From 9085532d35207c4a7690812ae82e476cf518d451 Mon Sep 17 00:00:00 2001 From: ctp-tsteenholdt Date: Fri, 20 Apr 2018 08:31:58 -0200 Subject: [PATCH 1/2] Sync contrib/debian from Matt Corallo's PPA --- contrib/debian/bitcoin-qt.desktop | 3 +- contrib/debian/changelog | 86 ++++++++++++++++++++++++++++ contrib/debian/control | 1 + contrib/debian/examples/bitcoin.conf | 6 +- contrib/debian/patches/series | 1 - contrib/debian/rules | 11 ++++ 6 files changed, 102 insertions(+), 6 deletions(-) diff --git a/contrib/debian/bitcoin-qt.desktop b/contrib/debian/bitcoin-qt.desktop index 8b3122264..81e0ff5ae 100644 --- a/contrib/debian/bitcoin-qt.desktop +++ b/contrib/debian/bitcoin-qt.desktop @@ -1,5 +1,5 @@ [Desktop Entry] -Version=1.0 +Encoding=UTF-8 Name=Bitcoin Core Comment=Connect to the Bitcoin P2P Network Comment[de]=Verbinde mit dem Bitcoin peer-to-peer Netzwerk @@ -11,4 +11,3 @@ Type=Application Icon=bitcoin128 MimeType=x-scheme-handler/bitcoin; Categories=Office;Finance;P2P;Network;Qt; -StartupWMClass=Bitcoin-qt diff --git a/contrib/debian/changelog b/contrib/debian/changelog index 33dab9b63..dd644559f 100644 --- a/contrib/debian/changelog +++ b/contrib/debian/changelog @@ -1,3 +1,89 @@ +bitcoin (0.16.0-xenial1) xenial; urgency=medium + + * Mark for xenial. + + -- Matt Corallo (BlueMatt) Mon, 05 Mar 2018 11:20:00 -0500 + +bitcoin (0.16.0-trusty1) trusty; urgency=medium + + * New upstream release. + + -- Matt Corallo (BlueMatt) Mon, 05 Mar 2018 11:18:00 -0500 + +bitcoin (0.15.1-trusty1) trusty; urgency=medium + + * New upstream release. + * Remove backported patches (which are now upstream). + + -- Matt Corallo (BlueMatt) Sat, 11 Nov 2017 16:51:00 -0500 + +bitcoin (0.15.0-artful9) artful; urgency=medium + + * Mark for artful. + + -- Matt Corallo (BlueMatt) Sat, 21 Oct 2017 20:56:00 -0400 + +bitcoin (0.15.0-trusty9) trusty; urgency=medium + + * Add missing xvfb dep. + + -- Matt Corallo (BlueMatt) Thu, 14 Sep 2017 22:47:00 -0400 + +bitcoin (0.15.0-trusty8) trusty; urgency=medium + + * Backport #11332 to fix Qt settings upgrade segfault. + * Use qt5 on arm to fix Qt test segfault. + + -- Matt Corallo (BlueMatt) Thu, 14 Sep 2017 22:03:00 -0400 + +bitcoin (0.15.0-trusty7) trusty; urgency=medium + + * Backport #11210 to fix build inside launchpad. + + -- Matt Corallo (BlueMatt) Tue, 12 Sep 2017 16:13:00 -0400 + +bitcoin (0.15.0-trusty6) trusty; urgency=medium + + * Make launchpad print more debug information. + + -- Matt Corallo (BlueMatt) Tue, 12 Sep 2017 12:50:00 -0400 + +bitcoin (0.15.0-trusty5) trusty; urgency=medium + + * Use proper makefile comparison to fix Xvfb start. + + -- Matt Corallo (BlueMatt) Tue, 12 Sep 2017 12:49:00 -0400 + +bitcoin (0.15.0-trusty4) trusty; urgency=medium + + * Use full path for start-stop-daemon to fix Xvfb start. + + -- Matt Corallo (BlueMatt) Tue, 12 Sep 2017 11:44:00 -0400 + +bitcoin (0.15.0-trusty3) trusty; urgency=medium + + * Fix DISPLAY setting when using xvfb. + + -- Matt Corallo (BlueMatt) Mon, 11 Sep 2017 20:06:00 -0400 + +bitcoin (0.15.0-trusty2) trusty; urgency=medium + + * Use xvfb to run qt4 tests. + + -- Matt Corallo (BlueMatt) Mon, 11 Sep 2017 17:31:00 -0400 + +bitcoin (0.15.0-trusty1) trusty; urgency=medium + + * New upstream release. + + -- Matt