Paste #271020 |
pasted on 26.10.2023 10:35
- Edit to this paste
- Raw
-
Compare with paste
#
Text paste
/etc/vipnet.conf
Package: vipnetclient
Homepage: https://www.vipnet.ru
Depiction: https://www.vipnet.ru
Maintainer: JSC InfoTeCS <hotline@infotecs.ru>
Author: JSC InfoTeCS <soft@infotecs.ru>
Sponsor: JSC InfoTeCS <https://www.vipnet.ru>
Section: Networking
Version: 4.15.0-26717
Architecture: amd64
Depends: procps
Conflicts: iplirservice, vipnetclient-gui
Replaces: iplirservice, vipnetclient-gui (<=4.15.0-26717)
Description: ViPNet Client for Linux by JSC InfoTeCS
ViPNet Client for Linux by JSC InfoTeCS is a VPN client to connect to ViPNet-protected networks.
ViPNet Client allows you to access the dedicated corporate resources seamlessly for the applications and the operating system using an encrypted channel based on the ViPNet technology.
Due to the symmetric encryption and sessionless communication protocol, the ViPNet technology can ensure access to the corporate resources even if the connection is poor or unstable. You will always be able to access your corporate mailbox, secure portals, document flow system, and other resources at all times.
The ViPNet technology supports simultaneous connections to several geographically distributed segments of the protected network at once with no additional configuration on the user device.
See more ViPNet products at www.vipnet.ru
#!/bin/sh
UPGRADE_DIR="/tmp/vipnetclient"
send_signal()
{
local sig="$1"
local proc_name="$2"
if which pkill >/dev/null 2>&1; then
pkill -${sig} -x ${proc_name}
elif which killall >/dev/null 2>&1; then
killall -${sig} ${proc_name}
fi
}
get_client_pids()
{
pgrep -x vipnetclient || pgrep -x /usr/bin/vipnetclient
}
reload()
{
printf "Reloading running processes "
rm -rf ${UPGRADE_DIR}
mkdir -p ${UPGRADE_DIR}
# Creating file-markers on each existing vipnetclient daemon process and send them USR1
# Use simple commands for compatibility with poor OpenWrt
for pid in $(get_client_pids); do
local uid=$(stat -c "%u" /proc/${pid} 2>/dev/null)
[ -z "$uid" ] && continue
[ $uid -ne 0 ] && continue # select only root owned processes
[ $(stat -c "%u" /proc/${pid} 2>/dev/null) -eq 0 ] || continue # select only root owned processes
local user=$(grep -awz USER /proc/${pid}/environ 2>/dev/null | tr -d '\0' | cut -c 6-)
[ -z "$user" ] && continue
echo ${pid} >${UPGRADE_DIR}/${user}
done
send_signal USR1 vipnetclient 2>/dev/null
[ "$VIPNETCLIENT_UPGRADE_RELOAD_NOWAIT" = "YES" ] && echo "" && return 0
# wait for every marker to be deleted by a reloaded process
for i in $(seq 60); do
printf "."
[ -z "$(ls -A ${UPGRADE_DIR} 2>/dev/null)" ] && break
for f in ${UPGRADE_DIR}/*; do
ls /proc 2>/dev/null | grep -w $(cat $f) >/dev/null 2>&1 || rm $f
done
sleep 2
done
if [ -z "$(ls -A ${UPGRADE_DIR} 2>/dev/null)" ]; then
printf " success\n"
else
printf " some processes are not reloaded\n"
fi
rm -rf ${UPGRADE_DIR} # not sure about it
[ -x /usr/bin/vipnetclient-webui ] && /etc/init.d/vipnetclient-webui restart
}
clean_gui()
{
# stop GUI apps if running
which pkill && pkill -f vipnetclient-gui-bin && sleep 1 && pkill --signal KILL -f vipnetclient-gui-bin
which gtk-update-icon-cache && gtk-update-icon-cache -f -t /usr/share/icons/hicolor
# update MIME types
which update-mime-database && update-mime-database /usr/share/mime
which update-desktop-database && update-desktop-database /usr/share/applications
}
configure()
{
echo "vipnetclient: begin configure"
# Set owners
chown root:root /usr/bin/vipnetclient 2>/dev/null
chown root:root $(ls -1 /etc/init.d/*vipnetclient) 2>/dev/null
chmod 755 $(ls -1 /etc/init.d/*vipnetclient) 2>/dev/null
