[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[exchange] branch master updated: create user for sanctionscheck, add se
|
From: |
Admin |
|
Subject: |
[exchange] branch master updated: create user for sanctionscheck, add service file, move robocop into RATER option of taler-exchange-sanctionscheck (polishing for #9053) |
|
Date: |
Tue, 10 Jun 2025 10:13:23 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository exchange.
The following commit(s) were added to refs/heads/master by this push:
new 51a8d743d create user for sanctionscheck, add service file, move
robocop into RATER option of taler-exchange-sanctionscheck (polishing for #9053)
51a8d743d is described below
commit 51a8d743d15718b0e66b5ec7d7e0bb6929ffd91b
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Tue Jun 10 10:13:03 2025 +0200
create user for sanctionscheck, add service file, move robocop into RATER
option of taler-exchange-sanctionscheck (polishing for #9053)
---
debian/taler-exchange.postinst | 6 +++
...-exchange.taler-exchange-sanctionscheck.service | 18 +++++++
src/exchange/taler-exchange-sanctionscheck.c | 59 +++++++++++++++++-----
src/testing/test-sanctions.sh | 3 +-
src/testing/test_sanctions.conf | 3 ++
5 files changed, 73 insertions(+), 16 deletions(-)
diff --git a/debian/taler-exchange.postinst b/debian/taler-exchange.postinst
index 97f009482..04c730d24 100644
--- a/debian/taler-exchange.postinst
+++ b/debian/taler-exchange.postinst
@@ -22,6 +22,7 @@ _ESECUSERNAME=taler-exchange-secmod-eddsa
_AGGRUSERNAME=taler-exchange-aggregator
_EXPIUSERNAME=taler-exchange-expire
_WIREUSERNAME=taler-exchange-wire
+_SANCTIONSUSERNAME=taler-exchange-sanctionscheck
case "${1}" in
configure)
@@ -44,6 +45,11 @@ configure)
adduser --quiet ${_EUSERNAME} ${_KYCGROUPNAME}
adduser --quiet ${_EUSERNAME} ${_GROUPNAME}
fi
+ if ! getent passwd ${_SANCTIONSUSERNAME} >/dev/null; then
+ adduser --quiet --system --ingroup ${_GROUPNAME} --home
/var/lib/taler-sanctionscheck ${_SANCTIONSUSERNAME}
+ adduser --quiet ${_SANCTIONSUSERNAME} ${_DBGROUPNAME}
+ adduser --quiet ${_SANCTIONSUSERNAME} ${_KYCGROUPNAME}
+ fi
if ! getent passwd ${_RSECUSERNAME} >/dev/null; then
adduser --quiet --system --no-create-home --ingroup ${_GROUPNAME} --home
${TALER_HOME} ${_RSECUSERNAME}
fi
diff --git a/debian/taler-exchange.taler-exchange-sanctionscheck.service
b/debian/taler-exchange.taler-exchange-sanctionscheck.service
new file mode 100644
index 000000000..6ef167f4e
--- /dev/null
+++ b/debian/taler-exchange.taler-exchange-sanctionscheck.service
@@ -0,0 +1,18 @@
+[Unit]
+Description=Exchange sanctionlist checker service
+
+[Service]
+User=taler-exchange-sanctionscheck
+Group=taler-exchange-kyc
+Type=simple
+Restart=always
+RestartMode=direct
+RestartSec=1s
+RestartPreventExitStatus=2 3 4 5 6 9
+RuntimeMaxSec=3600s
+ExecStart=/usr/bin/taler-exchange-sanctionscheck -c
/etc/taler-exchange/taler-exchange.conf -L INFO
+StandardOutput=journal
+StandardError=journal
+
+[Install]
+WantedBy=multi-user.target
diff --git a/src/exchange/taler-exchange-sanctionscheck.c
b/src/exchange/taler-exchange-sanctionscheck.c
index 431a9fac5..dc379a0d2 100644
--- a/src/exchange/taler-exchange-sanctionscheck.c
+++ b/src/exchange/taler-exchange-sanctionscheck.c
@@ -628,14 +628,6 @@ run (void *cls,
(void) cls;
(void) cfgfile;
cfg = c;
- if (NULL == args[0])
- {
- fprintf (stderr,
- "You must pass the name of the sanction list helper program as an
argument!\n");
- global_ret = EXIT_INVALIDARGUMENT;
- GNUNET_SCHEDULER_shutdown ();
- return;
- }
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_float (cfg,
"exchange-sanctionscheck",
@@ -705,13 +697,52 @@ run (void *cls,
}
GNUNET_SCHEDULER_add_shutdown (&shutdown_task,
cls);
- sr = TALER_KYCLOGIC_sanction_rater_start (args[0],
- args);
- if (NULL == sr)
{
- global_ret = EXIT_INVALIDARGUMENT;
- GNUNET_SCHEDULER_shutdown ();
- return;
+ char *rater;
+ char **sargv = NULL;
+ unsigned int sargc = 0;
+
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_string (cfg,
+ "exchange-sanctionscheck",
+ "RATER_COMMAND",
+ &rater))
+ {
+ GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
+ "exchange-sanctionscheck",
+ "RATER_COMMAND");
+ global_ret = EXIT_NOTCONFIGURED;
+ return;
+ }
+ for (const char *tok = strtok (rater,
+ " ");
+ NULL != tok;
+ tok = strtok (NULL,
+ " "))
+ {
+ char *arg = GNUNET_strdup (tok);
+
+ GNUNET_array_append (sargv,
+ sargc,
+ arg);
+ }
+ GNUNET_free (rater);
+ GNUNET_array_append (sargv,
+ sargc,
+ NULL);
+ sr = TALER_KYCLOGIC_sanction_rater_start (sargv[0],
+ sargv);
+ for (unsigned int i = 0; i<sargc; i++)
+ GNUNET_free (sargv[i]);
+ GNUNET_array_grow (sargv,
+ sargc,
+ 0);
+ if (NULL == sr)
+ {
+ global_ret = EXIT_INVALIDARGUMENT;
+ GNUNET_SCHEDULER_shutdown ();
+ return;
+ }
}
{
char *min_row_fn;
diff --git a/src/testing/test-sanctions.sh b/src/testing/test-sanctions.sh
index 2bc59e149..b2b4dcdbb 100755
--- a/src/testing/test-sanctions.sh
+++ b/src/testing/test-sanctions.sh
@@ -85,8 +85,7 @@ taler-exchange-sanctionscheck \
-L INFO \
-c test_sanctions.conf.edited \
--reset \
- --test \
- robocop sanction-list.json
+ --test
PROP=$(echo 'SELECT jproperties FROM exchange.legitimization_outcomes WHERE
is_active;' | psql talercheck -Aqt)
diff --git a/src/testing/test_sanctions.conf b/src/testing/test_sanctions.conf
index 12db30d56..7e77ec919 100644
--- a/src/testing/test_sanctions.conf
+++ b/src/testing/test_sanctions.conf
@@ -22,6 +22,9 @@ BASE_URL = "http://localhost:8081/";
STEFAN_ABS = "EUR:5"
ENABLE_KYC = YES
+[exchange-sanctionscheck]
+RATER_COMMAND = robocop sanction-list.json
+
[exchangedb-postgres]
CONFIG = "postgres:///talercheck"
SQL_DIR = ${DATADIR}sql/
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [exchange] branch master updated: create user for sanctionscheck, add service file, move robocop into RATER option of taler-exchange-sanctionscheck (polishing for #9053),
Admin <=