Difference between revisions of "Heimdal"

From WPKG | Open Source Software Deployment and Distribution
Jump to: navigation, search
m
 
Line 22: Line 22:
  
 
<package
 
<package
        id="secure_endpoints_heimdal"
+
id="secure_endpoints_heimdal"
        name="Secure Endpoints Heimdal Kerberos for Windows"
+
name="Secure Endpoints Heimdal Kerberos for Windows"
        revision="%version%"
+
revision="%version%-4"
        reboot="false"
+
reboot="false"
        priority="100">
+
priority="100">
  
        <!-- 1.6.0pre2 full version number is 1.6.2.0. -->
+
<!-- 1.6.0pre2 full version number is 1.6.2.0. -->
        <variable name="version" value="1.6.2.0" />
+
<variable name="version" value="1.6.2.0" />
        <variable name="filename_version" value="1-6-2-0" />
+
<variable name="filename_version" value="1-6-2-0" />
  
        <variable architecture="x86" name="heimdal_msi" value="secure_endpoints_heimdal\Heimdal-i386-%filename_version%.msi" />
+
<variable architecture="x86" name="heimdal_msi" value="secure_endpoints_heimdal\Heimdal-i386-%filename_version%.msi" />
        <variable architecture="x64" name="heimdal_msi" value="secure_endpoints_heimdal\Heimdal-AMD64-full-%filename_version%.msi" />
+
<variable architecture="x64" name="heimdal_msi" value="secure_endpoints_heimdal\Heimdal-AMD64-full-%filename_version%.msi" />
  
        <check type="uninstall" condition="exists" path="Heimdal %version%"/>
+
<check type="uninstall" condition="exists" path="Heimdal %version%"/>
  
        <install cmd='msiexec /qn /norestart /i "%SOFTWARE%\%heimdal_msi%"' >
+
<install cmd='msiexec /qn /norestart /i "%SOFTWARE%\%heimdal_msi%"' >
                <exit code='0'/>
+
<exit code='0'/>
                <exit code='3010' />
+
<exit code='3010' />
        </install>
+
</install>
        <!--
+
<!--
                Apparently krb5.conf lives in %PROGDATA% on Windows 7, %ALLUSERSPROFILE%/Application Data(or the appropriate localisation) on Windows XP.
+
Apparently krb5.conf lives in %PROGRAMDATA% on Windows 7, %ALLUSERSPROFILE%/Application Data(or the appropriate localisation) on Windows XP.
                Interestingly heimdal appears to set KRB5_CONFIG, but only if it creates the config itself.
+
Interestingly heimdal appears to set KRB5_CONFIG, but only if it creates the config itself.
                So, in order of increasing preference:
+
So, in order of increasing preference (there is no nice way to get a localised "\Application Data" here):
        -->
+
-->
        <variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Application Data\Kerberos\krb5.conf">
+
<variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Application Data\Kerberos\krb5.conf">
                <condition>
+
<condition>
                        <check type="host" condition="environment" value="ALLUSERSPROFILE=^.+$" />
+
<check type="file" condition="exists" path="%ALLUSERSPROFILE%\Application Data" />
                </condition>
+
</condition>
        </variable>
+
</variable>
        <variable name="KRB5_CONFIG" value="%PROGDATA%\Kerberos\krb5.conf">
+
<variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Anwendungsdaten\Kerberos\krb5.conf">
                <condition>
+
<condition>
                        <check type="host" condition="environment" value="PROGDATA=^.+$" />
+
<check type="file" condition="exists" path="%ALLUSERSPROFILE%\Anwendungsdaten" />
                </condition>
+
</condition>
        </variable>
+
</variable>
        <variable name="KRB5_CONFIG" value="%KRB5_CONF%">
+
<variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Toepassingsgegevens\Kerberos\krb5.conf">
                <condition>
+
<condition>
                        <check type="host" condition="environment" value="KRB5_CONF=^.+$" />
+
<check type="file" condition="exists" path="%ALLUSERSPROFILE%\Toepassingsgegevens" />
                </condition>
+
</condition>
        </variable>
+
</variable>
        <install cmd='cmd /C copy /Y "%SOFTWARE%\secure_endpoints_heimdal\krb5.conf" "%KRB5_CONFIG%" '>
+
<variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Datos de programa\Kerberos\krb5.conf">
        </install>
+
<condition>
        <upgrade include="install"/>
+
<check type="file" condition="exists" path="%ALLUSERSPROFILE%\Datos de programa" />
        <remove cmd='msiexec /qn /norestart /x {0DC697B0-CC56-4459-84E8-7493F10DA948}' >
+
</condition>
                <exit code='0'/>
+
</variable>
                <exit code='1605' />
+
<variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Donnees d'applications\Kerberos\krb5.conf">
                <exit code='3010' />
+
<condition>
        </remove>
+
<check type="file" condition="exists" path="%ALLUSERSPROFILE%\Donnees d'applications" />
 +
</condition>
 +
</variable>
 +
<variable name="KRB5_CONFIG" value="%PROGRAMDATA%\Kerberos\krb5.conf">
 +
<condition>
 +
<check type="host" condition="environment" value="PROGRAMDATA=^.+$" />
 +
</condition>
 +
</variable>
 +
<variable name="KRB5_CONFIG" value="%KRB5_CONF%">
 +
<condition>
 +
<check type="host" condition="environment" value="KRB5_CONF=^.+$" />
 +
</condition>
 +
</variable>
 +
<install cmd='%ComSpec% /C copy /Y "%SOFTWARE%\secure_endpoints_heimdal\krb5.conf" "%KRB5_CONFIG%" '>
 +
</install>
 +
<upgrade include="install"/>
 +
<remove cmd='msiexec /qn /norestart /x {0DC697B0-CC56-4459-84E8-7493F10DA948}' >
 +
<exit code='0'/>
 +
<exit code='1605' />
 +
<exit code='3010' />
 +
</remove>
  
