Echo
b615a5639e
Phase 2: Core API Development - 15 REST API endpoints (packages, patches, system, jobs, websocket) - mTLS authentication layer (src/auth/mtls.rs) - IP whitelist enforcement (src/auth/whitelist.rs) - Job manager with async operation support - WebSocket streaming for job status Phase 3: Security Hardening - Security testing: 16/16 tests passing - Fuzz testing: 21 tests, all findings resolved - Threat model validation (STRIDE matrix) - TLS binding fix (critical vulnerability resolved) - Security documentation complete Phase 4: Production Readiness - Performance benchmarking (all targets met) - Package creation (.deb/.rpm structures) - Documentation (README, API docs, deployment guide) - Security hardening (6 vulnerabilities fixed) Deliverables: - API_DOCUMENTATION.md (889 lines) - DEPLOYMENT_GUIDE.md (733 lines) - SECURITY.md (346 lines) - README.md (525 lines) - debian/ package structure - linux-patch-api.spec (RPM) - install.sh installer script - benches/api_benchmarks.rs - Multiple security/performance reports Security Status: 0 vulnerabilities remaining Test Coverage: 31 unit tests, 21 integration tests Build Status: Release optimized
65 lines
1.9 KiB
Bash
Executable File
65 lines
1.9 KiB
Bash
Executable File
#!/bin/bash
|
|
# postrm script for linux-patch-api
|
|
# Created by package build system
|
|
|
|
set -e
|
|
|
|
# Handle purge - remove all configuration and data
|
|
if [ "$1" = "purge" ]; then
|
|
echo "Purging linux-patch-api configuration and data..."
|
|
|
|
# Stop service if still running
|
|
if systemctl is-active --quiet linux-patch-api.service 2>/dev/null; then
|
|
systemctl stop linux-patch-api.service
|
|
fi
|
|
|
|
# Disable service
|
|
if systemctl is-enabled --quiet linux-patch-api.service 2>/dev/null; then
|
|
systemctl disable linux-patch-api.service
|
|
fi
|
|
|
|
# Reload systemd to remove service file
|
|
systemctl daemon-reload
|
|
|
|
# Remove configuration directory (preserved by conffiles during normal remove)
|
|
if [ -d "/etc/linux_patch_api" ]; then
|
|
echo "Removing /etc/linux_patch_api..."
|
|
rm -rf /etc/linux_patch_api
|
|
fi
|
|
|
|
# Remove data directory
|
|
if [ -d "/var/lib/linux_patch_api" ]; then
|
|
echo "Removing /var/lib/linux_patch_api..."
|
|
rm -rf /var/lib/linux_patch_api
|
|
fi
|
|
|
|
# Remove log directory
|
|
if [ -d "/var/log/linux_patch_api" ]; then
|
|
echo "Removing /var/log/linux_patch_api..."
|
|
rm -rf /var/log/linux_patch_api
|
|
fi
|
|
|
|
# Remove system user
|
|
if getent passwd linux-patch-api > /dev/null 2>&1; then
|
|
echo "Removing user linux-patch-api..."
|
|
userdel linux-patch-api 2>/dev/null || true
|
|
fi
|
|
|
|
# Remove system group
|
|
if getent group linux-patch-api > /dev/null 2>&1; then
|
|
echo "Removing group linux-patch-api..."
|
|
groupdel linux-patch-api 2>/dev/null || true
|
|
fi
|
|
|
|
echo "linux-patch-api purged successfully"
|
|
fi
|
|
|
|
# Handle upgrade/remove - just ensure service is disabled
|
|
if [ "$1" = "remove" ] || [ "$1" = "upgrade" ]; then
|
|
# Service should already be stopped by prerm
|
|
# Just reload systemd to remove the service file
|
|
systemctl daemon-reload 2>/dev/null || true
|
|
fi
|
|
|
|
exit 0
|