mirror of
https://github.com/freebsd/freebsd-src
synced 2024-09-06 17:18:32 +00:00
Restructure rc.d scripts for kerberos5 daemons:
- Rename $kerberos5_server_enable with $kdc_enable and rename
rc.d/kerberos with rc.d/kdc.
- Rename $kadmin5_server_enable with $kadmind_enable.
- Rename ${kerberos5,kpasswdd}_server with ${kdc,kpasswdd}_program.
- Fix rc.d/{kadmind,kerberos,kpasswdd,kfd} scripts not to change variables
after load_rc_config().
- Add rc.d/ipropd_master and rc.d/ipropd_slave scripts. These are
for iprop-master(8) and iprop-slave(8). Keytab used for iprop service is
defined in ipropd_{master,slave}_keytab (/etc/krb5.keytab by default).
- Add dependency on rc.d/kdc to SERVERS. rc.d/kdc must be invoked as early
as possible before scripts divided by rc.d/SERVERS.
Note that changes to rc.d/{kdc,kpasswdd,kadmind} are backward-compatible
with the old configuration variables:
${kerberos5,kpasswdd,kadmin5}_server{,_enable,_flags}.
This commit is contained in:
Hiroki Sato
parent
7b3e8bee90
commit
137ae2c4f0
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=270782
|
|
@ -271,15 +271,28 @@ local_unbound_enable="NO" # local caching resolver
|
|||
#
|
||||
# kerberos. Do not run the admin daemons on slave servers
|
||||
#
|
||||
kerberos5_server_enable="NO" # Run a kerberos 5 master server (or NO).
|
||||
kerberos5_server="/usr/libexec/kdc" # path to kerberos 5 KDC
|
||||
kerberos5_server_flags="--detach" # Additional flags to the kerberos 5 server
|
||||
kadmind5_server_enable="NO" # Run kadmind (or NO)
|
||||
kadmind5_server="/usr/libexec/kadmind" # path to kerberos 5 admin daemon
|
||||
kpasswdd_server_enable="NO" # Run kpasswdd (or NO)
|
||||
kpasswdd_server="/usr/libexec/kpasswdd" # path to kerberos 5 passwd daemon
|
||||
kdc_enable="NO" # Run a kerberos 5 KDC (or NO).
|
||||
kdc_program="/usr/libexec/kdc" # path to kerberos 5 KDC
|
||||
kdc_flags="" # Additional flags to the kerberos 5 KDC
|
||||
kadmind_enable="NO" # Run kadmind (or NO)
|
||||
kadmind_program="/usr/libexec/kadmind" # path to kadmind
|
||||
kpasswdd_enable="NO" # Run kpasswdd (or NO)
|
||||
kpasswdd_program="/usr/libexec/kpasswdd" # path to kpasswdd
|
||||
kfd_enable="NO" # Run kfd (or NO)
|
||||
kfd_program="/usr/libexec/kfd" # path to kerberos 5 kfd daemon
|
||||
kfd_flags=""
|
||||
ipropd_master_enable="NO" # Run Heimdal incremental propagation daemon
|
||||
# (master daemon).
|
||||
ipropd_master_program="/usr/libexec/ipropd-master"
|
||||
ipropd_master_flags="" # Flags to ipropd-master.
|
||||
ipropd_master_keytab="/etc/krb5.keytab" # keytab for ipropd-master.
|
||||
ipropd_master_slaves="" # slave node names used for /var/heimdal/slaves.
|
||||
ipropd_slave_enable="NO" # Run Heimdal incremental propagation daemon
|
||||
# (slave daemon).
|
||||
ipropd_slave_program="/usr/libexec/ipropd-slave"
|
||||
ipropd_slave_flags="" # Flags to ipropd-slave.
|
||||
ipropd_slave_keytab="/etc/krb5.keytab" # keytab for ipropd-slave.
|
||||
ipropd_slave_masters="" # master node names.
|
||||
|
||||
gssd_enable="NO" # Run the gssd daemon (or NO).
|
||||
gssd_program="/usr/sbin/gssd" # Path to gssd.
