File: libvirt-daemon-system.postinst

package info (click to toggle)
libvirt 7.0.0-3%2Bdeb11u3
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 145,532 kB
  • sloc: ansic: 502,645; xml: 180,512; python: 8,627; sh: 3,992; perl: 2,768; makefile: 509; javascript: 116; cpp: 22
file content (167 lines) | stat: -rw-r--r-- 5,172 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
 
#!/bin/sh

set -e

# summary of how this script can be called:
#        * <postinst> `configure' <most-recently-configured-version>
#        * <old-postinst> `abort-upgrade' <new version>
#        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
#          <new-version>
#        * <postinst> `abort-remove'
#        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
#          <failed-install-package> <version> `removing'
#          <conflicting-package> <version>
# for details, see https://www.debian.org/doc/debian-policy/ or
# the debian-policy package

. /usr/share/debconf/confmodule

# Allocated UID and GID for libvirt-qemu
LIBVIRT_QEMU_UID=64055
LIBVIRT_QEMU_GID=64055

add_users_groups()
{
    if ! getent group libvirt >/dev/null; then
        addgroup --quiet --system libvirt
    fi

    if ! getent group kvm >/dev/null; then
        addgroup --quiet --system kvm
    fi
    # user and group libvirt runs qemu/kvm instances with
    if ! getent passwd libvirt-qemu >/dev/null; then

        # set uid if available (expected); don't fail otherwise.
        PARAMETER_UID=''
        if ! getent passwd $LIBVIRT_QEMU_UID >/dev/null; then
            PARAMETER_UID="--uid $LIBVIRT_QEMU_UID"
        fi

        adduser --quiet \
                --system \
                --ingroup kvm \
                --quiet \
                --disabled-login \
                --disabled-password \
                --home /var/lib/libvirt \
                --no-create-home \
                --gecos "Libvirt Qemu" \
                $PARAMETER_UID \
                libvirt-qemu
    fi
    if ! getent group libvirt-qemu >/dev/null; then

        # set gid if available (expected); don't fail otherwise.
        PARAMETER_GID=''
        if ! getent group $LIBVIRT_QEMU_GID >/dev/null; then
            PARAMETER_GID="--gid $LIBVIRT_QEMU_GID"
        fi

        addgroup --quiet --system $PARAMETER_GID libvirt-qemu
        adduser --quiet libvirt-qemu libvirt-qemu
    fi
}

add_statoverrides()
{
    ROOT_DIRS="\
        /var/lib/libvirt/images/ \
        /var/lib/libvirt/boot/ \
        /var/cache/libvirt/ \
    "

    QEMU_DIRS="\
         /var/lib/libvirt/qemu/ \
         /var/cache/libvirt/qemu/ \
         /var/lib/libvirt/qemu/channel/ \
         /var/lib/libvirt/qemu/channel/target/ \
    "

    SANLOCK_DIR="/var/lib/libvirt/sanlock"

    QEMU_CONF="/etc/libvirt/qemu.conf"

    for dir in ${ROOT_DIRS}; do
        if ! dpkg-statoverride --list "${dir}" >/dev/null 2>&1; then
            [ ! -e "${dir}" ] || chown root:root "${dir}"
            [ ! -e "${dir}" ] || chmod 0711 "${dir}"
        fi
    done

    for dir in ${QEMU_DIRS}; do
        if ! dpkg-statoverride --list "${dir}" >/dev/null 2>&1; then
            [ ! -e "${dir}" ] || chown libvirt-qemu:libvirt-qemu "${dir}"
            [ ! -e "${dir}" ] || chmod 0750 "${dir}"
        fi
    done

    if ! dpkg-statoverride --list "${SANLOCK_DIR}" >/dev/null 2>&1; then
        [ ! -e "${SANLOCK_DIR}" ] || chown root:root "${SANLOCK_DIR}"
        [ ! -e "${SANLOCK_DIR}" ] || chmod 0700 "${SANLOCK_DIR}"
    fi

    if ! dpkg-statoverride --list "${QEMU_CONF}" >/dev/null 2>&1; then
        [ ! -e "${QEMU_CONF}" ] || chown root:root "${QEMU_CONF}"
        [ ! -e "${QEMU_CONF}" ] || chmod 0600 "${QEMU_CONF}"
    fi
}

case "$1" in
    configure)
        add_users_groups
        add_statoverrides

        # Make sure the directories don't get removed on package removal since
        # logrotate chokes otherwise.
        for dir in qemu uml lxc; do
            touch /var/log/libvirt/"${dir}"/.placeholder
        done
        # Remove left over empty directory from pre 1.2.7
        [ ! -d /etc/apparmor.d/libvirtd ] || rmdir --ignore-fail-on-non-empty /etc/apparmor.d/libvirtd

        # Force virtlogd and virtlockd to reexec if enabled
        if [ -d /run/systemd/system ]; then
            if systemctl is-active -q virtlogd; then
                systemctl reload virtlogd
            fi
            if systemctl is-active -q virtlockd; then
                systemctl reload virtlockd
            fi
        fi

        # Force refresh of capabilities (#731815)
        rm -f /var/cache/libvirt/qemu/capabilities/*.xml

        # dh_apparmor can't work with dir/file profile filenames yet (#979500)
        # Also we don't want the reload section of dh_apparmor. Just the
        # install of an empty include.
        ABSTRACTIONS_DIR="/etc/apparmor.d/abstractions"
        LOCAL_ABSTRACTIONS_DIR="/etc/apparmor.d/local/abstractions"
        LIBVIRT_ABSTRACTIONS="libvirt-lxc libvirt-qemu"

        for name in $LIBVIRT_ABSTRACTIONS; do
            abstraction="$ABSTRACTIONS_DIR/$name"
            local_abstraction="$LOCAL_ABSTRACTIONS_DIR/$name"

            if [ -e "$abstraction" ] && [ ! -e "$local_abstraction" ]; then
                mkdir -p "$LOCAL_ABSTRACTIONS_DIR"
                install -m 0644 /dev/null "$local_abstraction"
            fi
        done
    ;;

    abort-upgrade|abort-remove|abort-deconfigure)
    ;;

    *)
        echo "postinst called with unknown argument \`$1'" >&2
        exit 1
    ;;
esac

db_stop

#DEBHELPER#

exit 0