diff options
| author | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2012-05-21 00:54:46 -0500 | 
|---|---|---|
| committer | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2012-05-21 00:54:46 -0500 | 
| commit | bb72c681df66c174f16ed8a1a3502a9892034ef2 (patch) | |
| tree | 333dc3fac07ec5ebd02a88bbe8962c376f201fa9 /src/ldap.cpp | |
| parent | 44db1b5fafa7e3ff64411b48214961da8d553138 (diff) | |
| download | kcmldap-bb72c681df66c174f16ed8a1a3502a9892034ef2.tar.gz kcmldap-bb72c681df66c174f16ed8a1a3502a9892034ef2.zip | |
Add pam file writing and clean up a bit
Diffstat (limited to 'src/ldap.cpp')
| -rw-r--r-- | src/ldap.cpp | 40 | 
1 files changed, 38 insertions, 2 deletions
| diff --git a/src/ldap.cpp b/src/ldap.cpp index 5834407..31b2b0c 100644 --- a/src/ldap.cpp +++ b/src/ldap.cpp @@ -56,6 +56,9 @@  #define KRB5_FILE "/etc/krb5.conf"  #define LDAP_FILE "/etc/ldap.conf"  #define NSSWITCH_FILE "/etc/nsswitch.conf" +#define PAMD_DIRECTORY "/etc/pam.d/" +#define PAMD_COMMON_ACCOUNT "common-account" +#define PAMD_COMMON_AUTH "common-auth"  #define DEFAULT_IGNORED_USERS_LIST "avahi,avahi-autoipd,backup,bin,colord,daemon,games,gnats,haldaemon,hplip,irc,klog,landscape,libuuid,list,lp,mail,man,messagebus,news,ntp,polkituser,postfix,proxy,pulse,root,rtkit,saned,sshd,statd,sync,sys,syslog,timidity,usbmux,uucp,www-data"  typedef KGenericFactory<LDAPConfig, TQWidget> ldapFactory; @@ -340,6 +343,8 @@ void LDAPConfig::save() {  		writeLDAPConfFile();  		// Write the NSSwitch configuration file  		writeNSSwitchFile(); +		// Write the PAM configuration files +		writePAMFiles();  	}  	load(); @@ -683,8 +688,6 @@ void LDAPConfig::writeNSSwitchFile() {  	if (file.open(IO_WriteOnly)) {  		TQTextStream stream( &file ); -		LDAPRealmConfig realmcfg = m_realms[m_defaultRealm]; -  		stream << "# This file was automatically generated by TDE\n";  		stream << "# All changes will be lost!\n";  		stream << "\n"; @@ -706,6 +709,39 @@ void LDAPConfig::writeNSSwitchFile() {  	}  } +void LDAPConfig::writePAMFiles() { +	TQFile file(PAMD_DIRECTORY PAMD_COMMON_ACCOUNT); +	if (file.open(IO_WriteOnly)) { +		TQTextStream stream( &file ); + +		stream << "# This file was automatically generated by TDE\n"; +		stream << "# All changes will be lost!\n"; +		stream << "\n"; +		stream << "account sufficient pam_unix.so nullok_secure" << "\n"; +		stream << "account sufficient pam_ldap.so" << "\n"; +		stream << "account required pam_permit.so" << "\n"; + +		file.close(); +	} + +	TQFile file2(PAMD_DIRECTORY PAMD_COMMON_AUTH); +	if (file2.open(IO_WriteOnly)) { +		TQTextStream stream( &file2 ); + +		stream << "# This file was automatically generated by TDE\n"; +		stream << "# All changes will be lost!\n"; +		stream << "\n"; +		stream << "auth [default=ignore success=ignore] pam_mount.so" << "\n"; +		stream << "auth sufficient pam_unix.so nullok try_first_pass" << "\n"; +		stream << "auth [default=ignore success=1 service_err=reset] pam_krb5.so ccache=/tmp/krb5cc_%u use_first_pass" << "\n"; +		stream << "auth [default=die success=done] pam_ccreds.so action=validate use_first_pass" << "\n"; +		stream << "auth sufficient pam_ccreds.so action=store use_first_pass" << "\n"; +		stream << "auth required pam_deny.so" << "\n"; + +		file2.close(); +	} +} +  int LDAPConfig::buttons() {  	return KCModule::Apply|KCModule::Help;  } | 