|
||||
|
|
|
|||
|
|
@ -65,12 +65,14 @@ FILES= DAEMON \
|
|||
ipfw \
|
||||
ipmon \
|
||||
ipnat \
|
||||
ipropd_master \
|
||||
ipropd_slave \
|
||||
ipsec \
|
||||
iscsictl \
|
||||
iscsid \
|
||||
jail \
|
||||
kadmind \
|
||||
kerberos \
|
||||
kdc \
|
||||
keyserv \
|
||||
kfd \
|
||||
kld \
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
#
|
||||
|
||||
# PROVIDE: SERVERS
|
||||
# REQUIRE: mountcritremote abi ldconfig savecore watchdogd
|
||||
# REQUIRE: mountcritremote abi ldconfig savecore watchdogd kdc
|
||||
|
||||
# This is a dummy dependency, for early-start servers relying on
|
||||
# some basic configuration.
|
||||
|
|
|
|||
40
etc/rc.d/ipropd_master
Executable file
40
etc/rc.d/ipropd_master
Executable file
|
|
@ -0,0 +1,40 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
|
||||
# PROVIDE: ipropd_master
|
||||
# REQUIRE: kdc
|
||||
# KEYWORD: shutdown
|
||||
|
||||
. /etc/rc.subr
|
||||
|
||||
name=ipropd_master
|
||||
rcvar=${name}_enable
|
||||
required_files="$ipropd_master_keytab"
|
||||
start_precmd=${name}_start_precmd
|
||||
start_postcmd=${name}_start_postcmd
|
||||
|
||||
ipropd_master_start_precmd()
|
||||
{
|
||||
|
||||
if [ -z "$ipropd_master_slaves" ]; then
|
||||
warn "\$ipropd_master_slaves is empty."
|
||||
return 1
|
||||
fi
|
||||
for _slave in $ipropd_master_slaves; do
|
||||
echo $_slave
|
||||
done > /var/heimdal/slaves || return 1
|
||||
command_args="$command_args \
|
||||
--keytab=\"$ipropd_master_keytab\" \
|
||||
--detach \
|
||||
"
|
||||
}
|
||||
ipropd_master_start_postcmd()
|
||||
{
|
||||
|
||||
echo "${name}: slave nodes: $ipropd_master_slaves"
|
||||
}
|
||||
|
||||
load_rc_config $name
|
||||
run_rc_command "$1"
|
||||
32
etc/rc.d/ipropd_slave
Executable file
32
etc/rc.d/ipropd_slave
Executable file
|
|
@ -0,0 +1,32 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
|
||||
# PROVIDE: ipropd_slave
|
||||
# REQUIRE: kdc
|
||||
# KEYWORD: shutdown
|
||||
|
||||
. /etc/rc.subr
|
||||
|
||||
name=ipropd_slave
|
||||
rcvar=${name}_enable
|
||||
required_files="$ipropd_slave_keytab"
|
||||
start_precmd=${name}_start_precmd
|
||||
|
||||
ipropd_slave_start_precmd()
|
||||
{
|
||||
|
||||
if [ -z "$ipropd_slave_masters" ]; then
|
||||
warn "\$ipropd_slave_masters is empty."
