DragonSlayer_14/Linux-Active-Directory-join-script
1
0
Fork 0
mirror of https://github.com/PierreGode/Linux-Active-Directory-join-script.git synced 2025-12-21 08:50:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

Changed umask from 0022 to 0077

Browse Source 
Changed umask from 0022 to 0077
This commit is contained in:
PierreGode 2022-11-14 09:58:52 +01:00 committed by GitHub
parent f68f964b98
commit 1a9e96fe03
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 18 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
ADconnection.sh
View File

@ -190,13 +190,13 @@ fi
esac esac
fi fi
fi fi
homedir=$( grep homedir /etc/pam.d/common-session | grep 0022 | cut -d '=' -f3 | head -1 ) homedir=$( grep homedir /etc/pam.d/common-session | grep 0077 | cut -d '=' -f3 | head -1 )
if [ "$homedir" = "0022" ] if [ "$homedir" = "0077" ]
then then
echo "pam_mkhomedir.so configured" echo "pam_mkhomedir.so configured"
sleep 1 sleep 1
else else
echo "session required pam_mkhomedir.so skel=/etc/skel/ umask=0022" | sudo tee -a /etc/pam.d/common-session echo "session required pam_mkhomedir.so skel=/etc/skel/ umask=0077" | sudo tee -a /etc/pam.d/common-session
fi fi
Arm=$( sudo hostnamectl | grep Architecture | awk '{print $2}' ) Arm=$( sudo hostnamectl | grep Architecture | awk '{print $2}' )
if [ "$Arm" = "arm" ] if [ "$Arm" = "arm" ]
@ -363,8 +363,8 @@ echo "Checking sudoers groups.. ${INTRO_TEXT}OK${END}"
else else
echo "Checking sudoers groups.. ${RED_TEXT}FAIL${END}" echo "Checking sudoers groups.. ${RED_TEXT}FAIL${END}"
fi fi
homedir=$( grep homedir /etc/pam.d/common-session | grep 0022 | cut -d '=' -f3 | head -1 ) homedir=$( grep homedir /etc/pam.d/common-session | grep 0077 | cut -d '=' -f3 | head -1 )
if [ "$homedir" = "0022" ] < /dev/null > /dev/null 2>&1 if [ "$homedir" = "0077" ] < /dev/null > /dev/null 2>&1
then then
echo "Checking PAM session configuration.. ${INTRO_TEXT}OK${END}" echo "Checking PAM session configuration.. ${INTRO_TEXT}OK${END}"
else else
@ -551,13 +551,13 @@ fi
esac esac
fi fi
fi fi
homedir=$( grep homedir /etc/pam.d/common-session | grep 0022 | cut -d '=' -f3 | head -1 ) homedir=$( grep homedir /etc/pam.d/common-session | grep 0077 | cut -d '=' -f3 | head -1 )
if [ "$homedir" = "0022" ] if [ "$homedir" = "0077" ]
then then
echo "pam_mkhomedir.so configured" echo "pam_mkhomedir.so configured"
sleep 1 sleep 1
else else
echo "session required pam_mkhomedir.so skel=/etc/skel/ umask=0022" | sudo tee -a /etc/pam.d/common-session echo "session required pam_mkhomedir.so skel=/etc/skel/ umask=0077" | sudo tee -a /etc/pam.d/common-session
fi fi
logintrue=$( grep -i -m1 "login" /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf ) logintrue=$( grep -i -m1 "login" /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf )
if [ -f /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf ] if [ -f /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf ]
@ -700,8 +700,8 @@ echo "Checking sudoers user groups.. OK"
else else
echo "Checking sudoers user groups.. FAIL" echo "Checking sudoers user groups.. FAIL"
fi fi
homedir=$( grep homedir /etc/pam.d/common-session | grep 0022 | cut -d '=' -f3 | head -1 ) homedir=$( grep homedir /etc/pam.d/common-session | grep 0077 | cut -d '=' -f3 | head -1 )
if [ "$homedir" = "0022" ] < /dev/null > /dev/null 2>&1 if [ "$homedir" = "0077" ] < /dev/null > /dev/null 2>&1
then then
echo "Checking PAM configuration.. OK" echo "Checking PAM configuration.. OK"
else else
@ -1515,7 +1515,7 @@ fi;;
states="12";; states="12";;
