Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 9 Oct 2014 23:35:24 +0000 (UTC)
From:      Hiroki Sato <hrs@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org
Subject:   svn commit: r272862 - in stable/10/etc: defaults rc.d
Message-ID:  <201410092335.s99NZO1h080399@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: hrs
Date: Thu Oct  9 23:35:23 2014
New Revision: 272862
URL: https://svnweb.freebsd.org/changeset/base/272862

Log:
  MFC r270782:
  
    Restructure rc.d scripts for kerberos5 daemons:
  
    - Rename $kerberos5_server_enable with $kdc_enable and rename
      rc.d/kerberos with rc.d/kdc.
  
    - Rename $kadmin5_server_enable with $kadmind_enable.
  
    - Rename ${kerberos5,kpasswdd}_server with ${kdc,kpasswdd}_program.
  
    - Fix rc.d/{kadmind,kerberos,kpasswdd,kfd} scripts not to change variables
      after load_rc_config().
  
    - Add rc.d/ipropd_master and rc.d/ipropd_slave scripts.  These are
      for iprop-master(8) and iprop-slave(8).  Keytab used for iprop service is
      defined in ipropd_{master,slave}_keytab (/etc/krb5.keytab by default).
  
    - Add dependency on rc.d/kdc to SERVERS.  rc.d/kdc must be invoked as early
      as possible before scripts divided by rc.d/SERVERS.
  
    Note that changes to rc.d/{kdc,kpasswdd,kadmind} are backward-compatible
    with the old configuration variables:
    ${kerberos5,kpasswdd,kadmin5}_server{,_enable,_flags}.

Added:
  stable/10/etc/rc.d/ipropd_master
     - copied unchanged from r270782, head/etc/rc.d/ipropd_master
  stable/10/etc/rc.d/ipropd_slave
     - copied unchanged from r270782, head/etc/rc.d/ipropd_slave
  stable/10/etc/rc.d/kdc
     - copied unchanged from r270782, head/etc/rc.d/kdc
Deleted:
  stable/10/etc/rc.d/kerberos
Modified:
  stable/10/etc/defaults/rc.conf
  stable/10/etc/rc.d/Makefile
  stable/10/etc/rc.d/SERVERS
  stable/10/etc/rc.d/kadmind
  stable/10/etc/rc.d/kfd
  stable/10/etc/rc.d/kpasswdd
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/etc/defaults/rc.conf
==============================================================================
--- stable/10/etc/defaults/rc.conf	Thu Oct  9 23:33:33 2014	(r272861)
+++ stable/10/etc/defaults/rc.conf	Thu Oct  9 23:35:23 2014	(r272862)
@@ -277,15 +277,28 @@ local_unbound_enable="NO"	# local cachin
 #
 # kerberos. Do not run the admin daemons on slave servers
 #
-kerberos5_server_enable="NO"	# Run a kerberos 5 master server (or NO).
-kerberos5_server="/usr/libexec/kdc"	# path to kerberos 5 KDC
-kerberos5_server_flags="--detach"	# Additional flags to the kerberos 5 server
-kadmind5_server_enable="NO"	# Run kadmind (or NO)
-kadmind5_server="/usr/libexec/kadmind"	# path to kerberos 5 admin daemon
-kpasswdd_server_enable="NO"	# Run kpasswdd (or NO)
-kpasswdd_server="/usr/libexec/kpasswdd"	# path to kerberos 5 passwd daemon
+kdc_enable="NO"			# Run a kerberos 5 KDC (or NO).
+kdc_program="/usr/libexec/kdc"	# path to kerberos 5 KDC
+kdc_flags=""			# Additional flags to the kerberos 5 KDC
+kadmind_enable="NO"		# Run kadmind (or NO)
+kadmind_program="/usr/libexec/kadmind"	# path to kadmind
+kpasswdd_enable="NO"		# Run kpasswdd (or NO)
+kpasswdd_program="/usr/libexec/kpasswdd" # path to kpasswdd
 kfd_enable="NO"			# Run kfd (or NO)
 kfd_program="/usr/libexec/kfd"	# path to kerberos 5 kfd daemon
+kfd_flags=""
+ipropd_master_enable="NO"	# Run Heimdal incremental propagation daemon
+				# (master daemon).
+ipropd_master_program="/usr/libexec/ipropd-master"
+ipropd_master_flags=""		# Flags to ipropd-master.
+ipropd_master_keytab="/etc/krb5.keytab"	# keytab for ipropd-master.
+ipropd_master_slaves=""		# slave node names used for /var/heimdal/slaves.
+ipropd_slave_enable="NO"	# Run Heimdal incremental propagation daemon
+				# (slave daemon).
+ipropd_slave_program="/usr/libexec/ipropd-slave"
+ipropd_slave_flags=""		# Flags to ipropd-slave.
+ipropd_slave_keytab="/etc/krb5.keytab"	# keytab for ipropd-slave.
+ipropd_slave_masters=""		# master node names.
 