Corallo (BlueMatt) Mon, 11 Sep 2017 16:17:00 -0400 + +bitcoin (0.14.2-trusty1) trusty; urgency=medium + + * New upstream release. + + -- Matt Corallo (BlueMatt) Fri, 23 Jun 2017 18:21:00 -0400 + bitcoin (0.14.1-trusty4) trusty; urgency=medium * Re-enable UPnP support. diff --git a/contrib/debian/control b/contrib/debian/control index 0d6ad25e2..b7ca999ba 100644 --- a/contrib/debian/control +++ b/contrib/debian/control @@ -20,6 +20,7 @@ Build-Depends: debhelper, libboost-chrono1.48-dev | libboost-chrono-dev (>> 1.47), libminiupnpc8-dev | libminiupnpc-dev, qt4-qmake, libqt4-dev, + xvfb, qttools5-dev-tools, qttools5-dev, libqrencode-dev, libprotobuf-dev, protobuf-compiler, diff --git a/contrib/debian/examples/bitcoin.conf b/contrib/debian/examples/bitcoin.conf index 4dd73162a..1029a5107 100644 --- a/contrib/debian/examples/bitcoin.conf +++ b/contrib/debian/examples/bitcoin.conf @@ -76,10 +76,10 @@ #rpcuser=Ulysseys #rpcpassword=YourSuperGreatPasswordNumber_DO_NOT_USE_THIS_OR_YOU_WILL_GET_ROBBED_385593 # -# The second method `rpcauth` can be added to server startup argument. It is set at initialization time -# using the output from the script in share/rpcauth/rpcauth.py after providing a username: +# The second method `rpcauth` can be added to server startup argument. It is set at intialization time +# using the output from the script in share/rpcuser/rpcuser.py after providing a username: # -# ./share/rpcauth/rpcauth.py alice +# ./share/rpcuser/rpcuser.py alice # String to be appended to bitcoin.conf: # rpcauth=alice:f7efda5c189b999524f151318c0c86$d5b51b3beffbc02b724e5d095828e0bc8b2456e9ac8757ae3211a5d9b16a22ae # Your password: diff --git a/contrib/debian/patches/series b/contrib/debian/patches/series index 8b1378917..e69de29bb 100644 --- a/contrib/debian/patches/series +++ b/contrib/debian/patches/series @@ -1 +0,0 @@ - diff --git a/contrib/debian/rules b/contrib/debian/rules index 6885e3852..84c5edd4a 100755 --- a/contrib/debian/rules +++ b/contrib/debian/rules @@ -13,6 +13,13 @@ override_dh_auto_clean: rm -rf Makefile.in aclocal.m4 configure src/Makefile.in src/bitcoin-config.h.in src/build-aux src/qt/Makefile.in src/qt/test/Makefile.in src/test/Makefile.in QT=$(shell dpkg-vendor --derives-from Ubuntu && echo qt4 || echo qt5) +# qt4 is very broken on arm +ifeq ($(findstring arm,$(shell uname -m)),arm) + QT=qt5 +endif +ifeq ($(findstring aarch64,$(shell uname -m)),aarch64) + QT=qt5 +endif # Yea, autogen should be run on the source archive, but I like doing git archive override_dh_auto_configure: @@ -20,4 +27,8 @@ override_dh_auto_configure: ./configure --with-gui=$(QT) override_dh_auto_test: +ifeq ($(QT), qt4) + xvfb-run -n 99 -l make check +else make check +endif From 2a87b1b07c5c4f8b9b34747c5f254c2ae1e824bf Mon Sep 17 00:00:00 2001 From: ctp-tsteenholdt Date: Fri, 20 Apr 2018 08:34:12 -0200 Subject: [PATCH 2/2] Add systemd service for bitcoind Adding systemd service for bitcoind, to provide for a simpler out-of-the-box experience. Configuration file is /etc/bitcoin/bitcoin.conf. This file is a copy of the sample configuration file. The service user 'bitcoin' is added during install. Its homedir is in '/var/lib/bitcoin'. bitcoind.service is disabled by default to allow the user to