diff options
-rwxr-xr-x | remote/modules/pam/data/opt/openslx/scripts/pam_script_auth | 23 | ||||
-rwxr-xr-x | remote/rootfs/rootfs-stage32/data/opt/openslx/bin/slxlog | 4 |
2 files changed, 11 insertions, 16 deletions
diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_auth b/remote/modules/pam/data/opt/openslx/scripts/pam_script_auth index 65eefcdc..4b584957 100755 --- a/remote/modules/pam/data/opt/openslx/scripts/pam_script_auth +++ b/remote/modules/pam/data/opt/openslx/scripts/pam_script_auth @@ -1,23 +1,19 @@ #!/bin/ash +# check if the script runs as root +[ "x$(whoami)" != "xroot" ] && exit 0 + # Needed as pam_script clears PATH export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/sbin:/opt/openslx/bin" -touch "/tmp/ldapsearch.${PAM_USER}" -chmod 0600 "/tmp/ldapsearch.${PAM_USER}" -if ldapsearch -l 3 -o nettimeout=3 -x -LLL uid="${PAM_USER}" uid homeMount realAccount > "/tmp/ldapsearch.${PAM_USER}" 2>/dev/null; then - VOLUME=$(cat "/tmp/ldapsearch.${PAM_USER}" | grep "^homeMount:" | head -n 1 | cut -d" " -f2) - REAL_ACCOUNT=$(cat "/tmp/ldapsearch.${PAM_USER}" | grep "^realAccount:" | head -n 1 | cut -d" " -f2) - PCASE=$(cat "/tmp/ldapsearch.${PAM_USER}" | grep "^uid:" | head -n 1 | cut -d" " -f2) - [ -n "$PCASE" ] && PAM_USER=$PCASE -fi - -PASSWD=$(/usr/bin/getent passwd "$PAM_USER") +PASSWD=$(getent passwd "$PAM_USER") +USER_NAME=$(echo "$PASSWD" | awk -F ':' '{print $1}') USER_UID=$(echo "$PASSWD" | awk -F ':' '{print $3}') USER_GID=$(echo "$PASSWD" | awk -F ':' '{print $4}') USER_HOME=$(echo "$PASSWD" | awk -F ':' '{print $6}') -[ -z "$USER_UID" ] && USER_UID=$(/usr/bin/id -u "$PAM_USER") -[ -z "$USER_GID" ] && USER_GID=$(/usr/bin/id -g "$PAM_USER") +[ -n "$USER_NAME" ] && PAM_USER="$USER_NAME" +[ -z "$USER_UID" ] && USER_UID=$(id -u "$PAM_USER") +[ -z "$USER_GID" ] && USER_GID=$(id -g "$PAM_USER") [ -z "$USER_HOME" ] && USER_HOME="/home/$PAM_USER" if [ -z "$USER_UID" -o -z "$USER_GID" ]; then slxlog "pam-get-ids" "Could not determine UID or GID for user '$PAM_USER'." @@ -27,9 +23,6 @@ fi # The user's non-persistent home directory mount point, which should be their linux home TEMP_HOME_DIR="$USER_HOME" -# check if the script runs as root -[ "x$(/usr/bin/whoami)" != "xroot" ] && exit 0 - # check if PAM_USER is root and skip if it is the case [ "x${PAM_USER}" == "xroot" ] && exit 0 diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/slxlog b/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/slxlog index 08852352..52320c1a 100755 --- a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/slxlog +++ b/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/slxlog @@ -8,6 +8,8 @@ # -e or --echo will echo message to stdout too # +export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/sbin:/opt/openslx/bin" + . /opt/openslx/config [ -z "$SLX_REMOTE_LOG" ] && exit 3 @@ -47,7 +49,7 @@ if [ $# -lt 2 ]; then else MSG="$2" fi -USER=$(/usr/bin/whoami) +USER=$(whoami) MSG="[$USER] $MSG" if [ $# -gt 2 ]; then |