Difference between revisions of "Heimdal"
From WPKG | Open Source Software Deployment and Distribution
m |
|||
Line 22: | Line 22: | ||
<package | <package | ||
− | + | id="secure_endpoints_heimdal" | |
− | + | name="Secure Endpoints Heimdal Kerberos for Windows" | |
− | + | revision="%version%-4" | |
− | + | reboot="false" | |
− | + | priority="100"> | |
− | + | <!-- 1.6.0pre2 full version number is 1.6.2.0. --> | |
− | + | <variable name="version" value="1.6.2.0" /> | |
− | + | <variable name="filename_version" value="1-6-2-0" /> | |
− | + | <variable architecture="x86" name="heimdal_msi" value="secure_endpoints_heimdal\Heimdal-i386-%filename_version%.msi" /> | |
− | + | <variable architecture="x64" name="heimdal_msi" value="secure_endpoints_heimdal\Heimdal-AMD64-full-%filename_version%.msi" /> | |
− | + | <check type="uninstall" condition="exists" path="Heimdal %version%"/> | |
− | + | <install cmd='msiexec /qn /norestart /i "%SOFTWARE%\%heimdal_msi%"' > | |
− | + | <exit code='0'/> | |
− | + | <exit code='3010' /> | |
− | + | </install> | |
− | + | <!-- | |
− | + | Apparently krb5.conf lives in %PROGRAMDATA% on Windows 7, %ALLUSERSPROFILE%/Application Data(or the appropriate localisation) on Windows XP. | |
− | + | Interestingly heimdal appears to set KRB5_CONFIG, but only if it creates the config itself. | |
− | + | So, in order of increasing preference (there is no nice way to get a localised "\Application Data" here): | |
− | + | --> | |
− | + | <variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Application Data\Kerberos\krb5.conf"> | |
− | + | <condition> | |
− | + | <check type="file" condition="exists" path="%ALLUSERSPROFILE%\Application Data" /> | |
− | + | </condition> | |
− | + | </variable> | |
− | + | <variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Anwendungsdaten\Kerberos\krb5.conf"> | |
− | + | <condition> | |
− | + | <check type="file" condition="exists" path="%ALLUSERSPROFILE%\Anwendungsdaten" /> | |
− | + | </condition> | |
− | + | </variable> | |
− | + | <variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Toepassingsgegevens\Kerberos\krb5.conf"> | |
− | + | <condition> | |
− | + | <check type="file" condition="exists" path="%ALLUSERSPROFILE%\Toepassingsgegevens" /> | |
− | + | </condition> | |
− | + | </variable> | |
− | + | <variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Datos de programa\Kerberos\krb5.conf"> | |
− | + | <condition> | |
− | + | <check type="file" condition="exists" path="%ALLUSERSPROFILE%\Datos de programa" /> | |
− | + | </condition> | |
− | + | </variable> | |
− | + | <variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Donnees d'applications\Kerberos\krb5.conf"> | |
− | + | <condition> | |
− | + | <check type="file" condition="exists" path="%ALLUSERSPROFILE%\Donnees d'applications" /> | |
+ | </condition> | ||
+ | </variable> | ||
+ | <variable name="KRB5_CONFIG" value="%PROGRAMDATA%\Kerberos\krb5.conf"> | ||
+ | <condition> | ||
+ | <check type="host" condition="environment" value="PROGRAMDATA=^.+$" /> | ||
+ | </condition> | ||
+ | </variable> | ||
+ | <variable name="KRB5_CONFIG" value="%KRB5_CONF%"> | ||
+ | <condition> | ||
+ | <check type="host" condition="environment" value="KRB5_CONF=^.+$" /> | ||
+ | </condition> | ||
+ | </variable> | ||
+ | <install cmd='%ComSpec% /C copy /Y "%SOFTWARE%\secure_endpoints_heimdal\krb5.conf" "%KRB5_CONFIG%" '> | ||
