[Midnightbsd-cvs] src [7188] trunk/etc: update the startup scripts to work with the new kerberos
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Tue Jul 28 07:46:32 EDT 2015
Revision: 7188
http://svnweb.midnightbsd.org/src/?rev=7188
Author: laffer1
Date: 2015-07-28 07:46:31 -0400 (Tue, 28 Jul 2015)
Log Message:
-----------
update the startup scripts to work with the new kerberos
Modified Paths:
--------------
trunk/etc/defaults/rc.conf
trunk/etc/rc.d/Makefile
trunk/etc/rc.d/SERVERS
trunk/etc/rc.d/kadmind
trunk/etc/rc.d/kpasswdd
Added Paths:
-----------
trunk/etc/rc.d/ipropd_master
trunk/etc/rc.d/ipropd_slave
trunk/etc/rc.d/kdc
Removed Paths:
-------------
trunk/etc/rc.d/kerberos
Modified: trunk/etc/defaults/rc.conf
===================================================================
--- trunk/etc/defaults/rc.conf 2015-07-28 11:10:51 UTC (rev 7187)
+++ trunk/etc/defaults/rc.conf 2015-07-28 11:46:31 UTC (rev 7188)
@@ -95,7 +95,7 @@
fsck_y_flags="" # Additional flags for fsck -y
background_fsck="YES" # Attempt to run fsck in the background where possible.
background_fsck_delay="60" # Time to wait (seconds) before starting the fsck.
-netfs_types="nfs:NFS oldnfs:OLDNFS smbfs:SMB portalfs:PORTAL nwfs:NWFS" # Net filesystems.
+netfs_types="nfs:NFS oldnfs:OLDNFS smbfs:SMB" # Net filesystems.
extra_netfs_types="NO" # List of network extra filesystem types for delayed
# mount at startup (or NO).
@@ -300,13 +300,28 @@
#
# kerberos. Do not run the admin daemons on slave servers
#
-kerberos5_server_enable="NO" # Run a kerberos 5 master server (or NO).
-kerberos5_server="/usr/libexec/kdc" # path to kerberos 5 KDC
-kerberos5_server_flags="--detach" # Additional flags to the kerberos 5 server
-kadmind5_server_enable="NO" # Run kadmind (or NO)
-kadmind5_server="/usr/libexec/kadmind" # path to kerberos 5 admin daemon
-kpasswdd_server_enable="NO" # Run kpasswdd (or NO)
-kpasswdd_server="/usr/libexec/kpasswdd" # path to kerberos 5 passwd daemon
+kdc_enable="NO" # Run a kerberos 5 KDC (or NO).
+kdc_program="/usr/libexec/kdc" # path to kerberos 5 KDC
+kdc_flags="" # Additional flags to the kerberos 5 KDC
+kadmind_enable="NO" # Run kadmind (or NO)
+kadmind_program="/usr/libexec/kadmind" # path to kadmind
+kpasswdd_enable="NO" # Run kpasswdd (or NO)
+kpasswdd_program="/usr/libexec/kpasswdd" # path to kpasswdd
+kfd_enable="NO" # Run kfd (or NO)
+kfd_program="/usr/libexec/kfd" # path to kerberos 5 kfd daemon
+kfd_flags=""
+ipropd_master_enable="NO" # Run Heimdal incremental propagation daemon
+ # (master daemon).
+ipropd_master_program="/usr/libexec/ipropd-master"
+ipropd_master_flags="" # Flags to ipropd-master.
+ipropd_master_keytab="/etc/krb5.keytab" # keytab for ipropd-master.
+ipropd_master_slaves="" # slave node names used for /var/heimdal/slaves.
+ipropd_slave_enable="NO" # Run Heimdal incremental propagation daemon
+ # (slave daemon).
+ipropd_slave_program="/usr/libexec/ipropd-slave"
+ipropd_slave_flags="" # Flags to ipropd-slave.
+ipropd_slave_keytab="/etc/krb5.keytab" # keytab for ipropd-slave.
+ipropd_slave_master="" # master node name.
gssd_enable="NO" # Run the gssd daemon (or NO).
gssd_flags="" # Flags for gssd.
