invirt-base (0.0.29) unstable; urgency=low
* Added debathena SSH and KRB5 config
+ * Added init script to regen kerberos config
- -- Greg Brockman <gdb@mit.edu> Thu, 24 Dec 2009 16:30:55 -0500
+ -- Greg Brockman <gdb@mit.edu> Thu, 24 Dec 2009 20:13:20 -0500
invirt-base (0.0.28) unstable; urgency=low
--- /dev/null
+#! /bin/bash
+### BEGIN INIT INFO
+# Provides: invirt-base
+# Required-Start: $local_fs $remote_fs
+# Required-Stop: $local_fs $remote_fs
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: invirt base config generator
+# Description: Re-generate invirt config; namely default kerberos realm.
+### END INIT INFO
+
+# Author: Invirt Project <invirt@mit.edu>
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+
+if [ -x /usr/bin/invirt-getconf -a -f /etc/krb5.conf.invirt ]; then
+ /usr/bin/perl -i -e '$r = `/usr/bin/invirt-getconf kerberos.realm`; chomp($r);
+ while(<>) { s/^([ \t]*default_realm *=).*$/\1 $r/m; print; }' /etc/krb5.conf.invirt
+fi
/usr/share/kerberos-configs/krb5.conf.template
DEB_TRANSFORM_FILES_invirt-base += \
/etc/krb5.conf.invirt
+DEB_DIVERT_FILES_debathena-ssh-server-config += \
+ /etc/ssh/sshd_config.invirt
include /usr/share/cdbs/1/rules/debhelper.mk
include /usr/share/cdbs/1/class/python-distutils.mk
binary-fixup/invirt-base::
mv $(DEB_DESTDIR)usr/bin/invirt-reload $(DEB_DESTDIR)usr/sbin/invirt-reload
+common-build-indep:: debian/sshd_config.invirt
+
# Stolen from Debathena
debian/sshd_config.invirt-orig: /var/lib/dpkg/info/openssh-server.postinst
perl -0pe 's/^.*<<EOF[^\n]*\n(.*\n)EOF\n.*$$/$$1/s or die;' $< > $@
# Stolen from Debathena
debian/sshd_config.invirt: debian/sshd_config.invirt-orig
perl -0pe '# Debathena rules (from debathena-ssh-server-config) \
-s/^#?GSSAPIAuthentication .*$/GSSAPIAuthentication yes\nGSSAPIKeyExchange yes\nGSSAPIStrictAcceptorCheck no/m or die; \
-s/^#?GSSAPICleanupCredentials .*$/GSSAPICleanupCredentials yes/m or die; \
-s/^#?ChallengeResponseAuthentication .*$/ChallengeResponseAuthentication yes/m or die; \
+s/^#?GSSAPIAuthentication .*$$/GSSAPIAuthentication yes\nGSSAPIKeyExchange yes\nGSSAPIStrictAcceptorCheck no/m and \
+s/^#?GSSAPICleanupCredentials .*$$/GSSAPICleanupCredentials yes/m and \
+s/^#?ChallengeResponseAuthentication .*$$/ChallengeResponseAuthentication yes/m and \
## In Debathena, privilege separation is configurable. \
-s/^#?UsePrivilegeSeparation .*$/UsePrivilegeSeparation yes/m or die; \
-s/^#?PasswordAuthentication .*$/PasswordAuthentication no/m or die;' $< > $@
+s/^#?UsePrivilegeSeparation .*$$/UsePrivilegeSeparation yes/m and \
+s/^#?PasswordAuthentication .*$$/PasswordAuthentication no/m or die;' $< > $@
clean::
rm -rf python/invirt.egg-info