postinst is in lsh-server 2.0.4-dfsg-9.
This file is a maintainer script. It is executed when installing (*inst) or removing (*rm) the package.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 | #!/bin/sh
# postinst script for lsh-server
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <postinst> `configure' <most-recently-configured-version>
# * <old-postinst> `abort-upgrade' <new version>
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
# <new-version>
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
# <failed-install-package> <version> `removing'
# <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package
#
# quoting from the policy:
# Any necessary prompting should almost always be confined to the
# post-installation script, and should be protected with a conditional
# so that unnecessary prompting doesn't happen if a package's
# installation fails and the `postinst' is called with `abort-upgrade',
# `abort-remove' or `abort-deconfigure'.
create_seed_and_key() {
RANDOM_SEED="/var/spool/lsh/yarrow-seed-file"
HOST_KEY="/etc/lsh_host_key"
OPENSSH_HOST_KEY="/etc/ssh/ssh_host_rsa_key"
if [ ! -f "$RANDOM_SEED" ]; then
echo -n "Creating lsh random seed file (this may take a while) ..."
DIR=$(dirname "$RANDOM_SEED")
if install -d -m 700 "$DIR" &&
dd if=/dev/random "of=$RANDOM_SEED" bs=1 count=32 2>/dev/null &&
chmod 600 "$RANDOM_SEED"; then
echo " done."
else
echo " failed!"
return 1
fi
fi
if [ ! -f "$HOST_KEY" ]; then
if [ -r "$OPENSSH_HOST_KEY" ]; then
echo -n "Converting existing OpenSSH RSA host key ... "
if pkcs1-conv < "$OPENSSH_HOST_KEY" | lsh-writekey --server &&
[ -f "$HOST_KEY" -a -f "$HOST_KEY.pub" ]; then
chmod +r "$HOST_KEY.pub"
echo "done."
return 0
fi
rm -f "$HOST_KEY" "$HOST_KEY.pub"
echo "failed. Will generate a new key instead."
fi
echo -n "Creating lsh host key ... "
if lsh-keygen --server | lsh-writekey --server &&
[ -f "$HOST_KEY" -a -f "$HOST_KEY.pub" ]; then
chmod +r "$HOST_KEY.pub"
echo "done."
else
echo "failed!"
return 1
fi
fi
return 0
}
LSHD_DEFAULTS=/etc/default/lsh-server
case "$1" in
configure)
# This needs to be fixed. If we do stuff this way, strange things will
# happen ... the user can specify stuff to debconf and old options can
# still be written to the config file :-(
# First, get default options
#[ -e "$LSHD_DEFAULTS" ] && . "$LSHD_DEFAULTS"
# Fall back to default options if necessary
LSHD_PORT=${LSHD_PORT:-2222}
ENABLE_SFTP=${ENABLE_SFTP:-false}
# Make sure ENABLE_SFTP is either "true" or "false", set up option
case "$ENABLE_SFTP" in
true|TRUE|y*|Y*)
ENABLE_SFTP=true
;;
*)
ENABLE_SFTP=false
;;
esac
. /usr/share/debconf/confmodule
db_get "lsh-server/lshd_port"; LSHD_PORT="$RET"
db_get "lsh-server/sftp"; ENABLE_SFTP="$RET"
exec 3>&-
# OK, now make the config file
cat <<"EOF" >"$LSHD_DEFAULTS"
# Configuration file generated by lsh-server.postinst.
# You can change the lsh-server configuration either by editing
# this file, or by running dpkg-reconfigure lsh-server.
#
EOF
echo "LSHD_PORT=\"$LSHD_PORT\"" >>"$LSHD_DEFAULTS"
echo "ENABLE_SFTP=\"$ENABLE_SFTP\"" >> "$LSHD_DEFAULTS"
# Versions before 2.0.1cdbs-4 have a security issue, therefore
# have the random seed regenerated.
if [ "$2" ] && [ -e "/var/spool/lsh/yarrow-seed-file" ] \
&& dpkg --compare-versions "$2" lt "2.0.1cdbs-4"; then
echo " Removing /var/spool/lsh/yarrow-seed-file, because of you are upgrading from a"
echo " version with a known security bug, so we can't trust the seed any more."
echo " It will be automatically regenerated from /dev/random."
rm /var/spool/lsh/yarrow-seed-file
fi
# Disable ssh if needed
if [ "$LSHD_PORT" -eq 22 ] ; then
if [ ! -d /etc/ssh ] ; then
mkdir -p /etc/ssh
fi
file=/etc/ssh/sshd_not_to_be_run
if [ ! -f "$file" ] ; then
# stop ssh from starting at bootup
cat <<"EOF" >"$file"
LSH_SERVER_CONFIG_GENERATED
# Generated by lsh-server.postinst
# Please don't remove this file unless you have first disabled lsh, and don't
# change the first line ... otherwise lsh-server won't recognise it!!!
EOF
if [ -x "/etc/init.d/ssh" ]; then
if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
invoke-rc.d ssh stop || true
else
/etc/init.d/ssh stop || true
fi
fi
fi
fi
create_seed_and_key
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts
# Automatically added by dh_installinit
if [ -x "/etc/init.d/lsh-server" ]; then
if [ ! -e "/etc/init/lsh-server.conf" ]; then
update-rc.d lsh-server defaults >/dev/null
fi
invoke-rc.d lsh-server start || exit $?
fi
# End automatically added section
exit 0
|