Commit 508ae5d4 authored by Enrico Zini's avatar Enrico Zini
Browse files

Moved feisty packages in feisty branch

parents
2007-08-31 Christopher R. Gabriel <cgabriel@truelite.it>
* common-session-nonfs: added umask 077 to home directory creation
for pam_mkhomedir (requested Sabine Tarine, 30/08/2007)
* fuss-client: changed -n to -t
2007-07-02 Christopher R. Gabriel <cgabriel@truelite.it>
* fuss-client (save_server_conf): commit changes on write
2007-06-07 Christopher R. Gabriel <cgabriel@truelite.it>
* fuss-client (create_local_user): create a local user with home
in /var/home/ for test and support
2007-06-04 Christopher R. Gabriel <cgabriel@truelite.it>
* fuss-client (xwin): Change the check using the environ
#
# /etc/pam.d/common-account - authorization settings common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of the authorization modules that define
# the central access policy for use on the system. The default is to
# only deny service to users whose accounts are expired in /etc/shadow.
#
account required pam_unix.so
account sufficient pam_ldap.so
#
# /etc/pam.d/common-auth - authentication settings common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of the authentication modules that define
# the central authentication scheme for use on the system
# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
# traditional Unix authentication mechanisms.
#
auth required pam_env.so
auth sufficient pam_unix.so nullok_secure likeauth
auth required pam_ldap.so use_first_pass
#
# /etc/pam.d/common-password - password-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define the services to be
#used to change user passwords. The default is pam_unix
password sufficient pam_ldap.so
password required pam_unix.so md5 try_first_pass
#
# /etc/pam.d/common-session - session-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define tasks to be performed
# at the start and end of sessions of *any* kind (both interactive and
# non-interactive). The default is pam_unix.
#
session required pam_unix.so
session optional pam_ldap.so
session optional pam_foreground.so
#
# /etc/pam.d/common-session - session-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define tasks to be performed
# at the start and end of sessions of *any* kind (both interactive and
# non-interactive). The default is pam_unix.
#
session optional pam_mkhomedir.so umask=077
session required pam_unix.so
session optional pam_ldap.so
session optional pam_foreground.so
\ No newline at end of file
fuss-client (2.0.14-1) feisty; urgency=low
* Merged fixes made in Bozen
-- Christopher R. Gabriel <cgabriel@truelite.it> Mon, 3 Sep 2007 00:22:31 +0200
fuss-client (2.0.13-1) feisty; urgency=low
* Fixes for non-nfs machine
* Changed set timeout command line option
* Added pam_foreground to common-session
-- Christopher R. Gabriel <cgabriel@truelite.it> Mon, 3 Sep 2007 00:01:54 +0200
fuss-client (2.0.12-1) feisty; urgency=low
* Updated GRUB password management.
-- Christopher R. Gabriel <cgabriel@truelite.it> Wed, 22 Aug 2007 12:45:38 +0200
fuss-client (2.0.11-1) feisty; urgency=low
* Missing configuration line
-- Christopher R. Gabriel <cgabriel@truelite.it> Tue, 3 Jul 2007 18:03:13 +0200
fuss-client (2.0.10-1) feisty; urgency=low
* Fixed file descriptor for configuration file
-- Christopher R. Gabriel <cgabriel@truelite.it> Tue, 3 Jul 2007 15:41:07 +0200
fuss-client (2.0.9-1) feisty; urgency=low
* Commit configuration changes
* Octofuss-client with privileges distribution
-- Christopher R. Gabriel <cgabriel@truelite.it> Mon, 2 Jul 2007 14:53:25 +0200
fuss-client (2.0.8-1) feisty; urgency=low
* New upstream release
* Fixed GUI operations stop.
-- Christopher R. Gabriel <cgabriel@truelite.it> Mon, 18 Jun 2007 20:59:58 +0200
fuss-client (2.0.7-2) feisty; urgency=low
* Bug for init script.
