From 6f564918c84a68b6279e33eedeefcb0528c055d1 Mon Sep 17 00:00:00 2001 From: frank Date: Mon, 16 Jan 2012 17:03:07 +0100 Subject: [PATCH] saving uncommitted changes in /etc prior to emerge run --- .etckeeper | 3 +++ pam.d/system-auth-winbind | 18 ++++++++++++++++++ security/pam_winbind.conf | 38 ++++++++++++++++++++++++++++++++++++++ xinetd.d/swat | 17 +++++++++++++++++ 4 files changed, 76 insertions(+) create mode 100644 pam.d/system-auth-winbind create mode 100644 security/pam_winbind.conf create mode 100644 xinetd.d/swat diff --git a/.etckeeper b/.etckeeper index 7699c713..3579ce96 100755 --- a/.etckeeper +++ b/.etckeeper @@ -769,6 +769,7 @@ maybe chmod 0644 './pam.d/start-stop-daemon' maybe chmod 0644 './pam.d/su' maybe chmod 0644 './pam.d/sudo' maybe chmod 0644 './pam.d/system-auth' +maybe chmod 0644 './pam.d/system-auth-winbind' maybe chmod 0644 './pam.d/system-local-login' maybe chmod 0644 './pam.d/system-login' maybe chmod 0644 './pam.d/system-remote-login' @@ -902,6 +903,7 @@ maybe chmod 0644 './security/namespace.conf' maybe chmod 0755 './security/namespace.d' maybe chmod 0755 './security/namespace.init' maybe chmod 0644 './security/pam_env.conf' +maybe chmod 0644 './security/pam_winbind.conf' maybe chmod 0644 './security/time.conf' maybe chmod 0644 './services' maybe chmod 0755 './sgml' @@ -1124,6 +1126,7 @@ maybe chmod 0644 './xinetd.d/git-daemon' maybe chmod 0644 './xinetd.d/kpropd' maybe chmod 0644 './xinetd.d/rsyncd' maybe chmod 0644 './xinetd.d/svnserve' +maybe chmod 0644 './xinetd.d/swat' maybe chmod 0644 './xinetd.d/tcpmux-server' maybe chmod 0644 './xinetd.d/time-dgram' maybe chmod 0644 './xinetd.d/time-stream' diff --git a/pam.d/system-auth-winbind b/pam.d/system-auth-winbind new file mode 100644 index 00000000..b58dcf64 --- /dev/null +++ b/pam.d/system-auth-winbind @@ -0,0 +1,18 @@ +#%PAM-1.0 +# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/3.5/system-auth-winbind.pam,v 1.1 2010/03/01 16:19:54 patrick Exp $ + +auth required pam_env.so +auth sufficient pam_winbind.so +auth sufficient pam_unix.so likeauth nullok use_first_pass +auth required pam_deny.so + +account sufficient pam_winbind.so +account required pam_unix.so + +password required pam_cracklib.so retry=3 +password sufficient pam_unix.so nullok use_authtok md5 shadow +password required pam_deny.so + +session required pam_mkhomedir.so skel=/etc/skel/ umask=0022 +session required pam_limits.so +session required pam_unix.so diff --git a/security/pam_winbind.conf b/security/pam_winbind.conf new file mode 100644 index 00000000..dd0b112f --- /dev/null +++ b/security/pam_winbind.conf @@ -0,0 +1,38 @@ +# +# pam_winbind configuration file +# +# /etc/security/pam_winbind.conf +# + +[global] + +# turn on debugging +;debug = no + +# turn on extended PAM state debugging +;debug_state = no + +# request a cached login if possible +# (needs "winbind offline logon = yes" in smb.conf) +;cached_login = no + +# authenticate using kerberos +;krb5_auth = no + +# when using kerberos, request a "FILE" krb5 credential cache type +# (leave empty to just do krb5 authentication but not have a ticket +# afterwards) +;krb5_ccache_type = + +# make successful authentication dependend on membership of one SID +# (can also take a name) +;require_membership_of = + +# password expiry warning period in days +;warn_pwd_expire = 14 + +# omit pam conversations +;silent = no + +# create homedirectory on the fly +;mkhomedir = no diff --git a/xinetd.d/swat b/xinetd.d/swat new file mode 100644 index 00000000..13b3ee23 --- /dev/null +++ b/xinetd.d/swat @@ -0,0 +1,17 @@ +# default: off +# description: SWAT is the Samba Web Admin Tool. Use swat \ +# to configure your Samba server. To use SWAT, \ +# connect to port 901 with your favorite web browser. +# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/3.5/swat.xinetd,v 1.1 2010/03/01 16:19:54 patrick Exp $ + +service swat +{ + port = 901 + socket_type = stream + wait = no + only_from = localhost + user = root + server = /usr/sbin/swat + log_on_failure += USERID + disable = yes +} -- 2.39.5