debian: more fixes and formatting

author: Florian Dold <florian@dold.me> 2021-08-28 18:27:45 +0200
committer: Florian Dold <florian@dold.me> 2021-08-28 18:27:45 +0200
commit: ec6b80f070a235cdd60b0d8904f64969cf53569c (patch)
tree: fa77a417a055ebc8f8022566b008aa7f287fe6be
parent: 830bc7ab2debe5822504e4690237c8ba77a0259e (diff)
download: gnunet-ec6b80f070a235cdd60b0d8904f64969cf53569c.tar.gz
gnunet-ec6b80f070a235cdd60b0d8904f64969cf53569c.zip
3 files changed, 201 insertions, 219 deletions
diff --git a/debian/gnunet.config b/debian/gnunet.config
index 6daa6818e..ebb94c56f 100644
--- a/debian/gnunet.config
+++ b/debian/gnunet.config
@@ -4,12 +4,6 @@ set -e
 . /usr/share/debconf/confmodule
-db_input low gnunet-systempeer/username || true
-db_go
-db_input low gnunet-systempeer/groupname || true
-db_go
 db_input medium gnunet-systempeer/autostart || true
 db_go
diff --git a/debian/gnunet.postinst b/debian/gnunet.postinst
index bde8b1462..d5ee9188d 100644
--- a/debian/gnunet.postinst
+++ b/debian/gnunet.postinst
@@ -9,13 +9,13 @@ set -e
 # in /etc/nsswitch.conf to automatically enable nss-gns support; do not change
 # the configuration if the "hosts" line already references some gns lookups
 insert_gns() {
-        echo -n "Checking NSS setup..."
+  echo -n "Checking NSS setup..."
-        # abort if /etc/nsswitch.conf does not exist
+  # abort if /etc/nsswitch.conf does not exist
-        if ! [ -e /etc/nsswitch.conf ]; then
+  if ! [ -e /etc/nsswitch.conf ]; then
-                echo "Could not find /etc/nsswitch.conf."
+    echo "Could not find /etc/nsswitch.conf."
-                return 1
+    return 1
-        fi
+  fi
-        perl -i -pe '
+  perl -i -pe '
                sub insert {
                        # this also splits on tab
                        my @bits=split(" ", shift);
@@ -35,180 +35,172 @@ insert_gns() {
                }
                s/^(hosts:\s+)(.*)/$1.insert($2)/e;
        ' /etc/nsswitch.conf
-        echo " done."
+  echo " done."
 }
 case "${1}" in
-        configure)
+configure)
-                db_version 2.0
+  db_version 2.0
-                _USERNAME="gnunet"
+  _USERNAME="gnunet"
-                _GROUPNAME="gnunet"
+  _GROUPNAME="gnunet"
-                db_get gnunet-systempeer/autostart
+  db_get gnunet-systempeer/autostart
-                _AUTOSTART="${RET}" # boolean
+  _AUTOSTART="${RET}" # boolean
-                db_get gnunet-dns/libnsswitch
+  db_get gnunet-dns/libnsswitch
-                _LIBNSSWITCH="${RET}" # boolean
+  _LIBNSSWITCH="${RET}" # boolean
-                db_get gnunet-user/proxy
+  db_get gnunet-user/proxy
-                _PROXY="${RET}" # boolean
+  _PROXY="${RET}" # boolean
-                db_stop
+  db_stop
-                CONFIG_FILE="/etc/default/gnunet"
+  CONFIG_FILE="/etc/default/gnunet"
-                # Read default values
+  # Read default values
-                GNUNET_HOME="/var/lib/gnunet"
+  GNUNET_HOME="/var/lib/gnunet"
-                eval $(grep GNUNET_HOME /etc/gnunet.conf | tr -d '[:blank:]')
+  eval $(grep GNUNET_HOME /etc/gnunet.conf | tr -d '[:blank:]')
-                # Creating gnunet group if needed
+  # Creating gnunet group if needed
-                if ! getent group ${_GROUPNAME} > /dev/null
+  if ! getent group ${_GROUPNAME} >/dev/null; then
-                then
+    echo -n "Creating new GNUnet group ${_GROUPNAME}:"
-                        echo -n "Creating new GNUnet group ${_GROUPNAME}:"
+    addgroup --quiet --system ${_GROUPNAME}
-                        addgroup --quiet --system ${_GROUPNAME}
+    echo " done."
-                        echo " done."
+  fi
-                fi
+  # Creating gnunet user if needed
-                # Creating gnunet user if needed
+  if ! getent passwd ${_USERNAME} >/dev/null; then
-                if ! getent passwd ${_USERNAME} > /dev/null
+    echo -n "Creating new GNUnet user ${_USERNAME}:"
-                then
+    adduser --quiet --system --ingroup ${_GROUPNAME} --home ${GNUNET_HOME} ${_USERNAME}
-                        echo -n "Creating new GNUnet user ${_USERNAME}:"
+    echo " done."
