From 700683f7d281d09ad4a60461e2bfd9a354119e1a Mon Sep 17 00:00:00 2001
From: Jonathan Bauer
Date: Wed, 31 Jul 2013 17:21:52 +0200
Subject: [pam] moved pam-script scripts to /opt/openslx/scripts

---
 .../pam/data/etc/pam-script/pam_script_ses_close   | 10 +------
 .../pam/data/etc/pam-script/pam_script_ses_open    | 31 +---------------------
 .../data/opt/openslx/scripts/pam_script_ses_close  |  9 +++++++
 .../data/opt/openslx/scripts/pam_script_ses_open   | 30 +++++++++++++++++++++
 .../usr/share/libpam-script/pam_script_ses_close   |  1 -
 .../usr/share/libpam-script/pam_script_ses_open    |  1 -
 6 files changed, 41 insertions(+), 41 deletions(-)
 mode change 100755 => 120000 remote/modules/pam/data/etc/pam-script/pam_script_ses_close
 mode change 100755 => 120000 remote/modules/pam/data/etc/pam-script/pam_script_ses_open
 create mode 100755 remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close
 create mode 100755 remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open
 delete mode 120000 remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_close
 delete mode 120000 remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_open

diff --git a/remote/modules/pam/data/etc/pam-script/pam_script_ses_close b/remote/modules/pam/data/etc/pam-script/pam_script_ses_close
deleted file mode 100755
index 2b6f6105..00000000
--- a/remote/modules/pam/data/etc/pam-script/pam_script_ses_close
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/bash
-
-export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin"
-
-[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Closing session for $PAM_USER"
-
-# TODO check if its the last session of the user.
-
-[ $(id -g $PAM_USER) -ge 1000 ] && umount /home/$PAM_USER
diff --git a/remote/modules/pam/data/etc/pam-script/pam_script_ses_close b/remote/modules/pam/data/etc/pam-script/pam_script_ses_close
new file mode 120000
index 00000000..f3682056
--- /dev/null
+++ b/remote/modules/pam/data/etc/pam-script/pam_script_ses_close
@@ -0,0 +1 @@
+/opt/openslx/scripts/pam_script_ses_close
\ No newline at end of file
diff --git a/remote/modules/pam/data/etc/pam-script/pam_script_ses_open b/remote/modules/pam/data/etc/pam-script/pam_script_ses_open
deleted file mode 100755
index f5ad8af1..00000000
--- a/remote/modules/pam/data/etc/pam-script/pam_script_ses_open
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/bash
-
-export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin"
-
-[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Opening session for $PAM_USER"
-
-if [ $(id -g $PAM_USER) -ge 1000 ]; then
-	[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Mounting home directory for $PAM_USER"
-
-	# generate keytab
-	sslconnect npserv.ruf.uni-freiburg.de:3 > /etc/krb5.keytab
-	chmod 600 /etc/krb5.keytab
-
-	# determine fileserver and share for home directories
-	ldapsearch -x -LLL uid="$PAM_USER" homeDirectory rufFileserver > /tmp/ldapsearch."$PAM_USER"
-
-	FILESERVER=$(cat /tmp/ldapsearch.$PAM_USER | grep rufFileserver | cut -d" " -f2)
-	VOLUME=$(cat /tmp/ldapsearch.$PAM_USER | grep homeDirectory | cut -d" " -f2)
-
-	# now we can mount the home directory
-	mkdir -p /home/$PAM_USER
-	if mount -t nfs4 -o rw,nosuid,nodev,nolock,intr,hard,sloppy,sec=krb5p "$FILESERVER":"$VOLUME" /home/"$PAM_USER"; then
-		exit 0
-	else
-		echo "Failed to mount home directory for $PAM_USER"
-		exit 1
-	fi
-	
-fi
-
diff --git a/remote/modules/pam/data/etc/pam-script/pam_script_ses_open b/remote/modules/pam/data/etc/pam-script/pam_script_ses_open
new file mode 120000
index 00000000..4f5598e5
--- /dev/null
+++ b/remote/modules/pam/data/etc/pam-script/pam_script_ses_open
@@ -0,0 +1 @@
+/opt/openslx/scripts/pam_script_ses_open
\ No newline at end of file
diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close
new file mode 100755
index 00000000..2b6f6105
--- /dev/null
+++ b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin"
+
+[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Closing session for $PAM_USER"
+
+# TODO check if its the last session of the user.
+
+[ $(id -g $PAM_USER) -ge 1000 ] && umount /home/$PAM_USER
diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open
new file mode 100755
index 00000000..f5ad8af1
--- /dev/null
+++ b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open
@@ -0,0 +1,30 @@
+#!/bin/bash
+
+export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin"
+
+[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Opening session for $PAM_USER"
+
+if [ $(id -g $PAM_USER) -ge 1000 ]; then
+	[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Mounting home directory for $PAM_USER"
+
+	# generate keytab
+	sslconnect npserv.ruf.uni-freiburg.de:3 > /etc/krb5.keytab
+	chmod 600 /etc/krb5.keytab
+
+	# determine fileserver and share for home directories
+	ldapsearch -x -LLL uid="$PAM_USER" homeDirectory rufFileserver > /tmp/ldapsearch."$PAM_USER"
+
+	FILESERVER=$(cat /tmp/ldapsearch.$PAM_USER | grep rufFileserver | cut -d" " -f2)
+	VOLUME=$(cat /tmp/ldapsearch.$PAM_USER | grep homeDirectory | cut -d" " -f2)
+
+	# now we can mount the home directory
+	mkdir -p /home/$PAM_USER
+	if mount -t nfs4 -o rw,nosuid,nodev,nolock,intr,hard,sloppy,sec=krb5p "$FILESERVER":"$VOLUME" /home/"$PAM_USER"; then
+		exit 0
+	else
+		echo "Failed to mount home directory for $PAM_USER"
+		exit 1
+	fi
+	
+fi
+
diff --git a/remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_close b/remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_close
deleted file mode 120000
index a12002a7..00000000
--- a/remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_close
+++ /dev/null
@@ -1 +0,0 @@
-/etc/pam-script/pam_script_ses_close
\ No newline at end of file
diff --git a/remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_open b/remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_open
deleted file mode 120000
index 783d5605..00000000
--- a/remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_open
+++ /dev/null
@@ -1 +0,0 @@
-/etc/pam-script/pam_script_ses_open
\ No newline at end of file
-- 
cgit v1.2.3-55-g7522


From 92d8e788e76ce30cb8cbf44a0eee59f3467a2a9d Mon Sep 17 00:00:00 2001
From: Jonathan Bauer
Date: Wed, 31 Jul 2013 17:22:48 +0200
Subject: restructuring file paths a bit

---
 .../modules/german/data/etc/systemd/system/load-german-keymap.service | 2 +-
 remote/modules/redsocks/data/etc/systemd/system/setup_proxy.service   | 2 +-
 remote/modules/systemd/data/etc/systemd/system/nfs-mount.service      | 2 +-
 remote/modules/systemd/data/etc/systemd/system/udhcpc@.service        | 2 +-
 remote/modules/vmchooser/data/var/opt/openslx/bin/run-virt.sh         | 2 +-
 remote/rootfs/rootfs-stage31/data/init                                | 4 ++--
 .../rootfs-stage32/data/etc/systemd/system/download-config.service    | 2 +-
 .../rootfs-stage32/data/etc/systemd/system/load-gfx-driver.service    | 2 +-
 .../rootfs/rootfs-stage32/data/etc/systemd/system/mount-tmp.service   | 2 +-
 remote/rootfs/rootfs-stage32/data/etc/systemd/system/ntpdate.service  | 3 +--
 10 files changed, 11 insertions(+), 12 deletions(-)

diff --git a/remote/modules/german/data/etc/systemd/system/load-german-keymap.service b/remote/modules/german/data/etc/systemd/system/load-german-keymap.service
index 28046dcd..e31406fb 100644
--- a/remote/modules/german/data/etc/systemd/system/load-german-keymap.service
+++ b/remote/modules/german/data/etc/systemd/system/load-german-keymap.service
@@ -7,4 +7,4 @@ Before=shutdown.target
 [Service]
 Type=oneshot
 RemainAfterExit=yes
-ExecStart=/opt/openslx/bin/load_german_keymaps
+ExecStart=/opt/openslx/scripts/load_german_keymaps
diff --git a/remote/modules/redsocks/data/etc/systemd/system/setup_proxy.service b/remote/modules/redsocks/data/etc/systemd/system/setup_proxy.service
index 91a17363..2a06058b 100644
--- a/remote/modules/redsocks/data/etc/systemd/system/setup_proxy.service
+++ b/remote/modules/redsocks/data/etc/systemd/system/setup_proxy.service
@@ -5,5 +5,5 @@ DefaultDependencies=no
 
 [Service]
 Type=oneshot
-ExecStart=/opt/openslx/bin/setup_proxy
+ExecStart=/opt/openslx/scripts/setup_proxy
 RemainAfterExit=yes
diff --git a/remote/modules/systemd/data/etc/systemd/system/nfs-mount.service b/remote/modules/systemd/data/etc/systemd/system/nfs-mount.service
index a2f9dc54..0d537e2a 100644
--- a/remote/modules/systemd/data/etc/systemd/system/nfs-mount.service
+++ b/remote/modules/systemd/data/etc/systemd/system/nfs-mount.service
@@ -4,4 +4,4 @@ Description=Mount NFS Share [TEST]
 [Service]
 Type=oneshot
 RemainAfterExit=yes
-ExecStart=/opt/openslx/bin/mountexport
+ExecStart=/opt/openslx/scripts/mountexport
diff --git a/remote/modules/systemd/data/etc/systemd/system/udhcpc@.service b/remote/modules/systemd/data/etc/systemd/system/udhcpc@.service
index b9bbcbdd..a7d6c324 100644
--- a/remote/modules/systemd/data/etc/systemd/system/udhcpc@.service
+++ b/remote/modules/systemd/data/etc/systemd/system/udhcpc@.service
@@ -4,7 +4,7 @@ Description=DHCP Client
 [Service]
 Type=forking
 PIDFile=/run/udhcpc/udhcpc.%I.pid
-ExecStart=/opt/openslx/bin/dhcp++ %I
+ExecStart=/opt/openslx/scripts/dhcp++ %I
 ExecStopPost=/bin/rm /run/udhcpc/udhcpc.%I.pid
 
 [Install]
diff --git a/remote/modules/vmchooser/data/var/opt/openslx/bin/run-virt.sh b/remote/modules/vmchooser/data/var/opt/openslx/bin/run-virt.sh
index ea04a6ad..5139cf8f 120000
--- a/remote/modules/vmchooser/data/var/opt/openslx/bin/run-virt.sh
+++ b/remote/modules/vmchooser/data/var/opt/openslx/bin/run-virt.sh
@@ -1 +1 @@
-/opt/openslx/bin/run-virt.sh
\ No newline at end of file
+/opt/openslx/scripts/run-virt.sh
\ No newline at end of file
diff --git a/remote/rootfs/rootfs-stage31/data/init b/remote/rootfs/rootfs-stage31/data/init
index 6a718c46..4dc63bfa 100755
--- a/remote/rootfs/rootfs-stage31/data/init
+++ b/remote/rootfs/rootfs-stage31/data/init
@@ -106,10 +106,10 @@ mount -n --move /dev/shm/uniontmp /mnt/uniontmp || drop_shell "Problem moving un
 [ $DEBUG -ge 2 ] && drop_shell "Requested Debug Shell: after aufs'ing."
 
 # Download config if available
-/mnt/opt/openslx/bin/activate-sysconfig /mnt 2> /dev/null
+/bin/activate-sysconfig 2> /dev/null
 if [ ! -e /mnt/opt/openslx/config ]; then
 	sleep 1
-	/mnt/opt/openslx/bin/activate-sysconfig /mnt
+	/bin/activate-sysconfig
 fi
 if [ -e /mnt/opt/openslx/config ]; then
 	. /mnt/opt/openslx/config
diff --git a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/download-config.service b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/download-config.service
index fca8ee5b..ef8fb438 100644
--- a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/download-config.service
+++ b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/download-config.service
@@ -5,4 +5,4 @@ DefaultDependencies=no
 [Service]
 Type=oneshot
 RemainAfterExit=yes
-ExecStart=/opt/openslx/bin/activate-sysconfig
+ExecStart=/opt/openslx/scripts/activate-sysconfig
diff --git a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/load-gfx-driver.service b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/load-gfx-driver.service
index bdf3258c..93641cee 100644
--- a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/load-gfx-driver.service
+++ b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/load-gfx-driver.service
@@ -5,5 +5,5 @@ DefaultDependencies=no
 
 [Service]
 Type=oneshot
-ExecStart=/opt/openslx/bin/load-gfx-driver
+ExecStart=/opt/openslx/scripts/load-gfx-driver
 RemainAfterExit=yes
diff --git a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/mount-tmp.service b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/mount-tmp.service
index 2a5fd63c..070e3e1f 100644
--- a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/mount-tmp.service
+++ b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/mount-tmp.service
@@ -6,5 +6,5 @@ DefaultDependencies=no
 
 [Service]
 Type=oneshot
-ExecStart=/opt/openslx/bin/analyse-disk
+ExecStart=/opt/openslx/scripts/analyse-disk
 RemainAfterExit=yes
diff --git a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/ntpdate.service b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/ntpdate.service
index 4acfb046..69b1ba33 100644
--- a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/ntpdate.service
+++ b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/ntpdate.service
@@ -7,5 +7,4 @@ ConditionPathExists=/run/udhcpc/network-ready
 [Service]
 Type=oneshot
 RemainAfterExit=yes
-ExecStart=/opt/openslx/bin/nettime
-
+ExecStart=/opt/openslx/scripts/nettime
-- 
cgit v1.2.3-55-g7522


From a07149d4c3b53ec3b1f953429a79e68945be7955 Mon Sep 17 00:00:00 2001
From: Jonathan Bauer
Date: Wed, 31 Jul 2013 17:23:12 +0200
Subject: restructuring paths

---
 .../data/opt/openslx/scripts/load_german_keymaps   | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100755 remote/modules/german/data/opt/openslx/scripts/load_german_keymaps

diff --git a/remote/modules/german/data/opt/openslx/scripts/load_german_keymaps b/remote/modules/german/data/opt/openslx/scripts/load_german_keymaps
new file mode 100755
index 00000000..c7dbbb33
--- /dev/null
+++ b/remote/modules/german/data/opt/openslx/scripts/load_german_keymaps
@@ -0,0 +1,22 @@
+#!/bin/bash
+# Script serves as container script for a systemd-call due to the buggyness of several
+# loadkeys-implementations <= kbd (Linux keyboard tools) 1.15.3.
+# This bug can be detected through failure of the command pipe 'dumpkeys|loadkeys' yielding
+# the message "unknown keysym 'compose'.
+
+# So we first try to insert a keymap including compose-lines:
+loadkeys /opt/openslx/keymaps/german_qwertz_compose_keyboard_translation.map
+ERR=$?
+
+# ... if this fails we enter a keymap without compose-lines:
+if [[ "$ERR" -eq 0 ]]; then
+	exit 0			# in that case everything went smooth - exit.
+else
+	loadkeys /opt/openslx/keymaps/german_qwertz_keyboard_translation.map		# insert a keymap without compose lines
+	ERR=$?
+fi
+
+# if at this point the second keymap insertion failed we pass the errorlevel to
+# systemd - we cannot do more at this point.
+
+exit $ERR
-- 
cgit v1.2.3-55-g7522


From 67630db62d44d23f4a4a38245400123f1100f277 Mon Sep 17 00:00:00 2001
From: Jonathan Bauer
Date: Wed, 31 Jul 2013 17:23:24 +0200
Subject: restruct

---
 .../redsocks/data/opt/openslx/scripts/setup_proxy  | 51 ++++++++++++++++++++++
 1 file changed, 51 insertions(+)
 create mode 100755 remote/modules/redsocks/data/opt/openslx/scripts/setup_proxy

diff --git a/remote/modules/redsocks/data/opt/openslx/scripts/setup_proxy b/remote/modules/redsocks/data/opt/openslx/scripts/setup_proxy
new file mode 100755
index 00000000..6c39c077
--- /dev/null
+++ b/remote/modules/redsocks/data/opt/openslx/scripts/setup_proxy
@@ -0,0 +1,51 @@
+#!/bin/bash
+
+for wait in 1 1 2 3 4 6 8 10 end; do
+	grep '^#_RCONFIG_TAG$' /opt/openslx/config > /dev/null && echo "Config found!" && break
+	[ "$wait" == "end" ] && echo "Giving up!" && exit 1
+	echo "No config yet..."
+	sleep $wait
+done
+
+. /opt/openslx/config || echo "Error sourcing config for setup_proxy"
+
+[ -z "$SLX_PROXY_MODE" -o "x$SLX_PROXY_MODE" == "xoff" ] && echo "proxy mode disabled." && exit 0
+
+PROXY=off
+if [ "$SLX_PROXY_MODE" == "on" ]; then
+	PROXY=on
+elif [ "$SLX_PROXY_MODE" == "auto" -a -n "$SLX_PXE_CLIENT_IP" ]; then
+	[[ "$SLX_PXE_CLIENT_IP" =~ ^10\. ]] && PROXY=on
+	[[ "$SLX_PXE_CLIENT_IP" =~ ^192\.168\. ]] && PROXY=on
+	[[ "$SLX_PXE_CLIENT_IP" =~ ^172\.[123] ]] && PROXY=on
+fi
+
+[ "$PROXY" == "off" ] && echo "Proxy mode not required." && exit 0
+
+sed -i "s/%%PROXY_IP%%/$SLX_PROXY_IP/g;s/%%PROXY_PORT%%/$SLX_PROXY_PORT/g;s/%%PROXY_TYPE%%/$SLX_PROXY_TYPE/g" /etc/redsocks.conf
+
+mkdir -p /run/redsocks
+chown redsocks:redsocks /run/redsocks
+systemctl start redsocks
+
+iptables -t nat -N REDSOCKS
+iptables -t nat -A REDSOCKS -d "$SLX_PROXY_IP" -j RETURN
+iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
+iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
+iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
+iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
+iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
+iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
+iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
+iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
+if [ -n "$SLX_PROXY_BLACKLIST" ]; then
+	for ADDR in $SLX_PROXY_BLACKLIST; do
+		iptables -t nat -A REDSOCKS -d "$ADDR" -j RETURN
+	done
+fi
+iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-port 12345
+iptables -t nat -A PREROUTING -p tcp -j REDSOCKS
+iptables -t nat -A OUTPUT -p tcp -j REDSOCKS
+iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE
+iptables -A INPUT -i br0 -p tcp --dport 12345 -j DROP
+
-- 
cgit v1.2.3-55-g7522


From 7974d03b84aa772e135773510879f67bf12252ff Mon Sep 17 00:00:00 2001
From: Jonathan Bauer
Date: Wed, 31 Jul 2013 17:24:08 +0200
Subject: added download of config.tgz to activate-sysconfig and moved it to
 stage31

---
 .../rootfs-stage31/data/bin/activate-sysconfig     | 67 ++++++++++++++++++++++
 1 file changed, 67 insertions(+)
 create mode 100755 remote/rootfs/rootfs-stage31/data/bin/activate-sysconfig

diff --git a/remote/rootfs/rootfs-stage31/data/bin/activate-sysconfig b/remote/rootfs/rootfs-stage31/data/bin/activate-sysconfig
new file mode 100755
index 00000000..bfda70e1
--- /dev/null
+++ b/remote/rootfs/rootfs-stage31/data/bin/activate-sysconfig
@@ -0,0 +1,67 @@
+#!/bin/bash
+
+# first a few variables
+CONFIG="/mnt/opt/openslx/config"
+
+# parse kernel command line to determine the URL
+URL="$(grep -o -E "slxconfig=\S+" /proc/cmdline | cut -c 11-)"
+if [ -z "$URL" ]; then
+	echo "Error - 'slxconfig=' not found in command line, or empty"
+	exit 1
+fi
+
+#########################################################################
+#
+# Helper function to download given FILE_URL under TARGET_PATH
+#
+# Usage:
+#	download $FILE_URL $TARGET_PATH
+#
+
+download() {
+	[ $# -ne 2 ] && echo "Error - 'download' requires 2 arguements, $# given." \
+		&& exit 1
+	
+	local FILE_URL="$1"
+	local TARGET_PATH="$2"
+
+	wget -T 5 -q -O "$TARGET_PATH" "$FILE_URL"
+	RET=$?
+	if [ "x$RET" != "x0" ]; then
+		echo "Error - downloading '$FILE_URL' via wget failed. Exit Code: $RET"
+		exit 1
+	else
+		echo "Successfully downloaded '$FILE_URL'."
+	fi
+
+	return 0	
+}
+
+#########################################################################
+#
+#
+# This first part downloads the config containing environment variables
+#
+#
+
+[ -e "$CONFIG" ] && grep '^#_RCONFIG_TAG$' "$CONFIG" > /dev/null \
+	&& echo "Config already fetched." && exit 0
+
+download "$URL" "$CONFIG-remote" || exit 1
+
+echo "# Config fetched from $URL" >> "$CONFIG"
+echo "#_RCONFIG_TAG" >> "$CONFIG"
+cat "${CONFIG}-remote" >> "$CONFIG"
+
+#########################################################################
+#
+#
+# This part downloads the config.tgz and unpacks it to $1
+#
+#
+
+[ -e "$CONFIG.tgz" ] && echo "config.tgz already downloaded." && exit 0
+download "$URL.tgz" "$CONFIG.tgz" || exit 1
+
+tar xf "$CONFIG.tgz" -C /mnt || { echo "Could not untar $CONFIG.tgz to /mnt"; exit 1; }
+exit 0
-- 
cgit v1.2.3-55-g7522


From 9b9842346d3cbde1a07039575b6fd5ad05fbdb90 Mon Sep 17 00:00:00 2001
From: Jonathan Bauer
Date: Wed, 31 Jul 2013 17:24:27 +0200
Subject: restructuring

