"Fossies" - the Fresh Open Source Software Archive 
Member "nss_ldap-265/doc/README.IRS" (6 Nov 2009, 9973 Bytes) of package /linux/privat/old/nss_ldap-265.tar.gz:
As a special service "Fossies" has tried to format the requested text file into HTML format (style:
standard) with prefixed line numbers.
Alternatively you can here
view or
download the uninterpreted source code file.
1
2 Using nss-ldap with BIND/IRS under FreeBSD / Quick'n'Dirty guide
3 ================================================================
4
5 [ Notes by Luke Howard <lukeh@padl.com> Sep 2001 ]
6
7 Emile's patch was a little unclean, and I'm not able to generate
8 a clean diff, so here is a list of the modifications you need to
9 make to the IRS to get things to compile "right". You will
10 need to apply these diffs by hand, sorry.
11
12 - Add a prototype to irs/gen.c:
13
14 struct irs_acc *irs_ldap_acc(const char *);
15
16 - Edit gen.c and add "ldap" to the two stanzas, I suggest between
17 irs_nis and irs_irp.
18
19 diff -u --recursive --new-file bind/src/lib/irs/gen.c bind-nss/src/lib/irs/gen.c
20 --- bind/src/lib/irs/gen.c Wed Oct 13 18:39:29 1999
21 +++ bind-nss/src/lib/irs/gen.c Fri Sep 1 15:31:09 2000
22 @@ -66,6 +66,7 @@
23 { "local", irs_lcl },
24 { "dns", irs_dns },
25 { "nis", irs_nis },
26 + { "ldap", irs_ldap },
27 { "irp", irs_irp },
28 { NULL, irs_nacc }
29 };
30
31 and also:
32
33 @@ -80,6 +81,7 @@
34 #else
35 NULL,
36 #endif
37 + irs_ldap_acc,
38 irs_irp_acc,
39 NULL
40 };
41
42 - Edit gen_p.h and add irs_ldap between irs_nis and irs_irp:
43
44 diff -u --recursive --new-file bind/src/lib/irs/gen_p.h bind-nss/src/lib/irs/gen_p.h
45 --- bind/src/lib/irs/gen_p.h Mon Jan 18 08:46:50 1999
46 +++ bind-nss/src/lib/irs/gen_p.h Fri Sep 1 15:31:23 2000
47 @@ -43,6 +43,7 @@
48 irs_lcl, /* Local. */
49 irs_dns, /* DNS or Hesiod. */
50 irs_nis, /* Sun NIS ("YP"). */
51 + irs_ldap, /* LDAP */
52
53 - Edit the Makefile and add the full path to each object file
54 in nss_ldap, eg:
55
56 diff -u --recursive --new-file bind/src/lib/irs/Makefile bind-nss/src/lib/irs/Makefile
57 --- bind/src/lib/irs/Makefile Mon Feb 22 03:47:58 1999
58 +++ bind-nss/src/lib/irs/Makefile Thu Aug 31 18:18:52 2000
59 @@ -42,6 +42,8 @@
60 INSTALL_LIB=-o bin -g bin
61 THREADED= threaded
62
63 +LDAP=/usr/local/src/nss_ldap
64 +
65 SRCS= dns.c dns_gr.c dns_ho.c dns_nw.c dns_pr.c dns_pw.c \
66 dns_sv.c gai_strerror.c gen.c gen_gr.c gen_ho.c \
67 gen_ng.c gen_nw.c gen_pr.c gen_pw.c gen_sv.c \
68 @@ -70,7 +72,12 @@
69 lcl.${O} lcl_gr.${O} \
70 lcl_ho.${O} lcl_ng.${O} lcl_nw.${O} lcl_pr.${O} lcl_pw.${O} \
71 lcl_sv.${O} nis.${O} nis_gr.${O} nis_ho.${O} nis_ng.${O} nis_nw.${O} \
72 - nis_pr.${O} nis_pw.${O} nis_sv.${O} nul_ng.${O} util.${O}
73 + nis_pr.${O} nis_pw.${O} nis_sv.${O} nul_ng.${O} util.${O} \
74 + ${LDAP}/ldap-nss.o ${LDAP}/ldap-pwd.o ${LDAP}/ldap-grp.o \
75 + ${LDAP}/ldap-hosts.o ${LDAP}/ldap-network.o ${LDAP}/ldap-proto.o \
76 + ${LDAP}/ldap-service.o ${LDAP}/util.o ${LDAP}/globals.o \
77 + ${LDAP}/ltf.o ${LDAP}/resolve.o ${LDAP}/dnsconfig.o ${LDAP}/irs-nss.o \
78 + ${LDAP}/snprintf.o
79
80 [ Instructions from Emile Heitor <eheitor@isdnet.net> ]