-                        adduser --quiet --system --ingroup ${_GROUPNAME} --home ${GNUNET_HOME} ${_USERNAME}
+  fi
-                        echo " done."
-                fi
+  # Add a special secured group
+  GNUNETDNS_GROUP="gnunetdns"
-                # Add a special secured group
-                GNUNETDNS_GROUP="gnunetdns"
+  # Creating gnunetdns group if needed
+  if ! getent group ${GNUNETDNS_GROUP} >/dev/null; then
-                # Creating gnunetdns group if needed
+    echo -n "Creating new secured GNUnet group ${GNUNETDNS_GROUP}:"
-                if ! getent group ${GNUNETDNS_GROUP} > /dev/null
+    addgroup --quiet --system ${GNUNETDNS_GROUP}
-                then
+    echo " done."
-                        echo -n "Creating new secured GNUnet group ${GNUNETDNS_GROUP}:"
+  fi
-                        addgroup --quiet --system ${GNUNETDNS_GROUP}
-                        echo " done."
+  # Copy the libnss_gns files to the libnss directory
-                fi
+  if ${_LIBNSSWITCH}; then
+    echo "Editing /etc/nsswitch.conf to use GNS before DNS"
-                # Copy the libnss_gns files to the libnss directory
+    # $2 equals the currently installed version if it exists
-                if ${_LIBNSSWITCH}
+    if [ -z "$2" ]; then
-                then
+      # first install: setup the recommended configuration (unless
-                        echo "Editing /etc/nsswitch.conf to use GNS before DNS"
+      # nsswitch.conf already contains mdns entries)
-                        # $2 equals the currently installed version if it exists
+      insert_gns
-                        if [ -z "$2" ]; then
+      if [ "$?" -gt 0 ]; then
-                                # first install: setup the recommended configuration (unless
+        echo "nsswitch does not exist on this system"
-                                # nsswitch.conf already contains mdns entries)
+      fi
-                                insert_gns
+    fi
-                                if [ "$?" -gt 0 ]; then
+    echo " done."
-                                        echo "nsswitch does not exist on this system"
+  fi
-                                fi
-                        fi
+  #     # Change the proxy settings for Firefox and Chromium if desired
-                        echo " done."
+  #             if ${_PROXY}
-                fi
+  #        then
+  #                 mkdir -p /etc/X11/xinit/xinitrc.d/
-#       # Change the proxy settings for Firefox and Chromium if desired
+  #cat > "/etc/X11/xinit/xinitrc.d/80-gnunet-user-services" << "EOF"
-#               if ${_PROXY}
+  ##!/bin/bash
-#        then
+  #systemctl --user daemon-reload
-#                   mkdir -p /etc/X11/xinit/xinitrc.d/
+  #systemctl --user start gnunet-user
-#cat > "/etc/X11/xinit/xinitrc.d/80-gnunet-user-services" << "EOF"
+  #systemctl --user enable gnunet-user
-##!/bin/bash
+  #user=$(whoami)
-#systemctl --user daemon-reload
+  #gnunet_proxy=$(gnunet-config -c /etc/skel/.config/gnunet.conf -s gns-proxy | grep 'IMMEDIATE_START = YES')
-#systemctl --user start gnunet-user
+  #
-#systemctl --user enable gnunet-user
+  ## Enable GNS proxy for new users informed by /etc/skel.
-#user=$(whoami)
+  #if [ "$gnunet_proxy" ]; then
-#gnunet_proxy=$(gnunet-config -c /etc/skel/.config/gnunet.conf -s gns-proxy | grep 'IMMEDIATE_START = YES')
+  #
-#
+  #        # Calculate user specific port
-## Enable GNS proxy for new users informed by /etc/skel.
