packages: krb5/kadmind.init, krb5/kerberos.sysconfig, krb5/krb5kdc.init - u...
baggins
baggins at pld-linux.org
Thu Jun 4 13:18:06 CEST 2009
Author: baggins Date: Thu Jun 4 11:18:06 2009 GMT
Module: packages Tag: HEAD
---- Log message:
- use KERBEROS_REALM setting
- fix KERBEROS_DATABASE definition
- database may be in LDAP, don't fail if it's not found in file
---- Files affected:
packages/krb5:
kadmind.init (1.7 -> 1.8) , kerberos.sysconfig (1.4 -> 1.5) , krb5kdc.init (1.4 -> 1.5)
---- Diffs:
================================================================
Index: packages/krb5/kadmind.init
diff -u packages/krb5/kadmind.init:1.7 packages/krb5/kadmind.init:1.8
--- packages/krb5/kadmind.init:1.7 Sat Sep 27 00:37:42 2003
+++ packages/krb5/kadmind.init Thu Jun 4 13:18:01 2009
@@ -37,6 +37,8 @@
case "$1" in
start)
if [ ! -f "$KERBEROS_DATABASE" ] ; then
+ # It MAY be in LDAP
+ if ! grep -q 'db_library.*=.*kldap' /etc/krb5.conf ; then
cat << END_OF_MSG
Kerberos database could not be found in $KERBEROS_DATABASE!
You have to create Kerberos database prior to running administrative server.
@@ -47,6 +49,7 @@
END_OF_MSG
exit 1
+ fi
fi
if [ -f "$KERBEROS_KPROPD_ACL_FILE" ] ; then
show "This service should only be run on the master server for a realm!"
@@ -67,7 +70,7 @@
# Check if the service is already running?
if [ ! -f /var/lock/subsys/kadmind ]; then
msg_starting "Kerberos V5 Administrative Server"
- daemon kadmind
+ daemon kadmind ${KERBEROS_REALM:+-r ${KERBEROS_REALM}} $KADMIND_ARGS
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/kadmind
else
================================================================
Index: packages/krb5/kerberos.sysconfig
diff -u packages/krb5/kerberos.sysconfig:1.4 packages/krb5/kerberos.sysconfig:1.5
--- packages/krb5/kerberos.sysconfig:1.4 Fri Mar 30 23:22:55 2007
+++ packages/krb5/kerberos.sysconfig Thu Jun 4 13:18:01 2009
@@ -13,7 +13,7 @@
KERBEROS_REALM=
# Kerberos database
-KERBEROS_DATABASE_FILE="/var/lib/kerberos/principal"
+KERBEROS_DATABASE="/var/lib/kerberos/principal"
# Kerberos Propagation Client ACL file used on slave KDCs
# Must contain principals for each of the KDCs
@@ -25,3 +25,7 @@
# This option specifies how the KDC responds to kerberos V4 requests
# for tickets. Possible options are: none/disable/full/nopreauth
KERBEROS_V4_MODE="none"
+
+KADMIND_ARGS=
+
+KRB5KDC_ARGS=
================================================================
Index: packages/krb5/krb5kdc.init
diff -u packages/krb5/krb5kdc.init:1.4 packages/krb5/krb5kdc.init:1.5
--- packages/krb5/krb5kdc.init:1.4 Sat Sep 27 00:37:42 2003
+++ packages/krb5/krb5kdc.init Thu Jun 4 13:18:01 2009
@@ -36,6 +36,8 @@
case "$1" in
start)
if [ ! -f "${KERBEROS_DATABASE}" ] ; then
+ # It MAY be in LDAP
+ if ! grep -q 'db_library.*=.*kldap' /etc/krb5.conf ; then
cat << END_OF_MSG
Kerberos database could not be found in ${KERBEROS_DATABASE}!
You have to create Kerberos database prior to running KDC server.
@@ -45,12 +47,13 @@
See kdb5_util(8) for more information.
END_OF_MSG
exit 1
+ fi
fi
# Check if the service is already running?
if [ ! -f /var/lock/subsys/krb5kdc ]; then
msg_starting "Kerberos V5 KDC"
- daemon krb5kdc -4 ${KERBEROS_V4_MODE} -d ${KERBEROS_DATABASE}
+ daemon krb5kdc -4 ${KERBEROS_V4_MODE} ${KERBEROS_REALM:+-r ${KERBEROS_REALM}} -d ${KERBEROS_DATABASE} $KRB5KDC_ARGS
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/krb5kdc
else
================================================================
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/krb5/kadmind.init?r1=1.7&r2=1.8&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/krb5/kerberos.sysconfig?r1=1.4&r2=1.5&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/krb5/krb5kdc.init?r1=1.4&r2=1.5&f=u
More information about the pld-cvs-commit
mailing list