-#! /bin/sh -e
+#! /bin/sh
# postinst script for ca-certificates
#
# see: dh_installdeb(1)
# installation fails and the `postinst' is called with `abort-upgrade',
# `abort-remove' or `abort-deconfigure'.
+set -e
+
each_value() {
- echo "$l" |tr ',' '\n' | sed -e 's/^[[:space:]]*//'
+ echo "$1" |tr ',' '\n' | sed -e 's/^[[:space:]]*//'
}
memberp() {
m="$1"
l="$2"
- each_value "$1" | grep -q "^$m\$"
+ each_value "$l" | grep -q "^$m\$"
}
delca() {
case "$1" in
configure)
- if dpkg --compare-versions "$2" lt 20030414; then
- # remove old *.pem files that ca-certificates installed
- (cd /etc/ssl/certs; rm -f $(cat /usr/share/doc/ca-certificates/oldpemfiles))
- fi
+ if [ ! -e /usr/local/share/ca-certificates ]
+ then
+ if mkdir /usr/local/share/ca-certificates 2>/dev/null
+ then
+ chown root:staff /usr/local/share/ca-certificates
+ chmod 2775 /usr/local/share/ca-certificates
+ fi
+ fi
+
. /usr/share/debconf/confmodule
db_version 2.0
db_capb multiselect
CERTS_ENABLED="$RET"
# XXX unmark seen for next configuration
db_fset ca-certificates/new_crts seen false
+ # We should clean up this value now, as everyone will have
+ # upgraded to a fixed version.
+ db_fset ca-certificates/enable_crts asked_pt_br_question false
db_stop || true
if test -f /etc/ca-certificates.conf; then
# XXX: while in subshell?
if memberp "$ca" "$CERTS_ENABLED"; then
echo "$ca"
# CERTS_ENABLED=$(delca "$ca" "$CERTS_ENABLED")
+ elif memberp "$ca" "$CERTS_AVAILABLE" ||
+ echo "$line" | grep -q '^!'; then
+ echo "!$ca"
+ elif [ -f /usr/share/ca-certificates/"$ca" ] || \
+ [ -f /usr/local/share/ca-certificates/"$ca" ]; then
+ echo "$ca"
else
echo "!$ca"
fi
-e 's/^[[:space:]]*1[[:space:]]*/!/' \
>> /etc/ca-certificates.conf
fi
- update-ca-certificates
+ # fix bogus symlink to ca-certificates.crt on upgrades; see
+ # Debian #643667; drop after wheezy
+ if dpkg --compare-versions "$2" lt-nl 20111025; then
+ update-ca-certificates --fresh
+ else
+ update-ca-certificates
+ fi
;;
abort-upgrade|abort-remove|abort-deconfigure)