Date: Sun, 24 Jan 2016 13:58:08 +0000 From: Antoine Brodin <antoine@FreeBSD.org> To: "araujo@FreeBSD.org" <araujo@freebsd.org> Cc: src-committers@freebsd.org, svn-src-head@freebsd.org, svn-src-all@freebsd.org Subject: Re: svn commit: r293801 - in head: . etc share/examples/ypldap usr.sbin/ypldap Message-ID: <CAALwa8m1M-gX4MwaW1FYpS=q85NZy7GVnukSzzSEkDdsCxn0mA@mail.gmail.com> In-Reply-To: <201601130149.u0D1nZmI053966@repo.freebsd.org> References: <201601130149.u0D1nZmI053966@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jan 13, 2016 2:49 AM, "Marcelo Araujo" <araujo@freebsd.org> wrote: > > Author: araujo > Date: Wed Jan 13 01:49:35 2016 > New Revision: 293801 > URL: https://svnweb.freebsd.org/changeset/base/293801 > > Log: > ypldap(8) is a feature ready to be used to translate nis(8) database to ldap(3). > > This commit, fix a core dump on ypldap(8) related with memory allocation. > Also an example of how to set the ypldap.conf(5) properly is added to > examples files. > > A new user _ypldap is required to be able to run ypldap(8) as well as > in a chroot mode. > > Reviewed by: rodrigc (mentor), bjk > Approved by: bapt (mentor) > Relnotes: Yes > Sponsored by: gandi.net > Differential Revision: https://reviews.freebsd.org/D4744 > Hi, Uid 93 is already used in the ports tree by jabber. (/usr/ports/UIDs) Cheers, Antoine > Added: > head/share/examples/ypldap/ > head/share/examples/ypldap/ypldap.conf (contents, props changed) > Modified: > head/UPDATING > head/etc/master.passwd > head/usr.sbin/ypldap/yp.c > head/usr.sbin/ypldap/ypldap.conf.5 > > Modified: head/UPDATING > ============================================================================== > --- head/UPDATING Wed Jan 13 01:32:04 2016 (r293800) > +++ head/UPDATING Wed Jan 13 01:49:35 2016 (r293801) > @@ -31,6 +31,11 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 11 > disable the most expensive debugging functionality run > "ln -s 'abort:false,junk:false' /etc/malloc.conf".) > > +20160113: > + With the addition of ypldap(8), a new _ypldap user is now required > + during installworld. "mergemaster -p" can be used to add the user > + prior to installworld, as documented in the handbook. > + > 20151216: > The tftp loader (pxeboot) now uses the option root-path directive. As a > consequence it no longer looks for a pxeboot.4th file on the tftp > > Modified: head/etc/master.passwd > ============================================================================== > --- head/etc/master.passwd Wed Jan 13 01:32:04 2016 (r293800) > +++ head/etc/master.passwd Wed Jan 13 01:49:35 2016 (r293801) > @@ -22,5 +22,6 @@ uucp:*:66:66::0:0:UUCP pseudo-user:/var/ > pop:*:68:6::0:0:Post Office Owner:/nonexistent:/usr/sbin/nologin > auditdistd:*:78:77::0:0:Auditdistd unprivileged user:/var/empty:/usr/sbin/nologin > www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/usr/sbin/nologin > +_ypldap:*:93:93::0:0:YP Ldap unprivileged user:/var/empty:/usr/sbin/nologin > hast:*:845:845::0:0:HAST unprivileged user:/var/empty:/usr/sbin/nologin > nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin > > Added: head/share/examples/ypldap/ypldap.conf > ============================================================================== > --- /dev/null 00:00:00 1970 (empty, because file is newly added) > +++ head/share/examples/ypldap/ypldap.conf Wed Jan 13 01:49:35 2016 (r293801) > @@ -0,0 +1,40 @@ > +$FreeBSD$ > +domain "freebsd.org" > +interval 60 > +provide map "passwd.byname" > +provide map "passwd.byuid" > +provide map "group.byname" > +provide map "group.bygid" > +provide map "netid.byname" > + > +directory "127.0.0.1" { > + # directory options > + binddn "cn=ldap,dc=freebsd,dc=org" > + bindcred "secret" > + basedn "dc=freebsd.,dc=org" > + # starting point for groups directory search, default to basedn > + groupdn "ou=Groups,dc=freebsd,dc=org" > + > + # passwd maps configuration (RFC 2307 posixAccount object class) > + passwd filter "(objectClass=posixAccount)" > + > + attribute name maps to "uid" > + fixed attribute passwd "*" > + attribute uid maps to "uidNumber" > + attribute gid maps to "gidNumber" > + attribute gecos maps to "cn" > + attribute home maps to "homeDirectory" > + attribute shell maps to "loginShell" > + fixed attribute change "0" > + fixed attribute expire "0" > + fixed attribute class "" > + > + # group maps configuration (RFC 2307 posixGroup object class) > + group filter "(objectClass=posixGroup)" > + > + attribute groupname maps to "cn" > + fixed attribute grouppasswd "*" > + attribute groupgid maps to "gidNumber" > + # memberUid returns multiple group members > + list groupmembers maps to "memberUid" > +} > > Modified: head/usr.sbin/ypldap/yp.c > ============================================================================== > --- head/usr.sbin/ypldap/yp.c Wed Jan 13 01:32:04 2016 (r293800) > +++ head/usr.sbin/ypldap/yp.c Wed Jan 13 01:49:35 2016 (r293801) > @@ -83,10 +83,10 @@ void > yp_enable_events(void) > { > int i; > - extern fd_set svc_fdset; > + extern fd_set svc_fdset; > struct yp_event *ye; > > - for (i = 0; i < getdtablesize(); i++) { > + for (i = 0; i < FD_SETSIZE; i++) { > if (FD_ISSET(i, &svc_fdset)) { > if ((ye = calloc(1, sizeof(*ye))) == NULL) > fatal(NULL); > > Modified: head/usr.sbin/ypldap/ypldap.conf.5 > ============================================================================== > --- head/usr.sbin/ypldap/ypldap.conf.5 Wed Jan 13 01:32:04 2016 (r293800) > +++ head/usr.sbin/ypldap/ypldap.conf.5 Wed Jan 13 01:49:35 2016 (r293801) > @@ -15,7 +15,7 @@ > .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF > .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. > .\" > -.Dd $Mdocdate: April 30 2012 $ > +.Dd $Mdocdate: January 13 2016 $ > .Dt YPLDAP.CONF 5 > .Os > .Sh NAME > @@ -155,6 +155,9 @@ Use the supplied LDAP filter to retrieve > .It Pa /etc/ypldap.conf > .Xr ypldap 8 > configuration file. > +.It Pa /usr/share/example/ypldap/ypldap.conf > +.Xr ypldap 8 > +configuration file example. > .El > .Sh SEE ALSO > .Xr ypbind 8 , >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAALwa8m1M-gX4MwaW1FYpS=q85NZy7GVnukSzzSEkDdsCxn0mA>