36a55958f3
- drop privilegies in ejabberdctl - add README.OpenBSD from maintainer Wiktor Izdebski; with tweaks from me tested by Wiktor Izdebski, Simon Kuhnle and sthen@ ok sthen@
170 lines
4.7 KiB
Plaintext
170 lines
4.7 KiB
Plaintext
$OpenBSD: patch-src_ejabberdctl_template,v 1.1 2008/06/02 18:13:15 martynas Exp $
|
|
--- src/ejabberdctl.template.orig Tue May 20 12:22:03 2008
|
|
+++ src/ejabberdctl.template Sun Jun 1 21:08:43 2008
|
|
@@ -1,7 +1,7 @@
|
|
#!/bin/sh
|
|
|
|
# define default configuration
|
|
-POLL=true
|
|
+POLL=false
|
|
SMP=auto
|
|
ERL_MAX_PORTS=32000
|
|
ERL_PROCESSES=250000
|
|
@@ -9,15 +9,17 @@ ERL_MAX_ETS_TABLES=1400
|
|
|
|
# define default environment variables
|
|
NODE=ejabberd
|
|
-HOST=localhost
|
|
+HOST=`hostname -s`
|
|
ERLANG_NODE=$NODE@$HOST
|
|
ROOTDIR=@rootdir@
|
|
-EJABBERD_CONFIG_PATH=$ROOTDIR/etc/ejabberd/ejabberd.cfg
|
|
-LOGS_DIR=$ROOTDIR/var/log/ejabberd/
|
|
-EJABBERD_DB=$ROOTDIR/var/lib/ejabberd/db/$NODE
|
|
+EJABBERD_CONFIG_PATH=${SYSCONFDIR}/ejabberd/ejabberd.cfg
|
|
+LOGS_DIR=${EJLOGDIR}
|
|
+EJABBERD_DB=${EJDBDIR}/$NODE
|
|
+ID=`id -g`
|
|
+EJID=`id -g ${JABBERDUSER}`
|
|
|
|
# read custom configuration
|
|
-CONFIG=$ROOTDIR/etc/ejabberd/ejabberdctl.cfg
|
|
+CONFIG=${SYSCONFDIR}/ejabberd/ejabberdctl.cfg
|
|
[ -f "$CONFIG" ] && . "$CONFIG"
|
|
|
|
# parse command line parameters
|
|
@@ -36,23 +38,33 @@ while [ $# -ne 0 ] ; do
|
|
esac
|
|
done
|
|
|
|
+NODE="${ERLANG_NODE%@*}"
|
|
+EJABBERD_DB=${EJDBDIR}/$NODE
|
|
+
|
|
NAME=-name
|
|
[ "$ERLANG_NODE" = "${ERLANG_NODE%.*}" ] && NAME=-sname
|
|
|
|
ERLANG_OPTS="+K $POLL -smp $SMP +P $ERL_PROCESSES"
|
|
|
|
# define additional environment variables
|
|
-EJABBERD_EBIN=$ROOTDIR/var/lib/ejabberd/ebin
|
|
-EJABBERD_MSGS_PATH=$ROOTDIR/var/lib/ejabberd/priv/msgs
|
|
-EJABBERD_SO_PATH=$ROOTDIR/var/lib/ejabberd/priv/lib
|
|
-EJABBERD_BIN_PATH=$ROOTDIR/var/lib/ejabberd/priv/bin
|
|
-EJABBERD_LOG_PATH=$LOGS_DIR/ejabberd.log
|
|
-SASL_LOG_PATH=$LOGS_DIR/sasl.log
|
|
+EJABBERD_EBIN=${LOCALBASE}/lib/ejabberd/ebin
|
|
+EJABBERD_MSGS_PATH=${LOCALBASE}/lib/ejabberd/priv/msgs
|
|
+EJABBERD_SO_PATH=${LOCALBASE}/lib/ejabberd/priv/lib
|
|
+EJABBERD_BIN_PATH=${LOCALBASE}/lib/ejabberd/priv/bin
|
|
+EJABBERD_LOG_PATH=$LOGS_DIR/${NODE}.log
|
|
+SASL_LOG_PATH=$LOGS_DIR/${NODE}_sasl.log
|
|
DATETIME=`date "+%Y%m%d-%H%M%S"`
|
|
ERL_CRASH_DUMP=$LOGS_DIR/erl_crash_$DATETIME.dump
|
|
-ERL_INETRC=$ROOTDIR/etc/ejabberd/inetrc
|
|
-HOME=$ROOTDIR/var/lib/ejabberd
|
|
+ERL_INETRC=${SYSCONFDIR}/ejabberd/inetrc
|
|
+HOME=${EJDBDIR}
|
|
|
|
+# make sure we execute commands as proper user
|
|
+if [ $ID -eq 0 ]; then
|
|