---
 .../data/opt/openslx/scripts/analyse-disk          | 111 +++++++++++++++++++++
 1 file changed, 111 insertions(+)
 create mode 100755 remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/analyse-disk

diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/analyse-disk b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/analyse-disk
new file mode 100755
index 00000000..f162ec3a
--- /dev/null
+++ b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/analyse-disk
@@ -0,0 +1,111 @@
+#!/bin/bash
+# Copyright (c) 2013 - OpenSLX GmbH
+#
+# This program is free software distributed under the GPL version 2.
+# See http://openslx.org/COPYING
+#
+# If you have any feedback please consult http://openslx.org/feedback and
+# send your feedback to feedback@openslx.org
+#
+# General information about OpenSLX can be found under http://openslx.org
+#
+# Local hard disk autodetection script for OpenSLX linux stateless clients,
+# detecting swap and special partitions
+
+#############################################################################
+
+
+# General formatter for the /tmp partition on a local harddisk
+diskfm () {
+local target="$1"
+local fs
+local path
+for fs in xfs ext3 ext2 ; do
+  unset available
+  case $(cat /proc/filesystems) in
+    *${fs}*) available=yes;;
+    *) modprobe "${fs}" && available=yes;;
+  esac
+  if [ -n "${available}" ]; then
+    unset found
+    if which "mkfs.$fs" ; then
+      found=yes
+      case "mkfs.$fs" in
+        mkfs.xfs)
+          fopt="-f"
+          mopt="-o noexec"
+        ;;
+        mkfs.ext2)
+          fopt="-Fq"
+          mopt="-o nocheck,noexec"
+        ;;
+        mkfs.reiserfs)
+          fopt="-f"
+          mopt="-o noexec"
+        ;;
+      esac
+      mkfs.$fs ${fopt} "${target}"
+    fi
+    [ -n "$found" ] && break
+  fi
+done
+}
+
+# Check for local harddisks and appropriate partitions
+for waiting in 1 1 2 3 4; do
+	fdisk -l | sed -n "/^\/dev\//p" > "/etc/disk.partition"
+	[ -s "/etc/disk.partition" ] && break
+	sleep "$waiting"
+done
+echo "Partitions:"
+cat "/etc/disk.partition"
+
+# Check for standard swap partitions and make them available to the system
+for hdpartnr in $(sed -n -e "/ 82 /p" "/etc/disk.partition" | sed -e "s/[[:space:]].*//"); do
+	echo -e "$hdpartnr\tswap\t\tswap\t\tdefaults\t 0 0" >> "/etc/fstab"
+	swapon "$hdpartnr"
+done
+
+# We use special non assigned partition type (id44) for harddisk scratch 
+# space, thus no normal filesystem will be incidentally deleted or
+# corrupted
+for hdpartnr in $(sed -n -e "/ 44 /p" "/etc/disk.partition" | sed -e "s/[[:space:]].*//"); do
+  # check for supported filesystem and formatter
+  if diskfm "$hdpartnr"; then
+      # echo "$hdpartnr is mounted to /mnt/tmp at $(sysup)" >/tmp/tmpready
+      echo -e "$hdpartnr\t/tmp\t\tnoauto\t\tdefaults\t 0 0" >> "/etc/fstab"
+      mkdir -p /tmptmp
+      mv /tmp/* /tmp/.* /tmptmp/
+      mount "$hdpartnr" /tmp
+      chmod a+rwxt /tmp
+      mv /tmptmp/* /tmptmp/.* /tmp/
+      rmdir /tmptmp
+      break
+    else
+      echo "formatting failed for some reason"
+    fi # Made this non-forking, systemd should handle it - 2013-05-28
+done
+
+# Put detected linux partitions (83) into /etc/fstab with "noauto", special
+# partition 45 (persistent scratch) to /var/scratch and 46 to /var/openslx
+for partid in 83 45 46 ; do
+  for hdpartnr in $(sed -n -e "/ ${partid} /p" "/etc/disk.partition" | sed -e "s/[[:space:]].*//"); do
+    mkdir -p "/media/${hdpartnr#/dev/*}"
+    if [ "${partid}" -eq 83 ]; then
+      echo -e "$hdpartnr\t/media/${hdpartnr#/dev/*}\tauto\t\tnoauto,noexec\t 0 0" >> "/etc/fstab"
+    elif [ "${partid}" -eq 45 ]; then
+      #mount -t auto ${hdpartnr} /media/${hdpartnr#/dev/*}
+      #ln -sf /media/${hdpartnr#/dev/*} /var/scratch
+      echo -e "${hdpartnr}\t/media/${hdpartnr#/dev/*}\tauto\t\tnoauto\t\t 0 0" >> "/etc/fstab"
+    elif [ "${partid}" -eq 46 ]; then
+      # Mount a home directory to (/mnt)/var/home
+      #mount -t auto ${hdpartnr} /mnt/media/${hdpartnr#/dev/*} \n\
+      #test -d /mnt/media/${hdpartnr#/dev/*}/home && \
+      #  ln -sf /media/${hdpartnr#/dev/*} /var/home
+      echo -e "${hdpartnr}\t/media/${hdpartnr#/dev/*}\tauto\t\tnoauto\t\t 0 0" >> "/etc/fstab"
+    fi
+  done
+done
+
+mount -a
+
-- 
cgit v1.2.3-55-g7522


From c1a7c2474d7b4b9dc43c564f330a98b892c50a8b Mon Sep 17 00:00:00 2001
From: Jonathan Bauer
Date: Wed, 31 Jul 2013 17:24:35 +0200
Subject: remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/dhcp++

---
 remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/dhcp++ | 10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100755 remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/dhcp++

diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/dhcp++ b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/dhcp++
new file mode 100755
index 00000000..8a03ce98
--- /dev/null
+++ b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/dhcp++
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+NET_IF="$1"
+NET_IP="$(ip addr show dev "${NET_IF}" | grep "inet " | awk -F " " '{print $2}' | awk -F "/" '{print $1}')"
+
+UDHCPC_OPTS=""
+[ ! -z "$NET_IP" ] && UDHCPC_OPTS=" -r $NET_IP "
+echo "udhcp++: running on $NET_IF with additional params $UDHCPC_OPTS" >> "/tmp/udhcpclog"
+mkdir -p /run/udhcpc
+/opt/openslx/sbin/udhcpc $UDHCPC_OPTS -O domain -O nissrv -O nisdomain -O wpad -t 8 -s /opt/openslx/scripts/udhcpc-openslx-script -i "$NET_IF" -p "/run/udhcpc/udhcpc.$NET_IF.pid"
-- 
cgit v1.2.3-55-g7522


From bfada6e8ef118afd0100ecc769580dcf30e2db16 Mon Sep 17 00:00:00 2001
From: Jonathan Bauer
Date: Wed, 31 Jul 2013 17:24:47 +0200
Subject: restructuring

---
 .../data/opt/openslx/scripts/load-gfx-driver             | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100755 remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/load-gfx-driver

diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/load-gfx-driver b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/load-gfx-driver
new file mode 100755
index 00000000..04fbea6e
--- /dev/null
+++ b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/load-gfx-driver
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+PCIFILE=/tmp/lspci-output
+
+if ! lspci -n > "$PCIFILE"; then
+	echo "lspci -n failed..."
+	exit 1
+fi
+
+if grep -E ' 8086:0152( |$)' "$PCIFILE" > /dev/null; then
+	echo "i915 - enable 3D"
+	echo -e "# Written by load-gfx-driver\nSLX_VMWARE_3D=yes" >> "/opt/openslx/config"
+fi
+
+exit 0
+
-- 
cgit v1.2.3-55-g7522


From 91c66e022325637b577eb6f2d9046c1ce8b42d00 Mon Sep 17 00:00:00 2001
From: Jonathan Bauer
Date: Wed, 31 Jul 2013 17:25:22 +0200
Subject: restructing

---
 .../data/opt/openslx/bin/load_german_keymaps       |  22 ---
 .../redsocks/data/opt/openslx/bin/setup_proxy      |  51 ------
 .../sysinit.target.wants/download-config.service   |   1 -
 .../data/opt/openslx/bin/activate-sysconfig        |  28 ----
 .../data/opt/openslx/bin/analyse-disk              | 111 -------------
 .../rootfs-stage32/data/opt/openslx/bin/dhcp++     |  11 --
 .../data/opt/openslx/bin/load-gfx-driver           |  16 --
 .../data/opt/openslx/scripts/mountexport           |  17 ++
 .../data/opt/openslx/scripts/nettime               |  22 +++
 .../data/opt/openslx/scripts/udhcpc-openslx-script | 174 +++++++++++++++++++++
 10 files changed, 213 insertions(+), 240 deletions(-)
 delete mode 100755 remote/modules/german/data/opt/openslx/bin/load_german_keymaps
 delete mode 100755 remote/modules/redsocks/data/opt/openslx/bin/setup_proxy
 delete mode 120000 remote/rootfs/rootfs-stage32/data/etc/systemd/system/sysinit.target.wants/download-config.service
 delete mode 100755 remote/rootfs/rootfs-stage32/data/opt/openslx/bin/activate-sysconfig
 delete mode 100755 remote/rootfs/rootfs-stage32/data/opt/openslx/bin/analyse-disk
 delete mode 100755 remote/rootfs/rootfs-stage32/data/opt/openslx/bin/dhcp++
 delete mode 100755 remote/rootfs/rootfs-stage32/data/opt/openslx/bin/load-gfx-driver
 create mode 100755 remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/mountexport
 create mode 100755 remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/nettime
 create mode 100755 remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/udhcpc-openslx-script

diff --git a/remote/modules/german/data/opt/openslx/bin/load_german_keymaps b/remote/modules/german/data/opt/openslx/bin/load_german_keymaps
deleted file mode 100755
index c7dbbb33..00000000
--- a/remote/modules/german/data/opt/openslx/bin/load_german_keymaps
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/bin/bash
-# Script serves as container script for a systemd-call due to the buggyness of several
-# loadkeys-implementations <= kbd (Linux keyboard tools) 1.15.3.
-# This bug can be detected through failure of the command pipe 'dumpkeys|loadkeys' yielding
-# the message "unknown keysym 'compose'.
-
-# So we first try to insert a keymap including compose-lines:
-loadkeys /opt/openslx/keymaps/german_qwertz_compose_keyboard_translation.map
-ERR=$?
-
-# ... if this fails we enter a keymap without compose-lines:
-if [[ "$ERR" -eq 0 ]]; then
-	exit 0			# in that case everything went smooth - exit.
-else
-	loadkeys /opt/openslx/keymaps/german_qwertz_keyboard_translation.map		# insert a keymap without compose lines
-	ERR=$?
-fi
-
-# if at this point the second keymap insertion failed we pass the errorlevel to
-# systemd - we cannot do more at this point.
-
-exit $ERR
diff --git a/remote/modules/redsocks/data/opt/openslx/bin/setup_proxy b/remote/modules/redsocks/data/opt/openslx/bin/setup_proxy
deleted file mode 100755
index 6c39c077..00000000
--- a/remote/modules/redsocks/data/opt/openslx/bin/setup_proxy
+++ /dev/null
@@ -1,51 +0,0 @@
-#!/bin/bash
-
-for wait in 1 1 2 3 4 6 8 10 end; do
-	grep '^#_RCONFIG_TAG$' /opt/openslx/config > /dev/null && echo "Config found!" && break
-	[ "$wait" == "end" ] && echo "Giving up!" && exit 1
-	echo "No config yet..."
-	sleep $wait
-done
-
-. /opt/openslx/config || echo "Error sourcing config for setup_proxy"
-
-[ -z "$SLX_PROXY_MODE" -o "x$SLX_PROXY_MODE" == "xoff" ] && echo "proxy mode disabled." && exit 0
-
-PROXY=off
-if [ "$SLX_PROXY_MODE" == "on" ]; then
-	PROXY=on
-elif [ "$SLX_PROXY_MODE" == "auto" -a -n "$SLX_PXE_CLIENT_IP" ]; then
-	[[ "$SLX_PXE_CLIENT_IP" =~ ^10\. ]] && PROXY=on
-	[[ "$SLX_PXE_CLIENT_IP" =~ ^192\.168\. ]] && PROXY=on
-	[[ "$SLX_PXE_CLIENT_IP" =~ ^172\.[123] ]] && PROXY=on
-fi
-
-[ "$PROXY" == "off" ] && echo "Proxy mode not required." && exit 0
-
-sed -i "s/%%PROXY_IP%%/$SLX_PROXY_IP/g;s/%%PROXY_PORT%%/$SLX_PROXY_PORT/g;s/%%PROXY_TYPE%%/$SLX_PROXY_TYPE/g" /etc/redsocks.conf
-
-mkdir -p /run/redsocks
-chown redsocks:redsocks /run/redsocks
-systemctl start redsocks
-
-iptables -t nat -N REDSOCKS
-iptables -t nat -A REDSOCKS -d "$SLX_PROXY_IP" -j RETURN
-iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
-iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
-iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
-iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
-iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
-iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
-iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
-iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
-if [ -n "$SLX_PROXY_BLACKLIST" ]; then
-	for ADDR in $SLX_PROXY_BLACKLIST; do
-		iptables -t nat -A REDSOCKS -d "$ADDR" -j RETURN
-	done
-fi
-iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-port 12345
-iptables -t nat -A PREROUTING -p tcp -j REDSOCKS
-iptables -t nat -A OUTPUT -p tcp -j REDSOCKS
-iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE
-iptables -A INPUT -i br0 -p tcp --dport 12345 -j DROP
-
diff --git a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/sysinit.target.wants/download-config.service b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/sysinit.target.wants/download-config.service
deleted file mode 120000
index a7d51e0b..00000000
--- a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/sysinit.target.wants/download-config.service
+++ /dev/null
@@ -1 +0,0 @@
-../download-config.service
\ No newline at end of file
diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/activate-sysconfig b/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/activate-sysconfig
deleted file mode 100755
index dbe23b21..00000000
--- a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/activate-sysconfig
+++ /dev/null
@@ -1,28 +0,0 @@
-#!/bin/bash
-
-if [ $# -gt 0 ]; then
-	CONFIG="$1/opt/openslx/config"
-else
-	CONFIG="/opt/openslx/config"
-fi
-
-[ -e "$CONFIG" ] && grep '^#_RCONFIG_TAG$' "$CONFIG" > /dev/null && echo "Config already fetched." && exit 0
-
-URL="$(grep -o -E "slxconfig=\S+" /proc/cmdline | cut -c 11-)"
-
-if [ -z "$URL" ]; then
-	echo "Error - 'slxconfig=' not found in command line, or empty"
-	exit 1
-fi
-
-wget -T 5 -q -O "${CONFIG}-remote" "$URL"
-RET=$?
-if [ "x$RET" != "x0" ]; then
-	echo "Error - downloading '$URL' via wget failed. Exit Code: $RET"
-	exit 1
-fi
-echo "# Config fetched from $URL" >> "$CONFIG"
-echo "#_RCONFIG_TAG" >> "$CONFIG"
-cat "${CONFIG}-remote" >> "$CONFIG"
-exit 0
-
diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/analyse-disk b/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/analyse-disk
deleted file mode 100755
index f162ec3a..00000000
--- a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/analyse-disk
+++ /dev/null
@@ -1,111 +0,0 @@
-#!/bin/bash
-# Copyright (c) 2013 - OpenSLX GmbH
-#
-# This program is free software distributed under the GPL version 2.
-# See http://openslx.org/COPYING
-#
-# If you have any feedback please consult http://openslx.org/feedback and
-# send your feedback to feedback@openslx.org
-#
-# General information about OpenSLX can be found under http://openslx.org
-#
-# Local hard disk autodetection script for OpenSLX linux stateless clients,
-# detecting swap and special partitions
-
-#############################################################################
-
-
-# General formatter for the /tmp partition on a local harddisk
-diskfm () {
-local target="$1"
-local fs
-local path
-for fs in xfs ext3 ext2 ; do
-  unset available
-  case $(cat /proc/filesystems) in
-    *${fs}*) available=yes;;
-    *) modprobe "${fs}" && available=yes;;
-  esac
-  if [ -n "${available}" ]; then
-    unset found
-    if which "mkfs.$fs" ; then
-      found=yes
-      case "mkfs.$fs" in
-        mkfs.xfs)
-          fopt="-f"
-          mopt="-o noexec"
-        ;;
-        mkfs.ext2)
-          fopt="-Fq"
-          mopt="-o nocheck,noexec"
-        ;;
-        mkfs.reiserfs)
-          fopt="-f"
-          mopt="-o noexec"
-        ;;
-      esac
-      mkfs.$fs ${fopt} "${target}"
-    fi
-    [ -n "$found" ] && break
-  fi
-done
-}
-
-# Check for local harddisks and appropriate partitions
-for waiting in 1 1 2 3 4; do
-	fdisk -l | sed -n "/^\/dev\//p" > "/etc/disk.partition"
-	[ -s "/etc/disk.partition" ] && break
-	sleep "$waiting"
-done
-echo "Partitions:"
-cat "/etc/disk.partition"
-
-# Check for standard swap partitions and make them available to the system
-for hdpartnr in $(sed -n -e "/ 82 /p" "/etc/disk.partition" | sed -e "s/[[:space:]].*//"); do
-	echo -e "$hdpartnr\tswap\t\tswap\t\tdefaults\t 0 0" >> "/etc/fstab"
-	swapon "$hdpartnr"
-done
-
-# We use special non assigned partition type (id44) for harddisk scratch 
-# space, thus no normal filesystem will be incidentally deleted or
-# corrupted
-for hdpartnr in $(sed -n -e "/ 44 /p" "/etc/disk.partition" | sed -e "s/[[:space:]].*//"); do
-  # check for supported filesystem and formatter
-  if diskfm "$hdpartnr"; then
-      # echo "$hdpartnr is mounted to /mnt/tmp at $(sysup)" >/tmp/tmpready
-      echo -e "$hdpartnr\t/tmp\t\tnoauto\t\tdefaults\t 0 0" >> "/etc/fstab"
-      mkdir -p /tmptmp
-      mv /tmp/* /tmp/.* /tmptmp/
-      mount "$hdpartnr" /tmp
-      chmod a+rwxt /tmp
-      mv /tmptmp/* /tmptmp/.* /tmp/
-      rmdir /tmptmp
-      break
-    else
-      echo "formatting failed for some reason"
-    fi # Made this non-forking, systemd should handle it - 2013-05-28
-done
-
-# Put detected linux partitions (83) into /etc/fstab with "noauto", special
-# partition 45 (persistent scratch) to /var/scratch and 46 to /var/openslx
-for partid in 83 45 46 ; do
-  for hdpartnr in $(sed -n -e "/ ${partid} /p" "/etc/disk.partition" | sed -e "s/[[:space:]].*//"); do
-    mkdir -p "/media/${hdpartnr#/dev/*}"
-    if [ "${partid}" -eq 83 ]; then
-      echo -e "$hdpartnr\t/media/${hdpartnr#/dev/*}\tauto\t\tnoauto,noexec\t 0 0" >> "/etc/fstab"
-    elif [ "${partid}" -eq 45 ]; then
-      #mount -t auto ${hdpartnr} /media/${hdpartnr#/dev/*}
-      #ln -sf /media/${hdpartnr#/dev/*} /var/scratch
-      echo -e "${hdpartnr}\t/media/${hdpartnr#/dev/*}\tauto\t\tnoauto\t\t 0 0" >> "/etc/fstab"
-    elif [ "${partid}" -eq 46 ]; then
-      # Mount a home directory to (/mnt)/var/home
-      #mount -t auto ${hdpartnr} /mnt/media/${hdpartnr#/dev/*} \n\
-      #test -d /mnt/media/${hdpartnr#/dev/*}/home && \
-      #  ln -sf /media/${hdpartnr#/dev/*} /var/home
-      echo -e "${hdpartnr}\t/media/${hdpartnr#/dev/*}\tauto\t\tnoauto\t\t 0 0" >> "/etc/fstab"
-    fi
-  done
-done
-
-mount -a
-
diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/dhcp++ b/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/dhcp++
deleted file mode 100755
index 45984032..00000000
--- a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/dhcp++
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/bash
-
-NET_IF="$1"
-NET_IP="$(ip addr show dev "${NET_IF}" | grep "inet " | awk -F " " '{print $2}' | awk -F "/" '{print $1}')"
-
-UDHCPC_OPTS=""
-[ ! -z "$NET_IP" ] && UDHCPC_OPTS=" -r $NET_IP "
-echo "udhcp++: running on $NET_IF with additional params $UDHCPC_OPTS" >> "/tmp/udhcpclog"
-mkdir -p /run/udhcpc
-/opt/openslx/sbin/udhcpc $UDHCPC_OPTS -O domain -O nissrv -O nisdomain -O wpad -t 8 -s /opt/openslx/bin/udhcpc.openslx.script -i "$NET_IF" -p "/run/udhcpc/udhcpc.$NET_IF.pid"
-
diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/load-gfx-driver b/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/load-gfx-driver
deleted file mode 100755
index 04fbea6e..00000000
--- a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/load-gfx-driver
+++ /dev/null
@@ -1,16 +0,0 @@
-#!/bin/bash
-
-PCIFILE=/tmp/lspci-output
-
-if ! lspci -n > "$PCIFILE"; then
-	echo "lspci -n failed..."
-	exit 1
-fi
-
-if grep -E ' 8086:0152( |$)' "$PCIFILE" > /dev/null; then
-	echo "i915 - enable 3D"
-	echo -e "# Written by load-gfx-driver\nSLX_VMWARE_3D=yes" >> "/opt/openslx/config"
-fi
-
-exit 0
-
diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/mountexport b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/mountexport
new file mode 100755
index 00000000..64d5f485
--- /dev/null
+++ b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/mountexport
@@ -0,0 +1,17 @@
+#!/bin/bash
+
+export PATH=$PATH:/opt/openslx/usr/sbin:/opt/openslx/usr/bin:/opt/openslx/sbin:/opt/openslx/bin
+
+if grep "Ubuntu 13.04" "/etc/issue" >/dev/null; then
+	EXPORT="132.230.8.113:/srv/ubuntu1304"
+elif grep "SUSE" "/etc/issue" >/dev/null; then
+	EXPORT="132.230.8.113:/srv/suse"
+else
+	echo "Could not determine System"
+	exit 1
+fi
+
+echo "Mounting ${EXPORT} to /opt/openslx/mnt"
+mount -t nfs -o ro,async,nolock,vers=3 "$EXPORT" /opt/openslx/mnt || { echo "Fail." && exit 1; }
+echo "Appending /opt/openslx/mnt to /"
+mount -o remount,append:/opt/openslx/mnt=ro / || { echo "Fail." && exit 1; }
diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/nettime b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/nettime
new file mode 100755
index 00000000..3ca13931
--- /dev/null
+++ b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/nettime
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+. /opt/openslx/config || { echo "Could not source config!"; exit 1; }
+SLX_NTP_SERVER="$SLX_NTP_SERVER time.uni-freiburg.de 0.de.pool.ntp.org"
+for SERVER in $SLX_NTP_SERVER; do
+	if ntpdate -u -b "$SERVER"; then
+		echo "Successfully queried $SERVER for time."
+		if [ "x$SLX_BIOS_CLOCK" = "xlocal" ]; then
+			sleep 1
+			hwclock -l -w || echo "... but could not set BIOS clock to localtime"
+		elif [ "x$SLX_BIOS_CLOCK" = "xutc" ]; then
+			sleep 1
+			hwclock -u -w || echo "... but could not set BIOS clock to UTC"
+		fi
+		exit 0
+	fi
+	echo "Error querying $SERVER for current time"
+done
+
+echo "No more servers to try. No NTP server was reachable." >&2
+exit 1
+
diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/udhcpc-openslx-script b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/udhcpc-openslx-script
new file mode 100755
index 00000000..1bbf6e80
--- /dev/null
+++ b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/udhcpc-openslx-script
@@ -0,0 +1,174 @@
+#!/bin/bash
+# -----------------------------------------------------------------------------
+#
+# Copyright (c) 2011 - OpenSLX GmbH
+#
+# This program is free software distributed under the GPL version 2.
+# See http://openslx.org/COPYING
+#
+# If you have any feedback please consult http://openslx.org/feedback and
+# send your suggestions, praise, or complaints to feedback@openslx.org
+#
+# General information about OpenSLX can be found at http://openslx.org/
+# -----------------------------------------------------------------------------
+#
+#                               Mini-Linux Toolkit
+#
+# -----------------------------------------------------------------------------
+
+. /opt/openslx/config
+
+RESOLV_CONF="/etc/resolv.conf"
+THISFILE="/run/udhcpc/${interface}.resolv"
+
+echo "$interface [$1] $ip" >> "/tmp/udhcpclog"
+
+rebuild_resolv_conf () {
+	# Maybe make this smarter some time, if anyone is using client's that are on multiple networks at once etc...
+	# This is a little braindead but should work most of the time
+	sort -u /run/udhcpc/*.resolv > "$RESOLV_CONF"
+}
+
+escape_search() {
+	echo "$@" | sed -e 's/[]\/()$*.^|[]/\\&/g'
+}
+
+escape_replace() {
+	echo "$@" | sed -e 's/[\/&]/\\&/g'
+}
+
+case "$1" in
+	bound|renew)
+		ip addr add "$ip/$(ipcalc -s -p $ip $subnet|sed s/.*=//)" dev "$interface"
+		if [ -n "$router" ]; then
+			ip route add default via "$router"
+		fi
+
+		# Update resolver configuration file
+		CONF=""
+		if [ -n "$domain" ]; then
+			printf -v CONF "domain $domain\nsearch $domain\n"
+		elif [ -n "$SLX_NET_DOMAIN" ]; then
+			printf -v CONF "domain $SLX_NET_DOMAIN\nsearch $SLX_NET_DOMAIN\n"
+		fi
+		for i in $dns; do
+			echo "$0: Adding DNS $i"
+			printf -v CONF "${CONF}nameserver $i\n"
+		done
+		
+		if [ -x /sbin/resolvconf ]; then
+			# Automatic handling :-)
+			echo -n "$CONF" | resolvconf -a "${interface}.udhcpc"
+		else
+			# Manual handling required :-(
+			mkdir -p "/run/udhcpc"
+			echo -n "$CONF" > "$THISFILE"
+			rebuild_resolv_conf
+		fi
+		
+		# Things that should only happen for the main interface that was used for booting
+		if [ "$interface" == "br0" ]; then
+			#update ip
+			sed -i "s/^\(SLX_PXE_CLIENT_IP=\).*$/\1'$ip'/" /opt/openslx/config
+			
+			#update hostname
+			dns_host=$(rdns "$ip")
+			if [ -z "$dns_host" ]; then
+				# fallback to what the dhcp told us
+				dns_host="$hostname"
+			fi
+			if [ -n "$dns_host" ]; then
+				echo "$dns_host" > "/proc/sys/kernel/hostname"
+				echo "$dns_host" > "/etc/hostname"
+				if grep '^SLX_HOSTNAME=' /opt/openslx/config 2>/dev/null; then
+					sed -i "s/^\(SLX_HOSTNAME=\).*$/\1'$dns_host'/" /opt/openslx/config
+				else
+					echo "# Config written by openslx-dhcp-script (1)" >> /opt/openslx/config
+					echo "SLX_HOSTNAME='$dns_host'" >> /opt/openslx/config
+				fi
+			fi
+		fi
+
+		# Hostname in /etc/hosts
+		touch /etc/hosts
+		if [ -n "$dns_host" ]; then
+			short="${dns_host%%.*}"
+			[ "x$short" = "x$dns_host" ] && short=""
+			sed -i -r "s/\s$(escape_search "$dns_host")(\s|$)/ /g" /etc/hosts
+			[ -n "$short" ] && sed -i -r "s/\s$(escape_search "$short")(\s|$)/ /g" /etc/hosts
+			if grep -q -E "^$ip\s" /etc/hosts; then
+				sed -i "s/^$(escape_search "$ip")\s/$(escape_replace "$ip $dns_host $short ")/g" /etc/hosts
+			else
+				echo "$ip $dns_host $short" >> /etc/hosts
+			fi
+		fi
+		if [ -n "$hostname" -a "x$hostname" != "x$dns_host" ]; then
+			short="${hostname%%.*}"
+			[ "x$short" = "x$hostname" ] && short=""
+			sed -i -r "s/\s$(escape_search "$hostname")(\s|$)/ /g" /etc/hosts
+			[ -n "$short" ] && sed -i -r "s/\s$(escape_search "$short")(\s|$)/ /g" /etc/hosts
+			if grep -q -E "^$ip\s" /etc/hosts; then
+				sed -i "s/^$(escape_search "$ip")\s/$(escape_replace "$ip $hostname $short ")/g" /etc/hosts
+			else
+				echo "$ip $hostname $short" >> /etc/hosts
+			fi
+		fi
+		sed -i -r '/^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\s*$/d' /etc/hosts
+
+		# We consider the network setup to be complete if an interface is being configured that
+		# has a default route and some dns servers set.
+		if [ -n "$router" ] && [ -n "$dns" ] && [ ! -e "/run/udhcpc/network-ready" ]; then
+			touch "/run/udhcpc/network-ready"
+			# Write to openslx-config
+			echo "# Config written by openslx-dhcp-script (2)" >> /opt/openslx/config
+			echo "SLX_DNS='$dns'" >> /opt/openslx/config
+			
+			# TODO: This mounts stage4. Current method is for testing purposes only.
+			# when going productive, this has to happen after user login, if the
+			# user selects a native linux session.
+			if [ "x$(grep -ci mount /proc/cmdline)" != "x0" ]; then
+				systemctl start nfs-mount.service &
+			fi
+			# Mark network target as reached
+			systemctl start network.target
+		fi
+		
+	;;
+	
+	deconfig)
+		if [ $(grep -c "nfs=" /proc/cmdline) == 0 ]; then
+			echo 1 > "/proc/sys/net/ipv4/conf/$interface/promote_secondaries"
+			clientip=${ip%%:*}
+			ip addr del "$clientip/$(ipcalc -s -p $clientip $subnet|sed s/.*=//)" dev "$interface"
+		else
+			echo "NFS is active, not removing old ip adress. warning: lease may expire after a while."
+		fi
+
+		if [ -x /sbin/resolvconf ]; then
+			# Automatic handling :-)
+			resolvconf -d "${interface}.udhcpc"
+		else
+			# Manual handling required :-(
+			rm -f "$THISFILE"
+			rebuild_resolv_conf
+		fi
+
+	;;
+	
+	leasefail)
+		echo "$0: Lease failed: $message"
+
+	;;
+	
+	nak)
+		echo "$0: Received a NAK: $message"
+
+	;;
+	
+	*)
+		echo "$0: Unknown udhcpc command: $1";
+		exit 1;
+
+	;;
+esac
+
-- 
cgit v1.2.3-55-g7522


