sipwise
/
rtpengine
mirror of https://github.com/sipwise/rtpengine.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Run services as non root user

Browse Source
pull/1440/head
Anton Voylenko 3 years ago
parent 4a173c2ebc
commit 0d495c24f8
5 changed files with 27 additions and 22 deletions
Show Stats Download Patch File Download Diff File

7
el/rtpengine-recording.service
Unescape View File

@ -5,9 +5,14 @@ After=network-online.target
[Service] [Service]
Type=forking Type=forking
LimitNOFILE=100000
Environment=CFG_FILE=/etc/rtpengine/rtpengine-recording.conf Environment=CFG_FILE=/etc/rtpengine/rtpengine-recording.conf
EnvironmentFile=/etc/sysconfig/rtpengine-recording EnvironmentFile=/etc/sysconfig/rtpengine-recording
PIDFile=/run/rtpengine-recording.pid User=ngcp-rtpengine
Group=ngcp-rtpengine
AmbientCapabilities=CAP_NET_ADMIN
RuntimeDirectory=rtpengine-recording
PIDFile=/run/rtpengine-recording/rtpengine-recording.pid
ExecStart=/usr/sbin/rtpengine-recording --config-file=${CFG_FILE} --pidfile=${PID_FILE} ExecStart=/usr/sbin/rtpengine-recording --config-file=${CFG_FILE} --pidfile=${PID_FILE}
TimeoutSec=15s TimeoutSec=15s
Restart=on-failure Restart=on-failure

2
el/rtpengine-recording.sysconfig
Unescape View File

@ -2,4 +2,4 @@
# http://github.com/sipwise/rtpengine # http://github.com/sipwise/rtpengine
# #
CONFIG_FILE=/etc/rtpengine/rtpengine-recording.conf CONFIG_FILE=/etc/rtpengine/rtpengine-recording.conf
PID_FILE=/run/rtpengine-recording.pid PID_FILE=/run/rtpengine-recording/rtpengine-recording.pid

11
el/rtpengine.service
Unescape View File

@ -6,10 +6,15 @@ After=network-online.target
Type=forking Type=forking
Environment=CFG_FILE=/etc/rtpengine/rtpengine.conf Environment=CFG_FILE=/etc/rtpengine/rtpengine.conf
EnvironmentFile=/etc/sysconfig/rtpengine EnvironmentFile=/etc/sysconfig/rtpengine
PIDFile=/run/rtpengine.pid User=ngcp-rtpengine
ExecStartPre=/usr/sbin/ngcp-rtpengine-iptables-setup start Group=ngcp-rtpengine
AmbientCapabilities=CAP_NET_ADMIN CAP_SYS_NICE
LimitNOFILE=150000
RuntimeDirectory=rtpengine
PIDFile=/run/rtpengine/rtpengine.pid
ExecStartPre=+/usr/sbin/ngcp-rtpengine-iptables-setup start
ExecStart=/usr/sbin/rtpengine --config-file=${CFG_FILE} --pidfile=${PID_FILE} ExecStart=/usr/sbin/rtpengine --config-file=${CFG_FILE} --pidfile=${PID_FILE}
ExecStopPost=/usr/sbin/ngcp-rtpengine-iptables-setup stop ExecStopPost=+/usr/sbin/ngcp-rtpengine-iptables-setup stop
RestartSec=3s RestartSec=3s
TimeoutSec=15s TimeoutSec=15s
Restart=on-failure Restart=on-failure

