Spec URL: http://cicku.me/dhcpy6d.spec SRPM URL: http://cicku.me/dhcpy6d-0.1.3-1.fc20.src.rpm Description: Dhcpy6d delivers IPv6 addresses for DHCPv6 clients, which can be identified by DUID, hostname or MAC address as in the good old IPv4 days. It allows easy dualstack transistion, addresses may be generated randomly, by range, by arbitrary ID or MAC address. Clients can get more than one address, leases and client configuration can be stored in databases and DNS can be updated dynamically. Fedora Account System Username: cicku
I'd like to review this. Could you update the package for 0.2?
(In reply to Ian Weller from comment #1) > I'd like to review this. > > Could you update the package for 0.2? OK, please wait.(This software has released many versions recently :( )
NEW Spec URL: http://cicku.me/dhcpy6d.spec NEW SRPM URL: http://cicku.me/dhcpy6d-0.2-1.fc20.src.rpm
There are few problems: 1. the log file must not be the part of rpm, use: %exclude %{_localstatedir}/log/%{name}.log The log file should be still created in the %post section. 2. normally a daemon needs to be installed under /usr/sbin, so: %{__python} setup.py install --skip-build --prefix=%{_prefix} --install-scripts=%{_sbindir} --root=%{buildroot} and in the %files section: %{_sbindir}/%{name} 3. Group: System Environment/Daemons A bit more difficult problem is converting dhcpy6d to run as non-proviledged user, perform user creation/removal in the %pre/%preun sections, and write the corresponding systemd service file (the current one is not working). I'm working on a dhcpy6d.spec, based on yours, for other distributions: EL6, openSUSE: https://build.opensuse.org/package/show?package=dhcpy6d&project=home%3Amarcindulak
(In reply to Marcin.Dulak from comment #4) > There are few problems: > > 1. the log file must not be the part of rpm, use: > %exclude %{_localstatedir}/log/%{name}.log > The log file should be still created in the %post section. I forgot to remove this, I'll fix it. > 2. normally a daemon needs to be installed under /usr/sbin, so: > %{__python} setup.py install --skip-build --prefix=%{_prefix} > --install-scripts=%{_sbindir} --root=%{buildroot} > and in the %files section: > %{_sbindir}/%{name} We don't need to do this unless you consider this is a MUST. > 3. Group: System Environment/Daemons I don't give every my package a Group tag, Group tag in Fedora is not a MUST. > A bit more difficult problem is converting dhcpy6d > to run as non-proviledged user, perform user creation/removal in the > %pre/%preun > sections, and write the corresponding systemd service file (the current one > is not working). Yeah, can you tell me why you want it to run as non-root user?(I need an answer)
(In reply to Christopher Meng from comment #5) > (In reply to Marcin.Dulak from comment #4) > > There are few problems: > > > > 1. the log file must not be the part of rpm, use: > > %exclude %{_localstatedir}/log/%{name}.log > > The log file should be still created in the %post section. > > I forgot to remove this, I'll fix it. > > > 2. normally a daemon needs to be installed under /usr/sbin, so: > > %{__python} setup.py install --skip-build --prefix=%{_prefix} > > --install-scripts=%{_sbindir} --root=%{buildroot} > > and in the %files section: > > %{_sbindir}/%{name} > > We don't need to do this unless you consider this is a MUST. i'm not sure. It seems this is what fhs still recommends: http://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard > > > 3. Group: System Environment/Daemons > > I don't give every my package a Group tag, Group tag in Fedora is not a MUST. > > > A bit more difficult problem is converting dhcpy6d > > to run as non-proviledged user, perform user creation/removal in the > > %pre/%preun > > sections, and write the corresponding systemd service file (the current one > > is not working). > > Yeah, can you tell me why you want it to run as non-root user?(I need an > answer) maybe starting as non-root is no longer recommended with systemd, but was a common practice with system V. I see for example that /usr/sbin/sshd runs as root on fedora 20, on the other hand http://twistedmatrix.com/documents/13.0.0/core/howto/systemd.html recommends non-root.
