/[smeserver]/rpms/e-smith-base/sme8/e-smith-base-5.2.0-ldap-auth.patch
ViewVC logotype

Annotation of /rpms/e-smith-base/sme8/e-smith-base-5.2.0-ldap-auth.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.2 - (hide annotations) (download)
Wed Nov 3 14:00:42 2010 UTC (14 years ago) by slords
Branch: MAIN
CVS Tags: e-smith-base-5_2_0-67_el5_sme, e-smith-base-5_2_0-71_el5_sme, e-smith-base-5_2_0-52_el5_sme, e-smith-base-5_2_0-51_el5_sme, e-smith-base-5_2_0-53_el5_sme, e-smith-base-5_2_0-68_el5_sme, e-smith-base-5_2_0-77_el5_sme, e-smith-base-5_2_0-59_el5_sme, e-smith-base-5_2_0-56_el5_sme, e-smith-base-5_2_0-55_el5_sme, e-smith-base-5_2_0-78_el5_sme, e-smith-base-5_2_0-86_el5_sme, e-smith-base-5_2_0-76_el5_sme, e-smith-base-5_2_0-84_el5_sme, e-smith-base-5_2_0-65_el5_sme, e-smith-base-5_2_0-88_el5_sme, e-smith-base-5_2_0-64_el5_sme, e-smith-base-5_2_0-47_el5_sme, e-smith-base-5_2_0-81_el5_sme, e-smith-base-5_2_0-82_el5_sme, e-smith-base-5_2_0-50_el5_sme, e-smith-base-5_2_0-57_el5_sme, e-smith-base-5_2_0-89_el5_sme, e-smith-base-5_2_0-49_el5_sme, e-smith-base-5_2_0-90_el5_sme, e-smith-base-5_2_0-48_el5_sme, e-smith-base-5_2_0-87_el5_sme, e-smith-base-5_2_0-80_el5_sme, e-smith-base-5_2_0-70_el5_sme, e-smith-base-5_2_0-66_el5_sme, e-smith-base-5_2_0-63_el5_sme, e-smith-base-5_2_0-61_el5_sme, e-smith-base-5_2_0-60_el5_sme, e-smith-base-5_2_0-58_el5_sme, e-smith-base-5_2_0-45_el5_sme, e-smith-base-5_2_0-46_el5_sme, e-smith-base-5_2_0-85_el5_sme, e-smith-base-5_2_0-69_el5_sme, e-smith-base-5_2_0-79_el5_sme, e-smith-base-5_2_0-72_el5_sme, e-smith-base-5_2_0-75_el5_sme, e-smith-base-5_2_0-73_el5_sme, e-smith-base-5_2_0-54_el5_sme, e-smith-base-5_2_0-43_el5_sme, e-smith-base-5_2_0-44_el5_sme, e-smith-base-5_2_0-62_el5_sme, e-smith-base-5_2_0-74_el5_sme, e-smith-base-5_2_0-83_el5_sme
Changes since 1.1: +2 -2 lines
* Wed Nov 3 2010 Shad L. Lords <slords@lordsfam.net 5.2.0-43.sme
- Make cpu calls critical only with ldap{Auth} is enabled [SME: 6330]
- Add cpu.conf and cpu-system.conf to post-upgrade event [SME: 6327]

