MetzNet
/
metznet-channel
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Cleaned up ldap auth

master
noah metz 2023-11-27 21:38:26 -07:00
parent 3abe530126
commit b2e44cbd13
1 changed files with 7 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
system/base-system.scm
Unescape Escape View File

@ -101,7 +101,7 @@
(name "usb"))) (name "usb")))
%base-groups)) %base-groups))
(define %metznet-base-packages (append (list openssh nss-pam-ldapd openldap git neovim zsh le-certs nss-certs mit-krb5 openvpn openresolv) %base-packages)) (define %metznet-base-packages (append (list openssh openldap git neovim zsh le-certs nss-certs mit-krb5 openvpn openresolv) %base-packages))
(define %metznet-desktop-packages (append (list i3-wm i3status dmenu kitty icecat) %metznet-base-packages)) (define %metznet-desktop-packages (append (list i3-wm i3status dmenu kitty icecat) %metznet-base-packages))
@ -155,27 +155,20 @@
(group services)))) (group services))))
(define pam-ldap-module (file-append nss-pam-ldapd "/lib/security/pam_ldap.so")) (define (pam-mkhomedir-service config)
(define (metznet-pam-service config)
(lambda (pam) (lambda (pam)
(if (member (pam-service-name pam) config) (if (member (pam-service-name pam) config)
(let ((sufficient (let ((required
(pam-entry
(control "sufficient")
(module pam-ldap-module)))
(required
(pam-entry (pam-entry
(control "required") (control "required")
(module "pam_mkhomedir.so")))) (module "pam_mkhomedir.so"))))
(pam-service (pam-service
(inherit pam) (inherit pam)
(session (cons required (pam-service-account pam))) (session (cons required (pam-service-account pam)))))
(password (cons sufficient (pam-service-account pam)))))
pam))) pam)))
(define (metznet-pam-services config) (define (pam-mkhomedir-services config)
(list (metznet-pam-service config))) (list (pam-mkhomedir-service config)))
(define default-sssd-conf-file (plain-file "sssd.conf" (string-join (list (define default-sssd-conf-file (plain-file "sssd.conf" (string-join (list
"[sssd]" "[sssd]"
@ -199,7 +192,7 @@
(name 'metznet-service) (name 'metznet-service)
(description "MetzNet Services") (description "MetzNet Services")
(extensions (extensions
(list (service-extension pam-root-service-type metznet-pam-services))) (list (service-extension pam-root-service-type pam-mkhomedir-services)))
(default-value '()))) (default-value '())))
(define-configuration sssd-configuration (define-configuration sssd-configuration