Codebase list freeradius / 42abc54
Remove all use of dpkg-statoverride statoverride was introduced in 2.0.3-1 (2008-05-03) without any rationale or additional context. https://lists.debian.org/debian-mentors/2001/02/msg00174.html makes me think that dpkg-statoverride should be used by the system administrator only, whereas packages should actually use chmod/chgrp directly. Looking through the codesearch results, dpkg-statoverride within maintscripts is used almost exclusively for suid handling: https://codesearch.debian.net/search?q=path%3Adebian%2F+statoverride+--add&perpkg=1 Michael Stapelberg 7 years ago
7 changed file(s) with 42 addition(s) and 191 deletion(s). Raw diff Collapse all Expand all
+1
-15
debian/freeradius-config.postinst less more
44 case "$1" in
55 configure)
66 if [ -z "$2" ]; then
7 if ! dpkg-statoverride --list | grep -qw /etc/freeradius$; then
8 dpkg-statoverride --add --update freerad freerad 2751 /etc/freeradius
9 fi
10
11 if ! dpkg-statoverride --list | grep -qw /etc/freeradius/3.0/radiusd.conf$; then
12 dpkg-statoverride --add --update root freerad 0640 /etc/freeradius/3.0/radiusd.conf
13 fi
14
15 # Relax permissions on local dictionary - allows radclient to run and should
16 # not contain secrets. At any rate, only do it on fresh install
17 if ! dpkg-statoverride --list | grep -qw /etc/freeradius/3.0/dictionary$; then
18 dpkg-statoverride --add --update root freerad 0644 /etc/freeradius/3.0/dictionary
19 fi
20
217 # Create snakeoil certificates on initial install
228 if grep -q -r 'etc/ssl/\(certs\|private\)/ssl-cert-snakeoil' /etc/freeradius; then
239 if test ! -e /etc/ssl/certs/ssl-cert-snakeoil.pem || \
4733 done
4834 fi
4935
50 if [ -z "$2" ] || dpkg --compare-versions "$2" lt 3.0.11+dfsg-2; then
36 if [ -z "$2" ] || dpkg --compare-versions "$2" lt 3.0.12+dfsg-2; then
5137 for module in always attr_filter cache_eap chap detail detail.log \
5238 digest dynamic_clients eap echo exec expiration expr files \
5339 linelog logintime mschap ntlm_auth pap passwd preprocess \
+0
-11
debian/freeradius-config.postrm less more
55 remove)
66 ;;
77 purge)
8 for file in /etc/freeradius/3.0/dictionary \
9 /etc/freeradius/3.0/radiusd.conf \
10 /etc/freeradius/3.0 \
11 /etc/freeradius/dictionary \
12 /etc/freeradius/radiusd.conf \
13 /etc/freeradius; do
14 if dpkg-statoverride --list | grep -qw "${file}$"; then
15 dpkg-statoverride --remove "$file"
16 fi
17 done
18
198 # Remove dangling links from sites-enabled.
209 for link in /etc/freeradius/sites-enabled/* \
2110 /etc/freeradius/3.0/sites-enabled/*; do
+0
-27
debian/freeradius-mysql.prerm less more
0 #! /bin/sh
1
2 set -e
3
4 case "$1" in
5 remove)
6 for file in `find /etc/freeradius/3.0/mods-config/sql/main/mysql/ -print`
7 do
8 if dpkg-statoverride --list | grep -qw $file$; then
9 dpkg-statoverride --remove $file
10 fi
11 done
12
13 for dir in /etc/freeradius/3.0/mods-config/sql \
14 /etc/freeradius/3.0/mods-config/sql/mysql
15 do
16 if dpkg-statoverride --list | grep -qw $dir$; then
17 dpkg-statoverride --remove $dir
18 fi
19 done
20 ;;
21 esac
22
23 #DEBHELPER#
24
25 exit 0
26
+0
-28
debian/freeradius-postgresql.prerm less more
0 #! /bin/sh
1
2 set -e
3
4 case "$1" in
5 remove)
6 for file in `find /etc/freeradius/3.0/mods-config/sql/main/postgresql/ -print`
7 do
8 if dpkg-statoverride --list | grep -qw $file$; then
9 dpkg-statoverride --remove $file
10 fi
11 done
12
13 for dir in /etc/freeradius/3.0/mods-config/sql/main \
14 /etc/freeradius/3.0/mods-config/sql/main/postgresql
15 do
16 if dpkg-statoverride --list | grep -qw $dir$; then
17 dpkg-statoverride --remove $dir
18 fi
19 done
20 ;;
21 esac
22
23 #DEBHELPER#
24
25 exit 0
26
27
+41
-52
debian/freeradius.postinst less more
99 # start after services which may be used and stop before them.
