Hello community,
here is the log from the commit of package nfsidmap for openSUSE:Factory
checked in at Fri Mar 19 09:03:47 CET 2010.
--------
--- nfsidmap/nfsidmap.changes 2009-04-22 18:09:07.000000000 +0200
+++ /mounts/work_src_done/STABLE/nfsidmap/nfsidmap.changes 2010-02-26 11:43:04.000000000 +0100
@@ -1,0 +2,18 @@
+Fri Feb 26 11:41:31 CET 2010 - meissner@suse.de
+
+- updated to 0.233
+ * Allows mappings to be correct "right out of the box" when DNS is
+ set up correctly and stops idmapper from dying when there is
+ no domain name set.
+ * Move the default processing for the "Local-Realm" config option
+ into the main config file processing function and adds missing
+ documentation for the previously added configuration option.
+ * Print a debug log message "when the krb5 realm can not be used since
+ it does not match the DNS domain name or the 'Local-Realm' variable
+ defined in /etc/idmad.conf"
+ * Move the idmapd.conf manpage from nfs-utils and update it to match
+ the current functionality.
+ * Changes to install, and look for, the plugin libraries in a separate
+ libnfsidmap directory.
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
libnfsidmap-0.21_avoid_version.patch
libnfsidmap-0.21.tar.bz2
New:
----
libnfsidmap-0.23.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ nfsidmap.spec ++++++
--- /var/tmp/diff_new_pack.OxA9Oe/_old 2010-03-19 09:00:50.000000000 +0100
+++ /var/tmp/diff_new_pack.OxA9Oe/_new 2010-03-19 09:00:50.000000000 +0100
@@ -1,7 +1,7 @@
#
-# spec file for package nfsidmap (Version 0.21)
+# spec file for package nfsidmap (Version 0.23)
#
-# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -21,10 +21,10 @@
BuildRequires: openldap2-devel tcpd-devel
Url: http://nfs.sourceforge.net
Summary: NFSv4 ID Mapping Library
-Version: 0.21
-Release: 3
+Version: 0.23
+Release: 1
Group: Productivity/Networking/NFS
-License: BSD 3-Clause
+License: BSD3c
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: %fillup_prereq %insserv_prereq
AutoReqProv: on
@@ -32,10 +32,9 @@
Source0: http://www.citi.umich.edu/projects/nfsv4/linux/libnfsidmap/libnfsidmap-%{version}.tar.bz2
Source1: nfsv4.schema
Patch0: fix-prototype.patch
-Patch1: libnfsidmap-0.21_avoid_version.patch
%package devel
-License: BSD 3-Clause
+License: BSD3c
Summary: NFSv4 ID Mapping Library development libraries
Group: Development/Libraries/C and C++
Requires: openldap2-devel nfsidmap = %version
@@ -65,7 +64,6 @@
%prep
%setup -q -n libnfsidmap-%version
%patch0 -p0
-%patch1 -p0
cp %{S:1} .
%build
@@ -89,7 +87,8 @@
%files
%defattr(444,root,root,755)
%doc README nfsv4.schema
-%attr(555,root,root) %{_libdir}/libnfsidmap_*.so*
+%dir %{_libdir}/libnfsidmap/
+%attr(555,root,root) %{_libdir}/libnfsidmap/*.so*
%attr(555,root,root) %{_libdir}/libnfsidmap.so.*
%attr(444,root,root) %{_mandir}/man?/*
++++++ libnfsidmap-0.21.tar.bz2 -> libnfsidmap-0.23.tar.bz2 ++++++
++++ 15640 lines of diff (skipped)
++++ retrying with extended exclude list
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnfsidmap-0.21/ChangeLog new/libnfsidmap-0.23/ChangeLog
--- old/libnfsidmap-0.21/ChangeLog 2008-07-31 00:22:44.000000000 +0200
+++ new/libnfsidmap-0.23/ChangeLog 2009-08-26 22:51:25.000000000 +0200
@@ -115,3 +115,31 @@
nfs4_gss_princ_to_ids_ex(), and nfs4_gss_princ_to_grouplist_ex() which
allow extra information to be passed to these mapping functions.
