corporate2/devel/server/auth/mit-kerberos - Implement services, not finished yet.
Ozan Çağlayan
paketler-commits at pardus.org.tr
Wed Nov 10 12:22:07 EET 2010
Author: ozan.caglayan
Date: Wed Nov 10 12:22:06 2010
New Revision: 104770
Modified:
corporate2/devel/server/auth/mit-kerberos/comar/kadmind.py
corporate2/devel/server/auth/mit-kerberos/comar/kpropd.py
corporate2/devel/server/auth/mit-kerberos/comar/krb5kdc.py
corporate2/devel/server/auth/mit-kerberos/files/fedora/kadmind.init
corporate2/devel/server/auth/mit-kerberos/files/fedora/kpropd.init
corporate2/devel/server/auth/mit-kerberos/files/fedora/krb5kdc.init
Log:
Implement services, not finished yet.
---
comar/kadmind.py | 18 +++++++--
comar/kpropd.py | 32 ++++++++++-------
comar/krb5kdc.py | 24 ++++++++++---
files/fedora/kadmind.init | 50 +--------------------------
files/fedora/kpropd.init | 71 --------------------------------------
files/fedora/krb5kdc.init | 84 +---------------------------------------------
6 files changed, 57 insertions(+), 222 deletions(-)
Modified: corporate2/devel/server/auth/mit-kerberos/comar/kadmind.py
=================================================================
--- corporate2/devel/server/auth/mit-kerberos/comar/kadmind.py (original)
+++ corporate2/devel/server/auth/mit-kerberos/comar/kadmind.py Wed Nov 10 12:22:06 2010
@@ -3,15 +3,23 @@
serviceType = "server"
serviceDefault = "off"
-serviceDesc = _({"en": "CUPS Printer Server",
- "tr": "CUPS Yazıcı Sunucusu"})
-serviceConf = "cups"
+serviceDesc = _({"en": "Kerberos 5 administrative server",
+ "tr": "Kerberos 5 yönetimsel sunucusu"})
+serviceConf = "kadmin"
-PIDFILE = "/var/run/cupsd.pid"
+PIDFILE = "/var/run/kadmind.pid"
+KADMIND = "/usr/sbin/kadmind"
+
+MSG_ERROR_SLAVE = "Error. This appears to be a slave server, found kpropd.acl"
@synchronized
def start():
- startService(command="/usr/sbin/cupsd",
+ if not os.path.exists("/var/kerberos/krb5kdc/principal"):
+ # Make an educated guess -- if they're using kldap somewhere,
+ # then we don't know for sure that this is an error.
+
+ startService(command=KADMIND,
+ args=
donotify=True)
@synchronized
Modified: corporate2/devel/server/auth/mit-kerberos/comar/kpropd.py
=================================================================
--- corporate2/devel/server/auth/mit-kerberos/comar/kpropd.py (original)
+++ corporate2/devel/server/auth/mit-kerberos/comar/kpropd.py Wed Nov 10 12:22:06 2010
@@ -3,26 +3,32 @@
serviceType = "server"
serviceDefault = "off"
-serviceDesc = _({"en": "CUPS Printer Server",
- "tr": "CUPS Yazıcı Sunucusu"})
-serviceConf = "cups"
+serviceDesc = _({"en": "Kerberos 5 propagation client",
+ "tr": "Kerberos 5 propagasyon istemcisi"})
+KPROPD = "/usr/sbin/kpropd"
PIDFILE = "/var/run/cupsd.pid"
+KPROPDACL = "/var/kerberos/krb5kdc/kpropd.acl"
- at synchronized
-def start():
- startService(command="/usr/sbin/cupsd",
- donotify=True)
