diff options
| author |  Christian Hesse <mail@eworm.de> | 2018-07-04 13:59:24 +0200 |
|---|---|---|
| committer | Christian Hesse <mail@eworm.de> | 2018-07-04 16:19:34 +0200 |
| commit | a834db5dc933a4b48c8323ae3e490448a86b448f (patch) | |
| tree | 7fb8f9a7ac526633999ee47adb6f533cec3d7e5a | |
| parent | ad79ff8b22318c22eb25a157d5e2a210afa77de6 (diff) | |
| download | pacredir-a834db5dc933a4b48c8323ae3e490448a86b448f.tar.gz pacredir-a834db5dc933a4b48c8323ae3e490448a86b448f.tar.zst | |
use private bind mounts for pacserve, remove pacdbservesystemd-v233
We want just one service to serve database files and package archives.
Private bind mounts make both available to pacserve. This alse removes
some complexity in pacredir.
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | Makefile | 17 | ||||
| -rw-r--r-- | README.md | 4 | ||||
| -rw-r--r-- | avahi/pacdbserve.service.in | 15 | ||||
| -rw-r--r-- | avahi/pacserve.service.in | 2 | ||||
| -rw-r--r-- | config.def.h | 6 | ||||
| -rw-r--r-- | initcpio/hooks/pacredir | 19 | ||||
| -rw-r--r-- | pacredir.c | 90 | ||||
| -rw-r--r-- | pacredir.conf | 3 | ||||
| -rw-r--r-- | pacredir.h | 3 | ||||
| -rw-r--r-- | systemd/pacdbserve.service | 14 | ||||
| -rw-r--r-- | systemd/pacredir.service | 1 | ||||
| -rw-r--r-- | systemd/pacserve.service | 7 | ||||
| -rw-r--r-- | systemd/tmpfiles.conf | 2 |
14 files changed, 46 insertions, 138 deletions
@@ -3,7 +3,6 @@ arch pacredir config.h -avahi/pacdbserve.service avahi/pacserve.service README.html version.h @@ -30,7 +30,7 @@ ID := $(shell grep 'ID=' < /etc/os-release | cut -d= -f2) # a release tarball... VERSION := 0.3.3 -all: pacredir avahi/pacdbserve.service avahi/pacserve.service README.html +all: pacredir avahi/pacserve.service README.html pacredir: pacredir.c pacredir.h config.h version.h $(CC) $(CFLAGS) $(CFLAGS_EXTRA) $(LDFLAGS) -DREPRODUCIBLE=$(REPRODUCIBLE) -DARCH=\"$(ARCH)\" -DID=\"$(ID)\" -o pacredir pacredir.c @@ -41,28 +41,23 @@ config.h: version.h: $(wildcard .git/HEAD .git/index .git/refs/tags/*) Makefile printf "#ifndef VERSION\n#define VERSION \"%s\"\n#endif\n" $(shell git describe --long 2>/dev/null || echo ${VERSION}) > $@ -avahi/pacdbserve.service: avahi/pacdbserve.service.in - $(SED) 's/%ARCH%/$(ARCH)/;s/%ID%/$(ID)/' avahi/pacdbserve.service.in > avahi/pacdbserve.service - avahi/pacserve.service: avahi/pacserve.service.in - $(SED) 's/%ID%/$(ID)/' avahi/pacserve.service.in > avahi/pacserve.service + $(SED) 's/%ARCH%/$(ARCH)/;s/%ID%/$(ID)/' avahi/pacserve.service.in > avahi/pacserve.service README.html: README.md $(MD) README.md > README.html install: install-bin install-doc -install-bin: pacredir avahi/pacdbserve.service avahi/pacserve.service +install-bin: pacredir avahi/pacserve.service $(INSTALL) -D -m0755 pacredir $(DESTDIR)$(PREFIX)/bin/pacredir $(LN) -s darkhttpd $(DESTDIR)$(PREFIX)/bin/pacserve - $(LN) -s darkhttpd $(DESTDIR)$(PREFIX)/bin/pacdbserve $(INSTALL) -D -m0644 pacredir.conf $(DESTDIR)/etc/pacredir.conf $(INSTALL) -D -m0644 pacman/pacredir $(DESTDIR)/etc/pacman.d/pacredir $(INSTALL) -D -m0644 avahi/pacserve.service $(DESTDIR)/etc/avahi/services/pacserve.service - $(INSTALL) -D -m0644 avahi/pacdbserve.service $(DESTDIR)/etc/avahi/services/pacdbserve.service - $(INSTALL) -D -m0644 systemd/pacdbserve.service $(DESTDIR)$(PREFIX)/lib/systemd/system/pacdbserve.service $(INSTALL) -D -m0644 systemd/pacredir.service $(DESTDIR)$(PREFIX)/lib/systemd/system/pacredir.service $(INSTALL) -D -m0644 systemd/pacserve.service $(DESTDIR)$(PREFIX)/lib/systemd/system/pacserve.service + $(INSTALL) -D -m0644 systemd/tmpfiles.conf $(DESTDIR)$(PREFIX)/lib/tmpfiles.d/pacserve.conf $(INSTALL) -D -m0644 