revert(footprint): drop the libreportal.service rename
The rename was justified partly by an anticipated second `libreportal-regen` unit — which we then decided not to create (the poll rides the existing task processor). What's left is cosmetic, and it isn't worth a footprint_version bump (which forces a root re-install on every existing box) plus the dual-name migration cruft. Reverting also means the rename was the ONLY footprint change in the regen work, so the whole regen system now ships as a plain manager-owned code deploy — no root re-install needed. footprint_version stays 2. Kept only the accurate FOOTPRINT.md note that the service also drives the poll. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
This commit is contained in:
parent
2e17a5557c
commit
8cdf5fb294
@ -50,7 +50,7 @@ quick-deploy).
|
|||||||
| `/usr/local/bin/libreportal` | root | **symlink** → `/usr/local/lib/libreportal/libreportal` (puts the CLI on `$PATH`) |
|
| `/usr/local/bin/libreportal` | root | **symlink** → `/usr/local/lib/libreportal/libreportal` (puts the CLI on `$PATH`) |
|
||||||
| `/usr/local/bin/libreportal-uninstall` | root | **symlink** → `/usr/local/lib/libreportal/uninstall.sh` (location-agnostic uninstall command) |
|
| `/usr/local/bin/libreportal-uninstall` | root | **symlink** → `/usr/local/lib/libreportal/uninstall.sh` (location-agnostic uninstall command) |
|
||||||
| `/etc/sudoers.d/<manager>` | root | scoped least-privilege grant for the manager (drop-in named after the manager user) |
|
| `/etc/sudoers.d/<manager>` | root | scoped least-privilege grant for the manager (drop-in named after the manager user) |
|
||||||
| `/etc/systemd/system/libreportal-taskprocessor.service` | root | the task-processor service (`User=<manager>`; bakes the roots as `Environment=LP_*_DIR`; also drives the periodic `regen` poll) |
|
| `/etc/systemd/system/libreportal.service` | root | the task-processor service (`User=<manager>`; bakes the roots as `Environment=LP_*_DIR`; also drives the periodic `regen` poll) |
|
||||||
| `/etc/sysctl.d/99-libreportal-hardening.conf` | root | kernel LPE-surface hardening |
|
| `/etc/sysctl.d/99-libreportal-hardening.conf` | root | kernel LPE-surface hardening |
|
||||||
| `/etc/sysctl.d/99-libreportal-rootless.conf` | root | rootless sysctl settings + "rootless configured" marker |
|
| `/etc/sysctl.d/99-libreportal-rootless.conf` | root | rootless sysctl settings + "rootless configured" marker |
|
||||||
|
|
||||||
@ -72,8 +72,8 @@ config lives at `~<container-user>/.config/docker/daemon.json`.
|
|||||||
`init.sh uninstall` does all of this; the sketch (with default roots/manager):
|
`init.sh uninstall` does all of this; the sketch (with default roots/manager):
|
||||||
|
|
||||||
```
|
```
|
||||||
sudo systemctl disable --now libreportal-taskprocessor.service
|
sudo systemctl disable --now libreportal.service
|
||||||
sudo rm -f /etc/systemd/system/libreportal-taskprocessor.service /etc/sudoers.d/libreportal
|
sudo rm -f /etc/systemd/system/libreportal.service /etc/sudoers.d/libreportal
|
||||||
sudo rm -f /etc/sysctl.d/99-libreportal-*.conf
|
sudo rm -f /etc/sysctl.d/99-libreportal-*.conf
|
||||||
sudo rm -rf /usr/local/lib/libreportal /usr/local/bin/libreportal /usr/local/bin/libreportal-uninstall
|
sudo rm -rf /usr/local/lib/libreportal /usr/local/bin/libreportal /usr/local/bin/libreportal-uninstall
|
||||||
sudo rm -rf /libreportal-system /libreportal-containers /libreportal-backups
|
sudo rm -rf /libreportal-system /libreportal-containers /libreportal-backups
|
||||||
|
|||||||
10
init.sh
10
init.sh
@ -130,7 +130,7 @@ command_symlink="/usr/local/bin/libreportal"
