GUI login not running scripts inside /etc/profile.d/

Asked by liquidoshin on 2018-10-02

I wrote a bash script that installs a certificate using the certutil command and placed it inside /etc/profile.d/ . This script is intended to run each time any user logs in by making .pki/nssdb directory inside the users home directory (if the database doesn't already exist) and install our personal certificate (if not already installed). There are two issues I'm experiencing however. Number one is, the code is hiccuping at a certain point in my code which then doesn't allow the user to login via the GUI. The following is the contents of the script:

#!/bin/bash

#get which linux distro we're on and set to dist
certutil=/usr/bin/certutil
if [ -f /usr/bin/lsb_release ]
then
 dist=$(/usr/bin/lsb_release -dr)
elif [ -f /etc/system-release ]
then
 IFS=$'\n' read -d '' -r -a lines < /etc/system-release
 dist=${lines[0]}
elif [ -f /etc/os-release ]
then
 IFS=$'\n' read -d '' -r -a lines < /etc/os-release
 for i in "${lines[@]}"
 do
  if [[ $i =~ ^NAME ]]
  then
  dist=$i
  fi
 done
fi
mkdir=""

#converts to lowercase
dist="$(echo ${dist,,})"

#fedora requires .pem file
if [[ $dist =~ fedora ]]
then
 cert=/usr/share/certdir/resources/ourcert.pem
else
 cert=/usr/share/certdir/resources/ourcert.crt
fi

#check if certs exist
if ! [ -f $cert ]
then
 exit 1
fi
#determine location of mkdir binary and create nssdb database
if ! [ -f $HOME/.pki/nssdb ]
then
 if [[ $dist =~ .*red\ hat.*release\ 6.* ]] || [[ $dist =~ debian ]] || [[ $dist =~ ubuntu ]]
 then
  /bin/mkdir -p $HOME/.pki/nssdb
 else
  /usr/bin/mkdir -p $HOME/.pki/nssdb
 fi
fi

#list installed certificates
IFS=$'\n'
#mapfile lines < <($certutil -L -d sql:$HOME/.pki/nssdb 2> /dev/null)
output=$($certutil -L -d sql:$HOME/.pki/nssdb 2> /dev/null)
retcode=$(echo $?)
found=false

#check if cert is installed
if [ $retcode == "0" ]; then
 for i in "${output[@]}"
 do
  if [[ $i =~ name\of\our\cert.* ]]
  then
   found=true
  fi
 done
fi

#if not, install cert
if ! $found
then
 $certutil --empty-password -d sql:$HOME/.pki/nssdb -N
 $certutil -d sql:$HOME/.pki/nssdb -A -t "C,C,C" -n "certname" -i $cert
fi

By process of commenting out the whole script initially and then, chunks of code at a time, uncommenting until I got to the culprit, the program seems to have an issue with the part where I set IFS=$'\n', on its own separate line. I wasn't sure why this was an issue so I tried to find another way to basically store the output from the certutil -L command and store the output in an array which is what I'm doing on the line below that's commented out using the mapfile built in bash command. Commenting out the IFS assignment line and uncommenting the mapfile line also causes the same issue where I login as my local user and then I'm immediately logged back out again. The second thing I noticed however, if I comment everything from the IFS=$'\n' line and down, I can login fine but my script in /etc/profile.d doesn't get run. I know this because the .pki/nssdb directories aren't made which should definitely happen if the script is run. One last thing I've noticed is that if I login through the shell the script gets run even with all the code present and none of it commented out, gives no errors and does everything like it's supposed to. This seems to be an issue only with logging in on the GUI. I'm experiencing this on Debian 9 and I'm sure would happen on the Ubuntu distros also. Thanks for any help. I may need to file this as a bug with debian/ubuntu

Question information

Language:
English Edit question
Status:
Expired
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Last query:
2018-10-02
Last reply:
8 hours ago
Launchpad Janitor (janitor) said : #1

This question was expired because it remained in the 'Open' state without activity for the last 15 days.