Date: Fri, 30 Oct 2009 13:07:55 GMT From: Jacob Myers <jacob@whotookspaz.org> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/140107: [PATCH] Enhance net/nss_ldap to support FreeBSD login classes Message-ID: <200910301307.n9UD7t4A090184@www.freebsd.org> Resent-Message-ID: <200910301310.n9UDA9Dv067576@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 140107 >Category: ports >Synopsis: [PATCH] Enhance net/nss_ldap to support FreeBSD login classes >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Fri Oct 30 13:10:09 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Jacob Myers >Release: 7.2-RELEASE-p4 >Organization: Wilcox Technologies >Environment: FreeBSD kusanagi.whotookspaz.org 7.2-RELEASE-p4 FreeBSD 7.2-RELEASE-p4 #1: Wed Oct 28 10:07:06 EDT 2009 root@kusanagi.whotookspaz.org:/usr/obj/usr/src/sys/KUSANAGI i386 >Description: This patch allows the use of login classes in nss_ldap via a new LDAP attribute (loginClass). Administrators should be able to add this attribute to their schemata easily. >How-To-Repeat: N/A >Fix: See attached patch file. Patch attached with submission follows: --- nss_ldap/Makefile 2009-09-16 18:06:58.000000000 -0400 +++ nss_ldap/Makefile 2009-10-30 08:47:23.000000000 -0400 @@ -23,6 +23,8 @@ USE_LDCONFIG= yes USE_OPENLDAP= yes +OPTIONS= LCLASS "Enable login classes via the loginClass attribute" on + PLIST_FILES= etc/nss_ldap.conf.sample \ lib/nss_ldap.so.1 @@ -41,6 +43,10 @@ CONFIGURE_ARGS+=--enable-configurable-krb5-ccname-env .endif +.if defined(WITH_LCLASS) +CFLAGS+="-DHAVE_LOGIN_CLASSES" +.endif + post-extract: ${CP} ${FILESDIR}/bsdnss.c ${WRKSRC} --- nss_ldap/files/patch-login-classes 1969-12-31 19:00:00.000000000 -0500 +++ nss_ldap/files/patch-login-classes 2009-10-30 08:44:19.000000000 -0400 @@ -0,0 +1,52 @@ +--- ldap-pwd.c 2009-08-29 09:21:43.000000000 -0400 ++++ ldap-pwd.c 2009-08-29 08:17:12.000000000 -0400 +@@ -170,6 +170,15 @@ + } ++ ++#ifdef HAVE_LOGIN_CLASSES ++ stat = ++ _nss_ldap_assign_attrval (e, AT (loginClass), &pw->pw_class, &buffer, ++ &buflen); ++ if (stat != NSS_SUCCESS) ++ (void) _nss_ldap_assign_emptystring (&pw->pw_class, &buffer, &buflen); ++#endif ++ + stat = + _nss_ldap_assign_attrval (e, AT (homeDirectory), &pw->pw_dir, &buffer, + &buflen); + if (stat != NSS_SUCCESS) + +--- ldap-schema.c 2009-08-29 09:21:43.000000000 -0400 ++++ ldap-schema.c 2009-08-28 12:09:52.000000000 -0400 +@@ -334,6 +334,9 @@ + #ifdef HAVE_PASSWD_PW_EXPIRE + (*pwd_attrs)[i++] = AT (shadowExpire); + #endif /* HAVE_PASSWD_PW_EXPIRE */ ++#ifdef HAVE_LOGIN_CLASSES ++ (*pwd_attrs)[i++] = AT (loginClass); ++#endif + (*pwd_attrs)[i] = NULL; + } + +--- ldap-schema.h 2009-08-29 09:21:43.000000000 -0400 ++++ ldap-schema.h 2009-08-29 06:37:18.000000000 -0400 +@@ -24,7 +24,7 @@ + #define _LDAP_NSS_LDAP_LDAP_SCHEMA_H + + /* max number of attributes per object class */ +-#define ATTRTAB_SIZE 15 ++#define ATTRTAB_SIZE 16 + + /** + * function to initialize global lookup filters. +@@ -153,6 +153,10 @@ + #define AT_gecos "gecos" + #define AT_homeDirectory "homeDirectory" + ++#ifdef HAVE_LOGIN_CLASSES ++/* FreeBSD extension -Jacob Myers <jacob@whotokspaz.org> */ ++#define AT_loginClass "loginClass" ++#endif + /* + * ( nisSchema.2.1 NAME 'shadowAccount' SUP top AUXILIARY + * DESC 'Additional attributes for shadow passwords' >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200910301307.n9UD7t4A090184>