diff options
| -rw-r--r-- | Makefile | 4 | ||||
| -rw-r--r-- | lbu | 15 | ||||
| -rw-r--r-- | setup-ads | 168 | ||||
| -rw-r--r-- | update-conf | 20 |
4 files changed, 199 insertions, 8 deletions
@@ -1,4 +1,4 @@ -V=0.6.1 +V=0.8_beta2 P=alpine-conf PV=$(P)-$(V) APKF=$(PV).apk @@ -13,6 +13,8 @@ SBIN_FILES=lbu\ setup-hostname\ setup-alpine\ setup-webconf\ + setup-cryptswap\ + setup-ads\ update-conf EXTRA_DIST=Makefile README @@ -9,7 +9,7 @@ PREFIX= # this one is from apk-tools . $PREFIX/lib/apk/libutil.sh -VERSION=0.6_beta1 +VERSION=0.8 [ "$SFIC" ] && SFIC="$SFIC -i d" # globals @@ -171,6 +171,12 @@ cmd_commit() { was_mounted=`grep $mnt /proc/mounts` cd "$ROOT" + + # for upgrading from packages.list times + if [ ! -f "$INCLUDE_LIST" ] ; then + mkdir -p $(dirname "$INCLUDE_LIST") + echo "var/lib/apk/world" > "$INCLUDE_LIST" + fi # Automatically add list and modified files currentlist=`VERBOSE="" USE_DEFAULT="-a" cmd_status -a | grep -v ^D | awk '{print $2}'` @@ -199,9 +205,10 @@ cmd_commit() { die "Problems creating archive. aborting" fi - #cp /etc/alpine.conf $mnt - # we strip off the version number to make upgrades easier. - [ "$DRYRUN" ] || apk_info | sed 's/-[0-9].*//' > $mnt/packages.list + # remove obsolete file + if [ -z "$DRYRUN" ] ; then + rm -f $mnt/packages.list + fi sync sleep 1 diff --git a/setup-ads b/setup-ads new file mode 100644 index 0000000..bc65a35 --- /dev/null +++ b/setup-ads @@ -0,0 +1,168 @@ +#!/bin/sh +# +# Join AD +# for uclibc systems +# +# Copyright (c) 2007 A.Poslavsky +# May be distributed under gpl2 + +VERSION=0.1 +PROGRAM=setup-ads + +. $PREFIX/lib/libalpine.sh + +KRBCONF="/etc/krb5.conf" +SMBCONF="/etc/samba/smb.conf" +DOMAINADMIN="Administrator" +PW="" +HOSTNAME=$(hostname) +FORCE="" + +retcode=0 + +die() { + echo $* > &2 + exit 1 +} + +ask_info() { + + echo "Configuring kerberos" + echon "Enter your full Domain name in uppercase [$DOMAIN]: " + default_read DOMAIN $DOMAIN + echon "Enter your short Domain name (Workgroup) [$WORKGROUP]: " + default_read WORKGROUP $WORKGROUP + echon "Domain controller(s) (separate with space) [$DC]: " + default_read DC $DC + echon "Domain Administrator [$DOMAINADMIN]: " + default_read DOMAINADMIN $DOMAINADMIN +} + +conf_krb() { + [ -f $KRBCONF ] && cp $KRBCONF $KRBCONF.bak ; [ "$VERBOSE" ] && echo "Making backup copy of $KRBCONF to $KRBCONF.bak" + + echo "Writing $KRBCONF" + + + echo "[libdefaults] + default_realm = $DOMAIN + +[realms] +$DOMAIN = { +$(for a in $DC +do + echo " kdc = $a" +done) + admin_server = $(echo $DC | sed "s/ .