From d12f1bedbccc3b19999cc84c14a836166bb43d18 Mon Sep 17 00:00:00 2001 From: Jonathan Bauer Date: Fri, 20 Sep 2013 16:59:55 +0200 Subject: [pam-hso] fix permissions for pam scripts mouting homes. --- .../pam-hso/etc/pam-script/pam_script_ses_close | 1 + .../pam-hso/etc/pam-script/pam_script_ses_open | 1 - .../pam-hso/etc/pam-script/pam_script_ses_open.bak | 30 -------------- .../etc/pam-script/pam_script_ses_open.save | 47 ---------------------- 4 files changed, 1 insertion(+), 78 deletions(-) delete mode 100755 server/modules/pam-hso/etc/pam-script/pam_script_ses_open.bak delete mode 100755 server/modules/pam-hso/etc/pam-script/pam_script_ses_open.save (limited to 'server') diff --git a/server/modules/pam-hso/etc/pam-script/pam_script_ses_close b/server/modules/pam-hso/etc/pam-script/pam_script_ses_close index 8bc8d3bb..dc7b5bd7 100755 --- a/server/modules/pam-hso/etc/pam-script/pam_script_ses_close +++ b/server/modules/pam-hso/etc/pam-script/pam_script_ses_close @@ -5,3 +5,4 @@ export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/o echo "[$PAM_TYPE] Closing session for $PAM_USER" [ $(id -g $PAM_USER) -eq 1001 ] && umount /home/$PAM_USER + diff --git a/server/modules/pam-hso/etc/pam-script/pam_script_ses_open b/server/modules/pam-hso/etc/pam-script/pam_script_ses_open index 2189c347..4cf6bf58 100755 --- a/server/modules/pam-hso/etc/pam-script/pam_script_ses_open +++ b/server/modules/pam-hso/etc/pam-script/pam_script_ses_open @@ -22,4 +22,3 @@ fi #mount H-Drive ncpmount -A fs1-2-home.rz.hs-offenburg.de -S fs1-2-home.rz.hs-offenburg.de -V HOME/USERS/$loggedInUser -U $loggedInUser.HRZ.FHO /home/users/$loggedInUser - diff --git a/server/modules/pam-hso/etc/pam-script/pam_script_ses_open.bak b/server/modules/pam-hso/etc/pam-script/pam_script_ses_open.bak deleted file mode 100755 index 79a94169..00000000 --- a/server/modules/pam-hso/etc/pam-script/pam_script_ses_open.bak +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash - -export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin" - -echo "[$PAM_TYPE] Opening session for $PAM_USER" - -if [ $(id -g $PAM_USER) -eq 1001 ]; then - echo "[$PAM_TYPE] Mounting home directory for $PAM_USER" - - # generate keytab - sslconnect npserv.ruf.uni-freiburg.de:3 > /etc/krb5.keytab - chmod 600 /etc/krb5.keytab - - # determine fileserver and share for home directories - ldapsearch -x -LLL uid="$PAM_USER" homeDirectory rufFileserver > /tmp/ldapsearch."$PAM_USER" - - FILESERVER=$(cat /tmp/ldapsearch.$PAM_USER | grep rufFileserver | cut -d" " -f2) - VOLUME=$(cat /tmp/ldapsearch.$PAM_USER | grep homeDirectory | cut -d" " -f2) - - # now we can mount the home directory - mkdir -p /home/$PAM_USER - if mount -t nfs4 -o rw,nosuid,nodev,nolock,intr,hard,sloppy,sec=krb5p "$FILESERVER":"$VOLUME" /home/"$PAM_USER"; then - exit 0 - else - echo "Failed to mount home directory for $PAM_USER" - exit 1 - fi - -fi - diff --git a/server/modules/pam-hso/etc/pam-script/pam_script_ses_open.save b/server/modules/pam-hso/etc/pam-script/pam_script_ses_open.save deleted file mode 100755 index 1bbb9d81..00000000 --- a/server/modules/pam-hso/etc/pam-script/pam_script_ses_open.save +++ /dev/null @@ -1,47 +0,0 @@ -/root/tm-scripts/server/boot/local/initramfs-stage32/root/tm-scripts/server/boot/local/initramfs-stage32#!/bin/sh - -export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin" - - -#check who is logged in to put the "Home"-Folder on the correct Desktop -#Doesn't work with root! -#export loggedInUser=$(whoami) -[ ! -z "$PAM_USER" ] && export loggedInUser="$PAM_USER" - - -#create Folder on Desktop to link with H-Drive, if not already existent -if [ ! -d /home/$loggedInUser ]; then - mkdir -p /home/$loggedInUser -fi - - -#ask for username -#read -p "Benutzername: " username - - -#mount H-Drive -ncpmount -A fs1-2-home.rz.hs-offenburg.de -S fs1-2-home.rz.hs-offenburg.de -V HOME/USERS/$loggedInUser -U $loggedInUser.HRZ.FHO /home/$loggedInUser#!/bin/sh - -export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin" - - -#check who is logged in to put the "Home"-Folder on the correct Desktop -#Doesn't work with root! -#export loggedInUser=$(whoami) -[ ! -z "$PAM_USER" ] && export loggedInUser="$PAM_USER" - - -#create Folder on Desktop to link with H-Drive, if not already existent -if [ ! -d /home/$loggedInUser ]; then - mkdir -p /home/$loggedInUser -fi - - -#ask for username -#read -p "Benutzername: " username - - -#mount H-Drive -ncpmount -A fs1-2-home.rz.hs-offenburg.de -S fs1-2-home.rz.hs-offenburg.de -V HOME/USERS/$loggedInUser -U $loggedInUser.HRZ.FHO /home/$loggedInUser - - -- cgit v1.2.3-55-g7522