Added invirt-kerberos-config

svn path=/trunk/packages/invirt-kerberos-config/; revision=2876

diff --git a/debian/changelog b/debian/changelog
new file mode 100644 (file)
index 0000000..8840012
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,5 @@
+invirt-kerberos-config (1.0) unstable; urgency=low
+
+  * Initial release.
+
+ -- Greg Brockman <gdb@mit.edu>  Thu, 14 Jan 2010 14:48:29 -0500

diff --git a/debian/compat b/debian/compat
new file mode 100644 (file)
index 0000000..b8626c4
--- /dev/null
+++ b/debian/compat
@@ -0,0 +1 @@
+4

diff --git a/debian/control b/debian/control
new file mode 100644 (file)
index 0000000..71abed9
--- /dev/null
+++ b/debian/control
@@ -0,0 +1,17 @@
+Source: invirt-kerberos-config
+Section: net
+Priority: extra
+Maintainer: Debathena Project <debathena@mit.edu>
+Build-Depends: cdbs (>= 0.4.23-1.1), debhelper (>= 4.2.0), config-package-dev (>= 4.5~), krb5-clients, krb5-config, invirt-base
+Standards-Version: 3.7.2
+
+Package: invirt-kerberos-config
+Architecture: all
+Depends: krb5-config, krb5-user, krb5-clients, ntp | ntp-server | time-daemon, ntpdate | time-daemon, invirt-base, ${misc:Depends}
+Provides: ${diverted-files}
+Conflicts: ${diverted-files}
+Description: Kerberos configuration for Invirt
+ This package configures Kerberos to use the realm specified in the master.yaml
+ Invirt configuration file.  It also adds some other MIT realms and the HCS realm
+ to the config file.
+

diff --git a/debian/copyright b/debian/copyright
new file mode 100644 (file)
index 0000000..81ff29a
--- /dev/null
+++ b/debian/copyright
@@ -0,0 +1,18 @@
+This package was written as part of the Debathena Project
+<debathena@mit.edu>, and adapted for the Invirt Project
+<invirt@mit.edu>.
+
+Copyright :
+
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free Software Foundation; either version 2 of the License, or
+  (at your option) any later version.
+
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+
+On Debian systems, the complete text of the GNU General Public License
+can be found in the file /usr/share/common-licenses/GPL.

diff --git a/debian/invirt-kerberos-config.init b/debian/invirt-kerberos-config.init
new file mode 100755 (executable)
index 0000000..9231da9
--- /dev/null
+++ b/debian/invirt-kerberos-config.init
@@ -0,0 +1,20 @@
+#! /bin/bash
+### BEGIN INIT INFO
+# Provides:          invirt-base
+# Required-Start:    $local_fs $remote_fs
+# Required-Stop:     $local_fs $remote_fs
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: invirt base config generator
+# Description:       Re-generate invirt config; namely default kerberos realm.
+### END INIT INFO
+
+# Author: Invirt Project <invirt@mit.edu>
+
+PACKAGE=invirt-kerberos-config
+GEN_FILES=/etc/krb5.conf.invirt
+
+dpkg -s "$PACKAGE" >/dev/null 2>/dev/null || exit 0
+
+. /lib/init/config-init.sh
+config_init "$1"

diff --git a/debian/invirt-kerberos-config.postinst b/debian/invirt-kerberos-config.postinst
new file mode 100755 (executable)
index 0000000..149fe56
--- /dev/null
+++ b/debian/invirt-kerberos-config.postinst
@@ -0,0 +1,43 @@
+#!/bin/sh
+# postinst script for invirt-kerberos-config.postinst
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+#        * <postinst> `configure' <most-recently-configured-version>
+#        * <old-postinst> `abort-upgrade' <new version>
+#        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
+#          <new-version>
+#        * <postinst> `abort-remove'
+#        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
+#          <failed-install-package> <version> `removing'
+#          <conflicting-package> <version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+
+case "$1" in
+    configure)
+    ;;
+
+    abort-upgrade|abort-remove|abort-deconfigure)
+    ;;
+
+    triggered)
+        invirt-reload
+    ;;
+
+    *)
+        echo "postinst called with unknown argument \`$1'" >&2
+        exit 1
+    ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0