+2009-07-29:
+
+Changes since libnfsidmap-0.21:
+
+From Steve Dickson :
+Allows mappings to be correct "right out of the box" when DNS is
+set up correctly and stops idmapper from dying when there is
+no domain name set.
+
+Move the default processing for the "Local-Realm" config option
+into the main config file processing function and adds missing
+documentation for the previously added configuration option.
+
+From Steve Dickson :
+Print a debug log message "when the krb5 realm can not be used since
+it does not match the DNS domain name or the 'Local-Realm' variable
+defined in /etc/idmad.conf"
+
+Move the idmapd.conf manpage from nfs-utils and update it to match
+the current functionality.
+
+2009-08-26:
+
+Changes since libnfsidmap-0.22 (which was never officially announced):
+
+From Guillaume Rousse :
+Changes to install, and look for, the plugin libraries in a separate
+libnfsidmap directory.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnfsidmap-0.21/configure.in new/libnfsidmap-0.23/configure.in
--- old/libnfsidmap-0.21/configure.in 2008-07-30 23:07:16.000000000 +0200
+++ new/libnfsidmap-0.23/configure.in 2009-08-26 22:47:38.000000000 +0200
@@ -2,7 +2,7 @@
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.59)
-AC_INIT(libnfsidmap, 0.21, nfsv4-wg@citi.umich.edu)
+AC_INIT(libnfsidmap, 0.23, nfsv4-wg@citi.umich.edu)
AC_CONFIG_SRCDIR([nfsidmap.h])
AM_INIT_AUTOMAKE
AM_PROG_LIBTOOL
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnfsidmap-0.21/idmapd.conf new/libnfsidmap-0.23/idmapd.conf
--- old/libnfsidmap-0.21/idmapd.conf 2008-03-28 16:40:35.000000000 +0100
+++ new/libnfsidmap-0.23/idmapd.conf 2009-07-29 22:19:06.000000000 +0200
@@ -1,7 +1,19 @@
[General]
#Verbosity = 0
-# The following should be set to the local NFSv4 domain name (REQUIRED)
-Domain = local.domain.edu
+# The following should be set to the local NFSv4 domain name
+# The default is the host's DNS domain name.
+#Domain = local.domain.edu
+
+# The following is a comma-separated list of Kerberos realm
+# names that should be considered to be equivalent to the
+# local realm, such that <user>@REALM.A can be assumed to
+# be the same user as <user>@REALM.B
+# If not specified, the default local realm is the domain name,
+# which defaults to the host's DNS domain name,
+# translated to upper-case.
+# Note that if this value is specified, the local realm name
+# must be included in the list!
+#Local-Realms =
[Mapping]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnfsidmap-0.21/idmapd.conf.5 new/libnfsidmap-0.23/idmapd.conf.5
--- old/libnfsidmap-0.21/idmapd.conf.5 1970-01-01 01:00:00.000000000 +0100
+++ new/libnfsidmap-0.23/idmapd.conf.5 2009-07-29 22:19:06.000000000 +0200
@@ -0,0 +1,285 @@
+.\"
+.\" idmapd.conf(5)
+.\"
+.\" COPYRIGHT (c) 2008
+.\" The Regents of the University of Michigan
+.\" ALL RIGHTS RESERVED
+.\"
+.\" Permission is granted to use, copy, create derivative works
+.\" and redistribute this software and such derivative works
+.\" for any purpose, so long as the name of The University of
+.\" Michigan is not used in any advertising or publicity
+.\" pertaining to the use of distribution of this software
+.\" without specific, written prior authorization. If the
+.\" above copyright notice or any other identification of the
+.\" University of Michigan is included in any copy of any
+.\" portion of this software, then the disclaimer below must
+.\" also be included.
+.\"
+.\" THIS SOFTWARE IS PROVIDED AS IS, WITHOUT REPRESENTATION
+.\" FROM THE UNIVERSITY OF MICHIGAN AS TO ITS FITNESS FOR ANY
+.\" PURPOSE, AND WITHOUT WARRANTY BY THE UNIVERSITY OF
+.\" MICHIGAN OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING
+.\" WITHOUT LIMITATION THE IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE
+.\" REGENTS OF THE UNIVERSITY OF MICHIGAN SHALL NOT BE LIABLE
+.\" FOR ANY DAMAGES, INCLUDING SPECIAL, INDIRECT, INCIDENTAL, OR
+.\" CONSEQUENTIAL DAMAGES, WITH RESPECT TO ANY CLAIM ARISING
+.\" OUT OF OR IN CONNECTION WITH THE USE OF THE SOFTWARE, EVEN
+.\" IF IT HAS BEEN OR IS HEREAFTER ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGES.