+  #        port=$((8000+$(id -u $user)))
-#if [ "$gnunet_proxy" ]; then
+  #
-#
+  #        gnunet-config -c $HOME/.config/gnunet.conf \
-#        # Calculate user specific port
+  #                --section=gns-proxy \
-#        port=$((8000+$(id -u $user)))
+  #                --option=OPTIONS \
-#
+  #                --value="-p $port"
-#        gnunet-config -c $HOME/.config/gnunet.conf \
+  #
-#                --section=gns-proxy \
+  #        # Firefox
-#                --option=OPTIONS \
+  #        defaultprofile=$(ls $HOME/.mozilla/firefox/*.default)
-#                --value="-p $port"
+  #        if [ ! "$defaultprofile" ];then
-#
+  #                timeout 3s firefox --headless # dirty: create profile if not existent
-#        # Firefox
+  #        fi
-#        defaultprofile=$(ls $HOME/.mozilla/firefox/*.default)
+  #        for ffprofile in $HOME/.mozilla/firefox/*.*/; do
-#        if [ ! "$defaultprofile" ];then
+  #                js=$ffprofile/user.js
-#                timeout 3s firefox --headless # dirty: create profile if not existent
+  #                if [ -f "$js" ]; then
-#        fi
+  #                        sed -i '/Preferences for using the GNU Name System/d' "$js"
-#        for ffprofile in $HOME/.mozilla/firefox/*.*/; do
+  #                        sed -i '/network.proxy.socks/d' "$js"
-#                js=$ffprofile/user.js
+  #                        sed -i '/network.proxy.socks_port/d' "$js"
-#                if [ -f "$js" ]; then
+  #                        sed -i '/network.proxy.socks_remote_dns/d' "$js"
-#                        sed -i '/Preferences for using the GNU Name System/d' "$js"
+  #                        sed -i '/network.proxy.type/d' "$js"
-#                        sed -i '/network.proxy.socks/d' "$js"
+  #                fi
-#                        sed -i '/network.proxy.socks_port/d' "$js"
+  #                echo "// Preferences for using the GNU Name System" >> "$js"
-#                        sed -i '/network.proxy.socks_remote_dns/d' "$js"
+  #                echo "user_pref(\"network.proxy.socks\", \"localhost\");" >> "$js"
-#                        sed -i '/network.proxy.type/d' "$js"
+  #                echo "user_pref(\"network.proxy.socks_port\", $port);" >> "$js"
-#                fi
+  #                echo "user_pref(\"network.proxy.socks_remote_dns\", true);" >> "$js"
-#                echo "// Preferences for using the GNU Name System" >> "$js"
+  #                echo "user_pref(\"network.proxy.type\", 1);" >> "$js"
-#                echo "user_pref(\"network.proxy.socks\", \"localhost\");" >> "$js"
+  #        done
-#                echo "user_pref(\"network.proxy.socks_port\", $port);" >> "$js"
+  #
-#                echo "user_pref(\"network.proxy.socks_remote_dns\", true);" >> "$js"
+  #        # Chromium
-#                echo "user_pref(\"network.proxy.type\", 1);" >> "$js"
+  #        profile="$HOME/.profile"
-#        done
+  #        if [ -f "$profile" ]; then
-#
+  #                sed -i '/CHROMIUM_USER_FLAGS/d' "$profile"
-#        # Chromium
+  #        fi
-#        profile="$HOME/.profile"
+  #        echo "export CHROMIUM_USER_FLAGS=--proxy-server=socks5://localhost:$port" \
-#        if [ -f "$profile" ]; then
+  #                >> "$profile"
-#                sed -i '/CHROMIUM_USER_FLAGS/d' "$profile"
+  #fi
-#        fi
+  #
-#        echo "export CHROMIUM_USER_FLAGS=--proxy-server=socks5://localhost:$port" \
+  ## Create/Renew GNS certificate authority (CA) per user.
-#                >> "$profile"
+  #gnunet-gns-proxy-setup-ca
-#fi
+  #EOF
-#
+  #                fi
-## Create/Renew GNS certificate authority (CA) per user.
-#gnunet-gns-proxy-setup-ca
+  # Update files and directories permissions.
-#EOF
+  # Assuming default values, this *should* not be changed.
-#                fi
+  echo -n "Updating files and directories permissions:"
+  # Secure access to the data directory
-                # Update files and directories permissions.
+  chmod 0700 "${GNUNET_HOME}" || true
-                # Assuming default values, this *should* not be changed.
+  # Restrict access on setuid binaries
-                echo -n "Updating files and directories permissions:"
+  for file in /usr/bin/gnunet-helper-exit \
-                # Secure access to the data directory
+    /usr/bin/gnunet-helper-nat-client \
-                chmod 0700 "${GNUNET_HOME}" || true
+    /usr/bin/gnunet-helper-nat-server \
-                # Restrict access on setuid binaries
+    /usr/bin/gnunet-helper-transport-bluetooth \
-                for file in /usr/bin/gnunet-helper-exit \
+    /usr/bin/gnunet-helper-transport-wlan \
-                        /usr/bin/gnunet-helper-nat-client \
+    /usr/bin/gnunet-helper-vpn; do
-                        /usr/bin/gnunet-helper-nat-server \
+    # only do something when no setting exists
-                        /usr/bin/gnunet-helper-transport-bluetooth \
+    if ! dpkg-statoverride --list $file >/dev/null 2>&1 && [ -e $file ]; then
-                        /usr/bin/gnunet-helper-transport-wlan \
+      chown root:${_GROUPNAME} $file
-                        /usr/bin/gnunet-helper-vpn
+      chmod 4750 $file
-                do
+    fi
-                        # only do something when no setting exists
+  done
-                        if ! dpkg-statoverride --list $file >/dev/null 2>&1 && [ -e $file ]
+  if ! dpkg-statoverride --list /usr/bin/gnunet-helper-dns >/dev/null 2>&1 &&
-                        then
+    [ -e /usr/bin/gnunet-helper-dns ]; then
-                                chown root:${_GROUPNAME} $file
+    chown root:${GNUNETDNS_GROUP} /usr/bin/gnunet-helper-dns
-                                chmod 4750 $file
+    chmod 4750 /usr/bin/gnunet-helper-dns
-                        fi
+  fi
-                done
+  if ! dpkg-statoverride --list /usr/bin/gnunet-service-dns >/dev/null 2>&1 &&
-                if ! dpkg-statoverride --list /usr/bin/gnunet-helper-dns >/dev/null 2>&1 \
+    [ -e /usr/bin/gnunet-service-dns ]; then
-                        && [ -e /usr/bin/gnunet-helper-dns ]
+    chown ${_USERNAME}:${GNUNETDNS_GROUP} /usr/bin/gnunet-service-dns
-                then
+    chmod 2750 /usr/bin/gnunet-service-dns
-                        chown root:${GNUNETDNS_GROUP} /usr/bin/gnunet-helper-dns
+  fi
-                        chmod 4750 /usr/bin/gnunet-helper-dns
+  echo " done."
