-#!/bin/bash
+#!/bin/sh
-# Abort if any command returns an error value
+# Abort if any command returns an error value
set -e
-# This script is called as the last step of the installation of the
-# package. All the package's files are in place, dpkg has already
-# done its automatic conffile handling, and all the packages we depend
-# of are already fully installed and configured.
+# This script is called as the last step of the installation of the package.
+# All the package's files are in place, dpkg has already done its automatic
+# conffile handling, and all the packages we depend of are already fully
+# installed and configured.
-# The following idempotent stuff doesn't generally need protecting
-# against being run in the abort-* cases.
+set_lvm_conf() {
+ local FORCE="$1"
+ LVM_CONF_MARKER="# added by pve-manager to avoid scanning"
-# Use debconf. (installs templates)
-. /usr/share/debconf/confmodule
-# all done with debconf here.
-db_stop
+ # keep user changes afterwards provided marker is still there..
+ if grep -qLF "$LVM_CONF_MARKER" /etc/lvm/lvm.conf && test -z "$FORCE"; then
+ return 0 # only do these changes once
+ fi
+
+ export LVM_SUPPRESS_FD_WARNINGS=1
+
+ OLD_VALUE="$(lvmconfig --typeconfig diff devices/global_filter || true)"
+ NEW_VALUE='global_filter=["r|/dev/zd.*|","r|/dev/rbd.*|"]'
+
+ # update global_filter if:
+ # it is empty and there is no marker OR exactly the one we set before 8.1.4
+ if (! grep -qF "$LVM_CONF_MARKER" /etc/lvm/lvm.conf && test -z "$OLD_VALUE")\
+ || (echo "$OLD_VALUE" | grep -qF '="r|/dev/zd.*|"');
+ then
+ SET_FILTER=1
+ BACKUP=1
+ # print warning if global_filter is set but not our old/new default
+ elif test -n "$OLD_VALUE"\
+ && ! echo "$OLD_VALUE" | grep -qF '="r|/dev/zd.*|"'\
+ && ! echo "$OLD_VALUE" | grep -qF "$NEW_VALUE";
+ then
+ echo "non-default 'global_filter' value '$OLD_VALUE' in /etc/lvm/lvm.conf, not setting '$NEW_VALUE' automatically"
+ echo "consider adapting your 'global_filter' manually."
+ fi
+ # should be the default since bullseye
+ if lvmconfig --typeconfig full devices/scan_lvs | grep -qv 'scan_lvs=0'; then
+ SET_SCAN_LVS=1
+ BACKUP=1
+ fi
+ if test -n "$BACKUP"; then
+ echo "Backing up lvm.conf before setting pve-manager specific settings.."
+ cp -vb /etc/lvm/lvm.conf /etc/lvm/lvm.conf.bak
+ fi
+ if test -n "$SET_FILTER"; then
+ echo "Setting 'global_filter' in /etc/lvm/lvm.conf to prevent zvols and rbds from being scanned:"
+ echo "$OLD_VALUE => $NEW_VALUE"
+ if test -n "$OLD_VALUE"; then
+ sed -i -e "s/$LVM_CONF_MARKER ZFS zvols/$LVM_CONF_MARKER ZFS zvols and Ceph rbds/" /etc/lvm/lvm.conf
+ sed -i -e "s!^\([[:space:]]*\)\(global_filter[[:space:]]*=.*\)\$!\1# \2\n\1$NEW_VALUE!" /etc/lvm/lvm.conf
+ else
+ cat >> /etc/lvm/lvm.conf <<EOF
+devices {
+ $LVM_CONF_MARKER ZFS zvols and Ceph rbds
+ $NEW_VALUE
+}
+EOF
+ fi
+ fi
+ if test -n "$SET_SCAN_LVS"; then
+ echo "Adding scan_lvs=0 setting to /etc/lvm/lvm.conf to prevent LVs from being scanned."
