summaryrefslogtreecommitdiffstats
path: root/src/ldap.cpp
diff options
context:
space:
mode:
authorTimothy Pearson <[email protected]>2012-05-21 00:54:46 -0500
committerTimothy Pearson <[email protected]>2012-05-21 00:54:46 -0500
commitbb72c681df66c174f16ed8a1a3502a9892034ef2 (patch)
tree333dc3fac07ec5ebd02a88bbe8962c376f201fa9 /src/ldap.cpp
parent44db1b5fafa7e3ff64411b48214961da8d553138 (diff)
downloadkcmldap-bb72c681df66c174f16ed8a1a3502a9892034ef2.tar.gz
kcmldap-bb72c681df66c174f16ed8a1a3502a9892034ef2.zip
Add pam file writing and clean up a bit
Diffstat (limited to 'src/ldap.cpp')
-rw-r--r--src/ldap.cpp40
1 files changed, 38 insertions, 2 deletions
diff --git a/src/ldap.cpp b/src/ldap.cpp
index 5834407..31b2b0c 100644
--- a/src/ldap.cpp
+++ b/src/ldap.cpp
@@ -56,6 +56,9 @@
#define KRB5_FILE "/etc/krb5.conf"
#define LDAP_FILE "/etc/ldap.conf"
#define NSSWITCH_FILE "/etc/nsswitch.conf"
+#define PAMD_DIRECTORY "/etc/pam.d/"
+#define PAMD_COMMON_ACCOUNT "common-account"
+#define PAMD_COMMON_AUTH "common-auth"
#define DEFAULT_IGNORED_USERS_LIST "avahi,avahi-autoipd,backup,bin,colord,daemon,games,gnats,haldaemon,hplip,irc,klog,landscape,libuuid,list,lp,mail,man,messagebus,news,ntp,polkituser,postfix,proxy,pulse,root,rtkit,saned,sshd,statd,sync,sys,syslog,timidity,usbmux,uucp,www-data"
typedef KGenericFactory<LDAPConfig, TQWidget> ldapFactory;
@@ -340,6 +343,8 @@ void LDAPConfig::save() {
writeLDAPConfFile();
// Write the NSSwitch configuration file
writeNSSwitchFile();
+ // Write the PAM configuration files
+ writePAMFiles();
}
load();
@@ -683,8 +688,6 @@ void LDAPConfig::writeNSSwitchFile() {
if (file.open(IO_WriteOnly)) {
TQTextStream stream( &file );
- LDAPRealmConfig realmcfg = m_realms[m_defaultRealm];
-
stream << "# This file was automatically generated by TDE\n";
stream << "# All changes will be lost!\n";
stream << "\n";
@@ -706,6 +709,39 @@ void LDAPConfig::writeNSSwitchFile() {
}
}
+void LDAPConfig::writePAMFiles() {
+ TQFile file(PAMD_DIRECTORY PAMD_COMMON_ACCOUNT);
+ if (file.open(IO_WriteOnly)) {
+ TQTextStream stream( &file );
+
+ stream << "# This file was automatically generated by TDE\n";
+ stream << "# All changes will be lost!\n";
+ stream << "\n";
+ stream << "account sufficient pam_unix.so nullok_secure" << "\n";
+ stream << "account sufficient pam_ldap.so" << "\n";
+ stream << "account required pam_permit.so" << "\n";
+
+ file.close();
+ }
+
+ TQFile file2(PAMD_DIRECTORY PAMD_COMMON_AUTH);
+ if (file2.open(IO_WriteOnly)) {
+ TQTextStream stream( &file2 );
+
+ stream << "# This file was automatically generated by TDE\n";
+ stream << "# All changes will be lost!\n";
+ stream << "\n";
+ stream << "auth [default=ignore success=ignore] pam_mount.so" << "\n";
+ stream << "auth sufficient pam_unix.so nullok try_first_pass" << "\n";
+ stream << "auth [default=ignore success=1 service_err=reset] pam_krb5.so ccache=/tmp/krb5cc_%u use_first_pass" << "\n";
+ stream << "auth [default=die success=done] pam_ccreds.so action=validate use_first_pass" << "\n";
+ stream << "auth sufficient pam_ccreds.so action=store use_first_pass" << "\n";
+ stream << "auth required pam_deny.so" << "\n";
+
+ file2.close();
+ }
+}
+
int LDAPConfig::buttons() {
return KCModule::Apply|KCModule::Help;
}