revert(footprint): drop the libreportal.service rename

The rename was justified partly by an anticipated second `libreportal-regen`
unit — which we then decided not to create (the poll rides the existing task
processor). What's left is cosmetic, and it isn't worth a footprint_version bump
(which forces a root re-install on every existing box) plus the dual-name
migration cruft.

Reverting also means the rename was the ONLY footprint change in the regen work,
so the whole regen system now ships as a plain manager-owned code deploy — no
root re-install needed. footprint_version stays 2.

Kept only the accurate FOOTPRINT.md note that the service also drives the poll.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
This commit is contained in:
librelad 2026-05-25 23:27:44 +01:00
parent 2e17a5557c
commit 8cdf5fb294
4 changed files with 19 additions and 37 deletions

View File

@ -50,7 +50,7 @@ quick-deploy).
| `/usr/local/bin/libreportal` | root | **symlink**`/usr/local/lib/libreportal/libreportal` (puts the CLI on `$PATH`) | | `/usr/local/bin/libreportal` | root | **symlink**`/usr/local/lib/libreportal/libreportal` (puts the CLI on `$PATH`) |
| `/usr/local/bin/libreportal-uninstall` | root | **symlink**`/usr/local/lib/libreportal/uninstall.sh` (location-agnostic uninstall command) | | `/usr/local/bin/libreportal-uninstall` | root | **symlink**`/usr/local/lib/libreportal/uninstall.sh` (location-agnostic uninstall command) |
| `/etc/sudoers.d/<manager>` | root | scoped least-privilege grant for the manager (drop-in named after the manager user) | | `/etc/sudoers.d/<manager>` | root | scoped least-privilege grant for the manager (drop-in named after the manager user) |
| `/etc/systemd/system/libreportal-taskprocessor.service` | root | the task-processor service (`User=<manager>`; bakes the roots as `Environment=LP_*_DIR`; also drives the periodic `regen` poll) | | `/etc/systemd/system/libreportal.service` | root | the task-processor service (`User=<manager>`; bakes the roots as `Environment=LP_*_DIR`; also drives the periodic `regen` poll) |
| `/etc/sysctl.d/99-libreportal-hardening.conf` | root | kernel LPE-surface hardening | | `/etc/sysctl.d/99-libreportal-hardening.conf` | root | kernel LPE-surface hardening |
| `/etc/sysctl.d/99-libreportal-rootless.conf` | root | rootless sysctl settings + "rootless configured" marker | | `/etc/sysctl.d/99-libreportal-rootless.conf` | root | rootless sysctl settings + "rootless configured" marker |
@ -72,8 +72,8 @@ config lives at `~<container-user>/.config/docker/daemon.json`.
`init.sh uninstall` does all of this; the sketch (with default roots/manager): `init.sh uninstall` does all of this; the sketch (with default roots/manager):
``` ```
sudo systemctl disable --now libreportal-taskprocessor.service sudo systemctl disable --now libreportal.service
sudo rm -f /etc/systemd/system/libreportal-taskprocessor.service /etc/sudoers.d/libreportal sudo rm -f /etc/systemd/system/libreportal.service /etc/sudoers.d/libreportal
sudo rm -f /etc/sysctl.d/99-libreportal-*.conf sudo rm -f /etc/sysctl.d/99-libreportal-*.conf
sudo rm -rf /usr/local/lib/libreportal /usr/local/bin/libreportal /usr/local/bin/libreportal-uninstall sudo rm -rf /usr/local/lib/libreportal /usr/local/bin/libreportal /usr/local/bin/libreportal-uninstall
sudo rm -rf /libreportal-system /libreportal-containers /libreportal-backups sudo rm -rf /libreportal-system /libreportal-containers /libreportal-backups

10
init.sh
View File

@ -130,7 +130,7 @@ command_symlink="/usr/local/bin/libreportal"
