From 815f60a34fda9eedf0c96286f92afc5e6d16790b Mon Sep 17 00:00:00 2001 From: Jerome Sagnole Date: Tue, 5 Sep 2017 10:10:12 +0200 Subject: [PATCH] remove account compil (use only gameserver account for khanat server & patch server) --- .../docker/server/debian/common/init-basic.sh | 39 +++-------------- .../server/debian/common/init-khanat.sh | 42 +++++-------------- .../server/debian/jessie/x86_64/Dockerfile | 4 +- .../server/debian/jessie/x86_64/server.sh | 2 +- 4 files changed, 19 insertions(+), 68 deletions(-) diff --git a/dist/docker/server/debian/common/init-basic.sh b/dist/docker/server/debian/common/init-basic.sh index b91c65f10..50145ac64 100755 --- a/dist/docker/server/debian/common/init-basic.sh +++ b/dist/docker/server/debian/common/init-basic.sh @@ -71,32 +71,6 @@ if [ -f /etc/bash_completion ]; then fi EOF -#################################### -# Initialize bashrc (for compil) -#################################### -cat << EOF > /home/compil/.bashrc -# bashrc: executed by bash(1) for non-login shells. - -# You may uncomment the following lines if you want 'ls' to be colorized: -export SHELL=/bin/bash -export LS_OPTIONS='--color=auto' -eval "\`dircolors\`" -alias ls='ls \$LS_OPTIONS' -alias ll='ls \$LS_OPTIONS -l' -alias l='ls \$LS_OPTIONS -lA' - -# Some more alias to avoid making mistakes: -# alias rm='rm -i' -# alias cp='cp -i' -# alias mv='mv -i' - -# Autocompletion -if [ -f /etc/bash_completion ]; then - . /etc/bash_completion -fi -EOF -chown compil:compil /home/compil/.bashrc - #################################### # Initialize bashrc (for gameserver) #################################### @@ -128,9 +102,8 @@ chown gameserver:gameserver /home/gameserver/.bashrc #################################### # Update sudo rule (you can execute all command as root) -cat << EOF > /etc/sudoers.d/compil +cat << EOF > /etc/sudoers.d/gameserver # User privilege specification -compil ALL=NOPASSWD: ALL gameserver ALL=NOPASSWD: ALL EOF @@ -145,9 +118,6 @@ cat << EOF > /etc/issue.net * KHANAT SERVER DEV * ********************* -account compil -password khanat - account gameserver password khanat @@ -156,8 +126,11 @@ EOF # After Login cat << EOF > /etc/motd *************************************************** -connect to root use compil or gameserver and launch -sudo bash +connect to root use gameserver account and launch sudo command +like : + + sudo bash + --------------------------------------------------- mysql : account root (no password) *************************************************** diff --git a/dist/docker/server/debian/common/init-khanat.sh b/dist/docker/server/debian/common/init-khanat.sh index ebce45b50..f19a5298d 100755 --- a/dist/docker/server/debian/common/init-khanat.sh +++ b/dist/docker/server/debian/common/init-khanat.sh @@ -9,20 +9,20 @@ cd /opt; tar xzf ryzom-ressources.tar.gz || exit 2 # configure environment cat << EOF > /opt/shard.sh -export RYHOME=/home/compil -export RYZOM_PATH=/home/compil/ryzom +export RYHOME=/home/gameserver +export RYZOM_PATH=/home/gameserver/ryzom export PATH=\$PATH:/usr/local/bin:\$RYZOM_PATH/tools/scripts/linux -export RYDATA=/home/compil/khanat-ressources +export RYDATA=/home/gameserver/khanat-ressources export PATCH_HOME=/home/gameserver export PATCH_CLIENT_SYSTEM=\$PATCH_HOME/patch_service EOF # configure environment -cat << EOF > /home/compil/.bashrc -export RYHOME=/home/compil -export RYZOM_PATH=/home/compil/ryzom +cat << EOF > /home/gameserver/.bashrc +export RYHOME=/home/gameserver +export RYZOM_PATH=/home/gameserver/ryzom export PATH=\$PATH:/usr/local/bin:\$RYZOM_PATH/tools/scripts/linux -export RYDATA=/home/compil/khanat-ressources +export RYDATA=/home/gameserver/khanat-ressources export PATCH_HOME=/home/gameserver export PATCH_CLIENT_SYSTEM=\$PATCH_HOME/patch_service EOF @@ -187,7 +187,7 @@ mysql -u root -e "use nel; INSERT INTO nel.shard (ShardId, domain_id, WsAddr, NbPlayers, Name, Online, Version, FixedSessionId, State, MOTD) VALUES ('302', '12', '$addressip:', '0', 'Lirria shard', '0', '', '0', 'ds_open', '');" || exit 2 mysql -u root -e "use nel; -INSERT INTO nel_tool.neltool_domains (domain_id, domain_name, domain_as_host, domain_as_port, domain_rrd_path, domain_las_admin_path, domain_las_local_path, domain_application, domain_sql_string, domain_hd_check, domain_mfs_web, domain_cs_sql_string) VALUES ('12', 'Lirria', '$addressip', '46700', '/home/compil/ryzom/server/save_shard/rrd_graphs', '', '', 'ryzom_open', '', '0', NULL, NULL);" || exit 2 +INSERT INTO nel_tool.neltool_domains (domain_id, domain_name, domain_as_host, domain_as_port, domain_rrd_path, domain_las_admin_path, domain_las_local_path, domain_application, domain_sql_string, domain_hd_check, domain_mfs_web, domain_cs_sql_string) VALUES ('12', 'Lirria', '$addressip', '46700', '/home/gameserver/ryzom/server/save_shard/rrd_graphs', '', '', 'ryzom_open', '', '0', NULL, NULL);" || exit 2 mysql -u root -e "use nel; INSERT INTO nel_tool.neltool_shards (shard_id, shard_name, shard_as_id, shard_domain_id, shard_lang, shard_restart) VALUES ('302', 'open', 'open', '12', 'fr', '0');" || exit 2 @@ -290,14 +290,14 @@ for var in $RYDATA/translation/translated/*_en.txt; do nomfic=${var##*/}; ln -s for var in $RYDATA/translation/translated/*_wk.txt; do nomfic=${var##*/}; ln -s $nomfic ${var%/*}/${nomfic/_wk/_ru}; done cp /opt/code/ryzom/server/shard.screen.rc $RYZOM_PATH/server/shard.screen.rc -ln -s /usr/local /home/compil/build +ln -s /usr/local /home/gameserver/build /etc/init.d/ssh restart cp /usr/local/sbin/* /usr/local/bin cat << EOF source /opt/shard.sh -/home/compil/ryzom/tools/scripts/linux/shard +/home/gameserver/ryzom/tools/scripts/linux/shard EOF cat << EOF > /opt/autostart.sh @@ -311,7 +311,7 @@ tmp=\$(hostname -I) export addressip=\${tmp//[[:blank:]]/} sed -i -r 's/(FSListenHost)(.*)(=)(.*)(;)/FSListenHost = "'"\$addressip"'";/g' \$RYZOM_PATH/server/frontend_service.cfg || exit 2 -/home/compil/ryzom/tools/scripts/linux/shard start +/home/gameserver/ryzom/tools/scripts/linux/shard start EOF chmod +x /opt/autostart.sh @@ -468,26 +468,6 @@ awk 'BEGIN{found=0}{ } }' patch_game/ryzom.xml.ref > patch_game/ryzom.xml || exit 2 -#cat << EOF > $PATCH_HOME/patch_service/patch_game/ryzom.xml -# -# <_Categories> -# <_Category> -# <_Name type="STRING" value="khanat_lirria"/> -# <_IsOptional type="SINT32" value="0"/> -# <_UnpackTo type="STRING" value="./user/"/> -# <_IsIncremental type="SINT32" value="1"/> -# <_Files type="STRING" value="patch_lirria.bnp"/> -# -# -# <_IndexFileName type="STRING" value="ryzom.hist"/> -# <_PatchDirectory type="STRING" value="patch_game/patch/"/> -# <_BnpDirectory type="STRING" value="patch_game/bnp/"/> -# <_RefDirectory type="STRING" value="patch_game/ref/"/> -# <_NextVersionFile type="STRING" value="patch_game/Lirria.version"/> -# <_ClientIndexFileName type="STRING" value="ryzom"/> -# -#EOF - # Force version release if [[ $KHANAT_CLIENT_VERSION -gt 1 ]] then diff --git a/dist/docker/server/debian/jessie/x86_64/Dockerfile b/dist/docker/server/debian/jessie/x86_64/Dockerfile index f7fdf8cab..9d7161331 100644 --- a/dist/docker/server/debian/jessie/x86_64/Dockerfile +++ b/dist/docker/server/debian/jessie/x86_64/Dockerfile @@ -18,11 +18,9 @@ RUN apt-get install -y curl nano vim less bash-completion cron logrotate bsd-mai RUN apt-get install -y openssh-server sudo net-tools RUN apt-get install -y lzma xdelta -# adding account compil, password compil +# adding account gameserver, password khanat RUN useradd -G sudo,www-data -c /home -d /home/gameserver -c "Khanat account GAME" -m -p '$6$nxHX/3u.$azS0.eldpfKqxqOLDjgZj8.hPOLC64arXDTUVX0fs7RZvRBX/pNqPzDR89ccP5XkEE/daOyaD3wVtDGDUND5b/' -s /bin/bash -U gameserver -RUN useradd -G sudo,www-data -c /home -d /home/compil -c "Khanat account" -m -p '$6$nxHX/3u.$azS0.eldpfKqxqOLDjgZj8.hPOLC64arXDTUVX0fs7RZvRBX/pNqPzDR89ccP5XkEE/daOyaD3wVtDGDUND5b/' -s /bin/bash -U compil - COPY dist/docker/server/debian/common/init-basic.sh /opt/ RUN /opt/init-basic.sh diff --git a/dist/docker/server/debian/jessie/x86_64/server.sh b/dist/docker/server/debian/jessie/x86_64/server.sh index 598576b46..e26c27faf 100755 --- a/dist/docker/server/debian/jessie/x86_64/server.sh +++ b/dist/docker/server/debian/jessie/x86_64/server.sh @@ -208,7 +208,7 @@ fi if [[ $CONNECTSSHKHANAT -ne 0 ]] then - ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no compil@$ipaddress + ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no gameserver@$ipaddress trap '' EXIT msg_info "END SSH" exit 0