X-Git-Url: http://git.plutz.net/?a=blobdiff_plain;f=modules%2Fsmb_nis.mk;h=d11d00b9a14a5416743ce3e9e34c52a1f656b13d;hb=HEAD;hp=320c97ab892a505476eb91923868ce9aab0e63e5;hpb=897e02d30d887aff64a047a26c3622301ae21447;p=blast diff --git a/modules/smb_nis.mk b/modules/smb_nis.mk index 320c97a..48514cf 100644 --- a/modules/smb_nis.mk +++ b/modules/smb_nis.mk @@ -1,12 +1,18 @@ -PACKAGES += cifs-utils libpam-mount libpam-script lxdm nis nscd samba-common-bin usermode +PACKAGES += cifs-utils libpam-mount libpam-script lightdm nis nscd samba-common-bin usermode libnss-nis ifndef nis_server nis_server := nismaster endif +ifndef nis_domain + nis_domain := ${nis_server} +endif +ifndef smb_server + smb_server := ${nis_server} +endif define DEBCONF += -nis nis/domain string .${nis_server} +nis nis/domain string ${nis_domain} endef export smb_nis_pamscript smb_nis_pammount @@ -17,7 +23,7 @@ define smb_nis_pamscript := # forced through bash, to hide euid from smbpasswd /bin/bash -c ' printf "%s\n" "$$PAM_OLDAUTHTOK" "$$PAM_AUTHTOK" "$$PAM_AUTHTOK" \ - | smbpasswd -sr ${nis_server} -U "$$PAM_USER" + | smbpasswd -sr ${smb_server} -U "$$PAM_USER" ' exit $? @@ -27,7 +33,7 @@ endef define smb_nis_pammount := - + @@ -35,22 +41,26 @@ define smb_nis_pammount := endef -.PHONY: _smb_nis -_config: _smb_nis +.PHONY: _smb_nis _ypbind +_config: _smb_nis _ypbind _smb_nis: ${CFGROOT}/opt/pam_script/pam_script_passwd ${CFGROOT}/etc/security/pam_mount.conf.xml -_smb_nis: ${CFGROOT}/etc/yp.conf ${CFGROOT}/etc/defaultdomain +_smb_nis: ${CFGROOT}/etc/yp.conf ${CFGROOT}/etc/defaultdomain ${CFGROOT}/etc/default/nis _smb_nis: ${CFGROOT} - sed -Ei 's;^(passwd:|group:|shadow:|gshadow:) *;\1 nis ;' $${CFGROOT}/etc/nsswitch.conf + sed -Ei 's;^(passwd:|group:|shadow:|gshadow:).*$$;\1 files nis;' $${CFGROOT}/etc/nsswitch.conf sed -Ei '/pam_(script|mount).so/d' $${CFGROOT}/etc/pam.d/common-* - printf '\nauth optional pam_mount.so\n' >>$${CFGROOT}/etc/pam.d/common-auth + printf '\nauth required pam_mount.so\n' >>$${CFGROOT}/etc/pam.d/common-auth printf '\nsession optional pam_mount.so\n' >>$${CFGROOT}/etc/pam.d/common-session printf '\npassword required pam_script.so dir=/opt/pam_script\n' >$${CFGROOT}/etc/pam.d/common-password +_ypbind: ${CFGROOT} + chroot "$<" systemctl enable ypbind + ${CFGROOT}/opt/pam_script/pam_script_passwd: ${CFGROOT} .FORCE mkdir -p "$(dir $@)" printf '%s' "$${smb_nis_pamscript}" >"$@" + chmod a+x "$@" ${CFGROOT}/etc/security/pam_mount.conf.xml: ${CFGROOT} .FORCE mkdir -p "$(dir $@)" @@ -60,4 +70,8 @@ ${CFGROOT}/etc/yp.conf: ${CFGROOT} .FORCE printf 'ypserver %s\n' "${nis_server}" >"$@" ${CFGROOT}/etc/defaultdomain: ${CFGROOT} .FORCE - printf '.%s\n' "${nis_server}" >"$@" + printf '%s\n' "${nis_domain}" >"$@" + printf 'kernel.domainname = %s\n' "${nis_domain}" >"${CFGROOT}/etc/sysctl.d/10-domainname.conf" + +${CFGROOT}/etc/default/nis: ${CFGROOT} .FORCE + printf '%s\n' "NISSERVER=false" "NISCLIENT=true" "YPPWDDIR=/etc" "NISMASTER=${nis_server}" >"$@"