Date: Thu, 9 Oct 2014 23:35:24 +0000 (UTC) From: Hiroki Sato <hrs@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r272862 - in stable/10/etc: defaults rc.d Message-ID: <201410092335.s99NZO1h080399@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: hrs Date: Thu Oct 9 23:35:23 2014 New Revision: 272862 URL: https://svnweb.freebsd.org/changeset/base/272862 Log: MFC r270782: Restructure rc.d scripts for kerberos5 daemons: - Rename $kerberos5_server_enable with $kdc_enable and rename rc.d/kerberos with rc.d/kdc. - Rename $kadmin5_server_enable with $kadmind_enable. - Rename ${kerberos5,kpasswdd}_server with ${kdc,kpasswdd}_program. - Fix rc.d/{kadmind,kerberos,kpasswdd,kfd} scripts not to change variables after load_rc_config(). - Add rc.d/ipropd_master and rc.d/ipropd_slave scripts. These are for iprop-master(8) and iprop-slave(8). Keytab used for iprop service is defined in ipropd_{master,slave}_keytab (/etc/krb5.keytab by default). - Add dependency on rc.d/kdc to SERVERS. rc.d/kdc must be invoked as early as possible before scripts divided by rc.d/SERVERS. Note that changes to rc.d/{kdc,kpasswdd,kadmind} are backward-compatible with the old configuration variables: ${kerberos5,kpasswdd,kadmin5}_server{,_enable,_flags}. Added: stable/10/etc/rc.d/ipropd_master - copied unchanged from r270782, head/etc/rc.d/ipropd_master stable/10/etc/rc.d/ipropd_slave - copied unchanged from r270782, head/etc/rc.d/ipropd_slave stable/10/etc/rc.d/kdc - copied unchanged from r270782, head/etc/rc.d/kdc Deleted: stable/10/etc/rc.d/kerberos Modified: stable/10/etc/defaults/rc.conf stable/10/etc/rc.d/Makefile stable/10/etc/rc.d/SERVERS stable/10/etc/rc.d/kadmind stable/10/etc/rc.d/kfd stable/10/etc/rc.d/kpasswdd Directory Properties: stable/10/ (props changed) Modified: stable/10/etc/defaults/rc.conf ============================================================================== --- stable/10/etc/defaults/rc.conf Thu Oct 9 23:33:33 2014 (r272861) +++ stable/10/etc/defaults/rc.conf Thu Oct 9 23:35:23 2014 (r272862) @@ -277,15 +277,28 @@ local_unbound_enable="NO" # local cachin # # kerberos. Do not run the admin daemons on slave servers # -kerberos5_server_enable="NO" # Run a kerberos 5 master server (or NO). -kerberos5_server="/usr/libexec/kdc" # path to kerberos 5 KDC -kerberos5_server_flags="--detach" # Additional flags to the kerberos 5 server -kadmind5_server_enable="NO" # Run kadmind (or NO) -kadmind5_server="/usr/libexec/kadmind" # path to kerberos 5 admin daemon -kpasswdd_server_enable="NO" # Run kpasswdd (or NO) -kpasswdd_server="/usr/libexec/kpasswdd" # path to kerberos 5 passwd daemon +kdc_enable="NO" # Run a kerberos 5 KDC (or NO). +kdc_program="/usr/libexec/kdc" # path to kerberos 5 KDC +kdc_flags="" # Additional flags to the kerberos 5 KDC +kadmind_enable="NO" # Run kadmind (or NO) +kadmind_program="/usr/libexec/kadmind" # path to kadmind +kpasswdd_enable="NO" # Run kpasswdd (or NO) +kpasswdd_program="/usr/libexec/kpasswdd" # path to kpasswdd kfd_enable="NO" # Run kfd (or NO) kfd_program="/usr/libexec/kfd" # path to kerberos 5 kfd daemon +kfd_flags="" +ipropd_master_enable="NO" # Run Heimdal incremental propagation daemon + # (master daemon). +ipropd_master_program="/usr/libexec/ipropd-master" +ipropd_master_flags="" # Flags