*//") +} + +[login] + krb4_convert = true + krb4_get_tickets = true" > $KRBCONF + + kinit $DOMAINADMIN@$DOMAIN || die "Sorry, could not authenticate against kerberos!" +} + +join_ads() { + if [ -f $SMBCONF ] ; then + cp $SMBCONF $SMBCONF.bak + [ "$VERBOSE" ] && echo "Making backup copy of $SMBCONF to $SMBCONF.bak" + fi + echo "smb.conf witten by $PROGRAM + +[global] + # Browsing/Identification + domain master = no + domain logons = no + preferred master = no + + # Domain info + security = ADS + password server = $(echo $DC) + + workgroup = $WORKGROUP + realm = $DOMAIN + netbios name = $HOSTNAME + server string = "Samba Server $HOSTNAME" + allow trusted domains = no + idmap backend = rid:$WORKGROUP=50000-100000000 + winbind separator = - + winbind nested groups = Yes + winbind enum users = yes + winbind enum groups = yes + idmap uid = 50000-100000000 + idmap gid = 50000-100000000 + wins server = $(echo $DC) + guest account = nobody + +[testshare] + comment = Secret data + writable = yes + path = /srv/Samba/Test + public = yes + " > $SMBCONF + + [ "$VERBOSE" ] && echo "net ads join -W $DOMAIN -S $(echo $DC | sed "s/ .*//") -U $DOMAINADMIN" + net ads join -W $DOMAIN -S $(echo $DC | awk '{ print $1 }') -U $DOMAINADMIN\ + || echo "Sorry could not join $DOMAIN domain" && exit 1 +} + +check_exist() { + if [ -f "$SMBCONF" -o -f "$KRBCONF" ] ; then + [ ! "$FORCE" ] && die "Config file(s) already exist(s), +use -f to force overwriting of these file(s)" + fi +} + +usage() { + echo "$PROGRAM $VERSION" + echo "usage: $PROGRAM [options] [args] + +Options: + -h Show help for subcommand. + -q Quiet mode. + -v Verbose mode. + -K <kerberosconfigfile> + -S <sambaconfigfile> + -U <domain administrator> + -D <domain> + -P <password> + -f force overwrite of existing configfiles (will do backup) + +" + exit 1 +} + + + +# parse common args +while getopts "D:fP:hvU:K:S:" opt ; do + case "$opt" in + h) usage + ;; + P) PW="$OPTARG" + ;; + v) VERBOSE="$VERBOSE -v" + ;; + U) DOMAINADMIN="$OPTARG" + ;; + K) KRBCONF="$OPTARG" + ;; + S) SMBCONF="$OPTARG" + ;; + D) DOMAIN="$OPTARG" + ;; + f) FORCE="$FORCE -f" + ;; + esac +done +shift `expr $OPTIND - 1` + +apk_add samba-ldap +check_exist +ask_info +conf_krb +join_ads +echo "kerberos initialized, domain joined" + +exit $retcode diff --git a/update-conf b/update-conf index c13d8cb..1e88e72 100644 --- a/update-conf +++ b/update-conf @@ -11,10 +11,11 @@ LBUCACHE="$TMPD/lbucache" usage() { echo "$PROGRAM $VERSION -Usage: $PROGAM [-ahl] +Usage: $PROGAM [-aihl] -a Select all updated files. -h Show this help. + -i Use all new init.d scripts. -l List updated files. " } @@ -25,9 +26,15 @@ is_modified() { test -n "`( echo \"$1\" ; cat \"$LBUCACHE\" ) | sort | uniq -d`" } -while getopts "alh" opt ; do + +is_initd() { + echo "$1" | grep etc/init.d/ > /dev/null +} + +while getopts "alih" opt ; do case "$opt" in a) aflag="-a" ;; + i) iflag="-i" ;; l) lflag="-l" ;; h|*) usage;; esac @@ -47,7 +54,14 @@ find "$ROOT/etc" -name '*.apk-new' | while read apknew ; do fi elif [ "$aflag" ] || is_modified "$f" ; then - + if [ "$iflag" ] && is_initd "$f" ; then + echo "Autoupdating $p" + mv "$apknew" "$p" + continue + fi + + diff -u "$p" "$apknew" + # ask user what to do with the file while [ -z "$choice" ] ; do echo "New $p available:" |