lists.arthurdejong.org
RSS feed

nss-pam-ldapd branch master updated. 0.8.12-109-gd19f1df

[Date Prev][Date Next] [Thread Prev][Thread Next]

nss-pam-ldapd branch master updated. 0.8.12-109-gd19f1df



This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "nss-pam-ldapd".

The branch, master has been updated
       via  d19f1df8996cd92ac879bcf167d770cd6b2a13e4 (commit)
       via  bf647108f90a493e72971fc302ec5b231fcc36f6 (commit)
       via  d413a643faa8103878d1e977e734029158ef1a7c (commit)
       via  008f8a95cd86782141849b41b34552eeef364128 (commit)
       via  9a6f5b24424e65d62600b0a1388174646af686b9 (commit)
      from  646dfa81025a89c50b81bf91dd95fd828606718d (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=d19f1df8996cd92ac879bcf167d770cd6b2a13e4

commit d19f1df8996cd92ac879bcf167d770cd6b2a13e4
Author: Arthur de Jong <arthur@arthurdejong.org>
Date:   Fri Mar 8 15:41:09 2013 +0100

    document the nscd_invalidate option

diff --git a/man/nslcd.conf.5.xml b/man/nslcd.conf.5.xml
index 986f874..3dc044a 100644
--- a/man/nslcd.conf.5.xml
+++ b/man/nslcd.conf.5.xml
@@ -805,6 +805,24 @@
      </listitem>
     </varlistentry>
 
+    <varlistentry id="nscd_invalidate"> <!-- since 0.9.0 -->
+     <term><option>nscd_invalidate</option>
+           
<replaceable>DB</replaceable>,<replaceable>DB</replaceable>,...</term>
+     <listitem>
+      <para>
+       If this option is set, on start-up and whenever a connection to the
+       <acronym>LDAP</acronym> server is re-established after an error
+       <command>nscd</command> is contacted to flush it's cache for the
+       configured databases.
+      </para>
+      <para>
+       Using this option ensures that <command>nscd</command> is not
+       caching absence of users that were not available if the LDAP server
+       was unavailable.
+      </para>
+     </listitem>
+    </varlistentry>
+
    </variablelist>
   </refsect2>
 

http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=bf647108f90a493e72971fc302ec5b231fcc36f6

commit bf647108f90a493e72971fc302ec5b231fcc36f6
Author: Arthur de Jong <arthur@arthurdejong.org>
Date:   Sat Mar 9 16:51:21 2013 +0100

    start the nscd invalidator and invalidate the nscd cache after reconnecting 
to the LDAP server after failure

diff --git a/nslcd/myldap.c b/nslcd/myldap.c
index c564f4b..e188fb0 100644
--- a/nslcd/myldap.c
+++ b/nslcd/myldap.c
@@ -1195,7 +1195,11 @@ static int do_retry_search(MYLDAP_SEARCH *search)
           pthread_mutex_lock(&uris_mutex);
           /* check if we are coming back from an error */
           if ((current_uri->lastfail > 0) || (search->session->current_uri != 
start_uri))
+          {
             log_log(LOG_INFO, "connected to LDAP server %s", current_uri->uri);
+            /* signal nscd cache invalidation */
+            nscd_invalidate(LM_NONE);
+          }
           /* update ok time */
           current_uri->firstfail = 0;
           current_uri->lastfail = 0;
diff --git a/nslcd/nscd.c b/nslcd/nscd.c
index c707f77..70365b4 100644
--- a/nslcd/nscd.c
+++ b/nslcd/nscd.c
@@ -229,6 +229,14 @@ void nscd_invalidate(enum ldap_map_selector map)
   int rc;
   if (signalfd < 0)
     return;
+  /* LM_NONE is used to signal all maps condigured in nscd_invalidate */
+  if (map == LM_NONE)
+  {
+    for (map = 0; map < LM_NONE ; map++)
+      if (nslcd_cfg->nscd_invalidate[map])
+        nscd_invalidate(map);
+    return;
+  }
   /* write a single byte which should be atomic and not fill the PIPE
      buffer too soon on most platforms
      (nslcd should already ignore SIGPIPE) */
diff --git a/nslcd/nslcd.c b/nslcd/nslcd.c
index fc2237c..5f70963 100644
--- a/nslcd/nslcd.c
+++ b/nslcd/nslcd.c
@@ -705,6 +705,12 @@ int main(int argc, char *argv[])
   if (!nslcd_debugging)
     log_startlogging();
   log_log(LOG_INFO, "version %s starting", VERSION);
+  /* start subprocess to do nscd invalidating if nscd_invalidate is set */
+  for (i = 0; i < LM_NONE; i++)
+    if (nslcd_cfg->nscd_invalidate[i])
+      break;
+  if (i < LM_NONE)
+    nscd_start_invalidator();
   /* write pidfile */
   create_pidfile(NSLCD_PIDFILE);
   /* install handler to close stuff off on exit and log notice */

