tune_sssd.sh: small fixes, add RedOS support

dc-client/tune_sssd.sh

@@ -34,16 +34,22 @@ echo "Use REALM $REALM ..."
 
 
 case $(epm print info -d) in
-    Ubuntu|Debian)
+    Ubuntu|Debian|AstraLinux)
         # Ubuntu
         epmi --skip-installed samba-common-bin krb5-config krb5-user ldb-tools sssd-ad samba
         ;;
     ALTLinux)
-        epmi --skip-installed krb5-kinit ldb-tools sssd-ad samba-common-tools
+        epmi --skip-installed krb5-kinit ldb-tools sssd-ad samba-common-tools samba-common-client samba-common
         # pam_mount task-auth-ad-sssd
         ;;
-    Fedora|CentOS|RHEL)
+    Fedora|RedOS|GosLinux|CentOS|RHEL)
         epmi --skip installed krb5-workstation ldb-tools sssd-ad samba-common-tools
+cat <<EOF >/etc/kdrb5.conf.d/ad
+[libdefaults]
+ dns_lookup_kdc = true
+ dns_lookup_realm = true
+ rdns = true
+EOF
         ;;
     *)
         fatal "Unsupported distro $(epm print info -d)"
@@ -141,7 +147,7 @@ WORKGROUP=$(echo "$REALM" | sed -e "s|\..*||")
 if ! grep -q "realm = $REALM" /etc/samba/smb.conf ; then
     cat <<EOF >>/etc/samba/smb.conf
 
-       [global]
+[global]
        security = ads
        realm = $REALM
        workgroup = $WORKGROUP
@@ -182,8 +188,8 @@ serv sssd on
 
 OPENSSHDIR=/etc/openssh
 [ ! -d "$OPENSSHDIR" ] && [ -d "/etc/ssh" ] && OPENSSHDIR=/etc/ssh
-subst "s|^#   GSSAPIAuthentication no|    GSSAPIAuthentication yes|" $OPENSSHDIR/ssh_config
-subst "s|^#   GSSAPIDelegateCredentials no|    GSSAPIDelegateCredentials yes|" $OPENSSHDIR/ssh_config
+subst "s|^#\( *\)GSSAPIAuthentication no|\1GSSAPIAuthentication yes|" $OPENSSHDIR/ssh_config
+subst "s|^#\( *\)GSSAPIDelegateCredentials no|\1GSSAPIDelegateCredentials yes|" $OPENSSHDIR/ssh_config
 
 echo "Done. Don't bother about DNS errors above"
 echo "Check https://www.altlinux.org/SSSD/AD for detailed description."