Add pam file writing and clean up a bit

pull/1/head
Timothy Pearson 13 years ago
parent 44db1b5faf
commit bb72c681df

@ -188,12 +188,12 @@ void BondWizard::closeEvent(TQCloseEvent* e){
/** maybe call a dialog that the wizard has finished. */
void BondWizard::accept(){
// Try to bond
if (m_ldapConfig->bondRealm(m_finalRealm, finishpage->ldapAdminUsername->text(), finishpage->ldapAdminPassword->password(), finishpage->ldapAdminRealm->text()) == 0) {
TQString errorString;
if (m_ldapConfig->bondRealm(m_finalRealm, finishpage->ldapAdminUsername->text(), finishpage->ldapAdminPassword->password(), finishpage->ldapAdminRealm->text(), &errorString) == 0) {
done(0);
}
else {
KMessageBox::error(this, i18n("<qt><b>Unable to bond to realm!</b><p>RAJA ERRORSTR</qt>"), i18n("Unable to Bond to Realm"));
// RAJA FIXME
KMessageBox::error(this, i18n("<qt><b>Unable to bond to realm!</b><p>Details: %1</qt>").arg(errorString), i18n("Unable to Bond to Realm"));
}
}

@ -56,6 +56,9 @@
#define KRB5_FILE "/etc/krb5.conf"
#define LDAP_FILE "/etc/ldap.conf"
#define NSSWITCH_FILE "/etc/nsswitch.conf"
#define PAMD_DIRECTORY "/etc/pam.d/"
#define PAMD_COMMON_ACCOUNT "common-account"
#define PAMD_COMMON_AUTH "common-auth"
#define DEFAULT_IGNORED_USERS_LIST "avahi,avahi-autoipd,backup,bin,colord,daemon,games,gnats,haldaemon,hplip,irc,klog,landscape,libuuid,list,lp,mail,man,messagebus,news,ntp,polkituser,postfix,proxy,pulse,root,rtkit,saned,sshd,statd,sync,sys,syslog,timidity,usbmux,uucp,www-data"
typedef KGenericFactory<LDAPConfig, TQWidget> ldapFactory;
@ -340,6 +343,8 @@ void LDAPConfig::save() {
writeLDAPConfFile();
// Write the NSSwitch configuration file
writeNSSwitchFile();
// Write the PAM configuration files
writePAMFiles();
}
load();
@ -683,8 +688,6 @@ void LDAPConfig::writeNSSwitchFile() {
if (file.open(IO_WriteOnly)) {
TQTextStream stream( &file );
LDAPRealmConfig realmcfg = m_realms[m_defaultRealm];
stream << "# This file was automatically generated by TDE\n";
stream << "# All changes will be lost!\n";
stream << "\n";
@ -706,6 +709,39 @@ void LDAPConfig::writeNSSwitchFile() {
}
}
void LDAPConfig::writePAMFiles() {
TQFile file(PAMD_DIRECTORY PAMD_COMMON_ACCOUNT);
if (file.open(IO_WriteOnly)) {
TQTextStream stream( &file );
stream << "# This file was automatically generated by TDE\n";
stream << "# All changes will be lost!\n";
stream << "\n";
stream << "account sufficient pam_unix.so nullok_secure" << "\n";
stream << "account sufficient pam_ldap.so" << "\n";
stream << "account required pam_permit.so" << "\n";
file.close();
}
TQFile file2(PAMD_DIRECTORY PAMD_COMMON_AUTH);
if (file2.open(IO_WriteOnly)) {
TQTextStream stream( &file2 );
stream << "# This file was automatically generated by TDE\n";
stream << "# All changes will be lost!\n";
stream << "\n";
stream << "auth [default=ignore success=ignore] pam_mount.so" << "\n";
stream << "auth sufficient pam_unix.so nullok try_first_pass" << "\n";
stream << "auth [default=ignore success=1 service_err=reset] pam_krb5.so ccache=/tmp/krb5cc_%u use_first_pass" << "\n";
stream << "auth [default=die success=done] pam_ccreds.so action=validate use_first_pass" << "\n";
stream << "auth sufficient pam_ccreds.so action=store use_first_pass" << "\n";
stream << "auth required pam_deny.so" << "\n";
file2.close();
}
}
int LDAPConfig::buttons() {
return KCModule::Apply|KCModule::Help;
}

@ -94,6 +94,7 @@ class LDAPConfig: public KCModule
void writeKrb5ConfFile();
void writeLDAPConfFile();
void writeNSSwitchFile();
void writePAMFiles();
private:
KAboutData *myAboutData;

@ -43,8 +43,6 @@ LDAPPasswordDialog::LDAPPasswordDialog(TQWidget* parent, const char* name)
}
void LDAPPasswordDialog::slotOk() {
// RAJA FIXME
accept();
}

Loading…
Cancel
Save