http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=d413a643faa8103878d1e977e734029158ef1a7c

commit d413a643faa8103878d1e977e734029158ef1a7c
Author: Arthur de Jong <arthur@arthurdejong.org>
Date:   Fri Mar 8 16:18:51 2013 +0100

    implement parsing of the nscd_invalidate option

diff --git a/nslcd/cfg.c b/nslcd/cfg.c
index 018cd78..250a9c5 100644
--- a/nslcd/cfg.c
+++ b/nslcd/cfg.c
@@ -466,43 +466,52 @@ static void handle_krb5_ccname(const char *filename, int 
lnr,
 #endif /* HAVE_GSS_KRB5_CCACHE_NAME */
 }
 
-/* check to see if the line begins with a named map */
-static enum ldap_map_selector get_map(char **line)
+static enum ldap_map_selector parse_map(const char *value)
 {
-  char token[32];
-  char *old;
-  /* get the token */
-  old = *line;
-  if (get_token(line, token, sizeof(token)) == NULL)
-    return LM_NONE;
-  /* see if we found a map */
-  if ((strcasecmp(token, "alias") == 0) || (strcasecmp(token, "aliases") == 0))
+  if ((strcasecmp(value, "alias") == 0) || (strcasecmp(value, "aliases") == 0))
     return LM_ALIASES;
-  else if ((strcasecmp(token, "ether") == 0) || (strcasecmp(token, "ethers") 
== 0))
+  else if ((strcasecmp(value, "ether") == 0) || (strcasecmp(value, "ethers") 
== 0))
     return LM_ETHERS;
-  else if (strcasecmp(token, "group") == 0)
+  else if (strcasecmp(value, "group") == 0)
     return LM_GROUP;
-  else if ((strcasecmp(token, "host") == 0) || (strcasecmp(token, "hosts") == 
0))
+  else if ((strcasecmp(value, "host") == 0) || (strcasecmp(value, "hosts") == 
0))
     return LM_HOSTS;
-  else if (strcasecmp(token, "netgroup") == 0)
+  else if (strcasecmp(value, "netgroup") == 0)
     return LM_NETGROUP;
-  else if ((strcasecmp(token, "network") == 0) || (strcasecmp(token, 
"networks") == 0))
+  else if ((strcasecmp(value, "network") == 0) || (strcasecmp(value, 
"networks") == 0))
     return LM_NETWORKS;
-  else if (strcasecmp(token, "passwd") == 0)
+  else if (strcasecmp(value, "passwd") == 0)
     return LM_PASSWD;
-  else if ((strcasecmp(token, "protocol") == 0) || (strcasecmp(token, 
"protocols") == 0))
+  else if ((strcasecmp(value, "protocol") == 0) || (strcasecmp(value, 
"protocols") == 0))
     return LM_PROTOCOLS;
-  else if (strcasecmp(token, "rpc") == 0)
+  else if (strcasecmp(value, "rpc") == 0)
     return LM_RPC;
-  else if ((strcasecmp(token, "service") == 0) || (strcasecmp(token, 
"services") == 0))
+  else if ((strcasecmp(value, "service") == 0) || (strcasecmp(value, 
"services") == 0))
     return LM_SERVICES;
-  else if (strcasecmp(token, "shadow") == 0)
+  else if (strcasecmp(value, "shadow") == 0)
     return LM_SHADOW;
-  /* unknown map, return to the previous state */
-  *line = old;
+  /* unknown map */
   return LM_NONE;
 }
 
