[taler-grid5k] 08/189: add missing user

[gnunet]

This is an automated email from the git hooks/post-receive script.

marco-boss pushed a commit to branch master
in repository grid5k.

commit 092cb0bc1a39299804c31fb5c18d62646d0238c2
Author: Boss Marco <bossm8@bfh.ch>
AuthorDate: Sun Feb 20 13:30:36 2022 +0100

    add missing user
---
 .../lib/systemd/system/taler-exchange-secmod-cs.service | 17 +++++++++++++++++
 experiment/env                                          |  1 +
 experiment/scripts/createusers.sh                       |  8 ++++++++
 experiment/scripts/database.sh                          | 17 +++++------------
 sql/exchange-0002.sql                                   |  5 +++++
 5 files changed, 36 insertions(+), 12 deletions(-)

diff --git a/configs/usr/lib/systemd/system/taler-exchange-secmod-cs.service 
b/configs/usr/lib/systemd/system/taler-exchange-secmod-cs.service
new file mode 100644
index 0000000..b8df330
--- /dev/null
+++ b/configs/usr/lib/systemd/system/taler-exchange-secmod-cs.service
@@ -0,0 +1,17 @@
+[Unit]
+Description=GNU Taler payment system exchange Clause Schnorr security module
+AssertPathExists=/run/taler/exchange-secmod-cs
+PartOf=taler-exchange.target
+
+[Service]
+User=taler-exchange-secmod-cs
+Type=simple
+Restart=on-failure
+EnvironmentFile=/etc/environment
+ExecStart=/usr/bin/taler-exchange-secmod-cs -c /etc/taler/taler.conf 
$TALER_ARGS $CS_ARGS
+StandardOutput=journal
+StandardError=journal
+PrivateTmp=no
+PrivateDevices=yes
+ProtectSystem=full
+
diff --git a/experiment/env b/experiment/env
index 57cb1b2..68c2d62 100644
--- a/experiment/env
+++ b/experiment/env
@@ -45,6 +45,7 @@ AGGREGATOR_ARGS="-y"
  WIREWATCH_ARGS=""
      EDDSA_ARGS=""
        RSA_ARGS=""
+        CS_ARGS=""
 # Additional arguments to prepend to taler-exchange-httpd.service
 # files ExecStart command, e.g. /usr/bin/valgrind 
--log-file=/tmp/exchange-%N.log
 EXCHANGE_CMD_PREFIX=""
diff --git a/experiment/scripts/createusers.sh 
b/experiment/scripts/createusers.sh
index a5b3705..510fe62 100755
--- a/experiment/scripts/createusers.sh
+++ b/experiment/scripts/createusers.sh
@@ -19,6 +19,7 @@ OGROUPNAME=taler-exchange-offline
 CLOSERUSERNAME=taler-exchange-closer
 RSECUSERNAME=taler-exchange-secmod-rsa
 ESECUSERNAME=taler-exchange-secmod-eddsa
+CSECUSERNAME=taler-exchange-secmod-cs
 AGGRUSERNAME=taler-exchange-aggregator
 WIREUSERNAME=taler-exchange-wire
 MERCHUSERNAME=taler-merchant-httpd
@@ -55,6 +56,12 @@ if ! getent passwd ${ESECUSERNAME} >/dev/null; then
     --ingroup ${GROUPNAME} \
     --home ${TALER_HOME} ${ESECUSERNAME}
 fi
+if ! getent passwd ${CSECUSERNAME} >/dev/null; then
+  adduser --quiet --system \
+    --no-create-home \
+    --ingroup ${GROUPNAME} \
+    --home ${TALER_HOME} ${CSECUSERNAME}
+fi
 if ! getent passwd ${WIREUSERNAME} >/dev/null; then
   adduser --quiet --system \
     --no-create-home \
@@ -89,6 +96,7 @@ fi
 install -d /var/lib/taler/exchange-offline -m 0700 -o ${OUSERNAME} -g 
${OGROUPNAME}
 install -d /run/taler/exchange-secmod-rsa -m 0755 -o ${RSECUSERNAME} -g 
${GROUPNAME}
 install -d /run/taler/exchange-secmod-eddsa -m 0755 -o ${ESECUSERNAME} -g 
${GROUPNAME}
+install -d /run/taler/exchange-secmod-cs -m 0755 -o ${CSECUSERNAME} -g 
${GROUPNAME}
 install -d /run/taler/exchange-httpd -m 0750 -o ${EUSERNAME} -g ${EGROUPNAME}
 install -d /var/lib/taler/exchange-offline -m 0700 -o ${OUSERNAME} -g 
${OGROUPNAME}
 install -d /var/lib/taler/exchange-secmod-rsa -m 0700 -o ${RSECUSERNAME} -g 
${GROUPNAME}
diff --git a/experiment/scripts/database.sh b/experiment/scripts/database.sh
index 320849d..4ec8e45 100755
--- a/experiment/scripts/database.sh
+++ b/experiment/scripts/database.sh
@@ -140,19 +140,12 @@ function setup_pgbouncer() {
 
