Cleanup postinst to avoid recursive chown of database

[onak.git] / debian / postinst

diff --git a/debian/postinst b/debian/postinst
index da6c3eb29a1e4809d008ddcde9bcc4722de7a0a8..b5d02ac6e53ed17d5d9caa7835f1345c60aeec04 100644 (file)
--- a/debian/postinst
+++ b/debian/postinst
@@ -11,7 +11,7 @@ if [ "$1" = "configure" ]; then
                 # file. onak will use the file extension to determine it's
                 # an old style config, so we need the symlink.
                 ln -s /etc/onak.conf.dpkg-backup /etc/onak.conf
-                /usr/bin/onak -c /etc/onak.conf dumpconfig /etc/onak.ini
+                onak -c /etc/onak.conf dumpconfig /etc/onak.ini
                 rm /etc/onak.conf
         fi
     fi
@@ -19,6 +19,14 @@ if [ "$1" = "configure" ]; then
     # Add the onak user
     adduser --system --home /var/lib/onak --no-create-home --disabled-login onak
 
+    # Take ownership of the database and spool directory
+    chown onak /var/lib/onak
+    chown onak /var/spool/onak
+
+    # Create our logfile
+    touch /var/log/onak.log
+    chown onak /var/log/onak.log
+
     #
     # If we're using a default config and there's no onak database, create it
     # by adding my key.
@@ -27,17 +35,9 @@ if [ "$1" = "configure" ]; then
             grep -q "^location=/var/lib/onak" /etc/onak.ini &&
             [ ! -e /var/lib/onak/num_keydb -a \
                 -e /usr/share/doc/onak/noodles.key.gz ]; then
-        zcat /usr/share/doc/onak/noodles.key | onak -b add
+        zcat /usr/share/doc/onak/noodles.key | runuser -u onak -- onak -b add
     fi
 
-    # Take ownership of the database and spool directory
-    chown -R onak /var/lib/onak
-    chown -R onak /var/spool/onak
-
-    # Create our logfile
-    touch /var/log/onak.log
-    chown onak /var/log/onak.log
-
     # Make the CGI tools setuid onak
     for i in /usr/lib/cgi-bin/pks/*
     do