#!/bin/sh
# postinst script for libvirt-daemon-system
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <postinst> `configure' <most-recently-configured-version>
# * <old-postinst> `abort-upgrade' <new version>
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
# <new-version>
# * <postinst> `abort-remove'
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
# <failed-install-package> <version> `removing'
# <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package
# Source debconf library.
. /usr/share/debconf/confmodule
# Allocated UID and GID for libvirt-qemu
LIBVIRT_QEMU_UID=64055
LIBVIRT_QEMU_GID=64055
add_users_groups()
{
if ! getent group libvirt >/dev/null; then
addgroup --quiet --system libvirt
fi
if ! getent group kvm >/dev/null; then
addgroup --quiet --system kvm
fi
# user and group libvirt runs qemu/kvm instances with
if ! getent passwd libvirt-qemu >/dev/null; then
# set uid if available (expected); don't fail otherwise.
PARAMETER_UID=''
if ! getent passwd $LIBVIRT_QEMU_UID >/dev/null; then
PARAMETER_UID="--uid $LIBVIRT_QEMU_UID"
fi
adduser --quiet \
--system \
--ingroup kvm \
--quiet \
--disabled-login \
--disabled-password \
--home /var/lib/libvirt \
--no-create-home \
--gecos "Libvirt Qemu" \
$PARAMETER_UID \
libvirt-qemu
fi
if ! getent group libvirt-qemu >/dev/null; then
# set gid if available (expected); don't fail otherwise.
PARAMETER_GID=''
if ! getent group $LIBVIRT_QEMU_GID >/dev/null; then
PARAMETER_GID="--gid $LIBVIRT_QEMU_GID"
fi
addgroup --quiet --system $PARAMETER_GID libvirt-qemu
adduser --quiet libvirt-qemu libvirt-qemu
fi
}
add_statoverrides()
{
ROOT_DIRS="\
/var/lib/libvirt/images/ \
/var/lib/libvirt/boot/ \
/var/cache/libvirt/ \
"
QEMU_DIRS="\
/var/lib/libvirt/qemu/ \
/var/cache/libvirt/qemu/ \
/var/lib/libvirt/qemu/channel/ \
/var/lib/libvirt/qemu/channel/target/ \
"
SANLOCK_DIR="/var/lib/libvirt/sanlock"
QEMU_CONF="/etc/libvirt/qemu.conf"
for dir in ${ROOT_DIRS}; do
if ! dpkg-statoverride --list "${dir}" >/dev/null 2>&1; then
[ ! -e "${dir}" ] || chown root:root "${dir}"
[ ! -e "${dir}" ] || chmod 0711 "${dir}"
fi
done
for dir in ${QEMU_DIRS}; do
if ! dpkg-statoverride --list "${dir}" >/dev/null 2>&1; then
[ ! -e "${dir}" ] || chown libvirt-qemu:libvirt-qemu "${dir}"
[ ! -e "${dir}" ] || chmod 0750 "${dir}"
fi
done
if ! dpkg-statoverride --list "${SANLOCK_DIR}" >/dev/null 2>&1; then
[ ! -e "${SANLOCK_DIR}" ] || chown root:root "${SANLOCK_DIR}"
[ ! -e "${SANLOCK_DIR}" ] || chmod 0700 "${SANLOCK_DIR}"
fi
if ! dpkg-statoverride --list "${QEMU_CONF}" >/dev/null 2>&1; then
[ ! -e "${QEMU_CONF}" ] || chown root:root "${QEMU_CONF}"
[ ! -e "${QEMU_CONF}" ] || chmod 0600 "${QEMU_CONF}"
fi
}
case "$1" in
configure)
add_users_groups
add_statoverrides
# Make sure the directories don't get removed on package removal since
# logrotate chokes otherwise.
for dir in qemu uml lxc; do
touch /var/log/libvirt/"${dir}"/.placeholder
done
# Remove left over empty directory from pre 1.2.7
[ ! -d /etc/apparmor.d/libvirtd ] || rmdir --ignore-fail-on-non-empty /etc/apparmor.d/libvirtd
# Force virtlockd to reexec if enabled
if [ -d /run/systemd/system ]; then
! systemctl is-active -q virtlogd || systemctl reload virtlogd.service >/dev/null
! systemctl is-active -q virtlockd || systemctl reload virtlockd.service >/dev/null
fi
# Force refresh of capabilties (#731815)
rm -f /var/cache/libvirt/qemu/capabilities/*.xml
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
db_stop
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0