Source

mindref-sbin / kdc-client

Full commit
#!/bin/bash

if [ -z "`dpkg -s krb5-user 2>/dev/null | grep 'ok installed'`" ]; then
    apt-get -y install krb5-user libpam-krb5 kstart
fi

krb_conf=/etc/krb5.conf
declare `sed -n '/default_realm/p' $krb_conf | sed -e 's,\s,,g'`

if [ -z "`cat $krb_conf | grep "$default_realm\s*="`" ]; then
    domain_name=`hostname -d`
    exp="\t$default_realm = {\n\
\t\t\# The entries below can be commented out\n\
\t\t\# in case there is dns resolution\n\
\t\tkdc = kdc.$domain_name\n\
\t\tadmin_server = krb.$domain_name\n\
\t}\n\
\n\
[domain_realm]"
    sed -e 's/\[domain_realm\]/'"$exp"'/' $krb_conf > /tmp/x && mv /tmp/x $krb_conf
fi

if [ -z "`cat /etc/inittab | grep k5start`" ]; then
    # It will check every 10 minutes of the Kerberos ticket 
    # needs to be renewed and set the ticket lifetime to 24 hours
    cat <<EOF >> /etc/inittab
KS:2345:respawn:/usr/bin/k5start -U -f /etc/krb5.keytab -K 10 -l 24h
EOF

    # Force init to reload configuration
    kill -HUP 1
fi

# If the network is up, renew ticket
cat <<EOF > /etc/network/if-up.d/k5start
#!/bin/sh
while true; do
    /usr/bin/k5start -U -f /etc/krb5.keytab
    if [ $? -eq 0 ]; then
        break;
    fi  
    sleep 5
done
EOF
chmod +x /etc/network/if-up.d/k5start