summaryrefslogtreecommitdiffstats
path: root/debian/ceph-common.postinst
blob: 5535e9dee3c59e6961ac77317dff8cd2d811f8ab (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
#!/bin/sh
# vim: set noet ts=8:
# postinst script for ceph-common
#
# see: dh_installdeb(1)

set -e

# summary of how this script can be called:
#
# 	postinst configure <most-recently-configured-version>
# 	old-postinst abort-upgrade <new-version>
# 	conflictor's-postinst abort-remove in-favour <package> <new-version>
# 	postinst abort-remove
# 	deconfigured's-postinst abort-deconfigure in-favour <failed-install-package> <version> [<removing conflicting-package> <version>]
#

# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package


# Let the admin override these distro-specified defaults.  This is NOT
# recommended!
[ -f "/etc/default/ceph" ] && . /etc/default/ceph

[ -z "$SERVER_HOME" ] && SERVER_HOME=/var/lib/ceph
[ -z "$SERVER_USER" ] && SERVER_USER=ceph
[ -z "$SERVER_NAME" ] && SERVER_NAME="Ceph storage service"
[ -z "$SERVER_GROUP" ] && SERVER_GROUP=ceph
[ -z "$SERVER_UID" ] && SERVER_UID=64045  # alloc by Debian base-passwd maintainer
[ -z "$SERVER_GID" ] && SERVER_GID=$SERVER_UID


# Groups that the user will be added to, if undefined, then none.
[ -z "$SERVER_ADDGROUP" ] && SERVER_ADDGROUP=

# Custom dpkg-maintscript-helper type function to deal with
# nested /etc/default/ceph/ceph
finish_mv_ceph_defaults() {
    rm -rf "/etc/default/ceph.dpkg-backup/ceph.dpkg-remove"

    [ -e "/etc/default/ceph.dpkg-backup/ceph" ] || return 0

    echo "Preserving user changes to /etc/default/ceph (renamed from /etc/default/ceph/ceph)..."
    if [ -f "/etc/default/ceph" ]; then
        mv -f "/etc/default/ceph" "/etc/default/ceph.dpkg-new"
    fi
    mv -f "/etc/default/ceph.dpkg-backup/ceph" "/etc/default/ceph"
}

case "$1" in
    configure)
       # create user to avoid running server as root
       # 1. create group if not existing
       if ! getent group | grep -q "^$SERVER_GROUP:" ; then
	   echo -n "Adding group $SERVER_GROUP.."
          addgroup --quiet --system --gid $SERVER_GID \
	      $SERVER_GROUP 2>/dev/null ||true
	  echo "..done"
       fi
       # 2. create user if not existing
       if ! getent passwd | grep -q "^$SERVER_USER:"; then
	 echo -n "Adding system user $SERVER_USER.."
         adduser --quiet \
                 --system \
                 --no-create-home \
                 --disabled-password \
	         --uid $SERVER_UID \
	         --gid $SERVER_GID \
	         --home $SERVER_HOME \
                 $SERVER_USER 2>/dev/null || true
	 echo "..done"
       fi
       # 3. adjust passwd entry
       echo -n "Setting system user $SERVER_USER properties.."
       usermod -c "$SERVER_NAME" \
               -d $SERVER_HOME   \
               -g $SERVER_GROUP  \
               $SERVER_USER

       # Unlock $SERVER_USER in case it is locked from an uninstall
       if [ -f /etc/shadow ]; then
           usermod -U -e '' $SERVER_USER
       else
	   usermod -U $SERVER_USER
       fi
       echo "..done"

       # 5. adjust file and directory permissions
       if ! dpkg-statoverride --list $SERVER_HOME >/dev/null
       then
           chown $SERVER_USER:$SERVER_GROUP $SERVER_HOME
           chmod u=rwx,g=rx,o= $SERVER_HOME
       fi
       if ! dpkg-statoverride --list /var/log/ceph >/dev/null
       then
           chown -R $SERVER_USER:$SERVER_GROUP /var/log/ceph
	   # members of group ceph can log here, but cannot remove
	   # others' files.  non-members cannot read any logs.
           chmod u=rwx,g=rwxs,o=t /var/log/ceph
       fi

       # 6. fix /var/run/ceph
       if [ -d /var/run/ceph ]; then
	   echo -n "Fixing /var/run/ceph ownership.."
	   chown $SERVER_USER:$SERVER_GROUP /var/run/ceph
	   echo "..done"
       fi

       # create /run/ceph.  fail softly if systemd isn't present or
       # something.
       [ -x /bin/systemd-tmpfiles ] && systemd-tmpfiles --create || true

       # Complete renames of /etc/default/ceph
       if [ -n "$2" ] &&
          dpkg --compare-versions -- "$2" le-nl 10.2.1-0ubuntu1; then
           finish_mv_ceph_defaults
	   # Preserve dpkg-backup directory if it still contains
	   # any file
           if ! ls -1qA "/etc/default/ceph.dpkg-backup" | grep -q . ; then
              rm -rf "/etc/default/ceph.dpkg-backup"
           fi
       fi
    ;;
    abort-upgrade|abort-remove|abort-deconfigure)
	:
    ;;

    *)
        echo "postinst called with unknown argument \`$1'" >&2
        exit 1
    ;;
esac

# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.

#DEBHELPER#

exit 0