Imported Upstream version 0.16.1
Michael Biebl
8 years ago
0 | 0.16.1 | |
1 | * libsystemd build fix [#90519] | |
2 | * Change default home directory to /home/%U@%D | |
3 | * Add --automatic-id-mapping=no command line argument | |
4 | ||
0 | 5 | 0.16.0 |
1 | 6 | * Disable automatic AD joins by default [#89205] |
2 | 7 | * Validate text we receive from LDAP |
0 | 0 | #! /bin/sh |
1 | 1 | # Guess values for system-dependent variables and create Makefiles. |
2 | # Generated by GNU Autoconf 2.69 for realmd 0.16.0. | |
2 | # Generated by GNU Autoconf 2.69 for realmd 0.16.1. | |
3 | 3 | # |
4 | 4 | # Report bugs to <http://bugs.freedesktop.org/enter_bug.cgi?product=realmd>. |
5 | 5 | # |
580 | 580 | # Identity of this package. |
581 | 581 | PACKAGE_NAME='realmd' |
582 | 582 | PACKAGE_TARNAME='realmd' |
583 | PACKAGE_VERSION='0.16.0' | |
584 | PACKAGE_STRING='realmd 0.16.0' | |
583 | PACKAGE_VERSION='0.16.1' | |
584 | PACKAGE_STRING='realmd 0.16.1' | |
585 | 585 | PACKAGE_BUGREPORT='http://bugs.freedesktop.org/enter_bug.cgi?product=realmd' |
586 | 586 | PACKAGE_URL='' |
587 | 587 | |
1372 | 1372 | # Omit some internal or obsolete options to make the list less imposing. |
1373 | 1373 | # This message is too long to be a string in the A/UX 3.1 sh. |
1374 | 1374 | cat <<_ACEOF |
1375 | \`configure' configures realmd 0.16.0 to adapt to many kinds of systems. | |
1375 | \`configure' configures realmd 0.16.1 to adapt to many kinds of systems. | |
1376 | 1376 | |
1377 | 1377 | Usage: $0 [OPTION]... [VAR=VALUE]... |
1378 | 1378 | |
1438 | 1438 | |
1439 | 1439 | if test -n "$ac_init_help"; then |
1440 | 1440 | case $ac_init_help in |
1441 | short | recursive ) echo "Configuration of realmd 0.16.0:";; | |
1441 | short | recursive ) echo "Configuration of realmd 0.16.1:";; | |
1442 | 1442 | esac |
1443 | 1443 | cat <<\_ACEOF |
1444 | 1444 | |
1565 | 1565 | test -n "$ac_init_help" && exit $ac_status |
1566 | 1566 | if $ac_init_version; then |
1567 | 1567 | cat <<\_ACEOF |
1568 | realmd configure 0.16.0 | |
1568 | realmd configure 0.16.1 | |
1569 | 1569 | generated by GNU Autoconf 2.69 |
1570 | 1570 | |
1571 | 1571 | Copyright (C) 2012 Free Software Foundation, Inc. |
1934 | 1934 | This file contains any messages produced by compilers while |
1935 | 1935 | running configure, to aid debugging if configure makes a mistake. |
1936 | 1936 | |
1937 | It was created by realmd $as_me 0.16.0, which was | |
1937 | It was created by realmd $as_me 0.16.1, which was | |
1938 | 1938 | generated by GNU Autoconf 2.69. Invocation command line was |
1939 | 1939 | |
1940 | 1940 | $ $0 $@ |
2810 | 2810 | |
2811 | 2811 | # Define the identity of the package. |
2812 | 2812 | PACKAGE='realmd' |
2813 | VERSION='0.16.0' | |
2813 | VERSION='0.16.1' | |
2814 | 2814 | |
2815 | 2815 | |
2816 | 2816 | cat >>confdefs.h <<_ACEOF |
7478 | 7478 | pkg_cv_SYSTEMD_JOURNAL_CFLAGS="$SYSTEMD_JOURNAL_CFLAGS" |
7479 | 7479 | elif test -n "$PKG_CONFIG"; then |
7480 | 7480 | if test -n "$PKG_CONFIG" && \ |
7481 | { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libsystemd\""; } >&5 | |
7482 | ($PKG_CONFIG --exists --print-errors "libsystemd") 2>&5 | |
7483 | ac_status=$? | |
7484 | $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 | |
7485 | test $ac_status = 0; }; then | |
7486 | pkg_cv_SYSTEMD_JOURNAL_CFLAGS=`$PKG_CONFIG --cflags "libsystemd" 2>/dev/null` | |
7487 | test "x$?" != "x0" && pkg_failed=yes | |
7488 | else | |
7489 | pkg_failed=yes | |
7490 | fi | |
7491 | else | |
7492 | pkg_failed=untried | |
