Subversion Repositories

?revision_form?Rev ?revision_input??revision_submit??revision_endform?

Rev 61 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed

#!/bin/sh
# postinst script for lsh-server
#
# see: dh_installdeb(1)

set -e

# summary of how this script can be called:
#        * <postinst> `configure' <most-recently-configured-version>
#        * <old-postinst> `abort-upgrade' <new version>
#        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
#          <new-version>
#        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
#          <failed-install-package> <version> `removing'
#          <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package
#
# quoting from the policy:
#     Any necessary prompting should almost always be confined to the
#     post-installation script, and should be protected with a conditional
#     so that unnecessary prompting doesn't happen if a package's
#     installation fails and the `postinst' is called with `abort-upgrade',
#     `abort-remove' or `abort-deconfigure'.


LSHD_DEFAULTS=/etc/default/lsh-server

case "$1" in
    configure)

        # This needs to be fixed. If we do stuff this way, strange things will
        # happen ... the user can specify stuff to debconf and old options can
        # still be written to the config file :-(
        # First, get default options
        #[ -e "$LSHD_DEFAULTS" ] && . "$LSHD_DEFAULTS"

        # Fall back to default options if necessary
        LSHD_PORT=${LSHD_PORT:-2222}
        ENABLE_SFTP=${ENABLE_SFTP:-false}

        # Make sure ENABLE_SFTP is either "true" or "false", set up option
        case "$ENABLE_SFTP" in
            true|TRUE|y*|Y*)
                ENABLE_SFTP=true
                ;;
            *)
                ENABLE_SFTP=false
                ;;
        esac
        
        . /usr/share/debconf/confmodule
   
        db_get "lsh-server/lshd_port"; LSHD_PORT="$RET"
        db_get "lsh-server/sftp"; ENABLE_SFTP="$RET"

        # OK, now make the config file

        cat <<"EOF" >"$LSHD_DEFAULTS"
# Configuration file generated by lsh-server-config.
# You can change the lsh-server configuration either by editing
# this file, or by running /usr/sbin/lsh-server-config, which uses
# a debconf interface to set up lsh-server.
#
EOF

        echo "LSHD_PORT=\"$LSHD_PORT\"" >>"$LSHD_DEFAULTS"
        echo "ENABLE_SFTP=\"$ENABLE_SFTP\"" >> "$LSHD_DEFAULTS"

        # Versions before 2.0.1cdbs-4 have a security issue, therefore
        # have the random seed regenerated.
        if [ "$2" ] && [ -e "/var/spool/lsh/yarrow-seed-file" ] \
                && dpkg --compare-versions "$2" lt "2.0.1cdbs-4"; then
                echo " Removing /var/spool/lsh/yarrow-seed-file, because of you are upgrading from a"
                echo " version with a known security bug, so we can't trust the seed any more."
                echo " It will be automatically regenerated from /dev/random."
                rm /var/spool/lsh/yarrow-seed-file
        fi

        # Disable ssh if needed
        if [ "$LSHD_PORT" -eq 22 ] ; then
            if [ ! -d /etc/ssh ] ; then
                mkdir -p /etc/ssh
            fi

            file=/etc/ssh/sshd_not_to_be_run
            if [ ! -f "$file" ] ; then
# stop ssh from starting at bootup
                cat  <<"EOF" >"$file"
LSH_SERVER_CONFIG_GENERATED
# Generated by lsh-server-config
# Please don't remove this file unless you have first disabled lsh, and don't
# change the first line ... otherwise lsh-server won't recognise it!!!
EOF
            fi
        fi
    ;;

    abort-upgrade|abort-remove|abort-deconfigure)

    ;;

    *)
        echo "postinst called with unknown argument \`$1'" >&2
        exit 1
    ;;
esac

# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts

#DEBHELPER#

exit 0