1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/pam/pamtool Sun Aug 05 22:52:01 2012 +0200
1.3 @@ -0,0 +1,201 @@
1.4 +#!/bin/sh
1.5 +##
1.6 +## pamtool -- OpenPKG PAM Auxiliary Tool
1.7 +## Copyright (c) 2000-2007 OpenPKG Foundation e.V. <http://openpkg.net/>
1.8 +## Copyright (c) 2000-2007 Ralf S. Engelschall <http://engelschall.com/>
1.9 +##
1.10 +## Permission to use, copy, modify, and distribute this software for
1.11 +## any purpose with or without fee is hereby granted, provided that
1.12 +## the above copyright notice and this permission notice appear in all
1.13 +## copies.
1.14 +##
1.15 +## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
1.16 +## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
1.17 +## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
1.18 +## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
1.19 +## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
1.20 +## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
1.21 +## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
1.22 +## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
1.23 +## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
1.24 +## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
1.25 +## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
1.26 +## SUCH DAMAGE.
1.27 +##
1.28 +
1.29 +# program name, version and date
1.30 +progname="pamtool"
1.31 +progvers="0.9.0"
1.32 +progdate="11-Mar-2002"
1.33 +
1.34 +# the OpenPKG instance information
1.35 +l_prefix="@l_prefix@"
1.36 +l_platform="@l_platform@"
1.37 +
1.38 +# default parameters
1.39 +verbose=no
1.40 +help=no
1.41 +add=no
1.42 +remove=no
1.43 +smart=no
1.44 +name=""
1.45 +id=""
1.46 +
1.47 +# iterate over argument line
1.48 +while [ $# -gt 0 ]; do
1.49 + opt=$1
1.50 + case $opt in
1.51 + -*=*) arg=`echo "$opt" | sed 's/^[-_a-zA-Z0-9]*=//'` ;;
1.52 + *) arg='' ;;
1.53 + esac
1.54 + case $opt in
1.55 + -v|--verbose ) verbose=yes ;;
1.56 + -h|--help ) help=yes ;;
1.57 + -a|--add ) add=yes ;;
1.58 + -r|--remove ) remove=yes ;;
1.59 + -s|--smart ) smart=yes ;;
1.60 + --name=* ) name=$arg ;;
1.61 + --id=* ) id=$arg ;;
1.62 + -* ) help="Invalid option \`$opt'"; break ;;
1.63 + * ) break ;;
1.64 + esac
1.65 + shift
1.66 +done
1.67 +if [ ".$help" = .yes ]; then
1.68 + echo "$progname --add|--remove --name=NAME [--smart] [--id=ID]";
1.69 + exit 0
1.70 +fi
1.71 +if [ ".$add" = .no -a ".$remove" = .no ]; then
1.72 + echo "$progname:ERROR: either option -a/--add or -r/--remove have to be specified" 1>&2
1.73 + exit 1
1.74 +fi
1.75 +if [ ".$add" = .yes -a ".$remove" = .yes ]; then
1.76 + echo "$progname:ERROR: option -a/--add and -r/--remove cannot be specified in parallel" 1>&2
1.77 + exit 1
1.78 +fi
1.79 +if [ ".$name" = . ]; then
1.80 + echo "$progname:ERROR: option --name has to be specified" 1>&2
1.81 + exit 1
1.82 +fi
1.83 +if [ ".$id" = . ]; then
1.84 + id="$l_prefix:$name"
1.85 +fi
1.86 +
1.87 +
1.88 +# find a reasonable temporary location
1.89 +if [ ".$TMPDIR" != . ]; then
1.90 + tmpdir="$TMPDIR"
1.91 +elif [ ".$TEMPDIR" != . ]; then
1.92 + tmpdir="$TEMPDIR"
1.93 +else
1.94 + tmpdir="/tmp"
1.95 +fi
1.96 +tmpfile="$tmpdir/pamtool.$$.tmp"
1.97 +
1.98 +# determine PAM information from OpenPKG configuration
1.99 +if [ ! -f "$l_prefix/etc/rc" ]; then
1.100 + echo "$progname:$ERROR: OpenPKG run-command facility not found under $l_prefix" 1>&2
1.101 + exit 1
1.102 +fi
1.103 +pam_enable=`$l_prefix/bin/openpkg rc --query pam_enable`
1.104 +pam_cfgloc=`$l_prefix/bin/openpkg rc --query pam_cfgloc`
1.105 +pam_modpfx=`$l_prefix/bin/openpkg rc --query pam_modpfx`
1.106 +