* ) echo 'Please answer yes or no.';; * ) echo 'Please answer yes or no.';;
esac esac
echo "session required pam_mkhomedir.so skel=/etc/skel/ umask=0022" | sudo tee -a /etc/pam.d/common-session echo "session required pam_mkhomedir.so skel=/etc/skel/ umask=0077" | sudo tee -a /etc/pam.d/common-session
sudo sh -c "echo 'greeter-show-manual-login=true' | sudo tee -a /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf" sudo sh -c "echo 'greeter-show-manual-login=true' | sudo tee -a /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf"
sudo sh -c "echo 'allow-guest=false' | sudo tee -a /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf" sudo sh -c "echo 'allow-guest=false' | sudo tee -a /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf"
if ! realm discover if ! realm discover
@ -1543,8 +1543,8 @@ echo "Checking sudoers users.. ${INTRO_TEXT}OK${END}"
else else
echo "Checking sudoers users.. ${RED_TEXT}FAIL${END}" echo "Checking sudoers users.. ${RED_TEXT}FAIL${END}"
fi fi
homedir=$( grep homedir /etc/pam.d/common-session | grep 0022 | cut -d '=' -f3 | head -1 ) homedir=$( grep homedir /etc/pam.d/common-session | grep 0077 | cut -d '=' -f3 | head -1 )
if [ "$homedir" = "0022" ] < /dev/null > /dev/null 2>&1 if [ "$homedir" = "0077" ] < /dev/null > /dev/null 2>&1
then then
echo "Checking PAM configuration.. ${INTRO_TEXT}OK${END}" echo "Checking PAM configuration.. ${INTRO_TEXT}OK${END}"
else else
@ -1945,7 +1945,7 @@ echo "AD join failed.please check your errors with journalctl -xe"
exit exit
fi fi
sudo systemctl start sssd sudo systemctl start sssd
echo "session required pam_mkhomedir.so skel=/etc/skel/ umask=0022" | sudo tee -a /etc/pam.d/common-session echo "session required pam_mkhomedir.so skel=/etc/skel/ umask=0077" | sudo tee -a /etc/pam.d/common-session
sudo echo "pi ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/sudoers sudo echo "pi ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/sudoers
sudo echo "%$myhost""sudoers ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/sudoers sudo echo "%$myhost""sudoers ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/sudoers
sed -i -e 's/fallback_homedir = \/home\/%u@%d/#fallback_homedir = \/home\/%u@%d/g' /etc/sssd/sssd.conf sed -i -e 's/fallback_homedir = \/home\/%u@%d/#fallback_homedir = \/home\/%u@%d/g' /etc/sssd/sssd.conf
@ -2221,8 +2221,8 @@ grouPs=$(grep -i "$myhost" /etc/sudoers.d/sudoers | cut -d '%' -f2 | awk '{print
else else
echo Checking sudoers file.. "${RED_TEXT}FAIL${END}" echo Checking sudoers file.. "${RED_TEXT}FAIL${END}"
fi fi
homedir=$( grep homedir /etc/pam.d/common-session | grep 0022 | cut -d '=' -f3 | head -1 ) homedir=$( grep homedir /etc/pam.d/common-session | grep 0077 | cut -d '=' -f3 | head -1 )
if [ "$homedir" -eq "0022" ] < /dev/null > /dev/null 2>&1 if [ "$homedir" -eq "0077" ] < /dev/null > /dev/null 2>&1
then then
echo Checking PAM configuration.. "${INTRO_TEXT}OK${END}" echo Checking PAM configuration.. "${INTRO_TEXT}OK${END}"
else else
@ -2294,8 +2294,8 @@ else
echo "Checking sudoers file.. FAIL not configured" echo "Checking sudoers file.. FAIL not configured"
fi fi
fi fi
homedir=$( grep homedir /etc/pam.d/common-session | grep 0022 | cut -d '=' -f3 | head -1 ) homedir=$( grep homedir /etc/pam.d/common-session | grep 0077 | cut -d '=' -f3 | head -1 )
if [ "$homedir" = "0022" ] < /dev/null > /dev/null 2>&1 if [ "$homedir" = "0077" ] < /dev/null > /dev/null 2>&1
then then
echo "Checking PAM configuration.. OK" echo "Checking PAM configuration.. OK"
else else