initcpio/hooks/pacredir $(DESTDIR)$(PREFIX)/lib/initcpio/hooks/pacredir $(INSTALL) -D -m0644 initcpio/install/pacredir $(DESTDIR)$(PREFIX)/lib/initcpio/install/pacredir $(INSTALL) -D -m0644 dhcpcd/80-pacredir $(DESTDIR)$(PREFIX)/lib/dhcpcd/dhcpcd-hooks/80-pacredir @@ -73,10 +68,10 @@ install-doc: README.html $(INSTALL) -D -m0644 README.html $(DESTDIR)$(PREFIX)/share/doc/pacredir/README.html clean: - $(RM) -f *.o *~ pacredir avahi/pacdbserve.service avahi/pacserve.service README.html version.h + $(RM) -f *.o *~ pacredir avahi/pacserve.service README.html version.h distclean: - $(RM) -f *.o *~ pacredir avahi/pacdbserve.service avahi/pacserve.service README.html version.h config.h + $(RM) -f *.o *~ pacredir avahi/pacserve.service README.html version.h config.h release: git archive --format=tar.xz --prefix=pacredir-$(VERSION)/ $(VERSION) > pacredir-$(VERSION).tar.xz @@ -48,8 +48,8 @@ Additionally systemd service files are installed to Usage ----- -Enable systemd services `pacserve`, `pacdbserve` and `pacredir`, open TCP -ports `7078` and `7079` and add the following line to your repository +Enable systemd services `pacserve` and `pacredir`, open TCP +port `7078` and add the following line to your repository definitions in `pacman.conf`: > Include = /etc/pacman.d/pacredir diff --git a/avahi/pacdbserve.service.in b/avahi/pacdbserve.service.in deleted file mode 100644 index 106bc28..0000000 --- a/avahi/pacdbserve.service.in +++ /dev/null @@ -1,15 +0,0 @@ -<?xml version="1.0" standalone='no'?><!--*-nxml-*--> -<!DOCTYPE service-group SYSTEM "avahi-service.dtd"> - -<!-- See avahi.service(5) for more information about this configuration file --> - -<service-group> - - <name replace-wildcards="yes">%h</name> - - <service> - <type>_pacdbserve_%ID%_%ARCH%._tcp</type> - <port>7079</port> - </service> - -</service-group> diff --git a/avahi/pacserve.service.in b/avahi/pacserve.service.in index 2da20f7..4a39e6d 100644 --- a/avahi/pacserve.service.in +++ b/avahi/pacserve.service.in @@ -8,7 +8,7 @@ <name replace-wildcards="yes">%h</name> <service> - <type>_pacserve_%ID%._tcp</type> + <type>_pacserve_%ID%_%ARCH%._tcp</type> <port>7078</port> </service> diff --git a/config.def.h b/config.def.h index 00a4955..a11028b 100644 --- a/config.def.h +++ b/config.def.h @@ -22,14 +22,12 @@ #define PAGE404 "<html><head><title>404 Not Found</title>" \ "</head><body>404 Not Found: %s</body></html>" -/* the ports pacredir, pacserve and pacdbserve listen to */ +/* the ports pacredir and pacserve listen to */ #define PORT_PACREDIR 7077 #define PORT_PACSERVE 7078 -#define PORT_PACDBSERVE 7079 /* avahi service names */ -#define PACSERVE "_pacserve_" ID "._tcp" -#define PACDBSERVE "_pacdbserve_" ID "_" ARCH "._tcp" +#define PACSERVE "_pacserve_" ID "_" ARCH "._tcp" /* path to the config file */ #define CONFIGFILE "/etc/pacredir.conf" diff --git a/initcpio/hooks/pacredir b/initcpio/hooks/pacredir index 5f8d560..c73bb8e 100644 --- a/initcpio/hooks/pacredir +++ b/initcpio/hooks/pacredir @@ -4,24 +4,17 @@ run_latehook() { local newroot="/new_root/" if ! grep -q '^pacserve hosts' ${newroot}/etc/pacredir.conf; then - if [[ -n "${pacserve}" ]]; then - msg ":: Adding pacserve host '${pacserve}' to pacredir.conf..." - echo "pacserve hosts = ${pacserve}" >> ${newroot}/etc/pacredir.conf - fi - fi - - if ! grep -q '^pacdbserve hosts' ${newroot}/etc/pacredir.conf; then case $(uname -m) in x86_64) - if [[ -n "${pacdbserve_x86_64}" ]]; then - msg ":: Adding pacdbserve host '${pacdbserve_x86_64}' to pacredir.conf..." - echo "pacdbserve hosts = ${pacdbserve_x86_64}" >> ${newroot}/etc/pacredir.conf + if [[ -n "${pacserve_x86_64}" ]]; then + msg ":: Adding