diff --git a/hooks/conf_regen/06-slapd b/hooks/conf_regen/06-slapd
index 12e37f0058..3aacc6fbb5 100755
--- a/hooks/conf_regen/06-slapd
+++ b/hooks/conf_regen/06-slapd
@@ -18,7 +18,8 @@
# along with this program. If not, see .
#
-set -e
+# Exit hook on subcommand error or unset variable
+set -Eeuo pipefail
tmp_backup_dir_file="/root/slapd-backup-dir.txt"
@@ -101,13 +102,14 @@ do_pre_regen() {
rm -f "$tmp_backup_dir_file"
# Define if we need to migrate from hdb to mdb
- curr_backend=$(grep '^database' /etc/ldap/slapd.conf 2> /dev/null | awk '{print $2}')
- if [ -e /etc/ldap/slapd.conf ] && [ -n "$curr_backend" ] \
- && [ $curr_backend != 'mdb' ]; then
- backup_dir="/var/backups/dc=yunohost,dc=org-${curr_backend}-$(date +%s)"
- mkdir -p "$backup_dir"
- slapcat -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif"
- echo "$backup_dir" > "$tmp_backup_dir_file"
+ if [ -e /etc/ldap/slapd.conf ]; then
+ curr_backend=$(grep '^database' /etc/ldap/slapd.conf | awk '{print $2}')
+ if [ "$curr_backend" != 'mdb' ]; then
+ backup_dir="/var/backups/dc=yunohost,dc=org-${curr_backend}-$(date +%s)"
+ mkdir -p "$backup_dir"
+ slapcat -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif"
+ echo "$backup_dir" > "$tmp_backup_dir_file"
+ fi
fi
# create needed directories
@@ -121,8 +123,8 @@ do_pre_regen() {
cp -a ldap.conf "$ldap_dir"
cp -a sudo.ldif mailserver.ldif permission.ldif "$schema_dir"
- mkdir -p ${pending_dir}/etc/systemd/system/slapd.service.d/
- cp systemd-override.conf ${pending_dir}/etc/systemd/system/slapd.service.d/ynh-override.conf
+ mkdir -p "$pending_dir/etc/systemd/system/slapd.service.d/"
+ cp systemd-override.conf "$pending_dir/etc/systemd/system/slapd.service.d/ynh-override.conf"
install -D -m 644 slapd.default "${pending_dir}/etc/default/slapd"
}
@@ -139,7 +141,9 @@ do_post_regen() {
# Fix weird scenarios where /etc/sudo-ldap.conf doesn't exists (yet is supposed to be
# created by the sudo-ldap package) : https://github.com/YunoHost/issues/issues/2091
- [ -e /etc/sudo-ldap.conf ] || ln -s /etc/ldap/ldap.conf /etc/sudo-ldap.conf
+ if [ ! -e /etc/sudo-ldap.conf ]; then
+ ln -s /etc/ldap/ldap.conf /etc/sudo-ldap.conf
+ fi
# If we changed the systemd ynh-override conf
if echo "$regen_conf_files" | sed 's/,/\n/g' | grep -q "^/etc/systemd/system/slapd.service.d/ynh-override.conf$"; then
@@ -162,19 +166,23 @@ objectClass: top"
nscd -i group
fi
- [ -z "$regen_conf_files" ] && exit 0
+ if [ -z "$regen_conf_files" ]; then
+ exit 0
+ fi
# regenerate LDAP config directory from slapd.conf
echo "Regenerate LDAP config directory from config.ldif"
_regenerate_slapd_conf
# If there's a backup, re-import its data
- backup_dir=$(cat "$tmp_backup_dir_file" 2> /dev/null || true)
- if [[ -n "$backup_dir" && -f "${backup_dir}/dc=yunohost-dc=org.ldif" ]]; then
- # regenerate LDAP config directory and import database as root
- echo "Import the database using slapadd"
- slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif"
- chown -R openldap:openldap /var/lib/ldap 2>&1
+ if [ -f "$tmp_backup_dir_file" ]; then
+ backup_dir=$(cat "$tmp_backup_dir_file")
+ if [[ -n "$backup_dir" && -f "${backup_dir}/dc=yunohost-dc=org.ldif" ]]; then
+ # regenerate LDAP config directory and import database as root
+ echo "Import the database using slapadd"
+ slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif"
+ chown -R openldap:openldap /var/lib/ldap 2>&1
+ fi
fi
echo "Running slapdindex"
@@ -184,4 +192,4 @@ objectClass: top"
systemctl force-reload slapd
}
-do_$1_regen ${@:2}
+"do_$1_regen" "${@:2}"
diff --git a/hooks/conf_regen/09-nslcd b/hooks/conf_regen/09-nslcd
index dafd9b1cc6..d65142f133 100755
--- a/hooks/conf_regen/09-nslcd
+++ b/hooks/conf_regen/09-nslcd
@@ -18,7 +18,8 @@
# along with this program. If not, see .
#
-set -e
+# Exit hook on subcommand error or unset variable
+set -Eeuo pipefail
do_init_regen() {
do_pre_regen ""
@@ -40,4 +41,4 @@ do_post_regen() {
|| systemctl restart nslcd
}
-do_$1_regen ${@:2}
+"do_$1_regen" "${@:2}"
diff --git a/hooks/conf_regen/10-apt b/hooks/conf_regen/10-apt
index 630d148062..f31f822a65 100755
--- a/hooks/conf_regen/10-apt
+++ b/hooks/conf_regen/10-apt
@@ -18,7 +18,8 @@
# along with this program. If not, see .
#
-set -e
+# Exit hook on subcommand error or unset variable
+set -Eeuo pipefail
readonly YNH_DEFAULT_PHP_VERSION=8.2
@@ -28,7 +29,7 @@ do_pre_regen() {
mkdir --parents "${pending_dir}/etc/apt/preferences.d"
# Add sury
- mkdir -p ${pending_dir}/etc/apt/sources.list.d/
+ mkdir -p "$pending_dir/etc/apt/sources.list.d/"
echo "deb [signed-by=/etc/apt/trusted.gpg.d/extra_php_version.gpg] https://packages.sury.org/php/ $(lsb_release --codename --short) main" > "${pending_dir}/etc/apt/sources.list.d/extra_php_version.list"
# Ban some packages from sury
@@ -91,11 +92,9 @@ Pin-Priority: -1
}
do_post_regen() {
- regen_conf_files=$1
-
# Purge expired keys (such as sury 95BD4743)
- EXPIRED_KEYS="$(LC_ALL='en_US.UTF-8' apt-key list 2> /dev/null | grep -A1 'expired:' | grep -v 'expired\|^-' | sed 's/\s//g')"
- for KEY in $EXPIRED_KEYS; do apt-key del $KEY 2> /dev/null; done
+ EXPIRED_KEYS="$(LC_ALL='en_US.UTF-8' apt-key list 2> /dev/null | grep -A1 'expired:' | grep -v 'expired\|^-' | sed 's/\s//g' || true)"
+ for KEY in $EXPIRED_KEYS; do apt-key del "$KEY" 2> /dev/null; done
# Add sury key
# We do this only at the post regen and if the key doesn't already exists, because we don't want the regenconf to fuck everything up if the regenconf runs while the network is down
@@ -114,4 +113,4 @@ do_post_regen() {
fi
}
-do_$1_regen ${@:2}
+"do_$1_regen" "${@:2}"