View | Details | Raw Unified | Return to bug 39700 | Differences between
and this patch

Collapse All | Expand All

(-)a/base/univention-system-activation/scripts/univention-system-activation (-9 / +12 lines)
 Lines 29-48    Link Here 
29 
# /usr/share/common-licenses/AGPL-3; if not, see
 29 
# /usr/share/common-licenses/AGPL-3; if not, see
30 
# <http://www.gnu.org/licenses/>.
 30 
# <http://www.gnu.org/licenses/>.
31 

          31
          

        

            

              
              
              32
              
UCR=()

            

            

              33
              

            

        

          32
          
function ucr_string(){

          34
          
function ucr_string(){

        

          
            

              33
              
	string=""


              35
              
	UCR=()

            

        

          34
          
	for service in "gdm" "kdm" "login" "other" "sshd"; do

          36
          
	for service in "gdm" "kdm" "login" "other" "sshd"; do

        

          
            

              35
              
		for user in "group/Administrators" "group/Domain_Admins" "user/root"; do


              37
              
		for user in "group/Administrators" "group/Domain Admins" "user/root"; do

            

            

              36
              
			string="$string auth/$service/$user$1"


              38
              
			UCR[${#UCR[@]}]="auth/$service/$user$1"

            

        

          37
          
		done

          39
          
		done

        

        

          38
          
	done

          40
          
	done

        

          
            

              39
              
	string="$string auth/sudo$1"


              41
              
	UCR[${#UCR[@]}]="auth/sudo$1"

            

            

              40
              
	echo $string > /root/log


              
              
            

            

              41
              
	echo $string


            

        

          42
          
}

          42
          
}

        

        

          43
          

          43
          

        

        

          44
          
function allow_root_login() {

          44
          
function allow_root_login() {

        

          
            

              45
              
	ucr unset --force $(ucr_string "")


              45
              
	ucr_string ""

            

            

              
              

              46
              
	ucr unset --force "${UCR[@]}"

            

        

          46
          

          47
          

        

        

          47
          
	# reset su restrictions

          48
          
	# reset su restrictions

        

        

          48
          
	ucr unset --force auth/su/restrict \

          49
          
	ucr unset --force auth/su/restrict \

        

  

    

    

       Lines 51-62
      function allow_root_login() { 
    
  Link Here 
    

  

        

          51
          
	# set to the default values, these values are not set

          52
          
	# set to the default values, these values are not set

        

        

          52
          
	# during the pam installation, because they were set

          53
          
	# during the pam installation, because they were set

        

        

          53
          
	# in the force layer

          54
          
	# in the force layer

        

          
            

              54
              
	ucr set $(ucr_string "?yes")


              55
              
	ucr_string "?yes"

            

            

              
              

              56
              
	ucr set "${UCR[@]}"

            

        

          55
          
}

          57
          
}

        

        

          56
          

          58
          

        

        

          57
          
function restrict_root_login() {

          59
          
function restrict_root_login() {

        

        

          58
          
	# disallow root login

          60
          
	# disallow root login

        

          
            

              59
              
	ucr set --force $(ucr_string "=no")


              61
              
	ucr_string "=no"

            

            

              
              

              62
              
	ucr set --force "${UCR[@]}"

            

        

          60
          

          63
          

        

        

          61
          
	# disallow su

          64
          
	# disallow su

        

        

          62
          
	ucr set --force auth/su/restrict=yes \

          65
          
	ucr set --force auth/su/restrict=yes \

        






  

  Return to bug 39700