icinga-web 1.10.0-2 / postinst

This file is indexed.

postinst is in icinga-web 1.10.0-2.

This file is a maintainer script. It is executed when installing (*inst) or removing (*rm) the package.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
#!/bin/bash

set -e

###
# Install DB
###
. /usr/share/debconf/confmodule
. /usr/share/dbconfig-common/dpkg/postinst
dbc_go icinga-web $@

###
# Database connection files
###
uriescape() {
    echo "$(perl -MCGI::Util -e 'print CGI::Util::escape($ARGV[0]);' "$1")"
}

generate_dbxml() {
    local file="$1"
    local template="$2"
    local dbconfig="$3"

    # load dbconfig file
    if [ -f "$dbconfig" ]; then
        source $dbconfig
    else
        (
        echo
        echo "[ WARNING ]"
        echo "cannot configure database: $file"
        echo "the database might not been configured with dbconfig-common"
        echo "or there was another problem, the config file is missing:"
        echo " $dbconfig"
        echo
        ) >&2
        return
    fi

    # leave when dbconfig not enabled
    if [ "$dbc_install" != "true" ]; then
        echo "database config failed: dbconfig-common for \"$(basename $dbconfig .conf)\" not enabled!" 
        return
    fi

    # create tempfile
    local tempfile=$(tempfile -m 600 -p "$(basename $file)")

    # add a colon to port
    [ "$dbc_dbport" != "" ] && dbc_dbport=":$dbc_dbport"
    dbc_edbuser=$(uriescape $dbc_dbuser)
    dbc_edbpass=$(uriescape $dbc_dbpass)
    dbc_edbname=$(uriescape $dbc_dbname)

    # allow pgsql socket
    [ "$dbc_dbserver" = "" ] && [ "$dbc_authmethod_user" = "ident" ] && dbc_dbserver="%2Fvar%2Frun%2Fpostgresql"

    # uri escape the vars
    # build the dsn
    local dsn="$dbc_dbtype://$dbc_edbuser:$dbc_edbpass@${dbc_dbserver:=localhost}$dbc_dbport/$dbc_edbname"

    # write xml to temp
    cat $template | sed "s|_DBDSN_|$dsn|" > $tempfile

    # replace the file with ucf
    ucf --debconf-ok $tempfile $file

    echo "database config successful: $file"
    rm -f $tempfile
}

generate_dbxml /etc/icinga-web/conf.d/database-web.xml \
               /usr/share/icinga-web/tmpl/database-web.xml.tmpl \
               /etc/dbconfig-common/icinga-web.conf

generate_dbxml /etc/icinga-web/conf.d/database-ido.xml \
               /usr/share/icinga-web/tmpl/database-ido.xml.tmpl \
               /etc/dbconfig-common/icinga-idoutils.conf

###
# Apache2
###

if [ "$1" = "configure" ]; then
    echo "enabling Apache2 config..."

    COMMON_STATE=$(dpkg-query -f '${Status}' -W 'apache2.2-common' 2>/dev/null | awk '{print $3}' || true)

    # NEW method for Apache >= 2.4
    if [ -e /usr/share/apache2/apache2-maintscript-helper ]; then
        . /usr/share/apache2/apache2-maintscript-helper

        apache2_invoke enmod rewrite
        apache2_invoke enconf icinga-web

        # remove OLD Apache 2.2 link
        [ -L /etc/apache2/conf.d/icinga-web.conf ] && rm /etc/apache2/conf.d/icinga-web.conf

    # OLD methods for Apache < 2.4
    elif [ "$COMMON_STATE" = "installed" ] || [ "$COMMON_STATE" = "unpacked" ] ; then
        # enable mod rewrite
        [ -f /etc/apache2/mods-enabled/rewrite.load ] || a2enmod rewrite

        # create symlink if not existing
        [ -f /etc/apache2/conf.d/icinga-web.conf ] || ln -vs ../../icinga-web/apache2.conf /etc/apache2/conf.d/icinga-web.conf