 gssd_enable="NO"		# Run the gssd daemon (or NO).
 gssd_program="/usr/sbin/gssd"	# Path to gssd.

Modified: stable/10/etc/rc.d/Makefile
==============================================================================
--- stable/10/etc/rc.d/Makefile	Thu Oct  9 23:33:33 2014	(r272861)
+++ stable/10/etc/rc.d/Makefile	Thu Oct  9 23:35:23 2014	(r272862)
@@ -64,13 +64,15 @@ FILES=	DAEMON \
 	ipfw \
 	ipmon \
 	ipnat \
+	ipropd_master \
+	ipropd_slave \
 	ipsec \
 	${_ipxrouted} \
 	iscsictl \
 	iscsid \
 	jail \
 	kadmind \
-	kerberos \
+	kdc \
 	keyserv \
 	kfd \
 	kld \

Modified: stable/10/etc/rc.d/SERVERS
==============================================================================
--- stable/10/etc/rc.d/SERVERS	Thu Oct  9 23:33:33 2014	(r272861)
+++ stable/10/etc/rc.d/SERVERS	Thu Oct  9 23:35:23 2014	(r272862)
@@ -4,7 +4,7 @@
 #
 
 # PROVIDE: SERVERS
-# REQUIRE: mountcritremote abi ldconfig savecore watchdogd
+# REQUIRE: mountcritremote abi ldconfig savecore watchdogd kdc
 
 #	This is a dummy dependency, for early-start servers relying on
 #	some basic configuration.

Copied: stable/10/etc/rc.d/ipropd_master (from r270782, head/etc/rc.d/ipropd_master)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ stable/10/etc/rc.d/ipropd_master	Thu Oct  9 23:35:23 2014	(r272862, copy of r270782, head/etc/rc.d/ipropd_master)
@@ -0,0 +1,40 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# PROVIDE: ipropd_master
+# REQUIRE: kdc
+# KEYWORD: shutdown
+
+. /etc/rc.subr
+
+name=ipropd_master
+rcvar=${name}_enable
+required_files="$ipropd_master_keytab"
+start_precmd=${name}_start_precmd
+start_postcmd=${name}_start_postcmd
+
+ipropd_master_start_precmd()
+{
+
+	if [ -z "$ipropd_master_slaves" ]; then
+		warn "\$ipropd_master_slaves is empty."
+		return 1
+	fi
+	for _slave in $ipropd_master_slaves; do
+		echo $_slave
+	done > /var/heimdal/slaves || return 1
+	command_args="$command_args \
+	    --keytab=\"$ipropd_master_keytab\" \
+	    --detach \
+	"
+}
+ipropd_master_start_postcmd()
+{
+
+	echo "${name}: slave nodes: $ipropd_master_slaves"
+}
+
+load_rc_config $name
+run_rc_command "$1"

Copied: stable/10/etc/rc.d/ipropd_slave (from r270782, head/etc/rc.d/ipropd_slave)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ stable/10/etc/rc.d/ipropd_slave	Thu Oct  9 23:35:23 2014	(r272862, copy of r270782, head/etc/rc.d/ipropd_slave)
@@ -0,0 +1,32 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# PROVIDE: ipropd_slave
+# REQUIRE: kdc
+# KEYWORD: shutdown
+
+. /etc/rc.subr
+
+name=ipropd_slave
+rcvar=${name}_enable
+required_files="$ipropd_slave_keytab"
+start_precmd=${name}_start_precmd
+
+ipropd_slave_start_precmd()
+{
+
+	if [ -z "$ipropd_slave_masters" ]; then
+		warn "\$ipropd_slave_masters is empty."
+		return 1
+	fi
+	command_args=" \
+	    $command_args \
+	    --keytab=\"$ipropd_slave_keytab\" \
+	    --detach \
+	    $ipropd_slave_masters"
+}
+
+load_rc_config $name
+run_rc_command "$1"

