Fix issues #1 An error occurred when executing the su command after applying 10.1.9
This commit is contained in:
parent
efd22bfbc6
commit
da51ac2cda
|
@ -60,12 +60,13 @@ apply () {
|
|||
crit "$PATTERN is not present in $FILE, add default config to $FILE"
|
||||
add_line_file_before_pattern $FILE "auth optional pam_faildelay.so delay=4000000" "# Outputs an issue file prior to each login prompt (Replaces the"
|
||||
elif [ $FNRET = 3 ]; then
|
||||
crit "$OPTIONNAME set is not match legally, reset it to $CONDT_VAL"
|
||||
reset_option_to_password_check $FILE $PAMLIBNAME "$OPTIONNAME" "$CONDT_VAL"
|
||||
crit "$FILE is not exist, please check"
|
||||
elif [ $FNRET = 4 ]; then
|
||||
crit "444"
|
||||
elif [ $FNRET = 5 ]; then
|
||||
crit "555555555555"
|
||||
crit "$OPTIONNAME is not conf"
|
||||
add_option_to_auth_check $FILE $PAMLIBNAME "$OPTIONNAME=$CONDT_VAL"
|
||||
elif [ $FNRET = 5 ]; then
|
||||
crit "$OPTIONNAME set is not match legally, reset it to $CONDT_VAL"
|
||||
reset_option_to_auth_check $FILE $PAMLIBNAME "$OPTIONNAME" "$CONDT_VAL"
|
||||
fi
|
||||
}
|
||||
|
||||
|
|
38
lib/utils.sh
38
lib/utils.sh
|
@ -527,6 +527,24 @@ add_option_to_password_check()
|
|||
sed -ie "s;\(^password.*$KEYWORD.*\);\1 $OPTIONSTR;" $PAMPWDFILE
|
||||
}
|
||||
|
||||
# Add auth check option
|
||||
add_option_to_auth_check()
|
||||
{
|
||||
#Example:
|
||||
#local PAMPWDFILE="/etc/pam.d/common-password"
|
||||
#local KEYWORD="pam_cracklib.so"
|
||||
#local OPTIONSTR="retry=3"
|
||||
local PAMPWDFILE=$1
|
||||
local KEYWORD=$2
|
||||
local OPTIONSTR=$3
|
||||
debug "Setting $OPTIONSTR for $KEYWORD"
|
||||
backup_file "$PAMPWDFILE"
|
||||
# For example :
|
||||
# password requisite pam_cracklib.so minlen=8 difok=3
|
||||
# password requisite pam_cracklib.so minlen=8 difok=3 retry=3
|
||||
sed -ie "s;\(^auth.*$KEYWORD.*\);\1 $OPTIONSTR;" $PAMPWDFILE
|
||||
}
|
||||
|
||||
# Reset password check option value when option is not set a correct value
|
||||
reset_option_to_password_check()
|
||||
{
|
||||
|
@ -547,6 +565,26 @@ reset_option_to_password_check()
|
|||
sed -ie "s/${OPTIONNAME}=./${OPTIONNAME}=${OPTIONVAL}/" $PAMPWDFILE
|
||||
}
|
||||
|
||||
# Reset auth check option value when option is not set a correct value
|
||||
reset_option_to_auth_check()
|
||||
{
|
||||
#Example:
|
||||
#local PAMPWDFILE="/etc/pam.d/common-password"
|
||||
#local KEYWORD="pam_cracklib.so"
|
||||
#local OPTIONNAME="retry"
|
||||
#local OPTIONVAL="3"
|
||||
local PAMPWDFILE=$1
|
||||
local KEYWORD=$2
|
||||
local OPTIONNAME=$3
|
||||
local OPTIONVAL=$4
|
||||
debug "Setting $OPTION for $KEYWORD reset option value to $OPTIONVAL"
|
||||
backup_file "$PAMPWDFILE"
|
||||
# For example :
|
||||
# password requisite pam_cracklib.so minlen=8 difok=3 retry=1
|
||||
# password requisite pam_cracklib.so minlen=8 difok=3 retry=3
|
||||
sed -ie "s/${OPTIONNAME}=.*/${OPTIONNAME}=${OPTIONVAL}/" $PAMPWDFILE
|
||||
}
|
||||
|
||||
# Only check option name
|
||||
check_auth_option_nullok_by_pam()
|
||||
{
|
||||
|
|
Loading…
Reference in New Issue