+/* check to see if the line begins with a named map */
+static enum ldap_map_selector get_map(char **line)
+{
+  char token[32];
+  char *old;
+  enum ldap_map_selector map;
+  /* get the token */
+  old = *line;
+  if (get_token(line, token, sizeof(token)) == NULL)
+    return LM_NONE;
+  /* see if we found a map */
+  map = parse_map(token);
+  /* unknown map, return to the previous state */
+  if (map == LM_NONE)
+    *line = old;
+  return map;
+}
+
 static const char *print_map(enum ldap_map_selector map)
 {
   switch (map)
@@ -924,6 +933,40 @@ static void handle_pam_password_prohibit_message(
   cfg->pam_password_prohibit_message = value;
 }
 
+static void handle_nscd_invalidate(
+                const char *filename, int lnr,
+                const char *keyword, char *line, struct ldap_config *cfg)
+{
+  char token[MAX_LINE_LENGTH];
+  char *name, *next;
+  enum ldap_map_selector map;
+  check_argumentcount(filename, lnr, keyword, (line != NULL) && (*line != 
'\0'));
+  while (get_token(&line, token, sizeof(token)) != NULL)
+  {
+    next = token;
+    while (*next != '\0')
+    {
+      name = next;
+      /* find the end of the current map name */
+      while ((*next != '\0') && (*next != ','))
+        next++;
+      if (*next == ',')
+      {
+        *next = '\0';
+        next++;
+      }
+      /* check if map name exists */
+      map = parse_map(name);
+      if (map == LM_NONE)
+      {
+        log_log(LOG_ERR, "%s:%d: unknown map: '%s'", filename, lnr, name);
+        exit(EXIT_FAILURE);
+      }
+      cfg->nscd_invalidate[map] = 1;
+    }
+  }
+}
+
 /* This function tries to get the LDAP search base from the LDAP server.
    Note that this returns a string that has been allocated with strdup().
    For this to work the myldap module needs enough configuration information
@@ -1054,6 +1097,8 @@ static void cfg_defaults(struct ldap_config *cfg)
   for (i = 0; i < NSS_LDAP_CONFIG_MAX_AUTHZ_SEARCHES; i++)
     cfg->pam_authz_searches[i] = NULL;
   cfg->pam_password_prohibit_message = NULL;
+  for (i = 0; i < LM_NONE; i++)
+    cfg->nscd_invalidate[i] = 0;
 }
 
 static void cfg_read(const char *filename, struct ldap_config *cfg)
@@ -1380,6 +1425,10 @@ static void cfg_read(const char *filename, struct 
ldap_config *cfg)
     {
       handle_pam_password_prohibit_message(filename, lnr, keyword, line, cfg);
     }
+    else if (strcasecmp(keyword, "nscd_invalidate") == 0)
+    {
+      handle_nscd_invalidate(filename, lnr, keyword, line, cfg);
+    }
 #ifdef ENABLE_CONFIGFILE_CHECKING
     /* fallthrough */
     else
@@ -1627,6 +1676,17 @@ static void cfg_dump(void)
       log_log(LOG_DEBUG, "CFG: pam_authz_search %s", 
nslcd_cfg->pam_authz_searches[i]);
   if (nslcd_cfg->pam_password_prohibit_message != NULL)
     log_log(LOG_DEBUG, "CFG: pam_password_prohibit_message \"%s\"", 
nslcd_cfg->pam_password_prohibit_message);
+  /* build a comma-separated list */
+  buffer[0] = '\0';
+  for (i = 0; i < LM_NONE ; i++)
+    if (nslcd_cfg->nscd_invalidate[i])
+    {
+      if (buffer[0] != '\0')
+        strncat(buffer, ",", sizeof(buffer) - 1 - strlen(buffer));
+      strncat(buffer, print_map(i), sizeof(buffer) - 1 - strlen(buffer));
+    }
+  if (buffer[0] != '\0')
+    log_log(LOG_DEBUG, "CFG: nscd_invalidate %s", buffer);
 }
 
 void cfg_init(const char *fname)
diff --git a/nslcd/cfg.h b/nslcd/cfg.h
index 3163b25..b2a93dc 100644
--- a/nslcd/cfg.h
+++ b/nslcd/cfg.h
@@ -124,6 +124,7 @@ struct ldap_config {
   int ignorecase; /* whether or not case should be ignored in lookups */
   char *pam_authz_searches[NSS_LDAP_CONFIG_MAX_AUTHZ_SEARCHES]; /* the 
searches that should be performed to do autorisation checks */
   char *pam_password_prohibit_message;   /* whether password changing should 
be denied and user prompted with this message */
+  char nscd_invalidate[LM_NONE];  /* set to 1 if the corresponding map should 
be invalidated */
 };
 