-                fi
-                if ! dpkg-statoverride --list /usr/bin/gnunet-service-dns >/dev/null 2>&1 \
+  echo "All done."
-                        && [ -e /usr/bin/gnunet-service-dns ]
-                then
+  ;;
-                        chown ${_USERNAME}:${GNUNETDNS_GROUP} /usr/bin/gnunet-service-dns
-                        chmod 2750 /usr/bin/gnunet-service-dns
+abort-upgrade | abort-remove | abort-deconfigure) ;;
-                fi
-                echo  " done."
+\
+  \
-                echo "All done."
+  *)
+  echo "postinst called with unknown argument \`${1}'" >&2
-                ;;
+  exit 1
+  ;;
-        abort-upgrade|abort-remove|abort-deconfigure)
-                ;;
-        *)
-                echo "postinst called with unknown argument \`${1}'" >&2
-                exit 1
-                ;;
 esac
 #DEBHELPER#
diff --git a/debian/gnunet.postrm b/debian/gnunet.postrm
index 4b60c570a..592fe04a1 100644
--- a/debian/gnunet.postrm
+++ b/debian/gnunet.postrm
@@ -3,11 +3,11 @@
 set -e
 remove_gns() {
-        # abort if /etc/nsswitch.conf does not exist
+  # abort if /etc/nsswitch.conf does not exist
-        if ! [ -e /etc/nsswitch.conf ]; then
+  if ! [ -e /etc/nsswitch.conf ]; then
-                return
+    return
-        fi
+  fi
-        perl -i -pe '
+  perl -i -pe '
                my @remove=(
                        "gns [NOTFOUND=return]",
                );
@@ -25,45 +25,41 @@ remove_gns() {
 _USERNAME="gnunet"
 _GROUPNAME="gnunet"
 GNUNETDNS_GROUP="gnunetdns"
-if [ -e /usr/share/debconf/confmodule ]
+if [ -e /usr/share/debconf/confmodule ]; then
-then
+  . /usr/share/debconf/confmodule
-        . /usr/share/debconf/confmodule
+  db_version 2.0
-        db_version 2.0
-        db_get gnunet-dns/libnsswitch
+  db_get gnunet-dns/libnsswitch
-        _LIBNSSWITCH="${RET}"
+  _LIBNSSWITCH="${RET}"
 fi
 case "${1}" in
-        purge)
+purge)
-                if $_LIBNSSWITCH
+  if $_LIBNSSWITCH; then
-                then
+    rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns.so.2
-                        rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns.so.2
+    rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns4.so.2
-                        rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns4.so.2
+    rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns6.so.2
-                        rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns6.so.2
+    remove_gns
-                        remove_gns
+  fi
-                fi
-                rm -rf /var/log/gnunet.log /var/lib/gnunet /etc/default/gnunet
+  rm -rf /var/log/gnunet.log /var/lib/gnunet /etc/default/gnunet
-                ;;
+  ;;
-        remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
+remove | upgrade | failed-upgrade | abort-install | abort-upgrade | disappear)
-                if $_LIBNSSWITCH
+  if $_LIBNSSWITCH; then
-                then
+    rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns.so.2
-                        rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns.so.2
+    rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns4.so.2
-                        rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns4.so.2
+    rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns6.so.2
-                        rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns6.so.2
+    remove_gns
-                        remove_gns
+  fi
-                fi
-                ;;
+  ;;
-        *)
+*)
-                echo "postrm called with unknown argument \`${1}'" >&2
+  echo "postrm called with unknown argument \`${1}'" >&2
-                exit 1
+  exit 1
-                ;;
+  ;;
 esac
 #DEBHELPER#
author	Florian Dold <florian@dold.me>	2021-08-28 18:27:45 +0200
committer	Florian Dold <florian@dold.me>	2021-08-28 18:27:45 +0200
commit	ec6b80f070a235cdd60b0d8904f64969cf53569c (patch)
tree	fa77a417a055ebc8f8022566b008aa7f287fe6be
parent	830bc7ab2debe5822504e4690237c8ba77a0259e (diff)
download	gnunet-ec6b80f070a235cdd60b0d8904f64969cf53569c.tar.gz gnunet-ec6b80f070a235cdd60b0d8904f64969cf53569c.zip

diff --git a/debian/gnunet.config b/debian/gnunet.config index 6daa6818e..ebb94c56f 100644 --- a/debian/gnunet.config +++ b/debian/gnunet.config
@@ -4,12 +4,6 @@ set -e
4		4
5	. /usr/share/debconf/confmodule	5	. /usr/share/debconf/confmodule
6		6
7	db_input low gnunet-systempeer/username \|\| true
8	db_go
9
10	db_input low gnunet-systempeer/groupname \|\| true
11	db_go
12
13	db_input medium gnunet-systempeer/autostart \|\| true	7	db_input medium gnunet-systempeer/autostart \|\| true
14	db_go	8	db_go
15		9


diff --git a/debian/gnunet.postinst b/debian/gnunet.postinst index bde8b1462..d5ee9188d 100644 --- a/debian/gnunet.postinst +++ b/debian/gnunet.postinst
@@ -9,13 +9,13 @@ set -e
9	# in /etc/nsswitch.conf to automatically enable nss-gns support; do not change	9	# in /etc/nsswitch.conf to automatically enable nss-gns support; do not change
10	# the configuration if the "hosts" line already references some gns lookups	10	# the configuration if the "hosts" line already references some gns lookups
11	insert_gns() {	11	insert_gns() {
12	echo -n "Checking NSS setup..."	12	echo -n "Checking NSS setup..."
