From Fedora Project Wiki
No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
== RPM Package and SELinux == | == RPM Package and SELinux == | ||
There probably should be two separate SELinux policy modules for the two different ways Bitcoin Core is used. | There probably should be two separate SELinux policy modules for the two different ways Bitcoin Core is used. | ||
* '''System Service bitcoind''' | * '''System Service bitcoind''' | ||
** Should have its datadir somewhere like %{_datadir} | ** Should have its datadir somewhere like %{_datadir}bitcoind/ which expands to /var/lib/bitcoind/ | ||
** Config file | ** Config file <code>%config(noreplace) %{_datadir}/bitcoind/bitcoin.conf</code> with wallet disabled by default, but they could enable it with wallet=1 if they really want it. | ||
** With system username like: <code>bitcoinservice</code> | ** With system username like: <code>bitcoinservice</code> | ||
** Wrapper should launch bitcoind in a context named like: <code>bitcoindservice_t</code> | ** Wrapper should launch bitcoind in a context named like: <code>bitcoindservice_t</code> | ||
** %doc README-FEDORA-BITCOIN-SERVICE should probably explain how the service is meant to be configured, used and controlled with bitcoin-cli or RPC/REST interfaces as the non-default datadir does not match upstream documentation and it thus may be non-obvious to users. | ** %doc README-FEDORA-BITCOIN-SERVICE should probably explain how the service is meant to be configured, used and controlled with bitcoin-cli or RPC/REST interfaces as the non-default datadir does not match upstream documentation and it thus may be non-obvious to users. | ||
* '''User service bitcoind and bitcoin-qt''' | * '''User service bitcoind and bitcoin-qt''' | ||
** The most common way in which Bitcoin Core users run their own bitcoind or bitcoin-qt with is as a non-root user with datadir <code>~/.bitcoin/</code>. | ** The most common way in which Bitcoin Core users run their own bitcoind or bitcoin-qt with is as a non-root user with datadir <code>~/.bitcoin/</code>. | ||
** There should be a separate user homedir SELinux policy for bitcoind and bitcoin-qt operated in this manner. | ** There should be a separate user homedir SELinux policy for bitcoind and bitcoin-qt operated in this manner. |
Revision as of 02:32, 30 October 2015
RPM Package and SELinux
There probably should be two separate SELinux policy modules for the two different ways Bitcoin Core is used.
- System Service bitcoind
- Should have its datadir somewhere like %{_datadir}bitcoind/ which expands to /var/lib/bitcoind/
- Config file
%config(noreplace) %{_datadir}/bitcoind/bitcoin.conf
with wallet disabled by default, but they could enable it with wallet=1 if they really want it. - With system username like:
bitcoinservice
- Wrapper should launch bitcoind in a context named like:
bitcoindservice_t
- %doc README-FEDORA-BITCOIN-SERVICE should probably explain how the service is meant to be configured, used and controlled with bitcoin-cli or RPC/REST interfaces as the non-default datadir does not match upstream documentation and it thus may be non-obvious to users.
- User service bitcoind and bitcoin-qt
- The most common way in which Bitcoin Core users run their own bitcoind or bitcoin-qt with is as a non-root user with datadir
~/.bitcoin/
. - There should be a separate user homedir SELinux policy for bitcoind and bitcoin-qt operated in this manner.
- The most common way in which Bitcoin Core users run their own bitcoind or bitcoin-qt with is as a non-root user with datadir