Added PAM support for MacOS

This commit is contained in:
Vraiment 2018-01-30 01:42:42 -08:00 committed by metalefty
parent c50015122c
commit 09712d70ad
4 changed files with 22 additions and 0 deletions

View File

@ -78,6 +78,10 @@ SUBDIRS += \
pulse
endif
if MACOS
SUBDIRS += pam.d
endif
#
# install-data-hook for each platform
# TODO: subst these directories as well as service files

View File

@ -3,6 +3,7 @@ PAM_FILES = \
xrdp-sesman.redhat \
xrdp-sesman.suse \
xrdp-sesman.freebsd \
xrdp-sesman.macos \
xrdp-sesman.unix
EXTRA_DIST = $(PAM_FILES) mkpamrules

View File

@ -30,6 +30,11 @@ guess_rules ()
return
fi
if test -s "$pamdir/authorization"; then
rules="macos"
return
fi
rules="unix"
return
}

View File

@ -0,0 +1,12 @@
# xrdp-sesman: auth account password session
# based on Apple's sshd PAM configuration
auth optional pam_krb5.so use_kcminit
auth optional pam_ntlm.so try_first_pass
auth optional pam_mount.so try_first_pass
auth required pam_opendirectory.so try_first_pass
account required pam_nologin.so
account required pam_sacl.so sacl_service=ssh
account required pam_opendirectory.so
password required pam_opendirectory.so
session required pam_launchd.so
session optional pam_mount.so