From d07ddbc5b98f739bebc8fd7ecdf2a6a6fe5d8375 Mon Sep 17 00:00:00 2001
From: An-Cheng Huang <ancheng@vyatta.com>
Date: Mon, 2 Nov 2009 15:46:37 -0800
Subject: use top-level pid for progress indicator

---
 scripts/install/install-functions | 14 ++++++++------
 scripts/install/install-image     | 24 ++++++++++++++++++++++--
 2 files changed, 30 insertions(+), 8 deletions(-)

diff --git a/scripts/install/install-functions b/scripts/install/install-functions
index 3bdc1fde..29707dff 100755
--- a/scripts/install/install-functions
+++ b/scripts/install/install-functions
@@ -43,18 +43,20 @@ VYATTA_CFG_DIR=${vyatta_sysconfdir}/config
 # the floppy config dir
 FD_CFG_DIR=/media/floppy/config
 
-# Process ID for progress_indicator
-SPID=$$
-
+# PROGRESS_PID can be exported by top-level script
 progress_indicator () {
+  local spid=$PROGRESS_PID
+  if [ -z "$spid" ]; then
+    spid=$$
+  fi
   case "$1" in
     start)
-      $vyatta_bindir/progress-indicator $SPID &
+      $vyatta_bindir/progress-indicator $spid &
       ;;
     *)
-      if ! rm /tmp/pi.$SPID 2>/dev/null; then
+      if ! rm /tmp/pi.$spid 2>/dev/null; then
         sleep 1
-        rm /tmp/pi.$SPID 2>/dev/null
+        rm /tmp/pi.$spid 2>/dev/null
       fi
       sleep 1
       echo -n -e "\b"
diff --git a/scripts/install/install-image b/scripts/install/install-image
index 0bf31a00..6ed0f732 100755
--- a/scripts/install/install-image
+++ b/scripts/install/install-image
@@ -5,6 +5,8 @@ source /opt/vyatta/sbin/install-functions
 
 # export INSTALL_LOG for the scripts invoked
 export INSTALL_LOG=/tmp/install-$$.log
+# export PROGRESS_PID for the scripts invoked
+export PROGRESS_PID=$$
 
 # file for get-partition output
 PART_FILE=''
@@ -114,12 +116,30 @@ fi
 trap sig_handler INT KILL
 trap exit_handler EXIT
 
+cat <<EOF
+Welcome to the Vyatta install program.  This script
+will walk you through the process of installing the
+Vyatta image to a local hard drive.
+EOF
+
+response=''
+while [ -z $response ]
+do
+  echo -n "Would you like to continue? (Yes/No) [Yes]: "
+  response=$(get_response "Yes" "Yes No Y N")
+  if [ "$response" == "no" ] || [ "$response" == "n" ]; then
+    fail_exit 'Ok then.'
+  fi
+done
+
 if is_live_cd_boot; then
   if [ -n "$NEW_ISO" ]; then
-    fail_exit 'Do not specify an image when installing from a live CD.'
+    echo 'You are trying to install from a live CD boot. The live CD image'
+    fail_exit 'will be used. Do not specify an ISO image file.'
   fi
 elif [ -z "$NEW_ISO" ]; then
-  fail_exit 'Must specify an image to install.'
+  echo 'You are trying to install from an already installed system. An ISO'
+  fail_exit 'image file to install must be specified.'
 else
   # installing on an installed system. set up the new image.
   set_up_new_iso
-- 
cgit v1.2.3


From 21a8c369143564e71bf33a760082499cbf45f8dd Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <stephen.hemminger@vyatta.com>
Date: Mon, 2 Nov 2009 17:11:15 -0800
Subject: Don't want/need --package option to pam-auth-update

---
 lib/Vyatta/Login/RadiusServer.pm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/Vyatta/Login/RadiusServer.pm b/lib/Vyatta/Login/RadiusServer.pm
index 43f78f90..f8b67830 100644
--- a/lib/Vyatta/Login/RadiusServer.pm
+++ b/lib/Vyatta/Login/RadiusServer.pm
@@ -29,12 +29,12 @@ my $PAM_RAD_END   = '# END Vyatta Radius servers';
 
 sub remove_pam_radius {
     return system("sudo DEBIAN_FRONTEND=noninteractive"
-		  . " pam-auth-update --package --remove radius") == 0;
+		  . " pam-auth-update --remove radius") == 0;
 }
 
 sub add_pam_radius {
     return system("sudo DEBIAN_FRONTEND=noninteractive"
-		  . " pam-auth-update --package --add radius") == 0;
+		  . " pam-auth-update radius") == 0;
 }
 
 sub update {
-- 
cgit v1.2.3


From 6ddbdaeb4557c04e6ad5c86f7ced922685634851 Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <stephen.hemminger@vyatta.com>
Date: Mon, 2 Nov 2009 17:13:37 -0800
Subject: Reset PAM configuration on boot

