diff options
author | Chris Severance | 2015-08-01 09:10:05 -0400 |
---|---|---|
committer | Chris Severance | 2015-08-01 09:10:05 -0400 |
commit | 4fa8c845e6133712ef2c71e448cf072e0056abe9 (patch) | |
tree | d181c7b1db4a6b0606dc6056b99c715c45034557 /PKGBUILD | |
parent | d77c11c1464c83e3205508188863e364cb8c55cf (diff) | |
download | aur-4fa8c845e6133712ef2c71e448cf072e0056abe9.tar.gz |
PKGBUILD improvements, run as non root
Diffstat (limited to 'PKGBUILD')
-rw-r--r-- | PKGBUILD | 126 |
1 files changed, 90 insertions, 36 deletions
@@ -1,46 +1,100 @@ -# Maintainer: Felix Yan <felixonmars@archlinux.org> +# Maintainer: Chris Severance aur.severach aATt spamgourmet dott com +# Maintainer: Paul Severance <paulseverance+aur@gmail.com> +# Contributor: Felix Yan <felixonmars@archlinux.org> # Contributor: Preston <pentie [at] gmail.com> -pkgname=newrelic-sysmond -pkgver=2.1.0.124 -pkgrel=1 -pkgdesc="system monitor services provided by newrelic" +# Install: https://docs.newrelic.com/docs/servers/new-relic-servers-linux/installation-configuration/servers-installation-other-linux +# source PKGBUILD +# Edit PKGBUILD.local and set your RUNAS user +# makepkg -scCfi +# Watch screen for Install instructions. + +# UnInstall cleanup: (as root) +# systemctl status newrelic-sysmond.service +# systemctl stop newrelic-sysmond.service +# systemctl disable newrelic-sysmond.service +# pacman -R newrelic-sysmond +# Sub in the username you picked into the following +# rm -rf '/var/log/newrelic' '/etc/newrelic' '/.newrelic' + +set -u +pkgname='newrelic-sysmond' +pkgver='2.1.0.124' +pkgrel='1' +pkgdesc='collect, monitor, and analyze critical server load metrics including CPU, memory, network, process, disk utilization and capacity' arch=('i686' 'x86_64') -url="http://newrelic.com/" -license=('non-free') -depends=('glibc' 'bash') +url='http://newrelic.com/' +license=('custom') +depends=('glibc' 'bash' 'grep' 'sed' 'awk' 'systemd') makedepends=('binutils') backup=('etc/newrelic/nrsysmond.cfg') -install=newrelic-sysmond.install -source=("http://download.newrelic.com/server_monitor/archive/${pkgver}/${pkgname}"-"${pkgver}"-"linux.tar.gz" - "newrelic-sysmond.service" - "newrelic-sysmond.install") +install="${pkgname}.install" +source=("http://download.newrelic.com/server_monitor/archive/${pkgver}/${pkgname}-${pkgver}-linux.tar.gz" + "${pkgname}.logrotate" + "${pkgname}.inst.sh" + "${pkgname}.service") -build() { - cd "$srcdir/$pkgname-$pkgver-linux" -} +sha256sums=('052e42d156e20f77e78f82372123eadf069ef2e5758a1184725a906ead551d9b' + '02d70a783e30a7b6f8c438b1bae5a57d37d2204d112ccca38eada2b9044a5ebe' + 'bcce083629dcd0827f86247872ee4b42dec2c51349b4cc10c0ce7619f94faf9f' + '7ec93da5ddf521cd1850f1ef491182d7363fd565db8697c33261d09300fab6af') package() { - cd "$srcdir/$pkgname-$pkgver-linux" - mkdir -p "$pkgdir"/usr/bin/ \ - "$pkgdir"/etc/newrelic/ \ - "$pkgdir"/etc/default/ \ - "$pkgdir"/usr/share/doc/newrelic/ \ - "$pkgdir"/usr/lib/systemd/system/; - - if [ $CARCH == i686 ]; then - install -v -Dm755 ./daemon/nrsysmond.x86 "$pkgdir"/usr/bin/nrsysmond - else - install -v -Dm755 ./daemon/nrsysmond.x64 "$pkgdir"/usr/bin/nrsysmond - fi - - install -v -Dm644 ./nrsysmond.cfg "$pkgdir"/etc/newrelic/ - install -v -Dm755 ./scripts/nrsysmond-config "$pkgdir"/usr/bin/ - install -v -Dm644 ./scripts/newrelic-sysmond.default.debian "$pkgdir"/etc/default/newrelic-sysmond - install -v -Dm644 INSTALL.txt LICENSE.txt "$pkgdir"/usr/share/doc/newrelic/ - install -v -Dm644 ../newrelic-sysmond.service "$pkgdir"/usr/lib/systemd/system/ + set -u + cd "${srcdir}/${pkgname}-${pkgver}-linux" + + install -dm770 "${pkgdir}/var/log/newrelic" # For some reason the daemon writes files with umask 000 + + case "${CARCH}" in + 'i686') install -Dpm755 'daemon/nrsysmond.x86' "${pkgdir}/usr/bin/nrsysmond";; + 'x86_64') install -Dpm755 'daemon/nrsysmond.x64' "${pkgdir}/usr/bin/nrsysmond";; + *)echo "${}";; + esac + + install -Dpm755 "${srcdir}/newrelic-sysmond.inst.sh" "${pkgdir}/usr/bin/newrelic-sysmond-inst" + + # The installer makes this file chmod 640. Anything in this file can be found + # with ps -ef, ls -l /etc/default, or cat newrelic-sysmond.service by any + # user so there's no reason to go through all the chmod hassle for a file + # that has nothing to hide. + install -dm750 "${pkgdir}/etc/newrelic" # The New Relic instructions say 600 but this is clearly wrong. + install -Dpm640 'nrsysmond.cfg' -t "${pkgdir}/etc/newrelic/" + sed -i -e '# Forward location of this setting' \ + -e 's:^#pidfile=.*$'":&\n# In Arch Linux this setting is found in /usr/lib/systemd/system/${pkgname}.service:g" \ + "${pkgdir}/etc/newrelic/nrsysmond.cfg" + install -Dpm755 'scripts/nrsysmond-config' -t "${pkgdir}/usr/bin/" + sed -i -e '# Our sed recognizes tab escape sequences' \ + -e 's:\t\]:\\t]:g' \ + "${pkgdir}/usr/bin/nrsysmond-config" + install -Dpm644 "scripts/${pkgname}.default.debian" "${pkgdir}/etc/default/${pkgname}" + sed -i -e "# Disable a setting we don't use" \ + -e 's;^nrdaemon=.*$'";# The nrdaemon is set by the Arch Linux package installer and cannot be changed here.\n#&;g" \ + -e '# Provide change requirements for RUNAS' \ + -e 's;^RUNAS=.*$'";#&\n# In Arch Linux the RUNAS setting is found in /usr/lib/systemd/system/${pkgname}.service as User=;g" \ + "${pkgdir}/etc/default/${pkgname}" + install -Dpm644 'INSTALL.txt' 'LICENSE.txt' -t "${pkgdir}/usr/share/doc/newrelic/" + install -Dpm644 "${srcdir}/${pkgname}.service" -t "${pkgdir}/usr/lib/systemd/system/" + sed -i -e "# Apply user group info" \ + -e "s;NEWRELIC_USER;${_opt_ASUSER};g" \ + "${pkgdir}/usr/lib/systemd/system/${pkgname}.service" + install -Dpm644 "${srcdir}/${pkgname}.logrotate" "${pkgdir}/etc/logrotate.d/${pkgname}" + + # Ensure there are no forbidden paths. Place at the end of package() and comment out as you find or need exceptions. (git-aurcheck) + #! grep -lr "/sbin" "${pkgdir}" || echo "${}" + ! grep -lr "/usr/tmp" "${pkgdir}" || echo "${}" + #! grep -lr "/usr/local" "${pkgdir}" || echo "${}" + #! pcregrep -lr "(?<!/usr)/bin" "${pkgdir}" || echo "${}" + ! test -d "${pkgdir}/usr/sbin" || echo "${}" + ! test -d "${pkgdir}/usr/local" || echo "${}" + set +u } -md5sums=('b18f27bec4c9e5a5cf524225e41a7d15' - 'f4ebc44c550896309d6121455a8669f3' - 'aa0022b03b291c97f5f4b3cb2d24104d') +[ ! -s 'PKGBUILD.local' ] && cat > 'PKGBUILD.local' << EOF +# Set your RUNAS user here +# root is insecure and unnecesary +# Default: newrelic +_opt_ASUSER='newrelic' +EOF +source 'PKGBUILD.local' + +set +u |