Add ipasam samba passdb backend

https://fedorahosted.org/freeipa/ticket/1874
2025-02-25 18:55:28 -06:00 · 2011-10-25 10:33:30 +02:00
parent 7c3e5f1be5
commit edb6ed5007
8 changed files with 3334 additions and 2 deletions
--- a/daemons/Makefile.am
+++ b/daemons/Makefile.am
@@ -15,6 +15,7 @@ export AM_CFLAGS
 SUBDIRS =			\
 	ipa-kdb			\
 	ipa-slapi-plugins	\
+	ipa-sam			\
 	$(NULL)

 DISTCLEANFILES =		\
--- a/daemons/configure.ac
+++ b/daemons/configure.ac
@@ -227,7 +227,7 @@ if test "x$PYTHON" = "x" ; then
 fi

 dnl ---------------------------------------------------------------------------
-dnl Check for ndr_krb5pac
+dnl Check for ndr_krb5pac and other samba libraries
 dnl ---------------------------------------------------------------------------

 PKG_PROG_PKG_CONFIG()
@@ -235,6 +235,10 @@ PKG_CHECK_MODULES([TALLOC], [talloc])
 PKG_CHECK_MODULES([TEVENT], [tevent])
 PKG_CHECK_MODULES([NDRPAC], [ndr_krb5pac])
 PKG_CHECK_MODULES([NDRNBT], [ndr_nbt])
+PKG_CHECK_MODULES([NDR], [ndr])
+PKG_CHECK_MODULES([SAMBAUTIL], [samba-util])
+SAMBA40EXTRA_LIBPATH="-L`$PKG_CONFIG --variable=libdir samba-util`/samba"
+AC_SUBST(SAMBA40EXTRA_LIBPATH)


 dnl ---------------------------------------------------------------------------
@@ -300,6 +304,7 @@ AC_SUBST(LDFLAGS)
 AC_CONFIG_FILES([
    Makefile
    ipa-kdb/Makefile
+    ipa-sam/Makefile
    ipa-slapi-plugins/Makefile
    ipa-slapi-plugins/ipa-cldap/Makefile
    ipa-slapi-plugins/ipa-enrollment/Makefile
--- a/daemons/ipa-sam/Makefile.am
+++ b/daemons/ipa-sam/Makefile.am
@@ -0,0 +1,60 @@
+NULL =
+SAMBA40EXTRA_LIBS = $(SAMBA40EXTRA_LIBPATH)	\
+			-lsmbldap		\
+			-lcliauth		\
+			-lpdb			\
+			-lsecurity		\
+			-lutil_str		\
+			-lsmbconf		\
+			$(NULL)
+
+INCLUDES =						\
+	-I.						\
+	-I$(srcdir)					\
+	-I/usr/include/samba-4.0			\
+	-DPREFIX=\""$(prefix)"\" 			\
+	-DBINDIR=\""$(bindir)"\"			\
+	-DLIBDIR=\""$(libdir)"\" 			\
+	-DLIBEXECDIR=\""$(libexecdir)"\"		\
+	-DDATADIR=\""$(datadir)"\"			\
+	-DLDAPIDIR=\""$(localstatedir)/run"\"		\
+	-DHAVE_LDAP					\
+	$(AM_CFLAGS)					\
+	$(LDAP_CFLAGS)					\
+	$(KRB5_CFLAGS)					\
+	$(WARN_CFLAGS)					\
+	$(TALLOC_CFLAGS)				\
+	$(SAMBAUTIL_CFLAGS)				\
+	$(NDR_CFLAGS)					\
+	$(NULL)
+
+plugindir = $(libdir)/samba/pdb
+plugin_LTLIBRARIES = 		\
+	ipasam.la		\
+	$(NULL)
+
+ipasam_la_SOURCES = 		\
+	ipa_sam.c		\
+	$(NULL)
+
+ipasam_la_LDFLAGS = 		\
+	-avoid-version		\
+	-module			\
+	$(NULL)
+
+ipasam_la_LIBADD = 		\
+	$(LDAP_LIBS)		\
+	$(TALLOC_LIBS)		\
+	$(SAMBAUTIL_LIBS)	\
+	$(NDR_LIBS)		\
+	$(SAMBA40EXTRA_LIBS)	\
+	$(NULL)
+
+EXTRA_DIST =			\
+	README			\
+	ipa_sam.h		\
+	$(NULL)
+
+MAINTAINERCLEANFILES =		\
+	*~			\
+	Makefile.in
--- a/daemons/ipa-sam/README
+++ b/daemons/ipa-sam/README
@@ -0,0 +1 @@
+This is the ipa samba passdb backend.
--- a/daemons/ipa-sam/ipa_sam.c
+++ b/daemons/ipa-sam/ipa_sam.c
--- a/daemons/ipa-sam/ipa_sam.h
+++ b/daemons/ipa-sam/ipa_sam.h
@@ -0,0 +1,28 @@
+/*
+   Unix SMB/CIFS implementation.
+   IPA helper functions for SAMBA
+   Copyright (C) Sumit Bose <sbose@redhat.com> 2010
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+*/
+
+#ifndef _PASSDB_PDB_IPA_H_
+#define _PASSDB_PDB_IPA_H_
+
+/* The following definitions come from passdb/pdb_ipa.c  */
+
+NTSTATUS pdb_ipa_init(void);
+
+#endif /* _PASSDB_PDB_IPA_H_ */
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -327,6 +327,7 @@ rm %{buildroot}/%{plugin_dir}/libipa_modrdn.la
 rm %{buildroot}/%{plugin_dir}/libipa_lockout.la
 rm %{buildroot}/%{plugin_dir}/libipa_cldap.la
 rm %{buildroot}/%{_libdir}/krb5/plugins/kdb/ipadb.la
+rm %{buildroot}/%{_libdir}/samba/pdb/ipasam.la

 # Some user-modifiable HTML files are provided. Move these to /etc
 # and link back.
@@ -547,6 +548,7 @@ fi
 %dir %{_localstatedir}/cache/ipa
 %attr(700,apache,apache) %dir %{_localstatedir}/cache/ipa/sessions
 %attr(755,root,root) %{_libdir}/krb5/plugins/kdb/ipadb.so
+%attr(755,root,root) %{_libdir}/samba/pdb/ipasam.so
 %{_mandir}/man1/ipa-replica-conncheck.1.gz
 %{_mandir}/man1/ipa-replica-install.1.gz
 %{_mandir}/man1/ipa-replica-manage.1.gz
--- a/install/share/smb.conf.template
+++ b/install/share/smb.conf.template
@@ -9,7 +9,7 @@ domain logons = yes
 log level = 1
 max log size = 100000
 log file = /var/log/samba/log.%m
-passdb backend = IPA_ldapsam:ldapi://$LDAPI_SOCKET
+passdb backend = ipasam:ldapi://$LDAPI_SOCKET
 ldapsam:trusted=yes
 ldap ssl = off
 ldap admin dn = $SMB_DN