diff options
| author | B Stack <bgstack15@gmail.com> | 2020-03-23 17:01:45 -0400 |
|---|---|---|
| committer | B Stack <bgstack15@gmail.com> | 2020-03-23 17:01:45 -0400 |
| commit | a3e27219edd1c77fe9831d4eac1d7310f8afdd06 (patch) | |
| tree | bf30a9449a3ee3afbc6fc46c860591a64907ac8d /src/usr | |
| parent | add debian/ (diff) | |
| download | freeipa-helper-a3e27219edd1c77fe9831d4eac1d7310f8afdd06.tar.gz freeipa-helper-a3e27219edd1c77fe9831d4eac1d7310f8afdd06.tar.bz2 freeipa-helper-a3e27219edd1c77fe9831d4eac1d7310f8afdd06.zip | |
fix sssd.conf and improve packaging
fix #1 post-install needs to chmod 0600 sssd.conf
add sssd.conf.in template
add make-dsc-for-obs script
bump version to 0.0.2
Diffstat (limited to 'src/usr')
| -rwxr-xr-x | src/usr/sbin/freeipa-helper-post-install | 7 | ||||
| -rw-r--r-- | src/usr/share/freeipa-helper/sssd.conf.in | 36 |
2 files changed, 43 insertions, 0 deletions
diff --git a/src/usr/sbin/freeipa-helper-post-install b/src/usr/sbin/freeipa-helper-post-install index e9b61b2..8baa604 100755 --- a/src/usr/sbin/freeipa-helper-post-install +++ b/src/usr/sbin/freeipa-helper-post-install @@ -7,10 +7,12 @@ # Purpose: Turn my configs into a one-liner # History: # 2020-03-11 contents ripped entirely from devuan.txt +# 2020-03-23 add sssd.conf templating # Usage: # sudo freeipa-helper-post-install # References: # /mnt/public/Support/Platforms/devuan/devuan.txt +# almost-bashism for templating from file https://stackoverflow.com/questions/2914220/bash-templating-how-to-build-configuration-files-from-templates-with-bash/60820800#60820800 # Improve: # Dependencies: # raw: /usr/share/bgconf/confs/kerberos/kerberos.sh @@ -22,5 +24,10 @@ tf=/etc/pam.d/common-session ; ! grep -q 'mkhomedir' "${tf}" && { thisline="$(( # set dns_canonicalize_hostname = true sudo updateval -a /etc/krb5.conf -s '[libdefaults]' '^(\s*dns_canonicalize_hostname\s*=\s*).*' ' dns_canonicalize_hostname = true' test -e /usr/share/bgconf/confs/kerberos/kerberos.sh && sudo sh /usr/share/bgconf/confs/kerberos/kerberos.sh +eval "cat <<EOF >/etc/sssd/sssd.conf +$( cat /usr/share/freeipa-helper/sssd.conf.in ) +EOF +" +chmod 0600 /etc/sssd/sssd.conf service sssd stop ; service sssd start service ssh stop ; service ssh start diff --git a/src/usr/share/freeipa-helper/sssd.conf.in b/src/usr/share/freeipa-helper/sssd.conf.in new file mode 100644 index 0000000..2ab626f --- /dev/null +++ b/src/usr/share/freeipa-helper/sssd.conf.in @@ -0,0 +1,36 @@ +[domain/$( hostname --domain )] + +debug_level = 1 +id_provider = ipa +ipa_server = _srv_, $( hostname --domain ) +ipa_domain = $( hostname --domain ) +ipa_hostname = $( hostname --fqdn ) +auth_provider = ipa +chpass_provider = ipa +access_provider = ipa +cache_credentials = True +ldap_tls_cacert = /etc/ipa/ca.crt +krb5_store_password_if_offline = True +[sssd] +services = nss, pam, ssh, sudo + +domains = $( hostname --domain ) +[nss] +homedir_substring = /home + +[pam] + +[sudo] + +[autofs] + +[ssh] + +[pac] + +[ifp] + +[secrets] + +[session_recording] + |