}
log() {
+ local old_umask
logfile=${logfile:=/var/log/carnet-upgrade.log}
- touch $logfile
+
+ old_umask=$(umask)
+ umask 0077
+
echo "$(date +'%Y-%m-%d %H:%M:%S') $*" >> $logfile
echo "CN: $*"
+
+ umask $old_umask
+ chmod og= $logfile
}
# find first free uid/gid in range
rm -f $packages
}
-# if apache is installed make sure it's version 2
-check_apache_version () {
+# if php is installed make sure it's version 5
+check_php_version () {
+
+ if pkg php4-cn && ! pkg php5-cn; then
+ # prepare for php upgrade by installing php5 extensions
+ install_php5_extensions
- if pkg apache-cn && ! pkg apache2-cn; then
notice "
-Prije prelaska na Debian Etch potrebno je napraviti nadogradnju sa Apache 1.3 na Apache 2.0.
+Prije prelaska na Debian Lenny potrebno je napraviti nadogradnju sa PHP 4 na PHP 5.
Pokrenite:
# apt-get update
- # apt-get install apache2-cn
+ # apt-get install php5-cn
-Nakon toga ponovno pozovite ovu skriptu."
- log "carnet-upgrade aborted, upgrade to apache2-cn needed."
+Nakon sto provjerite da sve web aplikacije rade ispravno, ponovno pozovite ovu skriptu."
+ log "carnet-upgrade aborted, upgrade to php5-cn needed."
exit 1
fi
}
+# install php5 extensions based on installed php4 extensions
+install_php5_extensions () {
+ local php4_list php5_pkg
+
+ # get a list of installed php4 packages
+ php4_list=$(mktemp /var/lib/carnet-upgrade/php4_list.XXXXXX)
+ dpkg -l php4-\* | awk '/^ii/ {
+ pkg=$2; sub("^php4", "php5", pkg); print pkg }' > $php4_list
+
+ # compare it with the list of available php5 packages
+ php5_pkg=$(apt-cache search -n ^php5- | cut -d' ' -f 1 \
+ | grep -F -x -f $php4_list | grep -F -x -v php5-cn)
+
+ # handle special cases
+ if pkg php4-xslt; then
+ php5_pkg="$php5_pkg php5-xsl"
+ fi
+
+ # install the required php5 modules
+ if [ "$php5_pkg" ]; then
+ pkgadd $php5_pkg
+ fi
+
+ # cleanup
+ rm -f $php4_list
+}
+
# if grsec is installed make sure it is fresh
check_grsec_kernel () {
local ver=`uname -r`
return 0
fi
- if [ "$ver" = "${ver#2.6.2[4-9]}" ] || reboot_required; then
+ if [ "$ver" = "${ver#2.6.2[4-9]}" ]; then
# kernel too old
notice "
Prije prelaska na Debian Lenny potrebno je napraviti nadogradnju na najnoviji kernel.
fi
}
+check_reboot () {
+ reboot_required || return 0
+
+ LC_MESSAGES=hr_HR dialog --backtitle "$title" --yesno "$reboot_warning" 18 +75
+ if [ $? -eq 0 ]; then
+ log "Reboot before continuing."
+ exit 0
+ else
+ log "Proceed without reboot."
+ fi
+}
+
# check if the latest kernel is booted
reboot_required () {
local default_kernel kernel_package running_release running_version
if [ -z "$default_kernel" -a -r "/boot/grub/menu.lst" ]; then
default_kernel=$( awk '
$1 == "default" { default = $2;
- if (default != /^[[:digit:]]+$/) { exit } }
+ if (default !~ /^[0-9]+$/) { exit } }
$1 == "title" { title+=1 }
$1 == "kernel" && title==default+1 { print $2; exit }' \
/boot/grub/menu.lst 2>/dev/null )
log "Default kernel package: $kernel_package"
- if [ "$kernel_package" != "kernel-2.6-cn" ]; then
- log "Default kernel package is not kernel-2.6-cn"
- return 1
- fi
-
running_release=$( uname -r )
running_version=$( uname -v )
log "Running kernel: $running_release $running_version"
[ -x /etc/init.d/freeradius ] && /etc/init.d/freeradius start || true
else
log "slapd backup already at $ldap_backup, skipping."