81
82 Tested under FreeBSD 4.1, but should work under 3.x & 4.x.
83
84 o Get nss_ldap (http://www.padl.com/nss_ldap.html)
85 o Get bind-8.2.2p5 (http://www.isc.org)
86
87 nss_ldap includes a patch to IRS in irs-nss.diff.
88
89 then:
90
91 tar zxvf nss_ldap-115.tar.gz
92 mkdir bind-nss
93 cd bind-nss
94 tar zxvf ../bind-src.tar.gz
95 patch -p1 < ../irs-nss.diff
96 cd src
97 make depend
98 cd ../../nss_ldap
99
100 At this point, you may modify Makefile's TOP variable to suit to your
101 needs. Quit/Save.
102
103 make clean && make
104 cd ../bind-nss/src
105 make all
106
107 Ok, I know about nslookup's warnings and errors here, this is because of
108 newly linked nss-ldap stuff, just ignore it if you plan to use only
109 libbind for its IRS feature ( hey, I said "Quick'n'Dirty ;) ).
110 This will be cleaner very soon, i.e. when I'll make it a dynamic library
111 & will work around bind Makefiles.
112
113 See if it works !
114 =================
115
116 Launch an LDAP server with your favourite data inside, then compile the
117 following :
118
119 [cut here]
120 /* NSS-LDAP use exemple code */
121
122 #include <sys/types.h>
123 #include <pwd.h>
124
125 int main(int argc, char **argv) {
126
127 struct passwd *pw;
128
129 if (argc < 2 ) {
130 printf("bad arg number\n");
131 return(1);
132 }
133
134 pw=getpwnam(argv[1]);
135
136 if (!pw)
137 printf("Failure\n", argv[1]);
138 else
139 printf("getpwnam return value:\n%s\ns%s\n",
140 pw->pw_name, pw->pw_passwd);
141
142 return(0);
143 }
144 [cut here]
145
146 With the following Makefile :
147 ( change LIBBIND and LIBDIR to suit to your needs )
148
149 [cut here]
150 LIBBIND=/home/imil/pub/net/bind-nss/src/lib/libbind.a
151 LIBDIR=-L/usr/local/openldap2/lib
152 LIBS=-lldap_r -llber -lc_r
153
154 all: tpass
155
156 tpass: tpass.o $(LIBBIND)
157 cc -g -o tpass tpass.o $(LIBBIND) $(LIBDIR) $(LIBS)
158
159 clean:
160 rm -f *.o tpass
161 [cut here]
162
163 launch it:
164
165 ./tpass user
166
167 Watch your LDAP server logs, they should be nice ;)
168
169 ---
170
171 All the best,
172
173 --------------------------
174 Emile Heitor
175 Ingenieur Systeme Unix
176 Cable & Wireless isdnet
177 http://www.isdnet.net
178 Email : eheitor@isdnet.net
179 Tel : 06.03.29.65.70
180 --------------------------
181
182
183 Subject: Re: Documentation for IRS in BIND 8.x
184 From: Paul Vixie <paul@vix.com>
185 Date: 1997/06/26
186 Message-ID: <g3radp5avm.fsf@wisdom.home.vix.com>
187 Newsgroups: comp.protocols.dns.bind
188 _[More Headers]_
189
190
191 Ooops. I forgot to check in the man page for irs.conf(5). Here's one:
192
193 IRS.CONF(5) BSD Programmer's Manual IRS.CONF(5)
194
195 NAME
196 irs.conf - Information Retrieval System configuration file
197
198 SYNOPSIS
199 irs.conf
200
201 DESCRIPTION
202 The irs(3) functions are a set of routines in the C library which provide
203 access to various system maps. The maps that irs currently controls are
204 the following: passwd, group, services, protocols, hosts, networks and
205 netgroup. When a program first calls a function that accesses one of
206 these maps, the irs configuration file is read, and the source of each
207 map is determined for the life of the process.
