mkpamrules now supports Slackware

This commit is contained in:
matt335672 2020-04-26 17:27:19 +01:00
parent 1c4e14415d
commit 2ec9720612
3 changed files with 78 additions and 26 deletions

View File

@ -10,51 +10,87 @@ service="xrdp-sesman"
pamdir="/etc/pam.d" pamdir="/etc/pam.d"
pamdir_suse="/usr/etc/pam.d" pamdir_suse="/usr/etc/pam.d"
# Modules needed by xrdp-sesman.unix, if we get to that
unix_modules_needed="pam_unix.so pam_env.so pam_nologin.so"
# Directories where pam modules might be installed
# Add to this list as platforms are added
pam_module_dir_searchpath="/lib*/security /usr/lib*/security /lib/*/security /usr/lib/*/security"
find_pam_module_dir()
{
# Looks for the pam security module directory
set -- $pam_module_dir_searchpath
for d in "$@"; do
if [ -s $d/pam_unix.so ]; then
echo $d
break
fi
done
}
can_apply_unix_config()
{
result=0
module_dir="$1"
for m in $unix_modules_needed; do
if [ ! -s $module_dir/$m ]; then
echo " ** $m not found" >&2
result=1
fi
done
return $result
}
guess_rules () guess_rules ()
{ {
if test -s "$pamdir/password-auth"; then rules=
if [ -s "$pamdir/password-auth" ]; then
rules="redhat" rules="redhat"
return
fi
if test -s "$pamdir_suse/common-account"; then elif [ -s "$pamdir_suse/common-account" ]; then
rules="suse" rules="suse"
return
fi
if test -s "$pamdir/common-account"; then elif [ -s "$pamdir/common-account" ]; then
if grep "^@include" "$pamdir/passwd" >/dev/null 2>&1; then if grep "^@include" "$pamdir/passwd" >/dev/null 2>&1; then
rules="debian" rules="debian"
else else
rules="suse" rules="suse"
fi fi
return
fi
if test ! -f "$pamdir/system-auth" -a -s "$pamdir/system"; then elif [ ! -f "$pamdir/system-auth" -a -s "$pamdir/system" ]; then
rules="freebsd" rules="freebsd"
return
fi
if test -s "$pamdir/authorization"; then elif [ -s "$pamdir/authorization" ]; then
rules="macos" rules="macos"
return
fi
if test -s "$pamdir/system-remote-login"; then elif [ -s "$pamdir/system-remote-login" ]; then
rules="arch" rules="arch"
return
fi
elif [ -s "$pamdir/system-auth" ]; then
rules="system"
else
module_dir=`find_pam_module_dir`
if [ -d "$module_dir" ]; then
#echo "- Found pam modules in $module_dir" >&2
if can_apply_unix_config "$module_dir" ; then
rules="unix" rules="unix"
return fi
fi
fi
} }
if test "$rules" = "auto"; then if [ "$rules" = "auto" ]; then
guess_rules guess_rules
if [ -z "$rules" ]; then
echo "** Can't guess PAM rules for this system"
exit 1
fi
fi fi
if test -s "$srcdir/$service.$rules"; then if [ -s "$srcdir/$service.$rules" ]; then
ln -nsf "$srcdir/$service.$rules" "$outfile" ln -nsf "$srcdir/$service.$rules" "$outfile"
else else
echo "Cannot find $srcdir/$service.$rules" echo "Cannot find $srcdir/$service.$rules"

View File

@ -0,0 +1,5 @@
#%PAM-1.0
auth include system-auth
account include system-auth
password include system-auth
session include system-auth

View File

@ -1,5 +1,16 @@
#%PAM-1.0 #%PAM-1.0
auth include system-auth #
account include system-auth # Really basic authentication set when nothing else is available
password include system-auth #
session include system-auth # You may need to edit this to suit your system depending on the
# required functionality.
#
auth required pam_unix.so shadow
auth required pam_env.so
password required pam_unix.so
account required pam_unix.so
account required pam_nologin.so
session required pam_unix.so