postinst is in ca-certificates 20180409.
This file is a maintainer script. It is executed when installing (*inst) or removing (*rm) the package.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 | #! /bin/sh
# postinst script for ca-certificates
#
# see: dh_installdeb(1)
# summary of how this script can be called:
# * <postinst> `configure' <most-recently-configured-version>
# * <old-postinst> `abort-upgrade' <new version>
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
# <new-version>
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
# <failed-install-package> <version> `removing'
# <conflicting-package> <version>
# for details, see /usr/share/doc/packaging-manual/
#
# quoting from the policy:
# Any necessary prompting should almost always be confined to the
# post-installation script, and should be protected with a conditional
# so that unnecessary prompting doesn't happen if a package's
# installation fails and the `postinst' is called with `abort-upgrade',
# `abort-remove' or `abort-deconfigure'.
set -e
each_value() {
echo "$1" |tr ',' '\n' | sed -e 's/^[[:space:]]*//'
}
memberp() {
m="$1"
l="$2"
each_value "$l" | grep -q "^$m\$"
}
delca() {
m="$1"
l="$2"
echo "$l" |sed -e 's|'"$m"', ||' -e 's|'"$m"'$||' -e 's/,[[:space:]]*,/, /' -e 's/^[[:space:]]*//' -e 's/,[[:space:]]*$//'
}
case "$1" in
configure)
if [ ! -e /usr/local/share/ca-certificates ]; then
if mkdir -m $(stat -c %a /usr/local) /usr/local/share/ca-certificates 2>/dev/null; then
chgrp $(stat -c %g /usr/local) /usr/local/share/ca-certificates
fi
# Handle upgrades and allow local admin to override:
# e.g. dpkg-statoverride --add root staff 2775 /usr/local/share/ca-certificates
elif ! dpkg-statoverride --list /usr/local/share/ca-certificates >/dev/null; then
chmod $(stat -c %a /usr/local) /usr/local/share/ca-certificates || true
chown $(stat -c %u /usr/local):$(stat -c %g /usr/local) /usr/local/share/ca-certificates || true
fi
. /usr/share/debconf/confmodule
db_version 2.0
db_capb multiselect
db_metaget ca-certificates/enable_crts choices
CERTS_AVAILABLE="$RET"
db_get ca-certificates/enable_crts
CERTS_ENABLED="$RET"
# XXX unmark seen for next configuration
db_fset ca-certificates/new_crts seen false
db_stop || true
if test -f /etc/ca-certificates.conf; then
# XXX: while in subshell?
while read line
do
if echo "$line" | grep -q '^#'; then
echo "$line"
else
case "$line" in
!*) ca=$(echo "$line" | sed -e 's/^!//');;
*) ca="$line";;
esac
if memberp "$ca" "$CERTS_ENABLED"; then
echo "$ca"
# CERTS_ENABLED=$(delca "$ca" "$CERTS_ENABLED")
elif memberp "$ca" "$CERTS_AVAILABLE" ||
echo "$line" | grep -q '^!'; then
echo "!$ca"
elif [ -f /usr/share/ca-certificates/"$ca" ] || \
[ -f /usr/local/share/ca-certificates/"$ca" ]; then
echo "$ca"
else
echo "!$ca"
fi
# CERTS_AVAILABLE=$(delca "$ca" "$CERTS_AVAILABLE")
fi
done < /etc/ca-certificates.conf > /etc/ca-certificates.conf.dpkg-new
if echo "$CERTS_ENABLED" | egrep -q "^([[:space:]]*,)*[[:space:]]*$"; then
:
else
each_value "$CERTS_ENABLED" | while read ca
do
if grep -q "^$ca" /etc/ca-certificates.conf.dpkg-new; then
:
else
echo "$ca" >> /etc/ca-certificates.conf.dpkg-new
fi
done
fi
each_value "$CERTS_AVAILABLE" | while read ca
do
if memberp "$ca" "$CERTS_ENABLED"; then
:
elif grep -q "^!$ca" /etc/ca-certificates.conf.dpkg-new; then
:
else
echo "!$ca" >> /etc/ca-certificates.conf.dpkg-new
fi
done
if cmp -s /etc/ca-certificates.conf /etc/ca-certificates.conf.dpkg-new; then
rm -f /etc/ca-certificates.conf.dpkg-new
else
mv -f /etc/ca-certificates.conf /etc/ca-certificates.conf.dpkg-old
mv /etc/ca-certificates.conf.dpkg-new /etc/ca-certificates.conf
fi
else
# new file
cat > /etc/ca-certificates.conf <<EOF
# This file lists certificates that you wish to use or to ignore to be
# installed in /etc/ssl/certs.
# update-ca-certificates(8) will update /etc/ssl/certs by reading this file.
#
# This is autogenerated by dpkg-reconfigure ca-certificates.
# Certificates should be installed under /usr/share/ca-certificates
# and files with extension '.crt' is recognized as available certs.
#
# line begins with # is comment.
# line begins with ! is certificate filename to be deselected.
#
EOF
(echo $CERTS_ENABLED | tr ',' '\n'; \
echo $CERTS_AVAILABLE | tr ',' '\n') | \
sed -e 's/^[[:space:]]*//' | \
sort | uniq -c | \
sed -e 's/^[[:space:]]*2[[:space:]]*//' \
-e 's/^[[:space:]]*1[[:space:]]*/!/' \
>> /etc/ca-certificates.conf
fi
# update /etc/ssl/certs without running the hooks
# fix bogus symlink to ca-certificates.crt on upgrades; see
# Debian #643667; drop after wheezy
if dpkg --compare-versions "$2" lt-nl 20111025; then
update-ca-certificates --hooksdir "" --fresh
else
update-ca-certificates --hooksdir ""
fi
# deferred update of /etc/ssl/certs including running the hooks
dpkg-trigger --no-await update-ca-certificates
;;
triggered)
for trigger in $2; do
case "$trigger" in
update-ca-certificates)
update-ca-certificates
;;
update-ca-certificates-fresh)
update-ca-certificates --fresh
;;
*)
echo "postinst called with unknown trigger \`$2'">&2
exit 1
;;
esac;
done;
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
exit 0
|