1 files changed, 153 insertions, 0 deletions

diff --git a/debian/postgresql-common.postinst b/debian/postgresql-common.postinst
new file mode 100644
index 0000000..58b7ece
--- /dev/null
+++ b/debian/postgresql-common.postinst
@@ -0,0 +1,153 @@
+#!/bin/sh
+
+set -e
+[ "$DPKG_MAINTSCRIPT_PACKAGE" ] && . /usr/share/debconf/confmodule
+
+SSL_ROOT=/etc/postgresql-common/root.crt
+
+setup_createclusterconf ()
+{
+    [ "$DPKG_MAINTSCRIPT_PACKAGE" ] || return 0
+    db_get postgresql-common/ssl
+    case $RET in
+        true) SSL=on ;;
+        false) SSL=off ;;
+        *) return ;;
+    esac
+
+    CCTEMPLATE="/usr/share/postgresql-common/createcluster.conf"
+    CCTMP=`mktemp --tmpdir postgresql-common.XXXXXX`
+    trap "rm -f $CCTMP" 0 2 3 15
+    sed -e "s/^ssl =.*/ssl = $SSL/" $CCTEMPLATE > $CCTMP
+    chmod 644 $CCTMP
+    CCCONFIG="/etc/postgresql-common/createcluster.conf"
+    ucf --debconf-ok $CCTMP $CCCONFIG
+    ucfr postgresql-common $CCCONFIG
+    rm -f $CCTMP
+}
+
+if [ "$1" = configure ]; then
+    [ "$DPKG_MAINTSCRIPT_PACKAGE" ] && quiet="--quiet" # RedHat doesn't have this
+    # Make sure the administrative user exists
+    if ! getent passwd postgres > /dev/null; then
+        adduser --system $quiet --home /var/lib/postgresql --no-create-home \
+            --shell /bin/bash --group --gecos "PostgreSQL administrator" postgres
+    fi
+    # if the user was created manually, make sure the group is there as well
+    if ! getent group postgres > /dev/null; then
+        addgroup --system $quiet postgres
+    fi
+    # make sure postgres is in the postgres group
+    if ! id -Gn postgres | grep -qw postgres; then
+        adduser $quiet postgres postgres
+    fi
+
+    # check validity of postgres user and group
+    if [ "`id -u postgres`" -eq 0 ]; then
+        echo "The postgres system user must not have uid 0 (root).
+Please fix this and reinstall this package." >&2
+        exit 1
+    fi
+    if [ "`id -g postgres`" -eq 0 ]; then
+        echo "The postgres system user must not have root as primary group.
+Please fix this and reinstall this package." >&2
+        exit 1
+    fi
+
+    # ensure home directory ownership
+    mkdir -p /var/lib/postgresql
+    su -s /bin/sh postgres -c "test -O /var/lib/postgresql &&
+            test -G /var/lib/postgresql" || \
+        chown postgres:postgres /var/lib/postgresql
+
+    # config directory permissions
+    chown postgres:postgres /etc/postgresql
+
+    # nicer log directory permissions
+    mkdir -p /var/log/postgresql
+    chmod 1775 /var/log/postgresql
+    chown root:postgres /var/log/postgresql
+
+    # create socket directory
+    [ -d /var/run/postgresql ] || \
+       install -d -m 2775 -o postgres -g postgres /var/run/postgresql
+
+    # create default dummy root.crt if not present
+    if ! [ -e "$SSL_ROOT" ]; then
+        cat > "$SSL_ROOT" <<EOF
+This is a dummy root certificate file for PostgreSQL. To enable client side
+authentication, add some certificates to it. Client certificates must be signed
+with any certificate in this file to be accepted.
+
+A reasonable choice is to just symlink this file to
+/etc/ssl/certs/ssl-cert-snakeoil.pem; in this case, client certificates need to
+be signed by the postgresql server certificate, which might be desirable in
+many cases. See chapter "Server Setup and Operation" in the PostgreSQL
+documentation for details (in package postgresql-doc-9.2).
+
+  file:///usr/share/doc/postgresql-doc-9.2/html/ssl-tcp.html
+EOF
+    fi
+
+    # Add postgres user to the ssl-cert group on fresh installs
+    # if not already in the group
+    if [ -z "$2" ]; then
+        if getent group ssl-cert >/dev/null; then
+            if ! id -Gn postgres 2> /dev/null | grep -qw ssl-cert; then
+                adduser $quiet postgres ssl-cert
+            fi
+        fi
+    fi
+
+    if [ "$2" ]; then
+        /usr/share/postgresql-common/run-upgrade-scripts "$2" || true
+    fi
+
+    /usr/share/postgresql-common/pg_checksystem || true
+
+    # Create createcluster.conf from debconf
+    setup_createclusterconf
+
+    # Forget about ucf logrotate config handling
+    if dpkg --compare-versions "$2" lt 183~; then
+        LRCONFIG="/etc/logrotate.d/postgresql-common"
+        ucf --purge $LRCONFIG
+        ucfr --purge postgresql-common $LRCONFIG
+    fi
+
+    # Drop auto-generated conffile dropped in 215/229 + backups
+    rm -f /etc/apt/apt.conf.d/01autoremove-postgresql*
+
+    # Create tsearch dictionaries on first install
+    if [ -z "$2" ]; then
+        pg_updatedicts
+    fi
+
+    # Reload systemd (we don't restart services on install) (#932360, #950726)
+    [ -d /run/systemd/system ] && systemctl --system daemon-reload >/dev/null || :
+
+    # Provide keyring symlink for pgdg systems using the old pgdg.list format
+    pgdg_list="/etc/apt/sources.list.d/pgdg.list"
+    trusted_key="/etc/apt/trusted.gpg.d/apt.postgresql.org.gpg"
+    pgdg_key="/usr/share/postgresql-common/pgdg/apt.postgresql.org.gpg"
+    if test -e $pgdg_list && ! test -e $trusted_key && ! grep -q signed-by $pgdg_list; then
+        ln -sv $pgdg_key $trusted_key
+    fi
+fi
+
+if [ "$1" = triggered ]; then
+    pg_updatedicts || true
+    db_stop
+    exit 0  # skip daemon restart below
+fi
+
+[ "$DPKG_MAINTSCRIPT_PACKAGE" ] && db_stop
+
+#DEBHELPER#
+
+if [ "$1" = configure ]; then
+    # update list of packages not to apt-autoremove (after dpkg-maintscript-helper possibly removed the old version)
+    /usr/share/postgresql-common/pg_updateaptconfig
+fi
+
+exit 0