diff options
| author | rany | 2020-10-29 20:38:48 +0200 |
|---|---|---|
| committer | rany | 2020-10-29 20:38:48 +0200 |
| commit | 5c5b4bd444c85515bc5eb8343d2fde95eecb1674 (patch) | |
| tree | 7436a2b5a0ba9c4f057bebf9b683a18161bdc60c | |
| parent | d12e6df91ee844fc07da4c49bb809b8fa30ce195 (diff) | |
| download | aur-5c5b4bd444c85515bc5eb8343d2fde95eecb1674.tar.gz | |
more improvements to it
| -rw-r--r-- | .SRCINFO | 8 | ||||
| -rw-r--r-- | PKGBUILD | 12 | ||||
| -rw-r--r-- | popura.apparmor | 20 | ||||
| -rw-r--r-- | popura.defaults | 4 | ||||
| -rw-r--r-- | popura.service | 3 |
5 files changed, 41 insertions, 6 deletions
@@ -1,7 +1,7 @@ pkgbase = popura-git pkgdesc = Popura ポプラ: alternative Yggdrasil network client pkgver = 0.3.15+popura1 - pkgrel = 3 + pkgrel = 4 url = https://github.com/popura-network/Popura arch = i686 arch = x86_64 @@ -16,10 +16,14 @@ pkgbase = popura-git source = popura.sysusers source = popura-default-config.service source = popura.service + source = popura.defaults + source = popura.apparmor sha512sums = SKIP sha512sums = af276973744e079e6892d8ecdf2027ea265a05908f624f82da35d5bcc77a91ddeb458c4c3d07341aae42f003189201d3989cce5f87e184e472c1a23112cfe554 sha512sums = 449da220d0e7f502268adb302a2672315e37dc0a08a7923727eec6eb9f49fdc803ac0240508e62920edd826c6d294cec238485edebb5250228fa35eb20e544fb - sha512sums = c6fbc97bb7c372e6d6094a6826fdc03306ed7ba67bb7303567ad5d650dee34eead803c03bcf39a6a836b149fafbef5462d756aae3c1099ddaba6eb7b446e3274 + sha512sums = ab2d69471c6b9fb6ac85212057feda5159b74b88f0247e8af74e09092878cc75a112f0aad0d776df337ba348f521e1960c1ce1dbc6fe0ac50de96d1aea9e4a1a + sha512sums = 6a74ae04dc12987c246ad07bf04362e2b076939f3a91c9dff89dbbae9b443762b7dd39fb3aca46e028032fc4a3dd7910a9dfc9622e8c66d8e00862d6e9f5b9ce + sha512sums = 8912a0dcbd61d412303e584946e38a7d7771fee61202e2d70f693dbdbae2ea37b2a9d4f342c7b1c5c875c7fcd98225331aff4206ddc452d1feed45dbde21b382 pkgname = popura-git @@ -4,7 +4,7 @@ pkgname=popura-git _pkgname="popura" pkgver=0.3.15+popura1 _commit=42941caaf13472f1ecc0c675ae6059a857f3e60a -pkgrel=3 +pkgrel=4 pkgdesc="Popura ポプラ: alternative Yggdrasil network client" arch=('i686' 'x86_64' 'armv7h' 'armv6h' 'aarch64') url="https://github.com/popura-network/Popura" @@ -14,11 +14,15 @@ makedepends=('git' 'go') source=("popura::git+https://github.com/popura-network/Popura.git#commit=${_commit}" 'popura.sysusers' 'popura-default-config.service' - 'popura.service') + 'popura.service' + 'popura.defaults' + 'popura.apparmor') sha512sums=('SKIP' 'af276973744e079e6892d8ecdf2027ea265a05908f624f82da35d5bcc77a91ddeb458c4c3d07341aae42f003189201d3989cce5f87e184e472c1a23112cfe554' '449da220d0e7f502268adb302a2672315e37dc0a08a7923727eec6eb9f49fdc803ac0240508e62920edd826c6d294cec238485edebb5250228fa35eb20e544fb' - 'c6fbc97bb7c372e6d6094a6826fdc03306ed7ba67bb7303567ad5d650dee34eead803c03bcf39a6a836b149fafbef5462d756aae3c1099ddaba6eb7b446e3274') + 'ab2d69471c6b9fb6ac85212057feda5159b74b88f0247e8af74e09092878cc75a112f0aad0d776df337ba348f521e1960c1ce1dbc6fe0ac50de96d1aea9e4a1a' + '6a74ae04dc12987c246ad07bf04362e2b076939f3a91c9dff89dbbae9b443762b7dd39fb3aca46e028032fc4a3dd7910a9dfc9622e8c66d8e00862d6e9f5b9ce' + '8912a0dcbd61d412303e584946e38a7d7771fee61202e2d70f693dbdbae2ea37b2a9d4f342c7b1c5c875c7fcd98225331aff4206ddc452d1feed45dbde21b382') build() { cd "${srcdir}/${_pkgname}" @@ -39,4 +43,6 @@ package() { install -Dm644 "${srcdir}/popura.sysusers" "${pkgdir}/usr/lib/sysusers.d/popura.conf" install -Dm644 "${srcdir}/popura.service" -t "${pkgdir}/usr/lib/systemd/system" install -Dm644 "${srcdir}/popura-default-config.service" -t "${pkgdir}/usr/lib/systemd/system" + install -Dm644 "${srcdir}/popura.defaults" "${pkgdir}/etc/default/popura" + install -Dm644 "${srcdir}/popura.apparmor" "${pkgdir}/etc/apparmor.d/usr.bin.popura" } diff --git a/popura.apparmor b/popura.apparmor new file mode 100644 index 000000000000..ee386a741103 --- /dev/null +++ b/popura.apparmor @@ -0,0 +1,20 @@ +# Last Modified: Thu Oct 29 19:43:48 2020 +include <tunables/global> + +# vim:syntax=apparmor +# AppArmor policy for popura + + +/usr/bin/popura { + include <abstractions/base> + include <abstractions/nameservice> + + capability net_admin, + + /sys/kernel/mm/transparent_hugepage/hpage_pmd_size r, + owner /dev/net/tun rw, + owner /etc/popura.conf r, + owner /proc/sys/net/core/somaxconn r, + owner /run/yggdrasil.sock w, + +} diff --git a/popura.defaults b/popura.defaults new file mode 100644 index 000000000000..37d4b9044abd --- /dev/null +++ b/popura.defaults @@ -0,0 +1,4 @@ +# +# Here you could add additional options for popura +# +#popura_opts="-autopeer" diff --git a/popura.service b/popura.service index c793acf3c47e..d5bd58bce883 100644 --- a/popura.service +++ b/popura.service @@ -12,8 +12,9 @@ ProtectSystem=true SyslogIdentifier=popura CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW ExecStartPre=+-/sbin/modprobe tun -ExecStart=/usr/bin/popura -useconffile /etc/popura.conf +ExecStart=/usr/bin/popura -useconffile /etc/popura.conf $popura_opts ExecReload=/bin/kill -HUP $MAINPID +EnvironmentFile=-/etc/default/popura Restart=always TimeoutStopSec=5 |