1 |
# $Header: /home/cvsd/alx-cvs/alx-src/tinyalxconfig-ng/functions/config_auth.sh,v 1.2 2008-06-04 19:36:18 niro Exp $ |
# $Header: /home/cvsd/alx-cvs/alx-src/tinyalxconfig-ng/functions/config_auth.sh,v 1.3 2008-06-05 20:39:40 niro Exp $ |
2 |
# configures the system authentification via mysql db settings |
# configures the system authentification via mysql db settings |
3 |
|
|
4 |
get_auth_settings() |
set_shadow_pass() |
5 |
{ |
{ |
6 |
local x i all count |
local user="$1" |
7 |
|
local pass="$2" |
8 |
|
[[ -z ${user} ]] && return 1 |
9 |
|
[[ -z ${pass} ]] && return 1 |
10 |
|
|
11 |
|
# NULL is forbidden too! |
12 |
|
[[ ${pass} = NULL ]] && return 1 |
13 |
|
|
14 |
|
# update pass |
15 |
|
(echo "${pass}"; sleep 1; echo "${pass}") | passwd ${user} &> /dev/null |
16 |
|
return 0 |
17 |
|
} |
18 |
|
|
19 |
|
set_vnc_pass() |
20 |
|
{ |
21 |
|
local user="$1" |
22 |
|
local pass="$2" |
23 |
|
|
24 |
|
[[ -z ${user} ]] && return 1 |
25 |
|
[[ -z ${pass} ]] && return 1 |
26 |
|
|
27 |
|
# NULL is forbidden too! |
28 |
|
[[ ${pass} = NULL ]] && return 1 |
29 |
|
|
30 |
# get settings from database |
local homedir=/home/${user} |
31 |
ALX_AUTH_SHELL_PW=$(mysqldo "select shell from client_auth where serial='${ALX_SERIAL}'") |
[[ ${user} = root ]] && homedir=/${user} |
32 |
ALX_AUTH_VNC_PW=$(mysqldo "select vnc from client_auth where serial='${ALX_SERIAL}'") |
|
33 |
# ALX_AUTH_SAMBA_PW=$(mysqldo "select samba from client_auth where serial='${ALX_SERIAL}'") |
# pipe it 2x; 1st for new pw, 2nd to validate |
34 |
ALX_AUTH_STATION_PW=$(mysqldo "select station from client_auth where serial='${ALX_SERIAL}'") |
HOME="${homedir}" vncpasswd &> /dev/null << EOF |
35 |
|
${pass} |
36 |
export ALX_AUTH_SHELL_PW |
${pass} |
37 |
export ALX_AUTH_VNC_PW |
EOF |
|
# export ALX_AUTH_SAMBA_PW |
|
|
export ALX_AUTH_STATION_PW |
|
38 |
} |
} |
39 |
|
|
40 |
config_auth() |
config_auth() |
41 |
{ |
{ |
42 |
# first of all get the vars |
# first of all get the vars |
43 |
get_auth_settings |
evaluate_table client_auth |
|
|
|
|
[ -n "${ALX_AUTH_SHELL_PW}" ] && \ |
|
|
usermod -p $(openssl passwd -1 ${ALX_AUTH_SHELL_PW}) root |
|
|
|
|
|
[ -n "${ALX_AUTH_STATION_PW}" ] && \ |
|
|
usermod -p $(openssl passwd -1 ${ALX_AUTH_SHELL_PW}) ${ALX_UNPRIV_USER} |
|
44 |
|
|
45 |
# if [ -n "${ALX_AUTH_SAMBA_PW}" ] |
set_shadow_pass root "${client_auth_shell}" |
46 |
# then |
set_shadow_pass "${ALX_UNPRIV_USER}" "${client_auth_station}" |
|
# # >smb3 smbpasswd -a user password does not work anymore |
|
|
# if [[ $(smbd --version | cut -d' ' -f2) > 2.999 ]] |
|
|
# then |
|
|
# smbpasswd -a root -s << EOF |
|
|
# ${ALX_AUTH_SAMBA_PW} |
|
|
# ${ALX_AUTH_SAMBA_PW} |
|
|
# EOF |
|
|
# else |
|
|
# smbpasswd -a root ${ALX_AUTH_SAMBA_PW} |
|
|
# fi |
|
|
# fi |
|
47 |
|
|
48 |
# vnc passwd (min 6 chars) |
# vnc passwd (min 6 chars) |
49 |
if [ -n "${ALX_AUTH_VNC_PW}" ] |
set_vnc_pass root "${client_auth_vnc}" |
|
then |
|
|
# pipe it 2x; 1st for new pw, 2nd to validate |
|
|
HOME=/root vncpasswd &> /dev/null << EOF |
|
|
${ALX_AUTH_VNC_PW} |
|
|
${ALX_AUTH_VNC_PW} |
|
|
EOF |
|
|
fi |
|
|
|
|
|
# unset vars |
|
|
unset ALX_AUTH_SHELL_PW |
|
|
unset ALX_AUTH_VNC_PW |
|
|
unset ALX_AUTH_SAMBA_PW |
|
|
unset ALX_AUTH_STATION_PW |
|
50 |
} |
} |