diff options
Diffstat (limited to 'debian/openssh-client.postinst')
-rw-r--r-- | debian/openssh-client.postinst | 104 |
1 files changed, 104 insertions, 0 deletions
diff --git a/debian/openssh-client.postinst b/debian/openssh-client.postinst new file mode 100644 index 000000000..2168dc1f1 --- /dev/null +++ b/debian/openssh-client.postinst | |||
@@ -0,0 +1,104 @@ | |||
1 | #!/bin/sh -e | ||
2 | |||
3 | action="$1" | ||
4 | oldversion="$2" | ||
5 | |||
6 | . /usr/share/debconf/confmodule | ||
7 | db_version 2.0 | ||
8 | |||
9 | umask 022 | ||
10 | |||
11 | if [ "$action" != configure ] | ||
12 | then | ||
13 | exit 0 | ||
14 | fi | ||
15 | |||
16 | |||
17 | fix_rsh_diversion() { | ||
18 | # get rid of mistaken rsh diversion (circa 1.2.27-1) | ||
19 | |||
20 | if [ -L /usr/bin/rsh ] && | ||
21 | dpkg-divert --list '/usr/bin/rsh.real/rsh' | grep -q ' ssh$' ; then | ||
22 | for cmd in rlogin rsh rcp ; do | ||
23 | [ -L /usr/bin/$cmd ] && rm /usr/bin/$cmd | ||
24 | dpkg-divert --package ssh --remove --rename \ | ||
25 | --divert /usr/bin/rsh.real/$cmd /usr/bin/$cmd | ||
26 | |||
27 | [ -L /usr/man/man1/$cmd.1.gz ] && rm /usr/man/man1/$$cmd.1.gz | ||
28 | dpkg-divert --package ssh --remove --rename \ | ||
29 | --divert /usr/man/man1/$cmd.real.1.gz /usr/man/man1/$cmd.1.gz | ||
30 | done | ||
31 | |||
32 | rmdir /usr/bin/rsh.real | ||
33 | fi | ||
34 | } | ||
35 | |||
36 | create_alternatives() { | ||
37 | # Create alternatives for the various r* tools. | ||
38 | # Make sure we don't change existing alternatives that a user might have | ||
39 | # changed, but clean up after some old alternatives that mistakenly pointed | ||
40 | # rlogin and rcp to ssh. | ||
41 | update-alternatives --quiet --remove rlogin /usr/bin/ssh | ||
42 | update-alternatives --quiet --remove rcp /usr/bin/ssh | ||
43 | for cmd in rsh rlogin rcp; do | ||
44 | scmd="s${cmd#r}" | ||
45 | if ! update-alternatives --display "$cmd" | \ | ||
46 | grep -q "$scmd"; then | ||
47 | update-alternatives --quiet --install "/usr/bin/$cmd" "$cmd" "/usr/bin/$scmd" 20 \ | ||
48 | --slave "/usr/share/man/man1/$cmd.1.gz" "$cmd.1.gz" "/usr/share/man/man1/$scmd.1.gz" | ||
49 | fi | ||
50 | done | ||
51 | } | ||
52 | |||
53 | set_ssh_permissions() { | ||
54 | if dpkg --compare-versions "$oldversion" lt-nl 1:3.4p1-1 ; then | ||
55 | if [ -x /usr/sbin/dpkg-statoverride ] ; then | ||
56 | if dpkg-statoverride --list /usr/bin/ssh >/dev/null; then | ||
57 | dpkg-statoverride --remove /usr/bin/ssh >/dev/null | ||
58 | fi | ||
59 | fi | ||
60 | fi | ||
61 | |||
62 | if [ ! -x /usr/sbin/dpkg-statoverride ] || \ | ||
63 | ! dpkg-statoverride --list /usr/lib/ssh-keysign >/dev/null ; then | ||
64 | db_get ssh/SUID_client | ||
65 | if [ "$RET" = "false" ] ; then | ||
66 | chmod 0755 /usr/lib/ssh-keysign | ||
67 | elif [ "$RET" = "true" ] ; then | ||
68 | chmod 4755 /usr/lib/ssh-keysign | ||
69 | fi | ||
70 | fi | ||
71 | } | ||
72 | |||
73 | fix_ssh_group() { | ||
74 | # Try to remove non-system group mistakenly created by 1:3.5p1-1. | ||
75 | # set_ssh_agent_permissions() below will re-create it properly. | ||
76 | if getent group ssh >/dev/null; then | ||
77 | delgroup --quiet ssh || true | ||
78 | fi | ||
79 | } | ||
80 | |||
81 | set_ssh_agent_permissions() { | ||
82 | if ! getent group ssh >/dev/null; then | ||
83 | addgroup --system --quiet ssh | ||
84 | fi | ||
85 | if ! [ -x /usr/sbin/dpkg-statoverride ] || \ | ||
86 | ! dpkg-statoverride --list /usr/bin/ssh-agent >/dev/null ; then | ||
87 | chgrp ssh /usr/bin/ssh-agent | ||
88 | chmod 2755 /usr/bin/ssh-agent | ||
89 | fi | ||
90 | } | ||
91 | |||
92 | |||
93 | fix_rsh_diversion | ||
94 | create_alternatives | ||
95 | set_ssh_permissions | ||
96 | if [ "$2" = "1:3.5p1-1" ]; then | ||
97 | fix_ssh_group | ||
98 | fi | ||
99 | set_ssh_agent_permissions | ||
100 | |||
101 | |||
102 | db_stop | ||
103 | |||
104 | exit 0 | ||