# Set capability
/usr/bin/vipnetclient --setcap --version 2>/dev/null || echo "vipnetclient can be run under root only"
# Update man db
mandb >/dev/null 2>&1
# Create service and init scripts
if which systemctl >/dev/null 2>&1; then
if [ -f /etc/systemd/system/vipnetclientd.service ]; then
systemctl enable vipnetclientd >/dev/null 2>&1
else
systemctl enable vipnetclient >/dev/null 2>&1
fi
[ -x /usr/bin/vipnetclient-webui ] && systemctl enable vipnetclient-webui >/dev/null 2>&1
systemctl reset-failed
systemctl stop vipnetclientdaemon*
elif which update-rc.d >/dev/null 2>&1; then
update-rc.d vipnetclient defaults 90 10 >/dev/null 2>&1
[ -x /usr/bin/vipnetclient-webui ] && update-rc.d vipnetclient-webui defaults 90 10 >/dev/null 2>&1
fi
[ -x /usr/bin/vipnetclient-webui ] && /etc/init.d/vipnetclient-webui start
# Update shared libraries paths
which ldconfig >/dev/null 2>&1 && ldconfig 2>/dev/null
clean_gui >/dev/null 2>&1 # for the case of replacing gui package
# Reload and wait all running vipnetclient processes
reload
echo "vipnetclient: end configure"
}
case "$1" in
configure)
configure
;;
abort-*)
rm -rf ${UPGRADE_DIR}
;;
*)
echo "postinst called with unhandled argument $1" >&2
rm -rf ${UPGRADE_DIR}
exit 1
;;
esac
#!/bin/sh
case "$1" in
remove)
#update man db
mandb >/dev/null 2>&1
# Update shared libraries paths
which ldconfig >/dev/null 2>&1 && ldconfig 2>/dev/null
# disable service and remove init scripts
if which systemctl >/dev/null 2>&1; then
systemctl disable vipnetclient >/dev/null 2>&1
systemctl disable vipnetclientd >/dev/null 2>&1
[ -x /usr/bin/vipnetclient-webui ] && systemctl disable vipnetclient-webui >/dev/null 2>&1
elif which update-rc.d >/dev/null 2>&1; then
update-rc.d -f vipnetclient remove >/dev/null 2>&1
[ -x /usr/bin/vipnetclient-webui ] && update-rc.d -f vipnetclient-webui remove >/dev/null 2>&1
fi
rm -f /etc/rc*/*vipnetclient* >/dev/null 2>&1
true
;;
purge)
rm -f /etc/vipnet_token.conf
;;
upgrade | failed-upgrade | abort-upgrade | abort-install) ;;
*)
echo "postrm called with unhandled argument $1" >&2
exit 1
;;
esac
#!/bin/sh
RED='\e'
YELLOW='\e'
NORMAL='\e'
print_error()
{
echo -e "${RED}ERROR: $@ ${NORMAL}"
}
print_warning()
{
echo -e "${YELLOW}WARNING: $@ ${NORMAL}"
}
is_build_signed_for_astra()
{
test "NO" = "YES"
}
is_astra_os_se()
{
grep -qs -w ID=astra /etc/os-release >/dev/null 2>&1 \
&& test -e /etc/digsig/digsig_initramfs.conf
}
is_sign_check_enabled()
{
grep -qs -w DIGSIG_ELF_MODE=1 /etc/digsig/digsig_initramfs.conf >/dev/null 2>&1
}
check_compatibility()
{
is_astra_os_se || return 0
is_build_signed_for_astra && return 0
if is_sign_check_enabled; then
print_error "Installation is impossible because a signed package is required for this Astra Linux\n" \
"\bContact the administrator"
return 1
else
print_warning "You are installing unsigned package on Astra Linux\n" \
"\bThis program will stop working when executable file control will be enabled\n" \
"\bContact the administrator"
return 0
fi
}
POSTRM=vipnetclient-gui.postrm
DPKG_DIR=/var/lib/dpkg/info
TEMP_DIR=$(mktemp -d)
case "$1" in
install)
if [ -f "$DPKG_DIR/$POSTRM" ]; then
mv "$DPKG_DIR/$POSTRM" $TEMP_DIR/. # to prevent from executing old postrm if any
fi
check_compatibility || exit 1
;;
upgrade)
check_compatibility || exit 1
;;
abort-install)
[ -f "$TEMP_DIR/$POSTRM" ] && mv -f "$TEMP_DIR/$POSTRM" "$DPKG_DIR/."
;;
*)
echo "preinst called with unhandled argument $1" >&2
rm -rf $TEMP_DIR
exit 1
;;
esac
rm -rf $TEMP_DIR
#!/bin/sh
CLIENT_NAME=vipnetclient
case "$1" in
remove)
if ! [ "$2" = "in-favour" ] || ! [ "$3" = "vipnetclient-gui" ]; then
${CLIENT_NAME} --cleanup
fi
;;
abort-*) ;;
upgrade | failed-upgrade) ;;
*)
echo "prerm called with unhandled argument $1" >&2
exit 1
;;
esac
exit 0