diff options
| author | Simon Rettberg | 2015-05-15 17:35:58 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2015-05-15 17:35:58 +0200 |
| commit | 28e43ee95190e0c795621a63323e191e190c8c24 (patch) | |
| tree | dd216e8f44415aa33c7246d4311786fa4c71498b /remote/modules/pam/data/opt/openslx/scripts | |
| parent | Fix last commit (diff) | |
| download | tm-scripts-28e43ee95190e0c795621a63323e191e190c8c24.tar.gz tm-scripts-28e43ee95190e0c795621a63323e191e190c8c24.tar.xz tm-scripts-28e43ee95190e0c795621a63323e191e190c8c24.zip | |
Compatibility improvements with ldadp and windows servers in mount scripts
Diffstat (limited to 'remote/modules/pam/data/opt/openslx/scripts')
| -rwxr-xr-x | remote/modules/pam/data/opt/openslx/scripts/pam_script_auth | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_auth b/remote/modules/pam/data/opt/openslx/scripts/pam_script_auth index 3b8bf676..3474741d 100755 --- a/remote/modules/pam/data/opt/openslx/scripts/pam_script_auth +++ b/remote/modules/pam/data/opt/openslx/scripts/pam_script_auth @@ -3,10 +3,26 @@ # Needed as pam_script clears PATH export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/sbin:/opt/openslx/bin" +touch "/tmp/ldapsearch.${PAM_USER}" +chmod 0600 "/tmp/ldapsearch.${PAM_USER}" +if ldapsearch -l 3 -o nettimeout=3 -x -LLL uid="${PAM_USER}" uid homeMount realAccount > "/tmp/ldapsearch.${PAM_USER}" 2>/dev/null; then + VOLUME=$(cat "/tmp/ldapsearch.${PAM_USER}" | grep "^homeMount:" | head -n 1 | cut -d" " -f2) + REAL_ACCOUNT=$(cat "/tmp/ldapsearch.${PAM_USER}" | grep "^realAccount:" | head -n 1 | cut -d" " -f2) + PCASE=$(cat "/tmp/ldapsearch.${PAM_USER}" | grep "^uid:" | head -n 1 | cut -d" " -f2) + [ -n "$PCASE" ] && PAM_USER=$PCASE +fi + PASSWD=$(getent passwd "$PAM_USER") USER_UID=$(echo "$PASSWD" | awk -F ':' '{print $3}') USER_GID=$(echo "$PASSWD" | awk -F ':' '{print $4}') USER_HOME=$(echo "$PASSWD" | awk -F ':' '{print $6}') +[ -z "$USER_UID" ] && USER_UID=$(id -u "$PAM_USER") +[ -z "$USER_GID" ] && USER_GID=$(id -g "$PAM_USER") +[ -z "$USER_HOME" ] && USER_HOME="/home/$PAM_USER" +if [ -z "$USER_UID" -o -z "$USER_GID" ]; then + slxlog "pam-get-ids" "Could not determine UID or GID for user '$PAM_USER'." + exit 1 +fi # The user's non-persistent home directory mount point, which should be their linux home TEMP_HOME_DIR="$USER_HOME" @@ -67,7 +83,7 @@ PERSISTENT_HOME_DIR="${TEMP_HOME_DIR}/PERSISTENT" mkdir -p "${PERSISTENT_HOME_DIR}" || \ { slxlog "pam-global-mkpersistent" "Could not create '${PERSISTENT_HOME_DIR}'."; exit 1; } -if ! chown -R "${PAM_USER}:${USER_GID}" "${TEMP_HOME_DIR}"; then +if ! chown -R "${USER_UID}:${USER_GID}" "${TEMP_HOME_DIR}"; then slxlog "pam-global-chpersistent " "Could not chown '${TEMP_HOME_DIR}' to '${PAM_USER}'." exit 1 fi @@ -98,7 +114,7 @@ mkdir -p "${COMMON_SHARE_MOUNT_POINT}" || \ { slxlog "pam-global-mkshare" "Could not create '${COMMON_SHARE_MOUNT_POINT}'."; exit 1; } # chown the new dir -chown "${PAM_USER}:${USER_GID}" "${COMMON_SHARE_MOUNT_POINT}" || \ +chown "${USER_UID}:${USER_GID}" "${COMMON_SHARE_MOUNT_POINT}" || \ { slxlog "pam-global-chshare" "Could not chown '${COMMON_SHARE_MOUNT_POINT}' to '${PAM_USER}'."; exit 1; } # check for common share mount script, exit if we don't have one |