1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
|
#!/bin/sh
set -e
# summary of how this script can be called:
# * <postinst> `configure' <most-recently-configured-version>
# * <old-postinst> `abort-upgrade' <new version>
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
# <new-version>
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
# <failed-install-package> <version> `removing'
# <conflicting-package> <version>
case "$1" in
configure)
# Ensure the logcheck user exists
if ! getent passwd logcheck > /dev/null; then
adduser --quiet --system --home /var/lib/logcheck --no-create-home \
--group logcheck || true
# touch cron job to fix #284788
touch /etc/cron.d/logcheck || true
fi
# Ensure the logcheck group exists (the user could have been created without a group)
if ! getent group logcheck > /dev/null; then
addgroup --system logcheck
usermod -g logcheck logcheck
fi
# Ensure the logcheck user's home directory exists
if [ ! -d "$(getent passwd logcheck | cut -d: -f6)" ]; then
usermod -d /var/lib/logcheck logcheck > /dev/null || true
fi
# Ensure logcheck is in the adm group
if ! getent group adm | grep logcheck > /dev/null; then
adduser --quiet logcheck adm || true
fi
# Ensure logcheck is in the systemd-journal group
if ! getent group systemd-journal | grep logcheck > /dev/null; then
adduser --quiet logcheck systemd-journal || true
fi
# Ensure the logcheck user has a 'real name'
if [ -z "$(getent passwd logcheck | cut -d: -f5)" ]; then
chfn -f 'logcheck system account' logcheck
fi
# add logcheck to /etc/aliases (on install; not on upgrade)
if [ -z "${2-}" ]; then
if [ -f /etc/aliases ] || [ -L /etc/aliases ]; then
if ! grep -qi "^logcheck[[:space:]]*:" /etc/aliases; then
echo "logcheck: root" >> /etc/aliases
if [ -x "$(command -v newaliases)" ]; then
newaliases || :
fi
fi
fi
fi
# revert previous behaviour of changing perms + group of contents
# of /etc/logcheck - this avoids the piuparts error on 'install
# (from bullseye)+upgrade (to bookworm)+purge' when other packages
# have installed rules. The next two lines can be removed once
# bookworm is stable.
chown -R root:root /etc/logcheck
chmod -R a-sx,u=rwX,go=rX /etc/logcheck
# Restrict /var/lib/logcheck and /etc/logcheck
for f in /var/lib/logcheck /etc/logcheck; do
chown logcheck:logcheck "$f" || true
chmod u=rwx,g=rx,o= "$f" || true # drwxr-x---
done
# remove once trixie is stable (see also preinst)
if [ -f /etc/logcheck/header.txt.was-deleted-before-bookworm ]; then
echo "Preserving user-deletion of /etc/logcheck/header.txt -- packaged version is left at /etc/logcheck/header.txt.dpkg-new"
mv -f /etc/logcheck/header.txt /etc/logcheck/header.txt.dpkg-new || true
rm -f /etc/logcheck/header.txt.was-deleted-before-bookworm || true
fi
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
#DEBHELPER#
exit 0
|