diff --git a/debian/rules b/debian/rules
new file mode 100755 (executable)
index 0000000..bbc3f16
--- /dev/null
+++ b/debian/rules
@@ -0,0 +1,19 @@
+#!/usr/bin/make -f
+
+DEB_DIVERT_EXTENSION = .invirt
+# Stolen from Debathena
+DEB_CHECK_FILES_SOURCE_/etc/krb5.conf.invirt = \
+        /usr/share/kerberos-configs/krb5.conf.template
+DEB_DIVERT_FILES_invirt-kerberos-config += \
+        /etc/krb5.conf.invirt
+
+include /usr/share/cdbs/1/rules/debhelper.mk
+include /usr/share/cdbs/1/rules/config-package.mk
+
+binary-fixup/invirt-base::
+       mv $(DEB_DESTDIR)usr/bin/invirt-reload $(DEB_DESTDIR)usr/sbin/invirt-reload
+
+common-build-indep:: debian/krb5.conf.invirt.mako
+
+debian/krb5.conf.invirt.mako: $(call debian_check_files,/etc/krb5.conf)
+       debian/transform_krb5.conf.invirt.mako < $< > $@

diff --git a/debian/transform_krb5.conf.invirt.mako b/debian/transform_krb5.conf.invirt.mako
new file mode 100755 (executable)
index 0000000..6ba9fc0
--- /dev/null
+++ b/debian/transform_krb5.conf.invirt.mako
@@ -0,0 +1,34 @@
+#!/usr/bin/perl -p0
+BEGIN {
+    print <<'EOF';
+<%
+from invirt.config import structs as cfg
+%>
+EOF
+}
+
+s/^([ \t]*default_realm *=).*$/\1 \${cfg.kerberos.realm}/m or die;
+
+# Debathena rules (from debathena-kerberos-config)
+s/(\[realms\][^[]*\n)[ \t]*NUMENOR\.MIT\.EDU\s*=\s*\{[^}]*\}\s*\n/\1/;
+s/(\[realms\]\n)/\1\tNUMENOR.MIT.EDU = {\n\t\tkdc = numenor.mit.edu\n\t\tadmin_server = numenor.mit.edu\n\t}\n/ or die;
+s/(\[realms\][^[]*\n)[ \t]*CSAIL\.MIT\.EDU\s*=\s*\{[^}]*\}\s*\n/\1/;
+s/(\[realms\]\n)/\1\tCSAIL.MIT.EDU = {\n\t\tkdc = kerberos-1.csail.mit.edu\n\t\tkdc = kerberos-2.csail.mit.edu\n\t\tadmin_server = kerberos.csail.mit.edu\n\t\tdefault_domain = csail.mit.edu\n\t\tkrb524_server = krb524.csail.mit.edu\n\t}\n/ or die;
+s/(\[realms\][^[]*\n)[ \t]*ATHENA\.MIT\.EDU\s*=\s*\{[^}]*\}\s*\n/\1/;
+s/(\[realms\]\n)/\1\tATHENA.MIT.EDU = {\n\t\tkdc = kerberos.mit.edu:88\n\t\tkdc = kerberos-1.mit.edu:88\n\t\tkdc = kerberos-2.mit.edu:88\n\t\tadmin_server = kerberos.mit.edu\n\t\tdefault_domain = mit.edu\n\t}\n/ or die;
+s/(\[domain_realm\][^[]*\n)[ \t]*numenor\.mit\.edu\s*=[^\n]*\n/\1/;
+s/(\[domain_realm\]\n)/\1\tnumenor.mit.edu = NUMENOR.MIT.EDU\n/ or die;
+s/(\[domain_realm\][^[]*\n)[ \t]*csail\.mit\.edu\s*=[^\n]*\n/\1/;
+s/(\[domain_realm\]\n)/\1\tcsail.mit.edu = CSAIL.MIT.EDU\n/ or die;
+s/(\[domain_realm\][^[]*\n)[ \t]*\.csail\.mit\.edu\s*=[^\n]*\n/\1/;
+s/(\[domain_realm\]\n)/\1\t.csail.mit.edu = CSAIL.MIT.EDU\n/ or die;
+s/(\[domain_realm\][^[]*\n)[ \t]*mit\.edu\s*=[^\n]*\n/\1/;
+s/(\[domain_realm\]\n)/\1\tmit.edu = ATHENA.MIT.EDU\n/ or die;
+s/(\[domain_realm\][^[]*\n)[ \t]*\.mit\.edu\s*=[^\n]*\n/\1/;
+s/(\[domain_realm\]\n)/\1\t.mit.edu = ATHENA.MIT.EDU\n/ or die;
+
+# Invirt rules
+
+s/(\[realms\]\n)/\1\tHCS.HARVARD.EDU = {\n\t\tkdc = krb1.hcs.harvard.edu\n\t\tadmin_server = krb1.hcs.harvard.edu\n\t}\n/ or die;
+s/(\[domain_realm\]\n)/\1\thcs.harvard.edu = HCS.HARVARD.EDU\n/ or die;
+s/(\[domain_realm\]\n)/\1\t.hcs.harvard.edu = HCS.HARVARD.EDU\n/ or die;