Prev: ossec port is outdated and no maintainer replies
Next: FreeBSD Port: phpbb-3.0.5
From: nbari on 19 Nov 2009 20:14
On Oct 21, 9:53 am, ja...(a)whotookspaz.org (Jacob Myers) wrote:
> Hello,
>
> I have written a patch for net/nss_ldap to enable the use of login
> classes (which are used for resource control in FreeBSD). This patch
> applies cleanly against the latest version of the port. The reason I am
> submitting this here and not upstream is because this is a relatively
> FreeBSD-specific extension.
>
> To use this, all one has to do is set the loginClass attribute (or a
> mapping in nss_ldap.conf) for a user. The actual attribute can be
> implemented as an extension to the NIS schema standard (how we did it),
> or via a site-specific schema. Either way, it is trivial, and any
> competent LDAP administrator should be able to do this.
>
> I would like to solicit some review for this patch before I submit it to
> the PR system. Any questions and feedback are well appreciated :).
>
> --
> Jacob Myers <Ja...(a)whotookspaz.org> | Website:http://whotookspaz.org
> Network Admin, Wilcox Technologies  | Public key: 186A424A
> Answer a fool according to his folly, lest he be wise in his own conceit
>         -- Proverbs, 26:5
>
> [login_classes.diff1K ]--- ldap-pwd.c  2009-08-29 09:21:43.000000000 -0400
> +++ ldap-pwd.c  2009-08-29 08:17:12.000000000 -0400
> @@ -170,6 +170,12 @@
>      }
>
> +  stat =
> +    _nss_ldap_assign_attrval (e, AT (loginClass), &pw->pw_class, &buffer,
> +                             &buflen);
> +  if (stat != NSS_SUCCESS)
> +    (void) _nss_ldap_assign_emptystring (&pw->pw_class, &buffer, &buflen);
> +
>    stat =
>      _nss_ldap_assign_attrval (e, AT (homeDirectory), &pw->pw_dir, &buffer,
>                               &buflen);
>    if (stat != NSS_SUCCESS)
>
> --- ldap-schema.c       2009-08-29 09:21:43.000000000 -0400
> +++ ldap-schema.c       2009-08-28 12:09:52.000000000 -0400
> @@ -334,6 +334,7 @@
>  #ifdef HAVE_PASSWD_PW_EXPIRE
>    (*pwd_attrs)[i++] = AT (shadowExpire);
>  #endif /* HAVE_PASSWD_PW_EXPIRE */
> +  (*pwd_attrs)[i++] = AT (loginClass);
>    (*pwd_attrs)[i] = NULL;
>  }
>
> --- ldap-schema.h       2009-08-29 09:21:43.000000000 -0400
> +++ ldap-schema.h       2009-08-29 06:37:18.000000000 -0400
> @@ -24,7 +24,7 @@
>  #define _LDAP_NSS_LDAP_LDAP_SCHEMA_H
>
>  /* max number of attributes per object class */
> -#define ATTRTAB_SIZE   15
> +#define ATTRTAB_SIZE   16
>
>  /**
>   * function to initialize global lookup filters.
> @@ -153,6 +153,8 @@
>  #define AT_gecos                  "gecos"
>  #define AT_homeDirectory          "homeDirectory"
>
> +/* FreeBSD extension -Jacob Myers <ja...(a)whotokspaz.org> */
> +#define AT_loginClass           "loginClass"
>  /*
>   * ( nisSchema.2.1 NAME 'shadowAccount' SUP top AUXILIARY
>   *   DESC 'Additional attributes for shadow passwords'            
>
>  signature.asc
> < 1KViewDownload

Any plans for porting this to the nss_ldap port on freebsd ?

I am trying to set up the patch on sign.io but would be greate to add
it as an option to the port.

 | 
Pages: 1
Prev: ossec port is outdated and no maintainer replies
Next: FreeBSD Port: phpbb-3.0.5