13	# abort if /etc/nsswitch.conf does not exist	13	# abort if /etc/nsswitch.conf does not exist
14	if ! [ -e /etc/nsswitch.conf ]; then	14	if ! [ -e /etc/nsswitch.conf ]; then
15	echo "Could not find /etc/nsswitch.conf."	15	echo "Could not find /etc/nsswitch.conf."
16	return 1	16	return 1
17	fi	17	fi
18	perl -i -pe '	18	perl -i -pe '
19	sub insert {	19	sub insert {
20	# this also splits on tab	20	# this also splits on tab
21	my @bits=split(" ", shift);	21	my @bits=split(" ", shift);
@@ -35,180 +35,172 @@ insert_gns() {
35	}	35	}
36	s/^(hosts:\s+)(.*)/$1.insert($2)/e;	36	s/^(hosts:\s+)(.*)/$1.insert($2)/e;
37	' /etc/nsswitch.conf	37	' /etc/nsswitch.conf
38	echo " done."	38	echo " done."
39	}	39	}
40		40
41	case "${1}" in	41	case "${1}" in
42	configure)	42	configure)
43	db_version 2.0	43	db_version 2.0
44		44
45	_USERNAME="gnunet"	45	_USERNAME="gnunet"
46	_GROUPNAME="gnunet"	46	_GROUPNAME="gnunet"
47		47
48	db_get gnunet-systempeer/autostart	48	db_get gnunet-systempeer/autostart
49	_AUTOSTART="${RET}" # boolean	49	_AUTOSTART="${RET}" # boolean
50		50
51	db_get gnunet-dns/libnsswitch	51	db_get gnunet-dns/libnsswitch
52	_LIBNSSWITCH="${RET}" # boolean	52	_LIBNSSWITCH="${RET}" # boolean
53		53
54	db_get gnunet-user/proxy	54	db_get gnunet-user/proxy
55	_PROXY="${RET}" # boolean	55	_PROXY="${RET}" # boolean
56		56
57	db_stop	57	db_stop
58		58
59	CONFIG_FILE="/etc/default/gnunet"	59	CONFIG_FILE="/etc/default/gnunet"
60		60
61	# Read default values	61	# Read default values
62	GNUNET_HOME="/var/lib/gnunet"	62	GNUNET_HOME="/var/lib/gnunet"
63	eval $(grep GNUNET_HOME /etc/gnunet.conf \| tr -d '[:blank:]')	63	eval $(grep GNUNET_HOME /etc/gnunet.conf \| tr -d '[:blank:]')
64		64
65	# Creating gnunet group if needed	65	# Creating gnunet group if needed
66	if ! getent group ${_GROUPNAME} > /dev/null	66	if ! getent group ${_GROUPNAME} >/dev/null; then
67	then	67	echo -n "Creating new GNUnet group ${_GROUPNAME}:"
68	echo -n "Creating new GNUnet group ${_GROUPNAME}:"	68	addgroup --quiet --system ${_GROUPNAME}
69	addgroup --quiet --system ${_GROUPNAME}	69	echo " done."
70	echo " done."	70	fi
71	fi	71
72		72	# Creating gnunet user if needed
73	# Creating gnunet user if needed	73	if ! getent passwd ${_USERNAME} >/dev/null; then
74	if ! getent passwd ${_USERNAME} > /dev/null	74	echo -n "Creating new GNUnet user ${_USERNAME}:"
75	then	75	adduser --quiet --system --ingroup ${_GROUPNAME} --home ${GNUNET_HOME} ${_USERNAME}
76	echo -n "Creating new GNUnet user ${_USERNAME}:"	76	echo " done."
