#!/bin/bash

#Preupgrade Assistant performs system upgradability assessment
#and gathers information required for successful operating system upgrade.
#Copyright (C) 2013 Red Hat Inc.
#Petr Stodulka <pstodulk@redhat.com>
#
#This program is free software: you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation, either version 3 of the License, or
#(at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program.  If not, see <http://www.gnu.org/licenses/>.
. /usr/share/preupgrade/common.sh
check_applies_to "openssh-server"
#END GENERATED SECTION

grep -qE "^\s*AuthorizedKeysCommand\s+/usr/libexec/openssh/ssh-keycat" /etc/ssh/sshd_config

[[ $? -ne 0 ]] && {
  log_medium_risk "The ssh-keycat files are moved to the openssh-keycat package."
  echo "The following ssh-keycat files are moved to the openssh-keycat package:
- /etc/pam.d/ssh-keycat
- /usr/libexec/openssh/ssh-keycat
- /usr/share/doc/openssh-server-5.3p1/HOWTO.ssh-keycat

To use ssh-keycat, install the openssh-keycat package.
" >> solution.txt
  exit $RESULT_FAIL
}


log_high_risk "The ssh-keycat utility is a part of the openssh-keycat package in CentOS 7."
msg="The ssh-keycat utility is moved to its own openssh-keycat package, which is"
msg+=" installed automatically by the postupgrade script if the"
msg+=" repository with the openssh-keycat package is available during the downloading of the"
msg+=" packages by the CentOS Upgrade Tool. However, the repository is usually"
msg+=" available only for subscribed CentOS 7 systems. Create"
msg+=" your own repository with the ssh-keycat package, or"
msg+=" change your system settings to be able to connect by using ssh"
msg+=" without the ssh-keycat package. Change the settings back manually after"
msg+=" the upgrade is finished, and after ssh-keycat is installed on the target"
msg+=" system."
echo "$msg" >> solution.txt

cp install-openssh-keycat.sh $POSTUPGRADE_DIR/install-openssh-keycat.sh
exit $RESULT_FAIL


