summaryrefslogtreecommitdiffstats
path: root/debian/sudo-ldap.postinst
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 12:52:13 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 12:52:13 +0000
commitaf28b3fc7bdc38f942b8b641e7a95223443e0eab (patch)
tree9134309de0bda5a19b41aec8e1ef27272f79d958 /debian/sudo-ldap.postinst
parentAdding upstream version 1.9.5p2. (diff)
downloadsudo-debian.tar.xz
sudo-debian.zip
Adding debian version 1.9.5p2-3+deb11u1.debian/1.9.5p2-3+deb11u1debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/sudo-ldap.postinst')
-rw-r--r--debian/sudo-ldap.postinst83
1 files changed, 83 insertions, 0 deletions
diff --git a/debian/sudo-ldap.postinst b/debian/sudo-ldap.postinst
new file mode 100644
index 0000000..6218aee
--- /dev/null
+++ b/debian/sudo-ldap.postinst
@@ -0,0 +1,83 @@
+#!/bin/sh
+
+set -e
+
+# remove old link
+
+if [ -L /etc/alternatives/sudo ]; then
+ rm /etc/alternatives/sudo
+fi
+
+# remove legacy conffile no longer delivered
+
+if [ -f /etc/sudoers.dist ]; then
+ rm /etc/sudoers.dist
+fi
+
+# complain if no sudoers file is present
+if [ ! -f /etc/sudoers ];then
+ echo "WARNING: /etc/sudoers not present!";
+fi
+
+# modify nsswitch.conf if needed
+if [ -z "`grep \"^sudoers:\" /etc/nsswitch.conf`" ]
+then
+ echo "sudoers: files ldap" >> /etc/nsswitch.conf
+fi
+
+# make sure sudoers has the correct permissions and owner/group
+if [ -f /etc/sudoers ];then
+ chown root:root /etc/sudoers
+ chmod 440 /etc/sudoers
+fi
+
+# create symlink to ease transition to new path for ldap config
+# if old config file exists and new one doesn't
+if [ -e /etc/ldap/ldap.conf -a ! -e /etc/sudo-ldap.conf ];then
+ ln -s ldap/ldap.conf /etc/sudo-ldap.conf
+fi
+
+# if we've gotten this far .. remove the saved, unchanged old sudoers file
+rm -f /etc/sudoers.pre-conffile
+
+# before 1.8.7-1 sudo-ldap used /etc/init.d/sudo instead of /etc/init.d/sudo-ldap,
+# let's make sure that's taken care of
+if [ "$1" = "configure" ] && dpkg --compare-versions "$2" lt-nl "1.8.21p2-2~" ; then
+ update-rc.d sudo remove
+fi
+
+#DEBHELPER#
+
+# make sure we have a sudo group
+
+[ -n "`getent group sudo`" ] && exit 0 # we're finished if there is a group sudo:
+
+# start search with gid 27
+gid="27"
+while [ -n "`getent group $gid | cut -d: -f3`" ];do
+ gid=`expr $gid + 1`
+done
+
+
+if [ "$gid" -ne "27" ];then
+ echo "On Debian we normally use gid 27 for 'sudo'."
+ gname="`getent group 27 | cut -d: -f1`"
+ echo "However, on your system gid 27 is group '$gname'."
+ echo ""
+ echo "Would you like me to stop configuring sudo so that you can change this?";
+ while true;do
+ echo -n "(Enter 'yes' to stop, enter to continue): "
+ read ans
+ [ "$ans" = "" ] && break
+ if [ "$ans" = "yes" -o "$ans" = "YES" ];then
+ echo "'dpkg --pending --configure' will restart the configuration."
+ exit 1;
+ fi
+ echo "Please enter exactly 'yes' to stop, or press the enter key to continue without stopping"
+ done
+fi
+
+echo "Creating group 'sudo' with gid = $gid";
+groupadd -g $gid sudo
+
+echo ""