restart http-server-status \ No newline at end of file +systemctl is-active --quiet http-server-status && systemctl restart http-server-status && echo "Restart Service" diff --git a/scripts/postremove.sh b/scripts/postremove.sh new file mode 100644 index 0000000..312c11a --- /dev/null +++ b/scripts/postremove.sh @@ -0,0 +1 @@ +deluser --remove-home http-server-status \ No newline at end of file diff --git a/scripts/preinstall.sh b/scripts/preinstall.sh new file mode 100644 index 0000000..da9128c --- /dev/null +++ b/scripts/preinstall.sh @@ -0,0 +1,4 @@ +#/bin/sh +if ! id -u http-server-status > /dev/null 2>&1; then + adduser --system http-server-status +fi \ No newline at end of file