+.\"
+.TH idmapd.conf 5 "19 Nov 2008"
+.SH NAME
+idmapd.conf
+.SH SYNOPSIS
+Configuration file for libnfsidmap. Used by idmapd and svcgssd to map NFSv4 name to and from ids.
+.SH DESCRIPTION
+The
+.B idmapd.conf
+configuration file consists of several sections, initiated by strings of the
+form [General] and [Mapping]. Each section may contain lines of the form
+.nf
+ variable = value
+.fi
+The recognized sections and their recognized variables are as follows:
+.\"
+.\" -------------------------------------------------------------------
+.\" The [General] section
+.\" -------------------------------------------------------------------
+.\"
+.SS "[General] section variables"
+.nf
+
+
+.fi
+.TP
+.B Verbosity
+Verbosity level of debugging
+(Default: 0)
+.TP
+.B Domain
+The local NFSv4 domain name. An NFSv4 domain is a namespace with
+a unique username<->UID and groupname<->GID mapping.
+(Default: Host's fully-qualified DNS domain name)
+.TP
+.B Local-Realms
+A comma-separated list of Kerberos realm names that may be considered equivalent to the
+local realm name. For example, users juser@ORDER.EDU and juser@MAIL.ORDER.EDU
+may be considered to be the same user in the specified
+.B Domain.
+(Default: the host's default realm name)
+.br
+.B Note:
+If a value is specified here, the default local realm must be included as well.
+.\"
+.\" -------------------------------------------------------------------
+.\" The [Mapping] section
+.\" -------------------------------------------------------------------
+.\"
+.SS "[Mapping] section variables"
+.nf
+
+.fi
+.TP
+.B Nobody-User
+Local user name to be used when a mapping cannot be completed.
+.TP
+.B Nobody-Group
+Local group name to be used when a mapping cannot be completed.
+.\"
+.\" -------------------------------------------------------------------
+.\" The [Translation] section
+.\" -------------------------------------------------------------------
+.\"
+.SS "[Translation] section variables"
+.nf
+
+.fi
+.TP
+.B Method
+A comma-separated, ordered list of mapping methods (plug-ins)
+to use when mapping between NFSv4 names and local IDs. Each
+specified method is tried in order until a mapping is found,
+or there are no more methods to try. The methods included in
+the default distribution include "nsswitch", "umich_ldap", and
+"static".
+(Default: nsswitch)
+.TP
+.B GSS-Methods
+An optional comma-separated, ordered list of mapping methods (plug-ins)
+to use when mapping between GSS Authenticated names and local IDs.
+(Default: the same list as specified for
+.B Method)
+.\"
+.\" -------------------------------------------------------------------
+.\" The [Static] section
+.\" -------------------------------------------------------------------
+.\"
+.SS "[Static] section variables"
+.nf
+
+.fi
+The "static" translation method uses a static list of GSS-Authenticated
+names to local user names. Entries in the list are of the form:
+.nf
+ principal@REALM = localusername
+.fi
+.\"
+.\" -------------------------------------------------------------------
+.\" The [UMICH_SCHEMA] section
+.\" -------------------------------------------------------------------
+.\"
+.SS "[UMICH_SCHEMA] section variables"
+.nf
+
+.fi
+If the "umich_ldap" translation method is specified, the following
+variables within the [UMICH_SCHEMA] section are used.
+.TP
+.B LDAP_server
+LDAP server name or address
+(Required if using UMICH_LDAP)
+.TP
+.B LDAP_base
+Absolute LDAP search base.
+(Required if using UMICH_LDAP)
+.TP
+.B LDAP_people_base
+Absolute LDAP search base for people accounts.
+(Default: The
+.B LDAP_base
+value)
+.TP
+.B LDAP_group_base
+Absolute LDAP search base for group accounts.
