diff options
author | Alessio Vanni <vannilla@firemail.cc> | 2021-09-07 14:50:20 +0200 |
---|---|---|
committer | Alessio Vanni <vannilla@firemail.cc> | 2021-09-07 14:50:20 +0200 |
commit | 6e1bb6601e21a3329950129b9dc39e05746e3b65 (patch) | |
tree | dfc20058c8b430ef37c059ec21c2905168a07084 /contrib | |
parent | 382fc8faaf4ccccd870dc7e746a9f002f3f6cfd1 (diff) | |
parent | 3da9cbd621a98c885a0c633ddaec0a84aa8a8e66 (diff) | |
download | gnunet-6e1bb6601e21a3329950129b9dc39e05746e3b65.tar.gz gnunet-6e1bb6601e21a3329950129b9dc39e05746e3b65.zip |
-Merge branch 'master' into dev/vanni/build-info
Diffstat (limited to 'contrib')
-rwxr-xr-x | contrib/scripts/netjail/netjail_core.sh | 57 | ||||
-rwxr-xr-x | contrib/scripts/netjail/netjail_setup_internet.sh | 105 | ||||
-rw-r--r-- | contrib/services/systemd/Makefile.am | 5 | ||||
-rw-r--r-- | contrib/services/systemd/gnunet-user.service | 11 | ||||
-rw-r--r-- | contrib/services/systemd/gnunet.service | 17 | ||||
-rw-r--r-- | contrib/services/systemd/sysusers-gnunet.conf | 4 | ||||
-rw-r--r-- | contrib/services/systemd/tmpfiles-gnunet.conf | 10 |
7 files changed, 127 insertions, 82 deletions
diff --git a/contrib/scripts/netjail/netjail_core.sh b/contrib/scripts/netjail/netjail_core.sh index d070f7220..d53315052 100755 --- a/contrib/scripts/netjail/netjail_core.sh +++ b/contrib/scripts/netjail/netjail_core.sh | |||
@@ -2,6 +2,7 @@ | |||
2 | # | 2 | # |
3 | 3 | ||
4 | JAILOR=${SUDO_USER:?must run in sudo} | 4 | JAILOR=${SUDO_USER:?must run in sudo} |
5 | PREFIX=${PPID:?must run from a parent process} | ||
5 | 6 | ||
6 | # running with `sudo` is required to be | 7 | # running with `sudo` is required to be |
7 | # able running the actual commands as the | 8 | # able running the actual commands as the |
@@ -9,6 +10,22 @@ JAILOR=${SUDO_USER:?must run in sudo} | |||
9 | 10 | ||
10 | export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" | 11 | export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" |
11 | 12 | ||
13 | export RESULT= | ||
14 | export NAMESPACE_NUM=0 | ||
15 | export INTERFACE_NUM=0 | ||
16 | |||
17 | netjail_next_namespace() { | ||
18 | local NUM=$NAMESPACE_NUM | ||
19 | NAMESPACE_NUM=$(($NAMESPACE_NUM + 1)) | ||
20 | RESULT=$NUM | ||
21 | } | ||
22 | |||
23 | netjail_next_interface() { | ||
24 | local NUM=$INTERFACE_NUM | ||
25 | INTERFACE_NUM=$(($INTERFACE_NUM + 1)) | ||
26 | RESULT=$NUM | ||
27 | } | ||
28 | |||
12 | netjail_opt() { | 29 | netjail_opt() { |
13 | local OPT=$1 | 30 | local OPT=$1 |
14 | shift 1 | 31 | shift 1 |
@@ -17,7 +34,7 @@ netjail_opt() { | |||
17 | 34 | ||
18 | while [ $# -gt 0 ]; do | 35 | while [ $# -gt 0 ]; do |
