.deb/.rpm: various fixes related to non-root

* Explicitly chown /var/lib/osmocom to osmocom:osmocom, instead of
  relying on systemd to do it when the service starts up. This does not
  work with the systemd versions in debian 10 and almalinux 8.
* deb: Use "useradd" instead of the interactive "adduser" perl script
  from Debian. This makes it consistent with how we do it in rpm, and
  avoids the dependency on "adduser".
* deb: Consistently use tabs through the file, instead of mixing tabs
  and spaces.
* deb: Remove support for the "dpkg-statoverride --list" logic. This
  seems to be a rather obscure feature to override permissions for
  certain files or directories, for which it does not seem to be a good
  idea to make the postinst script less maintainable. Something similar
  can be achieved by using your own Osmocom config file in a different
  path with different permissions.

Related: OS#4107
Change-Id: I406ff0d625b02991d580c8382aa4be04dba45a00

3 files changed, 25 insertions, 32 deletions

diff --git a/contrib/osmo-msc.spec.in b/contrib/osmo-msc.spec.in
index e6e323ae4..ad12846bf 100644
--- a/contrib/osmo-msc.spec.in
+++ b/contrib/osmo-msc.spec.in
@@ -111,6 +111,8 @@ chown osmocom:osmocom /etc/osmocom/osmo-msc.cfg
 chmod 0660 /etc/osmocom/osmo-msc.cfg
 chown root:osmocom /etc/osmocom
 chmod 2775 /etc/osmocom
+mkdir -p /var/lib/osmocom
+chown -R osmocom:osmocom /var/lib/osmocom
 
 %check
 make %{?_smp_mflags} check || (find . -name testsuite.log -exec cat {} +)
diff --git a/debian/control b/debian/control
index 00c1b267a..64bb73c90 100644
--- a/debian/control
+++ b/debian/control
@@ -31,7 +31,7 @@ Homepage: https://osmocom.org/projects/osmomsc
 Package: osmo-msc
 Architecture: any
 Multi-Arch: foreign
-Depends: ${misc:Depends}, ${shlibs:Depends}, adduser
+Depends: ${misc:Depends}, ${shlibs:Depends}
 Recommends: osmo-mgw
 Description: OsmoMSC: Osmocom's Mobile Switching Center for 2G and 3G circuit-switched mobile networks
   The Mobile Switching Center (MSC) is the heart of 2G/3G
diff --git a/debian/postinst b/debian/postinst
index 866c31a48..80821c4e4 100755
--- a/debian/postinst
+++ b/debian/postinst
@@ -1,37 +1,28 @@
 #!/bin/sh -e
-# Create 'osmocom' user and group (if it doesn't exist yet) and adjust permissions
-# of directories which are not automatically adjusted by systemd from previous (root-owned)
-# install.
-
-# N. B: the user is intentionally NOT removed during package uninstall:
-# see https://wiki.debian.org/AccountHandlingInMaintainerScripts for reasoning.
-chperms() {
-	# chperms <user> <group> <perms> <file>
-	if ! OVERRIDE=`dpkg-statoverride --list $4 2>&1`; then
-		if [ -e $4 ]; then
-			chown $1:$2 $4
-			chmod $3 $4
-		fi
-	fi
-}
-
 case "$1" in
-  configure)
-    if ! getent passwd osmocom > /dev/null; then
-        adduser --quiet \
-                --system \
-                --group \
-                --no-create-home \
-                --disabled-password \
-                --home /var/lib/osmocom \
-                --gecos "Open Source Mobile Communications" \
-                osmocom
-    fi
-# Set permissions according to https://www.debian.org/doc/debian-policy/ch-files.html#s-permissions-owners
-    chperms osmocom osmocom 0660 /etc/osmocom/osmo-msc.cfg
-    chperms root osmocom 2775 /etc/osmocom
+	configure)
+		# Create the osmocom group and user (if it doesn't exist yet)
+		if ! getent group osmocom >/dev/null; then
+			groupadd --system osmocom
+		fi
+		if ! getent passwd osmocom >/dev/null; then
+			useradd \
+				--system \
+				--gid osmocom \
+				--home-dir /var/lib/osmocom \
+				--shell /sbin/nologin \
+				--comment "Open Source Mobile Communications" \
+				osmocom
+		fi
 
-  ;;
+		# Fix permissions of previous (root-owned) install (OS#4107)
+		chown osmocom:osmocom /etc/osmocom/osmo-msc.cfg
+		chmod 0660 /etc/osmocom/osmo-msc.cfg
+		chown root:osmocom /etc/osmocom
+		chmod 2775 /etc/osmocom
+		mkdir -p /var/lib/osmocom
+		chown -R osmocom:osmocom /var/lib/osmocom
+		;;
 esac
 
 # dh_installdeb(1) will replace this with shell code automatically