[debian-edu-commits] [Git][debian-edu/debian-edu-config][master] 5 commits: Remove obsolete files related to old Samba setup

Wolfgang Schweer (@schweer-guest) gitlab at salsa.debian.org
Tue Oct 19 22:37:20 BST 2021



Wolfgang Schweer pushed to branch master at Debian Edu / debian-edu-config


Commits:
b9a945cb by Wolfgang Schweer at 2021-10-19T23:04:06+02:00
Remove obsolete files related to old Samba setup

etc/smbldap-tools/smbldap.conf, etc/smbldap-tools/smbldap_bind.conf

Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>

- - - - -
58f0a98b by Wolfgang Schweer at 2021-10-19T23:06:44+02:00
Remove obsolete files used for Samba PDC setup

Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>

- - - - -
1bd51211 by Wolfgang Schweer at 2021-10-19T23:08:37+02:00
No longer depend on ldapscripts, previously used foe Samba PDC setup

Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>

- - - - -
509f5117 by Wolfgang Schweer at 2021-10-19T23:12:24+02:00
Adjust files concerning the Samba setup related cleanup

  Makefile
  cf3/promises.cf
  debian/debian-edu-config.maintscript
  debian/debian-edu-config.postinst
  debian/debian-edu-config.postrm

Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>

- - - - -
3707907a by Wolfgang Schweer at 2021-10-19T23:35:49+02:00
Add changelog entries for last commits

Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>

- - - - -


12 changed files:

- Makefile
- − cf3/cf.ldapscripts
- cf3/promises.cf
- debian/changelog
- debian/control
- debian/debian-edu-config.maintscript
- debian/debian-edu-config.postinst
- debian/debian-edu-config.postrm
- − etc/smbldap-tools/smbldap.conf
- − etc/smbldap-tools/smbldap_bind.conf
- − share/debian-edu-config/debian-edu.addmachine.template
- − share/debian-edu-config/debian-edu.ldapscripts.passwd


Changes:

=====================================
Makefile
=====================================
@@ -52,7 +52,6 @@ CF3FILES = \
 	cf.krb5client \
 	cf.ldapserver \
 	cf.ldapclient \
-	cf.ldapscripts \
 	cf.bind \
 	cf.pxeinstall \
 	cf.ntp \
@@ -107,8 +106,6 @@ SYSCONFFILES = \
 	ldap/slapd-debian-edu-mdb.conf \
 	samba/smb-debian-edu.conf \
 	slbackup-php/config.php \
-	smbldap-tools/smbldap_bind.conf \
-	smbldap-tools/smbldap.conf \
 	sssd/sssd-debian-edu.conf \
 	xdg/autostart/welcome-webpage.desktop \
 	lsb-release \
@@ -335,8 +332,6 @@ install: install-testsuite
 		share/debian-edu-config/sslCA.cnf \
 		share/debian-edu-config/v3.cnf \
 		share/debian-edu-config/v3CA.cnf \
-		share/debian-edu-config/debian-edu.addmachine.template \
-		share/debian-edu-config/debian-edu.ldapscripts.passwd \
 		share/debian-edu-config/debian-edu-timesyncd.conf \
 		share/debian-edu-config/passwords_stub.dat \
 		share/debian-edu-config/gosa.conf.template \


=====================================
cf3/cf.ldapscripts deleted
=====================================
@@ -1,24 +0,0 @@
-bundle agent ldapscripts
-{
-
-files:
-
-  debian.server.installation::
-    "/etc/ldapscripts/ldapscripts.conf"
-      edit_line => conf_edu;
-
-}
-
-bundle edit_line conf_edu
-{
-
-  insert_lines:
-
-  "##";
-  "# Debian Edu specifics for adding Samba machines; not suited to add users!";
-  "MTEMPLATE=\"/etc/ldapscripts/debian-edu.addmachine.template\"";
-  "MSUFFIX=\"ou=winstations,ou=systems\"";
-  "LDAPBINOPTS=\"-Z\"";
-  "BINDDN=\"cn=smbadmin,ou=samba,dc=skole,dc=skolelinux,dc=no\"";
-  "BINDPWDFILE=\"/etc/ldapscripts/debian-edu.ldapscripts.passwd\"";
-}


=====================================
cf3/promises.cf
=====================================
@@ -53,7 +53,6 @@ body common control
                           ldapserver,
                           ldapclient,
                           desktop,
-                          ldapscripts,
                           ntp,
                           squid,
                           sshd,


