IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Try to fix dir layout and recover missing files

Browse Source
This commit is contained in:
Simo Sorce
2007-08-01 15:58:52 -04:00
parent 96d292b735
commit fbfee82317
5 changed files with 9 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
ipa-install/README
View File

@@ -1,21 +0,0 @@
Required packages:
krb5-server
fedora-ds-base
openldap-clients
krb5-server-ldap
cyrus-sasl-gssapi
Installation example:
TEMPORARY: (until fedora ds scripts are fixed)
please use the fedora-ds.init.patch under share/ to patch your init scripts before
running ipa-server-install
cd ipa-install
make install
cd ..
/usr/sbin/ipa-server-install -u fds -r FREEIPA.ORG -p freeipa -m ipafree

42
ipa-install/share/krb5.conf.template
View File

@@ -1,42 +0,0 @@
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = $REALM
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
forwardable = yes
[realms]
$REALM = {
kdc = $FQDN:88
admin_server = $FQDN:749
default_domain = $DOMAIN
}
[domain_realm]
.$DOMAIN = $REALM
$DOMAIN = $REALM
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
[dbmodules]
$REALM = {
db_library = kldap
ldap_servers = ldap://127.0.0.1/
ldap_kerberos_container_dn = cn=kerberos,$SUFFIX
ldap_kdc_dn = uid=kdc,cn=kerberos,$SUFFIX
ldap_kadmind_dn = uid=kdc,cn=kerberos,$SUFFIX
ldap_service_password_file = /var/kerberos/krb5kdc/ldappwd
}

0
ipa-install/share/bind.zone.db.template → ipa-server/ipa-install/share/bind.zone.db.template
View File

0
ipa-install/share/fedora-ds.init.patch → ipa-server/ipa-install/share/fedora-ds.init.patch
View File

24
ipa-server/ipaserver/krbinstance.py
View File

@@ -28,13 +28,7 @@ from time import gmtime
import os import os
import pwd import pwd
import socket import socket
from util import *
SHARE_DIR = "/usr/share/ipa/"
def realm_to_suffix(realm_name):
s = realm_name.split(".")
terms = ["dc=" + x.lower() for x in s]
return ",".join(terms)
def host_to_domain(fqdn): def host_to_domain(fqdn):
s = fqdn.split(".") s = fqdn.split(".")
@@ -149,15 +143,15 @@ class KrbInstance:
# TODO: NOT called yet, need to find out how to make sure the plugin is available first # TODO: NOT called yet, need to find out how to make sure the plugin is available first
def __add_pwd_extop_module(self): def __add_pwd_extop_module(self):
#add the password extop module #add the password extop module
extop_txt = template_file(SHARE_DIR + "ipapwd_extop_plugin.ldif", self.sub_dict) extop_txt = template_file(SHARE_DIR + "ipapwd_extop_plugin.ldif", self.sub_dict)
extop_fd = write_tmp_file(extop_txt) extop_fd = write_tmp_file(extop_txt)
ldap_mod(extop_fd, "cn=Directory Manager", self.admin_password) ldap_mod(extop_fd, "cn=Directory Manager", self.admin_password)
extop_fd.close() extop_fd.close()
#add an ACL to let the DS user read the master key #add an ACL to let the DS user read the master key
args = ["/usr/bin/setfacl", "-m", "u:"+self.ds_user+":r", "/var/kerberos/krb5kdc/.k5."+self.realm] args = ["/usr/bin/setfacl", "-m", "u:"+self.ds_user+":r", "/var/kerberos/krb5kdc/.k5."+self.realm]
run(args) run(args)
def __create_sample_bind_zone(self): def __create_sample_bind_zone(self):
bind_txt = template_file(SHARE_DIR + "bind.zone.db.template", self.sub_dict) bind_txt = template_file(SHARE_DIR + "bind.zone.db.template", self.sub_dict)