 /* this is a pointer to the global configuration, it should be available

http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=008f8a95cd86782141849b41b34552eeef364128

commit 008f8a95cd86782141849b41b34552eeef364128
Author: Arthur de Jong <arthur@arthurdejong.org>
Date:   Sat Mar 9 16:55:47 2013 +0100

    implement functionality to send a cache invalidation signal to nscd

diff --git a/configure.ac b/configure.ac
index b55816a..9fcc3ac 100644
--- a/configure.ac
+++ b/configure.ac
@@ -588,7 +588,7 @@ then
   AC_SEARCH_LIBS(dlopen, dl)
 
   # check for availability of functions
-  AC_CHECK_FUNCS(initgroups setgroups)
+  AC_CHECK_FUNCS(initgroups setgroups execvp execvpe)
   AC_CHECK_FUNCS(getpeereid)
   AC_CHECK_FUNCS(getpeerucred)
   AC_CHECK_FUNCS(__nss_configure_lookup)
diff --git a/nslcd/Makefile.am b/nslcd/Makefile.am
index 4b866ae..d901d64 100644
--- a/nslcd/Makefile.am
+++ b/nslcd/Makefile.am
@@ -1,7 +1,7 @@
 # Makefile.am - use automake to generate Makefile.in
 #
 # Copyright (C) 2006, 2007 West Consulting
-# Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012 Arthur de Jong
+# Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Arthur de Jong
 #
 # This library is free software; you can redistribute it and/or
 # modify it under the terms of the GNU Lesser General Public
@@ -30,7 +30,7 @@ nslcd_SOURCES = nslcd.c ../nslcd.h ../common/nslcd-prot.h \
                 myldap.c myldap.h \
                 cfg.c cfg.h \
                 attmap.c attmap.h \
-                nsswitch.c \
+                nsswitch.c nscd.c \
                 alias.c config.c ether.c group.c host.c netgroup.c network.c \
                 passwd.c protocol.c rpc.c service.c shadow.c pam.c
 nslcd_LDADD = ../common/libtio.a ../common/libdict.a \
diff --git a/nslcd/common.h b/nslcd/common.h
index fc44c43..2965de6 100644
--- a/nslcd/common.h
+++ b/nslcd/common.h
@@ -36,6 +36,7 @@
 #include "common/tio.h"
 #include "compat/attrs.h"
 #include "myldap.h"
+#include "cfg.h"
 
 /* macros for basic read and write operations, the following
    ERROR_OUT* marcos define the action taken on errors
@@ -139,6 +140,13 @@ void nsswitch_check_reload(void);
 /* check whether the nsswitch.conf file has LDAP as a naming source for db */
 int nsswitch_shadow_uses_ldap(void);
 
