ajust install package

add packaging scripts
2026-02-08 17:18:23 +08:00 · 2026-02-08 14:33:02 +08:00
10 changed files with 240 additions and 2 deletions
--- a/packaging/ubuntu/README.txt
+++ b/packaging/ubuntu/README.txt
@@ -0,0 +1,15 @@
+Build the deb:
+  cd bitoj_python/packaging/ubuntu
+  bash build-deb.sh
+
+Install:
+  sudo dpkg -i dist/bitoj_0.1.0_all.deb
+
+Service:
+  sudo service bitoj start|stop|restart
+  sudo journalctl -u bitoj -f
+
+Logs:
+  /var/log/bitoj/daemon.log
+  /var/log/bitoj/judge-*.log
+  /var/log/bitoj/tester-*.log
--- a/packaging/ubuntu/bitoj-guards
+++ b/packaging/ubuntu/bitoj-guards
@@ -0,0 +1,68 @@
+#include <tunables/global>
+
+# BitOJ guard profiles
+/usr/lib/bitoj/scripts/binary-guard {
+    #include <abstractions/bitoj>
+
+    /var/lib/bitoj/data/**/main mrix,
+    /usr/lib/bitoj/data/**/main mrix,
+}
+
+/usr/lib/bitoj/scripts/java-guard {
+    #include <abstractions/bitoj>
+    capability sys_ptrace,
+
+    /var/lib/bitoj/data/**/*.class mr,
+    /usr/lib/bitoj/data/**/*.class mr,
+    /usr/bin/java mrix,
+
+    /etc/passwd mr,
+    /etc/nsswitch.conf mr,
+    /etc/java*/* mr,
+    /proc/** mr,
+    /sys/** mr,
+    /usr/lib/jvm/**/** mr,
+    /usr/lib/jvm/java-6-sun*/jre/bin/* mrix,
+
+    /tmp/hsperfdata_ojrun*/ mrw,
+    /tmp/hsperfdata_ojrun*/* mrw,
+}
+
+/usr/lib/bitoj/scripts/mono-guard {
+    #include <abstractions/bitoj>
+
+    /var/lib/bitoj/data/**/main.exe mr,
+    /usr/lib/bitoj/data/**/main.exe mr,
+    /var/lib/bitoj/data/**/.wapi/ mrw,
+    /var/lib/bitoj/data/**/.wapi/* mrw,
+    /usr/lib/bitoj/data/**/.wapi/ mrw,
+    /usr/lib/bitoj/data/**/.wapi/* mrw,
+
+    /usr/bin/mono mrix,
+    /usr/lib/mono/2.0/* mr,
+    /usr/lib/mono/2.0/**/* mr,
+    /etc/mono/config mr,
+    /etc/nsswitch.conf mr,
+    /etc/passwd mr,
+    /proc/**/* mr,
+}
+
+/usr/lib/bitoj/scripts/python-guard {
+    #include <abstractions/bitoj>
+    #include <abstractions/python>
+
+    /var/lib/bitoj/data/**/main.py mr,
+    /usr/lib/bitoj/data/**/main.py mr,
+    /usr/bin/python2.5 mrix,
+    /usr/lib/python2.5/lib-dynload/** mr,
+}
+
+/usr/lib/bitoj/scripts/bash-guard {
+    #include <abstractions/bitoj>
+    #include <abstractions/bash>
+
+    /var/lib/bitoj/data/**/main.sh mr,
+    /usr/lib/bitoj/data/**/main.sh mr,
+    /bin/* mrix,
+    /usr/bin/* mrix,
+}
--- a/packaging/ubuntu/bitoj.service
+++ b/packaging/ubuntu/bitoj.service
@@ -0,0 +1,17 @@
+[Unit]
+Description=BitOJ Judge Daemon
+After=network.target
+
+[Service]
+Type=simple
+WorkingDirectory=/usr/lib/bitoj
+ExecStart=/usr/lib/bitoj/judge-daemon
+Restart=on-failure
+RestartSec=2