pacserve host '${pacserve_x86_64}' to pacredir.conf..." + echo "pacserve hosts = ${pacserve_x86_64}" >> ${newroot}/etc/pacredir.conf fi ;; i686) - if [[ -n "${pacdbserve_i686}" ]]; then - msg ":: Adding pacdbserve host '${pacdbserve_i686}' to pacredir.conf..." - echo "pacdbserve hosts = ${pacdbserve_i686}" >> ${newroot}/etc/pacredir.conf + if [[ -n "${pacserve_i686}" ]]; then + msg ":: Adding pacserve host '${pacserve_i686}' to pacredir.conf..." + echo "pacserve hosts = ${pacserve_i686}" >> ${newroot}/etc/pacredir.conf fi ;; esac @@ -47,22 +47,25 @@ char * get_fqdn(const char * hostname, const char * domainname) { } /*** get_url ***/ -char * get_url(const char * hostname, AvahiProtocol proto, const char * address, const uint16_t port, const char * uri) { - const char * host; +char * get_url(const char * hostname, AvahiProtocol proto, const char * address, const uint16_t port, const uint8_t dbfile, const char * uri) { + const char * host, * dir; char * url; - host = (*address ? address : hostname); + host = *address ? address : hostname; + + dir = dbfile ? "db" : "pkg"; url = malloc(10 /* static chars of an url & null char */ + strlen(host) + 5 /* max strlen of decimal 16bit value */ + 2 /* square brackets for IPv6 address */ + + 4 /* extra dir */ + strlen(uri)); if (*address != 0 && proto == AVAHI_PROTO_INET6) - sprintf(url, "http://[%s]:%d/%s", address, port, uri); + sprintf(url, "http://[%s]:%d/%s/%s", address, port, dir, uri); else - sprintf(url, "http://%s:%d/%s", host, port, uri); + sprintf(url, "http://%s:%d/%s/%s", host, port, dir, uri); return url; } @@ -97,11 +100,6 @@ int add_host(const char * host, AvahiProtocol proto, const char * address, const tmphosts->pacserve.badtime = 0; tmphosts->pacserve.badcount = 0; - tmphosts->pacdbserve.port = 0; - tmphosts->pacdbserve.online = 0; - tmphosts->pacdbserve.badtime = 0; - tmphosts->pacdbserve.badcount = 0; - tmphosts->next = malloc(sizeof(struct hosts)); tmphosts->next->host = NULL; tmphosts->next->next = NULL; @@ -111,19 +109,13 @@ update: if (address != NULL) memcpy(tmphosts->address, address, AVAHI_ADDRESS_STR_MAX); - if (strcmp(type, PACSERVE) == 0) { - tmphosts->pacserve.online = 1; - tmphosts->pacserve.port = port; - request.service = &tmphosts->pacserve; - } else if (strcmp(type, PACDBSERVE) == 0) { - tmphosts->pacdbserve.online = 1; - tmphosts->pacdbserve.port = port; - request.service = &tmphosts->pacdbserve; - } + tmphosts->pacserve.online = 1; + tmphosts->pacserve.port = port; + request.service = &tmphosts->pacserve; /* do a first request and let get_http_code() set the bad status */ request.host = tmphosts->host; - request.url = get_url(request.host, tmphosts->proto, tmphosts->address, request.service->port, ""); + request.url = get_url(request.host, tmphosts->proto, tmphosts->address, request.service->port, 0, ""); request.http_code = 0; request.last_modified = 0; get_http_code(&request); @@ -141,11 +133,7 @@ int remove_host(const char * host, AvahiProtocol proto, const char * type) { if (verbose > 0) write_log(stdout, "Marking service %s on host %s (%s) offline\n", type, host, avahi_proto_to_string(proto)); - if (strcmp(type, PACSERVE) == 0) { - tmphosts->pacserve.online = 0; - } else if (strcmp(type, PACDBSERVE) == 0) { - tmphosts->pacdbserve.online = 0; - } + tmphosts->pacserve.online = 0; break; } tmphosts = tmphosts->next; @@ -189,7 +177,7 @@ static void resolve_callback(AvahiServiceResolver *r, write_log(stdout, "Found service %s on host %s (%s) on interface %s\n", type, host, ipaddress, intname); - add_host(host, protocol, ipaddress, strcmp(type, PACSERVE) == 0 ? PORT_PACSERVE : PORT_PACDBSERVE, type); + add_host(host, protocol, ipaddress, PORT_PACSERVE, type); break; } @@ -438,14 +426,14 @@ static int ahc_echo(void * cls, /* try to find a server with most recent file */ while (tmphosts->host != NULL) { - struct services *service = (dbfile ? &tmphosts->pacdbserve : &tmphosts->pacserve); + struct services *service = &tmphosts->pacserve; time_t badtime = service->badtime + service->badcount * BADTIME; /* skip host if offline or had a bad request within last BADTIME seconds */ if (service->online == 0) { if (verbose > 0) write_log(stdout, "Service %s on host %s is offline, skipping\n", - dbfile ? PACDBSERVE : PACSERVE, tmphosts->host); + PACSERVE, tmphosts->host); tmphosts = tmphosts->next; continue; } else if (badtime > tv.tv_sec) { @@ -455,7 +443,7 @@ static int ahc_echo(void * cls, ctime[strlen(ctime) - 1] = '\0'; write_log(stdout, "Service %s on host %s is marked bad until %s, skipping\n", - dbfile ? PACDBSERVE : PACSERVE, tmphosts->host, ctime); + PACSERVE, tmphosts->host, ctime); } tmphosts = tmphosts->next; continue; @@ -485,11 +473,8 @@ static int ahc_echo(void * cls, /* prepare request struct */ request->host = tmphosts->host; - if (dbfile == 1) - request->service = &(tmphosts->pacdbserve); - else - request->service = &(tmphosts->pacserve); - request->url = get_url(tmphosts->host, tmphosts->proto, tmphosts->address, request->service->port, basename); + request->service = &(tmphosts->pacserve); + request->url = get_url(tmphosts->host, tmphosts->proto, tmphosts->address, request->service->port, dbfile, basename); request->http_code = 0; request->last_modified = 0; @@ -609,8 +594,6 @@ void sighup_callback(int signal) { while (tmphosts->host != NULL) { tmphosts->pacserve.badtime = 0; tmphosts->pacserve.badcount = 0; - tmphosts->pacdbserve.badtime = 0; - tmphosts->pacdbserve.badcount = 0; tmphosts = tmphosts->next; } } @@ -624,7 +607,7 @@ int main(int argc, char ** argv) { uint16_t port; struct ignore_interfaces * tmp_ignore_interfaces; AvahiClient *client = NULL; - AvahiServiceBrowser *pacserve = NULL, *pacdbserve = NULL; + AvahiServiceBrowser *pacserve = NULL; int error, i, ret = 1; struct MHD_Daemon * mhd; struct hosts * tmphosts; @@ -674,15 +657,13 @@ int main(int argc, char ** argv) { hosts->host = NULL; hosts->pacserve.online = 0; hosts->pacserve.badtime = 0; - hosts->pacdbserve.online = 0; - hosts->pacdbserve.badtime = 0; hosts->next = NULL; ignore_interfaces = malloc(sizeof(struct ignore_interfaces)); ignore_interfaces->interface = NULL; ignore_interfaces->next = NULL; - /* Probing for static pacserve and pacdbserve hosts takes some time. + /* Probing for static pacserve hosts takes some time. * Receiving a SIGHUP at this time could kill us. So register signal * SIGHUP here before probing. */ signal(SIGHUP, sighup_callback); @@ -758,25 +739,6 @@ int main(int argc, char ** argv) { free(values); } - /* add static pacdbserve hosts */ - if ((inistring = iniparser_getstring(ini, "general:pacdbserve hosts", NULL)) != NULL) { - values = strdup(inistring); - value = strtok(values, DELIMITER); - while (value != NULL) { - if (verbose > 0) - write_log(stdout, "Adding static pacdbserve host: %s\n", value); - - if (strchr(value, ':') != NULL) { - port = atoi(strchr(value, ':') + 1); - *strchr(value, ':') = 0; - } else - port = PORT_PACDBSERVE; - add_host(value, AVAHI_PROTO_UNSPEC, NULL, port, PACDBSERVE); - value = strtok(NULL, DELIMITER); - } - free(values); - } - /* done reading config file, free */ iniparser_freedict(ini); } @@ -800,13 +762,6 @@ int main(int argc, char ** argv) { goto fail; } - /* create the service browser for PACDBSERVE */ - if ((pacdbserve = avahi_service_browser_new(client, AVAHI_IF_UNSPEC, - use_proto, PACDBSERVE, NULL, 