buildadm
/
ubuntu-22.04.3-desktop-amd64
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ubuntu-22.04.3-desktop-amd64/casper/filesystem/var/lib/dpkg/info/apparmor.postinst

232 lines
7.9 KiB
Bash
Executable File
Raw Blame History

#!/bin/sh
# postinst script for apparmor
#
# see: dh_installdeb(1)
set -e
. /usr/share/debconf/confmodule
. /lib/apparmor/rc.apparmor.functions
# summary of how this script can be called:
# * <postinst> `configure' <most-recently-configured-version>
# * <old-postinst> `abort-upgrade' <new version>
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
# <new-version>
# * <postinst> `abort-remove'
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
# <failed-install-package> <version> `removing'
# <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package
case "$1" in
configure|abort-remove|abort-deconfigure)
# Remove old cache directories
if dpkg --compare-versions "$2" lt-nl "2.13-7"; then
rm -rf /etc/apparmor.d/cache /etc/apparmor.d/cache.d
fi
# Remove old cache files that click, snapd or manual invokation
# of "apparmor_parser --cache-loc /var/cache/apparmor" may have created:
# since 2.13-1 apparmor_parser won't create cache files at the root
# of the cache-loc, but instead in sub-directories.
if dpkg --compare-versions "$2" lt-nl "2.13-7"; then
find /var/cache/apparmor -maxdepth 1 -type f '!' -name CACHEDIR.TAG -delete
fi
# Try to determine values for apparmor/homedirs if the administrator
# hasn't already.
if dpkg --compare-versions "$2" lt-nl "2.5~pre+bzr1362-0ubuntu2"; then
db_get apparmor/homedirs
if [ -z "$RET" ]; then
# Get unique dirnames for uids between 1000 and 30000, then
# format them appropriately for AppArmor
dirs=`awk -F: '$3 >= 1000 && $3 < 30000 {printf "%s\n", $6}' /etc/passwd | xargs -d '\n' -n 1 dirname | grep -v '^/home$' | sed -e 's#\(.*\)#\\1/#g' | sed -e '/ / { s#\(.*\)#"\\1"#g }' | sort -u | tr '\n' ' '`
if [ -n "$dirs" ]; then
db_set apparmor/homedirs "$dirs"
fi
fi
fi
db_get apparmor/homedirs
tmp=`mktemp`
cat > "$tmp" <<EOM
# This file is auto-generated. It is recommended you update it using:
# $ sudo dpkg-reconfigure apparmor
#
# The following is a space-separated list of where additional user home
# directories are stored, each must have a trailing '/'. Directories added
# here are appended to @{HOMEDIRS}. See tunables/home for details.
EOM
if [ -n "$RET" ]; then
cat >> "$tmp" <<EOM
@{HOMEDIRS}+=$RET
EOM
else
cat >> "$tmp" <<EOM
#@{HOMEDIRS}+=
EOM
fi
mkdir -p /etc/apparmor.d/tunables/home.d 2>/dev/null || true
mv -Z -f "$tmp" /etc/apparmor.d/tunables/home.d/ubuntu
chmod 644 /etc/apparmor.d/tunables/home.d/ubuntu
if [ ! -e /etc/apparmor.d/tunables/xdg-user-dirs.d/site.local ]; then
tmp=`mktemp`
cat > "$tmp" <<EOM
# ------------------------------------------------------------------
#
# Copyright (C) 2014 Canonical Ltd.
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
# The following may be used to add additional entries such as for
# translations. See tunables/xdg-user-dirs for details. Eg:
#@{XDG_MUSIC_DIR}+="Musique"
#@{XDG_DESKTOP_DIR}+=""
#@{XDG_DOWNLOAD_DIR}+=""
#@{XDG_TEMPLATES_DIR}+=""
#@{XDG_PUBLICSHARE_DIR}+=""
#@{XDG_DOCUMENTS_DIR}+=""
#@{XDG_MUSIC_DIR}+=""
#@{XDG_PICTURES_DIR}+=""
#@{XDG_VIDEOS_DIR}+=""
