diff --git a/debian/static/DEBIAN/control b/debian/static/DEBIAN/control index 1aa6b46..0cfed3b 100644 --- a/debian/static/DEBIAN/control +++ b/debian/static/DEBIAN/control @@ -3,6 +3,6 @@ Version: %VERSION% Section: net Priority: optional Architecture: %ARCHITECTURE% -Depends: bash, daemon, iproute (>= 20100519-3) | iproute2 (>= 20100519-3) | openvpn, passwd, coreutils +Depends: bash, daemon, iproute (>= 20100519-1) | iproute2, adduser Maintainer: Ivo Smits Description: Very simple, yet secure VPN software diff --git a/debian/static/DEBIAN/postinst b/debian/static/DEBIAN/postinst index 6dc8b25..bd6f9ba 100755 --- a/debian/static/DEBIAN/postinst +++ b/debian/static/DEBIAN/postinst @@ -1,6 +1,29 @@ #!/bin/sh -if [ "$1" = "configure" ]; then - if ! getent passwd quicktun >/dev/null; then - /usr/sbin/useradd -d /nonexistent -N -r -s /bin/false -g nogroup quicktun - fi -fi + +set -e + +case "$1" in + configure|reconfigure) + adduser --system \ + --quiet \ + --group \ + --home /nonexistent \ + --no-create-home \ + --gecos "QuickTun VPN daemon" \ + quicktun + # Upgrade path: if the user quicktun already existed, "adduser" will not + # create the group, so we handle this here. + if ! getent group quicktun > /dev/null; then + echo "Creating system group \`quicktun' and putting quicktun user into it" 1>&2 + addgroup --quiet --system quicktun + usermod -g quicktun quicktun + fi + ;; + abort-upgrade|abort-remove|abort-deconfigure) + exit 0 + ;; + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac diff --git a/debian/static/DEBIAN/postrm b/debian/static/DEBIAN/postrm new file mode 100755 index 0000000..3dd2bd8 --- /dev/null +++ b/debian/static/DEBIAN/postrm @@ -0,0 +1,19 @@ +#!/bin/sh + +set -e + +case "$1" in + purge) + if [ -x "$(command -v deluser)" ]; then + deluser --quiet --system quicktun > /dev/null || true + deluser --group --system --quiet --only-if-empty quicktun || true + else + echo "not removing quicktun system account and group because deluser command was not found" >&2 + fi + ;; + remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + ;; + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 1 +esac diff --git a/debian/static/DEBIAN/prerm b/debian/static/DEBIAN/prerm deleted file mode 100755 index 8fdb1ec..0000000 --- a/debian/static/DEBIAN/prerm +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh -if [ "$1" = "remove" ]; then - /usr/sbin/userdel quicktun -fi diff --git a/debian/static/etc/network/if-post-down.d/quicktun b/debian/static/etc/network/if-post-down.d/quicktun index 2dcbcc4..4abd880 100755 --- a/debian/static/etc/network/if-post-down.d/quicktun +++ b/debian/static/etc/network/if-post-down.d/quicktun @@ -1,15 +1,11 @@ #!/bin/sh test -n "${IF_QT_REMOTE_ADDRESS}" || exit 0 test -z "${IF_QT_NO_PRECREATE}" || exit 0 -if [ -x /usr/sbin/openvpn ]; then - /usr/sbin/openvpn --rmtun --dev "${IFACE}" -elif [ -x /sbin/ip ] && /sbin/ip tuntap 2>&1 >/dev/null; then +if [ -x /sbin/ip ] && /sbin/ip tuntap 2>&1 >/dev/null; then if [ -n "${IF_QT_TUN_MODE}" ] && [ "${IF_QT_TUN_MODE}" = "1" ]; then DEVTYPE="tun" else DEVTYPE="tap" fi /sbin/ip tuntap del dev "${IFACE}" mode "${DEVTYPE}" -elif [ -x /usr/sbin/tunctl ]; then - /usr/sbin/tunctl -d "${IFACE}" fi diff --git a/debian/static/etc/network/if-pre-up.d/quicktun b/debian/static/etc/network/if-pre-up.d/quicktun index eafd01f..aa2b9ef 100755 --- a/debian/static/etc/network/if-pre-up.d/quicktun +++ b/debian/static/etc/network/if-pre-up.d/quicktun @@ -6,12 +6,8 @@ if [ -n "${IF_QT_TUN_MODE}" ] && [ "${IF_QT_TUN_MODE}" = "1" ]; then else DEVTYPE="tap" fi -if [ -x /usr/sbin/openvpn ]; then - /usr/sbin/openvpn --mktun --dev "${IFACE}" --dev-type "${DEVTYPE}" --user quicktun -elif [ -x /sbin/ip ] && /sbin/ip tuntap 2>&1 >/dev/null; then +if [ -x /sbin/ip ] && /sbin/ip tuntap 2>&1 >/dev/null; then /sbin/ip tuntap add dev "${IFACE}" mode "${DEVTYPE}" user quicktun -elif [ -x /usr/sbin/tunctl ]; then - /usr/sbin/tunctl -u quicktun -t "${IFACE}" else - echo "Unable to pre-create tun/tap interface. Run QuickTun as root by setting QT_NO_PRECREATE." + echo "Unable to pre-create tun/tap interface. Install iproute2 or run QuickTun as root by setting QT_NO_PRECREATE." fi diff --git a/debian/static/etc/network/if-up.d/quicktun b/debian/static/etc/network/if-up.d/quicktun index 71069e4..26fa693 100755 --- a/debian/static/etc/network/if-up.d/quicktun +++ b/debian/static/etc/network/if-up.d/quicktun @@ -5,4 +5,6 @@ if [ -z "${IF_QT_NO_PRECREATE}" ]; then else RUNUSER="root" fi -/usr/bin/daemon -n "quicktun.${IFACE}" -u "${RUNUSER}" -i -l daemon.err -b daemon.debug -o daemon.debug /usr/sbin/quicktun.debian +/usr/bin/daemon -n "quicktun.${IFACE}" -u "${RUNUSER}" -i \ + -l daemon.err -b daemon.debug -o daemon.debug \ + /usr/sbin/quicktun.debian