X-Git-Url: http://git.plutz.net/?a=blobdiff_plain;f=modules%2Fsmb_nis.mk;h=9eed7d380d84cfdf6efa81f8e5bb42c19f3fd16c;hb=HEAD;hp=b3516989d07f588b668c6254d05d306cf9870229;hpb=e5ba91757e0373ca08386feb7463ef88f8b433bf;p=blast diff --git a/modules/smb_nis.mk b/modules/smb_nis.mk index b351698..48514cf 100644 --- a/modules/smb_nis.mk +++ b/modules/smb_nis.mk @@ -1,12 +1,18 @@ -PACKAGES += cifs-utils libpam-mount libpam-script lxdm nis nscd samba-common-bin usermode +PACKAGES += cifs-utils libpam-mount libpam-script lightdm nis nscd samba-common-bin usermode libnss-nis ifndef nis_server nis_server := nismaster endif +ifndef nis_domain + nis_domain := ${nis_server} +endif +ifndef smb_server + smb_server := ${nis_server} +endif define DEBCONF += -nis nis/domain string .${nis_server} +nis nis/domain string ${nis_domain} endef export smb_nis_pamscript smb_nis_pammount @@ -17,7 +23,7 @@ define smb_nis_pamscript := # forced through bash, to hide euid from smbpasswd /bin/bash -c ' printf "%s\n" "$$PAM_OLDAUTHTOK" "$$PAM_AUTHTOK" "$$PAM_AUTHTOK" \ - | smbpasswd -sr ${nis_server} -U "$$PAM_USER" + | smbpasswd -sr ${smb_server} -U "$$PAM_USER" ' exit $? @@ -27,7 +33,7 @@ endef define smb_nis_pammount := - + @@ -35,21 +41,26 @@ define smb_nis_pammount := endef -.PHONY: _smb_nis -_config: _smb_nis +.PHONY: _smb_nis _ypbind +_config: _smb_nis _ypbind _smb_nis: ${CFGROOT}/opt/pam_script/pam_script_passwd ${CFGROOT}/etc/security/pam_mount.conf.xml -_smb_nis: ${CFGROOT}/etc/yp.conf ${CFGROOT}/etc/defaultdomain +_smb_nis: ${CFGROOT}/etc/yp.conf ${CFGROOT}/etc/defaultdomain ${CFGROOT}/etc/default/nis _smb_nis: ${CFGROOT} - sed -Ei 's;^(passwd:|group:|shadow:|gshadow:) *;\1 nis ;' $${CFGROOT}/etc/nsswitch.conf - printf '\nauth optional pam_mount.so\n' >>$${CFGROOT}/etc/pam.d/common-auth + sed -Ei 's;^(passwd:|group:|shadow:|gshadow:).*$$;\1 files nis;' $${CFGROOT}/etc/nsswitch.conf + sed -Ei '/pam_(script|mount).so/d' $${CFGROOT}/etc/pam.d/common-* + printf '\nauth required pam_mount.so\n' >>$${CFGROOT}/etc/pam.d/common-auth printf '\nsession optional pam_mount.so\n' >>$${CFGROOT}/etc/pam.d/common-session printf '\npassword required pam_script.so dir=/opt/pam_script\n' >$${CFGROOT}/etc/pam.d/common-password +_ypbind: ${CFGROOT} + chroot "$<" systemctl enable ypbind + ${CFGROOT}/opt/pam_script/pam_script_passwd: ${CFGROOT} .FORCE mkdir -p "$(dir $@)" printf '%s' "$${smb_nis_pamscript}" >"$@" + chmod a+x "$@" ${CFGROOT}/etc/security/pam_mount.conf.xml: ${CFGROOT} .FORCE mkdir -p "$(dir $@)" @@ -59,4 +70,8 @@ ${CFGROOT}/etc/yp.conf: ${CFGROOT} .FORCE printf 'ypserver %s\n' "${nis_server}" >"$@" ${CFGROOT}/etc/defaultdomain: ${CFGROOT} .FORCE - printf '.%s\n' "${nis_server}" >"$@" + printf '%s\n' "${nis_domain}" >"$@" + printf 'kernel.domainname = %s\n' "${nis_domain}" >"${CFGROOT}/etc/sysctl.d/10-domainname.conf" + +${CFGROOT}/etc/default/nis: ${CFGROOT} .FORCE + printf '%s\n' "NISSERVER=false" "NISCLIENT=true" "YPPWDDIR=/etc" "NISMASTER=${nis_server}" >"$@"