From owner-svn-src-head@FreeBSD.ORG Fri Aug 29 07:51:49 2014 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 62172BDC; Fri, 29 Aug 2014 07:51:49 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4D955138F; Fri, 29 Aug 2014 07:51:49 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id s7T7pnKY093515; Fri, 29 Aug 2014 07:51:49 GMT (envelope-from hrs@FreeBSD.org) Received: (from hrs@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id s7T7pl4P092961; Fri, 29 Aug 2014 07:51:47 GMT (envelope-from hrs@FreeBSD.org) Message-Id: <201408290751.s7T7pl4P092961@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: hrs set sender to hrs@FreeBSD.org using -f From: Hiroki Sato Date: Fri, 29 Aug 2014 07:51:47 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r270782 - in head/etc: defaults rc.d X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Aug 2014 07:51:49 -0000 Author: hrs Date: Fri Aug 29 07:51:47 2014 New Revision: 270782 URL: http://svnweb.freebsd.org/changeset/base/270782 Log: Restructure rc.d scripts for kerberos5 daemons: - Rename $kerberos5_server_enable with $kdc_enable and rename rc.d/kerberos with rc.d/kdc. - Rename $kadmin5_server_enable with $kadmind_enable. - Rename ${kerberos5,kpasswdd}_server with ${kdc,kpasswdd}_program. - Fix rc.d/{kadmind,kerberos,kpasswdd,kfd} scripts not to change variables after load_rc_config(). - Add rc.d/ipropd_master and rc.d/ipropd_slave scripts. These are for iprop-master(8) and iprop-slave(8). Keytab used for iprop service is defined in ipropd_{master,slave}_keytab (/etc/krb5.keytab by default). - Add dependency on rc.d/kdc to SERVERS. rc.d/kdc must be invoked as early as possible before scripts divided by rc.d/SERVERS. Note that changes to rc.d/{kdc,kpasswdd,kadmind} are backward-compatible with the old configuration variables: ${kerberos5,kpasswdd,kadmin5}_server{,_enable,_flags}. Added: head/etc/rc.d/ipropd_master (contents, props changed) head/etc/rc.d/ipropd_slave (contents, props changed) head/etc/rc.d/kdc - copied, changed from r270781, head/etc/rc.d/kerberos Deleted: head/etc/rc.d/kerberos Modified: head/etc/defaults/rc.conf head/etc/rc.d/Makefile head/etc/rc.d/SERVERS head/etc/rc.d/kadmind head/etc/rc.d/kfd head/etc/rc.d/kpasswdd Modified: head/etc/defaults/rc.conf ============================================================================== --- head/etc/defaults/rc.conf Fri Aug 29 06:31:18 2014 (r270781) +++ head/etc/defaults/rc.conf Fri Aug 29 07:51:47 2014 (r270782) @@ -271,15 +271,28 @@ local_unbound_enable="NO" # local cachin # # kerberos. Do not run the admin daemons on slave servers # -kerberos5_server_enable="NO" # Run a kerberos 5 master server (or NO). -kerberos5_server="/usr/libexec/kdc" # path to kerberos 5 KDC -kerberos5_server_flags="--detach" # Additional flags to the kerberos 5 server -kadmind5_server_enable="NO" # Run kadmind (or NO) -kadmind5_server="/usr/libexec/kadmind" # path to kerberos 5 admin daemon -kpasswdd_server_enable="NO" # Run kpasswdd (or NO) -kpasswdd_server="/usr/libexec/kpasswdd" # path to kerberos 5 passwd daemon +kdc_enable="NO" # Run a kerberos 5 KDC (or NO). +kdc_program="/usr/libexec/kdc" # path to kerberos 5 KDC +kdc_flags="" # Additional flags to the kerberos 5 KDC +kadmind_enable="NO" # Run kadmind (or NO) +kadmind_program="/usr/libexec/kadmind" # path to kadmind +kpasswdd_enable="NO" # Run kpasswdd (or NO) +kpasswdd_program="/usr/libexec/kpasswdd" # path to kpasswdd kfd_enable="NO" # Run kfd (or NO) kfd_program="/usr/libexec/kfd" # path to kerberos 5 kfd daemon +kfd_flags="" +ipropd_master_enable="NO" # Run Heimdal incremental propagation daemon + # (master daemon). +ipropd_master_program="/usr/libexec/ipropd-master" +ipropd_master_flags="" # Flags to ipropd-master. +ipropd_master_keytab="/etc/krb5.keytab" # keytab for ipropd-master. +ipropd_master_slaves="" # slave node names used for /var/heimdal/slaves. +ipropd_slave_enable="NO" # Run Heimdal incremental propagation daemon + # (slave daemon). +ipropd_slave_program="/usr/libexec/ipropd-slave" +ipropd_slave_flags="" # Flags to ipropd-slave. +ipropd_slave_keytab="/etc/krb5.keytab" # keytab for ipropd-slave. +ipropd_slave_masters="" # master node names. gssd_enable="NO" # Run the gssd daemon (or NO). gssd_program="/usr/sbin/gssd" # Path to gssd. Modified: head/etc/rc.d/Makefile ============================================================================== --- head/etc/rc.d/Makefile Fri Aug 29 06:31:18 2014 (r270781) +++ head/etc/rc.d/Makefile Fri Aug 29 07:51:47 2014 (r270782) @@ -65,12 +65,14 @@ FILES= DAEMON \ ipfw \ ipmon \ ipnat \ + ipropd_master \ + ipropd_slave \ ipsec \ iscsictl \ iscsid \ jail \ kadmind \ - kerberos \ + kdc \ keyserv \ kfd \ kld \ Modified: head/etc/rc.d/SERVERS ============================================================================== --- head/etc/rc.d/SERVERS Fri Aug 29 06:31:18 2014 (r270781) +++ head/etc/rc.d/SERVERS Fri Aug 29 07:51:47 2014 (r270782) @@ -4,7 +4,7 @@ # # PROVIDE: SERVERS -# REQUIRE: mountcritremote abi ldconfig savecore watchdogd +# REQUIRE: mountcritremote abi ldconfig savecore watchdogd kdc # This is a dummy dependency, for early-start servers relying on # some basic configuration. Added: head/etc/rc.d/ipropd_master ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/etc/rc.d/ipropd_master Fri Aug 29 07:51:47 2014 (r270782) @@ -0,0 +1,40 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: ipropd_master +# REQUIRE: kdc +# KEYWORD: shutdown + +. /etc/rc.subr + +name=ipropd_master +rcvar=${name}_enable +required_files="$ipropd_master_keytab" +start_precmd=${name}_start_precmd +start_postcmd=${name}_start_postcmd + +ipropd_master_start_precmd() +{ + + if [ -z "$ipropd_master_slaves" ]; then + warn "\$ipropd_master_slaves is empty." + return 1 + fi + for _slave in $ipropd_master_slaves; do + echo $_slave + done > /var/heimdal/slaves || return 1 + command_args="$command_args \ + --keytab=\"$ipropd_master_keytab\" \ + --detach \ + " +} +ipropd_master_start_postcmd() +{ + + echo "${name}: slave nodes: $ipropd_master_slaves" +} + +load_rc_config $name +run_rc_command "$1" Added: head/etc/rc.d/ipropd_slave ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/etc/rc.d/ipropd_slave Fri Aug 29 07:51:47 2014 (r270782) @@ -0,0 +1,32 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: ipropd_slave +# REQUIRE: kdc +# KEYWORD: shutdown + +. /etc/rc.subr + +name=ipropd_slave +rcvar=${name}_enable +required_files="$ipropd_slave_keytab" +start_precmd=${name}_start_precmd + +ipropd_slave_start_precmd() +{ + + if [ -z "$ipropd_slave_masters" ]; then + warn "\$ipropd_slave_masters is empty." + return 1 + fi + command_args=" \ + $command_args \ + --keytab=\"$ipropd_slave_keytab\" \ + --detach \ + $ipropd_slave_masters" +} + +load_rc_config $name +run_rc_command "$1" Modified: head/etc/rc.d/kadmind ============================================================================== --- head/etc/rc.d/kadmind Fri Aug 29 06:31:18 2014 (r270781) +++ head/etc/rc.d/kadmind Fri Aug 29 07:51:47 2014 (r270782) @@ -3,18 +3,26 @@ # $FreeBSD$ # -# PROVIDE: kadmin -# REQUIRE: kerberos -# BEFORE: DAEMON +# PROVIDE: kadmind +# REQUIRE: kdc +# KEYWORD: shutdown . /etc/rc.subr -name="kadmind5" -load_rc_config $name -rcvar="kadmind5_server_enable" -unset start_cmd -command="${kadmind5_server}" -command_args="&" -required_vars="kerberos5_server_enable" +name=kadmind +rcvar=${name}_enable +required_vars=kdc_enable +start_precmd=${name}_start_precmd + +set_rcvar_obsolete kadmind5_server_enable kadmind_enable +set_rcvar_obsolete kadmind5_server kadmind_program +set_rcvar_obsolete kerberos5_server_enable kdc_enable + +kadmind_start_precmd() +{ + command_args="$command_args &" +} + +load_rc_config $name run_rc_command "$1" Copied and modified: head/etc/rc.d/kdc (from r270781, head/etc/rc.d/kerberos) ============================================================================== --- head/etc/rc.d/kerberos Fri Aug 29 06:31:18 2014 (r270781, copy source) +++ head/etc/rc.d/kdc Fri Aug 29 07:51:47 2014 (r270782) @@ -3,15 +3,25 @@ # $FreeBSD$ # -# PROVIDE: kerberos +# PROVIDE: kdc # REQUIRE: NETWORKING +# KEYWORD: shutdown . /etc/rc.subr -name="kerberos5" -rcvar="kerberos5_server_enable" +name=kdc +rcvar=${name}_enable +start_precmd=${name}_start_precmd + +set_rcvar_obsolete kerberos5_server_enable kdc_enable +set_rcvar_obsolete kerberos5_server kdc_program +set_rcvar_obsolete kerberos5_server_flags kdc_flags + +kdc_start_precmd() +{ + + command_args="$command_args --detach" +} load_rc_config $name -command="${kerberos5_server}" -kerberos5_flags="${kerberos5_server_flags}" run_rc_command "$1" Modified: head/etc/rc.d/kfd ============================================================================== --- head/etc/rc.d/kfd Fri Aug 29 06:31:18 2014 (r270781) +++ head/etc/rc.d/kfd Fri Aug 29 07:51:47 2014 (r270782) @@ -10,8 +10,14 @@ . /etc/rc.subr name=kfd -rcvar=kfd_enable -load_rc_config $name -command_args="-i &" +rcvar=${name}_enable +start_precmd=${name}_start_precmd + +kfd_start_precmd() +{ + command_args="$command_args -i &" +} + +load_rc_config $name run_rc_command "$1" Modified: head/etc/rc.d/kpasswdd ============================================================================== --- head/etc/rc.d/kpasswdd Fri Aug 29 06:31:18 2014 (r270781) +++ head/etc/rc.d/kpasswdd Fri Aug 29 07:51:47 2014 (r270782) @@ -4,17 +4,25 @@ # # PROVIDE: kpasswdd -# REQUIRE: kadmin -# BEFORE: DAEMON +# REQUIRE: kdc +# KEYWORD: shutdown . /etc/rc.subr -name="kpasswdd" -load_rc_config $name -rcvar="kpasswdd_server_enable" -unset start_cmd -command="${kpasswdd_server}" -command_args="&" -required_vars="kadmind5_server_enable" +name=kpasswdd +rcvar=${name}_enable +required_vars=kdc_enable +start_precmd=${name}_start_precmd + +set_rcvar_obsolete kpasswdd_server_enable kpasswdd_enable +set_rcvar_obsolete kpasswdd_server kpasswdd_program +set_rcvar_obsolete kerberos5_server_enable kdc_enable + +kpasswdd_start_precmd() +{ + command_args="$command_args &" +} + +load_rc_config $name run_rc_command "$1"