From 505f69ee1540581eef2465dc420525213d278473 Mon Sep 17 00:00:00 2001 From: Emil Renner Berthing Date: Sat, 18 Nov 2017 19:34:34 +0100 Subject: space_server: radius: clean up configuration Disable all the unused auth methods --- roles/space_server/templates/radius/getusers.sh.j2 | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) mode change 100644 => 100755 roles/space_server/templates/radius/getusers.sh.j2 (limited to 'roles/space_server/templates') diff --git a/roles/space_server/templates/radius/getusers.sh.j2 b/roles/space_server/templates/radius/getusers.sh.j2 old mode 100644 new mode 100755 index e77758b..e6413d1 --- a/roles/space_server/templates/radius/getusers.sh.j2 +++ b/roles/space_server/templates/radius/getusers.sh.j2 @@ -1,10 +1,16 @@ #!/bin/sh -if curl -s -4 -k '{{ radius_passwords.download_url }}' -o /etc/raddb/users.new; then - if ! diff -q /etc/raddb/users /etc/raddb/users.new >/dev/null; then - mv -f /etc/raddb/users.new /etc/raddb/mods-config/files/authorize - systemctl restart radiusd.service - fi -else - rm -f /etc/raddb/users.new +set -e + +outfile='/etc/raddb/mods-config/files/authorize' +tmpfile="$(mktemp /tmp/getusers.XXXXXXXX)" +cleanup() { + rm -f "$tmpfile" +} +trap cleanup EXIT SIGINT SIGTERM + +curl -s -o "$tmpfile" '{{ radius_passwords.download_url }}' +if ! diff -q "$tmpfile" "$outfile" >/dev/null; then + install -m0640 "$tmpfile" "$outfile" + systemctl restart radiusd.service fi -- cgit v1.2.1