summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xremote/modules/pam/data/opt/openslx/scripts/pam_script_auth130
1 files changed, 76 insertions, 54 deletions
diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_auth b/remote/modules/pam/data/opt/openslx/scripts/pam_script_auth
index b8ed4166..0fe73cbd 100755
--- a/remote/modules/pam/data/opt/openslx/scripts/pam_script_auth
+++ b/remote/modules/pam/data/opt/openslx/scripts/pam_script_auth
@@ -26,40 +26,25 @@ TEMP_HOME_DIR="$USER_HOME"
# check if PAM_USER is root and skip if it is the case
[ "x${PAM_USER}" == "xroot" ] && exit 0
-# source the stuff in pam_script_auth.d, if it exists
-if [ -d "/opt/openslx/scripts/pam_script_auth.d" ]; then
- for HOOK in $(ls "/opt/openslx/scripts/pam_script_auth.d"); do
- # source it, in case of failure do nothing since these scripts are non-critical
- . "/opt/openslx/scripts/pam_script_auth.d/$HOOK" || slxlog "pam-source-hooks" "Could not source '$HOOK'."
- done
-fi
-
###############################################################################
#
# Preparations for volatile /home/<user>
#
#
# check if we already mounted the home directory
-mount | grep -q " $TEMP_HOME_DIR " && exit 0
-
-# no home, lets create it
-if [ ! -d "${TEMP_HOME_DIR}" ]; then
- mkdir -p "${TEMP_HOME_DIR}" || \
- { slxlog "pam-global-mktemphome" "Could not create '${TEMP_HOME_DIR}'."; exit 1; }
+if ! mount | grep -q -F " ${TEMP_HOME_DIR} "; then
+ # no home, lets create it
+ if ! mkdir -p "${TEMP_HOME_DIR}"; then
+ slxlog "pam-global-mktemphome" "Could not create '${TEMP_HOME_DIR}'."
+ exit 1
+ fi
+ # now make it a tmpfs
+ if ! mount -t tmpfs -o mode=700,size=1024m tmpfs "${TEMP_HOME_DIR}"; then
+ slxlog "pam-global-tmpfstemphome" "Could not make a tmpfs on ${TEMP_HOME_DIR}"
+ exit 1
+ fi
fi
-# now make it a tmpfs
-mount -t tmpfs -o mode=700,size=1024m tmpfs "${TEMP_HOME_DIR}" || \
- { slxlog "pam-global-tmpfstemphome" "Could not make a tmpfs on ${TEMP_HOME_DIR}"; exit 1; }
-
-# create a WARNING.txt for the user
-cat > "${TEMP_HOME_DIR}/WARNING.txt" << EOF
-ATTENTION: This is the non-persistent home directory!
-Files saved here will be lost on shutdown.
-Your real home is under /home/<user>/PERSISTENT.
-Please save your files there.
-EOF
-
###############################################################################
#
# Preparations for /home/<user>/PERSISTENT
@@ -72,25 +57,50 @@ PERSISTENT_MOUNT_USER_SCRIPT="/opt/openslx/scripts/pam_script_mount_persistent_u
# The user's persistent home directory mount point
PERSISTENT_HOME_DIR="${TEMP_HOME_DIR}/PERSISTENT"
-# create the PERSISTENT directory
-mkdir -p "${PERSISTENT_HOME_DIR}" || \
- { slxlog "pam-global-mkpersistent" "Could not create '${PERSISTENT_HOME_DIR}'."; exit 1; }
-
-if ! chown -R "${USER_UID}:${USER_GID}" "${TEMP_HOME_DIR}"; then
- slxlog "pam-global-chpersistent " "Could not chown '${TEMP_HOME_DIR}' to '${PAM_USER}'."
- exit 1
-fi
+# now lets see if we have a persistent directory mount script, and it's not already mounted
+if [ -e "${PERSISTENT_MOUNT_SCRIPT}" ] && ! mount | grep -q -F " ${PERSISTENT_HOME_DIR} "; then
+ # seems we should try to mount...
+ # create the PERSISTENT directory and give to user
+ if ! mkdir -p "${PERSISTENT_HOME_DIR}"; then
+ slxlog "pam-global-mkpersistent" "Could not create '${PERSISTENT_HOME_DIR}'."
+ elif ! chown "${USER_UID}:${USER_GID}" "${TEMP_HOME_DIR}"; then
+ slxlog "pam-global-chpersistent" "Could not chown '${TEMP_HOME_DIR}' to '${PAM_USER}'."
+ else
+ # everything seems ok, call mount script
+ . "${PERSISTENT_MOUNT_SCRIPT}" \
+ || slxlog "pam-global-sourcepersistent" "Could not source '${PERSISTENT_MOUNT_SCRIPT}'."
