diff options
| author | Christian Rößler | 2013-12-16 19:53:28 +0100 |
|---|---|---|
| committer | Christian Rößler | 2013-12-16 19:53:28 +0100 |
| commit | dede3e3921b65b2c19852d9498ef9899d6dfbfbc (patch) | |
| tree | 29be459ce3adf0db3ce452343d06742c0fade7cd /remote/modules | |
| parent | [qemukvm] Added build script, conf and conf.ubuntu. Alpha, will be checked to... (diff) | |
| parent | [pam-offenburg] Adapt to new pam_script_* format (diff) | |
| download | tm-scripts-dede3e3921b65b2c19852d9498ef9899d6dfbfbc.tar.gz tm-scripts-dede3e3921b65b2c19852d9498ef9899d6dfbfbc.tar.xz tm-scripts-dede3e3921b65b2c19852d9498ef9899d6dfbfbc.zip | |
Merge branch 'master' of git.openslx.org:openslx-ng/tm-scripts
Diffstat (limited to 'remote/modules')
| -rwxr-xr-x | remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close | 10 | ||||
| -rwxr-xr-x | remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open | 33 |
2 files changed, 33 insertions, 10 deletions
diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close index 198d2efe..f7a10fef 100755 --- a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close +++ b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close @@ -4,7 +4,9 @@ export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/usr/sbin:/opt/openslx/usr/bin:/opt/openslx/sbin:/opt/openslx/bin" # NSA needs to know -slxlog "session-close" "$PAM_USER logged out on $PAM_TTY" +if [ "x$PAM_SERVICE" != "xsu" -a "x$PAM_SERVICE" != "xsudo" ]; then + slxlog "session-close" "$PAM_USER logged out on $PAM_TTY" +fi # do not kill all root processes :) [ "x${PAM_USER}" = "xroot" ] && exit 0 @@ -41,10 +43,10 @@ if [ "$SESSIONCOUNT" = "1" ]; then OPEN2=$(loginctl show-user "$PAM_USER" | grep "Sessions=" | cut -c 10-) if [ -z "$OPEN2" -o "x$OPENSESSION" = "x$OPEN2" ]; then # unmount the home directory structure - umount -l "/home/${PAM_USER}/PERSISTENT" || \ + umount -l -f "/home/${PAM_USER}/PERSISTENT" || \ echo "Could not unmount '/home/${PAM_USER}/PERSISTENT'." - - umount -l "/home/${PAM_USER}" || \ + + umount -l -f "/home/${PAM_USER}" || \ echo "Could not unmount '/home/${PAM_USER}'." fi fi diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open index 84a51473..66cda56c 100755 --- a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open +++ b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open @@ -3,12 +3,21 @@ # Needed as pam_script clears PATH export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/usr/sbin:/opt/openslx/usr/bin:/opt/openslx/sbin:/opt/openslx/bin" +# Script to be sourced to mount the user's persistent home PERSISTENT_MOUNT_SCRIPT="/opt/openslx/scripts/pam_script_mount_persistent" +# Script to be run in the user's context iff the persistent home could be mounted successfully +PERSISTENT_MOUNT_USER_SCRIPT="/opt/openslx/scripts/pam_script_mount_persistent_user" +# The user's non-persistent home directory mount point, which should be their linux home TEMP_HOME_DIR="/home/${PAM_USER}" +# The user's persistent home directory mount point PERSISTENT_HOME_DIR="/home/${PAM_USER}/PERSISTENT" +PAM_GROUP=$(id -ng "$PAM_USER") + # NSA needs to know -slxlog "session-open" "$PAM_USER logged in on $PAM_TTY" +if [ "x$PAM_SERVICE" != "xsu" -a "x$PAM_SERVICE" != "xsudo" ]; then + slxlog "session-open" "$PAM_USER logged in on $PAM_TTY" +fi # check if the script runs as root [ "x$(whoami)" != "xroot" ] && exit 0 @@ -17,7 +26,7 @@ slxlog "session-open" "$PAM_USER logged in on $PAM_TTY" [ "x${PAM_USER}" == "xroot" ] && exit 0 # check if we already mounted the home directory -mount | grep -q "$TEMP_HOME_DIR" && exit 0 +mount | grep -q " $TEMP_HOME_DIR " && exit 0 # no home, lets create it mkdir -p "${TEMP_HOME_DIR}" || \ @@ -51,13 +60,25 @@ for ext in doc xls ppt odt; do done done -chown -R "${PAM_USER}" "${TEMP_HOME_DIR}" || \ - { slxlog "pam-global-chpersistent " "Could not chown '${TEMP_HOME_DIR}' to '${PAM_USER}'."; exit 1; } +if ! chown -R "${PAM_USER}" "${TEMP_HOME_DIR}"; then + slxlog "pam-global-chpersistent " "Could not chown '${TEMP_HOME_DIR}' to '${PAM_USER}'." + exit 1 +fi -# now lets see if we have a persistent directory +# now lets see if we have a persistent directory mount script [ ! -e "${PERSISTENT_MOUNT_SCRIPT}" ] && exit 0 +# yes . "${PERSISTENT_MOUNT_SCRIPT}" || \ { slxlog "pam-global-sourcepersistent" "Could not source ${PERSISTENT_MOUNT_SCRIPT}."; exit 1; } -# TODO: Symlinks mkdirs for certain programs etc. +# If there is a user mount script and mounting was successful, run it +if [ -n "$PERSISTENT_OK" -a -x "$PERSISTENT_MOUNT_USER_SCRIPT" ]; then + if which sudo 2> /dev/null; then + sudo -u "$PAM_USER" "$PERSISTENT_MOUNT_USER_SCRIPT" + else + su -l -c "$PERSISTENT_MOUNT_USER_SCRIPT" "$PAM_USER" + fi +fi + exit 0 + |