Changeset 549 for main/linuxmuster-base/trunk/debian/postinst
- Timestamp:
- 10/22/09 11:07:40 (3 years ago)
- File:
-
- 1 edited
-
main/linuxmuster-base/trunk/debian/postinst (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
main/linuxmuster-base/trunk/debian/postinst
r497 r549 115 115 if [ -e "$INSTALLED" ]; then 116 116 117 if ! . $HELPERFUNCTIONS; then 118 echo "Cannot read $HELPERFUNCTIONS!" 119 exit 1 117 if ! . $HELPERFUNCTIONS; then 118 echo "Cannot read $HELPERFUNCTIONS!" 119 exit 1 120 fi 121 122 # check if smtprelay is in $NETWORKSETTINGS 123 if ! grep -q smtprelay $NETWORKSETTINGS; then 124 db_get linuxmuster/base smtprelay || true 125 smtprelay=$RET 126 smtprelay=${smtprelay#[0-9] } 127 echo "smtprelay=\"$smtprelay\"" >> $NETWORKSETTINGS 128 fi 129 130 # messages for config file headers 131 message1="##### Do not change this file! It will be overwritten!" 132 message2="##### This configuration file was automatically created by linuxmuster-base!" 133 message3="##### Last Modification: `date`" 134 135 # some variables we need for patching 136 # added imaging (1.2-6) 137 servername=`hostname -s` 138 domainname=`dnsdomainname` 139 db_get linuxmuster-base/country || true 140 country=$RET 141 db_get linuxmuster-base/state || true 142 state=$RET 143 db_get linuxmuster-base/location || true 144 location=$RET 145 db_get linuxmuster-base/schoolname || true 146 schoolname=$RET 147 db_get linuxmuster-base/workgroup || true 148 workgroup=$RET 149 workgroup=${workgroup#[0-9] } 150 internsub=`echo $serverip | awk -F. '{ print $2 }'` 151 serverrev_short=1.1.$internsub 152 ipcoprev_short=254.1.$internsub 153 154 # patch samba 155 sed -e "s/@@message1@@/${message1}/g 156 s/@@message2@@/${message2}/g 157 s/@@message3@@/${message3}/g 158 s/@@serverip@@/${serverip}/g 159 s/@@internmask@@/${internmask}/g 160 s/@@workgroup@@/${workgroup}/g 161 s/@@domadmin@@/${DOMADMIN}/g 162 s/@@administrator@@/${ADMINISTRATOR}/g 163 s/@@domadmins@@/${DOMADMINS}/g 164 s/@@teachersgroup@@/${TEACHERSGROUP}/g 165 s/@@basedn@@/${basedn}/g" $SMBCONFTEMPLATE.$imaging > /etc/samba/smb.conf 166 # samba reload only if postgres and/or samba are running 167 if ps ax | grep slapd | grep -v grep &> /dev/null; then 168 if ps ax | grep smbd | grep -v grep &> /dev/null; then 169 /etc/init.d/samba reload 170 # restore samba ldap admin password 171 smbpasswd -w `cat /etc/ldap.secret` 172 else 173 echo "Samba is not running! Skipping samba reload!" 174 echo "You have to restart samba after package update!" 175 fi 176 else 177 echo "The LDAP daemon (slapd) is not running! Skipping samba reload!" 178 echo "You have to reload samba after package update!" 179 fi 180 181 # apache2 adding port 242 for schulkonsole 182 apache_ports=/etc/apache2/ports.conf 183 if ! grep -q 242 $apache_ports; then 184 cp -f $STATICTPLDIR$apache_ports $apache_ports 185 fi 186 187 # removing schulkonsole's obsolete apache2 configuration 188 if [ -L /etc/apache2/conf.d/schulkonsole ]; then 189 rm /etc/apache2/conf.d/schulkonsole 190 fi 191 192 # create new certificate skript and create new certificate 193 if [ ! -e "$SCRIPTSDIR/create-ssl-cert.sh" ]; then 194 echo "Creating new server certificate ..." 195 sed -e "s/@@country@@/${country}/ 196 s/@@state@@/${state}/ 197 s/@@location@@/${location}/ 198 s/@@schoolname@@/${schoolname}/ 199 s/@@servername@@/${servername}/ 200 s/@@domainname@@/${domainname}/g 201 s/@@administrator@@/${ADMINISTRATOR}/" $DYNTPLDIR/01_certificates/create-ssl-cert.sh > $SCRIPTSDIR/create-ssl-cert.sh 202 chmod 744 $SCRIPTSDIR/create-ssl-cert.sh 203 $SCRIPTSDIR/create-ssl-cert.sh 204 fi 205 206 # fixing pam configuration 207 if grep ^account /etc/pam.d/login | grep -q pam_access.so; then 208 echo "pam configuration is up to date. :-)" 209 else 210 echo "Updating pam configuration ..." 211 cp -f $STATICTPLDIR/etc/pam.d/* /etc/pam.d 212 cp -f $STATICTPLDIR/etc/nsswitch.conf /etc 213 sed -e "s/@@administrator@@/$ADMINISTRATOR/" $DYNTPLDIR/17_admins/access.conf > /etc/security/access.conf 214 echo "ATTENTION!" 215 echo "Only root and $ADMINISTRATOR are allowed to login on the server!" 216 echo "To change this behaviour you have to edit /etc/security/access.conf!" 217 fi 218 219 # update cron scripts 220 # ntpdate 221 if [ -e /etc/cron.hourly/ntpdate ]; then 222 echo "Removing ntpdate cron script ..." 223 rm /etc/cron.hourly/ntpdate 224 fi 225 226 # bind9 227 # permissions 228 chown root:bind /etc/bind 229 chmod 775 /etc/bind 230 chown root:bind /etc/bind/db.10 231 chown root:bind /etc/bind/db.linuxmuster 232 chmod 664 /etc/bind/db.10 233 chmod 664 /etc/bind/db.linuxmuster 234 235 236 # apt 237 # [ -e /etc/apt/apt.conf ] && cp /etc/apt/apt.conf /etc/apt/apt.conf.dpkg-old 238 # echo "Updating /etc/apt/apt.conf ..." 239 # cp -f $STATICTPLDIR/etc/apt/apt.conf /etc/apt 240 # checking for correct sources.list 241 if grep -q lml40-updates /etc/apt/sources.list; then 242 backup_file /etc/apt/sources.list 243 echo "Updating sources.list ..." 244 sed -e 's/lml40-updates/paedml40-updates/' -i /etc/apt/sources.list 245 fi 246 # while read line; do 247 # [ "${line:0:3}" != "deb" ] && continue 248 # if ! grep -q "$line" /etc/apt/sources.list; then 249 # [ -z "$slist_changed" ] && gzip -c /etc/apt/sources.list > $BACKUPDIR/sources.list-$DATETIME.gz 250 # echo "Adding $line to /etc/apt/sources.list ..." 