postinst is in ca-certificates-java 20160321.
This file is a maintainer script. It is executed when installing (*inst) or removing (*rm) the package.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 | #!/bin/bash
set -e
# use the locale C.UTF-8
unset LC_ALL
LC_CTYPE=C.UTF-8
export LC_CTYPE
storepass='changeit'
if [ -f /etc/default/cacerts ]; then
. /etc/default/cacerts
fi
arch=`dpkg --print-architecture`
JAR=/usr/share/ca-certificates-java/ca-certificates-java.jar
nsslib_name()
{
if dpkg --assert-multi-arch 2>/dev/null; then
echo "libnss3:${arch}"
else
echo "libnss3"
fi
}
setup_path()
{
for jvm in java-7-openjdk-$arch java-7-openjdk \
oracle-java7-jre-$arch oracle-java7-server-jre-$arch oracle-java7-jdk-$arch \
java-8-openjdk-$arch java-8-openjdk \
oracle-java8-jre-$arch oracle-java8-server-jre-$arch oracle-java8-jdk-$arch \
java-9-openjdk-$arch java-9-openjdk \
oracle-java9-jre-$arch oracle-java9-server-jre-$arch oracle-java9-jdk-$arch; do
if [ -x /usr/lib/jvm/$jvm/bin/java ]; then
break
fi
done
export JAVA_HOME=/usr/lib/jvm/$jvm
PATH=$JAVA_HOME/bin:$PATH
}
first_install()
{
if which dpkg-query >/dev/null; then
nsspkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,\(.*\)/libnss3\.so$,\1,p'|head -n 1)
nsscfg=/etc/${jvm%-$arch}/security/nss.cfg
nssjdk=$(test ! -f $nsscfg || sed -n '/nssLibraryDirectory/s/.*= *\(.*\)/\1/p' $nsscfg)
if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ]; then
ln -sf $nsspkg/libnss3.so $nssjdk/libnss3.so
fi
fi
# Forcibly remove diginotar cert (LP: #920758)
if [ -n "$FIXOLD" ]; then
echo -e "-diginotar_root_ca\n-diginotar_root_ca_pem" | \
java -Xmx64m -jar $JAR -storepass "$storepass"
fi
find /etc/ssl/certs -name \*.pem | \
while read filename; do
alias=$(basename $filename .pem | tr A-Z a-z | tr -cs a-z0-9 _)
alias=${alias%*_}
if [ -n "$FIXOLD" ]; then
echo "-${alias}"
echo "-${alias}_pem"
fi
echo "+${filename}"
done | \
java -Xmx64m -jar $JAR -storepass "$storepass"
echo "done."
}
do_cleanup()
{
[ -z "$temp_jvm_cfg" ] || rm -f $temp_jvm_cfg
if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ]
then
rm -f $nssjdk/libnss3.so
fi
}
case "$1" in
configure)
if dpkg --compare-versions "$2" lt "20110912ubuntu6"; then
FIXOLD="true"
if [ -e /etc/ssl/certs/java/cacerts ]; then
cp -f /etc/ssl/certs/java/cacerts /etc/ssl/certs/java/cacerts.dpkg-old
fi
fi
if [ -z "$2" -o -n "$FIXOLD" ]; then
setup_path
if ! mountpoint -q /proc; then
echo >&2 "the keytool command requires a mounted proc fs (/proc)."
exit 1
fi
temp_jvm_cfg=
if [ ! -f /etc/${jvm%-$arch}/jvm-$arch.cfg ]; then
# the jre is not yet configured, but jvm.cfg is needed to run it
temp_jvm_cfg=/etc/${jvm%-$arch}/jvm-$arch.cfg
mkdir -p /etc/${jvm%-$arch}
printf -- "-server KNOWN\n" > $temp_jvm_cfg
fi
if first_install; then
do_cleanup
else
do_cleanup
exit 1
fi
fi
chmod 600 /etc/default/cacerts || true
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
exit 0
|