diff --git a/debian/taler-exchange.install b/debian/taler-exchange.install index 8da445c93..ca77c3d73 100644 --- a/debian/taler-exchange.install +++ b/debian/taler-exchange.install @@ -2,6 +2,7 @@ usr/bin/taler-exchange-aggregator usr/bin/taler-exchange-closer usr/bin/taler-exchange-dbinit usr/bin/taler-exchange-httpd +usr/bin/taler-exchange-secmod-cs usr/bin/taler-exchange-secmod-eddsa usr/bin/taler-exchange-secmod-rsa usr/bin/taler-exchange-transfer @@ -13,6 +14,7 @@ usr/share/man/man1/taler-exchange-dbinit* usr/share/man/man1/taler-exchange-httpd* usr/share/man/man1/taler-exchange-secmod-eddsa* usr/share/man/man1/taler-exchange-secmod-rsa* +usr/share/man/man1/taler-exchange-secmod-cs* usr/share/man/man1/taler-exchange-transfer* usr/share/man/man1/taler-exchange-wirewatch* usr/share/man/man1/taler-bank* diff --git a/debian/taler-exchange.postinst b/debian/taler-exchange.postinst index 6e01ca2fb..b68ee19f4 100644 --- a/debian/taler-exchange.postinst +++ b/debian/taler-exchange.postinst @@ -9,6 +9,7 @@ _GROUPNAME=taler-exchange-secmod _DBGROUPNAME=taler-exchange-db _EUSERNAME=taler-exchange-httpd _CLOSERUSERNAME=taler-exchange-closer +_CSECUSERNAME=taler-exchange-secmod-cs _RSECUSERNAME=taler-exchange-secmod-rsa _ESECUSERNAME=taler-exchange-secmod-eddsa _AGGRUSERNAME=taler-exchange-aggregator @@ -33,6 +34,9 @@ configure) if ! getent passwd ${_RSECUSERNAME} >/dev/null; then adduser --quiet --system --no-create-home --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_RSECUSERNAME} fi + if ! getent passwd ${_CSECUSERNAME} >/dev/null; then + adduser --quiet --system --no-create-home --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_CSECUSERNAME} + fi if ! getent passwd ${_ESECUSERNAME} >/dev/null; then adduser --quiet --system --no-create-home --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_ESECUSERNAME} fi diff --git a/debian/taler-exchange.taler-exchange-httpd.service b/debian/taler-exchange.taler-exchange-httpd.service index 7db2b1194..68bde0d66 100644 --- a/debian/taler-exchange.taler-exchange-httpd.service +++ b/debian/taler-exchange.taler-exchange-httpd.service @@ -1,8 +1,8 @@ [Unit] Description=GNU Taler payment system exchange REST API AssertPathExists=/run/taler/exchange-httpd -Requires=taler-exchange-httpd.socket taler-exchange-secmod-rsa.service taler-exchange-secmod-eddsa.service -After=postgres.service network.target taler-exchange-secmod-rsa.service taler-exchange-secmod-eddsa.service +Requires=taler-exchange-httpd.socket taler-exchange-secmod-cs.service taler-exchange-secmod-rsa.service taler-exchange-secmod-eddsa.service +After=postgres.service network.target taler-exchange-secmod-cs.service taler-exchange-secmod-rsa.service taler-exchange-secmod-eddsa.service PartOf=taler-exchange.target [Service] diff --git a/debian/taler-exchange.taler-exchange-secmod-cs.service b/debian/taler-exchange.taler-exchange-secmod-cs.service new file mode 100644 index 000000000..15b87a3c9 --- /dev/null +++ b/debian/taler-exchange.taler-exchange-secmod-cs.service @@ -0,0 +1,16 @@ +[Unit] +Description=GNU Taler payment system exchange CS security module +AssertPathExists=/run/taler/exchange-secmod-cs +PartOf=taler-exchange.target + +[Service] +User=taler-exchange-secmod-cs +Type=simple +Restart=always +RestartSec=100ms +ExecStart=/usr/bin/taler-exchange-secmod-cs -c /etc/taler/taler.conf +StandardOutput=journal +StandardError=journal +PrivateTmp=no +PrivateDevices=yes +ProtectSystem=full