|
||||
return 1
|
||||
fi
|
||||
command_args=" \
|
||||
$command_args \
|
||||
--keytab=\"$ipropd_slave_keytab\" \
|
||||
--detach \
|
||||
$ipropd_slave_masters"
|
||||
}
|
||||
|
||||
load_rc_config $name
|
||||
run_rc_command "$1"
|
||||
|
|
@ -3,18 +3,26 @@
|
|||
# $FreeBSD$
|
||||
#
|
||||
|
||||
# PROVIDE: kadmin
|
||||
# REQUIRE: kerberos
|
||||
# BEFORE: DAEMON
|
||||
# PROVIDE: kadmind
|
||||
# REQUIRE: kdc
|
||||
# KEYWORD: shutdown
|
||||
|
||||
. /etc/rc.subr
|
||||
|
||||
name="kadmind5"
|
||||
load_rc_config $name
|
||||
rcvar="kadmind5_server_enable"
|
||||
unset start_cmd
|
||||
command="${kadmind5_server}"
|
||||
command_args="&"
|
||||
required_vars="kerberos5_server_enable"
|
||||
name=kadmind
|
||||
rcvar=${name}_enable
|
||||
required_vars=kdc_enable
|
||||
start_precmd=${name}_start_precmd
|
||||
|
||||
set_rcvar_obsolete kadmind5_server_enable kadmind_enable
|
||||
set_rcvar_obsolete kadmind5_server kadmind_program
|
||||
set_rcvar_obsolete kerberos5_server_enable kdc_enable
|
||||
|
||||
kadmind_start_precmd()
|
||||
{
|
||||
|
||||
command_args="$command_args &"
|
||||
}
|
||||
|
||||
load_rc_config $name
|
||||
run_rc_command "$1"
|
||||
|
|
|
|||
27
etc/rc.d/kdc
Executable file
27
etc/rc.d/kdc
Executable file
|
|
@ -0,0 +1,27 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
|
||||
# PROVIDE: kdc
|
||||
# REQUIRE: NETWORKING
|
||||
# KEYWORD: shutdown
|
||||
|
||||
. /etc/rc.subr
|
||||
|
||||
name=kdc
|
||||
rcvar=${name}_enable
|
||||
start_precmd=${name}_start_precmd
|
||||
|
||||
set_rcvar_obsolete kerberos5_server_enable kdc_enable
|
||||
set_rcvar_obsolete kerberos5_server kdc_program
|
||||
set_rcvar_obsolete kerberos5_server_flags kdc_flags
|
||||
|
||||
kdc_start_precmd()
|
||||
{
|
||||
|
||||
command_args="$command_args --detach"
|
||||
}
|
||||
|
||||
load_rc_config $name
|
||||
run_rc_command "$1"
|
||||
|
|
@ -1,17 +0,0 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
|
||||
# PROVIDE: kerberos
|
||||
# REQUIRE: NETWORKING
|
||||
|
||||
. /etc/rc.subr
|
||||
|
||||
name="kerberos5"
|
||||
rcvar="kerberos5_server_enable"
|
||||
|
||||
load_rc_config $name
|
||||
command="${kerberos5_server}"
|
||||
kerberos5_flags="${kerberos5_server_flags}"
|
||||
run_rc_command "$1"
|
||||
12
etc/rc.d/kfd
12
etc/rc.d/kfd
|
|
@ -10,8 +10,14 @@
|
|||
. /etc/rc.subr
|
||||
|
||||
name=kfd
|
||||
rcvar=kfd_enable
|
||||
load_rc_config $name
|
||||
command_args="-i &"
|
||||
rcvar=${name}_enable
|
||||
start_precmd=${name}_start_precmd
|
||||
|
||||
kfd_start_precmd()
|
||||
{
|
||||
|
||||
command_args="$command_args -i &"
|
||||
}
|
||||
|
||||
load_rc_config $name
|
||||
run_rc_command "$1"
|
||||
|
|
|
|||
|
|
@ -4,17 +4,25 @@
|
|||
#
|
||||
|
||||
# PROVIDE: kpasswdd
|
||||
# REQUIRE: kadmin
|
||||
# BEFORE: DAEMON
|
||||
# REQUIRE: kdc
|
||||
# KEYWORD: shutdown
|
||||
|
||||
. /etc/rc.subr
|
||||
|
||||
name="kpasswdd"
|
||||
load_rc_config $name
|
||||
rcvar="kpasswdd_server_enable"
|
||||
unset start_cmd
|
||||
command="${kpasswdd_server}"
|
||||
command_args="&"
|
||||
required_vars="kadmind5_server_enable"
|
||||
name=kpasswdd
|
||||
rcvar=${name}_enable
|
||||
required_vars=kdc_enable
|
||||
start_precmd=${name}_start_precmd
|
||||
|
||||
set_rcvar_obsolete kpasswdd_server_enable kpasswdd_enable
|
||||
set_rcvar_obsolete kpasswdd_server kpasswdd_program
|
||||
set_rcvar_obsolete kerberos5_server_enable kdc_enable
|
||||
|
||||
kpasswdd_start_precmd()
|
||||
{
|
||||
|
||||
command_args="$command_args &"
|
||||
}
|
||||
|
||||
load_rc_config $name
|
||||
run_rc_command "$1"
|
||||
|
|
|
|||
Loading…
Reference in a new issue