git: a01debe78c6a - main - net/nss-pam-ldapd: Add LCLASS Support
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 27 Aug 2023 13:54:33 UTC
The branch main has been updated by zi: URL: https://cgit.FreeBSD.org/ports/commit/?id=a01debe78c6a48b2af17be589f4d13307e4d7b59 commit a01debe78c6a48b2af17be589f4d13307e4d7b59 Author: Ryan Steinmetz <zi@FreeBSD.org> AuthorDate: 2023-08-27 13:53:30 +0000 Commit: Ryan Steinmetz <zi@FreeBSD.org> CommitDate: 2023-08-27 13:53:30 +0000 net/nss-pam-ldapd: Add LCLASS Support PR: 220379 Submitted by: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> --- net/nss-pam-ldapd/Makefile | 6 ++- .../files/lclass-patches/patch-nslcd__attmap.c | 18 +++++++++ .../files/lclass-patches/patch-nslcd__attmap.h | 10 +++++ .../files/lclass-patches/patch-nslcd__passwd.c | 43 ++++++++++++++++++++++ .../files/lclass-patches/patch-nss__passwd.c | 13 +++++++ 5 files changed, 89 insertions(+), 1 deletion(-) diff --git a/net/nss-pam-ldapd/Makefile b/net/nss-pam-ldapd/Makefile index da980d0bc012..cbd58ca8a2c9 100644 --- a/net/nss-pam-ldapd/Makefile +++ b/net/nss-pam-ldapd/Makefile @@ -13,6 +13,7 @@ LICENSE= LGPL21 LGPL3 LICENSE_COMB= dual USES= cpe ldap + CPE_VENDOR= arthurdejong GNU_CONFIGURE= yes USE_RC_SUBR= nslcd @@ -24,9 +25,12 @@ NSLCD_PIDFILE?= /var/run/nslcd.pid NSLCD_VARDIR?= /var/run/nslcd NSLCD_SOCKET?= ${NSLCD_VARDIR}/nslcd.ctl -OPTIONS_DEFINE= KERBEROS +OPTIONS_DEFINE= KERBEROS LCLASS OPTIONS_DEFAULT= KERBEROS +LCLASS_EXTRA_PATCHES= ${PATCHDIR}/lclass-patches +LCLASS_DESC= Build with loginClass support + .if defined(SLAVE_PORT) OPTIONS_DEFINE+= SASL OPTIONS_MULTI= MG1 diff --git a/net/nss-pam-ldapd/files/lclass-patches/patch-nslcd__attmap.c b/net/nss-pam-ldapd/files/lclass-patches/patch-nslcd__attmap.c new file mode 100644 index 000000000000..b326d1830662 --- /dev/null +++ b/net/nss-pam-ldapd/files/lclass-patches/patch-nslcd__attmap.c @@ -0,0 +1,18 @@ +--- nslcd/attmap.c.orig 2019-11-02 16:23:45.000000000 +0100 ++++ nslcd/attmap.c 2023-05-29 19:22:02.233300000 +0200 +@@ -176,6 +176,7 @@ + if (strcasecmp(name, "gecos") == 0) return &attmap_passwd_gecos; + if (strcasecmp(name, "homeDirectory") == 0) return &attmap_passwd_homeDirectory; + if (strcasecmp(name, "loginShell") == 0) return &attmap_passwd_loginShell; ++ if (strcasecmp(name, "loginClass") ==0) return &attmap_passwd_loginClass; + } + else if (map == LM_PROTOCOLS) + { +@@ -230,6 +231,7 @@ + (var != &attmap_shadow_shadowWarning) && + (var != &attmap_shadow_shadowInactive) && + (var != &attmap_shadow_shadowExpire) && ++ (var != &attmap_passwd_loginClass) && + (var != &attmap_shadow_shadowFlag)) + return NULL; + /* the member attribute may only be set to an empty string */ diff --git a/net/nss-pam-ldapd/files/lclass-patches/patch-nslcd__attmap.h b/net/nss-pam-ldapd/files/lclass-patches/patch-nslcd__attmap.h new file mode 100644 index 000000000000..7100e2924193 --- /dev/null +++ b/net/nss-pam-ldapd/files/lclass-patches/patch-nslcd__attmap.h @@ -0,0 +1,10 @@ +--- nslcd/attmap.h.orig 2021-11-15 