Modified: stable/10/etc/rc.d/kadmind
==============================================================================
--- stable/10/etc/rc.d/kadmind	Thu Oct  9 23:33:33 2014	(r272861)
+++ stable/10/etc/rc.d/kadmind	Thu Oct  9 23:35:23 2014	(r272862)
@@ -3,18 +3,26 @@
 # $FreeBSD$
 #
 
-# PROVIDE: kadmin
-# REQUIRE: kerberos
-# BEFORE: DAEMON
+# PROVIDE: kadmind
+# REQUIRE: kdc
+# KEYWORD: shutdown
 
 . /etc/rc.subr
 
-name="kadmind5"
-load_rc_config $name
-rcvar="kadmind5_server_enable"
-unset start_cmd
-command="${kadmind5_server}"
-command_args="&"
-required_vars="kerberos5_server_enable"
+name=kadmind
+rcvar=${name}_enable
+required_vars=kdc_enable
+start_precmd=${name}_start_precmd
+
+set_rcvar_obsolete kadmind5_server_enable kadmind_enable
+set_rcvar_obsolete kadmind5_server kadmind_program
+set_rcvar_obsolete kerberos5_server_enable kdc_enable
+
+kadmind_start_precmd()
+{
 
+	command_args="$command_args &"
+}
+
+load_rc_config $name
 run_rc_command "$1"

Copied: stable/10/etc/rc.d/kdc (from r270782, head/etc/rc.d/kdc)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ stable/10/etc/rc.d/kdc	Thu Oct  9 23:35:23 2014	(r272862, copy of r270782, head/etc/rc.d/kdc)
@@ -0,0 +1,27 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# PROVIDE: kdc
+# REQUIRE: NETWORKING
+# KEYWORD: shutdown
+
+. /etc/rc.subr
+
+name=kdc
+rcvar=${name}_enable
+start_precmd=${name}_start_precmd
+
+set_rcvar_obsolete kerberos5_server_enable kdc_enable
+set_rcvar_obsolete kerberos5_server kdc_program
+set_rcvar_obsolete kerberos5_server_flags kdc_flags
+
+kdc_start_precmd()
+{
+
+	command_args="$command_args --detach"
+}
+
+load_rc_config $name
+run_rc_command "$1"

Modified: stable/10/etc/rc.d/kfd
==============================================================================
--- stable/10/etc/rc.d/kfd	Thu Oct  9 23:33:33 2014	(r272861)
+++ stable/10/etc/rc.d/kfd	Thu Oct  9 23:35:23 2014	(r272862)
@@ -10,8 +10,14 @@
 . /etc/rc.subr
 
 name=kfd
-rcvar=kfd_enable
-load_rc_config $name
-command_args="-i &"
+rcvar=${name}_enable
+start_precmd=${name}_start_precmd
+
+kfd_start_precmd()
+{
 
+	command_args="$command_args -i &"
+}
+
+load_rc_config $name
 run_rc_command "$1"

Modified: stable/10/etc/rc.d/kpasswdd
==============================================================================
--- stable/10/etc/rc.d/kpasswdd	Thu Oct  9 23:33:33 2014	(r272861)
+++ stable/10/etc/rc.d/kpasswdd	Thu Oct  9 23:35:23 2014	(r272862)
@@ -4,17 +4,25 @@
 #
 
 # PROVIDE: kpasswdd
-# REQUIRE: kadmin
-# BEFORE: DAEMON
+# REQUIRE: kdc
+# KEYWORD: shutdown
 
 . /etc/rc.subr
 
-name="kpasswdd"
-load_rc_config $name
-rcvar="kpasswdd_server_enable"
-unset start_cmd
-command="${kpasswdd_server}"
-command_args="&"
-required_vars="kadmind5_server_enable"
+name=kpasswdd
+rcvar=${name}_enable
+required_vars=kdc_enable
+start_precmd=${name}_start_precmd
+
+set_rcvar_obsolete kpasswdd_server_enable kpasswdd_enable
+set_rcvar_obsolete kpasswdd_server kpasswdd_program
+set_rcvar_obsolete kerberos5_server_enable kdc_enable
+
+kpasswdd_start_precmd()
+{
 
+	command_args="$command_args &"
+}
+
+load_rc_config $name
 run_rc_command "$1"



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201410092335.s99NZO1h080399>