251 # echo "$line" >> /etc/apt/sources.list 252 # slist_changed=yes 253 # fi 254 # done <$STATICTPLDIR/etc/apt/sources.list.online 255 256 # environment 257 if [ ! -e /etc/environment ]; then 258 echo "Updating /etc/environment ..." 259 cp -f $STATICTPLDIR/etc/environment /etc 260 cp -f $STATICTPLDIR/etc/profile /etc 261 fi 262 if ! grep -q "export LANG" /etc/profile; then 263 backup_file /etc/profile 264 sed -e "/^export PATH/a\ 265 export LANG" -i /etc/profile 266 fi 267 268 # shadow passwords 269 if [ ! -e /etc/shadow ]; then 270 shadowconfig on 271 fi 272 273 # remove false link to backup mountpoint 274 [ -L /_backup ] && rm /_backup 275 276 # openldap permissions 277 chown root:root /etc/ldap/ldap.conf 278 chmod 644 /etc/ldap/ldap.conf 279 chown root:root /etc/ldap/slapd.conf 280 chmod 600 /etc/ldap/slapd.conf 281 chown root:root /etc/odbc.ini 282 chmod 644 /etc/odbc.ini 283 chmod 600 /etc/ldap/slapd.conf* 284 285 # bug #123, adding ipcop handling to /etc/init.d/networking 286 if ! grep -q ^doipcop /etc/init.d/networking; then 287 echo "Updating /etc/init.d/networking (Bug #123) ..." 288 cp /etc/init.d/networking /etc/init.d/networking.dpkg-dist 289 cp $STATICTPLDIR/etc/init.d/networking /etc/init.d 290 fi 291 # fixing typo in /etc/init.d/networking 292 if grep -q dopicop /etc/init.d/networking; then 293 echo "Fixing typo in /etc/init.d/networking ..." 294 cp $STATICTPLDIR/etc/init.d/networking /etc/init.d 295 fi 296 [ -e /etc/init.d/networking.dpkg-dist ] && chmod 644 /etc/init.d/networking.dpkg-dist 297 298 # remove old nameif script and installing new linuxmuster-nic-setup 299 if [ -e /etc/init.d/nameif ]; then 300 echo "Fixing mac address handling (Bug #86) ..." 301 # first save the mac assignments 302 mac_extern=`grep "^nameif extern" /etc/init.d/nameif | cut -f3 -d" "` 303 if [ -n "$mac_extern" ]; then 304 toupper $mac_extern 305 mac_extern=$RET 306 db_set linuxmuster-base/mac_extern $mac_extern || true 307 fi 308 mac_intern=`grep "^nameif intern" /etc/init.d/nameif | cut -f3 -d" "` 309 if [ -n "$mac_intern" ]; then 310 toupper $mac_intern 311 mac_intern=$RET 312 db_set linuxmuster-base/mac_intern $mac_intern || true 313 fi 314 mac_wlan=`grep "^nameif wlan" /etc/init.d/nameif | cut -f3 -d" "` 315 if [ -n "$mac_wlan" ]; then 316 toupper $mac_wlan 317 mac_wlan=$RET 318 db_set linuxmuster-base/mac_wlan $mac_wlan || true 319 fi 320 mac_dmz=`grep "^nameif dmz" /etc/init.d/nameif | cut -f3 -d" "` 321 if [ -n "$mac_dmz" ]; then 322 toupper $mac_dmz 323 mac_dmz=$RET 324 db_set linuxmuster-base/mac_dmz $mac_dmz || true 325 fi 326 # write them to network.settings 327 grep -v ^mac_ $NETWORKSETTINGS > $NETWORKSETTINGS.tmp 328 mv $NETWORKSETTINGS.tmp $NETWORKSETTINGS 329 echo "mac_extern=$mac_extern" >> $NETWORKSETTINGS 330 echo "mac_intern=$mac_intern" >> $NETWORKSETTINGS 331 echo "mac_wlan=$mac_wlan" >> $NETWORKSETTINGS 332 echo "mac_dmz=$mac_dmz" >> $NETWORKSETTINGS 333 update-rc.d -f nameif remove 334 mv /etc/init.d/nameif /etc/init.d/nameif.dpkg-old 335 chmod 644 /etc/init.d/nameif.dpkg-old 336 fi # nameif 337 338 # fixing cupsys init start nr 339 if [ -e /etc/rc2.d/S20cupsys ]; then 340 echo "Fixing cupsys' init start nr ..." 341 update-rc.d -f cupsys remove 342 update-rc.d cupsys start 21 2 3 4 5 . stop 19 0 1 6 . 343 cups_restart=yes 344 fi 345 if [ -n "$cups_restart" ]; then 346 /etc/init.d/cupsys force-reload || true 347 fi 348 349 # extraschueler.txt, extrakurse.txt 350 for i in extraschueler.txt extrakurse.txt entfernen.txt sperrklassen.txt; do 351 [ -e "/etc/sophomorix/user/$i" ] || cp $STATICTPLDIR/etc/sophomorix/user/$i /etc/sophomorix/user 352 done 353 354 # removing old cyrus21 runlevel links 355 if [ -e /etc/rc2.d/S20cyrus2.2 ]; then 356 if [ -e /etc/rc2.d/S20cyrus21 ]; then 357 update-rc.d -f cyrus21 remove 358 fi 359 fi 360 361 # restore apache's default index.html 362 indexhtml=/var/www/apache2-default/index.html 363 if grep -q "paedML" $indexhtml; then 364 cp $indexhtml $indexhtml.dpkg-old 365 echo -n "<html><body><h1>It works!</h1></body></html>" > $indexhtml 366 fi 367 368 # removing passwd3 files (1.1-7) 369 [ -e /etc/horde/passwd3 ] && rm -rf /etc/horde/passwd3 370 [ -e /usr/share/horde3/passwd ] && rm -rf /usr/share/horde3/passwd 371 [ -e /usr/share/doc/passwd3 ] && rm -rf /usr/share/doc/passwd3 372 373 # restoring internal firewall 374 . /etc/default/linuxmuster-base 375 if [ "$START_LINUXMUSTER" = "yes" ]; then 376 if ! iptables -L | grep -q "$FIREWALLTEST"; then 377 /etc/init.d/linuxmuster-base start 120 378 fi 121 122 # check if smtprelay is in $NETWORKSETTINGS 123 if ! grep -q smtprelay $NETWORKSETTINGS; then 124 db_get linuxmuster/base smtprelay || true 125 smtprelay=$RET 126 smtprelay=${smtprelay#[0-9] } 127 echo "smtprelay=\"$smtprelay\"" >> $NETWORKSETTINGS 379 fi 380 381 # adding imaging variable (1.2-14) 382 if ! grep -q ^imaging $NETWORKSETTINGS; then 383 if [ -z "$imaging" ]; then 384 imaging=rembo 385 db_set linuxmuster-base/imaging $imaging || true 386 fi 387 echo "imaging=$imaging" >> $NETWORKSETTINGS 388 fi 389 390 # patch path to wimport_data in dist.conf (1.1-8) 391 if [ -n "$imaging" ]; then 392 case "$imaging" in 393 linbo|tivoli) 394 sed -e "s/^WIMPORTDATA=.