+MSG_MISSING_KPROPD = _({
+ "en" : "%s doesn't exist, exiting." % KPROPD,
+ "tr" : "%s bulunamadı." % KPROPD,
+ })
@synchronized
-def reload():
- if os.path.exists(PIDFILE):
- # 1 is SIGHUP
- os.kill(int(open(PIDFILE, "r").read().strip()), 1)
+def start():
+ if os.path.exists(KPROPDACL):
+ startService(command=KPROPD,
+ args="-S",
+ donotify=True)
+ else:
+ # Warn
+ fail(MSG_MISSING_KPROPD)
@synchronized
def stop():
- stopService(pidfile=PIDFILE, donotify=True)
+ stopService(command=KPROPD,
+ donotify=True)
def status():
- return isServiceRunning(pidfile=PIDFILE)
+ return isServiceRunning(command=KPROPD)
Modified: corporate2/devel/server/auth/mit-kerberos/comar/krb5kdc.py
=================================================================
--- corporate2/devel/server/auth/mit-kerberos/comar/krb5kdc.py (original)
+++ corporate2/devel/server/auth/mit-kerberos/comar/krb5kdc.py Wed Nov 10 12:22:06 2010
@@ -3,15 +3,29 @@
serviceType = "server"
serviceDefault = "off"
-serviceDesc = _({"en": "CUPS Printer Server",
- "tr": "CUPS Yazıcı Sunucusu"})
-serviceConf = "cups"
-PIDFILE = "/var/run/cupsd.pid"
+serviceDesc = _({"en": "Kerberos 5 server",
+ "tr": "Kerberos 5 sunucusu"})
+
+serviceConf = "krb5kdc"
+
+KRB5KDC = "/usr/sbin/krb5kdc"
+PIDFILE = "/var/run/krb5kdc.pid"
@synchronized
def start():
- startService(command="/usr/sbin/cupsd",
+ ARGS = "-P %s" % PIDFILE
+
+ # Check if a realm is given
+ realm = config.get("KRB5REALM", "")
+ if realm:
+ ARGS += "-r %s" % realm
+
+ if config.get("KRB5KDC_ARGS", ""):
+ ARGS += "%s" % config.get("KRB5KDC_ARGS", "")
+
+ startService(command=KRB5KDC,
+ args=ARGS,
donotify=True)
@synchronized
Modified: corporate2/devel/server/auth/mit-kerberos/files/fedora/kadmind.init
=================================================================
--- corporate2/devel/server/auth/mit-kerberos/files/fedora/kadmind.init (original)
+++ corporate2/devel/server/auth/mit-kerberos/files/fedora/kadmind.init Wed Nov 10 12:22:06 2010
@@ -1,41 +1,6 @@
-#!/bin/bash
-#
-# kadmind Start and stop the Kerberos 5 administrative server.
-#
-# chkconfig: - 35 65
-# description: Kerberos 5 is a trusted third-party authentication system. \
-# This script starts and stops the Kerberos 5 administrative \
-# server, which should only be run on the master server for a \
-# realm.
-# processname: kadmind
-# config: /etc/sysconfig/kadmin
-# pidfile: /var/run/kadmind.pid
-#
-
-### BEGIN INIT INFO
-# Provides: kadmin
-# Required-Start: $local_fs $network
-# Required-Stop: $local_fs $network
-# Should-Start: portreserve
-# Default-Start:
-# Default-Stop: 0 1 2 3 4 5 6
-# Short-Description: start and stop the Kerberos 5 admin server
-# Description: The kadmind service allows administrators to remotely manage \
-# the Kerberos 5 realm database. It should only be run on a \
-# master KDC.
-### END INIT INFO
-
-# Get config.
-. /etc/sysconfig/network
-
-# Get config.
