#!/bin/sh

set -e

# inspired by the tor postinst script
# checking vlock group

gid="$(getent group vlock | cut -d ':' -f 3)"

if [ -z "$gid" ]; then
	addgroup --quiet --system vlock
fi

# they are not available anymore, so they can be safely removed if they exist
for i in /usr/sbin/vlock-new /usr/sbin/vlock-current \
	 /usr/sbin/vlock-nosysrq /usr/lib/vlock/modules/new.so; do
	if dpkg-statoverride --list "$i" >/dev/null 2>&1; then
		dpkg-statoverride --remove "$i"
	fi
done

# no statoverrides necessary for the following files anymore
for i in /usr/lib/vlock/modules/all.so /usr/sbin/vlock-main; do
	if dpkg-statoverride --list "$i" >/dev/null 2>&1; then
		dpkg-statoverride --remove "$i"
	fi
done

# privileged modules
for i in /usr/lib/vlock/modules/nosysrq.so; do
	if ! dpkg-statoverride --list "$i" >/dev/null 2>&1; then
		dpkg-statoverride --update --add root vlock 0754 "$i"
	fi
done



exit 0