Hi, i prepared patches for the spec and service file: http://marcindulak.fedorapeople.org/packages/dhcpy6d/v01/dhcpy6d.spec.patch http://marcindulak.fedorapeople.org/packages/dhcpy6d/v01/dhcpy6d.service.patch Please review them. After these changes restart,start,stop of dhcpy6d.service works. I haven't tested any dhcpy6d functionality though. (In reply to Marcin.Dulak from comment #6) > (In reply to Christopher Meng from comment #5) > > (In reply to Marcin.Dulak from comment #4) > > > There are few problems: > > > > > > 1. the log file must not be the part of rpm, use: > > > %exclude %{_localstatedir}/log/%{name}.log > > > The log file should be still created in the %post section. > > > > I forgot to remove this, I'll fix it. > > > > > 2. normally a daemon needs to be installed under /usr/sbin, so: > > > %{__python} setup.py install --skip-build --prefix=%{_prefix} > > > --install-scripts=%{_sbindir} --root=%{buildroot} > > > and in the %files section: > > > %{_sbindir}/%{name} > > > > We don't need to do this unless you consider this is a MUST. > i'm not sure. It seems this is what fhs still recommends: > http://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard > > > > > 3. Group: System Environment/Daemons > > > > I don't give every my package a Group tag, Group tag in Fedora is not a MUST. > > > > > A bit more difficult problem is converting dhcpy6d > > > to run as non-proviledged user, perform user creation/removal in the > > > %pre/%preun > > > sections, and write the corresponding systemd service file (the current one > > > is not working). > > > > Yeah, can you tell me why you want it to run as non-root user?(I need an > > answer) > maybe starting as non-root is no longer recommended with systemd, but was a > common practice with system V. I see for example that /usr/sbin/sshd runs as > root on fedora 20, on the other hand > http://twistedmatrix.com/documents/13.0.0/core/howto/systemd.html recommends > non-root.
(In reply to Marcin.Dulak from comment #7) Hi, Thanks for your patch, I will look into it later. After some discussion I finally decide to let dhcpy6d running under its own user/group. So I'll update the request later.
Some files are incorrect indeed, I've fixed. For the log file touch, should we need to touch that file? Currently I just removed the log in %install section. NEW Spec URL: http://cicku.me/dhcpy6d.spec NEW SRPM URL: http://cicku.me/dhcpy6d-0.2-2.fc20.src.rpm
(In reply to Christopher Meng from comment #8) > (In reply to Marcin.Dulak from comment #7) > > Hi, > > Thanks for your patch, I will look into it later. > > After some discussion I finally decide to let dhcpy6d running under its own > user/group. > running as non-priviledged user may require dhcpy6d working together with the authors of dhcpy6d, as the server wants to open a low port 547. So maybe let's leave it running as root for now. > So I'll update the request later.
(In reply to Christopher Meng from comment #9) > Some files are incorrect indeed, I've fixed. > > For the log file touch, should we need to touch that file? Currently I just > removed the log in %install section. yes, we need it. To test that: rm -f /var/log/dhcpy6d.log yum install dhcpy6d*.rpm systemctl start dhcpy6d grep "dhcpy6d: IOError" /var/log/messages In order to verify that dhcpy6d does not run correctly as non-priviledged user, do as root: touch /var/log/dhcpy6d.log systemctl start dhcpy6d # /var/log/dhcpy6d.log unwritable by dhcpy6d chown dhcpy6d:dhcpy6d /var/log/dhcpy6d.log systemctl start dhcpy6d grep "dhcpy6d: socket.error" /var/log/messages Let's focus on getting dhcpy6d to work as root. We have contacted the authors of dhcpy6d about running it as non-priviledged user. > > NEW Spec URL: http://cicku.me/dhcpy6d.spec > NEW SRPM URL: http://cicku.me/dhcpy6d-0.2-2.fc20.src.rpm
Updated. Please check again: NEW Spec URL: http://cicku.me/dhcpy6d.spec NEW SRPM URL: http://cicku.me/dhcpy6d-0.2-2.fc20.src.rpm
It works for me with settings from dhcpy6d.service.patch bug#961180#c7 (Type=simple and run as root). Can you test systemclt start/stop on your Fedora machine and confirm that Type=forking hangs? Different types are described in man systemd.service. I think it may be also a good practice to have syslog.target in After - dhcpy6d performs logging. There is one spelling left: dhcpy6d.noarch: W: spelling-error %description -l en_US dualstack -> dual stack, dual-stack
NotReady: we are waiting for the next release of dhcpy6d which will run as non-priviledged user. It's already on github https://github.com/HenriWahl/dhcpy6d , but not released yet.
Hi, any progress here? There is already a new version of dhcpy6d
(In reply to marcindulak from comment #15) > Hi, any progress here? There is already a new version of dhcpy6d Busy now, will update later.
I'll be closing this due to inactivity in one week