From b7c1937d5a9070ee29e2f988d22c7433037af568 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 27 Jun 2018 13:20:15 +0200
Subject: [pam-slx-plug] Write user's LDAP attributes to .openslx/ldap

Also qury transitive group memberships of AD servers
by setting the search base to the user's DN and then limiting
the search scope to "base"
---
 core/modules/pam-slx-plug/data/opt/openslx/pam/exec_auth | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'core/modules/pam-slx-plug/data/opt/openslx/pam/exec_auth')

diff --git a/core/modules/pam-slx-plug/data/opt/openslx/pam/exec_auth b/core/modules/pam-slx-plug/data/opt/openslx/pam/exec_auth
index d140f78c..6f1dc0ae 100755
--- a/core/modules/pam-slx-plug/data/opt/openslx/pam/exec_auth
+++ b/core/modules/pam-slx-plug/data/opt/openslx/pam/exec_auth
@@ -45,6 +45,7 @@ for auth_file in /opt/openslx/pam/auth-source.d/*; do
 	USER_GROUP=
 	USER_HOME=
 	USER_DN=
+	USER_INFO_FILE=
 	[ -f "$auth_file" ] || continue
 	. "$auth_file"
 	[ -n "$USER_UID" ] || continue
@@ -133,7 +134,10 @@ if [ -n "${REAL_ACCOUNT}" ]; then
 	echo "${REAL_ACCOUNT}" > "${TEMP_HOME_DIR}/.openslx/account"
 	chmod 0644 "${TEMP_HOME_DIR}/.openslx/account"
 fi
-
+if [ -n "$USER_INFO_FILE" ] && [ -s "$USER_INFO_FILE" ]; then
+	mv -- "$USER_INFO_FILE" "${TEMP_HOME_DIR}/.openslx/ldap"
+	chmod 0644 "${TEMP_HOME_DIR}/.openslx/ldap"
+fi
 
 ###############################################################################
 #
-- 
cgit v1.2.3-55-g7522