projects / apache2-cn.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Modified debian/postinst script - check and remove obsolete
[apache2-cn.git] / debian / postinst
diff --git a/debian/postinst b/debian/postinst
index 19da2b1..0588a0f 100755 (executable)
--- a/debian/postinst
+++ b/debian/postinst
@@ -29,9 +29,7 @@ esac
 PKG="apache2-cn"
 VERSION="2.2-1"
 CONFDIR="/etc/apache2"
-CONFDIROLD="/etc/apache"
 CONF="$CONFDIR/apache2.conf"
-CONFOLD="$CONFDIROLD/httpd.conf"
 A2MODEDIR="$CONFDIR/mods-enabled"
 PORTCONF="$CONFDIR/ports.conf"
 A2CNDIR=/usr/share/apache2-cn
@@ -328,11 +326,14 @@ fi
 
 # Make sure Apache is NOT running.
 #
-if [ -x /usr/sbin/invoke-rc.d ]; then
-       [ -x /usr/sbin/apache ] && invoke-rc.d apache stop || true
-       pkill -9 -f /usr/sbin/apache || true
-else
-       [ -x /etc/init.d/apache ] && /etc/init.d/apache stop || true
+if [ -x /etc/init.d/apache ]; then
+       if [ -x /usr/sbin/invoke-rc.d ]; then
+               invoke-rc.d apache stop || true
+       else
+               /etc/init.d/apache stop || true
+       fi
+
+       pkill -9 -f '/usr/sbin/apache$' || true
 fi
 
 
@@ -487,9 +488,12 @@ fi
 
 
 # Add VirtualHosts.
+# - on fresh install
 #
-db_get apache2-cn/wwwhost || true
-if [ "$RET" = "true" ]; then
+if [ -z "$2" ]; then
+
+    db_get apache2-cn/wwwhost || true
+    if [ "$RET" = "true" ]; then
 
        # Add WWW VirtualHost.
        if [ -f "$CONFDIR/sites-available/$FQDN" ]; then
@@ -522,6 +526,7 @@ if [ "$RET" = "true" ]; then
                install_vhost -nvh -d -r $FQDN default $FQDN 000-$FQDN
                need_restart=1
        fi
+    fi
 fi
 
 
@@ -535,7 +540,7 @@ if [ $apache2_sslcert -eq 0 ]; then
 
        # No active SSL VirtualHosts found - add new one.
        chk_conf_tag "$CONFDIR/sites-available/ssl"
-       if [ ! -f "$CONFDIR/sites-available/ssl" ] || [ $RET -eq 0 -a -f "$CONFOLD" ]; then
+       if [ ! -f "$CONFDIR/sites-available/ssl" ] || [ $RET -eq 0 ]; then
                install_vhost -r $FQDN -n $HOST ssl ssl 001-ssl
                need_restart=1
        fi
@@ -581,16 +586,14 @@ if [ $apache2_sslcert -eq 0 ]; then
 fi
 
 
-# Check file access permissions and group ownership for SSL certificates.
+# Check file access permissions for SSL certificates.
 #
-cp_echo "CN: Checking file permissions and group ownership for Apache2 SSL certificates."
+cp_echo "CN: Checking file access permissions for Apache2 SSL certificates."
 sslkey=/etc/ssl/private
-sslcerts="${sslkey}/ca.key ${sslkey}/ca.csr ${sslkey}/apache2-ca.key
-         ${sslkey}/apache2-ca.csr ${sslkey}/apache2.key ${sslkey}/apache2.csr"
+sslcerts="${sslkey}/ca.key ${sslkey}/apache2-ca.key ${sslkey}/apache2.key"
 for certf in $sslcerts; do
        if [ -f "$certf" ]; then
-           chgrp www-data $certf
-           chmod 640 $certf
+           chmod 600 $certf
        fi
 done
 
@@ -612,6 +615,25 @@ for file in $CONF $log_mask; do
 done
 
 
+# Check and remove obsolete "Include /etc/apache2/sites-enabled/[^.#]*" from
+# /etc/apache2/apache2.conf.
+#
+if egrep -iq "^[[:space:]]*Include[[:space:]]+\/etc\/apache2\/sites-enabled\/\[\^\.\#\]\*$" "$CONF"; then
+
+       cp_echo "CN: Fixing obsolete Include line in $CONF."
+       CONFTMP=`mktemp $CONF.tmp.XXXXXX`
+       sed -r "/^[[:space:]]*Include[[:space:]]+\/etc\/apache2\/sites-enabled\/\[\^\.\#\]\*$/Id" \
+               "$CONF" > "$CONFTMP"
+
+       if ! egrep -iq "^[[:space:]]*Include[[:space:]]+\/etc\/apache2\/sites-enabled\/$" "$CONFTMP"; then
+               echo "Include /etc/apache2/sites-enabled/" >> "$CONFTMP"
+       fi
+
+       cp_mv "$CONFTMP" "$CONF"
+       need_restart=1
+fi
+
+
 # Start Apache2 web server on boot?
 # This will enable Apache2 in /etc/default/apache2 file.
 #
apache2-cn