#!/bin/sh # preinst script for fail2ban-p2p # # see: dh_installdeb(1) set -e # summary of how this script can be called: # * `install' # * `install' # * `upgrade' # * `abort-upgrade' # for details, see http://www.debian.org/doc/debian-policy/ or # the debian-policy package case "$1" in install|upgrade) # see http://www.debian.org/doc/manuals/securing-debian-howto/ch9.en.html # Sane defaults: [ -z "$SERVER_HOME" ] && SERVER_HOME="/var/run/fail2ban-p2p" [ -z "$SERVER_USER" ] && SERVER_USER="fail2ban-p2p" [ -z "$SERVER_NAME" ] && SERVER_NAME="Fail2ban-p2p user" [ -z "$SERVER_GROUP" ] && SERVER_GROUP="fail2ban-p2p" # create user # 1. create group if not existing if ! getent group | grep -q "^$SERVER_GROUP:" ; then echo -n "Adding group $SERVER_GROUP.." addgroup --quiet --system $SERVER_GROUP 2>/dev/null ||true echo "..done" fi # 2. create homedir if not existing test -d $SERVER_HOME || mkdir $SERVER_HOME # 3. create user if not existing if ! getent passwd | grep -q "^$SERVER_USER:"; then echo -n "Adding system user $SERVER_USER.." adduser --quiet \ --system \ --ingroup $SERVER_GROUP \ --no-create-home \ --disabled-password \ $SERVER_USER 2>/dev/null || true echo "..done" fi # 4. adjust passwd entry usermod -c "$SERVER_NAME" \ -d $SERVER_HOME \ -g $SERVER_GROUP \ $SERVER_USER # 5. adjust file and directory permissions if ! dpkg-statoverride --list $SERVER_HOME >/dev/null then chown -R $SERVER_USER:adm $SERVER_HOME chmod u=rwx,g=rxs,o= $SERVER_HOME fi # create logfile and make it owned by the user test -f /var/log/fail2ban-p2p.log || touch /var/log/fail2ban-p2p.log chown $SERVER_USER:adm /var/log/fail2ban-p2p.log > /dev/null ;; abort-upgrade) ;; *) echo "preinst called with unknown argument \`$1'" >&2 exit 1 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0