From 43415d3cc5327f465bf45b86472b1c5554c01586 Mon Sep 17 00:00:00 2001
From: Jonathan Bauer
Date: Wed, 31 Jul 2013 18:06:16 +0200
Subject: [vmchooser] fix dead link for run-virt.sh

---
 remote/modules/vmchooser/TODO                      |   1 +
 .../vmchooser/data/opt/openslx/bin/run-virt.sh     | 466 ---------------------
 .../vmchooser/data/opt/openslx/scripts/run-virt.sh | 466 +++++++++++++++++++++
 3 files changed, 467 insertions(+), 466 deletions(-)
 create mode 100644 remote/modules/vmchooser/TODO
 delete mode 100755 remote/modules/vmchooser/data/opt/openslx/bin/run-virt.sh
 create mode 100755 remote/modules/vmchooser/data/opt/openslx/scripts/run-virt.sh

diff --git a/remote/modules/vmchooser/TODO b/remote/modules/vmchooser/TODO
new file mode 100644
index 00000000..1babdd10
--- /dev/null
+++ b/remote/modules/vmchooser/TODO
@@ -0,0 +1 @@
+adapt globals.cpp globals.h to adopt the new structure of openslx-files: everything we do under /opt/openslx
diff --git a/remote/modules/vmchooser/data/opt/openslx/bin/run-virt.sh b/remote/modules/vmchooser/data/opt/openslx/bin/run-virt.sh
deleted file mode 100755
index 473dfbc7..00000000
--- a/remote/modules/vmchooser/data/opt/openslx/bin/run-virt.sh
+++ /dev/null
@@ -1,466 +0,0 @@
-#!/bin/bash
-# -----------------------------------------------------------------------------
-# Copyright (c) 2007..2010 - RZ Uni FR
-# Copyright (c) 2007..2011 - OpenSLX GmbH
-#
-# This program is free software distributed under the GPL version 2.
-# See http://openslx.org/COPYING
-#
-# If you have any feedback please consult http://openslx.org/feedback and
-# send your suggestions, praise, or complaints to feedback@openslx.org
-#
-# General information about OpenSLX can be found at http://openslx.org/
-# -----------------------------------------------------------------------------
-# run-virt.sh
-#    - This is the generic wrapper for the several virtualization solutions.
-#      The idea is to setup a set of variables used by at least two different
-#      tools and then include the specific plugin which configures the speci-
-#      fied virtualization tool.
-################################################################################
-
-################################################################################
-### Define default dirs / get configs
-################################################################################
-
-PLUGINCONFROOT=/etc/opt/openslx/plugins
-PLUGINCONFDIR=/etc/opt/openslx/plugins/vmchooser
-# include general configuration from vmchooser
-[ -f /etc/openslx/vmchooser/vmchooser.conf ] && \
-. /etc/openslx/vmchooser/vmchooser.conf
-# load general virtualization information
-[ -f /etc/openslx/vmchooser/virtualization.conf ] && \
-. /etc/openslx/vmchooser/virtualization.conf
-
-################################################################################
-### Functions used throughout the script
-################################################################################
-
-# function to write to stdout and logfile
-LOGFILE=/var/log/openslx/run-virt.${USER}.$$.log
-writelog () {
-	# write to stdout
-	echo -e "$1"
-	# log into file
-	echo -e "$1" >> ${LOGFILE}
-}
-
-# remove config dirs when exit
-cleanexit () {
-	if echo "${RMDIRS}" 2>/dev/null | grep -q ${xmlvirt}; then
-		writelog "${xmlvirt} exited. Cleanning up... \c"
-		rm -rf ${RMDIRS} >/dev/null 2>&1
-		writelog "done"
-	fi
-	
-	exit "$1"
-}
-
-# check for important files used
-filecheck ()
-{
-	filecheck=$(LANG=us ls -lh ${diskfile} 2>&1)
-	writelog "Filecheck:\n${filecheck}\n"
-	noimage=$(echo ${filecheck} | grep -i "no such file or directory" | wc -l)
-	rightsfile=${diskfile}
-	
-	# check if link
-	if [ -L "${diskfile}" ]; then
-		# take link target
-		rightsfile=$(ls -lh ${diskfile} 2>&1 | awk -F '-> *' '{print $2}')
-		rightsfile=${vmdir}/${rightsfile}
-		filecheck=$(LANG=us ls -lh ${rightsfile} 2>&1)
-	fi
-	
-	# does file exist
-	if [ "${noimage}" -ge "1" ]; then
-		writelog "Virtual Machine Image Problem:\c "
-		writelog "\tThe image you've specified doesn't exist."
-		writelog "Filecheck says:\c "
-		writelog "\t\t${diskfile}:\n\t\t\tNo such file or directory"
-		writelog "Hint:\c "
-		writelog "\t\t\tCompare spelling of the image with your options.\n"
-		exit 1
-	fi
-	
-	# readable by calling user
-	if ! [ -r "${diskfile}" >/dev/null 2>&1 \
-		-o -r "${diskfile}" >/dev/null 2>&1 ]; then
-		writelog "Vmware Image Problem:\c "
-		writelog "\tThe image you've specified has wrong rights."
-		writelog "Filecheck says:\t\t$(echo ${filecheck} \
-		| awk '{print $1" "$3" "$4}') ${rightsfile}"
-		writelog "Hint:\t\t\tChange rights with: chmod a+r ${rightsfile}\n"
-		exit 1
-	fi
-	
-	# writable (for persistent-mode)?
-	if ! [ -w "${diskfile}" >/dev/null 2>&1 \
-	-o -w "${diskfile}" >/dev/null 2>&1 ] \
-	&& [ "${np}" = "independent-persistent" ]; then
-		writelog "Vmware Image Problem:\c "
-		writelog "\tThe image you have specified has wrong rights."
-		writelog "Filecheck says:\t\t$(echo ${filecheck} \
-		| awk '{print $1" "$3" "$4}') ${rightsfile}"
-		writelog "Hint:\t\t\tUse nonpersistent-mode or change rights to rw\n"
-		exit 1
-	fi
-}
-
-################################################################################
-### Get XML file and dir
-################################################################################
-
-## Added for persistent support.
-diskmode='nonpersistent'
-xmlfile="$1"
-if [[ "$(grep --extended-regexp '< *persistent *param=".+"' "$xmlfile")" ]]; then
-	imageFilePath="$(grep -io '<image_name param=.*"' "$xmlfile" | sed -e "s/&.*;/; /g" | awk -F '"' '{ print $2 }')"
-	diskmode='persistent'
-	# TODO path shouldn't be hardcoded.
-	xmlfile="$(basename "$imageFilePath" | sed 's/vmdk$/xml/g;s/-persistent//g')"
-	# NOTE: We have to make sure that this folder is present to prevent
-	# getting an empty string by "readlink".
-	mkdir --parents ~/.persistentVirtualMachines/
-	userBranchFilePath="$(readlink --canonicalize ~/.persistentVirtualMachines/$(basename "$imageFilePath"))"
-	# Create linked clone if not exists.
-	if [ ! -f "$userBranchFilePath" ]; then
-		# TODO path shouldn't be hardcoded.
-		/opt/openslx/plugin-repo/vmchooser/clc.bash "$xmlfile" "$userBranchFilePath" --debug --verbose
-	fi
-fi
-##
-
-# absolute or relative path?
-if ls "${xmlfile}" 2>/dev/null | grep '/' >/dev/null 2>&1; then
-	xmlpath=$(dirname "${xmlfile}")
-	xmlfile=$(basename "${xmlfile}")
-else
-	xmlpath=${vmchooser_xmlpath}
-fi
-# full path
-xmlfile="${xmlpath}/${xmlfile%.xml}.xml"
-
-DO_PROFILE="$(grep -c -E -i '<\s*profile\s*param="?(true|yes)"?' "$xmlfile")"
-
-################################################################################
-### Sanity checks
-################################################################################
-
-# test if the xml file is valid
-if ! [ -r "${xmlfile}" ]; then
-	writelog "${xmlfile} not a readable XML file!"
-	exit 1
-fi
-
-# test if XML file
-if ! grep '<?xml' "${xmlfile}" >/dev/null 2>&1; then
-	writelog "Submitted configuration file ${xmlfile} seems to have wrong XML format"
-	exit 1
-fi
-
-# check for running in graphical environment otherwise no much use here
-[ -z "$DISPLAY" ] && echo -e "\n\tStart only within a graphical desktop!\n" \
-&& exit 1
-
-################################################################################
-###  Logo for console
-################################################################################
-
-cat <<EOL
-                                             __        __   
-                .----.--.--.-----.___.--.--.|__|.----.|  |_ 
-                |   _|  |  |     |___|  |  ||  ||   _||   _|
-                |__| |_____|__|__|    \___/ |__||__|  |____|
-          OpenSLX virtual machine environment preparation script ...
-
-EOL
-
-################################################################################
-### Read needed variables from XML file
-################################################################################
-
-writelog "Starting configuration..."
-writelog "\tLogfile:\t\t${LOGFILE}"
-writelog "\t/tmp info:\t\t$(df -h | grep " /tmp$" | awk '{print $2}') \c"
-writelog "$(grep "/tmp " /proc/mounts | awk '{print $1" "$2" "$3" "$4}')"
-writelog "\tVM XML dir:\t\t$(dirname "${xmlfile}")"
-writelog "\tXML file:\t\t${xmlfile}"
-writelog "VM config:"
-
-# Name of the virt image
-imgname=$(grep -io '<image_name param=.*"' "${xmlfile}" \
-| sed -e "s/&.*;/; /g" | awk -F '"' '{ print $2 }')
-## Added for persistent support.
-if [[ "$userBranchFilePath" ]]; then
-	imgname="$userBranchFilePath"
-fi
-##
-
-# Imagename /w full path
-if echo "${imgname}" 2>/dev/null | grep -q '^/' >/dev/null 2>&1; then
-	imgpath="$(dirname "${imgname}")"
-	imgname="$(basename "${imgname}")"
-	vmpath="${imgpath}/${imgname}"
-	# If old vmchooser binary stuff
-	# We do not need folder name as it is already included by vmchooser
-	elif echo "${xmlfile}" 2>/dev/null | grep -q '^/tmp/' >/dev/null 2>&1; then
-	vmpath="$imgname"
-	imgname="$(basename "${imgname}")"
-	## Added for persistent support.
-	elif [[ "$userBranchFilePath" ]]; then
-	vmpath="$userBranchFilePath"
-	##
-	# Else use same path as xml
-else
-	imgpath="${xmlpath}"
-	vmpath="${imgpath}/${imgname}"
-fi
-
-# Check if virtual machine container file exists
-if ! [ -e "${vmpath}" ]; then
-	writelog "Virtual machine image ${vmpath} not found!"
-	exit 1
-fi
-
-# Name of the virt machine, sed because of Windows formatting
-vm_name=$(grep -o 'short_description param=.*"' "${xmlfile}" \
-| sed -e "s/&.*;/; /g" | awk -F '"' '{print $2}')
-# If ${vm_name} not defined use ${xmlfile}
-vm_name="${vm_name:-${xmlfile%.xml}}"
-
-# Define vm_shortname since vm_name can be very long
-vm_shortname="$(basename "${xmlfile%.xml}" | sed -e "s, ,-,g")"
-
-# vm_name = displayname, define for old scripts
-displayname="${vm_name}"
-
-# image is for the following virtual machine
-xmlvirt=$(grep -o 'virtualmachine param=.*"' "${xmlfile}" \
-| sed -e "s/&.*;/; /g" | awk -F '"' '{print $2}')
-
-# choose the proper virtualization/emulator plugin
-[ "x${xmlvirt}" != "x" -a "x${xmlvirt}" != "xqemukvm" -a \
-"x${xmlvirt}" != "xvirtualbox" -a "x${xmlvirt}" != "xvmware" ] && \
-xmlvirt="emufe"
-
-# make a guess from the filename extension if ${xmlvirt} is empty
-# (not set within the XML file)
-# TODO: implement possibility to submit own configuration files
-if [ -z "${xmlvirt}" ] && [ -n "${additional_config}" ]; then
-	writelog "No virtual machine parameter defined in ${xmlfile}"
-	writelog "Trying to guess VM...\c"
-	case "$(cat ${additional_config} | tr \"[A-Z]\" \"[a-z]\")" in
-		*config.version*|*virtualhw.version*|*independent-nonpersistent*|*vmdk*)
-			xmlvirt="vmware"
-		;;
-		*innotek*|*virtualbox*)
-			xmlvirt="virtualbox"
-		;;
-		*qemu*|*kvm*)
-			xmlvirt="qemukvm"
-		;;
-		*)
-			xmlvirt="none"
-		;;
-	esac
-	elif [ -z "${xmlvirt}" ]; then
-	case "$(echo ${imgname##*.} | tr \"[A-Z]\" \"[a-z]\")" in
-		vmdk)
-			xmlvirt="vmware"
-		;;
-		vbox|vdi)
-			xmlvirt="virtualbox"
-		;;
-		qcow*)
-			xmlvirt="qemukvm"
-		;;
-		*)
-			xmlvirt="emufe"
-		;;
-	esac
-	writelog "result:\t${xmlvirt}"
-fi
-
-# Definition of the client system
-vmostype=$(grep -io '<os param=.*"' "${xmlfile}" | awk -F '"' '{ print $2 }' |\
-tr "[A-Z]" "[a-z]")
-
-# Definition of the networking the client system is connected to
-network_kind=$(grep -io '<network param=.*"' "${xmlfile}" \
-| awk -F '"' '{ print $2 }' | tr "[A-Z]" "[a-z]")
-network_card=$(grep -io '<netcard param=.*"' "${xmlfile}" \
-| awk -F '"' '{ print $2 }'| tr "[A-Z]" "[a-z]")
-
-# Set redirects to 0, see vmgrid if you want to define some
-redirects=0
-
-# Serial/parallel ports defined (e.g. "ttyS0" or "autodetect")
-serial=$(grep -io '<serialport param=.*"' "${xmlfile}" \
-| awk -F '"' '{ print $2 }')
-parallel=$(grep -io '<parport param=.*"' "${xmlfile}" \
-| awk -F '"' '{ print $2 }')
-
-writelog "\tVirtualization:\t\t$xmlvirt"
-writelog "\tVM name:\t\t$vm_name"
-writelog "\tVM short name:\t\t$vm_shortname"
-
-###############################################################################
-### Declaration of default variables
-###############################################################################
-
-# VM-ID static (00)
-VM_ID="00"
-# take last two digits of current pid...
-VM_ID=$(expr substr $$ $(expr ${#$} - 1) 2)
-
-# Make sure cpu_cores is not empty
-cpu_cores=${cpu_cores:-"1"}
-
-# Amount of memory for the VM. Be generous if diff is written to HDD
-if mount | grep -q '^/dev/sd.*on.*/tmp'; then
-	reserve=16
-	min=550
-	max=1024
-else
-	reserve=65
-	min=768
-	max=8192
-fi
-
-# Calculate absulute amount of RAM that should stay available to the host
-reserve="$[ ( $totalmem * $reserve ) / 100 ]"
-# Respect some upper and lower bounds for the host amount
-[ "$reserve" -lt "$min" ] && reserve="$min"
-[ "$reserve" -gt "$max" ] && reserve="$max"
-
-# Get a result which can be divided by 4
-mem="$[ ( ( $totalmem - $reserve ) / 4 ) * 4 ]"
-if [ -n "$mainvirtmem" ]; then
-	forcemem="$[ "$mainvirtmem" / 4 * 4 ]"
-	mem="$forcemem"
-fi
-hostmem="$[ $totalmem - $mem ]"
-
-# Configuring ethernet mac address: first 3 bytes are fixed (00:50:56)
-# 4th byte is the VM-ID (0D)
-# last two bytes are taken from the bridge of the host
-# define one MAC per guest
-macguestpart="00:50:56:${VM_ID}"
-machostpart=$(echo ${hostmacaddr} | awk -F ":" '{print $(NF-1)":"$NF}')
-macaddr=$(echo "${macguestpart}:${machostpart}" | tr "[a-z]" "[A-Z]")
-
-# Virtual fd/cd/dvd and drive devices, floppy b: for configuration
-# if $floppy_0 from run-virt.include set then fdtest="TRUE"
-fdtest=
-fdtest=${floppy_0:+"TRUE"}
-# if $fdtest not set floppy0="FALSE", else "TRUE"
-floppy0=${fdtest:-"FALSE"}
-floppy1="TRUE"
-floppy1name="/etc/openslx/vmchooser/loopimg/fd.img"
-# if $cdrom_0 from run-virt.include set then cdtest="TRUE"
-cdtest=
-cdtest=${cdrom_0:+"TRUE"}
-# if $cdtest not set cdrom0="FALSE", else "TRUE"
-cdrom0=${cdtest:-"FALSE"}
-# if $cdrom_1 from run-virt.include set then cdtest="TRUE"
-cdtest=
-cdtest=${cdrom_1:+"TRUE"}
-# if $cdtest not set cdrom1="FALSE", else "TRUE"
-cdrom1=${cdtest:-"FALSE"}
-# IDE is expected default, test for the virtual disk image type should
-# be done while creating the runscripts ...
-ide="TRUE"
-scsi="FALSE"
-hddrv="ide"
-audio="true"
-remotedesktopport="590${VM_ID}"
-
-
-# Enable 3D
-enable3d=$(grep -i "<enable3d param=.*" ${xmlfile} 2>/dev/null | \
-awk -F '=' {'print $2'} | tr "[A-Z]" "[a-z]")
-
-# Add rw share
-sharepath="${HOME}"
-sharename="home"
-
-# Set hostname: using original hostname and adding string
-hostname="virt-$(hostname)"
-
-writelog "\tVM Hostname:\t\t$hostname"
-
-################################################################################
-### Setup the rest of the environment and run the configured vm
-################################################################################
-# 8086:1e20
-if lspci -n | grep -E -i '8086:1e20( |$)'; then
-	VOL="100%" # bwPC 4: Speaker too quiet :-(
-else
-	VOL="80%"
-fi
-# Adjust sound volume
-#writelog "Unmuting sound...\c "
-amixer -q sset Master "$VOL" unmute 2>/dev/null
-amixer -q sset PCM "$VOL" unmute 2>/dev/null
-amixer -q sset CD "$VOL" unmute 2>/dev/null
-amixer -q sset Headphone "$VOL" unmute 2>/dev/null
-amixer -q sset Front "$VOL" unmute 2>/dev/null      # in SUSE 11.0 it's headphone
-amixer -q sset Speaker "$VOL" unmute 2>/dev/null       # annoying built-in speaker
-#writelog "finished\n"
-
-# Load kvm modules
-if [ "$vtflag" = "1" -a -n "$kvm_module" ]; then
-	modprobe "$kvm_module"
-fi
-
-# Copy guest configuration (with added information) config.xml to be accessed
-# via virtual floppy
-cp "$xmlfile" "/etc/openslx/vmchooser/fd-loop/config.xml"
-# Add another file with resolution information
-xrandr | grep -o -E 'current\s*[0-9]+\s*x\s*[0-9]+' | cut -c 8- | sed -r 's/(\s|\t|\n)//g' | head -n 1 > "/etc/openslx/vmchooser/fd-loop/hostres.txt"
-
-# Get all virtual machine specific stuff from the respective include file
-if [ -e /etc/openslx/"${xmlvirt}"/run-virt.include ] ; then
-	self="${xmlvirt}"
-	. /etc/openslx/"${xmlvirt}"/run-virt.include
-	# start a windowmanager for easier handling
-	# (expect problems /w windows opening in background /w vmware without wm)
-	for dm in twm xfwm4 metacity openbox blackbox kwin fvwm2 ; do
-		if which $dm >/dev/null 2>&1 ; then
-			if [ "$dm" = "fvwm2" ] ; then
-				echo "EdgeScroll 0 0" > ${redodir}/fvwm
-				fvwm2 -f ${redodir}/fvwm >/dev/null 2>&1 &
-			else
-				$dm >/dev/null 2>&1 &
-			fi
-			break
-		fi
-	done
-	# Start poolvideoswitch if we find the autostarter file
-	#if [ -e /etc/xdg/autostart/pvsgui.desktop ]; then
-	#  /usr/local/bin/pvsgui -p 2 -b >/dev/null 2>&1 &
-	#fi
-	if [[ "$DO_PROFILE" -ge "1" ]]; then
