diff options
| author | David Lamparter <equinox@diac24.net> | 2018-12-10 22:34:49 +0100 |
|---|---|---|
| committer | David Lamparter <equinox@diac24.net> | 2019-02-19 21:30:54 +0100 |
| commit | b3c4c164b5a6652deeddec41502f098846eb63d3 (patch) | |
| tree | ff89587c87bee78f9d9281d4148905e678e78fb6 /debian/frr.preinst | |
| parent | 93b389bb9ebdcae0f598d2f48110149cb50e2854 (diff) | |
debian: make package "official"
Move us into place in debian/
Signed-off-by: David Lamparter <equinox@diac24.net>
Diffstat (limited to 'debian/frr.preinst')
| -rw-r--r-- | debian/frr.preinst | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/debian/frr.preinst b/debian/frr.preinst new file mode 100644 index 0000000000..1c141f37f9 --- /dev/null +++ b/debian/frr.preinst @@ -0,0 +1,81 @@ +#!/bin/bash + +if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi +${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"} +set -e +set -u + +# creating frrvty group if it isn't already there +if ! getent group frrvty >/dev/null; then + addgroup --system frrvty >/dev/null +fi + +# creating frr group if it isn't already there +if ! getent group frr >/dev/null; then + addgroup --system frr >/dev/null +fi + +# creating frr user if he isn't already there +if ! getent passwd frr >/dev/null; then + adduser \ + --system \ + --ingroup frr \ + --home /nonexistent \ + --gecos "Frr routing suite" \ + --shell /bin/false \ + frr >/dev/null +fi + +# We may be installing over an older version of +# frr and as such we need to intelligently +# check to see if the frr user is in the frrvty +# group. +if ! id frr | grep &>/dev/null 'frrvty'; then + usermod -a -G frrvty frr >/dev/null +fi + +# Do not change permissions when upgrading as it would violate policy. +if [ "$1" = "install" ]; then + # Logfiles are group readable in case users were put into the frr group. + d=/var/log/frr/ + mkdir -p $d + chown frr:frr $d + chown --quiet frr:frr $d/* | true + chmod u=rwx,go=rx $d + find $d -type f -print0 | xargs -0 --no-run-if-empty chmod u=rw,g=r,o= + + # Strict permissions for the sockets. + d=/var/run/frr/ + mkdir -p $d + chown frr:frr $d + chown --quiet frr:frr $d/* | true + chmod u=rwx,go=rx $d + find $d -type f -print0 | xargs -0 --no-run-if-empty chmod u=rw,go= + + # Config files. Vtysh does not have access to the individual daemons config file + d=/etc/frr/ + mkdir -p $d + chown frr:frrvty $d + chmod ug=rwx,o=rx $d + find $d -type f -print0 | xargs -0 --no-run-if-empty chown frr:frr + find $d -type f -print0 | xargs -0 --no-run-if-empty chmod u=rw,g=r,o= + + # Exceptions for vtysh. + f=$d/vtysh.conf + if [ -f $f ]; then + chown frr:frrvty $f + chmod u=rw,g=r,o= $f + fi + + # Exceptions for vtysh. + f=$d/frr.conf + if [ -f $d/Zebra.conf ]; then + mv $d/Zebra.conf $f + fi + if [ -f $f ]; then + chown frr:frrvty $f + chmod u=rw,g=r,o= $f + fi +fi + +#DEBHELPER# |