--- /dev/null
+#!/bin/sh
+
+set -e
+
+case "$1" in
+ configure)
+ # continue below
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+ exit 0
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 0
+ ;;
+esac
+
+# users and group names
+OSSEC_USER="ossec"
+OSSEC_USER_MAIL="ossecm"
+OSSEC_USER_EXEC="ossece"
+OSSEC_USER_REM="ossecr"
+OSSEC_GROUP="ossec"
+
+# get installation directory
+. /etc/ossec-init.conf
+if [ "X${DIRECTORY}" = "X" ]; then
+ DIRECTORY="/var/ossec"
+fi
+
+# create group
+if ! getent group $OSSEC_GROUP >/dev/null; then
+ addgroup --system $OSSEC_GROUP
+fi
+
+# create/modify users
+if ! getent passwd $OSSEC_USER >/dev/null; then
+ adduser --quiet --system --no-create-home \
+ --ingroup $OSSEC_GROUP \
+ --home $DIRECTORY --shell /bin/false $OSSEC_USER
+else
+ usermod -g $OSSEC_GROUP -s /bin/false \
+ -d $DIRECTORY $OSSEC_USER >/dev/null 2>&1
+fi
+if ! getent passwd $OSSEC_USER_MAIL >/dev/null; then
+ adduser --quiet --system --no-create-home \
+ --ingroup $OSSEC_GROUP \
+ --home $DIRECTORY --shell /bin/false $OSSEC_USER_MAIL
+else
+ usermod -g $OSSEC_GROUP -s /bin/false \
+ -d $DIRECTORY $OSSEC_USER_MAIL >/dev/null 2>&1
+fi
+if ! getent passwd $OSSEC_USER_EXEC >/dev/null; then
+ adduser --quiet --system --no-create-home \
+ --ingroup $OSSEC_GROUP \
+ --home $DIRECTORY --shell /bin/false $OSSEC_USER_EXEC
+else
+ usermod -g $OSSEC_GROUP -s /bin/false \
+ -d $DIRECTORY $OSSEC_USER_EXEC >/dev/null 2>&1
+fi
+if ! getent passwd $OSSEC_USER_REM >/dev/null; then
+ adduser --quiet --system --no-create-home \
+ --ingroup $OSSEC_GROUP \
+ --home $DIRECTORY --shell /bin/false $OSSEC_USER_REM
+else
+ usermod -g $OSSEC_GROUP -s /bin/false \
+ -d $DIRECTORY $OSSEC_USER_REM >/dev/null 2>&1
+fi
+
+# fix ownership
+chown -R root:$OSSEC_GROUP $DIRECTORY
+chown -R $OSSEC_USER:$OSSEC_GROUP $DIRECTORY/queue/alerts
+chown -R $OSSEC_USER:$OSSEC_GROUP $DIRECTORY/queue/ossec
+chown -R $OSSEC_USER:$OSSEC_GROUP $DIRECTORY/queue/fts
+chown -R $OSSEC_USER:$OSSEC_GROUP $DIRECTORY/queue/syscheck
+chown -R $OSSEC_USER:$OSSEC_GROUP $DIRECTORY/queue/rootcheck
+chown -R $OSSEC_USER_REM:$OSSEC_GROUP $DIRECTORY/queue/agent-info
+chown -R $OSSEC_USER_REM:$OSSEC_GROUP $DIRECTORY/queue/rids
+chown -R $OSSEC_USER:$OSSEC_GROUP $DIRECTORY/stats
+chown -R $OSSEC_USER:$OSSEC_GROUP $DIRECTORY/logs
+chown -R root:$OSSEC_GROUP $DIRECTORY/etc
+touch $DIRECTORY/logs/ossec.log
+chown $OSSEC_USER:$OSSEC_GROUP $DIRECTORY/logs/ossec.log
+chown $OSSEC_USER:$OSSEC_GROUP $DIRECTORY/.ssh
+chown -R root:$OSSEC_GROUP $DIRECTORY/rules
+chown root:$OSSEC_GROUP $DIRECTORY/etc/decoder.xml
+chown root:$OSSEC_GROUP $DIRECTORY/etc/internal_options.conf
+chown root:$OSSEC_GROUP $DIRECTORY/etc/client.keys >/dev/null 2>&1 || true
+chown root:$OSSEC_GROUP $DIRECTORY/agentless/*
+chown $OSSEC_USER:$OSSEC_GROUP $DIRECTORY/.ssh
+chown -R root:$OSSEC_GROUP $DIRECTORY/etc/shared
+chown root:$OSSEC_GROUP $DIRECTORY/var/run
+chown root:$OSSEC_GROUP $DIRECTORY/active-response/bin/*
+chown root:$OSSEC_GROUP $DIRECTORY/bin/*
+chown root:$OSSEC_GROUP $DIRECTORY/etc/ossec.conf
+
+# fix perms
+chmod -R 550 $DIRECTORY
+chmod -R 770 $DIRECTORY/queue/alerts
+chmod -R 770 $DIRECTORY/queue/ossec
+chmod -R 750 $DIRECTORY/queue/fts
+chmod -R 750 $DIRECTORY/queue/syscheck
+chmod -R 750 $DIRECTORY/queue/rootcheck
+chmod -R 750 $DIRECTORY/queue/diff
+chmod -R 755 $DIRECTORY/queue/agent-info
+chmod -R 755 $DIRECTORY/queue/rids
+chmod -R 755 $DIRECTORY/queue/agentless
+chmod -R 750 $DIRECTORY/stats
+chmod -R 750 $DIRECTORY/logs
+chmod -R 550 $DIRECTORY/rules
+chmod 770 $DIRECTORY/var/run
+chmod 550 $DIRECTORY/etc
+chmod 440 $DIRECTORY/etc/internal_options.conf
+chmod -R 770 $DIRECTORY/etc/shared
+chmod 700 $DIRECTORY/.ssh
+chmod 755 $DIRECTORY/active-response/bin/*
+chmod 550 $DIRECTORY/bin/*
+chmod 440 $DIRECTORY/etc/ossec.conf
+
+# fixups: no need for execute bits on files there
+find $DIRECTORY/rules -type f -exec chmod ugo-x '{}' ';'
+find $DIRECTORY/etc -type f -exec chmod ugo-x '{}' ';'
+
+# copy timezone and localtime
+if [ -e /etc/timezone ]; then
+ cmp -s /etc/timezone $DIRECTORY/etc/timezone || \
+ cp -a /etc/timezone $DIRECTORY/etc/timezone
+fi
+if [ -e /etc/localtime ]; then
+ cmp -s /etc/localtime $DIRECTORY/etc/localtime || \
+ cp -a /etc/localtime $DIRECTORY/etc/localtime
+fi
+
+# update system v init links
+update-rc.d ossec-hids defaults >/dev/null
+
+# and start the service
+service ossec-hids restart
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+
+
+exit 0