X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;f=debian%2Fpostinst;h=41a96aa85d262122c23fc818c895f05a0202e498;hb=refs%2Fheads%2Flenny;hp=19da2b150f577d3977174b89d37643047c62c758;hpb=44e4fefcfc6756cf073d7d52051854488adccafe;p=apache2-cn.git diff --git a/debian/postinst b/debian/postinst index 19da2b1..41a96aa 100755 --- a/debian/postinst +++ b/debian/postinst @@ -27,11 +27,9 @@ esac . /usr/share/carnet-tools/functions.sh PKG="apache2-cn" -VERSION="2.2-1" +VERSION="2.2-5lenny1" CONFDIR="/etc/apache2" -CONFDIROLD="/etc/apache" CONF="$CONFDIR/apache2.conf" -CONFOLD="$CONFDIROLD/httpd.conf" A2MODEDIR="$CONFDIR/mods-enabled" PORTCONF="$CONFDIR/ports.conf" A2CNDIR=/usr/share/apache2-cn @@ -116,33 +114,6 @@ chk_conf_tag () { fi } -# conf_log_fix () -# -# Check CustomLog, ErrorLog and TransferLog paths - /var/log/apache/ is replaced -# with /var/log/apache2/. -# -conf_log_fix () { - - local conf_file out - conf_file="$1" - - if [ -f "$conf_file" ]; then - - if egrep -iq '^[[:space:]]*(Error|Custom|Transfer)Log[[:space:]]*\/var\/log\/apache\/' "$conf_file"; then - - out=$(mktemp ${conf_file}.XXXXXX) - temp_files="${temp_files} ${out}" - - sed 's/\(^[[:space:]]*\(Error\|Custom\|Transfer\)Log[[:space:]]*\)\/var\/log\/apache\//\1\/var\/log\/apache2\//I' \ - $conf_file > $out - mv $out $conf_file - fi - - # Be sure.. - chmod 644 $conf_file - fi -} - # generate_ssl() # # Generate Apache2 web server SSL certificate. @@ -160,7 +131,7 @@ generate_ssl () { # listen_ssl() { - if [ ! -f "$PORTCONF" ] || ! egrep -iq "^[[:space:]]*Listen[[:space:]]*.*443$" "$PORTCONF"; then + if [ ! -f "$PORTCONF" ] || ! egrep -iq "^[[:space:]]*Listen[[:space:]]+443$" "$PORTCONF"; then cp_echo "CN: Enabling SSL port (443) for Apache2 web server." @@ -318,24 +289,6 @@ install_vhost() { trap cleanup 0 1 2 15 -# Make sure that monit conf for Apache is disabled. -# -if [ -f "/etc/monit.d/apache1.conf" ]; then - mv /etc/monit.d/apache1.conf /etc/monit.d/apache1.conf.disabled - pkill -9 -f /usr/sbin/monit || true -fi - - -# Make sure Apache is NOT running. -# -if [ -x /usr/sbin/invoke-rc.d ]; then - [ -x /usr/sbin/apache ] && invoke-rc.d apache stop || true - pkill -9 -f /usr/sbin/apache || true -else - [ -x /etc/init.d/apache ] && /etc/init.d/apache stop || true -fi - - # Backup all configuration located in /etc/apache2/conf.d/ and # /etc/apache2/sites-available/ directories. # @@ -403,14 +356,6 @@ if [ -e "$CONF" ]; then fi fi - if [ ! -e "$A2MODEDIR/php4.load" ] || [ ! -e "$A2MODEDIR/php4.conf" ]; then - if [ -e "/usr/lib/apache2/modules/libphp4.so" ]; then - cp_echo "CN: Enabling PHP4 module for Apache2 web server." - a2enmod php4 >/dev/null || true - need_restart=1 - fi - fi - if [ ! -e "$A2MODEDIR/ssl.load" ] || [ ! -e "$A2MODEDIR/ssl.conf" ]; then cp_echo "CN: Enabling SSL module for Apache2 web server." a2enmod ssl >/dev/null || true @@ -487,9 +432,12 @@ fi # Add VirtualHosts. +# - on fresh install # -db_get apache2-cn/wwwhost || true -if [ "$RET" = "true" ]; then +if [ -z "$2" ]; then + + db_get apache2-cn/wwwhost || true + if [ "$RET" = "true" ]; then # Add WWW VirtualHost. if [ -f "$CONFDIR/sites-available/$FQDN" ]; then @@ -501,7 +449,11 @@ if [ "$RET" = "true" ]; then chk_conf_tag "$CONFDIR/sites-available/$FQDN" if [ ! -f "$CONFDIR/sites-available/$FQDN" ] || [ $RET -eq 0 ]; then - install_vhost -nvh -d -r www.$DOMAIN default $FQDN 000-$FQDN + if egrep -qi "^[[:space:]]*NameVirtualHost[[:space:]]+\*:80$" "$PORTCONF"; then + install_vhost -d -r www.$DOMAIN default $FQDN 000-$FQDN + else + install_vhost -nvh -d -r www.$DOMAIN default $FQDN 000-$FQDN + fi need_restart=1 fi @@ -519,9 +471,14 @@ if [ "$RET" = "true" ]; then chk_conf_tag "$CONFDIR/sites-available/$FQDN" if [ ! -f "$CONFDIR/sites-available/$FQDN" ] || [ $RET -eq 0 ]; then - install_vhost -nvh -d -r $FQDN default $FQDN 000-$FQDN + if egrep -qi "^[[:space:]]*NameVirtualHost[[:space:]]+\*:80$" "$PORTCONF"; then + install_vhost -d -r $FQDN default $FQDN 000-$FQDN + else + install_vhost -nvh -d -r $FQDN default $FQDN 000-$FQDN + fi need_restart=1 fi + fi fi @@ -535,8 +492,14 @@ if [ $apache2_sslcert -eq 0 ]; then # No active SSL VirtualHosts found - add new one. chk_conf_tag "$CONFDIR/sites-available/ssl" - if [ ! -f "$CONFDIR/sites-available/ssl" ] || [ $RET -eq 0 -a -f "$CONFOLD" ]; then - install_vhost -r $FQDN -n $HOST ssl ssl 001-ssl + if [ ! -f "$CONFDIR/sites-available/ssl" ] || [ $RET -eq 0 ]; then + + db_get apache2-cn/wwwhost || true + if [ "$RET" = "true" ]; then + install_vhost -r www.