aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGravatar Christian Hesse <mail@eworm.de>2018-07-04 13:59:24 +0200
committerGravatar Christian Hesse <mail@eworm.de>2018-07-04 16:19:34 +0200
commita834db5dc933a4b48c8323ae3e490448a86b448f (patch)
tree7fb8f9a7ac526633999ee47adb6f533cec3d7e5a
parentad79ff8b22318c22eb25a157d5e2a210afa77de6 (diff)
downloadpacredir-a834db5dc933a4b48c8323ae3e490448a86b448f.tar.gz
pacredir-a834db5dc933a4b48c8323ae3e490448a86b448f.tar.zst
use private bind mounts for pacserve, remove pacdbservesystemd-v233
We want just one service to serve database files and package archives. Private bind mounts make both available to pacserve. This alse removes some complexity in pacredir.
-rw-r--r--.gitignore1
-rw-r--r--Makefile17
-rw-r--r--README.md4
-rw-r--r--avahi/pacdbserve.service.in15
-rw-r--r--avahi/pacserve.service.in2
-rw-r--r--config.def.h6
-rw-r--r--initcpio/hooks/pacredir19
-rw-r--r--pacredir.c90
-rw-r--r--pacredir.conf3
-rw-r--r--pacredir.h3
-rw-r--r--systemd/pacdbserve.service14
-rw-r--r--systemd/pacredir.service1
-rw-r--r--systemd/pacserve.service7
-rw-r--r--systemd/tmpfiles.conf2
14 files changed, 46 insertions, 138 deletions
diff --git a/.gitignore b/.gitignore
index 5e671cb..cf170d5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,7 +3,6 @@
arch
pacredir
config.h
-avahi/pacdbserve.service
avahi/pacserve.service
README.html
version.h
diff --git a/Makefile b/Makefile
index fd13a48..776f715 100644
--- a/Makefile
+++ b/Makefile
@@ -30,7 +30,7 @@ ID := $(shell grep 'ID=' < /etc/os-release | cut -d= -f2)
# a release tarball...
VERSION := 0.3.3
-all: pacredir avahi/pacdbserve.service avahi/pacserve.service README.html
+all: pacredir avahi/pacserve.service README.html
pacredir: pacredir.c pacredir.h config.h version.h
$(CC) $(CFLAGS) $(CFLAGS_EXTRA) $(LDFLAGS) -DREPRODUCIBLE=$(REPRODUCIBLE) -DARCH=\"$(ARCH)\" -DID=\"$(ID)\" -o pacredir pacredir.c
@@ -41,28 +41,23 @@ config.h:
version.h: $(wildcard .git/HEAD .git/index .git/refs/tags/*) Makefile
printf "#ifndef VERSION\n#define VERSION \"%s\"\n#endif\n" $(shell git describe --long 2>/dev/null || echo ${VERSION}) > $@
-avahi/pacdbserve.service: avahi/pacdbserve.service.in
- $(SED) 's/%ARCH%/$(ARCH)/;s/%ID%/$(ID)/' avahi/pacdbserve.service.in > avahi/pacdbserve.service
-
avahi/pacserve.service: avahi/pacserve.service.in
- $(SED) 's/%ID%/$(ID)/' avahi/pacserve.service.in > avahi/pacserve.service
+ $(SED) 's/%ARCH%/$(ARCH)/;s/%ID%/$(ID)/' avahi/pacserve.service.in > avahi/pacserve.service
README.html: README.md
$(MD) README.md > README.html
install: install-bin install-doc
-install-bin: pacredir avahi/pacdbserve.service avahi/pacserve.service
+install-bin: pacredir avahi/pacserve.service
$(INSTALL) -D -m0755 pacredir $(DESTDIR)$(PREFIX)/bin/pacredir
$(LN) -s darkhttpd $(DESTDIR)$(PREFIX)/bin/pacserve
- $(LN) -s darkhttpd $(DESTDIR)$(PREFIX)/bin/pacdbserve
$(INSTALL) -D -m0644 pacredir.conf $(DESTDIR)/etc/pacredir.conf
$(INSTALL) -D -m0644 pacman/pacredir $(DESTDIR)/etc/pacman.d/pacredir
$(INSTALL) -D -m0644 avahi/pacserve.service $(DESTDIR)/etc/avahi/services/pacserve.service