7493 | fi | |
7494 | if test -n "$SYSTEMD_JOURNAL_LIBS"; then | |
7495 | pkg_cv_SYSTEMD_JOURNAL_LIBS="$SYSTEMD_JOURNAL_LIBS" | |
7496 | elif test -n "$PKG_CONFIG"; then | |
7497 | if test -n "$PKG_CONFIG" && \ | |
7498 | { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libsystemd\""; } >&5 | |
7499 | ($PKG_CONFIG --exists --print-errors "libsystemd") 2>&5 | |
7500 | ac_status=$? | |
7501 | $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 | |
7502 | test $ac_status = 0; }; then | |
7503 | pkg_cv_SYSTEMD_JOURNAL_LIBS=`$PKG_CONFIG --libs "libsystemd" 2>/dev/null` | |
7504 | test "x$?" != "x0" && pkg_failed=yes | |
7505 | else | |
7506 | pkg_failed=yes | |
7507 | fi | |
7508 | else | |
7509 | pkg_failed=untried | |
7510 | fi | |
7511 | ||
7512 | ||
7513 | ||
7514 | if test $pkg_failed = yes; then | |
7515 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 | |
7516 | $as_echo "no" >&6; } | |
7517 | ||
7518 | if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then | |
7519 | _pkg_short_errors_supported=yes | |
7520 | else | |
7521 | _pkg_short_errors_supported=no | |
7522 | fi | |
7523 | if test $_pkg_short_errors_supported = yes; then | |
7524 | SYSTEMD_JOURNAL_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libsystemd" 2>&1` | |
7525 | else | |
7526 | SYSTEMD_JOURNAL_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libsystemd" 2>&1` | |
7527 | fi | |
7528 | # Put the nasty error message in config.log where it belongs | |
7529 | echo "$SYSTEMD_JOURNAL_PKG_ERRORS" >&5 | |
7530 | ||
7531 | ||
7532 | pkg_failed=no | |
7533 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for SYSTEMD_JOURNAL" >&5 | |
7534 | $as_echo_n "checking for SYSTEMD_JOURNAL... " >&6; } | |
7535 | ||
7536 | if test -n "$SYSTEMD_JOURNAL_CFLAGS"; then | |
7537 | pkg_cv_SYSTEMD_JOURNAL_CFLAGS="$SYSTEMD_JOURNAL_CFLAGS" | |
7538 | elif test -n "$PKG_CONFIG"; then | |
7539 | if test -n "$PKG_CONFIG" && \ | |
7481 | 7540 | { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libsystemd-journal\""; } >&5 |
7482 | 7541 | ($PKG_CONFIG --exists --print-errors "libsystemd-journal") 2>&5 |
7483 | 7542 | ac_status=$? |
7553 | 7612 | |
7554 | 7613 | To get pkg-config, see <http://pkg-config.freedesktop.org/>. |
7555 | 7614 | See \`config.log' for more details" "$LINENO" 5; } |
7615 | else | |
7616 | SYSTEMD_JOURNAL_CFLAGS=$pkg_cv_SYSTEMD_JOURNAL_CFLAGS | |
7617 | SYSTEMD_JOURNAL_LIBS=$pkg_cv_SYSTEMD_JOURNAL_LIBS | |
7618 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 | |
7619 | $as_echo "yes" >&6; } | |
7620 | ||
7621 | fi | |
7622 | elif test $pkg_failed = untried; then | |
7623 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 | |
7624 | $as_echo "no" >&6; } | |
7625 | ||
7626 | pkg_failed=no | |
7627 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for SYSTEMD_JOURNAL" >&5 | |
7628 | $as_echo_n "checking for SYSTEMD_JOURNAL... " >&6; } | |
7629 | ||
7630 | if test -n "$SYSTEMD_JOURNAL_CFLAGS"; then | |
7631 | pkg_cv_SYSTEMD_JOURNAL_CFLAGS="$SYSTEMD_JOURNAL_CFLAGS" | |
7632 | elif test -n "$PKG_CONFIG"; then | |
7633 | if test -n "$PKG_CONFIG" && \ | |
7634 | { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libsystemd-journal\""; } >&5 | |
7635 | ($PKG_CONFIG --exists --print-errors "libsystemd-journal") 2>&5 | |
7636 | ac_status=$? | |
7637 | $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 | |
7638 | test $ac_status = 0; }; then | |
7639 | pkg_cv_SYSTEMD_JOURNAL_CFLAGS=`$PKG_CONFIG --cflags "libsystemd-journal" 2>/dev/null` | |
