[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gforge-commits] gforge/deb-specific install-nsspgsql.sh, NONE, 1.1 inst
|
From: |
lo-lan-do |
|
Subject: |
[Gforge-commits] gforge/deb-specific install-nsspgsql.sh, NONE, 1.1 install-db.sh, 1.31, 1.32 install-chroot.sh, 1.11, 1.12 |
|
Date: |
Sun, 03 Oct 2004 12:01:40 -0500 |
Update of /cvsroot/gforge/gforge/deb-specific
In directory db.perdue.net:/tmp/cvs-serv18265/deb-specific
Modified Files:
install-db.sh install-chroot.sh
Added Files:
install-nsspgsql.sh
Log Message:
New backend for NSS using NSS-PGSQL.
Creates views, configures NSS, adds a new gforge-shell-pgsql pachage.
--- NEW FILE: install-nsspgsql.sh ---
#! /bin/bash
#
# $Id: install-nsspgsql.sh,v 1.1 2004/10/03 17:01:38 lo-lan-do Exp $
#
# Configure LDAP for GForge
# Christian Bayle, Roland Mas
# Initially written for debian-sf (Sourceforge for Debian)
# Adapted as time went by for Gforge
set -e
if [ "$GFORGEDEBUG" != 1 ] ; then
DEVNULL12="> /dev/null 2>&1"
DEVNULL2="2> /dev/null"
else
set -x
fi
if [ $(id -u) != 0 -a "x$1" != "xlist" ] ; then
echo "You must be root to run this, please enter passwd"
exec su -c "$0 $1"
fi
PATH=$PATH:/usr/sbin
setup_vars() {
db_host=$(grep ^db_host= /etc/gforge/gforge.conf | cut -d= -f2-)
db_name=$(grep ^db_name= /etc/gforge/gforge.conf | cut -d= -f2-)
db_user=$(grep ^db_user= /etc/gforge/gforge.conf | cut -d= -f2-)
db_password=$(grep ^db_password= /etc/gforge/gforge.conf | cut -d= -f2-)
tmpfile_pattern=/tmp/$(basename $0).XXXXXX
}
show_vars() {
echo "slapd_base_dn = '$slapd_base_dn'"
echo "gforge_base_dn = '$gforge_base_dn'"
echo "slapd_admin_dn = '$slapd_admin_dn'"
echo "slapd_admin_passwd = '$slapd_admin_passwd'"
echo "cryptedpasswd = '$cryptedpasswd'"
echo "tmpfile_pattern = '$tmpfile_pattern'"
}
# Should I do something for /etc/pam_pgsql.conf ?
modify_pam_pgsql(){
echo -n
# echo "Nothing to do"
}
# Check/Modify /etc/libnss-ldap.conf
configure_libnss_pgsql(){
# All users can see ldap stored gid/uid
cat > /etc/nss-pgsql.conf.gforge-new <<EOF
host = $db_host
port = 5432
database = $db_name
login = gforge_nss
passwd = ''
passwdtable = nss_passwd
grouptable = nss_groups
groupmembertable = nss_passwd JOIN nss_usergroups ON
nss_passwd.uid=nss_usergroups.uid JOIN nss_groups ON
nss_usergroups.gid=nss_groups.gid
passwd_name = login
passwd_passwd = passwd
passwd_uid = uid
passwd_dir = homedir
passwd_shell = shell
passwd_gecos = gecos
passwd_gid = gid
group_name = name
group_passwd = passwd
group_gid = gid
group_member = login
EOF
chmod 644 /etc/nss-pgsql.conf.gforge-new
}
# Purge /etc/nss-pgsql.conf
purge_libnss_pgsql(){
cp -a /etc/nss-pgsql.conf /etc/nss-pgsql.conf.gforge-new
perl -pi -e "s/^# Next line added by GForge install\n/#SF#/g"
/etc/nss-pgsql.conf.gforge-new
perl -pi -e "s/^#SF#.*\n//g" /etc/nss-pgsql.conf.gforge-new
}
# Modify /etc/nsswitch.conf
configure_nsswitch()
{
cp -a /etc/nsswitch.conf /etc/nsswitch.conf.gforge-new
