We have the fancy privilege separation machinery now, so we might as
well actually use it. This involves (a) slightly hacking the
/etc/default/tripe file to set the user and group, and (b) actually
creating the necessary user and group accounts in the postinst script.
Package: tripe
Architecture: any
-Depends: ${shlibs:Depends}, makedev (>= 2.3.1-63)
+Depends: ${shlibs:Depends}, makedev (>= 2.3.1-63), adduser
Recommends: catacomb-bin
Suggests: pkstream
Description: Trivial IP Encryption: a simple virtual private network
install/tripe::
cp $(DEB_BUILDDIR)/init/tripe-init debian/tripe.init
- cp $(DEB_SRCDIR)/init/tripe.conf debian/tripe.default
+ sed 's/^#\(user\|group\)/\1/' \
+ $(DEB_SRCDIR)/init/tripe.conf >debian/tripe.default
cleanbuilddir::
rm -f debian/tripe.init debian/tripe.default
set -e
-if [ ! -c /dev/.devfsd ] && [ ! -c /dev/net/tun ]; then
+## Make sure that /dev/net/tun exists. Don't do anything special if devfs or
+## udev is running.
+if [ ! -c /dev/.devfsd ] &&
+ [ ! -d /dev/.udev ] &&
+ [ ! -c /dev/net/tun ]
+then
+ echo "/dev/net/tun not present: invoking MAKEDEV to create it."
(cd /dev && /sbin/MAKEDEV tun)
fi
+## Make sure that the `tripe' user and group exist.
+getent group tripe >/dev/null ||
+ addgroup --system tripe
+getent passwd tripe >/dev/null || \
+ adduser --system \
+ --ingroup tripe \
+ --home /etc/tripe \
+ --gecos "TrIPE server" \
+ tripe
+
#DEBHELPER#
~mdw / tripe / commitdiff