1 files changed, 83 insertions, 0 deletions

diff --git a/buildtools/debian-skeleton/rpki-rp.postinst b/buildtools/debian-skeleton/rpki-rp.postinst
new file mode 100644
index 00000000..b343f2a2
--- /dev/null
+++ b/buildtools/debian-skeleton/rpki-rp.postinst
@@ -0,0 +1,83 @@
+#!/bin/sh
+# postinst script for rpki-rp
+#
+# see: dh_installdeb(1)
+
+set -e
+
+setup_rcynic_ownership() {
+    install -o rcynic -g rcynic -d /var/rcynic/data /var/rcynic/rpki-rtr /var/rcynic/rpki-rtr
+    if test -d /var/www
+    then
+	install -o rcynic -g rcynic -d /var/www/rcynic
+    fi
+}
+
+setup_rcynic_user() {
+    if ! getent passwd rcynic >/dev/null
+    then
+	useradd -g rcynic -M -N -d /var/rcynic -s /sbin/nologin -c "RPKI validation system" rcynic
+    fi
+}
+
+setup_rcynic_group() {
+    if ! getent group rcynic >/dev/null
+    then
+	groupadd rcynic
+    fi
+}
+
+# We want to pick a *random* minute for rcynic to run, to spread load
+# on repositories, which is why we don't just use a package crontab.
+
+setup_rcynic_cron() {
+    crontab -l -u rcynic 2>/dev/null |
+    awk -v t=`hexdump -n 2 -e '"%u\n"' /dev/urandom` '
+        BEGIN { cmd = "exec /usr/bin/rcynic-cron" }
+	$0 !~ cmd { print }
+	END { printf "%u * * * *\t%s\n", t % 60, cmd }
+    ' |
+    crontab -u rcynic -
+}
+
+setup_rpki_rtr_listener() {
+    killall -HUP xinetd
+}
+
+# summary of how this script can be called:
+#        * <postinst> `configure' <most-recently-configured-version>
+#        * <old-postinst> `abort-upgrade' <new version>
+#        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
+#          <new-version>
+#        * <postinst> `abort-remove'
+#        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
+#          <failed-install-package> <version> `removing'
+#          <conflicting-package> <version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+
+case "$1" in
+    configure)
+	setup_rcynic_group
+	setup_rcynic_user
+	setup_rcynic_ownership
+	setup_rcynic_cron
+	setup_rpki_rtr_listener
+    ;;
+
+    abort-upgrade|abort-remove|abort-deconfigure)
+    ;;
+
+    *)
+        echo "postinst called with unknown argument \`$1'" >&2
+        exit 1
+    ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0