X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=apache2-cn.git;a=blobdiff_plain;f=debian%2Fpostinst;fp=debian%2Fpostinst;h=941cdccc39c94eb84f3542eddae8187babfc15a5;hp=19da2b150f577d3977174b89d37643047c62c758;hb=ed9c8bc9f8313d02a198b456e3d97fcd2d86521b;hpb=44e4fefcfc6756cf073d7d52051854488adccafe

diff --git a/debian/postinst b/debian/postinst
index 19da2b1..941cdcc 100755
--- a/debian/postinst
+++ b/debian/postinst
@@ -29,9 +29,7 @@ esac
 PKG="apache2-cn"
 VERSION="2.2-1"
 CONFDIR="/etc/apache2"
-CONFDIROLD="/etc/apache"
 CONF="$CONFDIR/apache2.conf"
-CONFOLD="$CONFDIROLD/httpd.conf"
 A2MODEDIR="$CONFDIR/mods-enabled"
 PORTCONF="$CONFDIR/ports.conf"
 A2CNDIR=/usr/share/apache2-cn
@@ -328,11 +326,14 @@ fi
 
 # Make sure Apache is NOT running.
 #
-if [ -x /usr/sbin/invoke-rc.d ]; then
-	[ -x /usr/sbin/apache ] && invoke-rc.d apache stop || true
-	pkill -9 -f /usr/sbin/apache || true
-else
-	[ -x /etc/init.d/apache ] && /etc/init.d/apache stop || true
+if [ -x /etc/init.d/apache ]; then
+	if [ -x /usr/sbin/invoke-rc.d ]; then
+		invoke-rc.d apache stop || true
+	else
+		/etc/init.d/apache stop || true
+	fi
+
+	pkill -9 -f '/usr/sbin/apache$' || true
 fi
 
 
@@ -487,9 +488,12 @@ fi
 
 
 # Add VirtualHosts.
+# - on fresh install
 #
-db_get apache2-cn/wwwhost || true
-if [ "$RET" = "true" ]; then
+if [ -z "$2" ]; then
+
+    db_get apache2-cn/wwwhost || true
+    if [ "$RET" = "true" ]; then
 
 	# Add WWW VirtualHost.
 	if [ -f "$CONFDIR/sites-available/$FQDN" ]; then
@@ -522,6 +526,7 @@ if [ "$RET" = "true" ]; then
 		install_vhost -nvh -d -r $FQDN default $FQDN 000-$FQDN
 		need_restart=1
 	fi
+    fi
 fi
 
 
@@ -535,7 +540,7 @@ if [ $apache2_sslcert -eq 0 ]; then
 
 	# No active SSL VirtualHosts found - add new one.
 	chk_conf_tag "$CONFDIR/sites-available/ssl"
-	if [ ! -f "$CONFDIR/sites-available/ssl" ] || [ $RET -eq 0 -a -f "$CONFOLD" ]; then
+	if [ ! -f "$CONFDIR/sites-available/ssl" ] || [ $RET -eq 0 ]; then
 		install_vhost -r $FQDN -n $HOST ssl ssl 001-ssl
 		need_restart=1
 	fi
@@ -581,16 +586,14 @@ if [ $apache2_sslcert -eq 0 ]; then
 fi
 
 
-# Check file access permissions and group ownership for SSL certificates.
+# Check file access permissions for SSL certificates.
 #
-cp_echo "CN: Checking file permissions and group ownership for Apache2 SSL certificates."
+cp_echo "CN: Checking file access permissions for Apache2 SSL certificates."
 sslkey=/etc/ssl/private
-sslcerts="${sslkey}/ca.key ${sslkey}/ca.csr ${sslkey}/apache2-ca.key
-	  ${sslkey}/apache2-ca.csr ${sslkey}/apache2.key ${sslkey}/apache2.csr"
+sslcerts="${sslkey}/ca.key ${sslkey}/apache2-ca.key ${sslkey}/apache2.key"
 for certf in $sslcerts; do
 	if [ -f "$certf" ]; then
-	    chgrp www-data $certf
-	    chmod 640 $certf
+	    chmod 600 $certf
 	fi
 done