Attachment #10499 for bug #30036

View | Details | Raw Unified | Return to bug 30036
Collapse All | Expand All






@!@
METHODS = [
    ('krb5', 'pam_krb5.so minimum_uid=%s' % (configRegistry.get('pam/krb5/minimum_uid', 1000),)),
    ('ldap', 'pam_ldap.so'),
    ('winbind', 'pam_winbind.so'),
]
methods = set(configRegistry['auth/methods'].split())
stmts = [stmt for (method, stmt) in METHODS if method in methods]
for i, stmt in enumerate(stmts):
    action = "[success=%d new_authtok_reqd=done default=ignore]" % (len(stmts) - i,)
    print("account  %s  %s" % (action, stmt))
	return template.replace('<action>', action)

methods = set(configRegistry['auth/methods'].split(' ')) & {'krb5', 'ldap', 'winbind'}
index = len(methods)

if 'krb5' in methods:
	print(pam_section(pam_krb5, index))
	index -= 1
if 'ldap' in methods:
	print(pam_section(pam_ldap, index))
	index -= 1
if 'winbind' in methods:
	print(pam_section(pam_winbind, index))
@!@
account  requisite                       pam_deny.so
account  required                        pam_permit.so






@!@
METHODS = [
    ('krb5', 'pam_krb5.so use_first_pass minimum_uid=%d' % (configRegistry.get('pam/krb5/minimum_uid', 1000),)),
    ('ldap', 'pam_ldap.so use_first_pass'),
    ('winbind', 'pam_winbind.so use_first_pass'),
]
methods = set(configRegistry['auth/methods'].split())
stmts = [stmt for (method, stmt) in METHODS if method in methods]
for i, stmt in enumerate(stmts):
    action = "[success=%d default=ignore]" % (len(stmts) - i,)
    print("auth  %s  %s" % (action, stmt))
if 'krb5' in methods:
	print(pam_krb5)
if 'ldap' in methods:
	print(pam_ldap)
if 'winbind' in methods:
	print(pam_winbind)
@!@
auth  requisite                       pam_deny.so
auth  required                        pam_permit.so

auth     required                           pam_env.so




@!@
METHODS = [
    ('krb5', 'pam_krb5.so use_first_pass minimum_uid=%d' % (configRegistry.get('pam/krb5/minimum_uid', 1000),)),
    ('ldap', 'pam_ldap.so use_first_pass'),
    ('winbind', 'pam_winbind.so use_first_pass'),
]
methods = set(configRegistry['auth/methods'].split())
stmts = [stmt for (method, stmt) in METHODS if method in methods]
auth     [success=<succ> new_authtok_reqd=ok \
         user_unknown=<unknown> \
         service_err=<unavail> authinfo_unavail=<unavail> \
         default=<unknown>]                         pam_ldap.so use_first_pass'''
pam_winbind = '''
auth     [success=<succ> new_authtok_reqd=ok \
         user_unknown=<unknown> \
         service_err=<unavail> authinfo_unavail=<unavail> \
         default=<unknown>]                         pam_winbind.so use_first_pass'''


if not stmts:
	succ='done'
	unavail='die'
	fail='die'
	unknown = 'die' if last else 'ignore'

	return template.replace('<succ>', succ).replace('<unavail>', unavail).replace('<fail>', fail).replace('<unknown>', unknown)

methods = [x for x in configRegistry['auth/methods'].split(' ') if x in ['krb5', 'ldap', 'winbind']]


if not methods:
	print('''
auth     required                         pam_unix.so''')
else:




for i, stmt in enumerate(stmts):
    action = "[success=%d new_authtok_reqd=ok user_unknown=ignore service_err=die authinfo_unavail=die default=ignore]" % (len(stmts) - i,)
    print("auth  %s  %s" % (action, stmt))
if 'ldap' in methods:
	last = 'winbind' not in methods
	print(pam_section(pam_ldap, last))
if 'winbind' in methods:
	print(pam_section(pam_winbind, true))
@!@
auth  requisite                       pam_deny.so
auth  required                        pam_permit.so

Return to bug 30036