nss-pam-ldapd commit: r1484 - in nss-pam-ldapd: . nslcd pynslcd tests
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
nss-pam-ldapd commit: r1484 - in nss-pam-ldapd: . nslcd pynslcd tests
- From: Commits of the nss-pam-ldapd project <nss-pam-ldapd-commits [at] lists.arthurdejong.org>
- To: nss-pam-ldapd-commits [at] lists.arthurdejong.org
- Reply-to: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: nss-pam-ldapd commit: r1484 - in nss-pam-ldapd: . nslcd pynslcd tests
- Date: Wed, 3 Aug 2011 21:54:55 +0200 (CEST)
Author: arthur
Date: Wed Aug 3 21:54:53 2011
New Revision: 1484
URL: http://arthurdejong.org/viewvc/nss-pam-ldapd?view=rev&revision=1484
Log:
switch to using the member attribute by default instead of uniqueMember
Modified:
nss-pam-ldapd/README
nss-pam-ldapd/nslcd.conf
nss-pam-ldapd/nslcd/attmap.c
nss-pam-ldapd/nslcd/attmap.h
nss-pam-ldapd/nslcd/group.c
nss-pam-ldapd/pynslcd/group.py
nss-pam-ldapd/tests/test_myldap.c
Modified: nss-pam-ldapd/README
==============================================================================
--- nss-pam-ldapd/README Thu Jul 21 22:41:32 2011 (r1483)
+++ nss-pam-ldapd/README Wed Aug 3 21:54:53 2011 (r1484)
@@ -299,7 +299,7 @@
userPassword - password
gidNumber - gid
memberUid - members (user names)
- uniqueMember - members (DN values)
+ member - members (DN values)
hosts (objectClass=ipHost)
cn - host name (and aliases)
ipHostNumber - addresses
@@ -355,7 +355,7 @@
(takes the least number of lookups). This attribute maps to user names with
the same values as the uid attribute would hold for posixAccount entries.
-The second method is to use DN values in the uniqueMember attribute (attribute
+The second method is to use DN values in the member attribute (attribute
names can be changed by using the attribute mapping options as described in
the manual page). This is potentially a lot slower because in the worst case
every DN has to be looked up in the LDAP server to find the proper value for
@@ -368,9 +368,8 @@
In all cases, users that are specified as member multiple times are returned
only once.
-Currently, having nested groups by uniqueMember values pointing to other
-groups, as well as the memberOf attribute in posixAccount entries are
-unsupported.
+Currently, having nested groups by member values pointing to other groups,
+as well as the memberOf attribute in posixAccount entries are unsupported.
case sensitivity
----------------
Modified: nss-pam-ldapd/nslcd.conf
==============================================================================
--- nss-pam-ldapd/nslcd.conf Thu Jul 21 22:41:32 2011 (r1483)
+++ nss-pam-ldapd/nslcd.conf Wed Aug 3 21:54:53 2011 (r1484)
@@ -78,9 +78,6 @@
#tls_cert
#tls_key
-# NDS mappings
-#map group uniqueMember member
-
# Mappings for Services for UNIX 3.5
#filter passwd (objectClass=User)
#map passwd uid msSFU30Name
@@ -91,7 +88,7 @@
#map shadow uid msSFU30Name
#map shadow userPassword msSFU30Password
#filter group (objectClass=Group)
-#map group uniqueMember msSFU30PosixMember
+#map group member msSFU30PosixMember
# Mappings for Services for UNIX 2.0
#filter passwd (objectClass=User)
@@ -104,7 +101,7 @@
#map shadow userPassword msSFUPassword
#map shadow shadowLastChange pwdLastSet
#filter group (objectClass=Group)
-#map group uniqueMember posixMember
+#map group member posixMember
# Mappings for Active Directory
#pagesize 1000
@@ -118,7 +115,6 @@
#map shadow uid sAMAccountName
#map shadow shadowLastChange pwdLastSet