-		wget "http://132.230.8.113/profile/do.php?action=start"
-	fi
-	eval ${VIRTCMD} ${VIRTCMDOPTS}
-	writelog "Bye."
-	
-	# Postrun for commands after virtualization finishes
-	if [ -n "${POSTRUN}" ]; then
-		eval ${POSTRUN}  >/dev/null 2>&1
-	fi
-	
-	cleanexit 0
-else
-	writelog "Failed because of missing ${xmlvirt} plugin."
-	cleanexit 1
-fi
-
-# Postrun for commands after virtualization finishes
-if [ -n "${POSTRUN}" ]; then
-	eval ${POSTRUN}  >/dev/null 2>&1
-fi
-
-cleanexit 0
-exit 0
diff --git a/remote/modules/vmchooser/data/opt/openslx/scripts/run-virt.sh b/remote/modules/vmchooser/data/opt/openslx/scripts/run-virt.sh
new file mode 100755
index 00000000..473dfbc7
--- /dev/null
+++ b/remote/modules/vmchooser/data/opt/openslx/scripts/run-virt.sh
@@ -0,0 +1,466 @@
+#!/bin/bash
+# -----------------------------------------------------------------------------
+# Copyright (c) 2007..2010 - RZ Uni FR
+# Copyright (c) 2007..2011 - OpenSLX GmbH
+#
+# This program is free software distributed under the GPL version 2.
+# See http://openslx.org/COPYING
+#
+# If you have any feedback please consult http://openslx.org/feedback and
+# send your suggestions, praise, or complaints to feedback@openslx.org
+#
+# General information about OpenSLX can be found at http://openslx.org/
+# -----------------------------------------------------------------------------
+# run-virt.sh
+#    - This is the generic wrapper for the several virtualization solutions.
+#      The idea is to setup a set of variables used by at least two different
+#      tools and then include the specific plugin which configures the speci-
+#      fied virtualization tool.
+################################################################################
+
+################################################################################
+### Define default dirs / get configs
+################################################################################
+
+PLUGINCONFROOT=/etc/opt/openslx/plugins
+PLUGINCONFDIR=/etc/opt/openslx/plugins/vmchooser
+# include general configuration from vmchooser
+[ -f /etc/openslx/vmchooser/vmchooser.conf ] && \
+. /etc/openslx/vmchooser/vmchooser.conf
+# load general virtualization information
+[ -f /etc/openslx/vmchooser/virtualization.conf ] && \
+. /etc/openslx/vmchooser/virtualization.conf
+
+################################################################################
+### Functions used throughout the script
+################################################################################
+
+# function to write to stdout and logfile
+LOGFILE=/var/log/openslx/run-virt.${USER}.$$.log
+writelog () {
+	# write to stdout
+	echo -e "$1"
+	# log into file
+	echo -e "$1" >> ${LOGFILE}
+}
+
+# remove config dirs when exit
+cleanexit () {
+	if echo "${RMDIRS}" 2>/dev/null | grep -q ${xmlvirt}; then
+		writelog "${xmlvirt} exited. Cleanning up... \c"
+		rm -rf ${RMDIRS} >/dev/null 2>&1
+		writelog "done"
+	fi
+	
+	exit "$1"
+}
+
+# check for important files used
+filecheck ()
+{
+	filecheck=$(LANG=us ls -lh ${diskfile} 2>&1)
+	writelog "Filecheck:\n${filecheck}\n"
+	noimage=$(echo ${filecheck} | grep -i "no such file or directory" | wc -l)
+	rightsfile=${diskfile}
+	
+	# check if link
+	if [ -L "${diskfile}" ]; then
+		# take link target
+		rightsfile=$(ls -lh ${diskfile} 2>&1 | awk -F '-> *' '{print $2}')
+		rightsfile=${vmdir}/${rightsfile}
+		filecheck=$(LANG=us ls -lh ${rightsfile} 2>&1)
+	fi
+	
+	# does file exist
+	if [ "${noimage}" -ge "1" ]; then
+		writelog "Virtual Machine Image Problem:\c "
+		writelog "\tThe image you've specified doesn't exist."
+		writelog "Filecheck says:\c "
+		writelog "\t\t${diskfile}:\n\t\t\tNo such file or directory"
+		writelog "Hint:\c "
+		writelog "\t\t\tCompare spelling of the image with your options.\n"
+		exit 1
+	fi
+	
+	# readable by calling user
+	if ! [ -r "${diskfile}" >/dev/null 2>&1 \
+		-o -r "${diskfile}" >/dev/null 2>&1 ]; then
+		writelog "Vmware Image Problem:\c "
+		writelog "\tThe image you've specified has wrong rights."
+		writelog "Filecheck says:\t\t$(echo ${filecheck} \
+		| awk '{print $1" "$3" "$4}') ${rightsfile}"
+		writelog "Hint:\t\t\tChange rights with: chmod a+r ${rightsfile}\n"
+		exit 1
+	fi
+	
+	# writable (for persistent-mode)?
+	if ! [ -w "${diskfile}" >/dev/null 2>&1 \
+	-o -w "${diskfile}" >/dev/null 2>&1 ] \
+	&& [ "${np}" = "independent-persistent" ]; then
+		writelog "Vmware Image Problem:\c "
+		writelog "\tThe image you have specified has wrong rights."
+		writelog "Filecheck says:\t\t$(echo ${filecheck} \
+		| awk '{print $1" "$3" "$4}') ${rightsfile}"
+		writelog "Hint:\t\t\tUse nonpersistent-mode or change rights to rw\n"
+		exit 1
+	fi
+}
+
+################################################################################
+### Get XML file and dir
+################################################################################
+
+## Added for persistent support.
+diskmode='nonpersistent'
+xmlfile="$1"
+if [[ "$(grep --extended-regexp '< *persistent *param=".+"' "$xmlfile")" ]]; then
+	imageFilePath="$(grep -io '<image_name param=.*"' "$xmlfile" | sed -e "s/&.*;/; /g" | awk -F '"' '{ print $2 }')"
+	diskmode='persistent'
+	# TODO path shouldn't be hardcoded.
+	xmlfile="$(basename "$imageFilePath" | sed 's/vmdk$/xml/g;s/-persistent//g')"
+	# NOTE: We have to make sure that this folder is present to prevent
+	# getting an empty string by "readlink".
+	mkdir --parents ~/.persistentVirtualMachines/
+	userBranchFilePath="$(readlink --canonicalize ~/.persistentVirtualMachines/$(basename "$imageFilePath"))"
+	# Create linked clone if not exists.
+	if [ ! -f "$userBranchFilePath" ]; then
+		# TODO path shouldn't be hardcoded.
+		/opt/openslx/plugin-repo/vmchooser/clc.bash "$xmlfile" "$userBranchFilePath" --debug --verbose
+	fi
+fi
+##
+
+# absolute or relative path?
+if ls "${xmlfile}" 2>/dev/null | grep '/' >/dev/null 2>&1; then
+	xmlpath=$(dirname "${xmlfile}")
+	xmlfile=$(basename "${xmlfile}")
+else
+	xmlpath=${vmchooser_xmlpath}
+fi
+# full path
+xmlfile="${xmlpath}/${xmlfile%.xml}.xml"
+
+DO_PROFILE="$(grep -c -E -i '<\s*profile\s*param="?(true|yes)"?' "$xmlfile")"
+
+################################################################################
+### Sanity checks
+################################################################################
+
+# test if the xml file is valid
+if ! [ -r "${xmlfile}" ]; then
+	writelog "${xmlfile} not a readable XML file!"
+	exit 1
+fi
+
+# test if XML file
+if ! grep '<?xml' "${xmlfile}" >/dev/null 2>&1; then
+	writelog "Submitted configuration file ${xmlfile} seems to have wrong XML format"
+	exit 1
+fi
+
+# check for running in graphical environment otherwise no much use here
+[ -z "$DISPLAY" ] && echo -e "\n\tStart only within a graphical desktop!\n" \
+&& exit 1
+
+################################################################################
+###  Logo for console
+################################################################################
+
+cat <<EOL
+                                             __        __   
+                .----.--.--.-----.___.--.--.|__|.----.|  |_ 
+                |   _|  |  |     |___|  |  ||  ||   _||   _|
+                |__| |_____|__|__|    \___/ |__||__|  |____|
+          OpenSLX virtual machine environment preparation script ...
+
+EOL
+
+################################################################################
+### Read needed variables from XML file
+################################################################################
+
+writelog "Starting configuration..."
+writelog "\tLogfile:\t\t${LOGFILE}"
+writelog "\t/tmp info:\t\t$(df -h | grep " /tmp$" | awk '{print $2}') \c"
+writelog "$(grep "/tmp " /proc/mounts | awk '{print $1" "$2" "$3" "$4}')"
+writelog "\tVM XML dir:\t\t$(dirname "${xmlfile}")"
+writelog "\tXML file:\t\t${xmlfile}"
+writelog "VM config:"
+
+# Name of the virt image
+imgname=$(grep -io '<image_name param=.*"' "${xmlfile}" \
+| sed -e "s/&.*;/; /g" | awk -F '"' '{ print $2 }')
+## Added for persistent support.
+if [[ "$userBranchFilePath" ]]; then
+	imgname="$userBranchFilePath"
+fi
+##
+
+# Imagename /w full path
+if echo "${imgname}" 2>/dev/null | grep -q '^/' >/dev/null 2>&1; then
+	imgpath="$(dirname "${imgname}")"
+	imgname="$(basename "${imgname}")"
+	vmpath="${imgpath}/${imgname}"
+	# If old vmchooser binary stuff
+	# We do not need folder name as it is already included by vmchooser
+	elif echo "${xmlfile}" 2>/dev/null | grep -q '^/tmp/' >/dev/null 2>&1; then
+	vmpath="$imgname"
+	imgname="$(basename "${imgname}")"
+	## Added for persistent support.
+	elif [[ "$userBranchFilePath" ]]; then
+	vmpath="$userBranchFilePath"
+	##
+	# Else use same path as xml
+else
+	imgpath="${xmlpath}"
+	vmpath="${imgpath}/${imgname}"
+fi
+
+# Check if virtual machine container file exists
+if ! [ -e "${vmpath}" ]; then
+	writelog "Virtual machine image ${vmpath} not found!"
+	exit 1
+fi
+
+# Name of the virt machine, sed because of Windows formatting
+vm_name=$(grep -o 'short_description param=.*"' "${xmlfile}" \
+| sed -e "s/&.*;/; /g" | awk -F '"' '{print $2}')
+# If ${vm_name} not defined use ${xmlfile}
+vm_name="${vm_name:-${xmlfile%.xml}}"
+
+# Define vm_shortname since vm_name can be very long
+vm_shortname="$(basename "${xmlfile%.xml}" | sed -e "s, ,-,g")"
+
+# vm_name = displayname, define for old scripts
+displayname="${vm_name}"
+
+# image is for the following virtual machine
+xmlvirt=$(grep -o 'virtualmachine param=.*"' "${xmlfile}" \
+| sed -e "s/&.*;/; /g" | awk -F '"' '{print $2}')
+
+# choose the proper virtualization/emulator plugin
+[ "x${xmlvirt}" != "x" -a "x${xmlvirt}" != "xqemukvm" -a \
+"x${xmlvirt}" != "xvirtualbox" -a "x${xmlvirt}" != "xvmware" ] && \
+xmlvirt="emufe"
+
+# make a guess from the filename extension if ${xmlvirt} is empty
+# (not set within the XML file)
+# TODO: implement possibility to submit own configuration files
+if [ -z "${xmlvirt}" ] && [ -n "${additional_config}" ]; then
+	writelog "No virtual machine parameter defined in ${xmlfile}"
+	writelog "Trying to guess VM...\c"
+	case "$(cat ${additional_config} | tr \"[A-Z]\" \"[a-z]\")" in
+		*config.version*|*virtualhw.version*|*independent-nonpersistent*|*vmdk*)
+			xmlvirt="vmware"
+		;;
+		*innotek*|*virtualbox*)
+			xmlvirt="virtualbox"
+		;;
+		*qemu*|*kvm*)
+			xmlvirt="qemukvm"
+		;;
+		*)
+			xmlvirt="none"
+		;;
+	esac
+	elif [ -z "${xmlvirt}" ]; then
+	case "$(echo ${imgname##*.} | tr \"[A-Z]\" \"[a-z]\")" in
+		vmdk)
+			xmlvirt="vmware"
+		;;
+		vbox|vdi)
+			xmlvirt="virtualbox"
+		;;
+		qcow*)
+			xmlvirt="qemukvm"
+		;;
+		*)
+			xmlvirt="emufe"
+		;;
+	esac
+	writelog "result:\t${xmlvirt}"
+fi
+
+# Definition of the client system
+vmostype=$(grep -io '<os param=.*"' "${xmlfile}" | awk -F '"' '{ print $2 }' |\
+tr "[A-Z]" "[a-z]")
+
+# Definition of the networking the client system is connected to
+network_kind=$(grep -io '<network param=.*"' "${xmlfile}" \
+| awk -F '"' '{ print $2 }' | tr "[A-Z]" "[a-z]")
+network_card=$(grep -io '<netcard param=.*"' "${xmlfile}" \
+| awk -F '"' '{ print $2 }'| tr "[A-Z]" "[a-z]")
+
+# Set redirects to 0, see vmgrid if you want to define some
+redirects=0
+
+# Serial/parallel ports defined (e.g. "ttyS0" or "autodetect")
+serial=$(grep -io '<serialport param=.*"' "${xmlfile}" \
+| awk -F '"' '{ print $2 }')
+parallel=$(grep -io '<parport param=.*"' "${xmlfile}" \
+| awk -F '"' '{ print $2 }')
+
+writelog "\tVirtualization:\t\t$xmlvirt"
+writelog "\tVM name:\t\t$vm_name"
+writelog "\tVM short name:\t\t$vm_shortname"
+
+###############################################################################
+### Declaration of default variables
+###############################################################################
+
+# VM-ID static (00)
+VM_ID="00"
+# take last two digits of current pid...
+VM_ID=$(expr substr $$ $(expr ${#$} - 1) 2)
+
+# Make sure cpu_cores is not empty
+cpu_cores=${cpu_cores:-"1"}
+
+# Amount of memory for the VM. Be generous if diff is written to HDD
+if mount | grep -q '^/dev/sd.*on.*/tmp'; then
+	reserve=16
+	min=550
+	max=1024
+else
+	reserve=65
+	min=768
+	max=8192
+fi
+
+# Calculate absulute amount of RAM that should stay available to the host
+reserve="$[ ( $totalmem * $reserve ) / 100 ]"
+# Respect some upper and lower bounds for the host amount
+[ "$reserve" -lt "$min" ] && reserve="$min"
+[ "$reserve" -gt "$max" ] && reserve="$max"
+
+# Get a result which can be divided by 4
+mem="$[ ( ( $totalmem - $reserve ) / 4 ) * 4 ]"
+if [ -n "$mainvirtmem" ]; then
+	forcemem="$[ "$mainvirtmem" / 4 * 4 ]"
+	mem="$forcemem"
+fi
+hostmem="$[ $totalmem - $mem ]"
+
+# Configuring ethernet mac address: first 3 bytes are fixed (00:50:56)
+# 4th byte is the VM-ID (0D)
+# last two bytes are taken from the bridge of the host
+# define one MAC per guest
+macguestpart="00:50:56:${VM_ID}"
+machostpart=$(echo ${hostmacaddr} | awk -F ":" '{print $(NF-1)":"$NF}')
+macaddr=$(echo "${macguestpart}:${machostpart}" | tr "[a-z]" "[A-Z]")
+
+# Virtual fd/cd/dvd and drive devices, floppy b: for configuration
+# if $floppy_0 from run-virt.include set then fdtest="TRUE"
+fdtest=
+fdtest=${floppy_0:+"TRUE"}
+# if $fdtest not set floppy0="FALSE", else "TRUE"
+floppy0=${fdtest:-"FALSE"}
+floppy1="TRUE"
+floppy1name="/etc/openslx/vmchooser/loopimg/fd.img"
+# if $cdrom_0 from run-virt.include set then cdtest="TRUE"
+cdtest=
+cdtest=${cdrom_0:+"TRUE"}
+# if $cdtest not set cdrom0="FALSE", else "TRUE"
+cdrom0=${cdtest:-"FALSE"}
+# if $cdrom_1 from run-virt.include set then cdtest="TRUE"
+cdtest=
+cdtest=${cdrom_1:+"TRUE"}
+# if $cdtest not set cdrom1="FALSE", else "TRUE"
+cdrom1=${cdtest:-"FALSE"}
+# IDE is expected default, test for the virtual disk image type should
+# be done while creating the runscripts ...
+ide="TRUE"
+scsi="FALSE"
+hddrv="ide"
+audio="true"
+remotedesktopport="590${VM_ID}"
+
+
+# Enable 3D
+enable3d=$(grep -i "<enable3d param=.*" ${xmlfile} 2>/dev/null | \
+awk -F '=' {'print $2'} | tr "[A-Z]" "[a-z]")
+
+# Add rw share
+sharepath="${HOME}"
+sharename="home"
+
+# Set hostname: using original hostname and adding string
+hostname="virt-$(hostname)"
+
+writelog "\tVM Hostname:\t\t$hostname"
+
+################################################################################
+### Setup the rest of the environment and run the configured vm
+################################################################################
+# 8086:1e20
+if lspci -n | grep -E -i '8086:1e20( |$)'; then
+	VOL="100%" # bwPC 4: Speaker too quiet :-(
+else
+	VOL="80%"
+fi
+# Adjust sound volume
+#writelog "Unmuting sound...\c "
+amixer -q sset Master "$VOL" unmute 2>/dev/null
+amixer -q sset PCM "$VOL" unmute 2>/dev/null
+amixer -q sset CD "$VOL" unmute 2>/dev/null
+amixer -q sset Headphone "$VOL" unmute 2>/dev/null
+amixer -q sset Front "$VOL" unmute 2>/dev/null      # in SUSE 11.0 it's headphone
+amixer -q sset Speaker "$VOL" unmute 2>/dev/null       # annoying built-in speaker
+#writelog "finished\n"
+
+# Load kvm modules
+if [ "$vtflag" = "1" -a -n "$kvm_module" ]; then
+	modprobe "$kvm_module"
+fi
+
+# Copy guest configuration (with added information) config.xml to be accessed
+# via virtual floppy
+cp "$xmlfile" "/etc/openslx/vmchooser/fd-loop/config.xml"
+# Add another file with resolution information
+xrandr | grep -o -E 'current\s*[0-9]+\s*x\s*[0-9]+' | cut -c 8- | sed -r 's/(\s|\t|\n)//g' | head -n 1 > "/etc/openslx/vmchooser/fd-loop/hostres.txt"
+
+# Get all virtual machine specific stuff from the respective include file
+if [ -e /etc/openslx/"${xmlvirt}"/run-virt.include ] ; then
+	self="${xmlvirt}"
+	. /etc/openslx/"${xmlvirt}"/run-virt.include
+	# start a windowmanager for easier handling
+	# (expect problems /w windows opening in background /w vmware without wm)
+	for dm in twm xfwm4 metacity openbox blackbox kwin fvwm2 ; do
+		if which $dm >/dev/null 2>&1 ; then
+			if [ "$dm" = "fvwm2" ] ; then
+				echo "EdgeScroll 0 0" > ${redodir}/fvwm
+				fvwm2 -f ${redodir}/fvwm >/dev/null 2>&1 &
+			else
+				$dm >/dev/null 2>&1 &
+			fi
+			break
+		fi
+	done
+	# Start poolvideoswitch if we find the autostarter file
+	#if [ -e /etc/xdg/autostart/pvsgui.desktop ]; then
+	#  /usr/local/bin/pvsgui -p 2 -b >/dev/null 2>&1 &
+	#fi
+	if [[ "$DO_PROFILE" -ge "1" ]]; then
+		wget "http://132.230.8.113/profile/do.php?action=start"
+	fi
+	eval ${VIRTCMD} ${VIRTCMDOPTS}
+	writelog "Bye."
+	
+	# Postrun for commands after virtualization finishes
+	if [ -n "${POSTRUN}" ]; then
+		eval ${POSTRUN}  >/dev/null 2>&1
+	fi
+	
+	cleanexit 0
+else
+	writelog "Failed because of missing ${xmlvirt} plugin."
+	cleanexit 1
+fi
+
+# Postrun for commands after virtualization finishes
+if [ -n "${POSTRUN}" ]; then
+	eval ${POSTRUN}  >/dev/null 2>&1
+fi
+
+cleanexit 0
+exit 0
-- 
cgit v1.2.3-55-g7522


