[debian-lan-devel] [debian-lan] 01/03: Switch to sssd everywhere.

Andreas B. Mundt andi at moszumanska.debian.org
Wed Feb 18 22:54:41 UTC 2015 

This is an automated email from the git hooks/post-receive script.

andi pushed a commit to branch master
in repository debian-lan.

commit 17c32b8e265266a3cbec13dd97ca7cdd421bf048
Author: Andreas B. Mundt <andi at debian.org>
Date:   Wed Feb 18 12:31:22 2015 +0100

    Switch to sssd everywhere.
    
    Replace nscd, nslcd (cf. #759544) and libpam-krb5 by sssd which is
    used in FreeIPA.
---
 fai/config/files/etc/sssd/sssd.conf/{ROAMING => CLIENT_A} | 0
 fai/config/files/etc/sssd/sssd.conf/{ROAMING => SERVER_A} | 0
 fai/config/package_config/DISKLESS_CLIENT                 | 3 ++-
 fai/config/package_config/FAIBASE                         | 3 ++-
 fai/config/package_config/KERBEROS_CLIENT                 | 2 +-
 fai/config/package_config/LDAP_CLIENT                     | 5 +----
 fai/config/package_config/ROAMING                         | 6 ------
 fai/config/scripts/CLIENT_A/20-misc                       | 2 ++
 fai/config/scripts/ROAMING/{20-sssd_fstab => 20-fstab}    | 2 --
 fai/config/scripts/SERVER_A/10-misc                       | 1 +
 10 files changed, 9 insertions(+), 15 deletions(-)

diff --git a/fai/config/files/etc/sssd/sssd.conf/ROAMING b/fai/config/files/etc/sssd/sssd.conf/CLIENT_A
similarity index 100%
copy from fai/config/files/etc/sssd/sssd.conf/ROAMING
copy to fai/config/files/etc/sssd/sssd.conf/CLIENT_A
diff --git a/fai/config/files/etc/sssd/sssd.conf/ROAMING b/fai/config/files/etc/sssd/sssd.conf/SERVER_A
similarity index 100%
rename from fai/config/files/etc/sssd/sssd.conf/ROAMING
rename to fai/config/files/etc/sssd/sssd.conf/SERVER_A
diff --git a/fai/config/package_config/DISKLESS_CLIENT b/fai/config/package_config/DISKLESS_CLIENT
index 28d21ab..8d4428a 100644
--- a/fai/config/package_config/DISKLESS_CLIENT
+++ b/fai/config/package_config/DISKLESS_CLIENT
@@ -47,7 +47,6 @@ debconf-utils
 file
 less
 nfs-common
-nscd
 rsync
 openssh-client
 strace
@@ -60,6 +59,8 @@ console-setup
 pciutils usbutils
 #heirloom-mailx
 mutt
+libnss-sss
+libpam-sss
 
 PACKAGES aptitude SSHFS_CLIENT
 sshfs
diff --git a/fai/config/package_config/FAIBASE b/fai/config/package_config/FAIBASE
index eefc2f0..936fcbe 100644
--- a/fai/config/package_config/FAIBASE
+++ b/fai/config/package_config/FAIBASE
@@ -19,7 +19,8 @@ console-setup kbd
 pciutils usbutils
 lvm2
 
-nscd
+libnss-sss
+libpam-sss
 #heirloom-mailx
 mutt
 cfengine2
diff --git a/fai/config/package_config/KERBEROS_CLIENT b/fai/config/package_config/KERBEROS_CLIENT
index 8ed6235..2a6dbe7 100644
--- a/fai/config/package_config/KERBEROS_CLIENT
+++ b/fai/config/package_config/KERBEROS_CLIENT
@@ -2,6 +2,6 @@
 ## Put all setup-dependent packages in the SETUP_* class.
 PACKAGES aptitude
 krb5-user
-libpam-krb5
+sssd-krb5
 libsasl2-modules-gssapi-mit
 ntp
diff --git a/fai/config/package_config/LDAP_CLIENT b/fai/config/package_config/LDAP_CLIENT
index bc4000f..3933f83 100644
--- a/fai/config/package_config/LDAP_CLIENT
+++ b/fai/config/package_config/LDAP_CLIENT
@@ -1,8 +1,5 @@
 ## Only list packages that are essential for the LDAP_CLIENT class.
 ## Put all setup-dependent packages in the SETUP_* class.
 PACKAGES aptitude
-libnss-ldapd
-# use nslcd, pynslcd does not work yet:
-nslcd
-
+sssd-ldap
 ldap-utils
diff --git a/fai/config/package_config/ROAMING b/fai/config/package_config/ROAMING
index cf6280a..48444c5 100644
--- a/fai/config/package_config/ROAMING
+++ b/fai/config/package_config/ROAMING
@@ -1,10 +1,4 @@
 ## Only list packages that are essential for the ROAMING class.
 ## Put all setup-dependent packages in the SETUP_* class.
 PACKAGES aptitude
-libpam-sss
-libnss-sss
-sssd
 libpam-script
-## force the use of sss:
-libpam-krb5-
-nscd-
diff --git a/fai/config/scripts/CLIENT_A/20-misc b/fai/config/scripts/CLIENT_A/20-misc
index ae111a9..89b53cd 100755
--- a/fai/config/scripts/CLIENT_A/20-misc
+++ b/fai/config/scripts/CLIENT_A/20-misc
@@ -2,6 +2,8 @@
 
 set -e
 
+fcopy -m root,root,0600 /etc/sssd/sssd.conf
+
 ## faiconfig:
 fcopy -ir /etc/fai
 
diff --git a/fai/config/scripts/ROAMING/20-sssd_fstab b/fai/config/scripts/ROAMING/20-fstab
similarity index 89%
rename from fai/config/scripts/ROAMING/20-sssd_fstab
rename to fai/config/scripts/ROAMING/20-fstab
index c240d88..6e71d12 100755
--- a/fai/config/scripts/ROAMING/20-sssd_fstab
+++ b/fai/config/scripts/ROAMING/20-fstab
@@ -2,8 +2,6 @@
 #
 set -e
 
-fcopy -m root,root,0600 /etc/sssd/sssd.conf
-
 HOMEDIRS='/lan/mainserver/home0'
 
 ## Make sure the home directories are accessible:
diff --git a/fai/config/scripts/SERVER_A/10-misc b/fai/config/scripts/SERVER_A/10-misc
index 1c5d5ea..f61fe9d 100755
--- a/fai/config/scripts/SERVER_A/10-misc
+++ b/fai/config/scripts/SERVER_A/10-misc
@@ -31,6 +31,7 @@ fi
 fcopy -m root,root,0700 /usr/local/sbin/debian-lan
 fcopy -m root,root,0700 /usr/local/sbin/dhcpd-keytab
 
+fcopy -m root,root,0600 /etc/sssd/sssd.conf
 
 if [ "$FAI_ACTION" != "install" ] && [ "$CONVERT" != "true" ] ; then
     exit 0

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/collab-maint/debian-lan.git

More information about the debian-lan-devel mailing list