[users] fuse-davfs2 should add user davfs2

Ralph Angenendt ra+rpmforge at br-online.de
Fri Jan 18 13:54:38 CET 2008 

Moin

from the manual page:

mount.davfs needs root privileges for mounting. But running a daemon,
that is connected to the internet, with root privileges is a security
risk. So mount.davfs will change its uid and gid when entering daemon
mode.

    When invoked by root mount.davfs will run as user davfs2 and group
    davfs2.

    When invoked by an ordinary user it will run with the id of this
    user and with group davfs2.

This user isn't added when fuse-davfs2 is installed, which might lead to
some confusion.

Proposed patch for the specfile (the home directory is the one proposed
in the NEWS file from the doc section):

---%<---%<---%<---%<---%<---%<---%<---%<---%<---%<---%<---%<---%<---%<---%<

--- fuse-davfs2.spec.orig       2008-01-18 13:38:58.000000000 +0100
+++ fuse-davfs2.spec    2008-01-18 13:45:46.000000000 +0100
@@ -45,6 +45,7 @@
 %{__rm} -rf %{buildroot}
 %{__make} install DESTDIR="%{buildroot}"
 %find_lang %{real_name}
+%{__mkdir_p} %{buildroot}%{_localstatedir}/cache/davfs2 
 
 %{__mv} -vf %{buildroot}%{_sbindir}/mount.davfs %{buildroot}/sbin/mount.davfs
 %{__mv} -vf %{buildroot}%{_sbindir}/umount.davfs %{buildroot}/sbin/umount.davfs
@@ -55,6 +56,11 @@
 %clean
 %{__rm} -rf %{buildroot}
 
+%pre
+if getent passwd davfs2 >/dev/null 2>&1; then : ; else %{_sbindir}/useradd -d %{_localstatedir}/cache/davfs2 -r -s %{_sbindir}/nologin davfs2 >/dev/null 2>&1 || exit 1; fi
+if getent group davfs2 >/dev/null 2>&1; then : ; else %{_sbindir}/groupadd -r davfs2 >/dev/null 2>&1 || exit 1; fi
+
+
 %files -f %{real_name}.lang
 %defattr(-, root, root, 0755)
 %doc AUTHORS BUGS COPYING FAQ INSTALL NEWS README* THANKS TODO etc/davfs2.conf etc/secrets
@@ -70,6 +76,7 @@
 /sbin/mount.davfs
 /sbin/umount.davfs
 %{_datadir}/davfs2/
+%attr(750,davfs2,davfs2) %dir %{_localstatedir}/cache/davfs2
 
 %changelog
 * Sat Nov 10 2007 Dag Wieers <dag at wieers.com> - 1.2.2-1 - 5397+/dag


---%<---%<---%<---%<---%<---%<---%<---%<---%<---%<---%<---%<---%<---%<---%<


Cheers,

Ralph
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.rpmforge.net/pipermail/users/attachments/20080118/9c507b4a/attachment.bin

More information about the users mailing list