#!/bin/bash
# Copyright 2019 RackTop Systems Inc. and/or its affiliates.
# http://www.racktopsystems.com
#
# The methods and techniques utilized herein are considered TRADE SECRETS
# and/or CONFIDENTIAL unless otherwise noted. REPRODUCTION or DISTRIBUTION
# is FORBIDDEN, in whole and/or in part, except by express written permission
# of RackTop Systems.
SECURED_CF="/etc/racktop/secured/secured.conf"
[ ! -f "${SECURED_CF}" ] && \
{
printf "Error: %s\n" \
"Config file ${SECURED_CF} is missing; cannot continue" >&2
exit 1
}
# AllowEnroll is likely already enabled, but we won't worry about it if it is.
# We just make sure here that there's not a assymmetric situation where only
# 1/2 of the mechanism is enabled.
sed -e 's/AllowUnenroll = false/AllowUnenroll = true/g' \
-e 's/AllowEnroll = false/AllowEnroll = true/g' < "${SECURED_CF}" \
> "${SECURED_CF}.tmp"
# Just rename the config file to .prev and then rename .tmp to secured.conf
if ! mv "${SECURED_CF}" "${SECURED_CF}.prev" 2>/dev/null; then
printf "Error: failed to rename config file" >&2
exit 1
fi
if ! mv "${SECURED_CF}.tmp" "${SECURED_CF}" 2>/dev/null; then
printf "Error: failed to replace config file" >&2
exit 1
fi
svcadm restart secured
exit 0