forked from Lainports/freebsd-ports
6e60a56931
- Added handling for crontab installation problems - Incorported security fixes from PR opened after previous commit - Added UPDATING entry since configuration options have changed fairly significantly PR: ports/122842 Submitted by: Cezary Morga <cm@therek.net> PR: ports/127255 Submitted by: Yasuhiro KIMURA <yasu at utahime dot org> Reviewed by: glarkin Approved by: beech (mentor, implicit) Approved by: portmgr (marcus) Security: Incorrect addition of logcheck user to wheel group
60 lines
2 KiB
Bash
60 lines
2 KiB
Bash
#!/bin/sh
|
|
|
|
user="%%LOGCHECK_USER%%"
|
|
uid="%%LOGCHECK_UID%%"
|
|
group="%%LOGCHECK_GROUP%%"
|
|
gid="%%LOGCHECK_GID%%"
|
|
descr="Logcheck system account"
|
|
homedir="/var/db/logcheck"
|
|
shell="/usr/local/bin/bash"
|
|
configfiles="logcheck.conf logcheck.logfiles"
|
|
|
|
case $2 in
|
|
PRE-INSTALL)
|
|
if pw group show ${group} > /dev/null 2>&1; then
|
|
echo "---> You already have a group \"${group}\", so I will use it."
|
|
else
|
|
pw group add "${group}" -g "${gid}"
|
|
echo "---> Created group \"${group}\"."
|
|
fi
|
|
if pw user show ${user} > /dev/null 2>&1; then
|
|
echo "---> You already have a user \"${user}\", so I will use it."
|
|
else
|
|
pw user add -n ${user} -c "${descr}" -d "${homedir}" -s "${shell}" -g ${group} -u "${uid}"
|
|
echo "---> Created user \"${user}\"."
|
|
fi
|
|
;;
|
|
POST-INSTALL)
|
|
if [ -f %%EXAMPLESDIR%%/crontab.in ] ; then
|
|
if /usr/bin/crontab -u "${user}" -l >/tmp/logchecktab$$ 2>&1 ; then
|
|
if test -s /tmp/logchecktab$$; then
|
|
echo "---> \"${user}\" already has a crontab. Not overwriting it"
|
|
echo "---> Please merge any changes from the standard crontab file"
|
|
echo "---> %%EXAMPLESDIR%%/crontab.in"
|
|
else
|
|
/usr/bin/crontab -u "${user}" "%%EXAMPLESDIR%%/crontab.in" || exit 1
|
|
echo "---> Installed crontab(5) file for user \"${user}\""
|
|
fi
|
|
else
|
|
if grep -q "are not allowed to use this program" /tmp/logchecktab$$ ; then
|
|
echo "---> The logcheck user is not allowed to run crontab."
|
|
echo "---> Please check the contents of /var/cron/allow and /var/cron/deny"
|
|
echo "---> and grant access, if necessary."
|
|
exit 1
|
|
else
|
|
/usr/bin/crontab -u "${user}" "%%EXAMPLESDIR%%/crontab.in" || exit 1
|
|
echo "---> Created crontab(5) file for user \"${user}\""
|
|
fi
|
|
fi
|
|
rm -f /tmp/logchecktab$$
|
|
fi
|
|
|
|
for f in ${configfiles}; do
|
|
if [ ! -e %%PREFIX%%/etc/logcheck/${f} ]; then
|
|
echo "---> It seems you have no previous version of %%PREFIX%%/etc/logcheck/${f}"
|
|
cp %%PREFIX%%/etc/logcheck/${f}.sample %%PREFIX%%/etc/logcheck/${f}
|
|
echo "---> Created one from ${f}.sample"
|
|
fi
|
|
done
|
|
;;
|
|
esac
|