From f8c9d2eed804ee4ce86b65c3fb4cacb81bad3322 Mon Sep 17 00:00:00 2001 From: Jonathan Bauer Date: Mon, 5 Dec 2011 17:48:13 +0100 Subject: plymouth: fix flickers --- src/os-plugins/plugins/plymouth/XX_plymouth.sh | 4 ++-- .../plugins/plymouth/init-hooks/40-started-hw-config/plymouth.sh | 3 ++- .../plugins/plymouth/init-hooks/95-handing-over/plymouth.sh | 4 ++++ 3 files changed, 8 insertions(+), 3 deletions(-) create mode 100644 src/os-plugins/plugins/plymouth/init-hooks/95-handing-over/plymouth.sh (limited to 'src') diff --git a/src/os-plugins/plugins/plymouth/XX_plymouth.sh b/src/os-plugins/plugins/plymouth/XX_plymouth.sh index f9927eae..f1b99511 100644 --- a/src/os-plugins/plugins/plymouth/XX_plymouth.sh +++ b/src/os-plugins/plugins/plymouth/XX_plymouth.sh @@ -21,9 +21,9 @@ if [ -e /initramfs/plugin-conf/plymouth.conf ]; then if [ -f /mnt/etc/init/kdm.conf ]; then - sed 's/exec kdm/plymouth quit \n exec kdm/g' -i /mnt/etc/init/kdm.conf + sed 's/exec kdm/$(sleep 0.5 \&\& plymouth quit) \&\n exec kdm/g' -i /mnt/etc/init/kdm.conf else - sed 's/exec kdm/plymouth quit \n exec kdm/g' -i /mnt/etc/init.inactive/kdm.conf + sed 's/exec kdm/$(sleep 0.5 \&\& plymouth quit) \&\n exec kdm/g' -i /mnt/etc/init.inactive/kdm.conf fi [ $DEBUGLEVEL -gt 0 ] && echo "done with the 'plymouth' plugin..."; fi diff --git a/src/os-plugins/plugins/plymouth/init-hooks/40-started-hw-config/plymouth.sh b/src/os-plugins/plugins/plymouth/init-hooks/40-started-hw-config/plymouth.sh index 19c26862..54a86774 100644 --- a/src/os-plugins/plugins/plymouth/init-hooks/40-started-hw-config/plymouth.sh +++ b/src/os-plugins/plugins/plymouth/init-hooks/40-started-hw-config/plymouth.sh @@ -1,4 +1,5 @@ # only start with no debug level if [ $DEBUGLEVEL -eq 0 ]; then - plymouthd && plymouth show-splash + /sbin/plymouthd --mode=boot --attach-to-session + /bin/plymouth show-splash fi diff --git a/src/os-plugins/plugins/plymouth/init-hooks/95-handing-over/plymouth.sh b/src/os-plugins/plugins/plymouth/init-hooks/95-handing-over/plymouth.sh new file mode 100644 index 00000000..d7f27411 --- /dev/null +++ b/src/os-plugins/plugins/plymouth/init-hooks/95-handing-over/plymouth.sh @@ -0,0 +1,4 @@ +# only start with no debug level +if [ $DEBUGLEVEL -eq 0 ]; then + /bin/plymouth update-root-fs --new-root-dir=/mnt +fi -- cgit v1.2.3-55-g7522 From 5d97f33775e539da678d2c893c68520ef3c72618 Mon Sep 17 00:00:00 2001 From: Jonathan Bauer Date: Tue, 6 Dec 2011 17:23:02 +0100 Subject: eduroam plugin base (working for kdm) --- .../plugins/eduroam/OpenSLX/OSPlugin/eduroam.pm | 138 +++++++++++++++++++++ src/os-plugins/plugins/eduroam/XX_eduroam.sh | 40 ++++++ .../plugins/eduroam/files/etc/pam.d/radius-auth | 31 +++++ .../plugins/eduroam/files/etc/pam_radius_auth.conf | 30 +++++ .../eduroam/files/lib/security/pam_script.so | Bin 0 -> 9548 bytes .../files/usr/share/libpam-script/pam_script_auth | 60 +++++++++ .../usr/share/libpam-script/pam_script_ses_close | 37 ++++++ .../usr/share/libpam-script/pam_script_ses_open | 20 +++ 8 files changed, 356 insertions(+) create mode 100644 src/os-plugins/plugins/eduroam/OpenSLX/OSPlugin/eduroam.pm create mode 100644 src/os-plugins/plugins/eduroam/XX_eduroam.sh create mode 100644 src/os-plugins/plugins/eduroam/files/etc/pam.d/radius-auth create mode 100644 src/os-plugins/plugins/eduroam/files/etc/pam_radius_auth.conf create mode 100644 src/os-plugins/plugins/eduroam/files/lib/security/pam_script.so create mode 100755 src/os-plugins/plugins/eduroam/files/usr/share/libpam-script/pam_script_auth create mode 100755 src/os-plugins/plugins/eduroam/files/usr/share/libpam-script/pam_script_ses_close create mode 100755 