[pam] nss-ldap -> nss-ldapd

6 files changed, 30 insertions, 10 deletions

diff --git a/remote/modules/pam/pam.build b/remote/modules/pam/pam.build
index 34319ce8..48baf8b9 100644
--- a/remote/modules/pam/pam.build
+++ b/remote/modules/pam/pam.build
@@ -13,15 +13,19 @@ build() {
 
 	# build pam-script separatly since we use a source tarball
 	# HACK: find pam_unix.so in MODULE_BUILD_DIR to see where to put pam_script at
-	cd $MODULE_BUILD_DIR
+	cd "$MODULE_BUILD_DIR"
 	local PAM_UNIX_LOCATION=$(find . -name pam_unix.so)
-	cd - > /dev/null
 	cd "${MODULE_DIR}/src/pam-script-${REQUIRED_PAM_SCRIPT_VERSION}" || perror "Could not cd to ${MODULE_DIR}/src/pam-script-${REQUIRED_PAM_SCRIPT_VERSION}."
-	./configure --prefix=/ --sysconfdir=/etc/pam-script --libdir=$(dirname ${PAM_UNIX_LOCATION:1}) || perror "pam-script: ./configure failed."
+	./configure --prefix=/ --sysconfdir=/etc/pam-script --libdir="$(dirname ${PAM_UNIX_LOCATION:1})" || perror "pam-script: ./configure failed."
 	make DESTDIR="${MODULE_BUILD_DIR}" install || perror "pam-script: make install to ${MODULE_BUILD_DIR} failed."
-	cd - > /dev/null
+	# Build nslcd service file
+	cd "$MODULE_BUILD_DIR"
+	local NSLCD_PATH=$(which nslcd)
+	[ -z "$NSLCD_PATH" ] && perror "Could not 'which nslcd'"
+	mkdir -p "etc/systemd/system"
+	sed "s,%PATH%,$NSLCD_PATH,g" "$MODULE_DIR/templates/nslcd-systemd.service" > "etc/systemd/system/nslcd.service" || perror "Could not fill nslcd.service template"
 }
 
-post_copy() {	
+post_copy() {
 	:
 }
diff --git a/remote/modules/pam/pam.conf b/remote/modules/pam/pam.conf
index 4e2e01a1..c0a21a79 100644
--- a/remote/modules/pam/pam.conf
+++ b/remote/modules/pam/pam.conf
@@ -1,5 +1,6 @@
 REQUIRED_BINARIES="
 	ldapsearch
+	nslcd
 	rpc.gssd
 	rpc.idmapd
 	sslconnect
@@ -14,6 +15,9 @@ REQUIRED_LIBRARIES="
 REQUIRED_DIRECTORIES="
 	/etc/security
 "
+REQUIRED_FILES="
+	/etc/systemd/system/nslcd.service
+"
 REQUIRED_SYSTEM_FILES="
 	/etc/login.defs
 	/etc/securetty
diff --git a/remote/modules/pam/pam.conf.debian b/remote/modules/pam/pam.conf.debian
index 278c36be..d424f1f7 100644
--- a/remote/modules/pam/pam.conf.debian
+++ b/remote/modules/pam/pam.conf.debian
@@ -1,6 +1,7 @@
 REQUIRED_INSTALLED_PACKAGES="
 	libpam-ldap
-	libnss-ldap
+	libnss-ldapd
+	nslcd
 	libpam-ck-connector
 	libpam-cap
 	krb5-user
@@ -20,7 +21,8 @@ REQUIRED_CONTENT_PACKAGES="
 	libpam-cap
 	libldap-2.4-2
 	libpam-ldap
-	libnss-ldap
+	libnss-ldapd
+	nslcd
 	krb5-user
 	krb5-config
 	libpam-krb5
diff --git a/remote/modules/pam/pam.conf.opensuse b/remote/modules/pam/pam.conf.opensuse
index 9b3d3247..fe6199ea 100644
--- a/remote/modules/pam/pam.conf.opensuse
+++ b/remote/modules/pam/pam.conf.opensuse
@@ -3,7 +3,7 @@ REQUIRED_INSTALLED_PACKAGES="
 	pam
 	pam_krb5
 	pam-devel
-	nss_ldap
+	nss-pam-ldapd
 	pam-modules
 	libopenssl-devel
 	openldap2-client
diff --git a/remote/modules/pam/pam.conf.ubuntu b/remote/modules/pam/pam.conf.ubuntu
index fe034225..5f6435f0 100644
--- a/remote/modules/pam/pam.conf.ubuntu
+++ b/remote/modules/pam/pam.conf.ubuntu
@@ -1,6 +1,7 @@
 REQUIRED_INSTALLED_PACKAGES="
 	libpam-ldap
-	libnss-ldap
+	libnss-ldapd
+	nslcd
 	krb5-user
 	krb5-config
 	libpam-krb5
@@ -17,7 +18,8 @@ REQUIRED_CONTENT_PACKAGES="
 	libpam-cap
 	libldap-2.4-2
 	libpam-ldap
-	libnss-ldap
+	libnss-ldapd
+	nslcd
 	krb5-user
 	krb5-config
 	libpam-krb5
diff --git a/remote/modules/pam/templates/nslcd-systemd.service b/remote/modules/pam/templates/nslcd-systemd.service
new file mode 100644
index 00000000..540e67cd
--- /dev/null
+++ b/remote/modules/pam/templates/nslcd-systemd.service
@@ -0,0 +1,8 @@
+[Unit]
+Description=Naming services LDAP client daemon
+After=network.target
+
+[Service]
+Type=forking
+PIDFile=/var/run/nslcd/nslcd.pid
+ExecStart=%PATH%