On 12/14/2015 10:43 AM, Jakub Hrozek wrote:
On Mon, Dec 07, 2015 at 11:46:38AM +0100, Pavel Březina wrote:
On 12/04/2015 03:51 PM, Jakub Hrozek wrote:
On Thu, Dec 03, 2015 at 12:45:55PM +0100, Pavel Březina wrote:
On 12/03/2015 11:48 AM, Jakub Hrozek wrote:
On Wed, Dec 02, 2015 at 11:58:55AM +0100, Pavel Březina wrote:
This solves situation where you want to use those globals on other place
than in *_common.c.
I also created https://fedorahosted.org/sssd/ticket/2890 so we can avoid
order-dependency on header files such as sysdb_services.h which I had to fix
for AD patch.
Looks like tests failed:
http://sssd-ci.duckdns.org/logs/job/34/17/fedora20/ci-build-debug/ci-make-tests.log
I forgot to run tests... new patches are attached.
Thanks, the patches now build. I have two questions:
1) Since we're moving code around anymore, would it make sense to
also move the enums with option indexes to opts.h? I find it a bit
odd they are in common.h
Yes, this would be nice.
after an IRC discussion this turned out to be a bit more work than
expected, so we can postpone until later..
However, please also change krb5_opts.h in the same way..
Attached.
From f6de6413103b6c63c860ca5795fa7d52352d9249 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrez...@redhat.com>
Date: Wed, 2 Dec 2015 11:27:18 +0100
Subject: [PATCH 01/16] LDAP: Mark globals in ldap_opts.h as extern
To avoid collisions when we want to work with them elsewhere in the code.
---
Makefile.am | 5 +
src/providers/ldap/{ldap_opts.h => ldap_opts.c} | 5 -
src/providers/ldap/ldap_opts.h | 347 ++----------------------
3 files changed, 22 insertions(+), 335 deletions(-)
copy src/providers/ldap/{ldap_opts.h => ldap_opts.c} (99%)
diff --git a/Makefile.am b/Makefile.am
index 23d4ae38e78baf795f8bbecb3e50e5473ba0d709..c15f55840f5a8f9e98f137cde688ad6cd62abdfb 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1652,6 +1652,7 @@ ipa_ldap_opt_tests_SOURCES = \
src/providers/ldap/sdap.c \
src/providers/ldap/sdap_range.c \
src/providers/ldap/sdap_domain.c \
+ src/providers/ldap/ldap_opts.c \
src/util/sss_ldap.c \
src/tests/ipa_ldap_opt-tests.c
ipa_ldap_opt_tests_CFLAGS = \
@@ -1666,6 +1667,7 @@ ipa_ldap_opt_tests_LDADD = \
libsss_test_common.la
ad_ldap_opt_tests_SOURCES = \
+ src/providers/ldap/ldap_opts.c \
src/tests/ad_ldap_opt-tests.c
ad_ldap_opt_tests_CFLAGS = \
$(AM_CFLAGS) \
@@ -1864,6 +1866,7 @@ TEST_MOCK_RESP_OBJ = \
TEST_MOCK_PROVIDER_OBJ = \
src/util/sss_ldap.c \
src/providers/data_provider_opts.c \
+ src/providers/ldap/ldap_opts.c \
src/providers/ldap/ldap_options.c \
src/providers/ldap/sdap_domain.c \
src/providers/ldap/sdap.c \
@@ -2244,6 +2247,7 @@ sdap_tests_SOURCES = \
src/providers/ldap/sdap_domain.c \
src/providers/ldap/sdap.c \
src/providers/ldap/sdap_range.c \
+ src/providers/ldap/ldap_opts.c \
src/util/sss_ldap.c \
src/tests/cmocka/test_sdap.c \
$(NULL)
@@ -2795,6 +2799,7 @@ libsss_ldap_common_la_SOURCES = \
src/providers/ldap/ldap_auth.c \
src/providers/ldap/ldap_common.c \
src/providers/ldap/ldap_options.c \
+ src/providers/ldap/ldap_opts.c \
src/providers/ldap/sdap_access.c \
src/providers/ldap/sdap_async.c \
src/providers/ldap/sdap_async_users.c \
diff --git a/src/providers/ldap/ldap_opts.h b/src/providers/ldap/ldap_opts.c
similarity index 99%
copy from src/providers/ldap/ldap_opts.h
copy to src/providers/ldap/ldap_opts.c
index 9f58db5bd9eef1391e97c1890cbff94c2a5406d6..54926c6c31b1b6edfc1f07b22e79225c5fdddf5b 100644
--- a/src/providers/ldap/ldap_opts.h
+++ b/src/providers/ldap/ldap_opts.c
@@ -20,9 +20,6 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef LDAP_OPTS_H_
-#define LDAP_OPTS_H_
-
#include "src/providers/data_provider.h"
#include "db/sysdb.h"
#include "db/sysdb_sudo.h"
@@ -372,5 +369,3 @@ struct sdap_attr_map rfc2307bis_autofs_entry_map[] = {
{ "ldap_autofs_entry_value", "automountInformation", SYSDB_AUTOFS_ENTRY_VALUE, NULL },
SDAP_ATTR_MAP_TERMINATOR
};
-
-#endif /* LDAP_OPTS_H_ */
diff --git a/src/providers/ldap/ldap_opts.h b/src/providers/ldap/ldap_opts.h
index 9f58db5bd9eef1391e97c1890cbff94c2a5406d6..ef09a024da3256e4b0409392ee861d3ba1c51efb 100644
--- a/src/providers/ldap/ldap_opts.h
+++ b/src/providers/ldap/ldap_opts.h
@@ -24,353 +24,40 @@
#define LDAP_OPTS_H_
#include "src/providers/data_provider.h"
-#include "db/sysdb.h"
-#include "db/sysdb_sudo.h"
-#include "db/sysdb_autofs.h"
-#include "db/sysdb_services.h"
#include "providers/ldap/ldap_common.h"
-struct dp_option default_basic_opts[] = {
- { "ldap_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_backup_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_default_bind_dn", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_default_authtok_type", DP_OPT_STRING, { "password" }, NULL_STRING},
- { "ldap_default_authtok", DP_OPT_BLOB, NULL_BLOB, NULL_BLOB },
- { "ldap_search_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER },
- { "ldap_network_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER },
- { "ldap_opt_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER },
- { "ldap_tls_reqcert", DP_OPT_STRING, { "hard" }, NULL_STRING },
- { "ldap_user_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_user_search_scope", DP_OPT_STRING, { "sub" }, NULL_STRING },
- { "ldap_user_search_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_user_extra_attrs", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_group_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_group_search_scope", DP_OPT_STRING, { "sub" }, NULL_STRING },
- { "ldap_group_search_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_service_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_sudo_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_sudo_full_refresh_interval", DP_OPT_NUMBER, { .number = 21600 }, NULL_NUMBER }, /* 360 mins */
- { "ldap_sudo_smart_refresh_interval", DP_OPT_NUMBER, { .number = 900 }, NULL_NUMBER }, /* 15 mins */
- { "ldap_sudo_use_host_filter", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "ldap_sudo_hostnames", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_sudo_ip", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_sudo_include_netgroups", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "ldap_sudo_include_regexp", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "ldap_autofs_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_autofs_map_master_name", DP_OPT_STRING, { "auto.master" }, NULL_STRING },
- { "ldap_schema", DP_OPT_STRING, { "rfc2307" }, NULL_STRING },
- { "ldap_offline_timeout", DP_OPT_NUMBER, { .number = 60 }, NULL_NUMBER },
- { "ldap_force_upper_case_realm", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_enumeration_refresh_timeout", DP_OPT_NUMBER, { .number = 300 }, NULL_NUMBER },
- { "ldap_purge_cache_timeout", DP_OPT_NUMBER, { .number = 0 }, NULL_NUMBER },
- { "ldap_tls_cacert", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_tls_cacertdir", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_tls_cert", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_tls_key", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_tls_cipher_suite", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_id_use_start_tls", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_id_mapping", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_sasl_mech", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_sasl_authid", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_sasl_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_sasl_minssf", DP_OPT_NUMBER, { .number = -1 }, NULL_NUMBER },
- { "ldap_krb5_keytab", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_krb5_init_creds", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- /* use the same parm name as the krb5 module so we set it only once */
- { "krb5_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_backup_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_canonicalize", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "krb5_use_kdcinfo", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "ldap_pwd_policy", DP_OPT_STRING, { "none" }, NULL_STRING },
- { "ldap_referrals", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "account_cache_expiration", DP_OPT_NUMBER, { .number = 0 }, NULL_NUMBER },
- { "ldap_dns_service_name", DP_OPT_STRING, { SSS_LDAP_SRV_NAME }, NULL_STRING },
- { "ldap_krb5_ticket_lifetime", DP_OPT_NUMBER, { .number = (24 * 60 * 60) }, NULL_NUMBER },
- { "ldap_access_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_netgroup_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_group_nesting_level", DP_OPT_NUMBER, { .number = 2 }, NULL_NUMBER },