Bug 5084
Need to remove radius (and any other) PAM customizations on reboot.
---
 scripts/rl-system.init | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/scripts/rl-system.init b/scripts/rl-system.init
index 3ca02ed2..2cca5d98 100755
--- a/scripts/rl-system.init
+++ b/scripts/rl-system.init
@@ -169,6 +169,11 @@ setup_ntp_config_file () {
 	log_failure_msg "NTP template config file doesn\'t exist"
     fi
 }
+
+# restore PAM back to virgin state (no radius other services)
+pam_reset () {
+    DEBIAN_FRONTEND=noninteractive pam-auth-update unix
+}
     
 start () {
     udev_rescan
@@ -182,6 +187,7 @@ start () {
     sysctl -q -e -p /opt/vyatta/etc/vyatta-sysctl.conf ||
         log_failure_msg "can\'t configure kernel settings"
     set_ipv6_params
+    pam_reset
     update_version_info
 
     ## Clear out apt config file--it will be filled in by rtrmgr
-- 
cgit v1.2.3


From 403bb750a20b84800fbbd4d18156b11840b65ee4 Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <stephen.hemminger@vyatta.com>
Date: Mon, 2 Nov 2009 17:18:27 -0800
Subject: rename pam-radius to pam_radius.cfg

Use a reasonable suffix for file type
---
 Makefile.am                          |  2 +-
 debian/vyatta-cfg-system.postinst.in |  2 +-
 sysconf/pam-radius                   | 12 ------------
 sysconf/pam_radius.cfg               | 12 ++++++++++++
 4 files changed, 14 insertions(+), 14 deletions(-)
 delete mode 100644 sysconf/pam-radius
 create mode 100644 sysconf/pam_radius.cfg

diff --git a/Makefile.am b/Makefile.am
index 29619127..99142777 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -70,7 +70,7 @@ sysconf_DATA += sysconf/securetty
 sysconf_DATA += sysconf/vyatta-sysctl.conf
 sysconf_DATA += sysconf/blacklist.DSA-1024
 sysconf_DATA += sysconf/blacklist.RSA-2048
-sysconf_DATA += sysconf/pam-radius
+sysconf_DATA += sysconf/pam_radius.cfg
 
 libudev_SCRIPTS	 = scripts/vyatta_net_name
 etcudev_DATA	 = sysconf/vyatta-net.rules
diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in
index 95fcd1ca..3a914f7f 100644
--- a/debian/vyatta-cfg-system.postinst.in
+++ b/debian/vyatta-cfg-system.postinst.in
@@ -149,7 +149,7 @@ update-rc.d -f ssh remove >/dev/null
 sed -i 's/requisite[ \t][ \t]*pam_securetty.so/required pam_securetty.so/' $rootfsdir/etc/pam.d/login
 
 # Install pamradius config (should come with radius client eventually)
-cp $sysconfdir/pam-radius /usr/share/pam-configs/radius
+cp $sysconfdir/pam_radius.cfg /usr/share/pam-configs/radius
 
 [ grep "blacklist.*snd-pcsp" >&/dev/null ] || echo "blacklist snd-pcsp" >>/etc/modprobe.d/blacklist
 
diff --git a/sysconf/pam-radius b/sysconf/pam-radius
deleted file mode 100644
index 0409dd44..00000000
--- a/sysconf/pam-radius
+++ /dev/null
@@ -1,12 +0,0 @@
-Name: Radius authentication
-Default: no
-Priority: 512
-Auth-Type: Primary
-Auth:
-	[success=end default=ignore]	pam_radius_auth.so try_first_pass
-Auth-Initial:
-	[success=end default=ignore]	pam_radius_auth.so
-Account-Type: Primary
-Account:
-	[success=end new_authtok_reqd=done default=ignore]	pam_radius_auth.so try_first_pass
-	
diff --git a/sysconf/pam_radius.cfg b/sysconf/pam_radius.cfg
new file mode 100644
index 00000000..3b9d92fc
--- /dev/null
+++ b/sysconf/pam_radius.cfg
@@ -0,0 +1,12 @@
+Name: Radius client
+Default: yes
+Priority: 512
+Auth-Type: Primary
+Auth:
+	[success=end default=ignore]	pam_radius_auth.so try_first_pass
+Auth-Initial:
+	[success=end default=ignore]	pam_radius_auth.so
+Account-Type: Primary
+Account:
+	[success=end new_authtok_reqd=done default=ignore]	pam_radius_auth.so try_first_pass
+	
-- 
cgit v1.2.3


From 4b6feb5e30012862b6a91578914ef2194d242f31 Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <stephen.hemminger@vyatta.com>
Date: Mon, 2 Nov 2009 17:28:17 -0800
Subject: 0.15.96

---
 debian/changelog | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index c4c1a0aa..4d6c8583 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,15 @@
+vyatta-cfg-system (0.15.96) unstable; urgency=low
+
+  [ An-Cheng Huang ]
+  * use top-level pid for progress indicator
+
+  [ Stephen Hemminger ]
+  * Don't want/need --package option to pam-auth-update
+  * Reset PAM configuration on boot
+  * rename pam-radius to pam_radius.cfg
+
+ -- Stephen Hemminger <stephen.hemminger@vyatta.com>  Mon, 02 Nov 2009 17:28:17 -0800
+
 vyatta-cfg-system (0.15.95) unstable; urgency=low
 
   [ David S. Madole ]
-- 
cgit v1.2.3