- $(INSTALL) -D -m0644 avahi/pacdbserve.service $(DESTDIR)/etc/avahi/services/pacdbserve.service
- $(INSTALL) -D -m0644 systemd/pacdbserve.service $(DESTDIR)$(PREFIX)/lib/systemd/system/pacdbserve.service
$(INSTALL) -D -m0644 systemd/pacredir.service $(DESTDIR)$(PREFIX)/lib/systemd/system/pacredir.service
$(INSTALL) -D -m0644 systemd/pacserve.service $(DESTDIR)$(PREFIX)/lib/systemd/system/pacserve.service
+ $(INSTALL) -D -m0644 systemd/tmpfiles.conf $(DESTDIR)$(PREFIX)/lib/tmpfiles.d/pacserve.conf
$(INSTALL) -D -m0644 initcpio/hooks/pacredir $(DESTDIR)$(PREFIX)/lib/initcpio/hooks/pacredir
$(INSTALL) -D -m0644 initcpio/install/pacredir $(DESTDIR)$(PREFIX)/lib/initcpio/install/pacredir
$(INSTALL) -D -m0644 dhcpcd/80-pacredir $(DESTDIR)$(PREFIX)/lib/dhcpcd/dhcpcd-hooks/80-pacredir
@@ -73,10 +68,10 @@ install-doc: README.html
$(INSTALL) -D -m0644 README.html $(DESTDIR)$(PREFIX)/share/doc/pacredir/README.html
clean:
- $(RM) -f *.o *~ pacredir avahi/pacdbserve.service avahi/pacserve.service README.html version.h
+ $(RM) -f *.o *~ pacredir avahi/pacserve.service README.html version.h
distclean:
- $(RM) -f *.o *~ pacredir avahi/pacdbserve.service avahi/pacserve.service README.html version.h config.h
+ $(RM) -f *.o *~ pacredir avahi/pacserve.service README.html version.h config.h
release:
git archive --format=tar.xz --prefix=pacredir-$(VERSION)/ $(VERSION) > pacredir-$(VERSION).tar.xz
diff --git a/README.md b/README.md
index be44d41..2b44c7b 100644
--- a/README.md
+++ b/README.md
@@ -48,8 +48,8 @@ Additionally systemd service files are installed to
Usage
-----
-Enable systemd services `pacserve`, `pacdbserve` and `pacredir`, open TCP
-ports `7078` and `7079` and add the following line to your repository
+Enable systemd services `pacserve` and `pacredir`, open TCP
+port `7078` and add the following line to your repository
definitions in `pacman.conf`:
> Include = /etc/pacman.d/pacredir
diff --git a/avahi/pacdbserve.service.in b/avahi/pacdbserve.service.in
deleted file mode 100644
index 106bc28..0000000
--- a/avahi/pacdbserve.service.in
+++ /dev/null
@@ -1,15 +0,0 @@
-<?xml version="1.0" standalone='no'?><!--*-nxml-*-->
-<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
-
-<!-- See avahi.service(5) for more information about this configuration file -->
-
-<service-group>
-
- <name replace-wildcards="yes">%h</name>
-
- <service>
- <type>_pacdbserve_%ID%_%ARCH%._tcp</type>
- <port>7079</port>
- </service>
-
-</service-group>
diff --git a/avahi/pacserve.service.in b/avahi/pacserve.service.in
index 2da20f7..4a39e6d 100644
--- a/avahi/pacserve.service.in
+++ b/avahi/pacserve.service.in
@@ -8,7 +8,7 @@
<name replace-wildcards="yes">%h</name>
<service>
- <type>_pacserve_%ID%._tcp</type>
+ <type>_pacserve_%ID%_%ARCH%._tcp</type>
<port>7078</port>
</service>
diff --git a/config.def.h b/config.def.h
index 00a4955..a11028b 100644
--- a/config.def.h
+++ b/config.def.h
@@ -22,14 +22,12 @@
#define PAGE404 "<html><head><title>404 Not Found</title>" \
"</head><body>404 Not Found: %s</body></html>"
-/* the ports pacredir, pacserve and pacdbserve listen to */
+/* the ports pacredir and pacserve listen to */
#define PORT_PACREDIR 7077
#define PORT_PACSERVE 7078