+(Default: The
+.B LDAP_base
+value)
+.TP
+.B LDAP_canonicalize_name
+Whether or not to perform name canonicalization on the
+name given as
+.B LDAP_server
+(Default: "true")
+.TP
+.B LDAP_use_ssl
+Set to "true" to enable SSL communication with the LDAP server.
+(Default: "false")
+.TP
+.B LDAP_ca_cert
+Location of a trusted CA certificate used when SSL is enabled
+(Required if
+.B LDAP_use_ssl
+is true)
+.TP
+.B NFSv4_person_objectclass
+The object class name for people accounts in your local LDAP schema
+(Default: NFSv4RemotePerson)
+.TP
+.B NFSv4_name_attr
+Your local schema's attribute name to be used for NFSv4 user names
+(Default: NFSv4Name)
+.TP
+.B NFSv4_uid_attr
+Your local schema's attribute name to be used for uidNumber
+(Default: uidNumber)
+.TP
+.B GSS_principal_attr
+Your local schema's attribute name for GSSAPI Principal names
+(Default: GSSAuthName)
+.TP
+.B NFSv4_acctname_attr
+Your local schema's attribute name to be used for account names
+(Default: uid)
+.TP
+.B NFSv4_group_objectclass
+The object class name for group accounts in your local LDAP schema
+(Default: NFSv4RemoteGroup)
+.TP
+.B NFSv4_gid_attr
+Your local schema's attribute name to be used for gidNumber
+(Default: gidNumber)
+.TP
+.B NFSv4_group_attr
+Your local schema's attribute name to be used for NFSv4 group names
+(Default: NFSv4Name)
+.TP
+.B LDAP_use_memberof_for_groups
+Some LDAP servers do a better job with indexing where searching
+through all the groups searching for the user in the memberuid
+list. Others like SunOne directory that search can takes minutes
+if there are thousands of groups. So setting
+.B LDAP_use_memberof_for_groups
+to true in the configuration file will use the memberof lists of
+the account and search through only those groups to obtain gids.
+(Default: false)
+.TP
+.B NFSv4_member_attr
+If
+.B LDAP_use_memberof_for_groups
+is true, this is the attribute to be searched for.
+(Default: memberUid)
+.TP
+.B NFSv4_grouplist_filter
+An optional search filter for determining group membership.
+(No Default)
+.TP
+.B LDAP_timeout_seconds
+Number of seconds before timing out an LDAP request
+(Default: 4)
+.\"
+.\" -------------------------------------------------------------------
+.\" An Example
+.\" -------------------------------------------------------------------
+.\"
+.SH EXAMPLES
+."
+An example
+.I /etc/idmapd.conf
+file:
+.nf
+
+
+[General]
+
+Verbosity = 0
+Domain = domain.org
+Local-Realms = DOMAIN.ORG,MY.DOMAIN.ORG,YOUR.DOMAIN.ORG
+
+[Mapping]
+
+Nobody-User = nfsnobody
+Nobody-Group = nfsnobody
+
+[Translation]
+
+Method = umich_ldap,nsswitch
+GSS-Methods = umich_ldap,static
+
+[Static]
+
+johndoe@OTHER.DOMAIN.ORG = johnny
+
+[UMICH_SCHEMA]
+
+LDAP_server = ldap.domain.org
+LDAP_base = dc=org,dc=domain
+
+.fo
+.\"
+.\" -------------------------------------------------------------------
+.\" Additional sections
+.\" -------------------------------------------------------------------
+.\"
+.SH SEE ALSO
+.BR idmapd (8)
+.BR svcgssd (8)
+.".SH COMPATIBILITY
+.".SH STANDARDS
+.".SH ACKNOWLEDGEMENTS
+.".SH AUTHORS
+.".SH HISTORY
+.SH BUGS
+Report bugs to
+.".SH CAVEATS
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnfsidmap-0.21/libnfsidmap.c new/libnfsidmap-0.23/libnfsidmap.c
--- old/libnfsidmap-0.21/libnfsidmap.c 2008-04-01 16:22:22.000000000 +0200
+++ new/libnfsidmap-0.23/libnfsidmap.c 2009-08-26 22:45:11.000000000 +0200
@@ -59,7 +59,9 @@
static struct mapping_plugin **nfs4_plugins = NULL;
static struct mapping_plugin **gss_plugins = NULL;
-#define PLUGIN_PREFIX "libnfsidmap_"
+#ifndef PATH_PLUGINS
+#define PATH_PLUGINS "/usr/lib/libnfsidmap"
+#endif
#define PLUGIN_INIT_FUNC "libnfsidmap_plugin_init"
@@ -67,6 +69,10 @@
#define PATH_IDMAPDCONF "/etc/idmapd.conf"
#endif
+#ifndef IDMAPD_DEFAULT_DOMAIN
+#define IDMAPD_DEFAULT_DOMAIN "localdomain"
+#endif
+
/* Default logging fuction */
static void default_logger(const char *fmt, ...)
