diff options
| author | Sumit Bose <sbose@redhat.com> | 2010-09-28 15:43:31 +0200 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-10-13 09:49:38 -0400 |
| commit | d9ed57c641b91c9c499a53329d606d5061ed47d1 (patch) | |
| tree | 7f5c5ac4ff7bfa6d9ae7592a3d667580da2e50aa /src/providers/ipa | |
| parent | 8c64b46e923ec590984325beedb29fcd09aac0e4 (diff) | |
| download | sssd-d9ed57c641b91c9c499a53329d606d5061ed47d1.tar.gz sssd-d9ed57c641b91c9c499a53329d606d5061ed47d1.tar.xz sssd-d9ed57c641b91c9c499a53329d606d5061ed47d1.zip | |
Add infrastructure to LDAP provider for netgroup support
Diffstat (limited to 'src/providers/ipa')
| -rw-r--r-- | src/providers/ipa/ipa_common.c | 35 | ||||
| -rw-r--r-- | src/providers/ipa/ipa_common.h | 2 |
2 files changed, 35 insertions, 2 deletions
diff --git a/src/providers/ipa/ipa_common.c b/src/providers/ipa/ipa_common.c index dea1a73fe..2acd72a60 100644 --- a/src/providers/ipa/ipa_common.c +++ b/src/providers/ipa/ipa_common.c @@ -73,7 +73,8 @@ struct dp_option ipa_def_ldap_opts[] = { { "account_cache_expiration", DP_OPT_NUMBER, { .number = 0 }, NULL_NUMBER }, { "ldap_dns_service_name", DP_OPT_STRING, { SSS_LDAP_SRV_NAME }, NULL_STRING }, { "ldap_krb5_ticket_lifetime", DP_OPT_NUMBER, { .number = (24 * 60 * 60) }, NULL_NUMBER }, - { "ldap_access_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING } + { "ldap_access_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING }, + { "ldap_netgroup_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING } }; struct sdap_attr_map ipa_attr_map[] = { @@ -117,6 +118,15 @@ struct sdap_attr_map ipa_group_map[] = { { "ldap_group_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL } }; +struct sdap_attr_map ipa_netgroup_map[] = { + { "ldap_netgroup_object_class", "nisNetgroup", SYSDB_NETGROUP_CLASS, NULL }, + { "ldap_netgroup_name", "cn", SYSDB_NAME, NULL }, + { "ldap_netgroup_member", "memberNisNetgroup", SYSDB_ORIG_NETGROUP_MEMBER, NULL }, + { "ldap_netgroup_triple", "nisNetgroupTriple", SYSDB_NETGROUP_TRIPLE, NULL }, + { "ldap_netgroup_uuid", "nsUniqueId", SYSDB_UUID, NULL }, + { "ldap_netgroup_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL } +}; + struct dp_option ipa_def_krb5_opts[] = { { "krb5_kdcip", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING }, @@ -334,6 +344,20 @@ int ipa_get_id_options(struct ipa_options *ipa_opts, SDAP_GROUP_SEARCH_BASE))); } + if (NULL == dp_opt_get_string(ipa_opts->id->basic, + SDAP_NETGROUP_SEARCH_BASE)) { + ret = dp_opt_set_string(ipa_opts->id->basic, SDAP_NETGROUP_SEARCH_BASE, + dp_opt_get_string(ipa_opts->id->basic, + SDAP_SEARCH_BASE)); + if (ret != EOK) { + goto done; + } + DEBUG(6, ("Option %s set to %s\n", + ipa_opts->id->basic[SDAP_NETGROUP_SEARCH_BASE].opt_name, + dp_opt_get_string(ipa_opts->id->basic, + SDAP_NETGROUP_SEARCH_BASE))); + } + ret = sdap_get_map(ipa_opts->id, cdb, conf_path, ipa_attr_map, SDAP_AT_GENERAL, @@ -360,6 +384,15 @@ int ipa_get_id_options(struct ipa_options *ipa_opts, goto done; } + ret = sdap_get_map(ipa_opts->id, + cdb, conf_path, + ipa_netgroup_map, + SDAP_OPTS_NETGROUP, + &ipa_opts->id->netgroup_map); + if (ret != EOK) { + goto done; + } + ret = EOK; *_opts = ipa_opts->id; diff --git a/src/providers/ipa/ipa_common.h b/src/providers/ipa/ipa_common.h index 1638f2a8b..144ebf0c6 100644 --- a/src/providers/ipa/ipa_common.h +++ b/src/providers/ipa/ipa_common.h @@ -35,7 +35,7 @@ struct ipa_service { /* the following defines are used to keep track of the options in the ldap * module, so that if they change and ipa is not updated correspondingly * this will trigger a runtime abort error */ -#define IPA_OPTS_BASIC_TEST 36 +#define IPA_OPTS_BASIC_TEST 37 /* the following define is used to keep track of the options in the krb5 * module, so that if they change and ipa is not updated correspondingly |