1010 update-rc.d freeradius start 50 2 3 4 5 . stop 19 0 1 6 . >/dev/null
1111
12 # Set up initial permissions on all the freeradius directories
13
14 if ! dpkg-statoverride --list | grep -q /var/run/freeradius$; then
15 mkdir -p /var/run/freeradius
16 dpkg-statoverride --add --update freerad freerad 0755 /var/run/freeradius
17 fi
18
19 if ! dpkg-statoverride --list | grep -q /var/log/freeradius$; then
20 mkdir -p /var/log/freeradius
21 dpkg-statoverride --add --update freerad freerad 0750 /var/log/freeradius
22 fi
23
24 for file in radius.log radwtmp; do
25 [ ! -f "/var/log/freeradius/${file}" ] && install -o freerad -g freerad -m 644 /dev/null /var/log/freeradius/${file}
26 done
27
28 for file in /etc/freeradius/3.0/mods-config/files/pre-proxy \
29 /etc/freeradius/3.0/mods-config/files/accounting \
30 /etc/freeradius/3.0/mods-config/preprocess/huntgroups \
31 /etc/freeradius/3.0/mods-config/preprocess/hints \
32 /etc/freeradius/3.0/experimental.conf \
33 /etc/freeradius/3.0/proxy.conf \
34 /etc/freeradius/3.0/clients.conf \
35 /etc/freeradius/mods-config/files/pre-proxy \
36 /etc/freeradius/mods-config/files/accounting \
37 /etc/freeradius/mods-config/preprocess/huntgroups \
38 /etc/freeradius/mods-config/preprocess/hints \
39 /etc/freeradius/experimental.conf \
40 /etc/freeradius/proxy.conf \
41 /etc/freeradius/clients.conf
42 do
43 if ! dpkg-statoverride --list | grep -qw $file$; then
44 dpkg-statoverride --add --update root freerad 0640 $file
45 fi
46 done
47
48 for dir in /etc/freeradius/3.0/certs \
49 /etc/freeradius/3.0/sites-available \
50 /etc/freeradius/3.0/sites-enabled \
51 /etc/freeradius/3.0/mods-config/attr_filter \
52 /etc/freeradius/3.0/policy.d \
53 /etc/freeradius/certs \
54 /etc/freeradius/sites-available \
55 /etc/freeradius/sites-enabled \
56 /etc/freeradius/mods-config/attr_filter \
57 /etc/freeradius/policy.d
58 do
59 if ! dpkg-statoverride --list | grep -qw $dir$; then
60 dpkg-statoverride --add --update freerad freerad 2751 $dir
61 fi
62 done
63
6412 action="start"
6513 else
6614 action="restart"
15 fi
16
17 if [ -z "$2" ] || dpkg --compare-versions "$2" lt 3.0.12+dfsg-2; then
18 # Set up initial permissions on all the freeradius directories
19 chown -R freerad:adm /var/log/freeradius
20 chown -R freerad:freerad /etc/freeradius
21 chmod 2751 /etc/freeradius
22 find /etc/freeradius -type f -exec chmod 640 '{}' \;
23 fi
24
25 if dpkg --compare-versions "$2" lt 3.0.12+dfsg-2; then
26 # Get rid of any dpkg statoverrides installed by earlier freeradius
27 # packages (as opposed to the system administrator).
