Corrections to spec file and scripts and update to the micasad.

This commit is contained in:
Cameron (Kamran) Mashayekhi 2006-02-17 23:14:27 +00:00
parent d7bf9b40a5
commit 46e06cd568
6 changed files with 120 additions and 67 deletions

View File

@ -12,6 +12,11 @@ Fri Feb 17 21:31:10 IST 2006 - smanojna@novell.com
- System > Configuration > Novell CASA Manager - System > Configuration > Novell CASA Manager
- Utilities > Security > Novell CASA Manager - Utilities > Security > Novell CASA Manager
- Internet > Administration > Novell CASA Manager - Internet > Administration > Novell CASA Manager
-------------------------------------------------------------------
Thu Feb 16 16:45:27 MST 2006 - cmashayekhi@novell.com
- Spec file was correct to eliminate the neededforbuild directive
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Feb 16 11:43:36 MST 2006 - jnorman@novell.com Thu Feb 16 11:43:36 MST 2006 - jnorman@novell.com

View File

@ -6,40 +6,17 @@ do
sed -i '/pam_micasa/d' $file sed -i '/pam_micasa/d' $file
var=`grep pam_unix2.so $file` var=`grep pam_unix2.so $file`
entry=`echo -e "auth\t required\tpam_micasa.so"` entry=`echo -e "auth\t required\tpam_micasa.so"`
entry2=`echo -e "session\t required\tpam_micasa.so"`
cnt=0
if [ "$var" != "" ] if [ "$var" != "" ]
then then
sed -i "/^auth.*required.*pam_unix2.so/a$entry" $file sed -i "/^auth.*required.*pam_unix2.so/a$entry" $file
sed -i "/^session.*required.*pam_unix2.so/a$entry2" $file continue
else
let ' cnt = cnt + 1'
fi fi
var2=`grep common-auth $file` var2=`grep common-auth $file`
if [ "$var2" != "" ] if [ "$var2" != "" ]
then then
sed -i "/^auth.*include.*common-auth/a$entry" $file sed -i "/^auth.*include.*common-auth/a$entry" $file
sed -i "/^session.*include.*common-session/a$entry2" $file continue
else
let ' cnt = cnt + 1'
fi
if [ $cnt -eq 2 ]
then
awk '
/auth/ { authSeen++; }
/account/ {
if (!acctSeen && authSeen)
{
print "auth\trequired\tpam_micasa.so\n";}
acctSeen++;
}
/session/ { sesSeen++; }
// {print $0; }
END { if (sesSeen)
print "session\trequired\tpam_micasa.so\n"; }
' $file > $file.sav
mv $file.sav $file
fi fi
sed -i "0,/^auth/s/^\(auth.*\)/\1\n$entry/" $file
fi fi
done done

View File

@ -31,7 +31,7 @@ rc_reset
case "$1" in case "$1" in
start) start)
echo "Starting miCASA daemon" echo "Starting miCASA daemon"
startproc -f $MICASAD_BIN /sbin/startproc -f $MICASAD_BIN
# Remember status and be verbose # Remember status and be verbose
rc_status -v rc_status -v
;; ;;
@ -39,57 +39,58 @@ case "$1" in
stop) stop)
echo "Shutting miCASA daemon down" echo "Shutting miCASA daemon down"
#killproc -TERM $MICASAD_BIN #killproc -TERM $MICASAD_BIN
pid=`cat /var/run/micasad.pid` > /dev/null 2>&1 pid=`cat /var/run/micasad.pid` >/dev/null 2>&1
kill -s TERM $pid > /dev/null 2>&1 kill -s TERM $pid >/dev/null 2>&1
# Remember status and be verbose # Remember status and be verbose
rc_status -v rc_status -v
;; ;;
try-restart|condrestart) try-restart|condrestart)
# $0 status >/dev/null && $0 restart $0 status >/dev/null && $0 restart
$0 restart
rc_status rc_status
;; ;;
restart) restart)
## Stop the service and regardless of whether it was ## Stop the service and regardless of whether it was
## running or not, start it again. ## running or not, start it again.
echo "Restarting miCASA daemon" echo "Restarting miCASA daemon"
$0 stop $0 stop
$0 start $0 start
# Remember status and be quiet # Remember status and be quiet
rc_status rc_status
;; ;;
status) status)
echo "Checking for service micasad ..." echo "Checking for service micasad ..."
checkproc micasad /sbin/checkproc micasad
if [ $? == 0 ] $res=$?
if [ $res == 0 ]
then then
echo -n "0 - service up and running" echo -n "0 - service up and running"
elif [ $? == 1 ] elif [ $res == 1 ]
then then
echo -n "1 - service dead, but /var/run/pid file exists" echo -n "1 - service dead, but /var/run/pid file exists"
elif [ $? == 2 ] elif [ $res == 2 ]
then then
echo -n "2 - service dead, but /var/lock/lock file exists" echo -n "2 - service dead, but /var/lock/lock file exists"
elif [ $? == 3 ] elif [ $res == 3 ]
then then
echo -n "3 - service not running (unused)" echo -n "3 - service not running (unused)"
elif [ $? == 4 ] elif [ $res == 4 ]
then then
echo -n "4 - service status unknown" echo -n "4 - service status unknown"
else else
echo -n "5--199 reserved (5--99 LSB, 100--149 distro, 150--199 appl.)" echo -n "5--199 reserved (5--99 LSB, 100--149 distro, 150--199 appl.)"
fi fi
rc_status -v rc_status >/dev/null 2>&1
;; ;;
*) *)
echo "Usage: $0 {start|stop|restart|try-restart|status}" echo "Usage: $0 {start|stop|restart|try-restart|status}"
exit 1 exit 1
;; ;;
esac esac

View File

@ -41,7 +41,7 @@ Common Authentication Service Adapter (CASA)
process that makes the IDK API calls. The process that makes the IDK API calls. The
credentials, which are stored by applications in credentials, which are stored by applications in
miCASAd, are maintained in memory and written to miCASAd, are maintained in memory and written to
disk for this release. Session-based secrets implies disk for this release. Session-based secrets implies
secrets that are stored in an in-memory cache, are secrets that are stored in an in-memory cache, are
available only as long as the user is in session on available only as long as the user is in session on
the desktop, and are destroyed when miCASA daemon the desktop, and are destroyed when miCASA daemon
@ -57,7 +57,7 @@ Common Authentication Service Adapter (CASA)
placed as the last module in the auth and session placed as the last module in the auth and session
stacks of xdm, gdm, kdm, login and sshd PAM stacks of xdm, gdm, kdm, login and sshd PAM
configuration files. The functionality of this configuration files. The functionality of this
module is to store the credentials in miCASAd. module is to store the credentials in miCASAd.
Any PAM module that uses the IDK APIs must set its Any PAM module that uses the IDK APIs must set its
effective user id temporarily to that of the user effective user id temporarily to that of the user
@ -88,8 +88,8 @@ Common Authentication Service Adapter (CASA)
3.0 Known issues 3.0 Known issues
- Secrets with IDs using reserved characters may fail. - Secrets with IDs using reserved characters may fail.
These will be fixed in a future release. Reserved These will be fixed in a future release. Reserved
characters are characters are
: :
\ \
@ -100,10 +100,88 @@ Common Authentication Service Adapter (CASA)
(1.1.9 or later) available for download at (1.1.9 or later) available for download at
http://www.mono-project.com/Downloads. http://www.mono-project.com/Downloads.
- CASA install rpm that is intended for 32 bit architecture - CASA install rpm that is intended for 32 bit architecture
should not be installed on 64 bit architecture because should not be installed on 64 bit architecture because
it can cause runtime problems. it can cause runtime problems.
- Since CASA is tied to the Linux login process via PAM,
events that cause the system to become inconsistent or
unstable may cause a user to be unable to login to the
workstation. Some possible causes of inconsistency or
instability are:
- Installing 32 bit CASA RPMs on a 64 bit OS
- Performing a hard reset on the machine
Following the steps below will restore the ability to
login.
1) Reboot machine
2) When boot loader menu appears, type "init=/bin/bash"
(without quotes) on the options line and then Enter.
This will cause the machine to boot into a command
shell with root privileges.
3) At the command prompt type "chkconfig micasad off"
(without quotes). This will prevent the CASA daemon
from being loaded during bootup.
4) With a console based text editor (i.e. vi, emacs)
remove all lines referencing the pam_micasa module in
the following pam configuration files (some files may
not exist depending on what desktop managers have
been installed:
- /etc/pam.d/gdm
- /etc/pam.d/xdm
- /etc/pam.d/kdm
- /etc/pam.d/sshd
- /etc/pam.d/login
5) At the command prompt type "init 5" (without quotes)
to boot into runlevel 5. This will provide you with a
graphical login prompt. You should be able to login
at this point.
After you have restored login capabilities, you will need
to resolve the inconsistency that prevented login in the
first place. If you had installed a 32 bit CASA package
on a 64 bit OS, you will need to uninstall the 32 bit
package and install a CASA package built for 64 bit
architectures. If you are recovering from a hard reset
no further action should be needed.
To make it so CASA will run at boot time, open a shell and
at the prompt type "chkconfig micasad 1235" (without
quotes). This will cause micasad to be run at runlevels
1, 2, 3, and 5.
- When logged in to a KDE session, the gnome-keyring-daemon
does not run by default. Therefore, all apps that access
the daemon, including our CASAManager will not be able to
manage/access the gnome-keyring.
You can manually start the daemon by running the following
command from a shell prompt:
gnome-keyring-daemon
When the gnome-keyring-daemon starts, it prints the
GNOME_KEYRING_SOCKET environment variable and its value to
the terminal. In Gnome, the daemon is started and the
environment variable is loaded into your X session
environment by default, but in KDE, you will
have to manually load it.
To load this environment variable, run a command similar to
the following command from a shell prompt (replacing the
value of the environment variable with what the daemon
output to the screen when you started it):
export GNOME_KEYRING_SOCKET=/tmp/keyring-oaTsPs/socket
Then you can run CASAManager GUI (from the same terminal
you exported the variable from) and you will be able to
manage and use the gnome-keyring in KDE just like you
could if you were logged into Gnome.
4.0 Legal Notices 4.0 Legal Notices

View File

@ -21,7 +21,7 @@ License: LGPL
Group: Productivity/Other Group: Productivity/Other
Autoreqprov: on Autoreqprov: on
%define bldno 1.1.1 %define bldno 1.1.1
Version: 1.6.000 Version: 1.6.311
Release: 0 Release: 0
Summary: Novell Common Authentication Service Adapter (CASA) Summary: Novell Common Authentication Service Adapter (CASA)
Source: %{name}-%{version}.tar.bz2 Source: %{name}-%{version}.tar.bz2
@ -153,11 +153,7 @@ echo "/usr/%{_lib}/" >> %{buildroot}/etc/ld.so.conf.d/CASA.conf
%post %post
%{fillup_and_insserv -y micasad} %{fillup_and_insserv -y micasad}
if [ $1 -eq 1 ] || [ $1 -eq 2 ] casacfgpam
then
casacfgpam
fi
/sbin/ldconfig /sbin/ldconfig
%post gui %post gui

View File

@ -153,11 +153,7 @@ echo "/usr/%{_lib}/" >> %{buildroot}/etc/ld.so.conf.d/CASA.conf
%post %post
%{fillup_and_insserv -y micasad} %{fillup_and_insserv -y micasad}
if [ $1 -eq 1 ] || [ $1 -eq 2 ] casacfgpam
then
casacfgpam
fi
/sbin/ldconfig /sbin/ldconfig
%post gui %post gui