On Mon, Apr 08, 2013 at 03:44:31PM +0200, Pavel Březina wrote:
> On 04/04/2013 01:46 PM, Jakub Hrozek wrote:
> >Currently the default is the same as it used to. Shall I also change
> >the default? I know there are already people using the trusts out there,
> >so I didn't want to disrupt their environment.
>
> Man page nack.
>
> When %F makes sense only for subdomain_homedir, I think we should
> move the description there.
>
OK, I was deciding between the two as well.
> Also override_homedir in sssd-ad is missing %o, which I think is a
> mistake. Anyway, is there any particular reason why this option is
> described in sssd-ad?
It was specifically requested:
https://fedorahosted.org/sssd/ticket/1433
> If yes, we should create a shared file and
> include it instead of maintaining it on two placed.
>
> Otherwise is seems to be working.
New patches are attached. Patch #1 splits the override_homedir into an
include file and patch #2 adds the new option.
>From 079b7a1aa8fd6bb41ed03f3697e4de6b17988372 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Mon, 8 Apr 2013 22:53:57 +0200
Subject: [PATCH 1/2] Put the override_homedir into an included xml file
The description was duplicated on two places, leading to errors where
one was amended but the other was not.
---
src/man/include/override_homedir.xml | 54 ++++++++++++++++++++++
src/man/sssd-ad.5.xml | 88 +-----------------------------------
src/man/sssd.conf.5.xml | 55 +---------------------
3 files changed, 56 insertions(+), 141 deletions(-)
create mode 100644 src/man/include/override_homedir.xml
diff --git a/src/man/include/override_homedir.xml
b/src/man/include/override_homedir.xml
new file mode 100644
index
0000000000000000000000000000000000000000..773d0b6616858ab5c0139033255bc60076857651
--- /dev/null
+++ b/src/man/include/override_homedir.xml
@@ -0,0 +1,54 @@
+<varlistentry>
+<term>override_homedir (string)</term>
+<listitem>
+ <para>
+ Override the user's home directory. You
+ can either provide an absolute value or a
+ template. In the template, the following
+ sequences are substituted:
+ <variablelist>
+ <varlistentry>
+ <term>%u</term>
+ <listitem><para>login name</para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>%U</term>
+ <listitem><para>UID number</para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>%d</term>
+ <listitem><para>domain name</para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>%f</term>
+ <listitem><para>fully qualified user name
(user@domain)</para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>%o</term>
+ <listitem><para>
+ The original home directory retrieved
+ from the identity provider.
+ </para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>%%</term>
+ <listitem><para>a literal '%'</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </para>
+ <para>
+ This option can also be set per-domain.
+ </para>
+ <para>
+ example:
+ <programlisting>
+override_homedir = /home/%u
+ </programlisting>
+ </para>
+ <para>
+ Default: Not set (SSSD will use the value
+ retrieved from LDAP)
+ </para>
+</listitem>
+</varlistentry>
diff --git a/src/man/sssd-ad.5.xml b/src/man/sssd-ad.5.xml
index
a628e0d662fbdf5e01eab3808550e680d29795b6..6ab133d5204fb2adcb65bafb33e8242a5afcaa70
100644
--- a/src/man/sssd-ad.5.xml
+++ b/src/man/sssd-ad.5.xml
@@ -128,93 +128,7 @@ ldap_id_mapping = False
</listitem>
</varlistentry>
- <varlistentry>
- <term>override_homedir (string)</term>
- <listitem>
- <para>
- Override the user's home directory. You
- can either provide an absolute value or a
- template. In the template, the following
- sequences are substituted:
- <variablelist>
- <varlistentry>
- <term>%u</term>
- <listitem><para>login
name</para></listitem>
- </varlistentry>
- <varlistentry>
- <term>%U</term>
- <listitem><para>UID
number</para></listitem>
- </varlistentry>
- <varlistentry>
- <term>%d</term>
- <listitem><para>domain
name</para></listitem>
- </varlistentry>
- <varlistentry>
- <term>%f</term>
- <listitem><para>fully qualified user name
(user@domain)</para></listitem>
- </varlistentry>
- <varlistentry>
- <term>%%</term>
- <listitem><para>a literal '%'</para>
- </listitem>
- </varlistentry>
- </variablelist>
- </para>
- <para>
- This option can also be set per-domain.
- </para>
- <para>
- example:
- <programlisting>
-override_homedir = /home/%u
- </programlisting>
- </para>
- <para>
- Default: Not set (SSSD will use the value
- retrieved from LDAP)
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>fallback_homedir (string)</term>
- <listitem>
- <para>
- Set a default template for a user's home directory
- if one is not specified explicitly by the domain's
- data provider.
- </para>
- <para>
- The available values for this option are the same
- as for override_homedir.
- </para>
- <para>
- example:
- <programlisting>
-fallback_homedir = /home/%u
- </programlisting>
- </para>
- <para>
- Default: not set (no substitution for unset home
- directories)
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>default_shell</term>
- <listitem>
- <para>
- The default shell to use if the provider does not
- return one during lookup. This option supersedes
- any other shell options if it takes effect and can
- be set either in the [nss] section or per-domain.
- </para>
- <para>
- Default: not set (Return NULL if no shell is
- specified and rely on libc to substitute something
- sensible when necessary, usually /bin/sh)
- </para>
- </listitem>
- </varlistentry>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude";
href="include/override_homedir.xml" />
</variablelist>
</para>
</refsect1>
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
index
373a504d835bf13c48c676dcbd6269a0adad189c..7bcccee84f4a58a6845b99337f6a645cccfb3d65
100644
--- a/src/man/sssd.conf.5.xml
+++ b/src/man/sssd.conf.5.xml
@@ -442,60 +442,7 @@
</para>
</listitem>
</varlistentry>
- <varlistentry>
- <term>override_homedir (string)</term>
- <listitem>
- <para>
- Override the user's home directory. You
- can either provide an absolute value or a
- template. In the template, the following
- sequences are substituted:
- <variablelist>
- <varlistentry>
- <term>%u</term>
- <listitem><para>login
name</para></listitem>
- </varlistentry>
- <varlistentry>
- <term>%U</term>
- <listitem><para>UID
number</para></listitem>
- </varlistentry>
- <varlistentry>
- <term>%d</term>
- <listitem><para>domain
name</para></listitem>
- </varlistentry>
- <varlistentry>
- <term>%f</term>
- <listitem><para>fully qualified user name
(user@domain)</para></listitem>
- </varlistentry>
- <varlistentry>
- <term>%o</term>
- <listitem><para>
- The original home directory retrieved
- from the identity provider.
- </para></listitem>
- </varlistentry>
- <varlistentry>
- <term>%%</term>
- <listitem><para>a literal '%'</para>
- </listitem>
- </varlistentry>
- </variablelist>
- </para>
- <para>
- This option can also be set per-domain.
- </para>
- <para>
- example:
- <programlisting>
-override_homedir = /home/%u
- </programlisting>
- </para>
- <para>
- Default: Not set (SSSD will use the value
- retrieved from LDAP)
- </para>
- </listitem>
- </varlistentry>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude";
href="include/override_homedir.xml" />
<varlistentry>
<term>fallback_homedir (string)</term>
<listitem>
--
1.8.1.4
>From 8df03b946a8fe95e7a47071f3ea35518f97acfdc Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Thu, 4 Apr 2013 13:03:23 +0200
Subject: [PATCH 2/2] Allow using flatname for subdomain home dir template
https://fedorahosted.org/sssd/ticket/1609
---
src/man/sssd.conf.5.xml | 10 +++++++++-
src/providers/ipa/ipa_s2n_exop.c | 3 ++-
src/responder/nss/nsssrv_cmd.c | 10 ++++++----
src/responder/pac/pacsrv_utils.c | 2 +-
src/util/sss_nss.c | 14 +++++++++++++-
src/util/sss_nss.h | 3 ++-
6 files changed, 33 insertions(+), 9 deletions(-)
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
index
7bcccee84f4a58a6845b99337f6a645cccfb3d65..6a1292c6c8b9ed2c0550971b2969ff71431b5701
100644
--- a/src/man/sssd.conf.5.xml
+++ b/src/man/sssd.conf.5.xml
@@ -1638,7 +1638,15 @@ override_homedir = /home/%u
<para>
Use this homedir as default value for all
subdomains
within this domain. See
<emphasis>override_homedir</emphasis>
- for info about possible values.
+ for info about possible values. In addition to
those, the
+ expansion below can only be used with
+ <emphasis>subdomain_homedir</emphasis>.
