X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=mod-security-cn.git;a=blobdiff_plain;f=debian%2Fpostinst;fp=debian%2Fpostinst;h=02d680dd0e7dea823de8726c9f72a78cb1dcc2d9;hp=44f707c6190add26642cfd5ca7a8de62c287138b;hb=a452628cc701ed542bbf1272dc48616032acb644;hpb=c2dd5bf0af4977fba1bca2c204a0414469bf4958 diff --git a/debian/postinst b/debian/postinst index 44f707c..02d680d 100644 --- a/debian/postinst +++ b/debian/postinst @@ -5,18 +5,18 @@ set -e [ "$DEBIAN_SCRIPT_DEBUG" ] && set -vx case "$1" in - configure) - # continue below - ;; - - abort-upgrade|abort-remove|abort-deconfigure) - exit 0 - ;; - - *) - echo "postinst called with unknown argument \`$1'" >&2 - exit 0 - ;; + configure) + # continue below + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + exit 0 + ;; + + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 0 + ;; esac @@ -46,16 +46,15 @@ need_restart=0 # Cleanup all temp files or directories. # cleanup () { + local item - local item - - if [ -n "$temp_files" ]; then - for item in $temp_files; do - if [ -e "$item" ]; then - rm -rf $item - fi - done - fi + if [ -n "$temp_files" ]; then + for item in $temp_files; do + if [ -e "$item" ]; then + rm -rf $item + fi + done + fi } # chk_conf_tag () @@ -66,18 +65,17 @@ cleanup () { # 2 - file exists, but it is not tagged # chk_conf_tag () { + local conf_file + conf_file="$1" + RET=1 - local conf_file - conf_file="$1" - RET=1 - - if [ -f "$conf_file" ]; then - if egrep -q "^## Begin - Generated by CARNet package mod-security-cn$" "$conf_file"; then - RET=0 - else - RET=2 - fi + if [ -f "$conf_file" ]; then + if egrep -q "^## Begin - Generated by CARNet package mod-security-cn$" "$conf_file"; then + RET=0 + else + RET=2 fi + fi } @@ -89,20 +87,19 @@ trap cleanup 0 1 2 15 # Enable ModSecurity and unique_id Apache2 modules. # if [ -e "$CONF" ]; then - - # Enable mod-security.load - if [ ! -e "$A2MODEDIR/mod-security.load" ]; then - cp_echo "CN: Enabling ModSecurity module for Apache2 web server." - a2enmod mod-security >/dev/null || true - need_restart=1 - fi - - # Enable unique_id.load - if [ ! -e "$A2MODEDIR/unique_id.load" ]; then - cp_echo "CN: Enabling unique_id module for Apache2 web server." - a2enmod unique_id >/dev/null || true - need_restart=1 - fi + # Enable mod-security.load + if [ ! -e "$A2MODEDIR/mod-security.load" ]; then + cp_echo "CN: Enabling ModSecurity module for Apache2 web server." + a2enmod mod-security >/dev/null || true + need_restart=1 + fi + + # Enable unique_id.load + if [ ! -e "$A2MODEDIR/unique_id.load" ]; then + cp_echo "CN: Enabling unique_id module for Apache2 web server." + a2enmod unique_id >/dev/null || true + need_restart=1 + fi fi @@ -112,93 +109,93 @@ fi chk_conf_tag "$MODSECCONF" if [ $RET -eq 0 ] || [ $RET -eq 1 ]; then - # Create /etc/apache2/conf.d/ directory if missing. - if [ ! -d "$CONFDIR" ]; then - cp_echo "CN: Creating configuration directory $CONFDIR/" - mkdir -p $CONFDIR/ - fi + # Create /etc/apache2/conf.d/ directory if missing. + if [ ! -d "$CONFDIR" ]; then + cp_echo "CN: Creating configuration directory $CONFDIR/" + mkdir -p $CONFDIR/ + fi - # Create /etc/apache2/mod-security/ directory if missing. - if [ ! -d "$MODSECDIR" ]; then - cp_echo "CN: Creating ModSecurity configuration directory $MODSECDIR/" - mkdir -p $MODSECDIR/ - fi + # Create /etc/apache2/mod-security/ directory if missing. + if [ ! -d "$MODSECDIR" ]; then + cp_echo "CN: Creating ModSecurity configuration directory $MODSECDIR/" + mkdir -p $MODSECDIR/ + fi - out=$(mktemp $MODSECCONF.XXXXXX) - temp_files="${temp_files} ${out}" + out=$(mktemp $MODSECCONF.XXXXXX) + temp_files="${temp_files} ${out}" - db_get mod-security-cn/rbl || true - if [ "$RET" = "true" ]; then + db_get mod-security-cn/rbl || true + if [ "$RET" = "true" ]; then - # Add RBL configuration. - chk_conf_tag "$MODSECRBL" - if [ $RET -eq 0 ] || [ $RET -eq 1 ]; then + # Add RBL configuration. + chk_conf_tag "$MODSECRBL" + if [ $RET -eq 0 ] || [ $RET -eq 1 ]; then - if [ $RET -eq 1 ]; then - cp_echo "CN: Creating configuration file $MODSECRBL" + if [ $RET -eq 1 ]; then + cp_echo "CN: Creating configuration file $MODSECRBL" + cp "$MODSECTPL/$(basename $MODSECRBL)" "$MODSECRBL" + need_restart=1 + else + if ! cmp -s "$MODSECRBL" "$MODSECTPL/$(basename $MODSECRBL)"; then + cp_echo "CN: Updating configuration file $MODSECRBL" cp "$MODSECTPL/$(basename $MODSECRBL)" "$MODSECRBL" need_restart=1 - else - if ! cmp -s "$MODSECRBL" "$MODSECTPL/$(basename $MODSECRBL)"; then - cp_echo "CN: Updating configuration file $MODSECRBL" - cp "$MODSECTPL/$(basename $MODSECRBL)" "$MODSECRBL" - need_restart=1 - fi fi fi + fi - sed "s,#RBLLOOKUP#,Include $MODSECRBL,g" \ - "$MODSECTPL/$(basename $MODSECCONF)" > "$out" + sed "s,#RBLLOOKUP#,Include $MODSECRBL,g" \ + "$MODSECTPL/$(basename $MODSECCONF)" > "$out" - if [ -e "$MODSECCONF" ]; then - if ! cmp -s "$MODSECCONF" "$out"; then - cp_echo "CN: Updating configuration file $MODSECCONF" - mv -f "$out" "$MODSECCONF" - cp_echo "CN: Enabled ModSecurity RBL lookup." - need_restart=1 - fi - else - cp_echo "CN: Creating configuration file $MODSECCONF" - mv "$out" "$MODSECCONF" + if [ -e "$MODSECCONF" ]; then + if ! cmp -s "$MODSECCONF" "$out"; then + cp_echo "CN: Updating configuration file $MODSECCONF" + mv -f "$out" "$MODSECCONF" cp_echo "CN: Enabled ModSecurity RBL lookup." need_restart=1 fi else + cp_echo "CN: Creating configuration file $MODSECCONF" + mv "$out" "$MODSECCONF" + cp_echo "CN: Enabled ModSecurity RBL lookup." + need_restart=1 + fi + else - # Remove RBL configuration. - sed "s,#RBLLOOKUP#,# DISABLED,g" \ - "$MODSECTPL/$(basename $MODSECCONF)" > "$out" + # Remove RBL configuration. + sed "s,#RBLLOOKUP#,# DISABLED,g" \ + "$MODSECTPL/$(basename $MODSECCONF)" > "$out" - if [ -e "$MODSECCONF" ]; then - if ! cmp -s "$MODSECCONF" "$out"; then - cp_echo "CN: Updating configuration file $MODSECCONF" - mv -f "$out" "$MODSECCONF" - cp_echo "CN: Disabled ModSecurity RBL lookup." - need_restart=1 - fi - else - cp_echo "CN: Creating configuration file $MODSECCONF" - mv "$out" "$MODSECCONF" + if [ -e "$MODSECCONF" ]; then + if ! cmp -s "$MODSECCONF" "$out"; then + cp_echo "CN: Updating configuration file $MODSECCONF" + mv -f "$out" "$MODSECCONF" cp_echo "CN: Disabled ModSecurity RBL lookup." need_restart=1 fi - - chk_conf_tag "$MODSECRBL" - if [ $RET -eq 0 ]; then - cp_echo "CN: Removing configuration file $MODSECRBL" - rm -f "$MODSECRBL" - need_restart=1 - fi + else + cp_echo "CN: Creating configuration file $MODSECCONF" + mv "$out" "$MODSECCONF" + cp_echo "CN: Disabled ModSecurity RBL lookup." + need_restart=1 fi - if [ -f "$out" ]; then rm -f $out; fi - - # Enable ModSecurity configuration. - if [ ! -e "$MODSECLNK" ]; then - cp_echo "CN: Enabling ModSecurity configuration." - ln -fs "$MODSECCONF" "$MODSECLNK" + chk_conf_tag "$MODSECRBL" + if [ $RET -eq 0 ]; then + cp_echo "CN: Removing configuration file $MODSECRBL" + rm -f "$MODSECRBL" need_restart=1 fi + fi + + if [ -f "$out" ]; then rm -f $out; fi + + # Enable ModSecurity configuration. + if [ ! -e "$MODSECLNK" ]; then + cp_echo "CN: Enabling ModSecurity configuration." + ln -fs "$MODSECCONF" "$MODSECLNK" + need_restart=1 + fi fi db_stop || true @@ -208,23 +205,14 @@ db_stop || true # if [ $need_restart -eq 1 ]; then - # Check Apache2 web server configuration. - if /usr/sbin/apache2ctl configtest 2>/dev/null; then - - # Restart Apache2 web server. - if [ -x "/etc/init.d/apache2" ]; then - if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then - invoke-rc.d apache2 restart || true - else - /etc/init.d/apache2 restart || true - fi - fi - else - - # Something is broken. - cp_echo "CN: Your Apache2 configuration is broken." - cp_echo "CN: Please, check the service after the installation finishes!" - fi + # Check Apache2 web server configuration. + if apache2ctl configtest 2>/dev/null; then + invoke-rc.d apache2 force-reload || true + else + # Something is broken. + cp_echo "CN: Your Apache2 configuration is broken." + cp_echo "CN: Please, check the service after the installation finishes!" + fi fi @@ -232,4 +220,6 @@ fi # cp_mail "$PKG" +#DEBHELPER# + exit 0