+ | </install> | ||
+ | <upgrade include="install"/> | ||
+ | <remove cmd='msiexec /qn /norestart /x {0DC697B0-CC56-4459-84E8-7493F10DA948}' > | ||
+ | <exit code='0'/> | ||
+ | <exit code='1605' /> | ||
+ | <exit code='3010' /> | ||
+ | </remove> | ||
</package> | </package> | ||
<package | <package | ||
− | + | id="netidmgr" | |
− | + | name="Network Identity Manager" | |
− | + | revision="%version%" | |
− | + | reboot="false" | |
− | + | priority="100"> | |
− | + | <depends package-id="secure_endpoints_heimdal" /> | |
− | + | <variable name="version" value="2.0.102.907" /> | |
− | + | <variable name="filename_version" value="2_0_102_907" /> | |
− | + | <!-- There seems to be a mismatch between the number in the installer and that shown on the website. A second number scheme? --> | |
− | + | <variable name="uninstall_version" value="2.0.1.903" /> | |
− | + | <variable architecture="x86" name="netidmgr_msi" value="secure_endpoints_heimdal\netidmgr-i386-rel-%filename_version%.msi" /> | |
− | + | <variable architecture="x64" name="netidmgr_msi" value="secure_endpoints_heimdal\netidmgr-AMD64-rel-%filename_version%.msi" /> | |
− | + | <check type="uninstall" condition="versiongreaterorequal" path="Network Identity Manager" value="%uninstall_version%" /> | |
− | + | <install cmd='msiexec /qn /norestart /i "%SOFTWARE%\%netidmgr_msi%"' > | |
− | + | <exit code='0'/> | |
− | + | <exit code='3010' /> | |
− | + | </install> | |
− | + | <upgrade include="install"/> | |
− | + | <remove cmd='msiexec /qn /x {84F4BEC6-0953-4687-A7E2-D6A42C141FD5}' > | |
− | + | <exit code='0'/> | |
− | + | <exit code='1605' /> | |
− | + | <exit code='3010' /> | |
− | + | </remove> | |
</package> | </package> | ||
Latest revision as of 12:06, 2 July 2015
This is a silent installer for the Secure Endpoints distribution of Heimdal for Windows and Network Identity Manager.
Heimdal is a prerequisite of OpenAFS
Populating %SOFTWARE%/secure_endpoints_heimdal/
- From https://www.secure-endpoints.com/heimdal/ obtain Heimdal 1.6.0pre2 (64-bit and 32-bit versions).
- From https://www.secure-endpoints.com/netidmgr/v2/ obtain Network Identity Manager 2.0.102.907 (both 32-bit and 64-bit MSIs).
- Create an appropriate krb5.conf file
Configuration
The package configuration looks like:
<!--
As of 2014-05-29 this file has been tested, and appears to work with:
Windows XP 32-bit SP3 [English]
Windows 7 32-bit SP1 [English]
Windows 7 64-bit SP1 [English]
-->
<package
id="secure_endpoints_heimdal"
name="Secure Endpoints Heimdal Kerberos for Windows"
revision="%version%-4"
reboot="false"
priority="100">
<!-- 1.6.0pre2 full version number is 1.6.2.0. -->
<variable name="version" value="1.6.2.0" />
<variable name="filename_version" value="1-6-2-0" />
<variable architecture="x86" name="heimdal_msi" value="secure_endpoints_heimdal\Heimdal-i386-%filename_version%.msi" />
<variable architecture="x64" name="heimdal_msi" value="secure_endpoints_heimdal\Heimdal-AMD64-full-%filename_version%.msi" />
<check type="uninstall" condition="exists" path="Heimdal %version%"/>
<install cmd='msiexec /qn /norestart /i "%SOFTWARE%\%heimdal_msi%"' >
<exit code='0'/>
<exit code='3010' />
</install>
<!--
Apparently krb5.conf lives in %PROGRAMDATA% on Windows 7, %ALLUSERSPROFILE%/Application Data(or the appropriate localisation) on Windows XP.
