diff options
| author | Oliver Smith <osmith@sysmocom.de> | 2024-04-19 15:56:59 +0200 |
|---|---|---|
| committer | Oliver Smith <osmith@sysmocom.de> | 2024-04-22 10:39:58 +0200 |
| commit | c9f254dee869331fd1a2ed57f9e3872bcd577b31 (patch) | |
| tree | fb511a0669ee2bb7e880d72e3a0ce1ffe863e637 | |
| parent | 7d1b84d3e3da6a21af4eef20df67c9a28d4089a9 (diff) | |
Remove User= and Group= from systemd service filesosmith/201705201705
Service files of Osmocom programs will have User= and Group= in the
future, so these don't run as root. It was decided that for OE-based
systems, we will still run them as root for now.
Related: OS#5684, OS#4107
Change-Id: I68a8fba034aeb0e2923b2958b8d6842410d8b23c
| -rw-r--r-- | recipes-osmocom/libosmo-sccp/libosmo-sccp.inc | 8 | ||||
| -rw-r--r-- | recipes-osmocom/osmo-bsc/osmo-bsc.inc | 8 | ||||
| -rw-r--r-- | recipes-osmocom/osmo-gbproxy/osmo-gbproxy.inc | 8 | ||||
| -rw-r--r-- | recipes-osmocom/osmo-ggsn/osmo-ggsn.inc | 8 | ||||
| -rw-r--r-- | recipes-osmocom/osmo-hlr/osmo-hlr.inc | 6 | ||||
| -rw-r--r-- | recipes-osmocom/osmo-hnbgw/osmo-hnbgw.inc | 7 | ||||
| -rw-r--r-- | recipes-osmocom/osmo-mgw/osmo-mgw.inc | 8 | ||||
| -rw-r--r-- | recipes-osmocom/osmo-msc/osmo-msc.inc | 8 | ||||
| -rw-r--r-- | recipes-osmocom/osmo-pcap/osmo-pcap.inc | 10 | ||||
| -rw-r--r-- | recipes-osmocom/osmo-sgsn/osmo-sgsn.inc | 10 | ||||
| -rw-r--r-- | recipes-osmocom/osmo-sip-connector/osmo-sip-connector.inc | 8 |
11 files changed, 69 insertions, 20 deletions
diff --git a/recipes-osmocom/libosmo-sccp/libosmo-sccp.inc b/recipes-osmocom/libosmo-sccp/libosmo-sccp.inc index 0f1f28d..34454b1 100644 --- a/recipes-osmocom/libosmo-sccp/libosmo-sccp.inc +++ b/recipes-osmocom/libosmo-sccp/libosmo-sccp.inc @@ -3,7 +3,7 @@ DEPENDS = "libosmocore libosmo-netif" HOMEPAGE = "https://osmocom.org/projects/libosmo-sccp" LICENSE = "AGPLv3" -INC_PR="r2.${META_TELEPHONY_OSMO_INC}" +INC_PR="r3.${META_TELEPHONY_OSMO_INC}" LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" @@ -18,10 +18,14 @@ PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_system_unitdir}, # access symbols not starting with osmo_* EXTRA_OECONF_remove = "--disable-static" -# StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): do_install_append() { + # StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): sed -i '/^StateDirectory=/d' "${D}${systemd_system_unitdir}/osmo-stp.service" sed -i '/^WorkingDirectory=/d' "${D}${systemd_system_unitdir}/osmo-stp.service" + + # Run as root (OS#5684): + sed -i '/^User=/d' "${D}${systemd_system_unitdir}/osmo-stp.service" + sed -i '/^Group=/d' "${D}${systemd_system_unitdir}/osmo-stp.service" } PACKAGES =+ "osmo-stp" diff --git a/recipes-osmocom/osmo-bsc/osmo-bsc.inc b/recipes-osmocom/osmo-bsc/osmo-bsc.inc index 50e8f9b..1c56123 100644 --- a/recipes-osmocom/osmo-bsc/osmo-bsc.inc +++ b/recipes-osmocom/osmo-bsc/osmo-bsc.inc @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=73f1eb20517c55bf9493b7dd6e480788" DEPENDS = "sqlite3 libpcap libosmocore libosmo-abis libosmo-sccp libosmo-netif osmo-mgw" -INC_PR="r2.${META_TELEPHONY_OSMO_INC}" +INC_PR="r3.${META_TELEPHONY_OSMO_INC}" inherit autotools pkgconfig systemd @@ -14,10 +14,14 @@ PACKAGECONFIG ??= "\ " PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_system_unitdir},--without-systemdsystemunitdir" -# StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): do_install_append() { + # StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): sed -i '/^StateDirectory=/d' "${D}${systemd_system_unitdir}/${PN}.service" sed -i '/^WorkingDirectory=/d' "${D}${systemd_system_unitdir}/${PN}.service" + + # Run as root (OS#5684): + sed -i '/^User=/d' "${D}${systemd_system_unitdir}/${PN}.service" + sed -i '/^Group=/d' "${D}${systemd_system_unitdir}/${PN}.service" } PACKAGES =+ "meas-utils ipaccess-utils bs11-utils abisip-find" diff --git a/recipes-osmocom/osmo-gbproxy/osmo-gbproxy.inc b/recipes-osmocom/osmo-gbproxy/osmo-gbproxy.inc index aff20fa..6c87dda 100644 --- a/recipes-osmocom/osmo-gbproxy/osmo-gbproxy.inc +++ b/recipes-osmocom/osmo-gbproxy/osmo-gbproxy.inc @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=73f1eb20517c55bf9493b7dd6e480788" DEPENDS = "libosmocore" -INC_PR="r1.