From db70acdf89185e0f1e57faf77d0b26a4a572b9e6 Mon Sep 17 00:00:00 2001
From: Jonathan Bauer
Date: Wed, 31 Jul 2013 18:12:50 +0200
Subject: [pam] removed all freiburg specific configuration files from
 pam/data. backed up old data dir to 'data.old'

---
 remote/modules/pam/data.old/etc/gssapi_mech.conf   |  21 +++++
 remote/modules/pam/data.old/etc/idmapd.conf        |  12 +++
 remote/modules/pam/data.old/etc/krb5.conf          |  28 ++++++
 remote/modules/pam/data.old/etc/ldap.conf          |  11 +++
 remote/modules/pam/data.old/etc/ldap/ldap.conf     |   7 ++
 remote/modules/pam/data.old/etc/nsswitch.conf      |  19 ++++
 remote/modules/pam/data.old/etc/openldap/ldap.conf |   1 +
 .../data.old/etc/pam-script/pam_script_ses_close   |   1 +
 .../data.old/etc/pam-script/pam_script_ses_open    |   1 +
 .../modules/pam/data.old/etc/pam.d/common-account  |  26 ++++++
 remote/modules/pam/data.old/etc/pam.d/common-auth  |  27 ++++++
 .../modules/pam/data.old/etc/pam.d/common-password |  33 +++++++
 .../modules/pam/data.old/etc/pam.d/common-session  |  37 ++++++++
 .../etc/pam.d/common-session-noninteractive        |  30 ++++++
 remote/modules/pam/data.old/etc/pam.d/kdm          |  10 ++
 remote/modules/pam/data.old/etc/pam.d/kdm-np       |  11 +++
 remote/modules/pam/data.old/etc/pam.d/login        | 101 +++++++++++++++++++++
 remote/modules/pam/data.old/etc/pam.d/other        |  10 ++
 remote/modules/pam/data.old/etc/pam.d/passwd       |   6 ++
 remote/modules/pam/data.old/etc/pam.d/sshd         |  41 +++++++++
 remote/modules/pam/data.old/etc/pam.d/vmware-authd |   6 ++
 remote/modules/pam/data.old/etc/pam.d/xdm          |   6 ++
 remote/modules/pam/data.old/etc/skel/README        |   7 ++
 .../etc/systemd/system/activate-nss-ldap.service   |  10 ++
 .../getty.target.wants/activate-nss-ldap.service   |   1 +
 .../system/getty.target.wants/rpc-gssd.service     |   1 +
 .../system/getty.target.wants/rpc-idmapd.service   |   1 +
 .../data.old/etc/systemd/system/rpc-gssd.service   |   7 ++
 .../data.old/etc/systemd/system/rpc-idmapd.service |   7 ++
 .../etc/systemd/system/run-rpc_pipefs.mount        |   7 ++
 .../opt/openslx/scripts/pam_script_ses_close       |   9 ++
 .../opt/openslx/scripts/pam_script_ses_open        |  30 ++++++
 remote/modules/pam/data/etc/gssapi_mech.conf       |  21 -----
 remote/modules/pam/data/etc/idmapd.conf            |  12 ---
 remote/modules/pam/data/etc/krb5.conf              |  28 ------
 remote/modules/pam/data/etc/ldap.conf              |  11 ---
 remote/modules/pam/data/etc/ldap/ldap.conf         |   7 --
 remote/modules/pam/data/etc/nsswitch.conf          |  19 ----
 remote/modules/pam/data/etc/openldap/ldap.conf     |   1 -
 .../pam/data/etc/pam-script/pam_script_ses_close   |   1 -
 .../pam/data/etc/pam-script/pam_script_ses_open    |   1 -
 remote/modules/pam/data/etc/pam.d/common-account   |   7 +-
 remote/modules/pam/data/etc/pam.d/common-auth      |   4 +-
 remote/modules/pam/data/etc/pam.d/common-session   |   4 -
 .../data/etc/pam.d/common-session-noninteractive   |   2 +-
 remote/modules/pam/data/etc/skel/README            |   7 --
 .../etc/systemd/system/activate-nss-ldap.service   |  10 --
 .../getty.target.wants/activate-nss-ldap.service   |   1 -
 .../system/getty.target.wants/rpc-gssd.service     |   1 -
 .../system/getty.target.wants/rpc-idmapd.service   |   1 -
 .../pam/data/etc/systemd/system/rpc-gssd.service   |   7 --
 .../pam/data/etc/systemd/system/rpc-idmapd.service |   7 --
 .../data/etc/systemd/system/run-rpc_pipefs.mount   |   7 --
 .../data/opt/openslx/scripts/pam_script_ses_close  |   9 --
 .../data/opt/openslx/scripts/pam_script_ses_open   |  30 ------
 55 files changed, 530 insertions(+), 193 deletions(-)
 create mode 100644 remote/modules/pam/data.old/etc/gssapi_mech.conf
 create mode 100644 remote/modules/pam/data.old/etc/idmapd.conf
 create mode 100644 remote/modules/pam/data.old/etc/krb5.conf
 create mode 100644 remote/modules/pam/data.old/etc/ldap.conf
 create mode 100644 remote/modules/pam/data.old/etc/ldap/ldap.conf
 create mode 100644 remote/modules/pam/data.old/etc/nsswitch.conf
 create mode 120000 remote/modules/pam/data.old/etc/openldap/ldap.conf
 create mode 120000 remote/modules/pam/data.old/etc/pam-script/pam_script_ses_close
 create mode 120000 remote/modules/pam/data.old/etc/pam-script/pam_script_ses_open
 create mode 100644 remote/modules/pam/data.old/etc/pam.d/common-account
 create mode 100644 remote/modules/pam/data.old/etc/pam.d/common-auth
 create mode 100644 remote/modules/pam/data.old/etc/pam.d/common-password
 create mode 100644 remote/modules/pam/data.old/etc/pam.d/common-session
 create mode 100644 remote/modules/pam/data.old/etc/pam.d/common-session-noninteractive
 create mode 100644 remote/modules/pam/data.old/etc/pam.d/kdm
 create mode 100644 remote/modules/pam/data.old/etc/pam.d/kdm-np
 create mode 100644 remote/modules/pam/data.old/etc/pam.d/login
 create mode 100644 remote/modules/pam/data.old/etc/pam.d/other
 create mode 100644 remote/modules/pam/data.old/etc/pam.d/passwd
 create mode 100644 remote/modules/pam/data.old/etc/pam.d/sshd
 create mode 100644 remote/modules/pam/data.old/etc/pam.d/vmware-authd
 create mode 100644 remote/modules/pam/data.old/etc/pam.d/xdm
 create mode 100644 remote/modules/pam/data.old/etc/skel/README
 create mode 100644 remote/modules/pam/data.old/etc/systemd/system/activate-nss-ldap.service
 create mode 120000 remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/activate-nss-ldap.service
 create mode 120000 remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/rpc-gssd.service
 create mode 120000 remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/rpc-idmapd.service
 create mode 100644 remote/modules/pam/data.old/etc/systemd/system/rpc-gssd.service
 create mode 100644 remote/modules/pam/data.old/etc/systemd/system/rpc-idmapd.service
 create mode 100644 remote/modules/pam/data.old/etc/systemd/system/run-rpc_pipefs.mount
 create mode 100755 remote/modules/pam/data.old/opt/openslx/scripts/pam_script_ses_close
 create mode 100755 remote/modules/pam/data.old/opt/openslx/scripts/pam_script_ses_open
 delete mode 100644 remote/modules/pam/data/etc/gssapi_mech.conf
 delete mode 100644 remote/modules/pam/data/etc/idmapd.conf
 delete mode 100644 remote/modules/pam/data/etc/krb5.conf
 delete mode 100644 remote/modules/pam/data/etc/ldap.conf
 delete mode 100644 remote/modules/pam/data/etc/ldap/ldap.conf
 delete mode 100644 remote/modules/pam/data/etc/nsswitch.conf
 delete mode 120000 remote/modules/pam/data/etc/openldap/ldap.conf
 delete mode 120000 remote/modules/pam/data/etc/pam-script/pam_script_ses_close
 delete mode 120000 remote/modules/pam/data/etc/pam-script/pam_script_ses_open
 delete mode 100644 remote/modules/pam/data/etc/skel/README
 delete mode 100644 remote/modules/pam/data/etc/systemd/system/activate-nss-ldap.service
 delete mode 120000 remote/modules/pam/data/etc/systemd/system/getty.target.wants/activate-nss-ldap.service
 delete mode 120000 remote/modules/pam/data/etc/systemd/system/getty.target.wants/rpc-gssd.service
 delete mode 120000 remote/modules/pam/data/etc/systemd/system/getty.target.wants/rpc-idmapd.service
 delete mode 100644 remote/modules/pam/data/etc/systemd/system/rpc-gssd.service
 delete mode 100644 remote/modules/pam/data/etc/systemd/system/rpc-idmapd.service
 delete mode 100644 remote/modules/pam/data/etc/systemd/system/run-rpc_pipefs.mount
 delete mode 100755 remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close
 delete mode 100755 remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open

