+Thu Sep 26 17:48:32 1996 Barry Jaspan <bjaspan@mit.edu>
+
+ * env-setup.sh, init_db, start_servers_local: use K5ROOT instead
+ of /krb5
+
Thu Sep 26 11:45:56 1996 Ezra Peisach <epeisach@kangaroo.mit.edu>
* qualname.pl.in: Renamed old qualname to here as perl path needs
exit 1
fi
+if [ "$K5ROOT" = "" ]; then
+ # XXX this should default to --prefix, no?
+ K5ROOT="/krb5"; export K5ROOT
+fi
+
TESTDIR=$TOP/testing; export TESTDIR
COMPARE_DUMP=$TESTDIR/scripts/compare_dump.pl; export COMPARE_DUMP
FIX_CONF_FILES=$TESTDIR/scripts/fixup-conf-files.pl
STOP_SERVERS_LOCAL=$TESTDIR/scripts/stop_servers_local
export STOP_SERVERS_LOCAL
-KRB5_CONFIG=/krb5/krb5.conf; export KRB5_CONFIG
-KRB5_KDC_PROFILE=/krb5/kdc.conf; export KRB5_KDC_PROFILE
-KRB5_KTNAME=/krb5/ovsec_adm.srvtab; export KRB5_KTNAME
+KRB5_CONFIG=$K5ROOT/krb5.conf; export KRB5_CONFIG
+KRB5_KDC_PROFILE=$K5ROOT/kdc.conf; export KRB5_KDC_PROFILE
+KRB5_KTNAME=$K5ROOT/ovsec_adm.srvtab; export KRB5_KTNAME
if [ "$TEST_SERVER" != "" ]; then
MAKE_KEYTAB="$MAKE_KEYTAB -server $TEST_SERVER"
exit 1
fi
+if [ "$K5ROOT" = "" ]; then
+ # XXX this should default to --prefix, no?
+ K5ROOT="/krb5"; export K5ROOT
+fi
+
TESTDIR=$TOP/testing; export TESTDIR
COMPARE_DUMP=$TESTDIR/scripts/compare_dump.pl; export COMPARE_DUMP
FIX_CONF_FILES=$TESTDIR/scripts/fixup-conf-files.pl
STOP_SERVERS_LOCAL=$TESTDIR/scripts/stop_servers_local
export STOP_SERVERS_LOCAL
-KRB5_CONFIG=/krb5/krb5.conf; export KRB5_CONFIG
-KRB5_KDC_PROFILE=/krb5/kdc.conf; export KRB5_KDC_PROFILE
-KRB5_KTNAME=/krb5/ovsec_adm.srvtab; export KRB5_KTNAME
+KRB5_CONFIG=$K5ROOT/krb5.conf; export KRB5_CONFIG
+KRB5_KDC_PROFILE=$K5ROOT/kdc.conf; export KRB5_KDC_PROFILE
+KRB5_KTNAME=$K5ROOT/ovsec_adm.srvtab; export KRB5_KTNAME
if [ "$TEST_SERVER" != "" ]; then
MAKE_KEYTAB="$MAKE_KEYTAB -server $TEST_SERVER"
REDIRECT='>/dev/null'
fi
-# Requires that /krb5, /etc/krb.conf, and .k5.$REALM be world-writeable.
+# Requires that $K5ROOT, /etc/krb.conf, and .k5.$REALM be world-writeable.
