blob: d70906f47f4bef813013f184c9d631c9e2c1cff8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
# args: <group> [options]
_addgroup() {
if ! getent group "$1" >/dev/null && groupadd "$@" >/dev/null; then
need_group_update=1
fi
}
# args: <group> [options]
_adduser() {
if ! getent passwd "$1" >/dev/null && useradd "$@" >/dev/null; then
need_passwd_update=1
fi
}
post_install() {
_backup=('etc/fstab' 'etc/crypttab' 'etc/group' 'etc/hosts' 'etc/ld.so.conf' 'etc/passwd'
'etc/shadow' 'etc/gshadow' 'etc/resolv.conf' 'etc/motd' 'etc/nsswitch.conf'
'etc/shells' 'etc/host.conf' 'etc/securetty' 'etc/profile' 'etc/issue')
for _bk in ${_backup[@]}; do
if [ -f ${_bk}.pacsave ]; then
cp -av ${_bk}{.pacsave,}
fi
done
}
post_upgrade() {
_addgroup optical -g 93
_addgroup audio -g 92
_addgroup video -g 91
_addgroup floppy -g 94
_addgroup storage -g 95
_addgroup log -g 19
_addgroup utmp -g 20
_addgroup power -g 98
_addgroup network -g 90
_addgroup games -g 50
_addgroup uucp -g 14
_addgroup http -g 33
_adduser http -u 33 -d /srv/http -g http -s /usr/bin/nologin
_addgroup scanner -g 96
_addgroup rfkill -g 24
_addgroup lock -g 54
_addgroup uuidd -g 68
_adduser uuidd -u 68 -d / -g uuidd -s /usr/bin/nologin
_addgroup dbus -g 81
_adduser dbus -u 81 -d / -g dbus -s /usr/bin/nologin
_addgroup input -g 97
_addgroup systemd-journal -g 190
_addgroup systemd-journal-gateway -g 191
_adduser systemd-journal-gateway -u 191 -g 191 -d / -s /usr/bin/nologin
_addgroup systemd-timesync -g 192
_adduser systemd-timesync -u 192 -g 192 -d / -s /usr/bin/nologin
_addgroup systemd-network -g 193
_adduser systemd-network -u 193 -g 193 -d / -s /usr/bin/nologin
_addgroup systemd-bus-proxy -g 194
_adduser systemd-bus-proxy -u 194 -g 194 -d / -s /usr/bin/nologin
_addgroup systemd-resolve -g 195
_adduser systemd-resolve -u 195 -g 195 -d / -s /usr/bin/nologin
# update shadow files if needed
if (( need_group_update )); then
grpconv >/dev/null
fi
if (( need_passwd_update )); then
pwconv >/dev/null
fi
if ! grep -q '^include /etc/ld.so.conf.d/\*.conf$' etc/ld.so.conf; then
echo 'include /etc/ld.so.conf.d/*.conf' >> etc/ld.so.conf
fi
# set "Last password change" > 0; otherwise su $user wont work
for user in bin daemon mail ftp http nobody; do
if LANG=C chage -l ${user} | grep -q 'password must be changed'; then
chage -d 14871 ${user}
fi
done
}
|
