[debian-edu-commits] debian-edu/ 09/12: Adjust ldap-tools/ldap-debian-edu-install.

Wolfgang Schweer schweer-guest at moszumanska.debian.org
Fri Feb 9 14:49:13 UTC 2018 

This is an automated email from the git hooks/post-receive script.

schweer-guest pushed a commit to branch master
in repository debian-edu-config.

commit b884f5d4932cc0ab3f3de4a5eed77269da92eab7
Author: Wolfgang Schweer <wschweer at arcor.de>
Date:   Fri Feb 9 15:41:03 2018 +0100

    Adjust ldap-tools/ldap-debian-edu-install.
    
     Add code to set generated password for gosa.conf.template and ldapscripts and
     copy related files; update comments, cleanup whitespace.
---
 ldap-tools/ldap-debian-edu-install | 40 ++++++++++++++++----------------------
 1 file changed, 17 insertions(+), 23 deletions(-)

diff --git a/ldap-tools/ldap-debian-edu-install b/ldap-tools/ldap-debian-edu-install
index 2d9ffd0..1b393a8 100755
--- a/ldap-tools/ldap-debian-edu-install
+++ b/ldap-tools/ldap-debian-edu-install
@@ -20,11 +20,6 @@ set -e
 #
 # o then run the just created script; you have to run it using its
 #   full path (otherwise debconf will throw an error)
-# o edit /etc/gosa/gosa.conf and replace password hashes after options
-#   named ,,adminPassword'' and ,,snapshotAdminPassword'' with the 
-#   placeholder string ,,$GOSAPWD''
-# o edit /etc/smbldap-tools/smbldap_bind.conf and replace the passwords
-#   there with the placeholder string ,,$SAMBAPWD''
 # o Then run these commands from a terminal
 #
 #  $ systemctl stop nmbd.service
@@ -308,7 +303,8 @@ init_ldap () {
   LANGUAGE=`debconf-show locales | grep "^* locales/default_environment_locale:" | \
       sed "s/.*:[[:space:]]*\([^[:space:]]*\)$/\1/"`
 
-  ## FIXME: make sure gosa.conf is in place if it is missing:
+  ## cp gosa.conf.template to the right place and name: /etc/gosa/gosa.conf
+  cp /usr/share/debian-edu-config/gosa.conf.template /etc/gosa/gosa.conf
   if [ -f $GOSACONFDIR$GOSACONF ] && grep -q \$GOSAPWD $GOSACONFDIR$GOSACONF ; then
       sed -i "s:\$GOSAPWD:$GOSAPWD:g" $GOSACONFDIR$GOSACONF
       sed -i "s:\$TIMEZONE:$TIMEZONE:g" $GOSACONFDIR$GOSACONF
@@ -325,12 +321,12 @@ init_ldap () {
       chmod 0600 $GOSACONFDIR/gosa.random_secret
       cat > $GOSACONFDIR/gosa.random_secret <<EOF
 ## The gosa configuration file "$GOSACONFDIR$GOSACONF" has
-## been missing during bootstrap of the ldap database or 
+## been missing during bootstrap of the ldap database or
 ## does not contain the string \$GOSAPWD.
-## The password used by the gosa-admin in ldap is: 
+## The password used by the gosa-admin in ldap is:
 ##                 $GOSAPWD
 ## Make sure to use this password in "$GOSACONFDIR$GOSACONF".
-## Finally, run 'gosa-encrypt-passwords' if anything 
+## Finally, run 'gosa-encrypt-passwords' if everything
 ## works fine and remove this file.
 EOF
   fi
@@ -426,16 +422,12 @@ EOF
       exit 1
   else
 
-    ## FIXME: this next part now is experimental... it needs sanity checks...
-
     # Samba will also need DNS to bind to LDAP
     service bind9 start
 
     # sync DNS from LDAP for the first time... (this has to run as uid ,,bind''!)
     su -s /bin/sh -c "PATH=/usr/sbin:/sbin:/usr/bin:/bin /usr/sbin/ldap2bind" - bind
 
-    ## END OF FIXME
-
     cat > /etc/samba/smb-debian-edu-ldapbootstrap.conf <<EOF
 #
 # Samba configuration Skolelinux LDAP bootstrap, this file is temporary
@@ -479,21 +471,25 @@ EOF
     echo "info: Fetching SMB domain SID."
     SAMBASID=`net -s /etc/samba/smb-debian-edu-ldapbootstrap.conf getdomainsid | awk '/SKOLELINUX/ { print $6 }'`
 
-    # start from scratch with secrets.tdb...
+    # start from scratch with secrets.tdb
     rm -f /var/lib/samba/private/secrets.tdb
 
 
-    # remove the bootstrap smb.conf again... this file was really temporary...
+    # remove the bootstrap smb.conf again; this file was really temporary.
     rm -f /etc/samba/smb-debian-edu-ldapbootstrap.conf
 
     # now set up our auto-generated Samba password (created further
-    # above) that shall be used in smb.conf and with smbldap-tools
-    # (i.e. for cn=smbadmin,ou=samba,dc=skole,dc=skolelinux,dc=no)...
+    # above) that shall be used in smb.conf and with ldapscripts
+    # (i.e. for cn=smbadmin,ou=samba,dc=skole,dc=skolelinux,dc=no)
     smbpasswd -c /etc/samba/smb.conf -w "$SAMBAPWD"
 
-    # also put the $SAMBAPWD also into smbldap_bind.conf
-    chmod 0600 /etc/smbldap-tools/smbldap_bind.conf
-    sed -i "s:\$SAMBAPWD:$SAMBAPWD:g" /etc/smbldap-tools/smbldap_bind.conf
+    # cp ldapscripts related template files to /etc/ldapscripts.
+    cp /usr/share/debian-edu-config/debian-edu.ldapscripts.passwd \
+       /usr/share/debian-edu-config/debian-edu.addmachine.template  /etc/ldapscripts
+
+    # then put $SAMBAPWD also into /etc/ldapscripts/debian-edu.ldapscripts.passwd
+    chmod 0600 /etc/ldapscripts/debian-edu.ldapscripts.passwd
+    sed -i "s:\$SAMBAPWD:$SAMBAPWD:" /etc/ldapscripts/debian-edu.ldapscripts.passwd
 
     if [ -z "$SAMBASID" ] ; then
       echo "error: unable to fetch Samba SID. Bootstrapping failed, exiting."
@@ -504,12 +500,10 @@ EOF
     # getlocalsid'' after the bootstrap.
     net getlocalsid -s /dev/null &> /dev/null
 
-    # and now... stop slapd again... and restore start-stop-daemon
-    # script
+    # and now stop slapd again and restore start-stop-daemon script
     remember_RESTARTSLAPD=$RESTARTSLAPD
     slapd_stop
     RESTARTSLAPD=$remember_RESTART_SLAPD
-
     dns_stop
     smbd_stop
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-edu/debian-edu-config.git

More information about the debian-edu-commits mailing list