#!/bin/sh

pamdir=/etc/pam.d
pamcommon="login su sumac sumac.xauth fly-dm fly-dm-np xrdp-sesman sshd"

install_pam_ald_mac()
{
	awk 'BEGIN{ \
			is_mac_session=0; \
		} \
		{ \
			print $0; \
			if (is_mac_session == 0 && $1 ~ "session" && $2 ~ "required" && $3 ~ "pam_parsec_mac.so" && ($4 == "" || $4 == "stub")) \
			{ \
				print "session required pam_ald_mac.so"; \
				is_mac_session = 1 \
			} \
		}' $1
}

uninstall_pam_ald_mac()
{
        egrep -v 'pam_ald_mac.so' $1
}

del()
{
	for cfg in $pamcommon; do
		if [ ! -w $pamdir/$cfg ]; then
			continue
		fi
                uninstall_pam_ald_mac $pamdir/$cfg > $pamdir/$cfg.ald
                mv $pamdir/$cfg.ald $pamdir/$cfg
	done
}

add()
{
	for cfg in $pamcommon; do
		if [ ! -w $pamdir/$cfg ]; then
			continue
		fi
                install_pam_ald_mac $pamdir/$cfg > $pamdir/$cfg.ald
                mv $pamdir/$cfg.ald $pamdir/$cfg
	done
}

fix()
{
	del
	add
}

case "$1" in
  add)
	add
	errcode=$?
	;;
  del)
	del
	errcode=$?
        ;;
  fix)
	fix
	errcode=$?
	;;
  *)
	echo "Usage: $0 {add|del|fix}" >&2
	exit 1
	;;
esac

exit $errcode
