[debian-edu-commits] [Git][debian-edu/debian-edu-config][master] 5 commits: Remove obsolete files related to old Samba setup
Wolfgang Schweer (@schweer-guest)
gitlab at salsa.debian.org
Tue Oct 19 22:37:20 BST 2021
Wolfgang Schweer pushed to branch master at Debian Edu / debian-edu-config
Commits:
b9a945cb by Wolfgang Schweer at 2021-10-19T23:04:06+02:00
Remove obsolete files related to old Samba setup
etc/smbldap-tools/smbldap.conf, etc/smbldap-tools/smbldap_bind.conf
Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>
- - - - -
58f0a98b by Wolfgang Schweer at 2021-10-19T23:06:44+02:00
Remove obsolete files used for Samba PDC setup
Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>
- - - - -
1bd51211 by Wolfgang Schweer at 2021-10-19T23:08:37+02:00
No longer depend on ldapscripts, previously used foe Samba PDC setup
Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>
- - - - -
509f5117 by Wolfgang Schweer at 2021-10-19T23:12:24+02:00
Adjust files concerning the Samba setup related cleanup
Makefile
cf3/promises.cf
debian/debian-edu-config.maintscript
debian/debian-edu-config.postinst
debian/debian-edu-config.postrm
Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>
- - - - -
3707907a by Wolfgang Schweer at 2021-10-19T23:35:49+02:00
Add changelog entries for last commits
Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>
- - - - -
12 changed files:
- Makefile
- − cf3/cf.ldapscripts
- cf3/promises.cf
- debian/changelog
- debian/control
- debian/debian-edu-config.maintscript
- debian/debian-edu-config.postinst
- debian/debian-edu-config.postrm
- − etc/smbldap-tools/smbldap.conf
- − etc/smbldap-tools/smbldap_bind.conf
- − share/debian-edu-config/debian-edu.addmachine.template
- − share/debian-edu-config/debian-edu.ldapscripts.passwd
Changes:
=====================================
Makefile
=====================================
@@ -52,7 +52,6 @@ CF3FILES = \
cf.krb5client \
cf.ldapserver \
cf.ldapclient \
- cf.ldapscripts \
cf.bind \
cf.pxeinstall \
cf.ntp \
@@ -107,8 +106,6 @@ SYSCONFFILES = \
ldap/slapd-debian-edu-mdb.conf \
samba/smb-debian-edu.conf \
slbackup-php/config.php \
- smbldap-tools/smbldap_bind.conf \
- smbldap-tools/smbldap.conf \
sssd/sssd-debian-edu.conf \
xdg/autostart/welcome-webpage.desktop \
lsb-release \
@@ -335,8 +332,6 @@ install: install-testsuite
share/debian-edu-config/sslCA.cnf \
share/debian-edu-config/v3.cnf \
share/debian-edu-config/v3CA.cnf \
- share/debian-edu-config/debian-edu.addmachine.template \
- share/debian-edu-config/debian-edu.ldapscripts.passwd \
share/debian-edu-config/debian-edu-timesyncd.conf \
share/debian-edu-config/passwords_stub.dat \
share/debian-edu-config/gosa.conf.template \
=====================================
cf3/cf.ldapscripts deleted
=====================================
@@ -1,24 +0,0 @@
-bundle agent ldapscripts
-{
-
-files:
-
- debian.server.installation::
- "/etc/ldapscripts/ldapscripts.conf"
- edit_line => conf_edu;
-
-}
-
-bundle edit_line conf_edu
-{
-
- insert_lines:
-
- "##";
- "# Debian Edu specifics for adding Samba machines; not suited to add users!";
- "MTEMPLATE=\"/etc/ldapscripts/debian-edu.addmachine.template\"";
- "MSUFFIX=\"ou=winstations,ou=systems\"";
- "LDAPBINOPTS=\"-Z\"";
- "BINDDN=\"cn=smbadmin,ou=samba,dc=skole,dc=skolelinux,dc=no\"";
- "BINDPWDFILE=\"/etc/ldapscripts/debian-edu.ldapscripts.passwd\"";
-}
=====================================
cf3/promises.cf
=====================================
@@ -53,7 +53,6 @@ body common control
ldapserver,
ldapclient,
desktop,
- ldapscripts,
ntp,
squid,
sshd,
=====================================
debian/changelog
=====================================
@@ -7,6 +7,14 @@ debian-edu-config (2.12.6) UNRELEASED; urgency=medium
/etc/slapd-debian-edu.conf file.