${META_TELEPHONY_OSMO_INC}" +INC_PR="r2.${META_TELEPHONY_OSMO_INC}" inherit autotools pkgconfig systemd @@ -14,10 +14,14 @@ PACKAGECONFIG ??= "\ " PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_system_unitdir},--without-systemdsystemunitdir" -# StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): do_install_append() { + # StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): sed -i '/^StateDirectory=/d' "${D}${systemd_system_unitdir}/${PN}.service" sed -i '/^WorkingDirectory=/d' "${D}${systemd_system_unitdir}/${PN}.service" + + # Run as root (OS#5684): + sed -i '/^User=/d' "${D}${systemd_system_unitdir}/${PN}.service" + sed -i '/^Group=/d' "${D}${systemd_system_unitdir}/${PN}.service" } SYSTEMD_SERVICE_osmo-gbproxy = "osmo-gbproxy.service" diff --git a/recipes-osmocom/osmo-ggsn/osmo-ggsn.inc b/recipes-osmocom/osmo-ggsn/osmo-ggsn.inc index 58b93f0..276ac47 100644 --- a/recipes-osmocom/osmo-ggsn/osmo-ggsn.inc +++ b/recipes-osmocom/osmo-ggsn/osmo-ggsn.inc @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=8ca43cbc842c2336e835926c2166c28b" DEPENDS = "libosmocore" -INC_PR="r3.${META_TELEPHONY_OSMO_INC}" +INC_PR="r4.${META_TELEPHONY_OSMO_INC}" inherit autotools pkgconfig systemd @@ -14,10 +14,14 @@ PACKAGECONFIG ??= "\ " PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_system_unitdir},--without-systemdsystemunitdir" -# StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): do_install_append() { + # StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): sed -i '/^StateDirectory=/d' "${D}${systemd_system_unitdir}/${PN}.service" sed -i '/^WorkingDirectory=/d' "${D}${systemd_system_unitdir}/${PN}.service" + + # Run as root (OS#5684): + sed -i '/^User=/d' "${D}${systemd_system_unitdir}/${PN}.service" + sed -i '/^Group=/d' "${D}${systemd_system_unitdir}/${PN}.service" } PACKAGES =+ " libgtp libgtp-dev libgtp-staticdev osmo-sgsnemu" diff --git a/recipes-osmocom/osmo-hlr/osmo-hlr.inc b/recipes-osmocom/osmo-hlr/osmo-hlr.inc index 4229e7b..77b1c94 100644 --- a/recipes-osmocom/osmo-hlr/osmo-hlr.inc +++ b/recipes-osmocom/osmo-hlr/osmo-hlr.inc @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=73f1eb20517c55bf9493b7dd6e480788" DEPENDS = "libtalloc libosmocore libosmo-abis sqlite3 sqlite3-native" -INC_PR="r3.${META_TELEPHONY_OSMO_INC}" +INC_PR="r4.${META_TELEPHONY_OSMO_INC}" inherit autotools pkgconfig systemd @@ -21,6 +21,10 @@ do_install_append() { # StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): sed -i '/^StateDirectory=/d' "${D}${systemd_system_unitdir}/${PN}.service" sed -i '/^WorkingDirectory=/d' "${D}${systemd_system_unitdir}/${PN}.service" + + # Run as root (OS#5684): + sed -i '/^User=/d' "${D}${systemd_system_unitdir}/${PN}.service" + sed -i '/^Group=/d' "${D}${systemd_system_unitdir}/${PN}.service" } PACKAGECONFIG ??= "\ diff --git a/recipes-osmocom/osmo-hnbgw/osmo-hnbgw.inc b/recipes-osmocom/osmo-hnbgw/osmo-hnbgw.inc index 6bf01d3..c83ce12 100644 --- a/recipes-osmocom/osmo-hnbgw/osmo-hnbgw.inc +++ b/recipes-osmocom/osmo-hnbgw/osmo-hnbgw.inc @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=73f1eb20517c55bf9493b7dd6e480788" DEPENDS = "libosmocore libosmo-netif libosmo-sccp osmo-iuh libasn1c lksctp-tools osmo-mgw" -INC_PR="r1.