@@ -575,7 +590,7 @@
sendmail_procname="/usr/sbin/sendmail" # sendmail process name
sendmail_flags="-L sm-mta -bd -q30m" # Flags to sendmail (as a server)
sendmail_cert_create="YES" # Create a server certificate if none (YES/NO)
-sendmail_cert_cn="CN" # CN of the generated certificate
+#sendmail_cert_cn="CN" # CN of the generate certificate
sendmail_submit_enable="YES" # Start a localhost-only MTA for mail submission
sendmail_submit_flags="-L sm-mta -bd -q30m -ODaemonPortOptions=Addr=localhost"
# Flags for localhost-only MTA
@@ -627,7 +642,8 @@
ldconfig_insecure="NO" # Set to YES to disable ldconfig security checks
ldconfig_paths="/usr/lib/compat /usr/local/lib /usr/local/lib/compat/pkg"
# shared library search paths
-ldconfig32_paths="/usr/lib32" # 32-bit compatibility shared library search paths
+ldconfig32_paths="/usr/lib32 /usr/lib32/compat"
+ # 32-bit compatibility shared library search paths
ldconfig_paths_aout="/usr/lib/compat/aout /usr/local/lib/aout"
# a.out shared library search paths
ldconfig_local_dirs="/usr/local/libdata/ldconfig"
Modified: trunk/etc/rc.d/Makefile
===================================================================
--- trunk/etc/rc.d/Makefile 2015-07-28 11:10:51 UTC (rev 7187)
+++ trunk/etc/rc.d/Makefile 2015-07-28 11:46:31 UTC (rev 7188)
@@ -14,11 +14,11 @@
gbde geli geli2 gptboot gssd \
hastd hcsecd \
hostapd hostid hostid_save hostname \
- inetd initrandom \
+ ipropd_master ipropd_slave inetd initrandom \
ip6addrctl ipfilter ipfs ipfw ipmon \
ipnat ipsec \
jail \
- kadmind kerberos keyserv kld kldxref kpasswdd \
+ kadmind kdc keyserv kld kldxref kpasswdd \
ldconfig local localpkg lockd lpd \
mdnsd mdnsresponder mixer motd \
mountcritlocal mountcritremote mountlate \
Modified: trunk/etc/rc.d/SERVERS
===================================================================
--- trunk/etc/rc.d/SERVERS 2015-07-28 11:10:51 UTC (rev 7187)
+++ trunk/etc/rc.d/SERVERS 2015-07-28 11:46:31 UTC (rev 7188)
@@ -3,7 +3,7 @@
# $MidnightBSD$
# PROVIDE: SERVERS
-# REQUIRE: mountcritremote abi ldconfig savecore watchdogd
+# REQUIRE: mountcritremote abi ldconfig savecore watchdogd kdc
# This is a dummy dependency, for early-start servers relying on
# some basic configuration.
Added: trunk/etc/rc.d/ipropd_master
===================================================================
--- trunk/etc/rc.d/ipropd_master (rev 0)
+++ trunk/etc/rc.d/ipropd_master 2015-07-28 11:46:31 UTC (rev 7188)
@@ -0,0 +1,40 @@
+#!/bin/sh
+#
+# $MidnightBSD$
+#
+
+# PROVIDE: ipropd_master
+# REQUIRE: kdc
+# KEYWORD: shutdown
+
+. /etc/rc.subr
+
+name=ipropd_master
+rcvar=${name}_enable
+required_files="$ipropd_master_keytab"
+start_precmd=${name}_start_precmd
+start_postcmd=${name}_start_postcmd
+
+ipropd_master_start_precmd()
+{
+
+ if [ -z "$ipropd_master_slaves" ]; then
+ warn "\$ipropd_master_slaves is empty."
+ return 1
+ fi
+ for _slave in $ipropd_master_slaves; do
+ echo $_slave
+ done > /var/heimdal/slaves || return 1
+ command_args="$command_args \
+ --keytab=\"$ipropd_master_keytab\" \
+ --detach \
+ "
+}
+ipropd_master_start_postcmd()
+{
+
+ echo "${name}: slave nodes: $ipropd_master_slaves"
+}
+
+load_rc_config $name
+run_rc_command "$1"
Property changes on: trunk/etc/rc.d/ipropd_master
___________________________________________________________________
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Added: trunk/etc/rc.d/ipropd_slave
===================================================================
--- trunk/etc/rc.d/ipropd_slave (rev 0)
+++ trunk/etc/rc.d/ipropd_slave 2015-07-28 11:46:31 UTC (rev 7188)
@@ -0,0 +1,32 @@
+#!/bin/sh
+#
+# $MidnightBSD$
+#
+
+# PROVIDE: ipropd_slave
+# REQUIRE: kdc
+# KEYWORD: shutdown
+
+. /etc/rc.subr
+
+name=ipropd_slave
+rcvar=${name}_enable
+required_files="$ipropd_slave_keytab"
+start_precmd=${name}_start_precmd
+
+ipropd_slave_start_precmd()
+{
+
+ if [ -z "$ipropd_slave_master" ]; then
+ warn "\$ipropd_slave_master is empty."
