[debian-edu-commits] debian-edu/ 10/12: Add tool to set up LDAP from scratch (useful for tests and upgrades).

Fri Feb 9 14:49:13 UTC 2018

This is an automated email from the git hooks/post-receive script.

schweer-guest pushed a commit to branch master
in repository debian-edu-config.

commit f8b68881949adb10f1ae4d7865468fe1a71750fb
Author: Wolfgang Schweer <wschweer at arcor.de>
Date:   Fri Feb 9 15:43:20 2018 +0100

    Add tool to set up LDAP from scratch (useful for tests and upgrades).
    
      Add share/debian-edu-config/tools/edu-ldap-from-scratch
      Add share/debian-edu-config/passwords_stub.dat
---
 share/debian-edu-config/passwords_stub.dat         | 41 +++++++++++++
 .../debian-edu-config/tools/edu-ldap-from-scratch  | 68 ++++++++++++++++++++++
 2 files changed, 109 insertions(+)

diff --git a/share/debian-edu-config/passwords_stub.dat b/share/debian-edu-config/passwords_stub.dat
new file mode 100644
index 0000000..ba86b0c
--- /dev/null
+++ b/share/debian-edu-config/passwords_stub.dat
@@ -0,0 +1,41 @@
+Name: debian-edu-config/first-user-password
+Template: debian-edu-config/first-user-password
+Value: FIRSTPWD
+Owners: debian-edu-config
+Flags: seen
+
+Name: debian-edu-config/kdc-password
+Template: debian-edu-config/kdc-password
+Value: ROOTPWD
+Owners: debian-edu-config
+Flags: seen
+
+Name: debian-edu-config/kdc-password-again
+Template: debian-edu-config/kdc-password-again
+Value: ROOTPWD
+Owners: debian-edu-config
+Flags: seen
+
+Name: debian-edu-config/ldap-password
+Template: debian-edu-config/ldap-password
+Value: ROOTPWD
+Owners: debian-edu-config
+Flags: seen
+
+Name: debian-edu-config/ldap-password-again
+Template: debian-edu-config/ldap-password-again
+Value: ROOTPWD
+Owners: debian-edu-config
+Flags: seen
+
+Name: icinga/adminpassword
+Template: icinga/adminpassword
+Value: skolelinux
+Owners: icinga-cgi
+Flags: seen
+
+Name: icinga/adminpassword-repeat
+Template: icinga/adminpassword-repeat
+Value: skolelinux
+Owners: icinga-cgi
+Flags: seen
diff --git a/share/debian-edu-config/tools/edu-ldap-from-scratch b/share/debian-edu-config/tools/edu-ldap-from-scratch
new file mode 100755
index 0000000..e0472b9
--- /dev/null
+++ b/share/debian-edu-config/tools/edu-ldap-from-scratch
@@ -0,0 +1,68 @@
+#!/bin/bash
+#
+# (C) Wolfgang Schweer <wschweer at arcor.de>, 2017
+# GPL v2+
+# Use at your own risk
+
+set -e
+
+# usage
+if [ -z "$1"  ] ; then
+    echo "Use $0 -h or $0 --help for more information"
+    exit 0
+fi
+if [ "$1" = "-h" ]|| [ "$1" = "--help" ] ; then
+cat <<EOF
+
+Usage information:
+
+Use uid and cleartext passwords as params:
+
+edu-ldap-from-scratch <first-user uid> <first-user password> <root password>
+
+The cleartext passwords in debconf are cleared after the script has been run.
+
+To exclude the command containing the passwords from being stored in bash
+history, run 'export HISTFILE=/dev/null' just before calling this script.
+
+Be aware that your existing LDAP database and the first user's HOMEDIR gets
+deleted! Consider to backup everything; use the script at your own risk.
+
+EOF
+    exit 0
+fi
+
+TMP=$(mktemp -d)
+cp /usr/share/debian-edu-config/passwords_stub.dat $TMP/passwords.dat
+cd $TMP
+if [ -d /skole/tjener/home0/"$1" ] ; then
+    rm -rf /skole/tjener/home0/"$1"
+fi
+sed -i s/FIRSTPWD/"$2"/ passwords.dat
+sed -i s/ROOTPWD/"$3"/ passwords.dat
+mv passwords.dat /var/cache/debconf
+systemctl stop nmbd.service
+sleep 1
+systemctl stop smbd.service
+sleep 1
+systemctl stop slapd.service
+rm /var/lib/ldap/*
+rm -r /var/lib/samba/*
+mkdir /var/lib/samba/private
+chmod 755 /var/lib/samba/private
+sleep 1
+systemctl start slapd.service
+sleep 1
+if [ -e /etc/krb5kdc/stash ] ; then
+    rm /etc/krb5kdc/stash
+    rm /etc/krb5.keyt*
+fi
+ldap-debian-edu-install
+# send mail to first user (initialize /var/mail/<first-user uid>);
+# exim4 needs updated LDAP information for this to work.
+systemctl restart exim4.service
+/usr/share/debian-edu-config/tools/exim4-create-environment
+echo
+echo "Done. A new Debian Edu LDAP database has been generated from scratch."
+echo "Please reboot to make sure that all services are started in the right order."
+echo

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-edu/debian-edu-config.git

