FreeNAS

Email Archive: freenas-commit (read-only)

2007:	_Jan	_Feb	_Mar	_Apr	_May	_Jun	_Jul (191)	_Aug (305)	_Sep (160)	_Oct (210)	_Nov (146)	_Dec (188)
2008:	_Jan (258)	_Feb (146)	_Mar (217)	_Apr (123)	_May (198)	_Jun (153)	_Jul (41)	_Aug (145)	_Sep (107)	_Oct (93)	_Nov (128)	_Dec (110)
2009:	_Jan (107)	_Feb (103)	_Mar (98)	_Apr (84)	_May (89)	_Jun (111)	_Jul (70)	_Aug (29)	_Sep (17)	_Oct (11)	_Nov (14)	_Dec (29)
2010:	_Jan (55)	_Feb (31)	_Mar (52)	_Apr (68)	_May (60)	_Jun (32)	_Jul (14)	_Aug (13)	_Sep (131)	_Oct (118)	_Nov (113)	_Dec (73)
2011:	_Jan (48)	_Feb (38)	_Mar (43)	_Apr (341)	_May (355)	_Jun (318)	_Jul (161)	_Aug (493)	_Sep (572)	_Oct (444)	_Nov (377)	_Dec (462)
2012:	_Jan (580)	_Feb (419)	_Mar (552)	_Apr (432)	_May (282)	_Jun (191)	_Jul (189)	_Aug (260)	_Sep (245)	_Oct (207)	_Nov (69)	_Dec (164)
2013:	_Jan (240)	_Feb (169)	_Mar (96)	_Apr	_May	_Jun	_Jul	_Aug	_Sep	_Oct	_Nov	_Dec

[Freenas-commit] SF.net SVN: freenas:[5990] trunk/nanobsd/Files/etc/rc.d/ix-pam

From: <jhixson@us...> - 2011-04-13 08:59

Revision: 5990
          http://freenas.svn.sourceforge.net/freenas/?rev=5990&view=rev
Author:   jhixson
Date:     2011-04-13 08:59:15 +0000 (Wed, 13 Apr 2011)

Log Message:
-----------
Modified to use pam_krb5 instead of pam_winbind which seems to be buggy and was sending SIGSEGV when being read from sshd.

Modified Paths:
--------------
    trunk/nanobsd/Files/etc/rc.d/ix-pam


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Freenas-commit] SF.net SVN: freenas:[12249] trunk/nanobsd/Files/etc/rc.d/ix-pam

From: <jhixson@us...> - 2012-08-30 21:04

Revision: 12249
          http://freenas.svn.sourceforge.net/freenas/?rev=12249&view=rev
Author:   jhixson
Date:     2012-08-30 21:04:11 +0000 (Thu, 30 Aug 2012)
Log Message:
-----------
Adding support for UNIX extensions in AD

Modified Paths:
--------------
    trunk/nanobsd/Files/etc/rc.d/ix-pam

Modified: trunk/nanobsd/Files/etc/rc.d/ix-pam
===================================================================
--- trunk/nanobsd/Files/etc/rc.d/ix-pam	2012-08-30 20:48:16 UTC (rev 12248)
+++ trunk/nanobsd/Files/etc/rc.d/ix-pam	2012-08-30 21:04:11 UTC (rev 12249)
@@ -18,6 +18,7 @@
 	local service="${1}"
 	local winbind="${2}"
 	local ldap="${3}"
+	local krb5="${4}"
 	local template
 	local temp
 	local file
@@ -31,14 +32,17 @@
 		return 1
 	fi
 
-	awk -v ldap="${ldap}" -v winbind="${winbind}" '{
+	awk -v ldap="${ldap}" -v winbind="${winbind}" -v krb5="${krb5}" '{
 		if (/^#.*@@LDAP@@/ && ldap) {
 			gsub("^#.*@@LDAP@...]+", "");
 			print $0;
 		} else if (/^#.*@@WINBIND@@/ && winbind) {
 			gsub("^#.*@@WINBIND@...]+", "");
 			print $0;
-		} else if (/^#.*@@MKHOMEDIR@@/ && (ldap || winbind)) {
+		} else if (/^#.*@@KRB5@@/ && krb5) {
+			gsub("^#.*@@KRB5@...]+", "");
+			print $0;
+		} else if (/^#.*@@MKHOMEDIR@@/ && (ldap || winbind || krb5)) {
 			gsub("^#.*@@MKHOMEDIR@...]+", "");
 			print $0;
 		} else if (/^#.*@@.*@@/) {
@@ -64,42 +68,40 @@
 generate_pam_files()
 {
 	local ldap=0
-	local winbind=0
+	local ad=0
+	local ad_unix=0
 