 function setup_distributed_db() {
 
-  echo "OVERRIDING EXCHANGE SQL INIT SCRIPT"
   cp ${G5K_HOME}/sql/exchange-0001.sql /usr/share/taler/sql/exchange/
+  cp ${G5K_HOME}/sql/exchange-0002.sql /usr/share/taler/sql/exchange/
   chmod o+r /usr/share/taler/sql/exchange/exchange-0001.sql
+  chmod o+r /usr/share/taler/sql/exchange/exchange-0002.sql
 
   sudo -u taler-exchange-httpd taler-exchange-dbinit
-
-  cp ${G5K_HOME}/sql/exchange-0002.sql /tmp
-  chmod o+r /tmp/exchange-0002.sql
-
-  su taler-exchange-httpd -s /bin/bash << EOF
-psql -d "${DB_NAME}" -tAf /tmp/exchange-0002.sql
-EOF
-
 }
 
 function setup_shards() {
@@ -186,14 +179,14 @@ EOF
   done
 
   su taler-exchange-httpd -s /bin/bash << EOF
-psql -d "${DB_NAME}" -tAc SELECT drop_default_partitions();
+psql -d "${DB_NAME}" -tAc "SELECT drop_default_partitions();"
 EOF
 }
 
 function setup_partitions() {
   setup_distributed_db
   su taler-exchange-httpd -s /bin/bash << EOF
-psql -d "${DB_NAME}" -tAc SELECT create_partitions(${NUM_PARTITIONS});
+psql -d "${DB_NAME}" -tAc "SELECT create_partitions(${NUM_PARTITIONS});"
 EOF
 }
 
@@ -203,7 +196,7 @@ function init_db() {
 
   # Create the role taler-exchange-httpd and the database
   su postgres << EOF
-psql postgres -tAc "DROP DATABASE IF EXISTS '${DB_NAME}';"
+psql postgres -tAc "DROP DATABASE IF EXISTS \"${DB_NAME}\";"
 psql postgres -tAc "SELECT 1 FROM pg_roles WHERE 
rolname='taler-exchange-httpd'" | \
   grep -q 1 || \
   createuser taler-exchange-httpd
diff --git a/sql/exchange-0002.sql b/sql/exchange-0002.sql
index 7075813..0fe46a6 100644
--- a/sql/exchange-0002.sql
+++ b/sql/exchange-0002.sql
@@ -144,6 +144,11 @@ BEGIN
     'shard_' || suffix
   );
 
+  EXECUTE FORMAT(
+    'ALTER FOREIGN TABLE %I OWNER TO "taler-exchange-httpd"',
+    source_table || '_' || suffix
+  );
+
 END
 $$;
 

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.