+ # comment out existing setting
+ sed -i -e 's/^\([[:space:]]*scan_lvs[[:space:]]*=\)/#\1/' /etc/lvm/lvm.conf
+ # add new section with our setting
+ cat >> /etc/lvm/lvm.conf <<EOF
+devices {
+ $LVM_CONF_MARKER LVM volumes
+ scan_lvs=0
+ }
+EOF
+ fi
+
+ if ! lvmconfig --validate; then
+ echo "Invalid LVM config detected - restoring from /etc/lvm/lvm.conf.bak"
+ mv /etc/lvm/lvm.conf.bak /etc/lvm/lvm.conf
+ fi
+}
+
+migrate_apt_auth_conf() {
+ output=""
+ removed=""
+ match=0
+
+ while read -r l; do
+ if echo "$l" | grep -q "^machine enterprise.proxmox.com/debian/pve"; then
+ match=1
+ elif echo "$l" | grep -q "machine"; then
+ match=0
+ fi
+
+ if test "$match" = "1"; then
+ removed="$removed\n$l"
+ else
+ output="$output\n$l"
+ fi
+ done < /etc/apt/auth.conf
+
+ if test -n "$removed"; then
+ if test ! -e /etc/apt/auth.conf.d/pve.conf; then
+ echo "Migrating APT auth config for enterprise.proxmox.com to /etc/apt/auth.conf.d/pve.conf .."
+ echo "$removed" > /etc/apt/auth.conf.d/pve.conf
+ else
+ echo "Removing stale APT auth config from /etc/apt/auth.conf"
+ fi
+ echo "$output" > /etc/apt/auth.conf
+ fi
+}
case "$1" in
triggered)
# test if /etc/pve is mounted; else simple exit to avoid
# error during updates
test -f /etc/pve/local/pve-ssl.pem || exit 0;
+ test -e /proxmox_install_mode && exit 0;
+
+ # the ExecStartPre doesn't triggers on service reload, so just in case
+ pvecm updatecerts --silent || true
- test -e /proxmox_install_mode || invoke-rc.d pvedaemon restart
- test -e /proxmox_install_mode || invoke-rc.d pvestatd restart
- test -e /proxmox_install_mode || invoke-rc.d apache2 restart
+ deb-systemd-invoke reload-or-try-restart pvedaemon.service
+ deb-systemd-invoke reload-or-try-restart pvestatd.service
+ deb-systemd-invoke reload-or-try-restart pveproxy.service
+ deb-systemd-invoke reload-or-try-restart spiceproxy.service
+ deb-systemd-invoke reload-or-try-restart pvescheduler.service
exit 0;;
mkdir /etc/pve 2>/dev/null || true
- # remove old APL dir
- rm -rf /var/lib/pve-manager/apl-available
-
if test ! -e /var/lib/pve-manager/apl-info/download.proxmox.com; then
- mkdir -p /var/lib/pve-manager/apl-info
- cp /usr/share/doc/pve-manager/aplinfo.dat /var/lib/pve-manager/apl-info/download.proxmox.com
- pveam update || true
+ mkdir -p /var/lib/pve-manager/apl-info
+ cp /usr/share/doc/pve-manager/aplinfo.dat /var/lib/pve-manager/apl-info/download.proxmox.com
+ pveam update || true
fi
+ # Always try to clean old entry, even when proxmox-mail-forward entry is already present.
+ # This ensures it will still be cleaned after an upgrade following a downgrade.
if test -f /root/.forward; then
- if ! grep -q '|/usr/bin/pvemailforward' /root/.forward; then
- echo -e "|/usr/bin/pvemailforward\n$(cat /root/.forward)" >/root/.forward.tmp
- mv /root/.forward.tmp /root/.forward
- fi
- else
- echo '|/usr/bin/pvemailforward' >/root/.forward
+ sed -i '\!|/usr/bin/pvemailforward!d' /root/.forward
fi
-
- update-rc.d pvedaemon defaults 21 79 >/dev/null
- update-rc.d pvestatd defaults 21 79 >/dev/null
- update-rc.d pvebanner start 99 2 3 4 5 . >/dev/null
- update-rc.d pvenetcommit start 15 S . >/dev/null
- update-rc.d pve-manager defaults 25 75 >/dev/null
-
- test -e /proxmox_install_mode || invoke-rc.d pvedaemon restart
- test -e /proxmox_install_mode || invoke-rc.d pvestatd restart
-
- a2enmod perl >/dev/null 2>&1
- a2enmod ssl >/dev/null 2>&1
- a2enmod rewrite >/dev/null 2>&1
- a2enmod proxy >/dev/null 2>&1
-
- a2dissite default >/dev/null 2>&1 || true
- a2ensite pve.conf >/dev/null 2>&1
-
- test -e /proxmox_install_mode || invoke-rc.d apache2 restart
-
- # There are three sub-cases:
- if test "${2+set}" != set; then
- # We're being installed by an ancient dpkg which doesn't remember
- # which version was most recently configured, or even whether
- # there is a most recently configured version.
