]> git.proxmox.com Git - ceph.git/blob - ceph/debian/ceph-common.postinst
projects / ceph.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
reorder keyring used by ceph-crash favoring non-host-specific keyring
[ceph.git] / ceph / debian / ceph-common.postinst
1 #!/bin/sh
2 # -*- mode:sh; tab-width:8; indent-tabs-mode:nil -*-
3 # vim: set noet ts=8:
4 # postinst script for ceph-mds
5 #
6 # see: dh_installdeb(1)
7
8 set -e
9
10 # summary of how this script can be called:
11 #
12 # postinst configure <most-recently-configured-version>
13 # old-postinst abort-upgrade <new-version>
14 # conflictor's-postinst abort-remove in-favour <package> <new-version>
15 # postinst abort-remove
16 # deconfigured's-postinst abort-deconfigure in-favour <failed-install-package> <version> [<removing conflicting-package> <version>]
17 #
18
19 # for details, see http://www.debian.org/doc/debian-policy/ or
20 # the debian-policy package
21
22
23 # Let the admin override these distro-specified defaults. This is NOT
24 # recommended!
25 [ -f "/etc/default/ceph" ] && . /etc/default/ceph
26
27 [ -z "$SERVER_HOME" ] && SERVER_HOME=/var/lib/ceph
28 [ -z "$SERVER_USER" ] && SERVER_USER=ceph
29 [ -z "$SERVER_NAME" ] && SERVER_NAME="Ceph storage service"
30 [ -z "$SERVER_GROUP" ] && SERVER_GROUP=ceph
31 [ -z "$SERVER_UID" ] && SERVER_UID=64045 # alloc by Debian base-passwd maintainer
32 [ -z "$SERVER_GID" ] && SERVER_GID=$SERVER_UID
33
34
35 # Groups that the user will be added to, if undefined, then none.
36 [ -z "$SERVER_ADDGROUP" ] && SERVER_ADDGROUP=
37
38 case "$1" in
39 configure)
40 # create user to avoid running server as root
41 # 1. create group if not existing
42 if ! getent group | grep -q "^$SERVER_GROUP:" ; then
43 echo -n "Adding group $SERVER_GROUP.."
44 addgroup --quiet --system --gid $SERVER_GID \
45 $SERVER_GROUP 2>/dev/null ||true
46 echo "..done"
47 fi
48 # 2. create user if not existing
49 if ! getent passwd | grep -q "^$SERVER_USER:"; then
50 echo -n "Adding system user $SERVER_USER.."
51 adduser --quiet \
52 --system \
53 --no-create-home \
54 --disabled-password \
55 --uid $SERVER_UID \
56 --gid $SERVER_GID \
57 $SERVER_USER 2>/dev/null || true
58 echo "..done"
59 fi
60 # 3. adjust passwd entry
61 echo -n "Setting system user $SERVER_USER properties.."
62 usermod -c "$SERVER_NAME" \
63 -d $SERVER_HOME \
64 -g $SERVER_GROUP \
65 $SERVER_USER
66 # Unlock $SERVER_USER in case it is locked from an uninstall
67 if [ -f /etc/shadow ]; then
68 usermod -U -e '' $SERVER_USER
69 else
70 usermod -U $SERVER_USER
71 fi
72 echo "..done"
73
74 # 4. adjust file and directory permissions
75 if ! dpkg-statoverride --list $SERVER_HOME >/dev/null; then
76 chown $SERVER_USER:$SERVER_GROUP $SERVER_HOME
77 chmod u=rwx,g=rx,o= $SERVER_HOME
78 fi
79 if ! dpkg-statoverride --list /var/log/ceph >/dev/null; then
80 # take care not to touch cephadm log subdirs
81 chown $SERVER_USER:$SERVER_GROUP /var/log/ceph
82 chown $SERVER_USER:$SERVER_GROUP /var/log/ceph/*.log* || true
83 # members of group ceph can log here, but cannot remove
84 # others' files. non-members cannot read any logs.
85 chmod u=rwx,g=rwxs,o=t /var/log/ceph
86 fi
87
88 # 5. fix /var/run/ceph
89 if [ -d /var/run/ceph ]; then
90 echo -n "Fixing /var/run/ceph ownership.."
91 chown $SERVER_USER:$SERVER_GROUP /var/run/ceph
92 echo "..done"
93 fi
94
95 # create /run/ceph. fail softly if systemd isn't present or
96 # something.
97 [ -x /bin/systemd-tmpfiles ] && systemd-tmpfiles --create || true
98 ;;
99 abort-upgrade|abort-remove|abort-deconfigure)
100 :
101 ;;
102
103 *)
104 echo "postinst called with unknown argument \`$1'" >&2
105 exit 1
106 ;;
107 esac
108
109 # dh_installdeb will replace this with shell code automatically
110 # generated by other debhelper scripts.
111
112 #DEBHELPER#
113
114 exit 0
Ceph