#!/bin/sh # postinst script for sssd # # see: dh_installdeb(1) set -e # summary of how this script can be called: # * `configure' # * `abort-upgrade' # * `abort-remove' `in-favour' # # * `abort-remove' # * `abort-deconfigure' `in-favour' # `removing' # # for details, see http://www.debian.org/doc/debian-policy/ or # the debian-policy package OUT=/dev/null HOME=/var/lib/sss LIBDIR=/usr/libexec/sssd case "$1" in configure) if ! getent passwd sssd > $OUT; then echo "Creating SSSD system user & group..." adduser --quiet --system --home $HOME \ --disabled-password --group \ --gecos "SSSD system user" \ sssd > $OUT fi chown -R root:root \ $HOME/db \ $HOME/gpo_cache \ $HOME/mc \ $HOME/pipes \ $HOME/pipes/private \ $HOME/pubconf \ $HOME/secrets \ /etc/sssd \ /var/log/sssd # for easier review keep the same order as on sssd.spec chmod 700 $HOME/db chmod 775 $HOME/mc chmod 700 $HOME/secrets chmod 751 $HOME/deskprofile chmod 755 $HOME/pipes chmod 750 $HOME/pipes/private chmod 755 $HOME/pubconf chmod 755 $HOME/gpo_cache chmod 750 /var/log/sssd chmod 700 /etc/sssd chmod 711 /etc/sssd if [ -f /etc/sssd/sssd.conf ]; then chown root:root /etc/sssd/sssd.conf chmod 0600 /etc/sssd/sssd.conf fi ;; abort-upgrade|abort-remove|abort-deconfigure) ;; *) echo "postinst called with unknown argument \`$1'" >&2 exit 1 ;; esac invoke_failure() { # invoke-rc.d failed, likely because of a missing sssd.conf if [ ! -s /etc/sssd/sssd.conf ]; then echo "... because /etc/sssd/sssd.conf is not available yet" fi } # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. # Automatically added by dh_apparmor/3.0.13-2 if [ "$1" = "configure" ]; then APP_PROFILE="/etc/apparmor.d/usr.sbin.sssd" if [ -f "$APP_PROFILE" ]; then # Add the local/ include LOCAL_APP_PROFILE="/etc/apparmor.d/local/usr.sbin.sssd" test -e "$LOCAL_APP_PROFILE" || { mkdir -p `dirname "$LOCAL_APP_PROFILE"` install --mode 644 /dev/null "$LOCAL_APP_PROFILE" } # Reload the profile, including any abstraction updates if aa-enabled --quiet 2>/dev/null; then apparmor_parser -r -T -W "$APP_PROFILE" || true fi fi fi # End automatically added section # Automatically added by dh_installinit/13.15.3 if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then if [ -z "${DPKG_ROOT:-}" ] && [ -x "/etc/init.d/sssd" ]; then update-rc.d sssd defaults >/dev/null if [ -n "$2" ]; then _dh_action=restart else _dh_action=start fi invoke-rc.d --skip-systemd-native sssd $_dh_action || invoke_failure fi fi # End automatically added section # Automatically added by dh_installsystemd/13.15.3 if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then # The following line should be removed in trixie or trixie+1 deb-systemd-helper unmask 'sssd-autofs.service' >/dev/null || true # was-enabled defaults to true, so new installations run enable. if deb-systemd-helper --quiet was-enabled 'sssd-autofs.service'; then # Enables the unit on first installation, creates new # symlinks on upgrades if the unit file has changed. deb-systemd-helper enable 'sssd-autofs.service' >/dev/null || true else # Update the statefile to add new symlinks (if any), which need to be # cleaned up on purge. Also remove old symlinks. deb-systemd-helper update-state 'sssd-autofs.service' >/dev/null || true fi fi # End automatically added section # Automatically added by dh_installsystemd/13.15.3 if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then # The following line should be removed in trixie or trixie+1 deb-systemd-helper unmask 'sssd-autofs.socket' >/dev/null || true # was-enabled defaults to true, so new installations run enable. if deb-systemd-helper --quiet was-enabled 'sssd-autofs.socket'; then # Enables the unit on first installation, creates new # symlinks on upgrades if the unit file has changed. deb-systemd-helper enable 'sssd-autofs.socket' >/dev/null || true else # Update the statefile to add new symlinks (if any), which need to be # cleaned up on purge. Also remove old symlinks. deb-systemd-helper update-state 'sssd-autofs.socket' >/dev/null || true fi fi # End automatically added section # Automatically added by dh_installsystemd/13.15.3 