2024-11-17 20:55:17 -03:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
|
|
set -e
|
|
|
|
|
|
|
|
|
|
. /usr/share/debconf/confmodule
|
|
|
|
|
|
2024-11-19 08:38:41 -03:00
|
|
|
# stores ldap bindpw in $RET
|
2024-11-17 20:55:17 -03:00
|
|
|
db_get alice-auth/ldap-bind-password
|
|
|
|
|
|
2024-11-17 21:02:49 -03:00
|
|
|
SSSD_CONFIG=/etc/sssd/sssd.conf
|
2024-11-17 21:28:25 -03:00
|
|
|
SSHD_CONFIG=/etc/ssh/sshd_config
|
2024-11-17 21:02:49 -03:00
|
|
|
|
2024-11-19 08:38:41 -03:00
|
|
|
# sets bindpw in sssd config
|
2024-11-17 21:02:49 -03:00
|
|
|
sed -i "s/ldap_default_authtok =.*/ldap_default_authtok = $RET/" $SSSD_CONFIG
|
|
|
|
|
|
2024-11-19 08:38:41 -03:00
|
|
|
# sets auth keys script in sshd config
|
2024-11-17 21:51:06 -03:00
|
|
|
sed -i "s/#AuthorizedKeysCommand/AuthorizedKeysCommand/" $SSHD_CONFIG
|
|
|
|
|
sed -i "/AuthorizedKeysCommand\( \|$\)/s/AuthorizedKeysCommand.*/AuthorizedKeysCommand \/usr\/bin\/sss_ssh_authorizedkeys/" $SSHD_CONFIG
|
2024-11-17 21:28:25 -03:00
|
|
|
|
2024-11-19 08:38:41 -03:00
|
|
|
# change permissions and owner of sssd config
|
2024-11-17 21:02:49 -03:00
|
|
|
chmod 600 $SSSD_CONFIG
|
|
|
|
|
chown root:root $SSSD_CONFIG
|
2024-11-17 21:28:25 -03:00
|
|
|
|
2024-11-19 08:38:41 -03:00
|
|
|
# check if sss is set on hosts in /etc/nsswitch.conf
|
|
|
|
|
if ! grep -q '^hosts:.*sss' /etc/nsswitch.conf; then
|
|
|
|
|
sed -i 's/files/files sss/' /etc/nsswitch.conf
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
systemctl restart sssd autofs ssh
|
