Date: Thursday, October 20, 2011 @ 22:57:57 Author: stephane Revision: 141000
db-move: moved krb5 from [testing] to [core] (x86_64) Added: krb5/repos/core-x86_64/PKGBUILD (from rev 140998, krb5/repos/testing-x86_64/PKGBUILD) krb5/repos/core-x86_64/krb5-1.9.1-2011-006.patch (from rev 140998, krb5/repos/testing-x86_64/krb5-1.9.1-2011-006.patch) krb5/repos/core-x86_64/krb5-1.9.1-canonicalize-fallback.patch (from rev 140998, krb5/repos/testing-x86_64/krb5-1.9.1-canonicalize-fallback.patch) krb5/repos/core-x86_64/krb5-1.9.1-config-script.patch (from rev 140998, krb5/repos/testing-x86_64/krb5-1.9.1-config-script.patch) krb5/repos/core-x86_64/krb5-kadmind (from rev 140998, krb5/repos/testing-x86_64/krb5-kadmind) krb5/repos/core-x86_64/krb5-kdc (from rev 140998, krb5/repos/testing-x86_64/krb5-kdc) Deleted: krb5/repos/core-x86_64/PKGBUILD krb5/repos/core-x86_64/krb5-1.9.1-canonicalize-fallback.patch krb5/repos/core-x86_64/krb5-1.9.1-config-script.patch krb5/repos/core-x86_64/krb5-kadmind krb5/repos/core-x86_64/krb5-kdc krb5/repos/testing-x86_64/ ----------------------------------------+ PKGBUILD | 176 ++++++++++++++++--------------- krb5-1.9.1-2011-006.patch | 75 +++++++++++++ krb5-1.9.1-canonicalize-fallback.patch | 116 ++++++++++---------- krb5-1.9.1-config-script.patch | 54 ++++----- krb5-kadmind | 80 +++++++------- krb5-kdc | 80 +++++++------- 6 files changed, 331 insertions(+), 250 deletions(-) Deleted: core-x86_64/PKGBUILD =================================================================== --- core-x86_64/PKGBUILD 2011-10-21 02:57:56 UTC (rev 140999) +++ core-x86_64/PKGBUILD 2011-10-21 02:57:57 UTC (rev 141000) @@ -1,85 +0,0 @@ -# $Id$ -# Maintainer: Stéphane Gaudreault <steph...@archlinux.org> - -pkgname=krb5 -pkgver=1.9.1 -pkgrel=4 -pkgdesc="The Kerberos network authentication system" -arch=('i686' 'x86_64') -url="http://web.mit.edu/kerberos/" -license=('custom') -depends=('e2fsprogs' 'libldap' 'keyutils') -makedepends=('perl') -provides=('heimdal') -replaces=('heimdal') -conflicts=('heimdal') -backup=('etc/krb5.conf' 'var/lib/krb5kdc/kdc.conf') -source=(http://web.mit.edu/kerberos/dist/${pkgname}/1.9/${pkgname}-${pkgver}-signed.tar - krb5-kadmind - krb5-kdc - krb5-1.9.1-config-script.patch - krb5-1.9.1-canonicalize-fallback.patch) -sha1sums=('e23a1795a237521493da9cf3443ac8b98a90c066' - '2aa229369079ed1bbb201a1ef72c47bf143f4dbe' - '77d2312ecd8bf12a6e72cc8fd871a8ac93b23393' - '7342410760cf44bfa01bb99bb4c49e12496cb46f' - '238c268fa6cb42fc7324ab54db9abda5cd77f833') -options=('!emptydirs') - -build() { - tar zxvf ${pkgname}-${pkgver}.tar.gz - cd "${srcdir}/${pkgname}-${pkgver}/src" - - # - Make krb5-config suppress CFLAGS output when called with --libs - # cf https://bugzilla.redhat.com/show_bug.cgi?id=544391 - # - # - Omit extra libraries because their interfaces are not exposed to applications - # by libkrb5, unless do_deps is set to 1, which indicates that the caller - # wants the whole list. - # - # Patch from upstream : - # http://anonsvn.mit.edu/viewvc/krb5/trunk/src/krb5-config.in?r1=23662&r2=25236 - patch -Np2 -i ${srcdir}/krb5-1.9.1-config-script.patch - - # FS#25515 - patch -Np2 -i ${srcdir}/krb5-1.9.1-canonicalize-fallback.patch - - # FS#25384 - sed -i "/KRB5ROOT=/s/\/local//" util/ac_check_krb5.m4 - - export CFLAGS+=" -fPIC -fno-strict-aliasing -fstack-protector-all" - export CPPFLAGS+=" -I/usr/include/et" - ./configure --prefix=/usr \ - --mandir=/usr/share/man \ - --localstatedir=/var/lib \ - --enable-shared \ - --with-system-et \ - --with-system-ss \ - --disable-rpath \ - --without-tcl \ - --enable-dns-for-realm \ - --with-ldap - make -} - -package() { - cd "${srcdir}/${pkgname}-${pkgver}/src" - make DESTDIR="${pkgdir}" EXAMPLEDIR="/usr/share/doc/${pkgname}/examples" install - - # Sample KDC config file - install -dm 755 "${pkgdir}"/var/lib/krb5kdc - install -pm 644 config-files/kdc.conf "${pkgdir}"/var/lib/krb5kdc/kdc.conf - - # Default configuration file - install -dm 755 "${pkgdir}"/etc - install -pm 644 config-files/krb5.conf "${pkgdir}"/etc/krb5.conf - - install -dm 755 "${pkgdir}"/etc/rc.d - install -m 755 ../../krb5-kdc "${pkgdir}"/etc/rc.d - install -m 755 ../../krb5-kadmind "${pkgdir}"/etc/rc.d - - install -dm 755 "${pkgdir}"/usr/share/aclocal - install -m 644 util/ac_check_krb5.m4 "${pkgdir}"/usr/share/aclocal - - install -Dm644 "${srcdir}"/${pkgname}-${pkgver}/NOTICE "${pkgdir}"/usr/share/licenses/${pkgname}/LICENSE -} Copied: krb5/repos/core-x86_64/PKGBUILD (from rev 140998, krb5/repos/testing-x86_64/PKGBUILD) =================================================================== --- core-x86_64/PKGBUILD (rev 0) +++ core-x86_64/PKGBUILD 2011-10-21 02:57:57 UTC (rev 141000) @@ -0,0 +1,91 @@ +# $Id$ +# Maintainer: Stéphane Gaudreault <steph...@archlinux.org> + +pkgname=krb5 +pkgver=1.9.1 +pkgrel=5 +pkgdesc="The Kerberos network authentication system" +arch=('i686' 'x86_64') +url="http://web.mit.edu/kerberos/" +license=('custom') +depends=('e2fsprogs' 'libldap' 'keyutils') +makedepends=('perl') +provides=('heimdal') +replaces=('heimdal') +conflicts=('heimdal') +backup=('etc/krb5.conf' 'var/lib/krb5kdc/kdc.conf') +source=(http://web.mit.edu/kerberos/dist/${pkgname}/1.9/${pkgname}-${pkgver}-signed.tar + krb5-kadmind + krb5-kdc + krb5-1.9.1-config-script.patch + krb5-1.9.1-canonicalize-fallback.patch + krb5-1.9.1-2011-006.patch) +sha1sums=('e23a1795a237521493da9cf3443ac8b98a90c066' + '2aa229369079ed1bbb201a1ef72c47bf143f4dbe' + '77d2312ecd8bf12a6e72cc8fd871a8ac93b23393' + '7342410760cf44bfa01bb99bb4c49e12496cb46f' + '238c268fa6cb42fc7324ab54db9abda5cd77f833' + '0b0016b0e341dcf720f67925b0d451b328e02583') +options=('!emptydirs') + +build() { + tar zxvf ${pkgname}-${pkgver}.tar.gz + cd "${srcdir}/${pkgname}-${pkgver}/src" + + # - Make krb5-config suppress CFLAGS output when called with --libs + # cf https://bugzilla.redhat.com/show_bug.cgi?id=544391 + # + # - Omit extra libraries because their interfaces are not exposed to applications + # by libkrb5, unless do_deps is set to 1, which indicates that the caller + # wants the whole list. + # + # Patch from upstream : + # http://anonsvn.mit.edu/viewvc/krb5/trunk/src/krb5-config.in?r1=23662&r2=25236 + patch -Np2 -i ${srcdir}/krb5-1.9.1-config-script.patch + + # FS#25515 + patch -Np2 -i ${srcdir}/krb5-1.9.1-canonicalize-fallback.patch + + # FS#25384 + sed -i "/KRB5ROOT=/s/\/local//" util/ac_check_krb5.m4 + + # KDC denial of service vulnerabilities + # http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-006.txt + patch -Np2 -i ${srcdir}/krb5-1.9.1-2011-006.patch + + export CFLAGS+=" -fPIC -fno-strict-aliasing -fstack-protector-all" + export CPPFLAGS+=" -I/usr/include/et" + ./configure --prefix=/usr \ + --mandir=/usr/share/man \ + --localstatedir=/var/lib \ + --enable-shared \ + --with-system-et \ + --with-system-ss \ + --disable-rpath \ + --without-tcl \ + --enable-dns-for-realm \ + --with-ldap + make +} + +package() { + cd "${srcdir}/${pkgname}-${pkgver}/src" + make DESTDIR="${pkgdir}" EXAMPLEDIR="/usr/share/doc/${pkgname}/examples" install + + # Sample KDC config file + install -dm 755 "${pkgdir}"/var/lib/krb5kdc + install -pm 644 config-files/kdc.conf "${pkgdir}"/var/lib/krb5kdc/kdc.conf + + # Default configuration file + install -dm 755 "${pkgdir}"/etc + install -pm 644 config-files/krb5.conf "${pkgdir}"/etc/krb5.conf + + install -dm 755 "${pkgdir}"/etc/rc.d + install -m 755 ../../krb5-kdc "${pkgdir}"/etc/rc.d + install -m 755 ../../krb5-kadmind "${pkgdir}"/etc/rc.d + + install -dm 755 "${pkgdir}"/usr/share/aclocal + install -m 644 util/ac_check_krb5.m4 "${pkgdir}"/usr/share/aclocal + + install -Dm644 "${srcdir}"/${pkgname}-${pkgver}/NOTICE "${pkgdir}"/usr/share/licenses/${pkgname}/LICENSE +} Copied: krb5/repos/core-x86_64/krb5-1.9.1-2011-006.patch (from rev 140998, krb5/repos/testing-x86_64/krb5-1.9.1-2011-006.patch) =================================================================== --- core-x86_64/krb5-1.9.1-2011-006.patch (rev 0) +++ core-x86_64/krb5-1.9.1-2011-006.patch 2011-10-21 02:57:57 UTC (rev 141000) @@ -0,0 +1,75 @@ +diff --git a/src/plugins/kdb/db2/lockout.c b/src/plugins/kdb/db2/lockout.c +index b473611..50c60b7 100644 +--- a/src/plugins/kdb/db2/lockout.c ++++ b/src/plugins/kdb/db2/lockout.c +@@ -169,6 +169,9 @@ krb5_db2_lockout_audit(krb5_context context, + return 0; + } + ++ if (entry == NULL) ++ return 0; ++ + if (!db_ctx->disable_lockout) { + code = lookup_lockout_policy(context, entry, &max_fail, + &failcnt_interval, &lockout_duration); +@@ -176,6 +179,15 @@ krb5_db2_lockout_audit(krb5_context context, + return code; + } + ++ /* ++ * Don't continue to modify the DB for an already locked account. ++ * (In most cases, status will be KRB5KDC_ERR_CLIENT_REVOKED, and ++ * this check is unneeded, but in rare cases, we can fail with an ++ * integrity error or preauth failure before a policy check.) ++ */ ++ if (locked_check_p(context, stamp, max_fail, lockout_duration, entry)) ++ return 0; ++ + /* Only mark the authentication as successful if the entry + * required preauthentication, otherwise we have no idea. */ + if (status == 0 && (entry->attributes & KRB5_KDB_REQUIRES_PRE_AUTH)) { +diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c +index 552e39a..c2f44ab 100644 +--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c ++++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c +@@ -105,6 +105,7 @@ krb5_ldap_get_principal(krb5_context context, krb5_const_principal searchfor, + CHECK_LDAP_HANDLE(ldap_context); + + if (is_principal_in_realm(ldap_context, searchfor) != 0) { ++ st = KRB5_KDB_NOENTRY; + krb5_set_error_message (context, st, "Principal does not belong to realm"); + goto cleanup; + } +diff --git a/src/plugins/kdb/ldap/libkdb_ldap/lockout.c b/src/plugins/kdb/ldap/libkdb_ldap/lockout.c +index a218dc7..fd164dd 100644 +--- a/src/plugins/kdb/ldap/libkdb_ldap/lockout.c ++++ b/src/plugins/kdb/ldap/libkdb_ldap/lockout.c +@@ -165,6 +165,9 @@ krb5_ldap_lockout_audit(krb5_context context, + return 0; + } + ++ if (entry == NULL) ++ return 0; ++ + if (!ldap_context->disable_lockout) { + code = lookup_lockout_policy(context, entry, &max_fail, + &failcnt_interval, +@@ -173,9 +176,16 @@ krb5_ldap_lockout_audit(krb5_context context, + return code; + } + +- entry->mask = 0; ++ /* ++ * Don't continue to modify the DB for an already locked account. ++ * (In most cases, status will be KRB5KDC_ERR_CLIENT_REVOKED, and ++ * this check is unneeded, but in rare cases, we can fail with an ++ * integrity error or preauth failure before a policy check.) ++ */ ++ if (locked_check_p(context, stamp, max_fail, lockout_duration, entry)) ++ return 0; + +- assert (!locked_check_p(context, stamp, max_fail, lockout_duration, entry)); ++ entry->mask = 0; + + /* Only mark the authentication as successful if the entry + * required preauthentication, otherwise we have no idea. */ Deleted: core-x86_64/krb5-1.9.1-canonicalize-fallback.patch =================================================================== --- core-x86_64/krb5-1.9.1-canonicalize-fallback.patch 2011-10-21 02:57:56 UTC (rev 140999) +++ core-x86_64/krb5-1.9.1-canonicalize-fallback.patch 2011-10-21 02:57:57 UTC (rev 141000) @@ -1,58 +0,0 @@ -diff -Naur krb5-1.9.1.ori/src/lib/krb5/krb/get_creds.c krb5-1.9.1/src/lib/krb5/krb/get_creds.c ---- krb5-1.9.1.ori/src/lib/krb5/krb/get_creds.c 2011-02-09 16:55:36.000000000 -0500 -+++ krb5-1.9.1/src/lib/krb5/krb/get_creds.c 2011-09-26 18:42:01.465190278 -0400 -@@ -470,13 +470,10 @@ - - /***** STATE_REFERRALS *****/ - --/* -- * Possibly retry a request in the fallback realm after a referral request -- * failure in the local realm. Expects ctx->reply_code to be set to the error -- * from a referral request. -- */ -+/* Possibly try a non-referral request after a referral request failure. -+ * Expects ctx->reply_code to be set to the error from a referral request. */ - static krb5_error_code --try_fallback_realm(krb5_context context, krb5_tkt_creds_context ctx) -+try_fallback(krb5_context context, krb5_tkt_creds_context ctx) - { - krb5_error_code code; - char **hrealms; -@@ -485,9 +482,10 @@ - if (ctx->referral_count > 1) - return ctx->reply_code; - -- /* Only fall back if the original request used the referral realm. */ -+ /* If the request used a specified realm, make a non-referral request to -+ * that realm (in case it's a KDC which rejects KDC_OPT_CANONICALIZE). */ - if (!krb5_is_referral_realm(&ctx->req_server->realm)) -- return ctx->reply_code; -+ return begin_non_referral(context, ctx); - - if (ctx->server->length < 2) { - /* We need a type/host format principal to find a fallback realm. */ -@@ -500,10 +498,10 @@ - if (code != 0) - return code; - -- /* Give up if the fallback realm isn't any different. */ -+ /* If the fallback realm isn't any different, use the existing TGT. */ - if (data_eq_string(ctx->server->realm, hrealms[0])) { - krb5_free_host_realm(context, hrealms); -- return ctx->reply_code; -+ return begin_non_referral(context, ctx); - } - - /* Rewrite server->realm to be the fallback realm. */ -@@ -540,9 +538,9 @@ - krb5_error_code code; - const krb5_data *referral_realm; - -- /* Possibly retry with the fallback realm on error. */ -+ /* Possibly try a non-referral fallback request on error. */ - if (ctx->reply_code != 0) -- return try_fallback_realm(context, ctx); -+ return try_fallback(context, ctx); - - if (krb5_principal_compare(context, ctx->reply_creds->server, - ctx->server)) { Copied: krb5/repos/core-x86_64/krb5-1.9.1-canonicalize-fallback.patch (from rev 140998, krb5/repos/testing-x86_64/krb5-1.9.1-canonicalize-fallback.patch) =================================================================== --- core-x86_64/krb5-1.9.1-canonicalize-fallback.patch (rev 0) +++ core-x86_64/krb5-1.9.1-canonicalize-fallback.patch 2011-10-21 02:57:57 UTC (rev 141000) @@ -0,0 +1,58 @@ +diff -Naur krb5-1.9.1.ori/src/lib/krb5/krb/get_creds.c krb5-1.9.1/src/lib/krb5/krb/get_creds.c +--- krb5-1.9.1.ori/src/lib/krb5/krb/get_creds.c 2011-02-09 16:55:36.000000000 -0500 ++++ krb5-1.9.1/src/lib/krb5/krb/get_creds.c 2011-09-26 18:42:01.465190278 -0400 +@@ -470,13 +470,10 @@ + + /***** STATE_REFERRALS *****/ + +-/* +- * Possibly retry a request in the fallback realm after a referral request +- * failure in the local realm. Expects ctx->reply_code to be set to the error +- * from a referral request. +- */ ++/* Possibly try a non-referral request after a referral request failure. ++ * Expects ctx->reply_code to be set to the error from a referral request. */ + static krb5_error_code +-try_fallback_realm(krb5_context context, krb5_tkt_creds_context ctx) ++try_fallback(krb5_context context, krb5_tkt_creds_context ctx) + { + krb5_error_code code; + char **hrealms; +@@ -485,9 +482,10 @@ + if (ctx->referral_count > 1) + return ctx->reply_code; + +- /* Only fall back if the original request used the referral realm. */ ++ /* If the request used a specified realm, make a non-referral request to ++ * that realm (in case it's a KDC which rejects KDC_OPT_CANONICALIZE). */ + if (!krb5_is_referral_realm(&ctx->req_server->realm)) +- return ctx->reply_code; ++ return begin_non_referral(context, ctx); + + if (ctx->server->length < 2) { + /* We need a type/host format principal to find a fallback realm. */ +@@ -500,10 +498,10 @@ + if (code != 0) + return code; + +- /* Give up if the fallback realm isn't any different. */ ++ /* If the fallback realm isn't any different, use the existing TGT. */ + if (data_eq_string(ctx->server->realm, hrealms[0])) { + krb5_free_host_realm(context, hrealms); +- return ctx->reply_code; ++ return begin_non_referral(context, ctx); + } + + /* Rewrite server->realm to be the fallback realm. */ +@@ -540,9 +538,9 @@ + krb5_error_code code; + const krb5_data *referral_realm; + +- /* Possibly retry with the fallback realm on