[mirror_frr.git] / debianpkg / frr.preinst

#!/bin/bash

if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
set -e
set -u

# creating frrvty group if it isn't already there
if ! getent group frrvty >/dev/null; then
        addgroup --system frrvty >/dev/null
fi

# creating frr group if it isn't already there
if ! getent group frr >/dev/null; then
        addgroup --system frr >/dev/null
fi

# creating frr user if he isn't already there
if ! getent passwd frr >/dev/null; then
        adduser \
          --system \
          --ingroup frr \
          --home /var/run/frr/ \
          --gecos "Frr routing suite" \
          --shell /bin/false \
          frr  >/dev/null
fi

# We may be installing over an older version of
# frr and as such we need to intelligently
# check to see if the frr user is in the frrvty
# group.
if ! id frr | grep &>/dev/null 'frrvty'; then
    usermod -a -G frrvty frr >/dev/null
fi

# Do not change permissions when upgrading as it would violate policy.
if [ "$1" = "install" ]; then
  # Logfiles are group readable in case users were put into the frr group.
  d=/var/log/frr/
    mkdir -p $d
    chown frr:frr $d
    chown --quiet frr:frr $d/* | true
    chmod u=rwx,go=rx $d
    find $d -type f -print0 | xargs -0 --no-run-if-empty   chmod u=rw,g=r,o=

  # Strict permissions for the sockets.
  d=/var/run/frr/
    mkdir -p $d
    chown frr:frr $d
    chown --quiet frr:frr $d/* | true
    chmod u=rwx,go=rx $d
    find $d -type f -print0 | xargs -0 --no-run-if-empty   chmod u=rw,go=

  # Config files. Vtysh does not have access to the individual daemons config file
  d=/etc/frr/
    mkdir -p $d
    chown frr:frrvty $d
    chmod ug=rwx,o=rx $d
    find $d -type f -print0 | xargs -0 --no-run-if-empty   chown frr:frr
    find $d -type f -print0 | xargs -0 --no-run-if-empty   chmod u=rw,g=r,o=

    # Exceptions for vtysh.
    f=$d/vtysh.conf
    if [ -f $f ]; then
      chown frr:frrvty $f
      chmod u=rw,g=r,o= $f
    fi

    # Exceptions for vtysh.
    f=$d/frr.conf
    if [ -f $d/Zebra.conf ]; then
      mv $d/Zebra.conf $f
    fi
    if [ -f $f ]; then
      chown frr:frrvty $f
      chmod u=rw,g=r,o= $f
    fi
fi

#DEBHELPER#
Commit	Line	Data
4d916382 DS	1	#!/bin/bash
	2
	3	if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
	4	${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
	5	set -e
	6	set -u
	7
d8e4c438 DS	8	# creating frrvty group if it isn't already there
	9	if ! getent group frrvty >/dev/null; then
	10	addgroup --system frrvty >/dev/null
4d916382 DS	11	fi
4d916382 DS	12
d8e4c438 DS	13	# creating frr group if it isn't already there
	14	if ! getent group frr >/dev/null; then
	15	addgroup --system frr >/dev/null
4d916382 DS	16	fi
4d916382 DS	17
d8e4c438 DS	18	# creating frr user if he isn't already there
d8e4c438 DS	19	if ! getent passwd frr >/dev/null; then
4d916382 DS	20	adduser \
4d916382 DS	21	--system \
d8e4c438 DS	22	--ingroup frr \
	23	--home /var/run/frr/ \
	24	--gecos "Frr routing suite" \
4d916382	25	--shell /bin/false \
d8e4c438	26	frr >/dev/null
fd8155c0 DS	27	fi
	28
	29	# We may be installing over an older version of
d8e4c438 DS	30	# frr and as such we need to intelligently
d8e4c438 DS	31	# check to see if the frr user is in the frrvty
fd8155c0	32	# group.
81f810f0	33	if ! id frr \| grep &>/dev/null 'frrvty'; then
d8e4c438	34	usermod -a -G frrvty frr >/dev/null
4d916382 DS	35	fi
	36
	37	# Do not change permissions when upgrading as it would violate policy.
	38	if [ "$1" = "install" ]; then
d8e4c438 DS	39	# Logfiles are group readable in case users were put into the frr group.
d8e4c438 DS	40	d=/var/log/frr/
4d916382	41	mkdir -p $d
e681915e MW	42	chown frr:frr $d
e681915e MW	43	chown --quiet frr:frr $d/* \| true
4d916382 DS	44	chmod u=rwx,go=rx $d
	45	find $d -type f -print0 \| xargs -0 --no-run-if-empty chmod u=rw,g=r,o=
	46
	47	# Strict permissions for the sockets.
d8e4c438	48	d=/var/run/frr/
4d916382	49	mkdir -p $d
e681915e MW	50	chown frr:frr $d
e681915e MW	51	chown --quiet frr:frr $d/* \| true
4d916382 DS	52	chmod u=rwx,go=rx $d
	53	find $d -type f -print0 \| xargs -0 --no-run-if-empty chmod u=rw,go=
	54
	55	# Config files. Vtysh does not have access to the individual daemons config file
d8e4c438	56	d=/etc/frr/
4d916382	57	mkdir -p $d
d8e4c438	58	chown frr:frrvty $d
4d916382	59	chmod ug=rwx,o=rx $d
d8e4c438	60	find $d -type f -print0 \| xargs -0 --no-run-if-empty chown frr:frr
4d916382 DS	61	find $d -type f -print0 \| xargs -0 --no-run-if-empty chmod u=rw,g=r,o=
	62
	63	# Exceptions for vtysh.
	64	f=$d/vtysh.conf
	65	if [ -f $f ]; then
d8e4c438	66	chown frr:frrvty $f
4d916382 DS	67	chmod u=rw,g=r,o= $f
	68	fi
	69
	70	# Exceptions for vtysh.
e20dc2ba	71	f=$d/frr.conf
4d916382 DS	72	if [ -f $d/Zebra.conf ]; then
	73	mv $d/Zebra.conf $f
	74	fi
	75	if [ -f $f ]; then
d8e4c438	76	chown frr:frrvty $f
4d916382 DS	77	chmod u=rw,g=r,o= $f
	78	fi
	79	fi
	80
4d916382	81	#DEBHELPER#