7640 | test "x$?" != "x0" && pkg_failed=yes | |
7641 | else | |
7642 | pkg_failed=yes | |
7643 | fi | |
7644 | else | |
7645 | pkg_failed=untried | |
7646 | fi | |
7647 | if test -n "$SYSTEMD_JOURNAL_LIBS"; then | |
7648 | pkg_cv_SYSTEMD_JOURNAL_LIBS="$SYSTEMD_JOURNAL_LIBS" | |
7649 | elif test -n "$PKG_CONFIG"; then | |
7650 | if test -n "$PKG_CONFIG" && \ | |
7651 | { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libsystemd-journal\""; } >&5 | |
7652 | ($PKG_CONFIG --exists --print-errors "libsystemd-journal") 2>&5 | |
7653 | ac_status=$? | |
7654 | $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 | |
7655 | test $ac_status = 0; }; then | |
7656 | pkg_cv_SYSTEMD_JOURNAL_LIBS=`$PKG_CONFIG --libs "libsystemd-journal" 2>/dev/null` | |
7657 | test "x$?" != "x0" && pkg_failed=yes | |
7658 | else | |
7659 | pkg_failed=yes | |
7660 | fi | |
7661 | else | |
7662 | pkg_failed=untried | |
7663 | fi | |
7664 | ||
7665 | ||
7666 | ||
7667 | if test $pkg_failed = yes; then | |
7668 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 | |
7669 | $as_echo "no" >&6; } | |
7670 | ||
7671 | if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then | |
7672 | _pkg_short_errors_supported=yes | |
7673 | else | |
7674 | _pkg_short_errors_supported=no | |
7675 | fi | |
7676 | if test $_pkg_short_errors_supported = yes; then | |
7677 | SYSTEMD_JOURNAL_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libsystemd-journal" 2>&1` | |
7678 | else | |
7679 | SYSTEMD_JOURNAL_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libsystemd-journal" 2>&1` | |
7680 | fi | |
7681 | # Put the nasty error message in config.log where it belongs | |
7682 | echo "$SYSTEMD_JOURNAL_PKG_ERRORS" >&5 | |
7683 | ||
7684 | as_fn_error $? "Package requirements (libsystemd-journal) were not met: | |
7685 | ||
7686 | $SYSTEMD_JOURNAL_PKG_ERRORS | |
7687 | ||
7688 | Consider adjusting the PKG_CONFIG_PATH environment variable if you | |
7689 | installed software in a non-standard prefix. | |
7690 | ||
7691 | Alternatively, you may set the environment variables SYSTEMD_JOURNAL_CFLAGS | |
7692 | and SYSTEMD_JOURNAL_LIBS to avoid the need to call pkg-config. | |
7693 | See the pkg-config man page for more details." "$LINENO" 5 | |
7694 | elif test $pkg_failed = untried; then | |
7695 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 | |
7696 | $as_echo "no" >&6; } | |
7697 | { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 | |
7698 | $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} | |
7699 | as_fn_error $? "The pkg-config script could not be found or is too old. Make sure it | |
7700 | is in your PATH or set the PKG_CONFIG environment variable to the full | |
7701 | path to pkg-config. | |
7702 | ||
7703 | Alternatively, you may set the environment variables SYSTEMD_JOURNAL_CFLAGS | |
7704 | and SYSTEMD_JOURNAL_LIBS to avoid the need to call pkg-config. | |
7705 | See the pkg-config man page for more details. | |
7706 | ||
7707 | To get pkg-config, see <http://pkg-config.freedesktop.org/>. | |
7708 | See \`config.log' for more details" "$LINENO" 5; } | |
7709 | else | |
7710 | SYSTEMD_JOURNAL_CFLAGS=$pkg_cv_SYSTEMD_JOURNAL_CFLAGS | |
7711 | SYSTEMD_JOURNAL_LIBS=$pkg_cv_SYSTEMD_JOURNAL_LIBS | |
7712 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 | |
7713 | $as_echo "yes" >&6; } | |
7714 | ||
7715 | fi | |
7556 | 7716 | else |
7557 | 7717 | SYSTEMD_JOURNAL_CFLAGS=$pkg_cv_SYSTEMD_JOURNAL_CFLAGS |
7558 | 7718 | SYSTEMD_JOURNAL_LIBS=$pkg_cv_SYSTEMD_JOURNAL_LIBS |
