head	1.7;
access;
symbols;
locks; strict;
comment	@# @;


1.7
date	2001.10.19.10.55.38;	author ache;	state dead;
branches;
next	1.6;

1.6
date	2001.10.17.13.49.19;	author ache;	state Exp;
branches;
next	1.5;

1.5
date	2001.10.15.16.32.06;	author ache;	state Exp;
branches;
next	1.4;

1.4
date	2001.10.15.15.51.12;	author ache;	state Exp;
branches;
next	1.3;

1.3
date	2001.10.15.15.47.41;	author ache;	state Exp;
branches;
next	1.2;

1.2
date	2001.10.15.15.44.22;	author ache;	state Exp;
branches;
next	1.1;

1.1
date	2001.10.06.04.10.21;	author ache;	state Exp;
branches;
next	;


desc
@@


1.7
log
@Move user creation/deletion to pkg-*install
@
text
@#!/bin/sh
ex=0
USER=drweb
GROUP=${USER}
UID=426
GID=${UID}

if ! pw group show "${GROUP}" 2>/dev/null 1>&2; then
	if pw groupadd ${GROUP} -g ${GID}; then
		echo "Added group \"${GROUP}\"."
	else
		echo "Adding group \"${GROUP}\" failed..."
		ex=1
	fi
fi

if ! pw user show "${USER}" 2>/dev/null 1>&2; then
	if pw useradd ${USER} -u ${UID} -g ${GROUP} -h - \
		-s "/sbin/nologin" -d "/nonexistent" -c "Dr. Web Scanner"
	then
		echo "Added user \"${USER}\"."
	else
		echo "Adding user \"${USER}\" failed..."
		ex=1
	fi
fi

if ! grep -q "^!drweb" /etc/syslog.conf; then
  echo "You may also add this lines to your /etc/syslog.conf:"
  echo "*.*             /var/log/drwebd.log"
  echo ""
fi
if ! grep -q drweb /etc/crontab; then
  if ! crontab -l -u root | grep -q drweb; then
      echo "You may also add this crontab entry to /etc/crontab"
      echo "0 12 * * * ${BINOWN} ${PREFIX}/drweb/update/update.pl ${PREFIX}/drweb"
      echo ""
  fi
fi
[ "$ex" = "1" ] && exit 1
install -dv -m 0755 -o drweb -g ${BINGRP} ${PREFIX}/drweb/run
install -dv -m 0700 -o drweb -g ${BINGRP} ${PREFIX}/drweb/infected.!!!
exit 0
@


1.6
log
@Add drweb:drweb automatically
@
text
@@


1.5
log
@Fix permissions, sendmail dislike group-writeable dirs
@
text
@d3 12
a14 8
if ! id -u drweb > /dev/null 2>&1; then
  echo "You need an account \"drweb\" to install this package."
  echo "Please add it by hand (try \"man vipw\") and try again."
  echo ""
  echo "An example /etc/master.passwd entry is:"
  echo "drweb:*:426:426::0:0:Dr.Web Scanner:/nonexistent:/sbin/nologin"
  echo ""
  ex=1
d16 10
a25 7
if ! grep -q "^drweb:" /etc/group; then
  echo "You need a group \"drweb\" to install this package."
  echo ""
  echo "An example /etc/group entry is:"
  echo "drweb:*:426:"
  echo ""
  ex=1
d27 1
d34 5
a38 3
  echo "You may also add this crontab entry to /etc/crontab"
  echo "0 12 * * * ${BINOWN} ${PREFIX}/drweb/update/update.pl ${PREFIX}/drweb"
  echo ""
@


1.4
log
@Oops, don't allow public reading of infected.!!!
@
text
@d31 2
a32 2
install -dv -m 0775 -o ${BINOWN} -g drweb ${PREFIX}/drweb/run
install -dv -m 0770 -o ${BINOWN} -g drweb ${PREFIX}/drweb/infected.!!!
@


1.3
log
@Allow writing to infected.!!! too
@
text
@d31 2
a32 2
install -dv -m 0775 -o ${BINOWN} -g drweb ${PREFIX}/drweb/run \
	${PREFIX}/drweb/infected.!!!
@


1.2
log
@Put it into security sandbox - don't allow 'drweb' user to own any files
excepting pid/socket/temp
@
text
@d31 2
a32 1
install -dv -m 0775 -o ${BINOWN} -g drweb ${PREFIX}/drweb/run
@


1.1
log
@Run as drweb user, not as root
@
text
@d25 3
a27 5
if crontab -u drweb -l 2>&1 | grep -q "no crontab"; then
  echo "You may also use this crontab entry for \"drweb\" user:"
  echo "SHELL=/bin/sh"
  echo "MAILTO=root"
  echo "0 12 * * * ${PREFIX}/drweb/update/update.pl ${PREFIX}/drweb"
d31 1
a31 2
usrdir=${PREFIX}/drweb
chown -R drweb:drweb $usrdir
@

