From patchwork Thu Jan  3 21:47:23 2013
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Yann E. MORIN" <yann.morin.1998@free.fr>
X-Patchwork-Id: 209319
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from silver.osuosl.org (silver.osuosl.org [140.211.166.136])
	by ozlabs.org (Postfix) with ESMTP id EFB7D2C0086
	for <incoming@patchwork.ozlabs.org>;
	Fri,  4 Jan 2013 08:47:50 +1100 (EST)
Received: from localhost (localhost [127.0.0.1])
	by silver.osuosl.org (Postfix) with ESMTP id B25EC30DF5;
	Thu,  3 Jan 2013 21:47:49 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
X-Amavis-Alert: BAD HEADER SECTION, Duplicate header field: "References"
Received: from silver.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id EafJkA-BUobT; Thu,  3 Jan 2013 21:47:42 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by silver.osuosl.org (Postfix) with ESMTP id 7469A30853;
	Thu,  3 Jan 2013 21:47:37 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from whitealder.osuosl.org (whitealder.osuosl.org
	[140.211.166.138])
	by ash.osuosl.org (Postfix) with ESMTP id E55048F74B
	for <buildroot@lists.busybox.net>;
	Thu,  3 Jan 2013 21:47:40 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by whitealder.osuosl.org (Postfix) with ESMTP id DA7718B48C
	for <buildroot@lists.busybox.net>;
	Thu,  3 Jan 2013 21:47:34 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
X-Amavis-Alert: BAD HEADER SECTION, Duplicate header field: "References"
Received: from whitealder.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id Tyd-aYgF9ZqG for <buildroot@lists.busybox.net>;
	Thu,  3 Jan 2013 21:47:34 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from mail-wi0-f169.google.com (mail-wi0-f169.google.com
	[209.85.212.169])
	by whitealder.osuosl.org (Postfix) with ESMTPS id B73488B47F
	for <buildroot@busybox.net>; Thu,  3 Jan 2013 21:47:33 +0000 (UTC)
Received: by mail-wi0-f169.google.com with SMTP id hq12so8092336wib.0
	for <buildroot@busybox.net>; Thu, 03 Jan 2013 13:47:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=x-received:sender:from:to:cc:subject:date:message-id:x-mailer
	:in-reply-to:references:in-reply-to:references;
	bh=fXQMpk0e/e4dvKZ7Kke9yX+ywuX5gavUN4AKQk7nQKw=;
	b=SGiQExT6JVUTijUDxO/Nkp8NB1bWLnS/Seb2DMm+CLnZPZae0tLJ0h00L2ekV3afH2
	Q7YVNChte0ijJ4b9YRKS/NSjcKfI6f2kWixgL1Xkxvk21LMV0jkyQVv8ml/RTGPmRDd3
	Aa1x29F9feWjiHRa8Obe/FXObJXmzXQSwYyWv5F1OvB2OQufhalRwW0SztynSh2k4RNF
	uaGUwktAd2NyihcnkPiLEefSrvDFE63K0DmPsMnMw3WaYUvhR6kIl6bq7F68zKHa0m4p
	H5BN93MFIlw9MvW+oW/lzLYNVzUeMU+st+MTaj+bca96Nqk+4iAPLAiWb+vyFHbC+3y6
	8rFg==
X-Received: by 10.194.76.137 with SMTP id k9mr81062494wjw.29.1357249652105;
	Thu, 03 Jan 2013 13:47:32 -0800 (PST)
Received: from localhost.localdomain
	(ARennes-256-1-70-176.w90-32.abo.wanadoo.fr. [90.32.149.176])
	by mx.google.com with ESMTPS id
	s16sm87964619wii.0.2013.01.03.13.47.30
	(version=TLSv1/SSLv3 cipher=OTHER);
	Thu, 03 Jan 2013 13:47:31 -0800 (PST)
From: "Yann E. MORIN" <yann.morin.1998@free.fr>
To: buildroot@busybox.net
Date: Thu,  3 Jan 2013 22:47:23 +0100
Message-Id: 
 <6deccb2495a5eb7cc3105e5303e68ad4d4cc4236.1357248864.git.yann.morin.1998@free.fr>
X-Mailer: git-send-email 1.7.2.5
In-Reply-To: <cover.1357248864.git.yann.morin.1998@free.fr>
References: <cover.1357248864.git.yann.morin.1998@free.fr>
In-Reply-To: <cover.1357248864.git.yann.morin.1998@free.fr>
References: <cover.1357248864.git.yann.morin.1998@free.fr>
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Subject: [Buildroot] [PATCH 2/2] package/tvheadend: use a non-root user to
	run the daemon
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
MIME-Version: 1.0
Errors-To: buildroot-bounces@busybox.net
Sender: buildroot-bounces@busybox.net

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
---
 package/tvheadend/etc.default.tvheadend |    5 ++---
 package/tvheadend/tvheadend.mk          |   10 ++++++++--
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/package/tvheadend/etc.default.tvheadend b/package/tvheadend/etc.default.tvheadend
index c769055..253f832 100644
--- a/package/tvheadend/etc.default.tvheadend
+++ b/package/tvheadend/etc.default.tvheadend
@@ -1,6 +1,5 @@
-# Once we have a real user, we'll use it
-TVH_USER=root
-TVH_GROUP=root
+TVH_USER=tvheadend
+TVH_GROUP=tvheadend
 #TVH_ADAPTERS=
 #TVH_HTTP_PORT=9981
 #TVH_HTSP_PORT=9982
diff --git a/package/tvheadend/tvheadend.mk b/package/tvheadend/tvheadend.mk
index 5100781..4a3f882 100644
--- a/package/tvheadend/tvheadend.mk
+++ b/package/tvheadend/tvheadend.mk
@@ -26,9 +26,11 @@ TVHEADEND_DEPENDENCIES     += dvb-apps
 # To run tvheadend, we need:
 #  - a startup script, and its config file
 #  - a default DB with a tvheadend admin
+#  - a non-root user to run as
 define TVHEADEND_INSTALL_DB
-	$(INSTALL) -D package/tvheadend/accesscontrol.1     \
-	              $(TARGET_DIR)/root/.hts/tvheadend/accesscontrol/1
+	$(INSTALL) -D -m 0600 package/tvheadend/accesscontrol.1     \
+	              $(TARGET_DIR)/home/tvheadend/.hts/tvheadend/accesscontrol/1
+	chmod -R go-rwx $(TARGET_DIR)/home/tvheadend
 endef
 TVHEADEND_POST_INSTALL_TARGET_HOOKS  = TVHEADEND_INSTALL_DB
 
@@ -37,6 +39,10 @@ define TVHEADEND_INSTALL_INIT_SYSV
 	$(INSTALL) -D package/tvheadend/S99tvheadend          $(TARGET_DIR)/etc/init.d/S99tvheadend
 endef
 
+define TVHEADEND_USERS
+tvheadend -1 tvheadend -1 * /home/tvheadend - video TVHeadend daemon
+endef
+
 #----------------------------------------------------------------------------
 # tvheadend is not an autotools-based package, but it is possible to
 # call its ./configure script as if it were an autotools one.