19 | if [ "$1" = "$OPT" ]; then | 36 | if [ "$1" = "$OPT" ]; then |
20 | printf "%d" $INDEX | 37 | RESULT=$INDEX |
21 | return | 38 | return |
22 | fi | 39 | fi |
23 | 40 | ||
@@ -25,7 +42,7 @@ netjail_opt() { | |||
25 | shift 1 | 42 | shift 1 |
26 | done | 43 | done |
27 | 44 | ||
28 | printf "%d" 0 | 45 | RESULT=0 |
29 | } | 46 | } |
30 | 47 | ||
31 | netjail_opts() { | 48 | netjail_opts() { |
@@ -42,7 +59,7 @@ netjail_opts() { | |||
42 | shift 1 | 59 | shift 1 |
43 | done | 60 | done |
44 | 61 | ||
45 | printf "$DEF" | 62 | RESULT="$DEF" |
46 | } | 63 | } |
47 | 64 | ||
48 | netjail_check() { | 65 | netjail_check() { |
@@ -73,15 +90,15 @@ netjail_check_bin() { | |||
73 | fi | 90 | fi |
74 | } | 91 | } |
75 | 92 | ||
76 | netjail_print_name() { | ||
77 | printf "%s%02x%02x" $1 $2 ${3:-0} | ||
78 | } | ||
79 | |||
80 | netjail_bridge() { | 93 | netjail_bridge() { |
81 | local BRIDGE=$1 | 94 | netjail_next_interface |
95 | local NUM=$RESULT | ||
96 | local BRIDGE=$(printf "%06x-%08x" $PREFIX $NUM) | ||
82 | 97 | ||
83 | ip link add $BRIDGE type bridge | 98 | ip link add $BRIDGE type bridge |
84 | ip link set dev $BRIDGE up | 99 | ip link set dev $BRIDGE up |
100 | |||
101 | RESULT=$BRIDGE | ||
85 | } | 102 | } |
86 | 103 | ||
87 | netjail_bridge_clear() { | 104 | netjail_bridge_clear() { |
@@ -91,9 +108,13 @@ netjail_bridge_clear() { | |||
91 | } | 108 | } |
92 | 109 | ||
93 | netjail_node() { | 110 | netjail_node() { |
94 | local NODE=$1 | 111 | netjail_next_namespace |
112 | local NUM=$RESULT | ||
113 | local NODE=$(printf "%06x-%08x" $PREFIX $NUM) | ||
95 | 114 | ||
96 | ip netns add $NODE | 115 | ip netns add $NODE |
116 | |||
117 | RESULT=$NODE | ||
97 | } | 118 | } |
98 | 119 | ||
99 | netjail_node_clear() { | 120 | netjail_node_clear() { |
@@ -108,8 +129,13 @@ netjail_node_link_bridge() { | |||
108 | local ADDRESS=$3 | 129 | local ADDRESS=$3 |
109 | local MASK=$4 | 130 | local MASK=$4 |
110 | 131 | ||
111 | local LINK_IF="$NODE-$BRIDGE-0" | 132 | netjail_next_interface |
112 | local LINK_BR="$NODE-$BRIDGE-1" | 133 | local NUM_IF=$RESULT |
134 | netjail_next_interface | ||
135 | local NUM_BR=$RESULT | ||
136 | |||
137 | local LINK_IF=$(printf "%06x-%08x" $PREFIX $NUM_IF) | ||
138 | local LINK_BR=$(printf "%06x-%08x" $PREFIX $NUM_BR) | ||
113 | 139 | ||
114 | ip link add $LINK_IF type veth peer name $LINK_BR | 140 | ip link add $LINK_IF type veth peer name $LINK_BR |
115 | ip link set $LINK_IF netns $NODE | 141 | ip link set $LINK_IF netns $NODE |
@@ -120,13 +146,12 @@ netjail_node_link_bridge() { | |||
120 | ip -n $NODE link set up dev lo | 146 | ip -n $NODE link set up dev lo |
121 | 147 | ||