diff --git a/remote/modules/pam/data.old/etc/gssapi_mech.conf b/remote/modules/pam/data.old/etc/gssapi_mech.conf
new file mode 100644
index 00000000..ac41f5fd
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/gssapi_mech.conf
@@ -0,0 +1,21 @@
+# Example /etc/gssapi_mech.conf file
+#
+# GSSAPI Mechanism Definitions
+#
+# This configuration file determines which GSS-API mechanisms
+# the gssd code should use
+#
+# NOTE:
+# The initiaiization function "mechglue_internal_krb5_init"
+# is used for the MIT krb5 gssapi mechanism.  This special
+# function name indicates that an internal function should
+# be used to determine the entry points for the MIT gssapi
+# mechanism funtions.
+#
+# library                               initialization function
+# ================================	==========================
+# The MIT K5 gssapi library, use special function for initialization.
+libgssapi_krb5.so.2			mechglue_internal_krb5_init
+#
+# The SPKM3 gssapi library function.  Use the function spkm3_gss_initialize.
+# /usr/local/gss_mechs/spkm/spkm3/libgssapi_spkm3.so    spkm3_gss_initialize
diff --git a/remote/modules/pam/data.old/etc/idmapd.conf b/remote/modules/pam/data.old/etc/idmapd.conf
new file mode 100644
index 00000000..2253cf0d
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/idmapd.conf
@@ -0,0 +1,12 @@
+[General]
+
+Verbosity = 0
+Pipefs-Directory = /run/rpc_pipefs
+# set your own domain here, if id differs from FQDN minus hostname
+Domain = uni-freiburg.de
+# localdomain
+
+[Mapping]
+
+Nobody-User = nobody
+Nobody-Group = nogroup
diff --git a/remote/modules/pam/data.old/etc/krb5.conf b/remote/modules/pam/data.old/etc/krb5.conf
new file mode 100644
index 00000000..6fd49243
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/krb5.conf
@@ -0,0 +1,28 @@
+# file copied from configuration package (rootfs/etc/krb5.conf)
+#########################################################################
+[libdefaults]
+    noaddresses = false
+    clockskew = 300
+    default_realm = PUBLIC.ADS.UNI-FREIBURG.DE
+    forwardable = true
+    minimum_uid = 1000
+    proxiable = false
+    renew_lifetime = 30d
+    retain_after_close = false
+    ticket_lifetime = 3d
+    use_shmem = sshd
+    allow_weak_crypto=true
+#########################################################################
+[realms]
+    PUBLIC.ADS.UNI-FREIBURG.DE = {
+        kdc = kerberos.uni-freiburg.de
+        default_domain = uni-freiburg.de
+        admin_server = kerberos.uni-freiburg.de
+    }
+#########################################################################
+[domain_realm]
+    uni-freiburg.de  = PUBLIC.ADS.UNI-FREIBURG.DE
+    .uni-freiburg.de = PUBLIC.ADS.UNI-FREIBURG.DE
+##########################################################################
+[appdefaults]
+#########################################################################
diff --git a/remote/modules/pam/data.old/etc/ldap.conf b/remote/modules/pam/data.old/etc/ldap.conf
new file mode 100644
index 00000000..483595d2
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/ldap.conf
@@ -0,0 +1,11 @@
+URI ldaps://bv1.ruf.uni-freiburg.de ldaps://bv2.ruf.uni-freiburg.de ldaps://bv3.ruf.uni-freiburg.de
+BASE ou=people,dc=uni-freiburg,dc=de
+BIND_TIMELIMIT 5
+TIMELIMIT 10
+LOGDIR /tmp/ldap
+TLS_REQCERT allow
+nss_base_passwd        ou=people,dc=uni-freiburg,dc=de?one?rufdienst=ldap*)(&(rufclienthome=*)(rufstatus=enabled)
+nss_base_group         ou=group,dc=uni-freiburg,dc=de?one
+nss_map_attribute      homeDirectory rufClientHome
+
+nss_initgroups_ignoreusers avahi,avahi-autoipd,backup,bin,colord,daemon,distccd,games,git,gnats,hplip,irc,kdm,kernoops,libuuid,lightdm,list,lp,mail,man,messagebus,news,ntp,proxy,pulse,root,rtkit,saned,speech-dispatcher,sshd,statd,sync,sys,syslog,usbmux,uucp,whoopsie,www-data
diff --git a/remote/modules/pam/data.old/etc/ldap/ldap.conf b/remote/modules/pam/data.old/etc/ldap/ldap.conf
new file mode 100644
index 00000000..809065cc
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/ldap/ldap.conf
@@ -0,0 +1,7 @@
+URI ldaps://bv1.ruf.uni-freiburg.de ldaps://bv2.ruf.uni-freiburg.de ldaps://bv3.ruf.uni-freiburg.de
+BASE ou=people,dc=uni-freiburg,dc=de
+TLS_REQCERT allow
+nss_base_passwd        ou=people,dc=uni-freiburg,dc=de?one?rufdienst=ldap*)(&(rufclienthome=*)(rufstatus=enabled)
+nss_base_group         ou=group,dc=uni-freiburg,dc=de?one
+nss_map_attribute      homeDirectory rufClientHome
+
diff --git a/remote/modules/pam/data.old/etc/nsswitch.conf b/remote/modules/pam/data.old/etc/nsswitch.conf
new file mode 100644
index 00000000..d270cbac
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/nsswitch.conf
@@ -0,0 +1,19 @@
+# /etc/nsswitch.conf
+#
+# Example configuration of GNU Name Service Switch functionality.
+# If you have the `glibc-doc-reference' and `info' packages installed, try:
+# `info libc "Name Service Switch"' for information about this file.
+
+passwd:		files
+group:		files
+shadow:         files
+
+hosts:          files mdns4_minimal [NOTFOUND=return] dns mdns4
+networks:       files
+
+protocols:      db files
+services:       db files
+ethers:         db files
+rpc:            db files
+
+netgroup:       nis
diff --git a/remote/modules/pam/data.old/etc/openldap/ldap.conf b/remote/modules/pam/data.old/etc/openldap/ldap.conf
new file mode 120000
index 00000000..c0aaf459
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/openldap/ldap.conf
@@ -0,0 +1 @@
+/etc/ldap.conf
\ No newline at end of file
diff --git a/remote/modules/pam/data.old/etc/pam-script/pam_script_ses_close b/remote/modules/pam/data.old/etc/pam-script/pam_script_ses_close
new file mode 120000
index 00000000..f3682056
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/pam-script/pam_script_ses_close
@@ -0,0 +1 @@
+/opt/openslx/scripts/pam_script_ses_close
\ No newline at end of file
diff --git a/remote/modules/pam/data.old/etc/pam-script/pam_script_ses_open b/remote/modules/pam/data.old/etc/pam-script/pam_script_ses_open
new file mode 120000
index 00000000..4f5598e5
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/pam-script/pam_script_ses_open
@@ -0,0 +1 @@
+/opt/openslx/scripts/pam_script_ses_open
\ No newline at end of file
diff --git a/remote/modules/pam/data.old/etc/pam.d/common-account b/remote/modules/pam/data.old/etc/pam.d/common-account
new file mode 100644
index 00000000..3a5d5a14
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/pam.d/common-account
@@ -0,0 +1,26 @@
+#
+# /etc/pam.d/common-account - authorization settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authorization modules that define
+# the central access policy for use on the system.  The default is to
+# only deny service to users whose accounts are expired in /etc/shadow.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+#
+
+# here are the per-package modules (the "Primary" block)
+account	[success=2 new_authtok_reqd=done default=ignore]	pam_unix.so
+account [success=1 new_authtok_reqd=done default=ignore]	pam_ldap.so use_first_pass
+# here's the fallback if no module succeeds
+account	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+account	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/remote/modules/pam/data.old/etc/pam.d/common-auth b/remote/modules/pam/data.old/etc/pam.d/common-auth
new file mode 100644
index 00000000..5b544395
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/pam.d/common-auth
@@ -0,0 +1,27 @@
+#
+# /etc/pam.d/common-auth - authentication settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authentication modules that define
+# the central authentication scheme for use on the system
+# (e.g., /etc/shadow, LDAP, Kerberos, etc.).  The default is to use the
+# traditional Unix authentication mechanisms.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+auth	[success=3 default=ignore]	pam_krb5.so minimum_uid=1000
+auth	[success=2 default=ignore]	pam_unix.so try_first_pass
+auth	[success=1 default=ignore]	pam_ldap.so use_first_pass nullok_secure
+# here's the fallback if no module succeeds
+auth	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+auth	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/remote/modules/pam/data.old/etc/pam.d/common-password b/remote/modules/pam/data.old/etc/pam.d/common-password
new file mode 100644
index 00000000..cb8c7b71
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords.  Without this option,
+# the default is Unix crypt.  Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure sha512
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/remote/modules/pam/data.old/etc/pam.d/common-session b/remote/modules/pam/data.old/etc/pam.d/common-session
new file mode 100644
index 00000000..6182d470
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/pam.d/common-session
@@ -0,0 +1,37 @@
+#
+# /etc/pam.d/common-session - session-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define tasks to be performed
+# at the start and end of sessions of *any* kind (both interactive and
+# non-interactive).
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+session	[default=1]     pam_permit.so
+# here's the fallback if no module succeeds
+session	requisite       pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+session	required        pam_permit.so
+# The pam_umask module will set the umask according to the system default in
+# /etc/login.defs and user settings, solving the problem of different
+# umask settings with different shells, display managers, remote sessions etc.
+# See "man pam_umask".
+session optional        pam_umask.so
+# and here are more per-package modules (the "Additional" block)
+session	required        pam_systemd.so
+session optional        pam_env.so readenv=1
+session optional        pam_env.so readenv=1 envfile=/etc/default/locale
+session	optional        pam_krb5.so minimum_uid=1000
+session	[success=1]     pam_unix.so 
+session [success=ok]    pam_ldap.so
+session	sufficient      pam_script.so
+session optional        pam_mkhomedir.so skel=/etc/skel umask=0022
+# end of pam-auth-update config
diff --git a/remote/modules/pam/data.old/etc/pam.d/common-session-noninteractive b/remote/modules/pam/data.old/etc/pam.d/common-session-noninteractive
new file mode 100644
index 00000000..1fee2c4f
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/pam.d/common-session-noninteractive
@@ -0,0 +1,30 @@
+#
+# /etc/pam.d/common-session-noninteractive - session-related modules
+# common to all non-interactive services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define tasks to be performed
+# at the start and end of all non-interactive sessions.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+session	[default=1]			pam_permit.so
+# here's the fallback if no module succeeds
+session	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+session	required			pam_permit.so
+# The pam_umask module will set the umask according to the system default in
+# /etc/login.defs and user settings, solving the problem of different
+# umask settings with different shells, display managers, remote sessions etc.
+# See "man pam_umask".
+session optional			pam_umask.so
+# and here are more per-package modules (the "Additional" block)
+session	required	pam_unix.so 
+# end of pam-auth-update config
diff --git a/remote/modules/pam/data.old/etc/pam.d/kdm b/remote/modules/pam/data.old/etc/pam.d/kdm
new file mode 100644
index 00000000..e6a4ec9b
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/pam.d/kdm
@@ -0,0 +1,10 @@
+#
+# /etc/pam.d/kdm - specify the PAM behaviour of kdm
+#
+auth       required     pam_nologin.so
+auth       required     pam_env.so readenv=1
+auth       required     pam_env.so readenv=1 envfile=/etc/default/locale
+auth       include      common-auth
+account    include      common-account
+password   include      common-password
+session    include      common-session
diff --git a/remote/modules/pam/data.old/etc/pam.d/kdm-np b/remote/modules/pam/data.old/etc/pam.d/kdm-np
new file mode 100644
index 00000000..dc10e5b5
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/pam.d/kdm-np
@@ -0,0 +1,11 @@
+#
+# /etc/pam.d/kdm-np - specify the PAM behaviour of kdm for passwordless logins
+#
+auth       required     pam_nologin.so
+auth       required     pam_env.so readenv=1
+auth       required     pam_env.so readenv=1 envfile=/etc/default/locale
+session    required     pam_limits.so
+account    include      common-account
+password   include      common-password
+session    include      common-session
+auth       required     pam_permit.so
diff --git a/remote/modules/pam/data.old/etc/pam.d/login b/remote/modules/pam/data.old/etc/pam.d/login
new file mode 100644
index 00000000..1065f351
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/pam.d/login
@@ -0,0 +1,101 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+# OpenSLX: Not Needed?
+#session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+auth include common-auth
+
+# TODO do we need this?
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+#auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# TODO do we need this?
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+#session    required   pam_limits.so
+
+# TODO check if this is needed
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Standard Un*x account and session
+account include common-account
+session include common-session
+password include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/remote/modules/pam/data.old/etc/pam.d/other b/remote/modules/pam/data.old/etc/pam.d/other
new file mode 100644
index 00000000..840eb77f
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/pam.d/other
@@ -0,0 +1,10 @@
+#%PAM-1.0
+auth	 required	pam_warn.so
+auth	 required	pam_deny.so
+account  required	pam_warn.so
+account	 required	pam_deny.so
+password required	pam_warn.so
+password required	pam_deny.so
+session  required       pam_warn.so
+session	 required	pam_deny.so
+
diff --git a/remote/modules/pam/data.old/etc/pam.d/passwd b/remote/modules/pam/data.old/etc/pam.d/passwd
new file mode 100644
index 00000000..32eaa3c6
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/pam.d/passwd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `passwd' service
+#
+
+password include common-password
+
diff --git a/remote/modules/pam/data.old/etc/pam.d/sshd b/remote/modules/pam/data.old/etc/pam.d/sshd
new file mode 100644
index 00000000..8954d639
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/pam.d/sshd
@@ -0,0 +1,41 @@
+# PAM configuration for the Secure Shell service
+
+# Read environment variables from /etc/environment and
+# /etc/security/pam_env.conf.
+auth       required     pam_env.so # [1]
+# In Debian 4.0 (etch), locale-related environment variables were moved to
+# /etc/default/locale, so read that as well.
+auth       required     pam_env.so envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+auth include common-auth
+
+# Disallow non-root logins when /etc/nologin exists.
+account    required     pam_nologin.so
+
+# Uncomment and edit /etc/security/access.conf if you need to set complex
+# access limits that are hard to express in sshd_config.
+# account  required     pam_access.so
+
+# Standard Un*x authorization.
+account include common-account
+
+# Standard Un*x session setup and teardown.
+session include common-session
+
+# Print the message of the day upon successful login.
+session    optional     pam_motd.so # [1]
+
+# TODO do we need this?
+# Print the status of the user's mailbox upon successful login.
+#session    optional     pam_mail.so standard noenv # [1]
+
+# TODO do we need this?
+# Set up user limits from /etc/security/limits.conf.
+#session    required     pam_limits.so
+
+# Set up SELinux capabilities (need modified pam)
+# session  required     pam_selinux.so multiple
+
+# Standard Un*x password updating.
+password include common-password
diff --git a/remote/modules/pam/data.old/etc/pam.d/vmware-authd b/remote/modules/pam/data.old/etc/pam.d/vmware-authd
new file mode 100644
index 00000000..1f9b60f9
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/pam.d/vmware-authd
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth     include        common-auth
+account  include        common-account
+password include        common-password
+session  include        common-session
+
diff --git a/remote/modules/pam/data.old/etc/pam.d/xdm b/remote/modules/pam/data.old/etc/pam.d/xdm
new file mode 100644
index 00000000..d21651db
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/pam.d/xdm
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth     include        common-auth
+account  include        common-account
+password include        common-password
+session  required       pam_loginuid.so
+session  include        common-session
diff --git a/remote/modules/pam/data.old/etc/skel/README b/remote/modules/pam/data.old/etc/skel/README
new file mode 100644
index 00000000..92ed817c
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/skel/README
@@ -0,0 +1,7 @@
+IMPORTANT
+
+If you see this file, then your home directory was created upon logging in.
+This means that the files saved here will be LOST once you shutdown the machine.
+To save your work, save it elsewhere (USB-Stick, Online, ...).
+
+You have been warned.
diff --git a/remote/modules/pam/data.old/etc/systemd/system/activate-nss-ldap.service b/remote/modules/pam/data.old/etc/systemd/system/activate-nss-ldap.service
new file mode 100644
index 00000000..bbac775a
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/systemd/system/activate-nss-ldap.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=Activate NSS-LDAP lookups
+Before=graphical.target
+
+[Service]
+Type=oneshot
+ExecStart=-/opt/openslx/bin/mkdir /tmp/ldap
+ExecStart=/opt/openslx/bin/sed -i -e 's/^passwd:.*$/passwd:\t\tcache files ldap/;s/^group:.*$/group:\t\tcache files ldap/;s/^hosts:.*files/hosts:\t\tcache files/' /etc/nsswitch.conf
+ExecStart=/usr/bin/systemctl restart nscd
+
diff --git a/remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/activate-nss-ldap.service b/remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/activate-nss-ldap.service
new file mode 120000
index 00000000..1102840c
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/activate-nss-ldap.service
@@ -0,0 +1 @@
+../activate-nss-ldap.service
\ No newline at end of file
diff --git a/remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/rpc-gssd.service b/remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/rpc-gssd.service
new file mode 120000
index 00000000..194aba77
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/rpc-gssd.service
@@ -0,0 +1 @@
+../rpc-gssd.service
\ No newline at end of file
diff --git a/remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/rpc-idmapd.service b/remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/rpc-idmapd.service
new file mode 120000
index 00000000..66a28252
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/rpc-idmapd.service
@@ -0,0 +1 @@
+../rpc-idmapd.service
\ No newline at end of file
diff --git a/remote/modules/pam/data.old/etc/systemd/system/rpc-gssd.service b/remote/modules/pam/data.old/etc/systemd/system/rpc-gssd.service
new file mode 100644
index 00000000..79ffce8d
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/systemd/system/rpc-gssd.service
@@ -0,0 +1,7 @@
+[Unit]
+Description=NFS rpcsec_gss daemon
+Requires=run-rpc_pipefs.mount
+After=run-rpc_pipefs.mount
+
+[Service]
+ExecStart=/usr/sbin/rpc.gssd -f -vvv -p /run/rpc_pipefs
diff --git a/remote/modules/pam/data.old/etc/systemd/system/rpc-idmapd.service b/remote/modules/pam/data.old/etc/systemd/system/rpc-idmapd.service
new file mode 100644
index 00000000..c4da93e7
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/systemd/system/rpc-idmapd.service
@@ -0,0 +1,7 @@
+[Unit]
+Description=NFSv4 ID-name mapping daemon
+Requires=network.target run-rpc_pipefs.mount
+After=network.target
+
+[Service]
+ExecStart=/usr/sbin/rpc.idmapd -f
diff --git a/remote/modules/pam/data.old/etc/systemd/system/run-rpc_pipefs.mount b/remote/modules/pam/data.old/etc/systemd/system/run-rpc_pipefs.mount
new file mode 100644
index 00000000..692adce8
--- /dev/null
+++ b/remote/modules/pam/data.old/etc/systemd/system/run-rpc_pipefs.mount
@@ -0,0 +1,7 @@
+[Unit]
+Description=Pipefs RPC filesystem
+
+[Mount]
+What=rpc_pipefs
+Where=/run/rpc_pipefs
+Type=rpc_pipefs
diff --git a/remote/modules/pam/data.old/opt/openslx/scripts/pam_script_ses_close b/remote/modules/pam/data.old/opt/openslx/scripts/pam_script_ses_close
new file mode 100755
index 00000000..2b6f6105
--- /dev/null
+++ b/remote/modules/pam/data.old/opt/openslx/scripts/pam_script_ses_close
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin"
+
+[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Closing session for $PAM_USER"
+
+# TODO check if its the last session of the user.
+
+[ $(id -g $PAM_USER) -ge 1000 ] && umount /home/$PAM_USER
diff --git a/remote/modules/pam/data.old/opt/openslx/scripts/pam_script_ses_open b/remote/modules/pam/data.old/opt/openslx/scripts/pam_script_ses_open
new file mode 100755
index 00000000..f5ad8af1
--- /dev/null
+++ b/remote/modules/pam/data.old/opt/openslx/scripts/pam_script_ses_open
@@ -0,0 +1,30 @@
+#!/bin/bash
+
+export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin"
+
+[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Opening session for $PAM_USER"
+
+if [ $(id -g $PAM_USER) -ge 1000 ]; then
+	[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Mounting home directory for $PAM_USER"
+
+	# generate keytab
+	sslconnect npserv.ruf.uni-freiburg.de:3 > /etc/krb5.keytab
+	chmod 600 /etc/krb5.keytab
+
+	# determine fileserver and share for home directories
+	ldapsearch -x -LLL uid="$PAM_USER" homeDirectory rufFileserver > /tmp/ldapsearch."$PAM_USER"
+
+	FILESERVER=$(cat /tmp/ldapsearch.$PAM_USER | grep rufFileserver | cut -d" " -f2)
+	VOLUME=$(cat /tmp/ldapsearch.$PAM_USER | grep homeDirectory | cut -d" " -f2)
+
+	# now we can mount the home directory
+	mkdir -p /home/$PAM_USER
+	if mount -t nfs4 -o rw,nosuid,nodev,nolock,intr,hard,sloppy,sec=krb5p "$FILESERVER":"$VOLUME" /home/"$PAM_USER"; then
+		exit 0
+	else
+		echo "Failed to mount home directory for $PAM_USER"
+		exit 1
+	fi
+	
+fi
+
diff --git a/remote/modules/pam/data/etc/gssapi_mech.conf b/remote/modules/pam/data/etc/gssapi_mech.conf
deleted file mode 100644
index ac41f5fd..00000000
--- a/remote/modules/pam/data/etc/gssapi_mech.conf
+++ /dev/null
@@ -1,21 +0,0 @@
-# Example /etc/gssapi_mech.conf file
-#
-# GSSAPI Mechanism Definitions
-#
-# This configuration file determines which GSS-API mechanisms
-# the gssd code should use
-#
-# NOTE:
-# The initiaiization function "mechglue_internal_krb5_init"
-# is used for the MIT krb5 gssapi mechanism.  This special
-# function name indicates that an internal function should
-# be used to determine the entry points for the MIT gssapi
-# mechanism funtions.
-#
-# library                               initialization function
-# ================================	==========================
-# The MIT K5 gssapi library, use special function for initialization.
-libgssapi_krb5.so.2			mechglue_internal_krb5_init
-#
-# The SPKM3 gssapi library function.  Use the function spkm3_gss_initialize.
-# /usr/local/gss_mechs/spkm/spkm3/libgssapi_spkm3.so    spkm3_gss_initialize
diff --git a/remote/modules/pam/data/etc/idmapd.conf b/remote/modules/pam/data/etc/idmapd.conf
deleted file mode 100644
index 2253cf0d..00000000
--- a/remote/modules/pam/data/etc/idmapd.conf
+++ /dev/null
@@ -1,12 +0,0 @@
-[General]
-
-Verbosity = 0
-Pipefs-Directory = /run/rpc_pipefs
-# set your own domain here, if id differs from FQDN minus hostname
-Domain = uni-freiburg.de
-# localdomain
-
-[Mapping]
-
-Nobody-User = nobody
-Nobody-Group = nogroup
diff --git a/remote/modules/pam/data/etc/krb5.conf b/remote/modules/pam/data/etc/krb5.conf
deleted file mode 100644
index 6fd49243..00000000
--- a/remote/modules/pam/data/etc/krb5.conf
+++ /dev/null
@@ -1,28 +0,0 @@
-# file copied from configuration package (rootfs/etc/krb5.conf)
-#########################################################################
-[libdefaults]
-    noaddresses = false
-    clockskew = 300
-    default_realm = PUBLIC.ADS.UNI-FREIBURG.DE
-    forwardable = true
-    minimum_uid = 1000
-    proxiable = false
-    renew_lifetime = 30d
-    retain_after_close = false
-    ticket_lifetime = 3d
-    use_shmem = sshd
-    allow_weak_crypto=true
-#########################################################################
-[realms]
-    PUBLIC.ADS.UNI-FREIBURG.DE = {
-        kdc = kerberos.uni-freiburg.de
-        default_domain = uni-freiburg.de
-        admin_server = kerberos.uni-freiburg.de
-    }
-#########################################################################
-[domain_realm]
-    uni-freiburg.de  = PUBLIC.ADS.UNI-FREIBURG.DE
-    .uni-freiburg.de = PUBLIC.ADS.UNI-FREIBURG.DE
-##########################################################################
-[appdefaults]
-#########################################################################
diff --git a/remote/modules/pam/data/etc/ldap.conf b/remote/modules/pam/data/etc/ldap.conf
deleted file mode 100644
index 483595d2..00000000
--- a/remote/modules/pam/data/etc/ldap.conf
+++ /dev/null
@@ -1,11 +0,0 @@
-URI ldaps://bv1.ruf.uni-freiburg.de ldaps://bv2.ruf.uni-freiburg.de ldaps://bv3.ruf.uni-freiburg.de
-BASE ou=people,dc=uni-freiburg,dc=de
-BIND_TIMELIMIT 5
-TIMELIMIT 10
-LOGDIR /tmp/ldap
-TLS_REQCERT allow
-nss_base_passwd        ou=people,dc=uni-freiburg,dc=de?one?rufdienst=ldap*)(&(rufclienthome=*)(rufstatus=enabled)
-nss_base_group         ou=group,dc=uni-freiburg,dc=de?one
-nss_map_attribute      homeDirectory rufClientHome
-
-nss_initgroups_ignoreusers avahi,avahi-autoipd,backup,bin,colord,daemon,distccd,games,git,gnats,hplip,irc,kdm,kernoops,libuuid,lightdm,list,lp,mail,man,messagebus,news,ntp,proxy,pulse,root,rtkit,saned,speech-dispatcher,sshd,statd,sync,sys,syslog,usbmux,uucp,whoopsie,www-data
diff --git a/remote/modules/pam/data/etc/ldap/ldap.conf b/remote/modules/pam/data/etc/ldap/ldap.conf
deleted file mode 100644
index 809065cc..00000000
--- a/remote/modules/pam/data/etc/ldap/ldap.conf
+++ /dev/null
@@ -1,7 +0,0 @@
-URI ldaps://bv1.ruf.uni-freiburg.de ldaps://bv2.ruf.uni-freiburg.de ldaps://bv3.ruf.uni-freiburg.de
-BASE ou=people,dc=uni-freiburg,dc=de
-TLS_REQCERT allow
-nss_base_passwd        ou=people,dc=uni-freiburg,dc=de?one?rufdienst=ldap*)(&(rufclienthome=*)(rufstatus=enabled)
-nss_base_group         ou=group,dc=uni-freiburg,dc=de?one
-nss_map_attribute      homeDirectory rufClientHome
-
diff --git a/remote/modules/pam/data/etc/nsswitch.conf b/remote/modules/pam/data/etc/nsswitch.conf
deleted file mode 100644
index d270cbac..00000000
--- a/remote/modules/pam/data/etc/nsswitch.conf
+++ /dev/null
@@ -1,19 +0,0 @@
-# /etc/nsswitch.conf
-#
-# Example configuration of GNU Name Service Switch functionality.
-# If you have the `glibc-doc-reference' and `info' packages installed, try:
-# `info libc "Name Service Switch"' for information about this file.
-
-passwd:		files
-group:		files
-shadow:         files
-
-hosts:          files mdns4_minimal [NOTFOUND=return] dns mdns4
-networks:       files
-
-protocols:      db files
-services:       db files
-ethers:         db files
-rpc:            db files
-
-netgroup:       nis
diff --git a/remote/modules/pam/data/etc/openldap/ldap.conf b/remote/modules/pam/data/etc/openldap/ldap.conf
deleted file mode 120000
index c0aaf459..00000000
--- a/remote/modules/pam/data/etc/openldap/ldap.conf
+++ /dev/null
@@ -1 +0,0 @@
-/etc/ldap.conf
\ No newline at end of file
diff --git a/remote/modules/pam/data/etc/pam-script/pam_script_ses_close b/remote/modules/pam/data/etc/pam-script/pam_script_ses_close
deleted file mode 120000
index f3682056..00000000
--- a/remote/modules/pam/data/etc/pam-script/pam_script_ses_close
+++ /dev/null
@@ -1 +0,0 @@
-/opt/openslx/scripts/pam_script_ses_close
\ No newline at end of file
diff --git a/remote/modules/pam/data/etc/pam-script/pam_script_ses_open b/remote/modules/pam/data/etc/pam-script/pam_script_ses_open
deleted file mode 120000
index 4f5598e5..00000000
--- a/remote/modules/pam/data/etc/pam-script/pam_script_ses_open
+++ /dev/null
@@ -1 +0,0 @@
-/opt/openslx/scripts/pam_script_ses_open
\ No newline at end of file
diff --git a/remote/modules/pam/data/etc/pam.d/common-account b/remote/modules/pam/data/etc/pam.d/common-account
index 3a5d5a14..4c464871 100644
--- a/remote/modules/pam/data/etc/pam.d/common-account
+++ b/remote/modules/pam/data/etc/pam.d/common-account
@@ -14,13 +14,12 @@
 #
 
 # here are the per-package modules (the "Primary" block)
-account	[success=2 new_authtok_reqd=done default=ignore]	pam_unix.so
-account [success=1 new_authtok_reqd=done default=ignore]	pam_ldap.so use_first_pass
+account	[success=1 new_authtok_reqd=done default=ignore]	pam_unix.so
 # here's the fallback if no module succeeds
-account	requisite			pam_deny.so
+account	requisite						pam_deny.so
 # prime the stack with a positive return value if there isn't one already;
 # this avoids us returning an error just because nothing sets a success code
 # since the modules above will each just jump around
-account	required			pam_permit.so
+account	required						pam_permit.so
 # and here are more per-package modules (the "Additional" block)
 # end of pam-auth-update config
diff --git a/remote/modules/pam/data/etc/pam.d/common-auth b/remote/modules/pam/data/etc/pam.d/common-auth
index 5b544395..752b810d 100644
--- a/remote/modules/pam/data/etc/pam.d/common-auth
+++ b/remote/modules/pam/data/etc/pam.d/common-auth
@@ -14,9 +14,7 @@
 # pam-auth-update(8) for details.
 
