#!/bin/bash

SSHDCONFIG=/etc/ssh/sshd_config

echo "Don't forget to configure:"
echo "  OpenAfs and Kerberos, you may use tp-conf-afs-client-config"
echo "  libnss-ldap, you may use tp-conf-libnss-ldap-config"
echo "  libpam-ldap, you may use tp-conf-libpam-ldap-config"
echo
echo "PrivilegeSeparation don't work with kerberos"
#echo "Checking if is not configured"
if egrep -q "UsePrivilegeSeparation[ ]+no" ${SSHDCONFIG} ; then
    echo "Good: UsePrivilegeSeparation is not configured"
else
    echo "Bad UsePrivilegeSeparation could be configure"
fi

if [ `hostname` != `hostname -f` ] ; then
    echo "The hostname should be qualified name"
    echo -n "Now hostname is " ; hostname
    echo -n "Fully qualified name is " ; hostname -f
fi

echo
echo "Please add to /etc/pam.d/common-auth"
echo "auth 	optional                pam_group.so"
echo "auth 	sufficient 		pam_krb5.so minimum_uid=1001"
echo "auth	required		pam_unix.so nullok_secure"
echo
echo "Now have you have"
egrep -v "^#" /etc/pam.d/common-auth

echo
echo "Please add to /etc/pam.d/common-account"
echo "account sufficient      pam_ldap.so"
echo "account	required      pam_unix.so"
echo
echo "Now have you have"
egrep -v "^#" /etc/pam.d/common-account

echo
echo "Please add to /etc/pam.d/common-session"
echo "session   optional      pam_krb5.so minimum_uid=1001"
echo "session   optional      pam_openafs_session.so"
echo "session	  required	pam_unix.so"
echo
echo "Now have you have"
egrep -v "^#" /etc/pam.d/common-session

echo
echo "Please add to /etc/security/group.conf"
echo "########################################################################"
echo "#Inicio configuracoes TagusPark (para mount de pen,musica e floppy)"
echo 
echo "gdm; * ; * ; Al0000-2400 ; floppy, audio, video, plugdev, cdrom"
echo "login; * ; * ; Al0000-2400 ; floppy, audio, video, plugdev, cdrom"
echo
echo "Now have you have"
egrep -v "^#" /etc/security/group.conf
