This file is indexed.

postinst is in tripwire 2.4.3.1-2.

This file is a maintainer script. It is executed when installing (*inst) or removing (*rm) the package.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
#!/bin/sh

SITEKEYFILE=/etc/tripwire/site.key
LOCALKEYFILE=/etc/tripwire/${hostname}-local.key

set -e

# Post-installation script for the Debian Tripwire distribution.

# Make sure we should be running...
case "$1" in
    configure)
        # continue below
	;;

    abort-upgrade|abort-remove|abort-deconfigure)
        exit 0
	;;

    *)
        echo "postinst called with unknown argument: $1" >&2
        exit 0
        ;;
esac



# Set up the necessary environment

CFGFILE=/etc/tripwire/tw.cfg
CFGTEXT=/etc/tripwire/twcfg.txt
POLTEXT=/etc/tripwire/twpol.txt

eval `twadmin -m f 2>/dev/null | 
	perl -pe 's!HOSTNAME!uname -n!g; s!DATE!date!g; \
		    s!^\s*([^=\s]+)\s*=\s*(.+)!$1="$2"!'`

case $ROOT in
'')
    eval `perl -pe 's!HOSTNAME!uname -n!g; s!DATE!date!g; \
		    s!^\s*([^=\s]+)\s*=\s*(.+)!$1="$2"!' $CFGTEXT`
    ;;

esac

# OK, now do the debconf stuff

# Source debconf library.
. /usr/share/debconf/confmodule

# The following pass phrase retrieval sequence is known to have
# windows where the pass phrase is stoed somewhere in clear text.
# I've attempted to reduce this window to the smallest possible
# period.  If you can lower it further, send me a patch.

get_pass_phrase ()
{
    while true
    do
	db_beginblock
	db_title "Get $1 passphrase"
	db_fset tripwire/$1-passphrase seen false
	db_input critical tripwire/$1-passphrase || true
	db_fset tripwire/$1-passphrase-again seen false
	db_input critical tripwire/$1-passphrase-again || true
	db_endblock
	db_go

	db_get tripwire/$1-passphrase
	pass_phrase_1="$RET"
	db_reset tripwire/$1-passphrase

	db_get tripwire/$1-passphrase-again
	pass_phrase_2="$RET"
	db_reset tripwire/$1-passphrase-again

	case "$pass_phrase_1" in
	"$pass_phrase_2")
	    break ;;
	esac
    done

    # Protect against people using quoation characters in their passphrases
    case "$1" in
    local)
	local_pass="$pass_phrase_1"
	;;

    site)
	site_pass="$pass_phrase_1"
	;;
    esac

    pass_phrase_1=
    pass_phrase_2=
}

twadmin=/usr/sbin/twadmin

db_get tripwire/use-sitekey
use_sitekey="$RET"
if [ "$use_sitekey" = "true" ] && [ ! -f "$SITEKEYFILE" ]
then
    get_pass_phrase site
    echo "Generating site key (this may take several minutes)..."
    (echo "$site_pass"; sleep 2; echo "$site_pass") \
	| $twadmin -m G -S "$SITEKEYFILE" > /dev/null 2>&1
fi

db_get tripwire/use-localkey
use_localkey="$RET"
if [ "$use_localkey" = "true" ] && [ ! -f "$LOCALKEYFILE" ]
then
    get_pass_phrase local
    echo "Generating local key (this may take several minutes)..."
    (echo "$local_pass"; sleep 2; echo "$local_pass") | \
	$twadmin -m G -L "$LOCALKEYFILE" > /dev/null 2>&1
fi
chmod 600 $SITEKEYFILE || true
chmod 600 $LOCALKEYFILE || true

case "$use_sitekey" in
true)
    db_get tripwire/rebuild-config
    if [ ! -f "$CFGFILE" ] || [ "$RET" = "true" ]; then
	case "$site_pass" in
	'') get_pass_phrase site
	    ;;
	esac

	while echo "$site_pass" | \
	    $twadmin -m F -S "$SITEKEYFILE" $CFGTEXT | \
	    grep -q 'Incorrect site passphrase.'
	do
	    db_fset tripwire/site-passphrase-incorrect seen false
	    db_input critical tripwire/site-passphrase-incorrect
	    db_go

	    db_get tripwire/site-passphrase-incorrect
	    case "$RET" in
	    true) ;;
	    *) exit 0;;
	    esac
	    get_pass_phrase site
	done
    fi

    db_get tripwire/rebuild-policy
    if [ ! -f "$POLFILE" ] || [ "$RET" = "true" ]; then
	case "$site_pass" in
	'') get_pass_phrase site
	    ;;
	esac

	while echo "$site_pass" | \
	    $twadmin -m P $POLTEXT | \
		grep -q 'Incorrect site passphrase.'
	do
	    db_fset tripwire/site-passphrase-incorrect seen false
	    db_input critical tripwire/site-passphrase-incorrect
	    db_get tripwire/site-passphrase-incorrect
	    case "$RET" in
	    true) ;;
	    *) exit 0;;
	    esac
	    get_pass_phrase site
	done
    fi
    ;;
esac

db_input high tripwire/installed || true
db_go

exit 0