1 |
diff -Nur e-smith-base-5.4.0/createlinks e-smith-base-5.4.0-rename_nss_ldap_conf/createlinks |
2 |
--- e-smith-base-5.4.0/createlinks 2013-03-22 17:25:52.257769516 +0100 |
3 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/createlinks 2013-03-22 17:33:00.878484382 +0100 |
4 |
@@ -192,8 +192,8 @@ |
5 |
/etc/pam.d/system-auth |
6 |
/etc/pam.d/passwd |
7 |
/etc/pam.d/pwauth |
8 |
- /etc/ldap.conf |
9 |
- /etc/ldap.secret |
10 |
+ /etc/pam_ldap.conf |
11 |
+ /etc/pam_ldap.secret |
12 |
/etc/security/pam_abl.conf |
13 |
)) |
14 |
{ |
15 |
@@ -580,3 +580,5 @@ |
16 |
safe_symlink("/var/service/local" , 'root/service/local'); |
17 |
safe_touch("root/var/service/local/down"); |
18 |
|
19 |
+# no template headers for /etc/pam_ldap.secret |
20 |
+safe_touch("root/etc/e-smith/templates/etc/pam_ldap.secret/template-begin"); |
21 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/10ssl e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/10ssl |
22 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/10ssl 2013-01-31 16:52:03.000000000 +0100 |
23 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/10ssl 1970-01-01 01:00:00.000000000 +0100 |
24 |
@@ -1,2 +0,0 @@ |
25 |
-ssl no |
26 |
- |
27 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/20pam_password e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/20pam_password |
28 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/20pam_password 2013-01-31 16:52:03.000000000 +0100 |
29 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/20pam_password 1970-01-01 01:00:00.000000000 +0100 |
30 |
@@ -1,5 +0,0 @@ |
31 |
-pam_password exop |
32 |
-pam_filter objectclass=posixAccount |
33 |
-pam_login_attribute uid |
34 |
-pam_member_attribute memberuid |
35 |
- |
36 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/30host e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/30host |
37 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/30host 2013-01-31 16:52:03.000000000 +0100 |
38 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/30host 1970-01-01 01:00:00.000000000 +0100 |
39 |
@@ -1 +0,0 @@ |
40 |
-host localhost |
41 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/40base e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/40base |
42 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/40base 2013-01-31 16:52:03.000000000 +0100 |
43 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/40base 1970-01-01 01:00:00.000000000 +0100 |
44 |
@@ -1,3 +0,0 @@ |
45 |
-{ |
46 |
- $OUT .= "base " . esmith::util::ldapBase ($DomainName); |
47 |
-} |
48 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/40nss_base_group e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/40nss_base_group |
49 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/40nss_base_group 2013-01-31 16:52:03.000000000 +0100 |
50 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/40nss_base_group 1970-01-01 01:00:00.000000000 +0100 |
51 |
@@ -1,5 +0,0 @@ |
52 |
-{ |
53 |
- $OUT .= "nss_base_group ou=Groups,"; |
54 |
- $OUT .= esmith::util::ldapBase ($DomainName); |
55 |
- $OUT .= "?one\n"; |
56 |
-} |
57 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/40nss_base_passwd e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/40nss_base_passwd |
58 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/40nss_base_passwd 2013-01-31 16:52:03.000000000 +0100 |
59 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/40nss_base_passwd 1970-01-01 01:00:00.000000000 +0100 |
60 |
@@ -1,10 +0,0 @@ |
61 |
-{ |
62 |
- $OUT .= "nss_base_passwd ou=Users,"; |
63 |
- $OUT .= esmith::util::ldapBase ($DomainName); |
64 |
- $OUT .= '?one'; |
65 |
- $OUT .= "\n"; |
66 |
- $OUT .= "nss_base_passwd ou=Computers,"; |
67 |
- $OUT .= esmith::util::ldapBase ($DomainName); |
68 |
- $OUT .= '?one'; |
69 |
- $OUT .= "\n"; |
70 |
-} |
71 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/40nss_base_shadow e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/40nss_base_shadow |
72 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/40nss_base_shadow 2013-01-31 16:52:03.000000000 +0100 |
73 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/40nss_base_shadow 1970-01-01 01:00:00.000000000 +0100 |
74 |
@@ -1,10 +0,0 @@ |
75 |
-{ |
76 |
- $OUT .= "nss_base_shadow ou=Users,"; |
77 |
- $OUT .= esmith::util::ldapBase ($DomainName); |
