V8.00.000.2025.06.17
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 2m7s
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 2m7s
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
@@ -976,7 +976,6 @@ auth required pam_permit.so
|
||||
|
||||
# And here are more per-package modules (the "Additional" block):
|
||||
|
||||
# End of pam-auth-update config.
|
||||
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=conf
|
||||
EOF
|
||||
do_log "info" "file_only" "4520() Written: [/etc/pam.d/common-auth]."
|
||||
@@ -987,6 +986,63 @@ EOF
|
||||
# shellcheck disable=SC2034
|
||||
readonly -f write_pam_common_auth
|
||||
|
||||
#######################################
|
||||
# Writes CISS Header for '/etc/pam.d/common-session'.
|
||||
# Globals:
|
||||
# None
|
||||
# Arguments:
|
||||
# 1: TARGET
|
||||
# Returns:
|
||||
# 0: on success
|
||||
#######################################
|
||||
write_pam_common_session() {
|
||||
### Declare Arrays, HashMaps, and Variables.
|
||||
declare -r var_target="$1"
|
||||
|
||||
mv "${var_target}/etc/pam.d/common-session" "${var_target}/root/.ciss/cdi/backup/etc/pam.d/common-session"
|
||||
|
||||
insert_header "${var_target}/etc/pam.d/common-session"
|
||||
insert_comments "${var_target}/etc/pam.d/common-session"
|
||||
cat << EOF >> "${var_target}/etc/pam.d/common-session"
|
||||
#
|
||||
# /etc/pam.d/common-session - session-related modules common to all services
|
||||
#
|
||||
|
||||
# This file is included from other service-specific PAM config files, and should contain a list of modules that define tasks to
|
||||
# be performed at the start and end of interactive sessions.
|
||||
|
||||
# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. To take advantage of this, it is recommended that you
|
||||
# configure any local modules either before or after the default block, and use pam-auth-update to manage selection of other
|
||||
# modules. See pam-auth-update(8) for details.
|
||||
|
||||
# Here are the per-package modules (the "Primary" block).
|
||||
session [default=1] pam_permit.so
|
||||
|
||||
# Reset the umask for new sessions.
|
||||
session optional pam_umask.so
|
||||
|
||||
# Here is the fallback if no module succeeds.
|
||||
session requisite pam_deny.so
|
||||
|
||||
# Prime the stack with a positive return value if there is not one already; this avoids us returning an error just because
|
||||
# nothing sets a success code since the modules above will each just jump around.
|
||||
session required pam_permit.so
|
||||
|
||||
# And here are more per-package modules (the "Additional" block).
|
||||
session required pam_unix.so
|
||||
|
||||
session optional pam_systemd.so
|
||||
|
||||
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=conf
|
||||
EOF
|
||||
do_log "info" "file_only" "4520() Written: [/etc/pam.d/common-session]."
|
||||
|
||||
return 0
|
||||
}
|
||||
### Prevents accidental 'unset -f'.
|
||||
# shellcheck disable=SC2034
|
||||
readonly -f write_pam_common_session
|
||||
|
||||
#######################################
|
||||
# Writes CISS Header for '/etc/pam.d/login'.
|
||||
# Globals:
|
||||
|
||||
Reference in New Issue
Block a user