aboutsummaryrefslogtreecommitdiff
path: root/debian/taler-exchange.postinst
blob: 74d4754a2d0386e19e8a7b48417d10f76c43d284 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
#!/bin/bash

set -e

. /usr/share/debconf/confmodule

TALER_HOME="/var/lib/taler"
_GROUPNAME=taler-exchange-secmod
_DBGROUPNAME=taler-exchange-db
_EUSERNAME=taler-exchange-httpd
_CLOSERUSERNAME=taler-exchange-closer
_CSECUSERNAME=taler-exchange-secmod-cs
_RSECUSERNAME=taler-exchange-secmod-rsa
_ESECUSERNAME=taler-exchange-secmod-eddsa
_AGGRUSERNAME=taler-exchange-aggregator
_EXPIUSERNAME=taler-exchange-expire
_WIREUSERNAME=taler-exchange-wire

case "${1}" in
configure)

  # Create taler groups as needed
  if ! getent group ${_GROUPNAME} >/dev/null; then
    addgroup --quiet --system ${_GROUPNAME}
  fi
  if ! getent group ${_DBGROUPNAME} >/dev/null; then
    addgroup --quiet --system ${_DBGROUPNAME}
  fi

  # Create taler users if needed
  if ! getent passwd ${_EUSERNAME} >/dev/null; then
    adduser --quiet --system --no-create-home --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_EUSERNAME}
    adduser --quiet ${_EUSERNAME} ${_DBGROUPNAME}
    adduser --quiet ${_EUSERNAME} ${_GROUPNAME}
  fi
  if ! getent passwd ${_RSECUSERNAME} >/dev/null; then
    adduser --quiet --system --no-create-home --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_RSECUSERNAME}
  fi
  if ! getent passwd ${_CSECUSERNAME} >/dev/null; then
    adduser --quiet --system --no-create-home --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_CSECUSERNAME}
  fi
  if ! getent passwd ${_ESECUSERNAME} >/dev/null; then
    adduser --quiet --system --no-create-home --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_ESECUSERNAME}
  fi
  if ! getent passwd ${_WIREUSERNAME} >/dev/null; then
    adduser --quiet --system --no-create-home --home ${TALER_HOME} ${_WIREUSERNAME}
    adduser --quiet ${_WIREUSERNAME} ${_DBGROUPNAME}
  fi
  if ! getent passwd ${_CLOSERUSERNAME} >/dev/null; then
    adduser --quiet --system --no-create-home --home ${TALER_HOME} ${_CLOSERUSERNAME}
    adduser --quiet ${_CLOSERUSERNAME} ${_DBGROUPNAME}
  fi
  if ! getent passwd ${_AGGRUSERNAME} >/dev/null; then
    adduser --quiet --system --no-create-home --home ${TALER_HOME} ${_AGGRUSERNAME}
    adduser --quiet ${_AGGRUSERNAME} ${_DBGROUPNAME}
  fi
  if ! getent passwd ${_EXPIUSERNAME} >/dev/null; then
    adduser --quiet --system --no-create-home --home ${TALER_HOME} ${_EXPIUSERNAME}
    adduser --quiet ${_EXPIUSERNAME} ${_DBGROUPNAME}
  fi

  if ! dpkg-statoverride --list /etc/taler-exchange/secrets/exchange-accountcredentials-1.secret.conf >/dev/null 2>&1; then
    dpkg-statoverride --add --update \
      ${_WIREUSERNAME} root 640 \
      /etc/taler-exchange/secrets/exchange-accountcredentials-1.secret.conf
  fi

  if ! dpkg-statoverride --list /etc/taler-exchange/secrets/exchange-db.secret.conf >/dev/null 2>&1; then
    dpkg-statoverride --add --update \
      root ${_DBGROUPNAME} 640 \
      /etc/taler-exchange/secrets/exchange-db.secret.conf
  fi

  ;;

abort-upgrade | abort-remove | abort-deconfigure) ;;

*)
  echo "postinst called with unknown argument \`${1}'" >&2
  exit 1
  ;;
esac

#DEBHELPER#

exit 0