From Fedora Project Wiki

Revision as of 02:32, 30 October 2015 by Wtogami (talk | contribs)

RPM Package and SELinux

There probably should be two separate SELinux policy modules for the two different ways Bitcoin Core is used.

  • System Service bitcoind
    • Should have its datadir somewhere like %{_datadir}bitcoind/ which expands to /var/lib/bitcoind/
    • Config file %config(noreplace) %{_datadir}/bitcoind/bitcoin.conf with wallet disabled by default, but they could enable it with wallet=1 if they really want it.
    • With system username like: bitcoinservice
    • Wrapper should launch bitcoind in a context named like: bitcoindservice_t
    • %doc README-FEDORA-BITCOIN-SERVICE should probably explain how the service is meant to be configured, used and controlled with bitcoin-cli or RPC/REST interfaces as the non-default datadir does not match upstream documentation and it thus may be non-obvious to users.
  • User service bitcoind and bitcoin-qt
    • The most common way in which Bitcoin Core users run their own bitcoind or bitcoin-qt with is as a non-root user with datadir ~/.bitcoin/.
    • There should be a separate user homedir SELinux policy for bitcoind and bitcoin-qt operated in this manner.