src/os-plugins/plugins/eduroam/files/usr/share/libpam-script/pam_script_ses_open (limited to 'src') diff --git a/src/os-plugins/plugins/eduroam/OpenSLX/OSPlugin/eduroam.pm b/src/os-plugins/plugins/eduroam/OpenSLX/OSPlugin/eduroam.pm new file mode 100644 index 00000000..c5c74c17 --- /dev/null +++ b/src/os-plugins/plugins/eduroam/OpenSLX/OSPlugin/eduroam.pm @@ -0,0 +1,138 @@ +# Copyright (c) 2007..2011 - OpenSLX GmbH +# +# This program is free software distributed under the GPL version 2. +# See http://openslx.org/COPYING +# +# If you have any feedback please consult http://openslx.org/feedback and +# send your suggestions, praise, or complaints to feedback@openslx.org +# +# General information about OpenSLX can be found at http://openslx.org/ +# ----------------------------------------------------------------------------- +# eduroam.pm +# ----------------------------------------------------------------------------- +package OpenSLX::OSPlugin::eduroam; + +use strict; +use warnings; + +use base qw(OpenSLX::OSPlugin::Base); + +use File::Path; + +use OpenSLX::Basics; +use OpenSLX::Utils; +use OpenSLX::DistroUtils; + +sub new +{ + my $class = shift; + + my $self = { + name => 'eduroam', + }; + + return bless $self, $class; +} + +sub getInfo +{ + my $self = shift; + + return { + description => unshiftHereDoc(<<' End-of-Here'), + Splashscreen for the boot process using eduroam. + End-of-Here + precedence => 30, + }; +} + +sub getAttrInfo +{ + my $self = shift; + + return { + 'eduroam::active' => { + applies_to_systems => 1, + applies_to_clients => 1, + description => unshiftHereDoc(<<' End-of-Here'), + should the eduroam-plugin be executed during boot? + End-of-Here + content_regex => qr{^(0|1)$}, + content_descr => '1 means active - 0 means inactive', + default => '1', + }, + }; +} + +sub suggestAdditionalKernelParams +{ + my $self = shift; + my $makeInitRamFSEngine = shift; + + my @suggestedParams; + + return @suggestedParams; +} + +sub suggestAdditionalKernelModules +{ + my $self = shift; + my $makeInitRamFSEngine = shift; + + my @suggestedModules; + + return @suggestedModules; +} + +sub installationPhase +{ + my $self = shift; + my $info = shift; + + my $engine = $self->{'os-plugin-engine'}; + my @installedPackages = $engine->getInstalledPackages(); + my $found = 0; + foreach (@installedPackages) { + if ($_ eq "libpam-radius-auth") { + $found = 1; + } + } + # if not found, install it + if ($found == 0) { + vlog(0, _tr("Missing package 'libpam-radius-auth', installing...\n")); + $engine->installPackages('libpam-radius-auth'); + } + + $self->{pluginRepositoryPath} = $info->{'plugin-repo-path'}; + $self->{openslxBasePath} = $info->{'openslx-base-path'}; + + my $eduroamFilesPath = "$self->{openslxBasePath}/lib/plugins/eduroam/files"; + my $pluginRepoPath = "$self->{pluginRepositoryPath}"; + + copyDir("$eduroamFilesPath", "$pluginRepoPath"); + #copyDir("$eduroamFilesPath/lib", "$pluginRepoPath"); + #copyDir("$eduroamFilesPath/etc", "$pluginRepoPath"); + + return; +} + +sub removalPhase +{ + my $self = shift; + my $info = shift; + + return; +} + + +sub copyRequiredFilesIntoInitramfs +{ + my $self = shift; + my $targetPath = shift; + my $attrs = shift; + my $makeInitRamFSEngine = shift; + + return; +} + +1; diff --git a/src/os-plugins/plugins/eduroam/XX_eduroam.sh b/src/os-plugins/plugins/eduroam/XX_eduroam.sh new file mode 100644 index 00000000..fe8bcef6 --- /dev/null +++ b/src/os-plugins/plugins/eduroam/XX_eduroam.sh @@ -0,0 +1,40 @@ +# Copyright (c) 2007..2008 - RZ Uni Freiburg +# Copyright (c) 2008 - 2009 OpenSLX GmbH +# +# This program/file is free software distributed under the GPL version 2. +# See http://openslx.org/COPYING +# +# If you have any feedback please consult http://openslx.org/feedback and +# send your feedback to feedback@openslx.org +# +# General information about OpenSLX can be found at http://openslx.org +# +# stage3 part of 'eduroam' plugin +# +# script is included from init via the "." load function - thus it has all +# variables and functions available + +if [ -e /initramfs/plugin-conf/eduroam.conf ]; then + . /initramfs/plugin-conf/eduroam.conf + if [ $eduroam_active -ne 0 ]; then + [ $DEBUGLEVEL -gt 0 ] && echo "executing the 'eduroam' plugin..."; + + # copy files + + cp /mnt/opt/openslx/plugin-repo/eduroam/files/lib/security/pam_script.so \ + /mnt/lib/security + cp /mnt/opt/openslx/plugin-repo/eduroam/files/etc/pam_radius_auth.conf \ + /mnt/etc + cp /mnt/opt/openslx/plugin-repo/eduroam/files/etc/pam.d/radius-auth \ + /mnt/etc/pam.d + cp -r /mnt/opt/openslx/plugin-repo/eduroam/files/usr/share \ + /mnt/usr/share + + # activate eduroam in kdm + # TODO: for other desktop managers + sed 's/@include common-auth/@include radius-auth/g' -i /mnt/etc/pam.d/kdm + + [ $DEBUGLEVEL -gt 0 ] && echo "done with the 'eduroam' plugin..."; + fi +fi + diff --git a/src/os-plugins/plugins/eduroam/files/etc/pam.d/radius-auth b/src/os-plugins/plugins/eduroam/files/etc/pam.d/radius-auth new file mode 100644 index 00000000..97f005f4 --- /dev/null +++ b/src/os-plugins/plugins/eduroam/files/etc/pam.d/radius-auth @@ -0,0 +1,31 @@ +# +# /etc/pam.d/common-auth - authentication settings common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of the authentication modules that define +# the central authentication scheme for use on the system +# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the +# traditional Unix authentication mechanisms. +# +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# try to authenticate with radius, if succeeds create local user. +auth optional pam_script.so radius +auth [success=ok user_unknown=1 default=1] pam_radius_auth.so debug +auth [success=3 default=ignore] pam_script.so create_user +auth optional pam_script.so unix +auth [success=1 new_authtok_reqd=ok user_unknown=die default=ignore] pam_unix.so nullok_secure debug try_first_pass + +# here's the fallback if no module succeeds +auth requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +auth required pam_permit.so +# and here are more per-package modules (the "Additional" block) +#auth optional pam_mount.so +# end of pam-auth-update config diff --git a/src/os-plugins/plugins/eduroam/files/etc/pam_radius_auth.conf b/src/os-plugins/plugins/eduroam/files/etc/pam_radius_auth.conf new file mode 100644 index 00000000..5f3de0a5 --- /dev/null +++ b/src/os-plugins/plugins/eduroam/files/etc/pam_radius_auth.conf @@ -0,0 +1,30 @@ +# pam_radius_auth configuration file. Copy to: /etc/raddb/server +# +# For proper security, this file SHOULD have permissions 0600, +# that is readable by root, and NO ONE else. If anyone other than +# root can read this file, then they can spoof responses from the server! +# +# There are 3 fields per line in this file. There may be multiple +# lines. Blank lines or lines beginning with '#' are treated as +# comments, and are ignored. The fields are: +# +# server[:port] secret [timeout] +# +# the port name or number is optional. The default port name is +# "radius", and is looked up from /etc/services The timeout field is +# optional. The default timeout is 3 seconds. +# +# If multiple RADIUS server lines exist, they are tried in order. The +# first server to return success or failure causes the module to return +# success or failure. Only if a server fails to response is it skipped, +# and the next server in