Package: ahcpd Version: 0.53-3 Severity: normal Dear Maintainer,
Please consider adding a native systemd unit masking the init script (fixes the lintian tag in subject). The init script looks pretty straight forward and should probably easily convert to a unit very similar to an example from the documentation. Since the daemon supports either forking or not (-D), you can use either Type=forking or Type=simple (with or without -D flag). (Even better would be if the service supported signaling readiness via sd_notify "READY=1", which if implemented means you could use Type=notify instead.) I'm attaching my completely untested attempt at a service file you could simply drop into debian/ahcpd.service and then debhelper should do the rest of the magic. If there are any questions please feel free to reach out. I'll happily help out with improvements if you provide the testing and review (as I don't actually use ahcpd myself). One thing you might want to improve in the service file is the security hardening settings. This requires intimate knowledge of what the daemon does and what it needs access to, so I did not attempt this myself. Even if it's not super tightly hardened, even just basic settings can likely go a long way as a service running as root exposed on the network would be a likely candidate for an attacker to try to penetrate. Regards, Andreas Henriksson
[Unit] Description=Ad-Hoc Configuration Protocol Documentation=man:ahcpd(8) After=network.target [Service] Type=forking PIDFile=/run/ahcpd.pid EnvironmentFile=/etc/default/ahcpd #ExecStartPre=/bin/sh -c 'if [ -z "$INTERFACES" ]; then echo "no interfaces to operate on"; exit 1 ; fi' ExecStart=/usr/sbin/ahcpd -D $DAEMON_ARGS -- $INTERFACES Restart=on-failure #TODO: security hardening flags
