Sisyphus repositório
Última atualização: 1 outubro 2023 | SRPMs: 18631 | Visitas: 37704464
en ru br
ALT Linux repositórios
S:0.5.3-alt1

Group :: Sistema/Configurações/Rede
RPM: alt-domain-server

 Main   Changelog   Spec   Patches   Sources   Download   Gear   Bugs e FR  Repocop 

pax_global_header00006660000000000000000000000064121027030640014505gustar00rootroot0000000000000052 comment=8072b6fbb1c7343b8804e9315bbf1e14ad70b6ff
alt-domain-server-0.3/000075500000000000000000000000001210270306400146765ustar00rootroot00000000000000alt-domain-server-0.3/.gear-rules000064400000000000000000000000071210270306400167420ustar00rootroot00000000000000tar: .
alt-domain-server-0.3/alt-domain-server.spec000064400000000000000000000022741210270306400211100ustar00rootroot00000000000000Name: alt-domain-server 
Version: 0.3
Release: alt1

Summary: All needed for alt-domain server
License: GPL
Group: System/Configuration/Other
BuildArch: noarch
Source: %name-%version.tar
Requires: bind alterator-bind
Requires: openldap-servers krb5-kdc krb5-kadmin krb5-kinit ldap-user-tools
Requires: dhcp-server alterator-dhcp
Requires: alterator-net-domain alterator-ldap-users ldap-user-tools
Requires: /usr/sbin/smbd
Requires: alterator-kdc alterator-ldap-groups alterator-net-eth

Provides: installer-feature-setup-openldap
Obsoletes: installer-feature-setup-openldap

%description
Install this package if you need alt-domain server

%prep
%setup -q

%install
mkdir -p %buildroot/etc/
cp -a hooks %buildroot/etc/
mkdir -p %buildroot/usr/share/install2/preinstall.d
cp preinstall.d/* %buildroot/usr/share/install2/preinstall.d/

%files
/etc/hooks/hostname.d/*
/usr/share/install2/preinstall.d/*

%changelog
* Fri Feb 01 2013 Anton V. Boyarshinov <boyarsh@altlinux.ru> 0.3-alt1
- version independent samba dependence

* Thu Jan 31 2013 Anton V. Boyarshinov <boyarsh@altlinux.ru> 0.2-alt1
- i-f-setup-openldap moved here

* Tue Aug 07 2012 Anton V. Boyarshinov <boyarsh@altlinux.ru> 0.1-alt1
- first build



alt-domain-server-0.3/hooks/000075500000000000000000000000001210270306400160215ustar00rootroot00000000000000alt-domain-server-0.3/hooks/hostname.d/000075500000000000000000000000001210270306400200615ustar00rootroot00000000000000alt-domain-server-0.3/hooks/hostname.d/95-smb000075500000000000000000000063771210270306400210400ustar00rootroot00000000000000#!/bin/sh

. /etc/sysconfig/system
. /bin/shell-ini-config

[ "$SERVER_ROLE" = "master" ] || exit 0

# Set workgroup
workgroup="$(system-auth status | cut -f2 -d' ' | sed -e 's/dc=//g;s/,/./g;s/\(.*\)/\U\1/'|cut -c -15)"

# TODO Set configuration of smb.conf to support NT domain
echo "** Adapt smb.conf for NT domain support"

ini="/etc/samba/smb.conf"
if [ ! -w "$ini" ]; then
    echo "File \"$ini\" is not available for write"
    exit 1
fi

