#!/bin/sh - case $2 in PRE-INSTALL) if /usr/sbin/pw groupshow "rpki" 2>/dev/null then echo "You already have a group \"rpki\", so I will use it." elif /usr/sbin/pw groupadd rpki then echo "Added group \"rpki\"." else echo "Adding group \"rpki\" failed..." echo "Please create it, then try again." exit 1 fi if /usr/sbin/pw usershow "rpki" 2>/dev/null then echo "You already have a user \"rpki\", so I will use it." elif /usr/sbin/pw useradd rpki -g rpki -h - -d /nonexistant -s /usr/sbin/nologin -c "RPKI system daemons" then echo "Added user \"rpki\"." else echo "Adding user \"rpki\" failed..." echo "Please create it, then try again." exit 1 fi ;; POST-INSTALL) if ! test -d /var/rcynic then echo "Creating /var/rcynic" /usr/bin/install -o root -g wheel -d /var/rcynic fi for dir in /var/rcynic/data /var/rcynic/rpki-rtr /var/rcynic/rpki-rtr/sockets do /usr/bin/install -o rpki -g rpki -d $dir done if test ! -f /usr/local/etc/rpki.conf then /bin/cp -p /usr/local/etc/rpki.conf.sample /usr/local/etc/rpki.conf fi htmldir=/usr/local/www/apache%%APACHE_VERSION%%/data/rcynic /usr/bin/install -o rpki -g rpki -d $htmldir if test "X`/usr/bin/crontab -l -u rpki 2>/dev/null`" != "X" then echo "rpki user already has a crontab, leaving it alone" else echo "Setting up rpki's crontab to run rcynic-cron script" /usr/bin/awk -v t=`/usr/bin/hexdump -n 2 -e '"%u\n"' /dev/random` ' BEGIN {printf "MAILTO=root\n%u * * * *\texec /usr/local/bin/rcynic-cron\n", t % 60}' | /usr/bin/crontab -u rpki - fi echo "Setting up rpki-rtr listener under inetd" if /usr/bin/egrep -q '^rpki-rtr' /etc/services then echo "You already have a /etc/services entry for rpki-rtr, so I will use it." elif echo >>/etc/services "rpki-rtr 43779/tcp #RFC 6810" then echo "Added rpki-rtr to /etc/services." else echo "Adding rpki-rtr to /etc/services failed, please fix this, then try again." exit 1 fi if /usr/bin/egrep -q "^rpki-rtr[ ]+stream[ ]+tcp6?[ ].+rtr-origin" /etc/inetd.conf then echo "You have entries in /etc/inetd.conf for the old rpki-rtr implementation; these will not work anymore, so I will delete them." if /usr/bin/egrep -v "^rpki-rtr[ ]+stream[ ]+tcp6?[ ].+rtr-origin" /etc/inetd.conf >/etc/inetd.conf.tmp.$$ then /bin/mv /etc/inetd.conf.tmp.$$ /etc/inetd.conf else /bin/rm -f /etc/inetd.conf.tmp.$$ echo "Removing old rpki-rtr entries from /etc/inetd.conf failed, please remove them manually, then try again." exit 1 fi fi if /usr/bin/egrep -q "rpki-rtr[ ]+stream[ ]+tcp[ ]" /etc/inetd.conf then echo "You already have an /etc/inetd.conf entry for rpki-rtr on TCPv4, so I will use it." elif echo >>/etc/inetd.conf "rpki-rtr stream tcp nowait rpki /usr/local/bin/rpki-rtr rpki-rtr server /var/rcynic/rpki-rtr" then echo "Added rpki-rtr for TCPv4 to /etc/inetd.conf." else echo "Adding rpki-rtr for TCPv4 to /etc/inetd.conf failed, please fix this, then try again." exit 1 fi if /usr/bin/egrep -q "rpki-rtr[ ]+stream[ ]+tcp6[ ]" /etc/inetd.conf then echo "You already have an /etc/inetd.conf entry for rpki-rtr on TCPv6, so I will use it." elif echo >>/etc/inetd.conf "rpki-rtr stream tcp6 nowait rpki /usr/local/bin/rpki-rtr rpki-rtr server /var/rcynic/rpki-rtr" then echo "Added rpki-rtr for TCPv6 to /etc/inetd.conf." else echo "Adding rpki-rtr for TCPv6 to /etc/inetd.conf failed, please fix this, then try again." exit 1 fi ;; *) echo "No clue what this script is meant to do when invoked with arguments \"$*\". Punting." exit 1 ;; esac