{
@@ -78,6 +84,14 @@
}
nfs4_idmap_log_function_t idmap_log_func = default_logger;
+static char * toupper_str(char *s)
+{
+ int i;
+ for (i=0; i < strlen(s); i++)
+ s[i] = toupper(s[i]);
+ return s;
+}
+
static int domain_from_dns(char **domain)
{
struct hostent *he;
@@ -101,7 +115,7 @@
char plgname[128];
int ret = 0;
- snprintf(plgname, sizeof(plgname), "%s%s.so", PLUGIN_PREFIX, method);
+ snprintf(plgname, sizeof(plgname), "%s/%s.so", PATH_PLUGINS, method);
dl = dlopen(plgname, RTLD_NOW | RTLD_LOCAL);
if (dl == NULL) {
@@ -212,16 +226,41 @@
dflt = 1;
ret = domain_from_dns(&default_domain);
if (ret) {
- IDMAP_LOG(0, ("libnfsidmap: Unable to determine "
- "a default nfsv4 domain; consider "
- "specifying one in idmapd.conf\n"));
- return -ENOENT;
+ IDMAP_LOG(1, ("libnfsidmap: Unable to determine "
+ "the NFSv4 domain; Using '%s' as the NFSv4 domain "
+ "which means UIDs will be mapped to the 'Nobody-User' "
+ "user defined in %s\n",
+ IDMAPD_DEFAULT_DOMAIN, PATH_IDMAPDCONF));
+ default_domain = IDMAPD_DEFAULT_DOMAIN;
}
}
IDMAP_LOG(1, ("libnfsidmap: using%s domain: %s\n",
(dflt ? " (default)" : ""), default_domain));
+ /* Get list of "local equivalent" realms. Meaning the list of realms
+ * where john@REALM.A is considered the same user as john@REALM.B
+ * If not specified, default to upper-case of local domain name */
local_realms = conf_get_list("General", "Local-Realms");
+ if (local_realms == NULL) {
+ struct conf_list_node *node;
+
+ local_realms = malloc(sizeof *local_realms);
+ if (local_realms == NULL)
+ return -ENOMEM;
+ local_realms->cnt = 0;
+ TAILQ_INIT(&local_realms->fields);
+
+ node = calloc(1, sizeof *node);
+ if (node == NULL)
+ return -ENOMEM;
+ node->field = strdup(get_default_domain());
+ if (node->field == NULL)
+ return -ENOMEM;
+ toupper_str(node->field);
+
+ TAILQ_INSERT_TAIL(&local_realms->fields, node, link);
+ local_realms->cnt++;
+ }
nfs4_methods = conf_get_list("Translation", "Method");
if (nfs4_methods) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnfsidmap-0.21/Makefile.am new/libnfsidmap-0.23/Makefile.am
--- old/libnfsidmap-0.21/Makefile.am 2008-07-30 21:10:38.000000000 +0200
+++ new/libnfsidmap-0.23/Makefile.am 2009-08-26 22:45:11.000000000 +0200
@@ -1,16 +1,15 @@
-man_MANS = nfs4_uid_to_name.3
if ENABLE_LDAP
-UMICH_LDAP_LIB = libnfsidmap_umich_ldap.la
+UMICH_LDAP_LIB = umich_ldap.la
else
UMICH_LDAP_LIB =
endif
if ENABLE_GUMS
-GUMS_MAPPING_LIB = libnfsidmap_gums.la
+GUMS_MAPPING_LIB = gums.la
else
GUMS_MAPPING_LIB =
endif
-lib_LTLIBRARIES = libnfsidmap.la libnfsidmap_nsswitch.la libnfsidmap_static.la \
- $(UMICH_LDAP_LIB) $(GUMS_MAPPING_LIB)
+lib_LTLIBRARIES = libnfsidmap.la
+pkglib_LTLIBRARIES = nsswitch.la static.la $(UMICH_LDAP_LIB) $(GUMS_MAPPING_LIB)
# Library versioning notes from:
# http://sources.redhat.com/autobook/autobook/autobook_91.html
@@ -25,22 +24,31 @@
# by this library.
libnfsidmap_la_SOURCES = libnfsidmap.c cfg.c strlcpy.c cfg.h nfsidmap_internal.h queue.h
-libnfsidmap_la_LDFLAGS = -version-info 3:0:3 -ldl
+libnfsidmap_la_CPPFLAGS = -DPATH_PLUGINS=\"$(pkglibdir)\"
+libnfsidmap_la_LDFLAGS = -version-info 3:0:3
+libnfsidmap_la_LIBADD = -ldl
-libnfsidmap_nsswitch_la_SOURCES = nss.c
-libnfsidmap_nsswitch_la_LDFLAGS = -version-info 0:0:0
+nsswitch_la_SOURCES = nss.c
+nsswitch_la_LDFLAGS = -module -avoid-version
-libnfsidmap_static_la_SOURCES = static.c
-libnfsidmap_static_la_LDFLAGS = -version-info 0:0:0
+static_la_SOURCES = static.c
+static_la_LDFLAGS = -module -avoid-version
-libnfsidmap_umich_ldap_la_SOURCES = umich_ldap.c
-libnfsidmap_umich_ldap_la_LDFLAGS = -version-info 0:0:0 -lldap
+umich_ldap_la_SOURCES = umich_ldap.c
+umich_ldap_la_LDFLAGS = -module -avoid-version
+umich_ldap_la_LIBADD = -lldap
-libnfsidmap_gums_la_SOURCES = gums.c
-libnfsidmap_gums_la_LDFLAGS = -version-info 0:0:0
+gums_la_SOURCES = gums.c
+gums_la_LDFLAGS = -module -avoid-version
+man3_MANS = nfs4_uid_to_name.3
+man5_MANS = idmapd.conf.5
include_HEADERS = nfsidmap.h
-EXTRA_DIST = $(man_MANS) libtest.c idmapd.conf
+
+EXTRA_DIST = $(man3_MANS) \
+ $(man5_MANS) \
+ libtest.c \
+ idmapd.conf
# XXX: also exclude debian/files and debian/files.new ? do a clean??
dist-hook:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnfsidmap-0.21/missing new/libnfsidmap-0.23/missing
--- old/libnfsidmap-0.21/missing 2007-08-09 14:37:39.000000000 +0200
+++ new/libnfsidmap-0.23/missing 2009-07-29 22:53:51.000000000 +0200
@@ -1,10 +1,10 @@
#! /bin/sh
# Common stub for a few missing GNU programs while installing.
-scriptversion=2006-05-10.23
+scriptversion=2009-04-28.21; # UTC
-# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006
-# Free Software Foundation, Inc.
+# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006,
+# 2008, 2009 Free Software Foundation, Inc.
# Originally by Fran,cois Pinard , 1996.
# This program is free software; you can redistribute it and/or modify
@@ -18,9 +18,7 @@
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-# 02110-1301, USA.
+# along with this program. If not, see http://www.gnu.org/licenses/.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
@@ -89,6 +87,9 @@
tar try tar, gnutar, gtar, then tar without non-portable flags
yacc create \`y.tab.[ch]', if possible, from existing .[ch]
+Version suffixes to PROGRAM as well as the prefixes \`gnu-', \`gnu', and
+\`g' are ignored when checking the name.
+
Send bug reports to ."
exit $?
;;
@@ -106,15 +107,22 @@
esac
+# normalize program name to check for.
+program=`echo "$1" | sed '
+ s/^gnu-//; t
+ s/^gnu//; t
+ s/^g//; t'`
+
# Now exit if we have it, but it failed. Also exit now if we
# don't have it and --version was passed (most likely to detect
-# the program).