- { "ldap_deref", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_account_expire_policy", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_access_order", DP_OPT_STRING, { "filter" }, NULL_STRING },
- { "ldap_chpass_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_chpass_backup_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_chpass_dns_service_name", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_chpass_update_last_change", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_enumeration_search_timeout", DP_OPT_NUMBER, { .number = 60 }, NULL_NUMBER },
- /* Do not include ldap_auth_disable_tls_never_use_in_production in the
- * manpages or SSSDConfig API
- */
- { "ldap_auth_disable_tls_never_use_in_production", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_page_size", DP_OPT_NUMBER, { .number = 1000 }, NULL_NUMBER },
- { "ldap_deref_threshold", DP_OPT_NUMBER, { .number = 10 }, NULL_NUMBER },
- { "ldap_sasl_canonicalize", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_connection_expire_timeout", DP_OPT_NUMBER, { .number = 900 }, NULL_NUMBER },
- { "ldap_disable_paging", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_idmap_range_min", DP_OPT_NUMBER, { .number = 200000 }, NULL_NUMBER },
- { "ldap_idmap_range_max", DP_OPT_NUMBER, { .number = 2000200000LL }, NULL_NUMBER },
- { "ldap_idmap_range_size", DP_OPT_NUMBER, { .number = 200000 }, NULL_NUMBER },
- { "ldap_idmap_autorid_compat", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_idmap_default_domain", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_idmap_default_domain_sid", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_groups_use_matching_rule_in_chain", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_initgroups_use_matching_rule_in_chain", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_use_tokengroups", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE},
- { "ldap_rfc2307_fallback_to_local_users", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_disable_range_retrieval", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_min_id", DP_OPT_NUMBER, NULL_NUMBER, NULL_NUMBER},
- { "ldap_max_id", DP_OPT_NUMBER, NULL_NUMBER, NULL_NUMBER},
- { "ldap_pwdlockout_dn", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "wildcard_limit", DP_OPT_NUMBER, { .number = 1000 }, NULL_NUMBER},
- DP_OPTION_TERMINATOR
-};
+extern struct dp_option default_basic_opts[];
-struct sdap_attr_map generic_attr_map[] = {
- { "ldap_entry_usn", NULL, SYSDB_USN, NULL },
- { "ldap_rootdse_last_usn", NULL, SYSDB_HIGH_USN, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map generic_attr_map[];
-struct sdap_attr_map gen_ipa_attr_map[] = {
- { "ldap_entry_usn", SDAP_IPA_USN, SYSDB_USN, NULL },
- { "ldap_rootdse_last_usn", SDAP_IPA_LAST_USN, SYSDB_HIGH_USN, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map gen_ipa_attr_map[];
-struct sdap_attr_map gen_ad_attr_map[] = {
- { "ldap_entry_usn", SDAP_AD_USN, SYSDB_USN, NULL },
- { "ldap_rootdse_last_usn", SDAP_AD_LAST_USN, SYSDB_HIGH_USN, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map gen_ad_attr_map[];
-struct sdap_attr_map rfc2307_user_map[] = {
- { "ldap_user_object_class", "posixAccount", SYSDB_USER_CLASS, NULL },
- { "ldap_user_name", "uid", SYSDB_NAME, NULL },
- { "ldap_user_pwd", "userPassword", SYSDB_PWD, NULL },
- { "ldap_user_uid_number", "uidNumber", SYSDB_UIDNUM, NULL },
- { "ldap_user_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
- { "ldap_user_gecos", "gecos", SYSDB_GECOS, NULL },
- { "ldap_user_home_directory", "homeDirectory", SYSDB_HOMEDIR, NULL },
- { "ldap_user_shell", "loginShell", SYSDB_SHELL, NULL },
- { "ldap_user_principal", "krbPrincipalName", SYSDB_UPN, NULL },
- { "ldap_user_fullname", "cn", SYSDB_FULLNAME, NULL },
- { "ldap_user_member_of", NULL, SYSDB_MEMBEROF, NULL },
- { "ldap_user_uuid", NULL, SYSDB_UUID, NULL },
- { "ldap_user_objectsid", NULL, SYSDB_SID, NULL },
- { "ldap_user_primary_group", NULL, SYSDB_PRIMARY_GROUP, NULL },
- { "ldap_user_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL },
- { "ldap_user_entry_usn", NULL, SYSDB_USN, NULL },
- { "ldap_user_shadow_last_change", "shadowLastChange", SYSDB_SHADOWPW_LASTCHANGE, NULL },
- { "ldap_user_shadow_min", "shadowMin", SYSDB_SHADOWPW_MIN, NULL },
- { "ldap_user_shadow_max", "shadowMax", SYSDB_SHADOWPW_MAX, NULL },
- { "ldap_user_shadow_warning", "shadowWarning", SYSDB_SHADOWPW_WARNING, NULL },
- { "ldap_user_shadow_inactive", "shadowInactive", SYSDB_SHADOWPW_INACTIVE, NULL },
- { "ldap_user_shadow_expire", "shadowExpire", SYSDB_SHADOWPW_EXPIRE, NULL },
- { "ldap_user_shadow_flag", "shadowFlag", SYSDB_SHADOWPW_FLAG, NULL },
- { "ldap_user_krb_last_pwd_change", "krbLastPwdChange", SYSDB_KRBPW_LASTCHANGE, NULL },
- { "ldap_user_krb_password_expiration", "krbPasswordExpiration", SYSDB_KRBPW_EXPIRATION, NULL },
- { "ldap_pwd_attribute", "pwdAttribute", SYSDB_PWD_ATTRIBUTE, NULL },
- { "ldap_user_authorized_service", "authorizedService", SYSDB_AUTHORIZED_SERVICE, NULL },
- { "ldap_user_ad_account_expires", "accountExpires", SYSDB_AD_ACCOUNT_EXPIRES, NULL},
- { "ldap_user_ad_user_account_control", "userAccountControl", SYSDB_AD_USER_ACCOUNT_CONTROL, NULL},
- { "ldap_ns_account_lock", "nsAccountLock", SYSDB_NS_ACCOUNT_LOCK, NULL},
- { "ldap_user_authorized_host", "host", SYSDB_AUTHORIZED_HOST, NULL },
- { "ldap_user_nds_login_disabled", "loginDisabled", SYSDB_NDS_LOGIN_DISABLED, NULL },
- { "ldap_user_nds_login_expiration_time", "loginExpirationTime", SYSDB_NDS_LOGIN_EXPIRATION_TIME, NULL },
- { "ldap_user_nds_login_allowed_time_map", "loginAllowedTimeMap", SYSDB_NDS_LOGIN_ALLOWED_TIME_MAP, NULL },
- { "ldap_user_ssh_public_key", "sshPublicKey", SYSDB_SSH_PUBKEY, NULL },
- { "ldap_user_auth_type", NULL, SYSDB_AUTH_TYPE, NULL },
- { "ldap_user_certificate", NULL, SYSDB_USER_CERT, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map rfc2307_user_map[];
-struct sdap_attr_map rfc2307_group_map[] = {
- { "ldap_group_object_class", "posixGroup", SYSDB_GROUP_CLASS, NULL },
- { "ldap_group_object_class_alt", NULL, SYSDB_GROUP_CLASS, NULL },
- { "ldap_group_name", "cn", SYSDB_NAME, NULL },
- { "ldap_group_pwd", "userPassword", SYSDB_PWD, NULL },
- { "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
- { "ldap_group_member", "memberuid", SYSDB_MEMBER, NULL },
- { "ldap_group_uuid", NULL, SYSDB_UUID, NULL },
- { "ldap_group_objectsid", NULL, SYSDB_SID, NULL },
- { "ldap_group_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL },
- { "ldap_group_entry_usn", NULL, SYSDB_USN, NULL },
- { "ldap_group_type", NULL, SYSDB_GROUP_TYPE, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map rfc2307_group_map[];
-struct sdap_attr_map rfc2307bis_user_map[] = {
- { "ldap_user_object_class", "posixAccount", SYSDB_USER_CLASS, NULL },
- { "ldap_user_name", "uid", SYSDB_NAME, NULL },
- { "ldap_user_pwd", "userPassword", SYSDB_PWD, NULL },
- { "ldap_user_uid_number", "uidNumber", SYSDB_UIDNUM, NULL },
- { "ldap_user_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
- { "ldap_user_gecos", "gecos", SYSDB_GECOS, NULL },
- { "ldap_user_home_directory", "homeDirectory", SYSDB_HOMEDIR, NULL },
- { "ldap_user_shell", "loginShell", SYSDB_SHELL, NULL },
- { "ldap_user_principal", "krbPrincipalName", SYSDB_UPN, NULL },
- { "ldap_user_fullname", "cn", SYSDB_FULLNAME, NULL },
- { "ldap_user_member_of", "memberOf", SYSDB_MEMBEROF, NULL },
- { "ldap_user_uuid", NULL, SYSDB_UUID, NULL },
- { "ldap_user_objectsid", NULL, SYSDB_SID, NULL },
- { "ldap_user_primary_group", NULL, SYSDB_PRIMARY_GROUP, NULL },
- { "ldap_user_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL },
- { "ldap_user_entry_usn", NULL, SYSDB_USN, NULL },
- { "ldap_user_shadow_last_change", "shadowLastChange", SYSDB_SHADOWPW_LASTCHANGE, NULL },
- { "ldap_user_shadow_min", "shadowMin", SYSDB_SHADOWPW_MIN, NULL },
- { "ldap_user_shadow_max", "shadowMax", SYSDB_SHADOWPW_MAX, NULL },
- { "ldap_user_shadow_warning", "shadowWarning", SYSDB_SHADOWPW_WARNING, NULL },
- { "ldap_user_shadow_inactive", "shadowInactive", SYSDB_SHADOWPW_INACTIVE, NULL },
- { "ldap_user_shadow_expire", "shadowExpire", SYSDB_SHADOWPW_EXPIRE, NULL },
- { "ldap_user_shadow_flag", "shadowFlag", SYSDB_SHADOWPW_FLAG, NULL },
- { "ldap_user_krb_last_pwd_change", "krbLastPwdChange", SYSDB_KRBPW_LASTCHANGE, NULL },
- { "ldap_user_krb_password_expiration", "krbPasswordExpiration", SYSDB_KRBPW_EXPIRATION, NULL },
- { "ldap_pwd_attribute", "pwdAttribute", SYSDB_PWD_ATTRIBUTE, NULL },
- { "ldap_user_authorized_service", "authorizedService", SYSDB_AUTHORIZED_SERVICE, NULL },
- { "ldap_user_ad_account_expires", "accountExpires", SYSDB_AD_ACCOUNT_EXPIRES, NULL},
- { "ldap_user_ad_user_account_control", "userAccountControl", SYSDB_AD_USER_ACCOUNT_CONTROL, NULL},
- { "ldap_ns_account_lock", "nsAccountLock", SYSDB_NS_ACCOUNT_LOCK, NULL},
- { "ldap_user_authorized_host", "host", SYSDB_AUTHORIZED_HOST, NULL },
- { "ldap_user_nds_login_disabled", "loginDisabled", SYSDB_NDS_LOGIN_DISABLED, NULL },
- { "ldap_user_nds_login_expiration_time", "loginExpirationTime", SYSDB_NDS_LOGIN_EXPIRATION_TIME, NULL },
- { "ldap_user_nds_login_allowed_time_map", "loginAllowedTimeMap", SYSDB_NDS_LOGIN_ALLOWED_TIME_MAP, NULL },
- { "ldap_user_ssh_public_key", "sshPublicKey", SYSDB_SSH_PUBKEY, NULL },
- { "ldap_user_auth_type", NULL, SYSDB_AUTH_TYPE, NULL },
- { "ldap_user_certificate", NULL, SYSDB_USER_CERT, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map rfc2307bis_user_map[];
-struct sdap_attr_map rfc2307bis_group_map[] = {
- { "ldap_group_object_class", "posixGroup", SYSDB_GROUP_CLASS, NULL },
- { "ldap_group_object_class_alt", NULL, SYSDB_GROUP_CLASS, NULL },
- { "ldap_group_name", "cn", SYSDB_NAME, NULL },
- { "ldap_group_pwd", "userPassword", SYSDB_PWD, NULL },
- { "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
- { "ldap_group_member", "member", SYSDB_MEMBER, NULL },
- { "ldap_group_uuid", NULL, SYSDB_UUID, NULL },
- { "ldap_group_objectsid", NULL, SYSDB_SID, NULL },
- { "ldap_group_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL },
- { "ldap_group_entry_usn", NULL, SYSDB_USN, NULL },
- { "ldap_group_type", NULL, SYSDB_GROUP_TYPE, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map rfc2307bis_group_map[];
-struct sdap_attr_map gen_ad2008r2_user_map[] = {
- { "ldap_user_object_class", "user", SYSDB_USER_CLASS, NULL },
- { "ldap_user_name", "sAMAccountName", SYSDB_NAME, NULL },
- { "ldap_user_pwd", "unixUserPassword", SYSDB_PWD, NULL },
- { "ldap_user_uid_number", "uidNumber", SYSDB_UIDNUM, NULL },
- { "ldap_user_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
- { "ldap_user_gecos", "gecos", SYSDB_GECOS, NULL },
- { "ldap_user_home_directory", "unixHomeDirectory", SYSDB_HOMEDIR, NULL },
- { "ldap_user_shell", "loginShell", SYSDB_SHELL, NULL },
- { "ldap_user_principal", "userPrincipalName", SYSDB_UPN, NULL },
- { "ldap_user_fullname", "name", SYSDB_FULLNAME, NULL },
- { "ldap_user_member_of", "memberOf", SYSDB_MEMBEROF, NULL },
- { "ldap_user_uuid", "objectGUID", SYSDB_UUID, NULL },
- { "ldap_user_objectsid", "objectSID", SYSDB_SID, NULL },
- { "ldap_user_primary_group", "primaryGroupID", SYSDB_PRIMARY_GROUP, NULL },
- { "ldap_user_modify_timestamp", "whenChanged", SYSDB_ORIG_MODSTAMP, NULL },
- { "ldap_user_entry_usn", SDAP_AD_USN, SYSDB_USN, NULL },
- { "ldap_user_shadow_last_change", NULL, SYSDB_SHADOWPW_LASTCHANGE, NULL },
- { "ldap_user_shadow_min", NULL, SYSDB_SHADOWPW_MIN, NULL },
- { "ldap_user_shadow_max", NULL, SYSDB_SHADOWPW_MAX, NULL },
- { "ldap_user_shadow_warning", NULL, SYSDB_SHADOWPW_WARNING, NULL },
- { "ldap_user_shadow_inactive", NULL, SYSDB_SHADOWPW_INACTIVE, NULL },
- { "ldap_user_shadow_expire", NULL, SYSDB_SHADOWPW_EXPIRE, NULL },
- { "ldap_user_shadow_flag", NULL, SYSDB_SHADOWPW_FLAG, NULL },
- { "ldap_user_krb_last_pwd_change", NULL, SYSDB_KRBPW_LASTCHANGE, NULL },
- { "ldap_user_krb_password_expiration", NULL, SYSDB_KRBPW_EXPIRATION, NULL },
- { "ldap_pwd_attribute", NULL, SYSDB_PWD_ATTRIBUTE, NULL },
- { "ldap_user_authorized_service", NULL, SYSDB_AUTHORIZED_SERVICE, NULL },
- { "ldap_user_ad_account_expires", "accountExpires", SYSDB_AD_ACCOUNT_EXPIRES, NULL},
- { "ldap_user_ad_user_account_control", "userAccountControl", SYSDB_AD_USER_ACCOUNT_CONTROL, NULL},
- { "ldap_ns_account_lock", NULL, SYSDB_NS_ACCOUNT_LOCK, NULL},
- { "ldap_user_authorized_host", NULL, SYSDB_AUTHORIZED_HOST, NULL },
- { "ldap_user_nds_login_disabled", NULL, SYSDB_NDS_LOGIN_DISABLED, NULL },
- { "ldap_user_nds_login_expiration_time", NULL, SYSDB_NDS_LOGIN_EXPIRATION_TIME, NULL },
- { "ldap_user_nds_login_allowed_time_map", NULL, SYSDB_NDS_LOGIN_ALLOWED_TIME_MAP, NULL },
- { "ldap_user_ssh_public_key", NULL, SYSDB_SSH_PUBKEY, NULL },
- { "ldap_user_auth_type", NULL, SYSDB_AUTH_TYPE, NULL },
- { "ldap_user_certificate", NULL, SYSDB_USER_CERT, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map gen_ad2008r2_user_map[];
-struct sdap_attr_map gen_ad2008r2_group_map[] = {
- { "ldap_group_object_class", "group", SYSDB_GROUP_CLASS, NULL },
- { "ldap_group_object_class_alt", NULL, SYSDB_GROUP_CLASS, NULL },
- { "ldap_group_name", "name", SYSDB_NAME, NULL },
- { "ldap_group_pwd", NULL, SYSDB_PWD, NULL },
- { "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
- { "ldap_group_member", "member", SYSDB_MEMBER, NULL },
- { "ldap_group_uuid", "objectGUID", SYSDB_UUID, NULL },
- { "ldap_group_objectsid", "objectSID", SYSDB_SID, NULL },
- { "ldap_group_modify_timestamp", "whenChanged", SYSDB_ORIG_MODSTAMP, NULL },
- { "ldap_group_entry_usn", SDAP_AD_USN, SYSDB_USN, NULL },
- { "ldap_group_type", "groupType", SYSDB_GROUP_TYPE, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map gen_ad2008r2_group_map[];
-struct sdap_attr_map netgroup_map[] = {
- { "ldap_netgroup_object_class", "nisNetgroup", SYSDB_NETGROUP_CLASS, NULL },
- { "ldap_netgroup_name", "cn", SYSDB_NAME, NULL },
- { "ldap_netgroup_member", "memberNisNetgroup", SYSDB_ORIG_NETGROUP_MEMBER, NULL },
- { "ldap_netgroup_triple", "nisNetgroupTriple", SYSDB_NETGROUP_TRIPLE, NULL },
- { "ldap_netgroup_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map netgroup_map[];
-struct sdap_attr_map native_sudorule_map[] = {
- { "ldap_sudorule_object_class", "sudoRole", SYSDB_SUDO_CACHE_OC, NULL },
- { "ldap_sudorule_name", "cn", SYSDB_SUDO_CACHE_AT_CN, NULL },
- { "ldap_sudorule_command", "sudoCommand", SYSDB_SUDO_CACHE_AT_COMMAND, NULL },
- { "ldap_sudorule_host", "sudoHost", SYSDB_SUDO_CACHE_AT_HOST, NULL },
- { "ldap_sudorule_user", "sudoUser", SYSDB_SUDO_CACHE_AT_USER, NULL },
- { "ldap_sudorule_option", "sudoOption", SYSDB_SUDO_CACHE_AT_OPTION, NULL },
- { "ldap_sudorule_runas", "sudoRunAs", SYSDB_SUDO_CACHE_AT_RUNAS, NULL },
- { "ldap_sudorule_runasuser", "sudoRunAsUser", SYSDB_SUDO_CACHE_AT_RUNASUSER, NULL },
- { "ldap_sudorule_runasgroup", "sudoRunAsGroup", SYSDB_SUDO_CACHE_AT_RUNASGROUP, NULL },
- { "ldap_sudorule_notbefore", "sudoNotBefore", SYSDB_SUDO_CACHE_AT_NOTBEFORE, NULL },
- { "ldap_sudorule_notafter", "sudoNotAfter", SYSDB_SUDO_CACHE_AT_NOTAFTER, NULL },
- { "ldap_sudorule_order", "sudoOrder", SYSDB_SUDO_CACHE_AT_ORDER, NULL },
- { "ldap_sudorule_entry_usn", NULL, SYSDB_USN, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map native_sudorule_map[];
-struct sdap_attr_map service_map[] = {
- { "ldap_service_object_class", "ipService", SYSDB_SVC_CLASS, NULL },
- { "ldap_service_name", "cn", SYSDB_NAME, NULL },
- { "ldap_service_port", "ipServicePort", SYSDB_SVC_PORT, NULL },
- { "ldap_service_proto", "ipServiceProtocol", SYSDB_SVC_PROTO, NULL },
- { "ldap_service_entry_usn", NULL, SYSDB_USN, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map service_map[];
-struct sdap_attr_map rfc2307_autofs_mobject_map[] = {
- { "ldap_autofs_map_object_class", "automountMap", SYSDB_AUTOFS_MAP_OC, NULL },
- { "ldap_autofs_map_name", "ou", SYSDB_AUTOFS_MAP_NAME, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map rfc2307_autofs_mobject_map[];
-struct sdap_attr_map rfc2307_autofs_entry_map[] = {
- { "ldap_autofs_entry_object_class", "automount", SYSDB_AUTOFS_ENTRY_OC, NULL },
- { "ldap_autofs_entry_key", "cn", SYSDB_AUTOFS_ENTRY_KEY, NULL },
- { "ldap_autofs_entry_value", "automountInformation", SYSDB_AUTOFS_ENTRY_VALUE, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map rfc2307_autofs_entry_map[];
-struct sdap_attr_map rfc2307bis_autofs_mobject_map[] = {
- { "ldap_autofs_map_object_class", "automountMap", SYSDB_AUTOFS_MAP_OC, NULL },
- { "ldap_autofs_map_name", "automountMapName", SYSDB_AUTOFS_MAP_NAME, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map rfc2307bis_autofs_mobject_map[];
-struct sdap_attr_map rfc2307bis_autofs_entry_map[] = {
- { "ldap_autofs_entry_object_class", "automount", SYSDB_AUTOFS_ENTRY_OC, NULL },
- { "ldap_autofs_entry_key", "automountKey", SYSDB_AUTOFS_ENTRY_KEY, NULL },
- { "ldap_autofs_entry_value", "automountInformation", SYSDB_AUTOFS_ENTRY_VALUE, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map rfc2307bis_autofs_entry_map[];
#endif /* LDAP_OPTS_H_ */
--
2.1.0
From 216c4d7dbd1177dbcdb72cf0c0eacfae1880daa9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrez...@redhat.com>
Date: Wed, 2 Dec 2015 11:20:41 +0100
Subject: [PATCH 02/16] AD: Mark globals in ad_opts.h as extern
To avoid collisions when we want to work with them elsewhere in the code.
