Allow PAM file selection in configure, improve autodetection, add SUSE

Use easy to understand names for config files (debian, redhat, suse,
unix). Move all autodetection to a separate script.
This commit is contained in:
Pavel Roskin 2016-12-30 20:00:46 -08:00
parent 63472bb181
commit 8799bbac42
9 changed files with 82 additions and 24 deletions

View File

@ -74,6 +74,10 @@ AC_ARG_ENABLE(pamuserpass, AS_HELP_STRING([--enable-pamuserpass],
[Build pam userpass support (default: no)]), [Build pam userpass support (default: no)]),
[], [enable_pamuserpass=no]) [], [enable_pamuserpass=no])
AM_CONDITIONAL(SESMAN_PAMUSERPASS, [test x$enable_pamuserpass = xyes]) AM_CONDITIONAL(SESMAN_PAMUSERPASS, [test x$enable_pamuserpass = xyes])
AC_ARG_ENABLE(pam-config, AS_HELP_STRING([--enable-pam-config=CONF],
[Select PAM config to install: debian, redhat, suse, unix
(default: autodetect)]))
AC_ARG_ENABLE(xrdpdebug, AS_HELP_STRING([--enable-xrdpdebug], AC_ARG_ENABLE(xrdpdebug, AS_HELP_STRING([--enable-xrdpdebug],
[Build debug (default: no)]), [Build debug (default: no)]),
[], [enable_xrdpdebug=no]) [], [enable_xrdpdebug=no])
@ -156,7 +160,19 @@ then
[AC_MSG_ERROR([please install libpam0g-dev or pam-devel])]) [AC_MSG_ERROR([please install libpam0g-dev or pam-devel])])
fi fi
fi fi
if test "x$enable_pam_config" = "x"; then
PAM_RULES="auto"
else
pam_config_file="$srcdir/instfiles/pam.d/xrdp-sesman.$enable_pam_config"
if test -f "$pam_config_file"; then
PAM_RULES="$enable_pam_config"
else
AC_MSG_ERROR([PAM file "$pam_config_file" is not available])
fi fi
fi
fi
AC_SUBST(PAM_RULES)
if test "x$enable_ipv6only" = "xyes" if test "x$enable_ipv6only" = "xyes"
then then

View File

@ -1,7 +1,10 @@
EXTRA_DIST = \ PAM_FILES = \
xrdp-sesman.common \ xrdp-sesman.debian \
xrdp-sesman.other \ xrdp-sesman.redhat \
xrdp-sesman.password-auth xrdp-sesman.suse \
xrdp-sesman.unix
EXTRA_DIST = $(PAM_FILES) mkpamrules
CLEANFILES = xrdp-sesman CLEANFILES = xrdp-sesman
@ -24,14 +27,5 @@ pamddir = $(sysconfdir)/pam.d
pamd_DATA = \ pamd_DATA = \
$(PAMFILE) $(PAMFILE)
xrdp-sesman: xrdp-sesman: mkpamrules
if test -e /etc/pam.d/password-auth; then \ $(srcdir)/mkpamrules $(PAM_RULES) $(srcdir) $@
pamrules=xrdp-sesman.password-auth; \
else \
if test -e /etc/pam.d/common-auth; then \
pamrules=xrdp-sesman.common; \
else \
pamrules=xrdp-sesman.other; \
fi; \
fi; \
$(LN_S) $(srcdir)/$$pamrules $@

41
instfiles/pam.d/mkpamrules Executable file
View File

@ -0,0 +1,41 @@
#!/bin/sh
# Find suitable PAM config file
rules="$1"
srcdir="$2"
outfile="$3"
service="xrdp-sesman"
pamdir="/etc/pam.d"
guess_rules ()
{
if test -s "$pamdir/password-auth"; then
rules="redhat"
return
fi
if test -s "$pamdir/common-account"; then
if grep "^@include" "$pamdir/passwd" >/dev/null 2>&1; then
rules="debian"
else
rules="suse"
fi
return
fi
rules="unix"
return
}
if test "$rules" = "auto"; then
guess_rules
fi
if test -s "$srcdir/$service.$rules"; then
ln -nsf "$srcdir/$service.$rules" "$outfile"
else
echo "Cannot find $srcdir/$service.$rules"
exit 1
fi

View File

@ -2,3 +2,4 @@
@include common-auth @include common-auth
@include common-account @include common-account
@include common-session @include common-session
@include common-password

View File

@ -1,5 +0,0 @@
#%PAM-1.0
auth include system-auth
account include system-auth
password include system-auth
session include system-auth

View File

@ -1,4 +0,0 @@
#%PAM-1.0
auth include password-auth
account include password-auth
session include password-auth

View File

@ -0,0 +1,5 @@
#%PAM-1.0
auth include password-auth
account include password-auth
session include password-auth
password include password-auth

View File

@ -0,0 +1,5 @@
#%PAM-1.0
auth include common-auth
account include common-account
session include common-session
password include common-password

View File

@ -0,0 +1,5 @@
#%PAM-1.0
auth include system-auth
account include system-auth
password include system-auth
session include system-auth