projects / bacula-cn.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Prva inačica za bullseye
[bacula-cn.git] / debian / postinst
diff --git a/debian/postinst b/debian/postinst
index d0f161d..0ac5c7e 100644 (file)
--- a/debian/postinst
+++ b/debian/postinst
@@ -52,7 +52,7 @@ Director {
   # directors to verify the authenticity of this file daemon
   TLS Certificate = "/etc/bacula/bacula-fd.pem"
   TLS Key = "/etc/bacula/bacula-fd.pem"
-  TLS DH File = "/etc/bacula/dh1024.pem"
+  TLS DH File = "/etc/bacula/dh2048.pem"
 }
 
 #
@@ -131,7 +131,7 @@ EOF
 }
 
 generate_dh() {
-    DH_FILE=/etc/bacula/dh1024.pem
+    DH_FILE=/etc/bacula/dh2048.pem
 
     if [ -s $DH_FILE ]; then
         echo $DH_FILE already exists, skipping.
@@ -139,7 +139,9 @@ generate_dh() {
         umask 077
 
         echo Generating $DH_FILE
-        openssl dhparam -out $DH_FILE -5 1024
+        ###openssl dhparam -out $DH_FILE -5 1024
+        openssl dhparam -out $DH_FILE -2 2048
+       
     fi
 }
 
@@ -256,12 +258,44 @@ EOF
     # cleanup
     rm -f $DF_FILE $DB_FILE $FD_FILE $PEM_FILE
 
-    # report problems
+   # report problems
     if [ ! -e $REQUEST_FILE ]; then
         db_input high bacula-cn/request-failed || true
         db_go || true
     fi
 }
+   
+fix_privileges() {
+   # fix privileges 
+   
+    chown root:bacula /etc/bacula/bacula-fd.pem /etc/bacula/bacula-fd.conf /etc/bacula/bconsole.conf
+    chmod 640 /etc/bacula/bacula-fd.pem /etc/bacula/bacula-fd.conf /etc/bacula/bconsole.conf  
+}
+set_pinning() {
+   # set pin to version from stretch, because bacula 9.* isn't compatible
+
+   PINFILE=/etc/apt/preferences.d/99-carnet
+
+   test -f $PINFILE || touch $PINFILE
+
+   cp-update bacula-cn $PINFILE <<EOF
+
+Package: bacula-fd
+Pin: version 7.4.4*
+Pin-Priority: 1001
+
+Package: bacula-common
+Pin: version 7.4.4*
+Pin-Priority: 1001
+
+Package: bacula-console
+Pin: version 7.4.4*
+Pin-Priority: 1001
+
+EOF
+
+}
 
 load_config() {
     db_get bacula-cn/hostname
@@ -292,6 +326,9 @@ case "$1" in
         generate_fd_config
         generate_bconsole_config
 
+       fix_privileges
+       set_pinning
+
         restart_bacula
         send_request
 
bacula-cn