From ca2ba036f35d64b2b85eae52d16b075fea7f208a Mon Sep 17 00:00:00 2001 From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com> Date: Fri, 19 May 2023 06:57:34 +0000 Subject: [PATCH] Fix: Fixed issue while installing debian credentials (#1987) Fixed issue in .deb credential script that throws an error when running script twice for a username to replace a credential --------- Co-authored-by: Joseph Lee --- tools/gvm-lsc-deb-creator | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/tools/gvm-lsc-deb-creator b/tools/gvm-lsc-deb-creator index 22abd88ae..44d44fac3 100755 --- a/tools/gvm-lsc-deb-creator +++ b/tools/gvm-lsc-deb-creator @@ -30,6 +30,7 @@ TEMP_DIR="$3" OUTPUT_PATH=$4 MAINTAINER_EMAIL="$5" +# Verify required args if [ -z "${USERNAME}" ] then echo "No username given" >&2 @@ -38,7 +39,7 @@ fi if [ -z "${PUBKEY_FILE}" ] then - echo "No pubkey path given" >&2 + echo "No pubkey at given path" >&2 exit 1 fi @@ -54,6 +55,7 @@ then exit 1 fi +# Ensure maintainer email if [ -z "${MAINTAINER_EMAIL}" ] then MAINTAINER_HOSTNAME="$(hostname)" @@ -71,7 +73,7 @@ PACKAGE_VERSION="0.5-1" PACKAGE_NAME_VERSION="${PACKAGE_NAME}_${PACKAGE_VERSION}" MAINTAINER="Greenbone Vulnerability Manager <${MAINTAINER_EMAIL}>" PACKAGE_DATE=$(date "+%a, %d %b %Y %H:%M:%S %z") - +# Used for identifying username entry in /etc/passwd USER_COMMENT="GVM Local Security Checks" USER_COMMENT_GREP="GVM\\ Local\\ Security\\ Checks" @@ -194,6 +196,9 @@ chmod "0755" "${PREINST_FILE}" { echo "#!/bin/sh" echo "set -e # abort on errors" + echo "# Delete GVM Local Security Checks user by username and comment identifier" + echo "grep \"${USERNAME}.*${USER_COMMENT_GREP}\" /etc/passwd && userdel -fr ${USERNAME}" + echo "# GVM Local Security Checks user and create home directory" echo "useradd -c \"${USER_COMMENT}\" -d /home/${USERNAME} -m -s /bin/bash ${USERNAME}" } > "${PREINST_FILE}" @@ -204,6 +209,7 @@ chmod "0755" "${POSTINST_FILE}" { echo "#!/bin/sh" echo "set -e # abort on errors" + echo "# Change file permissions" echo "chown -R ${USERNAME}:${USERNAME} /home/${USERNAME}" echo "chmod 500 /home/${USERNAME}/.ssh" echo "chmod 400 /home/${USERNAME}/.ssh/authorized_keys" @@ -215,13 +221,15 @@ touch "${POSTRM_FILE}" chmod "0755" "${POSTRM_FILE}" { echo "#!/bin/sh" - echo "# Remove user only if it was created by this package." + echo "# Remove user only if it was created by this package and only" + echo "# if postrm is not called when reinstalling the same package." echo "# The debian package will run the postun script in case of errors" echo "# (e.g. user already existed)." echo "# Delete the user only if /etc/passwd lists content that suggests" echo "# that the user was created by this package." # echo "set -e # abort on errors" - echo "grep \"${USERNAME}.*${USER_COMMENT_GREP}\" /etc/passwd && userdel -fr ${USERNAME}" + echo "if [ \$1 != \"upgrade\" ]; then grep \"${USERNAME}.*${USER_COMMENT_GREP}\" /etc/passwd && userdel -fr ${USERNAME}; fi" + echo "exit 0" } > "${POSTRM_FILE}" # Calculate md5 checksums