+ if [ -n "${REAL_ACCOUNT}" ]; then
+ echo "${REAL_ACCOUNT}" > "${TEMP_HOME_DIR}/.account"
+ chmod 0644 "${TEMP_HOME_DIR}/.account"
+ fi
+ fi
+fi # end "mount-home-script-exists"
-# now lets see if we have a persistent directory mount script
-[ ! -e "${PERSISTENT_MOUNT_SCRIPT}" ] && exit 0
-# yes
-. "${PERSISTENT_MOUNT_SCRIPT}" || \
- { slxlog "pam-global-sourcepersistent" "Could not source '${PERSISTENT_MOUNT_SCRIPT}'."; exit 1; }
# Just try to delete the persistent dir. If the mount was successful, it will not work
# If it was not successful, it will be removed so the user doesn't think he can store
# anything in there
-rmdir "$PERSISTENT_HOME_DIR" 2> /dev/null
+rmdir "${PERSISTENT_HOME_DIR}" 2> /dev/null
+
+# Write warning message to tmpfs home
+if [ -d "${PERSISTENT_HOME_DIR}" ]; then
+ # create a WARNING.txt for the user with hint to PERSISTENT
+ cat > "${TEMP_HOME_DIR}/WARNING.txt" <<EOF
+ATTENTION: This is the non-persistent home directory!
+Files saved here will be lost on shutdown.
+Your real home is under ${PERSISTENT_HOME_DIR}
+Please save your files there.
+EOF
+else
+ # create a WARNING.txt for the user, no PERSISTENT :-(
+ cat > "${TEMP_HOME_DIR}/WARNING.txt" <<EOF
+ATTENTION: This is a non-persistent home directory!
+Files saved here will be lost on shutdown.
+Please save your files on a USB drive or upload them
+to some web service.
+EOF
+fi
+chown "${USER_UID}" "${TEMP_HOME_DIR}/WARNING.txt"
###############################################################################
#
@@ -102,23 +112,35 @@ COMMON_SHARE_MOUNT_SCRIPT="/opt/openslx/scripts/pam_script_mount_common_share"
# User specific mount point for the common share
COMMON_SHARE_MOUNT_POINT="${TEMP_HOME_DIR}/SHARE"
-# create the SHARE directory
-mkdir -p "${COMMON_SHARE_MOUNT_POINT}" || \
- { slxlog "pam-global-mkshare" "Could not create '${COMMON_SHARE_MOUNT_POINT}'."; exit 1; }
-
-# chown the new dir
-chown "${USER_UID}:${USER_GID}" "${COMMON_SHARE_MOUNT_POINT}" || \
- { slxlog "pam-global-chshare" "Could not chown '${COMMON_SHARE_MOUNT_POINT}' to '${PAM_USER}'."; exit 1; }
-
# check for common share mount script, exit if we don't have one
-[ ! -e "${COMMON_SHARE_MOUNT_SCRIPT}" ] && exit 0
-
-# we do!
-COMMON_SHARE_MOUNT_POINT="${COMMON_SHARE_MOUNT_POINT}" PAM_USER="${PAM_USER}" PAM_AUTHTOK="${PAM_AUTHTOK}" USER_UID="${USER_UID}" USER_GID="${USER_GID}" /bin/ash "${COMMON_SHARE_MOUNT_SCRIPT}" || \
- { slxlog "pam-global-sourceshare" "Could not source '${COMMON_SHARE_MOUNT_SCRIPT}'."; exit 1; }
-
+if [ -e "${COMMON_SHARE_MOUNT_SCRIPT}" ] && ! mount | grep -q -F " ${COMMON_SHARE_MOUNT_POINT} "; then
+ # create the SHARE directory
+ if ! mkdir -p "${COMMON_SHARE_MOUNT_POINT}"; then
+ slxlog "pam-global-mkshare" "Could not create '${COMMON_SHARE_MOUNT_POINT}'."
+ elif ! chown "${USER_UID}:${USER_GID}" "${COMMON_SHARE_MOUNT_POINT}"; then
+ slxlog "pam-global-chshare" "Could not chown '${COMMON_SHARE_MOUNT_POINT}' to '${PAM_USER}'."
+ else
+ COMMON_SHARE_MOUNT_POINT="${COMMON_SHARE_MOUNT_POINT}" \
+ PAM_USER="${PAM_USER}" \
+ PAM_AUTHTOK="${PAM_AUTHTOK}" \
+ USER_UID="${USER_UID}" \
+ USER_GID="${USER_GID}" \
+ /bin/ash "${COMMON_SHARE_MOUNT_SCRIPT}" \
+ || slxlog "pam-global-sourceshare" "Could not execute '${COMMON_SHARE_MOUNT_SCRIPT}'."
+ fi
+fi
# Just try to delete the common share dir. If the mount was successful, it will not work
rmdir "${COMMON_SHARE_MOUNT_POINT}" 2> /dev/null
+#
+# source the stuff in pam_script_auth.d, if it exists
+#
+if [ -d "/opt/openslx/scripts/pam_script_auth.d" ]; then
+ for HOOK in $(ls "/opt/openslx/scripts/pam_script_auth.d"); do
+ # source it, in case of failure do nothing since these scripts are non-critical
+ . "/opt/openslx/scripts/pam_script_auth.d/$HOOK" || slxlog "pam-source-hooks" "Could not source '$HOOK'."
+ done
+fi
+
exit 0
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-07-09 11:52:47 +0200