File pam-config-1.8-add-mklocaluser.patch of Package pam-config
commit 06cf59565c211db3193611eabf0567d94ffc8898
Author: Mihai Moldovan <ionic@ionic.de>
Date: Fri Oct 28 10:00:36 2022 +0200
Add support for pam_mklocaluser.
diff --git a/src/Makefile.am b/src/Makefile.am
index 4b1c922..4f27cff 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -34,7 +34,7 @@ pam_config_SOURCES = pam-config.c load_config.c write_config.c \
mod_pam_systemd_home.c \
mod_pam_ecryptfs.c mod_pam_access.c mod_pam_google_authenticator.c \
mod_pam_kwallet5.c mod_pam_keyinit.c mod_pam_mktemp.c \
- mod_pam_pwquality.c mod_pam_u2f.c
+ mod_pam_pwquality.c mod_pam_u2f.c mod_pam_mklocaluser.c
noinst_HEADERS = pam-config.h pam-module.h
diff --git a/src/mod_pam_mklocaluser.c b/src/mod_pam_mklocaluser.c
new file mode 100644
index 0000000..f732b6e
--- /dev/null
+++ b/src/mod_pam_mklocaluser.c
@@ -0,0 +1,67 @@
+/*
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License version 2 as
+ published by the Free Software Foundation.
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software Foundation,
+ Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <string.h>
+#include <ctype.h>
+
+#include "pam-config.h"
+#include "pam-module.h"
+
+static int
+write_config_mklocaluser (pam_module_t *this, enum write_type op, FILE *fp)
+{
+ option_set_t *opt_set = this->get_opt_set (this, op);
+
+
+ if (debug)
+ debug_write_call (this, op);
+
+ if (!opt_set->is_enabled (opt_set, "is_enabled"))
+ return 0;
+
+ if (op != SESSION)
+ return 0;
+
+ fprintf (fp, "session\trequired\tpam_python.so /lib/security/pam_mklocaluser/pam-python.py\t");
+
+ WRITE_CONFIG_OPTIONS
+
+ return 0;
+}
+
+GETOPT_START_1(SESSION)
+GETOPT_END_1(SESSION)
+
+PRINT_ARGS("mklocaluser")
+PRINT_XMLHELP("mklocaluser")
+
+/* ---- contruct module object ---- */
+DECLARE_BOOL_OPTS_1 (is_enabled);
+DECLARE_STRING_OPTS_0;
+DECLARE_OPT_SETS;
+
+static module_helptext_t helptext[] = {{"", NULL, "Enable/disable pam_mklocaluser via pam_python.so"}};
+
+/* at last construct the complete module object */
+pam_module_t mod_pam_mklocaluser = { "pam_mklocaluser", opt_sets, helptext,
+ &def_parse_config,
+ &def_print_module,
+ &write_config_mklocaluser,
+ &get_opt_set,
+ &getopt,
+ &print_args,
+ &print_xmlhelp};
diff --git a/src/pam-config.8.xml b/src/pam-config.8.xml
index aa6ef64..505f043 100644
--- a/src/pam-config.8.xml
+++ b/src/pam-config.8.xml
@@ -769,6 +769,14 @@
</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><option>--mklocaluser</option></term>
+ <listitem>
+ <para>
+ Enable/Disable pam_mklocaluser via pam_python.so
+ </para>
+ </listitem>
+ </varlistentry>
<varlistentry>
<term><option>--mktemp</option></term>
<listitem>
diff --git a/src/supported-modules.h b/src/supported-modules.h
index e8e89cd..6bbf74a 100644
--- a/src/supported-modules.h
+++ b/src/supported-modules.h
@@ -19,6 +19,7 @@ extern pam_module_t mod_pam_limits;
extern pam_module_t mod_pam_localuser;
extern pam_module_t mod_pam_make;
extern pam_module_t mod_pam_mkhomedir;
+extern pam_module_t mod_pam_mklocaluser;
extern pam_module_t mod_pam_mktemp;
extern pam_module_t mod_pam_nam;
extern pam_module_t mod_pam_passwdqc;
@@ -70,6 +71,7 @@ pam_module_t *common_module_list[] = {
&mod_pam_localuser,
&mod_pam_make,
&mod_pam_mkhomedir,
+ &mod_pam_mklocaluser,
&mod_pam_mktemp,
&mod_pam_nam,
&mod_pam_passwdqc,
@@ -177,6 +179,7 @@ static pam_module_t *module_list_session[] = {
&mod_pam_ecryptfs,
&mod_pam_env,
&mod_pam_mktemp,
+ &mod_pam_mklocaluser,
NULL
};