8897 | 9057 | # report actual input values of CONFIG_FILES etc. instead of their |
8898 | 9058 | # values after options handling. |
8899 | 9059 | ac_log=" |
8900 | This file was extended by realmd $as_me 0.16.0, which was | |
9060 | This file was extended by realmd $as_me 0.16.1, which was | |
8901 | 9061 | generated by GNU Autoconf 2.69. Invocation command line was |
8902 | 9062 | |
8903 | 9063 | CONFIG_FILES = $CONFIG_FILES |
8963 | 9123 | cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 |
8964 | 9124 | ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" |
8965 | 9125 | ac_cs_version="\\ |
8966 | realmd config.status 0.16.0 | |
9126 | realmd config.status 0.16.1 | |
8967 | 9127 | configured by $0, generated by GNU Autoconf 2.69, |
8968 | 9128 | with options \\"\$ac_cs_config\\" |
8969 | 9129 |
0 | 0 | AC_PREREQ(2.63) |
1 | 1 | |
2 | AC_INIT([realmd], [0.16.0], | |
2 | AC_INIT([realmd], [0.16.1], | |
3 | 3 | [http://bugs.freedesktop.org/enter_bug.cgi?product=realmd], |
4 | 4 | [realmd]) |
5 | 5 | |
117 | 117 | |
118 | 118 | if test "$with_systemd_journal" != "no"; then |
119 | 119 | AC_DEFINE_UNQUOTED(WITH_JOURNAL, 1, [Use systemd's journal]) |
120 | PKG_CHECK_MODULES(SYSTEMD_JOURNAL, libsystemd-journal) | |
120 | PKG_CHECK_MODULES(SYSTEMD_JOURNAL, [libsystemd],, | |
121 | [PKG_CHECK_MODULES(SYSTEMD_JOURNAL, [libsystemd-journal])]) | |
121 | 122 | with_systemd_journal="yes" |
122 | 123 | fi |
123 | 124 |
617 | 617 | |
618 | 618 | @options can contain, but is not limited to, the following values: |
619 | 619 | <itemizedlist> |
620 | <listitem><para><literal>automatic-id-mapping</literal>: a boolean | |
621 | value whether to turn on automatic UID/GID mapping. If not | |
622 | specified the default will come from realmd.conf | |
623 | configuration.</para></listitem> | |
620 | 624 | <listitem><para><literal>operation</literal>: a string |
621 | 625 | identifier chosen by the client, which can then later be |
622 | 626 | passed to org.freedesktop.realmd.Service.Cancel() in order |
59 | 59 | |
60 | 60 | #define REALM_DBUS_OPTION_OPERATION "operation" |
61 | 61 | #define REALM_DBUS_OPTION_COMPUTER_OU "computer-ou" |
62 | #define REALM_DBUS_OPTION_AUTOMATIC_ID_MAPPING "automatic-id-mapping" | |
62 | 63 | #define REALM_DBUS_OPTION_SERVER_SOFTWARE "server-software" |
63 | 64 | #define REALM_DBUS_OPTION_CLIENT_SOFTWARE "client-software" |
64 | 65 | #define REALM_DBUS_OPTION_MEMBERSHIP_SOFTWARE "membership-software" |
180 | 180 | |
181 | 181 | <variablelist> |
182 | 182 | <varlistentry> |
183 | <term><option>--automatic-id-mapping=no</option></term> | |
184 | <listitem><para>Do not perform UID/GID mapping for users | |
185 | and groups, but expect these identifiers to be present | |
186 | in the domain already.</para></listitem> | |
187 | </varlistentry> | |
188 | <varlistentry> | |
183 | 189 | <term><option>--user=xxx</option></term> |
184 | 190 | <listitem><para>The user name to be used to authenticate |
185 | 191 | with when joining the machine to the realm. You will |
207 | 207 | <informalexample> |
208 | 208 | <programlisting language="js"> |
209 | 209 | [users] |
210 | default-home = /home/%D/%U | |
210 | default-home = /home/%U@%D | |
211 | 211 | # default-home = /nfs/home/%D-%U |
212 | ||
213 | </programlisting> | |
214 | </informalexample> | |
215 | ||
216 | <para>The default setting for this is <option>/home/%D/%U</option>. The | |
212 | # default-home = /home/%D/%U | |
213 | ||
214 | </programlisting> | |
215 | </informalexample> | |
216 | ||
