#!/bin/sh
# auth cy
# 适用于CentOS 7
echo "Entropy before installing RNG tools"
cat /proc/sys/kernel/random/entropy_avail
# 安装 RNG
echo "Installing RNG tools"
yum install -y rng-tools
# 启动服务并添加自启动
systemctl enable --now rngd.service
echo "Entropy after installing RNG tools"
cat /proc/sys/kernel/random/entropy_avail
# 安装 Kerberos
echo "Installing Kerberos Packages"
yum install -y krb5-server krb5-libs krb5-workstation
# #################################
# Assming default configuration!!!!
# #################################
# 指定 REALM
REALM="HADOOP.COM"
# 创建 krb5.conf 文件
HOSTNAME=`hostname`
echo "Creating krb5.conf file, KDC host is ${HOSTNAME} and realm is ${REALM}"
cat >/etc/krb5.conf <<EOF
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = ${REALM}
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
[realms]
${REALM} = {
kdc = ${HOSTNAME}
admin_server = ${HOSTNAME}
}
[domain_realm]
.${HOSTNAME} = ${REALM}
${HOSTNAME} = ${REALM}
EOF
# 创建 kdam5.acl 文件
echo "Creating kadm5.acl file, realm is ${REALM}"
cat >/var/kerberos/krb5kdc/kadm5.acl <<EOF
*/admin@${REALM} *
EOF
# 创建 KDC 数据库
echo "Created KDC database, this could take some time"
kdb5_util create -s -P hadoop
# 创建管理员
echo "Creating administriative account:"
echo " principal: admin/admin"
echo " password: hadoop"
kadmin.local -q 'addprinc -pw hadoop admin/admin'
# 启动服务并添加自启动
echo "Starting services"
systemctl enable --now krb5kdc.service
systemctl enable --now kadmin.service
配置文件:
