From c57abd4a56369adebe809683d2f6bb33252cc838 Mon Sep 17 00:00:00 2001 From: Paul Spooren Date: Tue, 24 Aug 2021 13:31:19 -1000 Subject: [PATCH] memcached: use memcached user This avoid using `nobody` as user since multiple services fallback to this user, resulting in a security issue. The UID was taken from Gentoos `acct-user` repository. https://gitweb.gentoo.org/repo/gentoo.git/tree/acct-user/memcached/memcached-0-r1.ebuild Signed-off-by: Paul Spooren --- net/memcached/Makefile | 1 + net/memcached/files/memcached.config | 2 +- net/memcached/files/memcached.init | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/net/memcached/Makefile b/net/memcached/Makefile index 0ea7407cab..4ad2165caa 100644 --- a/net/memcached/Makefile +++ b/net/memcached/Makefile @@ -32,6 +32,7 @@ define Package/memcached DEPENDS:=+libevent2 +libpthread TITLE:=The high-performance, distributed memory object caching system URL:=https://memcached.org/ + USERID:=memcached=441:memcached=441 endef define Package/memcached/description diff --git a/net/memcached/files/memcached.config b/net/memcached/files/memcached.config index 4071116b73..7a27c84bc3 100644 --- a/net/memcached/files/memcached.config +++ b/net/memcached/files/memcached.config @@ -1,5 +1,5 @@ config memcached - option user 'nobody' + option user 'memcached' option maxconn '1024' option listen '0.0.0.0' option port '11211' diff --git a/net/memcached/files/memcached.init b/net/memcached/files/memcached.init index 063bf64725..10a8d0a394 100644 --- a/net/memcached/files/memcached.init +++ b/net/memcached/files/memcached.init @@ -12,7 +12,7 @@ start_instance () { config_get port "$section" port config_get memory "$section" memory - service_start /usr/bin/memcached -d -u ${user:-nobody} \ + service_start /usr/bin/memcached -d -u ${user:-memcached} \ -c ${maxconn:-1024} -l ${listen:-0.0.0.0} \ -p ${port:-11211} -U ${port:-11211} -m ${memory:-64} } -- 2.30.2