configure it, before starting it the first time. On package purge, the 'bitcoin' user as well as its homedir is left intact, to not accidentally remove a wallet or something of equal importance. Instead the user is presented with information on how to perform the cleanup manually, after making sure all important data has been backed up. --- contrib/debian/bitcoind.install | 1 + contrib/debian/bitcoind.postinst | 27 +++++++++++++++++++ contrib/debian/bitcoind.postrm | 35 +++++++++++++++++++++++++ contrib/debian/bitcoind.service | 45 ++++++++++++++++++++++++++++++++ contrib/debian/changelog | 6 +++++ contrib/debian/control | 5 ++-- contrib/debian/rules | 17 +++++++++++- 7 files changed, 133 insertions(+), 3 deletions(-) create mode 100644 contrib/debian/bitcoind.postinst create mode 100644 contrib/debian/bitcoind.postrm create mode 100644 contrib/debian/bitcoind.service diff --git a/contrib/debian/bitcoind.install b/contrib/debian/bitcoind.install index 798ea851f..86582a6c1 100644 --- a/contrib/debian/bitcoind.install +++ b/contrib/debian/bitcoind.install @@ -1,2 +1,3 @@ usr/local/bin/bitcoind usr/bin usr/local/bin/bitcoin-cli usr/bin +debian/examples/bitcoin.conf etc/bitcoin diff --git a/contrib/debian/bitcoind.postinst b/contrib/debian/bitcoind.postinst new file mode 100644 index 000000000..e9884f3e3 --- /dev/null +++ b/contrib/debian/bitcoind.postinst @@ -0,0 +1,27 @@ +#!/bin/sh + +# setup bitcoin account, homedir etc + +set -e + +BCUSER="bitcoin" +BCHOME="/var/lib/bitcoin" + +if [ "$1" = "configure" ]; then + + # Add bitcoin user/group - this will gracefully abort if the user already exists. + # A homedir is never created. + adduser --system --home "${BCHOME}" --no-create-home --group "${BCUSER}" + + # If the homedir does not already exist, create it with proper + # ownership and permissions. + if [ ! -d "${BCHOME}" ]; then + mkdir -m 0750 -p "${BCHOME}" + chown "${BCUSER}:${BCUSER}" "${BCHOME}" + fi + +fi + +#DEBHELPER# + +exit 0 diff --git a/contrib/debian/bitcoind.postrm b/contrib/debian/bitcoind.postrm new file mode 100644 index 000000000..aa128750d --- /dev/null +++ b/contrib/debian/bitcoind.postrm @@ -0,0 +1,35 @@ +#!/bin/sh + +# setup bitcoin account, homedir etc + +set -e + +BCUSER="bitcoin" +BCHOME="/var/lib/bitcoin" + +if [ "$1" = "purge" ]; then + + # The bitcoin user is left in place for now - This is to ensure that a new user + # will not inherit the users UID/GID and inadvertently gain access to wallets etc + + # The homedir is also left intact to ensure that we don't accidentally delete a + # wallet or something equally important + + echo + echo "#" + echo "# The bitcoin user (${BCUSER}) and data dir (${BCHOME})" + echo "# were left intact." + echo "#" + echo "# Make sure to check \"${BCHOME}\" for wallets and other" + echo "# important bits." + echo "#" + echo "# After backing up all vital data, cleanup can be completed" + echo "# by running: sudo userdel -r ${BCUSER}" + echo "#" + echo + +fi + +#DEBHELPER# + +exit 0 diff --git a/contrib/debian/bitcoind.service b/contrib/debian/bitcoind.service new file mode 100644 index 000000000..26c771f25 --- /dev/null +++ b/contrib/debian/bitcoind.service @@ -0,0 +1,45 @@ +# It is not recommended to modify this file in-place, because