+ EXEC_CMD='sudo -u ${JABBERDUSER}'
|
|
+else
|
|
+ EXEC_CMD=''
|
|
+fi
|
|
+
|
|
# export global variables
|
|
export EJABBERD_CONFIG_PATH
|
|
export EJABBERD_MSGS_PATH
|
|
@@ -63,23 +75,24 @@ export ERL_CRASH_DUMP
|
|
export ERL_INETRC
|
|
export ERL_MAX_PORTS
|
|
export ERL_MAX_ETS_TABLES
|
|
+export EXEC_CMD
|
|
export HOME
|
|
|
|
-[ -d $EJABBERD_DB ] || mkdir -p $EJABBERD_DB
|
|
-[ -d $LOGS_DIR ] || mkdir -p $LOGS_DIR
|
|
-
|
|
# Compatibility in ZSH
|
|
#setopt shwordsplit 2>/dev/null
|
|
|
|
# start server
|
|
start ()
|
|
{
|
|
- erl \
|
|
+ $EXEC_CMD ${LOCALBASE}/bin/erl \
|
|
$NAME $ERLANG_NODE \
|
|
-noinput -detached \
|
|
-pa $EJABBERD_EBIN \
|
|
+ -kernel inetrc \"${ERL_INETRC}\" \
|
|
-mnesia dir "\"$EJABBERD_DB\"" \
|
|
-s ejabberd \
|
|
+ -ejabberd config \"${EJABBERD_CONFIG_PATH}\" \
|
|
+ log_path \"${EJABBERD_LOG_PATH}\" \
|
|
-sasl sasl_error_logger \{file,\"$SASL_LOG_PATH\"\} \
|
|
$ERLANG_OPTS $ARGS "$@"
|
|
}
|
|
@@ -103,7 +116,7 @@ debug ()
|
|
echo "Press any key to continue"
|
|
read foo
|
|
echo ""
|
|
- erl \
|
|
+ $EXEC_CMD ${LOCALBASE}/bin/erl \
|
|
$NAME ${NODE}debug \
|
|
-remsh $ERLANG_NODE \
|
|
$ERLANG_OPTS $ARGS "$@"
|
|
@@ -127,19 +140,22 @@ live ()
|
|
echo "Press any key to continue"
|
|
read foo
|
|
echo ""
|
|
- erl \
|
|
+ $EXEC_CMD ${LOCALBASE}/bin/erl \
|
|
$NAME $ERLANG_NODE \
|
|
$ERLANG_OPTS \
|
|
-pa $EJABBERD_EBIN \
|
|
+ -kernel inetrc \"${ERL_INETRC}\" \
|
|
-mnesia dir "\"$EJABBERD_DB\"" \
|
|
-s ejabberd \
|
|
+ -ejabberd config \"${EJABBERD_CONFIG_PATH}\" \
|
|
+ log_path \"${EJABBERD_LOG_PATH}\" \
|
|
$ERLANG_OPTS $ARGS "$@"
|
|
}
|
|
|
|
# common control function
|
|
ctl ()
|
|
{
|
|
- erl \
|
|
+ $EXEC_CMD ${LOCALBASE}/bin/erl \
|
|
$NAME ejabberdctl \
|
|
-noinput \
|
|
-pa $EJABBERD_EBIN \
|
|
@@ -159,6 +175,7 @@ ctl ()
|
|
echo " --ctl-config file Config file of ejabberdctl: $CONFIG"
|
|
echo " --logs dir Directory for logs: $LOGS_DIR"
|
|
echo " --spool dir Database spool dir: $EJABBERD_DB"
|
|
+ echo " --node node_name Ejabberd node name: $ERLANG_NODE"
|
|
echo "";;
|
|
esac
|
|
return $result
|
|
@@ -170,6 +187,20 @@ usage ()
|
|
ctl
|
|
exit
|
|
}
|
|
+
|
|
+# check if we're a user that can execute commands
|
|
+if [ "$ID" -ne 0 -a "$ID" -ne "$EJID" ]; then
|
|
+ echo "this command can only be run by root or the _ejabberd user" >&2
|
|
+ EXEC_CMD='false'
|
|
+ usage
|
|
+fi
|
|
+
|
|
+if [ ! -d $EJABBERD_DB -o ! -w $EJABBERD_DB ] ; then
|
|
+ if [ ! -d ${EJABBERD_DB%/*} -o ! -w ${EJABBERD_DB%/*} ] ; then
|
|
+ echo "${EJABBERD_DB} does not exist and I can't create it!"
|
|
+ exit 1
|
|
+ fi
|
|
+fi
|
|
|
|
case $ARGS in
|
|
' start') start;;
|