#filter group (objectClass=group)
-#map group uniqueMember member
# Alternative mappings for Active Directory
# (replace the SIDs in the objectSid mappings with the value for your domain)
@@ -134,7 +130,6 @@
#map passwd loginShell "/bin/bash"
#filter group (|(objectClass=group)(objectClass=person))
#map group gidNumber objectSid:S-1-5-21-3623811015-3361044348-30300820
-#map group uniqueMember member
# Mappings for AIX SecureWay
#filter passwd (objectClass=aixAccount)
@@ -144,5 +139,4 @@
#map passwd gidNumber gid
#filter group (objectClass=aixAccessGroup)
#map group cn groupName
-#map group uniqueMember member
#map group gidNumber gid
Modified: nss-pam-ldapd/nslcd/attmap.c
==============================================================================
--- nss-pam-ldapd/nslcd/attmap.c Thu Jul 21 22:41:32 2011 (r1483)
+++ nss-pam-ldapd/nslcd/attmap.c Wed Aug 3 21:54:53 2011 (r1484)
@@ -146,7 +146,7 @@
if (strcasecmp(name,"userPassword")==0) return
&attmap_group_userPassword;
if (strcasecmp(name,"gidNumber")==0) return
&attmap_group_gidNumber;
if (strcasecmp(name,"memberUid")==0) return
&attmap_group_memberUid;
- if (strcasecmp(name,"uniqueMember")==0) return
&attmap_group_uniqueMember;
+ if (strcasecmp(name,"member")==0) return &attmap_group_member;
}
else if (map==LM_HOSTS)
{
Modified: nss-pam-ldapd/nslcd/attmap.h
==============================================================================
--- nss-pam-ldapd/nslcd/attmap.h Thu Jul 21 22:41:32 2011 (r1483)
+++ nss-pam-ldapd/nslcd/attmap.h Wed Aug 3 21:54:53 2011 (r1484)
@@ -36,7 +36,7 @@
extern const char *attmap_group_userPassword;
extern const char *attmap_group_gidNumber;
extern const char *attmap_group_memberUid;
-extern const char *attmap_group_uniqueMember;
+extern const char *attmap_group_member;
extern const char *attmap_host_cn;
extern const char *attmap_host_ipHostNumber;
extern const char *attmap_netgroup_cn;
Modified: nss-pam-ldapd/nslcd/group.c
==============================================================================
--- nss-pam-ldapd/nslcd/group.c Thu Jul 21 22:41:32 2011 (r1483)
+++ nss-pam-ldapd/nslcd/group.c Wed Aug 3 21:54:53 2011 (r1484)
@@ -44,7 +44,7 @@
* MUST ( cn $ gidNumber )
* MAY ( userPassword $ memberUid $ description ) )
*
- * apart from the above a uniqueMember attribute is also supported that
+ * apart from the above a member attribute is also supported that
* may contains a DN of a user
*
* nested groups (groups that are member of a group) are currently
@@ -65,7 +65,7 @@
const char *attmap_group_userPassword = "\"*\"";
const char *attmap_group_gidNumber = "gidNumber";
const char *attmap_group_memberUid = "memberUid";
-const char *attmap_group_uniqueMember = "uniqueMember";
+const char *attmap_group_member = "member";
/* special property for objectSid-based searches
(these are already LDAP-escaped strings) */
@@ -142,7 +142,7 @@
"(&%s(|(%s=%s)(%s=%s)))",
group_filter,
attmap_group_memberUid,safeuid,
- attmap_group_uniqueMember,safedn);
+ attmap_group_member,safedn);
}
void group_init(void)
@@ -168,7 +168,7 @@
attmap_add_attributes(set,attmap_group_userPassword);
attmap_add_attributes(set,attmap_group_memberUid);
attmap_add_attributes(set,attmap_group_gidNumber);
- attmap_add_attributes(set,attmap_group_uniqueMember);
+ attmap_add_attributes(set,attmap_group_member);
group_attrs=set_tolist(set);
set_free(set);
}
@@ -221,8 +221,8 @@
if (isvalidname(values[i]))
set_add(set,values[i]);
}
- /* add the uniqueMember values */