        # reload webserver
        [ -x $(which invoke-rc.d) ] && invoke-rc.d apache2 reload
    fi
fi


###
# Set root password in database
###
setpassword() {
    password="$1"
    
    # load database connection info
    if [ ! -f /etc/dbconfig-common/icinga-web.conf ]; then
        return
    fi
    source /etc/dbconfig-common/icinga-web.conf

    # gen new salt
    salt=$(php5 -r 'echo hash("sha256", uniqid("root_", mt_rand()));')
    
    # gen new pw hash
    export SALT="$salt"
    export PW="$password"
    pwhash=$(php5 -r 'echo hash_hmac("sha256", getenv("PW"), getenv("SALT"));')

    salt_e=${salt/\'/\\\'}
    pwhash_e=${pwhash/\'/\\\'}
    
    if [ "$dbc_dbtype" = "mysql" ]; then
        # query the database to update
        query="UPDATE nsm_user SET user_password='""$pwhash_e""', user_salt = '""$salt_e""', user_modified = NOW() WHERE user_name = 'root';"
        
        # use app user and password for the command
        dbc_dbadmin="$dbc_dbuser"
        dbc_dbadmpass="$dbc_dbpass"
        
        if dbc_mysql_exec_command "$query"; then
            echo "root password updates successfully!"
            db_fset icinga-web/rootpassword changed false || true
            db_go || true
        else
            echo "setting root password failed: $dbc_error" >&2
        fi
    elif [ "$dbc_dbtype" = "pgsql" ]; then
        # query the database to update
        query="UPDATE nsm_user SET user_password='""$pwhash_e""', user_salt = '""$salt_e""', user_modified = NOW() WHERE user_name = 'root';"
        
        # use the app user
        _dbc_asuser=1
        
        if _dbc_pgsql_exec_command "$query"; then
            echo "root password updates successfully!"
            db_fset icinga-web/rootpassword changed false || true
            db_go || true
        else
            echo "setting root password failed: $dbc_error" >&2
        fi
    else
        echo "db type '$dbc_dbtype' not implemented for setting root password!" >&2
    fi
}

###
# root password for Icinga Web
###

db_get icinga-web/dbconfig-install || true
if [ "$RET" = "true" ]; then
    db_fget icinga-web/rootpassword changed || true
    if [ "$RET" != "false" ]; then
        db_get icinga-web/rootpassword || true
        if [ "$RET" != "" ]; then
            setpassword $RET
        else
            echo "no password configured - root password for Icinga Web will not be set!"
        fi
    else
        echo "root password has not been changed."
    fi
fi

###
# Clear cache
###
if [ -x /usr/lib/icinga-web/bin/clearcache.sh ]; then
	/usr/lib/icinga-web/bin/clearcache.sh
fi

###
# Permissions
###

setperm() {
    local user="$1"
    local group="$2"
    local mode="$3"
    local file="$4"
    shift 4
    # only do something when no setting exists
    if ! dpkg-statoverride --list "$file" >/dev/null 2>&1; then
      chown "$user":"$group" "$file"
      chmod "$mode" "$file"
    fi
}

setperm root www-data 0640 /etc/icinga-web/conf.d/access.xml
setperm root www-data 0640 /etc/icinga-web/conf.d/auth.xml
setperm root www-data 0640 /etc/icinga-web/conf.d/databases.xml
if [ -f /etc/icinga-web/conf.d/database-web.xml ]; then
    setperm root www-data 0640 /etc/icinga-web/conf.d/database-web.xml
fi
if [ -f /etc/icinga-web/conf.d/database-ido.xml ]; then
    setperm root www-data 0640 /etc/icinga-web/conf.d/database-ido.xml
fi
setperm root www-data 0640 /etc/icinga-web/conf.d/module_reporting.xml

setperm www-data adm 0770 /var/log/icinga-web

setperm www-data www-data 0770 /var/cache/icinga-web
setperm www-data www-data 0770 /var/cache/icinga-web/reporting



# stop debconf explicitly
db_stop

APT Browse - Built by Thomas Orozco.