From 5a5847b9ef4bfd9bf08294dcd233e9eef77239b3 Mon Sep 17 00:00:00 2001 From: samuel Date: Wed, 3 May 2023 12:32:55 +0200 Subject: [PATCH] [Fix] Set primary group to enable access to rpms for deployer user --- netoik-cicd.spec | 4 ++-- systemd/runner.service | 2 +- tests/tests.conf | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/netoik-cicd.spec b/netoik-cicd.spec index 191ead0..8009e8b 100644 --- a/netoik-cicd.spec +++ b/netoik-cicd.spec @@ -38,7 +38,7 @@ if ! id %{name}-runner; then --home-dir /home/%{name}-runner \ --shell=%{_bindir}/rpmdev-setuptree \ --groups %{name}-git-runner,%{name}-runner-deployer \ - --user-group \ + --gid %{name}-runner-deployer \ %{name}-runner runuser --login %{name}-runner runuser --login %{name}-runner -- git \ @@ -102,4 +102,4 @@ fi %attr(755, %{name}-runner, %{name}-runner) %dir %{_rundir}/%{name}/runner %attr(775, %{name}-deployer, %{name}-runner-deployer) %dir %{_rundir}/%{name}/pids %attr(755, root, root) %dir %{_tmppath}/%{name} -%attr(755, %{name}-runner, %{name}-runner) %dir %{_tmppath}/%{name}/repositories +%attr(755, %{name}-runner, root) %dir %{_tmppath}/%{name}/repositories diff --git a/systemd/runner.service b/systemd/runner.service index eb26ddf..6c11886 100644 --- a/systemd/runner.service +++ b/systemd/runner.service @@ -4,7 +4,7 @@ After=network.target netoik-cicd-deployer.service [Service] User=netoik-cicd-runner -Group=netoik-cicd-runner +Group=netoik-cicd-runner-deployer ExecStart=/usr/bin/netoik-cicd-runner Restart=always diff --git a/tests/tests.conf b/tests/tests.conf index 071f490..ea2cb73 100644 --- a/tests/tests.conf +++ b/tests/tests.conf @@ -14,10 +14,10 @@ conf_file="${temp}${sysconf_dir}/${name}/${name}.conf" errs_file="${temp}${sysconf_dir}/${name}/errors.conf" # Name of group unifying git and runner. -git_runner_groupname="$(id --user --name)" +git_runner_groupname="$(id --group --name)" # Name of group unifying runner and deployer. -runner_deployer_groupname="$(id --user --name)" +runner_deployer_groupname="$(id --group --name)" # Name of the user responsible of the deployer server. deployer_username="$(id --user --name)"