error. */ ++ /* Possibly try a non-referral fallback request on error. */ + if (ctx->reply_code != 0) +- return try_fallback_realm(context, ctx); ++ return try_fallback(context, ctx); + + if (krb5_principal_compare(context, ctx->reply_creds->server, + ctx->server)) { Deleted: core-x86_64/krb5-1.9.1-config-script.patch =================================================================== --- core-x86_64/krb5-1.9.1-config-script.patch 2011-10-21 02:57:56 UTC (rev 140999) +++ core-x86_64/krb5-1.9.1-config-script.patch 2011-10-21 02:57:57 UTC (rev 141000) @@ -1,27 +0,0 @@ -diff -Naur krb5-1.9.1.ori/src/krb5-config.in krb5-1.9.1/src/krb5-config.in ---- krb5-1.9.1.ori/src/krb5-config.in 2010-01-19 13:44:57.000000000 -0500 -+++ krb5-1.9.1/src/krb5-config.in 2011-09-26 18:27:09.018487087 -0400 -@@ -186,7 +186,7 @@ - -e 's#\$(RPATH_FLAG)#'"$RPATH_FLAG"'#' \ - -e 's#\$(LDFLAGS)#'"$LDFLAGS"'#' \ - -e 's#\$(PTHREAD_CFLAGS)#'"$PTHREAD_CFLAGS"'#' \ -- -e 's#\$(CFLAGS)#'"$CFLAGS"'#'` -+ -e 's#\$(CFLAGS)##'` - - if test $library = 'kdb'; then - lib_flags="$lib_flags -lkdb5 $KDB5_DB_LIB" -@@ -214,9 +214,13 @@ - fi - - if test $library = 'krb5'; then -- lib_flags="$lib_flags -lkrb5 -lk5crypto -lcom_err $GEN_LIB $LIBS $DL_LIB" -+ lib_flags="$lib_flags -lkrb5 -lk5crypto -lcom_err" - fi - -+ # If we ever support a flag to generate output suitable for static -+ # linking, we would output "-lkrb5support $GEN_LIB $LIBS $DL_LIB" -+ # here. -+ - echo $lib_flags - fi - Copied: krb5/repos/core-x86_64/krb5-1.9.1-config-script.patch (from rev 140998, krb5/repos/testing-x86_64/krb5-1.9.1-config-script.patch) =================================================================== --- core-x86_64/krb5-1.9.1-config-script.patch (rev 0) +++ core-x86_64/krb5-1.9.1-config-script.patch 2011-10-21 02:57:57 UTC (rev 141000) @@ -0,0 +1,27 @@ +diff -Naur krb5-1.9.1.ori/src/krb5-config.in krb5-1.9.1/src/krb5-config.in +--- krb5-1.9.1.ori/src/krb5-config.in 2010-01-19 13:44:57.000000000 -0500 ++++ krb5-1.9.1/src/krb5-config.in 2011-09-26 18:27:09.018487087 -0400 +@@ -186,7 +186,7 @@ + -e 's#\$(RPATH_FLAG)#'"$RPATH_FLAG"'#' \ + -e 's#\$(LDFLAGS)#'"$LDFLAGS"'#' \ + -e 's#\$(PTHREAD_CFLAGS)#'"$PTHREAD_CFLAGS"'#' \ +- -e 's#\$(CFLAGS)#'"$CFLAGS"'#'` ++ -e 's#\$(CFLAGS)##'` + + if test $library = 'kdb'; then + lib_flags="$lib_flags -lkdb5 $KDB5_DB_LIB" +@@ -214,9 +214,13 @@ + fi + + if test $library = 'krb5'; then +- lib_flags="$lib_flags -lkrb5 -lk5crypto -lcom_err $GEN_LIB $LIBS $DL_LIB" ++ lib_flags="$lib_flags -lkrb5 -lk5crypto -lcom_err" + fi + ++ # If we ever support a flag to generate output suitable for static ++ # linking, we would output "-lkrb5support $GEN_LIB $LIBS $DL_LIB" ++ # here. ++ + echo $lib_flags + fi + Deleted: core-x86_64/krb5-kadmind =================================================================== --- core-x86_64/krb5-kadmind 2011-10-21 02:57:56 UTC (rev 140999) +++ core-x86_64/krb5-kadmind 2011-10-21 02:57:57 UTC (rev 141000) @@ -1,40 +0,0 @@ -#!