fail2ban/debian/postinst

96 lines
2.8 KiB
Plaintext
Raw Normal View History

#! /bin/sh
# postinst script for fail2ban
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <postinst> `configure' <most-recently-configured-version>
# * <old-postinst> `abort-upgrade' <new version>
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
# <new-version>
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
# <failed-install-package> <version> `removing'
# <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package
#
preversion=$2
case "$1" in
configure)
# To fix the bug in generated by previous version files permissions
2006-02-16 15:53:38 +00:00
# also closes #352053
2006-02-16 15:53:38 +00:00
LOG=/var/log/fail2ban.log
touch $LOG
2006-02-16 16:23:05 +00:00
chown root:adm ${LOG}*
chmod 640 ${LOG}*
2006-02-16 15:53:38 +00:00
# Note regarding changed configuration file
# Note regarding changed configuration file
if [ ! -z $preversion ]; then
if dpkg --compare-versions $preversion lt 0.7.1-1; then
cat <<EOF
WARNING!
0.7.x versions of fail2ban is a complete rewrite of the tool since 0.6, and
it went through restructuring of the configuration files. If you had
adjusted config file /etc/fail2ban.conf or /etc/defaults/fail2ban, you need
to adjust new config files (under /etc/fail2ban/ and /etc/default/fail2ban)
to take advantage of the upgrade. Now fail2ban uses split configs and local
modifications can be introduced in corresponding .local files. Please
remove old configuration file /etc/fail2ban.conf thereafter.
Please review the configuration file and make appropriate changes.
ENJOY!
EOF
fi
if dpkg --compare-versions $preversion lt 0.5.4-5.14; then
cat <<EOF
WARNING!
Configuration file /etc/fail2ban.conf, failregex configuration
parameter specificly, were changed in 0.5.4-5 to close reported
security breach, and in 0.5.4-5.14 to close few other bugs.
updating from <0.5.4-5
Unless configuration file (or corresponding failregex'es) gets updated,
security breach is not closed and corresponding warning will be reported
by the fail2ban (in the log files).
updating from <0.5.4-5.14
Bugs #329163, #331695 dealing with changed iptables rules
outside of fail2ban were fixed in 0.5.4-5.14, and require upgrade of the
configuration file (fwcheck option was introduced) to take full
advantage of the problem solution (otherwise some problems might
persist)
Please review the configuration file and make appropriate changes.
ENJOY!
EOF
fi
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0