# This is sensitive file
# By security i let priority to files
# Should maybe enhance this to take in account nis
# Maybe ask the order db/files/nis/pgsql
if ! grep -q '^passwd:.*pgsql' /etc/nsswitch.conf.gforge-new ; then
perl -pi -e "s/^(passwd:[^#\n]*)([^\n]*)/\1 pgsql \2#Added by GForge
install\n#Comment by GForge install#\1\2/gs" /etc/nsswitch.conf.gforge-new
fi
if ! grep -q '^group:.*pgsql' /etc/nsswitch.conf.gforge-new ; then
perl -pi -e "s/^(group:[^#\n]*)([^\n]*)/\1 pgsql \2#Added by GForge
install\n#Comment by GForge install#\1\2/gs" /etc/nsswitch.conf.gforge-new
fi
if ! grep -q '^shadow:.*pgsql' /etc/nsswitch.conf.gforge-new ; then
perl -pi -e "s/^(shadow:[^#\n]*)([^\n]*)/\1 pgsql \2#Added by GForge
install\n#Comment by GForge install#\1\2/gs" /etc/nsswitch.conf.gforge-new
fi
}
# Purge /etc/nsswitch.conf
purge_nsswitch()
{
cp -a /etc/nsswitch.conf /etc/nsswitch.conf.gforge-new
perl -pi -e "s/^[^\n]*#Added by GForge install\n//"
/etc/nsswitch.conf.gforge-new
perl -pi -e "s/#Comment by GForge install#//" /etc/nsswitch.conf.gforge-new
}
# Main
case "$1" in
configure-files)
setup_vars
# echo "Modifying /etc/nss-pgsql.conf"
configure_libnss_pgsql
# echo "Modifying /etc/nsswitch.conf"
configure_nsswitch
;;
configure)
;;
purge-files)
setup_vars
# echo "Purging /etc/nsswitch.conf"
purge_nsswitch
# echo "Purging /etc/nss-pgsql.conf"
purge_libnss_pgsql
;;
purge)
$0 empty
;;
test|check)
setup_vars
show_vars
check_server
;;
setup)
$0 configure-files
$0 configure
cp /etc/nss-pgsql.conf /etc/nss-pgsql.conf.gforge-old
cp /etc/nsswitch.conf.gforge /etc/nsswitch.conf.gforge-old
mv /etc/nss-pgsql.conf.gforge-new /etc/nss-pgsql.conf
mv /etc/nsswitch.conf.gforge-new /etc/nsswitch.conf
;;
cleanup)
$0 purge-files
$0 purge
cp /etc/nss-pgsql.conf /etc/nss-pgsql.conf.gforge-old
cp /etc/nsswitch.conf.gforge /etc/nsswitch.conf.gforge-old
mv /etc/nss-pgsql.conf.gforge-new /etc/nss-pgsql.conf
mv /etc/nsswitch.conf.gforge-new /etc/nsswitch.conf
;;
*)
echo "Usage: $0
{configure|configure-files|purge|purge-files|test|setup|cleanup}"
exit 1
;;
esac
Index: install-db.sh
===================================================================
RCS file: /cvsroot/gforge/gforge/deb-specific/install-db.sh,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -d -r1.31 -r1.32
--- install-db.sh 28 Mar 2004 19:48:33 -0000 1.31
+++ install-db.sh 3 Oct 2004 17:01:38 -0000 1.32
@@ -64,21 +64,27 @@
# PostgreSQL configuration for versions from 7.3 on
echo "Configuring for PostgreSQL 7.3"
cp -a /etc/postgresql/pg_hba.conf
/etc/postgresql/pg_hba.conf.gforge-new
- # if 7.2 formatted string, elseif 7.3 string, else no previous
string
- if grep -q "^host.*gforge_passwd$"
/etc/postgresql/pg_hba.conf.gforge-new ; then
- perl -pi -e "s/^host.*gforge_passwd$/host $db_name $db_user
$ip_address 255.255.255.255 password/" /etc/postgresql/pg_hba.conf.gforge-new
- # the below could cause issues if gforge's line isnt at the top of
the file, but its
- # the only way to allow changing of the db_name.