 	if [ ! -d "${PAM_TEMPLATE_DIR}" -o ! -d "${PAM_DIR}" ]
 	then
 		return 1
 	fi
 
-	while read line
-	do
-		local var=$(echo "${line}"|cut -s -f1 -d'|')
-		local val=$(echo "${line}"|cut -s -f2 -d'|')
+	if srv_enabled activedirectory
+	then
+		ad=1
+                ad_unix=$(${FREENAS_SQLITE_CMD} ${FREENAS_CONFIG} "
+                        SELECT
+                                ad_unix_extensions
+                        FROM
+                                services_activedirectory
+                        ORDER BY
+                                -id
+                        LIMIT 1
+                ")
+		if [ "${ad_unix}" = "1" ]
+		then
+			ad=0
+		fi
 
-		case "${var}" in
-			activedirectory) winbind="${val}" ;;
-			ldap) ldap="${val}" ;;
-		esac
+	elif srv_enabled ldap
+	then
+		ldap=1
+	fi
 
-	done <<EOF
-	$(${FREENAS_SQLITE_CMD} ${FREENAS_CONFIG} "
-	SELECT
-		srv_service,
-		srv_enable
 
-	FROM
-		services_services
-
-	WHERE
-		srv_service IN (
-			'ldap',
-			'activedirectory'
-	)")
-EOF
-
 	for service in $(ls "${PAM_TEMPLATE_DIR}")
 	do
-		generate_pam_service_file "${service}" "${winbind}" "${ldap}"
+		generate_pam_service_file "${service}" "${ad}" "${ldap}" "${ad_unix}"
 	done
 
 	return 0

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Freenas-commit] SF.net SVN: freenas:[12253] trunk/nanobsd/Files/etc/rc.d/ix-pam

From: <jhixson@us...> - 2012-08-30 22:10

Revision: 12253
          http://freenas.svn.sourceforge.net/freenas/?rev=12253&view=rev
Author:   jhixson
Date:     2012-08-30 22:10:49 +0000 (Thu, 30 Aug 2012)
Log Message:
-----------
Further pam modifications to support local logins as well as AD logins

Modified Paths:
--------------
    trunk/nanobsd/Files/etc/rc.d/ix-pam

Modified: trunk/nanobsd/Files/etc/rc.d/ix-pam
===================================================================
--- trunk/nanobsd/Files/etc/rc.d/ix-pam	2012-08-30 21:58:42 UTC (rev 12252)
+++ trunk/nanobsd/Files/etc/rc.d/ix-pam	2012-08-30 22:10:49 UTC (rev 12253)
@@ -91,6 +91,7 @@
 		if [ "${ad_unix}" = "1" ]
 		then
 			ad=0
+			ldap=1
 		fi
 
 	elif srv_enabled ldap

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Freenas-commit] SF.net SVN: freenas:[13241] trunk/nanobsd/Files/etc/rc.d/ix-pam

From: <jhixson@us...> - 2013-02-02 05:23

Revision: 13241
          http://freenas.svn.sourceforge.net/freenas/?rev=13241&view=rev
Author:   jhixson
Date:     2013-02-02 05:23:02 +0000 (Sat, 02 Feb 2013)
Log Message:
-----------
pam file bug for ldap... yuck. Left in a -v and it broke pam.

Modified Paths:
--------------
    trunk/nanobsd/Files/etc/rc.d/ix-pam

Modified: trunk/nanobsd/Files/etc/rc.d/ix-pam
===================================================================
--- trunk/nanobsd/Files/etc/rc.d/ix-pam	2013-02-02 01:58:09 UTC (rev 13240)
+++ trunk/nanobsd/Files/etc/rc.d/ix-pam	2013-02-02 05:23:02 UTC (rev 13241)
@@ -103,7 +103,7 @@
 	local temp="/tmp/.tmp.${service}"
 	local file="${PAM_DIR}/${service}"
 
-	awk -v '{
+	awk '{
 		if (/^#.*@@LDAP@@/) {
 			gsub("^#.*@@LDAP@...]+", "");
 			print $0;

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Freenas-commit] SF.net SVN: freenas:[13247] trunk/nanobsd/Files/etc/rc.d/ix-pam

From: <jhixson@us...> - 2013-02-02 06:35

Revision: 13247
          http://freenas.svn.sourceforge.net/freenas/?rev=13247&view=rev
Author:   jhixson
Date:     2013-02-02 06:35:36 +0000 (Sat, 02 Feb 2013)
Log Message:
-----------
Give pam the ability to be turned "off"

Modified Paths:
--------------
    trunk/nanobsd/Files/etc/rc.d/ix-pam

Modified: trunk/nanobsd/Files/etc/rc.d/ix-pam
===================================================================
--- trunk/nanobsd/Files/etc/rc.d/ix-pam	2013-02-02 06:17:19 UTC (rev 13246)
+++ trunk/nanobsd/Files/etc/rc.d/ix-pam	2013-02-02 06:35:36 UTC (rev 13247)
@@ -13,6 +13,33 @@
 : ${PAM_TEMPLATE_DIR:="/etc/ix/templates/pam.d"}
 : ${PAM_DIR:="/etc/pam.d"}
 
+pam_file()
+{
+	local service="${1}"
+	local template="${PAM_TEMPLATE_DIR}/${service}"
+	local temp="/tmp/.tmp.${service}"
+	local file="${PAM_DIR}/${service}"
+
+	awk '{
+		if (/^#.*@@.*@@/) {
+		} else {
+			print $0;
+		}
+	}' < "${template}" > "${temp}"
+
+	if [ -f "${temp}" ]
+	then
+		mv "${temp}" "${file}" >/dev/null 2>&1
+		if [ "$?" != "0" ]
+		then
+			rm -f "${temp}"
+			return 1
+		fi
+	fi
+
+	return 0
+}
+
 pam_nt4_file()
 {
 	local service="${1}"
@@ -131,9 +158,10 @@
 
 generate_pam_files()
 {
-	local ldap=0
-	local winbind=0
-	local ad_unix=0
+	local ad="${1}"
+	local nt4="${2}"
+	local ldap="${3}"
+	local nis="${4}"
 
 	if [ ! -d "${PAM_TEMPLATE_DIR}" -o ! -d "${PAM_DIR}" ]
 	then
@@ -148,45 +176,86 @@
 			continue
 		fi
 
-		if dirsrv_enabled nt4
+		if [ "${nt4}" = "1" ]
 		then
 			pam_nt4_file "${service}"
 
-		elif dirsrv_enabled activedirectory
+		elif [ -n "${ad}" -a "${ad}" != "0" ]
 		then
-			winbind=1
-                	ad_unix=$(${FREENAS_SQLITE_CMD} ${FREENAS_CONFIG} "
-			SELECT
-				ad_unix_extensions
-			FROM
-				services_activedirectory
-			ORDER BY
-				-id
-			LIMIT 1
-			")
-			if [ "${ad_unix}" = "1" ]
+			local winbind=1
+
+			if [ "${ad}" = "2" ]
 			then
 				winbind=0
 				ldap=1
 			fi
+
 			pam_activedirectory_file "${service}" "${winbind}" "${ldap}"
 
-		elif dirsrv_enabled nis
+		elif [ "${nis}" = "1" ]
 		then
-			pam_nis_file "${service}"
+			pam_file "${service}"
 
-		elif dirsrv_enabled ldap
+		elif [ "${ldap}" = "1" ]
 		then
 			pam_ldap_file "${service}"
+
+		else
+			pam_file "${service}"
 		fi
 	done
 
 	return 0
 }
 
+pam_start()
+{
+	local ad=0
+	local nt4=0
+	local ldap=0
+	local nis=0
+
+	if dirsrv_enabled activedirectory
+	then
+		ad=1
+               	ad_unix=$(${FREENAS_SQLITE_CMD} ${FREENAS_CONFIG} "
+		SELECT
+			ad_unix_extensions
+		FROM
+			services_activedirectory
+		ORDER BY
+			-id
+		LIMIT 1
+		")
+		if [ "${ad_unix}" = "1" ]
+		then
+			ad=2
+		fi
+
+	elif dirsrv_enabled nt4
+	then
+		nt4=1
+
+	elif dirsrv_enabled ldap
+	then
+		ldap=1
+
+	elif dirsrv_enabled nis
+	then
+		nis=1
+	fi
+
+	generate_pam_files "${ad}" "${nt4}" "${ldap}" "${nis}"
+}
+
+pam_stop()
+{
+	generate_pam_files
+}
+
 name="ix-pam"
-start_cmd='generate_pam_files'
-stop_cmd=':'
+start_cmd='pam_start'
+stop_cmd='pam_stop'
         
 load_rc_config $name
 run_rc_command "$1"

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.