1 files changed, 59 insertions, 0 deletions

diff --git a/security/sfs/pkg-install b/security/sfs/pkg-install
new file mode 100644
index 000000000000..468cdef3e4cc
--- /dev/null
+++ b/security/sfs/pkg-install
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+if [ "$2" != "POST-INSTALL" ]; then
+	exit 0
+fi
+
+KEYFILE="$PKG_PREFIX/etc/sfs/sfs_host_key"
+
+USER=sfs
+GROUP=sfs
+
+SFSDIR=/var/spool/sfs
+
+echo -n "Checking for group '$GROUP'... "
+
+if ! pw groupshow $GROUP >/dev/null 2>&1; then
+	echo "doesn't exist, adding."
+	pw groupadd $GROUP -g 71
+else
+	echo "exists."
+fi
+
+echo -n "Checking for user '$USER'... "
+
+if ! pw usershow $USER >/dev/null 2>&1; then
+	echo "doesn't exist, adding."
+	pw useradd $USER -u 71 -c 'Self-Certifying File System' -d /nonexistent -g $GROUP -s /sbin/nologin -h -
+else
+	echo "exists."
+fi
+
+echo -n "Checking for SFS directory ($SFSDIR)... "
+
+if [ -d "$SFSDIR" ]; then
+	echo "already exists."
+else
+	echo "creating."
+	mkdir $SFSDIR
+fi
+
+chmod 750 $SFSDIR
+chown $USER:$GROUP $SFSDIR
+
+echo -n "Checking for SFS host key ($KEYFILE)... "
+
+if [ -f "$KEYFILE" ]; then
+	echo "already exists, not generating."
+else
+	echo "doesn't exist, generating."
+	echo "Starting sfscd for entropy services."
+	$PKG_PREFIX/sbin/sfscd
+	echo -n "Sleeping ten seconds to give sfscd time to start up... "
+	sleep 10
+	echo "done."
+	$PKG_PREFIX/bin/sfskey gen -KP -n `uname -n` $KEYFILE
+	echo -n "Key generation done, killing sfscd... "
+	kill -TERM `cat /var/run/sfscd.pid`
+	echo "done."
+fi