contrib/systemd: run as osmocom user
I have verified that with AmbientCapabilities=CAP_SYS_NICE, setting
scheduling policy as described in the manual still works as expected.
Related: OS#4107
Change-Id: Ibb83c231231b39dc6732c0f375aeb3b21f3938ef
diff --git a/debian/postinst b/debian/postinst
new file mode 100755
index 0000000..be12373
--- /dev/null
+++ b/debian/postinst
@@ -0,0 +1,38 @@
+#!/bin/sh -e
+case "$1" in
+ configure)
+ # Create the osmocom group and user (if it doesn't exist yet)
+ if ! getent group osmocom >/dev/null; then
+ groupadd --system osmocom
+ fi
+ if ! getent passwd osmocom >/dev/null; then
+ useradd \
+ --system \
+ --gid osmocom \
+ --home-dir /var/lib/osmocom \
+ --shell /sbin/nologin \
+ --comment "Open Source Mobile Communications" \
+ osmocom
+ fi
+
+ # Fix permissions of previous (root-owned) install (OS#4107)
+ if dpkg --compare-versions "$2" le "1.13.0"; then
+ if [ -e /etc/osmocom/osmo-mgw.cfg ]; then
+ chown -v osmocom:osmocom /etc/osmocom/osmo-mgw.cfg
+ chmod -v 0660 /etc/osmocom/osmo-mgw.cfg
+ fi
+
+ if [ -d /etc/osmocom ]; then
+ chown -v root:osmocom /etc/osmocom
+ chmod -v 2775 /etc/osmocom
+ fi
+
+ mkdir -p /var/lib/osmocom
+ chown -R -v osmocom:osmocom /var/lib/osmocom
+ fi
+ ;;
+esac
+
+# dh_installdeb(1) will replace this with shell code automatically
+# generated by other debhelper scripts.
+#DEBHELPER#