+ return 1
+ fi
+ command_args=" \
+ $command_args \
+ --keytab=\"$ipropd_slave_keytab\" \
+ --detach \
+ $ipropd_slave_master"
+}
+
+load_rc_config $name
+run_rc_command "$1"
Property changes on: trunk/etc/rc.d/ipropd_slave
___________________________________________________________________
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Modified: trunk/etc/rc.d/kadmind
===================================================================
--- trunk/etc/rc.d/kadmind 2015-07-28 11:10:51 UTC (rev 7187)
+++ trunk/etc/rc.d/kadmind 2015-07-28 11:46:31 UTC (rev 7188)
@@ -1,20 +1,27 @@
#!/bin/sh
#
-# $FreeBSD: src/etc/rc.d/kadmind,v 1.4 2004/10/07 13:55:26 mtm Exp $
# $MidnightBSD$
-# PROVIDE: kadmin
-# REQUIRE: kerberos
-# BEFORE: DAEMON
+# PROVIDE: kadmind
+# REQUIRE: kdc
+# KEYWORD: shutdown
. /etc/rc.subr
-name="kadmind5"
+name=kadmind
+rcvar=${name}_enable
+required_vars=kdc_enable
+start_precmd=${name}_start_precmd
+
+set_rcvar_obsolete kadmind5_server_enable kadmind_enable
+set_rcvar_obsolete kadmind5_server kadmind_program
+set_rcvar_obsolete kerberos5_server_enable kdc_enable
+
+kadmind_start_precmd()
+{
+
+ command_args="$command_args &"
+}
+
load_rc_config $name
-rcvar="kadmind5_server_enable"
-unset start_cmd
-command="${kadmind5_server}"
-command_args="&"
-required_vars="kerberos5_server_enable"
-
run_rc_command "$1"
Added: trunk/etc/rc.d/kdc
===================================================================
--- trunk/etc/rc.d/kdc (rev 0)
+++ trunk/etc/rc.d/kdc 2015-07-28 11:46:31 UTC (rev 7188)
@@ -0,0 +1,26 @@
+#!/bin/sh
+#
+# $MidnightBSD$
+
+# PROVIDE: kdc
+# REQUIRE: NETWORKING
+# KEYWORD: shutdown
+
+. /etc/rc.subr
+
+name=kdc
+rcvar=${name}_enable
+start_precmd=${name}_start_precmd
+
+set_rcvar_obsolete kerberos5_server_enable kdc_enable
+set_rcvar_obsolete kerberos5_server kdc_program
+set_rcvar_obsolete kerberos5_server_flags kdc_flags
+
+kdc_start_precmd()
+{
+
+ command_args="$command_args --detach"
+}
+
+load_rc_config $name
+run_rc_command "$1"
Property changes on: trunk/etc/rc.d/kdc
___________________________________________________________________
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Deleted: trunk/etc/rc.d/kerberos
===================================================================
--- trunk/etc/rc.d/kerberos 2015-07-28 11:10:51 UTC (rev 7187)
+++ trunk/etc/rc.d/kerberos 2015-07-28 11:46:31 UTC (rev 7188)
@@ -1,17 +0,0 @@
-#!/bin/sh
-#
-# $FreeBSD: src/etc/rc.d/kerberos,v 1.6.4.2 2008/01/29 07:15:46 mtm Exp $
-# $MidnightBSD$
-
-# PROVIDE: kerberos
-# REQUIRE: NETWORKING
-
-. /etc/rc.subr
-
-name="kerberos5"
-rcvar="kerberos5_server_enable"
-
-load_rc_config $name
-command="${kerberos5_server}"
-kerberos5_flags="${kerberos5_server_flags}"
-run_rc_command "$1"
Modified: trunk/etc/rc.d/kpasswdd
===================================================================
--- trunk/etc/rc.d/kpasswdd 2015-07-28 11:10:51 UTC (rev 7187)
+++ trunk/etc/rc.d/kpasswdd 2015-07-28 11:46:31 UTC (rev 7188)
@@ -4,17 +4,25 @@
#
# PROVIDE: kpasswdd
-# REQUIRE: kadmin
-# BEFORE: DAEMON
+# REQUIRE: kdc
+# KEYWORD: shutdown
. /etc/rc.subr
-name="kpasswdd"
+name=kpasswdd
+rcvar=${name}_enable
+required_vars=kdc_enable
+start_precmd=${name}_start_precmd
+
+set_rcvar_obsolete kpasswdd_server_enable kpasswdd_enable
+set_rcvar_obsolete kpasswdd_server kpasswdd_program
+set_rcvar_obsolete kerberos5_server_enable kdc_enable
+
+kpasswdd_start_precmd()
+{
+
+ command_args="$command_args &"
+}
+
load_rc_config $name
-rcvar="kpasswdd_server_enable"
-unset start_cmd
-command="${kpasswdd_server}"
-command_args="&"
-required_vars="kadmind5_server_enable"
-
run_rc_command "$1"
More information about the Midnightbsd-cvs
mailing list