77	adduser --quiet --system --ingroup ${_GROUPNAME} --home ${GNUNET_HOME} ${_USERNAME}	77	fi
78	echo " done."	78
79	fi	79	# Add a special secured group
80		80	GNUNETDNS_GROUP="gnunetdns"
81	# Add a special secured group	81
82	GNUNETDNS_GROUP="gnunetdns"	82	# Creating gnunetdns group if needed
83		83	if ! getent group ${GNUNETDNS_GROUP} >/dev/null; then
84	# Creating gnunetdns group if needed	84	echo -n "Creating new secured GNUnet group ${GNUNETDNS_GROUP}:"
85	if ! getent group ${GNUNETDNS_GROUP} > /dev/null	85	addgroup --quiet --system ${GNUNETDNS_GROUP}
86	then	86	echo " done."
87	echo -n "Creating new secured GNUnet group ${GNUNETDNS_GROUP}:"	87	fi
88	addgroup --quiet --system ${GNUNETDNS_GROUP}	88
89	echo " done."	89	# Copy the libnss_gns files to the libnss directory
90	fi	90	if ${_LIBNSSWITCH}; then
91		91	echo "Editing /etc/nsswitch.conf to use GNS before DNS"
92	# Copy the libnss_gns files to the libnss directory	92	# $2 equals the currently installed version if it exists
93	if ${_LIBNSSWITCH}	93	if [ -z "$2" ]; then
94	then	94	# first install: setup the recommended configuration (unless
95	echo "Editing /etc/nsswitch.conf to use GNS before DNS"	95	# nsswitch.conf already contains mdns entries)
96	# $2 equals the currently installed version if it exists	96	insert_gns
97	if [ -z "$2" ]; then	97	if [ "$?" -gt 0 ]; then
98	# first install: setup the recommended configuration (unless	98	echo "nsswitch does not exist on this system"
99	# nsswitch.conf already contains mdns entries)	99	fi
100	insert_gns	100	fi
101	if [ "$?" -gt 0 ]; then	101	echo " done."
102	echo "nsswitch does not exist on this system"	102	fi
103	fi	103
104	fi	104	# # Change the proxy settings for Firefox and Chromium if desired
105	echo " done."	105	# if ${_PROXY}
106	fi	106	# then
107		107	# mkdir -p /etc/X11/xinit/xinitrc.d/
108	# # Change the proxy settings for Firefox and Chromium if desired	108	#cat > "/etc/X11/xinit/xinitrc.d/80-gnunet-user-services" << "EOF"
109	# if ${_PROXY}	109	##!/bin/bash
110	# then	110	#systemctl --user daemon-reload
111	# mkdir -p /etc/X11/xinit/xinitrc.d/	111	#systemctl --user start gnunet-user
112	#cat > "/etc/X11/xinit/xinitrc.d/80-gnunet-user-services" << "EOF"	112	#systemctl --user enable gnunet-user
113	##!/bin/bash	113	#user=$(whoami)
114	#systemctl --user daemon-reload	114	#gnunet_proxy=$(gnunet-config -c /etc/skel/.config/gnunet.conf -s gns-proxy \| grep 'IMMEDIATE_START = YES')
115	#systemctl --user start gnunet-user	115	#
116	#systemctl --user enable gnunet-user	116	## Enable GNS proxy for new users informed by /etc/skel.
117	#user=$(whoami)	117	#if [ "$gnunet_proxy" ]; then
118	#gnunet_proxy=$(gnunet-config -c /etc/skel/.config/gnunet.conf -s gns-proxy \| grep 'IMMEDIATE_START = YES')	118	#
119	#	119	# # Calculate user specific port
120	## Enable GNS proxy for new users informed by /etc/skel.	120	# port=$((8000+$(id -u $user)))
121	#if [ "$gnunet_proxy" ]; then	121	#
122	#	122	# gnunet-config -c $HOME/.config/gnunet.conf \
123	# # Calculate user specific port	123	# --section=gns-proxy \
124	# port=$((8000+$(id -u $user)))	124	# --option=OPTIONS \
125	#	125	# --value="-p $port"
126	# gnunet-config -c $HOME/.config/gnunet.conf \	126	#
127	# --section=gns-proxy \	127	# # Firefox
128	# --option=OPTIONS \	128	# defaultprofile=$(ls $HOME/.mozilla/firefox/*.default)
129	# --value="-p $port"	129	# if [ ! "$defaultprofile" ];then
130	#	130	# timeout 3s firefox --headless # dirty: create profile if not existent
131	# # Firefox	131	# fi
132	# defaultprofile=$(ls $HOME/.mozilla/firefox/*.default)	132	# for ffprofile in $HOME/.mozilla/firefox/./; do
133	# if [ ! "$defaultprofile" ];then	133	# js=$ffprofile/user.js
134	# timeout 3s firefox --headless # dirty: create profile if not existent	134	# if [ -f "$js" ]; then
135	# fi	135	# sed -i '/Preferences for using the GNU Name System/d' "$js"
136	# for ffprofile in $HOME/.mozilla/firefox/./; do	136	# sed -i '/network.proxy.socks/d' "$js"
137	# js=$ffprofile/user.js	137	# sed -i '/network.proxy.socks_port/d' "$js"
