commit 5cdccb85464a3cd086cb4e23d233d7c763f8f5d9
parent 6ef46bef4f611b1b1cb7fa73369ef89f4805b92b
Author: Antoine A <>
Date: Wed, 12 Feb 2025 18:07:33 +0100
magnet-bank: deb script & config fixes
Diffstat:
4 files changed, 33 insertions(+), 14 deletions(-)
diff --git a/common/taler-common/src/config.rs b/common/taler-common/src/config.rs
@@ -53,7 +53,7 @@ pub mod parser {
#[derive(Debug)]
pub enum ParserErr {
- IO(&'static str, PathBuf, std::io::Error),
+ IO(Cow<'static, str>, PathBuf, std::io::Error),
Line(Cow<'static, str>, PathBuf, usize, Option<String>),
}
@@ -91,8 +91,12 @@ pub mod parser {
}
}
- fn io_err(action: &'static str, path: impl Into<PathBuf>, err: std::io::Error) -> ParserErr {
- ParserErr::IO(action, path.into(), err)
+ fn io_err(
+ action: impl Into<Cow<'static, str>>,
+ path: impl Into<PathBuf>,
+ err: std::io::Error,
+ ) -> ParserErr {
+ ParserErr::IO(action.into(), path.into(), err)
}
fn line_err(
msg: impl Into<Cow<'static, str>>,
@@ -242,24 +246,25 @@ pub mod parser {
)
)?;
- let section = section.to_uppercase();
+ let section_up = section.to_uppercase();
let mut secret_cfg = Parser::empty();
- if let Err(e) = secret_cfg.parse_file(secret_file.as_ref(), depth) {
+ if let Err(e) = secret_cfg.parse_file(&parent.join(secret_file), depth)
+ {
if let ParserErr::IO(_, path, err) = e {
- warn!(target: "config", "{}", io_err("read secrets", path, err))
+ warn!(target: "config", "{}", io_err(format!("read secret section [{section}]"), path, err))
} else {
return Err(e);
}
} else if let Some(secret_section) =
- secret_cfg.sections.swap_remove(§ion)
+ secret_cfg.sections.swap_remove(§ion_up)
{
self.sections
- .entry(section)
+ .entry(section_up)
.or_default()
.extend(secret_section);
} else {
- warn!(target: "config", "{}", line_err(format!("Configuration file at '{}' loaded with @inline-secret@ does not contain section '{section}' ", secret_file), src, num));
+ warn!(target: "config", "{}", line_err(format!("Configuration file at '{}' loaded with @inline-secret@ does not contain section '{section_up}' ", secret_file), src, num));
}
}
unknown => {
diff --git a/contrib/taler-magnet-bank-dbconfig b/contrib/taler-magnet-bank-dbconfig
@@ -138,7 +138,7 @@ if [ 0 = "$SKIP_INIT" ] || [ 1 = "$FORCE_PERMS" ]; then
if ! sudo -i -u postgres createuser "$DBGROUP" 2>/dev/null; then
echo "Database group '$DBGROUP' already existed. Continuing anyway." 1>&2
fi
- if ! echo "GRANT ALL PRIVILEGES ON ALL TABLES TO \"$DBGROUP\"" |
+ if ! echo "GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO \"$DBGROUP\"" |
sudo -i -u postgres psql "$DBNAME"; then
exit_fail "Failed to grant access to '$DBGROUP'."
fi
diff --git a/debian/taler-magnet-bank.postinst b/debian/taler-magnet-bank.postinst
@@ -1,3 +1,6 @@
+#!/bin/bash
+
+set -e
MAGNET_HOME="/var/lib/taler-magnet-bank"
@@ -39,4 +42,6 @@ if [ "$1" = "configure" ] ; then
fi
fi
-#DEBHELPER#
-\ No newline at end of file
+#DEBHELPER#
+
+exit 0
+\ No newline at end of file
diff --git a/debian/taler-magnet-bank.postrm b/debian/taler-magnet-bank.postrm
@@ -1,3 +1,6 @@
+#!/bin/sh
+
+set -e
# Group with access to our database
_DBGROUP=taler-magnet-bank-db
@@ -7,6 +10,10 @@ _HTTPDUSER=taler-magnet-bank-httpd
_WORKERUSER=taler-magnet-bank-worker
if [ "$1" = "purge" ] ; then
+ # Remove permissions override
+ for fs in magnet-bank-db.secret.conf magnet-bank-httpd.secret.conf magnet-bank-worker.secret.conf do
+ dpkg-statoverride --remove /etc/taler-magnet-bank/secrets/$fs || true
+ done
# Remove users
deluser --quiet --system ${_HTTPDUSER} || true
deluser --quiet --system ${_WORKERUSER} || true
@@ -14,4 +21,6 @@ if [ "$1" = "purge" ] ; then
delgroup --only-if-empty --quiet ${_DBGROUP} || true
fi
-#DEBHELPER#
-\ No newline at end of file
+#DEBHELPER#
+
+exit 0
+\ No newline at end of file