/bin/bash - -# general config -. /etc/rc.conf -. /etc/rc.d/functions - -PID=`pidof -o %PPID /usr/sbin/kadmind` -case "$1" in - start) - stat_busy "Starting Kerberos Admin Daemon" - if [ -z "$PID" ]; then - /usr/sbin/kadmind - fi - if [ ! -z "$PID" -o $? -gt 0 ]; then - stat_fail - else - add_daemon krb5-kadmind - stat_done - fi - ;; - stop) - stat_busy "Stopping Kerberos Admin Daemon" - [ ! -z "$PID" ] && kill $PID &> /dev/null - if [ $? -gt 0 ]; then - stat_fail - else - rm_daemon krb5-kadmind - stat_done - fi - ;; - restart) - $0 stop - sleep 1 - $0 start - ;; - *) - echo "usage: $0 {start|stop|restart}" - ;; -esac -exit 0 Copied: krb5/repos/core-x86_64/krb5-kadmind (from rev 140998, krb5/repos/testing-x86_64/krb5-kadmind) =================================================================== --- core-x86_64/krb5-kadmind (rev 0) +++ core-x86_64/krb5-kadmind 2011-10-21 02:57:57 UTC (rev 141000) @@ -0,0 +1,40 @@ +#!/bin/bash + +# general config +. /etc/rc.conf +. /etc/rc.d/functions + +PID=`pidof -o %PPID /usr/sbin/kadmind` +case "$1" in + start) + stat_busy "Starting Kerberos Admin Daemon" + if [ -z "$PID" ]; then + /usr/sbin/kadmind + fi + if [ ! -z "$PID" -o $? -gt 0 ]; then + stat_fail + else + add_daemon krb5-kadmind + stat_done + fi + ;; + stop) + stat_busy "Stopping Kerberos Admin Daemon" + [ ! -z "$PID" ] && kill $PID &> /dev/null + if [ $? -gt 0 ]; then + stat_fail + else + rm_daemon krb5-kadmind + stat_done + fi + ;; + restart) + $0 stop + sleep 1 + $0 start + ;; + *) + echo "usage: $0 {start|stop|restart}" + ;; +esac +exit 0 Deleted: core-x86_64/krb5-kdc =================================================================== --- core-x86_64/krb5-kdc 2011-10-21 02:57:56 UTC (rev 140999) +++ core-x86_64/krb5-kdc 2011-10-21 02:57:57 UTC (rev 141000) @@ -1,40 +0,0 @@ -#!/bin/bash - -# general config -. /etc/rc.conf -. /etc/rc.d/functions - -PID=`pidof -o %PPID /usr/sbin/krb5kdc` -case "$1" in - start) - stat_busy "Starting Kerberos Authentication" - if [ -z "$PID" ]; then - /usr/sbin/krb5kdc - fi - if [ ! -z "$PID" -o $? -gt 0 ]; then - stat_fail - else - add_daemon krb5-kdc - stat_done - fi - ;; - stop) - stat_busy "Stopping Kerberos Authentication" - [ ! -z "$PID" ] && kill $PID &> /dev/null - if [ $? -gt 0 ]; then - stat_fail - else - rm_daemon krb5-kdc - stat_done - fi - ;; - restart) - $0 stop - sleep 1 - $0 start - ;; - *) - echo "usage: $0 {start|stop|restart}" - ;; -esac -exit 0 Copied: krb5/repos/core-x86_64/krb5-kdc (from rev 140998, krb5/repos/testing-x86_64/krb5-kdc) =================================================================== --- core-x86_64/krb5-kdc (rev 0) +++ core-x86_64/krb5-kdc 2011-10-21 02:57:57 UTC (rev 141000) @@ -0,0 +1,40 @@ +#!/bin/bash + +# general config +. /etc/rc.conf +. /etc/rc.d/functions + +PID=`pidof -o %PPID /usr/sbin/krb5kdc` +case "$1" in + start) + stat_busy "Starting Kerberos Authentication" + if [ -z "$PID" ]; then + /usr/sbin/krb5kdc + fi + if [ ! -z "$PID" -o $? -gt 0 ]; then + stat_fail + else + add_daemon krb5-kdc + stat_done + fi + ;; + stop) + stat_busy "Stopping Kerberos Authentication" + [ ! -z "$PID" ] && kill $PID &> /dev/null + if [ $? -gt 0 ]; then + stat_fail + else + rm_daemon krb5-kdc + stat_done + fi + ;; + restart) + $0 stop + sleep 1 + $0 start + ;; + *) + echo "usage: $0 {start|stop|restart}" + ;; +esac +exit 0