diff options
Diffstat (limited to 'debian/openssh-client.postinst')
-rw-r--r-- | debian/openssh-client.postinst | 115 |
1 files changed, 115 insertions, 0 deletions
diff --git a/debian/openssh-client.postinst b/debian/openssh-client.postinst new file mode 100644 index 000000000..3e33aeb82 --- /dev/null +++ b/debian/openssh-client.postinst | |||
@@ -0,0 +1,115 @@ | |||
1 | #!/bin/sh -e | ||
2 | |||
3 | action="$1" | ||
4 | oldversion="$2" | ||
5 | |||
6 | . /usr/share/debconf/confmodule | ||
7 | db_version 2.0 | ||
8 | |||
9 | umask 022 | ||
10 | |||
11 | if [ "$action" != configure ] | ||
12 | then | ||
13 | exit 0 | ||
14 | fi | ||
15 | |||
16 | |||
17 | fix_rsh_diversion() { | ||
18 | # get rid of mistaken rsh diversion (circa 1.2.27-1) | ||
19 | |||
20 | if [ -L /usr/bin/rsh ] && | ||
21 | dpkg-divert --list '/usr/bin/rsh.real/rsh' | grep -q ' ssh$' ; then | ||
22 | for cmd in rlogin rsh rcp ; do | ||
23 | [ -L /usr/bin/$cmd ] && rm /usr/bin/$cmd | ||
24 | dpkg-divert --package ssh --remove --rename \ | ||
25 | --divert /usr/bin/rsh.real/$cmd /usr/bin/$cmd | ||
26 | |||
27 | [ -L /usr/man/man1/$cmd.1.gz ] && rm /usr/man/man1/$$cmd.1.gz | ||
28 | dpkg-divert --package ssh --remove --rename \ | ||
29 | --divert /usr/man/man1/$cmd.real.1.gz /usr/man/man1/$cmd.1.gz | ||
30 | done | ||
31 | |||
32 | rmdir /usr/bin/rsh.real | ||
33 | fi | ||
34 | } | ||
35 | |||
36 | create_alternatives() { | ||
37 | # Create alternatives for the various r* tools. | ||
38 | # Make sure we don't change existing alternatives that a user might have | ||
39 | # changed, but clean up after some old alternatives that mistakenly pointed | ||
40 | # rlogin and rcp to ssh. | ||
41 | update-alternatives --quiet --remove rlogin /usr/bin/ssh | ||
42 | update-alternatives --quiet --remove rcp /usr/bin/ssh | ||
43 | for cmd in rsh rlogin rcp; do | ||
44 | scmd="s${cmd#r}" | ||
45 | if ! update-alternatives --display "$cmd" | \ | ||
46 | grep -q "$scmd"; then | ||
47 | update-alternatives --quiet --install "/usr/bin/$cmd" "$cmd" "/usr/bin/$scmd" 20 \ | ||
48 | --slave "/usr/share/man/man1/$cmd.1.gz" "$cmd.1.gz" "/usr/share/man/man1/$scmd.1.gz" | ||
49 | fi | ||
50 | done | ||
51 | } | ||
52 | |||
53 | set_ssh_permissions() { | ||
54 | if dpkg --compare-versions "$oldversion" lt-nl 1:3.4p1-1 ; then | ||
55 | if [ -x /usr/sbin/dpkg-statoverride ] ; then | ||
56 | if dpkg-statoverride --list /usr/bin/ssh >/dev/null; then | ||
57 | dpkg-statoverride --remove /usr/bin/ssh >/dev/null | ||
58 | fi | ||
59 | fi | ||
60 | fi | ||
61 | |||
62 | # libexecdir changed, so migrate old statoverrides. | ||
63 | if [ -x /usr/sbin/dpkg-statoverride ] && | ||
64 | override="$(dpkg-statoverride --list /usr/lib/ssh-keysign)"; then | ||
65 | override_user="${override%% *}" | ||
66 | override="${override#* }" | ||
67 | override_group="${override%% *}" | ||
68 | override="${override#* }" | ||
69 | override_mode="${override%% *}" | ||
70 | if dpkg-statoverride --update --add \ | ||
71 | "$override_user" "$override_group" "$override_mode" \ | ||
72 | /usr/lib/openssh/ssh-keysign; then | ||
73 | dpkg-statoverride --remove /usr/lib/ssh-keysign || true | ||
74 | fi | ||
75 | fi | ||
76 | } | ||
77 | |||
78 | fix_ssh_group() { | ||
79 | # Try to remove non-system group mistakenly created by 1:3.5p1-1. | ||
80 | # set_ssh_agent_permissions() below will re-create it properly. | ||
81 | if getent group ssh >/dev/null; then | ||
82 | delgroup --quiet ssh || true | ||
83 | fi | ||
84 | } | ||
85 | |||
86 | set_ssh_agent_permissions() { | ||
87 | if ! getent group ssh >/dev/null; then | ||
88 | addgroup --system --quiet ssh | ||
89 | fi | ||
90 | if ! [ -x /usr/sbin/dpkg-statoverride ] || \ | ||
91 | ! dpkg-statoverride --list /usr/bin/ssh-agent >/dev/null ; then | ||
92 | chgrp ssh /usr/bin/ssh-agent | ||
93 | chmod 2755 /usr/bin/ssh-agent | ||
94 | fi | ||
95 | } | ||
96 | |||
97 | commit_transfer_conffile () { | ||
98 | CONFFILE="$1" | ||
99 | if [ -e "$CONFFILE.moved-by-preinst" ]; then | ||
100 | rm -f "$CONFFILE.moved-by-preinst" | ||
101 | fi | ||
102 | } | ||
103 | |||
104 | |||
105 | fix_rsh_diversion | ||
106 | create_alternatives | ||
107 | set_ssh_permissions | ||
108 | if [ "$2" = "1:3.5p1-1" ]; then | ||
109 | fix_ssh_group | ||
110 | fi | ||
111 | set_ssh_agent_permissions | ||
112 | commit_transfer_conffile /etc/ssh/moduli | ||
113 | commit_transfer_conffile /etc/ssh/ssh_config | ||
114 | |||
115 | exit 0 | ||