summaryrefslogtreecommitdiff
path: root/packaging/Debian/debian/samba.postinst
diff options
context:
space:
mode:
Diffstat (limited to 'packaging/Debian/debian/samba.postinst')
-rw-r--r--packaging/Debian/debian/samba.postinst344
1 files changed, 187 insertions, 157 deletions
diff --git a/packaging/Debian/debian/samba.postinst b/packaging/Debian/debian/samba.postinst
index 5f42cf4b36..fda15e2204 100644
--- a/packaging/Debian/debian/samba.postinst
+++ b/packaging/Debian/debian/samba.postinst
@@ -1,12 +1,8 @@
-#!/bin/sh
+#!/bin/sh -e
#
# Post-installation script for the Samba package for Debian GNU/Linux
#
-# Written by Eloy A. Paris <peloy@debian.org> for the Debian project.
-#
-# The prerm script (run before the postinst) disables Samba in /etc/inetd.conf
-# and stops both nmbd and smbd. So, when this script is run we
-# know that neither nmbd nor smbd can start.
+# $Id: samba.postinst,v 1.2.4.1 2003/06/01 04:30:10 peloy Exp $
#
case "$1" in
@@ -24,184 +20,204 @@ case "$1" in
;;
esac
-# Take care of the /usr/doc/ to /usr/shar/doc/ migration.
-if [ -d /usr/doc -a ! -e /usr/doc/samba -a -d /usr/share/doc/samba ]; then
- ln -sf ../share/doc/samba /usr/doc/samba
-fi
+# Handle debconf
+. /usr/share/debconf/confmodule
+
+INITCONFFILE=/etc/default/samba
+
+# We generate several files during the postinst, and we don't want
+# them to be readable only by root.
+umask 022
+
+
+# Generate configuration file if it does not exist, using default values.
+[ -r "${INITCONFFILE}" ] || {
+ echo Generating ${INITCONFFILE}... >&2
+ cat >${INITCONFFILE} <<'EOFMAGICNUMBER1234'
+# Defaults for samba initscript
+# sourced by /etc/init.d/samba
+# installed at /etc/default/samba by the maintainer scripts
+#
+
+#
+# This is a POSIX shell fragment
+#
-# Starting with Samba 2.0.7-4 the location of the WINS database, the browse
+# How should Samba (smbd) run? Possible values are "daemons"
+# or "inetd".
+RUN_MODE=""
+EOFMAGICNUMBER1234
+}
+
+# --- Begin of FHS migration code ---
+
+# Starting with Samba 2.2.3-4 the WINS database, the browse
# database and other important run-time files are stored in
-# /var/state/samba/ rather than in /var/samba/. The following
-# code takes care of moving the files in the old directory to
-# the new directory.
+# FHS-compliant directories. The following code takes care of
+# moving the files in the old directories (/var/samba/ and
+# /var/state/samba) to the new FHS-compliant directories.
+
if [ -d /var/samba/ ]; then
- mv /var/samba/* /var/state/samba/
+ mv /var/samba/* /var/lib/samba/ 2>/dev/null || true
rmdir /var/samba/
fi
-# Define some constants...
-DEBIAN_CONFIG=/etc/samba/debian_config
-CONFIG_VERSION=1
+# Default for anything we don't know about (see next two 'for' loops)
+# is /var/lib/samba -- guaranteed not to accidentally tromp on any
+# files the admin thought were safe.
+if [ -d /var/state/samba ]; then
+ mv /var/state/samba/* /var/lib/samba/ 2>/dev/null || true
+ rmdir /var/state/samba/
-# Now some variables...
-samba_configured=no
+ # It's not FHS, and it's probably our fault this is here,
+ # so delete it if we can.
+ rmdir /var/state/ 2> /dev/null || true
+fi
+# All these files are now placed in their respective FHS-compliant
+# directories. Separate out the individual files accordingly.