- :
-
- elif test -z "$2" -o "$2" = "<unknown>"; then
- # The package has not ever been configured on this system, or was
- # purged since it was last configured.
- :
-
- else
- # Version $2 is the most recently configured version of this
- # package.
- :
-
- fi ;;
- abort-upgrade)
- # Back out of an attempt to upgrade this package FROM THIS VERSION
- # to version $2. Undo the effects of "prerm upgrade $2".
- :
- ;;
- abort-remove)
- if test "$2" != in-favour; then
- echo "$0: undocumented call to \`postinst $*'" 1>&2
- exit 0
+ if ! test -f /root/.forward || ! grep -q '|/usr/bin/proxmox-mail-forward' /root/.forward; then
+ echo '|/usr/bin/proxmox-mail-forward' >>/root/.forward
fi
- # Back out of an attempt to remove this package, which was due to
- # a conflict with package $3 (version $4). Undo the effects of
- # "prerm remove in-favour $3 $4".
- :
- ;;
- abort-deconfigure)
- if test "$2" != in-favour -o "$5" != removing; then
- echo "$0: undocumented call to \`postinst $*'" 1>&2
- exit 0
+ systemctl --system daemon-reload >/dev/null || true
+
+ # same as dh_systemd_enable (code copied)
+
+ UNITS="pvedaemon.service pveproxy.service spiceproxy.service pvestatd.service pvebanner.service pvescheduler.service pve-daily-update.timer"
+ NO_RESTART_UNITS="pvenetcommit.service pve-guests.service"
+
+ for unit in ${UNITS} ${NO_RESTART_UNITS}; do
+ deb-systemd-helper unmask "$unit" >/dev/null || true
+
+ # was-enabled defaults to true, so new installations run enable.
+ if deb-systemd-helper --quiet was-enabled "$unit"; then
+ # Enables the unit on first installation, creates new
+ # symlinks on upgrades if the unit file has changed.
+ deb-systemd-helper enable "$unit" >/dev/null || true
+ else
+ # Update the statefile to add new symlinks (if any), which need to be
+ # cleaned up on purge. Also remove old symlinks.
+ deb-systemd-helper update-state "$unit" >/dev/null || true
+ fi
+ done
+
+ # FIXME: remove after beta is over and add hunk to actively remove the repo
+ BETA_SOURCES="/etc/apt/sources.list.d/pvetest-for-beta.list"
+ if test -f "$BETA_SOURCES" && dpkg --compare-versions "$2" 'lt' '8.0.2' && dpkg --compare-versions "$2" 'gt' '8.0~'; then
+ echo "Removing the during beta added pvetest repository file again"
+ rm -v "$BETA_SOURCES" || true
fi
- # Back out of an attempt to deconfigure this package, which was
- # due to package $6 (version $7) which we depend on being removed
- # to make way for package $3 (version $4). Undo the effects of
- # "prerm deconfigure in-favour $3 $4 removing $6 $7".
- :
+ if test ! -e /proxmox_install_mode && test -n "$2" && dpkg --compare-versions "$2" 'lt' '8.1.4~'; then
+ if test -e /etc/lvm/lvm.conf ; then
+ set_lvm_conf 1
+ fi
+ fi
+
+ set_lvm_conf
+
+ if test ! -e /proxmox_install_mode; then
+ # modeled after code generated by dh_start
+ for unit in ${UNITS}; do
+ if test -n "$2"; then
+ dh_action="reload-or-restart";
+ else
+ dh_action="start"
+ fi
+ if systemctl -q is-enabled "$unit"; then
+ deb-systemd-invoke $dh_action "$unit"
+ fi
+ done
+ fi
+
+ if test ! -e /proxmox_install_mode && test -n "$2" && dpkg --compare-versions "$2" 'lt' '7.2-11~'; then
+ if test -e /etc/apt/auth.conf ; then
+ migrate_apt_auth_conf
+ fi
+ fi
;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+ ;;
+
*) echo "$0: didn't understand being called with \`$1'" 1>&2
exit 0;;
esac