=====================================
debian/changelog
=====================================
@@ -7,6 +7,14 @@ debian-edu-config (2.12.6) UNRELEASED; urgency=medium
     /etc/slapd-debian-edu.conf file.
   * debian/debian-edu-config.lintian-overrides: Fix entries to avoid mismatched
     overrides, thanks lintian.
+  * Remove Samba PDC setup related files, obsolete since bullseye:
+    - etc/smbldap-tools/{smbldap.conf,smbldap_bind.conf}, cf3/cf.ldapscripts,
+      share/debian-edu-config/debian-edu.addmachine.template and
+      share/debian-edu-config/debian-edu.ldapscripts.passwd.
+  * debian/control: Drop ldapscripts from Depends.
+  * Adjust files to deal with above changes:
+    - Makefile, cf3/promises.cf
+    - debian/debian-edu-config.{maintscript,postinst,postrm}.
 
  -- Wolfgang Schweer <wschweer at arcor.de>  Thu, 14 Oct 2021 15:13:34 +0200
 


=====================================
debian/control
=====================================
@@ -32,7 +32,6 @@ Depends: ${misc:Depends},
          gnutls-bin,
          isenkram-cli,
          ldap-utils,
-         ldapscripts,
          libconfig-inifiles-perl,
          libfilesys-df-perl,
          libglib2.0-bin,


=====================================
debian/debian-edu-config.maintscript
=====================================
@@ -0,0 +1,3 @@
+rm_conffile /share/debian-edu-config/debian-edu.addmachine.template 2.12.5
+rm_conffile /share/debian-edu-config/debian-edu.ldapscripts.passwd 2.12.5
+rm_conffile /etc/cfengine3/debian-edu/cf.ldapscripts 2.12.5


=====================================
debian/debian-edu-config.postinst
=====================================
@@ -165,6 +165,12 @@ configure)
 	if dpkg --compare-versions "$2" le "2.12.5" && [ -f /var/lib/ldap/data.mdb ] ; then
 		rm -f /etc/ldap/slapd-debian-edu.conf
 	fi
+	# Cleanup from smbldap-tools and ldapscripts related files.
+	if dpkg --compare-versions "$2" le "2.12.5" ; then
+		rm -f /etc/ldapscripts/*.cf-before-edit
+		rm -f /etc/smbldap-tools/*
+		rmdir /etc/smbldap-tools
+	fi
     ;;
 esac
 


=====================================
debian/debian-edu-config.postrm
=====================================
@@ -41,11 +41,6 @@ case "$1" in
 	    rm /var/lib/cfengine3/policy_server.dat
 	fi
 
-        # Don't leave copied ldapscripts files behind
-	if [ -e /etc/ldapscripts/debian-edu.addmachine.template ] ; then
-	    rm /etc/ldapscripts/debian-edu.*
-	fi
-
         # Don't leave copied gosa file behind
 	if [ -e /etc/gosa/gosa.conf ] && grep -q Managed-by /etc/gosa/gosa.conf ; then
 	    rm /etc/gosa/gosa.conf


