From d0ec0cb1a07336ea8d8d3f243ae6fb04bababa60 Mon Sep 17 00:00:00 2001
From: unknown <m.w@linux.pl>
Date: Wed, 9 Oct 2024 19:52:36 +0200
Subject: [PATCH] add missing files

---
 service/helpers/postinst_suse      | 26 +++++++++++++++++++++
 service/helpers/pubkey_install_deb | 37 ++++++++++++++++++++++++++++++
 service/pubkey_install_deb         | 37 ++++++++++++++++++++++++++++++
 3 files changed, 100 insertions(+)
 create mode 100644 service/helpers/postinst_suse
 create mode 100644 service/helpers/pubkey_install_deb
 create mode 100644 service/pubkey_install_deb

diff --git a/service/helpers/postinst_suse b/service/helpers/postinst_suse
new file mode 100644
index 0000000..3186d09
--- /dev/null
+++ b/service/helpers/postinst_suse
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+SSHD_CONF=/etc/ssh/sshd_config
+SSHD_PAM_CONF=/etc/pam.d/sshd
+RUBLON_CONFIG=/etc/rublon.config
+RUBLON_SSH_CONFIG=/etc/ssh/01-rublon-ssh.conf
+
+if [ ! -f /etc/rublon.config ]
+then
+    cp -a /usr/share/rublon/rublon.config.defaults $RUBLON_CONFIG
+    chown root:root $RUBLON_CONFIG
+    chmod 640 $RUBLON_CONFIG
+fi
+
+if [ ! -f $RUBLON_SSH_CONFIG ]
+then
+    cp -a /usr/share/rublon/01-rublon-ssh.conf.default /etc/ssh/01-rublon-ssh.conf
+    chown root:root $RUBLON_SSH_CONFIG
+    chmod 640 $RUBLON_SSH_CONFIG
+fi
+
+sed -i '1 i\Include /etc/ssh/01-rublon-ssh.conf' $SSHD_CONF
+grep -qe 'auth required pam_rublon.so' $SSHD_PAM_CONF || sed -i '$aauth required pam_rublon.so' $SSHD_PAM_CONF
+grep -qe 'account required pam_rublon.so' $SSHD_PAM_CONF || sed -i '$aaccount required pam_rublon.so' $SSHD_PAM_CONF
+
+systemctl restart sshd
diff --git a/service/helpers/pubkey_install_deb b/service/helpers/pubkey_install_deb
new file mode 100644
index 0000000..c4d59fc
--- /dev/null
+++ b/service/helpers/pubkey_install_deb
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+SSHD_CONF=/etc/ssh/sshd_config
+SSHD_PAM_CONF=/etc/pam.d/sshd
+RUBLON_SSH_CONFIG=/etc/ssh/sshd_config.d/01-rublon-ssh.conf
+
+cp -a /usr/share/rublon/01-rublon-ssh_pubkey.conf.default $RUBLON_SSH_CONFIG
+chown root:root $RUBLON_SSH_CONFIG
+chmod 640 $RUBLON_SSH_CONFIG
+
+if [ -f /etc/os-release ]
+then
+    . /etc/os-release
+fi
+sed -i '/auth required pam_rublon.so/d' $SSHD_PAM_CONF
+
+if [[ $ID == "rhel" || $ID=="alma" || $ID=="rocky" || $ID=="Centos" ]]
+then
+grep -qe 'auth required pam_rublon.so' $SSHD_PAM_CONF || sed -i '$aauth required pam_rublon.so' $SSHD_PAM_CONF
+grep -qe '#auth       substack     password-auth' $SSHD_PAM_CONF || sed -i -e 's/auth       substack     password-auth/#auth substack password-auth/g' $SSHD_PAM_CONF
+
+elif [ $ID = "Debian" ]
+then
+grep -qe 'auth requisite pam_rublon.so' $SSHD_PAM_CONF || sed -i '$aauth requisite pam_rublon.so' $SSHD_PAM_CONF
+else 
+   grep -qe 'auth requisite pam_rublon.so' $SSHD_PAM_CONF || sed -i '$aauth requisite pam_rublon.so' $SSHD_PAM_CONF
+   grep -qe 'account required pam_rublon.so' $SSHD_PAM_CONF || sed -i '$aaccount required pam_rublon.so' $SSHD_PAM_CONF
+fi
+
+grep -qe '#@include common-auth' $SSHD_PAM_CONF || sed -i 's/@include common-auth/#@include common-auth/' $SSHD_PAM_CONF
+if [[ $ID == "rhel" || $ID=="alma" || $ID=="rocky" || $ID=="Centos" ]]
+then
+systemctl restart sshd
+else
+deb-systemd-invoke restart ssh.service
+fi
+
diff --git a/service/pubkey_install_deb b/service/pubkey_install_deb
new file mode 100644
index 0000000..c4d59fc
--- /dev/null
+++ b/service/pubkey_install_deb
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+SSHD_CONF=/etc/ssh/sshd_config
+SSHD_PAM_CONF=/etc/pam.d/sshd
+RUBLON_SSH_CONFIG=/etc/ssh/sshd_config.d/01-rublon-ssh.conf
+
+cp -a /usr/share/rublon/01-rublon-ssh_pubkey.conf.default $RUBLON_SSH_CONFIG
+chown root:root $RUBLON_SSH_CONFIG
+chmod 640 $RUBLON_SSH_CONFIG
+
+if [ -f /etc/os-release ]
+then
+    . /etc/os-release
+fi
+sed -i '/auth required pam_rublon.so/d' $SSHD_PAM_CONF
+
+if [[ $ID == "rhel" || $ID=="alma" || $ID=="rocky" || $ID=="Centos" ]]
+then
+grep -qe 'auth required pam_rublon.so' $SSHD_PAM_CONF || sed -i '$aauth required pam_rublon.so' $SSHD_PAM_CONF
+grep -qe '#auth       substack     password-auth' $SSHD_PAM_CONF || sed -i -e 's/auth       substack     password-auth/#auth substack password-auth/g' $SSHD_PAM_CONF
+
+elif [ $ID = "Debian" ]
+then
+grep -qe 'auth requisite pam_rublon.so' $SSHD_PAM_CONF || sed -i '$aauth requisite pam_rublon.so' $SSHD_PAM_CONF
+else 
+   grep -qe 'auth requisite pam_rublon.so' $SSHD_PAM_CONF || sed -i '$aauth requisite pam_rublon.so' $SSHD_PAM_CONF
+   grep -qe 'account required pam_rublon.so' $SSHD_PAM_CONF || sed -i '$aaccount required pam_rublon.so' $SSHD_PAM_CONF
+fi
+
+grep -qe '#@include common-auth' $SSHD_PAM_CONF || sed -i 's/@include common-auth/#@include common-auth/' $SSHD_PAM_CONF
+if [[ $ID == "rhel" || $ID=="alma" || $ID=="rocky" || $ID=="Centos" ]]
+then
+systemctl restart sshd
+else
+deb-systemd-invoke restart ssh.service
+fi
+