#!/bin/sh set -e [ "$DPKG_MAINTSCRIPT_PACKAGE" ] && . /usr/share/debconf/confmodule SSL_ROOT=/etc/postgresql-common/root.crt setup_createclusterconf () { [ "$DPKG_MAINTSCRIPT_PACKAGE" ] || return 0 db_get postgresql-common/ssl case $RET in true) SSL=on ;; false) SSL=off ;; *) return ;; esac CCTEMPLATE="/usr/share/postgresql-common/createcluster.conf" CCTMP=`mktemp --tmpdir postgresql-common.XXXXXX` trap "rm -f $CCTMP" 0 2 3 15 sed -e "s/^ssl =.*/ssl = $SSL/" $CCTEMPLATE > $CCTMP chmod 644 $CCTMP CCCONFIG="/etc/postgresql-common/createcluster.conf" ucf --debconf-ok $CCTMP $CCCONFIG ucfr postgresql-common $CCCONFIG rm -f $CCTMP } if [ "$1" = configure ]; then [ "$DPKG_MAINTSCRIPT_PACKAGE" ] && quiet="--quiet" # RedHat doesn't have this # Make sure the administrative user exists if ! getent passwd postgres > /dev/null; then adduser --system $quiet --home /var/lib/postgresql --no-create-home \ --shell /bin/bash --group --gecos "PostgreSQL administrator" postgres fi # if the user was created manually, make sure the group is there as well if ! getent group postgres > /dev/null; then addgroup --system $quiet postgres fi # make sure postgres is in the postgres group if ! id -Gn postgres | grep -qw postgres; then adduser $quiet postgres postgres fi # check validity of postgres user and group if [ "`id -u postgres`" -eq 0 ]; then echo "The postgres system user must not have uid 0 (root). Please fix this and reinstall this package." >&2 exit 1 fi if [ "`id -g postgres`" -eq 0 ]; then echo "The postgres system user must not have root as primary group. Please fix this and reinstall this package." >&2 exit 1 fi # ensure home directory ownership mkdir -p /var/lib/postgresql su -s /bin/sh postgres -c "test -O /var/lib/postgresql && test -G /var/lib/postgresql" || \ chown postgres:postgres /var/lib/postgresql # config directory permissions chown postgres:postgres /etc/postgresql # nicer log directory permissions mkdir -p /var/log/postgresql chmod 1775 /var/log/postgresql chown root:postgres /var/log/postgresql # create socket directory [ -d /var/run/postgresql ] || \ install -d -m 2775 -o postgres -g postgres /var/run/postgresql # create default dummy root.crt if not present if ! [ -e "$SSL_ROOT" ]; then cat > "$SSL_ROOT" </dev/null; then if ! id -Gn postgres 2> /dev/null | grep -qw ssl-cert; then adduser $quiet postgres ssl-cert fi fi fi if [ "$2" ]; then /usr/share/postgresql-common/run-upgrade-scripts "$2" || true fi /usr/share/postgresql-common/pg_checksystem || true # Create createcluster.conf from debconf setup_createclusterconf # Forget about ucf logrotate config handling if dpkg --compare-versions "$2" lt 183~; then LRCONFIG="/etc/logrotate.d/postgresql-common" ucf --purge $LRCONFIG ucfr --purge postgresql-common $LRCONFIG fi # Drop auto-generated conffile dropped in 215/229 + backups rm -f /etc/apt/apt.conf.d/01autoremove-postgresql* # Create tsearch dictionaries on first install if [ -z "$2" ]; then pg_updatedicts fi # Reload systemd (we don't restart services on install) (#932360, #950726) [ -d /run/systemd/system ] && systemctl --system daemon-reload >/dev/null || : # Provide keyring symlink for pgdg systems using the old pgdg.list format pgdg_list="/etc/apt/sources.list.d/pgdg.list" trusted_key="/etc/apt/trusted.gpg.d/apt.postgresql.org.gpg" pgdg_key="/usr/share/postgresql-common/pgdg/apt.postgresql.org.gpg" if test -e $pgdg_list && ! test -e $trusted_key && ! grep -q signed-by $pgdg_list; then ln -sv $pgdg_key $trusted_key fi fi if [ "$1" = triggered ]; then pg_updatedicts || true db_stop exit 0 # skip daemon restart below fi [ "$DPKG_MAINTSCRIPT_PACKAGE" ] && db_stop #DEBHELPER# if [ "$1" = configure ]; then # update list of packages not to apt-autoremove (after dpkg-maintscript-helper possibly removed the old version) /usr/share/postgresql-common/pg_updateaptconfig fi exit 0