openpkg
/
openpkg-packages
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
84393 Commits
1 Branch
2 Tags
575 MiB
 
 
 
 
 
 
Tree: b1dc55e4ac
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b1dc55e4ac'
${ noResults }
openpkg-packages/heimdal/heimdal-setup.sh

81 lines
2.8 KiB
Raw Blame History

#!@l_bash@
##
## heimdal-setup -- Kerberos setup procedure
##
if [ $# -ne 2 ]; then
echo "USAGE: $0 <realm> <domain>"
echo "EXAMPLE: $0 EXAMPLE.COM example.com"
exit 1
fi
realm=`echo "$1" | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
domain=`echo "$2" | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
host=`@l_prefix@/lib/openpkg/shtool echo -e "%h.$domain"`
echo "++ configure Kerberos realm \"$realm\""
sed <@l_prefix@/etc/heimdal/kdc.conf \
>@l_prefix@/etc/heimdal/kdc.conf.new \
-e "s;EXAMPLE\.COM;$realm;g" \
-e "s;example\.com;$domain;g"
cp -p @l_prefix@/etc/heimdal/kdc.conf.new @l_prefix@/etc/heimdal/kdc.conf
rm -f @l_prefix@/etc/heimdal/kdc.conf.new
sed <@l_prefix@/etc/heimdal/krb5.conf \
>@l_prefix@/etc/heimdal/krb5.conf.new \
-e "s;kerberos1\.example\.com;$host;" \
-e "s;kerberos2\.example\.com;$host;" \
-e "s;EXAMPLE\.COM;$realm;g" \
-e "s;example\.com;$domain;g"
cp -p @l_prefix@/etc/heimdal/krb5.conf.new @l_prefix@/etc/heimdal/krb5.conf
rm -f @l_prefix@/etc/heimdal/krb5.conf.new
echo "++ creating Kerberos database"
@l_prefix@/sbin/kstash --random-key --key-file=@l_prefix@/var/heimdal/db/$realm.mkey
( echo -n "init"
echo -n " --realm-max-ticket-life=unlimited"
echo -n " --realm-max-renewable-life=unlimited"
echo -n " $realm"
echo ""
) | @l_prefix@/sbin/kadmin -l -p admin/admin
echo "++ adding administrator \"admin@$realm\" to Kerberos database"
echo "*/admin@$realm all" >@l_prefix@/var/heimdal/db/$realm.acl
chmod 600 @l_prefix@/var/heimdal/db/$realm.acl
chown @l_susr@:@l_mgrp@ @l_prefix@/var/heimdal/db/$realm.acl
( echo -n "add"
echo -n " --password=admin"
echo -n " --max-ticket-life=1day --max-renewable-life=1week"
echo -n " --expiration-time=never --pw-expiration-time=never"
echo -n " --attributes=\"\""
echo -n " admin/admin@$realm"
echo ""
) | @l_prefix@/sbin/kadmin -l -p admin/admin
echo "++ adding host \"host/$host\" to Kerberos database"
( echo -n "add"
echo -n " --random-key"
echo -n " --max-ticket-life=1day --max-renewable-life=1week"
echo -n " --expiration-time=never --pw-expiration-time=never"
echo -n " --attributes=\"\""
echo -n " host/$host"
echo ""
) | @l_prefix@/sbin/kadmin -l -p admin/admin
echo "++ exporting keytab file for \"host/$host\" from Kerberos database"
( echo "ext_keytab host/$host"
) | @l_prefix@/sbin/kadmin -l -p admin/admin
echo "++ adding ipropd master \"iprop/$host\" to Kerberos database"
( echo -n "add"
echo -n " --random-key"
echo -n " --max-ticket-life=1day --max-renewable-life=1week"
echo -n " --expiration-time=never --pw-expiration-time=never"
echo -n " --attributes=\"\""
echo -n " iprop/$host"
echo ""
) | @l_prefix@/sbin/kadmin -l -p admin/admin
echo "++ exporting keytab file for \"host/$host\" from Kerberos database"
( echo "ext_keytab iprop/$host"
) | @l_prefix@/sbin/kadmin -l -p admin/admin