#!/bin/sh
set -e

if command -v suidregister >/dev/null 2>&1 && [ -e /etc/suid.conf ]; then
	for file in chfn chsh gpasswd passwd
	do
		suidregister -s passwd /usr/bin/$file root root 4755
	done
	# We like these kinds :)
	for file in expiry chage
	do
		suidregister -s passwd /usr/bin/$file root shadow 2755
	done
else
	for file in chfn chsh gpasswd passwd
	do
		chown root.root /usr/bin/$file
		chmod 4755 /usr/bin/$file
	done
	for file in expiry chage
	do
		chown root.shadow /usr/bin/$file
		chmod 2755 /usr/bin/$file
	done
fi

if [ configure != "$1" ] ; then
    exit 0
fi

# Taken from debhelper
if [ -d /usr/doc -a ! -e /usr/doc/passwd -a -d /usr/share/doc/passwd ]; then
	ln -sf ../share/doc/passwd /usr/doc/passwd
fi

# passwd 961025-1 incorrectly did permfix on sulogin and xdm-shadow in
# shadowconfig
permfix () {
    [ -f $1 ] || return 0
    chown root:root $1
    chmod 755 $1
}
permfix /sbin/sulogin
permfix /usr/X11R6/bin/xdm-shadow

grep -q '^shadow:[^:]*:42' /etc/group && exit 0
groupadd -g 42 shadow || (
    cat <<EOF
Group ID 42 has been allocated for the shadow group.  You have either
used 42 yourself or created a shadow group with a different ID.
Please correct this problem and reconfigure with ``dpkg --configure passwd''.

Note that both user and group IDs in the range 0-99 are globally
allocated by the Debian project and must be the same on every Debian
system.
EOF

    exit 1
)

# overcome bug in old shadow-passwd postinst; these are harmless on other
# systems
chmod 644 /etc/passwd /etc/group
chown root.root /etc/passwd /etc/group

exit 0