* debian/debian-edu-config.lintian-overrides: Fix entries to avoid mismatched
overrides, thanks lintian.
+ * Remove Samba PDC setup related files, obsolete since bullseye:
+ - etc/smbldap-tools/{smbldap.conf,smbldap_bind.conf}, cf3/cf.ldapscripts,
+ share/debian-edu-config/debian-edu.addmachine.template and
+ share/debian-edu-config/debian-edu.ldapscripts.passwd.
+ * debian/control: Drop ldapscripts from Depends.
+ * Adjust files to deal with above changes:
+ - Makefile, cf3/promises.cf
+ - debian/debian-edu-config.{maintscript,postinst,postrm}.
-- Wolfgang Schweer <wschweer at arcor.de> Thu, 14 Oct 2021 15:13:34 +0200
=====================================
debian/control
=====================================
@@ -32,7 +32,6 @@ Depends: ${misc:Depends},
gnutls-bin,
isenkram-cli,
ldap-utils,
- ldapscripts,
libconfig-inifiles-perl,
libfilesys-df-perl,
libglib2.0-bin,
=====================================
debian/debian-edu-config.maintscript
=====================================
@@ -0,0 +1,3 @@
+rm_conffile /share/debian-edu-config/debian-edu.addmachine.template 2.12.5
+rm_conffile /share/debian-edu-config/debian-edu.ldapscripts.passwd 2.12.5
+rm_conffile /etc/cfengine3/debian-edu/cf.ldapscripts 2.12.5
=====================================
debian/debian-edu-config.postinst
=====================================
@@ -165,6 +165,12 @@ configure)
if dpkg --compare-versions "$2" le "2.12.5" && [ -f /var/lib/ldap/data.mdb ] ; then
rm -f /etc/ldap/slapd-debian-edu.conf
fi
+ # Cleanup from smbldap-tools and ldapscripts related files.
+ if dpkg --compare-versions "$2" le "2.12.5" ; then
+ rm -f /etc/ldapscripts/*.cf-before-edit
+ rm -f /etc/smbldap-tools/*
+ rmdir /etc/smbldap-tools
+ fi
;;
esac
=====================================
debian/debian-edu-config.postrm
=====================================
@@ -41,11 +41,6 @@ case "$1" in
rm /var/lib/cfengine3/policy_server.dat
fi
- # Don't leave copied ldapscripts files behind
- if [ -e /etc/ldapscripts/debian-edu.addmachine.template ] ; then
- rm /etc/ldapscripts/debian-edu.*
- fi
-
# Don't leave copied gosa file behind
if [ -e /etc/gosa/gosa.conf ] && grep -q Managed-by /etc/gosa/gosa.conf ; then
rm /etc/gosa/gosa.conf
=====================================
etc/smbldap-tools/smbldap.conf deleted
=====================================
@@ -1,244 +0,0 @@
-# $Source: $
-# $Id$
-#
-# Skolelinux tweak of smbldap-tools. This config is used with the
-# modified smbldap-tools script /etc/samba/smbldap-machineadd-gosa.
-#
-# Do not use smbldap-tools otherwise, it is not recommended...
-#
-# Best,
-# Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
-#
-
-#
-# smbldap-tools.conf : Q & D configuration file for smbldap-tools
-
-# This code was developped by IDEALX (http://IDEALX.org/) and
-# contributors (their names can be found in the CONTRIBUTORS file).
-#
-# Copyright (C) 2001-2002 IDEALX
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License
-# as published by the Free Software Foundation; either version 2
-# of the License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
-# USA.
-
-# Purpose :
-# . be the configuration file for all smbldap-tools scripts
-
-##############################################################################
-#
-# General Configuration
-#
-##############################################################################
-
-# Put your own SID. To obtain this number do: "net getlocalsid".
-# If not defined, parameter is taking from "net getlocalsid" return
-SID=""
-
-# Domain name the Samba server is in charged.
-# If not defined, parameter is taking from smb.conf configuration file
-# Ex: sambaDomain="IDEALX-NT"
-sambaDomain=""
-
-##############################################################################
-#
-# LDAP Configuration
-#
-##############################################################################
-
-# Notes: to use to dual ldap servers backend for Samba, you must patch
-# Samba with the dual-head patch from IDEALX. If not using this patch
-# just use the same server for slaveLDAP and masterLDAP.
