/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to debian/mandos.postinst

  • Committer: Teddy Hogeborn
  • Date: 2015-07-01 20:01:26 UTC
  • mto: (237.7.307 trunk)
  • mto: This revision was merged to the branch mainline in revision 325.
  • Revision ID: teddy@recompile.se-20150701200126-qb3f6c3jcas2f4og
mandos-client: Try to start a plugin to add and remove a local route.

* debian/mandos-client.README.Debian: Add setting of environment
                                      variable MANDOSPLUGINHELPERDIR
                                      to command line testing
                                      mandos-client.
* mandos-client.c (raise_privileges): Moved to top of file.
                  (raise_privileges_permanently): - '' -
                  (lower_privileges): - '' -
                  (lower_privileges_permanently): - '' -
  (add_remove_local_route, add_local_route, remove_local_route): New.
  (start_mandos_communication): Set SOCK_CLOEXEC flag on socket.  Run
                                the above functions to add (and
                                remove) local route, if the conditions
                                indicates it could help.
  (run_network_hooks): Use O_DIRECTORY, O_PATH, and O_CLOEXEC flags
                       when opening network hook directory. Do
                       TEMP_FAILURE_RETRY around opening of /dev/null
                       and network hook executables.  Move redirecting
                       of stdout and stderr to as late as possible
                       before fexecve().
  (main): Use O_DIRECTORY and O_PATH when opening temporary directory.
* plugins.d/mandos-client.xml (ENVIRONMENT): Document usage of the
                                             MANDOSPLUGINHELPERDIR
                                             environment variable.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
#!/bin/sh -e
 
1
#!/bin/sh
2
2
# This script can be called in the following ways:
3
3
#
4
4
# After the package was installed:
15
15
# If prerm fails during replacement due to conflict:
16
16
#       <postinst> abort-remove in-favour <new-package> <version>
17
17
 
 
18
set -e
 
19
 
18
20
case "$1" in
19
21
    configure)
20
22
        # Rename old "mandos" user and group
21
 
        case "`getent passwd mandos`" in
22
 
            *:Mandos\ password\ system,,,:/nonexistent:/bin/false)
23
 
                usermod --login _mandos mandos
24
 
                groupmod --new-name _mandos mandos
25
 
                ;;
26
 
        esac
 
23
        if dpkg --compare-versions "$2" lt "1.0.3-1"; then
 
24
            case "`getent passwd mandos`" in
 
25
                *:Mandos\ password\ system,,,:/nonexistent:/bin/false)
 
26
                    usermod --login _mandos mandos
 
27
                    groupmod --new-name _mandos mandos
 
28
                    ;;
 
29
            esac
 
30
        fi
27
31
        # Create new user and group
28
32
        if ! getent passwd _mandos >/dev/null; then
29
33
            adduser --system --force-badname --quiet \
31
35
                --disabled-password --gecos "Mandos password system" \
32
36
                _mandos
33
37
        fi
 
38
        chown _mandos:_mandos /var/lib/mandos
34
39
        ;;
35
 
 
 
40
    
36
41
    abort-upgrade|abort-deconfigure|abort-remove)
37
42
        ;;
38
 
 
 
43
    
39
44
    *)
40
45
        echo "$0 called with unknown argument '$1'" 1>&2
41
46
        exit 1
42
47
        ;;
43
48
esac
44
49
 
 
50
# Avahi version 0.6.31-2 and older provides "avahi" (instead of
 
51
# "avahi-daemon") in its /etc/init.d script header.  To make
 
52
# insserv(8) happy, we edit our /etc/init.d script header to contain
 
53
# the correct string before the code added by dh_installinit calls
 
54
# update.rc-d, which calls insserv.
 
55
avahi_version="`dpkg-query --showformat='${Version}' --show avahi-daemon`"
 
56
if dpkg --compare-versions "$avahi_version" le 0.6.31-2; then
 
57
    sed --in-place --expression='/^### BEGIN INIT INFO$/,/^### END INIT INFO$/s/^\(# Required-\(Stop\|Start\):.*avahi\)-daemon\>/\1/g' /etc/init.d/mandos
 
58
fi
 
59
 
45
60
#DEBHELPER#
46
61
 
47
62
exit 0