Merge #12769: Add systemd service to bitcoind in debian package

2a87b1b Add systemd service for bitcoind (ctp-tsteenholdt)
9085532 Sync contrib/debian from Matt Corallo's PPA (ctp-tsteenholdt)

Pull request description:

  On suggestion from @TheBlueMatt I have updated `contrib/debian` files to include a systemd service in the `bitcoind` build. Tested and working on Ubuntu 16.04 and 17.10.

  This fixes Issue #12758

Tree-SHA512: b6137fafee940c7410df1242c8716a87f47c5bc60eb8df3ad0184a50c2d67ef3f2728761c742670a0ad546ab6e7ad60472a721350cd6280b3bcbdc582e50ee07
This commit is contained in:
Wladimir J. van der Laan 2018-05-01 16:51:56 +02:00
commit 35eb9d6c88
No known key found for this signature in database
GPG key ID: 1E4AED62986CD25D
10 changed files with 235 additions and 9 deletions

View file

@ -1,5 +1,5 @@
[Desktop Entry]
Version=1.0
Encoding=UTF-8
Name=Bitcoin Core
Comment=Connect to the Bitcoin P2P Network
Comment[de]=Verbinde mit dem Bitcoin peer-to-peer Netzwerk
@ -11,4 +11,3 @@ Type=Application
Icon=bitcoin128
MimeType=x-scheme-handler/bitcoin;
Categories=Office;Finance;P2P;Network;Qt;
StartupWMClass=Bitcoin-qt

View file

@ -1,2 +1,3 @@
usr/local/bin/bitcoind usr/bin
usr/local/bin/bitcoin-cli usr/bin
debian/examples/bitcoin.conf etc/bitcoin

View file

@ -0,0 +1,27 @@
#!/bin/sh
# setup bitcoin account, homedir etc
set -e
BCUSER="bitcoin"
BCHOME="/var/lib/bitcoin"
if [ "$1" = "configure" ]; then
# Add bitcoin user/group - this will gracefully abort if the user already exists.
# A homedir is never created.
adduser --system --home "${BCHOME}" --no-create-home --group "${BCUSER}"
# If the homedir does not already exist, create it with proper
# ownership and permissions.
if [ ! -d "${BCHOME}" ]; then
mkdir -m 0750 -p "${BCHOME}"
chown "${BCUSER}:${BCUSER}" "${BCHOME}"
fi
fi
#DEBHELPER#
exit 0

View file

@ -0,0 +1,35 @@
#!/bin/sh
# setup bitcoin account, homedir etc
set -e
BCUSER="bitcoin"
BCHOME="/var/lib/bitcoin"
if [ "$1" = "purge" ]; then
# The bitcoin user is left in place for now - This is to ensure that a new user
# will not inherit the users UID/GID and inadvertently gain access to wallets etc
# The homedir is also left intact to ensure that we don't accidentally delete a
# wallet or something equally important
echo
echo "#"
echo "# The bitcoin user (${BCUSER}) and data dir (${BCHOME})"
echo "# were left intact."
echo "#"
echo "# Make sure to check \"${BCHOME}\" for wallets and other"
echo "# important bits."
echo "#"
echo "# After backing up all vital data, cleanup can be completed"
echo "# by running: sudo userdel -r ${BCUSER}"
echo "#"
echo
fi
#DEBHELPER#
exit 0

