diff options
Diffstat (limited to 'core/modules/pam')
-rw-r--r-- | core/modules/pam/data/etc/pam.d/kdm | 10 | ||||
-rw-r--r-- | core/modules/pam/data/etc/pam.d/kdm-np | 11 | ||||
-rwxr-xr-x | core/modules/pam/data/opt/openslx/scripts/pam_script_auth | 7 | ||||
-rwxr-xr-x | core/modules/pam/data/opt/openslx/scripts/pam_script_ses_close | 11 | ||||
-rw-r--r-- | core/modules/pam/module.conf.debian | 4 | ||||
-rw-r--r-- | core/modules/pam/module.conf.ubuntu | 4 | ||||
-rw-r--r-- | core/modules/pam/module.conf.ubuntu.16 | 4 | ||||
-rw-r--r-- | core/modules/pam/module.conf.ubuntu.17 | 41 |
8 files changed, 54 insertions, 38 deletions
diff --git a/core/modules/pam/data/etc/pam.d/kdm b/core/modules/pam/data/etc/pam.d/kdm deleted file mode 100644 index e6a4ec9b..00000000 --- a/core/modules/pam/data/etc/pam.d/kdm +++ /dev/null @@ -1,10 +0,0 @@ -# -# /etc/pam.d/kdm - specify the PAM behaviour of kdm -# -auth required pam_nologin.so -auth required pam_env.so readenv=1 -auth required pam_env.so readenv=1 envfile=/etc/default/locale -auth include common-auth -account include common-account -password include common-password -session include common-session diff --git a/core/modules/pam/data/etc/pam.d/kdm-np b/core/modules/pam/data/etc/pam.d/kdm-np deleted file mode 100644 index dc10e5b5..00000000 --- a/core/modules/pam/data/etc/pam.d/kdm-np +++ /dev/null @@ -1,11 +0,0 @@ -# -# /etc/pam.d/kdm-np - specify the PAM behaviour of kdm for passwordless logins -# -auth required pam_nologin.so -auth required pam_env.so readenv=1 -auth required pam_env.so readenv=1 envfile=/etc/default/locale -session required pam_limits.so -account include common-account -password include common-password -session include common-session -auth required pam_permit.so diff --git a/core/modules/pam/data/opt/openslx/scripts/pam_script_auth b/core/modules/pam/data/opt/openslx/scripts/pam_script_auth index e977185e..f7e12acf 100755 --- a/core/modules/pam/data/opt/openslx/scripts/pam_script_auth +++ b/core/modules/pam/data/opt/openslx/scripts/pam_script_auth @@ -6,7 +6,12 @@ export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/o # check if the script runs as root [ "x$(whoami)" != "xroot" ] && exit 0 -PASSWD=$(getent passwd "$PAM_USER") +USER_UID=$(id -u "$PAM_USER") +if [ -n "$USER_UID" ]; then + PASSWD=$(getent passwd "$USER_UID") +else + PASSWD=$(getent passwd "$PAM_USER") +fi USER_NAME=$(echo "$PASSWD" | awk -F ':' '{print $1}') USER_UID=$(echo "$PASSWD" | awk -F ':' '{print $3}') USER_GID=$(echo "$PASSWD" | awk -F ':' '{print $4}') diff --git a/core/modules/pam/data/opt/openslx/scripts/pam_script_ses_close b/core/modules/pam/data/opt/openslx/scripts/pam_script_ses_close index e4a7c1b4..0c0b804f 100755 --- a/core/modules/pam/data/opt/openslx/scripts/pam_script_ses_close +++ b/core/modules/pam/data/opt/openslx/scripts/pam_script_ses_close @@ -29,6 +29,9 @@ fi # do not kill all root processes :) [ "x${PAM_USER}" = "xroot" ] && exit 0 +USERID=$(id -u "$PAM_USER") +[ -z "$USERID" ] && USERID="$PAM_USER" + # Async block: Check if user has no session open anymore, if not # kill any remaining processes belonging to the user and unmount # everything at $USERHOME and below. @@ -41,17 +44,17 @@ fi if [ "$SESSIONCOUNT" = "0" ]; then # last session, close all ghost user processes - pkill -u "${PAM_USER}" + pkill -u "${USERID}" # check if user's processes are still running for TIMEOUT in 1 1 2 FAIL; do - if ! ps -o pid,s -u "$PAM_USER" -U "$PAM_USER" | grep -q -v -E "PID|Z"; then + if ! ps -o pid,s -u "$USERID" -U "$USERID" | grep -q -v -E "PID|Z"; then # nothing running anymore break fi if [ "$TIMEOUT" = "FAIL" ]; then # still something running, send SIGKILL - pkill -9 -u "${PAM_USER}" + pkill -9 -u "${USERID}" else # give some time sleep "${TIMEOUT}" @@ -65,7 +68,7 @@ fi if [ "$SESSIONCOUNT" = "0" ]; then # unmount the home directory structure - USER_HOME=$(getent passwd "$PAM_USER" | awk -F ':' '{print $6}') + USER_HOME=$(getent passwd "$USERID" | awk -F ':' '{print $6}') if [ -n "$USER_HOME" ]; then for TIMEOUT in 0 0 2 2 FAIL; do OK=yes diff --git a/core/modules/pam/module.conf.debian b/core/modules/pam/module.conf.debian index 2ddd1312..f0b76a96 100644 --- a/core/modules/pam/module.conf.debian +++ b/core/modules/pam/module.conf.debian @@ -1,7 +1,5 @@ #!/bin/bash REQUIRED_INSTALLED_PACKAGES=" - libpam-ldap - libnss-ldapd libpam-ck-connector libpam-cap krb5-user @@ -20,8 +18,6 @@ REQUIRED_CONTENT_PACKAGES=" libpam-ck-connector libpam-cap libldap-2.4-2 - libpam-ldapd - libnss-ldapd krb5-user krb5-config libpam-krb5 diff --git a/core/modules/pam/module.conf.ubuntu b/core/modules/pam/module.conf.ubuntu index 6f20bfd1..40974f10 100644 --- a/core/modules/pam/module.conf.ubuntu +++ b/core/modules/pam/module.conf.ubuntu @@ -1,7 +1,5 @@ #!/bin/bash REQUIRED_INSTALLED_PACKAGES=" - libpam-ldap - libnss-ldapd krb5-user krb5-config libpam-krb5 @@ -19,8 +17,6 @@ REQUIRED_CONTENT_PACKAGES=" libpam-modules libpam-cap libldap-2.4-2 - libpam-ldap - libnss-ldapd krb5-user krb5-config libpam-krb5 diff --git a/core/modules/pam/module.conf.ubuntu.16 b/core/modules/pam/module.conf.ubuntu.16 index ff8e294e..378ef1f5 100644 --- a/core/modules/pam/module.conf.ubuntu.16 +++ b/core/modules/pam/module.conf.ubuntu.16 @@ -1,9 +1,7 @@ #!/bin/bash # TODO fix and re-add ncp support ! REQUIRED_INSTALLED_PACKAGES=" - libpam-ldap libpam-cap - libnss-ldapd krb5-user krb5-config libpam-krb5 @@ -20,8 +18,6 @@ REQUIRED_CONTENT_PACKAGES=" libpam-modules-bin libpam-cap libldap-2.4-2 - libpam-ldap - libnss-ldapd krb5-user krb5-config libpam-krb5 diff --git a/core/modules/pam/module.conf.ubuntu.17 b/core/modules/pam/module.conf.ubuntu.17 new file mode 100644 index 00000000..378ef1f5 --- /dev/null +++ b/core/modules/pam/module.conf.ubuntu.17 @@ -0,0 +1,41 @@ +#!/bin/bash +# TODO fix and re-add ncp support ! +REQUIRED_INSTALLED_PACKAGES=" + libpam-cap + krb5-user + krb5-config + libpam-krb5 + libssl-dev + ldap-utils + libnfsidmap2 + nfs-common + libpam0g-dev + cifs-utils +" +REQUIRED_CONTENT_PACKAGES=" + libpam0g + libpam-modules + libpam-modules-bin + libpam-cap + libldap-2.4-2 + krb5-user + krb5-config + libpam-krb5 + ldap-utils + libnfsidmap2 + nfs-common + cifs-utils + keyutils +" +REQUIRED_BINARIES+=" + mount.cifs +" +REQUIRED_DIRECTORIES+=" + $SYS_PAM_MODULES_PATH + /lib + /usr/lib +" +REQUIRED_SYSTEM_FILES+=" + /etc/pam.conf + /etc/default/locale +" |