|
一键安装包里的client.sh 只适合centos6.X,所有自己根据经验改了下适合centos7的安装脚本。
cat jumpserver_centos7_client_install.sh
#!/bin/bash
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
setenforce 0
yum -y install openldap openldap-clients nss-pam-ldapd pam_ldap
echo "session required pam_mkhomedir.so skel=/etc/skel umask=0077" >> /etc/pam.d/system-auth
authconfig --savebackup=auth.bak
authconfig --enableldap --enableldapauth --enablemkhomedir --enableforcelegacy --disablesssd --disablesssdauth --ldapserver=192.168.98.75 --ldapbasedn="dc=jumpserver,dc=org" --update
sed -i '/quiet_success/s/auth/#auth/' /etc/pam.d/password-auth-ac
echo -e "uri ldap://192.168.98.75\nSudoers_base ou=Sudoers,dc=jumpserver,dc=org" > /etc/sudo-ldap.conf
echo "Sudoers: files ldap" >> /etc/nsswitch.conf
systemctl start nslcd.service
systemctl enable nslcd.service
|
|
|
|
|
|
|