blob: 4fbe2a2c7b6fcad8f66b4e53cbab440c9a9e701f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
_user="munge"
post_install() {
# The installation process is described at https://github.com/dun/munge/wiki/Installation-Guide
# Create munge /var/run/munge dir and secure it
mkdir -p /var/run/munge
chmod 0755 /var/run/munge
getent group "${_user}" &>/dev/null
if [ $? -ne 0 ]; then
echo -e "\e[34;1m==>\e[39;1m Adding ${_user} system group... \e[0m"
groupadd -r ${_user} 1>/dev/null
fi
getent passwd "${_user}" &>/dev/null
if [ $? -ne 0 ]; then
echo -e "\e[34;1m==>\e[39;1m Adding ${_user} system user... \e[0m"
useradd -r -g ${_user} -d "/var/log/munge" -c "Munge Daemon" ${_user} 1>/dev/null
fi
echo -e "\e[34;1m==>\e[39;1m Locking Munge User Account... \e[0m"
passwd -l munge &>/dev/null
# Create munge key
if [[ ! -e /etc/munge/munge.key && -c /dev/urandom ]]; then
echo -e "\e[34;1m==>\e[39;1m Creating random munge key : /etc/munge/munge.key\e[0m"
dd if=/dev/urandom bs=1 count=1024 of=/etc/munge/munge.key
chmod 0400 /etc/munge/munge.key
else
if [[ -c /dev/urandom ]]; then
echo -e "\e[34;1m==>\e[39;1m INFO: no munge key is generated since /etc/munge/munge.key already exists \e[0m"
else
echo -e "\e[34;1m==>\e[39;1m WARNING: did not create /etc/munge/munge.key since /dev/urandom is not found \e[0m"
fi
fi
# Set permissions
chown ${_user}:${_user} -R /etc/munge
chown ${_user}:${_user} -R /var/log/munge
chown ${_user}:${_user} -R /var/lib/munge
chown ${_user}:${_user} -R /var/run/munge
}
post_upgrade() {
# Set permissions
chown ${_user}:${_user} -R /etc/munge
chown ${_user}:${_user} -R /var/log/munge
chown ${_user}:${_user} -R /var/lib/munge
chown ${_user}:${_user} -R /var/run/munge
if [[ -e /etc/munge/munge.key ]]; then
chmod 0400 /etc/munge/munge.key
fi
}
pre_remove() {
echo -e "\e[34;1m==>\e[39;1m Stopping and disabling munge using SystemD... \e[0m"
systemctl stop munge
systemctl disable munge.service
}
post_remove() {
# Removing obsolete directory
rm -rf /var/run/munge
# Notifying the user of kept dirs and change owner
[[ -d /etc/munge ]] && chown root:root -R /etc/munge && echo -e "\e[34;1m==>\e[39;1m NOTE: Custom configuration-file(s) in /etc/munge/ were kept on your system.\e[0m"
[[ -d /var/log/munge ]] && chown root:root -R /var/log/munge && echo -e "\e[34;1m==>\e[39;1m NOTE: Logfiles were preserved. They reside under /var/log/munge .\e[0m"
echo -e "\e[34;1m==>\e[39;1m Removing ${_user} system user and group... \e[0m"
if getent passwd ${_user} >/dev/null 2>&1; then
userdel ${_user} 2>/dev/null
fi
if getent group ${_user} >/dev/null 2>&1; then
groupdel ${_user}
fi
}
|