+# the program). This is about non-GNU programs, so use $1 not
+# $program.
case $1 in
- lex|yacc)
+ lex*|yacc*)
# Not GNU programs, they don't have --version.
;;
- tar)
+ tar*)
if test -n "$run"; then
echo 1>&2 "ERROR: \`tar' requires --run"
exit 1
@@ -138,7 +146,7 @@
# If it does not exist, or fails to run (possibly an outdated version),
# try to emulate it.
-case $1 in
+case $program in
aclocal*)
echo 1>&2 "\
WARNING: \`$1' is $msg. You should only need it if
@@ -148,7 +156,7 @@
touch aclocal.m4
;;
- autoconf)
+ autoconf*)
echo 1>&2 "\
WARNING: \`$1' is $msg. You should only need it if
you modified \`${configure_ac}'. You might want to install the
@@ -157,7 +165,7 @@
touch configure
;;
- autoheader)
+ autoheader*)
echo 1>&2 "\
WARNING: \`$1' is $msg. You should only need it if
you modified \`acconfig.h' or \`${configure_ac}'. You might want
@@ -187,7 +195,7 @@
while read f; do touch "$f"; done
;;
- autom4te)
+ autom4te*)
echo 1>&2 "\
WARNING: \`$1' is needed, but is $msg.
You might have modified some files without having the
@@ -210,7 +218,7 @@
fi
;;
- bison|yacc)
+ bison*|yacc*)
echo 1>&2 "\
WARNING: \`$1' $msg. You should only need it if
you modified a \`.y' file. You may need the \`Bison' package
@@ -240,7 +248,7 @@
fi
;;
- lex|flex)
+ lex*|flex*)
echo 1>&2 "\
WARNING: \`$1' is $msg. You should only need it if
you modified a \`.l' file. You may need the \`Flex' package
@@ -263,7 +271,7 @@
fi
;;
- help2man)
+ help2man*)
echo 1>&2 "\
WARNING: \`$1' is $msg. You should only need it if
you modified a dependency of a manual page. You may need the
@@ -277,11 +285,11 @@
else
test -z "$file" || exec >$file
echo ".ab help2man is required to generate this page"
- exit 1
+ exit $?
fi
;;
- makeinfo)
+ makeinfo*)
echo 1>&2 "\
WARNING: \`$1' is $msg. You should only need it if
you modified a \`.texi' or \`.texinfo' file, or any other file
@@ -310,7 +318,7 @@
touch $file
;;
- tar)
+ tar*)
shift
# We have already tried tar in the generic part.
@@ -363,5 +371,6 @@
# eval: (add-hook 'write-file-hooks 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
-# time-stamp-end: "$"
+# time-stamp-time-zone: "UTC"
+# time-stamp-end: "; # UTC"
# End:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnfsidmap-0.21/nfs4_uid_to_name.3 new/libnfsidmap-0.23/nfs4_uid_to_name.3
--- old/libnfsidmap-0.21/nfs4_uid_to_name.3 2004-11-15 01:05:37.000000000 +0100
+++ new/libnfsidmap-0.23/nfs4_uid_to_name.3 2009-07-29 22:19:06.000000000 +0200
@@ -1,6 +1,6 @@
.TH nfs4_uid_to_name 3 2004-08-05
.SH NAME
-nfs4_uid_to_name, nfs4_gid_to_name, nfs4_name_to_uid, nfs4_name_to_gid, nfs4_init_name_mapping, nfs4_get_default_domain, nfs4_gss_princ_to_ids: idmapping for nfsv4
+nfs4_uid_to_name, nfs4_gid_to_name, nfs4_name_to_uid, nfs4_name_to_gid, nfs4_init_name_mapping, nfs4_get_default_domain, nfs4_gss_princ_to_ids, nfs4_gss_princ_to_grouplist, nfs4_gss_princ_to_ids_ex, nfs4_gss_princ_to_grouplist_ex, nfs4_set_debug: idmapping for nfsv4
.SH SYNOPSIS
.B #include
.sp
@@ -16,9 +16,16 @@
.sp
.BI "int nfs4_name_to_gid(char *name, gid_t *gid);"
.sp
-.BI "int nfs4_gss_princ_to_ids(char *princ, uid_t *uid, gid_t *gid);"
-.fi
-.BI "int nfs4_get_grouplist(const char *name, gid_t *groups, int *ngroups);"
+.BI "int nfs4_gss_princ_to_ids(char *secname, char *princ, uid_t *uid, gid_t *gid);"
+.sp
+.BI "int nfs4_gss_princ_to_grouplist(char *secname, char *princ, gid_t *groups, int *ngroups);"
+.sp
+.BI "int nfs4_gss_princ_to_ids_ex(char *secname, char *princ, uid_t *uid, gid_t *gid, extra_mapping_params **ex);"
+.sp
+.BI "int nfs4_gss_princ_to_grouplist_ex(char *secname, char *princ, gid_t *groups, int *ngroups, extra_mapping_params **ex);"
+.sp
+.BI "void nfs4_set_debug(int dbg_level, void (*logger)(const char *, ...));"
+.sp
.fi
.SH DESCRIPTION
NFSv4 uses names of the form
@@ -93,10 +100,23 @@
groups, then an error is returned and the actual number of groups is stored in
*ngroups.
.PP
-Finally,
-.B nfs4_gss_princ_to_ids()
-is used to convert from a gss principal name (as returned by
+Functions
+.BR nfs4_gss_princ_to_ids() ,
+.BR nfs4_gss_princ_to_grouplist() ,
+.BR nfs4_gss_princ_to_ids_ex() ,
+and
+.B nfs4_gss_princ_to_grouplist_ex()
+are used to convert from a gss principal name (as returned by
.BR gss_display_name() )
-to a uid and gid.
+to a uid and gid, or list of gids.
+.PP
+Finally,
+.B nfs4_set_debug()
+allows the application to set a debugging level to produce extra
+debugging information from within the library. The optional
+.I logger
+function specifies an alternative logging function to call for
+the debug messages rather than the default internal function
+within the library.
.SH RETURN VALUE
All functions return 0 or, in the case of error, -ERRNO.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnfsidmap-0.21/nss.c new/libnfsidmap-0.23/nss.c
--- old/libnfsidmap-0.21/nss.c 2008-03-27 21:47:51.000000000 +0100
+++ new/libnfsidmap-0.23/nss.c 2009-07-29 22:19:06.000000000 +0200
@@ -68,14 +68,6 @@
return 0;
}
-static char * toupper_str(char *s)
-{
- int i;
- for (i=0; i < strlen(s); i++)
- s[i] = toupper(s[i]);
- return s;
-}
-
static int nss_uid_to_name(uid_t uid, char *domain, char *name, size_t len)
{
struct passwd *pw = NULL;
@@ -275,6 +267,7 @@
char *princ_realm;
struct conf_list *realms;
struct conf_list_node *r;
+ int found = 0;
if (strcmp(secname, "spkm3") == 0)
return -ENOENT;
@@ -288,27 +281,19 @@
return -EINVAL;
princ_realm++;
- /* get accepted realms */
+ /* get list of "local-equivalent" realms and
+ * check against the principal's realm */
realms = get_local_realms();
- if (realms) {
- int found = 0;
- for (r = TAILQ_FIRST(&realms->fields); r;
- r = TAILQ_NEXT(r, link)) {
- if (strlen(r->field) == strlen(princ_realm) &&
- !strcmp(r->field, princ_realm)) {
- found = 1;
- break;
- }
+ TAILQ_FOREACH(r, &realms->fields, link) {
+ if (strcmp(r->field, princ_realm) == 0) {
+ found = 1;
+ break;
}
- if (!found)
- return -EINVAL;
- } else {
- char *domain;
- domain = get_default_domain();
- domain = toupper_str(domain);
- if (strlen(princ_realm) != strlen(domain) ||
- strcmp(princ_realm, domain))
- return -EINVAL;
+ }
+ if (!found) {
+ IDMAP_LOG(1, ("nss_gss_princ_to_ids: Local-Realm '%s': NOT FOUND",
+ princ_realm));
+ return -ENOENT;
}
/* XXX: this should call something like getgssauthnam instead? */
pw = nss_getpwnam(princ, NULL, &err);
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org