From 3b226aa8f0bc475142c438e8748ae390f5db7a37 Mon Sep 17 00:00:00 2001
From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
Date: Tue, 4 Jan 2022 09:14:07 +0100
Subject: mainserver: Provide gosa-*-host hook script extension that collects
 Krb5 host keytabs of diskless workstation hosts in a separate folder and
 makes those (theoretically, if used) available to diskless workstations via
 SSH as unprivileged user.

---
 share/debian-edu-config/tools/gosa-modify-host-itzks | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'share/debian-edu-config/tools/gosa-modify-host-itzks')

diff --git a/share/debian-edu-config/tools/gosa-modify-host-itzks b/share/debian-edu-config/tools/gosa-modify-host-itzks
index 9d053e6..a79000b 100755
--- a/share/debian-edu-config/tools/gosa-modify-host-itzks
+++ b/share/debian-edu-config/tools/gosa-modify-host-itzks
@@ -14,6 +14,11 @@ if ! LANG=C kadmin.local -q "get_principal host/$HOST.intern" 2>/dev/null  | gre
 
 fi
 
+# call DLW keytabs' update script (delay execution for 10s because GOsa² needs
+# to write the NIS netgroup information first (this hook gets called between
+# saving the host object to LDAP, but before updating the NIS netgroup settings).
+( sleep 10; /usr/share/debian-edu-config/tools/update-dlw-krb5-keytabs-itzks ${@} ) &
+
 # ITZkS: assure that host keytabs are readable by puppet
 chown :puppet /etc/debian-edu/host-keytabs/*.keytab
 chmod 0640 /etc/debian-edu/host-keytabs/*.keytab
-- 
cgit v1.2.3