From e44776cdcc9e8fd84c5f852fbf7a1201a2027e80 Mon Sep 17 00:00:00 2001 From: Michael Aldridge Date: Sun, 29 Aug 2021 19:39:22 -0500 Subject: [PATCH] vault-acme: mlock executable --- srcpkgs/vault-acme/INSTALL | 13 +++++++++++++ srcpkgs/vault-acme/template | 2 +- 2 files changed, 14 insertions(+), 1 deletion(-) create mode 100644 srcpkgs/vault-acme/INSTALL diff --git a/srcpkgs/vault-acme/INSTALL b/srcpkgs/vault-acme/INSTALL new file mode 100644 index 00000000000..2dfb330919b --- /dev/null +++ b/srcpkgs/vault-acme/INSTALL @@ -0,0 +1,13 @@ +case "${ACTION}" in +post) + # Set CAP_IPC_LOCK capability or exit gracefully if we cannot + # set the capability due to invalid permissions (fakeroot + # install). + set +e + setcap 'cap_ipc_lock=+ep' /usr/bin/vault-acme + if [ $? -ne 0 ]; then + echo "ERROR: failed to set cap_ipc_lock capability on vault-acme." + exit 0 + fi + ;; +esac diff --git a/srcpkgs/vault-acme/template b/srcpkgs/vault-acme/template index 6222e905d8c..f65bf4d41ef 100644 --- a/srcpkgs/vault-acme/template +++ b/srcpkgs/vault-acme/template @@ -1,7 +1,7 @@ # Template file for 'vault-acme' pkgname=vault-acme version=0.0.8 -revision=1 +revision=2 build_style=go go_import_path=github.com/remilapeyre/vault-acme go_package="$go_import_path/cmd/acme $go_import_path/cmd/sidecar"