[PC-BSD Commits] r19412 - pcbsd/current/src-sh/pc-adctl/scripts
svn at pcbsd.org
svn at pcbsd.org
Wed Sep 19 17:34:40 PDT 2012
Author: johnh
Date: 2012-09-20 00:34:40 +0000 (Thu, 20 Sep 2012)
New Revision: 19412
Modified:
pcbsd/current/src-sh/pc-adctl/scripts/pc-pam
Log:
Attempt to place pam modules in the correct place.
Modified: pcbsd/current/src-sh/pc-adctl/scripts/pc-pam
===================================================================
--- pcbsd/current/src-sh/pc-adctl/scripts/pc-pam 2012-09-20 00:34:07 UTC (rev 19411)
+++ pcbsd/current/src-sh/pc-adctl/scripts/pc-pam 2012-09-20 00:34:40 UTC (rev 19412)
@@ -140,6 +140,41 @@
return 1
}
+get_index()
+{
+ local file="${1}"
+ local class="${2}"
+ local index
+
+ index="$(egrep "^${class}" "${file}" |awk '{ printf("%d %s\n", n++, $0); }'|grep required|awk '{ print $1 }')"
+ if [ -z "${index}" ]
+ then
+ index=0
+ fi
+
+ echo "${index}"
+}
+
+get_auth_index()
+{
+ get_index "${1}" "auth"
+}
+
+get_account_index()
+{
+ get_index "${1}" "account"
+}
+
+get_session_index()
+{
+ get_index "${1}" "session"
+}
+
+get_password_index()
+{
+ get_index "${1}" "password"
+}
+
pam_auth_isset()
{
do_pam_var_isset "${1}" "auth"
@@ -225,6 +260,11 @@
! pam_service_configured "${pam_file}" "${auth}"
then
__auth="-m "${auth}""
+ if echo "${auth}" | grep -q '^+'
+ then
+ local index="$(get_auth_index "${pam_file}")"
+ __auth="-m "$(echo "${auth}" | sed -E "s|^\+|+${index}|")""
+ fi
doconf=1
else
__auth=""
@@ -233,6 +273,11 @@
! pam_service_configured "${pam_file}" "${account}"
then
__account=" -m "${account}""
+ if echo "${account}" | grep -q '^+'
+ then
+ local index="$(get_account_index "${pam_file}")"
+ __account="-m "$(echo "${account}" | sed -E "s|^\+|+${index}|")""
+ fi
doconf=1
else
__account=""
@@ -241,6 +286,11 @@
! pam_service_configured "${pam_file}" "${session}"
then
__session="-m "${session}""
+ if echo "${session}" | grep -q '^+'
+ then
+ local index="$(get_session_index "${pam_file}")"
+ __session="-m "$(echo "${session}" | sed -E "s|^\+|+${index}|")""
+ fi
doconf=1
else
__session=""
@@ -249,6 +299,11 @@
! pam_service_configured "${pam_file}" "${password}"
then
__password="-m "${password}""
+ if echo "${password}" | grep -q '^+'
+ then
+ local index="$(get_password_index "${pam_file}")"
+ __password="-m "$(echo "${password}" | sed -E "s|^\+|+${index}|")""
+ fi
doconf=1
else
__password=""
@@ -324,10 +379,10 @@
return 0
fi
- auth="+2auth:sufficient:${pam_winbind}:silent:try_first_pass:krb5_auth:krb5_ccache_type=FILE"
- account="+2account:sufficient:${pam_winbind}:krb5_auth:krb5_ccache_type=FILE"
+ auth="+auth:sufficient:${pam_winbind}:silent:try_first_pass:krb5_auth:krb5_ccache_type=FILE"
+ account="+account:sufficient:${pam_winbind}:krb5_auth:krb5_ccache_type=FILE"
session="+session:required:${pam_mkhomedir}"
- password="+0password:sufficient:${pam_winbind}:try_first_pass:krb5_auth:krb5_ccache_type=FILE"
+ password="+password:sufficient:${pam_winbind}:try_first_pass:krb5_auth:krb5_ccache_type=FILE"
do_pam_conf "${auth}" "${account}" "${session}" "${password}"
return $?
@@ -340,10 +395,10 @@
return 0
fi
- auth="+2auth:sufficient:${pam_ldap}:silent:no_warn:try_first_pass"
- account="+2account:sufficient:${pam_ldap}:ignore_authinfo_unavail"
+ auth="+auth:sufficient:${pam_ldap}:silent:no_warn:try_first_pass"
+ account="+account:sufficient:${pam_ldap}:ignore_authinfo_unavail"
session="+session:required:${pam_mkhomedir}"
- password="+0password:sufficient:${pam_ldap}:try_first_pass"
+ password="+password:sufficient:${pam_ldap}:try_first_pass"
do_pam_conf "${auth}" "${account}" "${session}" "${password}"
return $?
More information about the Commits
mailing list