*/WIMPORTDATA=\"\$SYSCONFDIR\/workstations\"/" -i /usr/share/linuxmuster/config/dist.conf 395 if [[ -L "$SYSCONFDIR/workstations" && -f "$REMBOFILES/files/global/wimport_data" ]]; then 396 rm $SYSCONFDIR/workstations 397 cp $REMBOFILES/files/global/wimport_data $SYSCONFDIR/workstations 398 fi 399 ;; 400 *) 401 sed -e "s/^WIMPORTDATA=.*/WIMPORTDATA=\"\$REMBOFILES\/files\/global\/wimport_data\"/" -i /usr/share/linuxmuster/config/dist.conf 402 ;; 403 esac 404 fi 405 406 # fixing backup.conf 407 # remove obsolete unmount_shm (1.2-17) 408 if grep -q ^unmount_shm /etc/linuxmuster/backup.conf; then 409 echo "Removing obsolete parameter unmount_shm from backup.conf ..." 410 cp /etc/linuxmuster/backup.conf /etc/linuxmuster/backup.conf.dpkg-old 411 sed -e 's/^unmount_shm.*/# obsolete with linuxmuster-base 1.2-17/' -i /etc/linuxmuster/backup.conf 412 fi 413 # change postgresql to postgresql-8.1 (1.4.36-paedml1) 414 if grep -q ,postgresql, /etc/linuxmuster/backup.conf; then 415 echo "Changing postgresql to postgresql-8.1 in backup.conf ..." 416 cp /etc/linuxmuster/backup.conf /etc/linuxmuster/backup.conf.dpkg-old 417 sed -e 's/,postgresql,/,postgresql-8.1,/g' -i /etc/linuxmuster/backup.conf 418 fi 419 420 # change obsolete cyrus21 to cyrus2.2 in services parameter in backup.conf (1.2-25) 421 if grep -w cyrus21 /etc/linuxmuster/backup.conf | grep -qv ^#; then 422 echo "Changing service cyrus21 to cyrus2.2 in backup.conf ..." 423 cp /etc/linuxmuster/backup.conf /etc/linuxmuster/backup.conf.dpkg-old 424 sed -e 's/cyrus21/cyrus2.2/' -i /etc/linuxmuster/backup.conf 425 fi 426 427 # custom login/logout scripts (1.2-6) 428 for i in in out; do 429 if [ ! -e "$NETLOGONDIR/custom-log$i.sh" ]; then 430 echo "Copying $NETLOGONDIR/custom-log$i.sh ..." 431 cp $STATICTPLDIR$NETLOGONDIR/custom-log$i.sh $NETLOGONDIR 432 fi 433 done 434 # reparing permissions in netlogondir (1.2-15) 435 chown $ADMINISTRATOR:$DOMADMINS $NETLOGONDIR/* 436 chmod 664 $NETLOGONDIR/* 437 438 # removing obsolete samba-userlog lockfile (1.2-10) 439 if [ -e "${USERLOG}.lock" ]; then 440 echo "Removing obsolete lockfile ${USERLOG}.lock ..." 441 rm -f ${USERLOG}.lock 442 fi 443 444 # linking registry-patches to administrator's home (1.2-15) 445 if [ ! -e "$ADMINSHOME/$ADMINISTRATOR/registry-patches" ]; then 446 echo "Linking registry-patches to administrator's home ..." 447 ln -sf /usr/share/linuxmuster/registry-patches $ADMINSHOME/$ADMINISTRATOR/registry-patches 448 fi 449 450 # linbo related update stuff 451 if [ "$imaging" = "linbo" ]; then 452 # updating rsyncd.conf according to linbo revision 119 (1.2-13) 453 if ! grep -q pre-xfer /etc/rsyncd.conf; then 454 echo "Updating rsync configuration ..." 455 cp $STATICTPLDIR/etc/rsyncd.conf /etc 456 /etc/init.d/rsync restart 457 fi 458 # updating LINBO's dhcp configuration (1.4.36-paedml1) 459 if ! grep -q ^"# pxelinux options for LINBO" /etc/dhcp3/dhcpd.conf; then 460 echo "Updating dhcp-server configuration for LINBO ..." 461 cp /etc/dhcp3/dhcpd.conf /etc/dhcp3/dhcpd.conf.dpkg-old 462 dhcp_backup=yes 463 sed -e "s/@@servername@@/${servername}/g 464 s/@@domainname@@/${domainname}/g 465 s/@@serverip@@/${serverip}/g 466 s/@@ipcopip@@/${ipcopip}/g 467 s/@@broadcast@@/${broadcast}/g 468 s/@@internalnet@@/${internalnet}/g 469 s/@@internsub@@/${internsub}/g 470 s/@@internmask@@/${internmask}/g" $DYNTPLDIR/03_dhcp3-server/dhcpd.conf.linbo > /etc/dhcp3/dhcpd.conf 471 dhcp_reload=yes 472 fi 473 # linbo administrative user 474 if ! check_id linbo; then 475 linbopasswd=`grep ^linbo /etc/rsyncd.secrets | awk -F\: '{ print $2 }'` 476 if [ -n "$linbopasswd" ]; then 477 echo "Creating linbo user ..." 478 sophomorix-useradd --administrator linbo --unix-group $ADMINGROUP --shell /bin/false --gecos "LINBO Administrator" &> /dev/null || true 479 sophomorix-passwd --user linbo --pass $linbopasswd &> /dev/null || true 480 smbldap-usermod -H '[UX ]' linbo || true 481 fi 482 fi 483 fi # linbo 484 485 # deny client-updates 486 if grep -q ^"ignore client-updates" /etc/dhcp3/dhcpd.conf; then 487 echo "Updating dhcp-server configuration to deny client updates ..." 488 [ -z "$dhcp_backup" ] && cp /etc/dhcp3/dhcpd.conf /etc/dhcp3/dhcpd.conf.dpkg-old 489 sed -e "s/^ignore client-updates/deny client-updates/" -i /etc/dhcp3/dhcpd.conf 490 dhcp_reload=yes 491 fi 492 493 # reparing nagios2, apache2.conf 494 if ! grep -q "$basedn" /etc/nagios2/apache2.conf; then 495 sed -e "s/@@serverip@@/$serverip/ 496 s/@@basedn@@/$basedn/" $DYNTPLDIR/22_nagios/apache2.conf > /etc/nagios2/apache2.conf 497 cp /etc/nagios2/apache2.conf /var/lib/linuxmuster-nagios/config/nagios2 498 ln -sf /etc/nagios2/apache2.conf /etc/apache2/conf.d/nagios2.conf 499 fi 500 if ! grep -q "$(getdistname)" $SYSCONFDIR/nagios.conf; then 501 cp $SYSCONFDIR/nagios.conf $SYSCONFDIR/nagios.conf.dpkg-old 502 sed -e "s/^DESC_SERVER=.*/DESC_SERVER=\"Server der $(getdistname) $DISTMAJORVERSION\"/ 503 s/^DESC_FW=.*/DESC_FW=\"Firewall der $(getdistname) $DISTMAJORVERSION\"/ 504 s/^DESC_SERVERGROUP=.*/DESC_SERVERGROUP=\"Server der $(getdistname) $DISTMAJORVERSION\"/" -i /etc/linuxmuster/nagios.conf 505 sed -e "s/Server der .*/Server der $(getdistname) $DISTMAJORVERSION/g 506 s/Firewall der .