-- Christopher R. Gabriel <cgabriel@truelite.it> Tue, 12 Jun 2007 15:57:39 +0200
fuss-client (2.0.7-1) feisty; urgency=low
* Aggiornamento octofuss-client
-- Christopher R. Gabriel <cgabriel@truelite.it> Tue, 12 Jun 2007 11:33:53 +0200
fuss-client (2.0.6-1) feisty; urgency=low
* New upstream release
-- Christopher R. Gabriel <cgabriel@truelite.it> Mon, 11 Jun 2007 20:05:33 +0200
fuss-client (2.0.5-1feisty1) feisty; urgency=low
* New upstream release
* Fixes bug: add remove call the remove functions
-- Christopher R. Gabriel <cgabriel@truelite.it> Mon, 4 Jun 2007 17:33:10 +0200
fuss-client (2.0.4-1feisty1) feisty; urgency=low
* New upstream release
* Configuration through UI
-- Christopher R. Gabriel <cgabriel@truelite.it> Mon, 4 Jun 2007 16:32:08 +0200
fuss-client (2.0.3-1feisty1) feisty; urgency=low
* New upstream release
* Closes #277
-- Christopher R. Gabriel <cgabriel@truelite.it> Mon, 4 Jun 2007 12:56:08 +0200
fuss-client (2.0.2-1feisty1) feisty; urgency=low
* New upstream release
-- Christopher R. Gabriel <cgabriel@truelite.it> Fri, 25 May 2007 22:15:24 +0200
fuss-client (2.0.1-2feisty1) feisty; urgency=low
* New upstream release
-- Christopher R. Gabriel <cgabriel@truelite.it> Thu, 24 May 2007 18:25:07 +0200
fuss-client (2.0-1feisty1) feisty; urgency=low
* Initial release.
-- Christopher R. Gabriel <cgabriel@truelite.it> Wed, 27 Dec 2006 21:32:18 +0100
/etc/fuss-client/server.conf
Source: fuss-client
Section: net
Priority: optional
Maintainer: Christopher R. Gabriel <cgabriel@truelite.it>
Build-Depends: debhelper (>= 4.0.0)
Standards-Version: 3.6.1.1
Package: fuss-client
Architecture: all
Depends: python, python-gtk2, nscd, wget, ldap-utils, libnss-ldap, libpam-ldap, ssh, nfs-common, openssl, ntpdate, hdparm, samba-client, anacron
Description: Connect a workstation to a FUSS Server
This packages contains everything to connect a workstation running
FUSS GNU/Linux (or similar) to a FUSS Server.
Developed for the FUSS Project. See http://www.fuss.bz.it/
This is fuss-client, written and maintained by Christopher R. Gabriel
<cgabriel@truelite.it> on Web, 27 Dec 2006 21:14:14 +0200.
Copyright (C) 2005 FUSS Project http://www.fuss.bz.it/
License:
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this package; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
02111-1307, USA.
On Debian systems, the complete text of the GNU General
Public License can be found in `/usr/share/common-licenses/GPL'.
#! /bin/sh
set -e
# /etc/init.d/fuss-client: start and stop the OpenBSD "secure shell(tm)" daemon
test -x /usr/sbin/octofuss-client || exit 0
if test -f /etc/default/fuss-client; then
. /etc/default/fuss-client
fi
. /lib/lsb/init-functions
check_for_no_start()
check_privsep_dir()
export PATH="${PATH:+$PATH:}/usr/sbin:/sbin"
case "$1" in
start)
log_begin_msg "Starting Octofuss Client ..."
check_for_no_start
check_privsep_dir
/usr/sbin/octofuss-client
log_end_msg 0
;;
stop)
;;
reload|force-reload)
;;
restart)
;;
*)
log_success_msg "Usage: /etc/init.d/fuss-client {start|stop}"