- values=myldap_get_values(entry,attmap_group_uniqueMember);
+ /* add the member values */
+ values=myldap_get_values(entry,attmap_group_member);
if (values!=NULL)
for (i=0;values[i]!=NULL;i++)
{
@@ -294,7 +294,7 @@
passwd=get_userpassword(entry,attmap_group_userPassword,passbuffer,sizeof(passbuffer));
if (passwd==NULL)
passwd=default_group_userPassword;
- /* get group memebers (memberUid&uniqueMember) */
+ /* get group memebers (memberUid&member) */
if (wantmembers)
members=getmembers(entry,session);
else
Modified: nss-pam-ldapd/pynslcd/group.py
==============================================================================
--- nss-pam-ldapd/pynslcd/group.py Thu Jul 21 22:41:32 2011 (r1483)
+++ nss-pam-ldapd/pynslcd/group.py Wed Aug 3 21:54:53 2011 (r1484)
@@ -36,7 +36,7 @@
userPassword='"*"',
gidNumber='gidNumber',
memberUid='memberUid',
- uniqueMember='uniqueMember')
+ member='member')
filter = '(|(objectClass=posixGroup)(objectClass=groupOfUniqueNames))'
@@ -63,8 +63,8 @@
for member in clean(attributes['memberUid']):
if common.isvalidname(member):
members.add(member)
- # translate and add the uniqueMember values
- for memberdn in clean(attributes['uniqueMember']):
+ # translate and add the member values
+ for memberdn in clean(attributes['member']):
member = dn2uid(self.conn, memberdn)
if member and common.isvalidname(member):
members.add(member)
@@ -109,7 +109,7 @@
# set up our own attributes that leave out membership attributes
self.attmap = common.Attributes(attmap)
del self.attmap['memberUid']
- del self.attmap['uniqueMember']
+ del self.attmap['member']
def read_parameters(self, fp):
memberuid = fp.read_string()
@@ -122,12 +122,12 @@
def mk_filter(self, parameters):
# we still need a custom mk_filter because this is an | query
memberuid = parameters['memberUid']
- if attmap['uniqueMember']:
+ if attmap['member']:
dn = uid2dn(self.conn, memberuid)
if dn:
return '(&%s(|(%s=%s)(%s=%s)))' % ( self.filter,
attmap['memberUid'],
ldap.filter.escape_filter_chars(memberuid),
- attmap['uniqueMember'],
ldap.filter.escape_filter_chars(dn) )
+ attmap['member'],
ldap.filter.escape_filter_chars(dn) )
return '(&%s(%s=%s))' % ( self.filter,
attmap['memberUid'],
ldap.filter.escape_filter_chars(memberuid) )
Modified: nss-pam-ldapd/tests/test_myldap.c
==============================================================================
--- nss-pam-ldapd/tests/test_myldap.c Thu Jul 21 22:41:32 2011 (r1483)
+++ nss-pam-ldapd/tests/test_myldap.c Wed Aug 3 21:54:53 2011 (r1484)
@@ -102,7 +102,7 @@
MYLDAP_SESSION *session;
MYLDAP_SEARCH *search1,*search2;
MYLDAP_ENTRY *entry;
- const char *attrs1[] = { "cn", "userPassword", "memberUid", "gidNumber",
"uniqueMember", NULL };
+ const char *attrs1[] = { "cn", "userPassword", "memberUid", "gidNumber",
"member", NULL };
const char *attrs2[] = { "uid", NULL };
int rc;
/* initialize session */
@@ -124,7 +124,7 @@
(void)myldap_get_values(entry,"gidNumber");
(void)myldap_get_values(entry,"userPassword");
(void)myldap_get_values(entry,"memberUid");
- (void)myldap_get_values(entry,"uniqueMember");
+ (void)myldap_get_values(entry,"member");
/* perform another search */
printf("test_myldap: test_get(): doing get...\n");
search2=myldap_search(session,"cn=Test User2,ou=people,dc=test,dc=tld",
--
To unsubscribe send an email to
nss-pam-ldapd-commits-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-commits
- nss-pam-ldapd commit: r1484 - in nss-pam-ldapd: . nslcd pynslcd tests,
Commits of the nss-pam-ldapd project