---
Makefile.am | 5 +
src/providers/ad/{ad_opts.h => ad_opts.c} | 5 -
src/providers/ad/ad_opts.h | 253 ++----------------------------
3 files changed, 16 insertions(+), 247 deletions(-)
copy src/providers/ad/{ad_opts.h => ad_opts.c} (99%)
diff --git a/Makefile.am b/Makefile.am
index c15f55840f5a8f9e98f137cde688ad6cd62abdfb..416d0ea4d01c78c635514c9e6ef3d9e809dad030 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1653,6 +1653,7 @@ ipa_ldap_opt_tests_SOURCES = \
src/providers/ldap/sdap_range.c \
src/providers/ldap/sdap_domain.c \
src/providers/ldap/ldap_opts.c \
+ src/providers/ad/ad_opts.c \
src/util/sss_ldap.c \
src/tests/ipa_ldap_opt-tests.c
ipa_ldap_opt_tests_CFLAGS = \
@@ -1668,6 +1669,7 @@ ipa_ldap_opt_tests_LDADD = \
ad_ldap_opt_tests_SOURCES = \
src/providers/ldap/ldap_opts.c \
+ src/providers/ad/ad_opts.c \
src/tests/ad_ldap_opt-tests.c
ad_ldap_opt_tests_CFLAGS = \
$(AM_CFLAGS) \
@@ -2214,6 +2216,7 @@ ad_common_tests_SOURCES = \
$(libsss_krb5_common_la_SOURCES) \
src/tests/cmocka/common_mock_krb5.c \
src/tests/cmocka/test_ad_common.c \
+ src/providers/ad/ad_opts.c \
$(NULL)
ad_common_tests_LDFLAGS = \
-Wl,-wrap,sdap_set_sasl_options \
@@ -2966,6 +2969,7 @@ libsss_ipa_la_SOURCES = \
src/providers/ipa/ipa_selinux_maps.c \
src/providers/ipa/ipa_srv.c \
src/providers/ipa/ipa_idmap.c \
+ src/providers/ad/ad_opts.c \
src/providers/ad/ad_common.c \
src/providers/ad/ad_common.h \
src/providers/ad/ad_dyndns.c \
@@ -3010,6 +3014,7 @@ endif
libsss_ad_la_SOURCES = \
+ src/providers/ad/ad_opts.c \
src/providers/ad/ad_common.c \
src/providers/ad/ad_common.h \
src/providers/ad/ad_init.c \
diff --git a/src/providers/ad/ad_opts.h b/src/providers/ad/ad_opts.c
similarity index 99%
copy from src/providers/ad/ad_opts.h
copy to src/providers/ad/ad_opts.c
index 00586a7ada63ad4c89630e9589d3ff75d1726703..4ea96637ca7264c76109ed8c2f7b5e8a94f73bfe 100644
--- a/src/providers/ad/ad_opts.h
+++ b/src/providers/ad/ad_opts.c
@@ -20,9 +20,6 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef AD_OPTS_H_
-#define AD_OPTS_H_
-
#include "src/providers/data_provider.h"
#include "db/sysdb_services.h"
#include "db/sysdb_autofs.h"
@@ -278,5 +275,3 @@ struct dp_option ad_dyndns_opts[] = {
{ "dyndns_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
DP_OPTION_TERMINATOR
};
-
-#endif /* AD_OPTS_H_ */
diff --git a/src/providers/ad/ad_opts.h b/src/providers/ad/ad_opts.h
index 00586a7ada63ad4c89630e9589d3ff75d1726703..a15a362d8e8750eccddd26ca5ca1f4a0aa5ba6e5 100644
--- a/src/providers/ad/ad_opts.h
+++ b/src/providers/ad/ad_opts.h
@@ -24,259 +24,28 @@
#define AD_OPTS_H_
#include "src/providers/data_provider.h"
-#include "db/sysdb_services.h"
-#include "db/sysdb_autofs.h"
#include "providers/ldap/ldap_common.h"
-#include "config.h"
-struct dp_option ad_basic_opts[] = {
- { "ad_domain", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ad_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ad_backup_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ad_hostname", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_keytab", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING},
- { "ad_enable_dns_sites", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "ad_access_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING},
- { "ad_enable_gc", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "ad_gpo_access_control", DP_OPT_STRING, { AD_GPO_ACCESS_MODE_DEFAULT }, NULL_STRING },
- { "ad_gpo_cache_timeout", DP_OPT_NUMBER, { .number = 5 }, NULL_NUMBER },
- { "ad_gpo_map_interactive", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ad_gpo_map_remote_interactive", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ad_gpo_map_network", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ad_gpo_map_batch", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ad_gpo_map_service", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ad_gpo_map_permit", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ad_gpo_map_deny", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ad_gpo_default_right", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ad_site", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_confd_path", DP_OPT_STRING, { KRB5_MAPPING_DIR }, NULL_STRING },
- DP_OPTION_TERMINATOR
-};
+extern struct dp_option ad_basic_opts[];
-struct dp_option ad_def_ldap_opts[] = {
- { "ldap_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_backup_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_default_bind_dn", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_default_authtok_type", DP_OPT_STRING, { "password" }, NULL_STRING},
- { "ldap_default_authtok", DP_OPT_BLOB, NULL_BLOB, NULL_BLOB },
- { "ldap_search_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER },
- { "ldap_network_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER },
- { "ldap_opt_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER },
- { "ldap_tls_reqcert", DP_OPT_STRING, { "hard" }, NULL_STRING },
- { "ldap_user_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_user_search_scope", DP_OPT_STRING, { "sub" }, NULL_STRING },
- { "ldap_user_search_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_user_extra_attrs", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_group_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_group_search_scope", DP_OPT_STRING, { "sub" }, NULL_STRING },
- { "ldap_group_search_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_service_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_sudo_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_sudo_full_refresh_interval", DP_OPT_NUMBER, { .number = 21600 }, NULL_NUMBER }, /* 360 mins */
- { "ldap_sudo_smart_refresh_interval", DP_OPT_NUMBER, { .number = 900 }, NULL_NUMBER }, /* 15 mins */
- { "ldap_sudo_use_host_filter", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "ldap_sudo_hostnames", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_sudo_ip", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_sudo_include_netgroups", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "ldap_sudo_include_regexp", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "ldap_autofs_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_autofs_map_master_name", DP_OPT_STRING, { "auto.master" }, NULL_STRING },
- { "ldap_schema", DP_OPT_STRING, { "ad" }, NULL_STRING },
- { "ldap_offline_timeout", DP_OPT_NUMBER, { .number = 60 }, NULL_NUMBER },
- { "ldap_force_upper_case_realm", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "ldap_enumeration_refresh_timeout", DP_OPT_NUMBER, { .number = 300 }, NULL_NUMBER },
- { "ldap_purge_cache_timeout", DP_OPT_NUMBER, { .number = 0 }, NULL_NUMBER },
- { "ldap_tls_cacert", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_tls_cacertdir", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_tls_cert", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_tls_key", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_tls_cipher_suite", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_id_use_start_tls", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_id_mapping", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "ldap_sasl_mech", DP_OPT_STRING, { "gssapi" }, NULL_STRING },
- { "ldap_sasl_authid", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_sasl_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_sasl_minssf", DP_OPT_NUMBER, { .number = -1 }, NULL_NUMBER },
- { "ldap_krb5_keytab", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_krb5_init_creds", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- /* use the same parm name as the krb5 module so we set it only once */
- { "krb5_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_backup_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_canonicalize", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "krb5_use_kdcinfo", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "ldap_pwd_policy", DP_OPT_STRING, { "none" }, NULL_STRING },
- { "ldap_referrals", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "account_cache_expiration", DP_OPT_NUMBER, { .number = 0 }, NULL_NUMBER },
- { "ldap_dns_service_name", DP_OPT_STRING, { SSS_LDAP_SRV_NAME }, NULL_STRING },
- { "ldap_krb5_ticket_lifetime", DP_OPT_NUMBER, { .number = (24 * 60 * 60) }, NULL_NUMBER },
- { "ldap_access_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_netgroup_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_group_nesting_level", DP_OPT_NUMBER, { .number = 2 }, NULL_NUMBER },
- { "ldap_deref", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_account_expire_policy", DP_OPT_STRING, { "ad" }, NULL_STRING },
- { "ldap_access_order", DP_OPT_STRING, { "filter" }, NULL_STRING },
- { "ldap_chpass_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_chpass_backup_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_chpass_dns_service_name", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_chpass_update_last_change", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_enumeration_search_timeout", DP_OPT_NUMBER, { .number = 60 }, NULL_NUMBER },
- /* Do not include ldap_auth_disable_tls_never_use_in_production in the
- * manpages or SSSDConfig API
- */
- { "ldap_auth_disable_tls_never_use_in_production", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_page_size", DP_OPT_NUMBER, { .number = 1000 }, NULL_NUMBER },