- elif grep -q "^host.*password$"
/etc/postgresql/pg_hba.conf.gforge-new ; then
- perl -pi -e "s/^host.*password$/host $db_name $db_user
$ip_address 255.255.255.255 password/" /etc/postgresql/pg_hba.conf.gforge-new
- else
+ if ! grep -q 'BEGIN GFORGE BLOCK -- DO NOT EDIT'
/etc/postgresql/pg_hba.conf.gforge-new ; then
cur=$(mktemp /tmp/$pattern)
- echo "### Next line inserted by GForge install" > $cur
- echo "host $db_name $db_user $ip_address 255.255.255.255
password" >> $cur
- cat /etc/postgresql/pg_hba.conf.gforge-new >> $cur
- cat $cur > /etc/postgresql/pg_hba.conf.gforge-new
- rm -f $cur
+ # Make sure our configuration is inside a delimited BLOCK
+ if grep -q "^host.*gforge_passwd$"
/etc/postgresql/pg_hba.conf.gforge-new ; then
+ perl -e "open F, \"/etc/postgresql/pg_hba.conf.gforge-new\"
or die \$!; undef \$/; \$l=<F>; \$l=~ s/^host.*gforge_passwd\$/### BEGIN GFORGE
BLOCK -- DO NOT EDIT\n### END GFORGE BLOCK -- DO NOT EDIT/s; print \$l;" > $cur
+ cat $cur > /etc/postgresql/pg_hba.conf.gforge-new
+ elif grep -q "^### Next line inserted by GForge install"
/etc/postgresql/pg_hba.conf.gforge-new ; then
+ perl -e "open F, '/etc/postgresql/pg_hba.conf.gforge-new'
or die \$!; undef \$/; \$l=<F>; \$l=~ s/^### Next line inserted by GForge
install\nhost $db_name $db_user $ip_address 255.255.255.255 password/### BEGIN
GFORGE BLOCK -- DO NOT EDIT\n### END GFORGE BLOCK -- DO NOT EDIT/s; print \$l;"
> $cur
+ cat $cur > /etc/postgresql/pg_hba.conf.gforge-new
+ else
+ perl -e "open F, '/etc/postgresql/pg_hba.conf.gforge-new'
or die \$!; undef \$/; \$l=<F>; \$l=~ s/^host $db_name $db_user.*password\$/###
BEGIN GFORGE BLOCK -- DO NOT EDIT\n### END GFORGE BLOCK -- DO NOT EDIT/s; print
\$l;" > $cur
+ cat $cur > /etc/postgresql/pg_hba.conf.gforge-new
+ fi
fi
+ rm -f $cur
+
+ cur=$(mktemp /tmp/$pattern)
+ perl -e "open F, '/etc/postgresql/pg_hba.conf.gforge-new' or die
\$!; undef \$/; \$l=<F>; \$l=~ s/^### BEGIN GFORGE BLOCK -- DO NOT EDIT.*###
END GFORGE BLOCK -- DO NOT EDIT\$/### BEGIN GFORGE BLOCK -- DO NOT EDIT\nhost
$db_name $db_user $ip_address 255.255.255.255 password\nhost $db_name
gforge_nss $ip_address 255.255.255.255 trust\n### END GFORGE BLOCK -- DO NOT
EDIT/ms; print \$l;" > $cur
+ cat $cur > /etc/postgresql/pg_hba.conf.gforge-new
+ rm -f $cur
+
# Remove old password file, created by 7.2, not used by 7.3
if [ -e /var/lib/postgres/data/gforge_passwd ] ; then
rm -f /var/lib/postgres/data/gforge_passwd
@@ -131,6 +137,23 @@
rm -f $tmp1 $tmp2
exit 1
fi
+ if su -s /bin/sh postgres -c "/usr/bin/psql template1" &> /dev/null
<<-EOF
+CREATE USER gforge_nss WITH PASSWORD '' ;
+EOF
+ then
+ rm -f $tmp1 $tmp2
+ else
+ echo "Cannot create PostgreSQL user... This shouldn't have
happened."
