blob: eda215a44c0cfde641120151971d221dd6e5ac58 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
# arg 1: the new package version
post_install() {
# we need a dedicated fcron user
getent group fcron >/dev/null || groupadd -g 23 fcron
getent passwd fcron >/dev/null || useradd -r -d /var/spool/fcron -u 23 -g 23 fcron
# Generate binary format which is incompatible between arch
fcrontab -z -u systab &>/dev/null
}
# arg 1: the new package version
# arg 2: the old package version
post_upgrade() {
post_install "$1"
if (( $(vercmp $2 3.1.2-8) < 0 )); then
echo 'Previous versions of fcron allow root priviledge escalation by using'
echo 'runas option in crontabs. fcron check rights at crontab compilation.'
echo 'Thus, the migration script will recreate the binary crontabs'
echo 'for you (with all side effects) and fix the files rights.'
# fix invalid etc files
for _f in /etc/fcron/fcron.{conf,allow,deny}; do
[[ -e $_f ]] || continue
chown root:fcron "$_f"
chmod 640 "$_f"
done
# fix invalid spool directory
chown fcron:fcron /var/spool/fcron
chmod 770 /var/spool/fcron
# regen user fcron files
cd /var/spool/fcron
for _f in *; do
if [[ "${_f%.orig}" != "$_f" ]]; then
chgrp fcron "$_f"
fcrontab -z -u "${_f%.orig}" &>/dev/null
fi
done
fi
}
post_remove() {
userdel fcron &>/dev/null
groupdel fcron &>/dev/null
}
# vim:set ts=2 sw=2 et:
|
