From owner-freebsd-ports@FreeBSD.ORG Tue Jul 15 13:49:55 2003 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 97B1137B401 for ; Tue, 15 Jul 2003 13:49:55 -0700 (PDT) Received: from gw.celabo.org (gw.celabo.org [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id A5F1243F3F for ; Tue, 15 Jul 2003 13:49:54 -0700 (PDT) (envelope-from nectar@celabo.org) Received: from madman.celabo.org (madman.celabo.org [10.0.1.111]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "madman.celabo.org", Issuer "celabo.org CA" (verified OK)) by gw.celabo.org (Postfix) with ESMTP id 0D9D154846; Tue, 15 Jul 2003 15:49:54 -0500 (CDT) Received: by madman.celabo.org (Postfix, from userid 1001) id 94EE26FBF8; Tue, 15 Jul 2003 15:49:53 -0500 (CDT) Date: Tue, 15 Jul 2003 15:49:53 -0500 From: "Jacques A. Vidrine" To: Jean-Baptiste Quenot Message-ID: <20030715204952.GE86657@madman.celabo.org> References: <20030710110751.GA6966@watt.intra.caraldi.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030710110751.GA6966@watt.intra.caraldi.com> X-Url: http://www.celabo.org/ User-Agent: Mutt/1.5.4i-ja.1 cc: ports@freebsd.org Subject: Re: Patch port nss_ldap's Makefile for ldap.conf location X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2003 20:49:55 -0000 On Thu, Jul 10, 2003 at 01:07:53PM +0200, Jean-Baptiste Quenot wrote: > Please find below a patch that fixes the location of ldap.conf to > reflect the location specified by the associated port pam_ldap. The > config file should be $(PREFIX)/etc/ldap.conf, not /etc/ldap.conf. > > -----------------------------------8<----------------------------------- > --- Makefile.orig Wed Jul 9 17:59:19 2003 > +++ Makefile Wed Jul 9 17:58:50 2003 > @@ -25,6 +25,9 @@ > CONFIGURE_ENV= CPPFLAGS="-I${LOCALBASE}/include" \ > LDFLAGS="-L${LOCALBASE}/lib -Wl,-rpath,${LOCALBASE}/lib" > > +CONFIGURE_ARGS= --with-ldap-conf-file=${PREFIX}/etc/ldap.conf \ > + --with-ldap-secret-file=${PREFIX}/etc/ldap.secret > + > post-extract: > ${CP} ${FILESDIR}/bsdnss.c ${WRKSRC} > -----------------------------------8<----------------------------------- > > I've been struggling for hours trying to make nss_ldap work on FreeBSD > 5.1 Release, and it was just that damn' file. Heh, sorry. I remember scratching my head about the default location myself, but it never occurred to me to do something about it :-) I agree that it should be under ${PREFIX}, and the location mentioned at install time. I wonder if additionally it should be named something specific to this port ... I wouldn't want the configuration file to clash with some other use of OpenLDAP. Perhaps ${PREFIX}/etc/nss_ldap.conf and ${PREFIX}/etc/nss_ldap.secret? > BTW, it was not clear for > me before, but pam_ldap is only used for authentication. Without > nss_ldap, pam_ldap is pretty useless, ie it requires user entries in the > local password file. Yep, PAM just does authentication, not directory services. You don't even have to use pam_ldap in conjunction with nss_ldap... you could use e.g. pam_krb5 instead for stronger authentication. > Thank you, and keep up the good work! Cheers! -- Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se