0, browse_callback, client)) == NULL) { - write_log(stderr, "Failed to create service browser: %s\n", avahi_strerror(avahi_client_errno(client))); - goto fail; - } - /* prepare struct to make microhttpd listen on localhost only */ address.sin_family = AF_INET; address.sin_port = htons(PORT_PACREDIR); @@ -861,9 +816,6 @@ fail: ignore_interfaces = tmp_ignore_interfaces; } - if (pacdbserve) - avahi_service_browser_free(pacdbserve); - if (pacserve) avahi_service_browser_free(pacserve); diff --git a/pacredir.conf b/pacredir.conf index 5dcf738..9045af7 100644 --- a/pacredir.conf +++ b/pacredir.conf @@ -28,10 +28,9 @@ protocol = IPv4 # You may want to add hosts that do not announce their services via avahi or # are connected to a different network segment. Add them here. IPv6 addresses # have to be enclosed in square brackets. -# Please note that pacdbserve hosts depend on the servers architecture! +# Please note that pacserve hosts depend on the servers architecture! #pacserve hosts = test1.domain #pacserve hosts = test1.domain test2.domain -#pacdbserve hosts = test3.domain test4.domain # Give extra verbosity for more output. verbose = 0 @@ -66,7 +66,6 @@ struct hosts { char address[AVAHI_ADDRESS_STR_MAX]; /* online status and bad time for services */ struct services pacserve; - struct services pacdbserve; /* pointer to next struct element */ struct hosts * next; }; @@ -100,7 +99,7 @@ int write_log(FILE *stream, const char *format, ...); /* get_fqdn */ char * get_fqdn(const char * hostname, const char * domainname); /* get_url */ -char * get_url(const char * hostname, AvahiProtocol proto, const char * address, const uint16_t port, const char * uri); +char * get_url(const char * hostname, AvahiProtocol proto, const char * address, const uint16_t port, const uint8_t dbfile, const char * uri); /* add_host */ int add_host(const char * host, AvahiProtocol proto, const char * address, const uint16_t port, const char * type); diff --git a/systemd/pacdbserve.service b/systemd/pacdbserve.service deleted file mode 100644 index a94238d..0000000 --- a/systemd/pacdbserve.service +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=Darkhttpd to serve pacman db files -After=network.target - -[Service] -ExecStart=/usr/bin/pacdbserve /var/lib/pacman/sync/ --ipv6 --port 7079 --no-listing -DynamicUser=on -ProtectSystem=full -ProtectHome=on -PrivateDevices=on -NoNewPrivileges=on - -[Install] -WantedBy=multi-user.target diff --git a/systemd/pacredir.service b/systemd/pacredir.service index 2e890f7..561b4cd 100644 --- a/systemd/pacredir.service +++ b/systemd/pacredir.service @@ -16,4 +16,3 @@ NoNewPrivileges=on [Install] WantedBy=multi-user.target Also=pacserve.service -Also=pacdbserve.service diff --git a/systemd/pacserve.service b/systemd/pacserve.service index 1e414db..e3e2401 100644 --- a/systemd/pacserve.service +++ b/systemd/pacserve.service @@ -1,9 +1,10 @@ [Unit] -Description=Darkhttpd to serve pacman cache -After=network.target +Description=Serve pacman database files and package archives +After=systemd-tmpfiles-setup.service network.target [Service] -ExecStart=/usr/bin/pacserve /var/cache/pacman/pkg/ --ipv6 --port 7078 --no-listing +ExecStart=/usr/bin/pacserve /run/pacserve/ --ipv6 --port 7078 --no-listing +BindReadOnlyPaths=/var/cache/pacman/pkg:/run/pacserve/pkg /var/lib/pacman/sync:/run/pacserve/db DynamicUser=on ProtectSystem=full ProtectHome=on diff --git a/systemd/tmpfiles.conf b/systemd/tmpfiles.conf new file mode 100644 index 0000000..f1da220 --- /dev/null +++ b/systemd/tmpfiles.conf @@ -0,0 +1,2 @@ +d /var/cache/pacman/pkg - - - - +d /var/lib/pacman/sync - - - - |