# really can't emphasize this enough.
#
ldap {
- server = "debian.local"
+ server = "#HOSTNAME#"
# identity = "cn=admin,o=My Org,c=UA"
# password = mypass
port = 389
- basedn = "dc=local,dc=hr"
+ basedn = "#BASEDN#"
filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
# base_filter = "(objectclass=radiusprofile)"
# handle freerdius config files upgrade
upgrade_freeradius () {
- local template config_new password realm
+ local template config_new password realm hostname basedn
pkg freeradius-aai lt 2.1.3-0lenny0 || return 0
restore_config freeradius-aai freeradius 2.1.3-0lenny0 \
/etc/freeradius/clients.conf \
/etc/freeradius/hints \
- /etc/freeradius/ldap.attrmap \
- /etc/freeradius/radiusd.conf
+ /etc/freeradius/ldap.attrmap
# handle template based configs
+ template=/usr/share/carnet-upgrade/files/etc/freeradius/radiusd.conf.template
+ config_new=$(mktemp /var/lib/carnet-upgrade/radiusd.conf.XXXXXX)
+ basedn=$(sed -n '/^[[:space:]]*suffix[[:space:]]*/ {
+ s///; s/"//g; p; q }' /etc/ldap/slapd.conf)
+ hostname=$(hostname -f)
+ cp $template $config_new
+ sed -i "s/#HOSTNAME#/$hostname/" $config_new
+ sed -i "s/#BASEDN#/$basedn/" $config_new
+ if cmp -s $config_new /etc/freeradius/radiusd.conf >/dev/null; then
+ log "Restoring config file /etc/freeradius/radiusd.conf"
+ cp -v /usr/share/carnet-upgrade/files/etc/freeradius/radiusd.conf.restore \
+ /etc/freeradius/radiusd.conf
+ fi
+ rm -f $config_new
+
template=/usr/share/carnet-upgrade/files/etc/freeradius/eap.conf.template
config_new=$(mktemp /var/lib/carnet-upgrade/eap.conf.XXXXXX)
password=$(grep -s '^[[:space:]]*private_key_password[[:space:]]*=' \
projects / carnet-upgrade.git / commitdiff