View file

@ -0,0 +1,45 @@
# It is not recommended to modify this file in-place, because it will
# be overwritten during package upgrades. If you want to add further
# options or overwrite existing ones then use
# $ systemctl edit bitcoind.service
# See "man systemd.service" for details.
# Note that almost all daemon options could be specified in
# /etc/bitcoin/bitcoin.conf
[Unit]
Description=Bitcoin daemon
After=network.target
[Service]
ExecStart=/usr/bin/bitcoind -daemon -datadir=/var/lib/bitcoin -conf=/etc/bitcoin/bitcoin.conf -pid=/run/bitcoind/bitcoind.pid
# Creates /run/bitcoind owned by bitcoin
RuntimeDirectory=bitcoind
User=bitcoin
Type=forking
PIDFile=/run/bitcoind/bitcoind.pid
Restart=on-failure
# Hardening measures
####################
# Provide a private /tmp and /var/tmp.
PrivateTmp=true
# Mount /usr, /boot/ and /etc read-only for the process.
ProtectSystem=full
# Disallow the process and all of its children to gain
# new privileges through execve().
NoNewPrivileges=true
# Use a new /dev namespace only populated with API pseudo devices
# such as /dev/null, /dev/zero and /dev/random.
PrivateDevices=true
# Deny the creation of writable and executable memory mappings.
# Commented out as it's not supported on Debian 8 or Ubuntu 16.04 LTS
#MemoryDenyWriteExecute=true
[Install]
WantedBy=multi-user.target

View file

@ -1,3 +1,95 @@
bitcoin (0.16.0-trusty2) trusty; urgency=medium
* Add systemd service to bitcoind
-- Thomas M Steenholdt <tsteenholdt@cascadetechnologypartners.com> Wed, 18 Apr 2018 16:40:00 -0200
bitcoin (0.16.0-xenial1) xenial; urgency=medium
* Mark for xenial.
-- Matt Corallo (BlueMatt) <matt@mattcorallo.com> Mon, 05 Mar 2018 11:20:00 -0500
bitcoin (0.16.0-trusty1) trusty; urgency=medium
* New upstream release.
-- Matt Corallo (BlueMatt) <matt@mattcorallo.com> Mon, 05 Mar 2018 11:18:00 -0500
bitcoin (0.15.1-trusty1) trusty; urgency=medium
* New upstream release.
* Remove backported patches (which are now upstream).
-- Matt Corallo (BlueMatt) <matt@mattcorallo.com> Sat, 11 Nov 2017 16:51:00 -0500
bitcoin (0.15.0-artful9) artful; urgency=medium
* Mark for artful.
-- Matt Corallo (BlueMatt) <matt@mattcorallo.com> Sat, 21 Oct 2017 20:56:00 -0400
bitcoin (0.15.0-trusty9) trusty; urgency=medium
* Add missing xvfb dep.
-- Matt Corallo (BlueMatt) <matt@mattcorallo.com> Thu, 14 Sep 2017 22:47:00 -0400
bitcoin (0.15.0-trusty8) trusty; urgency=medium
* Backport #11332 to fix Qt settings upgrade segfault.
* Use qt5 on arm to fix Qt test segfault.
-- Matt Corallo (BlueMatt) <matt@mattcorallo.com> Thu, 14 Sep 2017 22:03:00 -0400
bitcoin (0.15.0-trusty7) trusty; urgency=medium
* Backport #11210 to fix build inside launchpad.
-- Matt Corallo (BlueMatt) <matt@mattcorallo.com> Tue, 12 Sep 2017 16:13:00 -0400
bitcoin (0.15.0-trusty6) trusty; urgency=medium
* Make launchpad print more debug information.
-- Matt Corallo (BlueMatt) <matt@mattcorallo.com> Tue, 12 Sep 2017 12:50:00 -0400
bitcoin (0.15.0-trusty5) trusty; urgency=medium
* Use proper makefile comparison to fix Xvfb start.
-- Matt Corallo (BlueMatt) <matt@mattcorallo.com> Tue, 12 Sep 2017 12:49:00 -0400
bitcoin (0.15.0-trusty4) trusty; urgency=medium
* Use full path for start-stop-daemon to fix Xvfb start.
-- Matt Corallo (BlueMatt) <matt@mattcorallo.com> Tue, 12 Sep 2017 11:44:00 -0400
bitcoin (0.15.0-trusty3) trusty; urgency=medium
* Fix DISPLAY setting when using xvfb.
-- Matt Corallo (BlueMatt) <matt@mattcorallo.com> Mon, 11 Sep 2017 20:06:00 -0400
bitcoin (0.15.0-trusty2) trusty; urgency=medium
* Use xvfb to run qt4 tests.
-- Matt Corallo (BlueMatt) <matt@mattcorallo.com> Mon, 11 Sep 2017 17:31:00 -0400
bitcoin (0.15.0-trusty1) trusty; urgency=medium
* New upstream release.
-- Matt Corallo (BlueMatt) <matt@mattcorallo.com> Mon, 11 Sep 2017 16:17:00 -0400
bitcoin (0.14.2-trusty1) trusty; urgency=medium
* New upstream release.
-- Matt Corallo (BlueMatt) <matt@mattcorallo.com> Fri, 23 Jun 2017 18:21:00 -0400
bitcoin (0.14.1-trusty4) trusty; urgency=medium
* Re-enable UPnP support.

