summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2009-08-05 14:45:14 -0400
committerStephen Gallagher <sgallagh@redhat.com>2009-08-11 12:29:34 -0400
commitb3b55f167063417c285524ba35bd9298965b834a (patch)
tree4c918ec839222dd55d0090d03d27b9b932491c57
parent28bbb2ec4c5f29339488f07f63f55e5c6657e9a1 (diff)
downloadsssd-b3b55f167063417c285524ba35bd9298965b834a.tar.gz
sssd-b3b55f167063417c285524ba35bd9298965b834a.tar.xz
sssd-b3b55f167063417c285524ba35bd9298965b834a.zip
Make socket paths a compile-time option
Previously, we had hardcoded the paths for the NSS, PAM and private PAM sockets to /var/lib/sss/pipes. With this patch, we will specify the sockets with --with-pipe-path.
-rw-r--r--server/Makefile.am3
-rw-r--r--server/providers/data_provider_be.c1
-rw-r--r--server/providers/krb5/krb5_auth.c1
-rw-r--r--server/providers/proxy.c1
-rw-r--r--server/responder/nss/nsssrv.h1
-rw-r--r--server/responder/pam/pamsrv.c1
-rw-r--r--sss_client/Makefile.am7
-rw-r--r--sss_client/configure.ac19
-rw-r--r--sss_client/sss_cli.h6
-rw-r--r--sssd.spec.in13
10 files changed, 37 insertions, 16 deletions
diff --git a/server/Makefile.am b/server/Makefile.am
index 400d31f36..2d2c65f1d 100644
--- a/server/Makefile.am
+++ b/server/Makefile.am
@@ -115,6 +115,9 @@ AM_CPPFLAGS = -Wall \
-DSHADOW_UTILS_PATH=\"$(shadow_utils_path)\" \
-DSSSD_INTROSPECT_PATH=\"$(dbusinstropectdir)\" \
-DSSSD_CONF_DIR=\"$(sssdconfdir)\" \
+ -DSSS_NSS_SOCKET_NAME=\"$(pipepath)/nss\" \
+ -DSSS_PAM_SOCKET_NAME=\"$(pipepath)/pam\" \
+ -DSSS_PAM_PRIV_SOCKET_NAME=\"$(pipepath)/private/pam\" \
-DUSE_MMAP=1 \
-DLOCALEDIR=\"\$(localedir)\"
diff --git a/server/providers/data_provider_be.c b/server/providers/data_provider_be.c
index 872c9d769..c93c4531e 100644
--- a/server/providers/data_provider_be.c
+++ b/server/providers/data_provider_be.c
@@ -50,7 +50,6 @@
#include "providers/dp_sbus.h"
#include "monitor/monitor_sbus.h"
#include "monitor/monitor_interfaces.h"
-#include "../sss_client/sss_cli.h"
#define BE_CONF_ENTRY "config/domains/%s"
diff --git a/server/providers/krb5/krb5_auth.c b/server/providers/krb5/krb5_auth.c
index 24250b9ff..ffbfd7b22 100644
--- a/server/providers/krb5/krb5_auth.c
+++ b/server/providers/krb5/krb5_auth.c
@@ -37,7 +37,6 @@
#include "util/util.h"
#include "providers/dp_backend.h"
#include "db/sysdb.h"
-#include "../sss_client/sss_cli.h"
#include "krb5_plugin/sssd_krb5_locator_plugin.h"
#include "providers/krb5/krb5_auth.h"
diff --git a/server/providers/proxy.c b/server/providers/proxy.c
index 106530fc7..2aee53341 100644
--- a/server/providers/proxy.c
+++ b/server/providers/proxy.c
@@ -31,7 +31,6 @@
#include "util/util.h"
#include "providers/dp_backend.h"
#include "db/sysdb.h"
-#include "../sss_client/sss_cli.h"
struct proxy_nss_ops {
enum nss_status (*getpwnam_r)(const char *name, struct passwd *result,
diff --git a/server/responder/nss/nsssrv.h b/server/responder/nss/nsssrv.h
index f79d056c3..f34456f4f 100644
--- a/server/responder/nss/nsssrv.h
+++ b/server/responder/nss/nsssrv.h
@@ -28,7 +28,6 @@
#include "talloc.h"
#include "tevent.h"
#include "ldb.h"
-#include "../sss_client/sss_cli.h"
#include "dbus/dbus.h"
#include "sbus/sssd_dbus.h"
#include "responder/common/responder_packet.h"
diff --git a/server/responder/pam/pamsrv.c b/server/responder/pam/pamsrv.c
index 48286ecd2..92fa4aecb 100644
--- a/server/responder/pam/pamsrv.c
+++ b/server/responder/pam/pamsrv.c
@@ -49,7 +49,6 @@
#include "monitor/monitor_interfaces.h"
#include "sbus/sbus_client.h"
#include "responder/pam/pamsrv.h"
-#include "../sss_client/sss_cli.h"
#define PAM_SBUS_SERVICE_VERSION 0x0001
#define PAM_SBUS_SERVICE_NAME "pam"
diff --git a/sss_client/Makefile.am b/sss_client/Makefile.am
index 4552720ed..7333e4c39 100644
--- a/sss_client/Makefile.am
+++ b/sss_client/Makefile.am
@@ -1,9 +1,14 @@
SUBDIRS = po
+pipepath=@pipepath@
+
topdir=.
