[pve-devel] [PATCH manager] postinst: migrate/update APT auth config

Stoiko Ivanov s.ivanov at proxmox.com
Tue Sep 13 17:03:39 CEST 2022 

Thanks for the patch!

2-3 small issues and one nit:
On Tue, 13 Sep 2022 14:30:35 +0200
Fabian Grünbichler <f.gruenbichler at proxmox.com> wrote:

> missed when switching over to Proxmox::RS::Subscription, which stores
> the same info in the product-specific /etc/apt/auth.conf.d/pve.conf .
> 
> the top-level file might contain non-PVE-managed entries, so only remove
> entries matching "our" machine.
> 
> Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
> ---
>  debian/postinst | 30 ++++++++++++++++++++++++++++++
>  1 file changed, 30 insertions(+)
> 
> diff --git a/debian/postinst b/debian/postinst
> index 7be1aa3d..d6216607 100755
> --- a/debian/postinst
> +++ b/debian/postinst
> @@ -62,6 +62,30 @@ EOF
>      fi
>  }
>  
> +migrate_apt_auth_conf() {
> +    output=""
> +    removed=""
> +    match=0
> +
> +    while read l; do
nit: shellcheck:  https://www.shellcheck.net/wiki/SC2162 -- read without
-r will mangle backslashes - not sure if wanted here?
> +	if echo "$l" | grep -q "^/machine enterprise.proxmox.com/debian/pmg"; then
> +	    match=1
> +	elif echo "$l" | grep -q "^machine"; then
> +	    match=0
> +	fi
> +    done
here the '< /etc/apt/auth.conf' is missing (present in the pmg-api patch)

> +
> +    if test -n "$removed"; then
> +	if test ! -e /etc/apt/auth.conf.d/pmg.conf; then
> +	    echo "Migrating APT auth config for enterprise.proxmox.com to PMG specific file.."
> +	    echo "$removed" > /etc/apt/auth.conf.d/pmg.conf
s/pmg.conf/pve.conf for this one


> +	else
> +	    echo "Removing stale APT auth config from /etc/apt/auth.conf"
> +	fi
> +	echo "$output" > /etc/apt/auth.conf
this leaves an emtpy /etc/apt/auth.conf (tested on a pmg-install) if the
only auth.conf entry was the one for our hosts
(maybe `test -n "$output" && echo "$output" > /etc/apt/auth.conf`
also maybe printf might save you the trailing newline)


> +    fi
> +}
> +
>  case "$1" in
>    triggered)
>      # We don't print a status message here, as dpkg already said
> @@ -190,6 +214,12 @@ case "$1" in
>  	    fi
>  	done
>      fi
> +
> +    if test ! -e /proxmox_install_mode && test -n "$2" && dpkg --compare-versions "$2" 'lt' '7.2.11~'; then
> +	if test -e /etc/apt/auth.conf ; then
> +	    migrate_apt_auth_conf
> +	fi
> +    fi
>      ;;
>  
>    abort-upgrade|abort-remove|abort-deconfigure)

More information about the pve-devel mailing list