28 cat <<'EOT' | grep --invert-match --fixed-strings --file=- /var/lib/dpkg/statoverride > /var/lib/dpkg/statoverride-new
29 root freerad 640 /etc/freeradius/experimental.conf
30 root freerad 640 /etc/freeradius/sql.conf
31 root freerad 640 /etc/freeradius/huntgroups
32 root freerad 640 /etc/freeradius/hints
33 root freerad 640 /etc/freeradius/clients.conf
34 root freerad 640 /etc/freeradius/attrs.pre-proxy
35 freerad freerad 755 /var/run/freeradius
36 root freerad 640 /etc/freeradius/acct_users
37 freerad freerad 2751 /etc/freeradius/sites-enabled
38 root freerad 640 /etc/freeradius/attrs.access_reject
39 freerad freerad 2751 /etc/freeradius/certs
40 root freerad 640 /etc/freeradius/preproxy_users
41 freerad freerad 750 /var/log/freeradius
42 freerad freerad 2751 /etc/freeradius
43 root freerad 640 /etc/freeradius/proxy.conf
44 root freerad 640 /etc/freeradius/attrs
45 root freerad 640 /etc/freeradius/policy.txt
46 root freerad 640 /etc/freeradius/ldap.attrmap
47 root freerad 640 /etc/freeradius/attrs.accounting_response
48 root freerad 640 /etc/freeradius/radiusd.conf
49 freerad freerad 2751 /etc/freeradius/sites-available
50 root freerad 640 /etc/freeradius/attrs.access_challenge
51 root freerad 640 /etc/freeradius/eap.conf
52 root freerad 644 /etc/freeradius/dictionary
53 root freerad 640 /etc/freeradius/policy.conf
54 EOT
55 mv /var/lib/dpkg/statoverride-new /var/lib/dpkg/statoverride
6756 fi
6857
6958 # Create links for default sites, but only if this is an initial
+0
-15
debian/freeradius.preinst less more
1010 find -H /etc/freeradius/certs/ -type l -delete
1111 rm -f /etc/freeradius/certs/dh
1212 fi
13
14 if dpkg --compare-versions "$2" lt "2.1.8"; then
15 for file in \
16 /etc/freeradius/otp.conf \
17 /etc/freeradius/snmp.conf
18 do
19
20 # must get rid of the overrides otherwise they corrupt the database
21 if dpkg-statoverride --list | grep -qw $file$; then
22 dpkg-statoverride --remove $file
23 fi
24
25 done
26 fi
27
2813 esac
2914
3015 #DEBHELPER#
+0
-43
debian/freeradius.prerm less more
99 /etc/init.d/freeradius stop
1010 fi
1111
12 for file in /etc/freeradius/3.0/mods-config/files/pre-proxy \
13 /etc/freeradius/3.0/mods-config/preprocess/huntgroups \
14 /etc/freeradius/3.0/mods-config/preprocess/hints \
15 /etc/freeradius/3.0/mods-config/files/accounting \
16 /etc/freeradius/3.0/experimental.conf \
17 /etc/freeradius/3.0/proxy.conf \
18 /etc/freeradius/3.0/clients.conf \
19 /etc/freeradius/mods-config/files/pre-proxy \
20 /etc/freeradius/mods-config/preprocess/huntgroups \
21 /etc/freeradius/mods-config/preprocess/hints \
22 /etc/freeradius/mods-config/files/accounting \
23 /etc/freeradius/experimental.conf \
24 /etc/freeradius/proxy.conf \
25 /etc/freeradius/clients.conf;
26 do
27 if dpkg-statoverride --list | grep -qw $file$; then
28 dpkg-statoverride --remove $file
29 fi
30 done
31
32 for dir in /etc/freeradius/3.0/certs \
33 /etc/freeradius/3.0/sites-available \
34 /etc/freeradius/3.0/sites-enabled \
35 /etc/freeradius/3.0/mods-available \
36 /etc/freeradius/3.0/mods-enabled \
37 /etc/freeradius/3.0/mods-config/attr_filter \
38 /etc/freeradius/3.0/mods-config \
39 /etc/freeradius/3.0/policy.d \
40 /etc/freeradius/certs \
41 /etc/freeradius/sites-available \
42 /etc/freeradius/sites-enabled \
43 /etc/freeradius/mods-available \
44 /etc/freeradius/mods-enabled \
45 /etc/freeradius/mods-config/attr_filter \
46 /etc/freeradius/mods-config \
47 /etc/freeradius/policy.d \
48 /var/run/freeradius \
49 /var/log/freeradius;
50 do
51 if dpkg-statoverride --list | grep -qw $dir$; then
52 dpkg-statoverride --remove $dir
53 fi
54 done
5512 ;;
5613 esac
5714