[arch-commits] Commit in interception-tools/repos (4 files)
Brett Cornwall
ainola at archlinux.org
Fri Dec 25 23:25:38 UTC 2020
Date: Friday, December 25, 2020 @ 23:25:38
Author: ainola
Revision: 791174
archrelease: copy trunk to community-x86_64
Added:
interception-tools/repos/community-x86_64/
interception-tools/repos/community-x86_64/PKGBUILD
(from rev 791172, interception-tools/trunk/PKGBUILD)
interception-tools/repos/community-x86_64/interception-tools.install
(from rev 791173, interception-tools/trunk/interception-tools.install)
interception-tools/repos/community-x86_64/udevmon.service
(from rev 791173, interception-tools/trunk/udevmon.service)
----------------------------+
PKGBUILD | 41 +++++++++++++++++++++++++++++++++++++++++
interception-tools.install | 4 ++++
udevmon.service | 36 ++++++++++++++++++++++++++++++++++++
3 files changed, 81 insertions(+)
Copied: interception-tools/repos/community-x86_64/PKGBUILD (from rev 791172, interception-tools/trunk/PKGBUILD)
===================================================================
--- community-x86_64/PKGBUILD (rev 0)
+++ community-x86_64/PKGBUILD 2020-12-25 23:25:38 UTC (rev 791174)
@@ -0,0 +1,41 @@
+# Maintainer: Brett Cornwall <ainola at archlinux.org>
+# Contributor: Francisco Lopes
+
+pkgname=interception-tools
+pkgver=0.2.2
+pkgrel=2
+pkgdesc='A minimal composable infrastructure on top of libudev and libevdev'
+arch=('x86_64')
+license=('GPL3')
+url='https://gitlab.com/interception/linux/tools'
+# Add 'libevdev.so' once https://bugs.archlinux.org/task/69112 is fixed
+depends=(
+ 'libevdev'
+ 'yaml-cpp' 'libyaml-cpp.so'
+ 'systemd-libs' 'libudev.so'
+)
+makedepends=('cmake' 'systemd')
+# Until https://gitlab.com/interception/linux/tools/-/merge_requests/10 is
+# merged, include a .service file ourselves
+source=("$pkgname-$pkgver.tar.gz::https://gitlab.com/interception/linux/tools/-/archive/v$pkgver/tools-v$pkgver.tar.gz"
+ 'udevmon.service')
+sha256sums=('56fc110917b05b7ec00b440436fd536a30275449e574978a72bb1f102e9a731a'
+ 'b94f1f19e2d8e2dc4d4ec6d183f373520a2cf5a0ec90dff19607611e4b251b6d')
+
+build() {
+ cmake -B build \
+ -S "tools-v${pkgver}" \
+ -DCMAKE_INSTALL_PREFIX=/usr \
+ -DCMAKE_BUILD_TYPE=None \
+ -Wno-dev
+ cmake --build build
+}
+
+package() {
+ install -dm755 "$pkgdir/etc/interception/udevmon.d"
+ install -Dm644 udevmon.service -t "$pkgdir/usr/lib/systemd/system"
+ install -Dm644 "tools-v${pkgver}/README.md" -t "$pkgdir/usr/share/doc/$pkgname"
+
+ cd build
+ make DESTDIR="$pkgdir/" install
+}
Copied: interception-tools/repos/community-x86_64/interception-tools.install (from rev 791173, interception-tools/trunk/interception-tools.install)
===================================================================
--- community-x86_64/interception-tools.install (rev 0)
+++ community-x86_64/interception-tools.install 2020-12-25 23:25:38 UTC (rev 791174)
@@ -0,0 +1,4 @@
+post_upgrade() {
+ echo "The udevmon.yaml configuration file now is expected at:"
+ echo " /etc/interception-tools/udevmon.yaml"
+}
Copied: interception-tools/repos/community-x86_64/udevmon.service (from rev 791173, interception-tools/trunk/udevmon.service)
===================================================================
--- community-x86_64/udevmon.service (rev 0)
+++ community-x86_64/udevmon.service 2020-12-25 23:25:38 UTC (rev 791174)
@@ -0,0 +1,36 @@
+[Unit]
+Description=Monitor input devices for launching tasks
+Wants=systemd-udev-settle.service
+After=systemd-udev-settle.service
+Documentation=man:udev(7)
+
+[Service]
+ExecStart=/usr/bin/udevmon -c /etc/interception/udevmon.yaml
+Nice=-20
+Restart=on-failure
+RestartSec=5s
+OOMScoreAdjust=-1000
+
+DeviceAllow=char-* rw
+DevicePolicy=strict
+IPAddressDeny=any
+LockPersonality=yes
+MemoryDenyWriteExecute=yes
+PrivateMounts=yes
+PrivateTmp=true
+ProtectControlGroups=true
+ProtectHome=true
+ProtectHostname=yes
+ProtectKernelLogs=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+ProtectSystem=strict
+RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
+RestrictNamespaces=true
+RestrictRealtime=true
+RestrictSUIDSGID=yes
+SystemCallErrorNumber=EPERM
+SystemCallFilter=@system-service @raw-io
+
+[Install]
+WantedBy=multi-user.target
More information about the arch-commits
mailing list