tomcat8 8.0.14-1+deb8u11 / postinst

This file is indexed.

postinst is in tomcat8 8.0.14-1+deb8u11.

This file is a maintainer script. It is executed when installing (*inst) or removing (*rm) the package.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
#!/bin/sh
set -e

. /usr/share/debconf/confmodule
TEMPLATE="/usr/share/tomcat8/defaults.template"
CONFFILE="/etc/default/tomcat8"
LR_TEMPLATE="/usr/share/tomcat8/logrotate.template"
LR_CONFFILE="/etc/logrotate.d/tomcat8"
JAVA_OPTS="-Djava.awt.headless=true -Xmx128m -XX:+UseConcMarkSweepGC"

case "$1" in
    configure)

	# Generate $CONFFILE from debconf seetings and $TEMPLATE
	db_version 2.0
	db_get tomcat8/username && TOMCAT8_USER="$RET" || TOMCAT8_USER="tomcat8"
	db_get tomcat8/groupname && TOMCAT8_GROUP="$RET" || TOMCAT8_GROUP="tomcat8"
	db_get tomcat8/javaopts && JAVA_OPTS="$RET" || JAVA_OPTS="-Djava.awt.headless=true -Xmx128m -XX:+UseConcMarkSweepGC"

	tmpfile=`mktemp /tmp/tomcat8.XXXXXXXXXX`
	chmod 644 $tmpfile
	cat $TEMPLATE \
		| sed "s%^TOMCAT8_USER=.*$%TOMCAT8_USER=$TOMCAT8_USER%" \
		| sed "s%^TOMCAT8_GROUP=.*$%TOMCAT8_GROUP=$TOMCAT8_GROUP%" \
		| sed "s%^JAVA_OPTS=.*$%JAVA_OPTS=\"$JAVA_OPTS\"%" \
		>> $tmpfile
	ucf --debconf-ok --sum-file /usr/share/tomcat8/defaults.md5sum $tmpfile $CONFFILE
	rm -f $tmpfile

	if ! getent group "$TOMCAT8_GROUP" > /dev/null 2>&1 ; then
	    addgroup --system "$TOMCAT8_GROUP" --quiet
	fi
	if ! id $TOMCAT8_USER > /dev/null 2>&1 ; then
	    adduser --system --home /usr/share/tomcat8 --no-create-home \
		--ingroup "$TOMCAT8_GROUP" --disabled-password --shell /bin/false \
		"$TOMCAT8_USER"
	fi
	chown -R $TOMCAT8_USER:adm /var/log/tomcat8 /var/cache/tomcat8
	chmod 750 /var/log/tomcat8 /var/cache/tomcat8

	# populate /etc/logrotate.d/tomcat8
	tmpfile=`mktemp /tmp/tomcat8.XXXXXXXXXX`
	chmod 644 $tmpfile
	cat $LR_TEMPLATE | sed "s%create 640 tomcat8 adm%create 640 $TOMCAT8_USER adm%" >> $tmpfile
	ucf --debconf-ok --sum-file /usr/share/tomcat8/logrotate.md5sum $tmpfile $LR_CONFFILE
	rm -f $tmpfile

	# configuration files should not be modifiable by tomcat8 user, as this can be a security issue
	# (an attacker may insert code in a webapp and have access to all tomcat configuration)
	# but those files should be readable by tomcat8, so we set the group to tomcat8
	for i in tomcat-users.xml web.xml server.xml logging.properties context.xml catalina.properties;
	do
		if [ -f "/etc/tomcat8/$i" ]; then
			chown root:$TOMCAT8_GROUP /etc/tomcat8/$i
			chmod 640 /etc/tomcat8/$i
		fi
	done
	# configuration policy files should not be modifiable by the tomcat8 user. Only
	# diverge from default permissions for known Debian files
	chown root:$TOMCAT8_GROUP /etc/tomcat8/policy.d
	for i in 01system.policy 02debian.policy 03catalina.policy 04webapps.policy 50local.policy;
	do
		if [ -f "/etc/tomcat8/policy.d/$i" ]; then
			chown root:$TOMCAT8_GROUP /etc/tomcat8/policy.d/$i
			chmod 640 /etc/tomcat8/policy.d/$i
		fi
	done
	chown -Rh root:$TOMCAT8_GROUP /etc/tomcat8/Catalina

	chown -Rh $TOMCAT8_USER:$TOMCAT8_GROUP /var/lib/tomcat8/webapps /var/lib/tomcat8/lib
	chmod 775 /var/lib/tomcat8/webapps
	chmod 775 /etc/tomcat8/Catalina

	# Authorize user tomcat8 to open privileged ports via authbind.
	TOMCAT_UID="`id -u $TOMCAT8_USER`"
	if [ ! -f "/etc/authbind/byuid/$TOMCAT_UID" ]; then
		if [ ! -d "/etc/authbind/byuid" ]; then
			mkdir -p /etc/authbind/byuid
			chmod 755 /etc/authbind
			chmod 755 /etc/authbind/byuid
		fi
		echo '0.0.0.0/0:1,1023' >/etc/authbind/byuid/$TOMCAT_UID
		chown $TOMCAT8_USER:$TOMCAT8_GROUP /etc/authbind/byuid/$TOMCAT_UID
		chmod 700 /etc/authbind/byuid/$TOMCAT_UID
	fi
    ;;
esac

if [ ! -d /var/lib/tomcat8/webapps/ROOT ]; then
    cp -r /usr/share/tomcat8-root/default_root /var/lib/tomcat8/webapps/ROOT
fi

# Automatically added by dh_installinit
if [ -x "/etc/init.d/tomcat8" ]; then
	update-rc.d tomcat8 defaults 92 08 >/dev/null
	invoke-rc.d tomcat8 start || true
fi
# End automatically added section

APT Browse - Built by Thomas Orozco.