瀏覽代碼

Only change pam values when needed

Bob Mottram 7 年之前
父節點
當前提交
f7f323b763
共有 1 個檔案被更改,包括 9 行新增3 行删除
  1. 9
    3
      src/freedombone-utils-setup

+ 9
- 3
src/freedombone-utils-setup 查看文件

@@ -458,13 +458,17 @@ function set_max_login_tries {
458 458
     if ! grep -q ' deny=' /etc/pam.d/common-auth; then
459 459
         sed -i "/pam_deny.so/a auth    required\t\t\tpam_tally.so    onerr=fail no_lock_time per_user deny=$max_tries" /etc/pam.d/common-auth
460 460
     else
461
-        sed -i "s| deny=.*| deny=$max_tries|g" /etc/pam.d/common-auth
461
+        if ! grep -q " deny=$max_tries" /etc/pam.d/common-auth; then
462
+            sed -i "s| deny=.*| deny=$max_tries|g" /etc/pam.d/common-auth
463
+        fi
462 464
     fi
463 465
 
464 466
     if ! grep -q ' deny=' /etc/pam.d/common-account; then
465 467
         sed -i '/pam_deny.so/a account required\t\t\tpam_tally.so' /etc/pam.d/common-account
466 468
     else
467
-        sed -i "s| deny=.*| deny=$max_tries|g" /etc/pam.d/common-account
469
+        if ! grep -q " deny=$max_tries" /etc/pam.d/common-account; then
470
+            sed -i "s| deny=.*| deny=$max_tries|g" /etc/pam.d/common-account
471
+        fi
468 472
     fi
469 473
 }
470 474
 
@@ -630,7 +634,9 @@ function dummy_nologin_command {
630 634
 }
631 635
 
632 636
 function disable_null_passwords {
633
-    sed -i 's| nullok_secure||g' /etc/pam.d/common-auth
637
+    if grep -q ' nullok_secure' /etc/pam.d/common-auth; then
638
+        sed -i 's| nullok_secure||g' /etc/pam.d/common-auth
639
+    fi
634 640
 }
635 641
 
636 642
 function create_usb_canary {