;;
abort-upgrade)
+ # check if we have Layer7 active...
+ if iptables-save | grep -qs '^-A.* -m layer7 '; then
+ echo 'CN: Layer7 Netfilter no longer supported, report this to SysHelp!'
+ exit 1
+ fi
;;
*)
################################################################################
+SHIELD=$(sysctl -e -n kernel.exec-shield)
+
+if [ ! -z "$SHIELD" ]; then
+ sysctl -e -w kernel.exec-shield=0 >/dev/null 2>&1 || true
+ echo "CN: Disabled Exec-Shield."
+fi
+
+################################################################################
+
DIVERT_TO="grub grub-probe"
-echo -n "CN: Diverting binaries:"
+echo -n "CN: Undiverting binaries:"
for i in $DIVERT_TO; do
- dpkg-divert --add --rename --package 'kernel-2.6-cn' \
- --divert /usr/sbin/$i.real /usr/sbin/$i >/dev/null
+ if [ -e /usr/sbin/$i.real ]; then
+ dpkg-divert --remove --rename --package 'kernel-2.6-cn' \
+ --divert /usr/sbin/$i.real /usr/sbin/$i >/dev/null
+ fi
echo -n " $i"
done
echo "."
-################################################################################
-
-if iptables-save | grep -qs '^-A.* -m layer7 '; then
- echo 'CN: Layer7 Netfilter no longer supported, report this to SysHelp!'
- exit 1
-fi
-
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
projects / kernel-cn.git / blobdiff