=====================================
etc/smbldap-tools/smbldap.conf deleted
=====================================
@@ -1,244 +0,0 @@
-# $Source: $
-# $Id$
-#
-# Skolelinux tweak of smbldap-tools. This config is used with the
-# modified smbldap-tools script /etc/samba/smbldap-machineadd-gosa.
-# 
-# Do not use smbldap-tools otherwise, it is not recommended...
-#
-# Best,
-#    Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
-#
-
-#
-# smbldap-tools.conf : Q & D configuration file for smbldap-tools
-
-#  This code was developped by IDEALX (http://IDEALX.org/) and
-#  contributors (their names can be found in the CONTRIBUTORS file).
-#
-#                 Copyright (C) 2001-2002 IDEALX
-#
-#  This program is free software; you can redistribute it and/or
-#  modify it under the terms of the GNU General Public License
-#  as published by the Free Software Foundation; either version 2
-#  of the License, or (at your option) any later version.
-#
-#  This program is distributed in the hope that it will be useful,
-#  but WITHOUT ANY WARRANTY; without even the implied warranty of
-#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-#  GNU General Public License for more details.
-#
-#  You should have received a copy of the GNU General Public License
-#  along with this program; if not, write to the Free Software
-#  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
-#  USA.
-
-#  Purpose :
-#       . be the configuration file for all smbldap-tools scripts
-
-##############################################################################
-#
-# General Configuration
-#
-##############################################################################
-
-# Put your own SID. To obtain this number do: "net getlocalsid".
-# If not defined, parameter is taking from "net getlocalsid" return
-SID=""
-
-# Domain name the Samba server is in charged.
-# If not defined, parameter is taking from smb.conf configuration file
-# Ex: sambaDomain="IDEALX-NT"
-sambaDomain=""
-
-##############################################################################
-#
-# LDAP Configuration
-#
-##############################################################################
-
-# Notes: to use to dual ldap servers backend for Samba, you must patch
-# Samba with the dual-head patch from IDEALX. If not using this patch
-# just use the same server for slaveLDAP and masterLDAP.
-# Those two servers declarations can also be used when you have 
-# . one master LDAP server where all writing operations must be done
-# . one slave LDAP server where all reading operations must be done
-#   (typically a replication directory)
-
-# Slave LDAP server
-# Ex: slaveLDAP=127.0.0.1
-# If not defined, parameter is set to "127.0.0.1"
-slaveLDAP="ldap.intern"
-
-# Slave LDAP port
-# If not defined, parameter is set to "389"
-#slavePort="389"
-
-# Master LDAP server: needed for write operations
-# Ex: masterLDAP=127.0.0.1
-# If not defined, parameter is set to "127.0.0.1"
-masterLDAP="ldap.intern"
-
-# Master LDAP port
-# If not defined, parameter is set to "389"
-#masterPort="389"
-#masterPort="389"
-
-# Use TLS for LDAP
-# If set to 1, this option will use start_tls for connection
-# (you should also used the port 389)
-# If not defined, parameter is set to "0"
-ldapTLS="1"
-
-# Use SSL for LDAP
-# If set to 1, this option will use SSL for connection
-# (standard port for ldaps is 636)
-# If not defined, parameter is set to "0"
-#ldapSSL="0"
-
-# How to verify the server's certificate (none, optional or require)
-# see "man Net::LDAP" in start_tls section for more details
-verify="require"
-
-# CA certificate
-# see "man Net::LDAP" in start_tls section for more details
-cafile="/etc/ldap/ssl/ldap-server-pubkey.pem"
-
-# certificate to use to connect to the ldap server
-# see "man Net::LDAP" in start_tls section for more details
-clientcert=""
-
-# key certificate to use to connect to the ldap server
-# see "man Net::LDAP" in start_tls section for more details
-clientkey=""
-
-# LDAP Suffix
-# Ex: suffix=dc=IDEALX,dc=ORG
-suffix="dc=skole,dc=skolelinux,dc=no"
-
-# Where are stored Users
-# Ex: usersdn="ou=Users,dc=IDEALX,dc=ORG"
-# Warning: if 'suffix' is not set here, you must set the full dn for usersdn
-usersdn="${suffix}"
-
-# Where are stored Computers
-# Ex: computersdn="ou=Computers,dc=IDEALX,dc=ORG"
-# Warning: if 'suffix' is not set here, you must set the full dn for computersdn
-computersdn="ou=winstations,ou=systems,${suffix}"
-
-# Where are stored Groups
-# Ex: groupsdn="ou=Groups,dc=IDEALX,dc=ORG"
-# Warning: if 'suffix' is not set here, you must set the full dn for groupsdn
-groupsdn="${suffix}"
-
-# Where are stored Idmap entries (used if samba is a domain member server)
-# Ex: groupsdn="ou=Idmap,dc=IDEALX,dc=ORG"
-# Warning: if 'suffix' is not set here, you must set the full dn for idmapdn
-idmapdn="ou=idmap,${suffix}"
-
-# Where to store next uidNumber and gidNumber available for new users and groups
-# If not defined, entries are stored in sambaDomainName object.
-# Ex: sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}"
-# Ex: sambaUnixIdPooldn="cn=NextFreeUnixId,${suffix}"
-#sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}"
-sambaUnixIdPooldn="ou=idmap,ou=samba,${suffix}"
-
-# Default scope Used
-scope="sub"
-
-# Unix password encryption (CRYPT, MD5, SMD5, SSHA, SHA, CLEARTEXT)
-hash_encrypt="SSHA"
-
-# if hash_encrypt is set to CRYPT, you may set a salt format.
-# default is "%s", but many systems will generate MD5 hashed
-# passwords if you use "$1$%.8s". This parameter is optional!
-crypt_salt_format="%s"
-
-##############################################################################
-# 
-# Unix Accounts Configuration
-# 
-##############################################################################
-
-# Login defs
-# Default Login Shell
-# Ex: userLoginShell="/bin/bash"
-userLoginShell="/bin/bash"
-
-# Home directory
-# Ex: userHome="/home/%U"
-userHome="/skole/tjener/home0/%U"
-
-# Default mode used for user homeDirectory
-userHomeDirectoryMode="700"
-
-# Gecos
-userGecos="SAMBA User"
-
-# Default User (POSIX and Samba) GID
-defaultUserGid="10004"
-
-# Default Computer (Samba) GID
-defaultComputerGid="50553"
-
-# Skel dir
-skeletonDir="/etc/skel"
-
-# Default password validation time (time in days) Comment the next line if
-# you don't want password to be enable for defaultMaxPasswordAge days (be
-# careful to the sambaPwdMustChange attribute's value)
-defaultMaxPasswordAge="45"
-
-##############################################################################
-#
-# SAMBA Configuration
-#
-##############################################################################
-
-# The UNC path to home drives location (%U username substitution)
-# Just set it to a null string if you want to use the smb.conf 'logon home'
-# directive and/or disable roaming profiles
-# Ex: userSmbHome="\\PDC-SMB3\%U"
-userSmbHome="\\TJENER\%U"
-
-# The UNC path to profiles locations (%U username substitution)
-# Just set it to a null string if you want to use the smb.conf 'logon path'
-# directive and/or disable roaming profiles
-# Ex: userProfile="\\PDC-SMB3\profiles\%U"
-userProfile="\\TJENER\%U\.ntprofile"
-
-# The default Home Drive Letter mapping
-# (will be automatically mapped at logon time if home directory exist)
-# Ex: userHomeDrive="H:"
-userHomeDrive="H:"
-
-# The default user netlogon script name (%U username substitution)
-# if not used, will be automatically username.cmd
-# make sure script file is edited under dos
-# Ex: userScript="startup.cmd" # make sure script file is edited under dos
-userScript="logon-students.bat"
-
-# Domain appended to the users "mail"-attribute
-# when smbldap-useradd -M is used
-# Ex: mailDomain="idealx.com"
-mailDomain="intern"
-
-##############################################################################
-#
-# SMBLDAP-TOOLS Configuration (default are ok for a RedHat)
-#
-##############################################################################
-
-# Allows not to use smbpasswd (if with_smbpasswd == 0 in smbldap_conf.pm) but
-# prefer Crypt::SmbHash library
-with_smbpasswd="0"
-smbpasswd="/usr/bin/smbpasswd"
-
-# Allows not to use slappasswd (if with_slappasswd == 0 in smbldap_conf.pm)
-# but prefer Crypt:: libraries
-with_slappasswd="0"
-slappasswd="/usr/sbin/slappasswd"
-
-# comment out the following line to get rid of the default banner
-# no_banner="1"
-


