99 lines
2.3 KiB
Bash
99 lines
2.3 KiB
Bash
#!/bin/sh -e
|
|
|
|
. /usr/share/debconf/confmodule
|
|
|
|
if [ ! -f /var/log/heimdal-kdc.log ]
|
|
then
|
|
touch /var/log/heimdal-kdc.log
|
|
chmod 600 /var/log/heimdal-kdc.log
|
|
fi
|
|
|
|
add_servers() {
|
|
kadmin_entry="kerberos-adm stream tcp nowait root /usr/sbin/tcpd /usr/lib/heimdal-servers/kadmind"
|
|
hprop_entry="#krb_prop stream tcp nowait root /usr/sbin/tcpd /usr/sbin/hpropd"
|
|
|
|
update-inetd --group KRB5 --add "$kadmin_entry"
|
|
update-inetd --group KRB5 --add "$hprop_entry"
|
|
}
|
|
|
|
enable_servers() {
|
|
update-inetd --pattern '[ \t]/usr/lib/heimdal-servers/kadmind' --enable kerberos-adm
|
|
}
|
|
|
|
# if not configured, try moving existing configuration
|
|
if [ ! -f /etc/heimdal-kdc/.configured ] &&
|
|
[ -f /var/lib/heimdal-kdc/.configured ]
|
|
then
|
|
for i in kdc.conf kadmind.acl
|
|
do
|
|
if [ -f /var/lib/heimdal-kdc/$i ]
|
|
then
|
|
mv /var/lib/heimdal-kdc/$i /etc/heimdal-kdc/$i
|
|
fi
|
|
done
|
|
mv /var/lib/heimdal-kdc/.configured /etc/heimdal-kdc/.configured
|
|
fi
|
|
|
|
# if already configured - dont reconfigure
|
|
if [ ! -f /etc/heimdal-kdc/.configured ]
|
|
then
|
|
# get default realm
|
|
# should use krb5-config setting???
|
|
if db_get krb5-config/default_realm && [ "x$RET" != "x" ]
|
|
then
|
|
default_realm="$RET"
|
|
else
|
|
default_realm="`hostname -d | tr a-z A-Z`"
|
|
fi
|
|
db_fget heimdal/realm seen
|
|
if [ "$RET" != "true" ]; then
|
|
db_set heimdal/realm "$default_realm"
|
|
fi
|
|
db_subst heimdal/realm default_realm "$default_realm"
|
|
db_input medium heimdal/realm || true
|
|
db_go
|
|
db_get heimdal/realm; REALM="$RET"
|
|
|
|
# get password
|
|
db_input medium heimdal-kdc/password || true
|
|
db_go
|
|
db_get heimdal-kdc/password; PASSWORD="$RET"
|
|
db_set heimdal-kdc/password ""
|
|
|
|
DST=/etc/heimdal-kdc/kdc.conf
|
|
cp -a /usr/share/doc/heimdal-kdc/examples/kdc.conf "$DST"
|
|
# /usr/lib/heimdal-kdc/setconfig --file "$DST" --section realms::REALM.ORG "=$REALM"
|
|
|
|
DST=/etc/heimdal-kdc/kadmind.acl
|
|
cp -a /usr/share/doc/heimdal-kdc/examples/kadmind.acl "$DST"
|
|
|
|
kstash --master-key-fd=0 <<EOF
|
|
$PASSWORD
|
|
EOF
|
|
|
|
echo -e "\n\n" | kadmin -l init "$REALM" > /dev/null
|
|
|
|
touch /etc/heimdal-kdc/.configured
|
|
fi
|
|
|
|
case "$1" in
|
|
abort-upgrade | abort-deconfigure | abort-remove)
|
|
;;
|
|
configure)
|
|
if [ -z "$2" ]
|
|
then
|
|
add_servers
|
|
elif dpkg --compare-versions "$2" le "0.7.2.dfsg.1-6"
|
|
then
|
|
enable_servers
|
|
fi
|
|
;;
|
|
*)
|
|
printf "$0: incorrect arguments: $*\n" >&2
|
|
exit 1
|
|
;;
|
|
esac
|
|
|
|
|
|
#DEBHELPER#
|