[CVS] OpenPKG: openpkg-src/kerberos/ kerberos-setup.sh kerberos.spec
OpenPKG CVS Repository
http://cvs.openpkg.org/
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 05-Oct-2007 10:52:13
Branch: HEAD Handle: 2007100509521200
Modified files:
openpkg-src/kerberoskerberos-setup.sh kerberos.spec
Log:
flush a pending cleanup change
Summary:
RevisionChanges Path
1.8 +1 -0 openpkg-src/kerberos/kerberos-setup.sh
1.93+1 -1 openpkg-src/kerberos/kerberos.spec
patch -p0 '@@ .'
Index: openpkg-src/kerberos/kerberos-setup.sh
$ cvs diff -u -r1.7 -r1.8 kerberos-setup.sh
--- openpkg-src/kerberos/kerberos-setup.sh14 Jan 2007 19:16:04 -
1.7
+++ openpkg-src/kerberos/kerberos-setup.sh5 Oct 2007 08:52:12 -
1.8
@@ -49,6 +49,7 @@
echo ++ adding \host/$host\ to Kerberos database
@l_prefix@/sbin/kadmin.local -p admin/admin -q \
add_principal -randkey host/$host
+
echo ++ exporting keytab for \host/$host\ from Kerberos database
@l_prefix@/sbin/kadmin.local -p admin/admin -q \
ktadd -q -k @l_prefix@/etc/kerberos/krb5.keytab host/$host
@@ .
patch -p0 '@@ .'
Index: openpkg-src/kerberos/kerberos.spec
$ cvs diff -u -r1.92 -r1.93 kerberos.spec
--- openpkg-src/kerberos/kerberos.spec5 Sep 2007 11:20:31 -
1.92
+++ openpkg-src/kerberos/kerberos.spec5 Oct 2007 08:52:12 -
1.93
@@ -39,7 +39,7 @@
Group:Cryptography
License: MIT subject to US EAR
Version: %{V_major}.%{V_minor}
-Release: 20070905
+Release: 20071005
# package options
%option with_fsl yes
@@ .
__
OpenPKG http://openpkg.org
CVS Repository Commit List openpkg-cvs@openpkg.org
[CVS] OpenPKG: openpkg-src/kerberos/ kerberos-setup.sh kerberos.spec
OpenPKG CVS Repository
http://cvs.openpkg.org/
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 16-Jan-2006 23:08:23
Branch: HEAD Handle: 2006011622082200
Modified files:
openpkg-src/kerberoskerberos-setup.sh kerberos.spec
Log:
allow Kerberos to be really used out-of-the-box now
Summary:
RevisionChanges Path
1.5 +13 -2 openpkg-src/kerberos/kerberos-setup.sh
1.72+23 -1 openpkg-src/kerberos/kerberos.spec
patch -p0 '@@ .'
Index: openpkg-src/kerberos/kerberos-setup.sh
$ cvs diff -u -r1.4 -r1.5 kerberos-setup.sh
--- openpkg-src/kerberos/kerberos-setup.sh25 Dec 2005 22:12:56 -
1.4
+++ openpkg-src/kerberos/kerberos-setup.sh16 Jan 2006 22:08:22 -
1.5
@@ -11,6 +11,7 @@
realm=`echo $1 | tr 'abcdefghijklmnopqrstuvwxyz'
'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
domain=`echo $2 | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'
'abcdefghijklmnopqrstuvwxyz'`
[EMAIL PROTECTED]@/lib/openpkg/shtool echo -e %h.$domain`
echo ++ configure Kerberos realm \$realm\
sed @l_prefix@/etc/kerberos/kdc.conf \
@@ -21,6 +22,8 @@
rm -f @l_prefix@/etc/kerberos/kdc.conf.new
sed @l_prefix@/etc/kerberos/krb5.conf \
@l_prefix@/etc/kerberos/krb5.conf.new \
+-e s;kerberos1\.example\.com;$host; \
+-e s;kerberos2\.example\.com;$host; \
-e s;EXAMPLE\.COM;$realm;g \
-e s;example\.com;$domain;g
cp -p @l_prefix@/etc/kerberos/krb5.conf.new @l_prefix@/etc/kerberos/krb5.conf
@@ -34,10 +37,18 @@
chmod 600 @l_prefix@/var/kerberos/db/kadm5.acl
echo ++ adding administrator \[EMAIL PROTECTED] to the Kerberos database
[EMAIL PROTECTED]@/sbin/kadmin.local -q \
[EMAIL PROTECTED]@/sbin/kadmin.local -p admin/admin -q \
addprinc admin/[EMAIL PROTECTED]
echo ++ adding kadmind keytab file to the Kerberos database
[EMAIL PROTECTED]@/sbin/kadmin.local -q \
[EMAIL PROTECTED]@/sbin/kadmin.local -p admin/admin -q \
ktadd -k @l_prefix@/var/kerberos/db/kadm5.keytab kadmin/admin
kadmin/changepw
+echo ++ adding local host \host/$host\ to the Kerberos database
[EMAIL PROTECTED]@/sbin/kadmin.local -p admin/admin -q \
+addprinc host/$host
+
+echo ++ creating keytab file for local host \host/$host\
[EMAIL PROTECTED]@/sbin/kadmin.local -p admin/admin -q \
+ktadd host/$host
+
@@ .
