debianpkg/frr.preinst

   1 #!/bin/bash
   2
   3 if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
   4 ${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
   5 set -e
   6 set -u
   7
   8 # creating frrvty group if it isn't already there
   9 if ! getent group frrvty >/dev/null; then
  10         addgroup --system frrvty >/dev/null
  11 fi
  12
  13 # creating frr group if it isn't already there
  14 if ! getent group frr >/dev/null; then
  15         addgroup --system frr >/dev/null
  16 fi
  17
  18 # creating frr user if he isn't already there
  19 if ! getent passwd frr >/dev/null; then
  20         adduser \
  21           --system \
  22           --ingroup frr \
  23           --home /var/run/frr/ \
  24           --gecos "Frr routing suite" \
  25           --shell /bin/false \
  26           frr  >/dev/null
  27 fi
  28
  29 # We may be installing over an older version of
  30 # frr and as such we need to intelligently
  31 # check to see if the frr user is in the frrvty
  32 # group.
  33 if ! id frr | grep &>/dev/null 'frrvty'; then
  34     usermod -a -G frrvty frr >/dev/null
  35 fi
  36
  37 # Do not change permissions when upgrading as it would violate policy.
  38 if [ "$1" = "install" ]; then
  39   # Logfiles are group readable in case users were put into the frr group.
  40   d=/var/log/frr/
  41     mkdir -p $d
  42     chown -R frr:frr $d
  43     chmod u=rwx,go=rx $d
  44     find $d -type f -print0 | xargs -0 --no-run-if-empty   chmod u=rw,g=r,o=
  45
  46   # Strict permissions for the sockets.
  47   d=/var/run/frr/
  48     mkdir -p $d
  49     chown -R frr:frr $d
  50     chmod u=rwx,go=rx $d
  51     find $d -type f -print0 | xargs -0 --no-run-if-empty   chmod u=rw,go=
  52
  53   # Config files. Vtysh does not have access to the individual daemons config file
  54   d=/etc/frr/
  55     mkdir -p $d
  56     chown frr:frrvty $d
  57     chmod ug=rwx,o=rx $d
  58     find $d -type f -print0 | xargs -0 --no-run-if-empty   chown frr:frr
  59     find $d -type f -print0 | xargs -0 --no-run-if-empty   chmod u=rw,g=r,o=
  60
  61     # Exceptions for vtysh.
  62     f=$d/vtysh.conf
  63     if [ -f $f ]; then
  64       chown frr:frrvty $f
  65       chmod u=rw,g=r,o= $f
  66     fi
  67
  68     # Exceptions for vtysh.
  69     f=$d/frr.conf
  70     if [ -f $d/Zebra.conf ]; then
  71       mv $d/Zebra.conf $f
  72     fi
  73     if [ -f $f ]; then
  74       chown frr:frrvty $f
  75       chmod u=rw,g=r,o= $f
  76     fi
  77 fi
  78
  79 #DEBHELPER#