View file

@ -20,11 +20,13 @@ Build-Depends: debhelper,
libboost-chrono1.48-dev | libboost-chrono-dev (>> 1.47),
libminiupnpc8-dev | libminiupnpc-dev,
qt4-qmake, libqt4-dev,
xvfb,
qttools5-dev-tools, qttools5-dev,
libqrencode-dev,
libprotobuf-dev, protobuf-compiler,
python,
libzmq3-dev
libzmq3-dev,
dh-systemd
Standards-Version: 3.9.2
Homepage: https://bitcoincore.org/
Vcs-Git: git://github.com/bitcoin/bitcoin.git
@ -32,7 +34,7 @@ Vcs-Browser: https://github.com/bitcoin/bitcoin
Package: bitcoind
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends}
Depends: ${shlibs:Depends}, ${misc:Depends}, adduser
Description: peer-to-peer network based digital currency - daemon
Bitcoin is a free open source peer-to-peer electronic cash system that
is completely decentralized, without the need for a central server or

View file

@ -76,10 +76,10 @@
#rpcuser=Ulysseys
#rpcpassword=YourSuperGreatPasswordNumber_DO_NOT_USE_THIS_OR_YOU_WILL_GET_ROBBED_385593
#
# The second method `rpcauth` can be added to server startup argument. It is set at initialization time
# using the output from the script in share/rpcauth/rpcauth.py after providing a username:
# The second method `rpcauth` can be added to server startup argument. It is set at intialization time
# using the output from the script in share/rpcuser/rpcuser.py after providing a username:
#
# ./share/rpcauth/rpcauth.py alice
# ./share/rpcuser/rpcuser.py alice
# String to be appended to bitcoin.conf:
# rpcauth=alice:f7efda5c189b999524f151318c0c86$d5b51b3beffbc02b724e5d095828e0bc8b2456e9ac8757ae3211a5d9b16a22ae
# Your password:

View file

@ -1 +0,0 @@

View file

@ -6,13 +6,20 @@
# $(if $(filter nocheck,$(DEB_BUILD_OPTIONS)),,src/test_bitcoin)
%:
dh --with bash-completion $@
dh --with bash-completion --with systemd $@
override_dh_auto_clean:
if [ -f Makefile ]; then $(MAKE) distclean; fi
rm -rf Makefile.in aclocal.m4 configure src/Makefile.in src/bitcoin-config.h.in src/build-aux src/qt/Makefile.in src/qt/test/Makefile.in src/test/Makefile.in
QT=$(shell dpkg-vendor --derives-from Ubuntu && echo qt4 || echo qt5)
# qt4 is very broken on arm
ifeq ($(findstring arm,$(shell uname -m)),arm)
QT=qt5
endif
ifeq ($(findstring aarch64,$(shell uname -m)),aarch64)
QT=qt5
endif
# Yea, autogen should be run on the source archive, but I like doing git archive
override_dh_auto_configure:
@ -20,4 +27,23 @@ override_dh_auto_configure:
./configure --with-gui=$(QT)
override_dh_auto_test:
ifeq ($(QT), qt4)
xvfb-run -n 99 -l make check
else
make check
endif
# No SysV or Upstart init scripts included
override_dh_installinit:
dh_installinit \
--noscripts
# Dont enable service by default
override_dh_systemd_enable:
dh_systemd_enable \
--no-enable
# Restart after upgrade
override_dh_systemd_start:
dh_systemd_start \
--restart-after-upgrade