patch -p0 '@@ .'
Index: openpkg-src/kerberos/kerberos.spec
$ cvs diff -u -r1.71 -r1.72 kerberos.spec
--- openpkg-src/kerberos/kerberos.spec16 Jan 2006 18:52:18 -
1.71
+++ openpkg-src/kerberos/kerberos.spec16 Jan 2006 22:08:22 -
1.72
@@ -91,6 +91,10 @@
-e 's;@LOCALSTATEDIR/krb5kdc;@LOCALSTATEDIR/kerberos;g' \
-e 's;DEFAULT_KDC_PROFILE.@LOCALSTATEDIR;DEFAULT_KDC_PROFILE
@SYSCONFDIR;g' \
src/include/krb5/stock/osconf.h
+%{l_shtool} subst \
+-e 's;/etc/krb5\.keytab;%{l_prefix}/etc/kerberos/krb5.keytab;' \
+src/kadmin/cli/k5srvutil.sh \
+src/kadmin/cli/kadmin.c
%build
# build toolkit
@@ -190,7 +194,25 @@
echo Kerberos database with the command:
echo \$ $RPM_INSTALL_PREFIX/sbin/kerberos-setup realm
domain
echo where domain is the primary DNS zone of this setup and
- echo realm by convention the upper-case version of domain.
+ echo realm by convention is the upper-case version of domain.
+ echo After this you should start the Kerberos server with:
+ echo \$ $RPM_INSTALL_PREFIX/etc/rc kerberos start
+ echo
+ echo Then you should add and attach all remote hosts to Kerberos
+ echo by running the following command on each remote host:
+ echo \$ $RPM_INSTALL_PREFIX/sbin/kadmin -p admin/admin -q \\
+ echo \add_principal host/hostname.domain\
+ echo \$ $RPM_INSTALL_PREFIX/sbin/kadmin -p admin/admin -q \\
+ echo \ktadd host/hostname.domain\
+ echo
+ echo Then you should add all your users to Kerberos via:
+ echo \$ $RPM_INSTALL_PREFIX/sbin/kadmin -p admin/admin -q \\
+ echo \add_principal user/user@realm\
+ echo
+ echo After this, your users can authenticate against
+ echo Kerberos on all attached hosts via:
+ echo \$ $RPM_INSTALL_PREFIX/bin/kinit user/user
+ echo \$ $RPM_INSTALL_PREFIX/bin/klist
[CVS] OpenPKG: openpkg-src/kerberos/ kerberos-setup.sh kerberos.spec k...
OpenPKG CVS Repository
http://cvs.openpkg.org/
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 25-Dec-2005 15:29:41
Branch: HEAD Handle: 2005122514294000
Added files:
openpkg-src/kerberoskerberos-setup.sh
Modified files:
openpkg-src/kerberoskerberos.spec krb5.conf rc.kerberos
Removed files:
openpkg-src/kerberoskrb5quick.ps
Log:
switch to default sbin/ based installation layout and switch from a
documentation file to an automated setup script
Summary:
RevisionChanges Path
1.1 +43 -0 openpkg-src/kerberos/kerberos-setup.sh
1.64+21 -7 openpkg-src/kerberos/kerberos.spec
1.5 +4 -4 openpkg-src/kerberos/krb5.conf
1.4 +0 -670openpkg-src/kerberos/krb5quick.ps
1.13+2 -2 openpkg-src/kerberos/rc.kerberos
patch -p0 '@@ .'