${META_TELEPHONY_OSMO_INC}" +INC_PR="r2.${META_TELEPHONY_OSMO_INC}" # Workaround to oe-core meta/site/* CONFIG_SITE files passed to autoconf forcing unavailability of netinet/sctp.h. # Patch fixing issue upstream: https://patchwork.openembedded.org/patch/168892/ @@ -19,8 +19,13 @@ PACKAGECONFIG ??= "\ PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_system_unitdir},--without-systemdsystemunitdir" do_install_append() { + # StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): sed -i '/^StateDirectory=/d' "${D}${systemd_system_unitdir}/${PN}.service" sed -i '/^WorkingDirectory=/d' "${D}${systemd_system_unitdir}/${PN}.service" + + # Run as root (OS#5684): + sed -i '/^User=/d' "${D}${systemd_system_unitdir}/${PN}.service" + sed -i '/^Group=/d' "${D}${systemd_system_unitdir}/${PN}.service" } SYSTEMD_SERVICE_${PN} = "${PN}.service" diff --git a/recipes-osmocom/osmo-mgw/osmo-mgw.inc b/recipes-osmocom/osmo-mgw/osmo-mgw.inc index a9a60b4..5e740db 100644 --- a/recipes-osmocom/osmo-mgw/osmo-mgw.inc +++ b/recipes-osmocom/osmo-mgw/osmo-mgw.inc @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=73f1eb20517c55bf9493b7dd6e480788" DEPENDS = "libosmocore libosmo-netif" -INC_PR="r3.${META_TELEPHONY_OSMO_INC}" +INC_PR="r4.${META_TELEPHONY_OSMO_INC}" inherit autotools pkgconfig systemd @@ -14,10 +14,14 @@ PACKAGECONFIG ??= "\ " PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_system_unitdir},--without-systemdsystemunitdir" -# StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): do_install_append() { + # StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): sed -i '/^StateDirectory=/d' "${D}${systemd_system_unitdir}/${PN}.service" sed -i '/^WorkingDirectory=/d' "${D}${systemd_system_unitdir}/${PN}.service" + + # Run as root (OS#5684): + sed -i '/^User=/d' "${D}${systemd_system_unitdir}/${PN}.service" + sed -i '/^Group=/d' "${D}${systemd_system_unitdir}/${PN}.service" } PACKAGES =+ "libosmo-mgcp libosmo-mgcp-dev libosmo-mgcp-client libosmo-mgcp-client-dev" diff --git a/recipes-osmocom/osmo-msc/osmo-msc.inc b/recipes-osmocom/osmo-msc/osmo-msc.inc index c60fd07..23a762a 100644 --- a/recipes-osmocom/osmo-msc/osmo-msc.inc +++ b/recipes-osmocom/osmo-msc/osmo-msc.inc @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=73f1eb20517c55bf9493b7dd6e480788" DEPENDS = "libdbi libosmocore libosmo-abis libosmo-sccp libosmo-netif osmo-mgw osmo-hlr" -INC_PR="r3.${META_TELEPHONY_OSMO_INC}" +INC_PR="r4.${META_TELEPHONY_OSMO_INC}" inherit autotools pkgconfig systemd @@ -18,10 +18,14 @@ PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_system_unitdir}, PACKAGECONFIG[iu] = "--enable-iu,--disable-iu,libasn1c osmo-iuh," PACKAGECONFIG[smpp] = "--enable-smpp,--disable-smpp,libsmpp34," -# StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): do_install_append() { + # StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): sed -i '/^StateDirectory=/d' "${D}${systemd_system_unitdir}/${PN}.service" sed -i '/^WorkingDirectory=/d' "${D}${systemd_system_unitdir}/${PN}.service" + + # Run as root (OS#5684): + sed -i '/^User=/d' "${D}${systemd_system_unitdir}/${PN}.service" + sed -i '/^Group=/d' "${D}${systemd_system_unitdir}/${PN}.service" } RDEPENDS_${PN} = "libdbd-sqlite3" diff --git a/recipes-osmocom/osmo-pcap/osmo-pcap.inc b/recipes-osmocom/osmo-pcap/osmo-pcap.inc index 3f39103..e64ca88 100644 --- a/recipes-osmocom/osmo-pcap/osmo-pcap.inc +++ b/recipes-osmocom/osmo-pcap/osmo-pcap.inc @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=73f1eb20517c55bf9493b7dd6e480788" DEPENDS = "libosmocore zeromq libpcap gnutls" -INC_PR="r1.${META_TELEPHONY_OSMO_INC}" +INC_PR="r2.${META_TELEPHONY_OSMO_INC}" inherit autotools pkgconfig systemd @@ -14,12 +14,18 @@ PACKAGECONFIG ??