[PC-BSD Commits] r19412 - pcbsd/current/src-sh/pc-adctl/scripts

svn at pcbsd.org svn at pcbsd.org
Wed Sep 19 17:34:40 PDT 2012


Author: johnh
Date: 2012-09-20 00:34:40 +0000 (Thu, 20 Sep 2012)
New Revision: 19412

Modified:
   pcbsd/current/src-sh/pc-adctl/scripts/pc-pam
Log:
Attempt to place pam modules in the correct place.



Modified: pcbsd/current/src-sh/pc-adctl/scripts/pc-pam
===================================================================
--- pcbsd/current/src-sh/pc-adctl/scripts/pc-pam	2012-09-20 00:34:07 UTC (rev 19411)
+++ pcbsd/current/src-sh/pc-adctl/scripts/pc-pam	2012-09-20 00:34:40 UTC (rev 19412)
@@ -140,6 +140,41 @@
 	return 1
 }
 
+get_index()
+{
+	local file="${1}"
+	local class="${2}"
+	local index
+
+	index="$(egrep "^${class}" "${file}" |awk '{ printf("%d %s\n", n++, $0); }'|grep required|awk '{ print $1 }')"
+	if [ -z "${index}" ]
+	then
+		index=0
+	fi
+
+	echo "${index}"
+}
+
+get_auth_index()
+{
+	get_index "${1}" "auth"
+}
+
+get_account_index()
+{
+	get_index "${1}" "account"
+}
+
+get_session_index()
+{
+	get_index "${1}" "session"
+}
+
+get_password_index()
+{
+	get_index "${1}" "password"
+}
+
 pam_auth_isset()
 {
 	do_pam_var_isset "${1}" "auth"
@@ -225,6 +260,11 @@
 					! pam_service_configured "${pam_file}" "${auth}"
 				then
 					__auth="-m "${auth}""
+					if echo "${auth}" | grep -q '^+'
+					then
+						local index="$(get_auth_index "${pam_file}")"
+						__auth="-m "$(echo "${auth}" | sed -E "s|^\+|+${index}|")""
+					fi
 					doconf=1
 				else
 					__auth=""
@@ -233,6 +273,11 @@
 					! pam_service_configured "${pam_file}" "${account}"
 				then
 					__account=" -m "${account}""
+					if echo "${account}" | grep -q '^+'
+					then
+						local index="$(get_account_index "${pam_file}")"
+						__account="-m "$(echo "${account}" | sed -E "s|^\+|+${index}|")""
+					fi
 					doconf=1
 				else
 					__account=""
@@ -241,6 +286,11 @@
 					! pam_service_configured "${pam_file}" "${session}"
 				then
 					__session="-m "${session}""
+					if echo "${session}" | grep -q '^+'
+					then
+						local index="$(get_session_index "${pam_file}")"
+						__session="-m "$(echo "${session}" | sed -E "s|^\+|+${index}|")""
+					fi
 					doconf=1
 				else
 					__session=""
@@ -249,6 +299,11 @@
 					! pam_service_configured "${pam_file}" "${password}"
 				then
 					__password="-m "${password}""
+					if echo "${password}" | grep -q '^+'
+					then
+						local index="$(get_password_index "${pam_file}")"
+						__password="-m "$(echo "${password}" | sed -E "s|^\+|+${index}|")""
+					fi
 					doconf=1
 				else
 					__password=""
@@ -324,10 +379,10 @@
 			return 0
 		fi
 
-		auth="+2auth:sufficient:${pam_winbind}:silent:try_first_pass:krb5_auth:krb5_ccache_type=FILE"
-		account="+2account:sufficient:${pam_winbind}:krb5_auth:krb5_ccache_type=FILE"
+		auth="+auth:sufficient:${pam_winbind}:silent:try_first_pass:krb5_auth:krb5_ccache_type=FILE"
+		account="+account:sufficient:${pam_winbind}:krb5_auth:krb5_ccache_type=FILE"
 		session="+session:required:${pam_mkhomedir}"
-		password="+0password:sufficient:${pam_winbind}:try_first_pass:krb5_auth:krb5_ccache_type=FILE"
+		password="+password:sufficient:${pam_winbind}:try_first_pass:krb5_auth:krb5_ccache_type=FILE"
 
 		do_pam_conf "${auth}" "${account}" "${session}" "${password}"
 		return $?
@@ -340,10 +395,10 @@
 			return 0
 		fi
 
-		auth="+2auth:sufficient:${pam_ldap}:silent:no_warn:try_first_pass"
-		account="+2account:sufficient:${pam_ldap}:ignore_authinfo_unavail"
+		auth="+auth:sufficient:${pam_ldap}:silent:no_warn:try_first_pass"
+		account="+account:sufficient:${pam_ldap}:ignore_authinfo_unavail"
 		session="+session:required:${pam_mkhomedir}"
-		password="+0password:sufficient:${pam_ldap}:try_first_pass"
+		password="+password:sufficient:${pam_ldap}:try_first_pass"
 
 		do_pam_conf "${auth}" "${account}" "${session}" "${password}"
 		return $?



More information about the Commits mailing list