AM_CPPFLAGS = \
-I$(topdir) \
- -DLOCALEDIR=\"\$(localedir)\"
+ -DLOCALEDIR=\"\$(localedir)\" \
+ -DSSS_NSS_SOCKET_NAME=\"$(pipepath)/nss\" \
+ -DSSS_PAM_SOCKET_NAME=\"$(pipepath)/pam\" \
+ -DSSS_PAM_PRIV_SOCKET_NAME=\"$(pipepath)/private/pam\"
ACLOCAL_AMFLAGS = -I m4
AM_CFLAGS =
diff --git a/sss_client/configure.ac b/sss_client/configure.ac
index 97fc83def..7d443ed2d 100644
--- a/sss_client/configure.ac
+++ b/sss_client/configure.ac
@@ -37,6 +37,25 @@ AC_DEFUN([BUILD_WITH_AUX_INFO],
[Build with -aux-info output])])
])
AM_CONDITIONAL([WANT_AUX_INFO], [test x$with_aux_info = xyes])
+BUILD_WITH_AUX_INFO
+
+AC_DEFUN([WITH_PIPE_PATH],
+ [ AC_ARG_WITH([pipe-path],
+ [AC_HELP_STRING([--with-pipe-path=PATH],
+ [Where to store pipe files for the SSSD interconnects [/var/lib/sss/pipes]]
+ )
+ ]
+ )
+ config_pipepath="\"VARDIR\"/lib/sss/pipes"
+ pipepath="${localstatedir}/lib/sss/pipes"
+ if test x"$with_pipe_path" != x; then
+ config_pipepath=$with_pipe_path
+ pipepath=$with_pipe_path
+ fi
+ AC_SUBST(pipepath)
+ AC_DEFINE_UNQUOTED(PIPE_PATH, "$config_pipepath", [Where to store pipe files for the SSSD interconnects])
+ ])
+WITH_PIPE_PATH
AC_CONFIG_FILES([Makefile po/Makefile.in])
AC_OUTPUT
diff --git a/sss_client/sss_cli.h b/sss_client/sss_cli.h
index 63daf7bca..f1ccba9f2 100644
--- a/sss_client/sss_cli.h
+++ b/sss_client/sss_cli.h
@@ -15,12 +15,6 @@
#include <pwd.h>
#include <grp.h>
-/* SELinux will have a better way to regulate access if they are seprate
- * Also a change in one of the pipes will not affect the others */
-#define SSS_NSS_SOCKET_NAME "/var/lib/sss/pipes/nss"
-#define SSS_PAM_SOCKET_NAME "/var/lib/sss/pipes/pam"
-#define SSS_PAM_PRIV_SOCKET_NAME "/var/lib/sss/pipes/private/pam"
-
#define SSS_NSS_PROTOCOL_VERSION 1
#define SSS_PAM_PROTOCOL_VERSION 2
diff --git a/sssd.spec.in b/sssd.spec.in
index aa284ff66..49e266153 100644
--- a/sssd.spec.in
+++ b/sssd.spec.in
@@ -20,6 +20,9 @@ Requires(preun): initscripts chkconfig
Requires(postun): /sbin/service
%define servicename sssd
+%define sssdstatedir %{_localstatedir}/lib/sss
+%define dbpath %{sssdstatedir}/db
+%define pipepath %{sssdstatedir}/pipes
### Build Dependencies ###
@@ -58,6 +61,8 @@ services for projects like FreeIPA.
%build
%configure \
--without-tests \
+ --with-db-path=%{dbpath} \
+ --with-pipe-path=%{pipepath} \
--with-init-dir=%{_initrddir} \
--enable-nsslibdir=/%{_lib}
@@ -100,10 +105,10 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/%{name}/
%{_libdir}/ldb/memberof.so
%{_libdir}/krb5/plugins/libkrb5/*
-%dir %{_sharedstatedir}/sss/
-%attr(700,root,root) %dir %{_sharedstatedir}/sss/db
-%dir %{_sharedstatedir}/sss/pipes
-%attr(700,root,root) %dir %{_sharedstatedir}/sss/pipes/private
+%dir %{sssdstatedir}
+%attr(700,root,root) %dir %{dbpath}
+%attr(755,root,root) %dir %{pipepath}
+%attr(700,root,root) %dir %{pipepath}/private
%dir %{_sysconfdir}/sssd
%config(noreplace) %{_sysconfdir}/sssd/sssd.conf
/%{_lib}/libnss_sss.so.2
append(opt['val']) done = False if newopts: fd = open("/etc/sysconfig/ntpd", "w") for line in lines: if not done: sline = line.strip() if not sline.startswith('OPTIONS'): fd.write(line) continue sline = sline.replace('"', '') (variable, opts) = sline.split('=', 1) fd.write('OPTIONS="%s %s"\n' % (opts, ' '.join(newopts))) done = True else: fd.write(line) fd.close() def __stop(self): self.backup_state("running", self.is_running()) self.stop() def __start(self): self.start() def __enable(self): self.backup_state("enabled", self.is_enabled()) self.enable() def create_instance(self): # we might consider setting the date manually using ntpd -qg in case # the current time is very far off. self.step("stopping ntpd", self.__stop) self.step("writing configuration", self.__write_config) self.step("configuring ntpd to start on boot", self.__enable) self.step("starting ntpd", self.__start) self.start_creation("Configuring ntpd") def uninstall(self): if self.is_configured(): self.print_msg("Unconfiguring %s" % self.service_name) running = self.restore_state("running") enabled = self.restore_state("enabled") if not running is None: self.stop() try: self.fstore.restore_file("/etc/ntp.conf") except ValueError, error: logging.debug(error) pass if not enabled is None and not enabled: self.disable() if not running is None and running: self.start()