-#define PORT_PACDBSERVE 7079
/* avahi service names */
-#define PACSERVE "_pacserve_" ID "._tcp"
-#define PACDBSERVE "_pacdbserve_" ID "_" ARCH "._tcp"
+#define PACSERVE "_pacserve_" ID "_" ARCH "._tcp"
/* path to the config file */
#define CONFIGFILE "/etc/pacredir.conf"
diff --git a/initcpio/hooks/pacredir b/initcpio/hooks/pacredir
index 5f8d560..c73bb8e 100644
--- a/initcpio/hooks/pacredir
+++ b/initcpio/hooks/pacredir
@@ -4,24 +4,17 @@ run_latehook() {
local newroot="/new_root/"
if ! grep -q '^pacserve hosts' ${newroot}/etc/pacredir.conf; then
- if [[ -n "${pacserve}" ]]; then
- msg ":: Adding pacserve host '${pacserve}' to pacredir.conf..."
- echo "pacserve hosts = ${pacserve}" >> ${newroot}/etc/pacredir.conf
- fi
- fi
-
- if ! grep -q '^pacdbserve hosts' ${newroot}/etc/pacredir.conf; then
case $(uname -m) in
x86_64)
- if [[ -n "${pacdbserve_x86_64}" ]]; then
- msg ":: Adding pacdbserve host '${pacdbserve_x86_64}' to pacredir.conf..."
- echo "pacdbserve hosts = ${pacdbserve_x86_64}" >> ${newroot}/etc/pacredir.conf
+ if [[ -n "${pacserve_x86_64}" ]]; then
+ msg ":: Adding pacserve host '${pacserve_x86_64}' to pacredir.conf..."
+ echo "pacserve hosts = ${pacserve_x86_64}" >> ${newroot}/etc/pacredir.conf
fi
;;
i686)
- if [[ -n "${pacdbserve_i686}" ]]; then
- msg ":: Adding pacdbserve host '${pacdbserve_i686}' to pacredir.conf..."
- echo "pacdbserve hosts = ${pacdbserve_i686}" >> ${newroot}/etc/pacredir.conf
+ if [[ -n "${pacserve_i686}" ]]; then
+ msg ":: Adding pacserve host '${pacserve_i686}' to pacredir.conf..."
+ echo "pacserve hosts = ${pacserve_i686}" >> ${newroot}/etc/pacredir.conf
fi
;;
esac
diff --git a/pacredir.c b/pacredir.c
index 4660c8f..76dc52d 100644
--- a/pacredir.c
+++ b/pacredir.c
@@ -47,22 +47,25 @@ char * get_fqdn(const char * hostname, const char * domainname) {
}
/*** get_url ***/
-char * get_url(const char * hostname, AvahiProtocol proto, const char * address, const uint16_t port, const char * uri) {
- const char * host;
+char * get_url(const char * hostname, AvahiProtocol proto, const char * address, const uint16_t port, const uint8_t dbfile, const char * uri) {
+ const char * host, * dir;
char * url;
- host = (*address ? address : hostname);
+ host = *address ? address : hostname;
+
+ dir = dbfile ? "db" : "pkg";
url = malloc(10 /* static chars of an url & null char */
+ strlen(host)
+ 5 /* max strlen of decimal 16bit value */
+ 2 /* square brackets for IPv6 address */
+ + 4 /* extra dir */
+ strlen(uri));
if (*address != 0 && proto == AVAHI_PROTO_INET6)
- sprintf(url, "http://[%s]:%d/%s", address, port, uri);
+ sprintf(url, "http://[%s]:%d/%s/%s", address, port, dir, uri);
else
- sprintf(url, "http://%s:%d/%s", host, port, uri);
+ sprintf(url, "http://%s:%d/%s/%s", host, port, dir, uri);
return url;
}
@@ -97,11 +100,6 @@ int add_host(const char * host, AvahiProtocol proto, const char * address, const
tmphosts->pacserve.badtime = 0;
tmphosts->pacserve.badcount = 0;
- tmphosts->pacdbserve.port = 0;
- tmphosts->pacdbserve.online = 0;
- tmphosts->pacdbserve.badtime = 0;
- tmphosts->pacdbserve.badcount = 0;
-
tmphosts->next = malloc(sizeof(struct hosts));
tmphosts->next->host = NULL;
