diff options
Diffstat (limited to 'configure.ac')
| -rw-r--r-- | configure.ac | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac index 8d7cbe1..fe02f3a 100644 --- a/configure.ac +++ b/configure.ac @@ -309,6 +309,73 @@ AC_SUBST(ASYNCNS_CFLAGS) AC_SUBST(ASYNCNS_LIBS) fi +AC_ARG_WITH(nsswitch, + AS_HELP_STRING([--with-nsswitch], + [use nsswitch API to look up users and groups not found in the LDAP]), + use_nsswitch=$withval,use_nsswitch=AUTO) + +AM_CONDITIONAL([USE_NSSWITCH], [test "x$use_nsswitch" != xno]) + +AC_ARG_WITH(sss_nss_idmap, + AS_HELP_STRING([--with-sss-nss-idmap], [use libsss_nss_idmap to discover SIDs. Requires --with-nsswitch as well]), + use_sss_nss_idmap=$withval,use_sss_nss_idmap=AUTO) +AC_ARG_WITH(pam, + AS_HELP_STRING([--with-pam], + [use PAM API to authenticate users not found in the LDAP. Requires --with-nsswitch as well]), + use_pam=$withval,use_pam=AUTO) + +if test "x$use_nsswitch" = xno ; then + if test "x$use_pam" = xyes ; then + AC_ERROR([Cannot use PAM without nsswitch enabled]) + else + if test "x$use_pam" = xAUTO ; then + use_pam=no + fi + fi +fi +AM_CONDITIONAL([USE_PAM], [test "x$use_pam" != xno]) + +if test "x$use_nsswitch" != xno ; then + if pkg-config sss_nss_idmap 2> /dev/null ; then + if test x$use_sss_nss_idmap != xno ; then + AC_DEFINE(HAVE_SSS_NSS_IDMAP,1,[Define if you have libsss_nss_idmap.]) + PKG_CHECK_MODULES(SSS_NSS_IDMAP,sss_nss_idmap) + else + SSS_NSS_IDMAP_CFLAGS= + SSS_NSS_IDMAP_LIBS= + fi + else + if test x$use_sss_nss_idmap = xyes ; then + PKG_CHECK_MODULES(SSS_NSS_IDMAP,sss_nss_idmap) + else + SSS_NSS_IDMAP_CFLAGS= + SSS_NSS_IDMAP_LIBS= + fi + fi + AC_SUBST(SSS_NSS_IDMAP_CFLAGS) + AC_SUBST(SSS_NSS_IDMAP_LIBS) + + if test "x$use_pam" != xno ; then + AC_CHECK_HEADERS(security/pam_appl.h) + if test x$ac_cv_header_security_pam_appl_h = xyes ; then + use_pam=yes + else + use_pam=no + fi + + if test $use_pam = yes ; then + PAM_CFLAGS= + PAM_LIBS=-lpam + AC_DEFINE(USE_PAM,1,[Use PAM API to authenticate users not found in the LDAP tree]) + else + AC_ERROR([<security/pam_appl.h> not found and it is required for nsswitch-based mode]) + fi + AC_SUBST(PAM_CFLAGS) + AC_SUBST(PAM_LIBS) + fi + AC_DEFINE(USE_NSSWITCH,1,[Use nsswitch API to lookup users and groups not found in the LDAP tree]) +fi + mylibdir=`eval echo "$libdir" | sed "s,NONE,${ac_default_prefix},g"` mylibdir=`eval echo "$mylibdir" | sed "s,NONE,${ac_prefix},g"` case "$server" in @@ -401,6 +468,12 @@ AC_DEFINE_UNQUOTED(SCH_CONTAINER_CONFIGURATION_RDN_ATTR,"$rdnattr", attrattr=schema-compat-entry-attribute AC_DEFINE_UNQUOTED(SCH_CONTAINER_CONFIGURATION_ATTR_ATTR,"$attrattr", [Define to name of the attribute which is used to specify attributes to be used when constructing entries.]) +nsswitchattr=schema-compat-lookup-nsswitch +AC_DEFINE_UNQUOTED(SCH_CONTAINER_CONFIGURATION_NSSWITCH_ATTR,"$nsswitchattr", + [Define to name of the attribute to cause the tree to talk to nsswitch API for users and groups when they were not found in the LDAP. The value of the attribute is either 'user' or 'group'.]) +nsswitchminidattr=schema-compat-nsswitch-min-id +AC_DEFINE_UNQUOTED(SCH_CONTAINER_CONFIGURATION_NSSWITCH_MIN_ID_ATTR,"$nsswitchminidattr", + [Define to name of the attribute which is used to define lower bound of IDs (uid or gid) looked up through nsswitch API. Everything below is not considered belonging to trusted domains.]) maxvalue_attr=nis-max-value-size AC_DEFINE_UNQUOTED(NIS_PLUGIN_CONFIGURATION_MAXVALUE_ATTR,"$maxvalue_attr", |