feat: better logging for pam logic

2021-09-29 09:49:25 +02:00 · 2021-09-29 09:49:25 +02:00 · 099f576f30
parent c285ec4d95
commit 099f576f30
2 changed files with 3 additions and 3 deletions
--- a/abra.sh
+++ b/abra.sh
@ -1,4 +1,4 @@
-export CUSTOM_ENTRYPOINT_VERSION=v2
+export CUSTOM_ENTRYPOINT_VERSION=v3
 export OIDC_CONF_VERSION=v1
 export PAM_EXEC_OAUTH2_YAML_VERSION=v1
 export PAM_SCRIPT_AUTH_VERSION=v1
--- a/entrypoint.sh.tmpl
+++ b/entrypoint.sh.tmpl
@ -31,8 +31,8 @@ echo 'auth-openid-base-uri=https://{{ env "DOMAIN" }}' >> /etc/rstudio/rserver.c

 {{ if eq (env "KEYCLOAK_ENABLED") "1" }}
 apt install -y libpam-script
-echo 'auth sufficient pam_exec.so expose_authtok /opt/pam-exec-oauth2/pam-exec-oauth2' >> /etc/pam.d/common-auth
-echo 'auth optional pam_script.so' >> /etc/pam.d/common-auth
+echo 'auth required pam_exec.so debug expose_authtok log=/tmp/pam_exec.log /opt/pam-exec-oauth2/pam-exec-oauth2 --debug' >> /etc/pam.d/common-auth
+echo 'auth required pam_script.so' >> /etc/pam.d/common-auth
 mkdir -p /opt/pam-exec-oauth2/
 wget https://github.com/WASHNote/pam-exec-oauth2/releases/download/v0.0.1/pam-exec-oauth2 -O /opt/pam-exec-oauth2/pam-exec-oauth2
 chmod +x /opt/pam-exec-oauth2/pam-exec-oauth2