change paths

fix hardcoded hostname
2020-05-26 16:26:26 -07:00 · 2020-05-26 16:26:26 -07:00 · e413c46d78
parent 591f1bf927
commit e413c46d78
3 changed files with 15 additions and 17 deletions
--- a/dist/systemd/barrierc@.service.in
+++ b/dist/systemd/barrierc@.service.in
@ -13,7 +13,7 @@
 #  Enabling:
 #   systemctl enable barrierc@myserver
 #
-#  SSL Fingerprints are stored in /var/db/barrier@<hostname> for each client 
+#  SSL Fingerprints are stored in /var/lib/barrier@<hostname> for each client 
 #  instance.

 [Unit]
@ -25,8 +25,6 @@ After=network-online.target
 Wants=network-online.target
 # Don't run client if server is running
 Conflicts=barriers.service
-# Sanity check that /var/db exists
-ConditionPathExists=/var/db

 [Service]
 Type=exec
@ -35,17 +33,19 @@ Environment=LOG_LEVEL=INFO
 # Default display is :0
 Environment=DISPLAY=:0
 # Store fingerprints in instnace specific directories
-Environment=XDG_DATA_HOME=/var/db/barrier@%i
+Environment=XDG_DATA_HOME=/var/lib/barrier@%i
 # TrustedServers.txt Directory
-Environment=FP_DIR=/var/db/barrier@%i/barrier/SSL/Fingerprints
+Environment=FP_DIR=/var/lib/barrier@%i/barrier/SSL/Fingerprints
 # Ensure the Fingerprints directory exists
 ExecStartPre=mkdir -p "${FP_DIR}"

 # This uses openssl commands and grep to get the server's key and 
 # store it in the TrustedServers.txt file. OpenSSL is a requirement
-# for barrier on Linux so these commands should exist.
+# for barrier on Linux so these commands should exist. This will only
+# work if using the default 24800 port (since the port number must be
+# specified for openssl)
 ExecStartPre=sh -c "[ -f "${FP_DIR}/TrustedServers.txt" ] ||\
-openssl s_client -connect big.home:24800 2>/dev/null |\
+openssl s_client -connect %i:24800 2>/dev/null |\
 openssl x509 -noout -sha1 -fingerprint |\
 grep -oE '([A-Z0-9]{2}:?){20}' > ${FP_DIR}/TrustedServers.txt"

--- a/dist/systemd/barriers.service.in
+++ b/dist/systemd/barriers.service.in
@ -4,7 +4,7 @@
 #
 #  This systemd service starts barrier on the default port 24800. 
 #
-#  SSL data is stored in /var/db/barrier:24800/barrier/SSL 
+#  SSL data is stored in /var/lib/barrier:24800/barrier/SSL 

 [Unit]
 Description=Barrier Server listening on 24800 (Open-source KVM software)
@ -15,8 +15,6 @@ After=network-online.target
 Wants=network-online.target
 # Don't run server if client or another instance is running
 Conflicts=barrierc@.service barriers@.service
-# Sanity check that /var/db exists
-ConditionPathExists=/var/db

 [Service]
 Type=exec
@ -25,9 +23,9 @@ Environment=LOG_LEVEL=INFO
 # Default display is :0
 Environment=DISPLAY=:0
 # Store SSL data in instance specific directories 
-Environment=XDG_DATA_HOME=/var/db/barrier:24800
+Environment=XDG_DATA_HOME=/var/lib/barrier:24800
 # SSL data directory
-Environment=CERT_DIR=/var/db/barrier:24800/barrier/SSL
+Environment=CERT_DIR=/var/lib/barrier:24800/barrier/SSL

 # Create the certificate directory
 ExecStartPre=mkdir -p ${CERT_DIR}
--- a/dist/systemd/barriers@.service.in
+++ b/dist/systemd/barriers@.service.in
@ -13,7 +13,7 @@
 #  Enabling:
 #   systemctl enable barriers@0.0.0.0:24800
 #
-#  SSL data is stored in /var/db/barrier<instance>/barrier/SSL for each
+#  SSL data is stored in /var/lib/barrier<instance>/barrier/SSL for each
 #  instance.

 [Unit]
@ -25,8 +25,8 @@ After=network-online.target
 Wants=network-online.target
 # Don't run server if client or another server is running
 Conflicts=barrierc@.service barriers.service
-# Sanity check that /var/db exists
-ConditionPathExists=/var/db
+# Sanity check that /var/lib exists
+ConditionPathExists=/var/lib

 [Service]
 Type=exec
@ -35,9 +35,9 @@ Environment=LOG_LEVEL=INFO
 # Default display is :0
 Environment=DISPLAY=:0
 # Store SSL data in instance specific directories 
-Environment=XDG_DATA_HOME=/var/db/barrier%i
+Environment=XDG_DATA_HOME=/var/lib/barrier%i
 # SSL data directory
-Environment=CERT_DIR=/var/db/barrier%i/barrier/SSL
+Environment=CERT_DIR=/var/lib/barrier%i/barrier/SSL

 # Create the certificate directory
 ExecStartPre=mkdir -p ${CERT_DIR}