# `update apply` runs as the manager and CANNOT rewrite root-owned files, so a bump # `update apply` runs as the manager and CANNOT rewrite root-owned files, so a bump
# tells the updater the new release needs a root re-install (which re-bakes them). # tells the updater the new release needs a root re-install (which re-bakes them).
# Recorded at install in $lp_lib_dir/.footprint_version. See docs/DEVELOPMENT.md. # Recorded at install in $lp_lib_dir/.footprint_version. See docs/DEVELOPMENT.md.
footprint_version=3 footprint_version=2
footprint_marker="$lp_lib_dir/.footprint_version" footprint_marker="$lp_lib_dir/.footprint_version"
# Directories — three independently-relocatable roots (see scripts/source/paths.sh # Directories — three independently-relocatable roots (see scripts/source/paths.sh
@ -1588,8 +1588,7 @@ completeInitMessage()
# the real locations; silently no-ops on a legacy unit (then the derive defaults / # the real locations; silently no-ops on a legacy unit (then the derive defaults /
# /docker compat shim apply). # /docker compat shim apply).
libreportalReadBakedRoots() { libreportalReadBakedRoots() {
local unit=/etc/systemd/system/libreportal-taskprocessor.service local unit=/etc/systemd/system/libreportal.service
[[ -f "$unit" ]] || unit=/etc/systemd/system/libreportal.service # pre-rename fallback
[[ -f "$unit" ]] || return 0 [[ -f "$unit" ]] || return 0
local s c b m local s c b m
s=$(grep -oE 'LP_SYSTEM_DIR=\S+' "$unit" | head -1 | cut -d= -f2) s=$(grep -oE 'LP_SYSTEM_DIR=\S+' "$unit" | head -1 | cut -d= -f2)
@ -1651,10 +1650,9 @@ runFullUninstall()
isHeader "Tearing down LibrePortal" isHeader "Tearing down LibrePortal"
# 1. Stop + remove the task-processor service (current + pre-rename name). # 1. Stop + remove the task-processor service.
systemctl disable --now libreportal-taskprocessor.service >/dev/null 2>&1
systemctl disable --now libreportal.service >/dev/null 2>&1 systemctl disable --now libreportal.service >/dev/null 2>&1
rm -f /etc/systemd/system/libreportal-taskprocessor.service /etc/systemd/system/libreportal.service rm -f /etc/systemd/system/libreportal.service
systemctl daemon-reload >/dev/null 2>&1 systemctl daemon-reload >/dev/null 2>&1
isSuccessful "Stopped + removed the task-processor service" isSuccessful "Stopped + removed the task-processor service"

View File

@ -3,9 +3,8 @@
checkWebUISystemdRequirement() checkWebUISystemdRequirement()
{ {
if [[ $CFG_REQUIREMENT_WEBUI_SERVICE == "true" ]]; then if [[ $CFG_REQUIREMENT_WEBUI_SERVICE == "true" ]]; then
### Check if systemd service is running (accept the pre-rename name too) ### Check if systemd service is running
if runSystem systemctl is-active --quiet libreportal-taskprocessor.service \ if runSystem systemctl is-active --quiet libreportal.service; then
|| runSystem systemctl is-active --quiet libreportal.service; then
isSuccessful "LibrePortal task processor service is running." isSuccessful "LibrePortal task processor service is running."
else else
isNotice "LibrePortal task processor service is not running." isNotice "LibrePortal task processor service is not running."

View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# LibrePortal task-processor systemd helper — the only root-privileged management # LibrePortal task-processor systemd helper — the only root-privileged management
