Commit 78ba638f authored by Vitaly Lipatov's avatar Vitaly Lipatov

Add localuser PAM alternative helper

parent 41bffb6b
#!/bin/sh
# Install system-check-localuser-etersoft PAM alternative
# Creates it from system-check-localuser-systemd with UID threshold 65536 -> 500
# for SSSD domain users support
SRC=/etc/pam.d/system-check-localuser-systemd
DST=/etc/pam.d/system-check-localuser-etersoft
if [ ! -f "$SRC" ] ; then
echo "Source file $SRC not found" >&2
exit 1
fi
if [ -f "$DST" ] ; then
echo "$DST already exists, skipping creation"
else
sed 's/uid >= 65536/uid >= 500/g; s/UID >= 65536/UID >= 500/g; s/UID < 65536/UID < 500/g; s/Systemd dynamic mode/Etersoft domain mode/; s/systemd dynamic users (not in/SSSD domain users (not in/; s/systemd dynamic users/dynamic users/' "$SRC" > "$DST"
echo "Created $DST"
fi
control system-check-localuser etersoft
echo "Switched system-check-localuser to etersoft"
......@@ -226,6 +226,9 @@ kdestroy
case $(epm print info -d) in
ALTLinux)
control system-auth sss
# Install etersoft alternative for system-check-localuser (UID >= 500 for SSSD)
SCRIPTDIR="$(dirname "$(readlink -f "$0")")"
sh "$SCRIPTDIR/install-localuser-etersoft.sh" || fatal "Failed to install system-check-localuser-etersoft"
# TODO: use common domain groups
# TODO: check libnss-role version
epm assure rolelst libnss-role
......@@ -256,4 +259,3 @@ subst "s|^#\( *\)GSSAPIDelegateCredentials no|\1GSSAPIDelegateCredentials yes|"
echo "Done. Don't bother about DNS errors above"
echo "Check https://www.altlinux.org/SSSD/AD for detailed description."
exit
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment