post_install() {
	if ! getent group named &>/dev/null; then
		groupadd -g 40 named >/dev/null
	fi
	if ! getent passwd named &>/dev/null; then
		useradd -u 40 -c "BIND DNS Server" -g named -G adm -d /var/named -s /bin/nologin named >/dev/null
	fi
	passwd -l named >/dev/null

	touch var/log/named.log
	chown named:named var/log/named.log

	# create an rndc.key if it doesn't already exist
	if [[ ! -s etc/rndc.key ]]; then
		usr/sbin/rndc-confgen -r /dev/urandom -b 256 | head -n 5 >>etc/rndc.key
		chown root:named etc/rndc.key
		chmod 640 etc/rndc.key
	fi

	if ! groups named | grep adm &>/dev/null; then
		gpasswd -a named adm >/dev/null
	fi
	named_shell=$(getent passwd named | cut -d: -f7)
	if [ "$named_shell" != '/bin/nologin' ]; then
		chsh -s /bin/nologin named &>/dev/null
	fi
}

post_upgrade() {
	post_install
}

post_remove() {
	if getent passwd named &>/dev/null; then
		userdel named >/dev/null
	fi
	if getent group clamav &>/dev/null; then
		groupdel named >/dev/null
	fi
}
