Texnico
/
OSGOS_D1
7
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
OSGOS_D1/scripts/support_domain.sh

67 lines
2.2 KiB
Bash
Executable File
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
set -e
if [ "$EUID" -ne 0 ]
then echo "Пожалуйста запустите с правами root"
exit
fi
echo "Для авторизации через контроллер домена введите"
read -p "имя домена: " address
read -p "ip-адрес сервера: " ip
domain=`echo $address | tr '[:lower:]' '[:upper:]'`
echo -e "\n$ip\t$domain\n" >> /etc/hosts
sed -i -E "s/default_realm.*/default_realm = $domain/g" /etc/krb5.conf
sed -i -E "s/\[realms\]/\[realms\]\n $domain = {\n kdc = $address\n admin_server = $address\n }\n/g" /etc/krb5.conf
echo "
account sufficient pam_script.so
account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
account requisite pam_deny.so
account required pam_permit.so
account required pam_krb5.so minimum_uid=1000
" > /etc/pam.d/common-account
echo "
auth [success=2 default=ignore] pam_krb5.so minimum_uid=1000
auth [success=2 default=ignore] pam_unix.so nullok try_first_pass
auth requisite pam_deny.so
auth sufficient pam_script.so
auth required pam_permit.so
" > /etc/pam.d/common-auth
echo "
password [success=3 default=ignore] pam_krb5.so minimum_uid=1000
password sufficient pam_script.so
password [success=1 default=ignore] pam_unix.so obscure use_authtok try_first_pass yescrypt
password requisite pam_deny.so
password required pam_permit.so
password optional pam_gnome_keyring.so
" > /etc/pam.d/common-password
echo "
session [default=1] pam_permit.so
session requisite pam_deny.so
session required pam_permit.so
session optional pam_krb5.so minimum_uid=1000
session optional pam_script.so
session required pam_unix.so
session optional pam_systemd.so
" > /etc/pam.d/common-session
echo "
session [default=1] pam_permit.so
session requisite pam_deny.so
session required pam_permit.so
session optional pam_krb5.so minimum_uid=1000
session optional pam_script.so
session required pam_unix.so
" > /etc/pam.d/common-session-noninteractive
echo "Поддержка домена $domain добавлена"
Reference in New Issue View Git Blame Copy Permalink