*/Firewall der $(getdistname) $DISTMAJORVERSION/g" -i /etc/nagios2/conf.d/linuxmuster_main.cfg 507 nagios_reload=yes 508 fi 509 510 # creating pam_ldap.secret link 511 [ -e /etc/pam_ldap.secret ] || ln -sf ldap.secret /etc/pam_ldap.secret 512 513 # repairing openntpd 514 if ! grep -q ^"listen on $serverip" /etc/openntpd/ntpd.conf; then 515 cp /etc/openntpd/ntpd.conf /etc/openntpd/ntpd.conf.dpkg-old 516 sed -e "s/@@serverip@@/$serverip/" $DYNTPLDIR/99_start-services/ntpd.conf > /etc/openntpd/ntpd.conf 517 /etc/init.d/openntpd restart 518 fi 519 520 # repairing webmin 521 if [ ! -d /var/log/webmin ]; then 522 mkdir -p /var/log/webmin 523 /etc/init.d/webmin restart 524 fi 525 526 # repairing moodle 527 if [ -e /etc/moodle/config.php ]; then 528 if ! grep -q "\$CFG->wwwroot = '/moodle';" /etc/moodle/config.php; then 529 cp /etc/moodle/config.php /etc/moodle/config.php.dpkg-old 530 sed -e "s/\$CFG->wwwroot =.*/\$CFG->wwwroot = \'\/moodle\';/g" -i /etc/moodle/config.php 531 fi 532 fi 533 if [ -d /usr/share/moodle ]; then 534 [[ -e /usr/share/moodle/moodle && ! -L /usr/share/moodle/moodle ]] && mv /usr/share/moodle/moodle /usr/share/moodle/moodle.dpkg-old 535 [ -L /usr/share/moodle/moodle ] || ln -s . /usr/share/moodle/moodle 536 fi 537 538 # repair ssl-cert permissions (1.4.37-paedml1 & 1.4.38-paedml1) 539 chgrp ssl-cert /etc/ssl/private -R 540 if grep -q root:sasl $SCRIPTSDIR/create-ssl-cert.sh; then 541 sed -e 's/root:sasl/root:ssl-cert/g' -i $SCRIPTSDIR/create-ssl-cert.sh 542 chmod 744 $SCRIPTSDIR/create-ssl-cert.sh 543 fi 544 545 # adding tls support to slapd.conf 546 slapdtpl=/usr/share/sophomorix/config-templates/ldap/slapd-standalone.conf.template 547 [ -e /etc/ldap/slapd.conf.custom ] || cp $STATICTPLDIR/etc/ldap/slapd.conf.custom /etc/ldap 548 if ! grep -q ^TLS /etc/ldap/slapd.conf || ! grep -q misc.schema /etc/ldap/slapd.conf; then 549 echo "Updating openldap configuration ..." 550 cp /etc/ldap/slapd.conf /etc/ldap/slapd.conf.dpkg-old 551 rootpw=`grep ^rootpw /etc/ldap/slapd.conf | awk '{ print $2 }'` 552 sed -e "s/@@message1@@/${message1}/ 553 s/@@message2@@/${message2}/ 554 s/@@message3@@/${message3}/ 555 s/@@basedn@@/${basedn}/g 556 s/@@tls_comment@@//g 557 s/@@ldappassword@@/${rootpw}/g" $slapdtpl > /etc/ldap/slapd.conf 558 addgroup openldap ssl-cert 559 chmod 600 /etc/ldap/slapd.conf* 560 slapd_reload=yes 561 fi 562 if grep -q ^TLS /etc/ldap/slapd.conf; then 563 if ! grep ^SLAPD_SERVICES /etc/default/slapd | grep -q ldaps; then 564 cp /etc/default/slapd /etc/default/slapd.dpkg-old 565 cp $STATICTPLDIR/etc/default/slapd /etc/default 566 slapd_reload=yes 567 fi 568 fi 569 570 # fixing postgresql-8.1 pg_hba.conf (1.4.37-paedml1) 571 grep -q ^"# changed for Ogo" /etc/postgresql/8.1/main/pg_hba.conf && pg_update=yes 572 grep -q moodle /etc/postgresql/8.1/main/pg_hba.conf || pg_update=yes 573 if [ -n "$pg_update" ]; then 574 echo "Updating postgresql configuration ..." 575 echo "Warning: pg_hba.conf will be backupd up to pg_hba.conf.dpkg-old!" 576 cp /etc/postgresql/8.1/main/pg_hba.conf /etc/postgresql/8.1/main/pg_hba.conf.dpkg-old 577 cp $STATICTPLDIR/etc/postgresql/8.1/main/pg_hba.conf /etc/postgresql/8.1/main 578 postgres_reload=yes 579 fi 580 581 # ldap db user needs password (1.4.44-1) 582 dbconf=/etc/linuxmuster/schulkonsole/db.conf 583 dbuser=`grep ^Username $dbconf | awk -F\= '{ print $2 }'` 584 dbpwd=`grep ^Password $dbconf | awk -F\= '{ print $2 }'` 585 if [ "$dbuser" != "ldap" -o -z "$dbpwd" ]; then 586 echo "Providing a random password for postgresql user ldap." 587 echo "Warning: Backing up /etc/linuxmuster/schulkonsole/db.conf to db.conf.dpkg-old!" 588 cp /etc/linuxmuster/schulkonsole/db.conf /etc/linuxmuster/schulkonsole/db.conf.dpkg-old 589 ldapdbpw=`pwgen -s 8 1` 590 psql -U postgres -d template1 -qc "ALTER USER ldap WITH PASSWORD '"$ldapdbpw"';" 591 sed -e "s/^Password=.*/Password=$ldapdbpw/" $STATICTPLDIR/etc/linuxmuster/schulkonsole/db.conf > /etc/linuxmuster/schulkonsole/db.conf 592 chown www-data:www-data /etc/linuxmuster/schulkonsole/db.conf* 593 chmod 400 /etc/linuxmuster/schulkonsole/db.conf* 594 fi 595 596 # https://bugs.launchpad.net/ubuntu/+source/php5/+bug/63141, 1.4.44-1) 597 if grep -q ^"extension=curl.so" /etc/php5/conf.d/curl.ini; then 598 backup_file /etc/php5/conf.d/curl.ini 599 echo "Fixing /etc/php5/conf.d/curl.ini ..." 600 sed -e 's|^extension=curl.so|#extension=curl.so|' -i /etc/php5/conf.d/curl.ini 601 echo "# tschmitt: moved to pgsql.ini -> https://bugs.launchpad.net/ubuntu/+source/php5/+bug/63141" >> /etc/php5/conf.d/curl.ini 602 fi 603 if ! grep -q ^"extension=curl.so" /etc/php5/conf.d/pgsql.ini; then 604 backup_file /etc/php5/conf.d/pgsql.ini 605 echo "Fixing /etc/php5/conf.d/pgsql.ini ..." 606 echo "# tschmitt: moved from curl.ini -> https://bugs.launchpad.net/ubuntu/+source/php5/+bug/63141" >> /etc/php5/conf.d/pgsql.ini 607 echo "extension=curl.so" >> /etc/php5/conf.d/pgsql.ini 608 fi 609 610 # provide a default mindi.conf (1.4.44-1) 611 if [ ! -e /etc/mindi/mindi.conf ]; then 612 echo "Providing a default mindi.conf ..." 613 cp $STATICTPLDIR/etc/mindi/mindi.conf /etc/mindi 614 fi 615 616 # fixing apache's userdir.conf (1.4.50-1) 617 conffile=/etc/apache2/mods-available/userdir.conf 618 if [ -e "$conffile" ]; then 619 if ! grep -q "# modified by linuxmuster-base 1.4.50-1" $conffile; then 620 echo "Fixing $conffile ..." 621 cp $conffile ${conffile}.dpkg-old 622 cp $STATICTPLDIR$conffile $conffile 128 623 fi 129 130 # messages for config file headers 131 message1="##### Do not change this file! It will be overwritten!" 