$DOMAIN -n $HOST ssl ssl 001-ssl + else + install_vhost -r $FQDN -n $HOST ssl ssl 001-ssl + fi need_restart=1 fi fi @@ -581,42 +544,33 @@ if [ $apache2_sslcert -eq 0 ]; then fi -# Check file access permissions and group ownership for SSL certificates. +# Check file access permissions for SSL certificates. # -cp_echo "CN: Checking file permissions and group ownership for Apache2 SSL certificates." +cp_echo "CN: Checking file access permissions for Apache2 SSL certificates." sslkey=/etc/ssl/private -sslcerts="${sslkey}/ca.key ${sslkey}/ca.csr ${sslkey}/apache2-ca.key - ${sslkey}/apache2-ca.csr ${sslkey}/apache2.key ${sslkey}/apache2.csr" +sslcerts="${sslkey}/ca.key ${sslkey}/apache2-ca.key ${sslkey}/apache2.key" for certf in $sslcerts; do if [ -f "$certf" ]; then - chgrp www-data $certf - chmod 640 $certf + chmod 600 $certf fi done -# Check for CustomLog, ErrorLog and TransferLog in Apache2 configuration. +# Check and remove obsolete "Include /etc/apache2/sites-enabled/[^.#]*" from +# /etc/apache2/apache2.conf. # -cp_echo "CN: Checking Apache2 CustomLog, ErrorLog and TransferLog directives." -if [ -d "$CONFDIR/conf.d" ] && [ -n "$(ls $CONFDIR/conf.d)" ]; then - log_mask=$CONFDIR/conf.d/* -fi -if [ -d "$CONFDIR/sites-available" ] && [ -n "$(ls $CONFDIR/sites-available)" ]; then - log_mask=$log_mask" "$CONFDIR/sites-available/* -fi -for file in $CONF $log_mask; do - chk_conf_tag "$file" - if [ $RET -eq 0 ]; then - conf_log_fix "$file" - fi -done +if egrep -iq "^[[:space:]]*Include[[:space:]]+\/etc\/apache2\/sites-enabled\/\[\^\.\#\]\*$" "$CONF"; then + cp_echo "CN: Fixing obsolete Include line in $CONF." + CONFTMP=`mktemp $CONF.tmp.XXXXXX` + sed -r "/^[[:space:]]*Include[[:space:]]+\/etc\/apache2\/sites-enabled\/\[\^\.\#\]\*$/Id" \ + "$CONF" > "$CONFTMP" -# Start Apache2 web server on boot? -# This will enable Apache2 in /etc/default/apache2 file. -# -if egrep -q "^[[:space:]]*NO_START=1" /etc/default/apache2; then - cp_check_and_sed NO_START=1 s/NO_START=1/NO_START=0/ /etc/default/apache2 || true + if ! egrep -iq "^[[:space:]]*Include[[:space:]]+\/etc\/apache2\/sites-enabled\/$" "$CONFTMP"; then + echo "Include /etc/apache2/sites-enabled/" >> "$CONFTMP" + fi + + cp_mv "$CONFTMP" "$CONF" need_restart=1 fi @@ -634,43 +588,6 @@ fi [ -e "$CONFDIR/conf.d/aosi.conf" ] && rm -f $CONFDIR/conf.d/aosi.conf -# Stop Apache web server and disable Apache automatic start on boot. -# -if [ -x "/etc/init.d/apache" ]; then - - # Stop Apache. - if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then - invoke-rc.d apache stop || true - else - /etc/init.d/apache stop || true - fi - - # Disable automatic start on boot. - if [ -x "`which update-rc.d 2>/dev/null`" ]; then - update-rc.d -f apache remove > /dev/null 2>&1 || true - update-rc.d apache stop 90 6 . > /dev/null 2>&1 || true - fi -fi - -# Also check for Apache-SSL web server. -# -if [ -x "/etc/init.d/apache-ssl" ]; then - - # Stop Apache-SSL. - if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then - invoke-rc.d apache-ssl stop || true - else - /etc/init.d/apache-ssl stop || true - fi - - # Disable automatic start on boot. - if [ -x "`which update-rc.d 2>/dev/null`" ]; then - update-rc.d -f apache-ssl remove > /dev/null 2>&1 || true - update-rc.d apache-ssl stop 90 6 . > /dev/null 2>&1 || true - fi -fi - - # Restart Apache2 web server if needed. # if [ $need_restart -eq 1 ]; then @@ -681,9 +598,9 @@ if [ $need_restart -eq 1 ]; then # Restart Apache2 web server. if [ -x "/etc/init.d/apache2" ]; then if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then - invoke-rc.d apache2 force-reload || true + invoke-rc.d apache2 restart || true else - /etc/init.d/apache2 force-reload || true + /etc/init.d/apache2 restart || true fi fi else