-[ -r /etc/sysconfig/kadmin ] && . /etc/sysconfig/kadmin
-
# Source function library.
-. /etc/init.d/functions
prog="Kerberos 5 Admin Server"
kadmind=/usr/sbin/kadmind
-pidfile=/var/run/kadmind.pid
RETVAL=0
@@ -52,22 +17,12 @@
if [ -f /var/kerberos/krb5kdc/kpropd.acl ] ; then
echo $"Error. This appears to be a slave server, found kpropd.acl"
exit 6
- else
- [ -x $kadmind ] || exit 5
- fi
+
echo -n $"Starting $prog: "
- # tell portreserve to release the kerberos-adm port
- [ -x /sbin/portrelease ] && /sbin/portrelease kerberos-adm &>/dev/null || :
daemon ${kadmind} ${KRB5REALM:+-r ${KRB5REALM}} -P $pidfile $KADMIND_ARGS
RETVAL=$?
- echo
- if test $RETVAL -ne 0 ; then
- if status -l kadmin ${kadmind} > /dev/null ; then
- RETVAL=0
- fi
- fi
- [ $RETVAL = 0 ] && touch /var/lock/subsys/kadmin
}
+
stop() {
echo -n $"Stopping $prog: "
killproc ${kadmind}
@@ -75,6 +30,7 @@
echo
[ $RETVAL = 0 ] && rm -f /var/lock/subsys/kadmin
}
+
reload() {
echo -n $"Reopening $prog log file: "
killproc ${kadmind} -HUP
Modified: corporate2/devel/server/auth/mit-kerberos/files/fedora/kpropd.init
=================================================================
--- corporate2/devel/server/auth/mit-kerberos/files/fedora/kpropd.init (original)
+++ corporate2/devel/server/auth/mit-kerberos/files/fedora/kpropd.init Wed Nov 10 12:22:06 2010
@@ -1,32 +1,3 @@
-#!/bin/bash
-#
-# kpropd.init Start and stop the Kerberos 5 propagation client.
-#
-# chkconfig: - 35 65
-# description: Kerberos 5 is a trusted third-party authentication system. \
-# This script starts and stops the service that allows this \
-# KDC to receive updates from your master KDC.
-# processname: kpropd
-#
-
-### BEGIN INIT INFO
-# Provides: kprop
-# Required-Start: $local_fs $network
-# Required-Stop: $local_fs $network
-# Should-Start: portreserve
-# Default-Start:
-# Default-Stop: 0 1 2 3 4 5 6
-# Short-Description: start and stop the Kerberos 5 propagation client
-# Description: The kpropd service accepts database updates pushed to it from \
-# the master KDC. It will never be needed on a master KDC.
-### END INIT INFO
-
-# Get config.
-. /etc/sysconfig/network
-
-# Source function library.
-. /etc/init.d/functions
-
RETVAL=0
prog="Kerberos 5 Propagation Server"
kpropd=/usr/sbin/kpropd
@@ -34,12 +5,6 @@
# Shell functions to cut down on useless shell instances.
start() {
[ -f /var/kerberos/krb5kdc/kpropd.acl ] || exit 6
- [ -x $kpropd ] || exit 5
- echo -n $"Starting $prog: "
- # tell portreserve to release the krb5_prop port
- [ -x /sbin/portrelease ] && /sbin/portrelease krb5_prop &>/dev/null || :
- daemon ${kpropd} -S
- RETVAL=$?
echo
if test $RETVAL -ne 0 ; then
if status -l kprop ${kpropd} > /dev/null ; then
@@ -48,6 +13,7 @@
fi
[ $RETVAL = 0 ] && touch /var/lock/subsys/kprop
}
+
stop() {
echo -n $"Stopping $prog: "
killproc ${kpropd}
@@ -55,38 +21,3 @@
echo
[ $RETVAL = 0 ] && rm -f /var/lock/subsys/kprop
}
-
-# See how we were called.
-case "$1" in
- start)
- start
- ;;
- stop)
- stop
- ;;
- # We don't really "do" reload, so treat it as a restart.
- restart|force-reload)
- stop
- start
- ;;
- reload)
- echo "can't reload configuration, you have to restart it"
- RETVAL=3
- ;;
- status)
- status -l kprop ${kpropd}
- RETVAL=$?
