diff options
author | Severin Glöckner | 2018-12-26 16:30:34 +0100 |
---|---|---|
committer | Severin Glöckner | 2018-12-26 16:30:34 +0100 |
commit | e400d9a2ad501bd4764ec2162aeaf3ba8149d720 (patch) | |
tree | 188bacaf4e24867e339ee7643535653968efdfac | |
parent | 13fab7d93cb6604216e218464745bdd491eb1a00 (diff) | |
download | aur-e400d9a2ad501bd4764ec2162aeaf3ba8149d720.tar.gz |
extend service file
-rw-r--r-- | .SRCINFO | 2 | ||||
-rw-r--r-- | PKGBUILD | 16 | ||||
-rw-r--r-- | wesnothd-1.6.service | 34 |
3 files changed, 35 insertions, 17 deletions
@@ -29,7 +29,7 @@ pkgbase = wesnoth-1.6 source = wesnoth-1.6.appdata.xml md5sums = 99f136647c5af1820d0132df08350965 md5sums = ec9cab718ba96b7a4c85c224f6b747c3 - md5sums = c537d69cb8338594a606ebbc93cbd00e + md5sums = bb74eacfd1de53ab13a5fe8ae93c146d md5sums = 1018b1fae1a65d49bed1094ba0280d87 pkgname = wesnoth-1.6 @@ -23,12 +23,12 @@ source=("wesnoth-1.6.desktop" "wesnothd-1.6.tmpfiles.conf" "wesnothd-1.6.service" "wesnoth-1.6.appdata.xml") -# Not finding the files? https://aur.archlinux.org/packages/wesnoth-1.6/ +# Not finding the files? https://aur.archlinux.org/packages/wesnoth-1.6 # Rest assured, they are optional. Things like a launcher for your convenience… md5sums=('99f136647c5af1820d0132df08350965' 'ec9cab718ba96b7a4c85c224f6b747c3' - 'c537d69cb8338594a606ebbc93cbd00e' + 'bb74eacfd1de53ab13a5fe8ae93c146d' '1018b1fae1a65d49bed1094ba0280d87') PKGEXT='.pkg.tar' @@ -55,7 +55,9 @@ build() { # It's a convention to use /usr/local when installing by hand, it allows you # to keep easier track of what was installed. - # Feel free to replace ALL occurences of /usr with /usr/local below. + # Feel free to replace ALL occurences of /usr with /usr/local in the commands + # below, and edit the start command in the file wesnothd-1.6.service. + rm -rf build && mkdir -p build && cd build cmake ../wesnoth-1.6-git \ -DCMAKE_INSTALL_PREFIX=/usr \ @@ -78,6 +80,8 @@ build() { # For the Archlinux package this is no problem because the files are installed # into the empty $pkgdir, and it's content is copied later to the system. +# Thes commands below have to be run with root privileges. +# E.g. by prefixing them with "sudo ". package() { cd build @@ -103,12 +107,8 @@ package() { install -D -m644 "$srcdir/wesnoth-1.6.appdata.xml" "$pkgdir/usr/share/metainfo/wesnoth-1.6.appdata.xml" - # On other Linux systems, use /etc instead of /usr/lib for the files below + # On other Linux systems, use /etc instead of /usr/lib for the two files below install -D -m644 "$srcdir/wesnothd-1.6.tmpfiles.conf" "$pkgdir/usr/lib/tmpfiles.d/wesnothd-1.6.conf" - - # On Debian / Ubuntu / Mint, edit the file and change: - # Group=nobody to Group=nogroup - # /usr/bin/rm to /bin/rm install -D -m644 "$srcdir/wesnothd-1.6.service" "$pkgdir/usr/lib/systemd/system/wesnothd-1.6.service" # All done, but it doesn't show up? Try that: diff --git a/wesnothd-1.6.service b/wesnothd-1.6.service index 31cb9b2577f7..0dd6a9fbf089 100644 --- a/wesnothd-1.6.service +++ b/wesnothd-1.6.service @@ -3,22 +3,40 @@ Description=Wesnoth-1.6 Server Daemon Documentation=https://www.wesnoth.org/wiki/ServerAdministration Documentation=man:wesnothd-1.6(6) After=network.target -# They use by default the same port +# They use by default the same port. The -p option can be used to change it. Conflicts=wesnothd.service wesnothd-1.0.servicewesnothd-1.2.service wesnothd-1.4.service wesnothd-1.8.service wesnothd-1.10.service wesnothd-1.12.service wesnothd-1.14.service wesnothd-devel.service wesnothd-git.service [Service] +# If wesnothd is started from within the game it runs under a different user. +# Deleting the pipe resets owner, group and mode. +ExecStopPre=/bin/rm -f /run/wesnothd-1.4/socket + ExecStart=/usr/bin/wesnothd-1.6 -t 2 -T 5 -# you can use -c to specify the same configuration file -# which is used when starting wensothd from the wesnoth UI -# (and make sure wesnothd has the required access permissions) +# You can use -c to specify a same configuration file +# (and make sure wesnothd has the required access permissions). SyslogIdentifier=Wesnothd-1.6 User=nobody -Group=nobody -ExecStopPost=/usr/bin/rm -f /run/wesnothd-1.6/socket +Group=users + +# Remove remaining administration pipe: +ExecStopPost=/bin/rm -f /run/wesnothd-1.6/socket -# Additional security-related features -ProtectSystem=yes +# Additional security-related features: +ProtectSystem=strict +ProtectHome=yes +# When specifying with the -c option a file in the home directory, +# set ProtectHome=read-only and whitelist the directory or file with +# ReadWritePaths. +ReadWritePaths=/run/wesnothd-1.6 +InaccessiblePaths=/usr/include +InaccessiblePaths=/usr/src +InaccessiblePaths=/boot +InaccessiblePaths=/media +InaccessiblePaths=/mnt +InaccessiblePaths=/srv +InaccessiblePaths=/opt +InaccessiblePaths=/var PrivateTmp=yes PrivateDevices=yes NoNewPrivileges=yes |