#!/bin/sh
# preinst script for fail2ban-p2p
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <new-preinst> `install'
# * <new-preinst> `install' <old-version>
# * <new-preinst> `upgrade' <old-version>
# * <old-preinst> `abort-upgrade' <new-version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package
case "$1" in
install|upgrade)
# see http://www.debian.org/doc/manuals/securing-debian-howto/ch9.en.html
# Sane defaults:
[ -z "$SERVER_HOME" ] && SERVER_HOME="/var/run/fail2ban-p2p"
[ -z "$SERVER_USER" ] && SERVER_USER="fail2ban-p2p"
[ -z "$SERVER_NAME" ] && SERVER_NAME="Fail2ban-p2p user"
[ -z "$SERVER_GROUP" ] && SERVER_GROUP="fail2ban-p2p"
# create user
# 1. create group if not existing
if ! getent group | grep -q "^$SERVER_GROUP:" ; then
echo -n "Adding group $SERVER_GROUP.."
addgroup --quiet --system $SERVER_GROUP 2>/dev/null ||true
echo "..done"
fi
# 2. create homedir if not existing
test -d $SERVER_HOME || mkdir $SERVER_HOME
# 3. create user if not existing
if ! getent passwd | grep -q "^$SERVER_USER:"; then
echo -n "Adding system user $SERVER_USER.."
adduser --quiet \
--system \
--ingroup $SERVER_GROUP \
--no-create-home \
--disabled-password \
$SERVER_USER 2>/dev/null || true
echo "..done"
fi
# 4. adjust passwd entry
usermod -c "$SERVER_NAME" \
-d $SERVER_HOME \
-g $SERVER_GROUP \
$SERVER_USER
# 5. adjust file and directory permissions
if ! dpkg-statoverride --list $SERVER_HOME >/dev/null
then
chown -R $SERVER_USER:adm $SERVER_HOME
chmod u=rwx,g=rxs,o= $SERVER_HOME
fi
# create logfile and make it owned by the user
test -f /var/log/fail2ban-p2p.log || touch /var/log/fail2ban-p2p.log
chown $SERVER_USER:adm /var/log/fail2ban-p2p.log > /dev/null
;;
abort-upgrade)
;;
*)
echo "preinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0