132 message2="##### This configuration file was automatically created by linuxmuster-base!" 133 message3="##### Last Modification: `date`" 134 135 # some variables we need for patching 136 # added imaging (1.2-6) 137 servername=`hostname -s` 138 domainname=`dnsdomainname` 139 db_get linuxmuster-base/country || true 140 country=$RET 141 db_get linuxmuster-base/state || true 142 state=$RET 143 db_get linuxmuster-base/location || true 144 location=$RET 145 db_get linuxmuster-base/schoolname || true 146 schoolname=$RET 147 db_get linuxmuster-base/workgroup || true 148 workgroup=$RET 149 workgroup=${workgroup#[0-9] } 150 internsub=`echo $serverip | awk -F. '{ print $2 }'` 151 serverrev_short=1.1.$internsub 152 ipcoprev_short=254.1.$internsub 153 154 # patch samba 155 sed -e "s/@@message1@@/${message1}/g 156 s/@@message2@@/${message2}/g 157 s/@@message3@@/${message3}/g 158 s/@@serverip@@/${serverip}/g 159 s/@@internmask@@/${internmask}/g 160 s/@@workgroup@@/${workgroup}/g 161 s/@@domadmin@@/${DOMADMIN}/g 162 s/@@administrator@@/${ADMINISTRATOR}/g 163 s/@@domadmins@@/${DOMADMINS}/g 164 s/@@teachersgroup@@/${TEACHERSGROUP}/g 165 s/@@basedn@@/${basedn}/g" $SMBCONFTEMPLATE.$imaging > /etc/samba/smb.conf 166 167 # samba reload only if postgres and/or samba are running 168 if ps ax | grep slapd | grep -v grep &> /dev/null; then 169 if ps ax | grep smbd | grep -v grep &> /dev/null; then 170 /etc/init.d/samba reload 171 # restore samba ldap admin password 172 smbpasswd -w `cat /etc/ldap.secret` 173 else 174 echo "Samba is not running! Skipping samba reload!" 175 echo "You have to restart samba after package update!" 176 fi 177 else 178 echo "The LDAP daemon (slapd) is not running! Skipping samba reload!" 179 echo "You have to reload samba after package update!" 180 fi 181 182 # apache2 adding port 242 for schulkonsole 183 apache_ports=/etc/apache2/ports.conf 184 if ! grep -q 242 $apache_ports; then 185 cp -f $STATICTPLDIR$apache_ports $apache_ports 186 fi 187 188 # removing schulkonsole's obsolete apache2 configuration 189 if [ -L /etc/apache2/conf.d/schulkonsole ]; then 190 rm /etc/apache2/conf.d/schulkonsole 191 fi 192 193 # create new certificate skript and create new certificate 194 if [ ! -e "$SCRIPTSDIR/create-ssl-cert.sh" ]; then 195 echo "Creating new server certificate ..." 196 sed -e "s/@@country@@/${country}/ 197 s/@@state@@/${state}/ 198 s/@@location@@/${location}/ 199 s/@@schoolname@@/${schoolname}/ 200 s/@@servername@@/${servername}/ 201 s/@@domainname@@/${domainname}/g 202 s/@@administrator@@/${ADMINISTRATOR}/" $DYNTPLDIR/01_certificates/create-ssl-cert.sh > $SCRIPTSDIR/create-ssl-cert.sh 203 chmod 744 $SCRIPTSDIR/create-ssl-cert.sh 204 $SCRIPTSDIR/create-ssl-cert.sh 205 fi 206 207 # fixing pam configuration 208 if grep ^account /etc/pam.d/login | grep -q pam_access.so; then 209 echo "pam configuration is up to date. :-)" 210 else 211 echo "Updating pam configuration ..." 212 cp -f $STATICTPLDIR/etc/pam.d/* /etc/pam.d 213 cp -f $STATICTPLDIR/etc/nsswitch.conf /etc 214 sed -e "s/@@administrator@@/$ADMINISTRATOR/" $DYNTPLDIR/17_admins/access.conf > /etc/security/access.conf 215 echo "ATTENTION!" 216 echo "Only root and $ADMINISTRATOR are allowed to login on the server!" 217 echo "To change this behaviour you have to edit /etc/security/access.conf!" 218 fi 219 220 # update cron scripts 221 # ntpdate 222 if [ -e /etc/cron.hourly/ntpdate ]; then 223 echo "Removing ntpdate cron script ..." 224 rm /etc/cron.hourly/ntpdate 225 fi 226 227 # bind9 228 # permissions 229 chown root:bind /etc/bind 230 chmod 775 /etc/bind 231 chown root:bind /etc/bind/db.10 232 chown root:bind /etc/bind/db.linuxmuster 233 chmod 664 /etc/bind/db.10 234 chmod 664 /etc/bind/db.linuxmuster 235 236 237 # apt 238 # [ -e /etc/apt/apt.conf ] && cp /etc/apt/apt.conf /etc/apt/apt.conf.dpkg-old 239 # echo "Updating /etc/apt/apt.conf ..." 240 # cp -f $STATICTPLDIR/etc/apt/apt.conf /etc/apt 241 # checking for correct sources.list 242 if grep -q lml40-updates /etc/apt/sources.list; then 243 backup_file /etc/apt/sources.list 244 echo "Updating sources.list ..." 245 sed -e 's/lml40-updates/paedml40-updates/' -i /etc/apt/sources.list 246 fi 247 # while read line; do 248 # [ "${line:0:3}" != "deb" ] && continue 249 # if ! grep -q "$line" /etc/apt/sources.list; then 250 # [ -z "$slist_changed" ] && gzip -c /etc/apt/sources.list > $BACKUPDIR/sources.list-$DATETIME.gz 251 # echo "Adding $line to /etc/apt/sources.list ..." 252 # echo "$line" >> /etc/apt/sources.list 253 # slist_changed=yes 254 # fi 255 # done <$STATICTPLDIR/etc/apt/sources.list.online 256 257 # environment 258 if [ ! -e /etc/environment ]; then 259 echo "Updating /etc/environment ..." 260 cp -f $STATICTPLDIR/etc/environment /etc 261 cp -f $STATICTPLDIR/etc/profile /etc 262 fi 263 if ! grep -q "export LANG" /etc/profile; then 264 backup_file /etc/profile 265 sed -e "/^export PATH/a\ 266 export LANG" -i /etc/profile 267 fi 268 269 # shadow passwords 270 if [ ! -e /etc/shadow ]; then 271 shadowconfig on 272 fi 273 274 # remove false link to backup mountpoint 275 [ -L /_backup ] && rm /_backup 276 277 # openldap permissions 278 chown root:root /etc/ldap/ldap.conf 279 chmod 644 /etc/ldap/ldap.conf 280 chown root:root /etc/ldap/slapd.conf 281 chmod 600 /etc/ldap/slapd.conf 282 chown root:root /etc/odbc.ini 283 chmod 644 /etc/odbc.ini 284 chmod 600 /etc/ldap/slapd.conf* 285 286 # bug #123, adding ipcop handling to /etc/init.d/networking 287 if ! grep -q ^doipcop /etc/init.d/networking; then 288 echo "Updating /etc/init.d/networking (Bug #123) ..." 