Index: openpkg-src/kerberos/kerberos-setup.sh
$ cvs diff -u -r0 -r1.1 kerberos-setup.sh
--- /dev/null 2005-12-25 15:29:12 +0100
+++ kerberos-setup.sh 2005-12-25 15:29:40 +0100
@@ -0,0 +1,43 @@
+#!/bin/sh
+##
+## kerberos-setup -- Kerberos database setup procedure
+##
+
+if [ $# -eq 0 ]; then
+echo USAGE: $0 realm
+echo EXAMPLE: $0 EXAMPLE.COM
+exit 1
+fi
+
+realm=`echo $1 | tr 'abcdefghijklmnopqrstuvwxyz'
'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
+domain=`echo $1 | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'
'abcdefghijklmnopqrstuvwxyz'`
+
+echo ++ configure Kerberos realm \$realm\
+sed @l_prefix@/etc/kerberos/kdc.conf \
+@l_prefix@/etc/kerberos/kdc.conf.new \
+-e s;EXAMPLE\.COM;$realm;g
+-e s;example\.com;$domain;g
+cp -p @l_prefix@/etc/kerberos/kdc.conf.new @l_prefix@/etc/kerberos/kdc.conf
+rm -f @l_prefix@/etc/kerberos/kdc.conf.new
+sed @l_prefix@/etc/kerberos/krb5.conf \
+@l_prefix@/etc/kerberos/krb5.conf.new \
+-e s;EXAMPLE\.COM;$realm;g
+-e s;example\.com;$domain;g
+cp -p @l_prefix@/etc/kerberos/krb5.conf.new @l_prefix@/etc/kerberos/krb5.conf
+rm -f @l_prefix@/etc/kerberos/krb5.conf.new
+
+echo ++ initialize Kerberos database
[EMAIL PROTECTED]@/sbin/kdb5_util create -r $realm -s
+
+echo ++ adding administrator \[EMAIL PROTECTED] to the ACL
+echo */[EMAIL PROTECTED] * @l_prefix@/var/kerberos/kadm5.acl
+chmod 600 @l_prefix@/var/kerberos/kadm5.acl
+
+echo ++ adding administrator \[EMAIL PROTECTED] to the Kerberos database
[EMAIL PROTECTED]@/sbin/kadmin.local -q \
+addprinc admin/[EMAIL PROTECTED]
+
+echo ++ adding kadmind keytab file to the Kerberos database
[EMAIL PROTECTED]@/sbin/kadmin.local -q \
+ktadd -k @l_prefix@/var/kerberos/kadm5.keytab kadmin/admin
kadmin/changepw
+
@@ .
patch -p0 '@@ .'
Index: openpkg-src/kerberos/kerberos.spec
$ cvs diff -u -r1.63 -r1.64 kerberos.spec
--- openpkg-src/kerberos/kerberos.spec25 Dec 2005 13:45:00 -
1.63
+++ openpkg-src/kerberos/kerberos.spec25 Dec 2005 14:29:40 -
1.64
@@ -48,7 +48,7 @@
Source2: fsl.kerberos
Source3: krb5.conf
Source4: kdc.conf
-Source5: krb5quick.ps
+Source5: kerberos-setup.sh
Patch0: kerberos.patch
# build information
@@ -101,7 +101,6 @@
--prefix=%{l_prefix} \
--includedir=%{l_prefix}/include/kerberos \
--libdir=%{l_prefix}/lib/kerberos \
---sbindir=%{l_prefix}/libexec/kerberos \
--without-tcl \
--without-krb4 \
--enable-static \
@@ -120,7 +119,7 @@
# create additional directories
%{l_shtool} mkdir -p -m 755 \
$RPM_BUILD_ROOT%{l_prefix}/var/kerberos/log \
-$RPM_BUILD_ROOT%{l_prefix}/share/kerberos/doc \
+$RPM_BUILD_ROOT%{l_prefix}/share/kerberos \
$RPM_BUILD_ROOT%{l_prefix}/etc/kerberos \
