Added PAM support for MacOS
This commit is contained in:
parent
c50015122c
commit
09712d70ad
@ -78,6 +78,10 @@ SUBDIRS += \
|
||||
pulse
|
||||
endif
|
||||
|
||||
if MACOS
|
||||
SUBDIRS += pam.d
|
||||
endif
|
||||
|
||||
#
|
||||
# install-data-hook for each platform
|
||||
# TODO: subst these directories as well as service files
|
||||
|
@ -3,6 +3,7 @@ PAM_FILES = \
|
||||
xrdp-sesman.redhat \
|
||||
xrdp-sesman.suse \
|
||||
xrdp-sesman.freebsd \
|
||||
xrdp-sesman.macos \
|
||||
xrdp-sesman.unix
|
||||
|
||||
EXTRA_DIST = $(PAM_FILES) mkpamrules
|
||||
|
@ -30,6 +30,11 @@ guess_rules ()
|
||||
return
|
||||
fi
|
||||
|
||||
if test -s "$pamdir/authorization"; then
|
||||
rules="macos"
|
||||
return
|
||||
fi
|
||||
|
||||
rules="unix"
|
||||
return
|
||||
}
|
||||
|
12
instfiles/pam.d/xrdp-sesman.macos
Normal file
12
instfiles/pam.d/xrdp-sesman.macos
Normal file
@ -0,0 +1,12 @@
|
||||
# xrdp-sesman: auth account password session
|
||||
# based on Apple's sshd PAM configuration
|
||||
auth optional pam_krb5.so use_kcminit
|
||||
auth optional pam_ntlm.so try_first_pass
|
||||
auth optional pam_mount.so try_first_pass
|
||||
auth required pam_opendirectory.so try_first_pass
|
||||
account required pam_nologin.so
|
||||
account required pam_sacl.so sacl_service=ssh
|
||||
account required pam_opendirectory.so
|
||||
password required pam_opendirectory.so
|
||||
session required pam_launchd.so
|
||||
session optional pam_mount.so
|
Loading…
Reference in New Issue
Block a user