217 | <para>The default setting for this is <option>/home/%U@%D</option>. The | |
217 | 218 | <option>%D</option> format is replaced by the domain name. The <option>%U</option> |
218 | 219 | format is replaced by the user name.</para> |
219 | 220 |
35 | 35 | <td valign="top" align="right"></td> |
36 | 36 | </tr></table></div> |
37 | 37 | <div class="refsect1"> |
38 | <a name="idm47306145031520"></a><h2>Properties</h2> | |
38 | <a name="idm47297892231984"></a><h2>Properties</h2> | |
39 | 39 | <pre class="synopsis"> |
40 | 40 | <GTKDOCLINK HREF="gdbus-property-org-freedesktop-realmd-Kerberos.RealmName">RealmName</GTKDOCLINK> readable s |
41 | 41 | <GTKDOCLINK HREF="gdbus-property-org-freedesktop-realmd-Kerberos.DomainName">DomainName</GTKDOCLINK> readable s |
45 | 45 | </pre> |
46 | 46 | </div> |
47 | 47 | <div class="refsect1"> |
48 | <a name="idm47306145416096"></a><h2>Properties</h2> | |
48 | <a name="idm47297889943312"></a><h2>Properties</h2> | |
49 | 49 | <pre class="synopsis"> |
50 | 50 | <GTKDOCLINK HREF="gdbus-property-org-freedesktop-realmd-KerberosMembership.SuggestedAdministrator">SuggestedAdministrator</GTKDOCLINK> readable s |
51 | 51 | <GTKDOCLINK HREF="gdbus-property-org-freedesktop-realmd-KerberosMembership.SupportedJoinCredentials">SupportedJoinCredentials</GTKDOCLINK> readable a(ss) |
90 | 90 | <p> <em class="parameter"><code>options</code></em> can contain, but is not limited to, the following values: |
91 | 91 | </p> |
92 | 92 | <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "> |
93 | <li class="listitem"><p><code class="literal">automatic-id-mapping</code>: a boolean | |
94 | value whether to turn on automatic UID/GID mapping. If not | |
95 | specified the default will come from realmd.conf | |
96 | configuration.</p></li> | |
93 | 97 | <li class="listitem"><p><code class="literal">operation</code>: a string |
94 | 98 | identifier chosen by the client, which can then later be |
95 | 99 | passed to <GTKDOCLINK HREF="gdbus-method-org-freedesktop-realmd-Service.Cancel">Cancel()</GTKDOCLINK> in order |
45 | 45 | </pre> |
46 | 46 | </div> |
47 | 47 | <div class="refsect1"> |
48 | <a name="idm47306147959632"></a><h2>Properties</h2> | |
48 | <a name="idm47297895308560"></a><h2>Properties</h2> | |
49 | 49 | <pre class="synopsis"> |
50 | 50 | <GTKDOCLINK HREF="gdbus-property-org-freedesktop-realmd-Provider.Name">Name</GTKDOCLINK> readable s |
51 | 51 | <GTKDOCLINK HREF="gdbus-property-org-freedesktop-realmd-Provider.Version">Version</GTKDOCLINK> readable s |
46 | 46 | </pre> |
47 | 47 | </div> |
48 | 48 | <div class="refsect1"> |
49 | <a name="idm47306146136944"></a><h2>Properties</h2> | |
49 | <a name="idm47297891890320"></a><h2>Properties</h2> | |
50 | 50 | <pre class="synopsis"> |
51 | 51 | <GTKDOCLINK HREF="gdbus-property-org-freedesktop-realmd-Realm.Name">Name</GTKDOCLINK> readable s |
52 | 52 | <GTKDOCLINK HREF="gdbus-property-org-freedesktop-realmd-Realm.Configured">Configured</GTKDOCLINK> readable s |
44 | 44 | </pre> |
45 | 45 | </div> |
46 | 46 | <div class="refsect1"> |
47 | <a name="idm47306146616848"></a><h2>Signals</h2> | |
47 | <a name="idm47297890480336"></a><h2>Signals</h2> | |
48 | 48 | <pre class="synopsis"> |
49 | 49 | <GTKDOCLINK HREF="gdbus-signal-org-freedesktop-realmd-Service.Diagnostics">Diagnostics</GTKDOCLINK> (s data, |
50 | 50 | s operation); |
31 | 31 | By default SSSD is used.</p> |
32 | 32 | <div class="section"> |
33 | 33 | <div class="titlepage"><div><div><h3 class="title"> |
34 | <a name="idm47306144011552"></a>Using SSSD with Active Directory</h3></div></div></div> | |
