Re: svn commit: r293801 - in head: . etc share/examples/ypldap usr.sbin/ypldap
On Jan 13, 2016 2:49 AM, "Marcelo Araujo"wrote: > > Author: araujo > Date: Wed Jan 13 01:49:35 2016 > New Revision: 293801 > URL: https://svnweb.freebsd.org/changeset/base/293801 > > Log: > ypldap(8) is a feature ready to be used to translate nis(8) database to ldap(3). > > This commit, fix a core dump on ypldap(8) related with memory allocation. > Also an example of how to set the ypldap.conf(5) properly is added to > examples files. > > A new user _ypldap is required to be able to run ypldap(8) as well as > in a chroot mode. > > Reviewed by: rodrigc (mentor), bjk > Approved by: bapt (mentor) > Relnotes: Yes > Sponsored by: gandi.net > Differential Revision:https://reviews.freebsd.org/D4744 > Hi, Uid 93 is already used in the ports tree by jabber. (/usr/ports/UIDs) Cheers, Antoine > Added: > head/share/examples/ypldap/ > head/share/examples/ypldap/ypldap.conf (contents, props changed) > Modified: > head/UPDATING > head/etc/master.passwd > head/usr.sbin/ypldap/yp.c > head/usr.sbin/ypldap/ypldap.conf.5 > > Modified: head/UPDATING > == > --- head/UPDATING Wed Jan 13 01:32:04 2016(r293800) > +++ head/UPDATING Wed Jan 13 01:49:35 2016(r293801) > @@ -31,6 +31,11 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 11 > disable the most expensive debugging functionality run > "ln -s 'abort:false,junk:false' /etc/malloc.conf".) > > +20160113: > + With the addition of ypldap(8), a new _ypldap user is now required > + during installworld. "mergemaster -p" can be used to add the user > + prior to installworld, as documented in the handbook. > + > 20151216: > The tftp loader (pxeboot) now uses the option root-path directive. As a > consequence it no longer looks for a pxeboot.4th file on the tftp > > Modified: head/etc/master.passwd > == > --- head/etc/master.passwd Wed Jan 13 01:32:04 2016(r293800) > +++ head/etc/master.passwd Wed Jan 13 01:49:35 2016(r293801) > @@ -22,5 +22,6 @@ uucp:*:66:66::0:0:UUCP pseudo-user:/var/ > pop:*:68:6::0:0:Post Office Owner:/nonexistent:/usr/sbin/nologin > auditdistd:*:78:77::0:0:Auditdistd unprivileged user:/var/empty:/usr/sbin/nologin > www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/usr/sbin/nologin > +_ypldap:*:93:93::0:0:YP Ldap unprivileged user:/var/empty:/usr/sbin/nologin > hast:*:845:845::0:0:HAST unprivileged user:/var/empty:/usr/sbin/nologin > nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin > > Added: head/share/examples/ypldap/ypldap.conf > == > --- /dev/null 00:00:00 1970 (empty, because file is newly added) > +++ head/share/examples/ypldap/ypldap.conf Wed Jan 13 01:49:35 2016 (r293801) > @@ -0,0 +1,40 @@ > +$FreeBSD$ > +domain "freebsd.org" > +interval 60 > +provide map"passwd.byname" > +provide map"passwd.byuid" > +provide map"group.byname" > +provide map"group.bygid" > +provide map"netid.byname" > + > +directory "127.0.0.1" { > + # directory options > + binddn "cn=ldap,dc=freebsd,dc=org" > + bindcred "secret" > + basedn "dc=freebsd.,dc=org" > + # starting point for groups directory search, default to basedn > + groupdn "ou=Groups,dc=freebsd,dc=org" > + > + # passwd maps configuration (RFC 2307 posixAccount object class) > + passwd filter "(objectClass=posixAccount)" > + > + attribute name maps to "uid" > + fixed attribute passwd "*" > + attribute uid maps to "uidNumber" > + attribute gid maps to "gidNumber" > + attribute gecos maps to "cn" > + attribute home maps to "homeDirectory" > + attribute shell maps to "loginShell" > + fixed attribute change "0" > + fixed attribute expire "0" > + fixed attribute class "" > + > + # group maps configuration (RFC 2307 posixGroup object class) > + group filter "(objectClass=posixGroup)" > + > + attribute groupname maps to "cn" > + fixed attribute grouppasswd "*" > + attribute groupgid maps to "gidNumber" > + # memberUid returns multiple group members > + list groupmembers maps to "memberUid" > +} > > Modified: head/usr.sbin/ypldap/yp.c > == > --- head/usr.sbin/ypldap/yp.c Wed Jan 13 01:32:04 2016(r293800) > +++ head/usr.sbin/ypldap/yp.c Wed Jan 13 01:49:35 2016(r293801) > @@ -83,10 +83,10 @@ void > yp_enable_events(void) > { > int i; > - extern fd_set svc_fdset; > + extern fd_set svc_fdset; > struct yp_event *ye; > > - for (i = 0; i < getdtablesize(); i++) { > + for (i =
