OpenPKG Specs: postgresql/pg_passwd@c10fb90893b9 (annotated)

postgresql/pg_passwd@c10fb90893b9 (annotated)

postgresql/pg_passwd

Thu, 04 Oct 2012 20:30:05 +0200

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Thu, 04 Oct 2012 20:30:05 +0200
changeset 715: c10fb90893b9
permissions: -rw-r--r--

Correct out of date build configuration, porting to Solaris 11 network
link infrastructure and new libpcap logic. This additionally allows for
device drivers in subdirectories of /dev. Correct packaged nmap
personalities and signatures to work out of the box. Finally, hack
arpd logic to properly close sockets and quit on TERM by repeating
signaling in the run command script. Sadly, all this fails to correct
the run time behaviour of honeyd which fails to bind to the IP layer.

 #!@l_bash@
 ##
 ##  pg_passwd -- PostgreSQL Database Password Changing Utility
 ##  Copyright (c) 2007 OpenPKG Foundation e.V. <http://openpkg.net/>
 ##  Copyright (c) 2007 Ralf S. Engelschall <http://engelschall.com/>
 ##
 ##  Permission to use, copy, modify, and distribute this software for
 ##  any purpose with or without fee is hereby granted, provided that
 ##  the above copyright notice and this permission notice appear in all
 ##  copies.
 ##
 ##  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
 ##  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 ##  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 ##  IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
 ##  CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 ##  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 ##  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
 ##  USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
 ##  ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
 ##  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
 ##  OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 ##  SUCH DAMAGE.
 ##
 #   determine system username
 system_username="`(id -un) 2>/dev/null`"
 if [ ".$system_username" = . ]; then
     str="`(id) 2>/dev/null`"
     if [ ".`echo $str | grep '^uid[ 	]*=[ 	]*[0-9]*('`" != . ]; then
         system_username=`echo $str | sed -e 's/^uid[ 	]*=[ 	]*[0-9]*(//' -e 's/).*$//'`
     fi
     if [ ".$system_username" = . ]; then
         system_username="$LOGNAME"
         if [ ".$system_username" = . ]; then
             system_username="$USER"
             if [ ".$system_username" = . ]; then
                 system_username="`(whoami) 2>/dev/null | awk '{ printf("%s", $1); }'`"
                 if [ ".$system_username" = . ]; then
                     system_username="`(who am i) 2>/dev/null | awk '{ printf("%s", $1); }'`"
                 fi
             fi
         fi
     fi
 fi
 #   determine database superuser username, password and database
 superuser_username=""
 superuser_password=""
 superuser_database=""
 superuser_config_file="@l_prefix@/var/postgresql/db/pg_superuser.conf"
 if [ -r $superuser_config_file ]; then
     #   read information
     eval `. $superuser_config_file; \
           echo superuser_database=\"$superuser_database\"; \
           echo superuser_username=\"$superuser_username\"; \
           echo superuser_password=\"$superuser_password\"`
 else
     #   guess information
     superuser_username="postgresql"
     superuser_database="template1"
 fi
 #   determine requested username, database and hostname
 username="$1"
 database="$2"
 hostname="$3"
 if [ ".$username" = . ]; then
     if [ ".$system_username" = ".root" -o ".$system_username" = ".@l_rusr@" ]; then
         username="$superuser_username"
     else
         username="$system_username"
     fi
 fi
 if [ ".$database" = . ]; then
     if [ ".$username" = ".$superuser_username" ]; then
         database="$superuser_database"
     else
         database="$username"
     fi
 fi
 if [ ".$hostname" = . ]; then
     hostname="localhost"
 fi
 #   make sure that the PostgreSQL super-user password
 #   can be kept in sync with the external storage
 if [ ".$username" = ".$superuser_username" -a \
      ".$database" = ".$superuser_database" ]; then
    if [ ".$system_username" != ".root" -a ".$system_username" != ".@l_rusr@" ]; then
        echo "$0:ERROR: super-user account password can be changed by \"root\" and \"@l_rusr@\" only" 2>&1
        exit 1
    fi
    if [ -h $superuser_config_file ]; then
        echo "$0:ERROR: superuser config \"$superuser_config_file\": invalid (symbolic link)" 2>&1
        exit 1
    fi
    if [ ! -f $superuser_config_file ]; then
        echo "$0:WARNING: superuser config \"$superuser_config_file\": not existing" 2>&1
        exit 1
    elif [ ! -w $superuser_password_file ]; then
        echo "$0:ERROR: superuser config \"$superuser_config_file\": permission denied (not writeable)" 2>&1
        exit 1
    fi
 fi
 #   request old and new password
 password_old=""
 password_new=""
 password_new_verify=""
 if [ ".$username" = ".$superuser_username" -a \
      ".$database" = ".$superuser_database" ]; then
     password_old="$superuser_password"
 fi
 while [ ".$password_old" = . ]; do
     read -s -p "$username:$database:$hostname OLD password: " password_old
     echo ""
 done
 while [ ".$password_new" = . ]; do
     read -s -p "$username:$database:$hostname NEW password: " password_new
     echo ""
 done
 while [ ".$password_new_verify" = . ]; do
     read -s -p "$username:$database:$hostname NEW password (retype to verify): " password_new_verify
     echo ""
 done
 if [ ".$password_new" != ".$password_new_verify" ]; then
     echo "$0:ERROR: mismatch on NEW password" 1>&2
     exit 1
 fi
 #   change the password
 echo "ALTER ROLE $username WITH PASSWORD '$password_new'" | \
 PGPASSWORD="$password_old" @l_prefix@/bin/psql \
     -q -U $username -d $database -h $hostname -f- || exit $?
 #   update superuser configuration
 if [ ".$username" = ".$superuser_username" -a \
      ".$database" = ".$superuser_database" ]; then
     (   umask 077
         sed -e "s;.*\(superuser_password=\"\).*\(\"\).*;\1$password_new\2;" \
             <$superuser_config_file >$superuser_config_file.new || exit $?
         cp $superuser_config_file.new $superuser_config_file || exit $?
         rm -f $superuser_config_file.new || exit $?
         exit 0
     ) || {
         echo "$0:ERROR: \"$superuser_config_file\": failed to update content" 1>&2
         rm -f $superuser_config_file.new || true
         exit $?
     }
     (   superuser_database_old="$superuser_database"
         superuser_username_old="$superuser_username"
         superuser_password_old="$superuser_password"
         . $superuser_config_file
         [ ".$superuser_database" != ".$superuser_database_old" ] && exit 1
         [ ".$superuser_username" != ".$superuser_username_old" ] && exit 1
         [ ".$superuser_password"  = ".$superuser_password_old" ] && exit 1
         [ ".$superuser_password" != ".$password_new"           ] && exit 1
         exit 0
     ) || {
         echo "$0:ERROR: \"$superuser_config_file\": unexpected updated content" 1>&2
         exit $?
     }
     (   if [ ".$system_username" = ".root" ]; then
             chown @l_rusr@:@l_rgrp@ $superuser_config_file || exit $?
         fi
         chmod 600 $superuser_config_file || exit $?
         exit 0
     ) || {
         echo "$0:ERROR: \"$superuser_config_file\": failed to fixate attributes" 1>&2
         exit $?
     }
 fi

OpenPKG Specs / annotate

postgresql/pg_passwd@c10fb90893b9 (annotated)

postgresql/pg_passwd