122 | ip link set $LINK_BR up | 148 | ip link set $LINK_BR up |
149 | |||
150 | RESULT=$LINK_BR | ||
123 | } | 151 | } |
124 | 152 | ||
125 | netjail_node_unlink_bridge() { | 153 | netjail_node_unlink_bridge() { |
126 | local NODE=$1 | 154 | local LINK_BR=$1 |
127 | local BRIDGE=$2 | ||
128 | |||
129 | local LINK_BR="$NODE-$BRIDGE-1" | ||
130 | 155 | ||
131 | ip link delete $LINK_BR | 156 | ip link delete $LINK_BR |
132 | } | 157 | } |
@@ -152,7 +177,7 @@ netjail_node_exec() { | |||
152 | local FD_OUT=$3 | 177 | local FD_OUT=$3 |
153 | shift 3 | 178 | shift 3 |
154 | 179 | ||
155 | unshare -fp --kill-child -- ip netns exec $NODE sudo -u $JAILOR -- $@ 1>& $FD_OUT 0<& $FD_IN | 180 | ip netns exec $NODE sudo -u $JAILOR -- $@ 1>& $FD_OUT 0<& $FD_IN |
156 | } | 181 | } |
157 | 182 | ||
158 | netjail_kill() { | 183 | netjail_kill() { |
diff --git a/contrib/scripts/netjail/netjail_setup_internet.sh b/contrib/scripts/netjail/netjail_setup_internet.sh index 6ae047274..e3880783f 100755 --- a/contrib/scripts/netjail/netjail_setup_internet.sh +++ b/contrib/scripts/netjail/netjail_setup_internet.sh | |||
@@ -1,4 +1,5 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh |
2 | |||
2 | . "./netjail_core.sh" | 3 | . "./netjail_core.sh" |
3 | 4 | ||
4 | set -eu | 5 | set -eu |
@@ -6,6 +7,7 @@ set -x | |||
6 | 7 | ||
7 | export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" | 8 | export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" |
8 | 9 | ||
10 | PREFIX=$PPID | ||
9 | LOCAL_M=$1 | 11 | LOCAL_M=$1 |
10 | GLOBAL_N=$2 | 12 | GLOBAL_N=$2 |
11 | 13 | ||
@@ -14,11 +16,14 @@ shift 2 | |||
14 | netjail_check $(($LOCAL_M * $GLOBAL_N)) | 16 | netjail_check $(($LOCAL_M * $GLOBAL_N)) |
15 | 17 | ||
16 | # Starts optionally an amount of nodes without NAT starting with "92.68.151.1" | 18 | # Starts optionally an amount of nodes without NAT starting with "92.68.151.1" |
17 | KNOWN=$(netjail_opt '--known' $@) | 19 | netjail_opt '--known' $@ |
18 | KNOWN_NUM=$(netjail_opts '--known' 0 $@) | 20 | KNOWN=$RESULT |
21 | netjail_opts '--known' 0 $@ | ||
22 | KNOWN_NUM=$RESULT | ||
19 | 23 | ||
20 | # Starts optionally 'stunserver' on "92.68.150.254": | 24 | # Starts optionally 'stunserver' on "92.68.150.254": |
21 | STUN=$(netjail_opt '--stun' $@) | 25 | netjail_opt '--stun' $@ |
26 | STUN=$RESULT | ||
22 | 27 | ||
23 | if [ $KNOWN -gt 0 ]; then | 28 | if [ $KNOWN -gt 0 ]; then |
24 | shift 2 | 29 | shift 2 |
@@ -32,8 +37,6 @@ if [ $STUN -gt 0 ]; then | |||
32 | netjail_check_bin stunserver | 37 | netjail_check_bin stunserver |
33 | 38 | ||
34 | shift 1 | 39 | shift 1 |
35 | |||
36 | STUN_NODE=$(netjail_print_name "S" 254) | ||
37 | fi | 40 | fi |
