diff options
| author | Matteo Pasotti <matteo@mageia.org> | 2013-01-04 16:05:27 +0000 |
|---|---|---|
| committer | Matteo Pasotti <matteo@mageia.org> | 2013-01-04 16:05:27 +0000 |
| commit | d518bf66f9630aeb1995e8e3f39a78b9261d9433 (patch) | |
| tree | cd9d5e1c961de09a343cab9539e6b88c02b68666 | |
| parent | 7ccae56fe4372edbda0fe2be84a90141aa9a4bd4 (diff) | |
| download | manatools-d518bf66f9630aeb1995e8e3f39a78b9261d9433.tar manatools-d518bf66f9630aeb1995e8e3f39a78b9261d9433.tar.gz manatools-d518bf66f9630aeb1995e8e3f39a78b9261d9433.tar.bz2 manatools-d518bf66f9630aeb1995e8e3f39a78b9261d9433.tar.xz manatools-d518bf66f9630aeb1995e8e3f39a78b9261d9433.zip | |
- AdminPanel/Privileges.pm: added support to pam / consolehelper
- extras/README: added info to configure pam for apanel
- apanel.pl: using pam as default
| -rw-r--r-- | AdminPanel/Privileges.pm | 8 | ||||
| -rwxr-xr-x | apanel.pl | 2 | ||||
| -rw-r--r-- | extras/README | 25 |
3 files changed, 32 insertions, 3 deletions
diff --git a/AdminPanel/Privileges.pm b/AdminPanel/Privileges.pm index b1d4ef74..f6db9d41 100644 --- a/AdminPanel/Privileges.pm +++ b/AdminPanel/Privileges.pm @@ -28,13 +28,17 @@ use English qw(-no_match_vars); our @EXPORT = qw(require_root_capability ask_for_authentication $USE_SUDO - $USE_PKIT); + $USE_PKIT + $USE_CHLP); our $USE_SUDO = 1; our $USE_PKIT = 2; +our $USE_CHLP = 3; my $wrappers = { $USE_SUDO => "sudo", - $USE_PKIT => "pkexec" }; + $USE_PKIT => "pkexec", + $USE_CHLP => "consolehelper" + }; my $wrapper = 0; @@ -30,7 +30,7 @@ my $cmdline = new yui::YCommandLine; usage() if($cmdline->find("--help") > 0 || $cmdline->find("-h") > 0); -ask_for_authentication($USE_PKIT) if(require_root_capability()); +ask_for_authentication($USE_CHLP) if(require_root_capability()); my $mainWin = new MainDisplay(); my $launch = $mainWin->start(); diff --git a/extras/README b/extras/README index a0b62415..8bb98c56 100644 --- a/extras/README +++ b/extras/README @@ -8,6 +8,31 @@ After that you have to make a symbolic link to apanel.pl into /usr/bin/ (i.e. / This settings will be automatically handled at rpm installation time in future/production. +Configure pam +------------- + +1. symlink /usr/bin/consolehelper -> /usr/bin/apanel +2. create /etc/pam.d/apanel and populate it with the code below: +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_console.so +auth sufficient pam_timestamp.so +auth include system-auth +account required pam_permit.so +session optional pam_timestamp.so +session optional pam_xauth.so + +auth required pam_succeed_if.so quiet user != xguest + +3. create /etc/security/console.apps/apanel and populate it with the code below: +USER=root +PROGRAM=<absolute/path/to/apanel.pl> + +4. authorize apanel to use the display +xhost local:root + +5. setup apanel.pl to use consolehelper backend ($USE_CHLP) + Add AdminPanel to the include path (for developers) --------------------------------------------------- |