From 1ab20df551a98c4ec85d87a250d8e2174599166c Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Wed, 20 Aug 2008 01:52:25 -0700 Subject: set apporpriate values for the debconf question, by storing a list of known configs in /var/lib/pam/seen --- debian/libpam-runtime.postrm | 2 +- debian/local/pam-auth-update | 45 ++++++++++++++++++++++++++++++++++---------- 2 files changed, 36 insertions(+), 11 deletions(-) (limited to 'debian') diff --git a/debian/libpam-runtime.postrm b/debian/libpam-runtime.postrm index c487546d..9a11040d 100644 --- a/debian/libpam-runtime.postrm +++ b/debian/libpam-runtime.postrm @@ -4,7 +4,7 @@ if [ "$1" = "purge" ]; then rm -f /etc/pam.d/common-auth /etc/pam.d/common-account \ /etc/pam.d/common-session /etc/pam.d/common-password rm -f /var/lib/pam/auth /var/lib/pam/account /var/lib/pam/session \ - /var/lib/pam/password + /var/lib/pam/password /var/lib/pam/seen rmdir --ignore-fail-on-non-empty /var/lib/pam fi diff --git a/debian/local/pam-auth-update b/debian/local/pam-auth-update index 3d23d552..260453d7 100755 --- a/debian/local/pam-auth-update +++ b/debian/local/pam-auth-update @@ -77,16 +77,33 @@ subst($template, 'profile_names', join(', ',@sorted)); subst($template, 'profiles', join(', ', map { $profiles{$_}->{'Name'} } @sorted)); -# FIXME: -# this needs to be replaced by proper detection of any profiles that are -# already enabled; i.e., use diff_profiles() to figure out what's -# currently selected -fset($template,'seen','false'); -set($template, - join(', ', grep { $profiles{$_}->{'Default'} eq 'yes' } @sorted)); - my $diff = diff_profiles($confdir,$savedir); +if ($diff) { + @enabled = @{$diff->{'mods'}}; +} else { + @enabled = split(/, /,get($template)); +} + +# an empty module set is an error, so grab the defaults instead +if (!@enabled) { + @enabled = grep { $profiles{$_}->{'Default'} eq 'yes' } @sorted; +} elsif (-e $savedir . '/seen') { + # add any previously-unseen configs + my %seen; + open(SEEN,$savedir . '/seen'); + while () { + chomp; + $seen{$_} = 1; + } + close(SEEN); + push(@enabled, + grep { $profiles{$_}->{'Default'} eq 'yes' && !$seen{$_} } @sorted); +} + +fset($template,'seen','false'); +set($template,join(', ', @enabled)); + # if diff_profiles() fails, and we weren't passed a 'force' argument # (because this isn't an upgrade from an old version, or the checksum # didn't match, or we're being called by some other module package), prompt @@ -140,6 +157,15 @@ do { set($template, join(', ', @enabled)); } while (@conflicts); +# the decision has been made about what configs to use, so even if +# something fails after this, we shouldn't go munging the default +# options again. Save the list of known configs to /var/lib/pam. +open(SEEN,"> $savedir/seen"); +for my $i (@sorted) { + print SEEN "$i\n"; +} +close(SEEN); + # @enabled now contains our list of profiles to use for piecing together # a config # we have: @@ -448,8 +474,7 @@ sub diff_profiles if ($_ =~ /^\Q$curmod\E\s*(.*)$/) { $found = 1; $curopts = $1; - } else { - push(@{$diff{$type}{'del'}},$modname); + push(@{$diff{'mods'}},$modname); } } -- cgit v1.2.3