summaryrefslogtreecommitdiff
path: root/src/conf_mode/system-login.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/conf_mode/system-login.py')
-rwxr-xr-xsrc/conf_mode/system-login.py9
1 files changed, 9 insertions, 0 deletions
diff --git a/src/conf_mode/system-login.py b/src/conf_mode/system-login.py
index dbd346fe4..e26b81e3d 100755
--- a/src/conf_mode/system-login.py
+++ b/src/conf_mode/system-login.py
@@ -257,6 +257,15 @@ def apply(login):
except Exception as e:
raise ConfigError(f'Adding user "{user}" raised exception: "{e}"')
+ # Generate 2FA/MFA One-Time-Pad configuration
+ if dict_search('authentication.otp.key', user_config):
+ render(f'{home_dir}/.google_authenticator', 'login/pam_otp_ga.conf.j2',
+ user_config, permission=0o400, user=user, group='users')
+ else:
+ # delete configuration as it's not enabled for the user
+ if os.path.exists(f'{home_dir}/.google_authenticator'):
+ os.remove(f'{home_dir}/.google_authenticator')
+
if 'rm_users' in login:
for user in login['rm_users']:
try:
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-13 14:56:08 +0000