summaryrefslogtreecommitdiffstats
path: root/debian/sudo.prerm
diff options
context:
space:
mode:
Diffstat (limited to 'debian/sudo.prerm')
-rw-r--r--debian/sudo.prerm51
1 files changed, 51 insertions, 0 deletions
diff --git a/debian/sudo.prerm b/debian/sudo.prerm
new file mode 100644
index 0000000..1503418
--- /dev/null
+++ b/debian/sudo.prerm
@@ -0,0 +1,51 @@
+#!/bin/sh
+
+set -e
+
+check_password() {
+ if [ ! "$SUDO_FORCE_REMOVE" = "yes" ]; then
+ # let's check whether the root account is locked.
+ # if it is, we're not going another step. No Sirreee!
+ passwd=$(getent shadow root|cut -f2 -d:)
+ passwd1=$(echo "$passwd" |cut -c1)
+ # Note: we do need the 'xfoo' syntax here, since POSIX special-cases
+ # the $passwd value '!' as negation.
+ # bug #1001858 causes trouble here. In autopkgtest, the system
+ # might be switching back and forth between sudo and sudo-ldap
+ # without having a root password set.
+ # autopkgtest environment is not under our control, so we cannot
+ # disable this test just for autopkgtest (it's autopkgtest itself
+ # installing packages).
+ if [ "x$passwd" = "x*" ] || [ "x$passwd1" = "x!" ]; then
+ # yup, password is locked
+ echo "You have asked that the sudo package be removed,"
+ echo "but no root password has been set."
+ echo "Without sudo, you may not be able to gain administrative privileges."
+ echo
+ echo "If you would prefer to access the root account with su(1)"
+ echo "or by logging in directly,"
+ echo "you must set a root password with \"sudo passwd\"."
+ echo
+ echo "If you have arranged other means to access the root account,"
+ echo "and you are sure this is what you want,"
+ echo "you may bypass this check by setting an environment variable "
+ echo "(export SUDO_FORCE_REMOVE=yes)."
+ echo
+ echo "Refusing to remove sudo."
+ exit 1
+ fi
+ fi
+}
+
+case $1 in
+ remove)
+ check_password;
+ ;;
+ *)
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
+