0byt3m1n1
Path:
/
var
/
lib
/
dpkg
/
info
/
[
Home
]
File: ca-certificates.postinst
#! /bin/sh # postinst script for ca-certificates # # see: dh_installdeb(1) # summary of how this script can be called: # * <postinst> `configure' <most-recently-configured-version> # * <old-postinst> `abort-upgrade' <new version> # * <conflictor's-postinst> `abort-remove' `in-favour' <package> # <new-version> # * <deconfigured's-postinst> `abort-deconfigure' `in-favour' # <failed-install-package> <version> `removing' # <conflicting-package> <version> # for details, see /usr/share/doc/packaging-manual/ # # quoting from the policy: # Any necessary prompting should almost always be confined to the # post-installation script, and should be protected with a conditional # so that unnecessary prompting doesn't happen if a package's # installation fails and the `postinst' is called with `abort-upgrade', # `abort-remove' or `abort-deconfigure'. set -e each_value() { echo "$1" |tr ',' '\n' | sed -e 's/^[[:space:]]*//' } memberp() { m="$1" l="$2" each_value "$l" | grep -q "^$m\$" } delca() { m="$1" l="$2" echo "$l" |sed -e 's|'"$m"', ||' -e 's|'"$m"'$||' -e 's/,[[:space:]]*,/, /' -e 's/^[[:space:]]*//' -e 's/,[[:space:]]*$//' } case "$1" in configure) if [ ! -e /usr/local/share/ca-certificates ]; then if mkdir -m $(stat -L -c %a /usr/local) /usr/local/share/ca-certificates 2>/dev/null; then chgrp $(stat -L -c %g /usr/local) /usr/local/share/ca-certificates fi # Handle upgrades and allow local admin to override: # e.g. dpkg-statoverride --add root staff 2775 /usr/local/share/ca-certificates elif ! dpkg-statoverride --list /usr/local/share/ca-certificates >/dev/null; then chmod $(stat -L -c %a /usr/local) /usr/local/share/ca-certificates || true chown $(stat -L -c %u /usr/local):$(stat -L -c %g /usr/local) /usr/local/share/ca-certificates || true fi . /usr/share/debconf/confmodule db_version 2.0 db_capb multiselect db_metaget ca-certificates/enable_crts choices CERTS_AVAILABLE="$RET" db_get ca-certificates/enable_crts CERTS_ENABLED="$RET" # XXX unmark seen for next configuration db_fset ca-certificates/new_crts seen false db_stop || true if test -f /etc/ca-certificates.conf; then # XXX: while in subshell? while read line do if echo "$line" | grep -q '^#'; then echo "$line" else case "$line" in !*) ca=$(echo "$line" | sed -e 's/^!//');; *) ca="$line";; esac if memberp "$ca" "$CERTS_ENABLED"; then echo "$ca" # CERTS_ENABLED=$(delca "$ca" "$CERTS_ENABLED") elif memberp "$ca" "$CERTS_AVAILABLE" || echo "$line" | grep -q '^!'; then echo "!$ca" elif [ -f /usr/share/ca-certificates/"$ca" ] || \ [ -f /usr/local/share/ca-certificates/"$ca" ]; then echo "$ca" else echo "!$ca" fi # CERTS_AVAILABLE=$(delca "$ca" "$CERTS_AVAILABLE") fi done < /etc/ca-certificates.conf > /etc/ca-certificates.conf.dpkg-new if echo "$CERTS_ENABLED" | egrep -q "^([[:space:]]*,)*[[:space:]]*$"; then : else each_value "$CERTS_ENABLED" | while read ca do if grep -q "^$ca" /etc/ca-certificates.conf.dpkg-new; then : else echo "$ca" >> /etc/ca-certificates.conf.dpkg-new fi done fi each_value "$CERTS_AVAILABLE" | while read ca do if memberp "$ca" "$CERTS_ENABLED"; then : elif grep -q "^!$ca" /etc/ca-certificates.conf.dpkg-new; then : else echo "!$ca" >> /etc/ca-certificates.conf.dpkg-new fi done if cmp -s /etc/ca-certificates.conf /etc/ca-certificates.conf.dpkg-new; then rm -f /etc/ca-certificates.conf.dpkg-new else mv -f /etc/ca-certificates.conf /etc/ca-certificates.conf.dpkg-old mv /etc/ca-certificates.conf.dpkg-new /etc/ca-certificates.conf fi else # new file cat > /etc/ca-certificates.conf <<EOF # This file lists certificates that you wish to use or to ignore to be # installed in /etc/ssl/certs. # update-ca-certificates(8) will update /etc/ssl/certs by reading this file. # # This is autogenerated by dpkg-reconfigure ca-certificates. # Certificates should be installed under /usr/share/ca-certificates # and files with extension '.crt' is recognized as available certs. # # line begins with # is comment. # line begins with ! is certificate filename to be deselected. # EOF (echo $CERTS_ENABLED | tr ',' '\n'; \ echo $CERTS_AVAILABLE | tr ',' '\n') | \ sed -e 's/^[[:space:]]*//' | \ sort | uniq -c | \ sed -e 's/^[[:space:]]*2[[:space:]]*//' \ -e 's/^[[:space:]]*1[[:space:]]*/!/' \ >> /etc/ca-certificates.conf fi # update /etc/ssl/certs without running the hooks # fix bogus symlink to ca-certificates.crt on upgrades; see # Debian #643667; drop after wheezy if dpkg --compare-versions "$2" lt-nl 20111025; then update-ca-certificates --hooksdir "" --fresh else update-ca-certificates --hooksdir "" fi # deferred update of /etc/ssl/certs including running the hooks dpkg-trigger --no-await update-ca-certificates ;; triggered) for trigger in $2; do case "$trigger" in update-ca-certificates) update-ca-certificates ;; update-ca-certificates-fresh) update-ca-certificates --fresh ;; *) echo "postinst called with unknown trigger \`$2'">&2 exit 1 ;; esac; done; ;; abort-upgrade|abort-remove|abort-deconfigure) ;; *) echo "postinst called with unknown argument \`$1'" >&2 exit 1 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. exit 0