2 # -*- mode:sh; tab-width:8; indent-tabs-mode:nil -*-
4 # postinst script for ceph-mds
6 # see: dh_installdeb(1)
10 # summary of how this script can be called:
12 # postinst configure <most-recently-configured-version>
13 # old-postinst abort-upgrade <new-version>
14 # conflictor's-postinst abort-remove in-favour <package> <new-version>
15 # postinst abort-remove
16 # deconfigured's-postinst abort-deconfigure in-favour <failed-install-package> <version> [<removing conflicting-package> <version>]
19 # for details, see http://www.debian.org/doc/debian-policy/ or
20 # the debian-policy package
23 # Let the admin override these distro-specified defaults. This is NOT
25 [ -f "/etc/default/ceph" ] && .
/etc
/default
/ceph
27 [ -z "$SERVER_HOME" ] && SERVER_HOME
=/var
/lib
/ceph
28 [ -z "$SERVER_USER" ] && SERVER_USER
=ceph
29 [ -z "$SERVER_NAME" ] && SERVER_NAME
="Ceph storage service"
30 [ -z "$SERVER_GROUP" ] && SERVER_GROUP
=ceph
31 [ -z "$SERVER_UID" ] && SERVER_UID
=64045 # alloc by Debian base-passwd maintainer
32 [ -z "$SERVER_GID" ] && SERVER_GID
=$SERVER_UID
35 # Groups that the user will be added to, if undefined, then none.
36 [ -z "$SERVER_ADDGROUP" ] && SERVER_ADDGROUP
=
40 # create user to avoid running server as root
41 # 1. create group if not existing
42 if ! getent group |
grep -q "^$SERVER_GROUP:" ; then
43 echo -n "Adding group $SERVER_GROUP.."
44 addgroup
--quiet --system --gid $SERVER_GID \
45 $SERVER_GROUP 2>/dev
/null ||true
48 # 2. create user if not existing
49 if ! getent passwd |
grep -q "^$SERVER_USER:"; then
50 echo -n "Adding system user $SERVER_USER.."
58 $SERVER_USER 2>/dev
/null || true
61 # 3. adjust passwd entry
62 # NOTE: we should use "adduser --comment" if we don't need to
63 # support adduser <3.136. "adduser --gecos" is deprecated,
64 # and will be removed, so we don't use it. the first distro
65 # using --comment is debian/trixie or ubuntu/mantic.
66 echo -n "Setting system user $SERVER_USER properties.."
67 usermod
--comment "$SERVER_NAME" \
70 # Unlock $SERVER_USER in case it is locked from an uninstall
71 if [ -f /etc
/shadow
]; then
72 usermod
-U -e '' $SERVER_USER
74 usermod
-U $SERVER_USER
78 # 4. adjust file and directory permissions
79 if ! dpkg-statoverride
--list $SERVER_HOME >/dev
/null
; then
80 chown
$SERVER_USER:$SERVER_GROUP $SERVER_HOME
81 chmod u
=rwx
,g
=rx
,o
= $SERVER_HOME
83 if ! dpkg-statoverride
--list /var
/log
/ceph
>/dev
/null
; then
84 # take care not to touch cephadm log subdirs
85 chown
$SERVER_USER:$SERVER_GROUP /var
/log
/ceph
86 chown
$SERVER_USER:$SERVER_GROUP /var
/log
/ceph
/*.log
* || true
87 # members of group ceph can log here, but cannot remove
88 # others' files. non-members cannot read any logs.
89 chmod u
=rwx
,g
=rwxs
,o
=t
/var
/log
/ceph
92 # 5. fix /var/run/ceph
93 if [ -d /var
/run
/ceph
]; then
94 echo -n "Fixing /var/run/ceph ownership.."
95 chown
$SERVER_USER:$SERVER_GROUP /var
/run
/ceph
99 # create /run/ceph. fail softly if systemd isn't present or
101 [ -x /bin
/systemd-tmpfiles
] && systemd-tmpfiles
--create || true
103 abort-upgrade|abort-remove|abort-deconfigure
)
108 echo "postinst called with unknown argument \`$1'" >&2
113 # dh_installdeb will replace this with shell code automatically
114 # generated by other debhelper scripts.