diff options
| author | Simon Rettberg | 2015-09-22 18:26:04 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2015-09-22 18:26:04 +0200 |
| commit | 7ac77dd0b374a8a9d601ee8e642256ebb46d6dd3 (patch) | |
| tree | 3f7454da48c110135ecb952fcc87f662c39929d3 | |
| parent | Add dozmod database upgrade script to restore feature (diff) | |
| download | tmlite-bwlp-7ac77dd0b374a8a9d601ee8e642256ebb46d6dd3.tar.gz tmlite-bwlp-7ac77dd0b374a8a9d601ee8e642256ebb46d6dd3.tar.xz tmlite-bwlp-7ac77dd0b374a8a9d601ee8e642256ebb46d6dd3.zip | |
[mountscript] Fix passing password to ldapsearch (remove trailing newline)
| -rw-r--r-- | data/ad/mountscript | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/data/ad/mountscript b/data/ad/mountscript index 4812b1e..7a15224 100644 --- a/data/ad/mountscript +++ b/data/ad/mountscript @@ -5,6 +5,7 @@ # VOLUME= +RESULT= REAL_ACCOUNT= if ! grep -q "^${PAM_USER}:" "/etc/passwd"; then # determine fileserver and share for home directories @@ -15,9 +16,11 @@ if ! grep -q "^${PAM_USER}:" "/etc/passwd"; then RESULT=$(mktemp) PW="/tmp/pw.${RANDOM}.${RANDOM}.${PAM_USER}.${RANDOM}" mkfifo -m 0600 "${PW}" || slxlog "pam-ad-fifo" "Could not create FIFO at ${PW}" - ( echo "${PAM_AUTHTOK}" > "${PW}" ) & - ldapsearch -y "${PW}" -D "$BINDDN" -l 5 -o nettimeout=5 -o ldif-wrap=no -x -LLL uid="${PAM_USER}" homeMount realAccount > "${RESULT}" 2>/dev/null \ - || slxlog "pam-ad-ldapquery" "Could not query LDAP-AD-Proxy for parameters of user '${PAM_USER}'." + ( + echo -n "${PAM_AUTHTOK}" > "${PW}" + ) & + ldapsearch -y "${PW}" -D "$BINDDN" -l 5 -o nettimeout=5 -o ldif-wrap=no -x -LLL uid="${PAM_USER}" homeMount realAccount > "${RESULT}" 2>&1 \ + || slxlog "pam-ad-ldapquery" "Could not query LDAP-AD-Proxy for parameters of user '${PAM_USER}'." "${RESULT}" rm -f -- "${PW}" VOLUME=$(cat "${RESULT}" | grep '^homeMount:' | head -n 1 | cut -d ' ' -f 2) [ -z "${VOLUME}" ] && slxlog "pam-ad-ldapvolume" "AD/Proxy did not provide 'homeMount'. Aborting mount for ${PAM_USER}." |