138	# if [ -f "$js" ]; then	138	# sed -i '/network.proxy.socks_remote_dns/d' "$js"
139	# sed -i '/Preferences for using the GNU Name System/d' "$js"	139	# sed -i '/network.proxy.type/d' "$js"
140	# sed -i '/network.proxy.socks/d' "$js"	140	# fi
141	# sed -i '/network.proxy.socks_port/d' "$js"	141	# echo "// Preferences for using the GNU Name System" >> "$js"
142	# sed -i '/network.proxy.socks_remote_dns/d' "$js"	142	# echo "user_pref(\"network.proxy.socks\", \"localhost\");" >> "$js"
143	# sed -i '/network.proxy.type/d' "$js"	143	# echo "user_pref(\"network.proxy.socks_port\", $port);" >> "$js"
144	# fi	144	# echo "user_pref(\"network.proxy.socks_remote_dns\", true);" >> "$js"
145	# echo "// Preferences for using the GNU Name System" >> "$js"	145	# echo "user_pref(\"network.proxy.type\", 1);" >> "$js"
146	# echo "user_pref(\"network.proxy.socks\", \"localhost\");" >> "$js"	146	# done
147	# echo "user_pref(\"network.proxy.socks_port\", $port);" >> "$js"	147	#
148	# echo "user_pref(\"network.proxy.socks_remote_dns\", true);" >> "$js"	148	# # Chromium
149	# echo "user_pref(\"network.proxy.type\", 1);" >> "$js"	149	# profile="$HOME/.profile"
150	# done	150	# if [ -f "$profile" ]; then
151	#	151	# sed -i '/CHROMIUM_USER_FLAGS/d' "$profile"
152	# # Chromium	152	# fi
153	# profile="$HOME/.profile"	153	# echo "export CHROMIUM_USER_FLAGS=--proxy-server=socks5://localhost:$port" \
154	# if [ -f "$profile" ]; then	154	# >> "$profile"
155	# sed -i '/CHROMIUM_USER_FLAGS/d' "$profile"	155	#fi
156	# fi	156	#
157	# echo "export CHROMIUM_USER_FLAGS=--proxy-server=socks5://localhost:$port" \	157	## Create/Renew GNS certificate authority (CA) per user.
158	# >> "$profile"	158	#gnunet-gns-proxy-setup-ca
159	#fi	159	#EOF
160	#	160	# fi
161	## Create/Renew GNS certificate authority (CA) per user.	161
162	#gnunet-gns-proxy-setup-ca	162	# Update files and directories permissions.
163	#EOF	163	# Assuming default values, this should not be changed.
164	# fi	164	echo -n "Updating files and directories permissions:"
165		165	# Secure access to the data directory
166	# Update files and directories permissions.	166	chmod 0700 "${GNUNET_HOME}" \|\| true
167	# Assuming default values, this should not be changed.	167	# Restrict access on setuid binaries
168	echo -n "Updating files and directories permissions:"	168	for file in /usr/bin/gnunet-helper-exit \
169	# Secure access to the data directory	169	/usr/bin/gnunet-helper-nat-client \
170	chmod 0700 "${GNUNET_HOME}" \|\| true	170	/usr/bin/gnunet-helper-nat-server \
171	# Restrict access on setuid binaries	171	/usr/bin/gnunet-helper-transport-bluetooth \
172	for file in /usr/bin/gnunet-helper-exit \	172	/usr/bin/gnunet-helper-transport-wlan \
173	/usr/bin/gnunet-helper-nat-client \	173	/usr/bin/gnunet-helper-vpn; do
174	/usr/bin/gnunet-helper-nat-server \	174	# only do something when no setting exists
175	/usr/bin/gnunet-helper-transport-bluetooth \	175	if ! dpkg-statoverride --list $file >/dev/null 2>&1 && [ -e $file ]; then
176	/usr/bin/gnunet-helper-transport-wlan \	176	chown root:${_GROUPNAME} $file
177	/usr/bin/gnunet-helper-vpn	177	chmod 4750 $file
178	do	178	fi
179	# only do something when no setting exists	179	done
180	if ! dpkg-statoverride --list $file >/dev/null 2>&1 && [ -e $file ]	180	if ! dpkg-statoverride --list /usr/bin/gnunet-helper-dns >/dev/null 2>&1 &&
181	then	181	[ -e /usr/bin/gnunet-helper-dns ]; then
182	chown root:${_GROUPNAME} $file	182	chown root:${GNUNETDNS_GROUP} /usr/bin/gnunet-helper-dns
183	chmod 4750 $file	183	chmod 4750 /usr/bin/gnunet-helper-dns
184	fi	184	fi
185	done	185	if ! dpkg-statoverride --list /usr/bin/gnunet-service-dns >/dev/null 2>&1 &&
186	if ! dpkg-statoverride --list /usr/bin/gnunet-helper-dns >/dev/null 2>&1 \	186	[ -e /usr/bin/gnunet-service-dns ]; then
187	&& [ -e /usr/bin/gnunet-helper-dns ]	187	chown ${_USERNAME}:${GNUNETDNS_GROUP} /usr/bin/gnunet-service-dns
188	then	188	chmod 2750 /usr/bin/gnunet-service-dns
189	chown root:${GNUNETDNS_GROUP} /usr/bin/gnunet-helper-dns	189	fi
190	chmod 4750 /usr/bin/gnunet-helper-dns	190	echo " done."