 # here are the per-package modules (the "Primary" block)
-auth	[success=3 default=ignore]	pam_krb5.so minimum_uid=1000
-auth	[success=2 default=ignore]	pam_unix.so try_first_pass
-auth	[success=1 default=ignore]	pam_ldap.so use_first_pass nullok_secure
+auth	[success=1 default=ignore]	pam_unix.so
 # here's the fallback if no module succeeds
 auth	requisite			pam_deny.so
 # prime the stack with a positive return value if there isn't one already;
diff --git a/remote/modules/pam/data/etc/pam.d/common-session b/remote/modules/pam/data/etc/pam.d/common-session
index 6182d470..1a3ca2d1 100644
--- a/remote/modules/pam/data/etc/pam.d/common-session
+++ b/remote/modules/pam/data/etc/pam.d/common-session
@@ -29,9 +29,5 @@ session optional        pam_umask.so
 session	required        pam_systemd.so
 session optional        pam_env.so readenv=1
 session optional        pam_env.so readenv=1 envfile=/etc/default/locale
-session	optional        pam_krb5.so minimum_uid=1000
-session	[success=1]     pam_unix.so 
-session [success=ok]    pam_ldap.so
-session	sufficient      pam_script.so
 session optional        pam_mkhomedir.so skel=/etc/skel umask=0022
 # end of pam-auth-update config
diff --git a/remote/modules/pam/data/etc/pam.d/common-session-noninteractive b/remote/modules/pam/data/etc/pam.d/common-session-noninteractive
index 1fee2c4f..d9bf071c 100644
--- a/remote/modules/pam/data/etc/pam.d/common-session-noninteractive
+++ b/remote/modules/pam/data/etc/pam.d/common-session-noninteractive
@@ -26,5 +26,5 @@ session	required			pam_permit.so
 # See "man pam_umask".
 session optional			pam_umask.so
 # and here are more per-package modules (the "Additional" block)
-session	required	pam_unix.so 
+session	required			pam_unix.so 
 # end of pam-auth-update config
diff --git a/remote/modules/pam/data/etc/skel/README b/remote/modules/pam/data/etc/skel/README
deleted file mode 100644
index 92ed817c..00000000
--- a/remote/modules/pam/data/etc/skel/README
+++ /dev/null
@@ -1,7 +0,0 @@
-IMPORTANT
-
-If you see this file, then your home directory was created upon logging in.
-This means that the files saved here will be LOST once you shutdown the machine.
-To save your work, save it elsewhere (USB-Stick, Online, ...).
-
-You have been warned.
diff --git a/remote/modules/pam/data/etc/systemd/system/activate-nss-ldap.service b/remote/modules/pam/data/etc/systemd/system/activate-nss-ldap.service
deleted file mode 100644
index bbac775a..00000000
--- a/remote/modules/pam/data/etc/systemd/system/activate-nss-ldap.service
+++ /dev/null
@@ -1,10 +0,0 @@
-[Unit]
-Description=Activate NSS-LDAP lookups
-Before=graphical.target
-
-[Service]
-Type=oneshot
-ExecStart=-/opt/openslx/bin/mkdir /tmp/ldap
-ExecStart=/opt/openslx/bin/sed -i -e 's/^passwd:.*$/passwd:\t\tcache files ldap/;s/^group:.*$/group:\t\tcache files ldap/;s/^hosts:.*files/hosts:\t\tcache files/' /etc/nsswitch.conf
-ExecStart=/usr/bin/systemctl restart nscd
-
diff --git a/remote/modules/pam/data/etc/systemd/system/getty.target.wants/activate-nss-ldap.service b/remote/modules/pam/data/etc/systemd/system/getty.target.wants/activate-nss-ldap.service
deleted file mode 120000
index 1102840c..00000000
--- a/remote/modules/pam/data/etc/systemd/system/getty.target.wants/activate-nss-ldap.service
+++ /dev/null
@@ -1 +0,0 @@
-../activate-nss-ldap.service
\ No newline at end of file
diff --git a/remote/modules/pam/data/etc/systemd/system/getty.target.wants/rpc-gssd.service b/remote/modules/pam/data/etc/systemd/system/getty.target.wants/rpc-gssd.service
deleted file mode 120000
index 194aba77..00000000
--- a/remote/modules/pam/data/etc/systemd/system/getty.target.wants/rpc-gssd.service
+++ /dev/null
@@ -1 +0,0 @@
-../rpc-gssd.service
\ No newline at end of file
diff --git a/remote/modules/pam/data/etc/systemd/system/getty.target.wants/rpc-idmapd.service b/remote/modules/pam/data/etc/systemd/system/getty.target.wants/rpc-idmapd.service
deleted file mode 120000
index 66a28252..00000000
--- a/remote/modules/pam/data/etc/systemd/system/getty.target.wants/rpc-idmapd.service
+++ /dev/null
@@ -1 +0,0 @@
-../rpc-idmapd.service
\ No newline at end of file
diff --git a/remote/modules/pam/data/etc/systemd/system/rpc-gssd.service b/remote/modules/pam/data/etc/systemd/system/rpc-gssd.service
deleted file mode 100644
index 79ffce8d..00000000
--- a/remote/modules/pam/data/etc/systemd/system/rpc-gssd.service
+++ /dev/null
@@ -1,7 +0,0 @@
-[Unit]
-Description=NFS rpcsec_gss daemon
-Requires=run-rpc_pipefs.mount
-After=run-rpc_pipefs.mount
-
-[Service]
-ExecStart=/usr/sbin/rpc.gssd -f -vvv -p /run/rpc_pipefs
diff --git a/remote/modules/pam/data/etc/systemd/system/rpc-idmapd.service b/remote/modules/pam/data/etc/systemd/system/rpc-idmapd.service
deleted file mode 100644
index c4da93e7..00000000
--- a/remote/modules/pam/data/etc/systemd/system/rpc-idmapd.service
+++ /dev/null
@@ -1,7 +0,0 @@
-[Unit]
-Description=NFSv4 ID-name mapping daemon
-Requires=network.target run-rpc_pipefs.mount
-After=network.target
-
-[Service]
-ExecStart=/usr/sbin/rpc.idmapd -f
diff --git a/remote/modules/pam/data/etc/systemd/system/run-rpc_pipefs.mount b/remote/modules/pam/data/etc/systemd/system/run-rpc_pipefs.mount
deleted file mode 100644
index 692adce8..00000000
--- a/remote/modules/pam/data/etc/systemd/system/run-rpc_pipefs.mount
+++ /dev/null
@@ -1,7 +0,0 @@
-[Unit]
-Description=Pipefs RPC filesystem
-
-[Mount]
-What=rpc_pipefs
-Where=/run/rpc_pipefs
-Type=rpc_pipefs
diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close
deleted file mode 100755
index 2b6f6105..00000000
--- a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/bash
-
-export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin"
-
-[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Closing session for $PAM_USER"
-
-# TODO check if its the last session of the user.
-
-[ $(id -g $PAM_USER) -ge 1000 ] && umount /home/$PAM_USER
diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open
deleted file mode 100755
index f5ad8af1..00000000
--- a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/bash
-
-export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin"
-
-[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Opening session for $PAM_USER"
-
-if [ $(id -g $PAM_USER) -ge 1000 ]; then
-	[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Mounting home directory for $PAM_USER"
-
-	# generate keytab
-	sslconnect npserv.ruf.uni-freiburg.de:3 > /etc/krb5.keytab
-	chmod 600 /etc/krb5.keytab
-
-	# determine fileserver and share for home directories
-	ldapsearch -x -LLL uid="$PAM_USER" homeDirectory rufFileserver > /tmp/ldapsearch."$PAM_USER"
-
-	FILESERVER=$(cat /tmp/ldapsearch.$PAM_USER | grep rufFileserver | cut -d" " -f2)
-	VOLUME=$(cat /tmp/ldapsearch.$PAM_USER | grep homeDirectory | cut -d" " -f2)
-
-	# now we can mount the home directory
-	mkdir -p /home/$PAM_USER
-	if mount -t nfs4 -o rw,nosuid,nodev,nolock,intr,hard,sloppy,sec=krb5p "$FILESERVER":"$VOLUME" /home/"$PAM_USER"; then
-		exit 0
-	else
-		echo "Failed to mount home directory for $PAM_USER"
-		exit 1
-	fi
-	
-fi
-
-- 
cgit v1.2.3-55-g7522


From 2860b02739dd17ee0373d3c58312aca3a440d570 Mon Sep 17 00:00:00 2001
From: Jonathan Bauer
Date: Wed, 31 Jul 2013 18:18:21 +0200
Subject: [pam] removed old data dir...

---
 remote/modules/pam/data.old/etc/gssapi_mech.conf   |  21 -----
 remote/modules/pam/data.old/etc/idmapd.conf        |  12 ---
 remote/modules/pam/data.old/etc/krb5.conf          |  28 ------
 remote/modules/pam/data.old/etc/ldap.conf          |  11 ---
 remote/modules/pam/data.old/etc/ldap/ldap.conf     |   7 --
 remote/modules/pam/data.old/etc/nsswitch.conf      |  19 ----
 remote/modules/pam/data.old/etc/openldap/ldap.conf |   1 -
 .../data.old/etc/pam-script/pam_script_ses_close   |   1 -
 .../data.old/etc/pam-script/pam_script_ses_open    |   1 -
 .../modules/pam/data.old/etc/pam.d/common-account  |  26 ------
 remote/modules/pam/data.old/etc/pam.d/common-auth  |  27 ------
 .../modules/pam/data.old/etc/pam.d/common-password |  33 -------
 .../modules/pam/data.old/etc/pam.d/common-session  |  37 --------
 .../etc/pam.d/common-session-noninteractive        |  30 ------
 remote/modules/pam/data.old/etc/pam.d/kdm          |  10 --
 remote/modules/pam/data.old/etc/pam.d/kdm-np       |  11 ---
 remote/modules/pam/data.old/etc/pam.d/login        | 101 ---------------------
 remote/modules/pam/data.old/etc/pam.d/other        |  10 --
 remote/modules/pam/data.old/etc/pam.d/passwd       |   6 --
 remote/modules/pam/data.old/etc/pam.d/sshd         |  41 ---------
 remote/modules/pam/data.old/etc/pam.d/vmware-authd |   6 --
 remote/modules/pam/data.old/etc/pam.d/xdm          |   6 --
 remote/modules/pam/data.old/etc/skel/README        |   7 --
 .../etc/systemd/system/activate-nss-ldap.service   |  10 --
 .../getty.target.wants/activate-nss-ldap.service   |   1 -
 .../system/getty.target.wants/rpc-gssd.service     |   1 -
 .../system/getty.target.wants/rpc-idmapd.service   |   1 -
 .../data.old/etc/systemd/system/rpc-gssd.service   |   7 --
 .../data.old/etc/systemd/system/rpc-idmapd.service |   7 --
 .../etc/systemd/system/run-rpc_pipefs.mount        |   7 --
 .../opt/openslx/scripts/pam_script_ses_close       |   9 --
 .../opt/openslx/scripts/pam_script_ses_open        |  30 ------
 server/export_target                               |   4 +
 33 files changed, 4 insertions(+), 525 deletions(-)
 delete mode 100644 remote/modules/pam/data.old/etc/gssapi_mech.conf
 delete mode 100644 remote/modules/pam/data.old/etc/idmapd.conf
 delete mode 100644 remote/modules/pam/data.old/etc/krb5.conf
 delete mode 100644 remote/modules/pam/data.old/etc/ldap.conf
 delete mode 100644 remote/modules/pam/data.old/etc/ldap/ldap.conf
 delete mode 100644 remote/modules/pam/data.old/etc/nsswitch.conf
 delete mode 120000 remote/modules/pam/data.old/etc/openldap/ldap.conf
 delete mode 120000 remote/modules/pam/data.old/etc/pam-script/pam_script_ses_close
 delete mode 120000 remote/modules/pam/data.old/etc/pam-script/pam_script_ses_open
 delete mode 100644 remote/modules/pam/data.old/etc/pam.d/common-account
 delete mode 100644 remote/modules/pam/data.old/etc/pam.d/common-auth
 delete mode 100644 remote/modules/pam/data.old/etc/pam.d/common-password
 delete mode 100644 remote/modules/pam/data.old/etc/pam.d/common-session
 delete mode 100644 remote/modules/pam/data.old/etc/pam.d/common-session-noninteractive
 delete mode 100644 remote/modules/pam/data.old/etc/pam.d/kdm
 delete mode 100644 remote/modules/pam/data.old/etc/pam.d/kdm-np
 delete mode 100644 remote/modules/pam/data.old/etc/pam.d/login
 delete mode 100644 remote/modules/pam/data.old/etc/pam.d/other
 delete mode 100644 remote/modules/pam/data.old/etc/pam.d/passwd
 delete mode 100644 remote/modules/pam/data.old/etc/pam.d/sshd
 delete mode 100644 remote/modules/pam/data.old/etc/pam.d/vmware-authd
 delete mode 100644 remote/modules/pam/data.old/etc/pam.d/xdm
 delete mode 100644 remote/modules/pam/data.old/etc/skel/README
 delete mode 100644 remote/modules/pam/data.old/etc/systemd/system/activate-nss-ldap.service
 delete mode 120000 remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/activate-nss-ldap.service
 delete mode 120000 remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/rpc-gssd.service
 delete mode 120000 remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/rpc-idmapd.service
 delete mode 100644 remote/modules/pam/data.old/etc/systemd/system/rpc-gssd.service
 delete mode 100644 remote/modules/pam/data.old/etc/systemd/system/rpc-idmapd.service
 delete mode 100644 remote/modules/pam/data.old/etc/systemd/system/run-rpc_pipefs.mount
 delete mode 100755 remote/modules/pam/data.old/opt/openslx/scripts/pam_script_ses_close
 delete mode 100755 remote/modules/pam/data.old/opt/openslx/scripts/pam_script_ses_open

