--- /dev/null
+invirt-kerberos-config (1.0) unstable; urgency=low
+
+ * Initial release.
+
+ -- Greg Brockman <gdb@mit.edu> Thu, 14 Jan 2010 14:48:29 -0500
--- /dev/null
+Source: invirt-kerberos-config
+Section: net
+Priority: extra
+Maintainer: Debathena Project <debathena@mit.edu>
+Build-Depends: cdbs (>= 0.4.23-1.1), debhelper (>= 4.2.0), config-package-dev (>= 4.5~), krb5-clients, krb5-config, invirt-base
+Standards-Version: 3.7.2
+
+Package: invirt-kerberos-config
+Architecture: all
+Depends: krb5-config, krb5-user, krb5-clients, ntp | ntp-server | time-daemon, ntpdate | time-daemon, invirt-base, ${misc:Depends}
+Provides: ${diverted-files}
+Conflicts: ${diverted-files}
+Description: Kerberos configuration for Invirt
+ This package configures Kerberos to use the realm specified in the master.yaml
+ Invirt configuration file. It also adds some other MIT realms and the HCS realm
+ to the config file.
+
--- /dev/null
+This package was written as part of the Debathena Project
+<debathena@mit.edu>, and adapted for the Invirt Project
+<invirt@mit.edu>.
+
+Copyright :
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+On Debian systems, the complete text of the GNU General Public License
+can be found in the file /usr/share/common-licenses/GPL.
--- /dev/null
+#! /bin/bash
+### BEGIN INIT INFO
+# Provides: invirt-base
+# Required-Start: $local_fs $remote_fs
+# Required-Stop: $local_fs $remote_fs
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: invirt base config generator
+# Description: Re-generate invirt config; namely default kerberos realm.
+### END INIT INFO
+
+# Author: Invirt Project <invirt@mit.edu>
+
+PACKAGE=invirt-kerberos-config
+GEN_FILES=/etc/krb5.conf.invirt
+
+dpkg -s "$PACKAGE" >/dev/null 2>/dev/null || exit 0
+
+. /lib/init/config-init.sh
+config_init "$1"
--- /dev/null
+#!/bin/sh
+# postinst script for invirt-kerberos-config.postinst
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+# * <postinst> `configure' <most-recently-configured-version>
+# * <old-postinst> `abort-upgrade' <new version>
+# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
+# <new-version>
+# * <postinst> `abort-remove'
+# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
+# <failed-install-package> <version> `removing'
+# <conflicting-package> <version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+
+case "$1" in
+ configure)
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+ ;;
+
+ triggered)
+ invirt-reload
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+#!/usr/bin/make -f
+
+DEB_DIVERT_EXTENSION = .invirt
+# Stolen from Debathena
+DEB_CHECK_FILES_SOURCE_/etc/krb5.conf.invirt = \
+ /usr/share/kerberos-configs/krb5.conf.template
+DEB_DIVERT_FILES_invirt-kerberos-config += \
+ /etc/krb5.conf.invirt
+
+include /usr/share/cdbs/1/rules/debhelper.mk
+include /usr/share/cdbs/1/rules/config-package.mk
+
+binary-fixup/invirt-base::
+ mv $(DEB_DESTDIR)usr/bin/invirt-reload $(DEB_DESTDIR)usr/sbin/invirt-reload
+
+common-build-indep:: debian/krb5.conf.invirt.mako
+
+debian/krb5.conf.invirt.mako: $(call debian_check_files,/etc/krb5.conf)
+ debian/transform_krb5.conf.invirt.mako < $< > $@
--- /dev/null
+#!/usr/bin/perl -p0
+BEGIN {
+ print <<'EOF';
+<%
+from invirt.config import structs as cfg
+%>
+EOF
+}
+
+s/^([ \t]*default_realm *=).*$/\1 \${cfg.kerberos.realm}/m or die;
+
+# Debathena rules (from debathena-kerberos-config)
+s/(\[realms\][^[]*\n)[ \t]*NUMENOR\.MIT\.EDU\s*=\s*\{[^}]*\}\s*\n/\1/;
+s/(\[realms\]\n)/\1\tNUMENOR.MIT.EDU = {\n\t\tkdc = numenor.mit.edu\n\t\tadmin_server = numenor.mit.edu\n\t}\n/ or die;
+s/(\[realms\][^[]*\n)[ \t]*CSAIL\.MIT\.EDU\s*=\s*\{[^}]*\}\s*\n/\1/;
+s/(\[realms\]\n)/\1\tCSAIL.MIT.EDU = {\n\t\tkdc = kerberos-1.csail.mit.edu\n\t\tkdc = kerberos-2.csail.mit.edu\n\t\tadmin_server = kerberos.csail.mit.edu\n\t\tdefault_domain = csail.mit.edu\n\t\tkrb524_server = krb524.csail.mit.edu\n\t}\n/ or die;
+s/(\[realms\][^[]*\n)[ \t]*ATHENA\.MIT\.EDU\s*=\s*\{[^}]*\}\s*\n/\1/;
+s/(\[realms\]\n)/\1\tATHENA.MIT.EDU = {\n\t\tkdc = kerberos.mit.edu:88\n\t\tkdc = kerberos-1.mit.edu:88\n\t\tkdc = kerberos-2.mit.edu:88\n\t\tadmin_server = kerberos.mit.edu\n\t\tdefault_domain = mit.edu\n\t}\n/ or die;
+s/(\[domain_realm\][^[]*\n)[ \t]*numenor\.mit\.edu\s*=[^\n]*\n/\1/;
+s/(\[domain_realm\]\n)/\1\tnumenor.mit.edu = NUMENOR.MIT.EDU\n/ or die;
+s/(\[domain_realm\][^[]*\n)[ \t]*csail\.mit\.edu\s*=[^\n]*\n/\1/;
+s/(\[domain_realm\]\n)/\1\tcsail.mit.edu = CSAIL.MIT.EDU\n/ or die;
+s/(\[domain_realm\][^[]*\n)[ \t]*\.csail\.mit\.edu\s*=[^\n]*\n/\1/;
+s/(\[domain_realm\]\n)/\1\t.csail.mit.edu = CSAIL.MIT.EDU\n/ or die;
+s/(\[domain_realm\][^[]*\n)[ \t]*mit\.edu\s*=[^\n]*\n/\1/;
+s/(\[domain_realm\]\n)/\1\tmit.edu = ATHENA.MIT.EDU\n/ or die;
+s/(\[domain_realm\][^[]*\n)[ \t]*\.mit\.edu\s*=[^\n]*\n/\1/;
+s/(\[domain_realm\]\n)/\1\t.mit.edu = ATHENA.MIT.EDU\n/ or die;
+
+# Invirt rules
+
+s/(\[realms\]\n)/\1\tHCS.HARVARD.EDU = {\n\t\tkdc = krb1.hcs.harvard.edu\n\t\tadmin_server = krb1.hcs.harvard.edu\n\t}\n/ or die;
+s/(\[domain_realm\]\n)/\1\thcs.harvard.edu = HCS.HARVARD.EDU\n/ or die;
+s/(\[domain_realm\]\n)/\1\t.hcs.harvard.edu = HCS.HARVARD.EDU\n/ or die;
projects / invirt/packages/invirt-kerberos-config.git / commitdiff
