From 1f31922bb42e6d34b3080ecd805972250b2066b7 Mon Sep 17 00:00:00 2001 From: bryan Date: Tue, 14 Apr 2026 00:32:10 -0400 Subject: [PATCH] Always run createrepo service as user --- installJRMC | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/installJRMC b/installJRMC index 63a9522..51fbf98 100755 --- a/installJRMC +++ b/installJRMC @@ -1661,14 +1661,20 @@ service_jriver-x11vnc() { service_jriver-createrepo() { debug "${FUNCNAME[0]}()" local -a sign_args start_cmd - local service_script start_cmd + local service_script start_cmd SERVICE_RUN_USER CREATEREPO_SWITCH=0 # skip running createrepo when generating service - if [[ $WEBROOT_USER != "$USER" ]]; then - USER="root" set_service_vars "${FUNCNAME[0]##*_}" "system" + set_service_vars "${FUNCNAME[0]##*_}" "system" + + # Keep this as a system service, but run the process as the signing user + # so rpmbuild/rpmsign operate on files owned by the same account. + SERVICE_RUN_USER="${SIGN_USER:-$USER}" + if id "$SERVICE_RUN_USER" &>/dev/null; then + USER_STRING="User=$SERVICE_RUN_USER" else - set_service_vars "${FUNCNAME[0]##*_}" "system" + err "Service run user does not exist: $SERVICE_RUN_USER" + return 1 fi # System services cannot exec files from home directories (SELinux).