74 lines
1.7 KiB
Bash
74 lines
1.7 KiB
Bash
#!/bin/bash
|
|
set -xuo pipefail
|
|
trap "stop; exit 0;" SIGTERM SIGINT
|
|
|
|
SERVICES=(krb5-kdc krb5-admin-server nfs-kernel-server)
|
|
stop()
|
|
{
|
|
echo "signal caught, stopping the world..."
|
|
exportfs -uav
|
|
for i in "${SERVICES[@]}"; do
|
|
service "$i" stop;
|
|
done;
|
|
echo "bye!"
|
|
exit
|
|
}
|
|
|
|
DEFAULT_PERMITTED="*"
|
|
RW_MODE="rw"
|
|
UID=${NFS_UID:-0}
|
|
DOMAIN=$(echo "$NFS_KRB_REALM" | tr '[:upper:]' '[:lower]')
|
|
if [ -n "${SHARED_DIRECTORY}" ]; then
|
|
options="(${RW_MODE:-rw},\
|
|
nohide,sync,no_subtree_check,insecure,no_root_squash,crossmnt,sec=krb5p:krb5i:krb5,fsid=0)"
|
|
cat > /etc/exports <<EOE
|
|
${SHARED_DIRECTORY} ${PERMITTED:-${DEFAULT_PERMITTED}}$options
|
|
# / ${PERMITTED:-${DEFAULT_PERMITTED}}${options%?},fsid=0)
|
|
EOE
|
|
|
|
# nfs v4 root export hack
|
|
if [ "$(dirname "${SHARED_DIRECTORY}")" != "/" ]; then
|
|
cat >> /etc/exports <<-EOE
|
|
# $(dirname "${SHARED_DIRECTORY}") ${PERMITTED:-${DEFAULT_PERMITTED}}${options%?})
|
|
EOE
|
|
fi
|
|
chmod 777 "${SHARED_DIRECTORY}"
|
|
fi
|
|
|
|
cat > /etc/idmapd.conf << EOC
|
|
[General]
|
|
Domain = $DOMAIN
|
|
Verbosity = 5
|
|
EOC
|
|
|
|
cat > /etc/default/nfs-common << EOC
|
|
NEED_STATD=y
|
|
|
|
# Do you want to start the idmapd daemon? It is only needed for NFSv4.
|
|
NEED_IDMAPD=y
|
|
|
|
# Do you want to start the gssd daemon? It is required for Kerberos mounts.
|
|
NEED_GSSD=y
|
|
EOC
|
|
|
|
echo NEED_SVCGSSD=y > /etc/default/nfs-kernel-server
|
|
|
|
./common.sh
|
|
|
|
exportfs -rvaf
|
|
|
|
export OPTS_RPC_MOUNTD='--debug all -t 8 -N 3'
|
|
echo "OPTS_RPC_MOUNTD=\"${OPTS_RPC_MOUNTD}\"" >> /etc/conf.d/nfs
|
|
service nfs restart
|
|
kill `pidof rpcbind`
|
|
rpcbind -fd &> /var/log/rpcbind.log &
|
|
sleep 3
|
|
for i in "${SERVICES[@]}"; do
|
|
service "$i" start
|
|
done
|
|
rpc.svcgssd -vf &> /var/log/gssd.log &
|
|
cat /etc/krb5.conf
|
|
|
|
while true; do
|
|
sleep 360
|
|
done |