|
|||||||
# `update apply` runs as the manager and CANNOT rewrite root-owned files, so a bump
|
# `update apply` runs as the manager and CANNOT rewrite root-owned files, so a bump
|
||||||
# tells the updater the new release needs a root re-install (which re-bakes them).
|
# tells the updater the new release needs a root re-install (which re-bakes them).
|
||||||
# Recorded at install in $lp_lib_dir/.footprint_version. See docs/DEVELOPMENT.md.
|
# Recorded at install in $lp_lib_dir/.footprint_version. See docs/DEVELOPMENT.md.
|
||||||
footprint_version=3
|
footprint_version=2
|
||||||
footprint_marker="$lp_lib_dir/.footprint_version"
|
footprint_marker="$lp_lib_dir/.footprint_version"
|
||||||
|
|
||||||
# Directories — three independently-relocatable roots (see scripts/source/paths.sh
|
# Directories — three independently-relocatable roots (see scripts/source/paths.sh
|
||||||
@ -1588,8 +1588,7 @@ completeInitMessage()
|
|||||||
# the real locations; silently no-ops on a legacy unit (then the derive defaults /
|
# the real locations; silently no-ops on a legacy unit (then the derive defaults /
|
||||||
# /docker compat shim apply).
|
# /docker compat shim apply).
|
||||||
libreportalReadBakedRoots() {
|
libreportalReadBakedRoots() {
|
||||||
local unit=/etc/systemd/system/libreportal-taskprocessor.service
|
local unit=/etc/systemd/system/libreportal.service
|
||||||
[[ -f "$unit" ]] || unit=/etc/systemd/system/libreportal.service # pre-rename fallback
|
|
||||||
[[ -f "$unit" ]] || return 0
|
[[ -f "$unit" ]] || return 0
|
||||||
local s c b m
|
local s c b m
|
||||||
s=$(grep -oE 'LP_SYSTEM_DIR=\S+' "$unit" | head -1 | cut -d= -f2)
|
s=$(grep -oE 'LP_SYSTEM_DIR=\S+' "$unit" | head -1 | cut -d= -f2)
|
||||||
@ -1651,10 +1650,9 @@ runFullUninstall()
|
|||||||
|
|
||||||
isHeader "Tearing down LibrePortal"
|
isHeader "Tearing down LibrePortal"
|
||||||
|
|
||||||
# 1. Stop + remove the task-processor service (current + pre-rename name).
|
# 1. Stop + remove the task-processor service.
|
||||||
systemctl disable --now libreportal-taskprocessor.service >/dev/null 2>&1
|
|
||||||
systemctl disable --now libreportal.service >/dev/null 2>&1
|
systemctl disable --now libreportal.service >/dev/null 2>&1
|
||||||
rm -f /etc/systemd/system/libreportal-taskprocessor.service /etc/systemd/system/libreportal.service
|
rm -f /etc/systemd/system/libreportal.service
|
||||||
systemctl daemon-reload >/dev/null 2>&1
|
systemctl daemon-reload >/dev/null 2>&1
|
||||||
isSuccessful "Stopped + removed the task-processor service"
|
isSuccessful "Stopped + removed the task-processor service"
|
||||||
|
|
||||||
|
|||||||
@ -3,9 +3,8 @@
|
|||||||
checkWebUISystemdRequirement()
|
checkWebUISystemdRequirement()
|
||||||
{
|
{
|
||||||
if [[ $CFG_REQUIREMENT_WEBUI_SERVICE == "true" ]]; then
|
if [[ $CFG_REQUIREMENT_WEBUI_SERVICE == "true" ]]; then
|
||||||
### Check if systemd service is running (accept the pre-rename name too)
|
### Check if systemd service is running
|
||||||
if runSystem systemctl is-active --quiet libreportal-taskprocessor.service \
|
if runSystem systemctl is-active --quiet libreportal.service; then
|
||||||
|| runSystem systemctl is-active --quiet libreportal.service; then
|
|
||||||
isSuccessful "LibrePortal task processor service is running."
|
isSuccessful "LibrePortal task processor service is running."
|
||||||
else
|
else
|
||||||
isNotice "LibrePortal task processor service is not running."
|
isNotice "LibrePortal task processor service is not running."
|
||||||
|
|||||||
@ -1,6 +1,6 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
# LibrePortal task-processor systemd helper — the only root-privileged management
|
# LibrePortal task-processor systemd helper — the only root-privileged management
|
||||||
# of the libreportal-taskprocessor.service unit the manager may trigger. Installed root:root
|
# of the libreportal.service unit the manager may trigger. Installed root:root
|
||||||
# 0755 to /usr/local/sbin by init.sh. Self-contained: it GENERATES the unit from
|
# 0755 to /usr/local/sbin by init.sh. Self-contained: it GENERATES the unit from
|
||||||
# config (mode + install-user uid + the baked manager name + fixed script paths)
|
# config (mode + install-user uid + the baked manager name + fixed script paths)
|
||||||
# — it does NOT accept unit content from the caller (that would be root: an
|
# — it does NOT accept unit content from the caller (that would be root: an
|
||||||
@ -25,12 +25,7 @@ BACKUPS_DIR="__BACKUPS_DIR__"
|
|||||||
[[ "$CONTAINERS_DIR" == *"__"* || -z "$CONTAINERS_DIR" ]] && CONTAINERS_DIR="/libreportal-containers"
|
[[ "$CONTAINERS_DIR" == *"__"* || -z "$CONTAINERS_DIR" ]] && CONTAINERS_DIR="/libreportal-containers"
|
||||||
[[ "$BACKUPS_DIR" == *"__"* || -z "$BACKUPS_DIR" ]] && BACKUPS_DIR="/libreportal-backups"
|
[[ "$BACKUPS_DIR" == *"__"* || -z "$BACKUPS_DIR" ]] && BACKUPS_DIR="/libreportal-backups"
|
||||||
|
|
||||||
SERVICE_NAME="libreportal-taskprocessor.service"
|
SERVICE_FILE="/etc/systemd/system/libreportal.service"
|
||||||
SERVICE_FILE="/etc/systemd/system/$SERVICE_NAME"
