]> git.saurik.com Git - apt.git/blobdiff - debian/apt.postinst
You have to do the bounds check before the access.
[apt.git] / debian / apt.postinst
old mode 100644 (file)
new mode 100755 (executable)
index df04330..1f98fce
@@ -15,11 +15,55 @@ set -e
 
 case "$1" in
     configure)
 
 case "$1" in
     configure)
+       if dpkg --compare-versions "$2" lt 1.1~exp4; then
+           # apt-key before 0.9.10 could leave empty keyrings around
+           find /etc/apt/trusted.gpg.d/ -name '*.gpg' | while read keyring; do
+               if ! test -s "$keyring"; then
+                   rm -f "$keyring"
+               fi
+           done
+           # apt-key before 0.9.8.2 could create 0600 trusted.gpg file
+           if test -e /etc/apt/trusted.gpg ; then
+               chmod -f 0644 /etc/apt/trusted.gpg || true
+           fi
+       fi
 
 
-        if ! test -f /etc/apt/trusted.gpg; then
-                cp /usr/share/apt/ubuntu-archive.gpg /etc/apt/trusted.gpg
+       if dpkg --compare-versions "$2" lt-nl 0.9.9.5; then
+           # we are using tmpfiles for both
+           rm -f /etc/apt/trustdb.gpg
+           # this removal was done unconditional since 0.8.15.3
+           SECRING='/etc/apt/secring.gpg'
+           # test if secring is an empty normal file
+           if test -f $SECRING -a ! -s $SECRING; then
+               rm -f $SECRING
+           fi
+       fi
+
+       # add unprivileged user for the apt methods
+       adduser --force-badname --system --home /nonexistent  \
+           --no-create-home --quiet _apt || true
+
+       # Fixup any mistake in the home directory of the _apt user
+       if dpkg --compare-versions "$2" lt-nl 1.1~exp10~; then
+           usermod --home /nonexistent _apt
+       fi
+
+       # deal with upgrades from experimental
+       if dpkg --compare-versions "$2" 'eq' '1.1~exp3'; then
+           # libapt will setup partial/ at runtime
+           chown -R root:root /var/lib/apt/lists /var/cache/apt/archives || true
+       fi
+
+        # ensure tighter permissons on the logs, see LP: #975199
+        if dpkg --compare-versions "$2" lt-nl 0.9.7.7; then
+            # ensure permissions are right
+            chmod -f 0640 /var/log/apt/term.log* || true
         fi
 
         fi
 
+        # create kernel autoremoval blacklist on update
+        if dpkg --compare-versions "$2" lt 0.9.9.3; then
+            /etc/kernel/postinst.d/apt-auto-removal
+        fi
     ;;
 
     abort-upgrade|abort-remove|abort-deconfigure)
     ;;
 
     abort-upgrade|abort-remove|abort-deconfigure)