[pam-freiburg] Try harder to get machine ticket, continue mounting if there's already a machine ticket from a previous session

1 files changed, 5 insertions, 4 deletions

diff --git a/server/modules/pam-freiburg/opt/openslx/scripts/pam_script_mount_persistent b/server/modules/pam-freiburg/opt/openslx/scripts/pam_script_mount_persistent
index f6b71527..8b75b810 100644
--- a/server/modules/pam-freiburg/opt/openslx/scripts/pam_script_mount_persistent
+++ b/server/modules/pam-freiburg/opt/openslx/scripts/pam_script_mount_persistent
@@ -11,16 +11,17 @@
 # These have a gid > 1000
 if ! grep -q "^${PAM_USER}:" "/etc/passwd"; then
 
-	# generate keytab
+	# generate keytab (try twice :))
 	sslconnect npserv.ruf.uni-freiburg.de:3 > /etc/krb5.keytab || \
-		{ slxlog "pam-freiburg-sslconnect" "Could not get /etc/kr5b.keytab from npserver.ruf.uni-freiburg.de"; exit 1; }
+		sslconnect npserv.ruf.uni-freiburg.de:3 > /etc/krb5.keytab || \
+		{ slxlog "pam-freiburg-sslconnect" "Could not get /etc/krb5.keytab from npserv.ruf.uni-freiburg.de"; [ ! -s /etc/krb5.keytab ] && exit 1; }
 
 	chmod 600 /etc/krb5.keytab || \
-		{ slxlog "pam-freiburg-keytab" "Could not run 'chmod 600 /etc/kr5b.keytab'"; exit 1; }
+		{ slxlog "pam-freiburg-keytab" "Could not run 'chmod 600 /etc/krb5.keytab'"; exit 1; }
 
 	# determine fileserver and share for home directories
 	ldapsearch -x -LLL uid="${PAM_USER}" homeDirectory rufFileserver > "/tmp/ldapsearch.${PAM_USER}" || \
-	{ slxlog "pam-freiburg-ldapquery" "Could not query LDAP server for 'homeDirectory' and 'rufFileserver' parameters of user '${PAM_USER}'."; exit 1; }
+		{ slxlog "pam-freiburg-ldapquery" "Could not query LDAP server for parameters of user '${PAM_USER}'."; exit 1; }
 
 	FILESERVER=$(cat /tmp/ldapsearch.${PAM_USER} | grep rufFileserver | cut -d" " -f2)
 	VOLUME=$(cat /tmp/ldapsearch.${PAM_USER} | grep homeDirectory | cut -d" " -f2)