From: nbari on 19 Nov 2009 20:14 On Oct 21, 9:53 am, ja...(a)whotookspaz.org (Jacob Myers) wrote: > Hello, > > I have written a patch for net/nss_ldap to enable the use of login > classes (which are used for resource control in FreeBSD). This patch > applies cleanly against the latest version of the port. The reason I am > submitting this here and not upstream is because this is a relatively > FreeBSD-specific extension. > > To use this, all one has to do is set the loginClass attribute (or a > mapping in nss_ldap.conf) for a user. The actual attribute can be > implemented as an extension to the NIS schema standard (how we did it), > or via a site-specific schema. Either way, it is trivial, and any > competent LDAP administrator should be able to do this. > > I would like to solicit some review for this patch before I submit it to > the PR system. Any questions and feedback are well appreciated :). > > -- > Jacob Myers <Ja...(a)whotookspaz.org> | Website:http://whotookspaz.org > Network Admin, Wilcox Technologies | Public key: 186A424A > Answer a fool according to his folly, lest he be wise in his own conceit > -- Proverbs, 26:5 > > [login_classes.diff1K ]--- ldap-pwd.c 2009-08-29 09:21:43.000000000 -0400 > +++ ldap-pwd.c 2009-08-29 08:17:12.000000000 -0400 > @@ -170,6 +170,12 @@ > } > > + stat = > + _nss_ldap_assign_attrval (e, AT (loginClass), &pw->pw_class, &buffer, > + &buflen); > + if (stat != NSS_SUCCESS) > + (void) _nss_ldap_assign_emptystring (&pw->pw_class, &buffer, &buflen); > + > stat = > _nss_ldap_assign_attrval (e, AT (homeDirectory), &pw->pw_dir, &buffer, > &buflen); > if (stat != NSS_SUCCESS) > > --- ldap-schema.c 2009-08-29 09:21:43.000000000 -0400 > +++ ldap-schema.c 2009-08-28 12:09:52.000000000 -0400 > @@ -334,6 +334,7 @@ > #ifdef HAVE_PASSWD_PW_EXPIRE > (*pwd_attrs)[i++] = AT (shadowExpire); > #endif /* HAVE_PASSWD_PW_EXPIRE */ > + (*pwd_attrs)[i++] = AT (loginClass); > (*pwd_attrs)[i] = NULL; > } > > --- ldap-schema.h 2009-08-29 09:21:43.000000000 -0400 > +++ ldap-schema.h 2009-08-29 06:37:18.000000000 -0400 > @@ -24,7 +24,7 @@ > #define _LDAP_NSS_LDAP_LDAP_SCHEMA_H > > /* max number of attributes per object class */ > -#define ATTRTAB_SIZE 15 > +#define ATTRTAB_SIZE 16 > > /** > * function to initialize global lookup filters. > @@ -153,6 +153,8 @@ > #define AT_gecos "gecos" > #define AT_homeDirectory "homeDirectory" > > +/* FreeBSD extension -Jacob Myers <ja...(a)whotokspaz.org> */ > +#define AT_loginClass "loginClass" > /* > * ( nisSchema.2.1 NAME 'shadowAccount' SUP top AUXILIARY > * DESC 'Additional attributes for shadow passwords' > > signature.asc > < 1KViewDownload Any plans for porting this to the nss_ldap port on freebsd ? I am trying to set up the patch on sign.io but would be greate to add it as an option to the port.
|
Pages: 1 Prev: ossec port is outdated and no maintainer replies Next: FreeBSD Port: phpbb-3.0.5 |