8 files changed, 54 insertions, 38 deletions

diff --git a/core/modules/pam/data/etc/pam.d/kdm b/core/modules/pam/data/etc/pam.d/kdm
deleted file mode 100644
index e6a4ec9b..00000000
--- a/core/modules/pam/data/etc/pam.d/kdm
+++ /dev/null
@@ -1,10 +0,0 @@
-#
-# /etc/pam.d/kdm - specify the PAM behaviour of kdm
-#
-auth       required     pam_nologin.so
-auth       required     pam_env.so readenv=1
-auth       required     pam_env.so readenv=1 envfile=/etc/default/locale
-auth       include      common-auth
-account    include      common-account
-password   include      common-password
-session    include      common-session
diff --git a/core/modules/pam/data/etc/pam.d/kdm-np b/core/modules/pam/data/etc/pam.d/kdm-np
deleted file mode 100644
index dc10e5b5..00000000
--- a/core/modules/pam/data/etc/pam.d/kdm-np
+++ /dev/null
@@ -1,11 +0,0 @@
-#
-# /etc/pam.d/kdm-np - specify the PAM behaviour of kdm for passwordless logins
-#
-auth       required     pam_nologin.so
-auth       required     pam_env.so readenv=1
-auth       required     pam_env.so readenv=1 envfile=/etc/default/locale
-session    required     pam_limits.so
-account    include      common-account
-password   include      common-password
-session    include      common-session
-auth       required     pam_permit.so
diff --git a/core/modules/pam/data/opt/openslx/scripts/pam_script_auth b/core/modules/pam/data/opt/openslx/scripts/pam_script_auth
index e977185e..f7e12acf 100755
--- a/core/modules/pam/data/opt/openslx/scripts/pam_script_auth
+++ b/core/modules/pam/data/opt/openslx/scripts/pam_script_auth
@@ -6,7 +6,12 @@ export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/o
 # check if the script runs as root
 [ "x$(whoami)" != "xroot" ] && exit 0
 
-PASSWD=$(getent passwd "$PAM_USER")
+USER_UID=$(id -u "$PAM_USER")
+if [ -n "$USER_UID" ]; then
+	PASSWD=$(getent passwd "$USER_UID")
+else
+	PASSWD=$(getent passwd "$PAM_USER")
+fi
 USER_NAME=$(echo "$PASSWD" | awk -F ':' '{print $1}')
 USER_UID=$(echo "$PASSWD" | awk -F ':' '{print $3}')
 USER_GID=$(echo "$PASSWD" | awk -F ':' '{print $4}')
diff --git a/core/modules/pam/data/opt/openslx/scripts/pam_script_ses_close b/core/modules/pam/data/opt/openslx/scripts/pam_script_ses_close
index e4a7c1b4..0c0b804f 100755
--- a/core/modules/pam/data/opt/openslx/scripts/pam_script_ses_close
+++ b/core/modules/pam/data/opt/openslx/scripts/pam_script_ses_close
@@ -29,6 +29,9 @@ fi
 # do not kill all root processes :)
 [ "x${PAM_USER}" = "xroot" ] && exit 0
 
+USERID=$(id -u "$PAM_USER")
+[ -z "$USERID" ] && USERID="$PAM_USER"
+
 # Async block: Check if user has no session open anymore, if not
 # kill any remaining processes belonging to the user and unmount
 # everything at $USERHOME and below.
@@ -41,17 +44,17 @@ fi
 	if [ "$SESSIONCOUNT" = "0" ]; then
 
 		# last session, close all ghost user processes
-		pkill -u "${PAM_USER}"
+		pkill -u "${USERID}"
 
 		# check if user's processes are still running
 		for TIMEOUT in 1 1 2 FAIL; do
-			if ! ps -o pid,s -u "$PAM_USER" -U "$PAM_USER" | grep -q -v -E "PID|Z"; then
+			if ! ps -o pid,s -u "$USERID" -U "$USERID" | grep -q -v -E "PID|Z"; then
 				# nothing running anymore
 				break
 			fi
 			if [ "$TIMEOUT" = "FAIL" ]; then
 				# still something running, send SIGKILL
-				pkill -9 -u "${PAM_USER}"
+				pkill -9 -u "${USERID}"
 			else
 				# give some time
 				sleep "${TIMEOUT}"
@@ -65,7 +68,7 @@ fi
 	if [ "$SESSIONCOUNT" = "0" ]; then
 