+ echo "Maybe a problem in your PostgreSQL configuration?"
+ echo "Please report a bug to the Debian bug tracking system"
+ echo "Please include the following output:"
+ echo "CREATE USER's STDOUT:"
+ cat $tmp1
+ echo "CREATE USER's STDERR:"
+ cat $tmp2
+ rm -f $tmp1 $tmp2
+ exit 1
+ fi
fi
# Create the appropriate database
Index: install-chroot.sh
===================================================================
RCS file: /cvsroot/gforge/gforge/deb-specific/install-chroot.sh,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12
--- install-chroot.sh 13 Nov 2003 17:49:57 -0000 1.11
+++ install-chroot.sh 3 Oct 2004 17:01:38 -0000 1.12
@@ -106,13 +106,16 @@
| sort -u \
| cpio --quiet -pdumVLB $CHROOTDIR
- cp /etc/libnss-ldap.conf $CHROOTDIR/etc
#cp -r /etc/ldap $CHROOTDIR/etc
- cp /lib/libnss_ldap* $CHROOTDIR/lib
- cp /usr/lib/libnss_ldap* $CHROOTDIR/usr/lib
- cp /usr/lib/libdb* $CHROOTDIR/usr/lib
- cp /usr/lib/libssl* $CHROOTDIR/usr/lib
- cp /usr/lib/libcrypto* $CHROOTDIR/usr/lib
+ [ -e /etc/libnss-ldap.conf ] && cp /etc/libnss-ldap.conf $CHROOTDIR/etc
+ [ -e /etc/libnss-pgsql.conf ] && cp /etc/libnss-pgsql.conf
$CHROOTDIR/etc
+ [ "$(echo /lib/libnss_ldap*)" != "/lib/libnss_ldap*" ] && cp
/lib/libnss_ldap* $CHROOTDIR/lib
+ [ "$(echo /usr/lib/libnss_ldap*)" != "/usr/lib/libnss_ldap*" ] && cp
/usr/lib/libnss_ldap* $CHROOTDIR/usr/lib
+ [ "$(echo /lib/libnss_pgsql*)" != "/lib/libnss_pgsql*" ] && cp
/lib/libnss_pgsql* $CHROOTDIR/lib
+ [ "$(echo /usr/lib/libnss_pgsql*)" != "/usr/lib/libnss_pgsql*" ] && cp
/usr/lib/libnss_pgsql* $CHROOTDIR/usr/lib
+ [ "$(echo /usr/lib/libdb*)" != "/usr/lib/libdb*" ] && cp
/usr/lib/libdb* $CHROOTDIR/usr/lib
+ [ "$(echo /usr/lib/libssl*)" != "/usr/lib/libssl*" ] && cp
/usr/lib/libssl* $CHROOTDIR/usr/lib
+ [ "$(echo /usr/lib/libcrypto*)" != "/usr/lib/libcrypto*" ] && cp
/usr/lib/libcrypto* $CHROOTDIR/usr/lib
# Libpam-ldap
[ -f /etc/ldap.secret ] && cp /etc/ldap.secret $CHROOTDIR/etc && chmod
600 /etc/ldap.secret
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Gforge-commits] gforge/deb-specific install-nsspgsql.sh, NONE, 1.1 install-db.sh, 1.31, 1.32 install-chroot.sh, 1.11, 1.12,
lo-lan-do <=