-# Those two servers declarations can also be used when you have
-# . one master LDAP server where all writing operations must be done
-# . one slave LDAP server where all reading operations must be done
-# (typically a replication directory)
-
-# Slave LDAP server
-# Ex: slaveLDAP=127.0.0.1
-# If not defined, parameter is set to "127.0.0.1"
-slaveLDAP="ldap.intern"
-
-# Slave LDAP port
-# If not defined, parameter is set to "389"
-#slavePort="389"
-
-# Master LDAP server: needed for write operations
-# Ex: masterLDAP=127.0.0.1
-# If not defined, parameter is set to "127.0.0.1"
-masterLDAP="ldap.intern"
-
-# Master LDAP port
-# If not defined, parameter is set to "389"
-#masterPort="389"
-#masterPort="389"
-
-# Use TLS for LDAP
-# If set to 1, this option will use start_tls for connection
-# (you should also used the port 389)
-# If not defined, parameter is set to "0"
-ldapTLS="1"
-
-# Use SSL for LDAP
-# If set to 1, this option will use SSL for connection
-# (standard port for ldaps is 636)
-# If not defined, parameter is set to "0"
-#ldapSSL="0"
-
-# How to verify the server's certificate (none, optional or require)
-# see "man Net::LDAP" in start_tls section for more details
-verify="require"
-
-# CA certificate
-# see "man Net::LDAP" in start_tls section for more details
-cafile="/etc/ldap/ssl/ldap-server-pubkey.pem"
-
-# certificate to use to connect to the ldap server
-# see "man Net::LDAP" in start_tls section for more details
-clientcert=""
-
-# key certificate to use to connect to the ldap server
-# see "man Net::LDAP" in start_tls section for more details
-clientkey=""
-
-# LDAP Suffix
-# Ex: suffix=dc=IDEALX,dc=ORG
-suffix="dc=skole,dc=skolelinux,dc=no"
-
-# Where are stored Users
-# Ex: usersdn="ou=Users,dc=IDEALX,dc=ORG"
-# Warning: if 'suffix' is not set here, you must set the full dn for usersdn
-usersdn="${suffix}"
-
-# Where are stored Computers
-# Ex: computersdn="ou=Computers,dc=IDEALX,dc=ORG"
-# Warning: if 'suffix' is not set here, you must set the full dn for computersdn
-computersdn="ou=winstations,ou=systems,${suffix}"
-
-# Where are stored Groups
-# Ex: groupsdn="ou=Groups,dc=IDEALX,dc=ORG"
-# Warning: if 'suffix' is not set here, you must set the full dn for groupsdn
-groupsdn="${suffix}"
-
-# Where are stored Idmap entries (used if samba is a domain member server)
-# Ex: groupsdn="ou=Idmap,dc=IDEALX,dc=ORG"
-# Warning: if 'suffix' is not set here, you must set the full dn for idmapdn
-idmapdn="ou=idmap,${suffix}"
-
-# Where to store next uidNumber and gidNumber available for new users and groups
-# If not defined, entries are stored in sambaDomainName object.
-# Ex: sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}"
-# Ex: sambaUnixIdPooldn="cn=NextFreeUnixId,${suffix}"
-#sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}"
-sambaUnixIdPooldn="ou=idmap,ou=samba,${suffix}"
-
-# Default scope Used
-scope="sub"
-
-# Unix password encryption (CRYPT, MD5, SMD5, SSHA, SHA, CLEARTEXT)
-hash_encrypt="SSHA"
-
-# if hash_encrypt is set to CRYPT, you may set a salt format.
-# default is "%s", but many systems will generate MD5 hashed
-# passwords if you use "$1$%.8s". This parameter is optional!