+/* start a child process that holds onto the original privileges with the
+   sole purpose of running nscd -i commands */
+int nscd_start_invalidator(void);
+
+/* signal nscd to invalidate the selected map */
+void nscd_invalidate(enum ldap_map_selector map);
+
 /* fallback definition of HOST_NAME_MAX */
 #ifndef HOST_NAME_MAX
 #ifdef _POSIX_HOST_NAME_MAX
diff --git a/nslcd/nscd.c b/nslcd/nscd.c
new file mode 100644
index 0000000..c707f77
--- /dev/null
+++ b/nslcd/nscd.c
@@ -0,0 +1,240 @@
+/*
+   nscd.c - functions for invalidating the nscd cache
+
+   Copyright (C) 2013 Arthur de Jong
+
+   This library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   This library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with this library; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+   02110-1301 USA
+*/
+
+#include "config.h"
+
+#include <stdio.h>
+#include <string.h>
+#include <ctype.h>
+#include <errno.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <signal.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+
+#include "common.h"
+#include "log.h"
+
+/* the write end of a pipe that is used to signal the child process
+   to call nscd to invalidate the cache */
+static int signalfd = -1;
+
+/* we have our own implementation because nscd could use different names */
+static const char *map2name(enum ldap_map_selector map)
+{
+  switch (map)
+  {
+    case LM_ALIASES:   return "aliases";
+    case LM_ETHERS:    return "ethers";
+    case LM_GROUP:     return "group";
+    case LM_HOSTS:     return "hosts";
+    case LM_NETGROUP:  return "netgroup";
+    case LM_NETWORKS:  return "networks";
+    case LM_PASSWD:    return "passwd";
+    case LM_PROTOCOLS: return "protocols";
+    case LM_RPC:       return "rpc";
+    case LM_SERVICES:  return "services";
+    case LM_SHADOW:    return "shadow";
+    case LM_NONE:
+    default:           return NULL;
+  }
+}
+
+/* invalidate the specified database in nscd */
+static void exec_invalidate(const char *db)
+{
+  pid_t cpid;
+  int i, status;
+  char *argv[] = { "nscd", "-i", NULL, NULL };
+#ifdef HAVE_EXECVPE
+  char *newenviron[] = { NULL };
+#endif
+  log_log(LOG_DEBUG, "nscd_invalidator: nscd -i %s", db);
+  /* do fork/exec */
+  switch (cpid=fork())
+  {
+    case 0: /* we are the child */
+      /* close all file descriptors */
+      i = sysconf(_SC_OPEN_MAX) - 1;
+      /* if the system does not have OPEN_MAX just close the first 32 and
+         hope we have closed enough */
+      if (i < 0)
+        i = 32;
+      for (; i >= 0; i--)
+        close(i);
+      /* execute command */
+      argv[2] = (char *)db;
+#ifdef HAVE_EXECVPE
+      execvpe("nscd", argv, newenviron);
+#else
+      execvp("nscd", argv);
+#endif
+      /* if we are here there has been an error */
+      /* we can't log since we don't have any useful file descriptors */
+      _exit(EXIT_FAILURE);
+      break;
+    case -1: /* we are the parent, but have an error */
+      log_log(LOG_ERR, "nscd_invalidator: fork() failed: %s", strerror(errno));
+      break;
+    default: /* we are the parent */
+      /* wait for child exit */
+      do
+      {
+        errno = 0;
+        i = waitpid(cpid, &status, 0);
+      }
+      while ((i < 0) && (errno == EINTR));
+      if (i < 0)
+        log_log(LOG_ERR, "nscd_invalidator: waitpid(%d) failed: %s", cpid, 
strerror(errno));
+      else if (WIFEXITED(status))
+      {
+        i = WEXITSTATUS(status);
+        if (i == 0)
+          log_log(LOG_DEBUG, "nscd_invalidator: nscd -i %s (pid %d) success",
+                  db, cpid);
+        else
+          log_log(LOG_DEBUG, "nscd_invalidator: nscd -i %s (pid %d) failed 
(%d)",
+                  db, cpid, i);
+      }
+      else if (WIFSIGNALED(status))
+      {
+        i = WTERMSIG(status);
+        log_log(LOG_ERR, "nscd_invalidator: nscd -i %s (pid %d) killed by %s 
