diff options
Diffstat (limited to 'debian/slapd.postinst')
-rw-r--r-- | debian/slapd.postinst | 114 |
1 files changed, 114 insertions, 0 deletions
diff --git a/debian/slapd.postinst b/debian/slapd.postinst new file mode 100644 index 0000000..301572b --- /dev/null +++ b/debian/slapd.postinst @@ -0,0 +1,114 @@ +#! /bin/sh + +set -e + +. /usr/share/debconf/confmodule + +# This will be replaced with debian/slapd.scripts-common which includes +# various helper functions and $OLD_VERSION and $SLAPD_CONF +#SCRIPTSCOMMON# + +postinst_initial_configuration() { # {{{ +# Configure slapd for the first time (when first installed) +# Usage: postinst_initial_configuration + + if manual_configuration_wanted; then + echo " Omitting slapd configuration as requested." >&2 + else + crypt_admin_pass + create_new_configuration + fi +} + +# }}} +postinst_upgrade_configuration() { # {{{ +# Handle upgrading slapd from some older version +# Usage: postinst_upgrade_configuration + + # Better back up the config file in any case + backup_config_once + + # Check if the database format has changed. + if database_format_changed; then + + # During upgrading we have to load the old data + move_incompatible_databases_away + if ! load_databases; then + return 1 + fi + fi + + # Update permissions of all database directories and /var/run/slapd + update_databases_permissions + update_permissions /var/run/slapd + + # Versions prior to 2.4.7-1 could create a slapd.conf that wasn't + # readable by the openldap user. + update_permissions "${SLAPD_CONF}" +} + +# }}} +# Ignore the init script failure and just calls "true". This is +# useful when we don't want the failure to interrupt an upgrade +# operation if there's been a failure to upgrade the configuration. +ignore_init_failure() { # {{{ + if [ "$MODE" = "configure" ] && [ "$FAILED_TO_UPGRADE_CONFIGURATION" -eq 1 ]; then + true + fi +} +# }}} + +# Create a new user. Don't create the user, however, if the local +# administrator has already customized slapd to run as a different user. +if [ "$MODE" = "configure" ] || [ "$MODE" = "reconfigure" ] ; then + if [ "openldap" = "$SLAPD_USER" ] ; then + create_new_user + fi +fi + +# Initialize the FAILED_TO_UPGRADE_CONFIGURATION variable to 0. This +# variable will be set if/when there is a failure during the attempt +# to upgrade the existing configuration. It is useful to determine +# e.g. whether we should ignore the init script failure that will +# likely happen in these scenarios. +FAILED_TO_UPGRADE_CONFIGURATION=0 + +# Configuration. +if is_initial_configuration "$@"; then + postinst_initial_configuration +else + if ! postinst_upgrade_configuration; then + # An error occurred while attempting to upgrade the + # current configuration. This can mean many things, + # but usually it means that the user is using an + # unsupported backend. + # + # We need to: + # + # - Set the FAILED_TO_UPGRADE_CONFIGURATION to 1, in + # order to signal that there has been a problem + # while upgrading the configuration and the + # subsequent slapd init startup failure should not + # interefere with a possible dist-upgrade operation + # (see the "ignore_init_failure" function). + # + # - Display a critical notice to the user letting + # him/her know that manual action must be taken + # before the slapd can be started again. + # + # Note that the slapd service will fail to start after + # this, but that should be gracefully handled by + # dh_installinit's --error-handler option. + FAILED_TO_UPGRADE_CONFIGURATION=1 + db_input critical slapd/postinst_error || true + db_go || true + fi +fi + +db_stop || true + +#DEBHELPER# + +exit 0 + +# vim: set sw=8 foldmethod=marker: |