to ipropd-master. +ipropd_master_keytab="/etc/krb5.keytab" # keytab for ipropd-master. +ipropd_master_slaves="" # slave node names used for /var/heimdal/slaves. +ipropd_slave_enable="NO" # Run Heimdal incremental propagation daemon + # (slave daemon). +ipropd_slave_program="/usr/libexec/ipropd-slave" +ipropd_slave_flags="" # Flags to ipropd-slave. +ipropd_slave_keytab="/etc/krb5.keytab" # keytab for ipropd-slave. +ipropd_slave_masters="" # master node names. gssd_enable="NO" # Run the gssd daemon (or NO). gssd_program="/usr/sbin/gssd" # Path to gssd. Modified: stable/10/etc/rc.d/Makefile ============================================================================== --- stable/10/etc/rc.d/Makefile Thu Oct 9 23:33:33 2014 (r272861) +++ stable/10/etc/rc.d/Makefile Thu Oct 9 23:35:23 2014 (r272862) @@ -64,13 +64,15 @@ FILES= DAEMON \ ipfw \ ipmon \ ipnat \ + ipropd_master \ + ipropd_slave \ ipsec \ ${_ipxrouted} \ iscsictl \ iscsid \ jail \ kadmind \ - kerberos \ + kdc \ keyserv \ kfd \ kld \ Modified: stable/10/etc/rc.d/SERVERS ============================================================================== --- stable/10/etc/rc.d/SERVERS Thu Oct 9 23:33:33 2014 (r272861) +++ stable/10/etc/rc.d/SERVERS Thu Oct 9 23:35:23 2014 (r272862) @@ -4,7 +4,7 @@ # # PROVIDE: SERVERS -# REQUIRE: mountcritremote abi ldconfig savecore watchdogd +# REQUIRE: mountcritremote abi ldconfig savecore watchdogd kdc # This is a dummy dependency, for early-start servers relying on # some basic configuration. Copied: stable/10/etc/rc.d/ipropd_master (from r270782, head/etc/rc.d/ipropd_master) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/10/etc/rc.d/ipropd_master Thu Oct 9 23:35:23 2014 (r272862, copy of r270782, head/etc/rc.d/ipropd_master) @@ -0,0 +1,40 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: ipropd_master +# REQUIRE: kdc +# KEYWORD: shutdown + +. /etc/rc.subr + +name=ipropd_master +rcvar=${name}_enable +required_files="$ipropd_master_keytab" +start_precmd=${name}_start_precmd +start_postcmd=${name}_start_postcmd + +ipropd_master_start_precmd() +{ + + if [ -z "$ipropd_master_slaves" ]; then + warn "\$ipropd_master_slaves is empty." + return 1 + fi + for _slave in $ipropd_master_slaves; do + echo $_slave + done > /var/heimdal/slaves || return 1 + command_args="$command_args \ + --keytab=\"$ipropd_master_keytab\" \ + --detach \ + " +} +ipropd_master_start_postcmd() +{ + + echo "${name}: slave nodes: $ipropd_master_slaves" +} + +load_rc_config $name +run_rc_command "$1" Copied: stable/10/etc/rc.d/ipropd_slave (from r270782, head/etc/rc.d/ipropd_slave) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/10/etc/rc.d/ipropd_slave Thu Oct 9 23:35:23 2014 (r272862, copy of r270782, head/etc/rc.d/ipropd_slave) @@ -0,0 +1,32 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: ipropd_slave +# REQUIRE: kdc +# KEYWORD: shutdown + +. /etc/rc.subr + +name=ipropd_slave +rcvar=${name}_enable +required_files="$ipropd_slave_keytab" +start_precmd=${name}_start_precmd + +ipropd_slave_start_precmd() +{ + + if [ -z "$ipropd_slave_masters" ]; then + warn "\$ipropd_slave_masters is empty." + return 1 + fi + command_args=" \ + $command_args \ + --keytab=\"$ipropd_slave_keytab\" \ + --detach \ + $ipropd_slave_masters" +} + +load_rc_config $name +run_rc_command "$1" Modified: stable/10/etc/rc.d/kadmind ============================================================================== --- stable/10/etc/rc.d/kadmind Thu Oct 9 23:33:33 2014 (r272861) +++ stable/10/etc/rc.d/kadmind Thu Oct 9 23:35:23 2014 (r272862) @@ -3,18 +3,26 @@ # $FreeBSD$ # -# PROVIDE: kadmin -# REQUIRE: kerberos -# BEFORE: DAEMON +# PROVIDE: kadmind +# REQUIRE: kdc +# KEYWORD: shutdown . /etc/rc.subr -name="kadmind5" -load_rc_config $name -rcvar="kadmind5_server_enable" -unset start_cmd -command="${kadmind5_server}" -command_args="&" -required_vars="kerberos5_server_enable" +name=kadmind +rcvar=${name}_enable +required_vars=kdc_enable +start_precmd=${name}_start_precmd + +set_rcvar_obsolete kadmind5_server_enable kadmind_enable +set_rcvar_obsolete kadmind5_server kadmind_program +set_rcvar_obsolete kerberos5_server_enable kdc_enable + +kadmind_start_precmd() +{ + command_args="$command_args &" +} + +load_rc_config $name run_rc_command "$1" Copied: stable/10/etc/rc.d/kdc (from r270782, head/etc/rc.d/kdc) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/10/etc/rc.d/kdc Thu Oct 9 23:35:23 2014 (r272862, copy of r270782, head/etc/rc.d/kdc) @@ -0,0 +1,27 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: kdc +# REQUIRE: NETWORKING +# KEYWORD: shutdown + +. /etc/rc.subr + +name=kdc +rcvar=${name}_enable +start_precmd=${name}_start_precmd + +set_rcvar_obsolete kerberos5_server_enable kdc_enable +set_rcvar_obsolete kerberos5_server kdc_program +set_rcvar_obsolete kerberos5_server_flags kdc_flags + +kdc_start_precmd() +{ + + command_args="$command_args --detach" +} + +load_rc_config $name +run_rc_command "$1" Modified: stable/10/etc/rc.d/kfd ============================================================================== --- stable/10/etc/rc.d/kfd Thu Oct 9 23:33:33 2014 (r272861) +++ stable/10/etc/rc.d/kfd Thu Oct 9 23:35:23 2014 (r272862) @@ -10,8 +10,14 @@ . /etc/rc.subr name=kfd -rcvar=kfd_enable -load_rc_config $name -command_args="-i &" +rcvar=${name}_enable +start_precmd=${name}_start_precmd + +kfd_start_precmd() +{ + command_args="$command_args -i &" +} + +load_rc_config $name run_rc_command "$1" Modified: stable/10/etc/rc.d/kpasswdd ============================================================================== --- stable/10/etc/rc.d/kpasswdd Thu Oct 9 23:33:33 2014 (r272861) +++ stable/10/etc/rc.d/kpasswdd Thu Oct 9 23:35:23 2014 (r272862) @@ -4,17 +4,25 @@ # # PROVIDE: kpasswdd -# REQUIRE: kadmin -# BEFORE: DAEMON +# REQUIRE: kdc +# KEYWORD: shutdown . /etc/rc.subr -name="kpasswdd" -load_rc_config $name -rcvar="kpasswdd_server_enable" -unset start_cmd -command="${kpasswdd_server}" -command_args="&" -required_vars="kadmind5_server_enable" +name=kpasswdd +rcvar=${name}_enable +required_vars=kdc_enable +start_precmd=${name}_start_precmd + +set_rcvar_obsolete kpasswdd_server_enable kpasswdd_enable +set_rcvar_obsolete kpasswdd_server kpasswdd_program +set_rcvar_obsolete kerberos5_server_enable kdc_enable + +kpasswdd_start_precmd() +{ + command_args="$command_args &" +} + +load_rc_config $name run_rc_command "$1"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201410092335.s99NZO1h080399>