exit 1
esac
exit 0
common-auth usr/share/fuss-client/templates
common-account usr/share/fuss-client/templates
common-password usr/share/fuss-client/templates
common-session usr/share/fuss-client/templates
common-session-nonfs usr/share/fuss-client/templates
nsswitch.conf usr/share/fuss-client/templates
fuss-client usr/sbin
octofuss-client usr/sbin
server.conf etc/fuss-client
fuss-client.png usr/share/pixmaps
fuss-client.desktop usr/share/applications
fuss-client.8
octofuss-client.8
\ No newline at end of file
#!/usr/bin/make -f
# -*- makefile -*-
# Sample debian/rules that uses debhelper.
# This file was originally written by Joey Hess and Craig Small.
# As a special exception, when this file is copied by dh-make into a
# dh-make output file, you may use that output file without restriction.
# This special exception was added by Craig Small in version 0.37 of dh-make.
# Uncomment this to turn on verbose mode.
export DH_VERBOSE=1
CFLAGS = -Wall -g
ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
CFLAGS += -O0
else
CFLAGS += -O2
endif
configure: configure-stamp
configure-stamp:
dh_testdir
# Add here commands to configure the package.
touch configure-stamp
build:
# Nothing to do
clean:
dh_testdir
dh_testroot
rm -f build-stamp configure-stamp
dh_clean
install: build
dh_testdir
dh_testroot
dh_clean -k
binary-indep: build install
dh_testdir
dh_testroot
dh_installchangelogs
dh_installinit
dh_installman
dh_compress
dh_fixperms
dh_installdeb
dh_install
dh_gencontrol
dh_md5sums
dh_builddeb
binary-arch:
# Nothing to do here
binary: binary-indep binary-arch
.PHONY: build clean binary-indep binary-arch binary install configure
#!/usr/bin/env python
# -*- python -*-
#
# File: fuss-client
#
# Copyright (C) 2007 Christopher R. Gabriel <cgabriel@truelite.it>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
import os, os.path, sys
from gettext import gettext as _
## Check if we have an X server to connect to
xwin = False
try:
d = os.environ['DISPLAY']
xwin = True
import gtk
except:
xwin = False
#check if we're root..
if os.getuid() > 0:
if xwin:
d =gtk.MessageDialog(parent=None,
flags=gtk.DIALOG_MODAL,
type=gtk.MESSAGE_ERROR,
buttons=gtk.BUTTONS_OK)
d.set_markup(_("FUSS Client Connector\n\nCan't execute configuration\n\nAre you root?"))
d.show_all()
d.run()
d.destroy()
sys.exit(5)
else:
print "Can't execute fuss-client - Are you root?"
sys.exit(5)
## SERVER DISCOVERY
## SERVER DISCOVERY
def find_broadcast():
import os
addresses = []
data = os.popen("ifconfig | grep Bcast").readlines()
for line in data:
broadcast = line.split(":")[2]
broadcast = broadcast.split()[0]
addresses.append(broadcast)
return addresses
import sys, time
import socket
def discover_server(timeout=5):
PORT = 13400
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.bind(('', PORT+1))
s.setsockopt(socket.SOL_SOCKET, socket.SO_BROADCAST, 1)
baddrs = find_broadcast()
servers = []
print "Searching for server...."
for baddr in baddrs:
print "Searching on", baddr
data = "fuss-client-request"
s.sendto(data, (baddr, PORT))
# wait 5 seconds for the answer
s.settimeout(timeout)
try:
data, fromaddr = s.recvfrom(1024)
if fromaddr:
server = fromaddr[0]
if server not in servers:
servers.append(server)
except socket.timeout, e:
print "No servers found on %s: %s" % (baddr, e)
return servers
### FUSS CLIENT!
import getopt
__version__ = "2.0"
def usage():
print "%s %s" % (sys.argv[0], __version__)
print _("Usage"),":"
print " -a \t\t",_("To add the machine to a Fuss Network")
print " -n \t\t",_("Don't use NFS home, but local homes instead")
print " -t \t\t",_("Network search timeout (seconds)")
print " -r \t\t",_("To removed the machine from a Fuss Network")
print " -s host \t",_("The Fuss Network server")
print " -h \t\t",_("Show this help")
print ""
print _("Mail to fuss-devel@fuss.bz.it for bug reports")
print ""
# try to understand if we have an X connection
# try to understand what the user wants
try:
opts, args = getopt.getopt(sys.argv[1:], "hs:tnar", ["help"])
except getopt.GetoptError:
# print help information and exit:
usage()
sys.exit(2)
## GLOBAL STUFF
add = False
remove = False
server = None
nfs = True
search_timeout = 5
def save_server_conf(server):
import ConfigParser
conf = ConfigParser.ConfigParser()
conf.read("/etc/fuss-client/server.conf")
if not conf.has_section("Server"):
conf.add_section("Server")
conf.set("Server","address", server)
f = open("/etc/fuss-client/server.conf", "w")
r = conf.write(f)
f.close()
if not xwin:
if not len(opts) > 0:
usage()
sys.exit(10)
for o, a in opts:
if o in ("-h", "--help"):
usage()
sys.exit(1)
if o == "-n":
nfs = False
if o == "-t":
search_timeout = a
if o == "-s":
server = a
if o == "-a":
add = True
if o == "-r":
remove = True
if add == remove:
usage()
sys.exit(2)