20:40:49.000000000 +0100 ++++ nslcd/attmap.h 2023-05-29 19:22:02.233912000 +0200 +@@ -67,6 +67,7 @@ + extern const char *attmap_shadow_shadowInactive; + extern const char *attmap_shadow_shadowExpire; + extern const char *attmap_shadow_shadowFlag; ++extern const char *attmap_passwd_loginClass; + + /* return a reference to the map specific base variable */ + const char **base_get_var(enum ldap_map_selector map); diff --git a/net/nss-pam-ldapd/files/lclass-patches/patch-nslcd__passwd.c b/net/nss-pam-ldapd/files/lclass-patches/patch-nslcd__passwd.c new file mode 100644 index 000000000000..1689f2afec2a --- /dev/null +++ b/net/nss-pam-ldapd/files/lclass-patches/patch-nslcd__passwd.c @@ -0,0 +1,43 @@ +--- nslcd/passwd.c.orig 2021-11-15 20:40:49.000000000 +0100 ++++ nslcd/passwd.c 2023-05-29 19:22:02.234797000 +0200 +@@ -63,6 +63,7 @@ + const char *attmap_passwd_gecos = "\"${gecos:-$cn}\""; + const char *attmap_passwd_homeDirectory = "homeDirectory"; + const char *attmap_passwd_loginShell = "loginShell"; ++const char *attmap_passwd_loginClass = "loginClass"; + + /* special properties for objectSid-based searches + (these are already LDAP-escaped strings) */ +@@ -150,6 +151,7 @@ + attmap_add_attributes(set, attmap_passwd_gecos); + attmap_add_attributes(set, attmap_passwd_homeDirectory); + attmap_add_attributes(set, attmap_passwd_loginShell); ++ attmap_add_attributes(set, attmap_passwd_loginClass); + passwd_attrs = set_tolist(set); + if (passwd_attrs == NULL) + { +@@ -428,6 +430,7 @@ + char gecos[1024]; + char homedir[256]; + char shell[64]; ++ char lclass[256]; + char passbuffer[BUFLEN_PASSWORDHASH]; + int i, j; + /* get the usernames for this entry */ +@@ -541,6 +544,8 @@ + myldap_get_dn(entry), attmap_passwd_homeDirectory); + /* get the shell for this entry */ + attmap_get_value(entry, attmap_passwd_loginShell, shell, sizeof(shell)); ++ /* get the login class for this entry */ ++ attmap_get_value(entry, attmap_passwd_loginClass, lclass, sizeof(lclass)); + /* write the entries */ + for (i = 0; usernames[i] != NULL; i++) + { +@@ -565,6 +570,7 @@ + WRITE_STRING(fp, gecos); + WRITE_STRING(fp, homedir); + WRITE_STRING(fp, shell); ++ WRITE_STRING(fp, lclass); + } + } + } diff --git a/net/nss-pam-ldapd/files/lclass-patches/patch-nss__passwd.c b/net/nss-pam-ldapd/files/lclass-patches/patch-nss__passwd.c new file mode 100644 index 000000000000..cad4bfffda85 --- /dev/null +++ b/net/nss-pam-ldapd/files/lclass-patches/patch-nss__passwd.c @@ -0,0 +1,13 @@ +--- nss/passwd.c.orig 2019-11-02 16:23:46.000000000 +0100 ++++ nss/passwd.c 2023-05-29 19:22:02.235416000 +0200 +@@ -45,8 +45,8 @@ + READ_BUF_STRING(fp, result->pw_dir); + READ_BUF_STRING(fp, result->pw_shell); + #ifdef HAVE_STRUCT_PASSWD_PW_CLASS +- /* set the user access class to an empty string */ +- result->pw_class = result->pw_name + strlen(result->pw_name); ++ /* set the user access class to an empty string only if empty */ ++ READ_BUF_STRING(fp, result->pw_class); + #endif /* HAVE_STRUCT_PASSWD_PW_CLASS */ + return NSS_STATUS_SUCCESS; + }