- ;;
- condrestart)
- if [ -f /var/lock/subsys/kprop ] ; then
- stop
- start
- fi
- ;;
- *)
- echo $"Usage: $0 {start|stop|status|reload|restart|condrestart}"
- RETVAL=2
- ;;
-esac
-
-exit $RETVAL
Modified: corporate2/devel/server/auth/mit-kerberos/files/fedora/krb5kdc.init
=================================================================
--- corporate2/devel/server/auth/mit-kerberos/files/fedora/krb5kdc.init (original)
+++ corporate2/devel/server/auth/mit-kerberos/files/fedora/krb5kdc.init Wed Nov 10 12:22:06 2010
@@ -1,58 +1,10 @@
-#!/bin/bash
-#
-# krb5kdc Start and stop the Kerberos 5 servers.
-#
-# chkconfig: - 35 65
-# description: Kerberos 5 is a trusted third-party authentication system. \
-# This script starts and stops the server that Kerberos 5 \
-# clients need to connect to in order to obtain credentials.
-# processname: krb5kdc
-# config: /etc/sysconfig/krb5kdc
-# pidfile: /var/run/krb5kdc.pid
-#
-
-### BEGIN INIT INFO
-# Provides: krb5kdc
-# Required-Start: $local_fs $network
-# Required-Stop: $local_fs $network
-# Should-Start: portreserve
-# Default-Start:
-# Default-Stop: 0 1 2 3 4 5 6
-# Short-Description: start and stop the Kerberos 5 KDC
-# Description: The krb5kdc is the Kerberos 5 key distribution center, which \
-# issues credentials to Kerberos 5 clients.
-### END INIT INFO
-
-# Get config.
-. /etc/sysconfig/network
-
-# Get config.
-[ -r /etc/sysconfig/krb5kdc ] && . /etc/sysconfig/krb5kdc
-
-# Source function library.
-. /etc/rc.d/init.d/functions
-
-RETVAL=0
-prog="Kerberos 5 KDC"
-krb5kdc=/usr/sbin/krb5kdc
-pidfile=/var/run/krb5kdc.pid
-
# Shell functions to cut down on useless shell instances.
start() {
- [ -x $krb5kdc ] || exit 5
echo -n $"Starting $prog: "
- # tell portreserve to release the kerberos-iv port
- [ -x /sbin/portrelease ] && /sbin/portrelease kerberos-iv &>/dev/null || :
daemon ${krb5kdc} ${KRB5REALM:+-r ${KRB5REALM}} -P $pidfile $KRB5KDC_ARGS
RETVAL=$?
- echo
- if test $RETVAL -ne 0 ; then
- if status ${krb5kdc} > /dev/null ; then
- RETVAL=0
- fi
- fi
- [ $RETVAL = 0 ] && touch /var/lock/subsys/krb5kdc
}
+
stop() {
echo -n $"Stopping $prog: "
killproc ${krb5kdc}
@@ -60,42 +12,10 @@
echo
[ $RETVAL = 0 ] && rm -f /var/lock/subsys/krb5kdc
}
+
reload() {
echo -n $"Reopening $prog log file: "
killproc ${krb5kdc} -HUP
RETVAL=$?
echo
}
-
-# See how we were called.
-case "$1" in
- start)
- start
- ;;
- stop)
- stop
- ;;
- restart)
- stop
- start
- ;;
- reload)
- reload
- ;;
- status)
- status ${krb5kdc}
- RETVAL=$?
- ;;
- condrestart)
- if [ -f /var/lock/subsys/krb5kdc ] ; then
- stop
- start
- fi
- ;;
- *)
- echo $"Usage: $0 {start|stop|status|reload|restart|condrestart}"
- RETVAL=2
- ;;
-esac
-
-exit $RETVAL
More information about the paketler-commits
mailing list