[debian-lan-devel] [SCM] Debian-LAN development and packaging branch, master, updated. 5abbf981f0148f220fb3de972ee2d7a5a19478d0

Andreas B. Mundt andi.mundt at web.de
Sat Mar 10 18:03:36 UTC 2012 

The following commit has been merged in the master branch:
commit 5abbf981f0148f220fb3de972ee2d7a5a19478d0
Author: Andreas B. Mundt <andi.mundt at web.de>
Date:   Thu Mar 1 20:03:48 2012 +0100

    Cleanup, fixes and renaming.
    
    Use quotes to avoid error if variable is not defined.
    Restrictive permissions for password file.
    Rename script, choose more general name.

diff --git a/fai/config/files/usr/sbin/debian-lan/SERVER_A b/fai/config/files/usr/sbin/debian-lan/SERVER_A
index 11bd8d4..1768495 100755
--- a/fai/config/files/usr/sbin/debian-lan/SERVER_A
+++ b/fai/config/files/usr/sbin/debian-lan/SERVER_A
@@ -85,11 +85,10 @@ deluserLDAP(){
 ##############################
 
 COMMAND=$1
-shift
-
-if [ $# -lt 1 ] && [ $COMMAND != "add2dhcp" ] ; then
+if [ $# -lt 1 ] && [ "$COMMAND" != "add2dhcp" ] ; then
     usage
 fi
+shift
 
 case $COMMAND in
     adduser)
diff --git a/fai/config/scripts/KDC_LDAP/10-slapd-KDC b/fai/config/scripts/KDC_LDAP/10-slapd-KDC
index b6c4fbd..b7598a9 100755
--- a/fai/config/scripts/KDC_LDAP/10-slapd-KDC
+++ b/fai/config/scripts/KDC_LDAP/10-slapd-KDC
@@ -55,11 +55,12 @@ copy_example_DB_CONFIG() {
 init_LDAP () {
     $ROOTCMD rm -f /var/lib/ldap/*
     copy_example_DB_CONFIG /var/lib/ldap
-    
+
     if [ -z $LDAP_ADMIN_PW ] ;  then
 	LDAP_ADMIN_PW=`$ROOTCMD slappasswd -g -h {CLEARTEXT}`
 	PWFILE="$DATADIR/LDAPadminPWD"
 	echo -n $LDAP_ADMIN_PW > $target$PWFILE
+	chmod -v 0600 $target$PWFILE
 	echo "Random LDAP admin password saved in ${PWFILE}."
     fi
     PWFILE="/etc/ldapscripts/ldapscripts.passwd"
@@ -81,9 +82,9 @@ init_LDAP () {
 cn=kdc-service,$KRB_CONT_DN#{HEX}$KDC_SERVICE_PW_HEX
 cn=kadmin-service,$KRB_CONT_DN#{HEX}$KDC_SERVICE_PW_HEX
 EOF
-    
+
   ## bootstrap ldap with passwords inserted:
-    
+
     for ldif in $LDIFS; do
 	if $ROOTCMD cat $ldif | $ROOTCMD sed \
 	    -e "s:@LDAP_ADMIN_PW_HASH@:$LDAP_ADMIN_PW_HASH:" \
@@ -117,6 +118,7 @@ init_KDC() {
 	KDC_MASTER_PW=`$ROOTCMD slappasswd -g -h {CLEARTEXT}`
 	PWFILE="$DATADIR/KDCmasterPWD"
 	echo -n $KDC_MASTER_PW > $target$PWFILE
+	chmod -v 0600 $target$PWFILE
 	echo "Random Kerberos KDC master password saved in ${PWFILE}."
     fi
 
diff --git a/fai/config/scripts/SERVER_A/10-localadmin b/fai/config/scripts/SERVER_A/10-misc
similarity index 100%
rename from fai/config/scripts/SERVER_A/10-localadmin
rename to fai/config/scripts/SERVER_A/10-misc

-- 
Debian-LAN development and packaging

More information about the debian-lan-devel mailing list