|
version 1.97, 2024/11/26 23:54:22
|
version 1.98, 2024/11/27 16:24:20
|
|
Line 2989 sub check_systemd_update {
|
Line 2989 sub check_systemd_update {
|
| if (-d '/etc/systemd/system/'.$service.'.d') { |
if (-d '/etc/systemd/system/'.$service.'.d') { |
| if (-e '/etc/systemd/system/'.$service.'.d/override.conf') { |
if (-e '/etc/systemd/system/'.$service.'.d/override.conf') { |
| if (open(my $fh,'<','/etc/systemd/system/'.$service.'.d/override.conf')) { |
if (open(my $fh,'<','/etc/systemd/system/'.$service.'.d/override.conf')) { |
| my ($category,$addservice,$protectoff,$changeprot,$suidsgidok,$changesug, |
my ($category,$addservice,$needs_update,$linenum,%is_no,%lines, |
| $linenum,%lines,@move,@nocat,@ordered); |
@move,@nocat,@ordered); |
| $linenum = 0; |
$linenum = 0; |
| while (my $entry = <$fh>) { |
while (my $entry = <$fh>) { |
| $linenum ++; |
$linenum ++; |
|
Line 2998 sub check_systemd_update {
|
Line 2998 sub check_systemd_update {
|
| if ($entry =~ /^\s*\[([^\]]+)\]\s*$/) { |
if ($entry =~ /^\s*\[([^\]]+)\]\s*$/) { |
| $category = $1; |
$category = $1; |
| if ($category =~ /^Service$/i) { |
if ($category =~ /^Service$/i) { |
| push(@ordered,'Service'); |
unless (grep(/^Service$/,@ordered)) { |
| } else { |
push(@ordered,'Service'); |
| push(@ordered,$category); |
|
| } |
|
| } elsif ($entry =~ /^ProtectHome\s*=\s*([\w-]+)\s*$/) { |
|
| my $value = $1; |
|
| next if ($protectoff); |
|
| if (lc($value) eq 'no') { |
|
| if ($category =~ /^Service$/i) { |
|
| push(@{$lines{'Service'}},$entry); |
|
| } else { |
|
| push(@move,$entry); |
|
| $changeprot = $linenum; |
|
| } |
} |
| } else { |
} else { |
| if ($category =~ /^Service$/i) { |
unless (grep(/^\Q$category\E$/,@ordered)) { |
| push(@{$lines{'Service'}},'ProtectHome=no'); |
push(@ordered,$category); |
| } else { |
|
| push(@move,'ProtectHome=no'); |
|
| } |
} |
| $changeprot = $linenum; |
|
| } |
} |
| $protectoff = $linenum; |
} elsif ($entry =~ /^(ProtectHome|RestrictSUIDSGID)\s*=\s*([\w-]+)\s*$/) { |
| } elsif ($entry =~ /^RestrictSUIDSGID\s*=\s*([\w-]+)\s*$/) { |
my ($key,$value) = ($1,$2); |
| my $value = $1; |
next if ($is_no{$key}); |
| next if ($suidsgidok); |
|
| if (lc($value) eq 'no') { |
if (lc($value) eq 'no') { |
| if ($category =~ /^Service$/i) { |
if ($category =~ /^Service$/i) { |
| push(@{$lines{'Service'}},$entry); |
push(@{$lines{'Service'}},$entry); |
| } else { |
} else { |
| push(@move,$entry); |
push(@move,$entry); |
| $changesug = $linenum; |
$needs_update = 1; |
| } |
} |
| } else { |
} else { |
| |
my $offstr = $key.'=no'; |
| if ($category =~ /^Service$/i) { |
if ($category =~ /^Service$/i) { |
| push(@{$lines{'Service'}},'RestrictSUIDSGID=no'); |
push(@{$lines{'Service'}},$offstr); |
| } else { |
} else { |
| push(@move,'RestrictSUIDSGID=no'); |
push(@move,$offstr); |
| } |
} |
| $changesug = $linenum; |
$needs_update = 1; |
| } |
} |
| $suidsgidok = $linenum; |
$is_no{$key} = $linenum; |
| } else { |
} else { |
| next if ($entry =~ /^\s*$/); |
next if ($entry =~ /^\s*$/); |
| if ($category =~ /^Service$/i) { |
if ($category =~ /^Service$/i) { |
|
Line 3056 sub check_systemd_update {
|
Line 3042 sub check_systemd_update {
|
| $addservice = 1; |
$addservice = 1; |
| unshift(@ordered,'Service'); |
unshift(@ordered,'Service'); |
| } |
} |
| if (!$protectoff) { |
foreach my $item ('ProtectHome','RestrictSUIDSGID') { |
| push(@{$lines{'Service'}},'ProtectHome=no'); |
unless (exists($is_no{$item})) { |
| } |
push(@{$lines{'Service'}},$item.'=no'); |
| if (!$suidsgidok) { |
$needs_update = 1; |
| push(@{$lines{'Service'}},'RestrictSUIDSGID=no'); |
} |
| } |
} |
| if ($addservice || $changeprot || !$protectoff || $changesug || !$suidsgidok) { |
if ($addservice || $needs_update) { |
| if (open(my $fh,'>','/etc/systemd/system/'.$service.'.d/override.conf')) { |
if (open(my $fh,'>','/etc/systemd/system/'.$service.'.d/override.conf')) { |
| if (@ordered) { |
if (@ordered) { |
| foreach my $category (@ordered) { |
foreach my $category (@ordered) { |
|
Line 3075 sub check_systemd_update {
|
Line 3061 sub check_systemd_update {
|
| if ($category eq 'Service') { |
if ($category eq 'Service') { |
| if (@move) { |
if (@move) { |
| foreach my $item (@move) { |
foreach my $item (@move) { |
| if ($item =~ /^ProtectHome\s*=\s*no\s*$/i) { |
if ($item =~ /^(ProtectHome|RestrictSUIDSGID)\s*=\s*no\s*$/i) { |
| unless (grep/^ProtectHome\s*=\s*no\s*$/i,@{$lines{$category}}) { |
my $key = $1; |
| print $fh "$item\n"; |
unless (grep/^$key\s*=\s*no\s*$/i,@{$lines{$category}}) { |
| } |
|
| } elsif ($item =~ /^RestrictSUIDSGID\s*=\s*no\s*$/i) { |
|
| unless (grep/^RestrictSUIDSGID\s*=\s*no\s*$/i,@{$lines{$category}}) { |
|
| print $fh "$item\n"; |
print $fh "$item\n"; |
| } |
} |
| } else { |
} else { |
|
Line 3115 sub check_systemd_update {
|
Line 3098 sub check_systemd_update {
|
| close($fh); |
close($fh); |
| print_and_log('Created /etc/systemd/system/'.$service.'.d/override.conf'); |
print_and_log('Created /etc/systemd/system/'.$service.'.d/override.conf'); |
| system('systemctl daemon-reload'); |
system('systemctl daemon-reload'); |
| |
} else { |
| |
print_and_log('Could not open /etc/systemd/system/'.$service.'.d/override.conf for writing.'); |
| } |
} |
| } |
} |
| } else { |
} else { |
![[BACK]](/icons/back.gif){kind=icon}
Return to install.pl CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / doc / install / linux