blob: 72e7af5b6fb9548fec2e24ec6cc6d8562e6adeec (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
#!/bin/sh -e
. /usr/share/debconf/confmodule
if [ ! -f /var/log/heimdal-kdc.log ]
then
touch /var/log/heimdal-kdc.log
chmod 600 /var/log/heimdal-kdc.log
fi
add_servers() {
kadmin_entry="kerberos-adm stream tcp nowait root /usr/sbin/tcpd /usr/lib/heimdal-servers/kadmind"
hprop_entry="#krb_prop stream tcp nowait root /usr/sbin/tcpd /usr/sbin/hpropd"
update-inetd --group KRB5 --add "$kadmin_entry"
update-inetd --group KRB5 --add "$hprop_entry"
}
enable_servers() {
update-inetd --pattern '[ \t]/usr/lib/heimdal-servers/kadmind' --enable kerberos-adm
}
# if not configured, try moving existing configuration
if [ ! -f /etc/heimdal-kdc/.configured ] &&
[ -f /var/lib/heimdal-kdc/.configured ]
then
for i in kdc.conf kadmind.acl
do
if [ -f /var/lib/heimdal-kdc/$i ]
then
mv /var/lib/heimdal-kdc/$i /etc/heimdal-kdc/$i
fi
done
mv /var/lib/heimdal-kdc/.configured /etc/heimdal-kdc/.configured
fi
# if already configured - dont reconfigure
if [ ! -f /etc/heimdal-kdc/.configured ]
then
# get default realm
# should use krb5-config setting???
if db_get krb5-config/default_realm && [ "x$RET" != "x" ]
then
default_realm="$RET"
else
default_realm="`hostname -d | tr a-z A-Z`"
fi
db_fget heimdal/realm seen
if [ "$RET" != "true" ]; then
db_set heimdal/realm "$default_realm"
fi
db_subst heimdal/realm default_realm "$default_realm"
db_input medium heimdal/realm || true
db_go
db_get heimdal/realm; REALM="$RET"
# get password
db_input medium heimdal-kdc/password || true
db_go
db_get heimdal-kdc/password; PASSWORD="$RET"
db_set heimdal-kdc/password ""
DST=/etc/heimdal-kdc/kdc.conf
cp -a /usr/share/doc/heimdal-kdc/examples/kdc.conf "$DST"
# /usr/lib/heimdal-kdc/setconfig --file "$DST" --section realms::REALM.ORG "=$REALM"
DST=/etc/heimdal-kdc/kadmind.acl
cp -a /usr/share/doc/heimdal-kdc/examples/kadmind.acl "$DST"
kstash --master-key-fd=0 <<EOF
$PASSWORD
EOF
echo -e "\n\n" | kadmin -l init "$REALM" > /dev/null
touch /etc/heimdal-kdc/.configured
fi
case "$1" in
abort-upgrade | abort-deconfigure | abort-remove)
;;
configure)
if [ -z "$2" ]
then
add_servers
elif dpkg --compare-versions "$2" le "0.7.2.dfsg.1-6"
then
enable_servers
fi
;;
*)
printf "$0: incorrect arguments: $*\n" >&2
exit 1
;;
esac
#DEBHELPER#
|
