diff --git a/network/krb5/README b/network/krb5/README index cf7ab7dde3..db4c730cf4 100644 --- a/network/krb5/README +++ b/network/krb5/README @@ -3,3 +3,8 @@ provide strong authentication for client/server applications by using secret-key cryptography. A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well. + +Note: +We provide 2 RC scripts that you can use for your own usage: +- rc.kadmind: Kerberos KADM5 administration server init script +- rc.kadmind: Kerberos V5 KDC init script diff --git a/network/krb5/doinst.sh b/network/krb5/doinst.sh new file mode 100644 index 0000000000..db0a05b7e2 --- /dev/null +++ b/network/krb5/doinst.sh @@ -0,0 +1,26 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +preserve_perms() { + NEW="$1" + OLD="$(dirname ${NEW})/$(basename ${NEW} .new)" + if [ -e ${OLD} ]; then + cp -a ${OLD} ${NEW}.incoming + cat ${NEW} > ${NEW}.incoming + mv ${NEW}.incoming ${NEW} + fi + config ${NEW} +} + +preserve_perms etc/rc.d/rc.krb5kdc.new +preserve_perms etc/rc.d/rc.kadmind.new diff --git a/network/krb5/krb5.SlackBuild b/network/krb5/krb5.SlackBuild index 6b116ee0ad..cfe808c9b9 100644 --- a/network/krb5/krb5.SlackBuild +++ b/network/krb5/krb5.SlackBuild @@ -87,6 +87,11 @@ make install DESTDIR=$PKG find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \ | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true +# Add init scripts +mkdir -p $PKG/etc/rc.d +cat $CWD/rc.krb5kdc > $PKG/etc/rc.d/rc.krb5kdc.new +cat $CWD/rc.kadmind > $PKG/etc/rc.d/rc.kadmind.new + rm -rf $PKG/usr/man/cat{1,5,8} find $PKG/usr/man -type f -exec gzip -9 {} \; for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done @@ -99,6 +104,7 @@ find $PKG/usr/doc -type f -exec chmod 0644 {} \; mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc +cat $CWD/doinst.sh > $PKG/install/doinst.sh cd $PKG /sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} diff --git a/network/krb5/rc.kadmind b/network/krb5/rc.kadmind new file mode 100644 index 0000000000..5a5633f1ee --- /dev/null +++ b/network/krb5/rc.kadmind @@ -0,0 +1,54 @@ +#!/bin/sh +# +# Kerberos KADM5 administration server init script +# +# Copyright (C) 2017 Jason Graham +# + +# Start kadmind: +kadmind_start() { + CMDLINE="/usr/sbin/kadmind" + echo -n "Starting kadmind: $CMDLINE" + $CMDLINE + echo +} + +# Stop kadmind: +kadmind_stop() { + echo "Stopping kadmind..." + killall -e -q kadmind +} + +# Restart kadmind: +kadmind_restart() { + kadmind_stop + sleep 1 + kadmind_start +} + +# Check if kadmind is running +kadmind_status() { + if [ ! -z "$(ps -e -o command | grep -E -w [/]usr/sbin/kadmind)" ]; then + echo "kadmind is running." + else + echo "kadmind is stopped." + exit 1 + fi +} + +case "$1" in + 'start') + kadmind_start + ;; + 'stop') + kadmind_stop + ;; + 'restart') + kadmind_restart + ;; + 'status') + kadmind_status + ;; + *) + echo "usage $0 start|stop|restart|status" +esac diff --git a/network/krb5/rc.krb5kdc b/network/krb5/rc.krb5kdc new file mode 100644 index 0000000000..6829e12ab5 --- /dev/null +++ b/network/krb5/rc.krb5kdc @@ -0,0 +1,54 @@ +#!/bin/sh +# +# Kerberos V5 KDC init script +# +# Copyright (C) 2017 Jason Graham +# + +# Start krb5kdc: +krb5kdc_start() { + CMDLINE="/usr/sbin/krb5kdc" + echo -n "Starting krb5kdc: $CMDLINE" + $CMDLINE + echo +} + +# Stop krb5kdc: +krb5kdc_stop() { + echo "Stopping krb5kdc..." + killall -e -q krb5kdc +} + +# Restart krb5kdc: +krb5kdc_restart() { + krb5kdc_stop + sleep 1 + krb5kdc_start +} + +# Check if krb5kdc is running +krb5kdc_status() { + if [ ! -z "$(ps -e -o command | grep -E -w [/]usr/sbin/krb5kdc)" ]; then + echo "krb5kdc is running." + else + echo "krb5kdc is stopped." + exit 1 + fi +} + +case "$1" in + 'start') + krb5kdc_start + ;; + 'stop') + krb5kdc_stop + ;; + 'restart') + krb5kdc_restart + ;; + 'status') + krb5kdc_status + ;; + *) + echo "usage $0 start|stop|restart|status" +esac