- { "ldap_deref_threshold", DP_OPT_NUMBER, { .number = 10 }, NULL_NUMBER },
- { "ldap_sasl_canonicalize", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_connection_expire_timeout", DP_OPT_NUMBER, { .number = 900 }, NULL_NUMBER },
- { "ldap_disable_paging", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_idmap_range_min", DP_OPT_NUMBER, { .number = 200000 }, NULL_NUMBER },
- { "ldap_idmap_range_max", DP_OPT_NUMBER, { .number = 2000200000LL }, NULL_NUMBER },
- { "ldap_idmap_range_size", DP_OPT_NUMBER, { .number = 200000 }, NULL_NUMBER },
- { "ldap_idmap_autorid_compat", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_idmap_default_domain", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_idmap_default_domain_sid", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_groups_use_matching_rule_in_chain", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_initgroups_use_matching_rule_in_chain", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_use_tokengroups", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE},
- { "ldap_rfc2307_fallback_to_local_users", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_disable_range_retrieval", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_min_id", DP_OPT_NUMBER, NULL_NUMBER, NULL_NUMBER},
- { "ldap_max_id", DP_OPT_NUMBER, NULL_NUMBER, NULL_NUMBER},
- { "ldap_pwdlockout_dn", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "wildcard_limit", DP_OPT_NUMBER, { .number = 1000 }, NULL_NUMBER},
- DP_OPTION_TERMINATOR
-};
+extern struct dp_option ad_def_ldap_opts[];
-struct dp_option ad_def_krb5_opts[] = {
- { "krb5_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_backup_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_ccachedir", DP_OPT_STRING, { DEFAULT_CCACHE_DIR }, NULL_STRING },
- { "krb5_ccname_template", DP_OPT_STRING, NULL_STRING, NULL_STRING},
- { "krb5_auth_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER },
- { "krb5_keytab", DP_OPT_STRING, { "/etc/krb5.keytab" }, NULL_STRING },
- { "krb5_validate", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "krb5_kpasswd", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_backup_kpasswd", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_store_password_if_offline", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "krb5_renewable_lifetime", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_lifetime", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_renew_interval", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_use_fast", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_fast_principal", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_canonicalize", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "krb5_use_enterprise_principal", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "krb5_use_kdcinfo", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "krb5_map_user", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- DP_OPTION_TERMINATOR
-};
+extern struct dp_option ad_def_krb5_opts[];
-struct sdap_attr_map ad_2008r2_attr_map[] = {
- { "ldap_entry_usn", SDAP_AD_USN, SYSDB_USN, NULL },
- { "ldap_rootdse_last_usn", SDAP_AD_LAST_USN, SYSDB_HIGH_USN, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map ad_2008r2_attr_map[];
-struct sdap_attr_map ad_2008r2_user_map[] = {
- { "ldap_user_object_class", "user", SYSDB_USER_CLASS, NULL },
- { "ldap_user_name", "sAMAccountName", SYSDB_NAME, NULL },
- { "ldap_user_pwd", "unixUserPassword", SYSDB_PWD, NULL },
- { "ldap_user_uid_number", "uidNumber", SYSDB_UIDNUM, NULL },
- { "ldap_user_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
- { "ldap_user_gecos", "gecos", SYSDB_GECOS, NULL },
- { "ldap_user_home_directory", "unixHomeDirectory", SYSDB_HOMEDIR, NULL },
- { "ldap_user_shell", "loginShell", SYSDB_SHELL, NULL },
- { "ldap_user_principal", "userPrincipalName", SYSDB_UPN, NULL },
- { "ldap_user_fullname", "name", SYSDB_FULLNAME, NULL },
- { "ldap_user_member_of", "memberOf", SYSDB_MEMBEROF, NULL },
- { "ldap_user_uuid", "objectGUID", SYSDB_UUID, NULL },
- { "ldap_user_objectsid", "objectSID", SYSDB_SID, NULL },
- { "ldap_user_primary_group", "primaryGroupID", SYSDB_PRIMARY_GROUP, NULL },
- { "ldap_user_modify_timestamp", "whenChanged", SYSDB_ORIG_MODSTAMP, NULL },
- { "ldap_user_entry_usn", SDAP_AD_USN, SYSDB_USN, NULL },
- { "ldap_user_shadow_last_change", NULL, SYSDB_SHADOWPW_LASTCHANGE, NULL },
- { "ldap_user_shadow_min", NULL, SYSDB_SHADOWPW_MIN, NULL },
- { "ldap_user_shadow_max", NULL, SYSDB_SHADOWPW_MAX, NULL },
- { "ldap_user_shadow_warning", NULL, SYSDB_SHADOWPW_WARNING, NULL },
- { "ldap_user_shadow_inactive", NULL, SYSDB_SHADOWPW_INACTIVE, NULL },
- { "ldap_user_shadow_expire", NULL, SYSDB_SHADOWPW_EXPIRE, NULL },
- { "ldap_user_shadow_flag", NULL, SYSDB_SHADOWPW_FLAG, NULL },
- { "ldap_user_krb_last_pwd_change", NULL, SYSDB_KRBPW_LASTCHANGE, NULL },
- { "ldap_user_krb_password_expiration", NULL, SYSDB_KRBPW_EXPIRATION, NULL },
- { "ldap_pwd_attribute", NULL, SYSDB_PWD_ATTRIBUTE, NULL },
- { "ldap_user_authorized_service", NULL, SYSDB_AUTHORIZED_SERVICE, NULL },
- { "ldap_user_ad_account_expires", "accountExpires", SYSDB_AD_ACCOUNT_EXPIRES, NULL},
- { "ldap_user_ad_user_account_control", "userAccountControl", SYSDB_AD_USER_ACCOUNT_CONTROL, NULL},
- { "ldap_ns_account_lock", NULL, SYSDB_NS_ACCOUNT_LOCK, NULL},
- { "ldap_user_authorized_host", NULL, SYSDB_AUTHORIZED_HOST, NULL },
- { "ldap_user_nds_login_disabled", NULL, SYSDB_NDS_LOGIN_DISABLED, NULL },
- { "ldap_user_nds_login_expiration_time", NULL, SYSDB_NDS_LOGIN_EXPIRATION_TIME, NULL },
- { "ldap_user_nds_login_allowed_time_map", NULL, SYSDB_NDS_LOGIN_ALLOWED_TIME_MAP, NULL },
- { "ldap_user_ssh_public_key", NULL, SYSDB_SSH_PUBKEY, NULL },
- { "ldap_user_auth_type", NULL, SYSDB_AUTH_TYPE, NULL },
- { "ldap_user_certificate", NULL, SYSDB_USER_CERT, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map ad_2008r2_user_map[];
-struct sdap_attr_map ad_2008r2_group_map[] = {
- { "ldap_group_object_class", "group", SYSDB_GROUP_CLASS, NULL },
- { "ldap_group_object_class_alt", NULL, SYSDB_GROUP_CLASS, NULL },
- { "ldap_group_name", "sAMAccountName", SYSDB_NAME, NULL },
- { "ldap_group_pwd", NULL, SYSDB_PWD, NULL },
- { "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
- { "ldap_group_member", "member", SYSDB_MEMBER, NULL },
- { "ldap_group_uuid", "objectGUID", SYSDB_UUID, NULL },
- { "ldap_group_objectsid", "objectSID", SYSDB_SID, NULL },
- { "ldap_group_modify_timestamp", "whenChanged", SYSDB_ORIG_MODSTAMP, NULL },
- { "ldap_group_entry_usn", SDAP_AD_USN, SYSDB_USN, NULL },
- { "ldap_group_type", "groupType", SYSDB_GROUP_TYPE, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map ad_2008r2_group_map[];
-struct sdap_attr_map ad_netgroup_map[] = {
- { "ldap_netgroup_object_class", "nisNetgroup", SYSDB_NETGROUP_CLASS, NULL },
- { "ldap_netgroup_name", "cn", SYSDB_NAME, NULL },
- { "ldap_netgroup_member", "memberNisNetgroup", SYSDB_ORIG_NETGROUP_MEMBER, NULL },
- { "ldap_netgroup_triple", "nisNetgroupTriple", SYSDB_NETGROUP_TRIPLE, NULL },
- { "ldap_netgroup_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map ad_netgroup_map[];
-struct sdap_attr_map ad_service_map[] = {
- { "ldap_service_object_class", "ipService", SYSDB_SVC_CLASS, NULL },
- { "ldap_service_name", "cn", SYSDB_NAME, NULL },
- { "ldap_service_port", "ipServicePort", SYSDB_SVC_PORT, NULL },
- { "ldap_service_proto", "ipServiceProtocol", SYSDB_SVC_PROTO, NULL },
- { "ldap_service_entry_usn", NULL, SYSDB_USN, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map ad_service_map[];
-struct sdap_attr_map ad_autofs_mobject_map[] = {
- { "ldap_autofs_map_object_class", "nisMap", SYSDB_AUTOFS_MAP_OC, NULL },
- { "ldap_autofs_map_name", "nisMapName", SYSDB_AUTOFS_MAP_NAME, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map ad_autofs_mobject_map[];
-struct sdap_attr_map ad_autofs_entry_map[] = {
- { "ldap_autofs_entry_object_class", "nisObject", SYSDB_AUTOFS_ENTRY_OC, NULL },
- { "ldap_autofs_entry_key", "cn", SYSDB_AUTOFS_ENTRY_KEY, NULL },
- { "ldap_autofs_entry_value", "nisMapEntry", SYSDB_AUTOFS_ENTRY_VALUE, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map ad_autofs_entry_map[];
-struct dp_option ad_dyndns_opts[] = {
- { "dyndns_update", DP_OPT_BOOL, BOOL_TRUE, BOOL_FALSE },
- { "dyndns_refresh_interval", DP_OPT_NUMBER, { .number = 86400 }, NULL_NUMBER },
- { "dyndns_iface", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "dyndns_ttl", DP_OPT_NUMBER, { .number = 3600 }, NULL_NUMBER },
- { "dyndns_update_ptr", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "dyndns_force_tcp", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "dyndns_auth", DP_OPT_STRING, { "gss-tsig" }, NULL_STRING },
- { "dyndns_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- DP_OPTION_TERMINATOR
-};
+extern struct dp_option ad_dyndns_opts[];
#endif /* AD_OPTS_H_ */
--
2.1.0
From a7095614d313891893b8cfe7ea8cf08d4fc61f4d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrez...@redhat.com>
Date: Wed, 2 Dec 2015 11:14:06 +0100
Subject: [PATCH 03/16] IPA: Mark globals in ipa_opts.h as extern
To avoid collisions when we want to work with them elsewhere in the code.
---
Makefile.am | 4 +
src/providers/ipa/{ipa_opts.h => ipa_opts.c} | 5 -
src/providers/ipa/ipa_opts.h | 313 ++-------------------------
3 files changed, 20 insertions(+), 302 deletions(-)
copy src/providers/ipa/{ipa_opts.h => ipa_opts.c} (99%)
diff --git a/Makefile.am b/Makefile.am
index 416d0ea4d01c78c635514c9e6ef3d9e809dad030..78a6de7de68c9f836981d1dfb8790870739888f4 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1654,6 +1654,7 @@ ipa_ldap_opt_tests_SOURCES = \
src/providers/ldap/sdap_domain.c \
src/providers/ldap/ldap_opts.c \
src/providers/ad/ad_opts.c \
+ src/providers/ipa/ipa_opts.c \
src/util/sss_ldap.c \
src/tests/ipa_ldap_opt-tests.c
ipa_ldap_opt_tests_CFLAGS = \
@@ -2251,6 +2252,7 @@ sdap_tests_SOURCES = \
src/providers/ldap/sdap.c \
src/providers/ldap/sdap_range.c \
src/providers/ldap/ldap_opts.c \
+ src/providers/ipa/ipa_opts.c \
src/util/sss_ldap.c \
src/tests/cmocka/test_sdap.c \
$(NULL)
@@ -2539,6 +2541,7 @@ test_ipa_subdom_server_SOURCES = \
src/tests/cmocka/test_ipa_subdomains_server.c \
src/providers/ipa/ipa_subdomains_server.c \
src/providers/ipa/ipa_subdomains_utils.c \
+ src/providers/ipa/ipa_opts.c \
$(NULL)
test_ipa_subdom_server_CFLAGS = \
$(AM_CFLAGS) \
@@ -2942,6 +2945,7 @@ libsss_krb5_la_LDFLAGS = \
libsss_ipa_la_SOURCES = \
src/providers/ipa/ipa_init.c \
+ src/providers/ipa/ipa_opts.c \
src/providers/ipa/ipa_common.c \
src/providers/ipa/ipa_config.c \
src/providers/ipa/ipa_id.c \
diff --git a/src/providers/ipa/ipa_opts.h b/src/providers/ipa/ipa_opts.c
similarity index 99%
copy from src/providers/ipa/ipa_opts.h
copy to src/providers/ipa/ipa_opts.c
index 78949e3ddec95f7f4303eab905bbbf6ec14ed6ae..bc983ec32d63c37b6fdf06d6009df9084f82d4bf 100644
--- a/src/providers/ipa/ipa_opts.h
+++ b/src/providers/ipa/ipa_opts.c
@@ -20,9 +20,6 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef IPA_OPTS_H_
-#define IPA_OPTS_H_
-
#include "src/providers/data_provider.h"
#include "db/sysdb.h"
#include "db/sysdb_sudo.h"
@@ -338,5 +335,3 @@ struct sdap_attr_map ipa_autofs_entry_map[] = {
{ "ldap_autofs_entry_value", "automountInformation", SYSDB_AUTOFS_ENTRY_VALUE, NULL },
SDAP_ATTR_MAP_TERMINATOR
};
-
-#endif /* IPA_OPTS_H_ */
diff --git a/src/providers/ipa/ipa_opts.h b/src/providers/ipa/ipa_opts.h
index 78949e3ddec95f7f4303eab905bbbf6ec14ed6ae..af12e63d80696d8341a963368e7d3a3694f16812 100644
--- a/src/providers/ipa/ipa_opts.h
+++ b/src/providers/ipa/ipa_opts.h
@@ -24,319 +24,38 @@
#define IPA_OPTS_H_
#include "src/providers/data_provider.h"
-#include "db/sysdb.h"
-#include "db/sysdb_sudo.h"
-#include "db/sysdb_autofs.h"
-#include "db/sysdb_services.h"
-#include "db/sysdb_selinux.h"
#include "providers/ldap/ldap_common.h"
-struct dp_option ipa_basic_opts[] = {
- { "ipa_domain", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ipa_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ipa_backup_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ipa_hostname", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ipa_hbac_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING},
- { "ipa_host_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ipa_selinux_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ipa_subdomains_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ipa_master_domain_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING},
- { "ipa_hbac_refresh", DP_OPT_NUMBER, { .number = 5 }, NULL_NUMBER },
- { "ipa_selinux_refresh", DP_OPT_NUMBER, { .number = 5 }, NULL_NUMBER },
- { "ipa_hbac_support_srchost", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ipa_automount_location", DP_OPT_STRING, { "default" }, NULL_STRING },
- { "ipa_ranges_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ipa_enable_dns_sites", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ipa_server_mode", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ipa_views_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_confd_path", DP_OPT_STRING, { KRB5_MAPPING_DIR }, NULL_STRING },
- DP_OPTION_TERMINATOR
-};
+extern struct dp_option ipa_basic_opts[];
-struct dp_option ipa_dyndns_opts[] = {
- { "dyndns_update", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "dyndns_refresh_interval", DP_OPT_NUMBER, NULL_NUMBER, NULL_NUMBER },
- { "dyndns_iface", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "dyndns_ttl", DP_OPT_NUMBER, { .number = 1200 }, NULL_NUMBER },
- { "dyndns_update_ptr", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "dyndns_force_tcp", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "dyndns_auth", DP_OPT_STRING, { "gss-tsig" }, NULL_STRING },
- { "dyndns_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- DP_OPTION_TERMINATOR
-};
+extern struct dp_option ipa_dyndns_opts[];
-struct dp_option ipa_def_ldap_opts[] = {
- { "ldap_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_backup_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_default_bind_dn", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_default_authtok_type", DP_OPT_STRING, NULL_STRING, NULL_STRING},
- { "ldap_default_authtok", DP_OPT_BLOB, NULL_BLOB, NULL_BLOB },
- { "ldap_search_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER },
- { "ldap_network_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER },
- { "ldap_opt_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER },
- { "ldap_tls_reqcert", DP_OPT_STRING, { "hard" }, NULL_STRING },
- { "ldap_user_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_user_search_scope", DP_OPT_STRING, { "sub" }, NULL_STRING },
- { "ldap_user_search_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_user_extra_attrs", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_group_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_group_search_scope", DP_OPT_STRING, { "sub" }, NULL_STRING },
- { "ldap_group_search_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_service_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_sudo_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_sudo_full_refresh_interval", DP_OPT_NUMBER, { .number = 21600 }, NULL_NUMBER },
- { "ldap_sudo_smart_refresh_interval", DP_OPT_NUMBER, { .number = 900 }, NULL_NUMBER }, /* 15 mins */
- { "ldap_sudo_use_host_filter", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "ldap_sudo_hostnames", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_sudo_ip", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_sudo_include_netgroups", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "ldap_sudo_include_regexp", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "ldap_autofs_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_autofs_map_master_name", DP_OPT_STRING, { "auto.master" }, NULL_STRING },
- { "ldap_schema", DP_OPT_STRING, { "ipa_v1" }, NULL_STRING },
- { "ldap_offline_timeout", DP_OPT_NUMBER, { .number = 60 }, NULL_NUMBER },
- { "ldap_force_upper_case_realm", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "ldap_enumeration_refresh_timeout", DP_OPT_NUMBER, { .number = 300 }, NULL_NUMBER },
- { "ldap_purge_cache_timeout", DP_OPT_NUMBER, { .number = 0 }, NULL_NUMBER },
- { "ldap_tls_cacert", DP_OPT_STRING, { "/etc/ipa/ca.crt" }, NULL_STRING },
- { "ldap_tls_cacertdir", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_tls_cert", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_tls_key", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_tls_cipher_suite", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_id_use_start_tls", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_id_mapping", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_sasl_mech", DP_OPT_STRING, { "GSSAPI" } , NULL_STRING },
- { "ldap_sasl_authid", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_sasl_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_sasl_minssf", DP_OPT_NUMBER, { .number = 56 }, NULL_NUMBER },
- { "ldap_krb5_keytab", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_krb5_init_creds", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- /* use the same parm name as the krb5 module so we set it only once */
- { "krb5_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_backup_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_canonicalize", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "krb5_use_kdcinfo", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "ldap_pwd_policy", DP_OPT_STRING, { "none" } , NULL_STRING },
- { "ldap_referrals", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "account_cache_expiration", DP_OPT_NUMBER, { .number = 0 }, NULL_NUMBER },
- { "ldap_dns_service_name", DP_OPT_STRING, { SSS_LDAP_SRV_NAME }, NULL_STRING },
- { "ldap_krb5_ticket_lifetime", DP_OPT_NUMBER, { .number = (24 * 60 * 60) }, NULL_NUMBER },
- { "ldap_access_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_netgroup_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_group_nesting_level", DP_OPT_NUMBER, { .number = 2 }, NULL_NUMBER },
- { "ldap_deref", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_account_expire_policy", DP_OPT_STRING, { "ipa" }, NULL_STRING },
- { "ldap_access_order", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_chpass_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_chpass_backup_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_chpass_dns_service_name", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_chpass_update_last_change", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_enumeration_search_timeout", DP_OPT_NUMBER, { .number = 60 }, NULL_NUMBER },
- /* Do not include ldap_auth_disable_tls_never_use_in_production in the
- * manpages or SSSDConfig API
- */
- { "ldap_auth_disable_tls_never_use_in_production", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_page_size", DP_OPT_NUMBER, { .number = 1000 }, NULL_NUMBER },
- { "ldap_deref_threshold", DP_OPT_NUMBER, { .number = 10 }, NULL_NUMBER },
- { "ldap_sasl_canonicalize", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_connection_expire_timeout", DP_OPT_NUMBER, { .number = 900 }, NULL_NUMBER },
- { "ldap_disable_paging", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_idmap_range_min", DP_OPT_NUMBER, { .number = 200000 }, NULL_NUMBER },
- { "ldap_idmap_range_max", DP_OPT_NUMBER, { .number = 2000200000LL }, NULL_NUMBER },
- { "ldap_idmap_range_size", DP_OPT_NUMBER, { .number = 200000 }, NULL_NUMBER },
- { "ldap_idmap_autorid_compat", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_idmap_default_domain", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_idmap_default_domain_sid", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "ldap_groups_use_matching_rule_in_chain", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_initgroups_use_matching_rule_in_chain", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_use_tokengroups", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE},
- { "ldap_rfc2307_fallback_to_local_users", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_disable_range_retrieval", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "ldap_min_id", DP_OPT_NUMBER, NULL_NUMBER, NULL_NUMBER},
- { "ldap_max_id", DP_OPT_NUMBER, NULL_NUMBER, NULL_NUMBER},
- { "ldap_pwdlockout_dn", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "wildcard_limit", DP_OPT_NUMBER, { .number = 1000 }, NULL_NUMBER},
- DP_OPTION_TERMINATOR
-};
+extern struct dp_option ipa_def_ldap_opts[];
-struct sdap_attr_map ipa_attr_map[] = {
- { "ldap_entry_usn", "entryUSN", SYSDB_USN, NULL },
- { "ldap_rootdse_last_usn", "lastUSN", SYSDB_HIGH_USN, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map ipa_attr_map[];
-struct sdap_attr_map ipa_user_map[] = {
- { "ldap_user_object_class", "posixAccount", SYSDB_USER_CLASS, NULL },
- { "ldap_user_name", "uid", SYSDB_NAME, NULL },
- { "ldap_user_pwd", "userPassword", SYSDB_PWD, NULL },
- { "ldap_user_uid_number", "uidNumber", SYSDB_UIDNUM, NULL },
- { "ldap_user_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
- { "ldap_user_gecos", "gecos", SYSDB_GECOS, NULL },
- { "ldap_user_home_directory", "homeDirectory", SYSDB_HOMEDIR, NULL },
- { "ldap_user_shell", "loginShell", SYSDB_SHELL, NULL },
- { "ldap_user_principal", "krbPrincipalName", SYSDB_UPN, NULL },
- { "ldap_user_fullname", "cn", SYSDB_FULLNAME, NULL },
- { "ldap_user_member_of", "memberOf", SYSDB_MEMBEROF, NULL },
- { "ldap_user_uuid", "ipaUniqueID", SYSDB_UUID, NULL },
- { "ldap_user_objectsid", "ipaNTSecurityIdentifier", SYSDB_SID_STR, NULL },
- { "ldap_user_primary_group", NULL, SYSDB_PRIMARY_GROUP, NULL },
- { "ldap_user_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL },
- { "ldap_user_entry_usn", NULL, SYSDB_USN, NULL },
- { "ldap_user_shadow_last_change", "shadowLastChange", SYSDB_SHADOWPW_LASTCHANGE, NULL },
- { "ldap_user_shadow_min", "shadowMin", SYSDB_SHADOWPW_MIN, NULL },
- { "ldap_user_shadow_max", "shadowMax", SYSDB_SHADOWPW_MAX, NULL },
- { "ldap_user_shadow_warning", "shadowWarning", SYSDB_SHADOWPW_WARNING, NULL },
- { "ldap_user_shadow_inactive", "shadowInactive", SYSDB_SHADOWPW_INACTIVE, NULL },
- { "ldap_user_shadow_expire", "shadowExpire", SYSDB_SHADOWPW_EXPIRE, NULL },
- { "ldap_user_shadow_flag", "shadowFlag", SYSDB_SHADOWPW_FLAG, NULL },
- { "ldap_user_krb_last_pwd_change", "krbLastPwdChange", SYSDB_KRBPW_LASTCHANGE, NULL },
- { "ldap_user_krb_password_expiration", "krbPasswordExpiration", SYSDB_KRBPW_EXPIRATION, NULL },
- { "ldap_pwd_attribute", "pwdAttribute", SYSDB_PWD_ATTRIBUTE, NULL },
- { "ldap_user_authorized_service", "authorizedService", SYSDB_AUTHORIZED_SERVICE, NULL },
- { "ldap_user_ad_account_expires", "accountExpires", SYSDB_AD_ACCOUNT_EXPIRES, NULL},
- { "ldap_user_ad_user_account_control", "userAccountControl", SYSDB_AD_USER_ACCOUNT_CONTROL, NULL},
- { "ldap_ns_account_lock", "nsAccountLock", SYSDB_NS_ACCOUNT_LOCK, NULL},
- { "ldap_user_authorized_host", "host", SYSDB_AUTHORIZED_HOST, NULL },
- { "ldap_user_nds_login_disabled", "loginDisabled", SYSDB_NDS_LOGIN_DISABLED, NULL },
- { "ldap_user_nds_login_expiration_time", "loginExpirationTime", SYSDB_NDS_LOGIN_EXPIRATION_TIME, NULL },
- { "ldap_user_nds_login_allowed_time_map", "loginAllowedTimeMap", SYSDB_NDS_LOGIN_ALLOWED_TIME_MAP, NULL },
- { "ldap_user_ssh_public_key", "ipaSshPubKey", SYSDB_SSH_PUBKEY, NULL },
- { "ldap_user_auth_type", "ipaUserAuthType", SYSDB_AUTH_TYPE, NULL },
- { "ldap_user_certificate", "userCertificate;binary", SYSDB_USER_CERT, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map ipa_user_map[];
-struct sdap_attr_map ipa_group_map[] = {
- { "ldap_group_object_class", "ipaUserGroup", SYSDB_GROUP_CLASS, NULL },
- { "ldap_group_object_class_alt", "posixGroup", SYSDB_GROUP_CLASS, NULL },
- { "ldap_group_name", "cn", SYSDB_NAME, NULL },
- { "ldap_group_pwd", "userPassword", SYSDB_PWD, NULL },
- { "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
- { "ldap_group_member", "member", SYSDB_MEMBER, NULL },
- { "ldap_group_uuid", "ipaUniqueID", SYSDB_UUID, NULL },
- { "ldap_group_objectsid", "ipaNTSecurityIdentifier", SYSDB_SID_STR, NULL },
- { "ldap_group_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL },
- { "ldap_group_entry_usn", NULL, SYSDB_USN, NULL },
- { "ldap_group_type", NULL, SYSDB_GROUP_TYPE, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map ipa_group_map[];
-struct sdap_attr_map ipa_netgroup_map[] = {
- { "ipa_netgroup_object_class", "ipaNisNetgroup", SYSDB_NETGROUP_CLASS, NULL },
- { "ipa_netgroup_name", "cn", SYSDB_NAME, NULL },
- { "ipa_netgroup_member", "member", SYSDB_ORIG_NETGROUP_MEMBER, NULL },
- { "ipa_netgroup_member_of", "memberOf", SYSDB_MEMBEROF, NULL },
- { "ipa_netgroup_member_user", "memberUser", SYSDB_ORIG_MEMBER_USER, NULL },
- { "ipa_netgroup_member_host", "memberHost", SYSDB_ORIG_MEMBER_HOST, NULL },
- { "ipa_netgroup_member_ext_host", "externalHost", SYSDB_ORIG_NETGROUP_EXTERNAL_HOST, NULL },
- { "ipa_netgroup_domain", "nisDomainName", SYSDB_NETGROUP_DOMAIN, NULL },
- { "ipa_netgroup_uuid", "ipaUniqueID", SYSDB_UUID, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map ipa_netgroup_map[];
-struct sdap_attr_map ipa_host_map[] = {
- { "ipa_host_object_class", "ipaHost", SYSDB_HOST_CLASS, NULL },
- { "ipa_host_name", "cn", SYSDB_NAME, NULL },
- { "ipa_host_fqdn", "fqdn", SYSDB_FQDN, NULL },
- { "ipa_host_serverhostname", "serverHostname", SYSDB_SERVERHOSTNAME, NULL },
- { "ipa_host_member_of", "memberOf", SYSDB_ORIG_MEMBEROF, NULL },
- { "ipa_host_ssh_public_key", "ipaSshPubKey", SYSDB_SSH_PUBKEY, NULL },
- { "ipa_host_uuid", "ipaUniqueID", SYSDB_UUID, NULL},
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map ipa_host_map[];
-struct sdap_attr_map ipa_hostgroup_map[] = {
- { "ipa_hostgroup_objectclass", "ipaHostgroup", SYSDB_HOSTGROUP_CLASS, NULL},
- { "ipa_hostgroup_name", "cn", SYSDB_NAME, NULL},
- { "ipa_hostgroup_memberof", "memberOf", SYSDB_ORIG_MEMBEROF, NULL},
- { "ipa_hostgroup_uuid", "ipaUniqueID", SYSDB_UUID, NULL},
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map ipa_hostgroup_map[];
-struct sdap_attr_map ipa_selinux_user_map[] = {
- { "ipa_selinux_usermap_object_class", "ipaselinuxusermap", SYSDB_SELINUX_USERMAP_CLASS, NULL},
- { "ipa_selinux_usermap_name", "cn", SYSDB_NAME, NULL},
- { "ipa_selinux_usermap_member_user", "memberUser", SYSDB_ORIG_MEMBER_USER, NULL},
- { "ipa_selinux_usermap_member_host", "memberHost", SYSDB_ORIG_MEMBER_HOST, NULL},
- { "ipa_selinux_usermap_see_also", "seeAlso", SYSDB_SELINUX_SEEALSO, NULL},
- { "ipa_selinux_usermap_selinux_user", "ipaSELinuxUser", SYSDB_SELINUX_USER, NULL},
- { "ipa_selinux_usermap_enabled", "ipaEnabledFlag", SYSDB_SELINUX_ENABLED, NULL},
- { "ipa_selinux_usermap_user_category", "userCategory", SYSDB_USER_CATEGORY, NULL},
- { "ipa_selinux_usermap_host_category", "hostCategory", SYSDB_HOST_CATEGORY, NULL},
- { "ipa_selinux_usermap_uuid", "ipaUniqueID", SYSDB_UUID, NULL},
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map ipa_selinux_user_map[];
-struct sdap_attr_map ipa_view_map[] = {
- { "ipa_view_class", "nsContainer", SYSDB_VIEW_CLASS, NULL},
- { "ipa_view_name", "cn", SYSDB_VIEW_NAME, NULL},
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map ipa_view_map[];
-struct sdap_attr_map ipa_override_map[] = {
- { "ipa_overide_object_class", "ipaOverrideAnchor", SYSDB_OVERRIDE_CLASS, NULL},
- { "ipa_anchor_uuid", "ipaAnchorUUID", SYSDB_OVERRIDE_ANCHOR_UUID, NULL},
- { "ipa_user_override_object_class", "ipaUserOverride", SYSDB_OVERRIDE_USER_CLASS, NULL},
- { "ipa_group_override_object_class", "ipaGroupOverride", SYSDB_OVERRIDE_GROUP_CLASS, NULL},
- { "ldap_user_name", "uid", SYSDB_NAME, NULL },
- { "ldap_user_uid_number", "uidNumber", SYSDB_UIDNUM, NULL },
- { "ldap_user_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
- { "ldap_user_gecos", "gecos", SYSDB_GECOS, NULL },
- { "ldap_user_home_directory", "homeDirectory", SYSDB_HOMEDIR, NULL },
- { "ldap_user_shell", "loginShell", SYSDB_SHELL, NULL },
- { "ldap_group_name", "cn", SYSDB_NAME, NULL },
- { "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
- { "ldap_user_ssh_public_key", "ipaSshPubKey", SYSDB_SSH_PUBKEY, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map ipa_override_map[];
-struct dp_option ipa_def_krb5_opts[] = {
- { "krb5_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_backup_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_ccachedir", DP_OPT_STRING, { DEFAULT_CCACHE_DIR }, NULL_STRING },
- { "krb5_ccname_template", DP_OPT_STRING, NULL_STRING, NULL_STRING},
- { "krb5_auth_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER },
- { "krb5_keytab", DP_OPT_STRING, { "/etc/krb5.keytab" }, NULL_STRING },
- { "krb5_validate", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "krb5_kpasswd", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_backup_kpasswd", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_store_password_if_offline", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "krb5_renewable_lifetime", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_lifetime", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_renew_interval", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_use_fast", DP_OPT_STRING, { "try" }, NULL_STRING },
- { "krb5_fast_principal", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_canonicalize", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "krb5_use_enterprise_principal", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "krb5_use_kdcinfo", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "krb5_map_user", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- DP_OPTION_TERMINATOR
-};
+extern struct dp_option ipa_def_krb5_opts[];
-struct sdap_attr_map ipa_service_map[] = {
- { "ldap_service_object_class", "ipService", SYSDB_SVC_CLASS, NULL },
- { "ldap_service_name", "cn", SYSDB_NAME, NULL },
- { "ldap_service_port", "ipServicePort", SYSDB_SVC_PORT, NULL },
- { "ldap_service_proto", "ipServiceProtocol", SYSDB_SVC_PROTO, NULL },
- { "ldap_service_entry_usn", NULL, SYSDB_USN, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map ipa_service_map[];
-struct sdap_attr_map ipa_autofs_mobject_map[] = {
- { "ldap_autofs_map_object_class", "automountMap", SYSDB_AUTOFS_MAP_OC, NULL },
- { "ldap_autofs_map_name", "automountMapName", SYSDB_AUTOFS_MAP_NAME, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map ipa_autofs_mobject_map[];
-struct sdap_attr_map ipa_autofs_entry_map[] = {
- { "ldap_autofs_entry_object_class", "automount", SYSDB_AUTOFS_ENTRY_OC, NULL },
- { "ldap_autofs_entry_key", "automountKey", SYSDB_AUTOFS_ENTRY_KEY, NULL },
- { "ldap_autofs_entry_value", "automountInformation", SYSDB_AUTOFS_ENTRY_VALUE, NULL },
- SDAP_ATTR_MAP_TERMINATOR
-};
+extern struct sdap_attr_map ipa_autofs_entry_map[];
#endif /* IPA_OPTS_H_ */
--
2.1.0
From c55b894f90c0ff8db9ba2f0b5376a78d6436c913 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrez...@redhat.com>
Date: Mon, 14 Dec 2015 11:17:37 +0100
Subject: [PATCH 04/16] KRB5: Mark globals in krb5_opts.h as extern
To avoid collisions when we want to work with them elsewhere in the code.
---
Makefile.am | 5 +++++
src/providers/krb5/{krb5_opts.h => krb5_opts.c} | 5 -----
src/providers/krb5/krb5_opts.h | 24 +-----------------------
3 files changed, 6 insertions(+), 28 deletions(-)
copy src/providers/krb5/{krb5_opts.h => krb5_opts.c} (97%)
diff --git a/Makefile.am b/Makefile.am
index 78a6de7de68c9f836981d1dfb8790870739888f4..a9d3f25d3775f6ac824b9f9b85dd0412417c33d3 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1518,6 +1518,7 @@ krb5_utils_tests_SOURCES = \
src/providers/krb5/krb5_utils.c \
src/providers/krb5/krb5_ccache.c \
src/providers/krb5/krb5_common.c \
+ src/providers/krb5/krb5_opts.c \
src/util/sss_krb5.c \
src/providers/data_provider_fo.c \
src/providers/data_provider_opts.c \
@@ -1655,6 +1656,7 @@ ipa_ldap_opt_tests_SOURCES = \
src/providers/ldap/ldap_opts.c \
src/providers/ad/ad_opts.c \
src/providers/ipa/ipa_opts.c \
+ src/providers/krb5/krb5_opts.c \
src/util/sss_ldap.c \
src/tests/ipa_ldap_opt-tests.c
ipa_ldap_opt_tests_CFLAGS = \
@@ -1671,6 +1673,7 @@ ipa_ldap_opt_tests_LDADD = \
ad_ldap_opt_tests_SOURCES = \
src/providers/ldap/ldap_opts.c \
src/providers/ad/ad_opts.c \
+ src/providers/krb5/krb5_opts.c \
src/tests/ad_ldap_opt-tests.c
ad_ldap_opt_tests_CFLAGS = \
$(AM_CFLAGS) \
@@ -1792,6 +1795,7 @@ krb5_child_test_SOURCES = \
src/providers/krb5/krb5_ccache.c \
src/providers/krb5/krb5_child_handler.c \
src/providers/krb5/krb5_common.c \
+ src/providers/krb5/krb5_opts.c \
src/util/sss_krb5.c \
src/providers/data_provider_fo.c \
src/providers/data_provider_opts.c \
@@ -2869,6 +2873,7 @@ libsss_krb5_common_la_SOURCES = \
src/providers/krb5/krb5_renew_tgt.c \
src/providers/krb5/krb5_wait_queue.c \
src/providers/krb5/krb5_common.c \
+ src/providers/krb5/krb5_opts.c \
src/providers/krb5/krb5_auth.c \
src/providers/krb5/krb5_access.c \
src/providers/krb5/krb5_child_handler.c \
diff --git a/src/providers/krb5/krb5_opts.h b/src/providers/krb5/krb5_opts.c
similarity index 97%
copy from src/providers/krb5/krb5_opts.h
copy to src/providers/krb5/krb5_opts.c
index 50d701b8ba431719dbf67799230ec345cdee30a9..6bec52767897ba946cf492f9a2e6e4b91a55fba1 100644
--- a/src/providers/krb5/krb5_opts.h
+++ b/src/providers/krb5/krb5_opts.c
@@ -20,9 +20,6 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef KRB5_OPTS_H_
-#define KRB5_OPTS_H_
-
#include "src/providers/data_provider.h"
struct dp_option default_krb5_opts[] = {
@@ -48,5 +45,3 @@ struct dp_option default_krb5_opts[] = {
{ "krb5_map_user", DP_OPT_STRING, NULL_STRING, NULL_STRING },
DP_OPTION_TERMINATOR
};
-
-#endif /* KRB5_OPTS_H_ */
diff --git a/src/providers/krb5/krb5_opts.h b/src/providers/krb5/krb5_opts.h
index 50d701b8ba431719dbf67799230ec345cdee30a9..798008dc376c7fca89761258e3bdff2a683420bb 100644
--- a/src/providers/krb5/krb5_opts.h
+++ b/src/providers/krb5/krb5_opts.h
@@ -25,28 +25,6 @@
#include "src/providers/data_provider.h"
-struct dp_option default_krb5_opts[] = {
- { "krb5_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_backup_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_ccachedir", DP_OPT_STRING, { DEFAULT_CCACHE_DIR }, NULL_STRING },
- { "krb5_ccname_template", DP_OPT_STRING, NULL_STRING, NULL_STRING},
- { "krb5_auth_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER },
- { "krb5_keytab", DP_OPT_STRING, { "/etc/krb5.keytab" }, NULL_STRING },
- { "krb5_validate", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "krb5_kpasswd", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_backup_kpasswd", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_store_password_if_offline", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "krb5_renewable_lifetime", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_lifetime", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_renew_interval", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_use_fast", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_fast_principal", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- { "krb5_canonicalize", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "krb5_use_enterprise_principal", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
- { "krb5_use_kdcinfo", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
- { "krb5_map_user", DP_OPT_STRING, NULL_STRING, NULL_STRING },
- DP_OPTION_TERMINATOR
-};
+extern struct dp_option default_krb5_opts[];
#endif /* KRB5_OPTS_H_ */
--
2.1.0
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/admin/lists/sssd-devel@lists.fedorahosted.org