tmphosts->next->next = NULL;
@@ -111,19 +109,13 @@ update:
if (address != NULL)
memcpy(tmphosts->address, address, AVAHI_ADDRESS_STR_MAX);
- if (strcmp(type, PACSERVE) == 0) {
- tmphosts->pacserve.online = 1;
- tmphosts->pacserve.port = port;
- request.service = &tmphosts->pacserve;
- } else if (strcmp(type, PACDBSERVE) == 0) {
- tmphosts->pacdbserve.online = 1;
- tmphosts->pacdbserve.port = port;
- request.service = &tmphosts->pacdbserve;
- }
+ tmphosts->pacserve.online = 1;
+ tmphosts->pacserve.port = port;
+ request.service = &tmphosts->pacserve;
/* do a first request and let get_http_code() set the bad status */
request.host = tmphosts->host;
- request.url = get_url(request.host, tmphosts->proto, tmphosts->address, request.service->port, "");
+ request.url = get_url(request.host, tmphosts->proto, tmphosts->address, request.service->port, 0, "");
request.http_code = 0;
request.last_modified = 0;
get_http_code(&request);
@@ -141,11 +133,7 @@ int remove_host(const char * host, AvahiProtocol proto, const char * type) {
if (verbose > 0)
write_log(stdout, "Marking service %s on host %s (%s) offline\n",
type, host, avahi_proto_to_string(proto));
- if (strcmp(type, PACSERVE) == 0) {
- tmphosts->pacserve.online = 0;
- } else if (strcmp(type, PACDBSERVE) == 0) {
- tmphosts->pacdbserve.online = 0;
- }
+ tmphosts->pacserve.online = 0;
break;
}
tmphosts = tmphosts->next;
@@ -189,7 +177,7 @@ static void resolve_callback(AvahiServiceResolver *r,
write_log(stdout, "Found service %s on host %s (%s) on interface %s\n",
type, host, ipaddress, intname);
- add_host(host, protocol, ipaddress, strcmp(type, PACSERVE) == 0 ? PORT_PACSERVE : PORT_PACDBSERVE, type);
+ add_host(host, protocol, ipaddress, PORT_PACSERVE, type);
break;
}
@@ -438,14 +426,14 @@ static int ahc_echo(void * cls,
/* try to find a server with most recent file */
while (tmphosts->host != NULL) {
- struct services *service = (dbfile ? &tmphosts->pacdbserve : &tmphosts->pacserve);
+ struct services *service = &tmphosts->pacserve;
time_t badtime = service->badtime + service->badcount * BADTIME;
/* skip host if offline or had a bad request within last BADTIME seconds */
if (service->online == 0) {
if (verbose > 0)
write_log(stdout, "Service %s on host %s is offline, skipping\n",
- dbfile ? PACDBSERVE : PACSERVE, tmphosts->host);
+ PACSERVE, tmphosts->host);
tmphosts = tmphosts->next;
continue;
} else if (badtime > tv.tv_sec) {
@@ -455,7 +443,7 @@ static int ahc_echo(void * cls,
ctime[strlen(ctime) - 1] = '\0';
write_log(stdout, "Service %s on host %s is marked bad until %s, skipping\n",
- dbfile ? PACDBSERVE : PACSERVE, tmphosts->host, ctime);
+ PACSERVE, tmphosts->host, ctime);
}
tmphosts = tmphosts->next;
continue;
@@ -485,11 +473,8 @@ static int ahc_echo(void * cls,
/* prepare request struct */
request->host = tmphosts->host;
- if (dbfile == 1)
- request->service = &(tmphosts->pacdbserve);
- else
- request->service = &(tmphosts->pacserve);
- request->url = get_url(tmphosts->host, tmphosts->proto, tmphosts->address, request->service->port, basename);
+ request->service = &(tmphosts->pacserve);
