diff options
Diffstat (limited to 'debian/local/pam-auth-update')
-rwxr-xr-x | debian/local/pam-auth-update | 45 |
1 files changed, 35 insertions, 10 deletions
diff --git a/debian/local/pam-auth-update b/debian/local/pam-auth-update index 3d23d552..260453d7 100755 --- a/debian/local/pam-auth-update +++ b/debian/local/pam-auth-update @@ -77,16 +77,33 @@ subst($template, 'profile_names', join(', ',@sorted)); subst($template, 'profiles', join(', ', map { $profiles{$_}->{'Name'} } @sorted)); -# FIXME: -# this needs to be replaced by proper detection of any profiles that are -# already enabled; i.e., use diff_profiles() to figure out what's -# currently selected -fset($template,'seen','false'); -set($template, - join(', ', grep { $profiles{$_}->{'Default'} eq 'yes' } @sorted)); - my $diff = diff_profiles($confdir,$savedir); +if ($diff) { + @enabled = @{$diff->{'mods'}}; +} else { + @enabled = split(/, /,get($template)); +} + +# an empty module set is an error, so grab the defaults instead +if (!@enabled) { + @enabled = grep { $profiles{$_}->{'Default'} eq 'yes' } @sorted; +} elsif (-e $savedir . '/seen') { + # add any previously-unseen configs + my %seen; + open(SEEN,$savedir . '/seen'); + while (<SEEN>) { + chomp; + $seen{$_} = 1; + } + close(SEEN); + push(@enabled, + grep { $profiles{$_}->{'Default'} eq 'yes' && !$seen{$_} } @sorted); +} + +fset($template,'seen','false'); +set($template,join(', ', @enabled)); + # if diff_profiles() fails, and we weren't passed a 'force' argument # (because this isn't an upgrade from an old version, or the checksum # didn't match, or we're being called by some other module package), prompt @@ -140,6 +157,15 @@ do { set($template, join(', ', @enabled)); } while (@conflicts); +# the decision has been made about what configs to use, so even if +# something fails after this, we shouldn't go munging the default +# options again. Save the list of known configs to /var/lib/pam. +open(SEEN,"> $savedir/seen"); +for my $i (@sorted) { + print SEEN "$i\n"; +} +close(SEEN); + # @enabled now contains our list of profiles to use for piecing together # a config # we have: @@ -448,8 +474,7 @@ sub diff_profiles if ($_ =~ /^\Q$curmod\E\s*(.*)$/) { $found = 1; $curopts = $1; - } else { - push(@{$diff{$type}{'del'}},$modname); + push(@{$diff{'mods'}},$modname); } } |