From d91e5faed323c0e1b36b9319180576a12b9f2dea Mon Sep 17 00:00:00 2001 From: Alarig Le Lay Date: Sun, 12 Apr 2020 14:48:22 +0200 Subject: [PATCH] net-misc/bird: Adding user (non-root) support Package-Manager: Portage-2.3.89, Repoman-2.3.20 Signed-off-by: Alarig Le Lay --- net-misc/bird/bird-2.0.7-r1.ebuild | 37 ++++++++++++++++++++++-------- net-misc/bird/files/confd-bird-2 | 9 ++++++++ net-misc/bird/files/initd-bird-2 | 9 +++++++- 3 files changed, 45 insertions(+), 10 deletions(-) create mode 100644 net-misc/bird/files/confd-bird-2 diff --git a/net-misc/bird/bird-2.0.7-r1.ebuild b/net-misc/bird/bird-2.0.7-r1.ebuild index 7f5ff82..850e08f 100644 --- a/net-misc/bird/bird-2.0.7-r1.ebuild +++ b/net-misc/bird/bird-2.0.7-r1.ebuild @@ -3,7 +3,7 @@ EAPI=7 -inherit eutils +inherit fcaps DESCRIPTION="A routing daemon implementing OSPF, RIPv2 & BGP for IPv4 & IPv6" HOMEPAGE="https://bird.network.cz" @@ -14,13 +14,23 @@ SLOT="0" KEYWORDS="~amd64 ~arm64 ~x86 ~x64-macos" IUSE="+client debug libssh" -RDEPEND="client? ( sys-libs/ncurses ) +RDEPEND=" + client? ( sys-libs/ncurses ) client? ( sys-libs/readline ) - libssh? ( net-libs/libssh )" + filecaps? ( + acct-group/bird + acct-user/bird + ) + libssh? ( net-libs/libssh ) +" DEPEND="sys-devel/flex sys-devel/bison sys-devel/m4" +PATCHES=( + "${FILESDIR}/ipv6-rpki-${PV}.patch" +) + src_configure() { econf \ --localstatedir="${EPREFIX}/var" \ @@ -29,17 +39,26 @@ src_configure() { $(use_enable libssh) } -src_prepare() { - eapply "${FILESDIR}/ipv6-rpki-${PV}.patch" - eapply_user -} - src_install() { if use client; then dobin birdc fi dobin birdcl dosbin bird - newinitd "${FILESDIR}/initd-${PN}-2" bird + newinitd "${FILESDIR}/initd-${PN}-2" ${PN} + newconfd "${FILESDIR}/confd-${PN}-2" ${PN} dodoc doc/bird.conf.example } + +FILECAPS=( + CAP_NET_ADMIN usr/sbin/bird + CAP_NET_BIND_SERVICE usr/sbin/bird + CAP_NET_RAW usr/sbin/bird +) + +pkg_postinst() { + use filecaps && \ + einfo "If you want to run bird as non-root, edit" + einfo "'${EROOT}/etc/conf.d/bird' and set BIRD_GROUP and BIRD_USER with" + einfo "the wanted username." +} diff --git a/net-misc/bird/files/confd-bird-2 b/net-misc/bird/files/confd-bird-2 new file mode 100644 index 0000000..a2dc3ed --- /dev/null +++ b/net-misc/bird/files/confd-bird-2 @@ -0,0 +1,9 @@ +# /etc/init.d/bird + +# Options to pass to the bird process +# See https://bird.network.cz/?get_doc&v=20&f=bird-1.html#ss1.3 +# BIRD_GROUP and BIRD_USER will be appended to BIRD_OPTS + +#BIRD_GROUP="bird" +#BIRD_USER="bird" +#BIRD_OPTS="" diff --git a/net-misc/bird/files/initd-bird-2 b/net-misc/bird/files/initd-bird-2 index 83f85ea..7066e0b 100755 --- a/net-misc/bird/files/initd-bird-2 +++ b/net-misc/bird/files/initd-bird-2 @@ -12,8 +12,15 @@ retry=15 CONF_FILE="/etc/${RC_SVCNAME}.conf" SOCK="/run/${RC_SVCNAME}.ctl" +if [ ${BIRD_GROUP} ]; then + BIRD_OPTS="${BIRD_OPTS} -g ${BIRD_GROUP}" +fi +if [ ${BIRD_USER} ]; then + BIRD_OPTS="${BIRD_OPTS} -u ${BIRD_USER}" +fi + client_args="-s ${SOCK}" -command_args="${client_args} -c ${CONF_FILE} -P ${pidfile}" +command_args="${client_args} -c ${CONF_FILE} ${BIRD_OPTS}" client_args="${client_args} -r" depend() {