+ request->url = get_url(tmphosts->host, tmphosts->proto, tmphosts->address, request->service->port, dbfile, basename);
request->http_code = 0;
request->last_modified = 0;
@@ -609,8 +594,6 @@ void sighup_callback(int signal) {
while (tmphosts->host != NULL) {
tmphosts->pacserve.badtime = 0;
tmphosts->pacserve.badcount = 0;
- tmphosts->pacdbserve.badtime = 0;
- tmphosts->pacdbserve.badcount = 0;
tmphosts = tmphosts->next;
}
}
@@ -624,7 +607,7 @@ int main(int argc, char ** argv) {
uint16_t port;
struct ignore_interfaces * tmp_ignore_interfaces;
AvahiClient *client = NULL;
- AvahiServiceBrowser *pacserve = NULL, *pacdbserve = NULL;
+ AvahiServiceBrowser *pacserve = NULL;
int error, i, ret = 1;
struct MHD_Daemon * mhd;
struct hosts * tmphosts;
@@ -674,15 +657,13 @@ int main(int argc, char ** argv) {
hosts->host = NULL;
hosts->pacserve.online = 0;
hosts->pacserve.badtime = 0;
- hosts->pacdbserve.online = 0;
- hosts->pacdbserve.badtime = 0;
hosts->next = NULL;
ignore_interfaces = malloc(sizeof(struct ignore_interfaces));
ignore_interfaces->interface = NULL;
ignore_interfaces->next = NULL;
- /* Probing for static pacserve and pacdbserve hosts takes some time.
+ /* Probing for static pacserve hosts takes some time.
* Receiving a SIGHUP at this time could kill us. So register signal
* SIGHUP here before probing. */
signal(SIGHUP, sighup_callback);
@@ -758,25 +739,6 @@ int main(int argc, char ** argv) {
free(values);
}
- /* add static pacdbserve hosts */
- if ((inistring = iniparser_getstring(ini, "general:pacdbserve hosts", NULL)) != NULL) {
- values = strdup(inistring);
- value = strtok(values, DELIMITER);
- while (value != NULL) {
- if (verbose > 0)
- write_log(stdout, "Adding static pacdbserve host: %s\n", value);
-
- if (strchr(value, ':') != NULL) {
- port = atoi(strchr(value, ':') + 1);
- *strchr(value, ':') = 0;
- } else
- port = PORT_PACDBSERVE;
- add_host(value, AVAHI_PROTO_UNSPEC, NULL, port, PACDBSERVE);
- value = strtok(NULL, DELIMITER);
- }
- free(values);
- }
-
/* done reading config file, free */
iniparser_freedict(ini);
}
@@ -800,13 +762,6 @@ int main(int argc, char ** argv) {
goto fail;
}
- /* create the service browser for PACDBSERVE */
- if ((pacdbserve = avahi_service_browser_new(client, AVAHI_IF_UNSPEC,
- use_proto, PACDBSERVE, NULL, 0, browse_callback, client)) == NULL) {
- write_log(stderr, "Failed to create service browser: %s\n", avahi_strerror(avahi_client_errno(client)));
- goto fail;
- }
-
/* prepare struct to make microhttpd listen on localhost only */
address.sin_family = AF_INET;
address.sin_port = htons(PORT_PACREDIR);
@@ -861,9 +816,6 @@ fail:
ignore_interfaces = tmp_ignore_interfaces;
}
- if (pacdbserve)
- avahi_service_browser_free(pacdbserve);
-
if (pacserve)
avahi_service_browser_free(pacserve);
diff --git a/pacredir.conf b/pacredir.conf
index 5dcf738..9045af7 100644
--- a/pacredir.conf
+++ b/pacredir.conf
@@ -28,10 +28,9 @@ protocol = IPv4
# You may want to add hosts that do not announce their services via avahi or
# are connected to a different network segment. Add them here. IPv6 addresses
# have to be enclosed in square brackets.
-# Please note that pacdbserve hosts depend on the servers architecture!
