summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorTimothy Pearson <kb9vqf@pearsoncomputing.net>2012-05-21 00:54:46 -0500
committerTimothy Pearson <kb9vqf@pearsoncomputing.net>2012-05-21 00:54:46 -0500
commitbb72c681df66c174f16ed8a1a3502a9892034ef2 (patch)
tree333dc3fac07ec5ebd02a88bbe8962c376f201fa9 /src
parent44db1b5fafa7e3ff64411b48214961da8d553138 (diff)
downloadkcmldap-bb72c681df66c174f16ed8a1a3502a9892034ef2.tar.gz
kcmldap-bb72c681df66c174f16ed8a1a3502a9892034ef2.zip
Add pam file writing and clean up a bit
Diffstat (limited to 'src')
-rw-r--r--src/bondwizard.cpp6
-rw-r--r--src/ldap.cpp40
-rw-r--r--src/ldap.h1
-rw-r--r--src/ldappasswddlg.cpp2
4 files changed, 42 insertions, 7 deletions
diff --git a/src/bondwizard.cpp b/src/bondwizard.cpp
index 03ca5a6..d9a36c2 100644
--- a/src/bondwizard.cpp
+++ b/src/bondwizard.cpp
@@ -188,12 +188,12 @@ void BondWizard::closeEvent(TQCloseEvent* e){
/** maybe call a dialog that the wizard has finished. */
void BondWizard::accept(){
// Try to bond
- if (m_ldapConfig->bondRealm(m_finalRealm, finishpage->ldapAdminUsername->text(), finishpage->ldapAdminPassword->password(), finishpage->ldapAdminRealm->text()) == 0) {
+ TQString errorString;
+ if (m_ldapConfig->bondRealm(m_finalRealm, finishpage->ldapAdminUsername->text(), finishpage->ldapAdminPassword->password(), finishpage->ldapAdminRealm->text(), &errorString) == 0) {
done(0);
}
else {
- KMessageBox::error(this, i18n("<qt><b>Unable to bond to realm!</b><p>RAJA ERRORSTR</qt>"), i18n("Unable to Bond to Realm"));
- // RAJA FIXME
+ KMessageBox::error(this, i18n("<qt><b>Unable to bond to realm!</b><p>Details: %1</qt>").arg(errorString), i18n("Unable to Bond to Realm"));
}
}
diff --git a/src/ldap.cpp b/src/ldap.cpp
index 5834407..31b2b0c 100644
--- a/src/ldap.cpp
+++ b/src/ldap.cpp
@@ -56,6 +56,9 @@
#define KRB5_FILE "/etc/krb5.conf"
#define LDAP_FILE "/etc/ldap.conf"
#define NSSWITCH_FILE "/etc/nsswitch.conf"
+#define PAMD_DIRECTORY "/etc/pam.d/"
+#define PAMD_COMMON_ACCOUNT "common-account"
+#define PAMD_COMMON_AUTH "common-auth"
#define DEFAULT_IGNORED_USERS_LIST "avahi,avahi-autoipd,backup,bin,colord,daemon,games,gnats,haldaemon,hplip,irc,klog,landscape,libuuid,list,lp,mail,man,messagebus,news,ntp,polkituser,postfix,proxy,pulse,root,rtkit,saned,sshd,statd,sync,sys,syslog,timidity,usbmux,uucp,www-data"
typedef KGenericFactory<LDAPConfig, TQWidget> ldapFactory;
@@ -340,6 +343,8 @@ void LDAPConfig::save() {
writeLDAPConfFile();
// Write the NSSwitch configuration file
writeNSSwitchFile();
+ // Write the PAM configuration files
+ writePAMFiles();
}
load();
@@ -683,8 +688,6 @@ void LDAPConfig::writeNSSwitchFile() {
if (file.open(IO_WriteOnly)) {
TQTextStream stream( &file );
- LDAPRealmConfig realmcfg = m_realms[m_defaultRealm];
-
stream << "# This file was automatically generated by TDE\n";
stream << "# All changes will be lost!\n";
stream << "\n";
@@ -706,6 +709,39 @@ void LDAPConfig::writeNSSwitchFile() {
}
}
+void LDAPConfig::writePAMFiles() {
+ TQFile file(PAMD_DIRECTORY PAMD_COMMON_ACCOUNT);
+ if (file.open(IO_WriteOnly)) {
+ TQTextStream stream( &file );
+
+ stream << "# This file was automatically generated by TDE\n";
+ stream << "# All changes will be lost!\n";
+ stream << "\n";
+ stream << "account sufficient pam_unix.so nullok_secure" << "\n";
+ stream << "account sufficient pam_ldap.so" << "\n";
+ stream << "account required pam_permit.so" << "\n";
+
+ file.close();
+ }
+
+ TQFile file2(PAMD_DIRECTORY PAMD_COMMON_AUTH);
+ if (file2.open(IO_WriteOnly)) {
+ TQTextStream stream( &file2 );
+
+ stream << "# This file was automatically generated by TDE\n";
+ stream << "# All changes will be lost!\n";
+ stream << "\n";
+ stream << "auth [default=ignore success=ignore] pam_mount.so" << "\n";
+ stream << "auth sufficient pam_unix.so nullok try_first_pass" << "\n";
+ stream << "auth [default=ignore success=1 service_err=reset] pam_krb5.so ccache=/tmp/krb5cc_%u use_first_pass" << "\n";
+ stream << "auth [default=die success=done] pam_ccreds.so action=validate use_first_pass" << "\n";
+ stream << "auth sufficient pam_ccreds.so action=store use_first_pass" << "\n";
+ stream << "auth required pam_deny.so" << "\n";
+
+ file2.close();
+ }
+}
+
int LDAPConfig::buttons() {
return KCModule::Apply|KCModule::Help;
}
diff --git a/src/ldap.h b/src/ldap.h
index d451774..38d576c 100644
--- a/src/ldap.h
+++ b/src/ldap.h
@@ -94,6 +94,7 @@ class LDAPConfig: public KCModule
void writeKrb5ConfFile();
void writeLDAPConfFile();
void writeNSSwitchFile();
+ void writePAMFiles();
private:
KAboutData *myAboutData;
diff --git a/src/ldappasswddlg.cpp b/src/ldappasswddlg.cpp
index 7ddba14..03d4dcd 100644
--- a/src/ldappasswddlg.cpp
+++ b/src/ldappasswddlg.cpp
@@ -43,8 +43,6 @@ LDAPPasswordDialog::LDAPPasswordDialog(TQWidget* parent, const char* name)
}
void LDAPPasswordDialog::slotOk() {
- // RAJA FIXME
-
accept();
}