File: postgresql-common.postinst

package info (click to toggle)
postgresql-common 71
  • links: PTS
  • area: main
  • in suites: etch, etch-m68k
  • size: 584 kB
  • ctags: 96
  • sloc: perl: 2,158; sh: 215; makefile: 12
file content (82 lines) | stat: -rw-r--r-- 2,464 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
 
#!/bin/sh -e
. /usr/share/debconf/confmodule
db_stop

SSL_ROOT=/etc/postgresql-common/root.crt

if [ "$1" = configure ]; then
    # Make sure the administrative user exists
    if ! getent passwd postgres > /dev/null; then
        adduser --system --quiet --home /var/lib/postgresql \
            --shell /bin/bash --group --gecos "PostgreSQL administrator" postgres
    fi

    # check validity of postgres user and group
    if [ "`id -u postgres`" -eq 0 ]; then
        echo "The postgres system user must not have uid 0 (root).
Please fix this and reinstall this package." >&2
        exit 1
    fi
    if [ "`id -g postgres`" -eq 0 ]; then
        echo "The postgres system user must not have root as primary group.
Please fix this and reinstall this package." >&2
        exit 1
    fi

    # ensure home directory ownership
    chown postgres:postgres /var/lib/postgresql

    # create socket directory
    [ -d /var/run/postgresql ] || \
       install -d -m 2775 -o postgres -g postgres /var/run/postgresql

    # create default dummy root.crt if not present
    if ! [ -e "$SSL_ROOT" ]; then
        cat > "$SSL_ROOT" <<EOF
This is a dummy root certificate file for PostgreSQL. To enable client side
authentication, add some certificates to it. Client certificates must be signed
with any certificate in this file to be accepted. 

A reasonable choice is to just symlink this file to
/etc/ssl/certs/ssl-cert-snakeoil.pem; in this case, client certificates need to
be signed by the postgresql server certificate, which might be desirable in
many cases. See

  file:///usr/share/doc/postgresql-doc-8.0/html/ssl-tcp.html

for details (in package postgresql-doc-8.0).
EOF
    fi

    # Add postgres user to the ssl-cert group on upgrades or fresh installs
    if dpkg --compare-versions "$2" lt "52"; then
	if getent group ssl-cert >/dev/null; then
	    adduser --quiet postgres ssl-cert
	fi
    fi

    # restart all servers
    if dpkg --compare-versions "$2" lt-nl 53; then
	if [ -d /usr/lib/postgresql/ ]; then
	    for v in $(ls /usr/lib/postgresql/); do
		if [ -x "/etc/init.d/postgresql-$v" ]; then
			if [ -x /usr/sbin/invoke-rc.d ]; then
				invoke-rc.d postgresql-$v restart || exit 0
			else
				/etc/init.d/postgresql-$v restart || exit 0
			fi
		fi
	    done
	fi
    fi

    if [ "$2" ]; then
        /usr/share/postgresql-common/run-upgrade-scripts "$2" || true
    fi

    /usr/share/postgresql-common/pg_checksystem || true
fi


#DEBHELPER#