20
el/rtpengine.spec
Unescape View File

@ -27,6 +27,7 @@ BuildRequires: ffmpeg-devel
Requires(pre): ffmpeg-libs Requires(pre): ffmpeg-libs
%endif %endif
Requires: perl-Config-Tiny
Requires: nc Requires: nc
# Remain compat with other installations # Remain compat with other installations
Provides: ngcp-rtpengine = %{version}-%{release} Provides: ngcp-rtpengine = %{version}-%{release}
@ -148,6 +149,7 @@ install -D -p -m644 el/%{binname}-recording.sysconfig \
%{buildroot}%{_sysconfdir}/sysconfig/%{binname}-recording %{buildroot}%{_sysconfdir}/sysconfig/%{binname}-recording
%endif %endif
mkdir -p %{buildroot}%{_sharedstatedir}/%{name} mkdir -p %{buildroot}%{_sharedstatedir}/%{name}
mkdir -p %{buildroot}%{_var}/lib/%{binname}-recording
mkdir -p %{buildroot}%{_var}/spool/%{binname} mkdir -p %{buildroot}%{_var}/spool/%{binname}
# Install config files # Install config files
@ -175,12 +177,6 @@ install -D -p -m644 kernel-module/rtpengine_config.h \
install -D -p -m644 debian/dkms.conf.in %{buildroot}%{_usrsrc}/%{name}-%{version}-%{release}/dkms.conf install -D -p -m644 debian/dkms.conf.in %{buildroot}%{_usrsrc}/%{name}-%{version}-%{release}/dkms.conf
sed -i -e "s/__VERSION__/%{version}-%{release}/g" %{buildroot}%{_usrsrc}/%{name}-%{version}-%{release}/dkms.conf sed -i -e "s/__VERSION__/%{version}-%{release}/g" %{buildroot}%{_usrsrc}/%{name}-%{version}-%{release}/dkms.conf
# For RHEL 7, load the compiled kernel module on boot.
%if 0%{?rhel} == 7
install -D -p -m644 kernel-module/xt_RTPENGINE.modules.load.d \
%{buildroot}%{_sysconfdir}/modules-load.d/xt_RTPENGINE.conf
%endif
%pre %pre
getent group %{name} >/dev/null || /usr/sbin/groupadd -r %{name} getent group %{name} >/dev/null || /usr/sbin/groupadd -r %{name}
getent passwd %{name} >/dev/null || /usr/sbin/useradd -r -g %{name} \ getent passwd %{name} >/dev/null || /usr/sbin/useradd -r -g %{name} \
@ -249,22 +245,19 @@ true
%{_initrddir}/%{name} %{_initrddir}/%{name}
%endif %endif
%config(noreplace) %{_sysconfdir}/sysconfig/%{binname} %config(noreplace) %{_sysconfdir}/sysconfig/%{binname}
%attr(0750,%{name},%{name}) %dir %{_sharedstatedir}/%{name}
# default config # default config
%config(noreplace) %{_sysconfdir}/%{binname}/%{binname}.conf %config(noreplace) %{_sysconfdir}/%{binname}/%{binname}.conf
# spool directory
%attr(0750,%{name},%{name}) %dir %{_var}/spool/%{binname}
# Documentation # Documentation
%doc LICENSE README.md debian/changelog debian/copyright %doc LICENSE README.md debian/changelog debian/copyright
%files kernel %files kernel
/%{_lib}/xtables/libxt_RTPENGINE.so /%{_lib}/xtables/libxt_RTPENGINE.so
%files dkms %files dkms
%{_usrsrc}/%{name}-%{version}-%{release}/ %{_usrsrc}/%{name}-%{version}-%{release}/
%if 0%{?rhel} == 7
%{_sysconfdir}/modules-load.d/xt_RTPENGINE.conf
%endif
%if 0%{?with_transcoding} > 0 %if 0%{?with_transcoding} > 0
@ -281,8 +274,8 @@ true
%config(noreplace) %{_sysconfdir}/sysconfig/%{binname}-recording %config(noreplace) %{_sysconfdir}/sysconfig/%{binname}-recording
# Default config # Default config
%config(noreplace) %{_sysconfdir}/%{binname}/%{binname}-recording.conf %config(noreplace) %{_sysconfdir}/%{binname}/%{binname}-recording.conf
# spool directory # recording directory
%attr(0750,%{name},%{name}) %dir %{_var}/spool/%{binname} %attr(0750,%{name},%{name}) %dir %{_sharedstatedir}/%{binname}-recording
%endif %endif
%changelog %changelog
@ -308,4 +301,3 @@ true
- Builds and installs userspace daemon (but no init.d scripts etc yet) - Builds and installs userspace daemon (but no init.d scripts etc yet)
- Builds and installs the iptables plugin - Builds and installs the iptables plugin
- DKMS package for the kernel module - DKMS package for the kernel module

5
el/rtpengine.sysconfig
Unescape View File

@ -3,4 +3,7 @@
# main config file # main config file
CONFIG_FILE=/etc/rtpengine/rtpengine.conf CONFIG_FILE=/etc/rtpengine/rtpengine.conf
# pid # pid
PID_FILE=/run/rtpengine.pid PID_FILE=/run/rtpengine/rtpengine.pid
# user and group for /proc interface
SET_USER=ngcp-rtpengine
SET_GROUP=ngcp-rtpengine
Write Preview
Loading…
Cancel
Save