diff options
| author | Mike Gabriel <mike.gabriel@das-netzwerkteam.de> | 2022-01-04 08:37:32 +0100 | 
|---|---|---|
| committer | Mike Gabriel <mike.gabriel@das-netzwerkteam.de> | 2022-01-04 08:37:32 +0100 | 
| commit | ec13120eef19ea677c20c0ee0125d512e9033ed8 (patch) | |
| tree | cfff4ba3c948515314a893233f7a2f8da95d904d /share/debian-edu-config/tools | |
| parent | 30d12138c95ec575d58c40e4d7b97f56d70dba7f (diff) | |
| download | itzks-systems-ec13120eef19ea677c20c0ee0125d512e9033ed8.tar.gz itzks-systems-ec13120eef19ea677c20c0ee0125d512e9033ed8.tar.bz2 itzks-systems-ec13120eef19ea677c20c0ee0125d512e9033ed8.zip | |
share/debian-edu-config/tools/gosa-*-host-itzks: Ship wrappers for Debian Edu's GOsa² hooks gosa-create-host and gosa-modify-host. We need assure file permissions on the created keytabs, so that puppet can read them.
Diffstat (limited to 'share/debian-edu-config/tools')
| -rwxr-xr-x | share/debian-edu-config/tools/gosa-create-host-itzks | 14 | ||||
| -rwxr-xr-x | share/debian-edu-config/tools/gosa-modify-host-itzks | 21 | 
2 files changed, 35 insertions, 0 deletions
| diff --git a/share/debian-edu-config/tools/gosa-create-host-itzks b/share/debian-edu-config/tools/gosa-create-host-itzks new file mode 100755 index 0000000..ae484b0 --- /dev/null +++ b/share/debian-edu-config/tools/gosa-create-host-itzks @@ -0,0 +1,14 @@ +#!/bin/bash + +set -e + +HOST="${1}" + +# call Debian Edu's gosa-create-host +/usr/share/debian-edu-config/tools/gosa-create-host ${@} + +# ITZkS: assure that host keytabs are readable by puppet +chown :puppet /etc/debian-edu/host-keytabs/*.keytab +chmod 0640 /etc/debian-edu/host-keytabs/*.keytab + +exit 0 diff --git a/share/debian-edu-config/tools/gosa-modify-host-itzks b/share/debian-edu-config/tools/gosa-modify-host-itzks new file mode 100755 index 0000000..9d053e6 --- /dev/null +++ b/share/debian-edu-config/tools/gosa-modify-host-itzks @@ -0,0 +1,21 @@ +#!/bin/bash + +set -e + +HOST="${1}" + +# FIXME: bluntly assuming domain .intern here... + +# call Debian Edu's gosa-create-host +if ! LANG=C kadmin.local -q "get_principal host/$HOST.intern" 2>/dev/null  | grep -q "^Principal: host/$HOST.intern@.*" && \ +   ! LANG=C kadmin.local -q "get_principal nfs/$HOST.intern" 2>/dev/null  | grep -q "^Principal: nfs/$HOST.intern@.*"; then + +	/usr/share/debian-edu-config/tools/gosa-modify-host ${@} + +fi + +# ITZkS: assure that host keytabs are readable by puppet +chown :puppet /etc/debian-edu/host-keytabs/*.keytab +chmod 0640 /etc/debian-edu/host-keytabs/*.keytab + +exit 0 | 