289 cp /etc/init.d/networking /etc/init.d/networking.dpkg-dist 290 cp $STATICTPLDIR/etc/init.d/networking /etc/init.d 291 fi 292 # fixing typo in /etc/init.d/networking 293 if grep -q dopicop /etc/init.d/networking; then 294 echo "Fixing typo in /etc/init.d/networking ..." 295 cp $STATICTPLDIR/etc/init.d/networking /etc/init.d 296 fi 297 [ -e /etc/init.d/networking.dpkg-dist ] && chmod 644 /etc/init.d/networking.dpkg-dist 298 299 # remove old nameif script and installing new linuxmuster-nic-setup 300 if [ -e /etc/init.d/nameif ]; then 301 echo "Fixing mac address handling (Bug #86) ..." 302 # first save the mac assignments 303 mac_extern=`grep "^nameif extern" /etc/init.d/nameif | cut -f3 -d" "` 304 if [ -n "$mac_extern" ]; then 305 toupper $mac_extern 306 mac_extern=$RET 307 db_set linuxmuster-base/mac_extern $mac_extern || true 308 fi 309 mac_intern=`grep "^nameif intern" /etc/init.d/nameif | cut -f3 -d" "` 310 if [ -n "$mac_intern" ]; then 311 toupper $mac_intern 312 mac_intern=$RET 313 db_set linuxmuster-base/mac_intern $mac_intern || true 314 fi 315 mac_wlan=`grep "^nameif wlan" /etc/init.d/nameif | cut -f3 -d" "` 316 if [ -n "$mac_wlan" ]; then 317 toupper $mac_wlan 318 mac_wlan=$RET 319 db_set linuxmuster-base/mac_wlan $mac_wlan || true 320 fi 321 mac_dmz=`grep "^nameif dmz" /etc/init.d/nameif | cut -f3 -d" "` 322 if [ -n "$mac_dmz" ]; then 323 toupper $mac_dmz 324 mac_dmz=$RET 325 db_set linuxmuster-base/mac_dmz $mac_dmz || true 326 fi 327 # write them to network.settings 328 grep -v ^mac_ $NETWORKSETTINGS > $NETWORKSETTINGS.tmp 329 mv $NETWORKSETTINGS.tmp $NETWORKSETTINGS 330 echo "mac_extern=$mac_extern" >> $NETWORKSETTINGS 331 echo "mac_intern=$mac_intern" >> $NETWORKSETTINGS 332 echo "mac_wlan=$mac_wlan" >> $NETWORKSETTINGS 333 echo "mac_dmz=$mac_dmz" >> $NETWORKSETTINGS 334 update-rc.d -f nameif remove 335 mv /etc/init.d/nameif /etc/init.d/nameif.dpkg-old 336 chmod 644 /etc/init.d/nameif.dpkg-old 337 fi # nameif 338 339 # fixing cupsys init start nr 340 if [ -e /etc/rc2.d/S20cupsys ]; then 341 echo "Fixing cupsys' init start nr ..." 342 update-rc.d -f cupsys remove 343 update-rc.d cupsys start 21 2 3 4 5 . stop 19 0 1 6 . 344 cups_restart=yes 345 fi 346 if [ -n "$cups_restart" ]; then 347 /etc/init.d/cupsys force-reload || true 348 fi 349 350 # extraschueler.txt, extrakurse.txt 351 for i in extraschueler.txt extrakurse.txt entfernen.txt sperrklassen.txt; do 352 [ -e "/etc/sophomorix/user/$i" ] || cp $STATICTPLDIR/etc/sophomorix/user/$i /etc/sophomorix/user 353 done 354 355 # removing old cyrus21 runlevel links 356 if [ -e /etc/rc2.d/S20cyrus2.2 ]; then 357 if [ -e /etc/rc2.d/S20cyrus21 ]; then 358 update-rc.d -f cyrus21 remove 359 fi 360 fi 361 362 # restore apache's default index.html 363 indexhtml=/var/www/apache2-default/index.html 364 if grep -q "paedML" $indexhtml; then 365 cp $indexhtml $indexhtml.dpkg-old 366 echo -n "<html><body><h1>It works!</h1></body></html>" > $indexhtml 367 fi 368 369 # removing passwd3 files (1.1-7) 370 [ -e /etc/horde/passwd3 ] && rm -rf /etc/horde/passwd3 371 [ -e /usr/share/horde3/passwd ] && rm -rf /usr/share/horde3/passwd 372 [ -e /usr/share/doc/passwd3 ] && rm -rf /usr/share/doc/passwd3 373 374 # restoring internal firewall 375 . /etc/default/linuxmuster-base 376 if [ "$START_LINUXMUSTER" = "yes" ]; then 377 if ! iptables -L | grep -q "$FIREWALLTEST"; then 378 /etc/init.d/linuxmuster-base start 379 fi 380 fi 381 382 # adding imaging variable (1.2-14) 383 if ! grep -q ^imaging $NETWORKSETTINGS; then 384 if [ -z "$imaging" ]; then 385 imaging=rembo 386 db_set linuxmuster-base/imaging $imaging || true 387 fi 388 echo "imaging=$imaging" >> $NETWORKSETTINGS 389 fi 390 391 # patch path to wimport_data in dist.conf (1.1-8) 392 if [ -n "$imaging" ]; then 393 case "$imaging" in 394 linbo|tivoli) 395 sed -e "s/^WIMPORTDATA=.*/WIMPORTDATA=\"\$SYSCONFDIR\/workstations\"/" -i /usr/share/linuxmuster/config/dist.conf 396 if [[ -L "$SYSCONFDIR/workstations" && -f "$REMBOFILES/files/global/wimport_data" ]]; then 397 rm $SYSCONFDIR/workstations 398 cp $REMBOFILES/files/global/wimport_data $SYSCONFDIR/workstations 399 fi 400 ;; 401 *) 402 sed -e "s/^WIMPORTDATA=.*/WIMPORTDATA=\"\$REMBOFILES\/files\/global\/wimport_data\"/" -i /usr/share/linuxmuster/config/dist.conf 403 ;; 404 esac 405 fi 406 407 # fixing backup.conf 408 # remove obsolete unmount_shm (1.2-17) 409 if grep -q ^unmount_shm /etc/linuxmuster/backup.conf; then 410 echo "Removing obsolete parameter unmount_shm from backup.conf ..." 411 cp /etc/linuxmuster/backup.conf /etc/linuxmuster/backup.conf.dpkg-old 412 sed -e 's/^unmount_shm.*/# obsolete with linuxmuster-base 1.2-17/' -i /etc/linuxmuster/backup.conf 413 fi 414 # change postgresql to postgresql-8.1 (1.4.36-paedml1) 415 if grep -q ,postgresql, /etc/linuxmuster/backup.conf; then 416 echo "Changing postgresql to postgresql-8.1 in backup.conf ..." 417 cp /etc/linuxmuster/backup.conf /etc/linuxmuster/backup.conf.dpkg-old 418 sed -e 's/,postgresql,/,postgresql-8.1,/g' -i /etc/linuxmuster/backup.conf 419 fi 420 421 # change obsolete cyrus21 to cyrus2.2 in services parameter in backup.conf (1.2-25) 422 if grep -w cyrus21 /etc/linuxmuster/backup.conf | grep -qv ^#; then 423 echo "Changing service cyrus21 to cyrus2.2 in backup.conf ..." 