#!/bin/bash
cd /usr/src/Linux-PAM-*/ ||exit

#2do: docu needs sgml2html/txt/latex, ps2pdf

#update cracklib check:
sed -i 's@DICT_DIR_CANDIDATES="/usr/lib@DICT_DIR_CANDIDATES="/lib /usr/lib@g' configure

#my on optimization patch:
sed -i 's@"-O3 -march=i686"@"$MYCFLAGS"@g' configure



#--enable-static-libpam: build static PAM libs as well as dynamic libs
#--with-mailspool=/var/mail: makes the mailspool directory FHS compliant.
#--with-suplementedir=/usr/lib: put unix_chkpwd in FHS location
#--enable-read-both-confs:  This  switch  lets  the local administrator choose which configuration file setup to use.
export MYCFLAGS=$CFLAGS &&
./configure --libdir=/usr/lib --sbindir=/lib/security \
  --enable-securedir=/lib/security --enable-read-both-confs &&
  #older: --enable-static-libpam --with-mailspool=/var/mail --sysconfdir=/etc --mandir=/usr/share/man &&
make &&
make install &&
mv /usr/lib/libpam*.so.0* /lib &&
ln -sf /lib/libpam.so /usr/lib/libpam.so &&
ln -sf /lib/libpam_misc.so /usr/lib/libpam_misc.so &&
ln -sf /lib/libpamc.so /usr/lib/libpamc.so



#configuration is placed in /etc/pam.d or /etc/pam.conf depending
#on the application that is using PAM. I prefer the first method:

mkdir -p /etc/pam.d &&
#we allow everything for every program teporary (until shadow install):
cat >/etc/pam.d/other <<"EOF"
# Begin temporary /etc/pam.d/other
auth		required	pam_unix.so	nullok
account		required	pam_unix.so
session		required	pam_unix.so
password	required	pam.unix.so	nullok
# End temporary /etc/pam.d/other
EOF