-crypt_salt_format="%s"
-
-##############################################################################
-#
-# Unix Accounts Configuration
-#
-##############################################################################
-
-# Login defs
-# Default Login Shell
-# Ex: userLoginShell="/bin/bash"
-userLoginShell="/bin/bash"
-
-# Home directory
-# Ex: userHome="/home/%U"
-userHome="/skole/tjener/home0/%U"
-
-# Default mode used for user homeDirectory
-userHomeDirectoryMode="700"
-
-# Gecos
-userGecos="SAMBA User"
-
-# Default User (POSIX and Samba) GID
-defaultUserGid="10004"
-
-# Default Computer (Samba) GID
-defaultComputerGid="50553"
-
-# Skel dir
-skeletonDir="/etc/skel"
-
-# Default password validation time (time in days) Comment the next line if
-# you don't want password to be enable for defaultMaxPasswordAge days (be
-# careful to the sambaPwdMustChange attribute's value)
-defaultMaxPasswordAge="45"
-
-##############################################################################
-#
-# SAMBA Configuration
-#
-##############################################################################
-
-# The UNC path to home drives location (%U username substitution)
-# Just set it to a null string if you want to use the smb.conf 'logon home'
-# directive and/or disable roaming profiles
-# Ex: userSmbHome="\\PDC-SMB3\%U"
-userSmbHome="\\TJENER\%U"
-
-# The UNC path to profiles locations (%U username substitution)
-# Just set it to a null string if you want to use the smb.conf 'logon path'
-# directive and/or disable roaming profiles
-# Ex: userProfile="\\PDC-SMB3\profiles\%U"
-userProfile="\\TJENER\%U\.ntprofile"
-
-# The default Home Drive Letter mapping
-# (will be automatically mapped at logon time if home directory exist)
-# Ex: userHomeDrive="H:"
-userHomeDrive="H:"
-
-# The default user netlogon script name (%U username substitution)
-# if not used, will be automatically username.cmd
-# make sure script file is edited under dos
-# Ex: userScript="startup.cmd" # make sure script file is edited under dos
-userScript="logon-students.bat"
-
-# Domain appended to the users "mail"-attribute
-# when smbldap-useradd -M is used
-# Ex: mailDomain="idealx.com"
-mailDomain="intern"
-
-##############################################################################
-#
-# SMBLDAP-TOOLS Configuration (default are ok for a RedHat)
-#
-##############################################################################
-
-# Allows not to use smbpasswd (if with_smbpasswd == 0 in smbldap_conf.pm) but
-# prefer Crypt::SmbHash library
-with_smbpasswd="0"
-smbpasswd="/usr/bin/smbpasswd"
-
-# Allows not to use slappasswd (if with_slappasswd == 0 in smbldap_conf.pm)
-# but prefer Crypt:: libraries
-with_slappasswd="0"
-slappasswd="/usr/sbin/slappasswd"
-
-# comment out the following line to get rid of the default banner
-# no_banner="1"
-
=====================================
etc/smbldap-tools/smbldap_bind.conf deleted
=====================================
@@ -1,12 +0,0 @@
-############################
-# Credential Configuration #
-############################
-# Notes: you can specify two differents configuration if you use a
-# master ldap for writing access and a slave ldap server for reading access
-# By default, we will use the same DN (so it will work for standard Samba
-# release)
-slaveDN="cn=smbadmin,ou=samba,dc=skole,dc=skolelinux,dc=no"
-slavePw="$SAMBAPWD"
-masterDN="cn=smbadmin,ou=samba,dc=skole,dc=skolelinux,dc=no"
-masterPw="$SAMBAPWD"
-
=====================================
share/debian-edu-config/debian-edu.addmachine.template deleted
=====================================
@@ -1,16 +0,0 @@
-dn: uid=<user>,<msuffix>,<suffix>
-objectClass: top
-objectClass: person
-objectClass: organizationalPerson
-objectClass: inetOrgPerson
-objectClass: posixAccount
-objectClass: gotoWorkstation
-cn: <user>
-sn: Computer
-uid: <user>
-uidNumber: <uid>
-gidNumber: <gid>
-homeDirectory: /dev/null
-loginShell: /bin/false
-description: Computer
-gecos: Computer
=====================================
share/debian-edu-config/debian-edu.ldapscripts.passwd deleted
=====================================
@@ -1 +0,0 @@
-$SAMBAPWD
\ No newline at end of file
View it on GitLab: https://salsa.debian.org/debian-edu/debian-edu-config/-/compare/5b66e90c61fcbfb237c51d65b191049920c14d50...3707907a63174fbdcf47a0ddd72fdbcb0b4a1e07
--
View it on GitLab: https://salsa.debian.org/debian-edu/debian-edu-config/-/compare/5b66e90c61fcbfb237c51d65b191049920c14d50...3707907a63174fbdcf47a0ddd72fdbcb0b4a1e07
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-edu-commits/attachments/20211019/bf0f598e/attachment-0001.htm>
More information about the debian-edu-commits
mailing list