 		# unmount the home directory structure
-		USER_HOME=$(getent passwd "$PAM_USER" | awk -F ':' '{print $6}')
+		USER_HOME=$(getent passwd "$USERID" | awk -F ':' '{print $6}')
 		if [ -n "$USER_HOME" ]; then
 			for TIMEOUT in 0 0 2 2 FAIL; do
 				OK=yes
diff --git a/core/modules/pam/module.conf.debian b/core/modules/pam/module.conf.debian
index 2ddd1312..f0b76a96 100644
--- a/core/modules/pam/module.conf.debian
+++ b/core/modules/pam/module.conf.debian
@@ -1,7 +1,5 @@
 #!/bin/bash
 REQUIRED_INSTALLED_PACKAGES="
-	libpam-ldap
-	libnss-ldapd
 	libpam-ck-connector
 	libpam-cap
 	krb5-user
@@ -20,8 +18,6 @@ REQUIRED_CONTENT_PACKAGES="
 	libpam-ck-connector
 	libpam-cap
 	libldap-2.4-2
-	libpam-ldapd
-	libnss-ldapd
 	krb5-user
 	krb5-config
 	libpam-krb5
diff --git a/core/modules/pam/module.conf.ubuntu b/core/modules/pam/module.conf.ubuntu
index 6f20bfd1..40974f10 100644
--- a/core/modules/pam/module.conf.ubuntu
+++ b/core/modules/pam/module.conf.ubuntu
@@ -1,7 +1,5 @@
 #!/bin/bash
 REQUIRED_INSTALLED_PACKAGES="
-	libpam-ldap
-	libnss-ldapd
 	krb5-user
 	krb5-config
 	libpam-krb5
@@ -19,8 +17,6 @@ REQUIRED_CONTENT_PACKAGES="
 	libpam-modules
 	libpam-cap
 	libldap-2.4-2
-	libpam-ldap
-	libnss-ldapd
 	krb5-user
 	krb5-config
 	libpam-krb5
diff --git a/core/modules/pam/module.conf.ubuntu.16 b/core/modules/pam/module.conf.ubuntu.16
index ff8e294e..378ef1f5 100644
--- a/core/modules/pam/module.conf.ubuntu.16
+++ b/core/modules/pam/module.conf.ubuntu.16
@@ -1,9 +1,7 @@
 #!/bin/bash
 # TODO fix and re-add ncp support !
 REQUIRED_INSTALLED_PACKAGES="
-	libpam-ldap
 	libpam-cap
-	libnss-ldapd
 	krb5-user
 	krb5-config
 	libpam-krb5
@@ -20,8 +18,6 @@ REQUIRED_CONTENT_PACKAGES="
 	libpam-modules-bin
 	libpam-cap
 	libldap-2.4-2
-	libpam-ldap
-	libnss-ldapd
 	krb5-user
 	krb5-config
 	libpam-krb5
diff --git a/core/modules/pam/module.conf.ubuntu.17 b/core/modules/pam/module.conf.ubuntu.17
new file mode 100644
index 00000000..378ef1f5
--- /dev/null
+++ b/core/modules/pam/module.conf.ubuntu.17
@@ -0,0 +1,41 @@
+#!/bin/bash
+# TODO fix and re-add ncp support !
+REQUIRED_INSTALLED_PACKAGES="
+	libpam-cap
+	krb5-user
+	krb5-config
+	libpam-krb5
+	libssl-dev
+	ldap-utils
+	libnfsidmap2
+	nfs-common
+	libpam0g-dev
+	cifs-utils
+"
+REQUIRED_CONTENT_PACKAGES="
+	libpam0g
+	libpam-modules
+	libpam-modules-bin
+	libpam-cap
+	libldap-2.4-2
+	krb5-user
+	krb5-config
+	libpam-krb5
+	ldap-utils
+	libnfsidmap2
+	nfs-common
+	cifs-utils
+	keyutils
+"
+REQUIRED_BINARIES+="
+	mount.cifs
+"
+REQUIRED_DIRECTORIES+="
+	$SYS_PAM_MODULES_PATH
+	/lib
+	/usr/lib
+"
+REQUIRED_SYSTEM_FILES+="
+	/etc/pam.conf
+	/etc/default/locale
+"