diff options
| author |   Florian Schmaus <flow@gentoo.org> | 2022-04-24 21:43:52 +0200 |
|---|---|---|
| committer | Florian Schmaus <flow@gentoo.org> | 2022-04-24 22:10:43 +0200 |
| commit | 7a0414526e4942bf4767aaa2c9a9cfa5fd7f605a (patch) | |
| tree | 0b8698b200b047e02e04c187918468c621e9f3ba /sci-misc/boinc/files | |
| parent | dev-python/pycares: Keyword 4.1.2 riscv, #839768 (diff) | |
| download | gentoo-7a0414526e4942bf4767aaa2c9a9cfa5fd7f605a.tar.gz gentoo-7a0414526e4942bf4767aaa2c9a9cfa5fd7f605a.tar.bz2 gentoo-7a0414526e4942bf4767aaa2c9a9cfa5fd7f605a.zip | |
sci-misc/boinc: fix dep, openrc: ALLOW_REMOTE_RPC=no, GROUP=(id -gn $USER)
Replace the deprecated virtual/jpeg with media-libs/libjpeg-turbo.
Use 'boinc' user's primary group per default. This syncs the behavior of
the openrc-run script with the systemd service file. We can now also
drop acct-group/boinc, since nothing in sci-misc/boinc depends on it.
Also set ALLOW_REMOTE_RPC=no, instead of yes, if absent. Allowing remote
RPCs, if not explicitly enabled by the user, that is, per default, is
not sensible from a security perspective.
Note that the shipped boinc.conf already sets ALLOW_REMOTE_RPC=no.
Signed-off-by: Florian Schmaus <flow@gentoo.org>
Diffstat (limited to 'sci-misc/boinc/files')
| -rw-r--r-- | sci-misc/boinc/files/boinc.conf | 4 | ||||
| -rw-r--r-- | sci-misc/boinc/files/boinc.init.in | 6 |
2 files changed, 6 insertions, 4 deletions
diff --git a/sci-misc/boinc/files/boinc.conf b/sci-misc/boinc/files/boinc.conf index 22fcca0d3001..856be30a2402 100644 --- a/sci-misc/boinc/files/boinc.conf +++ b/sci-misc/boinc/files/boinc.conf @@ -2,7 +2,9 @@ # Owner of BOINC process (must be existing) USER="boinc" -GROUP="boinc" +# Group of the BOINC process. Defaults to the user's primary group if +# not set. +#GROUP="boinc" # Directory with runtime data: Work units, project binaries, user info etc. RUNTIMEDIR="/var/lib/boinc" diff --git a/sci-misc/boinc/files/boinc.init.in b/sci-misc/boinc/files/boinc.init.in index 763b69694444..9ac9b11a930d 100644 --- a/sci-misc/boinc/files/boinc.init.in +++ b/sci-misc/boinc/files/boinc.init.in @@ -1,5 +1,5 @@ #!/sbin/openrc-run -# Copyright 1999-2017 Gentoo Foundation +# Copyright 1999-2022 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 extra_started_commands="attach resume suspend" @@ -91,12 +91,12 @@ opencl_check() { env_check() { # Make sure the configuration is sane : ${USER:="boinc"} - : ${GROUP:="boinc"} + : ${GROUP:="$(id -ng ${USER})"} : ${RUNTIMEDIR:="/var/lib/boinc"} : ${BOINCBIN:="$(which boinc_client)"} : ${BOINC_PIDFILE:="/var/run/boinc_client.pid"} : ${BOINCCMD:="$(which /usr/bin/boinccmd)"} - : ${ALLOW_REMOTE_RPC:="yes"} + : ${ALLOW_REMOTE_RPC:="no"} : ${NICELEVEL:="19"} # ARGS is not checked, it could have been explicitly set # to be empty by the user. |