diff options
author | Jonathan Bauer | 2013-07-31 17:21:52 +0200 |
---|---|---|
committer | Jonathan Bauer | 2013-07-31 17:21:52 +0200 |
commit | 700683f7d281d09ad4a60461e2bfd9a354119e1a (patch) | |
tree | 50c0afd580b5b4e22d8aed65c332e40fe64ec0e6 /remote/modules/pam | |
parent | [pam] update README of non-persisent home directory skeleton (diff) | |
download | tm-scripts-700683f7d281d09ad4a60461e2bfd9a354119e1a.tar.gz tm-scripts-700683f7d281d09ad4a60461e2bfd9a354119e1a.tar.xz tm-scripts-700683f7d281d09ad4a60461e2bfd9a354119e1a.zip |
[pam] moved pam-script scripts to /opt/openslx/scripts
Diffstat (limited to 'remote/modules/pam')
l---------[-rwxr-xr-x] | remote/modules/pam/data/etc/pam-script/pam_script_ses_close | 10 | ||||
l---------[-rwxr-xr-x] | remote/modules/pam/data/etc/pam-script/pam_script_ses_open | 31 | ||||
-rwxr-xr-x | remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close | 9 | ||||
-rwxr-xr-x | remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open | 30 | ||||
l--------- | remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_close | 1 | ||||
l--------- | remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_open | 1 |
6 files changed, 41 insertions, 41 deletions
diff --git a/remote/modules/pam/data/etc/pam-script/pam_script_ses_close b/remote/modules/pam/data/etc/pam-script/pam_script_ses_close index 2b6f6105..f3682056 100755..120000 --- a/remote/modules/pam/data/etc/pam-script/pam_script_ses_close +++ b/remote/modules/pam/data/etc/pam-script/pam_script_ses_close @@ -1,9 +1 @@ -#!/bin/bash - -export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin" - -[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Closing session for $PAM_USER" - -# TODO check if its the last session of the user. - -[ $(id -g $PAM_USER) -ge 1000 ] && umount /home/$PAM_USER +/opt/openslx/scripts/pam_script_ses_close
\ No newline at end of file diff --git a/remote/modules/pam/data/etc/pam-script/pam_script_ses_open b/remote/modules/pam/data/etc/pam-script/pam_script_ses_open index f5ad8af1..4f5598e5 100755..120000 --- a/remote/modules/pam/data/etc/pam-script/pam_script_ses_open +++ b/remote/modules/pam/data/etc/pam-script/pam_script_ses_open @@ -1,30 +1 @@ -#!/bin/bash - -export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin" - -[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Opening session for $PAM_USER" - -if [ $(id -g $PAM_USER) -ge 1000 ]; then - [ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Mounting home directory for $PAM_USER" - - # generate keytab - sslconnect npserv.ruf.uni-freiburg.de:3 > /etc/krb5.keytab - chmod 600 /etc/krb5.keytab - - # determine fileserver and share for home directories - ldapsearch -x -LLL uid="$PAM_USER" homeDirectory rufFileserver > /tmp/ldapsearch."$PAM_USER" - - FILESERVER=$(cat /tmp/ldapsearch.$PAM_USER | grep rufFileserver | cut -d" " -f2) - VOLUME=$(cat /tmp/ldapsearch.$PAM_USER | grep homeDirectory | cut -d" " -f2) - - # now we can mount the home directory - mkdir -p /home/$PAM_USER - if mount -t nfs4 -o rw,nosuid,nodev,nolock,intr,hard,sloppy,sec=krb5p "$FILESERVER":"$VOLUME" /home/"$PAM_USER"; then - exit 0 - else - echo "Failed to mount home directory for $PAM_USER" - exit 1 - fi - -fi - +/opt/openslx/scripts/pam_script_ses_open
\ No newline at end of file diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close new file mode 100755 index 00000000..2b6f6105 --- /dev/null +++ b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close @@ -0,0 +1,9 @@ +#!/bin/bash + +export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin" + +[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Closing session for $PAM_USER" + +# TODO check if its the last session of the user. + +[ $(id -g $PAM_USER) -ge 1000 ] && umount /home/$PAM_USER diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open new file mode 100755 index 00000000..f5ad8af1 --- /dev/null +++ b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open @@ -0,0 +1,30 @@ +#!/bin/bash + +export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin" + +[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Opening session for $PAM_USER" + +if [ $(id -g $PAM_USER) -ge 1000 ]; then + [ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Mounting home directory for $PAM_USER" + + # generate keytab + sslconnect npserv.ruf.uni-freiburg.de:3 > /etc/krb5.keytab + chmod 600 /etc/krb5.keytab + + # determine fileserver and share for home directories + ldapsearch -x -LLL uid="$PAM_USER" homeDirectory rufFileserver > /tmp/ldapsearch."$PAM_USER" + + FILESERVER=$(cat /tmp/ldapsearch.$PAM_USER | grep rufFileserver | cut -d" " -f2) + VOLUME=$(cat /tmp/ldapsearch.$PAM_USER | grep homeDirectory | cut -d" " -f2) + + # now we can mount the home directory + mkdir -p /home/$PAM_USER + if mount -t nfs4 -o rw,nosuid,nodev,nolock,intr,hard,sloppy,sec=krb5p "$FILESERVER":"$VOLUME" /home/"$PAM_USER"; then + exit 0 + else + echo "Failed to mount home directory for $PAM_USER" + exit 1 + fi + +fi + diff --git a/remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_close b/remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_close deleted file mode 120000 index a12002a7..00000000 --- a/remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_close +++ /dev/null @@ -1 +0,0 @@ -/etc/pam-script/pam_script_ses_close
\ No newline at end of file diff --git a/remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_open b/remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_open deleted file mode 120000 index 783d5605..00000000 --- a/remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_open +++ /dev/null @@ -1 +0,0 @@ -/etc/pam-script/pam_script_ses_open
\ No newline at end of file |