+for F in browse.dat printing.tdb winbindd_cache.tdb
+do
+ if [ -e /var/lib/samba/"$F" ]; then
+ mv /var/lib/samba/"$F" /var/cache/samba/
+ fi
+done
-if [ -f $DEBIAN_CONFIG ]; then
- . $DEBIAN_CONFIG
- if [ "$config_version" -ge "$CONFIG_VERSION" ]; then
- samba_configured=yes
+for F in brlock.tdb connections.tdb locking.tdb messages.tdb nmbd.pid \
+ sessionid.tdb smbd.pid unexpected.tdb
+do
+ if [ -e /var/lib/samba/"$F" ]; then
+ mv /var/lib/samba/"$F" /var/run/samba/
fi
+done
+
+# Beginning with Samba 2.2.5-1, we also move the domain secrets file
+# to a more suitable location, since no one really edits this by hand.
+if [ -e /etc/samba/secrets.tdb -a ! -e /var/lib/samba/secrets.tdb ]
+then
+ mv /etc/samba/secrets.tdb /var/lib/samba/
fi
-# If Samba is configured we don't want to pester the user with
-# configuration questions, just tell him that he can reconfigure
-# Samba at any time by running /usr/sbin/sambaconfig.
-if [ "$samba_configured" = "no" ]; then
- # Samba is not configured, go and ask the user the information needed
- # to configure it, and configure it!
+# If upgrading from a previous 2.999 snapshot, move the passdb.tdb
+# database into /var/lib.
- # Create Debian specific configuration file
- echo "config_version=$CONFIG_VERSION" > $DEBIAN_CONFIG
+if [ -n "$2" ] && dpkg --compare-versions "$2" lt 2.999+3.0.alpha23-5 \
+ && [ -e /etc/samba/passdb.tdb -a ! -e /var/lib/samba/passdb.tdb ]
+then
+ mv /etc/samba/passdb.tdb /var/lib/samba/
+fi
- # We always run /etc/init.d/samba, even if we run Samba from inetd.
- # This script file takes care of handling the conflict of running
- # from inetd or as daemons.
- update-rc.d samba defaults >/dev/null
+# --- End of FHS migration code ---
- # We want to add these entries to inetd.conf commented out. Otherwise
- # UDP traffic could make inetd to start nmbd or smbd right during
- # the configuration stage.
- update-inetd --add "#<off># netbios-ssn stream tcp nowait root /usr/sbin/tcpd /usr/sbin/smbd"
- update-inetd --add "#<off># netbios-ns dgram udp wait root /usr/sbin/tcpd /usr/sbin/nmbd -a"
-
- echo ""
- echo Samba Configuration
- echo -------------------
- echo "The Samba server may be run either as a daemon at startup, or it may be"
- echo "run from the inetd meta-daemon upon request. If run as a daemon, the"
- echo "server will always be ready, so starting sessions will be faster. If run"
- echo "from the inetd meta-daemon some memory will be saved and utilities such"
- echo "as the tcpd TCP-wrapper may be used for extra security. If you don't"
- echo "know what to do, running from inetd is a safe choice."
- echo ""
- echo "Run Samba as daemons or from inetd?"
- echo -n "Press 'D' to run as daemons or 'I' to run from inetd: [I] "
-
- read mode
- test -n "$mode" || mode="I"
-
- case "$mode" in
- [Dd]*)
- echo "Samba will run as daemons. Run sambaconfig to reconfigure"
- update-inetd --disable netbios-ssn
- update-inetd --disable netbios-ns
- echo "run_mode=as_daemons" >> $DEBIAN_CONFIG
- ;;
-
- *)
- echo "Samba will run from inetd. Run sambaconfig to reconfigure"
- update-inetd --enable netbios-ssn
- update-inetd --enable netbios-ns
- echo "run_mode=from_inetd" >> $DEBIAN_CONFIG
- ;;
- esac
-
- if [ ! -f /etc/samba/smbpasswd ]; then
- echo ""
- echo "If you are going to use encrypted passwords you need to have a"
- echo "separate password file for this (the format is different from "
- echo "/etc/passwd). Right now you don't have an /etc/samba/smbpasswd file."
- echo "Do you want to generate this new file from your existing"
- echo -n "/etc/passwd file? [y/N] "
-
- read yn
- test -n "$yn" || yn="N"
-
- if [ $yn = y -o $yn = Y ]; then
- cat /etc/passwd | /usr/sbin/mksmbpasswd > /etc/samba/smbpasswd
- chmod 600 /etc/samba/smbpasswd
- echo ""
- echo "/etc/samba/smbpasswd now has the same user names as /etc/passwd. However,"
- echo "you need to run smbpasswd manually to set the password for each user."
