Merge pull request #605 from proski/pamconfig

Allow PAM file selection in configure, improve autodetection, add SUSE

configure.ac

@@ -74,6 +74,10 @@ AC_ARG_ENABLE(pamuserpass, AS_HELP_STRING([--enable-pamuserpass],
               [Build pam userpass support (default: no)]),
               [], [enable_pamuserpass=no])
 AM_CONDITIONAL(SESMAN_PAMUSERPASS, [test x$enable_pamuserpass = xyes])
+AC_ARG_ENABLE(pam-config, AS_HELP_STRING([--enable-pam-config=CONF],
+              [Select PAM config to install: debian, redhat, suse, unix
+               (default: autodetect)]))
+
 AC_ARG_ENABLE(xrdpdebug, AS_HELP_STRING([--enable-xrdpdebug],
               [Build debug (default: no)]),
               [], [enable_xrdpdebug=no])
@@ -156,8 +160,20 @@ then
         [AC_MSG_ERROR([please install libpam0g-dev or pam-devel])])
     fi
   fi
+  if test "x$enable_pam_config" = "x"; then
+    PAM_RULES="auto"
+  else
+    pam_config_file="$srcdir/instfiles/pam.d/xrdp-sesman.$enable_pam_config"
+    if test -f "$pam_config_file"; then
+      PAM_RULES="$enable_pam_config"
+    else
+      AC_MSG_ERROR([PAM file "$pam_config_file" is not available])
+    fi
+  fi
 fi
 
+AC_SUBST(PAM_RULES)
+
 if test "x$enable_ipv6only" = "xyes"
 then
   enable_ipv6=yes

instfiles/pam.d/Makefile.am

@@ -1,7 +1,10 @@
-EXTRA_DIST = \
+PAM_FILES = \
-  xrdp-sesman.common \
+  xrdp-sesman.debian \
-  xrdp-sesman.other \
+  xrdp-sesman.redhat \
-  xrdp-sesman.password-auth
+  xrdp-sesman.suse \
+  xrdp-sesman.unix
+
+EXTRA_DIST = $(PAM_FILES) mkpamrules
 
 CLEANFILES = xrdp-sesman
 
@@ -24,14 +27,5 @@ pamddir = $(sysconfdir)/pam.d
 pamd_DATA = \
   $(PAMFILE)
 
-xrdp-sesman:
+xrdp-sesman: mkpamrules
-	if test -e /etc/pam.d/password-auth; then \
+	$(srcdir)/mkpamrules $(PAM_RULES) $(srcdir) $@
-	  pamrules=xrdp-sesman.password-auth; \
-	else \
-	  if test -e /etc/pam.d/common-auth; then \
-	    pamrules=xrdp-sesman.common; \
-	  else \
-	    pamrules=xrdp-sesman.other; \
-	  fi; \
-	fi; \
-	$(LN_S) $(srcdir)/$$pamrules $@

instfiles/pam.d/mkpamrules

@@ -0,0 +1,41 @@
+#!/bin/sh
+
+# Find suitable PAM config file
+
+rules="$1"
+srcdir="$2"
+outfile="$3"
+
+service="xrdp-sesman"
+pamdir="/etc/pam.d"
+
+guess_rules ()
+{
+  if test -s "$pamdir/password-auth"; then
+    rules="redhat"
+    return
+  fi
+
+  if test -s "$pamdir/common-account"; then
+    if grep "^@include" "$pamdir/passwd" >/dev/null 2>&1; then
+      rules="debian"
+    else
+      rules="suse"
+    fi
+    return
+  fi
+
+  rules="unix"
+  return
+}
+
+if test "$rules" = "auto"; then
+  guess_rules
+fi
+
+if test -s "$srcdir/$service.$rules"; then
+  ln -nsf "$srcdir/$service.$rules" "$outfile"
+else
+  echo "Cannot find $srcdir/$service.$rules"
+  exit 1
+fi

instfiles/pam.d/xrdp-sesman.debian

@@ -2,3 +2,4 @@
 @include common-auth
 @include common-account
 @include common-session
+@include common-password

instfiles/pam.d/xrdp-sesman.other

@@ -1,5 +0,0 @@
-#%PAM-1.0
-auth       include     system-auth
-account    include     system-auth
-password   include     system-auth
-session    include     system-auth

instfiles/pam.d/xrdp-sesman.password-auth

@@ -1,4 +0,0 @@
-#%PAM-1.0
-auth       include      password-auth
-account    include      password-auth
-session    include      password-auth

instfiles/pam.d/xrdp-sesman.redhat

@@ -0,0 +1,5 @@
+#%PAM-1.0
+auth        include     password-auth
+account     include     password-auth
+session     include     password-auth
+password    include     password-auth

instfiles/pam.d/xrdp-sesman.suse

@@ -0,0 +1,5 @@
+#%PAM-1.0
+auth        include     common-auth
+account     include     common-account
+session     include     common-session
+password    include     common-password

instfiles/pam.d/xrdp-sesman.unix

@@ -0,0 +1,5 @@
+#%PAM-1.0
+auth        include     system-auth
+account     include     system-auth
+password    include     system-auth
+session     include     system-auth