On Thu, 07 Jan 2021 00:16:08 +0100 Lars Kruse <de...@sumpfralle.de> wrote:
Hi, > Dear Maintainer, > > I would like to use "dh-sysuser" in order to clean up my > prerm/postinst scripts. > > But I am struggling to apply dh-sysuser in the context of the > following postinst script: > > https://git.hack-hro.de/grouprise/grouprise/-/blob/master/debian/grouprise.postinst#L25 > > A few actions in that specific postinst script rely on the existence > of the user account (e.g. chown for directories). > Thus I would need to move the `#DEBHELPER#` marker to the top of the > postinst script. But this would lead to related services being > restarted (via the other debhelper snippets) before the directory > permissions are configured. > Sorry for late response, I've been quite busy. Quickly looking at your script one thing that you can try is to use an interface like systemd-tmpfiles or a standalone like opentmpfiles to to do an equivalent of the following (it should be possible but i'm not 100% sure) # protect sensitive content (e.g. database credentials) chown "root:$PKG_GROUP" /etc/grouprise/settings.py chmod 640 /etc/grouprise/settings.py mkdir -p "$DIR_LOGS" chown "$PKG_USER:adm" "$DIR_LOGS" mkdir -p "$DIR_MEDIA" "$DIR_STATIC" chown "$PKG_USER:$PKG_GROUP" "$DIR_MEDIA" "$DIR_STATIC" Debhelper will handle tmpfiles, so at that point the order should be correct (and if not i'll fix it). Anyway if you need to perform actions that are not supported by debhelper your problem can't be solved this way.. > Maybe it would be desirable to allow dh-sysuser to inject its snippet > into "preinst" instead of "postinst"? I can think about this, but i likely need a discussion on Debian Devel first. Anyway this can happen only after Bullseye release, or maybe in experimental, but not right now. > Cheers, > Lars Regards, Lorenzo
