debian/sssd-common.postinst


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83

#!/bin/sh
# postinst script for sssd
#
# see: dh_installdeb(1)

set -e

# summary of how this script can be called:
#        * <postinst> `configure' <most-recently-configured-version>
#        * <old-postinst> `abort-upgrade' <new version>
#        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
#          <new-version>
#        * <postinst> `abort-remove'
#        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
#          <failed-install-package> <version> `removing'
#          <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package

OUT=/dev/null
HOME=/var/lib/sss
LIBDIR=/usr/libexec/sssd

case "$1" in
    configure)
        if ! getent passwd sssd > $OUT; then
            echo "Creating SSSD system user & group..."
            adduser --quiet --system --home $HOME \
                --disabled-password --group \
                --gecos "SSSD system user" \
                sssd > $OUT
        fi
        chown -R root:root \
            $HOME/db \
            $HOME/gpo_cache \
            $HOME/mc \
            $HOME/pipes \
            $HOME/pipes/private \
            $HOME/pubconf \
            $HOME/secrets \
            /etc/sssd \
            /var/log/sssd

        # for easier review keep the same order as on sssd.spec
        chmod 700 $HOME/db
        chmod 775 $HOME/mc
        chmod 700 $HOME/secrets
        chmod 751 $HOME/deskprofile
        chmod 755 $HOME/pipes
        chmod 750 $HOME/pipes/private
        chmod 755 $HOME/pubconf
        chmod 755 $HOME/gpo_cache
        chmod 750 /var/log/sssd
        chmod 700 /etc/sssd
        chmod 711 /etc/sssd
        if [ -f /etc/sssd/sssd.conf ]; then
            chown root:root /etc/sssd/sssd.conf
            chmod 0600 /etc/sssd/sssd.conf
        fi
    ;;

    abort-upgrade|abort-remove|abort-deconfigure)
    ;;

    *)
        echo "postinst called with unknown argument \`$1'" >&2
        exit 1
    ;;
esac

invoke_failure() {
    # invoke-rc.d failed, likely because of a missing sssd.conf
    if [ ! -s /etc/sssd/sssd.conf ]; then
        echo "... because /etc/sssd/sssd.conf is not available yet"
    fi
}

# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.

#DEBHELPER#

exit 0