From: =?utf-8?q?Ond=C5=99ej_Sur=C3=BD?= Date: Thu, 22 Dec 2016 11:05:31 +0100 Subject: Unhardcode most of the paths --- 01-dnssec-trigger.in | 2 +- Makefile.in | 41 +++++++++++++++++++++++---------------- configure.ac | 14 +++++++++++-- dnssec-trigger-script.in | 16 +++++++-------- dnssec-triggerd-keygen.service | 8 -------- dnssec-triggerd-keygen.service.in | 8 ++++++++ 6 files changed, 53 insertions(+), 36 deletions(-) delete mode 100644 dnssec-triggerd-keygen.service create mode 100644 dnssec-triggerd-keygen.service.in --- a/01-dnssec-trigger.in +++ b/01-dnssec-trigger.in @@ -23,7 +23,7 @@ # set PATH correctly instead of absolute paths to binaries PATH="@sbindir@:@bindir@:/sbin:/usr/sbin:/bin:/usr/bin" -state_dir="/var/run/dnssec-trigger" +state_dir="@rundir@/dnssec-trigger" validate_forward_zones="no" # implementation --- a/Makefile.in +++ b/Makefile.in @@ -52,10 +52,13 @@ keydir=@keydir@ uidir=@uidir@ pidfile=@pidfile@ +sysconfdir=@sysconfdir@ +rundir=@rundir@ login_command=@login_command@ login_location=@login_location@ check_updates=@check_updates@ unbound_control_path=@unbound_control_path@ +systemdsystemunitdir=@systemdsystemunitdir@ FWD_ZONES_SUPPORT=@FWD_ZONES_SUPPORT@ NMDISPATCHERCOMMAND=@NMDISPATCHERCOMMAND@ DATE=$(shell date +%F -r $(srcdir)/Changelog) @@ -64,10 +67,12 @@ -e 's,[@]PACKAGE[@],$(PACKAGE),g' \ -e 's,[@]VERSION[@],$(VERSION),g' \ -e 's,[@]PYTHON[@],$(PYTHON),g' \ + -e 's,[@]sysconfdir[@],$(sysconfdir),g' \ -e 's,[@]NMDISPATCHERCOMMAND[@],$(NMDISPATCHERCOMMAND),g' \ -e 's,[@]libexecdir[@],$(libexecdir),g' \ -e 's,[@]sbindir[@],$(sbindir),g' \ -e 's,[@]keydir[@],$(keydir),g' \ + -e 's,[@]rundir[@],$(rundir),g' \ -e 's,[@]pidfile[@],$(pidfile),g' \ -e 's,[@]unbound_control_path[@],$(unbound_control_path),g' \ -e 's,[@]login_command[@],$(login_command),g' \ @@ -188,7 +193,7 @@ @-if test ! -d $(dir $@); then $(INSTALL) -d $(patsubst %/,%,$(dir $@)); fi $Q$(COMPILE) -o $@ -c $< -all: $(COMMON_OBJ) dnssec-triggerd$(EXEEXT) dnssec-trigger-control$(EXEEXT) dnssec-trigger-control-setup $(makehook) $(makegui) example.conf dnssec-trigger.8 dnssec-triggerd.service +all: $(COMMON_OBJ) dnssec-triggerd$(EXEEXT) dnssec-trigger-control$(EXEEXT) dnssec-trigger-control-setup $(makehook) $(makegui) example.conf dnssec-trigger.8 dnssec-triggerd.service dnssec-triggerd-keygen.service test: test/json-test test/other-test @echo "Run tests!" @@ -227,6 +232,10 @@ rm -f $@ $(do_subst) < $(srcdir)/dnssec-triggerd.service.in > $@ +dnssec-triggerd-keygen.service: $(srcdir)/dnssec-triggerd-keygen.service.in Makefile + rm -f $@ + $(do_subst) < $(srcdir)/dnssec-triggerd-keygen.service.in > $@ + dnssec-trigger-panel.desktop: $(srcdir)/panel/dnssec-trigger-panel.desktop.in Makefile rm -f $@ $(do_subst) < $(srcdir)/panel/dnssec-trigger-panel.desktop.in > $@ @@ -362,7 +371,7 @@ -mv dnssec-trigger.tmpfiles.d.preserve dnssec-trigger.tmpfiles.d rm -f dnssec-trigger-panel$(EXEEXT) dnssec-triggerd$(EXEEXT) rm -f dnssec-trigger-control-setup dnssec-trigger-control$(EXEEXT) - rm -f 01-dnssec-trigger dnssec-trigger-script dnssec-trigger-osx.sh nl.nlnetlabs.dnssec-trigger-hook.plist dnssec-trigger-netconfig-hook example.conf nl.nlnetlabs.dnssec-triggerd.plist nl.nlnetlabs.dnssec-trigger-panel.plist dnssec-trigger-setdns.sh osx/osx-riggerapp dnssec-triggerd.service osx/RiggerStatusItem/RiggerStatusItem.xcodeproj/project.pbxproj + rm -f 01-dnssec-trigger dnssec-trigger-script dnssec-trigger-osx.sh nl.nlnetlabs.dnssec-trigger-hook.plist dnssec-trigger-netconfig-hook example.conf nl.nlnetlabs.dnssec-triggerd.plist nl.nlnetlabs.dnssec-trigger-panel.plist dnssec-trigger-setdns.sh osx/osx-riggerapp dnssec-triggerd.service dnssec-triggerd-keygen.service osx/RiggerStatusItem/RiggerStatusItem.xcodeproj/project.pbxproj rm -f dnssec-trigger-panel.desktop dnssec-trigger.8 dnssec-trigger-keygen$(EXEEXT) rm -rf autom4te.cache build osx/RiggerStatusItem/build @@ -402,11 +411,11 @@ networkmanager-hook-install: $(INSTALL) -m 755 -d $(DESTDIR)$(networkmanager_dispatcher_dir) - $(INSTALL) -m 755 -d $(DESTDIR)/etc + $(INSTALL) -m 755 -d $(DESTDIR)$(sysconfdir) $(INSTALL) -m 755 -d $(DESTDIR)$(systemdsystemunitdir) $(INSTALL) -c -m 755 01-dnssec-trigger $(DESTDIR)$(networkmanager_dispatcher_dir)/01-dnssec-trigger $(INSTALL) -c -m 755 dnssec-trigger-script $(DESTDIR)$(libexecdir)/dnssec-trigger-script - $(INSTALL) -c -m 644 dnssec.conf $(DESTDIR)/etc/dnssec.conf + $(INSTALL) -c -m 644 dnssec.conf $(DESTDIR)$(keydir)/dnssec.conf $(INSTALL) -c -m 644 dnssec-triggerd.service $(DESTDIR)$(systemdsystemunitdir)/dnssec-triggerd.service $(INSTALL) -c -m 644 dnssec-triggerd-keygen.service $(DESTDIR)$(systemdsystemunitdir)/dnssec-triggerd-keygen.service @@ -415,7 +424,7 @@ $(DESTDIR)$(sbindir)/dnssec-triggerd$(EXEEXT) -u rm -f $(DESTDIR)$(networkmanager_dispatcher_dir)/01-dnssec-trigger rm -f $(DESTDIR)$(libexecdir)/dnssec-trigger-script - rm -f $(DESTDIR)/etc/dnssec.conf + rm -f $(DESTDIR)$(keydir)/dnssec.conf rm -f $(DESTDIR)$(systemdsystemunitdir)/dnssec-triggerd.service rm -f $(DESTDIR)$(systemdsystemunitdir)/dnssec-triggerd-keygen.service @@ -485,13 +494,13 @@ $(INSTALL) -c -m 644 $(srcdir)/panel/status-icon-alert.png $(DESTDIR)$(uidir)/status-icon-alert.png $(INSTALL) -c -m 755 dnssec-trigger-panel$(EXEEXT) $(DESTDIR)$(bindir)/dnssec-trigger-panel$(EXEEXT) ifeq "$(APP_INDICATOR)" "yes" - $(INSTALL) -m 755 -d $(DESTDIR)/usr/share/icons/hicolor/scalable/apps - $(INSTALL) -m 755 -d $(DESTDIR)/usr/share/icons/hicolor/64x64/apps - $(INSTALL) -c -m 644 $(srcdir)/panel/status-icon.svg $(DESTDIR)/usr/share/icons/hicolor/scalable/apps/dnssec-trigger.svg - $(INSTALL) -c -m 644 $(srcdir)/panel/status-icon-alert.svg $(DESTDIR)/usr/share/icons/hicolor/scalable/apps/dnssec-trigger-alert.svg - $(INSTALL) -c -m 644 $(srcdir)/panel/status-icon.png $(DESTDIR)/usr/share/icons/hicolor/64x64/apps/dnssec-trigger.png - $(INSTALL) -c -m 644 $(srcdir)/panel/status-icon-alert.png $(DESTDIR)/usr/share/icons/hicolor/64x64/apps/dnssec-trigger-alert.png - gtk-update-icon-cache $(DESTDIR)/usr/share/icons/hicolor + $(INSTALL) -m 755 -d $(DESTDIR)$(datarootdir)/icons/hicolor/scalable/apps + $(INSTALL) -m 755 -d $(DESTDIR)$(datarootdir)/icons/hicolor/64x64/apps + $(INSTALL) -c -m 644 $(srcdir)/panel/status-icon.svg $(DESTDIR)$(datarootdir)/icons/hicolor/scalable/apps/dnssec-trigger.svg + $(INSTALL) -c -m 644 $(srcdir)/panel/status-icon-alert.svg $(DESTDIR)$(datarootdir)/icons/hicolor/scalable/apps/dnssec-trigger-alert.svg + $(INSTALL) -c -m 644 $(srcdir)/panel/status-icon.png $(DESTDIR)$(datarootdir)/icons/hicolor/64x64/apps/dnssec-trigger.png + $(INSTALL) -c -m 644 $(srcdir)/panel/status-icon-alert.png $(DESTDIR)$(datarootdir)/icons/hicolor/64x64/apps/dnssec-trigger-alert.png + gtk-update-icon-cache $(DESTDIR)$(datarootdir)/icons/hicolor endif if test -n "$(xdg_autostart_dir)"; then \ $(INSTALL) -m 755 -d $(DESTDIR)$(xdg_autostart_dir) ; \ @@ -503,11 +512,11 @@ rm -f $(DESTDIR)$(uidir)/status-icon.png rm -f $(DESTDIR)$(uidir)/status-icon-alert.png ifeq "$(APP_INDICATOR)" "yes" - rm -f $(DESTDIR)/usr/share/icons/hicolor/scalable/apps/dnssec-trigger.svg - rm -f $(DESTDIR)/usr/share/icons/hicolor/scalable/apps/dnssec-trigger-alert.svg - rm -f $(DESTDIR)/usr/share/icons/hicolor/64x64/apps/dnssec-trigger.png - rm -f $(DESTDIR)/usr/share/icons/hicolor/64x64/apps/dnssec-trigger-alert.png - gtk-update-icon-cache $(DESTDIR)/usr/share/icons/hicolor + rm -f $(DESTDIR)$(datarootdir)/icons/hicolor/scalable/apps/dnssec-trigger.svg + rm -f $(DESTDIR)$(datarootdir)/icons/hicolor/scalable/apps/dnssec-trigger-alert.svg + rm -f $(DESTDIR)$(datarootdir)/icons/hicolor/64x64/apps/dnssec-trigger.png + rm -f $(DESTDIR)$(datarootdir)/icons/hicolor/64x64/apps/dnssec-trigger-alert.png + gtk-update-icon-cache $(DESTDIR)$(datarootdir)/icons/hicolor endif if test -n "$(xdg_autostart_dir)"; then \ rm -f $(DESTDIR)$(xdg_autostart_dir)/dnssec-trigger-panel.desktop ; fi --- a/configure.ac +++ b/configure.ac @@ -236,6 +236,16 @@ AC_REPLACE_FUNCS(strlcpy) AC_REPLACE_FUNCS(memmove) +# rundir +rundir="${localstatedir}/run" +AC_ARG_WITH([rundir], AC_HELP_STRING([--with-rundir=path], + [Path to run-time variable data (pid, sockets...), defaults to LOCALSTATEDIR/run]), + , withval="") +if test -n "$withval"; then + rundir="$withval" +fi +AC_SUBST(rundir) + # systemd settings if pkg-config --exists systemd; then systemdsystemunitdir="`pkg-config --variable=systemdsystemunitdir systemd`" @@ -515,8 +525,8 @@ AC_SUBST(configfile) AC_ARG_WITH([pidfile], AC_HELP_STRING([--with-pidfile=path], -[set the pidfile to use, default /var/run/dnssec-trigger.pid]),, withval="") -pidfile="/var/run/dnssec-trigger.pid" +[set the pidfile to use, default RUNDIR/dnssec-trigger.pid]),, withval="") +pidfile="$rundir/dnssec-trigger.pid" if test -n "$withval"; then pidfile="$withval" fi --- a/dnssec-trigger-script.in +++ b/dnssec-trigger-script.in @@ -64,7 +64,7 @@ class Lock: """Lock used to serialize the script""" - path = "/var/run/dnssec-trigger/lock" + path = "@rundir@/dnssec-trigger/lock" def __init__(self): # We don't use os.makedirs(..., exist_ok=True) to ensure Python 2 compatibility @@ -83,7 +83,7 @@ class Config: """Global configuration options""" - path = "/etc/dnssec.conf" + path = "@keydir@/dnssec.conf" bool_options = { "debug": False, @@ -351,7 +351,7 @@ def __init__(self, name): self.name = name self.cache = set() - self.path = os.path.join("/var/run/dnssec-trigger", name) + self.path = os.path.join("@rundir@/dnssec-trigger", name) self.path_tmp = self.path + ".tmp" try: @@ -417,10 +417,10 @@ resolvconf_tmp = "/etc/.resolv.conf.dnssec-trigger" resolvconf_secure = "/etc/resolv-secure.conf" resolvconf_secure_tmp = "/etc/.resolv-secure.conf.dnssec-trigger" - resolvconf_backup = "/var/run/dnssec-trigger/resolv.conf.backup" - resolvconf_trigger = "/var/run/dnssec-trigger/resolv.conf" + resolvconf_backup = "@rundir@/dnssec-trigger/resolv.conf.backup" + resolvconf_trigger = "@rundir@/dnssec-trigger/resolv.conf" resolvconf_trigger_tmp = resolvconf_trigger + ".tmp" - resolvconf_networkmanager = "/var/run/NetworkManager/resolv.conf" + resolvconf_networkmanager = "@rundir@/NetworkManager/resolv.conf" resolvconf_localhost_contents = "# Generated by dnssec-trigger-script\nnameserver 127.0.0.1\n" @@ -597,10 +597,10 @@ unbound_zones = UnboundZoneConfig() # provide upgrade path for previous versions - old_zones = glob.glob("/var/run/dnssec-trigger/????????-????-????-????-????????????") + old_zones = glob.glob("/run/dnssec-trigger/????????-????-????-????-????????????") if old_zones: log.info("Reading zones from the legacy zone store") - with open("/var/run/dnssec-trigger/zones", "a") as target: + with open("/run/dnssec-trigger/zones", "a") as target: for filename in old_zones: with open(filename) as source: log.debug("Reading zones from {}".format(filename)) --- a/dnssec-triggerd-keygen.service +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=Generate keys and certificates for dnssec-trigger -ConditionPathExists=!/etc/dnssec-trigger/dnssec_trigger_control.key - -[Service] -Type=oneshot -ExecStart=/usr/sbin/dnssec-trigger-control-setup -d /etc/dnssec-trigger/ -RemainAfterExit=yes --- /dev/null +++ b/dnssec-triggerd-keygen.service.in @@ -0,0 +1,8 @@ +[Unit] +Description=Generate keys and certificates for dnssec-trigger +ConditionPathExists=!@keydir@/dnssec_trigger_control.key + +[Service] +Type=oneshot +ExecStart=/usr/sbin/dnssec-trigger-control-setup -d @keydir@ +RemainAfterExit=yes --- a/riggerd/reshook.c +++ b/riggerd/reshook.c @@ -256,7 +256,7 @@ win_set_resolv("127.0.0.1"); #else /* not on windows */ # ifndef HOOKS_OSX /* on Linux/BSD */ - if (system("/usr/libexec/dnssec-trigger-script --setup") == 0) + if (system(LIBEXEC_DIR"/dnssec-trigger-script --setup") == 0) return; if(really_set_to_localhost(cfg)) { @@ -285,7 +285,7 @@ char iplist[10240]; iplist[0] = 0; #else - if (system("/usr/libexec/dnssec-trigger-script --restore") == 0) + if (system(LIBEXEC_DIR"/dnssec-trigger-script --restore") == 0) return; #endif set_to_localhost = 0;