From: Greg Brockman Date: Thu, 24 Dec 2009 07:03:25 +0000 (-0500) Subject: Removed debathena dependencies from invirt-console X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-console.git/commitdiff_plain/f9fad1a851cdcd0c50084d8ad52a460ae6eb77c8?ds=sidebyside Removed debathena dependencies from invirt-console svn path=/package_branches/invirt-console/hvirt/; revision=2775 --- diff --git a/debian/changelog b/debian/changelog index 94d829f..34daba9 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +invirt-console (0.2.12) unstable; urgency=low + + * Removed dependency on debathena pkgs + + -- Greg Brockman Thu, 24 Dec 2009 01:54:32 -0500 + invirt-console (0.2.11) unstable; urgency=low * Disable the sftp subsystem on the console server; it interacts poorly diff --git a/debian/control b/debian/control index b93f1a5..7f347e6 100644 --- a/debian/control +++ b/debian/control @@ -2,7 +2,7 @@ Source: invirt-console Section: servers Priority: extra Maintainer: Invirt project -Build-Depends: cdbs (>= 0.4.23-1.1), debhelper (>= 5), config-package-dev (>= 4.5~), nscd, openssh-server, debathena-ssh-server-config, initscripts +Build-Depends: cdbs (>= 0.4.23-1.1), debhelper (>= 5), config-package-dev (>= 4.5~), nscd, openssh-server, initscripts, krb5-config, krb5-user, krb5-clients Standards-Version: 3.7.2 Package: invirt-console-server @@ -11,9 +11,9 @@ Provides: ${diverted-files} Conflicts: ${diverted-files} Depends: invirt-base, ${shlibs:Depends}, ${misc:Depends}, conserver-client, conserver-server, daemon, - debathena-kerberos-config, fuse-utils, libnss-pgsql1, nscd, + fuse-utils, libnss-pgsql1, nscd, krb5-config, krb5-user, krb5-clients, openssh-server, python, python-routefs, invirt-database, - remctl-server, debathena-ssh-server-config + remctl-server Description: Invirt serial-console proxy server This is the software for the serial-console proxy server. diff --git a/debian/rules b/debian/rules index b1b8d2b..6b1ea1d 100755 --- a/debian/rules +++ b/debian/rules @@ -6,7 +6,7 @@ DEB_TRANSFORM_FILES_invirt-console-server += \ /etc/nsswitch.conf.invirt \ /etc/nscd.conf.invirt \ /etc/pam.d/sshd.invirt \ - /etc/ssh/sshd_config.debathena.invirt + /etc/ssh/sshd_config.invirt ifneq ($(wildcard /usr/share/base-files/nsswitch.conf),) DEB_CHECK_FILES_SOURCE_/etc/nsswitch.conf.invirt = \ @@ -15,7 +15,9 @@ endif DEB_DIVERT_FILES_invirt-console-server += \ /etc/conserver/conserver.cf.invirt \ - /etc/motd.invirt + /etc/krb5.conf \ + /etc/motd.invirt \ + /etc/ssh/sshd_config DEB_DIVERT_FILES_invirt-console-host += \ /etc/conserver/conserver.cf.invirt \ /etc/conserver/server.conf.invirt diff --git a/debian/transform_krb5.conf.invirt b/debian/transform_krb5.conf.invirt new file mode 100644 index 0000000..7ea96da --- /dev/null +++ b/debian/transform_krb5.conf.invirt @@ -0,0 +1,25 @@ +#!/usr/bin/perl -p0 +# Debathena rules (from debathena-kerberos-config) +s/^([ \t]*default_realm *=).