= "\ " PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_system_unitdir},--without-systemdsystemunitdir" -# StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): do_install_append() { + # StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): sed -i '/^StateDirectory=/d' "${D}${systemd_system_unitdir}/osmo-pcap-server.service" sed -i '/^WorkingDirectory=/d' "${D}${systemd_system_unitdir}/osmo-pcap-server.service" sed -i '/^StateDirectory=/d' "${D}${systemd_system_unitdir}/osmo-pcap-client.service" sed -i '/^WorkingDirectory=/d' "${D}${systemd_system_unitdir}/osmo-pcap-client.service" + + # Run as root (OS#5684): + sed -i '/^User=/d' "${D}${systemd_system_unitdir}/osmo-pcap-server.service" + sed -i '/^Group=/d' "${D}${systemd_system_unitdir}/osmo-pcap-server.service" + sed -i '/^User=/d' "${D}${systemd_system_unitdir}/osmo-pcap-client.service" + sed -i '/^Group=/d' "${D}${systemd_system_unitdir}/osmo-pcap-client.service" } PACKAGES =+ "osmo-pcap-server osmo-pcap-client" diff --git a/recipes-osmocom/osmo-sgsn/osmo-sgsn.inc b/recipes-osmocom/osmo-sgsn/osmo-sgsn.inc index 9463047..2effb5d 100644 --- a/recipes-osmocom/osmo-sgsn/osmo-sgsn.inc +++ b/recipes-osmocom/osmo-sgsn/osmo-sgsn.inc @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=73f1eb20517c55bf9493b7dd6e480788" DEPENDS = "c-ares libosmocore libosmo-netif osmo-ggsn osmo-hlr" -INC_PR="r2.${META_TELEPHONY_OSMO_INC}" +INC_PR="r3.${META_TELEPHONY_OSMO_INC}" inherit autotools pkgconfig systemd @@ -16,12 +16,18 @@ PACKAGECONFIG ??= "\ PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_system_unitdir},--without-systemdsystemunitdir" PACKAGECONFIG[iu] = "--enable-iu,--disable-iu,libasn1c libosmo-sccp osmo-iuh," -# StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): do_install_append() { + # StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): sed -i '/^StateDirectory=/d' "${D}${systemd_system_unitdir}/osmo-sgsn.service" sed -i '/^WorkingDirectory=/d' "${D}${systemd_system_unitdir}/osmo-sgsn.service" sed -i '/^StateDirectory=/d' "${D}${systemd_system_unitdir}/osmo-gtphub.service" sed -i '/^WorkingDirectory=/d' "${D}${systemd_system_unitdir}/osmo-gtphub.service" + + # Run as root (OS#5684): + sed -i '/^User=/d' "${D}${systemd_system_unitdir}/osmo-sgsn.service" + sed -i '/^Group=/d' "${D}${systemd_system_unitdir}/osmo-sgsn.service" + sed -i '/^User=/d' "${D}${systemd_system_unitdir}/osmo-gtphub.service" + sed -i '/^Group=/d' "${D}${systemd_system_unitdir}/osmo-gtphub.service" } PACKAGES =+ "osmo-gtphub-doc osmo-gtphub" diff --git a/recipes-osmocom/osmo-sip-connector/osmo-sip-connector.inc b/recipes-osmocom/osmo-sip-connector/osmo-sip-connector.inc index 7aabf20..7056cc4 100644 --- a/recipes-osmocom/osmo-sip-connector/osmo-sip-connector.inc +++ b/recipes-osmocom/osmo-sip-connector/osmo-sip-connector.inc @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=ccdfc45f78d625db70e70ede679d5ce3" DEPENDS = "sofia-sip libosmocore" -INC_PR="r2.${META_TELEPHONY_OSMO_INC}" +INC_PR="r3.${META_TELEPHONY_OSMO_INC}" inherit autotools pkgconfig systemd @@ -14,10 +14,14 @@ PACKAGECONFIG ??= "\ " PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_system_unitdir},--without-systemdsystemunitdir" -# StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): do_install_append() { + # StateDirectory requires systemd >= v235, but poky pyro ships with v232 (SYS#6340): sed -i '/^StateDirectory=/d' "${D}${systemd_system_unitdir}/${PN}.service" sed -i '/^WorkingDirectory=/d' "${D}${systemd_system_unitdir}/${PN}.service" + + # Run as root (OS#5684): + sed -i '/^User=/d' "${D}${systemd_system_unitdir}/${PN}.service" + sed -i '/^Group=/d' "${D}${systemd_system_unitdir}/${PN}.service" } SYSTEMD_SERVICE_${PN} = "${PN}.service" |