diff options
Diffstat (limited to 'packaging/Debian/debian/samba.postinst')
-rw-r--r-- | packaging/Debian/debian/samba.postinst | 344 |
1 files changed, 187 insertions, 157 deletions
diff --git a/packaging/Debian/debian/samba.postinst b/packaging/Debian/debian/samba.postinst index 5f42cf4b36..fda15e2204 100644 --- a/packaging/Debian/debian/samba.postinst +++ b/packaging/Debian/debian/samba.postinst @@ -1,12 +1,8 @@ -#!/bin/sh +#!/bin/sh -e # # Post-installation script for the Samba package for Debian GNU/Linux # -# Written by Eloy A. Paris <peloy@debian.org> for the Debian project. -# -# The prerm script (run before the postinst) disables Samba in /etc/inetd.conf -# and stops both nmbd and smbd. So, when this script is run we -# know that neither nmbd nor smbd can start. +# $Id: samba.postinst,v 1.2.4.1 2003/06/01 04:30:10 peloy Exp $ # case "$1" in @@ -24,184 +20,204 @@ case "$1" in ;; esac -# Take care of the /usr/doc/ to /usr/shar/doc/ migration. -if [ -d /usr/doc -a ! -e /usr/doc/samba -a -d /usr/share/doc/samba ]; then - ln -sf ../share/doc/samba /usr/doc/samba -fi +# Handle debconf +. /usr/share/debconf/confmodule + +INITCONFFILE=/etc/default/samba + +# We generate several files during the postinst, and we don't want +# them to be readable only by root. +umask 022 + + +# Generate configuration file if it does not exist, using default values. +[ -r "${INITCONFFILE}" ] || { + echo Generating ${INITCONFFILE}... >&2 + cat >${INITCONFFILE} <<'EOFMAGICNUMBER1234' +# Defaults for samba initscript +# sourced by /etc/init.d/samba +# installed at /etc/default/samba by the maintainer scripts +# + +# +# This is a POSIX shell fragment +# -# Starting with Samba 2.0.7-4 the location of the WINS database, the browse +# How should Samba (smbd) run? Possible values are "daemons" +# or "inetd". +RUN_MODE="" +EOFMAGICNUMBER1234 +} + +# --- Begin of FHS migration code --- + +# Starting with Samba 2.2.3-4 the WINS database, the browse # database and other important run-time files are stored in -# /var/state/samba/ rather than in /var/samba/. The following -# code takes care of moving the files in the old directory to -# the new directory. +# FHS-compliant directories. The following code takes care of +# moving the files in the old directories (/var/samba/ and +# /var/state/samba) to the new FHS-compliant directories. + if [ -d /var/samba/ ]; then - mv /var/samba/* /var/state/samba/ + mv /var/samba/* /var/lib/samba/ 2>/dev/null || true rmdir /var/samba/ fi -# Define some constants... -DEBIAN_CONFIG=/etc/samba/debian_config -CONFIG_VERSION=1 +# Default for anything we don't know about (see next two 'for' loops) +# is /var/lib/samba -- guaranteed not to accidentally tromp on any +# files the admin thought were safe. +if [ -d /var/state/samba ]; then + mv /var/state/samba/* /var/lib/samba/ 2>/dev/null || true + rmdir /var/state/samba/ -# Now some variables... -samba_configured=no + # It's not FHS, and it's probably our fault this is here, + # so delete it if we can. + rmdir /var/state/ 2> /dev/null || true +fi +# All these files are now placed in their respective FHS-compliant +# directories. Separate out the individual files accordingly. +for F in browse.dat printing.tdb winbindd_cache.tdb +do + if [ -e /var/lib/samba/"$F" ]; then + mv /var/lib/samba/"$F" /var/cache/samba/ + fi +done -if [ -f $DEBIAN_CONFIG ]; then - . $DEBIAN_CONFIG - if [ "$config_version" -ge "$CONFIG_VERSION" ]; then - samba_configured=yes +for F in brlock.tdb connections.tdb locking.tdb messages.tdb nmbd.pid \ + sessionid.tdb smbd.pid unexpected.tdb +do + if [ -e /var/lib/samba/"$F" ]; then + mv /var/lib/samba/"$F" /var/run/samba/ fi +done + +# Beginning with Samba 2.2.5-1, we also move the domain secrets file +# to a more suitable location, since no one really edits this by hand. +if [ -e /etc/samba/secrets.tdb -a ! -e /var/lib/samba/secrets.tdb ] +then + mv /etc/samba/secrets.tdb /var/lib/samba/ fi -# If Samba is configured we don't want to pester the user with -# configuration questions, just tell him that he can reconfigure -# Samba at any time by running /usr/sbin/sambaconfig. -if [ "$samba_configured" = "no" ]; then - # Samba is not configured, go and ask the user the information needed - # to configure it, and configure it! +# If upgrading from a previous 2.999 snapshot, move the passdb.tdb +# database into /var/lib. - # Create Debian specific configuration file - echo "config_version=$CONFIG_VERSION" > $DEBIAN_CONFIG +if [ -n "$2" ] && dpkg --compare-versions "$2" lt 2.999+3.0.alpha23-5 \ + && [ -e /etc/samba/passdb.tdb -a ! -e /var/lib/samba/passdb.tdb ] +then + mv /etc/samba/passdb.tdb /var/lib/samba/ +fi - # We always run /etc/init.d/samba, even if we run Samba from inetd. - # This script file takes care of handling the conflict of running - # from inetd or as daemons. - update-rc.d samba defaults >/dev/null +# --- End of FHS migration code --- - # We want to add these entries to inetd.conf commented out. Otherwise - # UDP traffic could make inetd to start nmbd or smbd right during - # the configuration stage. - update-inetd --add "#<off># netbios-ssn stream tcp nowait root /usr/sbin/tcpd /usr/sbin/smbd" - update-inetd --add "#<off># netbios-ns dgram udp wait root /usr/sbin/tcpd /usr/sbin/nmbd -a" - - echo "" - echo Samba Configuration - echo ------------------- - echo "The Samba server may be run either as a daemon at startup, or it may be" - echo "run from the inetd meta-daemon upon request. If run as a daemon, the" - echo "server will always be ready, so starting sessions will be faster. If run" - echo "from the inetd meta-daemon some memory will be saved and utilities such" - echo "as the tcpd TCP-wrapper may be used for extra security. If you don't" - echo "know what to do, running from inetd is a safe choice." - echo "" - echo "Run Samba as daemons or from inetd?" - echo -n "Press 'D' to run as daemons or 'I' to run from inetd: [I] " - - read mode - test -n "$mode" || mode="I" - - case "$mode" in - [Dd]*) - echo "Samba will run as daemons. Run sambaconfig to reconfigure" - update-inetd --disable netbios-ssn - update-inetd --disable netbios-ns - echo "run_mode=as_daemons" >> $DEBIAN_CONFIG - ;; - - *) - echo "Samba will run from inetd. Run sambaconfig to reconfigure" - update-inetd --enable netbios-ssn - update-inetd --enable netbios-ns - echo "run_mode=from_inetd" >> $DEBIAN_CONFIG - ;; - esac - - if [ ! -f /etc/samba/smbpasswd ]; then - echo "" - echo "If you are going to use encrypted passwords you need to have a" - echo "separate password file for this (the format is different from " - echo "/etc/passwd). Right now you don't have an /etc/samba/smbpasswd file." - echo "Do you want to generate this new file from your existing" - echo -n "/etc/passwd file? [y/N] " - - read yn - test -n "$yn" || yn="N" - - if [ $yn = y -o $yn = Y ]; then - cat /etc/passwd | /usr/sbin/mksmbpasswd > /etc/samba/smbpasswd - chmod 600 /etc/samba/smbpasswd - echo "" - echo "/etc/samba/smbpasswd now has the same user names as /etc/passwd. However," - echo "you need to run smbpasswd manually to set the password for each user." - echo "" - echo "smbpasswd_created=yes" >> $DEBIAN_CONFIG - else - echo "smbpasswd_created=no" >> $DEBIAN_CONFIG - fi - fi +# If upgrading from a previous 2.999 snapshot, clear the broken +# registry.tdb file. +if [ -n "$2" ] && dpkg --compare-versions "$2" gt 2.99.cvs.20020713-1 \ + && dpkg --compare-versions "$2" lt 2.999+3.0cvs20020805-1 +then + rm -f /var/lib/samba/registry.tdb +fi - echo "" - - # Start Samba: nothing wrong will happen if Samba is running from inetd - # and /etc/init.d/samba is run. However, to simplify things, we - # do not run /etc/init.d/samba if we're running from inetd. - - if [ $mode = d -o $mode = D ]; then - echo -n "Samba will run as daemons - start Samba now? [Y/n] " - read yn - test -n "$yn" || yn="Y" - - case "$yn" in - [Nn]*) - echo "Not started; to start later, do: /etc/init.d/samba start" - echo -n "Press [ENTER] " - read line - ;; - - *) - /etc/init.d/samba start - ;; - esac - else - echo "Since you are running Samba from inetd, the daemons will start" - echo "automatically by inetd when there is traffic on the NetBIOS" - echo "ports." - echo -n "Press [ENTER] " - read line - fi -else # if (samba_configured) ... - # We are here because Samba was already configured... +# ------------------------- Debconf questions start --------------------- - # At this point the NetBIOS daemons are disabled in /etc/inetd.conf. - # This is a consequence of what we did in the prerm. If Samba was - # configured to run from inetd we need to enable the entries in - # /etc/inetd.conf. +# Run Samba as daemons or from inetd? +db_get samba/run_mode || true +RUN_MODE="${RET}" - # Read current Samba configuration - . $DEBIAN_CONFIG +TMPFILE=/etc/default/samba.dpkg-tmp +sed -e "s/^[[:space:]]*RUN_MODE[[:space:]]*=.*/RUN_MODE=\"${RUN_MODE}\"/" \ + < ${INITCONFFILE} >${TMPFILE} +chmod a+r ${TMPFILE} +mv -f ${TMPFILE} ${INITCONFFILE} - if [ "$run_mode" = "from_inetd" ]; then - update-inetd --enable netbios-ssn - update-inetd --enable netbios-ns - fi +# Generate a smbpasswd file? +db_get samba/generate_smbpasswd || true +GENERATE_SMBPASSWD="${RET}" + +db_get samba/tdbsam || true +PDB_MIGRATE="${RET}" + +# Done with debconf now. +db_stop - echo "" - echo "Samba was already installed and configured so I skipped the " - echo "configuration questions. You can run the script /usr/sbin/sambaconfig" - echo "at any time to reconfigure Samba. See sambaconfig(8) for more" - echo "details. I will not even ask you if you want to restart Samba," - echo "I will just do it!" - echo "" +umask 066 + +# FIXME: disable if ldapsam support is enabled? +# FIXME: we don't want to pass these through the smbpasswd backend, +# some of the faking can cause us problems! +if [ "${GENERATE_SMBPASSWD}" = "true" -a ! -e /var/lib/samba/passdb.tdb -a ! -e /etc/samba/smbpasswd ]; then + getent passwd | /usr/sbin/mksmbpasswd > /etc/samba/smbpasswd + pdbedit -i smbpasswd -e tdbsam + rm /etc/samba/smbpasswd +fi + +umask 022 + +if [ -n "$2" -a -e /etc/samba/smbpasswd \ + -a ! -e /var/lib/samba/passdb.tdb -a "$PDB_MIGRATE" = "true" ] \ + && dpkg --compare-versions "$2" lt 2.99.cvs.20020713-2 +then + umask 066 + pdbedit -i smbpasswd -e tdbsam + rm /etc/samba/smbpasswd + umask 