PRs 11205, 11309: Specfile problems for stap-server:

- Use assigned gid/uid of 155/155 for stap-server.
- Create stap-server group in main systemtap rpm.
- Make uprobes runtime directory read/write/search by members
  of stap-server group in main systemtap rpm.
- Keep stap-server log in %{_localstatedir}/log/stap-server/log

7 files changed, 33 insertions, 30 deletions

diff --git a/Makefile.am b/Makefile.am
index cade1fee..4bee5ff1 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -309,7 +309,7 @@ uninstall-local:
 	rm -rf $(DESTDIR)$(docdir)/examples
 if BUILD_SERVER
 	rm -rf $(DESTDIR)$(localstatedir)/run/stap-server
-	rm -f $(DESTDIR)$(localstatedir)/log/stap-server.log
+	rm -f $(DESTDIR)$(localstatedir)/log/stap-server/log
 endif
 
 SUBDIRS = doc grapher
diff --git a/Makefile.in b/Makefile.in
index 5c832c2b..678baf24 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -2128,7 +2128,7 @@ uninstall-local:
 	rm -rf $(DESTDIR)$(sysconfdir)/systemtap
 	rm -rf $(DESTDIR)$(docdir)/examples
 @BUILD_SERVER_TRUE@	rm -rf $(DESTDIR)$(localstatedir)/run/stap-server
-@BUILD_SERVER_TRUE@	rm -f $(DESTDIR)$(localstatedir)/log/stap-server.log
+@BUILD_SERVER_TRUE@	rm -f $(DESTDIR)$(localstatedir)/log/stap-server/log
 
 check-local:
 	SRCDIR=`cd $(srcdir); pwd`; \
diff --git a/config.in b/config.in
index bbce7531..dc43d94d 100644
--- a/config.in
+++ b/config.in
@@ -30,9 +30,6 @@
 /* Define to 1 if you have the `pfm' library (-lpfm). */
 #undef HAVE_LIBPFM
 
-/* Define to 1 if you have the `rpm' library (-lrpm). */
-#undef HAVE_LIBRPM
-
 /* Define to 1 if you have the `sqlite3' library (-lsqlite3). */
 #undef HAVE_LIBSQLITE3
 
diff --git a/initscript/README.stap-server b/initscript/README.stap-server
index b1cbdbbd..40ce3bda 100644
--- a/initscript/README.stap-server
+++ b/initscript/README.stap-server
@@ -154,7 +154,7 @@ Configuration files are written in bash script.
 
 3.3 Message Log
 ---------------
-/var/log/stap-server.log
+/var/log/stap-server/log
 
 All messages including server errors and detailed messages are sent
 to this file.
@@ -188,7 +188,7 @@ variables.
 
 4.1.3 LOG_FILE
  Specify the absolute path of the log file
- (default: /var/log/stap-server.log)
+ (default: /var/log/stap-server/log)
 
 4.1.4 STAP_USER
  Specify the userid which will be used to run the server(s).
@@ -232,7 +232,7 @@ bash script fragment. The following variables may be set.
 4.3.1 Global Config Example (/etc/sysconfig/stap-server)
  ---
  CONFIG_PATH=~<user>/my-stap-server-configs
- LOG_FILE=/tmp/stap-server.log
+ LOG_FILE=/tmp/stap-server/log
  ---
 
 4.3.2 Server Config Examples (/etc/stap-server/conf.d/*.conf)
diff --git a/initscript/config.stap-server b/initscript/config.stap-server
index 001123cc..e906dc52 100644
--- a/initscript/config.stap-server
+++ b/initscript/config.stap-server
@@ -10,7 +10,7 @@
 # STAT_PATH=/var/run/stap-server
 
 # Where to log messages
-# LOG_FILE=/var/log/stap-server.log
+# LOG_FILE=/var/log/stap-server/log
 
 # The user who will run the server(s)
 # STAP_USER=stap-server
diff --git a/stap-server b/stap-server
index 85e5bf19..f34b7a11 100644
--- a/stap-server
+++ b/stap-server
@@ -28,7 +28,7 @@ UNAME=/bin/uname
 CONFIG_FILE=$stap_sysconfdir/sysconfig/stap-server
 CONFIG_PATH=$stap_sysconfdir/stap-server/conf.d
 STAT_PATH=$stap_localstatedir/run/stap-server
-LOG_FILE=$stap_localstatedir/log/stap-server.log
+LOG_FILE=$stap_localstatedir/log/stap-server/log
 
 # Default option settings
 # Optional global config file
diff --git a/systemtap.spec b/systemtap.spec
index 193e1bbd..eb55145a 100644
--- a/systemtap.spec
+++ b/systemtap.spec
@@ -305,37 +305,40 @@ mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/stap-server
 mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/stap-server/conf.d
 mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig
 install -m 644 initscript/config.stap-server $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/stap-server
-mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/log
-touch $RPM_BUILD_ROOT%{_localstatedir}/log/stap-server.log
+mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/log/stap-server
+touch $RPM_BUILD_ROOT%{_localstatedir}/log/stap-server/log
 