1 slords 1.1 diff -up e-smith-base-5.2.0/root/etc/e-smith/templates/etc/nsswitch.conf/10files.ldap-auth e-smith-base-5.2.0/root/etc/e-smith/templates/etc/nsswitch.conf/10files
2     --- e-smith-base-5.2.0/root/etc/e-smith/templates/etc/nsswitch.conf/10files.ldap-auth 2005-11-20 21:28:07.000000000 -0700
3     +++ e-smith-base-5.2.0/root/etc/e-smith/templates/etc/nsswitch.conf/10files 2010-11-01 08:23:30.000000000 -0600
4     @@ -1,6 +1,6 @@
5     -passwd: files
6     -shadow: files
7     -group: files
8     +passwd: { ($ldap{Authentication} || 'disabled') eq 'enabled' ? 'files ldap' : 'files' }
9     +shadow: { ($ldap{Authentication} || 'disabled') eq 'enabled' ? 'files ldap' : 'files' }
10     +group: { ($ldap{Authentication} || 'disabled') eq 'enabled' ? 'files ldap' : 'files' }
11     hosts: { ($AccessType eq "off") ? "files" : "files dns" }
12     services: files
13     networks: files
14     diff -up e-smith-base-5.2.0/root/etc/e-smith/templates/etc/pam.d/system-auth/20auth.ldap-auth e-smith-base-5.2.0/root/etc/e-smith/templates/etc/pam.d/system-auth/20auth
15     --- e-smith-base-5.2.0/root/etc/e-smith/templates/etc/pam.d/system-auth/20auth.ldap-auth 2008-03-26 10:49:00.000000000 -0600
16     +++ e-smith-base-5.2.0/root/etc/e-smith/templates/etc/pam.d/system-auth/20auth 2010-11-01 08:31:11.000000000 -0600
17     @@ -10,5 +10,10 @@ auth required pam_env.so
18     $OUT .= "auth required pam_abl.so config=/etc/security/pam_abl.conf";
19     }
20     auth sufficient pam_unix.so likeauth nullok
21     +{
22     + my $status = $ldap{Authentication} || 'disabled';
23     + return unless $status eq 'enabled';
24     + $OUT .= "auth sufficient pam_ldap.so use_first_pass";
25     +}
26     auth required pam_deny.so
27    
28     diff -up e-smith-base-5.2.0/root/etc/e-smith/templates/etc/pam.d/system-auth/30account.ldap-auth e-smith-base-5.2.0/root/etc/e-smith/templates/etc/pam.d/system-auth/30account
29     --- e-smith-base-5.2.0/root/etc/e-smith/templates/etc/pam.d/system-auth/30account.ldap-auth 2008-03-26 10:49:00.000000000 -0600
30     +++ e-smith-base-5.2.0/root/etc/e-smith/templates/etc/pam.d/system-auth/30account 2010-11-01 08:27:52.000000000 -0600
31     @@ -1,5 +1,10 @@
32     account required pam_unix.so broken_shadow
33     account sufficient pam_succeed_if.so uid < 100 quiet
34     +{
35     + my $status = $ldap{Authentication} || 'disabled';
36     + return unless $status eq 'enabled';
37     + $OUT .= "account [default=bad success=ok user_unknown=ignore] pam_ldap.so";
38     +}
39     account required pam_permit.so
40     {
41     my $status = $pam_tally{status} || 'disabled';
42     diff -up e-smith-base-5.2.0/root/etc/e-smith/templates/etc/pam.d/system-auth/40password.ldap-auth e-smith-base-5.2.0/root/etc/e-smith/templates/etc/pam.d/system-auth/40password
43     --- e-smith-base-5.2.0/root/etc/e-smith/templates/etc/pam.d/system-auth/40password.ldap-auth 2008-03-26 10:49:00.000000000 -0600
44     +++ e-smith-base-5.2.0/root/etc/e-smith/templates/etc/pam.d/system-auth/40password 2010-11-01 08:30:37.000000000 -0600
45     @@ -1,3 +1,8 @@
46     password sufficient pam_unix.so nullok md5 shadow
47     +{
48     + my $status = $ldap{Authentication} || 'disabled';
49     + return unless $status eq 'enabled';
50     + $OUT .= "password sufficient pam_ldap.so use_authtok";
51     +}
52     password required pam_deny.so
53    
54     diff -up e-smith-base-5.2.0/root/etc/e-smith/templates/etc/pam.d/system-auth/50session.ldap-auth e-smith-base-5.2.0/root/etc/e-smith/templates/etc/pam.d/system-auth/50session
55     --- e-smith-base-5.2.0/root/etc/e-smith/templates/etc/pam.d/system-auth/50session.ldap-auth 2008-03-26 10:49:00.000000000 -0600
56     +++ e-smith-base-5.2.0/root/etc/e-smith/templates/etc/pam.d/system-auth/50session 2010-11-01 08:30:19.000000000 -0600
57     @@ -1,2 +1,7 @@
58     session required pam_limits.so
59     session required pam_unix.so
60     +{
61     + my $status = $ldap{Authentication} || 'disabled';
62     + return unless $status eq 'enabled';
63     + $OUT .= "session optional pam_ldap.so";
64     +}
65    
66     diff -up e-smith-base-5.2.0/createlinks.enable-cpu e-smith-base-5.2.0/createlinks
67     --- e-smith-base-5.2.0/createlinks.enable-cpu 2010-11-01 10:00:03.000000000 -0600
68     +++ e-smith-base-5.2.0/createlinks 2010-11-01 10:01:53.000000000 -0600
69 slords 1.2 @@ -316,7 +316,6 @@
70 slords 1.1 templates2events("/etc/smartd.conf", $event);
71     templates2events("/home/e-smith/ssl.pem/pem", $event);
72     event_link("rmmod-bonding", $event, "10");
73     -event_link("user-lock-passwd", $event, "15");
74     event_link("set-hostname", $event, "10");
75     event_link("conf-modules", $event, "30");
76     event_link("conf-startup", $event, "60");
77 slords 1.2 @@ -324,6 +323,14 @@
78 slords 1.1 event_link("init-reload", $event, "90");
79     event_link("reset-unsavedflag", $event, "95");
80    
81     +#--------------------------------------------------
82     +# actions for bootstrap-ldap-save
83     +#--------------------------------------------------
84     +$event = "bootstrap-ldap-save";
85     +
86     +templates2events("/etc/nsswitch.conf", $event);
87     +templates2events("/etc/pam.d/system-auth", $event);
88     +event_link("user-lock-passwd", $event, "15");
89    
90     #--------------------------------------------------
91     # actions for group-create event

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed