[gentoo-commits] repo/gentoo:master commit in: net-vpn/headscale/files/

Mon, 15 Aug 2022 01:30:45 -0700 

commit:     8cab9d61c56949f4c96b07fd3705788a0ac31557
Author:     Yixun Lan <dlan <AT> gentoo <DOT> org>
AuthorDate: Mon Aug 15 08:28:08 2022 +0000
Commit:     Yixun Lan <dlan <AT> gentoo <DOT> org>
CommitDate: Mon Aug 15 08:30:04 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8cab9d61

net-vpn/headscale: correct permission issue

make sure the path of headscale has right permission

Signed-off-by: Yixun Lan <dlan <AT> gentoo.org>

 net-vpn/headscale/files/config-socket.patch |  6 +++---
 net-vpn/headscale/files/headscale.initd     | 12 +++++++++---
 2 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/net-vpn/headscale/files/config-socket.patch 
b/net-vpn/headscale/files/config-socket.patch
index 4d6c90e3f0f5..73de6b6578d1 100644
--- a/net-vpn/headscale/files/config-socket.patch
+++ b/net-vpn/headscale/files/config-socket.patch
@@ -1,13 +1,13 @@
 diff --git a/config-example.yaml b/config-example.yaml
-index dee25cb..007d8ec 100644
+index d3d155e..a070c22 100644
 --- a/config-example.yaml
 +++ b/config-example.yaml
-@@ -202,7 +202,7 @@ dns_config:
+@@ -208,7 +208,7 @@ dns_config:
  # Unix socket used for the CLI to connect without authentication
  # Note: for local development, you probably want to change this to:
  # unix_socket: ./headscale.sock
 -unix_socket: /var/run/headscale.sock
-+unix_socket: /run/headscale.sock
++unix_socket: /run/headscale/headscale.sock
  unix_socket_permission: "0770"
  #
  # headscale supports experimental OpenID connect support,

diff --git a/net-vpn/headscale/files/headscale.initd 
b/net-vpn/headscale/files/headscale.initd
index 5a98c0e6cb34..f43b3a55af38 100644
--- a/net-vpn/headscale/files/headscale.initd
+++ b/net-vpn/headscale/files/headscale.initd
@@ -8,6 +8,7 @@ user="${HEADSCALE_USER}:${HEADSCALE_GROUP}"
 directory="/var/lib/headscale"
 output_log="/var/log/headscale.log"
 error_log="/var/log/headscale.log"
+private_key="/var/lib/headscale/private.key"
 
 start_stop_daemon_args="--user \"${user}\" ${HEADSCALE_OPTIONS} --background"
 
@@ -23,7 +24,12 @@ start_pre() {
        fi
 
        checkpath -d -m 700 -o "${user}" /run/headscale /var/lib/headscale
-       checkpath -f -m 600 -o "${user}" /var/lib/headscale/db.sqlite 
/var/log/headscale.log
-       checkpath -f -m 600 -o "${user}" /etc/headscale/config.yaml
-}
+       checkpath -f -m 600 -o "${user}" \
+               /var/lib/headscale/db.sqlite \
+               /var/log/headscale.log \
+               /etc/headscale/config.yaml
 
+       if [[ -f ${private_key} ]]; then
+               checkpath -f -m 600 -o "${user}" ${private_key}
+       fi
+}

Reply via email to