forked from obel1x/fedora-OEMDRV
Compare commits
5 Commits
8e2cd35eb4
...
253030228f
| Author | SHA1 | Date | |
|---|---|---|---|
 Daniel unbrot Pätzold
|
253030228f | ||
|
Daniel unbrot Pätzold
|
f59ba70bb9 | ||
|
Daniel unbrot Pätzold
|
3906d19a4f | ||
|
Daniel unbrot Pätzold
|
9b4d68ca72 | ||
 obel1x
|
5238f778ad |
@@ -30,14 +30,15 @@ timezone Europe/Berlin --utc
|
|||||||
@libreoffice
|
@libreoffice
|
||||||
@office
|
@office
|
||||||
@sound-and-video
|
@sound-and-video
|
||||||
|
#Okular is kde only, use evince on cinnamon
|
||||||
|
#okular
|
||||||
|
evince
|
||||||
libva-utils
|
libva-utils
|
||||||
libavcodec-freeworld
|
libavcodec-freeworld
|
||||||
mesa-va-drivers-freeworld
|
mesa-va-drivers-freeworld
|
||||||
ffmpeg
|
ffmpeg
|
||||||
@vlc
|
@vlc
|
||||||
python-vlc
|
python-vlc
|
||||||
#@development-tools
|
|
||||||
#@editors
|
|
||||||
@firefox
|
@firefox
|
||||||
thunderbird
|
thunderbird
|
||||||
openssh-server
|
openssh-server
|
||||||
|
|||||||
@@ -30,6 +30,7 @@ mount -L OEMDRV /mnt/anaconda_pre
|
|||||||
@libreoffice
|
@libreoffice
|
||||||
@office
|
@office
|
||||||
@sound-and-video
|
@sound-and-video
|
||||||
|
okular
|
||||||
libva-utils
|
libva-utils
|
||||||
libavcodec-freeworld
|
libavcodec-freeworld
|
||||||
mesa-va-drivers-freeworld
|
mesa-va-drivers-freeworld
|
||||||
|
|||||||
@@ -17,6 +17,23 @@ if [ "$EUID" -eq 0 ]; then
|
|||||||
echo "Press any key to continue" && read -n 1 -s -r && exit 1
|
echo "Press any key to continue" && read -n 1 -s -r && exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Check DNS resolution before proceeding - logon depends on IPA and Nextcloud being reachable
|
||||||
|
_dns_target="${SERVERFQDN_IPA}"
|
||||||
|
while ! getent hosts "${_dns_target}" >/dev/null 2>&1; do
|
||||||
|
elog_add "Warning: DNS resolution failed for ${_dns_target} - network or DNS not ready."
|
||||||
|
echo ""
|
||||||
|
echo "Warning: DNS resolution failed for ${_dns_target}."
|
||||||
|
echo "Please check your network connection and DNS settings before continuing."
|
||||||
|
echo ""
|
||||||
|
printf " [R]etry [C]ontinue anyway [Q]uit: "
|
||||||
|
read -r _dns_choice
|
||||||
|
case "${_dns_choice}" in
|
||||||
|
[Cc]) elog_add "Continuing despite DNS failure (user choice)."; break ;;
|
||||||
|
[Qq]) elog_add "Script aborted by user due to DNS failure."; exit 1 ;;
|
||||||
|
*) elog_add "Retrying DNS check for ${_dns_target}..." ;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
|
||||||
#Check for needed python-modules
|
#Check for needed python-modules
|
||||||
#For WEBDAV
|
#For WEBDAV
|
||||||
python -c "import webdav3">/dev/null 2>&1
|
python -c "import webdav3">/dev/null 2>&1
|
||||||
|
|||||||
@@ -10,6 +10,16 @@ if [ "$EUID" -ne 0 ]; then
|
|||||||
echo "Press any key to continue" && read -n 1 -s -r && exit 1
|
echo "Press any key to continue" && read -n 1 -s -r && exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Ensure krb5_validate = False in sssd.conf to restore offline auth
|
||||||
|
# (SSSD >= 2.10.1 skips the CAP_DAC_READ_SEARCH raise in offline mode, so validate_tgt
|
||||||
|
# fails with EACCES before the cached-credential fallback is reached)
|
||||||
|
_SSSD_CONF="/etc/sssd/sssd.conf"
|
||||||
|
if [ -f "${_SSSD_CONF}" ] && ! grep -q "^krb5_validate" "${_SSSD_CONF}"; then
|
||||||
|
echo "Patching sssd.conf: adding 'krb5_validate = False' to restore offline authentication"
|
||||||
|
sed -i "/^\[domain\/${DOMAIN}\]/a krb5_validate = False" "${_SSSD_CONF}"
|
||||||
|
systemctl restart sssd
|
||||||
|
fi
|
||||||
|
|
||||||
#Check Token
|
#Check Token
|
||||||
if [ "${DAVTOKEN_USER}." == "." ]; then
|
if [ "${DAVTOKEN_USER}." == "." ]; then
|
||||||
echo "Error: Script cannot be executed standalone, must be run with a matching sudo rule and needs a prereserved environment from logon-script."
|
echo "Error: Script cannot be executed standalone, must be run with a matching sudo rule and needs a prereserved environment from logon-script."
|
||||||
|
|||||||
Reference in New Issue
Block a user