LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
Browse Source

net/nut: Fix '/var/run' world readable warning 

Use /var/run/nut as statepath and set appropriate owner
and permissions on /var/run/nut in order to avoid pidfile
for nut being world-readable.

Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
lilik-openwrt-22.03
Daniel Dickinson 8 years ago
parent
c94e334c4e
commit
c00d89593e
3 changed files with 17 additions and 5 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      net/nut/Makefile
  2. +5
    -3
      net/nut/files/nut-monitor.init
  3. +11
    -1
      net/nut/files/nut-server.init

+ 1
- 1
net/nut/Makefile View File

@ -506,7 +506,7 @@ CONFIGURE_ARGS += \
--without-freeipmi \
--$(if $(CONFIG_NUT_SSL),with,without)-ssl $(if $(CONFIG_NUT_SSL),--with-openssl) \
--without-libltdl \
--with-statepath=/var/run \
--with-statepath=/var/run/nut \
--with-drvpath=/lib/nut \
--with-user=root \
--with-group=root


+ 5
- 3
net/nut/files/nut-monitor.init View File

@ -143,9 +143,6 @@ nut_upsmon_add() {
}
start_service() {
[ -d $RUN_D ] || mkdir -p $RUN_D
mkdir -p /var/etc/nut
chmod 640 /var/etc/nut
rm -f $UPSMON_C
config_load nut_monitor
@ -159,6 +156,11 @@ start_service() {
chmod 640 $UPSMON_C
chmod 640 /var/etc/nut/nut.conf
[ -d /var/run/nut ] || {
mkdir -m 0750 -p /var/run/nut
chown ${runas:-root}:$(id -gn ${runas:-root}) /var/run/nut
}
chown ${runas:-root}:$(id -gn ${runas:-root}) $UPSMON_C
$DEBUG /usr/sbin/upsmon $UPSMON_OPTIONS
}


+ 11
- 1
net/nut/files/nut-server.init View File

@ -22,6 +22,11 @@ listen_address() {
echo "LISTEN $address $port" >>$UPSD_C
}
upsd_statepath() {
local cfg="$1"
config_get statepath "$cfg" statepath
}
upsd_config() {
local cfg="$1"
local maxage maxconn certfile
@ -116,6 +121,10 @@ start_service() {
chmod 0640 $UPS_C
chmod 0640 $UPSD_C
chmod 0640 /var/etc/nut/nut.conf
[ -d "${statepath:-/var/run/nut}" ] || {
mkdir -m 0750 -p "${statepath:-/var/run/nut}"
chown $runas:$(id -gn $runas) "${statepath:-/var/run/nut}"
}
if [ -n "$runas" ]; then
chown -R $runas:$(id -gn $runas) /var/etc/nut
@ -134,12 +143,13 @@ nut_driver_stop() {
config_get driver "$cfg" driver
[ -r /var/run/$driver-$cfg ] && /usr/sbin/upsdrvctl stop $cfg
[ -r ${statepath:-/var/run/nut}/$driver-$cfg ] && /usr/sbin/upsdrvctl stop $cfg
}
stop_service() {
[ -r $PID_F ] && /usr/sbin/upsd -c stop
config_load ups
config_foreach upsd_statepath upsd
config_foreach nut_driver_stop driver
}


Write Preview
Loading…
Cancel
Save