38 | 41 | ||
39 | netjail_check_bin $1 | 42 | netjail_check_bin $1 |
@@ -45,43 +48,42 @@ KNOWN_GROUP="92.68.151" | |||
45 | CLEANUP=0 | 48 | CLEANUP=0 |
46 | echo "Start [local: $LOCAL_GROUP.0/24, global: $GLOBAL_GROUP.0/16, stun: $STUN]" | 49 | echo "Start [local: $LOCAL_GROUP.0/24, global: $GLOBAL_GROUP.0/16, stun: $STUN]" |
47 | 50 | ||
48 | NETWORK_NET=$(netjail_print_name "n" $GLOBAL_N $LOCAL_M) | 51 | netjail_bridge |
49 | 52 | NETWORK_NET=$RESULT | |
50 | netjail_bridge $NETWORK_NET | ||
51 | 53 | ||
52 | for X in $(seq $KNOWN); do | 54 | for X in $(seq $KNOWN); do |
53 | KNOWN_NODE=$(netjail_print_name "K" $X) | 55 | netjail_node |
54 | 56 | KNOWN_NODES[$X]=$RESULT | |
55 | netjail_node $KNOWN_NODE | 57 | netjail_node_link_bridge ${KNOWN_NODES[$X]} $NETWORK_NET "$KNOWN_GROUP.$X" 16 |
56 | netjail_node_link_bridge $KNOWN_NODE $NETWORK_NET "$KNOWN_GROUP.$X" 16 | 58 | KNOWN_LINKS[$X]=$RESULT |
57 | done | 59 | done |
58 | 60 | ||
59 | for N in $(seq $GLOBAL_N); do | 61 | declare -A NODES |
60 | ROUTER=$(netjail_print_name "R" $N) | 62 | declare -A NODE_LINKS |
61 | |||
62 | netjail_node $ROUTER | ||
63 | netjail_node_link_bridge $ROUTER $NETWORK_NET "$GLOBAL_GROUP.$N" 16 | ||
64 | 63 | ||
65 | ROUTER_NET=$(netjail_print_name "r" $N) | 64 | for N in $(seq $GLOBAL_N); do |
66 | 65 | netjail_node | |
67 | netjail_bridge $ROUTER_NET | 66 | ROUTERS[$N]=$RESULT |
67 | netjail_node_link_bridge ${ROUTERS[$N]} $NETWORK_NET "$GLOBAL_GROUP.$N" 16 | ||
68 | NETWORK_LINKS[$N]=$RESULT | ||
69 | netjail_bridge | ||
70 | ROUTER_NETS[$N]=$RESULT | ||
68 | 71 | ||
69 | for M in $(seq $LOCAL_M); do | 72 | for M in $(seq $LOCAL_M); do |
70 | NODE=$(netjail_print_name "N" $N $M) | 73 | netjail_node |
71 | 74 | NODES[$N,$M]=$RESULT | |
72 | netjail_node $NODE | 75 | netjail_node_link_bridge ${NODES[$N,$M]} ${ROUTER_NETS[$N]} "$LOCAL_GROUP.$M" 24 |
73 | netjail_node_link_bridge $NODE $ROUTER_NET "$LOCAL_GROUP.$M" 24 | 76 | NODE_LINKS[$N,$M]=$RESULT |
74 | done | 77 | done |
75 | 78 | ||
76 | ROUTER_ADDR="$LOCAL_GROUP.$(($LOCAL_M+1))" | 79 | ROUTER_ADDR="$LOCAL_GROUP.$(($LOCAL_M+1))" |
77 | 80 | netjail_node_link_bridge ${ROUTERS[$N]} ${ROUTER_NETS[$N]} $ROUTER_ADDR 24 | |
78 | netjail_node_link_bridge $ROUTER $ROUTER_NET $ROUTER_ADDR 24 | 81 | ROUTER_LINKS[$N]=$RESULT |
79 | netjail_node_add_nat $ROUTER $ROUTER_ADDR 24 | 82 | |
83 | netjail_node_add_nat ${ROUTERS[$N]} $ROUTER_ADDR 24 | ||
80 | 84 | ||
81 | for M in $(seq $LOCAL_M); do | 85 | for M in $(seq $LOCAL_M); do |
82 | NODE=$(netjail_print_name "N" $N $M) | 86 | netjail_node_add_default ${NODES[$N,$M]} $ROUTER_ADDR |
83 | |||
84 | netjail_node_add_default $NODE $ROUTER_ADDR | ||