 
</package>
 
</package>
  
 
<package
 
<package
        id="netidmgr"
+
id="netidmgr"
        name="Network Identity Manager"
+
name="Network Identity Manager"
        revision="%version%"
+
revision="%version%"
        reboot="false"
+
reboot="false"
        priority="100">
+
priority="100">
  
        <depends package-id="secure_endpoints_heimdal" />
+
<depends package-id="secure_endpoints_heimdal" />
  
        <variable name="version" value="2.0.102.907" />
+
<variable name="version" value="2.0.102.907" />
        <variable name="filename_version" value="2_0_102_907" />
+
<variable name="filename_version" value="2_0_102_907" />
        <!-- There seems to be a mismatch between the number in the installer and that shown on the website. A second number scheme? -->
+
<!-- There seems to be a mismatch between the number in the installer and that shown on the website. A second number scheme? -->
        <variable name="uninstall_version" value="2.0.1.903" />
+
<variable name="uninstall_version" value="2.0.1.903" />
  
        <variable architecture="x86" name="netidmgr_msi" value="secure_endpoints_heimdal\netidmgr-i386-rel-%filename_version%.msi" />
+
<variable architecture="x86" name="netidmgr_msi" value="secure_endpoints_heimdal\netidmgr-i386-rel-%filename_version%.msi" />
        <variable architecture="x64" name="netidmgr_msi" value="secure_endpoints_heimdal\netidmgr-AMD64-rel-%filename_version%.msi" />
+
<variable architecture="x64" name="netidmgr_msi" value="secure_endpoints_heimdal\netidmgr-AMD64-rel-%filename_version%.msi" />
  
        <check type="uninstall" condition="versiongreaterorequal" path="Network Identity Manager" value="%uninstall_version%" />
+
<check type="uninstall" condition="versiongreaterorequal" path="Network Identity Manager" value="%uninstall_version%" />
  
        <install cmd='msiexec /qn /norestart /i "%SOFTWARE%\%netidmgr_msi%"' >
+
<install cmd='msiexec /qn /norestart /i "%SOFTWARE%\%netidmgr_msi%"' >
                <exit code='0'/>
+
<exit code='0'/>
                <exit code='3010' />
+
<exit code='3010' />
        </install>
+
</install>
        <upgrade include="install"/>
+
<upgrade include="install"/>
  
        <remove cmd='msiexec /qn /x {84F4BEC6-0953-4687-A7E2-D6A42C141FD5}' >
+
<remove cmd='msiexec /qn /x {84F4BEC6-0953-4687-A7E2-D6A42C141FD5}' >
                <exit code='0'/>
+
<exit code='0'/>
                <exit code='1605' />
+
<exit code='1605' />
                <exit code='3010' />
+
<exit code='3010' />
        </remove>
+
</remove>
 
</package>
 
</package>
  

Latest revision as of 12:06, 2 July 2015

This is a silent installer for the Secure Endpoints distribution of Heimdal for Windows and Network Identity Manager.

Heimdal is a prerequisite of OpenAFS

Populating %SOFTWARE%/secure_endpoints_heimdal/


Configuration

The package configuration looks like:

<!--
As of 2014-05-29 this file has been tested, and appears to work with:
        Windows XP 32-bit SP3 [English]
        Windows 7 32-bit SP1 [English]
        Windows 7 64-bit SP1 [English]
-->

<package
	id="secure_endpoints_heimdal"
	name="Secure Endpoints Heimdal Kerberos for Windows"
	revision="%version%-4"
	reboot="false"
	priority="100">

	<!-- 1.6.0pre2 full version number is 1.6.2.0. -->
	<variable name="version" value="1.6.2.0" />
	<variable name="filename_version" value="1-6-2-0" />

