RepoMirrors/ceph
1
0
Fork 0
mirror of https://github.com/ceph/ceph synced 2024-12-14 07:25:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
0d56b61200
ceph/debian/ceph-common.postinst
Kefu Chai a1a857698c debian/ceph-common.postinst: set user directory using adduser 
now that adduser allows us to set its home directory, we can do
this using adduser instead of using usermod. this change also
silences the warning from lintian
"maintainer-script-lacks-home-in-adduser". lintian complains if
`adduser --system` is called without passing `--home` option.

also, take this opportunity to s/-c/--comment/ in the command line
of `usermod`, for better readability.

Fixes: https://tracker.ceph.com/issues/64069
Signed-off-by: Kefu Chai <tchaikov@gmail.com>
2024-02-03 22:36:50 +08:00

119 lines
4.0 KiB
Bash
Raw Blame History

#!/bin/sh
# -*- mode:sh; tab-width:8; indent-tabs-mode:nil -*-
# vim: set noet ts=8:
# postinst script for ceph-mds
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
#
# postinst configure <most-recently-configured-version>
# old-postinst abort-upgrade <new-version>
# conflictor's-postinst abort-remove in-favour <package> <new-version>
# postinst abort-remove
# deconfigured's-postinst abort-deconfigure in-favour <failed-install-package> <version> [<removing conflicting-package> <version>]
#
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package
# Let the admin override these distro-specified defaults. This is NOT
# recommended!
[ -f "/etc/default/ceph" ] && . /etc/default/ceph
[ -z "$SERVER_HOME" ] && SERVER_HOME=/var/lib/ceph
[ -z "$SERVER_USER" ] && SERVER_USER=ceph
[ -z "$SERVER_NAME" ] && SERVER_NAME="Ceph storage service"
[ -z "$SERVER_GROUP" ] && SERVER_GROUP=ceph
[ -z "$SERVER_UID" ] && SERVER_UID=64045 # alloc by Debian base-passwd maintainer
[ -z "$SERVER_GID" ] && SERVER_GID=$SERVER_UID
# Groups that the user will be added to, if undefined, then none.
[ -z "$SERVER_ADDGROUP" ] && SERVER_ADDGROUP=
case "$1" in
configure)
# create user to avoid running server as root
# 1. create group if not existing
if ! getent group | grep -q "^$SERVER_GROUP:" ; then
echo -n "Adding group $SERVER_GROUP.."
addgroup --quiet --system --gid $SERVER_GID \
$SERVER_GROUP 2>/dev/null ||true
echo "..done"
fi
# 2. create user if not existing
if ! getent passwd | grep -q "^$SERVER_USER:"; then
echo -n "Adding system user $SERVER_USER.."
adduser --quiet \
--system \
--no-create-home \
--disabled-password \
--home $SERVER_HOME \
--uid $SERVER_UID \
--gid $SERVER_GID \
$SERVER_USER 2>/dev/null || true
echo "..done"
fi
# 3. adjust passwd entry
# NOTE: we should use "adduser --comment" if we don't need to
# support adduser <3.136. "adduser --gecos" is deprecated,
# and will be removed, so we don't use it. the first distro
# using --comment is debian/trixie or ubuntu/mantic.
echo -n "Setting system user $SERVER_USER properties.."
usermod --comment "$SERVER_NAME" \
--gid $SERVER_GROUP \
$SERVER_USER
# Unlock $SERVER_USER in case it is locked from an uninstall
if [ -f /etc/shadow ]; then
usermod -U -e '' $SERVER_USER
else
usermod -U $SERVER_USER
fi
echo "..done"
# 4. adjust file and directory permissions
if ! dpkg-statoverride --list $SERVER_HOME >/dev/null; then
chown $SERVER_USER:$SERVER_GROUP $SERVER_HOME
chmod u=rwx,g=rx,o= $SERVER_HOME
fi
if ! dpkg-statoverride --list /var/log/ceph >/dev/null; then
# take care not to touch cephadm log subdirs
chown $SERVER_USER:$SERVER_GROUP /var/log/ceph
chown $SERVER_USER:$SERVER_GROUP /var/log/ceph/*.log* || true
# members of group ceph can log here, but cannot remove
# others' files. non-members cannot read any logs.
chmod u=rwx,g=rwxs,o=t /var/log/ceph
fi
# 5. fix /var/run/ceph
if [ -d /var/run/ceph ]; then
echo -n "Fixing /var/run/ceph ownership.."
chown $SERVER_USER:$SERVER_GROUP /var/run/ceph
echo "..done"
fi
# create /run/ceph. fail softly if systemd isn't present or
# something.
[ -x /bin/systemd-tmpfiles ] && systemd-tmpfiles --create || true
;;
abort-upgrade|abort-remove|abort-deconfigure)
:
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0
Reference in New Issue View Git Blame Copy Permalink