diff options
| author | Xiretza | 2020-10-27 14:34:30 +0100 |
|---|---|---|
| committer | Xiretza | 2020-10-27 14:34:30 +0100 |
| commit | 66b5a3ca323e1979d66f212bd524bed93922e742 (patch) | |
| tree | e73ff7ee6df64794327bccb174cad11550da30de | |
| parent | 7dedb8e05e38af704b29627db0ecbfcd70f7467c (diff) | |
| download | aur-66b5a3ca323e1979d66f212bd524bed93922e742.tar.gz | |
Update for latest upstream, harden daemon
| -rw-r--r-- | .SRCINFO | 16 | ||||
| -rw-r--r-- | PKGBUILD | 49 | ||||
| -rw-r--r-- | openelp.service | 31 | ||||
| -rw-r--r-- | openelp.sysusers | 1 | ||||
| -rw-r--r-- | openelp.tmpfiles | 1 |
5 files changed, 72 insertions, 26 deletions
@@ -1,7 +1,7 @@ pkgbase = openelp-git pkgdesc = An open source EchoLink proxy for Linux and Windows - pkgver = r54.0d1a16e - pkgrel = 2 + pkgver = 0.8.0.r4.g9f017b1 + pkgrel = 1 url = https://github.com/cottsay/openelp arch = i686 arch = x86_64 @@ -9,14 +9,20 @@ pkgbase = openelp-git license = BSD makedepends = git makedepends = cmake - makedepends = pcre2 makedepends = doxygen depends = pcre2 - provides = openelp + depends = openssl + provides = openelp=0.8.0.r4.g9f017b1 conflicts = openelp backup = etc/ELProxy.conf source = openelp::git+https://github.com/cottsay/openelp - md5sums = SKIP + source = openelp.service + source = openelp.sysusers + source = openelp.tmpfiles + sha256sums = SKIP + sha256sums = 65bc8b1958a8eabdc4550e7601e171223ee78b89de8499a1aec65b6c2a73c429 + sha256sums = fb6aaac6ce857159d6646376951f67414a24c6eb45e19473e4b6ea1947b7c1d7 + sha256sums = 298c89d12fa8a8ce171dd88da2e66859442b31c6b419d0e124b1883d9f80eaa6 pkgname = openelp-git @@ -1,43 +1,50 @@ # Maintainer: xiretza <xiretza+aur@gmail.com> _pkgname=openelp -pkgname=${_pkgname}-git -pkgver=r54.0d1a16e -pkgrel=2 +pkgname=$_pkgname-git +pkgver=0.8.0.r4.g9f017b1 +pkgrel=1 pkgdesc="An open source EchoLink proxy for Linux and Windows" arch=(i686 x86_64 armv7h) url="https://github.com/cottsay/openelp" license=('BSD') -depends=(pcre2) -makedepends=(git cmake pcre2 doxygen) -provides=("${_pkgname}") -conflicts=("${_pkgname}") +depends=(pcre2 openssl) +makedepends=(git cmake doxygen) +provides=("$_pkgname=$pkgver") +conflicts=("$_pkgname") replaces=() backup=(etc/ELProxy.conf) -source=("${_pkgname}::git+${url}") -md5sums=('SKIP') +source=("$_pkgname::git+${url}" + "$_pkgname.service" + "$_pkgname.sysusers" + "$_pkgname.tmpfiles") +sha256sums=('SKIP' + '65bc8b1958a8eabdc4550e7601e171223ee78b89de8499a1aec65b6c2a73c429' + 'fb6aaac6ce857159d6646376951f67414a24c6eb45e19473e4b6ea1947b7c1d7' + '298c89d12fa8a8ce171dd88da2e66859442b31c6b419d0e124b1883d9f80eaa6') pkgver() { cd "$srcdir/${_pkgname}" - printf "r%s.%s" "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)" + git describe --long --tags | sed 's/^v//;s/\([^-]*-g\)/r\1/;s/-/./g' } build() { - cd "$srcdir/${_pkgname}" - mkdir -p build - cd build - cmake -D CMAKE_INSTALL_PREFIX=/usr .. - make + cmake -B build -S "$_pkgname" \ + -DCMAKE_BUILD_TYPE=None \ + -DCMAKE_INSTALL_PREFIX=/usr \ + -DSYSCONF_INSTALL_DIR=/etc + make -C build } check() { - cd "$srcdir/${_pkgname}/build" - make -k check + make -C build -k check } package() { - cd "$srcdir/${_pkgname}/build" - make DESTDIR="$pkgdir/" install - chmod go-r "$pkgdir/etc/ELProxy.conf" - install -Dt "$pkgdir/usr/share/licenses/$pkgname/" ../LICENSE + make -C build DESTDIR="$pkgdir/" install + chmod 0640 "$pkgdir/etc/ELProxy.conf" + install -Dt "$pkgdir/usr/share/licenses/$pkgname/" "$_pkgname/LICENSE" + install -Dt "$pkgdir/usr/lib/systemd/system/" "$_pkgname.service" + install -D "$_pkgname.sysusers" "$pkgdir/usr/lib/sysusers.d/$_pkgname.conf" + install -D "$_pkgname.tmpfiles" "$pkgdir/usr/lib/tmpfiles.d/$_pkgname.conf" } diff --git a/openelp.service b/openelp.service new file mode 100644 index 000000000000..a1fb67cacace --- /dev/null +++ b/openelp.service @@ -0,0 +1,31 @@ +[Unit] +Description=Open Source EchoLink Proxy +After=network.target nss-lookup.target +ConditionPathExists=/etc/ELProxy.conf + +[Service] +PrivateTmp=true +PrivateUsers=true +ProtectSystem=strict +ProtectHome=true +PrivateDevices=true +ProtectKernelTunables=true +ProtectKernelModules=true +ProtectKernelLogs=true +ProtectControlGroups=true +RestrictNamespaces=true +NoNewPrivileges=true +MemoryDenyWriteExecute=true +LockPersonality=true +SystemCallFilter=@system-service +RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 +ProtectHostname=true + +Type=forking + +User=openelp +Group=openelp +ExecStart=/usr/bin/openelpd -S /etc/ELProxy.conf + +[Install] +WantedBy=multi-user.target diff --git a/openelp.sysusers b/openelp.sysusers new file mode 100644 index 000000000000..68f41a4c44a9 --- /dev/null +++ b/openelp.sysusers @@ -0,0 +1 @@ +u openelp - "OpenELP daemon user" diff --git a/openelp.tmpfiles b/openelp.tmpfiles new file mode 100644 index 000000000000..daa43e6a7484 --- /dev/null +++ b/openelp.tmpfiles @@ -0,0 +1 @@ +z /etc/ELProxy.conf - - openelp |