Fix all domtool scripts for modern Debian and HCoop practices
* There is no longer any local `domtool' group, use `nogroup' instead and
chmod files user readable only
* The init scripts assumed `/usr/local/[s]bin' were in `$PATH', which
is not true on a default Debian install. Rather than require
customization of system defaults, just use long paths. It would be
nice if the Makefile supported relocatable installs, but I also want
a pony for xmas.
* `domtool-admin-sudo' never worked properly. It seems to rely on the
mistaken assumption that starting a `pagsh' gives you a new
PAG... when `pagsh' has the unintuitive behavior of adopting the
current PAG instead of creating a new one if one should
exist. Things appeared to work since there was always a local
domtool user, and some interaction between the init scripts
acquiring tokens outside of a PAG and sudo led to use of the uid
ticket cache. The solution is just to use `k5start' instead of
`kinit && aklog'
HCoop / hcoop / domtool2.git / commit