+ <variablelist>
+ <varlistentry>
+ <term>%F</term>
+ <listitem><para>flat (NetBIOS) name of a
subdomain.</para></listitem>
+ </varlistentry>
+ </variablelist>
</para>
<para>
The value can be overridden by
diff --git a/src/providers/ipa/ipa_s2n_exop.c b/src/providers/ipa/ipa_s2n_exop.c
index
7e5d0c1436d9cd44d028ca6cc1ddef55eb9ded3e..64ee77528c3bbf6b8692f547e246998970c64b65
100644
--- a/src/providers/ipa/ipa_s2n_exop.c
+++ b/src/providers/ipa/ipa_s2n_exop.c
@@ -624,7 +624,8 @@ static void ipa_s2n_get_user_done(struct tevent_req *subreq)
attrs->a.user.pw_name,
attrs->a.user.pw_uid,
NULL,
- state->dom->name);
+ state->dom->name,
+ state->dom->flat_name);
if (homedir == NULL) {
ret = ENOMEM;
goto done;
diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c
index
c391ed532d326cd66584164e515fe89ed8d172e5..df7255bb0607534344ac4c3897958b6de44ef0a1
100644
--- a/src/responder/nss/nsssrv_cmd.c
+++ b/src/responder/nss/nsssrv_cmd.c
@@ -183,10 +183,10 @@ static const char *get_homedir_override(TALLOC_CTX
*mem_ctx,
*/
if (dom->override_homedir) {
return expand_homedir_template(mem_ctx, dom->override_homedir,
- name, uid, homedir, dom->name);
+ name, uid, homedir, dom->name, NULL);
} else if (nctx->override_homedir) {
return expand_homedir_template(mem_ctx, nctx->override_homedir,
- name, uid, homedir, dom->name);
+ name, uid, homedir, dom->name, NULL);
}
if (!homedir || *homedir == '\0') {
@@ -195,10 +195,12 @@ static const char *get_homedir_override(TALLOC_CTX
*mem_ctx,
*/
if (dom->fallback_homedir) {
return expand_homedir_template(mem_ctx, dom->fallback_homedir,
- name, uid, homedir, dom->name);
+ name, uid, homedir,
+ dom->name, NULL);
} else if (nctx->fallback_homedir) {
return expand_homedir_template(mem_ctx, nctx->fallback_homedir,
- name, uid, homedir, dom->name);
+ name, uid, homedir,
+ dom->name, NULL);
}
}
diff --git a/src/responder/pac/pacsrv_utils.c b/src/responder/pac/pacsrv_utils.c
index
824daa62541b72f9bc319100d91d3aa6e4714fcf..c868b1078840598236228878546e3e91a734ebb3
100644
--- a/src/responder/pac/pacsrv_utils.c
+++ b/src/responder/pac/pacsrv_utils.c
@@ -796,7 +796,7 @@ errno_t get_pwd_from_pac(TALLOC_CTX *mem_ctx,
if (dom->subdomain_homedir) {
pwd->pw_dir = expand_homedir_template(pwd, dom->subdomain_homedir,
lname, pwd->pw_uid, NULL,
- dom->name);
+ dom->name, dom->flat_name);
if (pwd->pw_dir == NULL) {
ret = ENOMEM;
goto done;
diff --git a/src/util/sss_nss.c b/src/util/sss_nss.c
index
ac36a9ba6e03984ceefd32fb598f6373462b5b43..2b7338329f668d4893b204d7cc282ab4e29ac886
100644
--- a/src/util/sss_nss.c
+++ b/src/util/sss_nss.c
@@ -24,7 +24,8 @@
char *expand_homedir_template(TALLOC_CTX *mem_ctx, const char *template,
const char *username, uint32_t uid,
- const char *original, const char *domain)
+ const char *original, const char *domain,
+ const char *flatname)
{
char *copy;
char *p;
@@ -105,6 +106,7 @@ char *expand_homedir_template(TALLOC_CTX *mem_ctx, const
char *template,
result = talloc_asprintf_append(result, "%s%s@%s", p,
username, domain);
break;
+
case 'o':
if (original == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE,
@@ -117,6 +119,16 @@ char *expand_homedir_template(TALLOC_CTX *mem_ctx, const
char *template,
result = talloc_asprintf_append(result, "%s%s", p, orig);
break;
+ case 'F':
+ if (flatname == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("Cannot expand domain name "
+ "template because domain flat "
+ "name is empty.\n"));
+ goto done;
+ }
+ result = talloc_asprintf_append(result, "%s%s", p, flatname);
+ break;
+
case '%':
result = talloc_asprintf_append(result, "%s%%", p);
break;
diff --git a/src/util/sss_nss.h b/src/util/sss_nss.h
index
0520035fd8dfc4479e8430b1716a33010d102065..6dcdbaef376ffb6cc45733ce6af8aeceaabe05bb
100644
--- a/src/util/sss_nss.h
+++ b/src/util/sss_nss.h
@@ -27,5 +27,6 @@
char *expand_homedir_template(TALLOC_CTX *mem_ctx, const char *template,
const char *username, uint32_t uid,
- const char *original, const char *domain);
+ const char *original, const char *domain,
+ const char *flatname);
#endif
--
1.8.1.4
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