turn is used. +# +# The timeout field controls how many seconds the module waits before +# deciding that the server has failed to respond. +# +# server[:port] shared_secret timeout (s) + +# +# having localhost in your radius configuration is a Good Thing. +# +# See the INSTALL file for pam.conf hints. diff --git a/src/os-plugins/plugins/eduroam/files/lib/security/pam_script.so b/src/os-plugins/plugins/eduroam/files/lib/security/pam_script.so new file mode 100644 index 00000000..f1af8245 Binary files /dev/null and b/src/os-plugins/plugins/eduroam/files/lib/security/pam_script.so differ diff --git a/src/os-plugins/plugins/eduroam/files/usr/share/libpam-script/pam_script_auth b/src/os-plugins/plugins/eduroam/files/usr/share/libpam-script/pam_script_auth new file mode 100755 index 00000000..6f3e7ec6 --- /dev/null +++ b/src/os-plugins/plugins/eduroam/files/usr/share/libpam-script/pam_script_auth @@ -0,0 +1,60 @@ +#!/bin/bash +# pam_script_auth + +# file to write authentification method to +file=/var/run/eduroam_auth_method + +# check given argument +case "$1" in + + "radius" ) + # auth method, write it to file + echo "[$PAM_TYPE] Verifying credentials (through $1)..." + #echo "$1" > $file.$PAM_USER + ;; + + "create_user" ) + # create user + # check if user exists + if [ "x$(cat /etc/passwd | grep ^$PAM_USER | wc -l)" == "x1" ] + then + # user exists + echo "[$PAM_TYPE] User $PAM_USER exists already." + else + # user does not exists, create it. + echo "[$PAM_TYPE] User $PAM_USER does not exist." + echo "[$PAM_TYPE] Creating user $PAM_USER ..." + + uid_file=/var/run/eduroam_lastuid + # check for /var/run/eduroam_lastuid + [ ! -f $uid_file ] && echo "234299000" > $uid_file + + # set user information + uid=$(($(cat $uid_file)+1)) + gid=1001 + homedir=/home/$PAM_USER + uinfo="Eduroam Guest" + ushell=/bin/bash + + # create home directory + mkdir $homedir + chown $uid:$gid $homedir + + # create /etc/passwd entry + echo "$PAM_USER:x:$uid:$gid:$uinfo:$homedir:$ushell" >> /etc/passwd + + # create /etc/shadow entry + # set today's date for last pw change + pwlastchange=$(($(date +%s) / 60 / 60 / 24)) + echo "$PAM_USER:x:$pwlastchange:0:99999:7:::" >> /etc/shadow + + # user creation done, adjust uid_file + echo "$uid" > $uid_file + fi + ;; + + * ) + echo "[$PAM_TYPE] $0 unrecognized parameter: $1 (ignoring)." + ;; + +esac diff --git a/src/os-plugins/plugins/eduroam/files/usr/share/libpam-script/pam_script_ses_close b/src/os-plugins/plugins/eduroam/files/usr/share/libpam-script/pam_script_ses_close new file mode 100755 index 00000000..0568fd64 --- /dev/null +++ b/src/os-plugins/plugins/eduroam/files/usr/share/libpam-script/pam_script_ses_close @@ -0,0 +1,37 @@ +#!/bin/bash +# pam_script_ses_close +# ran by root after user closes session + +echo "[$PAM_TYPE] Closing session for $PAM_USER..." +# minimal uid: users with uid under this wont get deleted. +MIN_UID=234299000 + +# remove local user & home dir +# only execute for uid > MIN_UID +#if [ $(id -u $PAM_USER) -gt $MIN_UID -a "x$(cat /var/run/eduroam_auth_method.$PAM_USER)" == "xradius" ] +if [ $(id -u $PAM_USER) -gt $MIN_UID ] +then + #[ -f /var/run/eduroam_auth_method.$PAM_USER ] && rm /var/run/eduroam_auth_method.$PAM_USER + + # decrement session + session_counter=/tmp/$PAM_USER.sessioncount + session_count=$(cat $session_counter) + echo "$(($session_count-1))" > $session_counter + + # home dir ugly purge ... (log to debug...) + log=/var/log/eduroam + [ -f $log ] && rm $log + if [ -d /home/$PAM_USER ] + then + umount -fl /home/$PAM_USER/.gvfs &>> $log + chown -R root:root /home/$PAM_USER &>> $log + chmod -R a+rwx /home/$PAM_USER &>> $log + rm -rf /home/$PAM_USER &>> $log + fi + find /tmp -user $PAM_USER -delete + sed -i "/^$PAM_USER/d" /etc/passwd + sed -i "/^$PAM_USER/d" /etc/shadow + echo "[$PAM_TYPE] Local user deleted." +fi + +echo "[$PAM_TYPE] Hope you enjoyed your stay $PAM_USER." diff --git a/src/os-plugins/plugins/eduroam/files/usr/share/libpam-script/pam_script_ses_open b/src/os-plugins/plugins/eduroam/files/usr/share/libpam-script/pam_script_ses_open new file mode 100755 index 00000000..4ca474b9 --- /dev/null +++ b/src/os-plugins/plugins/eduroam/files/usr/share/libpam-script/pam_script_ses_open @@ -0,0 +1,20 @@ +#!/bin/bash +# pam_script session open script. +# This script is executed by root when a new session is opened. +echo "[$PAM_TYPE] Creating new session for $PAM_USER." + +min_uid=234299000 +[ $(id -u $PAM_USER) -gt $min_uid ] || exit 0 + +session_counter=/tmp/$PAM_USER.sessioncount +num_user_proc=$(ps aux|grep $PAM_USER -c|grep -v grep) + +if [ $num_user_proc -eq 0 ] +then + # no running session, write 1 since we are creating a new session. + echo "1" > $session_counter +else + # running session, increment + current_count=$(cat $session_counter) + echo "$(($current_count+1))" > $session_counter +fi -- cgit v1.2.3-55-g7522 From 4a00cc6290c7d29156e7bc204a704a4e48860c8f Mon Sep 17 00:00:00 2001 From: Jonathan Bauer Date: Wed, 7 Dec 2011 17:46:43 +0100 Subject: eduroam server IP and secret are ow attributes --- .../plugins/eduroam/OpenSLX/OSPlugin/eduroam.pm | 33 ++++++++++++++++++++-- src/os-plugins/plugins/eduroam/XX_eduroam.sh | 27 +++++++++++------- 2 files changed, 47 insertions(+), 13 deletions(-) (limited to 'src') diff --git a/src/os-plugins/plugins/eduroam/OpenSLX/OSPlugin/eduroam.pm b/src/os-plugins/plugins/eduroam/OpenSLX/OSPlugin/eduroam.pm index c5c74c17..7c38a055 100644 --- a/src/os-plugins/plugins/eduroam/OpenSLX/OSPlugin/eduroam.pm +++ b/src/os-plugins/plugins/eduroam/OpenSLX/OSPlugin/eduroam.pm @@ -61,6 +61,29 @@ sub getAttrInfo content_descr => '1 means active - 0 means inactive', default => '1', }, + + 'eduroam::server_ip' => { + applies_to_systems => 1, + applies_to_clients => 1, + description => unshiftHereDoc(<<' End-of-Here'), + IP address of the eduroam backend server + End-of-Here + content_regex => qr{^.*$}, + content_descr => 'valid IP address', + default => '1', + }, + + 'eduroam::server_secret' => { + applies_to_systems => 1, + applies_to_clients => 1, + description => unshiftHereDoc(<<' End-of-Here'), + shared secret for eduroam authentication + End-of-Here + content_regex => qr{^.*$}, + content_descr => 'string of the shared secret', + default => '1', + }, + }; } @@ -90,6 +113,8 @@ sub installationPhase my $info = shift; my $engine = $self->{'os-plugin-engine'}; + + # check if libpam-radius-package is already installed my @installedPackages = $engine->getInstalledPackages(); my $found = 0; foreach (@installedPackages) { @@ -97,7 +122,7 @@ sub installationPhase $found = 1; } } - # if not found, install it + # if not, install it if ($found == 0) { vlog(0, _tr("Missing package 'libpam-radius-auth', installing...\n")); $engine->installPackages('libpam-radius-auth'); @@ -109,9 +134,11 @@ sub installationPhase my $eduroamFilesPath = "$self->{openslxBasePath}/lib/plugins/eduroam/files"; my $pluginRepoPath = "$self->{pluginRepositoryPath}"; + # copy the rest of the needed files: + # lib/security/pam_script.so - library needed by PAM-script module + # usr/share/libpam-script/* - scripts to create the local user if radius auth succeeded + # etc/pam.d/kdm/radius-auth - PAM-module for radius auth copyDir("$eduroamFilesPath", "$pluginRepoPath"); - #copyDir("$eduroamFilesPath/lib", "$pluginRepoPath"); - #copyDir("$eduroamFilesPath/etc", "$pluginRepoPath"); return; } diff --git a/src/os-plugins/plugins/eduroam/XX_eduroam.sh b/src/os-plugins/plugins/eduroam/XX_eduroam.sh index fe8bcef6..d977a791 100644 --- a/src/os-plugins/plugins/eduroam/XX_eduroam.sh +++ b/src/os-plugins/plugins/eduroam/XX_eduroam.sh @@ -20,19 +20,26 @@ if [ -e /initramfs/plugin-conf/eduroam.conf ]; then [ $DEBUGLEVEL -gt 0 ] && echo "executing the 'eduroam' plugin..."; # copy files - - cp /mnt/opt/openslx/plugin-repo/eduroam/files/lib/security/pam_script.so \ - /mnt/lib/security - cp /mnt/opt/openslx/plugin-repo/eduroam/files/etc/pam_radius_auth.conf \ - /mnt/etc - cp /mnt/opt/openslx/plugin-repo/eduroam/files/etc/pam.d/radius-auth \ - /mnt/etc/pam.d - cp -r /mnt/opt/openslx/plugin-repo/eduroam/files/usr/share \ - /mnt/usr/share + cd /mnt/opt/openslx/plugin-repo/eduroam/files + # better with tar, doesn't work however... + #tar c * | tar x -C /mnt + for f in $(find . -type f); do cp $f /mnt/$f; done + + # delete old config, just to make sure there are no conflicts + pam_radius_conf=/mnt/etc/pam_radius_auth.conf + [ -f $pam_radius_conf ] && rm $pam_radius_conf + + # hack to get the actual literal string from the config file... + secret=$(cat /initramfs/plugin-conf/eduroam.conf | grep secret | \ + sed 's/eduroam_server_secret="//g' | sed 's/\(.*\)./\1/') + + # write eduroam server config + echo -n "$eduroam_server_ip $secret 3" > $pam_radius_conf # activate eduroam in kdm # TODO: for other desktop managers - sed 's/@include common-auth/@include radius-auth/g' -i /mnt/etc/pam.d/kdm + pam_kdm=/mnt/etc/pam.d/kdm + [ -f $pam_kdm ] && sed 's/@include common-auth/@include radius-auth/g' -i $pam_kdm [ $DEBUGLEVEL -gt 0 ] && echo "done with the 'eduroam' plugin..."; fi -- cgit v1.2.3-55-g7522 From 822c24c39f6281346b505cb80fe8fedfbdd7f407 Mon Sep 17 00:00:00 2001 From: Jonathan Bauer Date: Wed, 7 Dec 2011 17:54:37 +0100 Subject: minor... --- .../plugins/eduroam/files/etc/pam_radius_auth.conf | 30 ---------------------- 1 file changed, 30 deletions(-) delete mode 100644 src/os-plugins/plugins/eduroam/files/etc/pam_radius_auth.conf (limited to 'src') diff --git a/src/os-plugins/plugins/eduroam/files/etc/pam_radius_auth.conf b/src/os-plugins/plugins/eduroam/files/etc/pam_radius_auth.conf deleted file mode 100644 index 5f3de0a5..00000000 --- a/src/os-plugins/plugins/eduroam/files/etc/pam_radius_auth.conf +++ /dev/null @@ -1,30 +0,0 @@ -# pam_radius_auth configuration file. Copy to: /etc/raddb/server -# -# For proper security, this file SHOULD have permissions 0600, -# that is readable by root, and NO ONE else. If anyone other than -# root can read this file, then they can spoof responses from the server! -# -# There are 3 fields per line in this file. There may be multiple -# lines. Blank lines or lines beginning with '#' are treated as -# comments, and are ignored. The fields are: -# -# server[:port] secret [timeout] -# -# the port name or number is optional. The default port name is -# "radius", and is looked up from /etc/services The timeout field is -# optional. The default timeout is 3 seconds. -# -# If multiple RADIUS server lines exist, they are tried in order. The -# first server to return success or failure causes the module to return -# success or failure. Only if a server fails to response is it skipped, -# and the next server in turn is used. -# -# The timeout field controls how many seconds the module waits before -# deciding that the server has failed to respond. -# -# server[:port] shared_secret timeout (s) - -# -# having localhost in your radius configuration is a Good Thing. -# -# See the INSTALL file for pam.conf hints. -- cgit v1.2.3-55-g7522