igtf-policy-classic 1.71-1 / postinst

This file is indexed.

postinst is in igtf-policy-classic 1.71-1.

This file is a maintainer script. It is executed when installing (*inst) or removing (*rm) the package.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
#!/bin/sh
# postinst script for igtf-policy-classic
#
# see: dh_installdeb(1)

set -e

. /usr/share/debconf/confmodule

# auxiliary function to find $1 in $2
in_list() {
    local i
    local s=$1
    shift
    for i in "$@" ; do
	if test "$s" = "$i" ; then
	    return 0
	fi
    done
    return 1
}


# check if $1 is supposed to be included.
ca_included() {
    if [ "$install_profile" = true ]; then
	if in_list "$1" "$excluded" ; then
	    return 1
	else
	    return 0
	fi
    else
	if in_list "$1" "$included" ; then
	    return 0
	else
	    return 1
	fi
    fi
}

# When CAs are discontinued, they (ought to) clean up the symlinks.
# But the CRL files may be left behind. It's always a good idea to remove
# those CRLs which no longer have their CA certificate present.
remove_leftover_crls() {
    for i in `find /etc/grid-security/certificates -maxdepth 1 -name '*.r0' -print` ; do
	ca=`basename ${i%.*}`
	if [ ! -e /etc/grid-security/certificates/$ca.0 ] ; then
	    rm -f $i
	fi
    done
}

# Earlier versions of this package (<=1.54) did not clean up the symlinks
# of removed CAs
remove_discontinued_cas() {
    discontinued="AIST 075047ca a317c467 JUnet-CA 3154fd00 b3222f9e IUCC bfafd1bd 6fee79b0"
    for i in $discontinued ; do
	for e in crl_url info namespaces pem signing_policy 0; do
	    if [ -h /etc/grid-security/certificates/$i.$e ]; then
		rm -f /etc/grid-security/certificates/$i.$e
	    fi
	done
    done
}


case "$1" in
    configure)
	# The configuration works either by exclusion or
	# inclusion of exceptions. If install_profile is
	# 'yes', then all are installed except those listed
	# in exclude_ca; if 'no' then only those in
	# include_ca are installed.

	if [ ! -e /etc/grid-security/certificates ]; then
	    mkdir -p /etc/grid-security/certificates
	fi

	# get the setting of whether to install the profile
	db_get igtf-policy-classic/install_profile
	install_profile="$RET"

	# Get the in/exclude lists, replace the commas
	db_get igtf-policy-classic/exclude_ca
	excluded=`echo "$RET" | tr ',' ' '`

	db_get igtf-policy-classic/include_ca
	included=`echo "$RET" | tr ',' ' '`

	# symlink each file to /etc/grid-security/certificates
	# following the inclusion/exclusion principle described
	# above. The hashed filenames are symlinks to the real
	# names, so they must be resolved with readlink.
	for f in `find /usr/share/igtf-policy/classic/ -maxdepth 1 -not -type d`  ; do
            # read the link
	    if [ -h "$f" ]; then
		l=`readlink "$f"`
	    else
		l="$f"
	    fi
	    ca=`basename ${l%.*}`
	    if ca_included $ca; then
                # create symlink if it doesn't exist
		if [ ! -e /etc/grid-security/certificates/`basename $f` ]; then
		    ln -s "$f" /etc/grid-security/certificates/ 
		fi
	    else
                # remove the files, and CRL if any
		rm -f /etc/grid-security/certificates/`basename $f`
		rm -f /etc/grid-security/certificates/`basename ${f%.*}`.r0
	    fi
    	done
	remove_leftover_crls
	if dpkg --compare-versions "$2" lt 1.55 ; then
	    remove_discontinued_cas
	fi
    ;;

    abort-upgrade|abort-remove|abort-deconfigure)
    ;;

    *)
        echo "postinst called with unknown argument \`$1'" >&2
        exit 1
    ;;
esac



exit 0

APT Browse - Built by Thomas Orozco.