[debian-lan-devel] [SCM] Debian-LAN development and packaging branch, master, updated. debian/0.11-8-g8ac4b3e

Andreas B. Mundt andi at debian.org
Mon May 27 08:13:13 UTC 2013 

The following commit has been merged in the master branch:
commit 8ac4b3e91665ee8090a3066fb11893ab7fd4103f
Author: Andreas B. Mundt <andi at debian.org>
Date:   Mon May 27 09:40:24 2013 +0200

    Clean 'pam_script_auth'.

diff --git a/fai/config/files/usr/share/libpam-script/pam_script_auth/DISKLESS_CLIENT b/fai/config/files/usr/share/libpam-script/pam_script_auth/DISKLESS_CLIENT
index d1cc49f..e51e38b 100755
--- a/fai/config/files/usr/share/libpam-script/pam_script_auth/DISKLESS_CLIENT
+++ b/fai/config/files/usr/share/libpam-script/pam_script_auth/DISKLESS_CLIENT
@@ -7,11 +7,9 @@ set -e
 
 FILE="/tmp/krb5cc_diskless"
 
-if [ "$PAM_USER" = "root" ] || [ -e /etc/krb5.keytab ] || [ -e $FILE ] ; then
-    exit 0
+if [ "$PAM_USER" != "root" ] && [ ! -e /etc/krb5.keytab ] && [ ! -e $FILE ] ; then
+    cp -v /tmp/krb5cc_pam_* $FILE
+    /etc/init.d/autofs restart > /dev/null
 fi
 
-cp -v /tmp/krb5cc_pam_* $FILE
-/etc/init.d/autofs restart > /dev/null
-
 exit 0
diff --git a/fai/config/files/usr/share/libpam-script/pam_script_auth/ROAMING b/fai/config/files/usr/share/libpam-script/pam_script_auth/ROAMING
index 7e41234..a848812 100755
--- a/fai/config/files/usr/share/libpam-script/pam_script_auth/ROAMING
+++ b/fai/config/files/usr/share/libpam-script/pam_script_auth/ROAMING
@@ -14,19 +14,20 @@ HOMEDIR=$(getent passwd "$PAM_USER" | cut -d : -f 6 | sed "s:$NFSHOMES:/home/:")
 if [ "$PAM_USER" = "root" ] ; then
     exit 0
 elif [ -n "$HOMEDIR" ] && [ ! -d "$HOMEDIR" ] ; then
-    ## Create local home directory:
+    ## Create local home directory if it does not exist:
     umask 0022
     mkdir -p $(dirname "$HOMEDIR")
     cp -pR /etc/skel "$HOMEDIR"
     chmod 750 "$HOMEDIR"
     chown -R $PAM_USER:$PAM_USER "$HOMEDIR"
     echo "Successfully created off-line home directory '$HOMEDIR' for user '$PAM_USER'."
-elif [ -e /etc/krb5.keytab ] || [ -e "$FILE" ] ; then
-    exit 0
 fi
 
-ID=$(id -u "$PAM_USER")
-cp -v /tmp/krb5cc_${ID}_* $FILE
-/etc/init.d/autofs restart > /dev/null
+#  Use Kerberos key as machine key if machine key is unavailable:
+if [ ! -e /etc/krb5.keytab ] && [ ! -e "$FILE" ] ; then
+    ID=$(id -u "$PAM_USER")
+    cp -v /tmp/krb5cc_${ID}_* $FILE
+    /etc/init.d/autofs restart > /dev/null
+fi
 
 exit 0

-- 
Debian-LAN development and packaging

More information about the debian-lan-devel mailing list