#!/bin/sh # postinst script for rpki-rp # # see: dh_installdeb(1) set -e setup_groups() { if ! getent group rcynic >/dev/null then groupadd rcynic fi if ! getent group rpkirtr >/dev/null then groupadd rpkirtr fi } setup_users() { if ! getent passwd rcynic >/dev/null then useradd -g rcynic -M -N -d /var/rcynic -s /sbin/nologin -c "RPKI validation system" rcynic fi if ! getent passwd rpkirtr >/dev/null then useradd -g rpkirtr -M -N -d /var/rcynic/rpki-rtr -s /sbin/nologin -c "RPKI router server" rpkirtr fi usermod -a -G rpkirtr rcynic } setup_directories() { install -o rcynic -g rcynic -d /var/rcynic/data /var/rcynic/rpki-rtr if test -d /var/www/html && test -d /var/www/rcynic && test ! -d /var/www/html/rcynic then mv /var/www/rcynic /var/www/html/rcynic elif test -d /var/www/html then install -o rcynic -g rcynic -d /var/www/html/rcynic fi install -o rpkirtr -g rcynic -m 775 -d /var/rcynic/rpki-rtr/sockets } # We want to pick a *random* minute for rcynic to run, to spread load # on repositories, which is why we don't just use a package crontab. setup_rcynic_cron() { if test "X`crontab -l -u rcynic 2>/dev/null`" = "X" then awk -v t=`hexdump -n 2 -e '"%u\n"' /dev/urandom` ' BEGIN {printf "MAILTO=root\n%u * * * *\texec /usr/bin/rcynic-cron\n", t % 60}' | crontab -u rcynic - fi } setup_rpkirtr_listener() { if test -f /var/run/xinetd.pid then kill -HUP `cat /var/run/xinetd.pid` fi } # summary of how this script can be called: # * `configure' # * `abort-upgrade' # * `abort-remove' `in-favour' # # * `abort-remove' # * `abort-deconfigure' `in-favour' # `removing' # # for details, see http://www.debian.org/doc/debian-policy/ or # the debian-policy package case "$1" in configure) setup_groups setup_users setup_directories setup_rcynic_cron setup_rpkirtr_listener ;; abort-upgrade|abort-remove|abort-deconfigure) ;; *) echo "postinst called with unknown argument \`$1'" >&2 exit 1 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0