# of the libreportal-taskprocessor.service unit the manager may trigger. Installed root:root # of the libreportal.service unit the manager may trigger. Installed root:root
# 0755 to /usr/local/sbin by init.sh. Self-contained: it GENERATES the unit from # 0755 to /usr/local/sbin by init.sh. Self-contained: it GENERATES the unit from
# config (mode + install-user uid + the baked manager name + fixed script paths) # config (mode + install-user uid + the baked manager name + fixed script paths)
# — it does NOT accept unit content from the caller (that would be root: an # — it does NOT accept unit content from the caller (that would be root: an
@ -25,12 +25,7 @@ BACKUPS_DIR="__BACKUPS_DIR__"
[[ "$CONTAINERS_DIR" == *"__"* || -z "$CONTAINERS_DIR" ]] && CONTAINERS_DIR="/libreportal-containers" [[ "$CONTAINERS_DIR" == *"__"* || -z "$CONTAINERS_DIR" ]] && CONTAINERS_DIR="/libreportal-containers"
[[ "$BACKUPS_DIR" == *"__"* || -z "$BACKUPS_DIR" ]] && BACKUPS_DIR="/libreportal-backups" [[ "$BACKUPS_DIR" == *"__"* || -z "$BACKUPS_DIR" ]] && BACKUPS_DIR="/libreportal-backups"
SERVICE_NAME="libreportal-taskprocessor.service" SERVICE_FILE="/etc/systemd/system/libreportal.service"
SERVICE_FILE="/etc/systemd/system/$SERVICE_NAME"
# Pre-rename unit name — removed on install so an upgraded box doesn't keep a
# duplicate/orphan processor running under the old name.
LEGACY_SERVICE_NAME="libreportal.service"
LEGACY_SERVICE_FILE="/etc/systemd/system/$LEGACY_SERVICE_NAME"
INSTALL_SCRIPTS_DIR="$SYSTEM_DIR/install/scripts" INSTALL_SCRIPTS_DIR="$SYSTEM_DIR/install/scripts"
TASK_PROCESSOR="$INSTALL_SCRIPTS_DIR/crontab/task/crontab_task_processor.sh" TASK_PROCESSOR="$INSTALL_SCRIPTS_DIR/crontab/task/crontab_task_processor.sh"
DB_CFG="$SYSTEM_DIR/configs/general/general_docker_install" DB_CFG="$SYSTEM_DIR/configs/general/general_docker_install"
@ -83,29 +78,19 @@ WantedBy=multi-user.target
EOF EOF
} }
# Remove the pre-rename unit if it's still around (idempotent migration).
_drop_legacy() {
if [[ -f "$LEGACY_SERVICE_FILE" ]]; then
systemctl disable --now "$LEGACY_SERVICE_NAME" >/dev/null 2>&1
rm -f "$LEGACY_SERVICE_FILE"
systemctl daemon-reload
fi
}
install_unit() { install_unit() {
_drop_legacy
local desired current="" local desired current=""
desired="$(_gen_unit)" desired="$(_gen_unit)"
[[ -f "$SERVICE_FILE" ]] && current="$(cat "$SERVICE_FILE" 2>/dev/null)" [[ -f "$SERVICE_FILE" ]] && current="$(cat "$SERVICE_FILE" 2>/dev/null)"
if [[ "$desired" != "$current" ]]; then if [[ "$desired" != "$current" ]]; then
printf '%s\n' "$desired" > "$SERVICE_FILE" printf '%s\n' "$desired" > "$SERVICE_FILE"
systemctl daemon-reload systemctl daemon-reload
systemctl enable "$SERVICE_NAME" >/dev/null 2>&1 systemctl enable libreportal.service >/dev/null 2>&1
systemctl restart "$SERVICE_NAME" systemctl restart libreportal.service
echo "updated" echo "updated"
else else
systemctl enable "$SERVICE_NAME" >/dev/null 2>&1 systemctl enable libreportal.service >/dev/null 2>&1
systemctl is-active --quiet "$SERVICE_NAME" || systemctl start "$SERVICE_NAME" systemctl is-active --quiet libreportal.service || systemctl start libreportal.service
echo "unchanged" echo "unchanged"
fi fi
} }
@ -113,9 +98,9 @@ install_unit() {
action="${1:-}" action="${1:-}"
case "$action" in case "$action" in
install) install_unit ;; install) install_unit ;;
enable) systemctl enable "$SERVICE_NAME" >/dev/null 2>&1 ;; enable) systemctl enable libreportal.service >/dev/null 2>&1 ;;
restart) systemctl restart "$SERVICE_NAME" ;; restart) systemctl restart libreportal.service ;;
start) systemctl start "$SERVICE_NAME" ;; start) systemctl start libreportal.service ;;
status) systemctl is-active "$SERVICE_NAME" ;; status) systemctl is-active libreportal.service ;;
*) echo "usage: libreportal-svc {install|enable|restart|start|status}" >&2; exit 2 ;; *) echo "usage: libreportal-svc {install|enable|restart|start|status}" >&2; exit 2 ;;
esac esac