ini_config_set $ini global 'workgroup' "$workgroup"
ini_config_set $ini global 'local master' 'yes'
ini_config_set $ini global 'preferred master' 'yes'
ini_config_set $ini global 'domain master' 'yes'
ini_config_set $ini global 'domain logons' 'yes'
ini_config_set $ini global 'add user script' '/usr/sbin/ldap-useradd "%u"'
ini_config_set $ini global 'delete user script' '/usr/sbin/ldap-userdel "%u"'
ini_config_set $ini global 'add group script' '/usr/sbin/ldap-groupadd "%g"'
ini_config_set $ini global 'delete group script' '/usr/sbin/ldap-groupdel "%g"'
ini_config_set $ini global 'add user to group script' '/usr/sbin/ldap-groupmod -m "%u" "%g"'
ini_config_set $ini global 'delete user from group script' '/usr/sbin/ldap-groupmod -x "%u" "%g"'
ini_config_set $ini global 'set primary group script' '/usr/sbin/ldap-usermod -g "%g" "%u"'
ini_config_set $ini global 'add machine script' '/usr/sbin/ldap-useradd -w -i "%u"'
ini_config_set $ini global 'ldap machine suffix' 'ou=Computers'
ini_config_set $ini global 'encrypt passwords' 'yes'
ini_config_set $ini global 'ldap delete dn' 'no'
ini_config_set $ini global 'logon script' 'netlogon.bat'

# Add netlogon share
grep '^\[netlogon\]' $ini >/dev/null || echo -e "[netlogon]\ncomment=" >> $ini

ini_config_set $ini netlogon 'comment' 'Network Logon Service'
ini_config_set $ini netlogon 'path' '/etc/samba/netlogon'
ini_config_set $ini netlogon 'guest ok' 'yes'
ini_config_set $ini netlogon 'writable' 'no'
ini_config_set $ini netlogon 'browseable' 'no'

mkdir -p /etc/samba/netlogon
echo "net use s: \\\\$(hostname -s)\share" | sed 's/$/\r/' > /etc/samba/netlogon/netlogon.bat

echo "Samba workgroup: $workgroup"

# Enable services and restart them
echo "** Enable services and restart them"
service smb restart >/dev/null
service nmb restart >/dev/null
chkconfig smb on
chkconfig nmb on

# Create administrator account with uidNumber 0
admin_name="nt_domain_administrator"
admin_password="$(pwqgen)"

echo "** Create domain administrator account \"$admin_name\""
admin_uid="$(ldap-getent passwd "$admin_name" uidNumber)"
[ -z "$admin_uid" ] && ldap-useradd "$admin_name"
ldap-passwd "$admin_name" "$admin_password"
echo "uidNumber:0" | ldap-usermod replace "$admin_name"

# Create system groups
echo "** Create domain groups:"
ldap-groupadd "admins"
ldap-groupadd "users" 100

# Set privileges
echo "** Set privileges"
net groupmap add rid=512 ntgroup="Domain Admins" unixgroup=admins
net groupmap add rid=513 ntgroup="Domain Users" unixgroup=users

net rpc rights grant "Domain Admins" SeMachineAccountPrivilege SePrintOperatorPrivilege \
SeAddUsersPrivilege SeDiskOperatorPrivilege SeRemoteShutdownPrivilege -U$admin_name%$admin_password

# Delete administrator account
echo "** Delete domain administrator account \"$admin_name\". Put administrators to group \"admins\""
ldap-userdel -r "$admin_name"

echo "** Done."

alt-domain-server-0.3/preinstall.d/000075500000000000000000000000001210270306400172755ustar00rootroot00000000000000alt-domain-server-0.3/preinstall.d/90-setup-openldap.sh000075500000000000000000000011321210270306400230170ustar00rootroot00000000000000#!/bin/sh

i=install2-init-functions
. $i
. shell-config

#don't do anything if no alterator-openldap and samba installed
run_chroot rpm -q alterator-openldap samba &>/dev/null || run_chroot rpm -q alterator-openldap samba4 &>/dev/null || exit 0

[ -f $destdir/etc/openldap/schema/samba.schema ] && echo 'include /etc/openldap/schema/samba.schema' >> $destdir/etc/openldap/slapd.conf
[ -f $destdir/etc/openldap/schema/kerberos.schema ] && echo 'include /etc/openldap/schema/kerberos.schema' >> $destdir/etc/openldap/slapd.conf
subst 's|\(include.*hdb-db01.conf\)|#\1|' $destdir/etc/openldap/slapd.conf
 
projeto & código: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
mantenedor atual: Michael Shigorin
mantenedor da tradução: Fernando Martini aka fmartini © 2009