#!/bin/sh

set -e

# ensure the server process has been killed before calling userdel(1)
#DEBHELPER#

# delete the _keysafe user and group, after chowning the shard storage
# to root so that it does not end up owned by another system user
if [ "$1" = "purge" ]; then
    if [ -d "/var/lib/keysafe" ]; then
        chown -R root:root /var/lib/keysafe
    fi
    userdel _keysafe || true
    # userdel may or may not remove the group (see USERGROUPS_ENAB in
    # userdel(8)), so we make an attempt to delete it
    groupdel _keysafe || true
fi

# For the time being, at the request of upstream, we don't ever delete
# /var/lib/keysafe, even on a purge

# Deleting this data has the potential to destroy the backups of
# people's private keys, so it probably shouldn't ever happen
# automatically

# We might want to revisit this before uploading to sid