#!/bin/bash set -e # postinst script for ja4sentinel .deb package case "$1" in configure) # Create ja4sentinel user and group if they don't exist if ! getent group ja4sentinel > /dev/null 2>&1; then groupadd --system ja4sentinel fi if ! getent passwd ja4sentinel > /dev/null 2>&1; then useradd --system \ --gid ja4sentinel \ --home-dir /var/lib/ja4sentinel \ --no-create-home \ --shell /usr/sbin/nologin \ ja4sentinel fi # Create necessary directories mkdir -p /var/lib/ja4sentinel mkdir -p /var/run/ja4sentinel mkdir -p /var/log/ja4sentinel mkdir -p /etc/ja4sentinel # Set proper ownership chown -R ja4sentinel:ja4sentinel /var/lib/ja4sentinel chown -R ja4sentinel:ja4sentinel /var/run/ja4sentinel chown -R ja4sentinel:ja4sentinel /var/log/ja4sentinel chown -R ja4sentinel:ja4sentinel /etc/ja4sentinel # Set proper permissions chmod 750 /var/lib/ja4sentinel chmod 750 /var/log/ja4sentinel chmod 750 /etc/ja4sentinel # Install default config if it doesn't exist if [ ! -f /etc/ja4sentinel/config.yml ]; then cp /usr/share/ja4sentinel/config.yml /etc/ja4sentinel/config.yml chown ja4sentinel:ja4sentinel /etc/ja4sentinel/config.yml chmod 640 /etc/ja4sentinel/config.yml fi # Enable and start the service (if running in a real system, not container) if [ -x /bin/systemctl ] && [ -d /run/systemd/system ]; then systemctl daemon-reload systemctl enable ja4sentinel.service if ! systemctl is-active --quiet ja4sentinel.service; then systemctl start ja4sentinel.service fi fi ;; abort-upgrade|abort-remove|abort-deconfigure) # On abort, do nothing special ;; *) echo "postinst called with unknown argument '$1'" >&2 exit 1 ;; esac exit 0