2015-02-05 03:14:41 +01:00
|
|
|
#!/bin/sh
|
2014-10-31 06:59:20 +01:00
|
|
|
# preinst script for core-agent-linux
|
|
|
|
#
|
|
|
|
# see: dh_installdeb(1)
|
|
|
|
|
2014-11-07 06:08:26 +01:00
|
|
|
set -e
|
2014-10-31 06:59:20 +01:00
|
|
|
|
|
|
|
# The preinst script may be called in the following ways:
|
|
|
|
# * <new-preinst> 'install'
|
|
|
|
# * <new-preinst> 'install' <old-version>
|
|
|
|
# * <new-preinst> 'upgrade' <old-version>
|
|
|
|
#
|
2015-10-15 04:34:55 +02:00
|
|
|
# The package will not yet be unpacked, so the preinst script cannot rely
|
|
|
|
# on any files included in its package. Only essential packages and
|
|
|
|
# pre-dependencies (Pre-Depends) may be assumed to be available.
|
|
|
|
# Pre-dependencies will have been configured at least once, but at the time the
|
2014-10-31 06:59:20 +01:00
|
|
|
# preinst is called they may only be in an "Unpacked" or "Half-Configured" state
|
|
|
|
# if a previous version of the pre-dependency was completely configured and has
|
|
|
|
# not been removed since then.
|
|
|
|
#
|
|
|
|
#
|
|
|
|
# * <old-preinst> 'abort-upgrade' <new-version>
|
|
|
|
#
|
|
|
|
# Called during error handling of an upgrade that failed after unpacking the
|
|
|
|
# new package because the postrm upgrade action failed. The unpacked files may
|
|
|
|
# be partly from the new version or partly missing, so the script cannot rely
|
|
|
|
# on files included in the package. Package dependencies may not be available.
|
|
|
|
# Pre-dependencies will be at least "Unpacked" following the same rules as
|
2015-10-15 04:34:55 +02:00
|
|
|
# above, except they may be only "Half-Installed" if an upgrade of the
|
2014-10-31 06:59:20 +01:00
|
|
|
# pre-dependency failed.[46]
|
|
|
|
#
|
|
|
|
# For details, see http://www.debian.org/doc/debian-policy/ or
|
|
|
|
# https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html or
|
|
|
|
# the debian-policy package
|
|
|
|
|
|
|
|
if [ "$1" = "install" ] ; then
|
|
|
|
# --------------------------------------------------------------------------
|
2015-02-07 12:07:35 +01:00
|
|
|
# Required groups
|
2014-10-31 06:59:20 +01:00
|
|
|
# --------------------------------------------------------------------------
|
2015-08-08 00:54:49 +02:00
|
|
|
groupadd --force --system qubes
|
2015-02-07 12:07:35 +01:00
|
|
|
groupadd --force --system sudo
|
2014-10-31 06:59:20 +01:00
|
|
|
|
|
|
|
# --------------------------------------------------------------------------
|
|
|
|
# User add / modifications
|
|
|
|
# --------------------------------------------------------------------------
|
2015-02-05 04:22:48 +01:00
|
|
|
id -u 'user' >/dev/null 2>&1 || {
|
2015-08-26 14:33:35 +02:00
|
|
|
useradd --password "" --user-group --create-home --shell /bin/bash user
|
2014-10-31 08:04:42 +01:00
|
|
|
}
|
2015-02-05 04:22:48 +01:00
|
|
|
id -u 'tinyproxy' >/dev/null 2>&1 || {
|
2015-02-07 12:07:35 +01:00
|
|
|
useradd --user-group --system -M --home /run/tinyproxy --shell /bin/false tinyproxy
|
2014-11-02 22:28:50 +01:00
|
|
|
}
|
2014-10-31 06:59:20 +01:00
|
|
|
usermod -p '' root
|
2015-02-13 21:00:54 +01:00
|
|
|
usermod -L -a --groups qubes,sudo user
|
2015-02-07 12:07:35 +01:00
|
|
|
|
|
|
|
# --------------------------------------------------------------------------
|
|
|
|
# Remove `mesg` from root/.profile?
|
|
|
|
# --------------------------------------------------------------------------
|
|
|
|
sed -i -e '/^mesg n/d' /root/.profile
|
2014-10-31 06:59:20 +01:00
|
|
|
fi
|
|
|
|
|
|
|
|
if [ "$1" = "upgrade" ] ; then
|
2015-08-08 02:40:49 +02:00
|
|
|
## Fix static gid issue for in place template upgrades.
|
|
|
|
## https://github.com/QubesOS/qubes-issues/issues/1105
|
|
|
|
if grep -q ^qubes:x:98: /etc/group ; then
|
|
|
|
if ! grep -q :980: /etc/group ; then
|
|
|
|
if groupmod -g 980 qubes ; then
|
2015-09-01 17:19:38 +02:00
|
|
|
# make sure that vchan will still work until VM start
|
|
|
|
chmod 666 /dev/xen/* /proc/xen/privcmd
|
2015-08-08 02:40:49 +02:00
|
|
|
find / -gid 98 ! -type l -exec chgrp --verbose qubes {} \; 2>/dev/null || true
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
fi
|
2015-08-27 19:30:02 +02:00
|
|
|
## Allow passwordless login for user "user" (when using 'sudo xl console').
|
|
|
|
## https://github.com/QubesOS/qubes-issues/issues/1130
|
|
|
|
if grep -q '^user:\!:' /etc/shadow ; then
|
|
|
|
passwd user -d >/dev/null || true
|
|
|
|
fi
|
2014-10-31 06:59:20 +01:00
|
|
|
fi
|
|
|
|
|
|
|
|
# dh_installdeb will replace this with shell code automatically
|
|
|
|
# generated by other debhelper scripts.
|
|
|
|
|
|
|
|
#DEBHELPER#
|
|
|
|
|
|
|
|
exit 0
|
|
|
|
|
|
|
|
# vim: set ts=4 sw=4 sts=4 et :
|