if [ "$TOP" = "" ]; then
echo "init_db: Environment variable \$TOP must point to top of build tree" 1>&2
PATH=$ADMIN:$BIN:$ETC:$SBIN:$PATH; export PATH
-rm -rf /krb5/*
-if [ -d /krb5 ]; then
+rm -rf $K5ROOT/*
+if [ -d $K5ROOT ]; then
true
else
- mkdir /krb5
+ mkdir $K5ROOT
fi
-# touch /krb5/syslog
+# touch $K5ROOT/syslog
# for pid in `$PS_ALL | awk '/syslogd/ && !/awk/ {print $2}'` ; do
# case "$pid" in
# xxx) ;;
# esac
# done
-sed -e "s/__REALM__/$REALM/" < $TESTDIR/proto/krb5.conf.proto > /krb5/krb5.conf
-sed -e "s/__REALM__/$REALM/" < $TESTDIR/proto/kdc.conf.proto > /krb5/kdc.conf
+sed -e "s/__REALM__/$REALM/g" -e "s#__K5ROOT__#$K5ROOT#g" \
+ < $TESTDIR/proto/krb5.conf.proto > $K5ROOT/krb5.conf
+sed -e "s/__REALM__/$REALM/g" -e "s#__K5ROOT__#$K5ROOT#g" \
+ < $TESTDIR/proto/kdc.conf.proto > $K5ROOT/kdc.conf
kdb5_util -r $REALM create -P mrroot -s $REDIRECT
-cp $TESTDIR/proto/ovsec_adm.dict /krb5/ovsec_adm.dict
+cp $TESTDIR/proto/ovsec_adm.dict $K5ROOT/ovsec_adm.dict
eval $SRVTCL <<'EOF' $REDIRECT
source $env(TCLUTIL)
set r $env(REALM)
+if {[info exists env(USER)]} {
+ set whoami $env(USER)
+} else {
+ set whoami [exec whoami]
+}
set cmds {
{ovsec_kadm_init $env(SRVTCL) mrroot null $r $OVSEC_KADM_STRUCT_VERSION \
[simple_principal changepw/kerberos] \
{OVSEC_KADM_PRINCIPAL} {XXX THIS IS WRONG}}
+ {ovsec_kadm_create_principal $server_handle \
+ [simple_principal $whoami] \
+ {OVSEC_KADM_PRINCIPAL} $whoami}
+
{ovsec_kadm_destroy $server_handle}
}
exit 1
fi
-cat > /krb5/ovsec_adm.acl <<EOF
+cat > $K5ROOT/ovsec_adm.acl <<EOF
admin@$REALM admcil
admin/get@$REALM il
admin/modify@$REALM mc
EOF
-eval $LOCAL_MAKE_KEYTAB -princ kadmin/admin -princ kadmin/changepw -princ ovsec_adm/admin -princ ovsec_adm/changepw /krb5/ovsec_adm.srvtab $REDIRECT
+eval $LOCAL_MAKE_KEYTAB -princ kadmin/admin -princ kadmin/changepw -princ ovsec_adm/admin -princ ovsec_adm/changepw $K5ROOT/ovsec_adm.srvtab $REDIRECT
-# Create /krb5/setup.csh to make it easy to run other programs against
+# Create $K5ROOT/setup.csh to make it easy to run other programs against
# the test db
-cat > /krb5/setup.csh <<EOF
+cat > $K5ROOT/setup.csh <<EOF
setenv KRB5_CONFIG $KRB5_CONFIG
setenv KRB5_KDC_PROFILE $KRB5_KDC_PROFILE
setenv KRB5_KTNAME $KRB5_KTNAME
# Post-process the config files based on our arguments
if [ "$keysalts" != "" ]; then
sedcmd="s/\([ ]*supported_enctypes =\).*/\1 $keysalts/"
- sed -e "$sedcmd" < /krb5/kdc.conf > /krb5/kdc.conf.new
- mv /krb5/kdc.conf.new /krb5/kdc.conf
+ sed -e "$sedcmd" < $K5ROOT/kdc.conf > $K5ROOT/kdc.conf.new
+ mv $K5ROOT/kdc.conf.new $K5ROOT/kdc.conf
fi
if [ "$kdcport" != "" ] ; then
sedcmd="s/\(kdc_ports = .*\)[ ]*/\1, $kdcport/"
- sed -e "$sedcmd" < /krb5/kdc.conf > /krb5/kdc.conf.new
- mv /krb5/kdc.conf.new /krb5/kdc.conf
+ sed -e "$sedcmd" < $K5ROOT/kdc.conf > $K5ROOT/kdc.conf.new
+ mv $K5ROOT/kdc.conf.new $K5ROOT/kdc.conf
fi
# allow admin to krlogin as root (for cleanup)
projects / krb5.git / commitdiff