if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then # The following line should be removed in trixie or trixie+1 deb-systemd-helper unmask 'sssd-nss.service' >/dev/null || true # was-enabled defaults to true, so new installations run enable. if deb-systemd-helper --quiet was-enabled 'sssd-nss.service'; then # Enables the unit on first installation, creates new # symlinks on upgrades if the unit file has changed. deb-systemd-helper enable 'sssd-nss.service' >/dev/null || true else # Update the statefile to add new symlinks (if any), which need to be # cleaned up on purge. Also remove old symlinks. deb-systemd-helper update-state 'sssd-nss.service' >/dev/null || true fi fi # End automatically added section # Automatically added by dh_installsystemd/13.15.3 if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then # The following line should be removed in trixie or trixie+1 deb-systemd-helper unmask 'sssd-nss.socket' >/dev/null || true # was-enabled defaults to true, so new installations run enable. if deb-systemd-helper --quiet was-enabled 'sssd-nss.socket'; then # Enables the unit on first installation, creates new # symlinks on upgrades if the unit file has changed. deb-systemd-helper enable 'sssd-nss.socket' >/dev/null || true else # Update the statefile to add new symlinks (if any), which need to be # cleaned up on purge. Also remove old symlinks. deb-systemd-helper update-state 'sssd-nss.socket' >/dev/null || true fi fi # End automatically added section # Automatically added by dh_installsystemd/13.15.3 if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then # The following line should be removed in trixie or trixie+1 deb-systemd-helper unmask 'sssd-pam-priv.socket' >/dev/null || true # was-enabled defaults to true, so new installations run enable. if deb-systemd-helper --quiet was-enabled 'sssd-pam-priv.socket'; then # Enables the unit on first installation, creates new # symlinks on upgrades if the unit file has changed. deb-systemd-helper enable 'sssd-pam-priv.socket' >/dev/null || true else # Update the statefile to add new symlinks (if any), which need to be # cleaned up on purge. Also remove old symlinks. deb-systemd-helper update-state 'sssd-pam-priv.socket' >/dev/null || true fi fi # End automatically added section # Automatically added by dh_installsystemd/13.15.3 if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then # The following line should be removed in trixie or trixie+1 deb-systemd-helper unmask 'sssd-pam.service' >/dev/null || true # was-enabled defaults to true, so new installations run enable. if deb-systemd-helper --quiet was-enabled 'sssd-pam.service'; then # Enables the unit on first installation, creates new # symlinks on upgrades if the unit file has changed. deb-systemd-helper enable 'sssd-pam.service' >/dev/null || true else # Update the statefile to add new symlinks (if any), which need to be # cleaned up on purge. Also remove old symlinks. deb-systemd-helper update-state 'sssd-pam.service' >/dev/null || true fi fi # End automatically added section # Automatically added by dh_installsystemd/13.15.3 if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then # The following line should be removed in trixie or trixie+1 deb-systemd-helper unmask 'sssd-pam.socket' >/dev/null || true # was-enabled defaults to true, so new installations run enable. if deb-systemd-helper --quiet was-enabled 'sssd-pam.socket'; then # Enables the unit on first installation, creates new # symlinks on upgrades if the unit file has changed. deb-systemd-helper enable 'sssd-pam.socket' >/dev/null || true else # Update the statefile to add new symlinks (if any), which need to be # cleaned up on purge. Also remove old symlinks. deb-systemd-helper update-state 'sssd-pam.socket' >/dev/null || true fi fi # End automatically added section # Automatically added by dh_installsystemd/13.15.3 if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then # The following line should be removed in trixie or trixie+1 deb-systemd-helper unmask 'sssd-ssh.service' >/dev/null || true # was-enabled defaults to true, so new installations run enable. if deb-systemd-helper --quiet was-enabled 'sssd-ssh.service'; then # Enables the unit on first installation, creates new # symlinks on upgrades if the unit file has changed. deb-systemd-helper enable 'sssd-ssh.service' >/dev/null || true else # Update the statefile to add new symlinks (if any), which need to be # cleaned up on purge. Also remove old symlinks. deb-systemd-helper update-state 'sssd-ssh.service' >/dev/null || true fi fi # End automatically added section # Automatically added by dh_installsystemd/13.15.3 if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then # The following line should be removed in trixie or trixie+1 deb-systemd-helper unmask 'sssd-ssh.socket' >/dev/null || true # was-enabled defaults to true, so new installations run enable. if deb-systemd-helper --quiet was-enabled 'sssd-ssh.socket'; then # Enables the unit on first installation, creates new # symlinks on upgrades if the unit file has changed. deb-systemd-helper enable 'sssd-ssh.socket' >/dev/null || true else # Update the statefile to add new symlinks (if any), which need to be # cleaned up on purge. Also remove old symlinks. deb-systemd-helper update-state 'sssd-ssh.socket' >/dev/null || true fi fi # End automatically added section # Automatically added by dh_installsystemd/13.15.3 if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then # The following line should be removed in trixie or trixie+1 deb-systemd-helper unmask 'sssd-sudo.service' >/dev/null || true # was-enabled defaults to true, so new installations run enable. if deb-systemd-helper --quiet was-enabled 'sssd-sudo.service'; then # Enables the unit on first installation, creates new # symlinks on upgrades if the unit file has changed. deb-systemd-helper enable 'sssd-sudo.service' >/dev/null || true else # Update the statefile to add new symlinks (if any), which need to be # cleaned up on purge. Also remove old symlinks. deb-systemd-helper update-state 'sssd-sudo.service' >/dev/null || true fi fi # End automatically added section # Automatically added by dh_installsystemd/13.15.3 if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then # The following line should be removed in trixie or trixie+1 deb-systemd-helper unmask 'sssd-sudo.socket' >/dev/null || true # was-enabled defaults to true, so new installations run enable. if deb-systemd-helper --quiet was-enabled 'sssd-sudo.socket'; then # Enables the unit on first installation, creates new # symlinks on upgrades if the unit file has changed. deb-systemd-helper enable 'sssd-sudo.socket' >/dev/null || true else # Update the statefile to add new symlinks (if any), which need to be # cleaned up on purge. Also remove old symlinks. deb-systemd-helper update-state 'sssd-sudo.socket' >/dev/null || true fi fi # End automatically added section # Automatically added by dh_installsystemd/13.15.3 if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then # The following line should be removed in trixie or trixie+1 deb-systemd-helper unmask 'sssd.service' >/dev/null || true # was-enabled defaults to true, so new installations run enable. if deb-systemd-helper --quiet was-enabled 'sssd.service'; then # Enables the unit on first installation, creates new # symlinks on upgrades if the unit file has changed. deb-systemd-helper enable 'sssd.service' >/dev/null || true else # Update the statefile to add new symlinks (if any), which need to be # cleaned up on purge. Also remove old symlinks. deb-systemd-helper update-state 'sssd.service' >/dev/null || true fi fi # End automatically added section # Automatically added by dh_installsystemd/13.15.3 if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then if [ -d /run/systemd/system ]; then systemctl --system daemon-reload >/dev/null || true if [ -n "$2" ]; then _dh_action=restart else _dh_action=start fi deb-systemd-invoke $_dh_action 'sssd-autofs.service' 'sssd-autofs.socket' 'sssd-nss.service' 'sssd-nss.socket' 'sssd-pam-priv.socket' 'sssd-pam.service' 'sssd-pam.socket' 'sssd-ssh.service' 'sssd-ssh.socket' 'sssd-sudo.service' 'sssd-sudo.socket' 'sssd.service' >/dev/null || true fi fi # End automatically added section exit 0