208
209 If this file does not exist, the irs routines default to using local
210 sources for all information, with the exception of the host and networks
211 maps, which use the Domain Name System (DNS).
212
213 Each record in the file consists of one line. A record consists of a
214 map-name, an access-method and possibly a (comma delimited) set of op-
215 tions, separated by tabs or spaces. Blank lines, and text between a #
216 and a newline are ignored.
217
218 Available maps:
219
220 Map name Information in map
221 ========= ==================================
222 passwd User authentication information
223 group User group membership information
224 services Network services directory
225 protocols Network protocols directory
226 hosts Network hosts directory
227 networks Network "network names" directory
228 netgroup Network "host groups" directory
229
230 Available access methods:
231
232 Access method Description
233 ============= =================================================
234 local Use a local file, usually in /etc
235 dns Use the domain name service (includes hesiod)
236 nis Use the Sun-compatible Network Information Service
237 >> ldap Use the Lightweight Directory Access Protocol
238
239 Available options:
240
241 Option Description
242 ======== ================================================
243 continue don't stop searching if you can't find something
244 merge don't stop searching if you CAN find something
245
246 The continue option creates ``union namespaces'' whereby subsequent ac-
247 cess methods of the same map type can be tried if a name cannot be found
248 using earlier access methods. This can be quite confusing in the case of
249 host names, since the name to address and address to name mappings can be
250 visibly asymmetric even though the data used by any given access method
251 is entirely consistent. This behavior is, therefore, not the default.
252
253 The merge option only affects lookups in the groups map. If set, subse-
254 quent access methods will be tried in order to cause local users to ap-
255 pear in NIS (or other remote) groups in addition to the local groups.
256
257 EXAMPLE
258 # Get password entries from local file, or failing that, NIS
259 passwd local continue
260 passwd nis
261
262 # Build group membership from both local file, and NIS.
263 group local continue,merge
264 group nis
265
266 # Services comes from just the local file.
267 services local
268
269 protocols local
270
271 # Hosts comes first from DNS, failing that, the local file
272 hosts dns continue
273 hosts local
274
275 networks local
276
277 netgroup local
278
279 NOTES
280 If a local user needs to be in the local host's ``wheel'' group but not
281 in every host's ``wheel'' group, put them in the local host's /etc/group
282 ``wheel'' entry and set up the ``groups'' portion of your /etc/irs.conf
283 file as:
284
285 group local continue,merge
286 group nis
287
288 The dns access method is only supported for the ``hosts'' and
289 ``networks'' maps. The other maps fall under the control of Hesiod, and
290 have not been well tested.
291
292 NIS takes a long time to time out. Especially for hosts if you use the
293 -d option to your server's ``ypserv'' daemon.
294
295 It is important that the irs.conf file contain an entry for each map. If
296 a map is not mentioned in the irs.conf file, all queries to that map will
297 fail.
298
299 FILES
300 /etc/irs.conf The file irs.conf resides in /etc.
301
302 SEE ALSO
303 groups(5), hosts(5), netgroup(5), networks(5), passwd(5),
304 protocols(5), services(5)
305
306 BSDI August 8, 1996 2
307
308 --
309 Paul Vixie
310 La Honda, CA
311 <_paul@vix.com_> "Many NANOG members have been around
312 pacbell!vixie!paul longer than most." --Jim Fleming
313
314