summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStew Benedict <stewb@mandriva.org>2002-07-18 19:21:29 +0000
committerStew Benedict <stewb@mandriva.org>2002-07-18 19:21:29 +0000
commit76400d0960607e02acb13f0b4a10fde59bce15b1 (patch)
tree24b0ed1a008b0822ed7dfde770ca896f2752e5e2
parentbf5c1abc529fb5c9858f7652b66157ae09152708 (diff)
downloaddrakx-backup-do-not-use-76400d0960607e02acb13f0b4a10fde59bce15b1.tar
drakx-backup-do-not-use-76400d0960607e02acb13f0b4a10fde59bce15b1.tar.gz
drakx-backup-do-not-use-76400d0960607e02acb13f0b4a10fde59bce15b1.tar.bz2
drakx-backup-do-not-use-76400d0960607e02acb13f0b4a10fde59bce15b1.tar.xz
drakx-backup-do-not-use-76400d0960607e02acb13f0b4a10fde59bce15b1.zip
add support/option for Windows(tm) authentication via winbind
-rw-r--r--perl-install/install_any.pm47
-rw-r--r--perl-install/install_steps_interactive.pm13
2 files changed, 58 insertions, 2 deletions
diff --git a/perl-install/install_any.pm b/perl-install/install_any.pm
index ab89918d6..0196e293a 100644
--- a/perl-install/install_any.pm
+++ b/perl-install/install_any.pm
@@ -436,7 +436,7 @@ sub addToBeDone(&$) {
sub setAuthentication {
my ($o) = @_;
- my ($shadow, $md5, $ldap, $nis) = @{$o->{authentication} || {}}{qw(shadow md5 LDAP NIS)};
+ my ($shadow, $md5, $ldap, $nis, $winbind) = @{$o->{authentication} || {}}{qw(shadow md5 LDAP NIS winbind)};
my $p = $o->{prefix};
#- obsoleted always enabled (in /etc/pam.d/system-auth furthermore) #any::enableMD5Shadow($p, $shadow, $md5);
any::enableShadow($p) if $shadow;
@@ -457,9 +457,54 @@ sub setAuthentication {
} "$p/etc/yp.conf";
require network;
network::write_conf("$p/etc/sysconfig/network", $o->{netc});
+ } elsif ($winbind) {
+ my $domain = $o->{netc}{WINDOMAIN};
+ $o->pkg_install(qw(samba-winbind samba-common));
+ { #- setup pam
+ my $f = "$o->{prefix}/etc/pam.d/system-auth";
+ cp_af($f, "$f.orig");
+ cp_af("$f-winbind", $f);
+ }
+ write_smb_conf($o, $domain);
+ run_program::rooted($o->{prefix}, "chkconfig", "--level", "35", "winbind", "on");
+ mkdir "$o->{prefix}/home/$domain", 0755;
+
+ #- finally join the machine to the Windoze domain
+ run_program::rooted($o->{prefix}, "/usr/bin/smbpasswd", "-j", $domain, "-r", $winbind);
}
}
+sub write_smb_conf {
+ my ($domain) = @_;
+
+ #- was going to just have a canned config in samba-winbind
+ #- and replace the domain, but sylvestre/buchan didn't bless it yet
+
+ my $f = "$::prefix/etc/samba/smb.conf";
+ rename $f, "$f.orig";
+ output($f, "
+[global]
+ workgroup = $domain
+ server string = Samba Server %v
+ security = domain
+ encrypt passwords = Yes
+ password server = *
+ log file = /var/log/samba/log.%m
+ max log size = 50
+ socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
+ character set = ISO8859-15
+ os level = 18
+ local master = No
+ dns proxy = No
+ winbind uid = 10000-20000
+ winbind gid = 10000-20000
+ winbind separator = +
+ template homedir = /home/%D/%U
+ template shell = /bin/bash
+ winbind use default domain = yes
+");
+}
+
sub killCardServices {
my $pid = chomp_(cat_("/tmp/cardmgr.pid"));
$pid and kill(15, $pid); #- send SIGTERM
diff --git a/perl-install/install_steps_interactive.pm b/perl-install/install_steps_interactive.pm
index bafde238c..3aebfe8ed 100644
--- a/perl-install/install_steps_interactive.pm
+++ b/perl-install/install_steps_interactive.pm
@@ -1079,6 +1079,7 @@ sub setRootPassword {
my $sup = $o->{superuser} ||= {};
my $auth = ($o->{authentication}{LDAP} && __("LDAP") ||
$o->{authentication}{NIS} && __("NIS") ||
+ $o->{authentication}{winbind} && __("Windows PDC") ||
__("Local files"));
$sup->{password2} ||= $sup->{password} ||= "";
@@ -1101,7 +1102,7 @@ sub setRootPassword {
{ label => _("Password"), val => \$sup->{password}, hidden => 1 },
{ label => _("Password (again)"), val => \$sup->{password2}, hidden => 1 },
if_($::expert,
-{ label => _("Authentication"), val => \$auth, list => [ __("Local files"), __("LDAP"), __("NIS") ], format => \&translate },
+{ label => _("Authentication"), val => \$auth, list => [ __("Local files"), __("LDAP"), __("NIS"), __("Windows PDC") ], format => \&translate },
),
]) or return;
@@ -1122,6 +1123,16 @@ sub setRootPassword {
{ label => _("NIS Server"), val => \$o->{authentication}{NIS}, list => ["broadcast"], not_edit => 0 },
]) or goto &setRootPassword;
} else { $o->{authentication}{NIS} = '' }
+ if ($auth eq __("Windows PDC")) {
+ #- maybe we should browse the network like diskdrake --smb and get the 'doze server names in a list
+ #- but networking isn't setup yet necessarily
+ $o->ask_from('',
+ _("Authentication Windows PDC"),
+ [ { label => _("Windows Domain"), val => \ ($o->{netc}{WINDOMAIN} ||= $o->{netc}{DOMAINNAME}) },
+ { label => _("PDC Server Name"), val => \$o->{authentication}{winbind} },
+ ]) or goto &setRootPassword;
+ $o->ask_warn('', _("For this to work for a W2K PDC, you will probably need to have the admin run: C:\>net localgroup \"Pre-Windows 2000 Compatible Access\" everyone /add and reboot the server"));
+ } else { $o->{authentication}{winbind} = '' }
install_steps::setRootPassword($o);
}