85 | done | 87 | done |
86 | done | 88 | done |
87 | 89 | ||
@@ -89,67 +91,58 @@ WAITING="" | |||
89 | KILLING="" | 91 | KILLING="" |
90 | 92 | ||
91 | if [ $STUN -gt 0 ]; then | 93 | if [ $STUN -gt 0 ]; then |
92 | netjail_node $STUN_NODE | 94 | netjail_node |
95 | STUN_NODE=$RESULT | ||
93 | netjail_node_link_bridge $STUN_NODE $NETWORK_NET "$GLOBAL_GROUP.254" 16 | 96 | netjail_node_link_bridge $STUN_NODE $NETWORK_NET "$GLOBAL_GROUP.254" 16 |
97 | STUN_LINK=$RESULT | ||
94 | 98 | ||
95 | netjail_node_exec $STUN_NODE 0 1 stunserver & | 99 | netjail_node_exec $STUN_NODE 0 1 stunserver & |
96 | KILLING="$!" | 100 | KILLING="$!" |
97 | fi | 101 | fi |
98 | 102 | ||
99 | for X in $(seq $KNOWN); do | 103 | for X in $(seq $KNOWN); do |
100 | KNOWN_NODE=$(netjail_print_name "K" $X) | ||
101 | INDEX=$(($X - 1)) | 104 | INDEX=$(($X - 1)) |
102 | 105 | ||
103 | FD_X=$(($INDEX * 2 + 3 + 0)) | 106 | FD_X=$(($INDEX * 2 + 3 + 0)) |
104 | FD_Y=$(($INDEX * 2 + 3 + 1)) | 107 | FD_Y=$(($INDEX * 2 + 3 + 1)) |
105 | 108 | ||
106 | netjail_node_exec $KNOWN_NODE $FD_X $FD_Y $@ & | 109 | netjail_node_exec ${KNOWN_NODES[$X]} $FD_X $FD_Y $@ & |
107 | WAITING="$! $WAITING" | 110 | WAITING="$! $WAITING" |
108 | done | 111 | done |
109 | 112 | ||
110 | for N in $(seq $GLOBAL_N); do | 113 | for N in $(seq $GLOBAL_N); do |
111 | for M in $(seq $LOCAL_M); do | 114 | for M in $(seq $LOCAL_M); do |
112 | NODE=$(netjail_print_name "N" $N $M) | ||
113 | INDEX=$(($LOCAL_M * ($N - 1) + $M - 1 + $KNOWN)) | 115 | INDEX=$(($LOCAL_M * ($N - 1) + $M - 1 + $KNOWN)) |
114 | 116 | ||
115 | FD_X=$(($INDEX * 2 + 3 + 0)) | 117 | FD_X=$(($INDEX * 2 + 3 + 0)) |
116 | FD_Y=$(($INDEX * 2 + 3 + 1)) | 118 | FD_Y=$(($INDEX * 2 + 3 + 1)) |
117 | 119 | ||
118 | netjail_node_exec $NODE $FD_X $FD_Y $@ & | 120 | netjail_node_exec ${NODES[$N,$M]} $FD_X $FD_Y $@ & |
119 | WAITING="$! $WAITING" | 121 | WAITING="$! $WAITING" |
120 | done | 122 | done |
121 | done | 123 | done |
122 | 124 | ||
123 | cleanup() { | 125 | cleanup() { |
124 | if [ $STUN -gt 0 ]; then | 126 | if [ $STUN -gt 0 ]; then |
125 | STUN_NODE=$(netjail_print_name "S" 254) | 127 | netjail_node_unlink_bridge $STUN_LINK |
126 | |||
127 | netjail_node_unlink_bridge $STUN_NODE $NETWORK_NET | ||
128 | netjail_node_clear $STUN_NODE | 128 | netjail_node_clear $STUN_NODE |
129 | fi | 129 | fi |
130 | 130 | ||
131 | for X in $(seq $KNOWN); do | 131 | for X in $(seq $KNOWN); do |
132 | KNOWN_NODE=$(netjail_print_name "K" $X) | 132 | netjail_node_unlink_bridge ${KNOWN_LINKS[$X]} |
133 | 133 | netjail_node_clear ${KNOWN_NODES[$X]} | |
134 | netjail_node_unlink_bridge $KNOWN_NODE $NETWORK_NET | ||
