From bb72c681df66c174f16ed8a1a3502a9892034ef2 Mon Sep 17 00:00:00 2001 From: Timothy Pearson Date: Mon, 21 May 2012 00:54:46 -0500 Subject: Add pam file writing and clean up a bit --- src/bondwizard.cpp | 6 +++--- src/ldap.cpp | 40 ++++++++++++++++++++++++++++++++++++++-- src/ldap.h | 1 + src/ldappasswddlg.cpp | 2 -- 4 files changed, 42 insertions(+), 7 deletions(-) diff --git a/src/bondwizard.cpp b/src/bondwizard.cpp index 03ca5a6..d9a36c2 100644 --- a/src/bondwizard.cpp +++ b/src/bondwizard.cpp @@ -188,12 +188,12 @@ void BondWizard::closeEvent(TQCloseEvent* e){ /** maybe call a dialog that the wizard has finished. */ void BondWizard::accept(){ // Try to bond - if (m_ldapConfig->bondRealm(m_finalRealm, finishpage->ldapAdminUsername->text(), finishpage->ldapAdminPassword->password(), finishpage->ldapAdminRealm->text()) == 0) { + TQString errorString; + if (m_ldapConfig->bondRealm(m_finalRealm, finishpage->ldapAdminUsername->text(), finishpage->ldapAdminPassword->password(), finishpage->ldapAdminRealm->text(), &errorString) == 0) { done(0); } else { - KMessageBox::error(this, i18n("Unable to bond to realm!

RAJA ERRORSTR"), i18n("Unable to Bond to Realm")); - // RAJA FIXME + KMessageBox::error(this, i18n("Unable to bond to realm!

Details: %1").arg(errorString), i18n("Unable to Bond to Realm")); } } diff --git a/src/ldap.cpp b/src/ldap.cpp index 5834407..31b2b0c 100644 --- a/src/ldap.cpp +++ b/src/ldap.cpp @@ -56,6 +56,9 @@ #define KRB5_FILE "/etc/krb5.conf" #define LDAP_FILE "/etc/ldap.conf" #define NSSWITCH_FILE "/etc/nsswitch.conf" +#define PAMD_DIRECTORY "/etc/pam.d/" +#define PAMD_COMMON_ACCOUNT "common-account" +#define PAMD_COMMON_AUTH "common-auth" #define DEFAULT_IGNORED_USERS_LIST "avahi,avahi-autoipd,backup,bin,colord,daemon,games,gnats,haldaemon,hplip,irc,klog,landscape,libuuid,list,lp,mail,man,messagebus,news,ntp,polkituser,postfix,proxy,pulse,root,rtkit,saned,sshd,statd,sync,sys,syslog,timidity,usbmux,uucp,www-data" typedef KGenericFactory ldapFactory; @@ -340,6 +343,8 @@ void LDAPConfig::save() { writeLDAPConfFile(); // Write the NSSwitch configuration file writeNSSwitchFile(); + // Write the PAM configuration files + writePAMFiles(); } load(); @@ -683,8 +688,6 @@ void LDAPConfig::writeNSSwitchFile() { if (file.open(IO_WriteOnly)) { TQTextStream stream( &file ); - LDAPRealmConfig realmcfg = m_realms[m_defaultRealm]; - stream << "# This file was automatically generated by TDE\n"; stream << "# All changes will be lost!\n"; stream << "\n"; @@ -706,6 +709,39 @@ void LDAPConfig::writeNSSwitchFile() { } } +void LDAPConfig::writePAMFiles() { + TQFile file(PAMD_DIRECTORY PAMD_COMMON_ACCOUNT); + if (file.open(IO_WriteOnly)) { + TQTextStream stream( &file ); + + stream << "# This file was automatically generated by TDE\n"; + stream << "# All changes will be lost!\n"; + stream << "\n"; + stream << "account sufficient pam_unix.so nullok_secure" << "\n"; + stream << "account sufficient pam_ldap.so" << "\n"; + stream << "account required pam_permit.so" << "\n"; + + file.close(); + } + + TQFile file2(PAMD_DIRECTORY PAMD_COMMON_AUTH); + if (file2.open(IO_WriteOnly)) { + TQTextStream stream( &file2 ); + + stream << "# This file was automatically generated by TDE\n"; + stream << "# All changes will be lost!\n"; + stream << "\n"; + stream << "auth [default=ignore success=ignore] pam_mount.so" << "\n"; + stream << "auth sufficient pam_unix.so nullok try_first_pass" << "\n"; + stream << "auth [default=ignore success=1 service_err=reset] pam_krb5.so ccache=/tmp/krb5cc_%u use_first_pass" << "\n"; + stream << "auth [default=die success=done] pam_ccreds.so action=validate use_first_pass" << "\n"; + stream << "auth sufficient pam_ccreds.so action=store use_first_pass" << "\n"; + stream << "auth required pam_deny.so" << "\n"; + + file2.close(); + } +} + int LDAPConfig::buttons() { return KCModule::Apply|KCModule::Help; } diff --git a/src/ldap.h b/src/ldap.h index d451774..38d576c 100644 --- a/src/ldap.h +++ b/src/ldap.h @@ -94,6 +94,7 @@ class LDAPConfig: public KCModule void writeKrb5ConfFile(); void writeLDAPConfFile(); void writeNSSwitchFile(); + void writePAMFiles(); private: KAboutData *myAboutData; diff --git a/src/ldappasswddlg.cpp b/src/ldappasswddlg.cpp index 7ddba14..03d4dcd 100644 --- a/src/ldappasswddlg.cpp +++ b/src/ldappasswddlg.cpp @@ -43,8 +43,6 @@ LDAPPasswordDialog::LDAPPasswordDialog(TQWidget* parent, const char* name) } void LDAPPasswordDialog::slotOk() { - // RAJA FIXME - accept(); } -- cgit v1.2.1