(%d)",
+                db, cpid, signame(i), i);
+      }
+      else
+        log_log(LOG_ERR, "nscd_invalidator: nscd -i %s (pid %d) had unknown 
failure",
+                db, cpid);
+      break;
+  }
+}
+
+/* main loop for the invalidator process */
+static void nscd_handle_requests(int fd)
+{
+  int i;
+  uint8_t c;
+  const char *db;
+  log_log(LOG_DEBUG, "nscd_invalidator: starting");
+  /* set up environment */
+  chdir("/");
+  putenv("PATH=/usr/sbin:/usr/bin:/sbin:/bin");
+  /* handle incoming requests */
+  while (1)
+  {
+    i = read(fd, &c, sizeof(uint8_t));
+    if (i == 0)
+    {
+      log_log(LOG_ERR, "nscd_invalidator: EOF");
+      _exit(EXIT_SUCCESS);
+    }
+    else if (i < 0)
+    {
+      if (errno == EINTR)
+        log_log(LOG_DEBUG, "nscd_invalidator: read failed (ignored): %s",
+                strerror(errno));
+      else
+      {
+        log_log(LOG_ERR, "nscd_invalidator: read failed: %s", strerror(errno));
+        _exit(EXIT_SUCCESS);
+      }
+    }
+    else
+    {
+      db = map2name((enum ldap_map_selector)c);
+      if (db == NULL)
+        log_log(LOG_ERR, "nscd_invalidator: invalid db received");
+      else
+        exec_invalidate(db);
+    }
+  }
+}
+
+/* start a child process that holds onto the original privileges with the
+   sole purpose of running nscd -i commands */
+int nscd_start_invalidator(void)
+{
+  int pipefds[2];
+  pid_t cpid;
+  int i;
+  /* set up a pipe for communication */
+  if (pipe(pipefds) == -1)
+  {
+    log_log(LOG_ERR, "pipe() failed: %s", strerror(errno));
+    return -1;
+  }
+  /* set O_NONBLOCK on the write end to ensure that a hanging invalidator
+     process does not bring down the rest of the application */
+  if ((i = fcntl(pipefds[1], F_GETFL, 0)) < 0)
+  {
+    log_log(LOG_ERR, "fctnl(F_GETFL) failed: %s", strerror(errno));
+    close(pipefds[0]);
+    close(pipefds[1]);
+    return -1;
+  }
+  if (fcntl(pipefds[1], F_SETFL, i | O_NONBLOCK) < 0)
+  {
+    log_log(LOG_ERR, "fctnl(F_SETFL,O_NONBLOCK) failed: %s", strerror(errno));
+    close(pipefds[0]);
+    close(pipefds[1]);
+    return -1;
+  }
+  /* fork a child to perfrom the nscd invalidate commands */
+  cpid = fork();
+  if (cpid == -1)
+  {
+    log_log(LOG_ERR, "fork() failed: %s", strerror(errno));
+    close(pipefds[0]);
+    close(pipefds[1]);
+    return -1;
+  }
+  if (cpid == 0)
+  {
+    /* we are the child: close the write end and handle requests */
+    close(pipefds[1]);
+    nscd_handle_requests(pipefds[0]);
+    /* the handle function should't return */
+    _exit(EXIT_FAILURE);
+  }
+  /* we are the parent: close the read end and save the write end */
+  close(pipefds[0]);
+  signalfd = pipefds[1];
+  return 0;
+}
+
+/* signal nscd to invalidate the selected map */
+void nscd_invalidate(enum ldap_map_selector map)
+{
+  uint8_t c;
+  int rc;
+  if (signalfd < 0)
+    return;
+  /* write a single byte which should be atomic and not fill the PIPE
+     buffer too soon on most platforms
+     (nslcd should already ignore SIGPIPE) */
+  c = (uint8_t)map;
+  rc = write(signalfd, &c, sizeof(uint8_t));
+  if (rc <= 0)
+    log_log(LOG_WARNING, "error signalling nscd invalidator: %s",
+            strerror(errno));
+}
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 2dcc2e1..082e80d 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -1,7 +1,7 @@
 # Makefile.am - use automake to generate Makefile.in
 #
 # Copyright (C) 2006 West Consulting
-# Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Arthur de Jong
+# Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Arthur de Jong
 #
 # This library is free software; you can redistribute it and/or
 # modify it under the terms of the GNU Lesser General Public
@@ -54,7 +54,7 @@ test_getpeercred_SOURCES = test_getpeercred.c common.h
 test_getpeercred_LDADD = ../compat/libcompat.a
 