+User=root
+Group=root
+Environment=PYTHONUNBUFFERED=1
+LimitNOFILE=65536
+
+[Install]
+WantedBy=multi-user.target
--- a/packaging/ubuntu/build-deb.sh
+++ b/packaging/ubuntu/build-deb.sh
@@ -0,0 +1,50 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+SCRIPT_DIR=$(cd "$(dirname "$0")" && pwd)
+PROJECT_ROOT=$(cd "$SCRIPT_DIR/../.." && pwd)
+OUT_DIR="$SCRIPT_DIR/dist"
+BUILD_DIR="$SCRIPT_DIR/build"
+PKG_ROOT="$BUILD_DIR/bitoj"
+VERSION="${VERSION:-0.1.0}"
+ARCH="${ARCH:-all}"
+
+rm -rf "$BUILD_DIR" "$OUT_DIR"
+mkdir -p "$PKG_ROOT/DEBIAN" \
+  "$PKG_ROOT/usr/lib/bitoj" \
+  "$PKG_ROOT/etc/bitoj" \
+  "$PKG_ROOT/etc/apparmor.d" \
+  "$PKG_ROOT/lib/systemd/system" \
+  "$PKG_ROOT/var/lib/bitoj" \
+  "$PKG_ROOT/var/log/bitoj"
+
+cp "$SCRIPT_DIR/control" "$PKG_ROOT/DEBIAN/control"
+cp "$SCRIPT_DIR/postinst" "$PKG_ROOT/DEBIAN/postinst"
+cp "$SCRIPT_DIR/prerm" "$PKG_ROOT/DEBIAN/prerm"
+cp "$SCRIPT_DIR/postrm" "$PKG_ROOT/DEBIAN/postrm"
+chmod 0755 "$PKG_ROOT/DEBIAN/postinst" "$PKG_ROOT/DEBIAN/prerm" "$PKG_ROOT/DEBIAN/postrm"
+
+cp "$SCRIPT_DIR/bitoj.service" "$PKG_ROOT/lib/systemd/system/bitoj.service"
+cp "$SCRIPT_DIR/bitoj-guards" "$PKG_ROOT/etc/apparmor.d/bitoj-guards"
+mkdir -p "$PKG_ROOT/usr/lib/tmpfiles.d"
+cp "$SCRIPT_DIR/tmpfiles.conf" "$PKG_ROOT/usr/lib/tmpfiles.d/bitoj.conf"
+
+if command -v rsync >/dev/null 2>&1; then
+  rsync -a --delete --exclude 'packaging/ubuntu' "$PROJECT_ROOT/" "$PKG_ROOT/usr/lib/bitoj/"
+else
+  echo "rsync not found; fallback to cp -a" >&2
+  cp -a "$PROJECT_ROOT/." "$PKG_ROOT/usr/lib/bitoj/"
+  rm -rf "$PKG_ROOT/usr/lib/bitoj/packaging/ubuntu"
+fi
+
+chmod +x "$PKG_ROOT/usr/lib/bitoj/judge" \
+  "$PKG_ROOT/usr/lib/bitoj/judge-daemon" \
+  "$PKG_ROOT/usr/lib/bitoj/judgeold" \
+  "$PKG_ROOT/usr/lib/bitoj/judge-daemonold" \
+  "$PKG_ROOT/usr/lib/bitoj/utils/bitoj_adduser"
+
+mkdir -p "$OUT_DIR"
+
+dpkg-deb --build "$PKG_ROOT" "$OUT_DIR/bitoj_${VERSION}_${ARCH}.deb"
+
+echo "Built: $OUT_DIR/bitoj_${VERSION}_${ARCH}.deb"
--- a/packaging/ubuntu/control
+++ b/packaging/ubuntu/control
@@ -0,0 +1,8 @@
+Package: bitoj
+Version: 0.1.0
+Section: utils
+Priority: optional
+Architecture: all
+Depends: python3, gcc, g++, sudo, adduser, bzip2, quota
+Maintainer: BitOJ Maintainers <admin@localhost>
+Description: BitOJ judge daemon and runtime for Ubuntu
--- a/packaging/ubuntu/postinst
+++ b/packaging/ubuntu/postinst
@@ -0,0 +1,53 @@
+#!/bin/sh
+set -e
+
+mkdir -p /etc/bitoj /var/log/bitoj /var/lib/bitoj /usr/lib/bitoj/data
+
+ln -sfn /etc/bitoj /usr/lib/bitoj/conf
+ln -sfn /var/log/bitoj /usr/lib/bitoj/log
+
+if [ ! -f /etc/bitoj/conf-default.py ]; then
