fail2ban/debian/postinst

99 lines
3.2 KiB
Bash
Executable File

#! /bin/sh
# postinst script for fail2ban
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <postinst> `configure' <most-recently-configured-version>
# * <old-postinst> `abort-upgrade' <new version>
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
# <new-version>
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
# <failed-install-package> <version> `removing'
# <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package
#
preversion=$2
case "$1" in
configure)
# To fix the bug in generated by previous version files permissions
# also closes #352053
LOG=/var/log/fail2ban.log
touch $LOG
chown root:adm ${LOG}*
chmod 640 ${LOG}*
# Note regarding changed configuration file
# Note regarding changed configuration file
if [ ! -z $preversion ]; then
if dpkg --compare-versions $preversion lt 0.7.1-1; then
cat <<EOF
WARNING!
Fail2ban 0.7 is a complete rewrite of the 0.6 version, and if you
customized any of provided configuration or startup files
(/etc/default/fail2ban, /etc/fail2ban.conf, /etc/init.d/fail2ban), please
read relevant entry in /usr/share/doc/fail2ban/NEWS.Debian.gz.
EOF
fi
if dpkg --compare-versions $preversion lt 0.5.4-5.14; then
cat <<EOF
WARNING!
Configuration file /etc/fail2ban.conf, failregex configuration
parameter specifically, were changed in 0.5.4-5 to close reported
security breach, and in 0.5.4-5.14 to close few other bugs.
updating from <0.5.4-5
Unless configuration file (or corresponding failregex'es) gets updated,
security breach is not closed and corresponding warning will be reported
by the fail2ban (in the log files).
updating from <0.5.4-5.14
Bugs #329163, #331695 dealing with changed iptables rules
outside of fail2ban were fixed in 0.5.4-5.14, and require upgrade of the
configuration file (fwcheck option was introduced) to take full
advantage of the problem solution (otherwise some problems might
persist)
Please review the configuration file and make appropriate changes.
ENJOY!
EOF
fi
fi
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
if dpkg-maintscript-helper supports mv_conffile 2>/dev/null; then
dpkg-maintscript-helper mv_conffile /etc/fail2ban/action.d/firewall-cmd-direct-new.conf /etc/fail2ban/action.d/firewallcmd-new.conf 0.8.13-1~ -- "$@"
dpkg-maintscript-helper mv_conffile /etc/fail2ban/filter.d/lighttpd-fastcgi.conf /etc/fail2ban/filter.d/suhosin.conf 0.8.13-1~ -- "$@"
dpkg-maintscript-helper mv_conffile /etc/fail2ban/filter.d/sasl.conf /etc/fail2ban/filter.d/postfix-sasl.conf 0.8.13-1~ -- "$@"
dpkg-maintscript-helper mv_conffile /etc/fail2ban/filter.d/couriersmtp.conf /etc/fail2ban/filter.d/courier-smtp.conf 0.9.0-1~ -- "$@"
dpkg-maintscript-helper mv_conffile /etc/fail2ban/filter.d/courierlogin.conf /etc/fail2ban/filter.d/courier-auth.conf 0.9.0-1~ -- "$@"
fi
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0