inspircd

A modular C++ IRC daemon (ircd). https://www.inspircd.org/
Log | Files | Refs | README

commit 59ddf1a456265da6d2303373a40ecc34e62a9073
parent 202ba7d76d2d89b61f82978a782c6bc8529ee8d4
Author: Peter Powell <petpow@saberuk.com>
Date:   Tue, 29 Jan 2019 01:35:00 +0000

Improve setting the gid/uid which will own files.

- Consistently set the gid/uid for all directories and files.
- Replace the obnoxious warning about root on `make install` with
  a friendlier warning whilst running configure.
- Always install the inspircd executable and modules.

Diffstat:
Mconfigure | 28++++++++++++++++++++++++++++
Mmake/template/main.mk | 55++++++++++++++++++++++---------------------------------
2 files changed, 50 insertions(+), 33 deletions(-)

diff --git a/configure b/configure @@ -207,6 +207,20 @@ if (defined $opt_gid) { } else { @group = $opt_system ? getgrnam('irc') : getgrgid($config{GID} // getgid()); print_error "you need to specify a group to run as using '--gid [id|name]'!" unless @group; + unless ($group[2]) { + print_warning <<"EOW"; +You are building as the privileged $group[0] group and have not specified +an unprivileged group to run InspIRCd as. + +This is almost never what you should do. You should probably either create a new +unprivileged user/group to build and run as or pass the '--gid [id|name]' flag +to specify an unprivileged group to run as. +EOW + if (!prompt_bool $interactive, "Are you sure you want to build as the $group[0] group?", 0) { + say STDERR "If you are sure you want to build as the $group[0] group pass the --gid $group[2] flag." unless $interactive; + exit 1; + } + } } $config{GROUP} = $group[0]; $config{GID} = $group[2]; @@ -219,6 +233,20 @@ if (defined $opt_uid) { } else { @user = $opt_system ? getpwnam('irc') : getpwuid($config{UID} // getuid()); print_error "you need to specify a user to run as using '--uid [id|name]'!" unless @user; + unless ($user[2]) { + print_warning <<"EOW"; +You are building as the privileged $user[0] user and have not specified +an unprivileged user to run InspIRCd as. + +This is almost never what you should do. You should probably either create a new +unprivileged user/group to build and run as or pass the '--uid [id|name]' flag +to specify an unprivileged user to run as. +EOW + if (!prompt_bool $interactive, "Are you sure you want to build as the $user[0] user?", 0) { + say STDERR "If you are sure you want to build as the $user[0] user pass the --uid $user[2] flag." unless $interactive; + exit 1; + } + } } $config{USER} = $user[0]; $config{UID} = $user[2]; diff --git a/make/template/main.mk b/make/template/main.mk @@ -47,7 +47,6 @@ DATPATH = "$(DESTDIR)@DATA_DIR@" BINPATH = "$(DESTDIR)@BINARY_DIR@" SCRPATH = "$(DESTDIR)@SCRIPT_DIR@" INSTALL = install -INSTUID = @UID@ INSTMODE_DIR = 0750 INSTMODE_BIN = 0750 INSTMODE_LIB = 0640 @@ -199,42 +198,32 @@ finishmessage: target @echo "*************************************" install: target - @if [ "$(INSTUID)" = 0 -o "$(INSTUID)" = root ]; then \ - echo ""; \ - echo "Error: You must specify a non-root UID for the server"; \ - echo ""; \ - echo "If you are making a package, please specify using ./configure --uid"; \ - echo "Otherwise, rerun using 'make INSTUID=irc install', where 'irc' is the user"; \ - echo "who will be running the ircd. You will also need to modify the start script."; \ - echo ""; \ - exit 1; \ - fi - @-$(INSTALL) -d -o $(INSTUID) -m $(INSTMODE_DIR) $(BASE) - @-$(INSTALL) -d -o $(INSTUID) -m $(INSTMODE_DIR) $(DATPATH) - @-$(INSTALL) -d -o $(INSTUID) -m $(INSTMODE_DIR) $(LOGPATH) - @-$(INSTALL) -d -m $(INSTMODE_DIR) $(BINPATH) - @-$(INSTALL) -d -m $(INSTMODE_DIR) $(CONPATH)/examples/services - @-$(INSTALL) -d -m $(INSTMODE_DIR) $(CONPATH)/examples/sql - @-$(INSTALL) -d -m $(INSTMODE_DIR) $(MANPATH) - @-$(INSTALL) -d -m $(INSTMODE_DIR) $(MODPATH) - @-$(INSTALL) -d -m $(INSTMODE_DIR) $(SCRPATH) - [ "$(BUILDPATH)/bin/" -ef $(BINPATH) ] || $(INSTALL) -m $(INSTMODE_BIN) "$(BUILDPATH)/bin/inspircd" $(BINPATH) - [ "$(BUILDPATH)/modules/" -ef $(MODPATH) ] || $(INSTALL) -m $(INSTMODE_LIB) "$(BUILDPATH)/modules/"*.so $(MODPATH) - -$(INSTALL) -m $(INSTMODE_BIN) @CONFIGURE_DIRECTORY@/inspircd $(SCRPATH) 2>/dev/null - -$(INSTALL) -m $(INSTMODE_LIB) .gdbargs $(SCRPATH)/.gdbargs 2>/dev/null + @-$(INSTALL) -d -g @GID@ -o @UID@ -m $(INSTMODE_DIR) $(BASE) + @-$(INSTALL) -d -g @GID@ -o @UID@ -m $(INSTMODE_DIR) $(DATPATH) + @-$(INSTALL) -d -g @GID@ -o @UID@ -m $(INSTMODE_DIR) $(LOGPATH) + @-$(INSTALL) -d -g @GID@ -o @UID@ -m $(INSTMODE_DIR) $(BINPATH) + @-$(INSTALL) -d -g @GID@ -o @UID@ -m $(INSTMODE_DIR) $(CONPATH)/examples/services + @-$(INSTALL) -d -g @GID@ -o @UID@ -m $(INSTMODE_DIR) $(CONPATH)/examples/sql + @-$(INSTALL) -d -g @GID@ -o @UID@ -m $(INSTMODE_DIR) $(MANPATH) + @-$(INSTALL) -d -g @GID@ -o @UID@ -m $(INSTMODE_DIR) $(MODPATH) + @-$(INSTALL) -d -g @GID@ -o @UID@ -m $(INSTMODE_DIR) $(SCRPATH) + -$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_BIN) "$(BUILDPATH)/bin/inspircd" $(BINPATH) + -$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_LIB) "$(BUILDPATH)/modules/"*.so $(MODPATH) + -$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_BIN) @CONFIGURE_DIRECTORY@/inspircd $(SCRPATH) 2>/dev/null + -$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_LIB) .gdbargs $(SCRPATH)/.gdbargs 2>/dev/null ifeq ($(SYSTEM), darwin) - -$(INSTALL) -m $(INSTMODE_BIN) @CONFIGURE_DIRECTORY@/org.inspircd.plist $(SCRPATH) 2>/dev/null + -$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_BIN) @CONFIGURE_DIRECTORY@/org.inspircd.plist $(SCRPATH) 2>/dev/null endif ifeq ($(SYSTEM), linux) - -$(INSTALL) -m $(INSTMODE_LIB) @CONFIGURE_DIRECTORY@/inspircd.service $(SCRPATH) 2>/dev/null + -$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_LIB) @CONFIGURE_DIRECTORY@/inspircd.service $(SCRPATH) 2>/dev/null endif - -$(INSTALL) -m $(INSTMODE_LIB) @CONFIGURE_DIRECTORY@/inspircd.1 $(MANPATH) 2>/dev/null - -$(INSTALL) -m $(INSTMODE_LIB) @CONFIGURE_DIRECTORY@/inspircd-genssl.1 $(MANPATH) 2>/dev/null - -$(INSTALL) -m $(INSTMODE_BIN) tools/genssl $(BINPATH)/inspircd-genssl 2>/dev/null - -$(INSTALL) -m $(INSTMODE_LIB) docs/conf/*.example $(CONPATH)/examples - -$(INSTALL) -m $(INSTMODE_LIB) docs/conf/services/*.example $(CONPATH)/examples/services - -$(INSTALL) -m $(INSTMODE_LIB) docs/sql/*.sql $(CONPATH)/examples/sql - -$(INSTALL) -m $(INSTMODE_LIB) *.pem $(CONPATH) 2>/dev/null + -$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_LIB) @CONFIGURE_DIRECTORY@/inspircd.1 $(MANPATH) 2>/dev/null + -$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_LIB) @CONFIGURE_DIRECTORY@/inspircd-genssl.1 $(MANPATH) 2>/dev/null + -$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_BIN) tools/genssl $(BINPATH)/inspircd-genssl 2>/dev/null + -$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_LIB) docs/conf/*.example $(CONPATH)/examples + -$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_LIB) docs/conf/services/*.example $(CONPATH)/examples/services + -$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_LIB) docs/sql/*.sql $(CONPATH)/examples/sql + -$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_LIB) *.pem $(CONPATH) 2>/dev/null @echo "" @echo "*************************************" @echo "* INSTALL COMPLETE! *"