- echo ""
- echo "smbpasswd_created=yes" >> $DEBIAN_CONFIG
- else
- echo "smbpasswd_created=no" >> $DEBIAN_CONFIG
- fi
- fi
+# If upgrading from a previous 2.999 snapshot, clear the broken
+# registry.tdb file.
+if [ -n "$2" ] && dpkg --compare-versions "$2" gt 2.99.cvs.20020713-1 \
+ && dpkg --compare-versions "$2" lt 2.999+3.0cvs20020805-1
+then
+ rm -f /var/lib/samba/registry.tdb
+fi
- echo ""
-
- # Start Samba: nothing wrong will happen if Samba is running from inetd
- # and /etc/init.d/samba is run. However, to simplify things, we
- # do not run /etc/init.d/samba if we're running from inetd.
-
- if [ $mode = d -o $mode = D ]; then
- echo -n "Samba will run as daemons - start Samba now? [Y/n] "
- read yn
- test -n "$yn" || yn="Y"
-
- case "$yn" in
- [Nn]*)
- echo "Not started; to start later, do: /etc/init.d/samba start"
- echo -n "Press [ENTER] "
- read line
- ;;
-
- *)
- /etc/init.d/samba start
- ;;
- esac
- else
- echo "Since you are running Samba from inetd, the daemons will start"
- echo "automatically by inetd when there is traffic on the NetBIOS"
- echo "ports."
- echo -n "Press [ENTER] "
- read line
- fi
-else # if (samba_configured) ...
- # We are here because Samba was already configured...
+# ------------------------- Debconf questions start ---------------------
- # At this point the NetBIOS daemons are disabled in /etc/inetd.conf.
- # This is a consequence of what we did in the prerm. If Samba was
- # configured to run from inetd we need to enable the entries in
- # /etc/inetd.conf.
+# Run Samba as daemons or from inetd?
+db_get samba/run_mode || true
+RUN_MODE="${RET}"
- # Read current Samba configuration
- . $DEBIAN_CONFIG
+TMPFILE=/etc/default/samba.dpkg-tmp
+sed -e "s/^[[:space:]]*RUN_MODE[[:space:]]*=.*/RUN_MODE=\"${RUN_MODE}\"/" \
+ < ${INITCONFFILE} >${TMPFILE}
+chmod a+r ${TMPFILE}
+mv -f ${TMPFILE} ${INITCONFFILE}
- if [ "$run_mode" = "from_inetd" ]; then
- update-inetd --enable netbios-ssn
- update-inetd --enable netbios-ns
- fi
+# Generate a smbpasswd file?
+db_get samba/generate_smbpasswd || true
+GENERATE_SMBPASSWD="${RET}"
+
+db_get samba/tdbsam || true
+PDB_MIGRATE="${RET}"
+
+# Done with debconf now.
+db_stop
- echo ""
- echo "Samba was already installed and configured so I skipped the "
- echo "configuration questions. You can run the script /usr/sbin/sambaconfig"
- echo "at any time to reconfigure Samba. See sambaconfig(8) for more"
- echo "details. I will not even ask you if you want to restart Samba,"
- echo "I will just do it!"
- echo ""
+umask 066
+
+# FIXME: disable if ldapsam support is enabled?
+# FIXME: we don't want to pass these through the smbpasswd backend,
+# some of the faking can cause us problems!
+if [ "${GENERATE_SMBPASSWD}" = "true" -a ! -e /var/lib/samba/passdb.tdb -a ! -e /etc/samba/smbpasswd ]; then
+ getent passwd | /usr/sbin/mksmbpasswd > /etc/samba/smbpasswd
+ pdbedit -i smbpasswd -e tdbsam
+ rm /etc/samba/smbpasswd
+fi
+
+umask 022
+
+if [ -n "$2" -a -e /etc/samba/smbpasswd \
+ -a ! -e /var/lib/samba/passdb.tdb -a "$PDB_MIGRATE" = "true" ] \
+ && dpkg --compare-versions "$2" lt 2.99.cvs.20020713-2
+then
+ umask 066
+ pdbedit -i smbpasswd -e tdbsam
+ rm /etc/samba/smbpasswd
+ umask 022
+
+ # The database has been moved, now make sure we can still find it.
