~ubuntu-branches/ubuntu/utopic/nss-pam-ldapd/utopic-proposed

« back to all changes in this revision

Viewing changes to debian/nslcd.config

Committer: Package Import Robot
Author(s): Arthur de Jong
Date: 2011-12-31 13:30:00 UTC
Revision ID: package-import@ubuntu.com-20111231133000-c2lpa27xp5s6q481

Tags: 0.8.5

http://bugs.debian.org/640781

http://bugs.debian.org/640623

http://bugs.debian.org/641619

http://bugs.debian.org/642347

http://bugs.debian.org/641820

http://bugs.debian.org/644892

http://bugs.debian.org/645599

* support larger gecos values (closes: #640781)
* updated Swedish debconf translation by Martin Bagge (closes: #640623)
* consistently handle whitespace in configuration file during package
  configuration (thanks Nick) (closes: #641619)
* add a versioned dependency on libpam0g to ensure the PAM libraries are
  multiarch-aware
* in debconf, treat the "hard" value for tls_reqcert as if it was "demand"
  (closes: #642347)
* reduce loglevel of user not found messages to avoid spamming the logs
  with useless information (thanks Wakko Warner) (closes: #641820)
* other logging improvements
* keep nslcd running during package upgrades (closes: #644892)
* explicitly parse numbers as base 10 (thanks Jakub Hrozek)
* implement FreeBSD group membership NSS function (thanks Tom Judge)
* fix an issue where changes in /etc/nsswitch.conf were not correctly
  picked up and could lead to lookups being disabled on upgrade
  (closes: #645599)
* fix an issue with detecting the uid of the calling process and log
  denied shadow requests in debug mode
* fix a typo in the disconnect logic code (thanks Martin Poole)
* enable hardening options during build
* implement configuration file handling in pynslcd and other pynslcd
  improvements (pynslcd is not in a Debian package yet)
* update debian/copyright

files modified:
AUTHORS

ChangeLog

Makefile.in

NEWS

TODO

common/Makefile.in

compat/Makefile.in

configure

configure.ac

debian/changelog

debian/control

debian/copyright

debian/libnss-ldapd.config

debian/libnss-ldapd.postrm

debian/nslcd.config

debian/nslcd.init

debian/nslcd.postinst

debian/po/sv.po

debian/rules

m4/ax_pthread.m4

man/Makefile.in

man/nslcd.8

man/nslcd.8.xml

man/nslcd.conf.5

man/nslcd.conf.5.xml

man/pam_ldap.8

man/pam_ldap.8.xml

nslcd/Makefile.in

nslcd/alias.c

nslcd/attmap.c

nslcd/cfg.c

nslcd/common.c

nslcd/common.h

nslcd/ether.c

nslcd/group.c

nslcd/host.c

nslcd/myldap.c

nslcd/netgroup.c

nslcd/network.c

nslcd/nslcd.c

nslcd/nsswitch.c

nslcd/pam.c

nslcd/passwd.c

nslcd/protocol.c

nslcd/rpc.c

nslcd/service.c

nslcd/shadow.c

nss/Makefile.in

nss/bsdnss.c

pam/Makefile.in

pynslcd/Makefile.in

pynslcd/alias.py

pynslcd/cfg.py

pynslcd/common.py

pynslcd/config.py.in

pynslcd/ether.py

pynslcd/group.py

pynslcd/host.py

pynslcd/netgroup.py

pynslcd/network.py

pynslcd/pam.py

pynslcd/passwd.py

pynslcd/pynslcd.py

pynslcd/shadow.py

pynslcd/tio.py

tests/Makefile.in

Show diffs side-by-side

added added

removed removed

debian/nslcd.config

# read a configuration value from the specified file

# (it takes care in not overwriting a previously written value)

# (it takes care in not overwriting a previously written debconf value)

read_config()

{

debconf_param="$1"

# overwrite debconf value if different from config file

db_get "$debconf_param"

debconf_value="$RET"

cfgfile_value=`sed -n 's/^'"$cfg_param"'[[:space:]]*$[^[:space:]].*[^[:space:]]$[[:space:]]*$/\1/ip' "$cfgfile" | tail -n 1`

cfgfile_value=`sed -n 's/^'"$cfg_param"'[[:space:]]*$[^[:space:]].*[^[:space:]]$[[:space:]]*$/\1/ip' "$cfgfile" | head -n 1`

[ -n "$cfgfile_value" ] && [ "$debconf_value" != "$cfgfile_value" ] && db_set "$debconf_param" "$cfgfile_value"

# we're done

return 0

domain=`hostname --domain` || true

[ -z "$domain" ] && domain=`hostname --nis | grep '\.'` || true

[ -z "$domain" ] && domain=`hostname --fqdn | sed -n 's/^[^.]*\.//p'` || true

[ -z "$domain" ] && domain=`sed -n 's/^ *$domain\|search$ *$[^ ]*$ *$/\2/p' /etc/resolv.conf | head -n 1` || true

[ -z "$domain" ] && domain=`sed -n 's/^[[:space:]]*$domain\|search$[[:space:]]*$[^[:space:]]*$[[:space:]]*$/\2/p' /etc/resolv.conf | tail -n 1` || true

echo "$domain"

}

# try to lookup _ldap._tcp SRV records

if [ -n "$domain" ]

then

server=`host -N 2 -t SRV _ldap._tcp.$domain 2> /dev/null | grep -v NXDOMAIN | awk '{print $NF}' | head -1 | sed 's/\.$//'` || true

server=`host -N 2 -t SRV _ldap._tcp.$domain 2> /dev/null | grep -v NXDOMAIN | awk '{print $NF}' | head -n 1 | sed 's/\.$//'` || true

if [ -n "$server" ]

then

echo "ldap://$server/"

159

if [ -z "$uris" ]

160

then

161

hosts=`sed -n 's/^host[[:space:]]*//ip' "$cfgfile"`

162

port=`sed -n 's/^port[[:space:]]*//ip' "$cfgfile" | tail -n 1`

162

port=`sed -n 's/^port[[:space:]]*//ip' "$cfgfile" | head -n 1`

163

for host in $hosts

164

165

if [ -z "$port" ] || (echo "$host" | grep -q ':' )

198

db_get nslcd/ldap-reqcert

199

if [ -z "$RET" ]

200

then

201

reqcert=`sed -n 's/^tls_$reqcert\|checkpeer$[[:space:]]*$[^[:space:]]*$[[:space:]]*$/\2/ip' "$cfgfile" | tail -n 1`

201

reqcert=`sed -n 's/^tls_$reqcert\|checkpeer$[[:space:]]*$[^[:space:]]*$[[:space:]]*$/\2/ip' "$cfgfile" | head -n 1`

202

# normalise value

203

reqcert=`echo "$reqcert" | tr 'A-Z' 'a-z' | sed 's/^no$/never/;s/^yes$/demand/'`

203

reqcert=`echo "$reqcert" | tr 'A-Z' 'a-z' | sed 's/^no$/never/;s/^yes$/demand/;s/^hard$/demand/'`

204

[ -n "$reqcert" ] && db_set nslcd/ldap-reqcert "$reqcert"

205

206

# we're done

Older »