generated from alice-meta-packages/alice-meta-template
29 lines
835 B
Bash
Executable File
29 lines
835 B
Bash
Executable File
#!/bin/bash
|
|
|
|
set -e
|
|
|
|
. /usr/share/debconf/confmodule
|
|
|
|
# stores ldap bindpw in $RET
|
|
db_get alice-auth/ldap-bind-password
|
|
|
|
SSSD_CONFIG=/etc/sssd/sssd.conf
|
|
SSHD_CONFIG=/etc/ssh/sshd_config
|
|
|
|
# sets bindpw in sssd config
|
|
sed -i "s/ldap_default_authtok =.*/ldap_default_authtok = $RET/" $SSSD_CONFIG
|
|
|
|
# sets auth keys script in sshd config
|
|
sed -i "s/#AuthorizedKeysCommand/AuthorizedKeysCommand/" $SSHD_CONFIG
|
|
sed -i "/AuthorizedKeysCommand\( \|$\)/s/AuthorizedKeysCommand.*/AuthorizedKeysCommand \/usr\/bin\/sss_ssh_authorizedkeys/" $SSHD_CONFIG
|
|
|
|
# change permissions and owner of sssd config
|
|
chmod 600 $SSSD_CONFIG
|
|
chown root:root $SSSD_CONFIG
|
|
|
|
# check if sss is set on hosts in /etc/nsswitch.conf
|
|
if ! grep -q '^hosts:.*sss' /etc/nsswitch.conf; then
|
|
sed -i 's/files/files sss/' /etc/nsswitch.conf
|
|
fi
|
|
|
|
systemctl restart sssd autofs ssh |