memcached: use memcached user

This avoid using `nobody` as user since multiple services fallback to
this user, resulting in a security issue. The UID was taken from Gentoos
`acct-user` repository.

https://gitweb.gentoo.org/repo/gentoo.git/tree/acct-user/memcached/memcached-0-r1.ebuild

Signed-off-by: Paul Spooren <mail@aparcar.org>

diff --git a/net/memcached/Makefile b/net/memcached/Makefile
index 0ea7407cab1e0c15279ca7e45168e23774d16026..4ad2165caab3fbff1da599cb7bc628d8495ef8a8 100644 (file)
--- a/net/memcached/Makefile
+++ b/net/memcached/Makefile
@@ -32,6 +32,7 @@ define Package/memcached
   DEPENDS:=+libevent2 +libpthread
   TITLE:=The high-performance, distributed memory object caching system
   URL:=https://memcached.org/
+  USERID:=memcached=441:memcached=441
 endef
 
 define Package/memcached/description

diff --git a/net/memcached/files/memcached.config b/net/memcached/files/memcached.config
index 4071116b73a3661172e6963e77db503660092c8a..7a27c84bc343e4bd105c5e89c2c920bd9993977a 100644 (file)
--- a/net/memcached/files/memcached.config
+++ b/net/memcached/files/memcached.config
@@ -1,5 +1,5 @@
 config memcached
-       option user 'nobody'
+       option user 'memcached'
        option maxconn '1024'
        option listen '0.0.0.0'
        option port '11211'

diff --git a/net/memcached/files/memcached.init b/net/memcached/files/memcached.init
index 063bf64725ac9dad91f1cf250e76e82a1072fb13..10a8d0a3942abf02090a19ccb6efd92a551700b0 100644 (file)
--- a/net/memcached/files/memcached.init
+++ b/net/memcached/files/memcached.init
@@ -12,7 +12,7 @@ start_instance () {
        config_get port "$section" port
        config_get memory "$section" memory
 
-       service_start /usr/bin/memcached -d -u ${user:-nobody} \
+       service_start /usr/bin/memcached -d -u ${user:-memcached} \
                -c ${maxconn:-1024} -l ${listen:-0.0.0.0} \
                -p ${port:-11211} -U ${port:-11211} -m ${memory:-64}
 }