+  if [ -f /usr/lib/bitoj/conf-demo.py ]; then
+    cp /usr/lib/bitoj/conf-demo.py /etc/bitoj/conf-default.py
+  else
+    touch /etc/bitoj/conf-default.py
+  fi
+fi
+
+if ! getent group oj >/dev/null 2>&1; then
+  groupadd --system oj
+fi
+
+if ! id -u oj >/dev/null 2>&1; then
+  useradd --system --no-create-home --gid oj --shell /usr/sbin/nologin oj
+fi
+
+if ! id -u ojrun01 >/dev/null 2>&1; then
+  /usr/lib/bitoj/utils/bitoj_adduser 1 10 || true
+fi
+
+chown -R oj:oj /var/lib/bitoj || true
+chmod 755 /var/lib/bitoj /var/log/bitoj
+
+if [ -f /etc/apparmor.d/bitoj-guards ]; then
+  if command -v apparmor_parser >/dev/null 2>&1; then
+    apparmor_parser -r /etc/apparmor.d/bitoj-guards || true
+  fi
+  if command -v service >/dev/null 2>&1; then
+    service apparmor reload >/dev/null 2>&1 || true
+  elif [ -x /etc/init.d/apparmor ]; then
+    /etc/init.d/apparmor reload >/dev/null 2>&1 || true
+  fi
+fi
+
+if command -v systemctl >/dev/null 2>&1; then
+  systemctl daemon-reload
+  if command -v systemd-tmpfiles >/dev/null 2>&1; then
+    systemd-tmpfiles --create /usr/lib/tmpfiles.d/bitoj.conf || true
+  fi
+  systemctl enable bitoj.service >/dev/null 2>&1 || true
+  systemctl restart bitoj.service >/dev/null 2>&1 || true
+fi
+
+exit 0
+
--- a/packaging/ubuntu/postrm
+++ b/packaging/ubuntu/postrm
@@ -0,0 +1,18 @@
+#!/bin/sh
+set -e
+
+if command -v systemctl >/dev/null 2>&1; then
+  systemctl daemon-reload
+fi
+
+if [ "$1" = "purge" ]; then
+  rm -rf /etc/bitoj
+  rm -f /etc/apparmor.d/bitoj-guards
+  if command -v service >/dev/null 2>&1; then
+    service apparmor reload >/dev/null 2>&1 || true
+  elif [ -x /etc/init.d/apparmor ]; then
+    /etc/init.d/apparmor reload >/dev/null 2>&1 || true
+  fi
+fi
+
+exit 0
--- a/packaging/ubuntu/prerm
+++ b/packaging/ubuntu/prerm
@@ -0,0 +1,8 @@
+#!/bin/sh
+set -e
+
+if command -v systemctl >/dev/null 2>&1; then
+  systemctl stop bitoj.service >/dev/null 2>&1 || true
+fi
+
+exit 0
--- a/packaging/ubuntu/tmpfiles.conf
+++ b/packaging/ubuntu/tmpfiles.conf
@@ -0,0 +1,2 @@
+d /var/log/bitoj 0755 root root -
+d /var/lib/bitoj 0755 oj oj -
--- a/scripts/run-guard.py
+++ b/scripts/run-guard.py
@@ -58,8 +58,7 @@ class RunGuard:
                self.usepickle = True

        v = os.getenv('GUARD_RLIMIT_OFILE')
-        if v:
-            self.ofile = int(v)
+        if v: self.ofile = int(v)
        self.ldpreload = os.getenv('GUARD_LD_PRELOAD')

    def execute(self):
Author	SHA1	Message	Date
smshine	c83e4755e9	ajust install package	2026-02-08 17:18:23 +08:00
smshine	6eb6ff6425	add packaging scripts	2026-02-08 14:33:02 +08:00