diff options
author | Jonathan Bauer | 2013-06-19 10:41:24 +0200 |
---|---|---|
committer | Jonathan Bauer | 2013-06-19 10:41:24 +0200 |
commit | 4bdc2a150ad01d08fdff3654629552f13ec13052 (patch) | |
tree | 9c4b8f74feb2953cddab2739813b567768a5ad42 /remote/modules/pam | |
parent | Merge branch 'master' of git:openslx-ng/tm-scripts (diff) | |
download | tm-scripts-4bdc2a150ad01d08fdff3654629552f13ec13052.tar.gz tm-scripts-4bdc2a150ad01d08fdff3654629552f13ec13052.tar.xz tm-scripts-4bdc2a150ad01d08fdff3654629552f13ec13052.zip |
[pam] scripts to be executed on session open/close by pam-script module
Diffstat (limited to 'remote/modules/pam')
-rwxr-xr-x | remote/modules/pam/data/etc/pam-script/pam_script_ses_close | 3 | ||||
-rwxr-xr-x | remote/modules/pam/data/etc/pam-script/pam_script_ses_open | 21 |
2 files changed, 24 insertions, 0 deletions
diff --git a/remote/modules/pam/data/etc/pam-script/pam_script_ses_close b/remote/modules/pam/data/etc/pam-script/pam_script_ses_close new file mode 100755 index 00000000..13311eea --- /dev/null +++ b/remote/modules/pam/data/etc/pam-script/pam_script_ses_close @@ -0,0 +1,3 @@ +#!/bin/bash + +echo "[$PAM_TYPE] Closing session for $PAM_USER" diff --git a/remote/modules/pam/data/etc/pam-script/pam_script_ses_open b/remote/modules/pam/data/etc/pam-script/pam_script_ses_open new file mode 100755 index 00000000..86386267 --- /dev/null +++ b/remote/modules/pam/data/etc/pam-script/pam_script_ses_open @@ -0,0 +1,21 @@ +#!/bin/bash + +export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin" + +echo "[$PAM_TYPE] Opening session for $PAM_USER" +echo "[$PAM_TYPE] Mounting home directory for $PAM_USER" + +# generate keytab +sslconnect npserv.ruf.uni-freiburg.de:3 > /etc/krb5.keytab +chmod 600 /etc/krb5.keytab + +# determine fileserver and share for home directories +ldapsearch -x -LLL uid="$PAM_USER" homeDirectory rufFileserver > /tmp/ldapsearch."$PAM_USER" + +FILESERVER=$(cat /tmp/ldapsearch.$PAM_USER | grep rufFileserver | cut -d" " -f2) +VOLUME=$(cat /tmp/ldapsearch.$PAM_USER | grep homeDirectory | cut -d" " -f2) + +# now we can mount the home directory +mkdir -p /home/$PAM_USER +mount -t nfs4 -o rw,nosuid,nodev,nolock,intr,hard,sloppy,sec=krb5p "$FILESERVER":"$VOLUME" /home/"$PAM_USER" \ + || echo "[$PAM_TYPE] Failed to mount home directory for $PAM_USER" |