projects / mirror_frr.git / blame
| Commit | Line | Data |
|---|---|---|
| d29f324a | 1 | #!/bin/sh |
| 9a1c48e8 | 2 | set -e |
| d8e4c438 | 3 | |
| d29f324a DL |
4 | # most of this file makes sense to execute regardless of whether this is any |
| 5 | # of normal "configure" or error-handling "abort-upgrade", "abort-remove" or | |
| 6 | # "abort-deconfigure" | |
| d8e4c438 | 7 | |
| d29f324a DL |
8 | addgroup --system frrvty |
| 9 | addgroup --system frr | |
| 10 | adduser \ | |
| 11 | --system \ | |
| 12 | --ingroup frr \ | |
| 13 | --home /nonexistent \ | |
| 14 | --gecos "Frr routing suite" \ | |
| 9ada5ead | 15 | --no-create-home \ |
| d29f324a DL |
16 | frr |
| 17 | usermod -a -G frrvty frr | |
| d8e4c438 | 18 | |
| d29f324a DL |
19 | mkdir -p /var/log/frr |
| 20 | mkdir -p /etc/frr | |
| d8e4c438 | 21 | |
| d8e4c438 | 22 | |
| d29f324a DL |
23 | # only change ownership of files when they were previously owned by root or |
| 24 | # quagga; this is to ensure we don't trample over some custom user setup. | |
| 25 | # | |
| 26 | # if we are on a freshly installed package (or we added new configfiles), | |
| 27 | # the files should be owned by root by default so we should end up with "frr" | |
| 28 | # owned configfiles. | |
| d8e4c438 | 29 | |
| d29f324a DL |
30 | quaggauid=`id -u quagga 2>/dev/null || echo 0` |
| 31 | quaggagid=`id -g quagga 2>/dev/null || echo 0` | |
| d8e4c438 | 32 | |
| d29f324a DL |
33 | find \ |
| 34 | /etc/frr \ | |
| 35 | /var/log/frr \ | |
| 36 | \( -uid 0 -o -uid $quaggauid \) -a \ | |
| 37 | \( -gid 0 -o -gid $quaggauid \) | \ | |
| 38 | while read filename; do | |
| 39 | ||
| 40 | # don't chown anything that has ACLs (but don't fail if we don't | |
| 41 | # have getfacl) | |
| 42 | if { getfacl -c "$filename" 2>/dev/null || true; } \ | |
| 43 | | egrep -q -v '^((user|group|other)::|$)'; then | |
| 44 | : | |
| 45 | else | |
| 46 | chown frr: "$filename" | |
| 47 | chmod o-rwx "$filename" | |
| 48 | fi | |
| 49 | done | |
| 50 | ||
| 51 | # fix misconfigured vtysh.conf & frr.conf ownership set up by some inofficial | |
| 52 | # ("pre"-Debian) packages | |
| 53 | find /etc/frr -maxdepth 1 \( -name vtysh.conf -o -name frr.conf \) \ | |
| 54 | -group frrvty -exec chgrp frr {} \; | |
| d8e4c438 | 55 | |
| d29f324a DL |
56 | check_old_config() { |
| 57 | oldcfg="$1" | |
| 58 | [ -r "$oldcfg" ] || return 0 | |
| 59 | [ -s "$oldcfg" ] || return 0 | |
| 60 | grep -v '^[[:blank:]]*\(#\|$\)' "$oldcfg" > /dev/null || return 0 | |
| 61 | ||
| 62 | cat >&2 <<EOF | |
| 63 | Note: deprecated $oldcfg is present. This file is still read by | |
| 64 | the FRR service but its contents should be migrated to /etc/frr/daemons. | |
| 65 | EOF | |
| 66 | } | |
| 67 | ||
| f673b4f6 DL |
68 | rmsum() { |
| 69 | fname="$1" | |
| 70 | test -f "$1" || return 0 | |
| 71 | fhash="`sha1sum \"$fname\"`" | |
| 72 | fhash="${fhash%% *}" | |
| 73 | if test "$fhash" = "$2"; then | |
| 74 | rm "$fname" | |
| 75 | fi | |
| 76 | } | |
| 77 | ||
| d29f324a DL |
78 | case "$1" in |
| 79 | configure) | |
| 80 | check_old_config /etc/frr/daemons.conf | |
| 81 | check_old_config /etc/default/frr | |
| f673b4f6 DL |
82 | if test -f /etc/frr/.pkg.frr.nointegrated; then |
| 83 | # remove integrated config setup | |
| 84 | # (if checksums match, the files match freshly installed | |
| 85 | # defaults, but the user has split config in place) | |
| 86 | rmsum /etc/frr/vtysh.conf 5e7e3a488c51751e1ff98f27c9ad6085e1ad9cbb | |
| 87 | rmsum /etc/frr/frr.conf dac6f2af4fca9919ba40eb338885a5d1773195c8 | |
| 88 | rm /etc/frr/.pkg.frr.nointegrated | |
| 89 | fi | |
| d29f324a DL |
90 | ;; |
| 91 | esac | |
| 92 | ||
| 93 | #DEBHELPER# |