#!/bin/sh
#
# Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
# Use is subject to license terms.
#
#ident	"@(#)postinstall	1.4	08/05/05 SMI"
#

# Remove the TX tsoljds-tstripe s10u4 workaround in pam.conf if found.
# (This was added in previous SUNWtsr postinstall and is not needed now.)
# Use a new stack that will be correct whether TX is enabled or not.

PAM_DEST=$BASEDIR/etc/pam.conf
TMPFILE=/tmp/pam_conf.$$

if [ ! -f ${PAM_DEST} ]; then
	exit 0
fi

JDSLINES=`grep '^tsoljds-tstripe.*account' $PAM_DEST |wc -l`
if [ $JDSLINES -ne 2 ]; then
	exit 0
fi

grep '^tsoljds-tstripe.*account.*pam_roles' $PAM_DEST > /dev/null 2>&1
if [ $? -ne 0 ]; then
	exit 0
fi

grep '^tsoljds-tstripe.*account.*pam_tsol_account' $PAM_DEST > /dev/null 2>&1
if [ $? -ne 0 ]; then
	exit 0
fi

# First remove old entries
grep -v '^tsoljds-tstripe.*account' $PAM_DEST > $TMPFILE

# Append correct new stack
# No comments or blank lines allowed in entries below.
cat >> $TMPFILE << EOF
tsoljds-tstripe		account		requisite	pam_roles.so.1
tsoljds-tstripe		account		required	pam_unix_account.so.1
EOF

echo "$0: $PAM_DEST "tsoljds-tstripe" entries corrected"

cp $TMPFILE $PAM_DEST
rm -f $TMPFILE

exit 0