it will +# be overwritten during package upgrades. If you want to add further +# options or overwrite existing ones then use +# $ systemctl edit bitcoind.service +# See "man systemd.service" for details. + +# Note that almost all daemon options could be specified in +# /etc/bitcoin/bitcoin.conf + +[Unit] +Description=Bitcoin daemon +After=network.target + +[Service] +ExecStart=/usr/bin/bitcoind -daemon -datadir=/var/lib/bitcoin -conf=/etc/bitcoin/bitcoin.conf -pid=/run/bitcoind/bitcoind.pid +# Creates /run/bitcoind owned by bitcoin +RuntimeDirectory=bitcoind +User=bitcoin +Type=forking +PIDFile=/run/bitcoind/bitcoind.pid +Restart=on-failure + +# Hardening measures +#################### + +# Provide a private /tmp and /var/tmp. +PrivateTmp=true + +# Mount /usr, /boot/ and /etc read-only for the process. +ProtectSystem=full + +# Disallow the process and all of its children to gain +# new privileges through execve(). +NoNewPrivileges=true + +# Use a new /dev namespace only populated with API pseudo devices +# such as /dev/null, /dev/zero and /dev/random. +PrivateDevices=true + +# Deny the creation of writable and executable memory mappings. +# Commented out as it's not supported on Debian 8 or Ubuntu 16.04 LTS +#MemoryDenyWriteExecute=true + +[Install] +WantedBy=multi-user.target diff --git a/contrib/debian/changelog b/contrib/debian/changelog index dd644559f..1c7ad362d 100644 --- a/contrib/debian/changelog +++ b/contrib/debian/changelog @@ -1,3 +1,9 @@ +bitcoin (0.16.0-trusty2) trusty; urgency=medium + + * Add systemd service to bitcoind + + -- Thomas M Steenholdt Wed, 18 Apr 2018 16:40:00 -0200 + bitcoin (0.16.0-xenial1) xenial; urgency=medium * Mark for xenial. diff --git a/contrib/debian/control b/contrib/debian/control index b7ca999ba..ffb56f9ea 100644 --- a/contrib/debian/control +++ b/contrib/debian/control @@ -25,7 +25,8 @@ Build-Depends: debhelper, libqrencode-dev, libprotobuf-dev, protobuf-compiler, python, - libzmq3-dev + libzmq3-dev, + dh-systemd Standards-Version: 3.9.2 Homepage: https://bitcoincore.org/ Vcs-Git: git://github.com/bitcoin/bitcoin.git @@ -33,7 +34,7 @@ Vcs-Browser: https://github.com/bitcoin/bitcoin Package: bitcoind Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends} +Depends: ${shlibs:Depends}, ${misc:Depends}, adduser Description: peer-to-peer network based digital currency - daemon Bitcoin is a free open source peer-to-peer electronic cash system that is completely decentralized, without the need for a central server or diff --git a/contrib/debian/rules b/contrib/debian/rules index 84c5edd4a..fcd0c3941 100755 --- a/contrib/debian/rules +++ b/contrib/debian/rules @@ -6,7 +6,7 @@ # $(if $(filter nocheck,$(DEB_BUILD_OPTIONS)),,src/test_bitcoin) %: - dh --with bash-completion $@ + dh --with bash-completion --with systemd $@ override_dh_auto_clean: if [ -f Makefile ]; then $(MAKE) distclean; fi @@ -32,3 +32,18 @@ ifeq ($(QT), qt4) else make check endif + +# No SysV or Upstart init scripts included +override_dh_installinit: + dh_installinit \ + --noscripts + +# Don’t enable service by default +override_dh_systemd_enable: + dh_systemd_enable \ + --no-enable + +# Restart after upgrade +override_dh_systemd_start: + dh_systemd_start \ + --restart-after-upgrade