+# Please note that pacserve hosts depend on the servers architecture!
#pacserve hosts = test1.domain
#pacserve hosts = test1.domain test2.domain
-#pacdbserve hosts = test3.domain test4.domain
# Give extra verbosity for more output.
verbose = 0
diff --git a/pacredir.h b/pacredir.h
index fa26dbd..bddab74 100644
--- a/pacredir.h
+++ b/pacredir.h
@@ -66,7 +66,6 @@ struct hosts {
char address[AVAHI_ADDRESS_STR_MAX];
/* online status and bad time for services */
struct services pacserve;
- struct services pacdbserve;
/* pointer to next struct element */
struct hosts * next;
};
@@ -100,7 +99,7 @@ int write_log(FILE *stream, const char *format, ...);
/* get_fqdn */
char * get_fqdn(const char * hostname, const char * domainname);
/* get_url */
-char * get_url(const char * hostname, AvahiProtocol proto, const char * address, const uint16_t port, const char * uri);
+char * get_url(const char * hostname, AvahiProtocol proto, const char * address, const uint16_t port, const uint8_t dbfile, const char * uri);
/* add_host */
int add_host(const char * host, AvahiProtocol proto, const char * address, const uint16_t port, const char * type);
diff --git a/systemd/pacdbserve.service b/systemd/pacdbserve.service
deleted file mode 100644
index a94238d..0000000
--- a/systemd/pacdbserve.service
+++ /dev/null
@@ -1,14 +0,0 @@
-[Unit]
-Description=Darkhttpd to serve pacman db files
-After=network.target
-
-[Service]
-ExecStart=/usr/bin/pacdbserve /var/lib/pacman/sync/ --ipv6 --port 7079 --no-listing
-DynamicUser=on
-ProtectSystem=full
-ProtectHome=on
-PrivateDevices=on
-NoNewPrivileges=on
-
-[Install]
-WantedBy=multi-user.target
diff --git a/systemd/pacredir.service b/systemd/pacredir.service
index 2e890f7..561b4cd 100644
--- a/systemd/pacredir.service
+++ b/systemd/pacredir.service
@@ -16,4 +16,3 @@ NoNewPrivileges=on
[Install]
WantedBy=multi-user.target
Also=pacserve.service
-Also=pacdbserve.service
diff --git a/systemd/pacserve.service b/systemd/pacserve.service
index 1e414db..e3e2401 100644
--- a/systemd/pacserve.service
+++ b/systemd/pacserve.service
@@ -1,9 +1,10 @@
[Unit]
-Description=Darkhttpd to serve pacman cache
-After=network.target
+Description=Serve pacman database files and package archives
+After=systemd-tmpfiles-setup.service network.target
[Service]
-ExecStart=/usr/bin/pacserve /var/cache/pacman/pkg/ --ipv6 --port 7078 --no-listing
+ExecStart=/usr/bin/pacserve /run/pacserve/ --ipv6 --port 7078 --no-listing
+BindReadOnlyPaths=/var/cache/pacman/pkg:/run/pacserve/pkg /var/lib/pacman/sync:/run/pacserve/db
DynamicUser=on
ProtectSystem=full
ProtectHome=on
diff --git a/systemd/tmpfiles.conf b/systemd/tmpfiles.conf
new file mode 100644
index 0000000..f1da220
--- /dev/null
+++ b/systemd/tmpfiles.conf
@@ -0,0 +1,2 @@
+d /var/cache/pacman/pkg - - - -
+d /var/lib/pacman/sync - - - -