From afa6ec97cc90ce45086df13ca7a5914a28175820 Mon Sep 17 00:00:00 2001
From: Pavel Roskin <plroskin@gmail.com>
Date: Sat, 13 Feb 2016 12:32:26 -0800
Subject: [PATCH] Install the most appropriate PAM settings file

Installing a file referring to common-auth is of no use if that file
doesn't exit.

Don't use "password" entry, xrdp doesn't ever change user password.
---
 .gitignore                                    |  1 +
 instfiles/pam.d/Makefile.am                   | 21 +++++++++++++++++--
 .../pam.d/{xrdp-sesman => xrdp-sesman.common} |  1 -
 instfiles/pam.d/xrdp-sesman.password-auth     |  4 ++++
 4 files changed, 24 insertions(+), 3 deletions(-)
 rename instfiles/pam.d/{xrdp-sesman => xrdp-sesman.common} (75%)
 create mode 100644 instfiles/pam.d/xrdp-sesman.password-auth

diff --git a/.gitignore b/.gitignore
index e7ca1e6b..c76bc4f9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -15,6 +15,7 @@ depcomp
 .deps/
 genkeymap/xrdp-genkeymap
 install-sh
+instfiles/pam.d/xrdp-sesman
 keygen/xrdp-keygen
 *.la
 .libs
diff --git a/instfiles/pam.d/Makefile.am b/instfiles/pam.d/Makefile.am
index d51d5c20..3e09802b 100644
--- a/instfiles/pam.d/Makefile.am
+++ b/instfiles/pam.d/Makefile.am
@@ -1,4 +1,9 @@
-EXTRA_DIST = xrdp-sesman
+EXTRA_DIST = \
+  xrdp-sesman.common \
+  xrdp-sesman.other \
+  xrdp-sesman.password-auth
+
+CLEANFILES = xrdp-sesman
 
 if SESMAN_NOPAM
 PAMFILE =
@@ -14,7 +19,19 @@ endif
 endif
 endif
 
-pamddir=$(sysconfdir)/pam.d
+pamddir = $(sysconfdir)/pam.d
 
 pamd_DATA = \
   $(PAMFILE)
+
+xrdp-sesman:
+	if test -e /etc/pam.d/password-auth; then \
+	  pamrules=xrdp-sesman.password-auth; \
+	else \
+	  if test -e /etc/pam.d/common-auth; then \
+	    pamrules=xrdp-sesman.common; \
+	  else \
+	    pamrules=xrdp-sesman.other; \
+	  fi; \
+	fi; \
+	$(LN_S) $(srcdir)/$$pamrules $@
diff --git a/instfiles/pam.d/xrdp-sesman b/instfiles/pam.d/xrdp-sesman.common
similarity index 75%
rename from instfiles/pam.d/xrdp-sesman
rename to instfiles/pam.d/xrdp-sesman.common
index 789ce8f7..b2089987 100644
--- a/instfiles/pam.d/xrdp-sesman
+++ b/instfiles/pam.d/xrdp-sesman.common
@@ -2,4 +2,3 @@
 @include common-auth
 @include common-account
 @include common-session
-@include common-password
diff --git a/instfiles/pam.d/xrdp-sesman.password-auth b/instfiles/pam.d/xrdp-sesman.password-auth
new file mode 100644
index 00000000..b17187c8
--- /dev/null
+++ b/instfiles/pam.d/xrdp-sesman.password-auth
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth       include      password-auth
+account    include      password-auth
+session    include      password-auth