Hi
I am trying to create a package for the subvein[1] game.
Installation instructions[2] of the game tell to simply uncompress the
tar.gz archive in a folder and run the "Subvein" program.
No problem with that. But then when running the game, it tries to store
information in it's "data" folder (logs, configuration, user
profiles...). We have a permission problem.
To workaround this problem, I:
- Create a group named "subvein";
- set the setgid bit for the game "data" folder and all it's sub-folders;
- set the game "data" folder and all it's content group writable;
- set the group of the game "data" folder to the "subvein" group.
- Created a wrapper bash script that changes the umask to 002 and then
launches the game.
This way, all the contents created by the game will belong to the
"subvein" group and will be group writable, so that anyone can use the game.
Is this a valid way of doing it? Are there any security concerns I need
to take into account?
The game has also a "server" part. I still didn't started to handle this
in the package, but was thinking to do the following:
- Create a user names subvein that belongs only to the subvein group.
- Create a systemd .service file that runs the server program as the
subvein user.
Does this seems OK as approach?
Thank you for your help.
P.S. You can find my "draft" of the PKGBUILD, the install script and the
bash wrapper attached.
[1] http://subvein.net/
[2] http://subvein.net/download.php
--
Nuno Araujo