Date: Fri, 4 Jan 2002 14:15:36 -0600 From: "Marcus I. Ryan" <marcus@riboflavin.net> To: freebsd-questions@freebsd.org Subject: nss_ldap via IRS for FreeBSD Message-ID: <1010175336.3c360d6842981@horde.riboflavin.net>
next in thread | raw e-mail | index | archive | help
If this would be better on another list, recommendations would be
appreciated...
I've found ~800 unfinished answers and half-completed documents on
getting nss_ldap to work for FreeBSD through the BIND IRS interface.
Every indication of other ways it once worked have disappeared (most
notably nectar.com). Has anyone gotten this working that can share a
fairly-detailed howto, or even a rough sketch? I'm not even sure I'm
on the right track.
According to the nss_ldap documentation it has been confirmed to work
on FreeBSD with BIND 8 using the IRS interface. Part of the problem
is that the documentation for doing so is for nss_ldap-115 - it's now
up to nss_ldap-176. They refer to a patch for IRS that is no longer
in the tar archive as well. Perhaps it's not necessary with newer
versions of BIND.
What I have actually done so far is:
# Is installing bind8 from ports necessary??
# nss_ldap also seems to want sasl installed
cd /usr/ports/net/bind8; make install
cd /usr/ports/security/cyrus-sasl; make install
cd /usr/local/src
rm -rf /usr/local/src/nss_ldap
tar xvzf ~/nss_ldap*gz
mv nss_ldap* nss_ldap
cd nss_ldap
#set each of the following variables (I use tcsh setenv...)
CPPFLAGS "-pthread -I/usr/local/include -I/usr/local/include/bind"
CPPFLAGS "$CPPFLAGS -I/usr/local/include/sasl -DPIC -D_THREAD_SAFE"
CFLAGS "$CPPFLAGS"
LDFLAGS "-L/usr/local/lib"
LIBS "-lbind_r -lgnuregex -pthread"
./configure --with-ldap-lib=openldap --with-ldap-dir=/usr/local
automake -a
gmake
/usr/bin/install -c -o root -g wheel nss_ldap.so /usr/lib/nss_ldap.so.1
rm -f /usr/lib/nss_ldap.so
ln -s /usr/lib/nss_ldap.so.1 /usr/lib/nss_ldap.so
/usr/bin/install -c -m 644 -o root -g wheel ./nsswitch.ldap \
/etc/nsswitch.ldap;
unsetenv CPPFLAGS CFLAGS LDFLAGS LIBS
I then went to /usr/src/contrib/bind/lib/irs and applied the patches
listed in nss_ldap/docs/README.IRS to gen.c, gen_p.h, and Makefile
I then did:
cd /usr/src; make clean; make clean; make buildworld
When it gets to bind it exits with errors:
gen.c:84: `irs_ldap_acc' undeclared here (not in a function)
gen.c:84: initializer element is not constant
gen.c:84: (near initialization for `accs[3]')
My guess is somehow I need to get the proper include statements, etc.,
into the bind code and that's what the patch did. Since the new
version of nss_ldap doesn't come with the patch, I don't know what it
was for.
Can ANYONE give me any help at all? I've found all kinds of posts on
various newsgroups and mailing list archives, but none of them gives a
solid example or even a good rough outline.
ANY help would be appreciated! Thanks!
--
Marcus I. Ryan, marcus@riboflavin.net
-----------------------------------------------------------------------
"Love is a snowmobile racing across the tundra and then suddenly it
flips over, pinning you underneath. At night, the ice weasels come."
-- Matt Groening
-----------------------------------------------------------------------
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1010175336.3c360d6842981>