diff options
| author | Steve Langasek <vorlon@debian.org> | 2008-08-20 01:52:25 -0700 |
|---|---|---|
| committer | Steve Langasek <steve.langasek@ubuntu.com> | 2019-01-03 17:28:25 -0800 |
| commit | 1ab20df551a98c4ec85d87a250d8e2174599166c (patch) | |
| tree | 111413840fadde671638db59256aa4563b07ce78 | |
| parent | d3c9d55547a4cb52419593769f4b877452dce8aa (diff) | |
| download | pam-1ab20df551a98c4ec85d87a250d8e2174599166c.tar.gz pam-1ab20df551a98c4ec85d87a250d8e2174599166c.tar.bz2 pam-1ab20df551a98c4ec85d87a250d8e2174599166c.zip | |
set apporpriate values for the debconf question, by storing a list of known
configs in /var/lib/pam/seen
| -rw-r--r-- | debian/libpam-runtime.postrm | 2 | ||||
| -rwxr-xr-x | debian/local/pam-auth-update | 45 |
2 files changed, 36 insertions, 11 deletions
diff --git a/debian/libpam-runtime.postrm b/debian/libpam-runtime.postrm index c487546d..9a11040d 100644 --- a/debian/libpam-runtime.postrm +++ b/debian/libpam-runtime.postrm @@ -4,7 +4,7 @@ if [ "$1" = "purge" ]; then rm -f /etc/pam.d/common-auth /etc/pam.d/common-account \ /etc/pam.d/common-session /etc/pam.d/common-password rm -f /var/lib/pam/auth /var/lib/pam/account /var/lib/pam/session \ - /var/lib/pam/password + /var/lib/pam/password /var/lib/pam/seen rmdir --ignore-fail-on-non-empty /var/lib/pam fi diff --git a/debian/local/pam-auth-update b/debian/local/pam-auth-update index 3d23d552..260453d7 100755 --- a/debian/local/pam-auth-update +++ b/debian/local/pam-auth-update @@ -77,16 +77,33 @@ subst($template, 'profile_names', join(', ',@sorted)); subst($template, 'profiles', join(', ', map { $profiles{$_}->{'Name'} } @sorted)); -# FIXME: -# this needs to be replaced by proper detection of any profiles that are -# already enabled; i.e., use diff_profiles() to figure out what's -# currently selected -fset($template,'seen','false'); -set($template, - join(', ', grep { $profiles{$_}->{'Default'} eq 'yes' } @sorted)); - my $diff = diff_profiles($confdir,$savedir); +if ($diff) { + @enabled = @{$diff->{'mods'}}; +} else { + @enabled = split(/, /,get($template)); +} + +# an empty module set is an error, so grab the defaults instead +if (!@enabled) { + @enabled = grep { $profiles{$_}->{'Default'} eq 'yes' } @sorted; +} elsif (-e $savedir . '/seen') { + # add any previously-unseen configs + my %seen; + open(SEEN,$savedir . '/seen'); + while (<SEEN>) { + chomp; + $seen{$_} = 1; + } + close(SEEN); + push(@enabled, + grep { $profiles{$_}->{'Default'} eq 'yes' && !$seen{$_} } @sorted); +} + +fset($template,'seen','false'); +set($template,join(', ', @enabled)); + # if diff_profiles() fails, and we weren't passed a 'force' argument # (because this isn't an upgrade from an old version, or the checksum # didn't match, or we're being called by some other module package), prompt @@ -140,6 +157,15 @@ do { set($template, join(', ', @enabled)); } while (@conflicts); +# the decision has been made about what configs to use, so even if +# something fails after this, we shouldn't go munging the default +# options again. Save the list of known configs to /var/lib/pam. +open(SEEN,"> $savedir/seen"); +for my $i (@sorted) { + print SEEN "$i\n"; +} +close(SEEN); + # @enabled now contains our list of profiles to use for piecing together # a config # we have: @@ -448,8 +474,7 @@ sub diff_profiles if ($_ =~ /^\Q$curmod\E\s*(.*)$/) { $found = 1; $curopts = $1; - } else { - push(@{$diff{$type}{'del'}},$modname); + push(@{$diff{'mods'}},$modname); } } |