tune_sssd.sh: improve detections

dc-client/tune_sssd.sh

@@ -6,6 +6,18 @@ fatal()
     exit 1
 }
 
+# Get REALM (needed for sssd tuning only) from DNS
+REALM=$(host -t txt _kerberos | sed -e 's|.*"\(.*\)".*|\1|')
+if [ -z "$REALM" ] ; then
+    if [ -n "$1" ] ; then
+        REALM="$1"
+        shift
+    else
+        fatal "Check your DNS with $ host -t txt _kerberos or run with REALM as param"
+    fi
+fi
+echo "Use REALM $REALM ..."
+
 case $(distr_info -d) in
     Ubuntu|Debian)
         # Ubuntu
@@ -30,16 +42,18 @@ subst()
 }
 fi
 
-LIBDIR=/usr/lib64
-[ -d /usr/lib64 ] || LIBDIR=/usr/lib
+LIBDIR=$(getconf LIBDIR)
+if [ ! -d "$LIBDIR" ] ; then
+    LIBDIR=/usr/lib64
+    [ -d /usr/lib64 ] || LIBDIR=/usr/lib
+fi
 
 if [ ! -L $LIBDIR/samba/ldb ] ; then
     ln -s $LIBDIR/ldb/modules/ldb $LIBDIR/samba/ldb
 fi
 
-REALM="ETERSOFT.RU"
 if [ -d /etc/sssd/conf.d ] ; then
-cat <<EOF >/etc/sssd/conf.d/etersoft.conf || fatal
+cat <<EOF >/etc/sssd/conf.d/ad.conf || fatal
 [sssd]
 domains = $REALM
 
@@ -58,21 +72,15 @@ fallback_homedir = /home/%u
 ldap_chpass_dns_service_name = ad
 
 ldap_id_mapping = False
-;use_fully_qualified_names = True
+use_fully_qualified_names = False
 ; always ask KDC
 cache_credentials = false
 
-;ad_hostname = asu.office.etersoft.ru
-;ad_server = dc.etersoft.ru
-
-;ad_domain = ETERSOFT.RU
-
 enumerate = true
-; krb5_canonicalize = True
 dyndns_update = False
 EOF
 
-chmod 0600 /etc/sssd/conf.d/etersoft.conf
+chmod 0600 /etc/sssd/conf.d/ad.conf
 else
     echo "Skipping sssd conf creating"
 fi
@@ -81,8 +89,8 @@ fi
 
 if ! grep -q " sss" /etc/nsswitch.conf ; then
     subst "s| mysql| sss mysql|g" /etc/nsswitch.conf
+    ( cd /etc ; git diff nsswitch.conf | cat )
 fi
-( cd /etc ; git diff nsswitch.conf | cat )
 
 # TODO: realmd