424 cp /etc/linuxmuster/backup.conf /etc/linuxmuster/backup.conf.dpkg-old 425 sed -e 's/cyrus21/cyrus2.2/' -i /etc/linuxmuster/backup.conf 426 fi 427 428 # custom login/logout scripts (1.2-6) 429 for i in in out; do 430 if [ ! -e "$NETLOGONDIR/custom-log$i.sh" ]; then 431 echo "Copying $NETLOGONDIR/custom-log$i.sh ..." 432 cp $STATICTPLDIR$NETLOGONDIR/custom-log$i.sh $NETLOGONDIR 433 fi 434 done 435 # reparing permissions in netlogondir (1.2-15) 436 chown $ADMINISTRATOR:$DOMADMINS $NETLOGONDIR/* 437 chmod 664 $NETLOGONDIR/* 438 439 # removing obsolete samba-userlog lockfile (1.2-10) 440 if [ -e "${USERLOG}.lock" ]; then 441 echo "Removing obsolete lockfile ${USERLOG}.lock ..." 442 rm -f ${USERLOG}.lock 443 fi 444 445 # linking registry-patches to administrator's home (1.2-15) 446 if [ ! -e "$ADMINSHOME/$ADMINISTRATOR/registry-patches" ]; then 447 echo "Linking registry-patches to administrator's home ..." 448 ln -sf /usr/share/linuxmuster/registry-patches $ADMINSHOME/$ADMINISTRATOR/registry-patches 449 fi 450 451 # linbo related update stuff 452 if [ "$imaging" = "linbo" ]; then 453 # updating rsyncd.conf according to linbo revision 119 (1.2-13) 454 if ! grep -q pre-xfer /etc/rsyncd.conf; then 455 echo "Updating rsync configuration ..." 456 cp $STATICTPLDIR/etc/rsyncd.conf /etc 457 /etc/init.d/rsync restart 458 fi 459 # updating LINBO's dhcp configuration (1.4.36-paedml1) 460 if ! grep -q ^"# pxelinux options for LINBO" /etc/dhcp3/dhcpd.conf; then 461 echo "Updating dhcp-server configuration for LINBO ..." 462 cp /etc/dhcp3/dhcpd.conf /etc/dhcp3/dhcpd.conf.dpkg-old 463 dhcp_backup=yes 464 sed -e "s/@@servername@@/${servername}/g 465 s/@@domainname@@/${domainname}/g 466 s/@@serverip@@/${serverip}/g 467 s/@@ipcopip@@/${ipcopip}/g 468 s/@@broadcast@@/${broadcast}/g 469 s/@@internalnet@@/${internalnet}/g 470 s/@@internsub@@/${internsub}/g 471 s/@@internmask@@/${internmask}/g" $DYNTPLDIR/03_dhcp3-server/dhcpd.conf.linbo > /etc/dhcp3/dhcpd.conf 472 dhcp_reload=yes 473 fi 474 # linbo administrative user 475 if ! check_id linbo; then 476 linbopasswd=`grep ^linbo /etc/rsyncd.secrets | awk -F\: '{ print $2 }'` 477 if [ -n "$linbopasswd" ]; then 478 echo "Creating linbo user ..." 479 sophomorix-useradd --administrator linbo --unix-group $ADMINGROUP --shell /bin/false --gecos "LINBO Administrator" &> /dev/null || true 480 sophomorix-passwd --user linbo --pass $linbopasswd &> /dev/null || true 481 smbldap-usermod -H '[UX ]' linbo || true 482 fi 483 fi 484 fi # linbo 485 486 # deny client-updates 487 if grep -q ^"ignore client-updates" /etc/dhcp3/dhcpd.conf; then 488 echo "Updating dhcp-server configuration to deny client updates ..." 489 [ -z "$dhcp_backup" ] && cp /etc/dhcp3/dhcpd.conf /etc/dhcp3/dhcpd.conf.dpkg-old 490 sed -e "s/^ignore client-updates/deny client-updates/" -i /etc/dhcp3/dhcpd.conf 491 dhcp_reload=yes 492 fi 493 494 # reparing nagios2, apache2.conf 495 if ! grep -q "$basedn" /etc/nagios2/apache2.conf; then 496 sed -e "s/@@serverip@@/$serverip/ 497 s/@@basedn@@/$basedn/" $DYNTPLDIR/22_nagios/apache2.conf > /etc/nagios2/apache2.conf 498 cp /etc/nagios2/apache2.conf /var/lib/linuxmuster-nagios/config/nagios2 499 ln -sf /etc/nagios2/apache2.conf /etc/apache2/conf.d/nagios2.conf 500 fi 501 if ! grep -q "$(getdistname)" $SYSCONFDIR/nagios.conf; then 502 cp $SYSCONFDIR/nagios.conf $SYSCONFDIR/nagios.conf.dpkg-old 503 sed -e "s/^DESC_SERVER=.*/DESC_SERVER=\"Server der $(getdistname) $DISTMAJORVERSION\"/ 504 s/^DESC_FW=.*/DESC_FW=\"Firewall der $(getdistname) $DISTMAJORVERSION\"/ 505 s/^DESC_SERVERGROUP=.*/DESC_SERVERGROUP=\"Server der $(getdistname) $DISTMAJORVERSION\"/" -i /etc/linuxmuster/nagios.conf 506 sed -e "s/Server der .*/Server der $(getdistname) $DISTMAJORVERSION/g 507 s/Firewall der .*/Firewall der $(getdistname) $DISTMAJORVERSION/g" -i /etc/nagios2/conf.d/linuxmuster_main.cfg 508 nagios_reload=yes 509 fi 510 511 # creating pam_ldap.secret link 512 [ -e /etc/pam_ldap.secret ] || ln -sf ldap.secret /etc/pam_ldap.secret 513 514 # repairing openntpd 515 if ! grep -q ^"listen on $serverip" /etc/openntpd/ntpd.conf; then 516 cp /etc/openntpd/ntpd.conf /etc/openntpd/ntpd.conf.dpkg-old 517 sed -e "s/@@serverip@@/$serverip/" $DYNTPLDIR/99_start-services/ntpd.conf > /etc/openntpd/ntpd.conf 518 /etc/init.d/openntpd restart 519 fi 520 521 # repairing webmin 522 if [ ! -d /var/log/webmin ]; then 523 mkdir -p /var/log/webmin 524 /etc/init.d/webmin restart 525 fi 526 527 # repairing moodle 528 if [ -e /etc/moodle/config.php ]; then 529 if ! grep -q "\$CFG->wwwroot = '/moodle';" /etc/moodle/config.php; then 530 cp /etc/moodle/config.php /etc/moodle/config.php.dpkg-old 531 sed -e "s/\$CFG->wwwroot =.