git-echo/linux_patch_api
Private
Public Access
1
0
Fork 0
Code Releases 32 Wiki Activity

chore: bump version to 0.3.3 for dpkg and service fixes
Some checks failed
CI/CD Pipeline / Code Format (push) Successful in 2s
Details
CI/CD Pipeline / Clippy Lints (push) Successful in 49s
Details
CI/CD Pipeline / Unit Tests (push) Successful in 57s
Details
CI/CD Pipeline / Security Audit (push) Successful in 4s
Details
CI/CD Pipeline / Build Arch Package (push) Successful in 1m56s
Details
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Successful in 1m58s
Details
CI/CD Pipeline / Build Alpine Package (push) Successful in 3m27s
Details
CI/CD Pipeline / Build RPM Package (push) Successful in 4m2s
Details
CI/CD Pipeline / Build Debian Package (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Echo
2026-05-03 02:35:32 +00:00
parent 77e8ac2e65
commit 157376af7e
4 changed files with 12 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
debian/changelog vendored
View File

@ -1,3 +1,10 @@
linux-patch-api (0.3.3-1) unstable; urgency=low
* Fix dpkg packaging: Remove linux-patch-api user creation, fix directory ownership
* Fix package install: Remove sudo from apt commands (service runs as root)
* Remove NoNewPrivileges and RestrictSUIDSGID from systemd service
-- Echo <echo@moon-dragon.us> Sat, 03 May 2026 02:30:00 -0500
linux-patch-api (0.3.2-1) unstable; urgency=low
* Fix package install: Remove sudo from apt commands (service runs as root)

4
debian/linux-patch-api/DEBIAN/postinst vendored
View File

@ -13,14 +13,14 @@ if [ "$1" = "configure" ]; then
echo "Creating default config.yaml..."
cp /etc/linux_patch_api/config.yaml.example /etc/linux_patch_api/config.yaml
chmod 640 /etc/linux_patch_api/config.yaml
chown linux-patch-api:linux-patch-api /etc/linux_patch_api/config.yaml
chown root:root /etc/linux_patch_api/config.yaml
fi
if [ ! -f "/etc/linux_patch_api/whitelist.yaml" ]; then
echo "Creating default whitelist.yaml..."
cp /etc/linux_patch_api/whitelist.yaml.example /etc/linux_patch_api/whitelist.yaml
chmod 640 /etc/linux_patch_api/whitelist.yaml
chown linux-patch-api:linux-patch-api /etc/linux_patch_api/whitelist.yaml
chown root:root /etc/linux_patch_api/whitelist.yaml
fi
# Reload systemd daemon to pick up new service file

12
debian/linux-patch-api/DEBIAN/postrm vendored
View File

@ -39,18 +39,6 @@ if [ "$1" = "purge" ]; then
rm -rf /var/log/linux_patch_api
fi
# Remove system user
if getent passwd linux-patch-api > /dev/null 2>&1; then
echo "Removing user linux-patch-api..."
userdel linux-patch-api 2>/dev/null || true
fi
# Remove system group
if getent group linux-patch-api > /dev/null 2>&1; then
echo "Removing group linux-patch-api..."
groupdel linux-patch-api 2>/dev/null || true
fi
echo "linux-patch-api purged successfully"
fi

23
debian/linux-patch-api/DEBIAN/preinst vendored
View File

@ -9,31 +9,14 @@ if [ -d "/etc/linux_patch_api" ]; then
echo "Detected existing installation - performing upgrade"
fi
# Create system user if it doesn't exist
if ! getent group linux-patch-api > /dev/null 2>&1; then
echo "Creating group linux-patch-api..."
groupadd --system linux-patch-api
fi
if ! getent passwd linux-patch-api > /dev/null 2>&1; then
echo "Creating user linux-patch-api..."
useradd --system \
--gid linux-patch-api \
--home-dir /var/lib/linux_patch_api \
--no-create-home \
--shell /usr/sbin/nologin \
--comment "Linux Patch API Service" \
linux-patch-api
fi
# Create required directories
mkdir -p /etc/linux_patch_api/certs
mkdir -p /var/lib/linux_patch_api
mkdir -p /var/log/linux_patch_api
# Set proper ownership
chown -R linux-patch-api:linux-patch-api /var/lib/linux_patch_api
chown -R linux-patch-api:linux-patch-api /var/log/linux_patch_api
# Set proper ownership (service runs as root)
chown -R root:root /var/lib/linux_patch_api
chown -R root:root /var/log/linux_patch_api
# Set secure permissions
chmod 750 /etc/linux_patch_api