 # common objects that are included for the tests of nslcd functionality
-common_nslcd_LDADD = ../nslcd/log.o ../nslcd/common.o \
+common_nslcd_LDADD = ../nslcd/log.o ../nslcd/common.o ../nslcd/nscd.o \
                      ../nslcd/myldap.o ../nslcd/attmap.o ../nslcd/nsswitch.o \
                      ../nslcd/alias.o ../nslcd/ether.o ../nslcd/group.o \
                      ../nslcd/host.o ../nslcd/netgroup.o ../nslcd/network.o \

http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=9a6f5b24424e65d62600b0a1388174646af686b9

commit 9a6f5b24424e65d62600b0a1388174646af686b9
Author: Arthur de Jong <arthur@arthurdejong.org>
Date:   Sat Mar 9 16:45:56 2013 +0100

    move signame() function to common.c to make it available to all modules

diff --git a/nslcd/common.c b/nslcd/common.c
index 2b67e6c..211be1b 100644
--- a/nslcd/common.c
+++ b/nslcd/common.c
@@ -3,7 +3,7 @@
    This file is part of the nss-pam-ldapd library.
 
    Copyright (C) 2006 West Consulting
-   Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012 Arthur de Jong
+   Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Arthur de Jong
 
    This library is free software; you can redistribute it and/or
    modify it under the terms of the GNU Lesser General Public
@@ -35,6 +35,7 @@
 #include <string.h>
 #include <regex.h>
 #include <stdlib.h>
+#include <signal.h>
 
 #include "nslcd.h"
 #include "common.h"
@@ -58,6 +59,61 @@ int mysnprintf(char *buffer, size_t buflen, const char 
*format, ...)
   return ((res < 0) || (((size_t)res) >= buflen));
 }
 
+/* get a name of a signal with a given signal number */
+const char *signame(int signum)
+{
+  switch (signum)
+  {
+    case SIGHUP:  return "SIGHUP";  /* Hangup detected */
+    case SIGINT:  return "SIGINT";  /* Interrupt from keyboard */
+    case SIGQUIT: return "SIGQUIT"; /* Quit from keyboard */
+    case SIGILL:  return "SIGILL";  /* Illegal Instruction */
+    case SIGABRT: return "SIGABRT"; /* Abort signal from abort(3) */
+    case SIGFPE:  return "SIGFPE";  /* Floating point exception */
+    case SIGKILL: return "SIGKILL"; /* Kill signal */
+    case SIGSEGV: return "SIGSEGV"; /* Invalid memory reference */
+    case SIGPIPE: return "SIGPIPE"; /* Broken pipe */
+    case SIGALRM: return "SIGALRM"; /* Timer signal from alarm(2) */
+    case SIGTERM: return "SIGTERM"; /* Termination signal */
+    case SIGUSR1: return "SIGUSR1"; /* User-defined signal 1 */
+    case SIGUSR2: return "SIGUSR2"; /* User-defined signal 2 */
+    case SIGCHLD: return "SIGCHLD"; /* Child stopped or terminated */
+    case SIGCONT: return "SIGCONT"; /* Continue if stopped */
+    case SIGSTOP: return "SIGSTOP"; /* Stop process */
+    case SIGTSTP: return "SIGTSTP"; /* Stop typed at tty */
+    case SIGTTIN: return "SIGTTIN"; /* tty input for background process */
+    case SIGTTOU: return "SIGTTOU"; /* tty output for background process */
+#ifdef SIGBUS
+    case SIGBUS:  return "SIGBUS";  /* Bus error */
+#endif
+#ifdef SIGPOLL
+    case SIGPOLL: return "SIGPOLL"; /* Pollable event */
+#endif
+#ifdef SIGPROF
+    case SIGPROF: return "SIGPROF"; /* Profiling timer expired */
+#endif
+#ifdef SIGSYS
+    case SIGSYS:  return "SIGSYS";  /* Bad argument to routine */
+#endif
+#ifdef SIGTRAP
+    case SIGTRAP: return "SIGTRAP"; /* Trace/breakpoint trap */
+#endif
+#ifdef SIGURG
+    case SIGURG:  return "SIGURG";  /* Urgent condition on socket */
+#endif
+#ifdef SIGVTALRM
+    case SIGVTALRM: return "SIGVTALRM"; /* Virtual alarm clock */
+#endif
+#ifdef SIGXCPU
+    case SIGXCPU: return "SIGXCPU"; /* CPU time limit exceeded */
+#endif
+#ifdef SIGXFSZ
+    case SIGXFSZ: return "SIGXFSZ"; /* File size limit exceeded */
+#endif
+    default:      return "UNKNOWN";
+  }
+}
+
 /* return the fully qualified domain name of the current host */
 const char *getfqdn(void)
 {
diff --git a/nslcd/common.h b/nslcd/common.h
index e1a2037..fc44c43 100644
--- a/nslcd/common.h
+++ b/nslcd/common.h
@@ -60,6 +60,9 @@
 int mysnprintf(char *buffer, size_t buflen, const char *format, ...)
   LIKE_PRINTF(3, 4);
 