*/\$CFG->wwwroot = \'\/moodle\';/g" -i /etc/moodle/config.php 532 fi 533 fi 534 if [ -d /usr/share/moodle ]; then 535 [[ -e /usr/share/moodle/moodle && ! -L /usr/share/moodle/moodle ]] && mv /usr/share/moodle/moodle /usr/share/moodle/moodle.dpkg-old 536 [ -L /usr/share/moodle/moodle ] || ln -s . /usr/share/moodle/moodle 537 fi 538 539 # repair ssl-cert permissions (1.4.37-paedml1 & 1.4.38-paedml1) 540 chgrp ssl-cert /etc/ssl/private -R 541 if grep -q root:sasl $SCRIPTSDIR/create-ssl-cert.sh; then 542 sed -e 's/root:sasl/root:ssl-cert/g' -i $SCRIPTSDIR/create-ssl-cert.sh 543 chmod 744 $SCRIPTSDIR/create-ssl-cert.sh 544 fi 545 546 # adding tls support to slapd.conf 547 slapdtpl=/usr/share/sophomorix/config-templates/ldap/slapd-standalone.conf.template 548 [ -e /etc/ldap/slapd.conf.custom ] || cp $STATICTPLDIR/etc/ldap/slapd.conf.custom /etc/ldap 549 if ! grep -q ^TLS /etc/ldap/slapd.conf || ! grep -q misc.schema /etc/ldap/slapd.conf; then 550 echo "Updating openldap configuration ..." 551 cp /etc/ldap/slapd.conf /etc/ldap/slapd.conf.dpkg-old 552 rootpw=`grep ^rootpw /etc/ldap/slapd.conf | awk '{ print $2 }'` 553 sed -e "s/@@message1@@/${message1}/ 554 s/@@message2@@/${message2}/ 555 s/@@message3@@/${message3}/ 556 s/@@basedn@@/${basedn}/g 557 s/@@tls_comment@@//g 558 s/@@ldappassword@@/${rootpw}/g" $slapdtpl > /etc/ldap/slapd.conf 559 addgroup openldap ssl-cert 560 chmod 600 /etc/ldap/slapd.conf* 561 slapd_reload=yes 562 fi 563 if grep -q ^TLS /etc/ldap/slapd.conf; then 564 if ! grep ^SLAPD_SERVICES /etc/default/slapd | grep -q ldaps; then 565 cp /etc/default/slapd /etc/default/slapd.dpkg-old 566 cp $STATICTPLDIR/etc/default/slapd /etc/default 567 slapd_reload=yes 568 fi 569 fi 570 571 # fixing postgresql-8.1 pg_hba.conf (1.4.37-paedml1) 572 grep -q ^"# changed for Ogo" /etc/postgresql/8.1/main/pg_hba.conf && pg_update=yes 573 grep -q moodle /etc/postgresql/8.1/main/pg_hba.conf || pg_update=yes 574 if [ -n "$pg_update" ]; then 575 echo "Updating postgresql configuration ..." 576 echo "Warning: pg_hba.conf will be backupd up to pg_hba.conf.dpkg-old!" 577 cp /etc/postgresql/8.1/main/pg_hba.conf /etc/postgresql/8.1/main/pg_hba.conf.dpkg-old 578 cp $STATICTPLDIR/etc/postgresql/8.1/main/pg_hba.conf /etc/postgresql/8.1/main 579 postgres_reload=yes 580 fi 581 582 # ldap db user needs password (1.4.44-1) 583 dbconf=/etc/linuxmuster/schulkonsole/db.conf 584 dbuser=`grep ^Username $dbconf | awk -F\= '{ print $2 }'` 585 dbpwd=`grep ^Password $dbconf | awk -F\= '{ print $2 }'` 586 if [ "$dbuser" != "ldap" -o -z "$dbpwd" ]; then 587 echo "Providing a random password for postgresql user ldap." 588 echo "Warning: Backing up /etc/linuxmuster/schulkonsole/db.conf to db.conf.dpkg-old!" 589 cp /etc/linuxmuster/schulkonsole/db.conf /etc/linuxmuster/schulkonsole/db.conf.dpkg-old 590 ldapdbpw=`pwgen -s 8 1` 591 psql -U postgres -d template1 -qc "ALTER USER ldap WITH PASSWORD '"$ldapdbpw"';" 592 sed -e "s/^Password=.*/Password=$ldapdbpw/" $STATICTPLDIR/etc/linuxmuster/schulkonsole/db.conf > /etc/linuxmuster/schulkonsole/db.conf 593 chown www-data:www-data /etc/linuxmuster/schulkonsole/db.conf* 594 chmod 400 /etc/linuxmuster/schulkonsole/db.conf* 595 fi 596 597 # https://bugs.launchpad.net/ubuntu/+source/php5/+bug/63141, 1.4.44-1) 598 if grep -q ^"extension=curl.so" /etc/php5/conf.d/curl.ini; then 599 backup_file /etc/php5/conf.d/curl.ini 600 echo "Fixing /etc/php5/conf.d/curl.ini ..." 601 sed -e 's|^extension=curl.so|#extension=curl.so|' -i /etc/php5/conf.d/curl.ini 602 echo "# tschmitt: moved to pgsql.ini -> https://bugs.launchpad.net/ubuntu/+source/php5/+bug/63141" >> /etc/php5/conf.d/curl.ini 603 fi 604 if ! grep -q ^"extension=curl.so" /etc/php5/conf.d/pgsql.ini; then 605 backup_file /etc/php5/conf.d/pgsql.ini 606 echo "Fixing /etc/php5/conf.d/pgsql.ini ..." 607 echo "# tschmitt: moved from curl.ini -> https://bugs.launchpad.net/ubuntu/+source/php5/+bug/63141" >> /etc/php5/conf.d/pgsql.ini 608 echo "extension=curl.so" >> /etc/php5/conf.d/pgsql.ini 609 fi 610 611 # provide a default mindi.conf (1.4.44-1) 612 if [ ! -e /etc/mindi/mindi.conf ]; then 613 echo "Providing a default mindi.conf ..." 614 cp $STATICTPLDIR/etc/mindi/mindi.conf /etc/mindi 615 fi 616 617 # updating release information 618 echo "$(getdistname) $DISTFULLVERSION / Codename $CODENAME" > /etc/issue 619 cp /etc/issue /etc/issue.net 620 621 # reload services 622 apache2ctl graceful || true 623 [ -n "$nagios_reload" ] && /etc/init.d/nagios2 restart 624 [ -n "$dhcp_reload" ] && /etc/init.d/dhcp3-server force-reload 625 [ -n "$slapd_reload" ] && /etc/init.d/slapd restart 626 [ -n "$postgres_reload" ] && /etc/init.d/postgresql-8.1 reload 624 fi 625 626 # fixing ldap.conf to ignore self signed server certificate with queries from localhost 627 conffile=/etc/ldap/ldap.conf 628 if ! grep -q "TLS_REQCERT never" $conffile; then 629 echo "Fixing $conffile ..." 630 cp $conffile ${conffile}.dpkg-old 631 echo "TLS_REQCERT never" >> $conffile 632 fi 633 634 # updating release information 635 echo "$(getdistname) $DISTFULLVERSION / Codename $CODENAME" > /etc/issue 636 cp /etc/issue /etc/issue.net 637 638 # reload services 639 apache2ctl graceful || true 640 [ -n "$nagios_reload" ] && /etc/init.d/nagios2 restart 641 [ -n "$dhcp_reload" ] && /etc/init.d/dhcp3-server force-reload 642 [ -n "$slapd_reload" ] && /etc/init.d/slapd restart 643 [ -n "$postgres_reload" ] && /etc/init.d/postgresql-8.1 reload 627 644 628 # important message if upgrade is necessary629 630 631 632 645 # important message if upgrade is necessary 646 if [ -n "$upgrade" ]; then 647 echo "IMPORTANT!" 648 echo "Be sure to make apt-get update and apt-get dist-upgrade very soon!" 649 fi 633 650 634 651 fi # upgrade tasks
Note: See TracChangeset
for help on using the changeset viewer.