EOM
mkdir -p /etc/apparmor.d/tunables/xdg-user-dirs.d 2>/dev/null || true
mv -Z -n "$tmp" /etc/apparmor.d/tunables/xdg-user-dirs.d/site.local
chmod 644 /etc/apparmor.d/tunables/xdg-user-dirs.d/site.local
fi
# Remove various profiles from Ubuntu Touch since they no longer exist
# in the archive and require files from apparmor-easyprof-ubuntu (which
# was also removed) to load correctly.
if dpkg --compare-versions "$2" lt-nl "2.12-4ubuntu4"; then
for i in usr.bin.media-hub-server usr.bin.mediascanner-service-2.0 usr.lib.mediascanner-2.0.mediascanner-extractor usr.bin.messaging-app usr.bin.webbrowser-app ; do
rm -f "/etc/apparmor.d/$i"
rm -f "/etc/apparmor.d/local/$i"
done
fi
;;
abort-upgrade)
# Nothing to do
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
# Automatically added by dh_apparmor/3.0.4-2ubuntu2.2
if [ "$1" = "configure" ]; then
APP_PROFILE="/etc/apparmor.d/lsb_release"
if [ -f "$APP_PROFILE" ]; then
# Add the local/ include
LOCAL_APP_PROFILE="/etc/apparmor.d/local/lsb_release"
test -e "$LOCAL_APP_PROFILE" || {
mkdir -p `dirname "$LOCAL_APP_PROFILE"`
install --mode 644 /dev/null "$LOCAL_APP_PROFILE"
}
# Reload the profile, including any abstraction updates
if aa-enabled --quiet 2>/dev/null; then
apparmor_parser -r -T -W "$APP_PROFILE" || true
fi
fi
fi
# End automatically added section
# Automatically added by dh_apparmor/3.0.4-2ubuntu2.2
if [ "$1" = "configure" ]; then
APP_PROFILE="/etc/apparmor.d/nvidia_modprobe"
if [ -f "$APP_PROFILE" ]; then
# Add the local/ include
LOCAL_APP_PROFILE="/etc/apparmor.d/local/nvidia_modprobe"
test -e "$LOCAL_APP_PROFILE" || {
mkdir -p `dirname "$LOCAL_APP_PROFILE"`
install --mode 644 /dev/null "$LOCAL_APP_PROFILE"
}
# Reload the profile, including any abstraction updates
if aa-enabled --quiet 2>/dev/null; then
apparmor_parser -r -T -W "$APP_PROFILE" || true
fi
fi
fi
# End automatically added section
# Automatically added by dh_installdeb/13.6ubuntu1
dpkg-maintscript-helper rm_conffile /etc/apparmor.d/abstractions/launchpad-integration 2.13.1-2\~ -- "$@"
dpkg-maintscript-helper rm_conffile /etc/apparmor/features 2.11.1-4\~ -- "$@"
dpkg-maintscript-helper rm_conffile /etc/apparmor/subdomain.conf 2.13.2-2\~ -- "$@"
dpkg-maintscript-helper rm_conffile /etc/init/apparmor.conf 2.11.0-11\~ -- "$@"
# End automatically added section
# Automatically added by dh_installinit/13.6ubuntu1
if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then
if [ -x "/etc/init.d/apparmor" ]; then
update-rc.d apparmor defaults >/dev/null || true
fi
fi
# End automatically added section
# Automatically added by dh_installsystemd/13.6ubuntu1
if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then
# This will only remove masks created by d-s-h on package removal.
deb-systemd-helper unmask 'apparmor.service' >/dev/null || true
# was-enabled defaults to true, so new installations run enable.
if deb-systemd-helper --quiet was-enabled 'apparmor.service'; then
# Enables the unit on first installation, creates new
# symlinks on upgrades if the unit file has changed.
deb-systemd-helper enable 'apparmor.service' >/dev/null || true
else
# Update the statefile to add new symlinks (if any), which need to be
# cleaned up on purge. Also remove old symlinks.
deb-systemd-helper update-state 'apparmor.service' >/dev/null || true
fi
fi
# End automatically added section
# Now that AppArmor is installed, attempt to reload profiles in the
# case of upgrades.
aa_log_action_start() {
echo "$@"
}
aa_log_action_end() {
echo -n
}
aa_log_daemon_msg() {
echo "$@"
}
aa_log_end_msg() {
echo -n
}
aa_log_failure_msg() {
echo "Error: $@"
}
aa_log_skipped_msg() {
echo "Skipped: $@"
}
aa_log_warning_msg() {
echo "Warning: $@"
}
case "$1" in
configure)
if aa-status --enabled 2>/dev/null; then
parse_profiles reload || true
fi
;;
esac
exit 0
Reference in New Issue View Git Blame Copy Permalink