Interestingly heimdal appears to set KRB5_CONFIG, but only if it creates the config itself.
So, in order of increasing preference (there is no nice way to get a localised "\Application Data" here):
-->
<variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Application Data\Kerberos\krb5.conf">
<condition>
<check type="file" condition="exists" path="%ALLUSERSPROFILE%\Application Data" />
</condition>
</variable>
<variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Anwendungsdaten\Kerberos\krb5.conf">
<condition>
<check type="file" condition="exists" path="%ALLUSERSPROFILE%\Anwendungsdaten" />
</condition>
</variable>
<variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Toepassingsgegevens\Kerberos\krb5.conf">
<condition>
<check type="file" condition="exists" path="%ALLUSERSPROFILE%\Toepassingsgegevens" />
</condition>
</variable>
<variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Datos de programa\Kerberos\krb5.conf">
<condition>
<check type="file" condition="exists" path="%ALLUSERSPROFILE%\Datos de programa" />
</condition>
</variable>
<variable name="KRB5_CONFIG" value="%ALLUSERSPROFILE%\Donnees d'applications\Kerberos\krb5.conf">
<condition>
<check type="file" condition="exists" path="%ALLUSERSPROFILE%\Donnees d'applications" />
</condition>
</variable>
<variable name="KRB5_CONFIG" value="%PROGRAMDATA%\Kerberos\krb5.conf">
<condition>
<check type="host" condition="environment" value="PROGRAMDATA=^.+$" />
</condition>
</variable>
<variable name="KRB5_CONFIG" value="%KRB5_CONF%">
<condition>
<check type="host" condition="environment" value="KRB5_CONF=^.+$" />
</condition>
</variable>
<install cmd='%ComSpec% /C copy /Y "%SOFTWARE%\secure_endpoints_heimdal\krb5.conf" "%KRB5_CONFIG%" '>
</install>
<upgrade include="install"/>
<remove cmd='msiexec /qn /norestart /x {0DC697B0-CC56-4459-84E8-7493F10DA948}' >
<exit code='0'/>
<exit code='1605' />
<exit code='3010' />
</remove>
</package>
<package
id="netidmgr"
name="Network Identity Manager"
revision="%version%"
reboot="false"
priority="100">
<depends package-id="secure_endpoints_heimdal" />
<variable name="version" value="2.0.102.907" />
<variable name="filename_version" value="2_0_102_907" />
<!-- There seems to be a mismatch between the number in the installer and that shown on the website. A second number scheme? -->
<variable name="uninstall_version" value="2.0.1.903" />
<variable architecture="x86" name="netidmgr_msi" value="secure_endpoints_heimdal\netidmgr-i386-rel-%filename_version%.msi" />
<variable architecture="x64" name="netidmgr_msi" value="secure_endpoints_heimdal\netidmgr-AMD64-rel-%filename_version%.msi" />
<check type="uninstall" condition="versiongreaterorequal" path="Network Identity Manager" value="%uninstall_version%" />
<install cmd='msiexec /qn /norestart /i "%SOFTWARE%\%netidmgr_msi%"' >
<exit code='0'/>
<exit code='3010' />
</install>
<upgrade include="install"/>
<remove cmd='msiexec /qn /x {84F4BEC6-0953-4687-A7E2-D6A42C141FD5}' >
<exit code='0'/>
<exit code='1605' />
<exit code='3010' />
</remove>
</package>
An appropriate krb5.conf may look like:
[libdefaults] default_realm = EXAMPLE.COM allow_weak_crypto = true forwardable = true proxiable = true clockskew = 300 v4_instance_resolve = false v4_name_convert= { host = { rcmd = host ftp = ftp } plain = { something = something-else } } [realms] EXAMPLE.COM = { kdc = a.kdc.example.com kdc = b.kdc.example.com admin_server = a.kdc.example.com default_domain = example.com } [domain_realm] example.com = EXAMPLE.COM .example.com = EXAMPLE.COM