diff --git a/remote/modules/pam/data.old/etc/gssapi_mech.conf b/remote/modules/pam/data.old/etc/gssapi_mech.conf
deleted file mode 100644
index ac41f5fd..00000000
--- a/remote/modules/pam/data.old/etc/gssapi_mech.conf
+++ /dev/null
@@ -1,21 +0,0 @@
-# Example /etc/gssapi_mech.conf file
-#
-# GSSAPI Mechanism Definitions
-#
-# This configuration file determines which GSS-API mechanisms
-# the gssd code should use
-#
-# NOTE:
-# The initiaiization function "mechglue_internal_krb5_init"
-# is used for the MIT krb5 gssapi mechanism.  This special
-# function name indicates that an internal function should
-# be used to determine the entry points for the MIT gssapi
-# mechanism funtions.
-#
-# library                               initialization function
-# ================================	==========================
-# The MIT K5 gssapi library, use special function for initialization.
-libgssapi_krb5.so.2			mechglue_internal_krb5_init
-#
-# The SPKM3 gssapi library function.  Use the function spkm3_gss_initialize.
-# /usr/local/gss_mechs/spkm/spkm3/libgssapi_spkm3.so    spkm3_gss_initialize
diff --git a/remote/modules/pam/data.old/etc/idmapd.conf b/remote/modules/pam/data.old/etc/idmapd.conf
deleted file mode 100644
index 2253cf0d..00000000
--- a/remote/modules/pam/data.old/etc/idmapd.conf
+++ /dev/null
@@ -1,12 +0,0 @@
-[General]
-
-Verbosity = 0
-Pipefs-Directory = /run/rpc_pipefs
-# set your own domain here, if id differs from FQDN minus hostname
-Domain = uni-freiburg.de
-# localdomain
-
-[Mapping]
-
-Nobody-User = nobody
-Nobody-Group = nogroup
diff --git a/remote/modules/pam/data.old/etc/krb5.conf b/remote/modules/pam/data.old/etc/krb5.conf
deleted file mode 100644
index 6fd49243..00000000
--- a/remote/modules/pam/data.old/etc/krb5.conf
+++ /dev/null
@@ -1,28 +0,0 @@
-# file copied from configuration package (rootfs/etc/krb5.conf)
-#########################################################################
-[libdefaults]
-    noaddresses = false
-    clockskew = 300
-    default_realm = PUBLIC.ADS.UNI-FREIBURG.DE
-    forwardable = true
-    minimum_uid = 1000
-    proxiable = false
-    renew_lifetime = 30d
-    retain_after_close = false
-    ticket_lifetime = 3d
-    use_shmem = sshd
-    allow_weak_crypto=true
-#########################################################################
-[realms]
-    PUBLIC.ADS.UNI-FREIBURG.DE = {
-        kdc = kerberos.uni-freiburg.de
-        default_domain = uni-freiburg.de
-        admin_server = kerberos.uni-freiburg.de
-    }
-#########################################################################
-[domain_realm]
-    uni-freiburg.de  = PUBLIC.ADS.UNI-FREIBURG.DE
-    .uni-freiburg.de = PUBLIC.ADS.UNI-FREIBURG.DE
-##########################################################################
-[appdefaults]
-#########################################################################
diff --git a/remote/modules/pam/data.old/etc/ldap.conf b/remote/modules/pam/data.old/etc/ldap.conf
deleted file mode 100644
index 483595d2..00000000
--- a/remote/modules/pam/data.old/etc/ldap.conf
+++ /dev/null
@@ -1,11 +0,0 @@
-URI ldaps://bv1.ruf.uni-freiburg.de ldaps://bv2.ruf.uni-freiburg.de ldaps://bv3.ruf.uni-freiburg.de
-BASE ou=people,dc=uni-freiburg,dc=de
-BIND_TIMELIMIT 5
-TIMELIMIT 10
-LOGDIR /tmp/ldap
-TLS_REQCERT allow
-nss_base_passwd        ou=people,dc=uni-freiburg,dc=de?one?rufdienst=ldap*)(&(rufclienthome=*)(rufstatus=enabled)
-nss_base_group         ou=group,dc=uni-freiburg,dc=de?one
-nss_map_attribute      homeDirectory rufClientHome
-
-nss_initgroups_ignoreusers avahi,avahi-autoipd,backup,bin,colord,daemon,distccd,games,git,gnats,hplip,irc,kdm,kernoops,libuuid,lightdm,list,lp,mail,man,messagebus,news,ntp,proxy,pulse,root,rtkit,saned,speech-dispatcher,sshd,statd,sync,sys,syslog,usbmux,uucp,whoopsie,www-data
diff --git a/remote/modules/pam/data.old/etc/ldap/ldap.conf b/remote/modules/pam/data.old/etc/ldap/ldap.conf
deleted file mode 100644
index 809065cc..00000000
--- a/remote/modules/pam/data.old/etc/ldap/ldap.conf
+++ /dev/null
@@ -1,7 +0,0 @@
-URI ldaps://bv1.ruf.uni-freiburg.de ldaps://bv2.ruf.uni-freiburg.de ldaps://bv3.ruf.uni-freiburg.de
-BASE ou=people,dc=uni-freiburg,dc=de
-TLS_REQCERT allow
-nss_base_passwd        ou=people,dc=uni-freiburg,dc=de?one?rufdienst=ldap*)(&(rufclienthome=*)(rufstatus=enabled)
-nss_base_group         ou=group,dc=uni-freiburg,dc=de?one
-nss_map_attribute      homeDirectory rufClientHome
-
diff --git a/remote/modules/pam/data.old/etc/nsswitch.conf b/remote/modules/pam/data.old/etc/nsswitch.conf
deleted file mode 100644
index d270cbac..00000000
--- a/remote/modules/pam/data.old/etc/nsswitch.conf
+++ /dev/null
@@ -1,19 +0,0 @@
-# /etc/nsswitch.conf
-#
-# Example configuration of GNU Name Service Switch functionality.
-# If you have the `glibc-doc-reference' and `info' packages installed, try:
-# `info libc "Name Service Switch"' for information about this file.
-
-passwd:		files
-group:		files
-shadow:         files
-
-hosts:          files mdns4_minimal [NOTFOUND=return] dns mdns4
-networks:       files
-
-protocols:      db files
-services:       db files
-ethers:         db files
-rpc:            db files
-
-netgroup:       nis
diff --git a/remote/modules/pam/data.old/etc/openldap/ldap.conf b/remote/modules/pam/data.old/etc/openldap/ldap.conf
deleted file mode 120000
index c0aaf459..00000000
--- a/remote/modules/pam/data.old/etc/openldap/ldap.conf
+++ /dev/null
@@ -1 +0,0 @@
-/etc/ldap.conf
\ No newline at end of file
diff --git a/remote/modules/pam/data.old/etc/pam-script/pam_script_ses_close b/remote/modules/pam/data.old/etc/pam-script/pam_script_ses_close
deleted file mode 120000
index f3682056..00000000
--- a/remote/modules/pam/data.old/etc/pam-script/pam_script_ses_close
+++ /dev/null
@@ -1 +0,0 @@
-/opt/openslx/scripts/pam_script_ses_close
\ No newline at end of file
diff --git a/remote/modules/pam/data.old/etc/pam-script/pam_script_ses_open b/remote/modules/pam/data.old/etc/pam-script/pam_script_ses_open
deleted file mode 120000
index 4f5598e5..00000000
--- a/remote/modules/pam/data.old/etc/pam-script/pam_script_ses_open
+++ /dev/null
@@ -1 +0,0 @@
-/opt/openslx/scripts/pam_script_ses_open
\ No newline at end of file
diff --git a/remote/modules/pam/data.old/etc/pam.d/common-account b/remote/modules/pam/data.old/etc/pam.d/common-account
deleted file mode 100644
index 3a5d5a14..00000000
--- a/remote/modules/pam/data.old/etc/pam.d/common-account
+++ /dev/null
@@ -1,26 +0,0 @@
-#
-# /etc/pam.d/common-account - authorization settings common to all services
-#
-# This file is included from other service-specific PAM config files,
-# and should contain a list of the authorization modules that define
-# the central access policy for use on the system.  The default is to
-# only deny service to users whose accounts are expired in /etc/shadow.
-#
-# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
-# To take advantage of this, it is recommended that you configure any
-# local modules either before or after the default block, and use
-# pam-auth-update to manage selection of other modules.  See
-# pam-auth-update(8) for details.
-#
-
-# here are the per-package modules (the "Primary" block)
-account	[success=2 new_authtok_reqd=done default=ignore]	pam_unix.so
-account [success=1 new_authtok_reqd=done default=ignore]	pam_ldap.so use_first_pass
-# here's the fallback if no module succeeds
-account	requisite			pam_deny.so
-# prime the stack with a positive return value if there isn't one already;
-# this avoids us returning an error just because nothing sets a success code
-# since the modules above will each just jump around
-account	required			pam_permit.so
-# and here are more per-package modules (the "Additional" block)
-# end of pam-auth-update config
diff --git a/remote/modules/pam/data.old/etc/pam.d/common-auth b/remote/modules/pam/data.old/etc/pam.d/common-auth
deleted file mode 100644
index 5b544395..00000000
--- a/remote/modules/pam/data.old/etc/pam.d/common-auth
+++ /dev/null
@@ -1,27 +0,0 @@
-#
-# /etc/pam.d/common-auth - authentication settings common to all services
-#
-# This file is included from other service-specific PAM config files,
-# and should contain a list of the authentication modules that define
-# the central authentication scheme for use on the system
-# (e.g., /etc/shadow, LDAP, Kerberos, etc.).  The default is to use the
-# traditional Unix authentication mechanisms.
-#
-# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
-# To take advantage of this, it is recommended that you configure any
-# local modules either before or after the default block, and use
-# pam-auth-update to manage selection of other modules.  See
-# pam-auth-update(8) for details.
-
-# here are the per-package modules (the "Primary" block)
-auth	[success=3 default=ignore]	pam_krb5.so minimum_uid=1000
-auth	[success=2 default=ignore]	pam_unix.so try_first_pass
-auth	[success=1 default=ignore]	pam_ldap.so use_first_pass nullok_secure
-# here's the fallback if no module succeeds
-auth	requisite			pam_deny.so
-# prime the stack with a positive return value if there isn't one already;
-# this avoids us returning an error just because nothing sets a success code
-# since the modules above will each just jump around
-auth	required			pam_permit.so
-# and here are more per-package modules (the "Additional" block)
-# end of pam-auth-update config
diff --git a/remote/modules/pam/data.old/etc/pam.d/common-password b/remote/modules/pam/data.old/etc/pam.d/common-password
deleted file mode 100644
index cb8c7b71..00000000
--- a/remote/modules/pam/data.old/etc/pam.d/common-password
+++ /dev/null
@@ -1,33 +0,0 @@
-#
-# /etc/pam.d/common-password - password-related modules common to all services
-#
-# This file is included from other service-specific PAM config files,
-# and should contain a list of modules that define the services to be
-# used to change user passwords.  The default is pam_unix.
-
-# Explanation of pam_unix options:
-#
-# The "sha512" option enables salted SHA512 passwords.  Without this option,
-# the default is Unix crypt.  Prior releases used the option "md5".
-#
-# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
-# login.defs.
-#
-# See the pam_unix manpage for other options.
-
-# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
-# To take advantage of this, it is recommended that you configure any
-# local modules either before or after the default block, and use
-# pam-auth-update to manage selection of other modules.  See
-# pam-auth-update(8) for details.
-
-# here are the per-package modules (the "Primary" block)
-password	[success=1 default=ignore]	pam_unix.so obscure sha512
-# here's the fallback if no module succeeds
-password	requisite			pam_deny.so
-# prime the stack with a positive return value if there isn't one already;
-# this avoids us returning an error just because nothing sets a success code
-# since the modules above will each just jump around
-password	required			pam_permit.so
-# and here are more per-package modules (the "Additional" block)
-# end of pam-auth-update config
diff --git a/remote/modules/pam/data.old/etc/pam.d/common-session b/remote/modules/pam/data.old/etc/pam.d/common-session
deleted file mode 100644
index 6182d470..00000000
--- a/remote/modules/pam/data.old/etc/pam.d/common-session
+++ /dev/null
@@ -1,37 +0,0 @@
-#
-# /etc/pam.d/common-session - session-related modules common to all services
-#
-# This file is included from other service-specific PAM config files,
-# and should contain a list of modules that define tasks to be performed
-# at the start and end of sessions of *any* kind (both interactive and
-# non-interactive).
-#
-# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
-# To take advantage of this, it is recommended that you configure any
-# local modules either before or after the default block, and use
-# pam-auth-update to manage selection of other modules.  See
-# pam-auth-update(8) for details.
-
-# here are the per-package modules (the "Primary" block)
-session	[default=1]     pam_permit.so
-# here's the fallback if no module succeeds
-session	requisite       pam_deny.so
-# prime the stack with a positive return value if there isn't one already;
-# this avoids us returning an error just because nothing sets a success code
-# since the modules above will each just jump around
-session	required        pam_permit.so
-# The pam_umask module will set the umask according to the system default in
-# /etc/login.defs and user settings, solving the problem of different
-# umask settings with different shells, display managers, remote sessions etc.
-# See "man pam_umask".
-session optional        pam_umask.so
-# and here are more per-package modules (the "Additional" block)
-session	required        pam_systemd.so
-session optional        pam_env.so readenv=1
-session optional        pam_env.so readenv=1 envfile=/etc/default/locale
-session	optional        pam_krb5.so minimum_uid=1000
-session	[success=1]     pam_unix.so 
-session [success=ok]    pam_ldap.so
-session	sufficient      pam_script.so
-session optional        pam_mkhomedir.so skel=/etc/skel umask=0022
-# end of pam-auth-update config
diff --git a/remote/modules/pam/data.old/etc/pam.d/common-session-noninteractive b/remote/modules/pam/data.old/etc/pam.d/common-session-noninteractive
deleted file mode 100644
index 1fee2c4f..00000000
--- a/remote/modules/pam/data.old/etc/pam.d/common-session-noninteractive
+++ /dev/null
@@ -1,30 +0,0 @@
-#
-# /etc/pam.d/common-session-noninteractive - session-related modules
-# common to all non-interactive services
-#
-# This file is included from other service-specific PAM config files,
-# and should contain a list of modules that define tasks to be performed
-# at the start and end of all non-interactive sessions.
-#
-# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
-# To take advantage of this, it is recommended that you configure any
-# local modules either before or after the default block, and use
-# pam-auth-update to manage selection of other modules.  See
-# pam-auth-update(8) for details.
-
-# here are the per-package modules (the "Primary" block)
-session	[default=1]			pam_permit.so
-# here's the fallback if no module succeeds
-session	requisite			pam_deny.so
-# prime the stack with a positive return value if there isn't one already;
-# this avoids us returning an error just because nothing sets a success code
-# since the modules above will each just jump around
-session	required			pam_permit.so
-# The pam_umask module will set the umask according to the system default in
-# /etc/login.defs and user settings, solving the problem of different
-# umask settings with different shells, display managers, remote sessions etc.
-# See "man pam_umask".
-session optional			pam_umask.so
-# and here are more per-package modules (the "Additional" block)
-session	required	pam_unix.so 
-# end of pam-auth-update config
diff --git a/remote/modules/pam/data.old/etc/pam.d/kdm b/remote/modules/pam/data.old/etc/pam.d/kdm
deleted file mode 100644
index e6a4ec9b..00000000
--- a/remote/modules/pam/data.old/etc/pam.d/kdm
+++ /dev/null
@@ -1,10 +0,0 @@
-#
-# /etc/pam.d/kdm - specify the PAM behaviour of kdm
-#
-auth       required     pam_nologin.so
-auth       required     pam_env.so readenv=1
-auth       required     pam_env.so readenv=1 envfile=/etc/default/locale
-auth       include      common-auth
-account    include      common-account
-password   include      common-password
-session    include      common-session
diff --git a/remote/modules/pam/data.old/etc/pam.d/kdm-np b/remote/modules/pam/data.old/etc/pam.d/kdm-np
deleted file mode 100644
index dc10e5b5..00000000
--- a/remote/modules/pam/data.old/etc/pam.d/kdm-np
+++ /dev/null
@@ -1,11 +0,0 @@
-#
-# /etc/pam.d/kdm-np - specify the PAM behaviour of kdm for passwordless logins
-#
-auth       required     pam_nologin.so
-auth       required     pam_env.so readenv=1
-auth       required     pam_env.so readenv=1 envfile=/etc/default/locale
-session    required     pam_limits.so
-account    include      common-account
-password   include      common-password
-session    include      common-session
-auth       required     pam_permit.so
diff --git a/remote/modules/pam/data.old/etc/pam.d/login b/remote/modules/pam/data.old/etc/pam.d/login
deleted file mode 100644
index 1065f351..00000000
--- a/remote/modules/pam/data.old/etc/pam.d/login
+++ /dev/null
@@ -1,101 +0,0 @@
-#
-# The PAM configuration file for the Shadow `login' service
-#
-
-# Enforce a minimal delay in case of failure (in microseconds).
-# (Replaces the `FAIL_DELAY' setting from login.defs)
-# Note that other modules may require another minimal delay. (for example,
-# to disable any delay, you should add the nodelay option to pam_unix)
-auth       optional   pam_faildelay.so  delay=3000000
-
-# Outputs an issue file prior to each login prompt (Replaces the
-# ISSUE_FILE option from login.defs). Uncomment for use
-# auth       required   pam_issue.so issue=/etc/issue
-
-# Disallows root logins except on tty's listed in /etc/securetty
-# (Replaces the `CONSOLE' setting from login.defs)
-#
-# With the default control of this module:
-#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
-# root will not be prompted for a password on insecure lines.
-# if an invalid username is entered, a password is prompted (but login
-# will eventually be rejected)
-#
-# You can change it to a "requisite" module if you think root may mis-type
-# her login and should not be prompted for a password in that case. But
-# this will leave the system as vulnerable to user enumeration attacks.
-#
-# You can change it to a "required" module if you think it permits to
-# guess valid user names of your system (invalid user names are considered
-# as possibly being root on insecure lines), but root passwords may be
-# communicated over insecure lines.
-auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
-
-# Disallows other than root logins when /etc/nologin exists
-# (Replaces the `NOLOGINS_FILE' option from login.defs)
-auth       requisite  pam_nologin.so
-
-# SELinux needs to be the first session rule. This ensures that any 
-# lingering context has been cleared. Without out this it is possible 
-# that a module could execute code in the wrong domain.
-# When the module is present, "required" would be sufficient (When SELinux
-# is disabled, this returns success.)
-# OpenSLX: Not Needed?
-#session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
-
-# This module parses environment configuration file(s)
-# and also allows you to use an extended config
-# file /etc/security/pam_env.conf.
-# 
-# parsing /etc/environment needs "readenv=1"
-session       required   pam_env.so readenv=1
-# locale variables are also kept into /etc/default/locale in etch
-# reading this file *in addition to /etc/environment* does not hurt
-session       required   pam_env.so readenv=1 envfile=/etc/default/locale
-
-# Standard Un*x authentication.
-auth include common-auth
-
-# TODO do we need this?
-# This allows certain extra groups to be granted to a user
-# based on things like time of day, tty, service, and user.
-# Please edit /etc/security/group.conf to fit your needs
-# (Replaces the `CONSOLE_GROUPS' option in login.defs)
-#auth       optional   pam_group.so
-
-# Uncomment and edit /etc/security/time.conf if you need to set
-# time restrainst on logins.
-# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
-# as well as /etc/porttime)
-# account    requisite  pam_time.so
-
-# Uncomment and edit /etc/security/access.conf if you need to
-# set access limits.
-# (Replaces /etc/login.access file)
-# account  required       pam_access.so
-
-# TODO do we need this?
-# Sets up user limits according to /etc/security/limits.conf
-# (Replaces the use of /etc/limits in old login)
-#session    required   pam_limits.so
-
-# TODO check if this is needed
-# Prints the last login info upon succesful login
-# (Replaces the `LASTLOG_ENAB' option from login.defs)
-session    optional   pam_lastlog.so
-
-# Prints the motd upon succesful login
-# (Replaces the `MOTD_FILE' option in login.defs)
-session    optional   pam_motd.so
-
-# Standard Un*x account and session
-account include common-account
-session include common-session
-password include common-password
-
-# SELinux needs to intervene at login time to ensure that the process
-# starts in the proper default security context. Only sessions which are
-# intended to run in the user's context should be run after this.
-session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
-# When the module is present, "required" would be sufficient (When SELinux
-# is disabled, this returns success.)
diff --git a/remote/modules/pam/data.old/etc/pam.d/other b/remote/modules/pam/data.old/etc/pam.d/other
deleted file mode 100644
index 840eb77f..00000000
--- a/remote/modules/pam/data.old/etc/pam.d/other
+++ /dev/null
@@ -1,10 +0,0 @@
-#%PAM-1.0
-auth	 required	pam_warn.so
-auth	 required	pam_deny.so
-account  required	pam_warn.so
-account	 required	pam_deny.so
-password required	pam_warn.so
-password required	pam_deny.so
-session  required       pam_warn.so
-session	 required	pam_deny.so
-
diff --git a/remote/modules/pam/data.old/etc/pam.d/passwd b/remote/modules/pam/data.old/etc/pam.d/passwd
deleted file mode 100644
index 32eaa3c6..00000000
--- a/remote/modules/pam/data.old/etc/pam.d/passwd
+++ /dev/null
@@ -1,6 +0,0 @@
-#
-# The PAM configuration file for the Shadow `passwd' service
-#
-
-password include common-password
-
diff --git a/remote/modules/pam/data.old/etc/pam.d/sshd b/remote/modules/pam/data.old/etc/pam.d/sshd
deleted file mode 100644
index 8954d639..00000000
--- a/remote/modules/pam/data.old/etc/pam.d/sshd
+++ /dev/null
@@ -1,41 +0,0 @@
-# PAM configuration for the Secure Shell service
-
-# Read environment variables from /etc/environment and
-# /etc/security/pam_env.conf.
-auth       required     pam_env.so # [1]
-# In Debian 4.0 (etch), locale-related environment variables were moved to
-# /etc/default/locale, so read that as well.
-auth       required     pam_env.so envfile=/etc/default/locale
-
-# Standard Un*x authentication.
-auth include common-auth
-
-# Disallow non-root logins when /etc/nologin exists.
-account    required     pam_nologin.so
-
-# Uncomment and edit /etc/security/access.conf if you need to set complex
-# access limits that are hard to express in sshd_config.
-# account  required     pam_access.so
-
-# Standard Un*x authorization.
-account include common-account
-
-# Standard Un*x session setup and teardown.
-session include common-session
-
-# Print the message of the day upon successful login.
-session    optional     pam_motd.so # [1]
-
-# TODO do we need this?
-# Print the status of the user's mailbox upon successful login.
-#session    optional     pam_mail.so standard noenv # [1]
-
-# TODO do we need this?
-# Set up user limits from /etc/security/limits.conf.
-#session    required     pam_limits.so
-
-# Set up SELinux capabilities (need modified pam)
-# session  required     pam_selinux.so multiple
-
-# Standard Un*x password updating.
-password include common-password
diff --git a/remote/modules/pam/data.old/etc/pam.d/vmware-authd b/remote/modules/pam/data.old/etc/pam.d/vmware-authd
deleted file mode 100644
index 1f9b60f9..00000000
--- a/remote/modules/pam/data.old/etc/pam.d/vmware-authd
+++ /dev/null
@@ -1,6 +0,0 @@
-#%PAM-1.0
-auth     include        common-auth
-account  include        common-account
-password include        common-password
-session  include        common-session
-
diff --git a/remote/modules/pam/data.old/etc/pam.d/xdm b/remote/modules/pam/data.old/etc/pam.d/xdm
deleted file mode 100644
index d21651db..00000000
--- a/remote/modules/pam/data.old/etc/pam.d/xdm
+++ /dev/null
@@ -1,6 +0,0 @@
-#%PAM-1.0
-auth     include        common-auth
-account  include        common-account
-password include        common-password
-session  required       pam_loginuid.so
-session  include        common-session
diff --git a/remote/modules/pam/data.old/etc/skel/README b/remote/modules/pam/data.old/etc/skel/README
deleted file mode 100644
index 92ed817c..00000000
--- a/remote/modules/pam/data.old/etc/skel/README
+++ /dev/null
@@ -1,7 +0,0 @@
-IMPORTANT
-
-If you see this file, then your home directory was created upon logging in.
-This means that the files saved here will be LOST once you shutdown the machine.
-To save your work, save it elsewhere (USB-Stick, Online, ...).
-
-You have been warned.
diff --git a/remote/modules/pam/data.old/etc/systemd/system/activate-nss-ldap.service b/remote/modules/pam/data.old/etc/systemd/system/activate-nss-ldap.service
deleted file mode 100644
index bbac775a..00000000
--- a/remote/modules/pam/data.old/etc/systemd/system/activate-nss-ldap.service
+++ /dev/null
@@ -1,10 +0,0 @@
-[Unit]
-Description=Activate NSS-LDAP lookups
-Before=graphical.target
-
-[Service]
-Type=oneshot
-ExecStart=-/opt/openslx/bin/mkdir /tmp/ldap
-ExecStart=/opt/openslx/bin/sed -i -e 's/^passwd:.*$/passwd:\t\tcache files ldap/;s/^group:.*$/group:\t\tcache files ldap/;s/^hosts:.*files/hosts:\t\tcache files/' /etc/nsswitch.conf
-ExecStart=/usr/bin/systemctl restart nscd
-
diff --git a/remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/activate-nss-ldap.service b/remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/activate-nss-ldap.service
deleted file mode 120000
index 1102840c..00000000
--- a/remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/activate-nss-ldap.service
+++ /dev/null
@@ -1 +0,0 @@
-../activate-nss-ldap.service
\ No newline at end of file
diff --git a/remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/rpc-gssd.service b/remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/rpc-gssd.service
deleted file mode 120000
index 194aba77..00000000
--- a/remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/rpc-gssd.service
+++ /dev/null
@@ -1 +0,0 @@
-../rpc-gssd.service
\ No newline at end of file
diff --git a/remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/rpc-idmapd.service b/remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/rpc-idmapd.service
deleted file mode 120000
index 66a28252..00000000
--- a/remote/modules/pam/data.old/etc/systemd/system/getty.target.wants/rpc-idmapd.service
+++ /dev/null
@@ -1 +0,0 @@
-../rpc-idmapd.service
\ No newline at end of file
diff --git a/remote/modules/pam/data.old/etc/systemd/system/rpc-gssd.service b/remote/modules/pam/data.old/etc/systemd/system/rpc-gssd.service
deleted file mode 100644
index 79ffce8d..00000000
--- a/remote/modules/pam/data.old/etc/systemd/system/rpc-gssd.service
+++ /dev/null
@@ -1,7 +0,0 @@
-[Unit]
-Description=NFS rpcsec_gss daemon
-Requires=run-rpc_pipefs.mount
-After=run-rpc_pipefs.mount
-
-[Service]
-ExecStart=/usr/sbin/rpc.gssd -f -vvv -p /run/rpc_pipefs
diff --git a/remote/modules/pam/data.old/etc/systemd/system/rpc-idmapd.service b/remote/modules/pam/data.old/etc/systemd/system/rpc-idmapd.service
deleted file mode 100644
index c4da93e7..00000000
--- a/remote/modules/pam/data.old/etc/systemd/system/rpc-idmapd.service
+++ /dev/null
@@ -1,7 +0,0 @@
-[Unit]
-Description=NFSv4 ID-name mapping daemon
-Requires=network.target run-rpc_pipefs.mount
-After=network.target
-
-[Service]
-ExecStart=/usr/sbin/rpc.idmapd -f
diff --git a/remote/modules/pam/data.old/etc/systemd/system/run-rpc_pipefs.mount b/remote/modules/pam/data.old/etc/systemd/system/run-rpc_pipefs.mount
deleted file mode 100644
index 692adce8..00000000
--- a/remote/modules/pam/data.old/etc/systemd/system/run-rpc_pipefs.mount
+++ /dev/null
@@ -1,7 +0,0 @@
-[Unit]
-Description=Pipefs RPC filesystem
-
-[Mount]
-What=rpc_pipefs
-Where=/run/rpc_pipefs
-Type=rpc_pipefs
diff --git a/remote/modules/pam/data.old/opt/openslx/scripts/pam_script_ses_close b/remote/modules/pam/data.old/opt/openslx/scripts/pam_script_ses_close
deleted file mode 100755
index 2b6f6105..00000000
--- a/remote/modules/pam/data.old/opt/openslx/scripts/pam_script_ses_close
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/bash
-
-export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin"
-
-[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Closing session for $PAM_USER"
-
-# TODO check if its the last session of the user.
-
-[ $(id -g $PAM_USER) -ge 1000 ] && umount /home/$PAM_USER
diff --git a/remote/modules/pam/data.old/opt/openslx/scripts/pam_script_ses_open b/remote/modules/pam/data.old/opt/openslx/scripts/pam_script_ses_open
deleted file mode 100755
index f5ad8af1..00000000
--- a/remote/modules/pam/data.old/opt/openslx/scripts/pam_script_ses_open
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/bash
-
-export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin"
-
-[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Opening session for $PAM_USER"
-
-if [ $(id -g $PAM_USER) -ge 1000 ]; then
-	[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Mounting home directory for $PAM_USER"
-
-	# generate keytab
-	sslconnect npserv.ruf.uni-freiburg.de:3 > /etc/krb5.keytab
-	chmod 600 /etc/krb5.keytab
-
-	# determine fileserver and share for home directories
-	ldapsearch -x -LLL uid="$PAM_USER" homeDirectory rufFileserver > /tmp/ldapsearch."$PAM_USER"
-
-	FILESERVER=$(cat /tmp/ldapsearch.$PAM_USER | grep rufFileserver | cut -d" " -f2)
-	VOLUME=$(cat /tmp/ldapsearch.$PAM_USER | grep homeDirectory | cut -d" " -f2)
-
-	# now we can mount the home directory
-	mkdir -p /home/$PAM_USER
-	if mount -t nfs4 -o rw,nosuid,nodev,nolock,intr,hard,sloppy,sec=krb5p "$FILESERVER":"$VOLUME" /home/"$PAM_USER"; then
-		exit 0
-	else
-		echo "Failed to mount home directory for $PAM_USER"
-		exit 1
-	fi
-	
-fi
-
diff --git a/server/export_target b/server/export_target
index 1a87650a..aa4795c5 100755
--- a/server/export_target
+++ b/server/export_target
@@ -86,6 +86,10 @@ generate_addons() {
 	mksquashfs "${SERVER_BUILD_DIR}/${TARGET}" "${SERVER_BOOT_DIR}/${TARGET}.sqfs" -comp xz -b 1M -no-recovery >&6 || perror "mksquashfs failed ($?)."
 }
 
+generate_config() {
+	# generate config from the target directory
+}
+
 export_target() {
 
 initial_checks
-- 
cgit v1.2.3-55-g7522