# decide the server with autodiscovery!
if not server and add == True:
s = discover_server(search_timeout)
if len(s) == 1:
server = s[0]
elif len(s) > 1 :
print "We found several Fuss Server on this Network"
print ""
print "Please choose the one you want to use:"
for h in s:
print s.index(h)," - ",h
print ""
choice = None
while choice not in range(len(s)):
choice = int(raw_input("Your choice? (enter the server number) "))
server = s[choice]
else:
print "Can't find a suitable server to connect to."
print "Exiting.."
sys.exit(10)
print "The server is:", socket.gethostbyaddr(server)[0]
save_server_conf(server)
import os.path, glob, urllib, shutil
# support functions
def backup_file(file):
try:
shutil.copyfile(file, file+".orig")
except:
print "\tCan't backup file %s" % file
def recover_file(file):
if os.path.isfile(file+".orig"):
shutil.copyfile(file+".orig", file)
else:
print "\tCan't recover %s: no backup available" % file
def recover_files(files):
for file in files:
recover_file(file)
# Configuration callbacks
def get_configuration():
if not os.path.isdir("/var/cache/fuss-client"):
os.mkdir("/var/cache/fuss-client")
files = glob.glob("/var/cache/fuss-client/*")
for file in files:
os.remove(file)
to_get = ["ldap.conf","pam_ldap.conf","libnss-ldap.conf", "id_dsa.pub", "cacert.pem"]
try:
urllib.urlopen("http://%s/fuss-data-conf/cacert.pem" % server)
except:
print "Can't get configuration files from server", server
sys.exit(20)
base_url = "http://%s/fuss-data-conf/" % server
for tg in to_get:
print "\tGetting file:", tg
r = urllib.urlopen("%s/%s" % (base_url, tg))
f = open("/var/cache/fuss-client/%s" % tg, "w")
f.write(r.read())
f.close()
def find_usable_local_user():
choices = ['local-utente', 'local-user', 'local-test']
data = os.popen("getent passwd").readlines()
users = []
for line in data:
users.append(line.split(":")[0])
found_user = "local-fuss-user"
for choice in choices:
if choice in users:
continue
else:
found_user = choice
break
return found_user
def create_local_user():
user = find_usable_local_user()
import crypt
password = crypt.crypt(user, "WF")
if not os.path.isdir("/var/home"):
os.mkdir("/var/home", 0775)
os.system("useradd -K UID_MAX=3000 -K UID_MIN=2000 -m -d /var/home/%s -p %s %s" % (user, password, user))
def set_ldap_configuration():
backup_file("/etc/ldap/ldap.conf")
f = open("/etc/ldap/ldap.conf","w")
nf = open("/var/cache/fuss-client/ldap.conf")
f.write(nf.read())
f.close()
nf.close()
if os.path.isfile("/etc/ssl/certs/cacert.pem"):
backup_file("/etc/ssl/certs/cacert.pem")
f = open("/etc/ssl/certs/cacert.pem","w")
nf = open("/var/cache/fuss-client/cacert.pem")
f.write(nf.read())
f.close()
nf.close()
def set_nss_pam_configuration():
backup_file("/etc/nsswitch.conf")
shutil.copyfile("/usr/share/fuss-client/templates/nsswitch.conf", "/etc/nsswitch.conf")
backup_file("/etc/libnss-ldap.conf")
shutil.copyfile("/var/cache/fuss-client/libnss-ldap.conf" , "/etc/libnss-ldap.conf")
backup_file("/etc/pam_ldap.conf")
shutil.copyfile("/var/cache/fuss-client/pam_ldap.conf" , "/etc/pam_ldap.conf")
backup_file("/etc/pam.d/common-account")
backup_file("/etc/pam.d/common-password")