 %clean
 rm -rf ${RPM_BUILD_ROOT}
 
+%pre
+getent group stap-server >/dev/null || groupadd -g 155 -r stap-server || groupadd -r stap-server
+
 %pre runtime
 getent group stapdev >/dev/null || groupadd -r stapdev
 getent group stapusr >/dev/null || groupadd -r stapusr
 exit 0
 
 %pre server
-getent group stap-server >/dev/null || groupadd -r stap-server
-getent passwd stap-server >/dev/null || useradd -c "Systemtap Compile Server" -g stap-server -d %{_localstatedir}/lib/stap-server -m -r -s /sbin/nologin stap-server
+getent passwd stap-server >/dev/null || \
+  useradd -c "Systemtap Compile Server" -u 155 -g stap-server -d %{_localstatedir}/lib/stap-server -m -r -s /sbin/nologin stap-server || \
+  useradd -c "Systemtap Compile Server" -g stap-server -d %{_localstatedir}/lib/stap-server -m -r -s /sbin/nologin stap-server
 test -e ~stap-server && chmod 755 ~stap-server
 exit 0
 
 %post server
-chmod 664 %{_localstatedir}/log/stap-server.log
-chown stap-server %{_localstatedir}/log/stap-server.log
-chgrp stap-server %{_localstatedir}/log/stap-server.log
-# Make sure that the uprobes module can be built by the server
-test -e /usr/share/systemtap/runtime/uprobes || mkdir -p /usr/share/systemtap/runtime/uprobes
-chgrp stap-server /usr/share/systemtap/runtime/uprobes
-chmod 775 /usr/share/systemtap/runtime/uprobes
-# As stap-server, generate the certificate used for signing and for ssl.
-runuser -s /bin/sh - stap-server -c %{_libexecdir}/%{name}/stap-gen-cert >/dev/null
-# Authorize the certificate as a trusted ssl peer and as a trusted signer
-# on the local host.
-%{_bindir}/stap-authorize-server-cert ~stap-server/.systemtap/ssl/server/stap.cert
-%{_bindir}/stap-authorize-signing-cert ~stap-server/.systemtap/ssl/server/stap.cert
+chmod 664 %{_localstatedir}/log/stap-server/log
+chown stap-server %{_localstatedir}/log/stap-server/log
+chgrp stap-server %{_localstatedir}/log/stap-server/log
+# If it does not already exit, as stap-server, generate the certificate
+# used for signing and for ssl.
+if test ! -e ~stap-server/.systemtap/ssl/server/stap.cert; then
+   runuser -s /bin/sh - stap-server -c %{_libexecdir}/%{name}/stap-gen-cert >/dev/null
+   # Authorize the certificate as a trusted ssl peer and as a trusted signer
+   # on the local host.
+   %{_bindir}/stap-authorize-server-cert ~stap-server/.systemtap/ssl/server/stap.cert
+   %{_bindir}/stap-authorize-signing-cert ~stap-server/.systemtap/ssl/server/stap.cert
+fi
 
 # Activate the service
 /sbin/chkconfig --add stap-server
@@ -381,12 +384,12 @@ exit 0
 
 %post
 # Remove any previously-built uprobes.ko materials
-(make -C /usr/share/systemtap/runtime/uprobes clean) >/dev/null 2>&1 || true
+(make -C %{_datadir}/%{name}/runtime/uprobes clean) >/dev/null 2>&1 || true
 (/sbin/rmmod uprobes) >/dev/null 2>&1 || true
 
 %preun
 # Ditto
-(make -C /usr/share/systemtap/runtime/uprobes clean) >/dev/null 2>&1 || true
+(make -C %{_datadir}/%{name}/runtime/uprobes clean) >/dev/null 2>&1 || true
 (/sbin/rmmod uprobes) >/dev/null 2>&1 || true
 
 %files
@@ -420,6 +423,9 @@ exit 0
 %{_libdir}/%{name}/staplog.so*
 %endif
 
+# Make sure that the uprobes module can be built by root and by the server
+%attr(07754,root,stap-server) %{_datadir}/%{name}/runtime/uprobes
+
 %files runtime
 %defattr(-,root,root)
 %attr(4111,root,root) %{_bindir}/staprun
@@ -464,7 +470,7 @@ exit 0
 %dir %{_sysconfdir}/stap-server
 %dir %{_sysconfdir}/stap-server/conf.d
 %config(noreplace) %{_sysconfdir}/sysconfig/stap-server
-%{_localstatedir}/log/stap-server.log
+%{_localstatedir}/log/stap-server/log
 %doc initscript/README.stap-server
 
 %files sdt-devel