From 2c9845db4bc00221bc3c2343a020208f7f532166 Mon Sep 17 00:00:00 2001 From: Cullum Smith Date: Thu, 31 Oct 2024 21:36:39 -0400 Subject: many fixes --- files/etc/auto_master.common | 1 - files/etc/cron.d/freeradius.radius_server | 2 +- files/etc/cron.d/prosody.xmpp_server | 4 ++-- files/etc/devfs.rules.desktop | 1 + files/etc/login.access.freebsd | 5 ++++- files/etc/pam.d/login.freebsd | 5 +++++ files/etc/pam.d/sshd.freebsd | 5 +++++ 7 files changed, 18 insertions(+), 5 deletions(-) (limited to 'files/etc') diff --git a/files/etc/auto_master.common b/files/etc/auto_master.common index 37f3e34..d82114c 100644 --- a/files/etc/auto_master.common +++ b/files/etc/auto_master.common @@ -1,2 +1 @@ -/net -hosts -nobrowse,nosuid,intr +auto_master diff --git a/files/etc/cron.d/freeradius.radius_server b/files/etc/cron.d/freeradius.radius_server index 20f3ada..2081fbd 100644 --- a/files/etc/cron.d/freeradius.radius_server +++ b/files/etc/cron.d/freeradius.radius_server @@ -1,2 +1,2 @@ MAILTO=root -@daily ${freeradius_user} find ${freeradius_tlscache_dir} -mindepth 1 -mtime +2 -exec rm -vf {} + +@daily ${freeradius_user} find ${freeradius_tlscache_dir} -mindepth 1 -mtime +2 -exec rm -f {} + diff --git a/files/etc/cron.d/prosody.xmpp_server b/files/etc/cron.d/prosody.xmpp_server index b95f010..a73153a 100644 --- a/files/etc/cron.d/prosody.xmpp_server +++ b/files/etc/cron.d/prosody.xmpp_server @@ -1,3 +1,3 @@ MAILTO=root -0 0 * * * * ${prosody_local_user} /usr/local/libexec/prosody-acme-proxy -q ${prosody_user}@${prosody_acme_host} ${prosody_domains} -0 0 * * * * ${prosody_local_user} /usr/local/libexec/prosody-update-roster ${prosody_access_role} > ${prosody_roster_path} +0 0 * * * * ${prosody_local_user} /usr/local/libexec/prosody-acme-proxy -q ${prosody_username}@${prosody_acme_host} ${prosody_domains} +0 0 * * * * ${prosody_local_user} /usr/local/libexec/prosody-update-roster ${prosody_access_role} ${prosody_roster_path} diff --git a/files/etc/devfs.rules.desktop b/files/etc/devfs.rules.desktop index 4c10d43..ec38210 100644 --- a/files/etc/devfs.rules.desktop +++ b/files/etc/devfs.rules.desktop @@ -2,3 +2,4 @@ add path 'drm/*' mode 0660 group ${desktop_access_role} add path 'backlight/*' mode 0660 group ${desktop_access_role} add path 'video*' mode 0660 group ${desktop_access_role} +add path 'usb/*' mode 0660 group ${desktop_access_role} diff --git a/files/etc/login.access.freebsd b/files/etc/login.access.freebsd index c2d6fc1..ee83dd5 100644 --- a/files/etc/login.access.freebsd +++ b/files/etc/login.access.freebsd @@ -2,7 +2,10 @@ +:root:ALL +:${icinga_local_user}:ALL -$(if [ -n "${login_access_groups:-}" ] || [ -n "${login_access_users:-}" ]; then +$(if [ -n "${acmeproxy_client_group:-}" ]; then + echo "+:(${acmeproxy_client_group}):ALL" +fi +if [ -n "${login_access_groups:-}" ] || [ -n "${login_access_users:-}" ]; then printf -- '-:ALL EXCEPT ' if [ -n "${login_access_groups:-}" ]; then printf '(%s) ' ${login_access_groups} diff --git a/files/etc/pam.d/login.freebsd b/files/etc/pam.d/login.freebsd index ae50bbe..bb215ec 100644 --- a/files/etc/pam.d/login.freebsd +++ b/files/etc/pam.d/login.freebsd @@ -12,6 +12,11 @@ session required pam_lastlog.so no_fail session required pam_xdg.so session required /usr/local/lib/security/pam_krb5.so session optional /usr/local/lib/pam_mkhomedir.so mode=0700 +$(if [ "$BOXCONF_VIRTUALIZATION_TYPE" != jail ] && [ "${enable_autofs:-}" != false ]; then +cat <