+/* get a name of a signal with a given signal number */
+const char *signame(int signum);
+
 /* return the fully qualified domain name of the current host
    the returned value does not need to be freed but is re-used for every
    call */
diff --git a/nslcd/nslcd.c b/nslcd/nslcd.c
index 3b85ff8..fc2237c 100644
--- a/nslcd/nslcd.c
+++ b/nslcd/nslcd.c
@@ -178,61 +178,6 @@ static void parse_cmdline(int argc, char *argv[])
   }
 }
 
-/* get a name of a signal with a given signal number */
-static const char *signame(int signum)
-{
-  switch (signum)
-  {
-    case SIGHUP:  return "SIGHUP";  /* Hangup detected */
-    case SIGINT:  return "SIGINT";  /* Interrupt from keyboard */
-    case SIGQUIT: return "SIGQUIT"; /* Quit from keyboard */
-    case SIGILL:  return "SIGILL";  /* Illegal Instruction */
-    case SIGABRT: return "SIGABRT"; /* Abort signal from abort(3) */
-    case SIGFPE:  return "SIGFPE";  /* Floating point exception */
-    case SIGKILL: return "SIGKILL"; /* Kill signal */
-    case SIGSEGV: return "SIGSEGV"; /* Invalid memory reference */
-    case SIGPIPE: return "SIGPIPE"; /* Broken pipe */
-    case SIGALRM: return "SIGALRM"; /* Timer signal from alarm(2) */
-    case SIGTERM: return "SIGTERM"; /* Termination signal */
-    case SIGUSR1: return "SIGUSR1"; /* User-defined signal 1 */
-    case SIGUSR2: return "SIGUSR2"; /* User-defined signal 2 */
-    case SIGCHLD: return "SIGCHLD"; /* Child stopped or terminated */
-    case SIGCONT: return "SIGCONT"; /* Continue if stopped */
-    case SIGSTOP: return "SIGSTOP"; /* Stop process */
-    case SIGTSTP: return "SIGTSTP"; /* Stop typed at tty */
-    case SIGTTIN: return "SIGTTIN"; /* tty input for background process */
-    case SIGTTOU: return "SIGTTOU"; /* tty output for background process */
-#ifdef SIGBUS
-    case SIGBUS:  return "SIGBUS";  /* Bus error */
-#endif
-#ifdef SIGPOLL
-    case SIGPOLL: return "SIGPOLL"; /* Pollable event */
-#endif
-#ifdef SIGPROF
-    case SIGPROF: return "SIGPROF"; /* Profiling timer expired */
-#endif
-#ifdef SIGSYS
-    case SIGSYS:  return "SIGSYS";  /* Bad argument to routine */
-#endif
-#ifdef SIGTRAP
-    case SIGTRAP: return "SIGTRAP"; /* Trace/breakpoint trap */
-#endif
-#ifdef SIGURG
-    case SIGURG:  return "SIGURG";  /* Urgent condition on socket */
-#endif
-#ifdef SIGVTALRM
-    case SIGVTALRM: return "SIGVTALRM"; /* Virtual alarm clock */
-#endif
-#ifdef SIGXCPU
-    case SIGXCPU: return "SIGXCPU"; /* CPU time limit exceeded */
-#endif
-#ifdef SIGXFSZ
-    case SIGXFSZ: return "SIGXFSZ"; /* File size limit exceeded */
-#endif
-    default:      return "UNKNOWN";
-  }
-}
-
 /* signal handler for closing down */
 static void sigexit_handler(int signum)
 {

-----------------------------------------------------------------------

Summary of changes:
 configure.ac         |    2 +-
 man/nslcd.conf.5.xml |   18 ++++
 nslcd/Makefile.am    |    4 +-
 nslcd/cfg.c          |  104 +++++++++++++++++-----
 nslcd/cfg.h          |    1 +
 nslcd/common.c       |   58 ++++++++++++-
 nslcd/common.h       |   11 ++
 nslcd/myldap.c       |    4 +
 nslcd/nscd.c         |  248 ++++++++++++++++++++++++++++++++++++++++++++++++++
 nslcd/nslcd.c        |   61 +-----------
 tests/Makefile.am    |    4 +-
 11 files changed, 432 insertions(+), 83 deletions(-)
 create mode 100644 nslcd/nscd.c


hooks/post-receive
-- 
nss-pam-ldapd
-- 
To unsubscribe send an email to
nss-pam-ldapd-commits-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-commits/