#!/usr/bin/perl # remove old link unlink ("/etc/alternatives/sudo") if ( -l "/etc/alternatives/sudo"); # complain if no sudoers file is present if ( ! -f "/etc/sudoers") { print "WARNING: /etc/sudoers not present!\n"; } # handle state directory transition from /var/run/sudo to /var/lib/sudo, # moving any existing content over to avoid re-lecturing existing users if ( -d "/var/run/sudo") { system ('mkdir -p /var/lib/sudo'); system ('(cd /var/run/sudo ; tar cf - .) | (cd /var/lib/sudo ; tar xf -)'); system ('rm -rf /var/run/sudo'); } # make sure sudoers has the correct permissions and owner/group system ('chown root:root /etc/sudoers'); system ('chmod 440 /etc/sudoers'); # must do a remove first to un-do the "bad" links created by previous version system ('update-rc.d -f sudo remove >/dev/null 2>&1'); system ('update-rc.d sudo start 75 2 3 4 5 . >/dev/null'); # create symlink to ease transition to new path for ldap config # if old config file exists and new one doesn't if (-e "/etc/ldap/ldap.conf" && ! -e "/etc/sudo-ldap.conf") { system("ln -s ldap/ldap.conf /etc/sudo-ldap.conf"); } # make sure we have a sudo group exit 0 if getgrnam("sudo"); # we're finished if there is a group sudo $gid = 27; # start searcg with gid 27 setgrent; while (getgrgid($gid)) { ++$gid; } endgrent; if ($gid != 27) { print "On Debian we normally use gid 27 for 'sudo'.\n"; $gname = getgrgid(27); print "However, on your system gid 27 is group '$gname'.\n\n"; print "Would you like me to stop configuring sudo so that you can change this? [n] "; $ans = ; if ($ans =~ m/^[yY].*/) { print "'dpkg --pending --configure' will restart the configuration.\n\n\n"; exit 1; } } print "Creating group 'sudo' with gid = $gid\n"; system("groupadd -g $gid sudo"); # if we've gotten this far .. remove the saved, unchanged old sudoers file system ('rm -f /etc/sudoers.pre-conffile'); print "";