vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-01 00:19:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
ntopng/packages/ubuntu/debian.ntopng/postinst.in
Alfredo Cardigliano 6e46dcec98 Fix chown group
2024-02-07 10:39:20 +01:00

143 lines
3.8 KiB
Bash
Executable file
Raw Blame History

#!/bin/sh -e
# Previous package version on upgrade
PREV_VERSION=$2
case "$1" in
configure)
# continue below
;;
abort-upgrade|abort-remove|abort-deconfigure)
exit 0
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 0
;;
esac
umask 022
if ! grep -q 'ntop:' /etc/group; then
echo 'Creating ntop group'
/usr/sbin/groupadd -r ntop
fi
if ! /usr/bin/id -u ntopng > /dev/null 2>&1; then
echo "Creating ntopng user..."
/usr/sbin/useradd -M -N -g ntop -r -s /bin/false ntopng
fi
/usr/sbin/usermod -g ntop ntopng
if [ $(getent group n2disk) ] && [ $(getent passwd ntopng) ]; then
# this is necessary to allow ntopng to extract pcaps
# recorded with n2disk
if ! id -nG ntopng | grep -qw "n2disk"; then
echo "Adding user ntopng to group n2disk..."
/usr/sbin/usermod -a -G n2disk ntopng
fi
fi
if [ $(getent group systemd-journal) ] && [ $(getent passwd ntopng) ]; then
# this is necessary to allow ntopng to read journalctl logs
if ! id -nG ntopng | grep -qw "systemd-journal"; then
echo "Adding user ntopng to group systemd-journal..."
/usr/sbin/usermod -a -G systemd-journal ntopng
fi
fi
TLS_DIR="/usr/share/ntopng/httpdocs/ssl"
TLS_CERT_PATH="$TLS_DIR/ntopng-cert.pem"
if [ ! -f "$TLS_CERT_PATH" ]; then
openssl req -new -x509 -sha1 -extensions v3_ca -nodes -days 365 -out $TLS_DIR/cert.pem -subj "/CN=ntopng.local"
mv privkey.pem $TLS_CERT_PATH
cat $TLS_DIR/cert.pem >> $TLS_CERT_PATH
rm $TLS_DIR/cert.pem
fi
DATA_DIR=/var/lib/ntopng
if [ ! -d "$DATA_DIR" ]; then
mkdir $DATA_DIR
/bin/chown ntopng:ntop $DATA_DIR
/bin/chmod 700 $DATA_DIR
fi
/bin/chown ntopng:ntop /usr/bin/ntopng-config
/bin/chmod gou+s /usr/bin/ntopng-config
/bin/chown -R ntopng:ntop /etc/ntopng
LOGROTATE_CONF=/etc/logrotate.d/ntopng
/bin/chmod 644 $LOGROTATE_CONF
CRON_CONF=/etc/cron.d/ntopng
/bin/chmod 644 $CRON_CONF
echo "Rebuilding ld cache..."
/sbin/ldconfig
# Check if systemd is supported (not a container)
CMDLINE=$(tr -d '\0' < /proc/1/cmdline)
if [ ! -z "${CMDLINE##*system*}" ] && [ ! -z "${CMDLINE##*init*}" ]; then
# We're in a container
exit 0
fi
#
# ONLY when we're not in a container
# Enable nmap scan capabilities [https://secwiki.org/w/Running_nmap_as_an_unprivileged_user]
#
if [ -x /usr/bin/nmap ]; then
setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip /usr/bin/nmap
fi
# Start service after upgrade/install
echo "(Re)Starting @APP@..."
if hash systemctl 2>/dev/null; then
systemctl daemon-reload
systemctl reset-failed
# Enable service on first installation only
if [ -z "$PREV_VERSION" ]; then
if hash deb-systemd-invoke 2>/dev/null; then
deb-systemd-invoke enable ntopng
else
systemctl enable ntopng
fi
fi
# Start service if enabled
if hash deb-systemd-invoke 2>/dev/null; then
systemctl -q is-enabled ntopng && deb-systemd-invoke restart ntopng
else
systemctl -q is-enabled ntopng && systemctl restart ntopng
fi
systemctl restart 'ntopng@*' --all
elif [ -f /etc/init.d/ntopng ]; then
if [ -z "$PREV_VERSION" ]; then
update-rc.d ntopng defaults 93 >/dev/null
fi
# Restart service after upgrade/install
/etc/init.d/ntopng restart
fi
echo ""
echo "NOTE"
echo ""
echo "ntopng Community does not require a license."
echo "ntopng Pro/Enterprise licenses are perpetual and include 1 year maintenance/updates:"
echo "you can use the software even after maintenance is expired, however updating it after"
echo "1 year would prevent ntopng from running. If you have automatic updates enabled, and"
echo "maintenance is expired, it is recommended to put the package updates on hold with:"
echo ""
echo "apt-mark hold ntopng"
echo ""
echo "Automatic updates can be enabled again with:"
echo ""
echo "apt-mark unhold ntopng"
echo ""
exit 0
Reference in a new issue View git blame Copy permalink