78 |
- $OUT .= '?one'; |
79 |
- $OUT .= "\n"; |
80 |
- $OUT .= "nss_base_shadow ou=Computers,"; |
81 |
- $OUT .= esmith::util::ldapBase ($DomainName); |
82 |
- $OUT .= '?one'; |
83 |
- $OUT .= "\n"; |
84 |
-} |
85 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/45rootbinddn e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/45rootbinddn |
86 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/45rootbinddn 2013-01-31 16:52:03.000000000 +0100 |
87 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/45rootbinddn 1970-01-01 01:00:00.000000000 +0100 |
88 |
@@ -1,3 +0,0 @@ |
89 |
-{ |
90 |
- $OUT .= "rootbinddn cn=root," . esmith::util::ldapBase ($DomainName); |
91 |
-} |
92 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/55bind_policy e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/55bind_policy |
93 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/55bind_policy 2013-01-31 16:52:03.000000000 +0100 |
94 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/55bind_policy 1970-01-01 01:00:00.000000000 +0100 |
95 |
@@ -1,4 +0,0 @@ |
96 |
-{ |
97 |
-# Allow read /etc/{passwd,groups,shadow} files when ldap is down. |
98 |
-} |
99 |
-bind_policy soft |
100 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/60ignore_initgroups e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/60ignore_initgroups |
101 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.conf/60ignore_initgroups 2013-01-31 16:52:03.000000000 +0100 |
102 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.conf/60ignore_initgroups 1970-01-01 01:00:00.000000000 +0100 |
103 |
@@ -1 +0,0 @@ |
104 |
-nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,nscd,gdm |
105 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.secret/all e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.secret/all |
106 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/ldap.secret/all 2013-01-31 16:52:03.000000000 +0100 |
107 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/ldap.secret/all 1970-01-01 01:00:00.000000000 +0100 |
108 |
@@ -1 +0,0 @@ |
109 |
-{ esmith::util::LdapPassword (); } |
110 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/10ssl e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/10ssl |
111 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/10ssl 1970-01-01 01:00:00.000000000 +0100 |
112 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/10ssl 2013-01-31 16:52:03.000000000 +0100 |
113 |
@@ -0,0 +1,2 @@ |
114 |
+ssl no |
115 |
+ |
116 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/20pam_password e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/20pam_password |
117 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/20pam_password 1970-01-01 01:00:00.000000000 +0100 |
118 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/20pam_password 2013-01-31 16:52:03.000000000 +0100 |
119 |
@@ -0,0 +1,5 @@ |
120 |
+pam_password exop |
121 |
+pam_filter objectclass=posixAccount |
122 |
+pam_login_attribute uid |
123 |
+pam_member_attribute memberuid |
124 |
+ |
125 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/30host e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/30host |
126 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/30host 1970-01-01 01:00:00.000000000 +0100 |
127 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/30host 2013-01-31 16:52:03.000000000 +0100 |
128 |
@@ -0,0 +1 @@ |
129 |
+host localhost |
130 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/40base e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/40base |
131 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/40base 1970-01-01 01:00:00.000000000 +0100 |
132 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/40base 2013-01-31 16:52:03.000000000 +0100 |
133 |
@@ -0,0 +1,3 @@ |
134 |
+{ |
135 |
+ $OUT .= "base " . esmith::util::ldapBase ($DomainName); |
136 |
+} |
137 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_group e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_group |
138 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_group 1970-01-01 01:00:00.000000000 +0100 |
139 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_group 2013-01-31 16:52:03.000000000 +0100 |
140 |
@@ -0,0 +1,5 @@ |
141 |
+{ |
142 |
+ $OUT .= "nss_base_group ou=Groups,"; |
143 |
+ $OUT .= esmith::util::ldapBase ($DomainName); |