135 | netjail_node_clear $KNOWN_NODE | ||
136 | done | 134 | done |
137 | 135 | ||
138 | for N in $(seq $GLOBAL_N); do | 136 | for N in $(seq $GLOBAL_N); do |
139 | ROUTER_NET=$(netjail_print_name "r" $N) | ||
140 | |||
141 | for M in $(seq $LOCAL_M); do | 137 | for M in $(seq $LOCAL_M); do |
142 | NODE=$(netjail_print_name "N" $N $M) | 138 | netjail_node_unlink_bridge ${NODE_LINKS[$N,$M]} |
143 | 139 | netjail_node_clear ${NODES[$N,$M]} | |
144 | netjail_node_unlink_bridge $NODE $ROUTER_NET | ||
145 | netjail_node_clear $NODE | ||
146 | done | 140 | done |
147 | 141 | ||
148 | ROUTER=$(netjail_print_name "R" $N) | 142 | netjail_node_unlink_bridge ${ROUTER_LINKS[$N]} |
149 | 143 | netjail_bridge_clear ${ROUTER_NETS[$N]} | |
150 | netjail_bridge_clear $ROUTER_NET | 144 | netjail_node_unlink_bridge ${NETWORK_LINKS[$N]} |
151 | netjail_node_unlink_bridge $ROUTER $NETWORK_NET | 145 | netjail_node_clear ${ROUTERS[$N]} |
152 | netjail_node_clear $ROUTER | ||
153 | done | 146 | done |
154 | 147 | ||
155 | netjail_bridge_clear $NETWORK_NET | 148 | netjail_bridge_clear $NETWORK_NET |
@@ -162,7 +155,7 @@ trapped_cleanup() { | |||
162 | cleanup | 155 | cleanup |
163 | } | 156 | } |
164 | 157 | ||
165 | trap 'trapped_cleanup' 2 | 158 | trap 'trapped_cleanup' ERR |
166 | 159 | ||
167 | netjail_waitall $WAITING | 160 | netjail_waitall $WAITING |
168 | netjail_killall $KILLING | 161 | netjail_killall $KILLING |
diff --git a/contrib/services/systemd/Makefile.am b/contrib/services/systemd/Makefile.am index 39a6f2a81..ec2ff7704 100644 --- a/contrib/services/systemd/Makefile.am +++ b/contrib/services/systemd/Makefile.am | |||
@@ -1,7 +1,10 @@ | |||
1 | pkginitdir= $(pkgdatadir)/services/systemd | 1 | pkginitdir= $(pkgdatadir)/services/systemd |
2 | 2 | ||
3 | pkginit_DATA = \ | 3 | pkginit_DATA = \ |
4 | gnunet.service | 4 | gnunet.service \ |
5 | gnunet-user.service \ | ||
6 | sysusers-gnunet.conf \ | ||
7 | tmpfiles-gnunet.conf | ||
5 | 8 | ||
6 | EXTRA_DIST = \ | 9 | EXTRA_DIST = \ |
7 | $(pkginit_DATA) | 10 | $(pkginit_DATA) |
diff --git a/contrib/services/systemd/gnunet-user.service b/contrib/services/systemd/gnunet-user.service new file mode 100644 index 000000000..c9d3be0ad --- /dev/null +++ b/contrib/services/systemd/gnunet-user.service | |||
@@ -0,0 +1,11 @@ | |||
1 | # Typically to be place into /usr/lib/systemd/user/gnunet.service | ||
2 | [Unit] | ||
3 | Description=GNUnet user service | ||
4 | After=network.target | ||
5 | |||
6 | [Service] | ||
7 | Type=simple | ||
8 | ExecStart=/usr/lib/gnunet/libexec/gnunet-service-arm -c ~/.config/gnunet.conf | ||
9 | |||
10 | [Install] | ||
11 | WantedBy=multi-user.target | ||
diff --git a/contrib/services/systemd/gnunet.service b/contrib/services/systemd/gnunet.service index 1c458cea6..daa38a046 100644 --- a/contrib/services/systemd/gnunet.service +++ b/contrib/services/systemd/gnunet.service | |||
@@ -1,15 +1,14 @@ | |||
1 | # Copyright (C) 2019 GNUnet e.V. | 1 | # Typically placed into /usr/lib/systemd/system/gnunet.service |
2 | # | ||
3 | # Copying and distribution of this file, with or without modification, | ||
4 | # are permitted in any medium without royalty provided the copyright | ||
5 | # notice and this notice are preserved. This file is offered as-is, | ||
6 | # without any warranty. | ||
7 | |||
8 | [Unit] | 2 | [Unit] |
9 | Description=Service that runs a GNUnet for the user gnunet | 3 | Description=GNUnet system service |
10 | After=network.target | 4 | After=network.target |
11 | 5 | ||
12 | [Service] | 6 | [Service] |
13 | User=gnunet | ||
14 | Type=simple | 7 | Type=simple |
8 | User=gnunet | ||
15 | ExecStart=/usr/lib/gnunet/libexec/gnunet-service-arm -c /etc/gnunet.conf | 9 | ExecStart=/usr/lib/gnunet/libexec/gnunet-service-arm -c /etc/gnunet.conf |
10 | StateDirectory=gnunet | ||
11 | StateDirectoryMode=0700 | ||
12 | |||
13 | [Install] | ||
14 | WantedBy=multi-user.target | ||
diff --git a/contrib/services/systemd/sysusers-gnunet.conf b/contrib/services/systemd/sysusers-gnunet.conf new file mode 100644 index 000000000..b7b8abeed --- /dev/null +++ b/contrib/services/systemd/sysusers-gnunet.conf | |||
@@ -0,0 +1,4 @@ | |||
1 | # Typically placed into /usr/lib/sysusers.d/gnunet.conf | ||
2 | g gnunet - | ||
3 | u gnunet - "GNUnet system account" /var/lib/gnunet | ||
4 | g gnunetdns - | ||
diff --git a/contrib/services/systemd/tmpfiles-gnunet.conf b/contrib/services/systemd/tmpfiles-gnunet.conf new file mode 100644 index 000000000..ffffa3284 --- /dev/null +++ b/contrib/services/systemd/tmpfiles-gnunet.conf | |||
@@ -0,0 +1,10 @@ | |||
1 | # Typically placed into /usr/lib/tmpfiles.d/gnunet.conf | ||
2 | d /var/lib/gnunet 0700 gnunet gnunet - - | ||
3 | z /usr/lib/gnunet/gnunet-helper-dns 4750 root gnunetdns - - | ||
4 | z /usr/lib/gnunet/gnunet-service-dns 2750 gnunet gnunetdns - - | ||
5 | z /usr/lib/gnunet/libexec/gnunet-helper-vpn 4750 root root - - | ||
6 | z /usr/lib/gnunet/libexec/gnunet-helper-transport-wlan 4750 root root - - | ||
7 | z /usr/lib/gnunet/libexec/gnunet-helper-transport-bluetooth 4750 root root - - | ||
8 | z /usr/lib/gnunet/libexec/gnunet-helper-exit 4750 root root - - | ||
9 | z /usr/lib/gnunet/libexec/gnunet-helper-nat-server 4750 root root - - | ||
10 | z /usr/lib/gnunet/libexec/gnunet-helper-nat-client 4750 root root - - | ||