File: //var/lib/dpkg/info/kernelcare.postinst
#!/bin/bash
# @FLAGS@ placeholder for flags
LIBCARE_ENABLED=1
# echo @@ $DPKG_MAINTSCRIPT_NAME $DPKG_MAINTSCRIPT_PACKAGE $1 $2
KCARE_LIST=/etc/apt/sources.list.d/kcare.list
DISTRO_ID=$(awk -F'=' '/^ID=/ {print $2}' /etc/os-release | cut -d '=' -f2)
DISTRO_VERSION=$(grep -w 'VERSION_ID' /etc/os-release | cut -d'=' -f2 | tr -d '"')
IS_UBUNTU_14=''
if [ "$DISTRO_ID" == 'ubuntu' ] && [ "$DISTRO_VERSION" == '14.04' ]; then
IS_UBUNTU_14='y'
fi
function set_repo_opts() {
# user can use local repo which doesn't support arch and signed-by definition
sed -E -i "s|\[.*signed-by=(.*)\]|\[arch=amd64,arm64 signed-by=\1\]|" "$KCARE_LIST"
}
function set_ubuntu_repo() {
# ubuntu distros exclude 14.04 use native ubuntu packages and the repo params should be updated accordingly
# example of a repo line:
# https://repo.cloudlinux.com/kernelcare-ubuntu/24.04 noble main
if [ -z "$IS_UBUNTU_14" ]; then
ubuntu_name=$(grep -w 'VERSION_CODENAME' /etc/os-release | cut -d'=' -f2 | tr -d '"')
# there could be old repo urls like
# https://repo.cloudlinux.com/kernelcare-debian/ (without kernelcare/ folder)
sed -E -i "s@/((kernelcare/)?kernelcare-debian|kernelcare-ubuntu)/.*@/kernelcare-ubuntu/$DISTRO_VERSION $ubuntu_name main@" "$KCARE_LIST"
fi
}
case "$1" in
configure)
mkdir -p /etc/pki/kcare-gpg
chmod 700 /etc/pki/kcare-gpg
chown root:root /etc/pki/kcare-gpg
if [ -n "$KCARE_SCANNER_USER" ]; then
kcare-scanner-interface init ${KCARE_SCANNER_USER}
fi
# Fix KPT-900 for old versions
[[ -f /etc/profile.d/kernelcare.sh ]] && sed -i 's/ ${CURRENT_USER} / "${CURRENT_USER}" /g' /etc/profile.d/kernelcare.sh
[[ -f /etc/profile.d/kernelcare.sh ]] && sed -i 's/$(logname)/$(logname 2>\/dev\/null)/g' /etc/profile.d/kernelcare.sh
# Remove old audit rules
[[ -f /etc/audit/rules.d/kernelcare.rules ]] && rm /etc/audit/rules.d/kernelcare.rules
KCARE_CRON=/etc/cron.d/kcare-cron
if [ ! -f ${KCARE_CRON} ]; then
mkdir -p /etc/cron.d
touch ${KCARE_CRON}
if [ -n "$KCARE_MAILTO" ]; then
echo "MAILTO=\"$KCARE_MAILTO\"" >> ${KCARE_CRON}
fi
echo "$(( RANDOM % 60 )) */4 * * * root /usr/bin/kcarectl -q --auto-update" >> ${KCARE_CRON}
fi
if [ -n "$KCARE_PATCH_SERVER" ]; then
sed -i '/PATCH_SERVER/d' /etc/sysconfig/kcare/kcare.conf
echo "PATCH_SERVER=$KCARE_PATCH_SERVER" >> /etc/sysconfig/kcare/kcare.conf
fi
if [ -n "$KCARE_REGISTRATION_URL" ]; then
sed -i '/REGISTRATION_URL/d' /etc/sysconfig/kcare/kcare.conf
echo "REGISTRATION_URL=$KCARE_REGISTRATION_URL" >> /etc/sysconfig/kcare/kcare.conf
fi
if [ ! -f "$KCARE_LIST" ]; then
cp /usr/share/kcare/kcare.list "$KCARE_LIST"
fi
hash systemctl 2>/dev/null && systemctl daemon-reload
# KPT-3597: remove SysVinit scripts
if [ -x "/etc/init.d/kcare" ]; then
if hash invoke-rc.d 2>/dev/null; then
invoke-rc.d kcare stop
else
/etc/init.d/kcare stop
fi
update-rc.d kcare remove || true
rm -f /etc/init.d/kcare
# re-enable kcare
systemctl enable kcare.service
fi
if [ -z "$2" ]; then
systemctl enable kcare.service
else
KCARE_OLD=/etc/sysconfig/kcare
depmod
if [ -f $KCARE_OLD ]; then
mv $KCARE_OLD $KCARE_OLD.old
mkdir -p $KCARE_OLD
mv $KCARE_OLD.old $KCARE_OLD/kcare.conf
fi
if [ -s ${KCARE_CRON} ]; then
# Old cron file migrations
# Gradual rollout is abandoned
sed -i 's/--gradual-rollout=auto//' ${KCARE_CRON}
fi
fi
if hash systemctl 2>/dev/null && [ -n "$LIBCARE_ENABLED" ]; then
systemctl stop libcare.service
systemctl enable libcare.socket
systemctl restart libcare.socket
fi
if [ -n "$LIBCARE_ENABLED" ]; then
cp -f /var/lib/libcare/blacklist /etc/sysconfig/kcare/libcare-blacklist
fi
# remove old configs (were moved to other locations)
rm -f /etc/logrotate.d/libcare \
/etc/pki/kcare-gpg/kcare_pub.key \
/etc/pki/kcare-gpg/root-keys.json
set_repo_opts
if [ "$DISTRO_ID" == 'ubuntu' ]; then
set_ubuntu_repo
fi
;;
triggered)
set_repo_opts
if [ "$DISTRO_ID" == 'ubuntu' ]; then
set_ubuntu_repo
else
repo_name="kernelcare-debian"
grep -q "^# deb" "$KCARE_LIST" && sed -i "s|^# deb|deb|" "$KCARE_LIST"
sed -E -i "s|$repo_name/[0-9]+(\.[0-9]+)?|$repo_name/$DISTRO_VERSION|" "$KCARE_LIST"
fi
;;
esac
exit 0