	<variable architecture="x86" name="heimdal_msi" value="secure_endpoints_heimdal\Heimdal-i386-%filename_version%.msi" />
	<variable architecture="x64" name="heimdal_msi" value="secure_endpoints_heimdal\Heimdal-AMD64-full-%filename_version%.msi" />

	<check type="uninstall" condition="exists" path="Heimdal %version%"/>

	<install cmd='msiexec /qn /norestart /i "%SOFTWARE%\%heimdal_msi%"' >
		<exit code='0'/>
		<exit code='3010' />
	</install>
	<!--
		Apparently krb5.conf lives in %PROGRAMDATA% on Windows 7, %ALLUSERSPROFILE%/Application Data(or the appropriate localisation) on Windows XP.
		Interestingly heimdal appears to set KRB5_CONFIG, but only if it creates the config itself.
		So, in order of increasing preference (there is no nice way to get a localised "\Application Data" here):
	-->
	<variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Application Data\Kerberos\krb5.conf">
		<condition>
			<check type="file" condition="exists" path="%ALLUSERSPROFILE%\Application Data" />
		</condition>
	</variable>
	<variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Anwendungsdaten\Kerberos\krb5.conf">
		<condition>
			<check type="file" condition="exists" path="%ALLUSERSPROFILE%\Anwendungsdaten" />
		</condition>
	</variable>
	<variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Toepassingsgegevens\Kerberos\krb5.conf">
		<condition>
			<check type="file" condition="exists" path="%ALLUSERSPROFILE%\Toepassingsgegevens" />
		</condition>
	</variable>
	<variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Datos de programa\Kerberos\krb5.conf">
		<condition>
			<check type="file" condition="exists" path="%ALLUSERSPROFILE%\Datos de programa" />
		</condition>
	</variable>
	<variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Donnees d'applications\Kerberos\krb5.conf">
		<condition>
			<check type="file" condition="exists" path="%ALLUSERSPROFILE%\Donnees d'applications" />
		</condition>
	</variable>
	<variable name="KRB5_CONFIG" value="%PROGRAMDATA%\Kerberos\krb5.conf">
		<condition>
			<check type="host" condition="environment" value="PROGRAMDATA=^.+$" />
		</condition>
	</variable>
	<variable name="KRB5_CONFIG" value="%KRB5_CONF%">
		<condition>
			<check type="host" condition="environment" value="KRB5_CONF=^.+$" />
		</condition>
	</variable>
	<install cmd='%ComSpec% /C copy /Y "%SOFTWARE%\secure_endpoints_heimdal\krb5.conf" "%KRB5_CONFIG%" '>
	</install>
	<upgrade include="install"/>
	<remove cmd='msiexec /qn /norestart /x {0DC697B0-CC56-4459-84E8-7493F10DA948}' >
		<exit code='0'/>
		<exit code='1605' />
		<exit code='3010' />
	</remove>

</package>

<package
	id="netidmgr"
	name="Network Identity Manager"
	revision="%version%"
	reboot="false"
	priority="100">

	<depends package-id="secure_endpoints_heimdal" />

	<variable name="version" value="2.0.102.907" />
	<variable name="filename_version" value="2_0_102_907" />
	<!-- There seems to be a mismatch between the number in the installer and that shown on the website. A second number scheme? -->
	<variable name="uninstall_version" value="2.0.1.903" />

	<variable architecture="x86" name="netidmgr_msi" value="secure_endpoints_heimdal\netidmgr-i386-rel-%filename_version%.msi" />
	<variable architecture="x64" name="netidmgr_msi" value="secure_endpoints_heimdal\netidmgr-AMD64-rel-%filename_version%.msi" />

	<check type="uninstall" condition="versiongreaterorequal" path="Network Identity Manager" value="%uninstall_version%" />

	<install cmd='msiexec /qn /norestart /i "%SOFTWARE%\%netidmgr_msi%"' >
		<exit code='0'/>
		<exit code='3010' />
	</install>
	<upgrade include="install"/>

	<remove cmd='msiexec /qn /x {84F4BEC6-0953-4687-A7E2-D6A42C141FD5}' >
		<exit code='0'/>
		<exit code='1605' />
		<exit code='3010' />
	</remove>
</package>

An appropriate krb5.conf may look like:

[libdefaults]
        default_realm = EXAMPLE.COM
        allow_weak_crypto = true
        forwardable = true
        proxiable = true
        clockskew = 300
        v4_instance_resolve = false
        v4_name_convert= {
                host = {
                        rcmd = host
                        ftp = ftp
                }
                plain = {
                        something = something-else
                }
        }

[realms]
        EXAMPLE.COM = {
                kdc = a.kdc.example.com
                kdc = b.kdc.example.com
                admin_server = a.kdc.example.com
                default_domain = example.com
        }

[domain_realm]
        example.com = EXAMPLE.COM
        .example.com = EXAMPLE.COM