diff options
| author | Jonathan Bauer | 2013-06-20 14:56:37 +0200 |
|---|---|---|
| committer | Jonathan Bauer | 2013-06-20 14:56:37 +0200 |
| commit | 3827237266bf9dd5cabb98c00ce0424e64255139 (patch) | |
| tree | b9ac39a251c822bb824328a09c52a7eee3db099e /remote | |
| parent | [rootfs-stage32] fixes (diff) | |
| download | tm-scripts-3827237266bf9dd5cabb98c00ce0424e64255139.tar.gz tm-scripts-3827237266bf9dd5cabb98c00ce0424e64255139.tar.xz tm-scripts-3827237266bf9dd5cabb98c00ce0424e64255139.zip | |
[pam] only try to mount for users whose guid is > 1000
Diffstat (limited to 'remote')
| -rwxr-xr-x | remote/modules/pam/data/etc/pam-script/pam_script_ses_open | 28 |
1 files changed, 16 insertions, 12 deletions
diff --git a/remote/modules/pam/data/etc/pam-script/pam_script_ses_open b/remote/modules/pam/data/etc/pam-script/pam_script_ses_open index 86386267..9cbca8f5 100755 --- a/remote/modules/pam/data/etc/pam-script/pam_script_ses_open +++ b/remote/modules/pam/data/etc/pam-script/pam_script_ses_open @@ -3,19 +3,23 @@ export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin" echo "[$PAM_TYPE] Opening session for $PAM_USER" -echo "[$PAM_TYPE] Mounting home directory for $PAM_USER" -# generate keytab -sslconnect npserv.ruf.uni-freiburg.de:3 > /etc/krb5.keytab -chmod 600 /etc/krb5.keytab +if [ $(id -g $PAM_USER) -ge 1001 ]; then + echo "[$PAM_TYPE] Mounting home directory for $PAM_USER" -# determine fileserver and share for home directories -ldapsearch -x -LLL uid="$PAM_USER" homeDirectory rufFileserver > /tmp/ldapsearch."$PAM_USER" + # generate keytab + sslconnect npserv.ruf.uni-freiburg.de:3 > /etc/krb5.keytab + chmod 600 /etc/krb5.keytab -FILESERVER=$(cat /tmp/ldapsearch.$PAM_USER | grep rufFileserver | cut -d" " -f2) -VOLUME=$(cat /tmp/ldapsearch.$PAM_USER | grep homeDirectory | cut -d" " -f2) + # determine fileserver and share for home directories + ldapsearch -x -LLL uid="$PAM_USER" homeDirectory rufFileserver > /tmp/ldapsearch."$PAM_USER" + + FILESERVER=$(cat /tmp/ldapsearch.$PAM_USER | grep rufFileserver | cut -d" " -f2) + VOLUME=$(cat /tmp/ldapsearch.$PAM_USER | grep homeDirectory | cut -d" " -f2) + + # now we can mount the home directory + mkdir -p /home/$PAM_USER + mount -t nfs4 -o rw,nosuid,nodev,nolock,intr,hard,sloppy,sec=krb5p "$FILESERVER":"$VOLUME" /home/"$PAM_USER" \ + || echo "[$PAM_TYPE] Failed to mount home directory for $PAM_USER" +fi -# now we can mount the home directory -mkdir -p /home/$PAM_USER -mount -t nfs4 -o rw,nosuid,nodev,nolock,intr,hard,sloppy,sec=krb5p "$FILESERVER":"$VOLUME" /home/"$PAM_USER" \ - || echo "[$PAM_TYPE] Failed to mount home directory for $PAM_USER" |