From owner-svn-src-all@freebsd.org Sun Jan 24 13:58:09 2016 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 452709C261F; Sun, 24 Jan 2016 13:58:09 +0000 (UTC) (envelope-from antoine.brodin.freebsd@gmail.com) Received: from mail-ig0-x22d.google.com (mail-ig0-x22d.google.com [IPv6:2607:f8b0:4001:c05::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 0DC7D7CD; Sun, 24 Jan 2016 13:58:09 +0000 (UTC) (envelope-from antoine.brodin.freebsd@gmail.com) Received: by mail-ig0-x22d.google.com with SMTP id t15so19736632igr.0; Sun, 24 Jan 2016 05:58:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=y+w1guYgXH1n5HB4U7JpKvYsmQ8gkzZOHb4smrwGEmE=; b=HpEf6kPqGUMVcepJG4JkMsFUNEcma7yvUON7u329SY5nXflMDkQWukNdY1NEwiBDYC Wf73ovdSVr17IU0TOQSCErKV951LUeshGJ7wkPi46yDqpK4gd/at5l5ydySuAiRLjcw1 nX8OCaf26p5lLdF4e9hk/lZLcIYnCxEo09csNgtW2YPEfO1vpJlK4d0+aDrcdgNLpN6E VBR9Bh/bxu9TFJ1HXLNO3gwORcqOGRxIhHYUFbN1H+temiXhnC5ko49abh9/vF+g2fHV WUrs4jYMRu+a/QyxSJg/v0fYSUAaiTXVetBhMv8xSFggxmqUCApO+xvh55xNfqyYhA6t B6WA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=y+w1guYgXH1n5HB4U7JpKvYsmQ8gkzZOHb4smrwGEmE=; b=d4z3zcBfusMnO78c2eZhcgx2rKhmiVU/KRZ2e4vDHS+ltb/zyIFEh84QJ8HxredrGT DJN9bnlq6I++xcKZpsUS5QBQboA07DskQ4dTNRUCTCUOwZXqQTKAtEZX1kiCXYali3Eu xdAwKyGWMn9c6lr05YxhYfB5Qz6FiXl457vfnC8FS0l+yPJdtQQm9zN9nwAG2jsl0r9o tlYtZDFczvFYKiVkjwigt5Y8XTCeTLquiJ/ol371f6aTeeo2sYQOLN9gzn/Drgujdcgz VZFLkWOrgQbk+FnSXP8Te2LXQSxli9yz61wPlzEKwmRBroHiXZU6ddTTEX5HpOu/qcGG EIbA== X-Gm-Message-State: AG10YOR91i8l+GpZyF6qSEZ8Rsstt7TepjcwXoIyapDxwn3yublUCxLvpQRWmbapN4gx+b7a0VVWidmCFbKafA== MIME-Version: 1.0 X-Received: by 10.50.102.69 with SMTP id fm5mr12988181igb.24.1453643888382; Sun, 24 Jan 2016 05:58:08 -0800 (PST) Sender: antoine.brodin.freebsd@gmail.com Received: by 10.107.159.195 with HTTP; Sun, 24 Jan 2016 05:58:08 -0800 (PST) Received: by 10.107.159.195 with HTTP; Sun, 24 Jan 2016 05:58:08 -0800 (PST) In-Reply-To: <201601130149.u0D1nZmI053966@repo.freebsd.org> References: <201601130149.u0D1nZmI053966@repo.freebsd.org> Date: Sun, 24 Jan 2016 13:58:08 +0000 X-Google-Sender-Auth: Ys0Ki2zZDeYZIBI0ysjf5PdQ0AU Message-ID: Subject: Re: svn commit: r293801 - in head: . etc share/examples/ypldap usr.sbin/ypldap From: Antoine Brodin To: "araujo@FreeBSD.org" Cc: src-committers@freebsd.org, svn-src-head@freebsd.org, svn-src-all@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Jan 2016 13:58:09 -0000 On Jan 13, 2016 2:49 AM, "Marcelo Araujo" wrote: > > Author: araujo > Date: Wed Jan 13 01:49:35 2016 > New Revision: 293801 > URL: https://svnweb.freebsd.org/changeset/base/293801 > > Log: > ypldap(8) is a feature ready to be used to translate nis(8) database to ldap(3). > > This commit, fix a core dump on ypldap(8) related with memory allocation. > Also an example of how to set the ypldap.conf(5) properly is added to > examples files. > > A new user _ypldap is required to be able to run ypldap(8) as well as > in a chroot mode. > > Reviewed by: rodrigc (mentor), bjk > Approved by: bapt (mentor) > Relnotes: Yes > Sponsored by: gandi.net > Differential Revision: https://reviews.freebsd.org/D4744 > Hi, Uid 93 is already used in the ports tree by jabber. (/usr/ports/UIDs) Cheers, Antoine > Added: > head/share/examples/ypldap/ > head/share/examples/ypldap/ypldap.conf (contents, props changed) > Modified: > head/UPDATING > head/etc/master.passwd > head/usr.sbin/ypldap/yp.c > head/usr.sbin/ypldap/ypldap.conf.5 > > Modified: head/UPDATING > ============================================================================== > --- head/UPDATING Wed Jan 13 01:32:04 2016 (r293800) > +++ head/UPDATING Wed Jan 13 01:49:35 2016 (r293801) > @@ -31,6 +31,11 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 11 > disable the most expensive debugging functionality run > "ln -s 'abort:false,junk:false' /etc/malloc.conf".) > > +20160113: > + With the addition of ypldap(8), a new _ypldap user is now required > + during installworld. "mergemaster -p" can be used to add the user > + prior to installworld, as documented in the handbook. > + > 20151216: > The tftp loader (pxeboot) now uses the option root-path directive. As a > consequence it no longer looks for a pxeboot.4th file on the tftp > > Modified: head/etc/master.passwd > ============================================================================== > --- head/etc/master.passwd Wed Jan 13 01:32:04 2016 (r293800) > +++ head/etc/master.passwd Wed Jan 13 01:49:35 2016 (r293801) > @@ -22,5 +22,6 @@ uucp:*:66:66::0:0:UUCP pseudo-user:/var/ > pop:*:68:6::0:0:Post Office Owner:/nonexistent:/usr/sbin/nologin > auditdistd:*:78:77::0:0:Auditdistd unprivileged user:/var/empty:/usr/sbin/nologin > www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/usr/sbin/nologin > +_ypldap:*:93:93::0:0:YP Ldap unprivileged user:/var/empty:/usr/sbin/nologin > hast:*:845:845::0:0:HAST unprivileged user:/var/empty:/usr/sbin/nologin > nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin > > Added: head/share/examples/ypldap/ypldap.conf > ============================================================================== > --- /dev/null 00:00:00 1970 (empty, because file is newly added) > +++ head/share/examples/ypldap/ypldap.conf Wed Jan 13 01:49:35 2016 (r293801) > @@ -0,0 +1,40 @@ > +$FreeBSD$ > +domain "freebsd.org" > +interval 60 > +provide map "passwd.byname" > +provide map "passwd.byuid" > +provide map "group.byname" > +provide map "group.bygid" > +provide map "netid.byname" > + > +directory "127.0.0.1" { > + # directory options > + binddn "cn=ldap,dc=freebsd,dc=org" > + bindcred "secret" > + basedn "dc=freebsd.,dc=org" > + # starting point for groups directory search, default to basedn > + groupdn "ou=Groups,dc=freebsd,dc=org" > + > + # passwd maps configuration (RFC 2307 posixAccount object class) > + passwd filter "(objectClass=posixAccount)" > + > + attribute name maps to "uid" > + fixed attribute passwd "*" > + attribute uid maps to "uidNumber" > + attribute gid maps to "gidNumber" > + attribute gecos maps to "cn" > + attribute home maps to "homeDirectory" > + attribute shell maps to "loginShell" > + fixed attribute change "0" > + fixed attribute expire "0" > + fixed attribute class "" > + > + # group maps configuration (RFC 2307 posixGroup object class) > + group filter "(objectClass=posixGroup)" > + > + attribute groupname maps to "cn" > + fixed attribute grouppasswd "*" > + attribute groupgid maps to "gidNumber" > + # memberUid returns multiple group members > + list groupmembers maps to "memberUid" > +} > > Modified: head/usr.sbin/ypldap/yp.c > ============================================================================== > --- head/usr.sbin/ypldap/yp.c Wed Jan 13 01:32:04 2016 (r293800) > +++ head/usr.sbin/ypldap/yp.c Wed Jan 13 01:49:35 2016 (r293801) > @@ -83,10 +83,10 @@ void > yp_enable_events(void) > { > int i; > - extern fd_set svc_fdset; > + extern fd_set svc_fdset; > struct yp_event *ye; > > - for (i = 0; i < getdtablesize(); i++) { > + for (i = 0; i < FD_SETSIZE; i++) { > if (FD_ISSET(i, &svc_fdset)) { > if ((ye = calloc(1, sizeof(*ye))) == NULL) > fatal(NULL); > > Modified: head/usr.sbin/ypldap/ypldap.conf.5 > ============================================================================== > --- head/usr.sbin/ypldap/ypldap.conf.5 Wed Jan 13 01:32:04 2016 (r293800) > +++ head/usr.sbin/ypldap/ypldap.conf.5 Wed Jan 13 01:49:35 2016 (r293801) > @@ -15,7 +15,7 @@ > .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF > .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. > .\" > -.Dd $Mdocdate: April 30 2012 $ > +.Dd $Mdocdate: January 13 2016 $ > .Dt YPLDAP.CONF 5 > .Os > .Sh NAME > @@ -155,6 +155,9 @@ Use the supplied LDAP filter to retrieve > .It Pa /etc/ypldap.conf > .Xr ypldap 8 > configuration file. > +.It Pa /usr/share/example/ypldap/ypldap.conf > +.Xr ypldap 8 > +configuration file example. > .El > .Sh SEE ALSO > .Xr ypbind 8 , >