From de098e1f22ae6cdde62aa9f6b75697852e872ced Mon Sep 17 00:00:00 2001 From: Tom Barrett Date: Thu, 20 Feb 2020 06:47:16 -0600 Subject: can now use kadmin correctly --- configs/hosts | 6 ++++++ configs/kerberos/interfaces | 14 ++++++++++++++ destroy | 1 + scripts/kerberos | 5 +++-- 4 files changed, 24 insertions(+), 2 deletions(-) create mode 100644 configs/hosts create mode 100644 configs/kerberos/interfaces diff --git a/configs/hosts b/configs/hosts new file mode 100644 index 0000000..03fb37e --- /dev/null +++ b/configs/hosts @@ -0,0 +1,6 @@ +127.0.0.1 localhost +::1 localhost ip6-localhost ip6-loopback +ff02::1 ip6-allnodes +ff02::2 ip6-allrouters + +192.168.122.100 krb.hades.hr diff --git a/configs/kerberos/interfaces b/configs/kerberos/interfaces new file mode 100644 index 0000000..cf65d6a --- /dev/null +++ b/configs/kerberos/interfaces @@ -0,0 +1,14 @@ +# This file describes the network interfaces available on your system +# and how to activate them. For more information, see interfaces(5). + +# The loopback network interface +auto lo +iface lo inet loopback + +auto eth0 +iface eth0 inet static + address 192.168.122.100/24 + post-up route add -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.122.1 + pre-down route del -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.122.1 + +source /etc/network/interfaces.d/*.cfg diff --git a/destroy b/destroy index f68a95c..fcf09eb 100755 --- a/destroy +++ b/destroy @@ -2,3 +2,4 @@ lxc-stop -n kerberos lxc-destroy -n kerberos +ssh-keygen -R "192.168.122.100" diff --git a/scripts/kerberos b/scripts/kerberos index f1e16ed..0fb455d 100755 --- a/scripts/kerberos +++ b/scripts/kerberos @@ -14,11 +14,12 @@ sshpass -p $ROOT_PASS ssh-copy-id -o "StrictHostKeyChecking=no" root@$IP scp configs/kerberos/krb5.conf root@$IP:/etc/ scp configs/kerberos/kdc.conf root@$IP:/etc/krb5kdc/ scp configs/kerberos/kadm5.acl root@$IP:/etc/krb5kdc/ +scp configs/kerberos/interfaces root@$IP:/etc/network/ +scp configs/hosts root@$IP:/etc/ lxc-attach -n kerberos -- bash -c 'echo -e "'$KRB5_PASS'\n'$KRB5_PASS'" | krb5_newrealm' lxc-attach -n kerberos -- bash -c 'echo -e "'$KRB5_ADMIN_PASS'\n'$KRB5_ADMIN_PASS'" | kadmin.local addprinc root/admin' +lxc-attach -n kerberos -- systemctl restart networking lxc-attach -n kerberos -- systemctl restart krb5-admin-server lxc-attach -n kerberos -- systemctl restart krb5-kdc - -# should be able to now use kadmin, but cannot ? -- cgit v1.2.3