summaryrefslogtreecommitdiff
path: root/debian/openssh-client.postinst
diff options
context:
space:
mode:
Diffstat (limited to 'debian/openssh-client.postinst')
-rw-r--r--debian/openssh-client.postinst115
1 files changed, 115 insertions, 0 deletions
diff --git a/debian/openssh-client.postinst b/debian/openssh-client.postinst
new file mode 100644
index 000000000..cff282d70
--- /dev/null
+++ b/debian/openssh-client.postinst
@@ -0,0 +1,115 @@
1#!/bin/sh -e
2
3action="$1"
4oldversion="$2"
5
6. /usr/share/debconf/confmodule
7db_version 2.0
8
9umask 022
10
11if [ "$action" != configure ]
12 then
13 exit 0
14fi
15
16
17fix_rsh_diversion() {
18# get rid of mistaken rsh diversion (circa 1.2.27-1)
19
20 if [ -L /usr/bin/rsh ] &&
21 dpkg-divert --list '/usr/bin/rsh.real/rsh' | grep -q ' ssh$' ; then
22 for cmd in rlogin rsh rcp ; do
23 [ -L /usr/bin/$cmd ] && rm /usr/bin/$cmd
24 dpkg-divert --package ssh --remove --rename \
25 --divert /usr/bin/rsh.real/$cmd /usr/bin/$cmd
26
27 [ -L /usr/man/man1/$cmd.1.gz ] && rm /usr/man/man1/$$cmd.1.gz
28 dpkg-divert --package ssh --remove --rename \
29 --divert /usr/man/man1/$cmd.real.1.gz /usr/man/man1/$cmd.1.gz
30 done
31
32 rmdir /usr/bin/rsh.real
33 fi
34}
35
36create_alternatives() {
37# Create alternatives for the various r* tools.
38# Make sure we don't change existing alternatives that a user might have
39# changed, but clean up after some old alternatives that mistakenly pointed
40# rlogin and rcp to ssh.
41 update-alternatives --quiet --remove rlogin /usr/bin/ssh
42 update-alternatives --quiet --remove rcp /usr/bin/ssh
43 for cmd in rsh rlogin rcp; do
44 scmd="s${cmd#r}"
45 if ! update-alternatives --display "$cmd" 2>/dev/null | \
46 grep -q "$scmd"; then
47 update-alternatives --quiet --install "/usr/bin/$cmd" "$cmd" "/usr/bin/$scmd" 20 \
48 --slave "/usr/share/man/man1/$cmd.1.gz" "$cmd.1.gz" "/usr/share/man/man1/$scmd.1.gz"
49 fi
50 done
51}
52
53set_ssh_permissions() {
54 if dpkg --compare-versions "$oldversion" lt-nl 1:3.4p1-1 ; then
55 if [ -x /usr/sbin/dpkg-statoverride ] ; then
56 if dpkg-statoverride --list /usr/bin/ssh >/dev/null; then
57 dpkg-statoverride --remove /usr/bin/ssh >/dev/null
58 fi
59 fi
60 fi
61
62 # libexecdir changed, so migrate old statoverrides.
63 if [ -x /usr/sbin/dpkg-statoverride ] &&
64 override="$(dpkg-statoverride --list /usr/lib/ssh-keysign)"; then
65 override_user="${override%% *}"
66 override="${override#* }"
67 override_group="${override%% *}"
68 override="${override#* }"
69 override_mode="${override%% *}"
70 if dpkg-statoverride --update --add \
71 "$override_user" "$override_group" "$override_mode" \
72 /usr/lib/openssh/ssh-keysign; then
73 dpkg-statoverride --remove /usr/lib/ssh-keysign || true
74 fi
75 fi
76}
77
78fix_ssh_group() {
79 # Try to remove non-system group mistakenly created by 1:3.5p1-1.
80 # set_ssh_agent_permissions() below will re-create it properly.
81 if getent group ssh >/dev/null; then
82 delgroup --quiet ssh || true
83 fi
84}
85
86set_ssh_agent_permissions() {
87 if ! getent group ssh >/dev/null; then
88 addgroup --system --quiet ssh
89 fi
90 if ! [ -x /usr/sbin/dpkg-statoverride ] || \
91 ! dpkg-statoverride --list /usr/bin/ssh-agent >/dev/null ; then
92 chgrp ssh /usr/bin/ssh-agent
93 chmod 2755 /usr/bin/ssh-agent
94 fi
95}
96
97commit_transfer_conffile () {
98 CONFFILE="$1"
99 if [ -e "$CONFFILE.moved-by-preinst" ]; then
100 rm -f "$CONFFILE.moved-by-preinst"
101 fi
102}
103
104
105fix_rsh_diversion
106create_alternatives
107set_ssh_permissions
108if [ "$2" = "1:3.5p1-1" ]; then
109 fix_ssh_group
110fi
111set_ssh_agent_permissions
112commit_transfer_conffile /etc/ssh/moduli
113commit_transfer_conffile /etc/ssh/ssh_config
114
115exit 0