022 + + # The database has been moved, now make sure we can still find it. + PASSDB=`sed -n -e"s/^[[:space:]]*\[global\]/\[global\]/i + /^\[global\]/,/^[[:space:]]*\[/ \ + s/^[[:space:]]*passdb backend[[:space:]]*=[[:space:]]*//pi" \ + < /etc/samba/smb.conf \ + | tail -1` + if echo "$PASSDB" | egrep -q "(^|[[:space:]])smbpasswd"; then + if ! echo "$PASSDB" | egrep -q "(^|[[:space:]])tdbsam"; then + PASSDB=`echo $PASSDB | sed -e's/\(^\|[[:space:]]\)smbpasswd/\1tdbsam/'` + fi + fi + if ! echo "$PASSDB" | egrep -q "(^|[[:space:]])tdbsam"; then + PASSDB="tdbsam $PASSDB" + fi + TMPFILE=/etc/samba/smb.conf.dpkg-tmp + sed -e "s/^\([[:space:]]*\)\[global\]/\1\[global\]/i + /^[[:space:]]*\[global\]/,/^[[:space:]]*\[/ \ + s/^\([[:space:]]*\)passdb backend[[:space:]]*=.*/\1passdb backend = ${PASSDB}/i" \ + < /etc/samba/smb.conf >${TMPFILE} + chmod a+r ${TMPFILE} + mv -f ${TMPFILE} /etc/samba/smb.conf +fi - /etc/init.d/samba start -fi # if (samba_configured) ... +# ------------------------- Debconf questions end --------------------- -if test "$1" = configure && dpkg --compare-versions "$2" lt 2.0.0final-2 && [ -f /etc/samba/smbpasswd ]; then +# Handle removal of nmbd from inetd.conf, which is no longer a supported +# configuration. +if dpkg --compare-versions "$2" lt 2.999+3.0.alpha20-4; then + update-inetd --remove netbios-ns +fi - cat << EOF +# We always run /etc/init.d/samba, even if we run Samba from inetd. +# The init.d script takes care of handling the conflict of running +# from inetd or as daemons. +update-rc.d samba defaults 20 19 > /dev/null -*** IMPORTANT *** +# We want to add these entries to inetd.conf commented out. Otherwise +# UDP traffic could make inetd to start nmbd or smbd right during +# the configuration stage. +if [ -z "$2" ]; then + update-inetd --add "#<off># netbios-ssn stream tcp nowait root /usr/sbin/tcpd /usr/sbin/smbd" +fi -The format of the smbpasswd file (which is used only if you are using -encrypted passwords) is different in Samba 2.0.0 and above. I will -convert it to the new format. +if [ "$RUN_MODE" = "daemons" ]; then + update-inetd --disable netbios-ssn +else + update-inetd --enable netbios-ssn +fi -EOF +# Start Samba: we don't want to call /etc/init.d/samba if we are +# running from inetd because a nasty help message would be printed out. - mv /etc/samba/smbpasswd /etc/samba/smbpasswd.old - cat /etc/samba/smbpasswd.old | /usr/bin/convert_smbpasswd \ - > /etc/samba/smbpasswd 2> /dev/null +# Run the init script if this is a first-time install, or if it's an +# upgrade and Samba was running before, _and_ we're not running from inetd. +if [ -z "$2" -o ! -f /tmp/samba-was-not-running ]; then + # Check the script is executable before running it. + [ -x /etc/init.d/samba ] && /etc/init.d/samba start fi # This check is a safety net: the /etc/samba/smbpasswd file must have @@ -215,4 +231,18 @@ if [ -f /var/backups/smbpasswd.bak ]; then chmod 600 /var/backups/smbpasswd.bak fi +# Delete old /etc/samba/debian_config file, which is not used anymore +# now that we are using debconf. +rm -f /etc/samba/debian_config + +# Move old log files to the new location of Samba's log files +mv -f /var/log/nmb* /var/log/samba/ 2> /dev/null || true +mv -f /var/log/smb* /var/log/samba/ 2> /dev/null || true + +# Do this last, so we don't accidentally start the daemons if something +# else in the script fails above. +rm -f /tmp/samba-was-not-running + +#DEBHELPER# + exit 0 |