postinst is in apparmor 2.11.0-3+deb9u2.
This file is a maintainer script. It is executed when installing (*inst) or removing (*rm) the package.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 | #!/bin/sh
# postinst script for apparmor
#
# see: dh_installdeb(1)
set -e
. /usr/share/debconf/confmodule
. /lib/apparmor/functions
# summary of how this script can be called:
# * <postinst> `configure' <most-recently-configured-version>
# * <old-postinst> `abort-upgrade' <new version>
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
# <new-version>
# * <postinst> `abort-remove'
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
# <failed-install-package> <version> `removing'
# <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package
case "$1" in
configure|abort-remove|abort-deconfigure)
# Try to determine values for apparmor/homedirs if the administrator
# hasn't already.
if dpkg --compare-versions "$2" lt-nl "2.5~pre+bzr1362-0ubuntu2"; then
db_get apparmor/homedirs
if [ -z "$RET" ]; then
# Get unique dirnames for uids between 1000 and 30000, then
# format them appropriately for AppArmor
dirs=`awk -F: '$3 >= 1000 && $3 < 30000 {printf "%s\n", $6}' /etc/passwd | xargs -d '\n' -n 1 dirname | grep -v '^/home$' | sed -e 's#\(.*\)#\\1/#g' | sed -e '/ / { s#\(.*\)#"\\1"#g }' | sort -u | tr '\n' ' '`
if [ -n "$dirs" ]; then
db_set apparmor/homedirs "$dirs"
fi
fi
fi
db_get apparmor/homedirs
tmp=`mktemp`
cat > "$tmp" <<EOM
# This file is auto-generated. It is recommended you update it using:
# $ sudo dpkg-reconfigure apparmor
#
# The following is a space-separated list of where additional user home
# directories are stored, each must have a trailing '/'. Directories added
# here are appended to @{HOMEDIRS}. See tunables/home for details.
EOM
if [ -n "$RET" ]; then
cat >> "$tmp" <<EOM
@{HOMEDIRS}+=$RET
EOM
else
cat >> "$tmp" <<EOM
#@{HOMEDIRS}+=
EOM
fi
mkdir -p /etc/apparmor.d/tunables/home.d 2>/dev/null || true
mv -f "$tmp" /etc/apparmor.d/tunables/home.d/ubuntu
chmod 644 /etc/apparmor.d/tunables/home.d/ubuntu
if [ ! -e /etc/apparmor.d/tunables/xdg-user-dirs.d/site.local ]; then
tmp=`mktemp`
cat > "$tmp" <<EOM
# ------------------------------------------------------------------
#
# Copyright (C) 2014 Canonical Ltd.
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
# The following may be used to add additional entries such as for
# translations. See tunables/xdg-user-dirs for details. Eg:
#@{XDG_MUSIC_DIR}+="Musique"
#@{XDG_DESKTOP_DIR}+=""
#@{XDG_DOWNLOAD_DIR}+=""
#@{XDG_TEMPLATES_DIR}+=""
#@{XDG_PUBLICSHARE_DIR}+=""
#@{XDG_DOCUMENTS_DIR}+=""
#@{XDG_MUSIC_DIR}+=""
#@{XDG_PICTURES_DIR}+=""
#@{XDG_VIDEOS_DIR}+=""
EOM
mkdir -p /etc/apparmor.d/tunables/xdg-user-dirs.d 2>/dev/null || true
mv -n "$tmp" /etc/apparmor.d/tunables/xdg-user-dirs.d/site.local
chmod 644 /etc/apparmor.d/tunables/xdg-user-dirs.d/site.local
fi
;;
abort-upgrade)
# Nothing to do
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
# Automatically added by dh_systemd_enable
# This will only remove masks created by d-s-h on package removal.
deb-systemd-helper unmask apparmor.service >/dev/null || true
# was-enabled defaults to true, so new installations run enable.
if deb-systemd-helper --quiet was-enabled apparmor.service; then
# Enables the unit on first installation, creates new
# symlinks on upgrades if the unit file has changed.
deb-systemd-helper enable apparmor.service >/dev/null || true
else
# Update the statefile to add new symlinks (if any), which need to be
# cleaned up on purge. Also remove old symlinks.
deb-systemd-helper update-state apparmor.service >/dev/null || true
fi
# End automatically added section
# Automatically added by dh_installinit
if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ]; then
if [ -x "/etc/init.d/apparmor" ]; then
update-rc.d apparmor start 37 S . >/dev/null || true
fi
fi
# End automatically added section
# Automatically added by dh_installdeb
dpkg-maintscript-helper rm_conffile /etc/apparmor/functions 2.5.1-0ubuntu4 -- "$@"
# End automatically added section
# Automatically added by dh_installdeb
dpkg-maintscript-helper rm_conffile /etc/apparmor/rc.apparmor.functions 2.5.1-0ubuntu4 -- "$@"
# End automatically added section
# Automatically added by dh_installdeb
dpkg-maintscript-helper rm_conffile /etc/apparmor.d/abstractions/ubuntu-sdk-base 2.8.0-0ubuntu20~ -- "$@"
# End automatically added section
# Automatically added by dh_installdeb
dpkg-maintscript-helper rm_conffile /etc/apparmor/features 2.11.0-3+deb9u2~ -- "$@"
# End automatically added section
# Now that AppArmor is installed, attempt to reload profiles in the
# case of upgrades.
case "$1" in
configure)
if aa-status --enabled 2>/dev/null; then
clear_cache || true
load_configured_profiles || true
fi
# Discard the return code and just make sure the md5sums are updated
# so on next boot the upstart/initscript will have updated md5sums and
# won't clear out the cache. This does not affect system-image updates
# since /etc/system-image/writable-paths is configured to prefer the
# files on the device (and the apparmor upstart job handles this).
compare_and_save_debsums apparmor || true
;;
esac
exit 0
|