[blast] / modules / smb_nis.mk

PACKAGES += cifs-utils libpam-mount libpam-script lxdm nis nscd samba-common-bin usermode

ifndef nis_server
  nis_server := nismaster
endif

define DEBCONF +=

nis     nis/domain      string  .${nis_server}
endef

export smb_nis_pamscript smb_nis_pammount

define smb_nis_pamscript :=
#!/bin/sh

/bin/bash -c '
  printf "%s\n" "$$PAM_OLDAUTHTOK" "$$PAM_AUTHTOK" "$$PAM_AUTHTOK" \
  | smbpasswd -sr ${nis_server} -U "$$PAM_USER"
'

exit $?

endef

define smb_nis_pammount :=
<pam_mount> <debug enable="0" />
  <!-- Volume definitions -->
  <volume options="user=%(USER)" fstype="cifs" server="${nis_server}"     path="%(USER)" mountpoint="~" />
  <mntoptions require="nosuid,nodev" />
  <logout wait="0" hup="no" term="no" kill="no" />
  <mkmountpoint enable="1" remove="true" />
</pam_mount>

endef

.PHONY: _smb_nis
_config: _smb_nis

_smb_nis: ${CFGROOT}/opt/pam_script/pam_script_passwd ${CFGROOT}/etc/security/pam_mount.conf.xml
_smb_nis: ${CFGROOT}/etc/yp.conf ${CFGROOT}/etc/defaultdomain

_smb_nis: ${CFGROOT}
        sed -Ei 's;^(passwd:|group:|shadow:|gshadow:) *;\1      nis ;' $${CFGROOT}/etc/nsswitch.conf
        printf '\nauth          optional        pam_mount.so\n' >>$${CFGROOT}/etc/pam.d/common-auth
        printf '\nsession       optional        pam_mount.so\n' >>$${CFGROOT}/etc/pam.d/common-session
        printf '\npassword      required        pam_script.so dir=/opt/pam_script\n'  >$${CFGROOT}/etc/pam.d/common-password

${CFGROOT}/opt/pam_script/pam_script_passwd: ${CFGROOT}
        mkdir -p "$(dir $@)"
        printf '%s' "$${smb_nis_pamscript}" >"$@"

${CFGROOT}/etc/security/pam_mount.conf.xml: ${CFGROOT}
        mkdir -p "$(dir $@)"
        printf '%s' "$${smb_nis_pammount}" >"$@"

${CFGROOT}/etc/yp.conf: ${CFGROOT}
        printf 'ypserver        %s\n' "${nis_server}" >"$@"

${CFGROOT}/etc/defaultdomain: ${CFGROOT}
        printf '.%s\n' "${nis_server}" >"$@"