diff options
| author | Simon Rettberg | 2013-11-27 15:29:06 +0100 |
|---|---|---|
| committer | Simon Rettberg | 2013-11-27 15:29:06 +0100 |
| commit | 9290cc05e741a99a880cf3a6a3dc18dc5ef35a6f (patch) | |
| tree | afdc8fd6f864f9d4eff6d00989b1dfc3806651d9 /remote | |
| parent | Merge branch 'master' of simonslx:openslx-ng/tm-scripts (diff) | |
| download | tm-scripts-9290cc05e741a99a880cf3a6a3dc18dc5ef35a6f.tar.gz tm-scripts-9290cc05e741a99a880cf3a6a3dc18dc5ef35a6f.tar.xz tm-scripts-9290cc05e741a99a880cf3a6a3dc18dc5ef35a6f.zip | |
[pam] Remote logging of login/out
Diffstat (limited to 'remote')
3 files changed, 22 insertions, 13 deletions
diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close index a6d65afa..fda9633e 100755 --- a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close +++ b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close @@ -2,7 +2,10 @@ echo "[${PAM_TYPE}] Closing session for ${PAM_USER}" -OPENSESSIONS=$(loginctl|grep "${PAM_USER}" |wc -l) +# NSA needs to know +slxlog "session-close" "$PAM_USER logged out on $PAM_TTY" + +OPENSESSIONS=$(loginctl | grep "${PAM_USER}" | wc -l) if [ "x${OPENSESSIONS}" == "x1" ]; then # last sessions, close all ghost user processes @@ -17,10 +20,11 @@ if [ "x${OPENSESSIONS}" == "x1" ]; then # unmount the home directory structure umount "/home/${PAM_USER}/PERSISTENT" || \ - echo "Could not unmount '/home/${PAM_USER}/PERSISTENT'." + echo "Could not unmount '/home/${PAM_USER}/PERSISTENT'." umount "/home/${PAM_USER}" || \ - echo "Could not unmount '/home/${PAM_USER}'." + echo "Could not unmount '/home/${PAM_USER}'." fi exit 0 + diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open index be890e06..13f0cd3b 100755 --- a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open +++ b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open @@ -1,5 +1,6 @@ #!/bin/bash +# Needed as pam_script clears PATH export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/usr/sbin:/opt/openslx/usr/bin:/opt/openslx/sbin:/opt/openslx/bin" echo "[${PAM_TYPE}] Opening session for ${PAM_USER}" @@ -7,24 +8,27 @@ echo "[${PAM_TYPE}] Opening session for ${PAM_USER}" PERSISTENT_MOUNT_SCRIPT="/opt/openslx/scripts/pam_script_mount_persistent" TEMP_HOME_DIR="/home/${PAM_USER}" +# NSA needs to know +slxlog "session-open" "$PAM_USER logged in on $PAM_TTY" + # check if PAM_USER is root and skip if it is the case [ "x${PAM_USER}" == "xroot" ] && exit 0 # check if we already mounted the home directory -if [ ! -z "$(mount|grep ${TEMP_HOME_DIR})" ]; then +if mount | grep -q "$TEMP_HOME_DIR"; then echo "[${PAM_TYPE}] Home directory of '${PAM_USER}' is already mounted." exit 0 fi # no home, lets create it mkdir -p "${TEMP_HOME_DIR}" || \ - { echo "Could not create '${TEMP_HOME_DIR}'."; exit 1; } + { echo "Could not create '${TEMP_HOME_DIR}'."; exit 1; } chown -R "${PAM_USER}" "${TEMP_HOME_DIR}" || \ - { echo "Could not chown '${TEMP_HOME_DIR}' to ${PAM_USER}."; exit 1; } + { echo "Could not chown '${TEMP_HOME_DIR}' to ${PAM_USER}."; exit 1; } # now make it a tmpfs mount -t tmpfs -o size=100m tmpfs "${TEMP_HOME_DIR}" || \ - { echo "Could not make a tmpfs on ${TEMP_HOME_DIR}"; exit 1; } + { echo "Could not make a tmpfs on ${TEMP_HOME_DIR}"; exit 1; } # create a WARNING.txt for the user cat > "${TEMP_HOME_DIR}/WARNING.txt" << EOF @@ -38,6 +42,7 @@ EOF [ ! -e "${PERSISTENT_MOUNT_SCRIPT}" ] && exit 0 . "${PERSISTENT_MOUNT_SCRIPT}" || \ - { echo "Could not source ${PERSISTENT_MOUNT_SCRIPT}."; exit 1; } + { echo "Could not source ${PERSISTENT_MOUNT_SCRIPT}."; exit 1; } + +# TODO: Symlinks mkdirs for certain programs etc. - # PERSISTENT_MOUNT_SCRIPT must decide on the return code. diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/slxlog b/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/slxlog index 236eabb3..8b8780f1 100755 --- a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/slxlog +++ b/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/slxlog @@ -47,12 +47,12 @@ if [ $# -gt 2 ]; then EXTRA="$3" fi -if [ -r "$EXTRA" -a "$(stat -c %s "$EXTRA")" -lt "10000" ]; then - curl --data-urlencode "type=$TYPE" --data-urlencode "description=$MSG" --data-urlencode "longdesc@$EXTRA" "$SLX_REMOTE_LOG" > /dev/null 2>&1 +if [ -n "$EXTRA" ] && [ -r "$EXTRA" -a -s "$EXTRA" ] && [ "$(stat -c %s "$EXTRA")" -lt "10000" ]; then + curl --data-urlencode "type=$TYPE" --data-urlencode "description=$MSG" --data-urlencode "longdesc@$EXTRA" "$SLX_REMOTE_LOG" > /dev/null 2>&1 & elif [ -n "$EXTRA" ]; then - curl --data-urlencode "type=$TYPE" --data-urlencode "description=$MSG" --data-urlencode "longdesc=Missing/too large: $EXTRA" "$SLX_REMOTE_LOG" > /dev/null 2>&1 + curl --data-urlencode "type=$TYPE" --data-urlencode "description=$MSG" --data-urlencode "longdesc=Missing/too large: $EXTRA" "$SLX_REMOTE_LOG" > /dev/null 2>&1 & else - curl --data-urlencode "type=$TYPE" --data-urlencode "description=$MSG" "$SLX_REMOTE_LOG" > /dev/null 2>&1 + curl --data-urlencode "type=$TYPE" --data-urlencode "description=$MSG" "$SLX_REMOTE_LOG" > /dev/null 2>&1 & fi exit 0 |