From b515601c9c8d49b415fe7f98baf2110475fecaec Mon Sep 17 00:00:00 2001 From: Steven Armstrong Date: Thu, 23 Jul 2015 22:05:55 +0200 Subject: [PATCH] create /var/run/consul with permissions suitable for storing unix sockets Signed-off-by: Steven Armstrong --- .../type/__consul_agent/files/consul-prepare.upstart | 9 +++++++++ cdist/conf/type/__consul_agent/files/consul.systemd | 5 +++++ cdist/conf/type/__consul_agent/files/consul.sysv-debian | 7 ++++++- cdist/conf/type/__consul_agent/files/consul.sysv-redhat | 4 +++- cdist/conf/type/__consul_agent/manifest | 9 +++++++-- 5 files changed, 30 insertions(+), 4 deletions(-) create mode 100644 cdist/conf/type/__consul_agent/files/consul-prepare.upstart diff --git a/cdist/conf/type/__consul_agent/files/consul-prepare.upstart b/cdist/conf/type/__consul_agent/files/consul-prepare.upstart new file mode 100644 index 00000000..569220d1 --- /dev/null +++ b/cdist/conf/type/__consul_agent/files/consul-prepare.upstart @@ -0,0 +1,9 @@ +start on starting consul + +task + +script + mkdir -p /var/run/consul + chown consul:consul /var/run/consul + chmod 2770 /var/run/consul +end script diff --git a/cdist/conf/type/__consul_agent/files/consul.systemd b/cdist/conf/type/__consul_agent/files/consul.systemd index db624fd1..8d5fd323 100644 --- a/cdist/conf/type/__consul_agent/files/consul.systemd +++ b/cdist/conf/type/__consul_agent/files/consul.systemd @@ -7,6 +7,11 @@ After=basic.target network.target User=consul Group=consul Environment="GOMAXPROCS=2" +# Run ExecStartPre with root-permissions +PermissionsStartOnly=true +ExecStartPre=/usr/bin/mkdir -p /var/run/consul +ExecStartPre=/usr/bin/chown consul:consul /var/run/consul +ExecStartPre=/usr/bin/chmod 2770 /var/run/consul ExecStart=/usr/local/bin/consul agent -config-dir /etc/consul/conf.d ExecReload=/bin/kill -HUP $MAINPID KillMode=process diff --git a/cdist/conf/type/__consul_agent/files/consul.sysv-debian b/cdist/conf/type/__consul_agent/files/consul.sysv-debian index f4498041..a75c555d 100644 --- a/cdist/conf/type/__consul_agent/files/consul.sysv-debian +++ b/cdist/conf/type/__consul_agent/files/consul.sysv-debian @@ -1,6 +1,7 @@ #!/bin/sh # # 2015 Nico Schottelius (nico-cdist at schottelius.org) +# 2015 Steven Armstrong (steven-cdist at armstrong.cc) # # This file is part of cdist. # @@ -29,6 +30,10 @@ CONSUL=/usr/local/bin/consul CONFIG=/etc/$NAME/conf.d PID_FILE=/var/run/$NAME/pidfile +mkdir -p /var/run/$NAME +chown consul:consul /var/run/$NAME +chmod 2770 /var/run/$NAME + export PATH="${PATH:+$PATH:}/usr/sbin:/sbin" case "$1" in @@ -51,7 +56,7 @@ case "$1" in log_end_msg 1 || true fi ;; - + reload) log_daemon_msg "Reloading consul agent" "consul" || true if start-stop-daemon --stop --signal HUP --quiet --oknodo --pidfile $PID_FILE --exec $CONSUL; then diff --git a/cdist/conf/type/__consul_agent/files/consul.sysv-redhat b/cdist/conf/type/__consul_agent/files/consul.sysv-redhat index 9a2aaeb2..44fd8737 100644 --- a/cdist/conf/type/__consul_agent/files/consul.sysv-redhat +++ b/cdist/conf/type/__consul_agent/files/consul.sysv-redhat @@ -22,7 +22,9 @@ LOG_FILE=/var/log/$NAME export GOMAXPROCS=${GOMAXPROCS:-2} mkdir -p /var/run/$NAME -chown consul /var/run/$NAME +chown consul:consul /var/run/$NAME +chmod 2770 /var/run/$NAME + start() { echo -n "Starting $NAME: " diff --git a/cdist/conf/type/__consul_agent/manifest b/cdist/conf/type/__consul_agent/manifest index f8cace94..053c9e80 100755 --- a/cdist/conf/type/__consul_agent/manifest +++ b/cdist/conf/type/__consul_agent/manifest @@ -160,10 +160,15 @@ init_systemd() init_upstart() { - __file /etc/init/consul.conf \ + __file /etc/init/consul-prepare.conf \ --owner root --group root --mode 0644 \ --state "$state" \ - --source "$__type/files/consul.upstart" + --source "$__type/files/consul-prepare.upstart" + require="__file/etc/init/consul-prepare.conf" \ + __file /etc/init/consul.conf \ + --owner root --group root --mode 0644 \ + --state "$state" \ + --source "$__type/files/consul.upstart" require="__file/etc/init/consul.conf" __start_on_boot consul }