*$/\1 ATHENA.MIT.EDU/m or die; +s/(\[realms\][^[]*\n)[ \t]*NUMENOR\.MIT\.EDU\s*=\s*\{[^}]*\}\s*\n/\1/; +s/(\[realms\]\n)/\1\tNUMENOR.MIT.EDU = {\n\t\tkdc = numenor.mit.edu\n\t\tadmin_server = numenor.mit.edu\n\t}\n/ or die; +s/(\[realms\][^[]*\n)[ \t]*CSAIL\.MIT\.EDU\s*=\s*\{[^}]*\}\s*\n/\1/; +s/(\[realms\]\n)/\1\tCSAIL.MIT.EDU = {\n\t\tkdc = kerberos-1.csail.mit.edu\n\t\tkdc = kerberos-2.csail.mit.edu\n\t\tadmin_server = kerberos.csail.mit.edu\n\t\tdefault_domain = csail.mit.edu\n\t\tkrb524_server = krb524.csail.mit.edu\n\t}\n/ or die; +s/(\[realms\][^[]*\n)[ \t]*ATHENA\.MIT\.EDU\s*=\s*\{[^}]*\}\s*\n/\1/; +s/(\[realms\]\n)/\1\tATHENA.MIT.EDU = {\n\t\tkdc = kerberos.mit.edu:88\n\t\tkdc = kerberos-1.mit.edu:88\n\t\tkdc = kerberos-2.mit.edu:88\n\t\tadmin_server = kerberos.mit.edu\n\t\tdefault_domain = mit.edu\n\t}\n/ or die; +s/(\[domain_realm\][^[]*\n)[ \t]*numenor\.mit\.edu\s*=[^\n]*\n/\1/; +s/(\[domain_realm\]\n)/\1\tnumenor.mit.edu = NUMENOR.MIT.EDU\n/ or die; +s/(\[domain_realm\][^[]*\n)[ \t]*csail\.mit\.edu\s*=[^\n]*\n/\1/; +s/(\[domain_realm\]\n)/\1\tcsail.mit.edu = CSAIL.MIT.EDU\n/ or die; +s/(\[domain_realm\][^[]*\n)[ \t]*\.csail\.mit\.edu\s*=[^\n]*\n/\1/; +s/(\[domain_realm\]\n)/\1\t.csail.mit.edu = CSAIL.MIT.EDU\n/ or die; +s/(\[domain_realm\][^[]*\n)[ \t]*mit\.edu\s*=[^\n]*\n/\1/; +s/(\[domain_realm\]\n)/\1\tmit.edu = ATHENA.MIT.EDU\n/ or die; +s/(\[domain_realm\][^[]*\n)[ \t]*\.mit\.edu\s*=[^\n]*\n/\1/; +s/(\[domain_realm\]\n)/\1\t.mit.edu = ATHENA.MIT.EDU\n/ or die; + +# Invirt rules + +s/(\[realms\]\n)/\1\tHCS.HARVARD.EDU = {\n\t\tkdc = krb1.hcs.harvard.edu\n\t\tadmin_server = krb1.hcs.harvard.edu\n\t}\n/ or die; +s/(\[domain_realm\]\n)/\1\thcs.harvard.edu = HCS.HARVARD.EDU\n/ or die; +s/(\[domain_realm\]\n)/\1\t.hcs.harvard.edu = HCS.HARVARD.EDU\n/ or die; diff --git a/debian/transform_sshd_config.debathena.invirt b/debian/transform_sshd_config.debathena.invirt deleted file mode 100755 index c63b2fd..0000000 --- a/debian/transform_sshd_config.debathena.invirt +++ /dev/null @@ -1,5 +0,0 @@ -#!/usr/bin/perl -0p -s/^#?PrintLastLog .*$/PrintLastLog no/m or die; -s/$/\nAllowTcpForwarding no/ or die; -s/^#?X11Forwarding .*$/X11Forwarding no/m or die; -s/^#?Subsystem sftp.*$//m or die; diff --git a/debian/transform_sshd_config.invirt b/debian/transform_sshd_config.invirt new file mode 100755 index 0000000..892270d --- /dev/null +++ b/debian/transform_sshd_config.invirt @@ -0,0 +1,16 @@ +#!/usr/bin/perl -0p +# Debathena rules (from debathena-ssh-server-config) +s/^#?GSSAPIAuthentication .*$/GSSAPIAuthentication yes\nGSSAPIKeyExchange yes\nGSSAPIStrictAcceptorCheck no/m or die; +s/^#?GSSAPICleanupCredentials .*$/GSSAPICleanupCredentials yes/m or die; +s/^#?ChallengeResponseAuthentication .*$/ChallengeResponseAuthentication yes/m or die; +## In Debathena, privilege separation is configurable. +s/^#?UsePrivilegeSeparation .*$/UsePrivilegeSeparation yes/m or die; +s/^#?PasswordAuthentication .*$/PasswordAuthentication no/m or die; + +# Invirt rules +s/^#?PrintLastLog .*$/PrintLastLog no/m or die; +s/$/\nAllowTcpForwarding no/ or die; +s/^#?X11Forwarding .*$/X11Forwarding no/m or die; +s/^#?Subsystem sftp.*$//m or die; + +