144 |
+ $OUT .= "?one\n"; |
145 |
+} |
146 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_passwd e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_passwd |
147 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_passwd 1970-01-01 01:00:00.000000000 +0100 |
148 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_passwd 2013-01-31 16:52:03.000000000 +0100 |
149 |
@@ -0,0 +1,10 @@ |
150 |
+{ |
151 |
+ $OUT .= "nss_base_passwd ou=Users,"; |
152 |
+ $OUT .= esmith::util::ldapBase ($DomainName); |
153 |
+ $OUT .= '?one'; |
154 |
+ $OUT .= "\n"; |
155 |
+ $OUT .= "nss_base_passwd ou=Computers,"; |
156 |
+ $OUT .= esmith::util::ldapBase ($DomainName); |
157 |
+ $OUT .= '?one'; |
158 |
+ $OUT .= "\n"; |
159 |
+} |
160 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_shadow e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_shadow |
161 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_shadow 1970-01-01 01:00:00.000000000 +0100 |
162 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/40nss_base_shadow 2013-01-31 16:52:03.000000000 +0100 |
163 |
@@ -0,0 +1,10 @@ |
164 |
+{ |
165 |
+ $OUT .= "nss_base_shadow ou=Users,"; |
166 |
+ $OUT .= esmith::util::ldapBase ($DomainName); |
167 |
+ $OUT .= '?one'; |
168 |
+ $OUT .= "\n"; |
169 |
+ $OUT .= "nss_base_shadow ou=Computers,"; |
170 |
+ $OUT .= esmith::util::ldapBase ($DomainName); |
171 |
+ $OUT .= '?one'; |
172 |
+ $OUT .= "\n"; |
173 |
+} |
174 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/45rootbinddn e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/45rootbinddn |
175 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/45rootbinddn 1970-01-01 01:00:00.000000000 +0100 |
176 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/45rootbinddn 2013-01-31 16:52:03.000000000 +0100 |
177 |
@@ -0,0 +1,3 @@ |
178 |
+{ |
179 |
+ $OUT .= "rootbinddn cn=root," . esmith::util::ldapBase ($DomainName); |
180 |
+} |
181 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/55bind_policy e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/55bind_policy |
182 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/55bind_policy 1970-01-01 01:00:00.000000000 +0100 |
183 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/55bind_policy 2013-01-31 16:52:03.000000000 +0100 |
184 |
@@ -0,0 +1,4 @@ |
185 |
+{ |
186 |
+# Allow read /etc/{passwd,groups,shadow} files when ldap is down. |
187 |
+} |
188 |
+bind_policy soft |
189 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/60ignore_initgroups e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/60ignore_initgroups |
190 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.conf/60ignore_initgroups 1970-01-01 01:00:00.000000000 +0100 |
191 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.conf/60ignore_initgroups 2013-01-31 16:52:03.000000000 +0100 |
192 |
@@ -0,0 +1 @@ |
193 |
+nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,nscd,gdm |
194 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.secret/all e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.secret/all |
195 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates/etc/pam_ldap.secret/all 1970-01-01 01:00:00.000000000 +0100 |
196 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates/etc/pam_ldap.secret/all 2013-01-31 16:52:03.000000000 +0100 |
197 |
@@ -0,0 +1 @@ |
198 |
+{ esmith::util::LdapPassword (); } |
199 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates.metadata/etc/ldap.secret e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates.metadata/etc/ldap.secret |
200 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates.metadata/etc/ldap.secret 2013-01-31 16:52:03.000000000 +0100 |
201 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates.metadata/etc/ldap.secret 1970-01-01 01:00:00.000000000 +0100 |
202 |
@@ -1 +0,0 @@ |
203 |
-PERMS=0600 |
204 |
diff -Nur e-smith-base-5.4.0/root/etc/e-smith/templates.metadata/etc/pam_ldap.secret e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates.metadata/etc/pam_ldap.secret |
205 |
--- e-smith-base-5.4.0/root/etc/e-smith/templates.metadata/etc/pam_ldap.secret 1970-01-01 01:00:00.000000000 +0100 |
206 |
+++ e-smith-base-5.4.0-rename_nss_ldap_conf/root/etc/e-smith/templates.metadata/etc/pam_ldap.secret 2013-01-31 16:52:03.000000000 +0100 |
207 |
@@ -0,0 +1 @@ |
208 |
+PERMS=0600 |