Ganz viele ToDos abgearbeitet

diff --git a/TODO b/TODO
index 7991503..40e6ed3 100644 (file)
--- a/TODO
+++ b/TODO
@@ -1,2 +1 @@
- * Hostcheck ( if ! hosts... ) { mv ATTIC }
- * postinst -> upgrade -> upgrade_sshkeysync
+ * Eintrag fuer apache/conf.d bauen

diff --git a/debian/rbm-ssh-keysync-server.postinst b/debian/rbm-ssh-keysync-server.postinst
index 01c850a..a1a70cf 100644 (file)
--- a/debian/rbm-ssh-keysync-server.postinst
+++ b/debian/rbm-ssh-keysync-server.postinst
@@ -2,19 +2,62 @@
 #
 # rbm-ssh-keysync-server.postinst
 #
+# vim:set foldmethod=marker:
+# 
+
+is_initial_configuration() {                                            # {{{
+# Check if this is the initial configuration and not an upgrade of an 
+# existing configuration
+# Usage: if is_initial_configuration "$@"; then ... fi from top level
+
+        # Plain installation
+        if [ "$1" = configure ] && [ -z "$2" ]; then
+                return 0
+        fi
+        # Configuration via dpkg-reconfigure
+        if [ "$1" = reconfigure ] || [ "$DEBCONF_RECONFIGURE" ]; then
+                return 0
+        fi
+        return 1
+}
+
+# }}}
 
 # Create ssh-keysync management user, if not allready there
 if ! getent passwd skeysync > /dev/null; then
        useradd -m -d /var/cache/ssh-keysync -c "ssh-keysync Keymaster" skeysync
 fi
 
-# set feasible rights
-chown skeysync.root /var/cache/ssh-keysync
-chmod 755 /var/cache/ssh-keysync
+# Create ssh-keysync management group, if no allready there
+if ! getent group skeysync > /dev/null; then
+       addgroup --system skeysync
+fi
+
+# Set primary group of the ssh-keysync user to skeysync if not allready done.
+if [ `id -n -g skeysync` != skeysync ]; then
+       usermod -g skeysync skeysync
+fi
+
+# If you have a 'fai' user, you might want to let this user write to
+# /var/cache/ssh-keysync, so we put him into the group
+if getent passwd fai > /dev/null; then
+       if [ `id -n -G fai | grep -c skeysync` == 0 ]; then
+               adduser fai skeysync
+       fi
+fi
 
 # create public directory that will be shared by a webserver (apache by
 # default) to let the clients access the generated ssh_knonw_hosts files.
 mkdir -p /var/cache/ssh-keysync/pub
 
-# let the skeysync user write to the output dir
-chown skeysync /var/cache/ssh-keysync/pub
+# set feasible rights to allow every member of 'skeysync'
+# to write in /var/cache/ssh-keysync
+find /var/cache/ssh-keysync -type d -exec chmod 2775 {} \;
+find /var/cache/ssh-keysync -type f -exec chmod  664 {} \;
+find /var/cache/ssh-keysync -exec chown skeysync:skeysync {} \;
+
+##
+# Call automagic upgrade script if this package is upgraded
+if ! is_initial_configuration "$@"; then
+       /usr/bin/upgrade_sshkeysyc      
+fi

diff --git a/files/ssh-keysync-merge b/files/ssh-keysync-merge
index 22f2deb..67ebd97 100755 (executable)
--- a/files/ssh-keysync-merge
+++ b/files/ssh-keysync-merge
@@ -4,6 +4,7 @@
 use strict;
 use RBM::sshKeySync::Merge;
 
-my $merger = RBM::sshKeySync::Merge->new( debug => 0 );
+my $merger = RBM::sshKeySync::Merge->new( debug => 0, quiet => 0 );
 
-$merger->merge_all_domains();
+#$merger->merge_all_domains();
+$merger->merge_domain("math.uni-paderborn.de");