=====================================
etc/smbldap-tools/smbldap_bind.conf deleted
=====================================
@@ -1,12 +0,0 @@
-############################
-# Credential Configuration #
-############################
-# Notes: you can specify two differents configuration if you use a
-# master ldap for writing access and a slave ldap server for reading access
-# By default, we will use the same DN (so it will work for standard Samba
-# release)
-slaveDN="cn=smbadmin,ou=samba,dc=skole,dc=skolelinux,dc=no"
-slavePw="$SAMBAPWD"
-masterDN="cn=smbadmin,ou=samba,dc=skole,dc=skolelinux,dc=no"
-masterPw="$SAMBAPWD"
-


=====================================
share/debian-edu-config/debian-edu.addmachine.template deleted
=====================================
@@ -1,16 +0,0 @@
-dn: uid=<user>,<msuffix>,<suffix>
-objectClass: top
-objectClass: person
-objectClass: organizationalPerson
-objectClass: inetOrgPerson
-objectClass: posixAccount
-objectClass: gotoWorkstation
-cn: <user>
-sn: Computer
-uid: <user>
-uidNumber: <uid>
-gidNumber: <gid>
-homeDirectory: /dev/null
-loginShell: /bin/false
-description: Computer
-gecos: Computer


=====================================
share/debian-edu-config/debian-edu.ldapscripts.passwd deleted
=====================================
@@ -1 +0,0 @@
-$SAMBAPWD
\ No newline at end of file



View it on GitLab: https://salsa.debian.org/debian-edu/debian-edu-config/-/compare/5b66e90c61fcbfb237c51d65b191049920c14d50...3707907a63174fbdcf47a0ddd72fdbcb0b4a1e07

-- 
View it on GitLab: https://salsa.debian.org/debian-edu/debian-edu-config/-/compare/5b66e90c61fcbfb237c51d65b191049920c14d50...3707907a63174fbdcf47a0ddd72fdbcb0b4a1e07
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-edu-commits/attachments/20211019/bf0f598e/attachment-0001.htm>


More information about the debian-edu-commits mailing list