191	fi	191
192	if ! dpkg-statoverride --list /usr/bin/gnunet-service-dns >/dev/null 2>&1 \	192	echo "All done."
193	&& [ -e /usr/bin/gnunet-service-dns ]	193
194	then	194	;;
195	chown ${_USERNAME}:${GNUNETDNS_GROUP} /usr/bin/gnunet-service-dns	195
196	chmod 2750 /usr/bin/gnunet-service-dns	196	abort-upgrade \| abort-remove \| abort-deconfigure) ;;
197	fi	197
198	echo " done."	198	\
199		199	\
200	echo "All done."	200	*)
201		201	echo "postinst called with unknown argument \`${1}'" >&2
202	;;	202	exit 1
203		203	;;
204	abort-upgrade\|abort-remove\|abort-deconfigure)
205
206	;;
207
208	*)
209	echo "postinst called with unknown argument \`${1}'" >&2
210	exit 1
211	;;
212	esac	204	esac
213		205
214	#DEBHELPER#	206	#DEBHELPER#


diff --git a/debian/gnunet.postrm b/debian/gnunet.postrm index 4b60c570a..592fe04a1 100644 --- a/debian/gnunet.postrm +++ b/debian/gnunet.postrm
@@ -3,11 +3,11 @@
3	set -e	3	set -e
4		4
5	remove_gns() {	5	remove_gns() {
6	# abort if /etc/nsswitch.conf does not exist	6	# abort if /etc/nsswitch.conf does not exist
7	if ! [ -e /etc/nsswitch.conf ]; then	7	if ! [ -e /etc/nsswitch.conf ]; then
8	return	8	return
9	fi	9	fi
10	perl -i -pe '	10	perl -i -pe '
11	my @remove=(	11	my @remove=(
12	"gns [NOTFOUND=return]",	12	"gns [NOTFOUND=return]",
13	);	13	);
@@ -25,45 +25,41 @@ remove_gns() {
25	_USERNAME="gnunet"	25	_USERNAME="gnunet"
26	_GROUPNAME="gnunet"	26	_GROUPNAME="gnunet"
27	GNUNETDNS_GROUP="gnunetdns"	27	GNUNETDNS_GROUP="gnunetdns"
28	if [ -e /usr/share/debconf/confmodule ]	28	if [ -e /usr/share/debconf/confmodule ]; then
29	then	29	. /usr/share/debconf/confmodule
30	. /usr/share/debconf/confmodule	30	db_version 2.0
31	db_version 2.0
32		31
33	db_get gnunet-dns/libnsswitch	32	db_get gnunet-dns/libnsswitch
34	_LIBNSSWITCH="${RET}"	33	_LIBNSSWITCH="${RET}"
35	fi	34	fi
36		35
37
38	case "${1}" in	36	case "${1}" in
39	purge)	37	purge)
40	if $_LIBNSSWITCH	38	if $_LIBNSSWITCH; then
41	then	39	rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns.so.2
42	rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns.so.2	40	rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns4.so.2
43	rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns4.so.2	41	rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns6.so.2
44	rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns6.so.2	42	remove_gns
45	remove_gns	43	fi
46	fi
47		44
48	rm -rf /var/log/gnunet.log /var/lib/gnunet /etc/default/gnunet	45	rm -rf /var/log/gnunet.log /var/lib/gnunet /etc/default/gnunet
49	;;	46	;;
50		47
51	remove\|upgrade\|failed-upgrade\|abort-install\|abort-upgrade\|disappear)	48	remove \| upgrade \| failed-upgrade \| abort-install \| abort-upgrade \| disappear)
52		49
53	if $_LIBNSSWITCH	50	if $_LIBNSSWITCH; then
54	then	51	rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns.so.2
55	rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns.so.2	52	rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns4.so.2
56	rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns4.so.2	53	rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns6.so.2
57	rm -rf /usr/lib/x86_64-linux-gnu/usr/libnss_gns6.so.2	54	remove_gns
58	remove_gns	55	fi
59	fi
60		56
61	;;	57	;;
62		58
63	*)	59	*)
64	echo "postrm called with unknown argument \`${1}'" >&2	60	echo "postrm called with unknown argument \`${1}'" >&2
65	exit 1	61	exit 1
66	;;	62	;;
67	esac	63	esac
68		64
69	#DEBHELPER#	65	#DEBHELPER#