#!/bin/sh
set -e

OUT=/dev/null
VERSION=`dpkg-query -W pki-server | sed 's/.*\t//;s/-.*//;s/+git.*//;s/+[0-9][0-9]//'`

if [ "$1" = configure ]; then
    # lets give them a user/group in all cases.
    if ! getent passwd pkiuser  > $OUT; then
        adduser --quiet --system --home /var/lib/pki \
            --shell /usr/sbin/nologin --group \
            --no-create-home --gecos "CA System User" \
           pkiuser > $OUT
    fi
fi

invoke_failure() {
    # invoke-rc.d failed, likely because no instance has been configured yet
    # but exit with an error if an instance is configured and the invoke failed
    if [ ! -d /etc/pki/pki-tomcat ]; then
        echo "pki-tomcatd start failed because no instance has been configured yet"
    else
        exit 1
    fi
}

# CVE-2021-3551
# Remove world access from existing installation logs
find /var/log/pki -maxdepth 1 -type f -exec chmod o-rwx {} \;



# Automatically added by dh_python3
if command -v py3compile >/dev/null 2>&1; then
	py3compile -p pki-server:amd64 
fi
if command -v pypy3compile >/dev/null 2>&1; then
	pypy3compile -p pki-server:amd64  || true
fi

# End automatically added section