The postinstall scripts generated the jwt secret with: cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1 This relies on SIGPIPE to terminate the infinite `cat /dev/urandom` once `head` has read its single line. Inside a dpkg/apt maintainer-script context the SIGPIPE disposition is not reliably delivered, so `cat /dev/urandom` spins forever, the postinstall never returns, and the whole `dpkg -i` / upgrade hangs. Read a bounded 512 bytes with `head -c` instead so nothing depends on SIGPIPE to terminate. 512 random bytes yield ~124 alphanumerics on average, so the trailing `head -c 32` reliably produces a full 32-char secret while staying dependency-free. Fixes #2660 |
||
|---|---|---|
| .. | ||
| after-install-openrc.sh | ||
| after-install.sh | ||
| go.mod | ||
| go.sum | ||
| magefile.go | ||
| reprepro-dist-conf | ||