#! /bin/sh
# postinst script for rkhunter
#
# see: dh_installdeb(1)

set -e

# summary of how this script can be called:
#        * <postinst> `configure' <most-recently-configured-version>
#        * <old-postinst> `abort-upgrade' <new version>
#        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
#          <new-version>
#        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
#          <failed-install-package> <version> `removing'
#          <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package
#

. /usr/share/debconf/confmodule
DF=/etc/default/rkhunter
APT_CONF=/etc/apt/apt.conf.d/90rkhunter

case "$1" in
    configure)

    db_get rkhunter/cron_db_update || true
    case "$RET" in
        true)
        if [ -f $DF ]; then
          TEMPFILE=`mktemp` || exit 1
          sed $DF -e "s,^ *CRON_DB_UPDATE=.*,CRON_DB_UPDATE=\"yes\"," > $TEMPFILE
          mv -f $TEMPFILE $DF
          chmod 644 $DF
          rm -f $TEMPFILE
        fi
        ;;
        false)
        if [ -f $DF ]; then
          TEMPFILE=`mktemp` || exit 1
          sed $DF -e "s,^ *CRON_DB_UPDATE=.*,CRON_DB_UPDATE=\"no\"," > $TEMPFILE
          mv -f $TEMPFILE $DF
          chmod 644 $DF
          rm -f $TEMPFILE
        fi
        ;;
        *)
        ;;
    esac

    db_get rkhunter/cron_daily_run || true
    case "$RET" in
        true)
        if [ -f $DF ]; then
          TEMPFILE=`mktemp` || exit 1
          sed $DF -e "s,^ *CRON_DAILY_RUN=.*,CRON_DAILY_RUN=\"yes\"," > $TEMPFILE
          mv -f $TEMPFILE $DF
          chmod 644 $DF
          rm -f $TEMPFILE
        fi
        ;;
        false)
        if [ -f $DF ]; then
          TEMPFILE=`mktemp` || exit 1
          sed $DF -e "s,^ *CRON_DAILY_RUN=.*,CRON_DAILY_RUN=\"no\"," > $TEMPFILE
          mv -f $TEMPFILE $DF
          chmod 644 $DF
          rm -f $TEMPFILE
        fi
        ;;
        *)
        ;;
    esac

    db_get rkhunter/apt_autogen || true
    case "$RET" in
         true)
           cat > $APT_CONF <<-EOF
	// Makes sure that rkhunter file properties database is updated after each remove or install only if hashes test is enabled
	DPkg::Post-Invoke { "if [ -x /usr/bin/rkhunter ] && ( ! grep -q -E '^DISABLE_TESTS=.*(hashes.*attributes|attributes.*hashes|properties)' /etc/rkhunter.conf || grep -q -E '^ENABLE_TESTS=.*(hashes|attributes|properties)' /etc/rkhunter.conf); then /usr/bin/rkhunter --propupd; fi" }
	EOF
        ;;
        false)
           rm -f $APT_CONF
        ;;
        *)
        ;;
    esac

	# Copy the passwd/group files to the TMP directory
	# to avoid warnings when rkhunter is first run.
	# This is normally done by the installer script.
	RKH_TMP_DIR=$(grep '^TMPDIR' /etc/rkhunter.conf | sed 's/TMPDIR=//')
	cp -p /etc/passwd $RKH_TMP_DIR >/dev/null 2>&1
	cp -p /etc/group $RKH_TMP_DIR >/dev/null 2>&1

        # Only update the file properties database if the hashes and attributes
        # tests are not disabled either in /etc/rkhunter.conf AND if the automatic
        # database update is disabled
	db_get rkhunter/apt_autogen || true
        if [ "$RET" = "false" ] && ! grep -q -E '^DISABLE_TESTS=.*(hashes.*attributes|attributes.*hashes|properties)' /etc/rkhunter.conf || \
             grep -q -E '^ENABLE_TESTS=.*(hashes|attributes|properties)' /etc/rkhunter.conf; then
               # Update the file properties database
               echo "Updating the file properties database:"
               /usr/bin/rkhunter --propupd
        fi
    ;;

    abort-upgrade|abort-remove|abort-deconfigure)

    ;;

    *)
        echo "postinst called with unknown argument \`$1'" >&2
        exit 1
    ;;
esac

# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.



exit 0