diff options
author | Jelmer Vernooij <jelmer@samba.org> | 2010-12-29 04:31:17 +0100 |
---|---|---|
committer | Jelmer Vernooij <jelmer@samba.org> | 2010-12-29 04:31:17 +0100 |
commit | 2a918c8a2a735544eeb867687adf3c91c229af49 (patch) | |
tree | 39359f2cbcb7363ab0c0078f21b952845f1c168f /debian/heimdal-kdc.postinst | |
parent | 1bc55fab42a2fe20c7bceb0a83bff46dbe4b4513 (diff) |
Import packaging.
Diffstat (limited to 'debian/heimdal-kdc.postinst')
-rw-r--r-- | debian/heimdal-kdc.postinst | 118 |
1 files changed, 118 insertions, 0 deletions
diff --git a/debian/heimdal-kdc.postinst b/debian/heimdal-kdc.postinst new file mode 100644 index 000000000..aa365d07d --- /dev/null +++ b/debian/heimdal-kdc.postinst @@ -0,0 +1,118 @@ +#!/bin/sh -e + +. /usr/share/debconf/confmodule + +if [ ! -f /var/log/heimdal-kdc.log ] +then + touch /var/log/heimdal-kdc.log + chmod 600 /var/log/heimdal-kdc.log +fi + +add_servers() { +kadmin_entry="kerberos-adm stream tcp nowait root /usr/sbin/tcpd /usr/lib/heimdal-servers/kadmind" +hprop_entry="#krb_prop stream tcp nowait root /usr/sbin/tcpd /usr/sbin/hpropd" + + update-inetd --group KRB5 --add "$kadmin_entry" + update-inetd --group KRB5 --add "$hprop_entry" +} + +enable_servers() { + update-inetd --pattern '[ \t]/usr/lib/heimdal-servers/kadmind' --enable kerberos-adm +} + +# if not configured but config exists in wrong place, try moving existing configuration +if [ ! -f /etc/heimdal-kdc/.configured ] && + [ -f /var/lib/heimdal-kdc/.configured ] +then + for i in kdc.conf kadmind.acl + do + if [ -f /var/lib/heimdal-kdc/$i ] + then + mv /var/lib/heimdal-kdc/$i /etc/heimdal-kdc/$i + ln -s /etc/heimdal-kdc/$i /var/lib/heimdal-kdc/$i + fi + done + mv /var/lib/heimdal-kdc/.configured /etc/heimdal-kdc/.configured +fi + +# Sample kdc.conf was broken in older versions, create symlink to kadmind.acl +# as a work around +if [ -n "$2" ] && dpkg --compare-versions "$2" lt 1.2.dfsg.1-3; then + # also check to make sure that the symlink to kdc.conf exists - it is + # required + for i in kdc.conf kadmind.acl + do + if [ ! -e /var/lib/heimdal-kdc/$i ] + then + ln -s /etc/heimdal-kdc/$i /var/lib/heimdal-kdc/$i + fi + done +fi + +# if already configured - dont reconfigure +if [ ! -f /etc/heimdal-kdc/.configured ] +then + # get default realm + # should use krb5-config setting??? + if db_get krb5-config/default_realm && [ "x$RET" != "x" ] + then + default_realm="$RET" + else + default_realm="`hostname -d | tr a-z A-Z`" + fi + db_fget heimdal/realm seen + if [ "$RET" != "true" ]; then + db_set heimdal/realm "$default_realm" + fi + db_subst heimdal/realm default_realm "$default_realm" + db_input medium heimdal/realm || true + db_go + db_get heimdal/realm; REALM="$RET" + + # get password + db_input medium heimdal-kdc/password || true + db_go + db_get heimdal-kdc/password; PASSWORD="$RET" + db_set heimdal-kdc/password "" + + # do stuff + DST=/etc/heimdal-kdc/kdc.conf + zcat /usr/share/doc/heimdal-kdc/examples/kdc.conf.gz > "$DST" + # note this symlink is required as we haven't patched the source + if [ ! -e /var/lib/heimdal-kdc/kdc.conf ] + then + ln -s "$DST" /var/lib/heimdal-kdc/kdc.conf + fi + + DST=/etc/heimdal-kdc/kadmind.acl + cp -a /usr/share/doc/heimdal-kdc/examples/kadmind.acl "$DST" + + kstash --master-key-fd=0 <<EOF +$PASSWORD +EOF + + kadmin -l init --realm-max-ticket-life=unlimited --realm-max-renewable-life=unlimited "$REALM" + + touch /etc/heimdal-kdc/.configured +fi + +case "$1" in +abort-upgrade | abort-deconfigure | abort-remove) + ;; +configure) + if [ -z "$2" ] + then + add_servers + elif dpkg --compare-versions "$2" le "0.7.2.dfsg.1-6" + then + enable_servers + fi + ;; +*) + printf "$0: incorrect arguments: $*\n" >&2 + exit 1 + ;; +esac + +db_stop +#DEBHELPER# |