1.107 +# perform operation
1.108 +if [ ! -f "$l_prefix/lib/openpkg/rpmtool" ]; then
1.109 + echo "$progname:$ERROR: OpenPKG rpmtool not found under $l_prefix/sbin/" 1>&2
1.110 + exit 1
1.111 +fi
1.112 +rpmtool_config="$l_prefix/lib/openpkg/rpmtool config"
1.113 +if [ ".$smart" = .yes ]; then
1.114 + rpmtool_config="$rpmtool_config -s"
1.115 +fi
1.116 +if [ ".$add" = .yes ]; then
1.117 + #
1.118 + # add a PAM entry
1.119 + #
1.120 +
1.121 + # determine platform specific PAM entries
1.122 + ( case "$l_platform" in
1.123 + *-freebsd* )
1.124 + echo "auth sufficient ${pam_modpfx}pam_opie.so no_warn no_fake_prompts"
1.125 + echo "auth requisite ${pam_modpfx}pam_opieaccess.so no_warn allow_local"
1.126 + echo "auth required ${pam_modpfx}pam_unix.so try_first_pass"
1.127 + echo "account required ${pam_modpfx}pam_unix.so"
1.128 + echo "password required ${pam_modpfx}pam_permit.so"
1.129 + echo "session required ${pam_modpfx}pam_permit.so"
1.130 + ;;
1.131 + *-linux* )
1.132 + echo "auth required ${pam_modpfx}pam_unix_auth.so shadow nodelay"
1.133 + echo "auth required ${pam_modpfx}pam_nologin.so"
1.134 + echo "account required ${pam_modpfx}pam_unix_acct.so"
1.135 + echo "password required ${pam_modpfx}pam_unix_passwd.so shadow nullok use_authtok"
1.136 + echo "session required ${pam_modpfx}pam_unix_session.so"
1.137 + echo "session required ${pam_modpfx}pam_limits.so"
1.138 + ;;
1.139 + *-sunos* )
1.140 + echo "auth required ${pam_modpfx}pam_unix.so try_first_pass"
1.141 + echo "account required ${pam_modpfx}pam_unix.so"
1.142 + echo "password required ${pam_modpfx}pam_unix.so"
1.143 + echo "session required ${pam_modpfx}pam_unix.so"
1.144 + ;;
1.145 + *-aix* )
1.146 + echo "auth required ${pam_modpfx}pam_aix try_first_pass"
1.147 + echo "account required ${pam_modpfx}pam_aix"
1.148 + echo "password required ${pam_modpfx}pam_aix"
1.149 + echo "session required ${pam_modpfx}pam_aix"
1.150 + ;;
1.151 + * )
1.152 + echo "auth required ${pam_modpfx}pam_unix.so try_first_pass"
1.153 + echo "account required ${pam_modpfx}pam_unix.so"
1.154 + echo "password required ${pam_modpfx}pam_unix.so"
1.155 + echo "session required ${pam_modpfx}pam_unix.so"
1.156 + ;;
1.157 + esac
1.158 + ) >$tmpfile
1.159 +
1.160 + # add application name prefix if using combined configuration
1.161 + if [ -f $pam_cfgloc ]; then
1.162 + sed -e "s;^;$name ;" <$tmpfile >$tmpfile.n
1.163 + mv $tmpfile.n $tmpfile
1.164 + fi
1.165 +
1.166 + # create entry
1.167 + if [ -f $pam_cfgloc ]; then
1.168 + if [ ".$verbose" = .yes ]; then
1.169 + echo "++ adding entry to $pam_cfgloc"
1.170 + fi
1.171 + $rpmtool_config -a -i $id $pam_cfgloc <$tmpfile || exit $?
1.172 + elif [ -d $pam_cfgloc ]; then
1.173 + if [ ".$verbose" = .yes ]; then
1.174 + echo "++ adding entry to $pam_cfgloc/$name"
1.175 + fi
1.176 + $rpmtool_config -a -i $id $pam_cfgloc/$name <$tmpfile || exit $?
1.177 + fi
1.178 +
1.179 +elif [ ".$remove" = .yes ]; then
1.180 + #
1.181 + # remove a PAM entry
1.182 + #
1.183 +
1.184 + # remove entry
1.185 + if [ -f $pam_cfgloc ]; then
1.186 + if [ ".$verbose" = .yes ]; then
1.187 + echo "++ removing entry from $pam_cfgloc"
1.188 + fi
1.189 + $rpmtool_config -r -i $id $pam_cfgloc || exit $?
1.190 + elif [ -d $pam_cfgloc ]; then
1.191 + if [ ".$verbose" = .yes ]; then
1.192 + echo "++ removing entry from $pam_cfgloc/$name"
1.193 + fi
1.194 + $rpmtool_config -r -i $id $pam_cfgloc/$name || exit $?
1.195 + if [ ! -s $pam_cfgloc/$name ]; then
1.196 + rm -f $pam_cfgloc/$name >/dev/null 2>&1 || true
1.197 + fi
1.198 + fi
1.199 +fi
1.200 +
1.201 +# cleanup
1.202 +rm -f $tmpfile
1.203 +exit 0
1.204 +
