# arg 1:  the new package version
post_install() {
  # we need a dedicated fcron user
  getent group fcron >/dev/null || groupadd -g 23 fcron
  getent passwd fcron >/dev/null || useradd -r -d /var/spool/fcron -u 23 -g 23 fcron
  # Generate binary format which is incompatible between arch
  fcrontab -z -u systab &>/dev/null
}

# arg 1:  the new package version
# arg 2:  the old package version
post_upgrade() {
  post_install "$1"
  if (( $(vercmp $2 3.1.2-8) < 0 )); then
    echo 'Previous versions of fcron allow root priviledge escalation by using'
    echo 'runas option in crontabs. fcron check rights at crontab compilation.'
    echo 'Thus, the migration script will recreate the binary crontabs'
    echo 'for you (with all side effects) and fix the files rights.'
    # fix invalid etc files
    for _f in /etc/fcron/fcron.{conf,allow,deny}; do
      [[ -e $_f ]] || continue
      chown root:fcron "$_f"
      chmod 640 "$_f"
    done
    # fix invalid spool directory
    chown fcron:fcron /var/spool/fcron
    chmod 770 /var/spool/fcron
    # regen user fcron files
    cd /var/spool/fcron
    for _f in *; do
      if [[ "${_f%.orig}" != "$_f" ]]; then
        chgrp fcron "$_f"
        fcrontab -z -u "${_f%.orig}" &>/dev/null
      fi
    done
  fi
}

post_remove() {
  userdel fcron &>/dev/null
  groupdel fcron &>/dev/null
}

# vim:set ts=2 sw=2 et: