set -e
+# chk_conf_tag ()
+#
+# Check if configuration file has CARNet package info lines.
+# return: $RET => 0 - tagged
+# 1 - file does not exists
+# 2 - file exists, but it is not tagged
+#
+chk_conf_tag () {
+ local conf_file
+ conf_file="$1"
+ RET=1
+
+ if [ -f "$conf_file" ]; then
+ if egrep -q "^## Begin - Generated by CARNet package mod-security-cn$" "$conf_file"; then
+ RET=0
+ else
+ RET=2
+ fi
+ fi
+}
+
+
case "$1" in
remove|deconfigure)
. /usr/share/carnet-tools/functions.sh
PKG="mod-security-cn"
- A2DIR="/etc/apache2"
+ A2DIR="/etc/apache2"
CONFDIR="$A2DIR/conf.d"
- MODSECCONF="$CONFDIR/mod-security-cn.conf"
+ MODSECDIR="$A2DIR/mod-security"
+ MODSECCONF="$MODSECDIR/mod-security-cn.conf"
+ MODSECRBL="$MODSECDIR/rbl_lookup.conf"
+ MODSECLNK="$CONFDIR/$(basename $MODSECCONF)"
+
need_restart=0
- # Remove configuration file generated by this CARNet package.
- if [ -f "$MODSECCONF" ]; then
- if egrep -q "^## Begin - Generated by CARNet package mod-security-cn$" "$MODSECCONF"; then
- cp_echo "CN: Removing configuration file ${MODSECCONF}."
- rm -f $MODSECCONF
- need_restart=1
+
+ # Disable ModSecurity configuration.
+ chk_conf_tag "$MODSECCONF"
+ if [ $RET -eq 0 ]; then
+ if [ -e "$MODSECLNK" ]; then
+ cp_echo "CN: Disabling ModSecurity configuration."
+ rm -f "$MODSECLNK"
+ need_restart=1
fi
fi
+ # Remove configuration files generated by this CARNet package.
+ for file in "$MODSECCONF" "$MODSECRBL"; do
+ chk_conf_tag "$file"
+ if [ $RET -eq 0 ]; then
+ cp_echo "CN: Removing configuration file $file"
+ rm -f $file
+ need_restart=1
+ fi
+ done
+
# Restart Apache2 web server.
- if [ $need_restart -eq 1 ]; then
+ if [ $need_restart -eq 1 ]; then
if apache2ctl configtest 2>/dev/null; then
-
- # Restart Apache2 web server.
- if [ -x "/etc/init.d/apache2" ]; then
- if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
- invoke-rc.d apache2 restart || true
- else
- /etc/init.d/apache2 restart || true
- fi
- fi
+ invoke-rc.d apache2 force-reload || true
else
# Something is broken.
cp_echo "CN: Your Apache2 configuration seem to be broken."
;;
esac
+#DEBHELPER#
+
exit 0