+ PASSDB=`sed -n -e"s/^[[:space:]]*\[global\]/\[global\]/i
+ /^\[global\]/,/^[[:space:]]*\[/ \
+ s/^[[:space:]]*passdb backend[[:space:]]*=[[:space:]]*//pi" \
+ < /etc/samba/smb.conf \
+ | tail -1`
+ if echo "$PASSDB" | egrep -q "(^|[[:space:]])smbpasswd"; then
+ if ! echo "$PASSDB" | egrep -q "(^|[[:space:]])tdbsam"; then
+ PASSDB=`echo $PASSDB | sed -e's/\(^\|[[:space:]]\)smbpasswd/\1tdbsam/'`
+ fi
+ fi
+ if ! echo "$PASSDB" | egrep -q "(^|[[:space:]])tdbsam"; then
+ PASSDB="tdbsam $PASSDB"
+ fi
+ TMPFILE=/etc/samba/smb.conf.dpkg-tmp
+ sed -e "s/^\([[:space:]]*\)\[global\]/\1\[global\]/i
+ /^[[:space:]]*\[global\]/,/^[[:space:]]*\[/ \
+ s/^\([[:space:]]*\)passdb backend[[:space:]]*=.*/\1passdb backend = ${PASSDB}/i" \
+ < /etc/samba/smb.conf >${TMPFILE}
+ chmod a+r ${TMPFILE}
+ mv -f ${TMPFILE} /etc/samba/smb.conf
+fi
- /etc/init.d/samba start
-fi # if (samba_configured) ...
+# ------------------------- Debconf questions end ---------------------
-if test "$1" = configure && dpkg --compare-versions "$2" lt 2.0.0final-2 && [ -f /etc/samba/smbpasswd ]; then
+# Handle removal of nmbd from inetd.conf, which is no longer a supported
+# configuration.
+if dpkg --compare-versions "$2" lt 2.999+3.0.alpha20-4; then
+ update-inetd --remove netbios-ns
+fi
- cat << EOF
+# We always run /etc/init.d/samba, even if we run Samba from inetd.
+# The init.d script takes care of handling the conflict of running
+# from inetd or as daemons.
+update-rc.d samba defaults 20 19 > /dev/null
-*** IMPORTANT ***
+# We want to add these entries to inetd.conf commented out. Otherwise
+# UDP traffic could make inetd to start nmbd or smbd right during
+# the configuration stage.
+if [ -z "$2" ]; then
+ update-inetd --add "#<off># netbios-ssn stream tcp nowait root /usr/sbin/tcpd /usr/sbin/smbd"
+fi
-The format of the smbpasswd file (which is used only if you are using
-encrypted passwords) is different in Samba 2.0.0 and above. I will
-convert it to the new format.
+if [ "$RUN_MODE" = "daemons" ]; then
+ update-inetd --disable netbios-ssn
+else
+ update-inetd --enable netbios-ssn
+fi
-EOF
+# Start Samba: we don't want to call /etc/init.d/samba if we are
+# running from inetd because a nasty help message would be printed out.
- mv /etc/samba/smbpasswd /etc/samba/smbpasswd.old
- cat /etc/samba/smbpasswd.old | /usr/bin/convert_smbpasswd \
- > /etc/samba/smbpasswd 2> /dev/null
+# Run the init script if this is a first-time install, or if it's an
+# upgrade and Samba was running before, _and_ we're not running from inetd.
+if [ -z "$2" -o ! -f /tmp/samba-was-not-running ]; then
+ # Check the script is executable before running it.
+ [ -x /etc/init.d/samba ] && /etc/init.d/samba start
fi
# This check is a safety net: the /etc/samba/smbpasswd file must have
@@ -215,4 +231,18 @@ if [ -f /var/backups/smbpasswd.bak ]; then
chmod 600 /var/backups/smbpasswd.bak
fi
+# Delete old /etc/samba/debian_config file, which is not used anymore
+# now that we are using debconf.
+rm -f /etc/samba/debian_config
+
+# Move old log files to the new location of Samba's log files
+mv -f /var/log/nmb* /var/log/samba/ 2> /dev/null || true
+mv -f /var/log/smb* /var/log/samba/ 2> /dev/null || true
+
+# Do this last, so we don't accidentally start the daemons if something
+# else in the script fails above.
+rm -f /tmp/samba-was-not-running
+
+#DEBHELPER#
+
exit 0