diff options
Diffstat (limited to 'debian/bind9.postinst')
| -rw-r--r-- | debian/bind9.postinst | 133 |
1 files changed, 133 insertions, 0 deletions
diff --git a/debian/bind9.postinst b/debian/bind9.postinst new file mode 100644 index 0000000..d1fa83f --- /dev/null +++ b/debian/bind9.postinst @@ -0,0 +1,133 @@ +#!/bin/sh + +set -e + +. /usr/share/debconf/confmodule + +if [ "$1" = configure ]; then + lastversion="$2"; + + # lets give them a bind user/group in all cases. + getent group bind >/dev/null 2>&1 || addgroup --system bind + getent passwd bind >/dev/null 2>&1 || + adduser --system --home /var/cache/bind --no-create-home \ + --disabled-password --ingroup bind bind + + if [ -z "$lastversion" ] || dpkg --compare-versions "$lastversion" lt 1:9.4.2-2 ; then + mkdir -p /var/lib/bind + chown root:bind /var/lib/bind + chmod 775 /var/lib/bind + fi + + if [ ! -s /etc/bind/rndc.key ] && [ ! -s /etc/bind/rndc.conf ]; then + rndc-confgen -r /dev/urandom -a + fi + + # no sumfile means you get the default + [ -f /var/lib/bind/bind9-default.md5sum ] || + echo "2cfcfb7bf1b99c7930fd475907e38be7 /etc/default/bind9" > /var/lib/bind/bind9-default.md5sum + + if [ -f /etc/default/bind9 ] && \ + [ "$(cat /var/lib/bind/bind9-default.md5sum)" = "$(md5sum /etc/default/bind9)" ]; then + config="/etc/default/bind9" + elif [ ! -e /etc/default/bind9 ]; then + config="/etc/default/bind9" + else + config="/etc/default/bind9.dpkg-dist" + fi + + localconf="" + if [ ! -f $config ]; then + CONF=/etc/bind/named.conf + for file in ${CONF} ${CONF}.local ${CONF}.default-zones; do + if [ -f ${file} ]; then + theirs=$(md5sum $file | sed 's/ .*$//') + mine=$(dpkg --status bind9 | grep "^ $file " | sed -n 's/.* //p') + if [ "$mine" != "$theirs" ]; then + localconf="y" + fi + else + localconf="y" + fi + done + if [ -n "$localconf" ]; then + db_reset bind9/start-as-user + else + db_set bind9/start-as-user bind || true + fi + + echo '#' >> $config + echo '# run resolvconf?' >> $config + db_get bind9/run-resolvconf + if [ ! -z "$RET" ] && [ "$RET" = "true" ]; then + echo "RESOLVCONF=yes" >> $config + else + echo "RESOLVCONF=no" >> $config + fi + + db_get bind9/start-as-user + USER=$RET + db_get bind9/different-configuration-file + CONFFILE=$RET + + echo '' >> $config + echo '# startup options for the server' >> $config + if [ ! -z "$USER" ] && [ ! -z "$CONFFILE" ]; then + echo "OPTIONS=\"-u $USER -c $CONFFILE\"" >> $config + elif [ ! -z "$USER" ]; then + echo "OPTIONS=\"-u $USER\"" >> $config + elif [ ! -z "$CONFFILE" ]; then + echo "OPTIONS=\"-c $CONFFILE\"" >> $config + else + echo "OPTIONS=\"\"" >> $config + fi + else + db_get bind9/run-resolvconf + if [ ! -z "$RET" ] && [ "$RET" = "true" ]; then + sed -e "s#^\([[:space:]]*\)\(RESOLVCONF=[[:space:]]*\)[^ ]*#\1\2yes#g" -i $config + else + sed -e "s#^\([[:space:]]*\)\(RESOLVCONF=[[:space:]]*\)[^ ]*#\1\2no#g" -i $config + fi + db_get bind9/start-as-user + if [ ! -z "$RET" ]; then + if [ ! -z "`grep OPTIONS $config`" ]; then + if [ ! -z "`grep OPTIONS $config | grep '\-u'`" ]; then + sed -e "s#\([[:space:]]*OPTIONS[[:space:]]*\)=\"\([^\"]*\)-u[[:space:]]*[^\" ]*\([^\"]*\)\"#\1=\"\2-u $RET\3\"#g" -i $config + else + sed -e "s#\([[:space:]]*OPTIONS[[:space:]]*\)=\"\([^\"]*\)\"#\1=\"\2 -u $RET\"#g" -i $config + fi + else + echo "OPTIONS=\"-u $RET\"" >> $config + fi + fi + db_get bind9/different-configuration-file + if [ ! -z "$RET" ]; then + if [ ! -z "`grep OPTIONS $config | grep '\-c'`" ]; then + sed -e "s#\([[:space:]]*OPTIONS[[:space:]]*\)=\"\([^\"]*\)-c[[:space:]]*[^\" ]*\([^\"]*\)\"#\1=\"\2-c $RET\3\"#g" -i $config + else + sed -e "s#\([[:space:]]*OPTIONS[[:space:]]*\)=\"\([^\"]*\)\"#\1=\"\2 -c $RET\"#g" -i $config + fi + fi + fi + + if [ "$config" = "/etc/default/bind9" ]; then + md5sum /etc/default/bind9 > /var/lib/bind/bind9-default.md5sum + fi + + uid=$(ls -ln /etc/bind/rndc.key | awk '{print $3}') + if [ "$uid" = "0" ]; then + [ -n "$localconf" ] || chown bind /etc/bind/rndc.key + chgrp bind /etc/bind + chmod g+s /etc/bind + chgrp bind /etc/bind/rndc.key /var/cache/bind + chgrp bind /etc/bind/named.conf* || true + chmod g+r /etc/bind/rndc.key /etc/bind/named.conf* || true + chmod g+rwx /var/cache/bind + fi +fi + +db_stop + +#DEBHELPER# + +exit 0 |