Addded postrm script

CMakeLists.txt

@@ -16,7 +16,6 @@ set(CMAKE_CXX_EXTENSIONS NO)
 add_compile_options(-Wall -Wextra -Wpedantic -Wno-format-security)
 
 option(ENABLE_TESTS "Enable tests" OFF)
-
 add_custom_target(CONFIG_IDE SOURCES ${CMAKE_CURRENT_LIST_DIR}/rsc/rublon.config.defaults)
 add_custom_target(INSTSCRIPTS_IDE SUORCES ${CMAKE_CURRENT_LIST_DIR}/service/postinst)
 
@@ -36,10 +35,22 @@ install(
         GROUP_READ
 )
 
+install(
+    FILES
+        ${CMAKE_CURRENT_LIST_DIR}/service/01_rublon_ssh.conf.default
+    DESTINATION
+        share/rublon
+    COMPONENT
+        PAM
+    PERMISSIONS
+        OWNER_READ
+        OWNER_WRITE
+        GROUP_READ
+)
+
 if (${ENABLE_TESTS})
     enable_testing()
 endif()
 
 add_subdirectory(PAM/ssh)
-
 include(pack.cmake)

pack.cmake

@@ -28,8 +28,12 @@ set(CPACK_DEB_COMPONENT_INSTALL YES)
 set(CPACK_DEBIAN_PACKAGE_SHLIBDEPS YES)
 
 set(CPACK_GENERATOR "DEB")
+#set(CPACK_GENERATOR "RPM")
+#set(CPACK_RPM_SPEC_MORE_DEFINE "%define _build_id_links none")
+#set(CPACK_RPM_FILE_NAME RPM-DEFAULT)
 # set(CPACK_DEBIAN_DEV_PACKAGE_DEPENDS "libcurl4(>= 7.0.0), libc(>= 2.0)")
 # set(CPACK_DEBIAN_PACKAGE_DEPENDS "libcurl4(>= 7.0.0), libc(>= 2.0), libssl(>= 1.0)")
-set(CPACK_DEBIAN_PACKAGE_CONTROL_EXTRA "${CMAKE_CURRENT_SOURCE_DIR}/service/postinst")
+set(CPACK_DEBIAN_PACKAGE_CONTROL_EXTRA 
+	"${CMAKE_CURRENT_SOURCE_DIR}/service/postinst;${CMAKE_CURRENT_SOURCE_DIR}/service/postrm")
 
 include(CPack)

service/01_rublon_ssh.conf.default

@@ -0,0 +1,4 @@
+UsePAM yes
+PasswordAuthentication yes
+ChallengeResponseAuthentication yes
+#KbdInteractiveAuthentication no

service/postinst

@@ -3,6 +3,7 @@
 SSHD_CONF=/etc/ssh/sshd_config
 SSHD_PAM_CONF=/etc/pam.d/sshd
 RUBLON_CONFIG=/etc/rublon.config
+RUBLON_SSH_CONFIG=/etc/ssh/sshd_config.d/01_rublon_ssh.conf
 
 if [ ! -f /etc/rublon.config ]
 then
@@ -11,24 +12,24 @@ then
     chmod 640 $RUBLON_CONFIG
 fi
 
+if [ ! -f /etc/ssh/sshd_config.d/01_rublon_ssh.conf ]
+then
+    cp -a /usr/share/rublon/01_rublon_ssh.conf.default $RUBLON_SSH_CONFIG
+    chown root:root $RUBLON_SSH_CONFIG
+    chmod 640 $RUBLON_SSH_CONFIG
+fi
 if [ -f /etc/os-release ]
 then
     . /etc/os-release
 fi
 
-grep -qe "^PasswordAuthentication" $SSHD_CONF && \
-    sed -i 's/^#*PasswordAuthentication[[:space:]]\+.*/PasswordAuthentication yes/' $SSHD_CONF || \
-    echo "PasswordAuthentication yes" >> $SSHD_CONF
-
-grep -qe "^ChallengeResponseAuthentication" $SSHD_CONF && \
-    sed -i 's/^#*ChallengeResponseAuthentication[[:space:]]\+.*/ChallengeResponseAuthentication yes/' $SSHD_CONF || \
-    echo "ChallengeResponseAuthentication yes" >> $SSHD_CONF
-
-grep -qe "^UsePAM" $SSHD_CONF && \
-    sed -i 's/^#*UsePAM[[:space:]]\+.*/UsePAM yes/' $SSHD_CONF || \
-    echo "UsePAM yes" >> $SSHD_CONF
-    
-sed -i 's/KbdInteractiveAuthentication/#KbdInteractiveAuthentication/' $SSHD_CONF
+if [ $ID == "rhel" ]
+then
+	cd /home/vagrant/Rublon-Linux/service
+    	checkmodule -M -m -o login_rublon.mod login_rublon.te
+	semodule_package -o login_rublon.pp -m login_rublon.mod
+	semodule -i login_rublon.pp
+fi
 
 grep -qe 'auth required pam_rublon.so' $SSHD_PAM_CONF || sed -i '$aauth required pam_rublon.so' $SSHD_PAM_CONF
 grep -qe 'account required pam_rublon.so' $SSHD_PAM_CONF || sed -i '$aaccount required pam_rublon.so' $SSHD_PAM_CONF

service/postrm

@@ -0,0 +1,22 @@
+#!/bin/bash
+
+RUBLON_CONFIG=/etc/rublon.config
+RUBLON_SSH_CONFIG=/etc/ssh/sshd_config.d/01_rublon_ssh.conf
+SSHD_PAM_CONF=/etc/pam.d/sshd
+
+if [ $1 == 'purge' ]
+then
+	if [ -f $RUBLON_CONFIG ]
+	then
+	rm $RUBLON_CONFIG
+	fi
+
+	if [ -f $RUBLON_SSH_CONFIG ]
+	then
+	rm $RUBLON_SSH_CONFIG
+	fi
+fi
+
+sed -i '/auth required pam_rublon.so/d' $SSHD_PAM_CONF
+sed -i '/account required pam_rublon.so/d' $SSHD_PAM_CONF
+