|
|
||||||
# Pre-rename unit name — removed on install so an upgraded box doesn't keep a
|
|
||||||
# duplicate/orphan processor running under the old name.
|
|
||||||
LEGACY_SERVICE_NAME="libreportal.service"
|
|
||||||
LEGACY_SERVICE_FILE="/etc/systemd/system/$LEGACY_SERVICE_NAME"
|
|
||||||
INSTALL_SCRIPTS_DIR="$SYSTEM_DIR/install/scripts"
|
INSTALL_SCRIPTS_DIR="$SYSTEM_DIR/install/scripts"
|
||||||
TASK_PROCESSOR="$INSTALL_SCRIPTS_DIR/crontab/task/crontab_task_processor.sh"
|
TASK_PROCESSOR="$INSTALL_SCRIPTS_DIR/crontab/task/crontab_task_processor.sh"
|
||||||
DB_CFG="$SYSTEM_DIR/configs/general/general_docker_install"
|
DB_CFG="$SYSTEM_DIR/configs/general/general_docker_install"
|
||||||
@ -83,29 +78,19 @@ WantedBy=multi-user.target
|
|||||||
EOF
|
EOF
|
||||||
}
|
}
|
||||||
|
|
||||||
# Remove the pre-rename unit if it's still around (idempotent migration).
|
|
||||||
_drop_legacy() {
|
|
||||||
if [[ -f "$LEGACY_SERVICE_FILE" ]]; then
|
|
||||||
systemctl disable --now "$LEGACY_SERVICE_NAME" >/dev/null 2>&1
|
|
||||||
rm -f "$LEGACY_SERVICE_FILE"
|
|
||||||
systemctl daemon-reload
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
install_unit() {
|
install_unit() {
|
||||||
_drop_legacy
|
|
||||||
local desired current=""
|
local desired current=""
|
||||||
desired="$(_gen_unit)"
|
desired="$(_gen_unit)"
|
||||||
[[ -f "$SERVICE_FILE" ]] && current="$(cat "$SERVICE_FILE" 2>/dev/null)"
|
[[ -f "$SERVICE_FILE" ]] && current="$(cat "$SERVICE_FILE" 2>/dev/null)"
|
||||||
if [[ "$desired" != "$current" ]]; then
|
if [[ "$desired" != "$current" ]]; then
|
||||||
printf '%s\n' "$desired" > "$SERVICE_FILE"
|
printf '%s\n' "$desired" > "$SERVICE_FILE"
|
||||||
systemctl daemon-reload
|
systemctl daemon-reload
|
||||||
systemctl enable "$SERVICE_NAME" >/dev/null 2>&1
|
systemctl enable libreportal.service >/dev/null 2>&1
|
||||||
systemctl restart "$SERVICE_NAME"
|
systemctl restart libreportal.service
|
||||||
echo "updated"
|
echo "updated"
|
||||||
else
|
else
|
||||||
systemctl enable "$SERVICE_NAME" >/dev/null 2>&1
|
systemctl enable libreportal.service >/dev/null 2>&1
|
||||||
systemctl is-active --quiet "$SERVICE_NAME" || systemctl start "$SERVICE_NAME"
|
systemctl is-active --quiet libreportal.service || systemctl start libreportal.service
|
||||||
echo "unchanged"
|
echo "unchanged"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
@ -113,9 +98,9 @@ install_unit() {
|
|||||||
action="${1:-}"
|
action="${1:-}"
|
||||||
case "$action" in
|
case "$action" in
|
||||||
install) install_unit ;;
|
install) install_unit ;;
|
||||||
enable) systemctl enable "$SERVICE_NAME" >/dev/null 2>&1 ;;
|
enable) systemctl enable libreportal.service >/dev/null 2>&1 ;;
|
||||||
restart) systemctl restart "$SERVICE_NAME" ;;
|
restart) systemctl restart libreportal.service ;;
|
||||||
start) systemctl start "$SERVICE_NAME" ;;
|
start) systemctl start libreportal.service ;;
|
||||||
status) systemctl is-active "$SERVICE_NAME" ;;
|
status) systemctl is-active libreportal.service ;;
|
||||||
*) echo "usage: libreportal-svc {install|enable|restart|start|status}" >&2; exit 2 ;;
|
*) echo "usage: libreportal-svc {install|enable|restart|start|status}" >&2; exit 2 ;;
|
||||||
esac
|
esac
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user