[pve-devel] [PATCH v3 access-control 2/2] add postinst script
Fabian Grünbichler
f.gruenbichler at proxmox.com
Wed Mar 13 15:01:31 CET 2019
to reset auth key age until the first rotation has happened, otherwise
all currently existing tickets get invalidated immediately once the
rotation code gets enabled.
disabled until first PVE 6.0 package release
Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
---
Notes:
new in v3
debian/postinst | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
create mode 100755 debian/postinst
diff --git a/debian/postinst b/debian/postinst
new file mode 100755
index 0000000..a9b0331
--- /dev/null
+++ b/debian/postinst
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+set -e
+
+#DEBHELPER#
+
+case "$1" in
+ configure)
+ # TODO: enable for PVE 6.0
+# if test -n "$2"; then
+#
+# # TODO: remove once PVE 7.0 is released
+# if dpkg --compare-versions "$2" 'lt' '6.0-1'; then
+# if test ! -e /etc/pve/authkey.pub.old; then
+# # reset key age to prevent immediate invalidation of all current tickets
+# touch -d "-2h" /etc/pve/authkey.pub 2>/dev/null || true
+# fi
+# fi
+#
+# fi
+ ;;
+
+esac
+
+exit 0
--
2.20.1
More information about the pve-devel
mailing list