net/nut: Fix '/var/run' world readable warning
Use /var/run/nut as statepath and set appropriate owner and permissions on /var/run/nut in order to avoid pidfile for nut being world-readable. Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
This commit is contained in:
Daniel Dickinson
parent
c94e334c4e
commit
c00d89593e
3 changed files with 17 additions and 5 deletions
|
|
@ -506,7 +506,7 @@ CONFIGURE_ARGS += \
|
|||
--without-freeipmi \
|
||||
--$(if $(CONFIG_NUT_SSL),with,without)-ssl $(if $(CONFIG_NUT_SSL),--with-openssl) \
|
||||
--without-libltdl \
|
||||
--with-statepath=/var/run \
|
||||
--with-statepath=/var/run/nut \
|
||||
--with-drvpath=/lib/nut \
|
||||
--with-user=root \
|
||||
--with-group=root
|
||||
|
|
|
|||
|
|
@ -143,9 +143,6 @@ nut_upsmon_add() {
|
|||
}
|
||||
|
||||
start_service() {
|
||||
[ -d $RUN_D ] || mkdir -p $RUN_D
|
||||
mkdir -p /var/etc/nut
|
||||
chmod 640 /var/etc/nut
|
||||
rm -f $UPSMON_C
|
||||
|
||||
config_load nut_monitor
|
||||
|
|
@ -159,6 +156,11 @@ start_service() {
|
|||
chmod 640 $UPSMON_C
|
||||
chmod 640 /var/etc/nut/nut.conf
|
||||
|
||||
[ -d /var/run/nut ] || {
|
||||
mkdir -m 0750 -p /var/run/nut
|
||||
chown ${runas:-root}:$(id -gn ${runas:-root}) /var/run/nut
|
||||
}
|
||||
|
||||
chown ${runas:-root}:$(id -gn ${runas:-root}) $UPSMON_C
|
||||
$DEBUG /usr/sbin/upsmon $UPSMON_OPTIONS
|
||||
}
|
||||
|
|
|
|||
|
|
@ -22,6 +22,11 @@ listen_address() {
|
|||
echo "LISTEN $address $port" >>$UPSD_C
|
||||
}
|
||||
|
||||
upsd_statepath() {
|
||||
local cfg="$1"
|
||||
config_get statepath "$cfg" statepath
|
||||
}
|
||||
|
||||
upsd_config() {
|
||||
local cfg="$1"
|
||||
local maxage maxconn certfile
|
||||
|
|
@ -116,6 +121,10 @@ start_service() {
|
|||
chmod 0640 $UPS_C
|
||||
chmod 0640 $UPSD_C
|
||||
chmod 0640 /var/etc/nut/nut.conf
|
||||
[ -d "${statepath:-/var/run/nut}" ] || {
|
||||
mkdir -m 0750 -p "${statepath:-/var/run/nut}"
|
||||
chown $runas:$(id -gn $runas) "${statepath:-/var/run/nut}"
|
||||
}
|
||||
|
||||
if [ -n "$runas" ]; then
|
||||
chown -R $runas:$(id -gn $runas) /var/etc/nut
|
||||
|
|
@ -134,12 +143,13 @@ nut_driver_stop() {
|
|||
|
||||
config_get driver "$cfg" driver
|
||||
|
||||
[ -r /var/run/$driver-$cfg ] && /usr/sbin/upsdrvctl stop $cfg
|
||||
[ -r ${statepath:-/var/run/nut}/$driver-$cfg ] && /usr/sbin/upsdrvctl stop $cfg
|
||||
}
|
||||
|
||||
stop_service() {
|
||||
[ -r $PID_F ] && /usr/sbin/upsd -c stop
|
||||
config_load ups
|
||||
config_foreach upsd_statepath upsd
|
||||
config_foreach nut_driver_stop driver
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue