diff options
| author | Simon Rettberg | 2013-11-27 15:29:06 +0100 |
|---|---|---|
| committer | Simon Rettberg | 2013-11-27 15:29:06 +0100 |
| commit | 9290cc05e741a99a880cf3a6a3dc18dc5ef35a6f (patch) | |
| tree | afdc8fd6f864f9d4eff6d00989b1dfc3806651d9 /remote/modules/pam | |
| parent | Merge branch 'master' of simonslx:openslx-ng/tm-scripts (diff) | |
| download | tm-scripts-9290cc05e741a99a880cf3a6a3dc18dc5ef35a6f.tar.gz tm-scripts-9290cc05e741a99a880cf3a6a3dc18dc5ef35a6f.tar.xz tm-scripts-9290cc05e741a99a880cf3a6a3dc18dc5ef35a6f.zip | |
[pam] Remote logging of login/out
Diffstat (limited to 'remote/modules/pam')
| -rwxr-xr-x | remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close | 10 | ||||
| -rwxr-xr-x | remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open | 17 |
2 files changed, 18 insertions, 9 deletions
diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close index a6d65afa..fda9633e 100755 --- a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close +++ b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close @@ -2,7 +2,10 @@ echo "[${PAM_TYPE}] Closing session for ${PAM_USER}" -OPENSESSIONS=$(loginctl|grep "${PAM_USER}" |wc -l) +# NSA needs to know +slxlog "session-close" "$PAM_USER logged out on $PAM_TTY" + +OPENSESSIONS=$(loginctl | grep "${PAM_USER}" | wc -l) if [ "x${OPENSESSIONS}" == "x1" ]; then # last sessions, close all ghost user processes @@ -17,10 +20,11 @@ if [ "x${OPENSESSIONS}" == "x1" ]; then # unmount the home directory structure umount "/home/${PAM_USER}/PERSISTENT" || \ - echo "Could not unmount '/home/${PAM_USER}/PERSISTENT'." + echo "Could not unmount '/home/${PAM_USER}/PERSISTENT'." umount "/home/${PAM_USER}" || \ - echo "Could not unmount '/home/${PAM_USER}'." + echo "Could not unmount '/home/${PAM_USER}'." fi exit 0 + diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open index be890e06..13f0cd3b 100755 --- a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open +++ b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open @@ -1,5 +1,6 @@ #!/bin/bash +# Needed as pam_script clears PATH export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/usr/sbin:/opt/openslx/usr/bin:/opt/openslx/sbin:/opt/openslx/bin" echo "[${PAM_TYPE}] Opening session for ${PAM_USER}" @@ -7,24 +8,27 @@ echo "[${PAM_TYPE}] Opening session for ${PAM_USER}" PERSISTENT_MOUNT_SCRIPT="/opt/openslx/scripts/pam_script_mount_persistent" TEMP_HOME_DIR="/home/${PAM_USER}" +# NSA needs to know +slxlog "session-open" "$PAM_USER logged in on $PAM_TTY" + # check if PAM_USER is root and skip if it is the case [ "x${PAM_USER}" == "xroot" ] && exit 0 # check if we already mounted the home directory -if [ ! -z "$(mount|grep ${TEMP_HOME_DIR})" ]; then +if mount | grep -q "$TEMP_HOME_DIR"; then echo "[${PAM_TYPE}] Home directory of '${PAM_USER}' is already mounted." exit 0 fi # no home, lets create it mkdir -p "${TEMP_HOME_DIR}" || \ - { echo "Could not create '${TEMP_HOME_DIR}'."; exit 1; } + { echo "Could not create '${TEMP_HOME_DIR}'."; exit 1; } chown -R "${PAM_USER}" "${TEMP_HOME_DIR}" || \ - { echo "Could not chown '${TEMP_HOME_DIR}' to ${PAM_USER}."; exit 1; } + { echo "Could not chown '${TEMP_HOME_DIR}' to ${PAM_USER}."; exit 1; } # now make it a tmpfs mount -t tmpfs -o size=100m tmpfs "${TEMP_HOME_DIR}" || \ - { echo "Could not make a tmpfs on ${TEMP_HOME_DIR}"; exit 1; } + { echo "Could not make a tmpfs on ${TEMP_HOME_DIR}"; exit 1; } # create a WARNING.txt for the user cat > "${TEMP_HOME_DIR}/WARNING.txt" << EOF @@ -38,6 +42,7 @@ EOF [ ! -e "${PERSISTENT_MOUNT_SCRIPT}" ] && exit 0 . "${PERSISTENT_MOUNT_SCRIPT}" || \ - { echo "Could not source ${PERSISTENT_MOUNT_SCRIPT}."; exit 1; } + { echo "Could not source ${PERSISTENT_MOUNT_SCRIPT}."; exit 1; } + +# TODO: Symlinks mkdirs for certain programs etc. - # PERSISTENT_MOUNT_SCRIPT must decide on the return code. |