Re: svn commit: r293801 - in head: . etc share/examples/ypldap usr.sbin/ypldap
Thanks to point it out! I have sent a patch for review and approve. Best, 2016-01-24 21:58 GMT+08:00 Antoine Brodin: > > On Jan 13, 2016 2:49 AM, "Marcelo Araujo" wrote: > > > > Author: araujo > > Date: Wed Jan 13 01:49:35 2016 > > New Revision: 293801 > > URL: https://svnweb.freebsd.org/changeset/base/293801 > > > > Log: > > ypldap(8) is a feature ready to be used to translate nis(8) database > to ldap(3). > > > > This commit, fix a core dump on ypldap(8) related with memory > allocation. > > Also an example of how to set the ypldap.conf(5) properly is added to > > examples files. > > > > A new user _ypldap is required to be able to run ypldap(8) as well as > > in a chroot mode. > > > > Reviewed by: rodrigc (mentor), bjk > > Approved by: bapt (mentor) > > Relnotes: Yes > > Sponsored by: gandi.net > > Differential Revision:https://reviews.freebsd.org/D4744 > > > > Hi, > > Uid 93 is already used in the ports tree by jabber. (/usr/ports/UIDs) > > Cheers, > > Antoine > > > Added: > > head/share/examples/ypldap/ > > head/share/examples/ypldap/ypldap.conf (contents, props changed) > > Modified: > > head/UPDATING > > head/etc/master.passwd > > head/usr.sbin/ypldap/yp.c > > head/usr.sbin/ypldap/ypldap.conf.5 > > > > Modified: head/UPDATING > > > == > > --- head/UPDATING Wed Jan 13 01:32:04 2016(r293800) > > +++ head/UPDATING Wed Jan 13 01:49:35 2016(r293801) > > @@ -31,6 +31,11 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 11 > > disable the most expensive debugging functionality run > > "ln -s 'abort:false,junk:false' /etc/malloc.conf".) > > > > +20160113: > > + With the addition of ypldap(8), a new _ypldap user is now > required > > + during installworld. "mergemaster -p" can be used to add the user > > + prior to installworld, as documented in the handbook. > > + > > 20151216: > > The tftp loader (pxeboot) now uses the option root-path > directive. As a > > consequence it no longer looks for a pxeboot.4th file on the tftp > > > > Modified: head/etc/master.passwd > > > == > > --- head/etc/master.passwd Wed Jan 13 01:32:04 2016(r293800) > > +++ head/etc/master.passwd Wed Jan 13 01:49:35 2016(r293801) > > @@ -22,5 +22,6 @@ uucp:*:66:66::0:0:UUCP pseudo-user:/var/ > > pop:*:68:6::0:0:Post Office Owner:/nonexistent:/usr/sbin/nologin > > auditdistd:*:78:77::0:0:Auditdistd unprivileged > user:/var/empty:/usr/sbin/nologin > > www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/usr/sbin/nologin > > +_ypldap:*:93:93::0:0:YP Ldap unprivileged > user:/var/empty:/usr/sbin/nologin > > hast:*:845:845::0:0:HAST unprivileged user:/var/empty:/usr/sbin/nologin > > nobody:*:65534:65534::0:0:Unprivileged > user:/nonexistent:/usr/sbin/nologin > > > > Added: head/share/examples/ypldap/ypldap.conf > > > == > > --- /dev/null 00:00:00 1970 (empty, because file is newly added) > > +++ head/share/examples/ypldap/ypldap.conf Wed Jan 13 01:49:35 > 2016(r293801) > > @@ -0,0 +1,40 @@ > > +$FreeBSD$ > > +domain "freebsd.org" > > +interval 60 > > +provide map"passwd.byname" > > +provide map"passwd.byuid" > > +provide map"group.byname" > > +provide map"group.bygid" > > +provide map"netid.byname" > > + > > +directory "127.0.0.1" { > > + # directory options > > + binddn "cn=ldap,dc=freebsd,dc=org" > > + bindcred "secret" > > + basedn "dc=freebsd.,dc=org" > > + # starting point for groups directory search, default to basedn > > + groupdn "ou=Groups,dc=freebsd,dc=org" > > + > > + # passwd maps configuration (RFC 2307 posixAccount object class) > > + passwd filter "(objectClass=posixAccount)" > > + > > + attribute name maps to "uid" > > + fixed attribute passwd "*" > > + attribute uid maps to "uidNumber" > > + attribute gid maps to "gidNumber" > > + attribute gecos maps to "cn" > > + attribute home maps to "homeDirectory" > > + attribute shell maps to "loginShell" > > + fixed attribute change "0" > > + fixed attribute expire "0" > > + fixed attribute class "" > > + > > + # group maps configuration (RFC 2307 posixGroup object class) > > + group filter "(objectClass=posixGroup)" > > + > > + attribute groupname maps to "cn" > > + fixed attribute grouppasswd "*" > > + attribute groupgid maps to "gidNumber" > > + # memberUid returns multiple group members > > + list groupmembers maps to "memberUid" > > +} > > > > Modified: head/usr.sbin/ypldap/yp.c > > > == >