vyos-hostsd: T2583: add hostsd group

To better control access from other daemons that may not be running as root, create a new group 'hostsd' to which the other daemons running users can be added. Run vyos-hostsd as root:hostsd to create the socket file with correct user and group.
author: Jernej Jakob <jernej.jakob@gmail.com> 2020-06-11 08:06:14 +0200
committer: Jernej Jakob <jernej.jakob@gmail.com> 2020-06-11 22:10:47 +0200
commit: 96ed330e9691f9db79c837505802ae5055f86348 (patch)
tree: 7b6c34776470068960d7a9336f1b27357dd212ef /debian/vyos-1x.postinst
parent: de8f039cf3a527c87ec595fc94a691b0159cd79a (diff)
download: vyos-1x-96ed330e9691f9db79c837505802ae5055f86348.tar.gz
vyos-1x-96ed330e9691f9db79c837505802ae5055f86348.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/debian/vyos-1x.postinst b/debian/vyos-1x.postinst
index a308401ee..672f90dff 100644
--- a/debian/vyos-1x.postinst
+++ b/debian/vyos-1x.postinst
@@ -19,3 +19,8 @@ if ! grep -q '^minion' /etc/passwd; then
     adduser --quiet minion disk
     adduser --quiet minion users
 fi
+
+# add hostsd group for vyos-hostsd
+if ! grep -q '^hostsd' /etc/group; then
+    addgroup --quiet --system hostsd
+fi
author	Jernej Jakob <jernej.jakob@gmail.com>	2020-06-11 08:06:14 +0200
committer	Jernej Jakob <jernej.jakob@gmail.com>	2020-06-11 22:10:47 +0200
commit	96ed330e9691f9db79c837505802ae5055f86348 (patch)
tree	7b6c34776470068960d7a9336f1b27357dd212ef /debian/vyos-1x.postinst
parent	de8f039cf3a527c87ec595fc94a691b0159cd79a (diff)
download	vyos-1x-96ed330e9691f9db79c837505802ae5055f86348.tar.gz vyos-1x-96ed330e9691f9db79c837505802ae5055f86348.zip