Date: Sat, 16 Dec 2017 10:48:34 -0800 From: Kevin Oberman <rkoberman@gmail.com> To: Dmytro Bilokha <dmytro@posteo.net> Cc: Miroslav Lachman <000.fbsd@quip.cz>, FreeBSD Ports ML <freebsd-ports@freebsd.org> Subject: Re: Setting system user home directory Message-ID: <CAN6yY1u-RumzVkAe1TGvR64=SYuY6c-FptW4GnsMX344oyk%2BxA@mail.gmail.com> In-Reply-To: <20171216170411.GA85559@wstan> References: <20171216094058.GA37778@wstan> <5A351515.1080805@quip.cz> <20171216135919.GA17551@wstan> <5A352BA5.9070403@quip.cz> <20171216170411.GA85559@wstan>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Dec 16, 2017 at 9:04 AM, Dmytro Bilokha <dmytro@posteo.net> wrote:
> On Sat, Dec 16, 2017 at 03:20:21PM +0100, Miroslav Lachman wrote:
>
>> Dmytro Bilokha wrote on 2017/12/16 14:59:
>>
>>> On Sat, Dec 16, 2017 at 01:44:05PM +0100, Miroslav Lachman wrote:
>>>
>>>> Dmytro Bilokha wrote on 2017/12/16 10:40:
>>>>
>>>>> Hello, Everyone!
>>>>>
>>>>> I'm trying to change www/payara port to make it run under the payara
>>>>> user instead of root.
>>>>> I've added the following line to the UIDs file:
>>>>>
>>>>> payara:*:221:221::0:0:Payara Application Server
>>>>> user:/nonexistent:/usr/sbin/nologin
>>>>>
>>>>> And this line to the port makefile:
>>>>>
>>>>> USERS= payara
>>>>>
>>>>> Also, I've made some another changes to the port's scripts to start
>>>>> service under payara user.
>>>>> Everything seems to be fine, but the service on start/shutdown creates
>>>>> some preferences files,
>>>>> caches, etc in the payara user's homedir.
>>>>> The problem is, that it is impossible to create these files in
>>>>> /nonexistent. This fact makes
>>>>> service to show some annoying warnings on every startup/shutdown.
>>>>> To make service to work properly I want to create directory writable by
>>>>> the payara user and
>>>>> set it as payara's homedir.
>>>>> And I don't want to put these dir under the /usr/home/, it should be
>>>>> somewhere in the application,
>>>>> like /usr/local/payara-4.1.2.173/prefs.
>>>>> As far as I understand, payara user will be created automatically by
>>>>> the
>>>>> bsd.port.pre.mk file included in the port's makefile. But, during
>>>>> every
>>>>> installation somehow payara user's homedir
>>>>> should be changed. I can do it with the following one-liner:
>>>>>
>>>>> /usr/sbin/pw usermod payara -d ${DATADIR}/prefs
>>>>>
>>>>> So, the questions are:
>>>>> 1. Is it a proper way of doing such kind of things?
>>>>> 2. Where in the port's makefile should I put my one-liner? Will it be
>>>>> OK
>>>>> to make it like this:
>>>>>
>>>>> .......head of the make file with setting variables and so on is
>>>>> here......
>>>>> .include <bsd.port.pre.mk>
>>>>> do-install:
>>>>> .........doing some work here......
>>>>> @/usr/sbin/pw usermod payara -d ${DATADIR}/prefs
>>>>> .include <bsd.port.post.mk>
>>>>> ....end of the makefile.....
>>>>>
>>>>> Many thanks for your attention and help.
>>>>>
>>>>
>>>> I don't know Payara but applications should not write its files to
>>>> /usr/local. This should work even if /usr/local is mounted Read Only.
>>>> If you need to store configuration (preferences) then it should be in
>>>> /usr/local/etc/payara.
>>>> If the application writes some data files like databases, it goes under
>>>> /var/db/payara and log in to /var/log/payara.log or /var/log/payara
>>>> (directory)
>>>>
>>>> Miroslav Lachman
>>>>
>>>
>>> Thanks for the information. Now I'm a little bit confused.
>>> I've checked and seems to me that nither www/tomcat85 (servlet
>>> container) nor www/glassfish and java/wildfly10 (application servers)
>>> ports follow this convention.
>>> All of them has directories for logs, configuration and Java
>>> applications under the
>>> /usr/local. Is there something special in Java servers ports?
>>>
>>
>>
>> I know there are ports not following this convention (and I don't
>> understand why). Those ports are making troubles if you want to serve
>> /usr/local as read only NFS for example.
>>
>> Miroslav Lachman
>>
>
> Ok, than I'll try to move everything writable from /usr/local to /var.
> I plan to put system user's caches and properties to the
> /var/payara/X.Y.Z/prefs,
> where X.Y.Z is an application's version.
> And this returns me to the first question: how to properly change user's
> home
> directory on port installation?
>
> --
> Dmytro Bilokha
> dmytro@posteo.net
> +38-050-607-41-43
>
How did you add the user? If you did not use the adduser script or vipw,
you must rebuild the database. pwd_mkdb. I would suggest always using vipw
as it automatically does everything
Kevin Oberman, Part time kid herder and retired Network Engineer
E-mail: rkoberman@gmail.com
PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAN6yY1u-RumzVkAe1TGvR64=SYuY6c-FptW4GnsMX344oyk%2BxA>