#!/bin/sh -e . /usr/share/debconf/confmodule if [ ! -f /var/log/heimdal-kdc.log ] then touch /var/log/heimdal-kdc.log chmod 600 /var/log/heimdal-kdc.log fi add_servers() { kadmin_entry="kerberos-adm stream tcp nowait root /usr/sbin/tcpd /usr/lib/heimdal-servers/kadmind" hprop_entry="#krb_prop stream tcp nowait root /usr/sbin/tcpd /usr/sbin/hpropd" update-inetd --group KRB5 --add "$kadmin_entry" update-inetd --group KRB5 --add "$hprop_entry" } enable_servers() { update-inetd --pattern '[ \t]/usr/lib/heimdal-servers/kadmind' --enable kerberos-adm } # if not configured but config exists in wrong place, try moving existing configuration if [ ! -f /etc/heimdal-kdc/.configured ] && [ -f /var/lib/heimdal-kdc/.configured ] then for i in kdc.conf kadmind.acl do if [ -f /var/lib/heimdal-kdc/$i ] then mv /var/lib/heimdal-kdc/$i /etc/heimdal-kdc/$i ln -s /etc/heimdal-kdc/$i /var/lib/heimdal-kdc/$i fi done mv /var/lib/heimdal-kdc/.configured /etc/heimdal-kdc/.configured fi # Sample kdc.conf was broken in older versions, create symlink to kadmind.acl # as a work around if [ -n "$2" ] && dpkg --compare-versions "$2" lt 1.2.dfsg.1-3; then # also check to make sure that the symlink to kdc.conf exists - it is # required for i in kdc.conf kadmind.acl do if [ ! -e /var/lib/heimdal-kdc/$i ] then ln -s /etc/heimdal-kdc/$i /var/lib/heimdal-kdc/$i fi done fi # if already configured - dont reconfigure if [ ! -f /etc/heimdal-kdc/.configured ] then db_get heimdal/realm; REALM="$RET" # get password db_get heimdal-kdc/password; PASSWORD="$RET" db_set heimdal-kdc/password "" # do stuff DST=/etc/heimdal-kdc/kdc.conf cat /usr/share/heimdal-kdc/kdc.conf > "$DST" # note this symlink is required as we haven't patched the source if [ ! -e /var/lib/heimdal-kdc/kdc.conf ] then ln -s "$DST" /var/lib/heimdal-kdc/kdc.conf fi DST=/etc/heimdal-kdc/kadmind.acl cp -a /usr/share/heimdal-kdc/kadmind.acl "$DST" if [ -z "$PASSWORD" ]; then kstash --random-key else kstash --master-key-fd=0 <&2 exit 1 ;; esac #DEBHELPER#