mirror of
https://anongit.gentoo.org/git/repo/gentoo.git
synced 2025-12-21 10:50:54 +00:00
5b41b4fb3fThe pgagent daemon used to run as root, which can be dangerous. That system user is used to execute the database jobs, meaning that a non-root user with permission to schedule pgagent jobs could gain root. This new revision creates a dedicated "pgagent" system user, and the new init script launches the daemon as that user. An ewarn lets users know that some migration work may be needed. Gentoo-Bug: 537264 Package-Manager: Portage-2.3.6, Repoman-2.3.1
31 lines
837 B
Text
31 lines
837 B
Text
#!/sbin/openrc-run
|
|
# Copyright 1999-2017 Gentoo Foundation
|
|
# Distributed under the terms of the GNU General Public License v2
|
|
|
|
command="/usr/bin/pgagent"
|
|
command_user="pgagent"
|
|
|
|
# If pgagent daemonizes itself, it won't write a PID file and
|
|
# we have to work a little harder to stop() it. So let it run
|
|
# in the foreground, and have OpenRC manage its PID file.
|
|
command_args="-f
|
|
-t ${PGA_POLL}
|
|
-r ${PGA_RETRY}
|
|
-s ${PGA_LOG}
|
|
-l ${PGA_LEVEL}
|
|
hostaddr=${PG_HOST}
|
|
dbname=${PG_DBNAME}
|
|
user=${PG_USER}"
|
|
|
|
command_background="true"
|
|
pidfile="/run/pgagent.pid"
|
|
|
|
depend() {
|
|
use net
|
|
need postgresql
|
|
}
|
|
|
|
start_pre() {
|
|
# The log file needs to be writable by the daemon user.
|
|
checkpath --file --owner root:pgagent --mode 0660 "${PGA_LOG}"
|
|
}
|