[debian-lan-devel] [SCM] Debian-LAN development and packaging branch, master, updated. debian/0.9-8-g1fb7c4e
Andreas B. Mundt
andi at debian.org
Tue Apr 16 13:30:34 UTC 2013
The following commit has been merged in the master branch:
commit 1fb7c4ebc0fed5b74df5c151cee82312e41accd0
Author: Andreas B. Mundt <andi at debian.org>
Date: Tue Apr 2 11:52:14 2013 +0200
Improve copying kerberos keytabs to clients in the debian-lan script.
If you install a machine a second time, the keytab has been used
before and will have been marked as such. The debian-lan script
now offers to re-use the keytab.
diff --git a/fai/config/files/usr/local/sbin/debian-lan/SERVER_A b/fai/config/files/usr/local/sbin/debian-lan/SERVER_A
index 7e0f6eb..00a6e52 100755
--- a/fai/config/files/usr/local/sbin/debian-lan/SERVER_A
+++ b/fai/config/files/usr/local/sbin/debian-lan/SERVER_A
@@ -10,6 +10,7 @@ DATADIR="/root/installation/"
HOSTNAME=`hostname -s`
HOME="/lan/$HOSTNAME/home0"
DHCPCONF="/etc/dhcp/dhcpd.conf"
+DATE=`date +%F`
## Password restrictions (compliant with kerberos policy):
MINLEN=4 # minimal password length (max 8 with slappasswd as password generator)
@@ -229,7 +230,20 @@ case $COMMAND in
;;
key2machine)
for MACHINE in $@ ; do
- scp -p $DATADIR/${MACHINE}.keytab root@${MACHINE}:/etc/krb5.keytab
+ if [ -f $DATADIR/${MACHINE}.keytab ] ; then
+ scp -p $DATADIR/${MACHINE}.keytab root@${MACHINE}:/etc/krb5.keytab
+ mv -v $DATADIR/${MACHINE}.keytab $DATADIR/${MACHINE}.keytab_$DATE
+ elif [ -f $DATADIR/${MACHINE}.keytab* ] ; then
+ FILE=$(basename $DATADIR/${MACHINE}.keytab*)
+ echo "The keytab '$DATADIR/${MACHINE}.keytab' has been used before!"
+ read -e -n 1 -p "Use '$FILE' again? [y|N]: " inp
+ if [ "$inp" = "y" ] ; then
+ scp -p $DATADIR/$FILE root@${MACHINE}:/etc/krb5.keytab
+ mv -v $DATADIR/$FILE $DATADIR/${FILE}_$DATE
+ fi
+ else
+ echo "Warning: No keytab for '${MACHINE}' available!"
+ fi
done
echo
;;
--
Debian-LAN development and packaging
More information about the debian-lan-devel
mailing list