Handle upgrade for libpam-radius-auth.

[carnet-upgrade.git] / src / functions.sh

diff --git a/src/functions.sh b/src/functions.sh
index 209d79a..6beb99b 100644 (file)
--- a/src/functions.sh
+++ b/src/functions.sh
@@ -925,6 +925,8 @@ upgrade_amavis () {
 
 # handle freerdius upgrade
 upgrade_freeradius () {
+  local password
+
   pkg freeradius-aai lt 2.1.10-1 || return 0
 
   # aai team prevents a normal upgrade
@@ -932,6 +934,20 @@ upgrade_freeradius () {
   pkgrm freeradius-aai freeradius-ldap freeradius
   rm -rf /etc/freeradius/certs
   pkgadd freeradius-aai
+
+  # sync localhost passwords
+  if pkg libpam-radius-auth && [ -f "/etc/pam_radius_auth.conf" ]; then
+    pkgadd libpam-radius-auth
+    password=$(
+      sed -n '/^[[:space:]]*client[[:space:]]\+localhost/,/^[[:space:]]*}/ { /^[[:space:]]*secret[[:space:]]*=[[:space:]]*\([^[:space:]]*\)/s//\1/p }' /etc/freeradius/clients.conf
+    )
+    if [ "$password" ] \
+       && ! grep -q "^127.0.0.1[[:space:]]\+$password[[:space:]]\+" \
+         /etc/pam_radius_auth.conf
+    then
+      sed -i.$backup_ext "s/^\(127.0.0.1[[:space:]]*\)[^[:space:]]*\(.*\)/\1$password\2/" /etc/pam_radius_auth.conf
+    fi
+  fi
 }
 
 # handle mysql 5.0 to 5.1 upgrade