1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176
|
#! /bin/sh
# postinst script for ejabberd
#
# see: dh_installdeb(1)
set -e
EJABBERD_YML_SOURCE=/usr/share/ejabberd/ejabberd.yml.example
EJABBERDCTL_CFG_SOURCE=/usr/share/ejabberd/ejabberdctl.cfg.example
EJABBERD_YML_TEMP=$(mktemp)
EJABBERDCTL_CFG_TEMP=$(mktemp)
EJABBERD_YML_TARGET=/etc/ejabberd/ejabberd.yml
EJABBERDCTL_CFG_TARGET=/etc/default/ejabberd
. /usr/share/debconf/confmodule
setup_ejabberd()
{
# ejabberd config dir may contain sensitive data, so making it unreadable by the world.
if ! dpkg-statoverride --list /etc/ejabberd > /dev/null; then
chown root:ejabberd /etc/ejabberd
fi
# The users database dir /var/lib/ejabberd must be writable by user ejabberd.
install -d /var/lib/ejabberd
if ! dpkg-statoverride --list /var/lib/ejabberd > /dev/null; then
chown ejabberd:ejabberd /var/lib/ejabberd
chmod 700 /var/lib/ejabberd
fi
# ejabberd logs should be readable by users in adm group (see also logrotate script).
install -d /var/log/ejabberd
if ! dpkg-statoverride --list /var/log/ejabberd > /dev/null; then
chown ejabberd:adm /var/log/ejabberd
chmod 2750 /var/log/ejabberd
fi
# Chown the cert so ejabberd user can use it but not be accessible by the world.
if [ -f /etc/ejabberd/ejabberd.pem ]; then
if ! dpkg-statoverride --list /etc/ejabberd/ejabberd.pem > /dev/null; then
chown root:ejabberd /etc/ejabberd/ejabberd.pem
fi
fi
db_get ejabberd/erlangopts
ERLOPTS="$RET"
touch "$EJABBERDCTL_CFG_TEMP" && chmod 0600 "$EJABBERDCTL_CFG_TEMP"
sed -e "s/#\?ERL_OPTIONS=.*/ERL_OPTIONS=\"$ERLOPTS\"/" "$EJABBERDCTL_CFG_SOURCE" > "$EJABBERDCTL_CFG_TEMP"
ucf -three-way --debconf-ok "$EJABBERDCTL_CFG_TEMP" "$EJABBERDCTL_CFG_TARGET"
ucfr ejabberd "$EJABBERDCTL_CFG_TARGET"
if ! dpkg-statoverride --list "$EJABBERDCTL_CFG_TARGET" > /dev/null; then
chmod 644 "$EJABBERDCTL_CFG_TARGET"
fi
db_get ejabberd/hostname
HOST="$RET"
db_get ejabberd/user
USER="$RET"
db_get ejabberd/password
PASSWD="$RET"
touch "$EJABBERD_YML_TEMP" && chmod 0600 "$EJABBERD_YML_TEMP"
sed -e "s/ - \"localhost\"/ - \"$HOST\"/ ;
s/ ## admin/ admin/ ;
0,/ ## user/s/ ## user/ user/ ;
s/.*ermine.*//" $EJABBERD_YML_SOURCE > "$EJABBERD_YML_TEMP"
# Since username is optional and we let the user set up the admin account
# if there is no input to debconf's query, we use the given username or
# leave it empty
if [ -n "$USER" ]; then
sed -i "s/ ## - \"aleksey@localhost\"/ - \"$USER@$HOST\"/" "$EJABBERD_YML_TEMP"
else
sed -i "s/ ## - \"aleksey@localhost\"/ - \"\"/" "$EJABBERD_YML_TEMP"
fi
ucf --three-way --debconf-ok "$EJABBERD_YML_TEMP" "$EJABBERD_YML_TARGET"
ucfr ejabberd "$EJABBERD_YML_TARGET"
db_stop
# Making ejabberd config readable only by ejabberd user.
if ! dpkg-statoverride --list "$EJABBERD_YML_TARGET" > /dev/null; then
chown ejabberd:ejabberd "$EJABBERD_YML_TARGET"
chmod 600 "$EJABBERD_YML_TARGET"
fi
}
register_admin()
{
if [ -n "$USER" ] && [ -n "$PASSWD" ]; then
echo "Waiting for ejabberd to register admin user"
if ejabberdctl status > /dev/null || test $? = 1 ; then
# ejabberd is starting ($? = 1) or running ($? = 0) already.
cnt=0
flag=1
while ! ejabberdctl status > /dev/null ; do
cnt=$((cnt + 1))
if [ $cnt -ge 60 ] ; then
echo
echo "Can't register admin user \"$USER@$HOST\"."
echo "ejabberd is taking too long to start."
flag=0
break
fi
sleep 1
done
echo
if [ $flag -eq 1 ] ; then
if ejabberdctl registered_users "$HOST" | grep -q "^${USER}$"; then
echo "Admin user \"$USER@$HOST\" is already registered. Password IS NOT changed."
else
status=$(ejabberdctl register "$USER" "$HOST" "$PASSWD")
if echo "$status" | grep -q "successfully registered" ; then
echo "Admin user \"$USER@$HOST\" is registered successfully."
else
echo "Can't register admin user \"$USER@$HOST\". ($status)"
fi
fi
fi
else
echo
echo "Can't register admin user \"$USER@$HOST\"."
echo "ejabberd server is not started."
fi
fi
}
# After updates to packaging (config validation and nodename changes), we need
# to keep track of the install process so we can aid and have users coming from
# before these changes transition smoothly.
# This flag will track whether the upgrade fails due to the nodename change
# (it will remain if failed) so that the user will not be forced to change
# configuration in debconf due to invalid configuration
touch /var/lib/ejabberd/.postinst.flag && chmod 644 /var/lib/ejabberd/.postinst.flag
case "$1" in
configure|reconfigure)
adduser --quiet --system --shell /bin/sh --group --home /var/lib/ejabberd ejabberd 2> /dev/null || true
setup_ejabberd
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 0
;;
esac
#DEBHELPER#
case "$1" in
configure|reconfigure)
register_admin
;;
esac
rm -f "$EJABBERD_YML_TEMP"
rm -f "$EJABBERDCTL_CFG_TEMP"
# Remove the flag if install is successful
rm -f /var/lib/ejabberd/.postinst.flag
exit 0
|