- notice "Backup slapd baze u $ldap_backup vec postoji!"
+ #notice "Backup slapd baze u $ldap_backup vec postoji!"
fi
}
umask $old_umask
else
log "/etc backup already present in $etc_backup, skipping."
- notice "Backup /etc direktorija u $etc_backup vec postoji!"
+ #notice "Backup /etc direktorija u $etc_backup vec postoji!"
fi
}
# force reconfiguration at the end if package is not upgraded automatically
if [ "$config_changed" -a "$cn_package" ]; then
cn_version=$( dpkg -s "$cn_package" | awk '/^Version:/ {print $2}' )
- post_upgrade "pkg $cn_package eq $cn_version && dpkg-reconfigure $cn_package"
+ post_upgrade "pkg $cn_package gt $cn_version || dpkg-reconfigure $cn_package"
fi
}
restore_config spamassassin-cn razor 1:2.85-1 /etc/razor/razor-agent.conf
restore_config kernel-2.6-cn libpam-modules 1.0.1-5 /etc/security/limits.conf
restore_config samba-cn samba-common 2:3.2.5-4lenny2 /etc/samba/smb.conf
+ restore_config '' base-files 5lenny2 /etc/issue /etc/issue.net
+ restore_config php5-cn php5-cli 5.2.6.dfsg.1-1+lenny2 /etc/php5/cli/php.ini
+ restore_config php5-cn libapache2-mod-php5 5.2.6.dfsg.1-1+lenny2 /etc/php5/apache2/php.ini
# check if monitrc is template based
if [ -f /etc/monit/monitrc -a ! -f /etc/monit/monitrc.$backup_ext ]; then
rm -f $config_new
fi
-# restore_config base-files 4 /etc/issue /etc/issue.net
-# restore_config base-files 4 /etc/issue /etc/issue.net
# restore_config login 1:4.0.18.1 /etc/pam.d/login
# restore_config mysql-server 5.0.3 /etc/init.d/mysql \
# /etc/logrotate.d/mysql-server \
fi
}
+# remove unsupported php version
+remove_php4 () {
+ # leave the configuration just in case
+ pkgrm_only php4-common || true
+}
+
+# check if package is orphaned (nothing depends on it)
+is_orphaned () {
+ local package deps
+
+ package=$1
+ deps=$(apt-get remove -s $package | grep ^Remv | wc -l)
+ if [ "$deps" -eq 1 ]; then
+ return 0
+ else
+ return 1
+ fi
+}
+
+# remove old and unused libraries
+remove_orphaned () {
+ local package
+
+ for package in $orphaned_packages; do
+ if is_orphaned $package; then
+ pkgrm $package
+ fi
+ done
+}
+
# monit it causing problems for postinst scripts
# restarting daemons so try to disable it
disable_monit () {
# make a silent upgrade to new libc6
upgrade_libc () {
- DEBIAN_FRONTEND=noninteractive pkgadd libc6
+ DEBIAN_FRONTEND=noninteractive pkgadd libc6 tzdata
}
-# upgrade apache2 to etch
+# upgrade apache2 to lenny
upgrade_apache2 () {
local package packages
for package in \
- libapache2-mod-php4 \
- php4-cli \
- php4-cgi \
- php4-cn \
+ libapache2-mod-php5 \
+ php5-cli \
+ php5-cn \
apache2-cn \
- php4-odbc \
- php4-suhosin \
+ php5-odbc \
+ php5-suhosin \
php-suhosin-cn
do
if pkg $package; then
fi
done
- # enable suhosin downgrade to etch version
- if pkg php4-suhosin; then
- pkgrm php4-suhosin php-suhosin-cn
- fi
-
eval pkgadd $packages
}
local conf
# remove init script diversion before upgrade
- if pkg amavisd-cn lt 3:2.4.2-4; then
+ if pkg amavisd-cn lt 3:2.6.1-1; then
if [ -L /etc/init.d/amavis -a -f /etc/init.d/amavis.amavisd-new ]; then
