summaryrefslogtreecommitdiffstats
path: root/debian/slapd.postinst
diff options
context:
space:
mode:
Diffstat (limited to 'debian/slapd.postinst')
-rw-r--r--debian/slapd.postinst114
1 files changed, 114 insertions, 0 deletions
diff --git a/debian/slapd.postinst b/debian/slapd.postinst
new file mode 100644
index 0000000..301572b
--- /dev/null
+++ b/debian/slapd.postinst
@@ -0,0 +1,114 @@
+#! /bin/sh
+
+set -e
+
+. /usr/share/debconf/confmodule
+
+# This will be replaced with debian/slapd.scripts-common which includes
+# various helper functions and $OLD_VERSION and $SLAPD_CONF
+#SCRIPTSCOMMON#
+
+postinst_initial_configuration() { # {{{
+# Configure slapd for the first time (when first installed)
+# Usage: postinst_initial_configuration
+
+ if manual_configuration_wanted; then
+ echo " Omitting slapd configuration as requested." >&2
+ else
+ crypt_admin_pass
+ create_new_configuration
+ fi
+}
+
+# }}}
+postinst_upgrade_configuration() { # {{{
+# Handle upgrading slapd from some older version
+# Usage: postinst_upgrade_configuration
+
+ # Better back up the config file in any case
+ backup_config_once
+
+ # Check if the database format has changed.
+ if database_format_changed; then
+
+ # During upgrading we have to load the old data
+ move_incompatible_databases_away
+ if ! load_databases; then
+ return 1
+ fi
+ fi
+
+ # Update permissions of all database directories and /var/run/slapd
+ update_databases_permissions
+ update_permissions /var/run/slapd
+
+ # Versions prior to 2.4.7-1 could create a slapd.conf that wasn't
+ # readable by the openldap user.
+ update_permissions "${SLAPD_CONF}"
+}
+
+# }}}
+# Ignore the init script failure and just calls "true". This is
+# useful when we don't want the failure to interrupt an upgrade
+# operation if there's been a failure to upgrade the configuration.
+ignore_init_failure() { # {{{
+ if [ "$MODE" = "configure" ] && [ "$FAILED_TO_UPGRADE_CONFIGURATION" -eq 1 ]; then
+ true
+ fi
+}
+# }}}
+
+# Create a new user. Don't create the user, however, if the local
+# administrator has already customized slapd to run as a different user.
+if [ "$MODE" = "configure" ] || [ "$MODE" = "reconfigure" ] ; then
+ if [ "openldap" = "$SLAPD_USER" ] ; then
+ create_new_user
+ fi
+fi
+
+# Initialize the FAILED_TO_UPGRADE_CONFIGURATION variable to 0. This
+# variable will be set if/when there is a failure during the attempt
+# to upgrade the existing configuration. It is useful to determine
+# e.g. whether we should ignore the init script failure that will
+# likely happen in these scenarios.
+FAILED_TO_UPGRADE_CONFIGURATION=0
+
+# Configuration.
+if is_initial_configuration "$@"; then
+ postinst_initial_configuration
+else
+ if ! postinst_upgrade_configuration; then
+ # An error occurred while attempting to upgrade the
+ # current configuration. This can mean many things,
+ # but usually it means that the user is using an
+ # unsupported backend.
+ #
+ # We need to:
+ #
+ # - Set the FAILED_TO_UPGRADE_CONFIGURATION to 1, in
+ # order to signal that there has been a problem
+ # while upgrading the configuration and the
+ # subsequent slapd init startup failure should not
+ # interefere with a possible dist-upgrade operation
+ # (see the "ignore_init_failure" function).
+ #
+ # - Display a critical notice to the user letting
+ # him/her know that manual action must be taken
+ # before the slapd can be started again.
+ #
+ # Note that the slapd service will fail to start after
+ # this, but that should be gracefully handled by
+ # dh_installinit's --error-handler option.
+ FAILED_TO_UPGRADE_CONFIGURATION=1
+ db_input critical slapd/postinst_error || true
+ db_go || true
+ fi
+fi
+
+db_stop || true
+
+#DEBHELPER#
+
+exit 0
+
+# vim: set sw=8 foldmethod=marker: