Hi On Wed, Aug 22, 2012 at 01:54:44PM +0100, David Cho-Lerat wrote: > Hi all, > > I've done some RTFM, but can't yet find where the helper > scripts to use in maintainer scripts (preinst/postrm/..) are > described. > > How does one automate the following in the preinst scripts, > for instance :
Pre-inst? It is quite uncommon do need to do much in the PRE-installation script. Most things end up in the post-installation scripts - e.g. many of the existing packages which create users do so in their post-installation scripts. > > 1. create a user *and* set their password Hm... Try looking in the exim4-base postinst script (if you have exim installed, you should have a copy in /var/lib/dpkg/info/exim4-base.postinst) Basically a fragment in the style of: if ! getent passwd yournewuser > /dev/null ; then adduser ... fi Setting a password for the user: That's a very strange thing to do in an installation script, as it implies that the password is predictable. Which is probably a very bad idea for security. However, you can probably get the installation to generate a random password and set it (but this still leaves the problem of communicating the password out in a secure fasion): password=$( perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..16)' ) echo "newuser:$password" | chpasswd If it is a system-type user, then the user should not be able to log in anyway, so it will be not be necessary to create a password. Just create it with: adduser --system --disabled-login ... > 2. ssh-keygen with no user input ("Enter passphrase") If this is to give the user an SSH key, then this is a probably a bad idea: The private part of the key should really never leave his desktop. But generating user-keys is really no different than generating server keys - have a look in the preinst/postinst scripts of e.g. openssh-server for inspiration. > 3. add/edit some MySQL tables without knowing the MySQL root password Another odd case, but not entirely unheard of. You may be able to use the 'debian-sys-maint' user: mysql --defaults-file=/etc/mysql/debian.cnf < yourscript.sql But I'm not convinced that this is the "correct" usage of the debian-sys-maint user. > I've fooled around with Expect for 1. and 2., and tried > mysqld_safe --skip-grant-tables for 3., but I feel > lame (and I have to have my preinst script stop/start the > MySQL server during install) .. Sounds pretty bad if you need to restart the MySQL server. And during PRE-INST? As I hinted at earlier, doing this in the post-inst script is much more common (if common at all). There is always the possibility that installation may fail - and then you're left with figuring out how to revert things out that the preinst script did. > If I'm not asking the correct list, I'm sorry, but could you please > direct me to the documentation I should read or other mailing list > I should contact ? debian-devel would probably be a better place, as many of the package maintainers hang out there... Hope this helps -- Karl E. Jorgensen -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120822133211.GA19601@hawking