rm -vf /etc/init.d/amavis
dpkg-divert --remove /etc/init.d/amavis
/etc/init.d/amavis restart
}
-# fix openldap-aai postinst user handling
-upgrade_openldap () {
+# handle freerdius config files upgrade
+upgrade_freeradius () {
+ local template config_new password realm
+
+ pkg freeradius-aai lt 2.1.3-0lenny0 || return 0
+
+ # handle static configs
+ restore_config freeradius-aai freeradius 2.1.3-0lenny0 \
+ /etc/freeradius/clients.conf \
+ /etc/freeradius/hints \
+ /etc/freeradius/ldap.attrmap \
+ /etc/freeradius/radiusd.conf
+
+ # handle template based configs
+ template=/usr/share/carnet-upgrade/files/etc/freeradius/eap.conf.template
+ config_new=$(mktemp /var/lib/carnet-upgrade/eap.conf.XXXXXX)
+ password=$(grep -s '^[[:space:]]*private_key_password[[:space:]]*=' \
+ /etc/freeradius/eap.conf)
+ cp $template $config_new
+ sed -i "s/.*#PASSWORD#.*/$password/" $config_new
+ if cmp -s $config_new /etc/freeradius/eap.conf >/dev/null; then
+ log "Restoring config file /etc/freeradius/eap.conf"
+ cp -v /usr/share/carnet-upgrade/files/etc/freeradius/eap.conf.restore \
+ /etc/freeradius/eap.conf
+ fi
+ rm -f $config_new
+
+ template=/usr/share/carnet-upgrade/files/etc/freeradius/proxy.conf.template
+ config_new=$(mktemp /var/lib/carnet-upgrade/proxy.conf.XXXXXX)
+ realm=$(sed -n '/^[[:space:]]*suffix[[:space:]]*/ {
+ s///; s/"//g; s/,dc=/./g; s/dc=//; s/.hr$//; p; q }' /etc/ldap/slapd.conf)
+ cp $template $config_new
+ sed -i "s/#REALM#/$realm/" $config_new
+ if cmp -s $config_new /etc/freeradius/proxy.conf >/dev/null; then
+ log "Restoring config file /etc/freeradius/proxy.conf"
+ cp -v /usr/share/carnet-upgrade/files/etc/freeradius/proxy.conf.restore \
+ /etc/freeradius/proxy.conf
+ fi
+ rm -f $config_new
+
+ # install the new packages
+ if ! apt-get -y install freeradius; then
+ # freeradius upgrade fails here, try to fix it by creating certificates
+ [ -x /etc/freeradius/certs/bootstrap ] && /etc/freeradius/certs/bootstrap
+
+ dpkg --configure -a
+ apt-get -y -f install
+ fi
+
+ # finally try to cleanup this mess
+ pkgadd freeradius-aai
+}
+
+# prepare for slapd upgrade (caused by freeradius installation)
+prepare_openldap () {
pkg openldap-aai lt 2.4 || return 0
# openldap-aai expects org.ldif to exists
if [ -f $ldif ]; then
cp -v $ldif $ldif_backup
fi
+}
+
+# fix openldap-aai postinst user handling
+upgrade_openldap () {
+ pkg openldap-aai lt 2.4 || return 0
# slapd postinst fails if move_old_database is false
echo 'slapd slapd/move_old_database boolean true' | debconf-set-selections
pkgadd slapd
# slapd removes org.ldif during switch from ldap -> openldap user
+ local ldif=/var/lib/ldap/org.ldif
+ local ldif_backup=/var/lib/carnet-upgrade/org.ldif
if [ -f $ldif_backup -a ! -f $ldif ]; then
cp -v $ldif_backup $ldif
fi
/etc/udev/rules.d/compat.rules
do
if [ -e $config ]; then
- mv -v $config /etc/udev/
+ rm -v -f $config
fi
done
fix_issue () {
cat > /etc/issue <<EOF
Debian GNU/Linux 5.0 (CARNet Debian 5.0) \\n \\l
+
EOF
cat > /etc/issue.net <<EOF
projects / carnet-upgrade.git / blobdiff