* [gentoo-dev] [PATCH 1/2] acct-group/suricata: new group for GID 477
@ 2019-12-11 13:45 Marek Szuba
2019-12-11 13:45 ` [gentoo-dev] [PATCH 2/2] acct-user/suricata: new user for UID 477 Marek Szuba
0 siblings, 1 reply; 4+ messages in thread
From: Marek Szuba @ 2019-12-11 13:45 UTC (permalink / raw
To: gentoo-dev
Package-Manager: Portage-2.3.79, Repoman-2.3.16
Signed-off-by: Marek Szuba <marecki@gentoo.org>
---
acct-group/suricata/metadata.xml | 8 ++++++++
acct-group/suricata/suricata-0.ebuild | 9 +++++++++
2 files changed, 17 insertions(+)
create mode 100644 acct-group/suricata/metadata.xml
create mode 100644 acct-group/suricata/suricata-0.ebuild
diff --git a/acct-group/suricata/metadata.xml b/acct-group/suricata/metadata.xml
new file mode 100644
index 00000000000..3e5026ee375
--- /dev/null
+++ b/acct-group/suricata/metadata.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="person">
+ <email>marecki@gentoo.org</email>
+ <name>Marek Szuba</name>
+ </maintainer>
+</pkgmetadata>
diff --git a/acct-group/suricata/suricata-0.ebuild b/acct-group/suricata/suricata-0.ebuild
new file mode 100644
index 00000000000..11ead7b3086
--- /dev/null
+++ b/acct-group/suricata/suricata-0.ebuild
@@ -0,0 +1,9 @@
+# Copyright 2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit acct-group
+
+DESCRIPTION="Group for Suricata IDS"
+ACCT_GROUP_ID=477
--
2.23.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [gentoo-dev] [PATCH 2/2] acct-user/suricata: new user for UID 477
2019-12-11 13:45 [gentoo-dev] [PATCH 1/2] acct-group/suricata: new group for GID 477 Marek Szuba
@ 2019-12-11 13:45 ` Marek Szuba
2019-12-11 13:54 ` Michael Orlitzky
0 siblings, 1 reply; 4+ messages in thread
From: Marek Szuba @ 2019-12-11 13:45 UTC (permalink / raw
To: gentoo-dev
Package-Manager: Portage-2.3.79, Repoman-2.3.16
Signed-off-by: Marek Szuba <marecki@gentoo.org>
---
acct-user/suricata/metadata.xml | 8 ++++++++
acct-user/suricata/suricata-0.ebuild | 14 ++++++++++++++
2 files changed, 22 insertions(+)
create mode 100644 acct-user/suricata/metadata.xml
create mode 100644 acct-user/suricata/suricata-0.ebuild
diff --git a/acct-user/suricata/metadata.xml b/acct-user/suricata/metadata.xml
new file mode 100644
index 00000000000..3e5026ee375
--- /dev/null
+++ b/acct-user/suricata/metadata.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="person">
+ <email>marecki@gentoo.org</email>
+ <name>Marek Szuba</name>
+ </maintainer>
+</pkgmetadata>
diff --git a/acct-user/suricata/suricata-0.ebuild b/acct-user/suricata/suricata-0.ebuild
new file mode 100644
index 00000000000..015bea8d022
--- /dev/null
+++ b/acct-user/suricata/suricata-0.ebuild
@@ -0,0 +1,14 @@
+# Copyright 2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit acct-user
+
+DESCRIPTION="User for Suricata IDS"
+ACCT_USER_ID=477
+ACCT_USER_HOME=/var/lib/suricata
+ACCT_USER_HOME_PERMS=0750
+ACCT_USER_GROUPS=( suricata )
+
+acct-user_add_deps
--
2.23.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [gentoo-dev] [PATCH 2/2] acct-user/suricata: new user for UID 477
2019-12-11 13:45 ` [gentoo-dev] [PATCH 2/2] acct-user/suricata: new user for UID 477 Marek Szuba
@ 2019-12-11 13:54 ` Michael Orlitzky
2019-12-12 23:49 ` Marek Szuba
0 siblings, 1 reply; 4+ messages in thread
From: Michael Orlitzky @ 2019-12-11 13:54 UTC (permalink / raw
To: gentoo-dev
On 12/11/19 8:45 AM, Marek Szuba wrote:
> +ACCT_USER_HOME=/var/lib/suricata
> +ACCT_USER_HOME_PERMS=0750
Please don't set these unless it's absolutely necessary. The rationale
for this has finally been committed to the devmanual, but has yet to be
pushed to the website. In the meantime it's here:
> http://michael.orlitzky.com/articles/gentoo_glep81_user_package_guidelines.xhtml
In all likelihood it's the package that needs /var/lib/suricata and not
the user, so you should create it in the package ebuild.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [gentoo-dev] [PATCH 2/2] acct-user/suricata: new user for UID 477
2019-12-11 13:54 ` Michael Orlitzky
@ 2019-12-12 23:49 ` Marek Szuba
0 siblings, 0 replies; 4+ messages in thread
From: Marek Szuba @ 2019-12-12 23:49 UTC (permalink / raw
To: gentoo-dev
On 2019-12-11 13:54, Michael Orlitzky wrote:
>> +ACCT_USER_HOME=/var/lib/suricata
>> +ACCT_USER_HOME_PERMS=0750
>
> Please don't set these unless it's absolutely necessary. The rationale
> for this has finally been committed to the devmanual, but has yet to be
> pushed to the website. In the meantime it's here:
>
>> http://michael.orlitzky.com/articles/gentoo_glep81_user_package_guidelines.xhtml
Thank you for this detailed explanation! As far as I can tell there is
indeed no need for this user to have a home directory other than that's
the way it was done in old Suricata ebuilds - so I'll just drop these
two lines (and also use $PN as the name of the primary group) from the
final commit.
--
MS
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-12-12 23:49 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-12-11 13:45 [gentoo-dev] [PATCH 1/2] acct-group/suricata: new group for GID 477 Marek Szuba
2019-12-11 13:45 ` [gentoo-dev] [PATCH 2/2] acct-user/suricata: new user for UID 477 Marek Szuba
2019-12-11 13:54 ` Michael Orlitzky
2019-12-12 23:49 ` Marek Szuba
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox