[24446] in Source-Commits
/svn/athena r24037 - trunk/debathena/config/ssh-server-config/debian
daemon@ATHENA.MIT.EDU (Evan Broder)
Thu Oct 1 17:45:23 2009
Date: Thu, 1 Oct 2009 17:45:10 -0400
From: Evan Broder <broder@MIT.EDU>
Message-Id: <200910012145.n91LjAgN019462@drugstore.mit.edu>
To: source-commits@mit.edu
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Author: broder
Date: 2009-10-01 17:45:10 -0400 (Thu, 01 Oct 2009)
New Revision: 24037
Added:
trunk/debathena/config/ssh-server-config/debian/10-bash-kerberos-credentials-warn
trunk/debathena/config/ssh-server-config/debian/10-csh-kerberos-credentials-warn
Removed:
trunk/debathena/config/ssh-server-config/debian/10-kerberos-credentials-warn
trunk/debathena/config/ssh-server-config/debian/csh-kerberos-credentials-warn
Modified:
trunk/debathena/config/ssh-server-config/debian/debathena-ssh-server-config.install
Log:
In ssh-server-config, conditionalize the no tickets/tokens warning
based on DEBATHENA_HOME_TYPE rather than if the user is nonlocal, be
sure to always print errors to stderr, and only print the messages
during an interactive session.
Patch by Jessica Hamrick <jhamrick@mit.edu>
Copied: trunk/debathena/config/ssh-server-config/debian/10-bash-kerberos-credentials-warn (from rev 24031, trunk/debathena/config/ssh-server-config/debian/10-kerberos-credentials-warn)
===================================================================
--- trunk/debathena/config/ssh-server-config/debian/10-kerberos-credentials-warn 2009-09-29 08:29:30 UTC (rev 24031)
+++ trunk/debathena/config/ssh-server-config/debian/10-bash-kerberos-credentials-warn 2009-10-01 21:45:10 UTC (rev 24037)
@@ -0,0 +1,31 @@
+# If a user logs in without tickets and tokens, display a warning message to let them know
+
+# Check to make sure the user does not have a local account
+if [ "$DEBATHENA_HOME_TYPE" == "afs" ]; then
+ # Check to make sure it's an interactive logon
+ if [ "$PS1" ]; then
+ tickets=
+ tokens=
+
+ # Check for tokens
+ if tokens | grep -q 'athena\.mit\.edu'; then
+ tokens="yes"
+ fi
+
+ # Check for tickets
+ if klist -s; then
+ tickets="yes"
+ fi
+
+ if [ -z "$tokens" ] && [ -z "$tickets" ] && [ ! -r ~/.bashrc ]; then
+ echo "WARNING: You have no valid Kerberos tickets and no valid AFS tokens." >&2
+ echo "See http://debathena.mit.edu/ssh" >&2
+ elif [ -z "$tokens" ] && [ ! -r ~/.bashrc ]; then
+ echo "WARNING: You have no valid AFS tokens." >&2
+ echo "See http://debathena.mit.edu/ssh" >&2
+ elif [ -z "$tickets" ]; then
+ echo "WARNING: You have no valid Kerberos tickets." >&2
+ echo "See http://debathena.mit.edu/ssh" >&2
+ fi
+ fi
+fi
Property changes on: trunk/debathena/config/ssh-server-config/debian/10-bash-kerberos-credentials-warn
___________________________________________________________________
Name: svn:mergeinfo
+
Copied: trunk/debathena/config/ssh-server-config/debian/10-csh-kerberos-credentials-warn (from rev 24031, trunk/debathena/config/ssh-server-config/debian/csh-kerberos-credentials-warn)
===================================================================
--- trunk/debathena/config/ssh-server-config/debian/csh-kerberos-credentials-warn 2009-09-29 08:29:30 UTC (rev 24031)
+++ trunk/debathena/config/ssh-server-config/debian/10-csh-kerberos-credentials-warn 2009-10-01 21:45:10 UTC (rev 24037)
@@ -0,0 +1,33 @@
+# Warn the user if they log in without tickets or tokens
+
+# Check to make sure the user does not have a local account
+if ("$DEBATHENA_HOME_TYPE" == "afs") then
+ # Check to make sure the logon is interactive
+ if ($?prompt) then
+ set tickets=""
+ set tokens=""
+
+ # Check for tickets
+ klist -s
+ if ("$?" == 0) then
+ set tickets="yes"
+ endif
+
+ # Check for tokens
+ tokens | grep -q 'athena\.mit\.edu'
+ if ("$?" == 0) then
+ set tokens="yes"
+ endif
+
+ if ("$tokens" != "yes" && "$tickets" != "yes" && ! -r ~/.cshrc) then
+ echo "WARNING: You have no valid Kerberos tickets and no valid AFS tokens." >/dev/stderr
+ echo "See http://debathena.mit.edu/ssh" >/dev/stderr
+ else if ("$tokens" != "yes" && ! -r ~/.cshrc) then
+ echo "WARNING: You have no valid AFS tokens." >/dev/stderr
+ echo "See http://debathena.mit.edu/ssh" >/dev/stderr
+ else if ("$tickets" != "yes") then
+ echo "WARNING: You have no valid Kerberos tickets." >/dev/stderr
+ echo "See http://debathena.mit.edu/ssh" >/dev/stderr
+ endif
+ endif
+endif
Property changes on: trunk/debathena/config/ssh-server-config/debian/10-csh-kerberos-credentials-warn
___________________________________________________________________
Name: svn:mergeinfo
+
Deleted: trunk/debathena/config/ssh-server-config/debian/10-kerberos-credentials-warn
Deleted: trunk/debathena/config/ssh-server-config/debian/csh-kerberos-credentials-warn
Modified: trunk/debathena/config/ssh-server-config/debian/debathena-ssh-server-config.install
===================================================================
--- trunk/debathena/config/ssh-server-config/debian/debathena-ssh-server-config.install 2009-09-30 22:00:04 UTC (rev 24036)
+++ trunk/debathena/config/ssh-server-config/debian/debathena-ssh-server-config.install 2009-10-01 21:45:10 UTC (rev 24037)
@@ -1,3 +1,3 @@
debian/sshd_config.debathena etc/ssh/
-debian/10-kerberos-credentials-warn usr/share/debathena-bash-config/profile.d/
-debian/csh-kerberos-credentials-warn etc/csh/login.d/
+debian/10-bash-kerberos-credentials-warn usr/share/debathena-bash-config/profile.d/
+debian/10-csh-kerberos-credentials-warn etc/csh/login.d/