$RPM_BUILD_ROOT%{l_prefix}/etc/rc.d \
$RPM_BUILD_ROOT%{l_prefix}/etc/fsl
@@ -135,6 +134,8 @@
fi
done
for i in ftpd telnetd uuserver; do
+mv $RPM_BUILD_ROOT%{l_prefix}/sbin/$i \
+$RPM_BUILD_ROOT%{l_prefix}/sbin/k$i
if [ -f $RPM_BUILD_ROOT%{l_prefix}/man/man8/$i.8 ]; then
mv $RPM_BUILD_ROOT%{l_prefix}/man/man8/$i.8 \
$RPM_BUILD_ROOT%{l_prefix}/man/man8/k$i.8
@@ -145,6 +146,12 @@
rm -rf $RPM_BUILD_ROOT%{l_prefix}/share/gnats
rm -rf $RPM_BUILD_ROOT%{l_prefix}/share/examples
strip $RPM_BUILD_ROOT%{l_prefix}/bin/* /dev/null
[CVS] OpenPKG: openpkg-src/kerberos/ kerberos-setup.sh kerberos.spec
OpenPKG CVS Repository
http://cvs.openpkg.org/
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 25-Dec-2005 23:12:57
Branch: HEAD Handle: 2005122522125600
Modified files:
openpkg-src/kerberoskerberos-setup.sh kerberos.spec
Log:
fix path to kadm5.keytab file; make substitution more portable; fix
permissions/ownership of ksu program
Summary:
RevisionChanges Path
1.4 +1 -1 openpkg-src/kerberos/kerberos-setup.sh
1.67+3 -2 openpkg-src/kerberos/kerberos.spec
patch -p0 '@@ .'
Index: openpkg-src/kerberos/kerberos-setup.sh
$ cvs diff -u -r1.3 -r1.4 kerberos-setup.sh
--- openpkg-src/kerberos/kerberos-setup.sh25 Dec 2005 20:12:37 -
1.3
+++ openpkg-src/kerberos/kerberos-setup.sh25 Dec 2005 22:12:56 -
1.4
@@ -39,5 +39,5 @@
echo ++ adding kadmind keytab file to the Kerberos database
@l_prefix@/sbin/kadmin.local -q \
-ktadd -k @l_prefix@/var/kerberos/kadm5.keytab kadmin/admin
kadmin/changepw
+ktadd -k @l_prefix@/var/kerberos/db/kadm5.keytab kadmin/admin
kadmin/changepw
@@ .
patch -p0 '@@ .'
Index: openpkg-src/kerberos/kerberos.spec
$ cvs diff -u -r1.66 -r1.67 kerberos.spec
--- openpkg-src/kerberos/kerberos.spec25 Dec 2005 20:12:37 -
1.66
+++ openpkg-src/kerberos/kerberos.spec25 Dec 2005 22:12:56 -
1.67
@@ -87,7 +87,7 @@
-e
's;/etc/krb5\.conf:@SYSCONFDIR/krb5.conf;@SYSCONFDIR/kerberos/krb5.conf;g' \
-e
's;FILE:/etc/krb5\.keytab;FILE:@SYSCONFDIR/kerberos/krb5.keytab;g' \
-e 's;@LOCALSTATEDIR/krb5kdc;@LOCALSTATEDIR/kerberos;g' \
--e 's;DEFAULT_KDC_PROFILE\t@LOCALSTATEDIR;DEFAULT_KDC_PROFILE
@SYSCONFDIR;g' \
+-e 's;DEFAULT_KDC_PROFILE.@LOCALSTATEDIR;DEFAULT_KDC_PROFILE
@SYSCONFDIR;g' \
src/include/krb5/stock/osconf.h
%build
@@ -164,7 +164,8 @@
'%not %dir %{l_prefix}/etc/fsl' \
'%config %{l_prefix}/etc/fsl/fsl.kerberos' \
'%config %{l_prefix}/etc/kerberos/*.conf' \
-'%doc %{l_prefix}/share/kerberos/*.ps'
+'%doc %{l_prefix}/share/kerberos/*.ps' \
+'%attr(4755,%{l_susr},%{l_mgrp}) %{l_prefix}/bin/ksu'
%files -f files
@@ .
__
The OpenPKG Projectwww.openpkg.org
CVS Repository Commit List openpkg-cvs@openpkg.org
