[debian-edu-commits] debian-edu/ 02/02: Made setup-roaming a bit more robust and the comments more clear.
Petter Reinholdtsen
pere at moszumanska.debian.org
Thu Sep 11 18:08:42 UTC 2014
This is an automated email from the git hooks/post-receive script.
pere pushed a commit to branch master
in repository debian-edu-config.
commit a420eb0cc8f08b8d05fd6cb45b6bb16b4277e9ca
Author: Petter Reinholdtsen <pere at hungry.com>
Date: Thu Sep 11 20:08:31 2014 +0200
Made setup-roaming a bit more robust and the comments more clear.
---
debian/changelog | 1 +
share/debian-edu-config/tools/setup-roaming | 17 ++++++++++-------
2 files changed, 11 insertions(+), 7 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 3f1618a..2a8cbd1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -11,6 +11,7 @@ debian-edu-config (1.727) UNRELEASED; urgency=low
instead of files for passwd, group and shadow, add gshadow and
switch sssd for the sudoers database. Drop unused
append_if_missing() function.
+ * Made setup-roaming a bit more robust and the comments more clear.
* Add autofs to set of handled sssd services in generated
configuration.
* Correct service name for squid in squid-update-cachedir, now called
diff --git a/share/debian-edu-config/tools/setup-roaming b/share/debian-edu-config/tools/setup-roaming
index aede237..aecce3c 100755
--- a/share/debian-edu-config/tools/setup-roaming
+++ b/share/debian-edu-config/tools/setup-roaming
@@ -31,14 +31,15 @@ apt-get purge -y nscd
# throw out the user if he is idle.
apt-get purge -y killer
-# configure sssd
-rm -f /etc/sssd/sssd.conf
-$bindir/sssd-generate-config > /etc/sssd/sssd.conf
-if [ -s /etc/sssd/sssd.conf ] ; then
- chmod 600 /etc/sssd/sssd.conf
+# try to configure sssd dynamically, fall back to default setup if
+# generation fail
+# sssd refuses to read the sssd.conf file unless it is 0600 root:root
+$bindir/sssd-generate-config > /etc/sssd/sssd.conf.new
+if [ -s /etc/sssd/sssd.conf.new ] ; then
+ chmod 600 /etc/sssd/sssd.conf.new
chown root:root /etc/sssd/sssd.conf
+ mv /etc/sssd/sssd.conf.new /etc/sssd/sssd.conf
else # Fallback failed, link to static setup
- # sssd refuses to read the file if it has any other mode
chmod 600 /etc/sssd/sssd-debian-edu.conf
chown root:root /etc/sssd/sssd-debian-edu.conf
rm -f /etc/sssd/sssd.conf
@@ -46,7 +47,7 @@ else # Fallback failed, link to static setup
fi
invoke-rc.d sssd restart || true
-# try to set up kerberos
+# try to configure sssd, fall back to no setup if generation fail
if $bindir/sssd-generate-config -k > /etc/krb5.conf.new ; then
chmod 644 /etc/krb5.conf.new
mv /etc/krb5.conf.new /etc/krb5.conf
@@ -55,6 +56,8 @@ else
fi
# FIXME See if we can drop libnss-ldapd even if sssd do not support networks
+# FIXME See if we can stop modifying nsswitch.conf when bug 761173
+# (libnss-sss not adding shadow entry) is fixed.
# This code is still needed even thought sssd since version 1.2-2
# update nsswitch.conf during installation, because we want to disable
# ldap and enable sss for only some of the tables.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-edu/debian-edu-config.git
More information about the debian-edu-commits
mailing list