#!/bin/sh
# postinst script for logdata-anomaly-miner
#
# see: dh_installdeb(1)

set -e

# summary of how this script can be called:
#        * <postinst> `configure' <most-recently-configured-version>
#        * <old-postinst> `abort-upgrade' <new version>
#        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
#          <new-version>
#        * <postinst> `abort-remove'
#        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
#          <failed-install-package> <version> `removing'
#          <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package

case "$1" in
    configure)
# Create the user to run the analysis service.
    analysisGroup="aminer"
    if [ "$(getent group "${analysisGroup}")" = "" ]; then
# Add a separate group for aitmon.
# The group does not need to be a system group, but low gid is
# preferable to avoid mixing with user groups. Using '--system'
# flag would cause gid allocation to go down from UID_MIN, not
# up from SYS_GID_MIN, so avoid using --system.
        groupadd -K GID_MIN=100 -K GID_MAX=1000 "${analysisGroup}"
    fi

    analysisUser="aminer"
    if [ "$(getent passwd "${analysisUser}")" = "" ]; then
# Add a system user, set home directory to nonexisting directory
# to avoid loading of user-defined files. Create user without
# using '--system' flag, thus allocating UIDs upwards.
        useradd -M --shell /usr/sbin/nologin --gid "${analysisGroup}" -K PASS_MAX_DAYS=-1 -K UID_MIN=100 -K UID_MAX=999 --home /nonexistent "${analysisUser}"
# There is no way to make useradd ommit assignment of subuids,
# so remove them immediately on affected systems.
        if test -e /etc/subuid; then
            usermod --del-subuids 1-4294967295 --del-subgids 1-4294967295 "${analysisUser}"
        fi

# Prohibit read access to configuration for other processes
        chown "root.${analysisGroup}" -- /etc/aminer
        chmod 00750 -- /etc/aminer
	dpkg-statoverride --update --add root "${analysisGroup}" 00750 /etc/aminer
        mkdir -p -- /var/lib/aminer
        chmod 00700 -- /var/lib/aminer
        chown "${analysisUser}.${analysisGroup}" -- /var/lib/aminer
    fi
    ;;

    abort-upgrade|abort-remove|abort-deconfigure)
    ;;

    *)
        echo "postinst called with unknown argument \`$1'" >&2
        exit 1
    ;;
esac

# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.

#DEBHELPER#

exit 0