34 | <a name="idm47297896462208"></a>Using SSSD with Active Directory</h3></div></div></div> | |
35 | 35 | <p><a class="ulink" href="https://fedorahosted.org/sssd/" target="_top">SSSD</a> |
36 | 36 | provides client software for various kerberos and/or LDAP |
37 | 37 | directories. Since version 1.9.x it provides good support |
49 | 49 | </div> |
50 | 50 | <div class="section"> |
51 | 51 | <div class="titlepage"><div><div><h3 class="title"> |
52 | <a name="idm47306141455584"></a>Using Winbind with Active Directory</h3></div></div></div> | |
52 | <a name="idm47297889828816"></a>Using Winbind with Active Directory</h3></div></div></div> | |
53 | 53 | <p>Samba |
54 | 54 | <a class="ulink" href="http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html" target="_top">Winbind</a> |
55 | 55 | provides client software for use with Active Directory.</p> |
24 | 24 | <dt><span class="section"><a href="guide-active-directory.html#guide-active-directory-discover">Discovering Active Directory domains</a></span></dt> |
25 | 25 | <dt><span class="section"><a href="guide-active-directory-client.html">Active Directory client software</a></span></dt> |
26 | 26 | <dd><dl> |
27 | <dt><span class="section"><a href="guide-active-directory-client.html#idm47306144011552">Using SSSD with Active Directory</a></span></dt> | |
28 | <dt><span class="section"><a href="guide-active-directory-client.html#idm47306141455584">Using Winbind with Active Directory</a></span></dt> | |
27 | <dt><span class="section"><a href="guide-active-directory-client.html#idm47297896462208">Using SSSD with Active Directory</a></span></dt> | |
28 | <dt><span class="section"><a href="guide-active-directory-client.html#idm47297889828816">Using Winbind with Active Directory</a></span></dt> | |
29 | 29 | </dl></dd> |
30 | 30 | <dt><span class="section"><a href="guide-active-directory-join.html">Joining an Active Directory domain</a></span></dt> |
31 | 31 | <dt><span class="section"><a href="guide-active-directory-permit.html">Logins using Domain Accounts</a></span></dt> |
21 | 21 | <div class="titlepage"><div><div><h2 class="title"> |
22 | 22 | <a name="guide-ipa"></a>Using with IPA</h2></div></div></div> |
23 | 23 | <div class="toc"><dl class="toc"> |
24 | <dt><span class="section"><a href="guide-ipa.html#idm47306144588960">Discovering IPA domains</a></span></dt> | |
24 | <dt><span class="section"><a href="guide-ipa.html#idm47297889722256">Discovering IPA domains</a></span></dt> | |
25 | 25 | <dt><span class="section"><a href="guide-ipa-client.html">IPA client software</a></span></dt> |
26 | 26 | <dt><span class="section"><a href="guide-ipa-join.html">Joining a IPA domain</a></span></dt> |
27 | 27 | <dt><span class="section"><a href="guide-ipa-permit.html">Logins using Domain Accounts</a></span></dt> |
32 | 32 | credentials.</p> |
33 | 33 | <div class="section"> |
34 | 34 | <div class="titlepage"><div><div><h2 class="title" style="clear: both"> |
35 | <a name="idm47306144588960"></a>Discovering IPA domains</h2></div></div></div> | |
35 | <a name="idm47297889722256"></a>Discovering IPA domains</h2></div></div></div> | |
36 | 36 | <p><span class="command"><strong>realmd</strong></span> discovers which domains or |
37 | 37 | realms it can use or configure. It can discover and identify |
38 | 38 | IPA domains by looking up the appropriate DNS SRV |
20 | 20 | <div class="chapter"> |
21 | 21 | <div class="titlepage"><div><div><h2 class="title"> |
22 | 22 | <a name="guide-kerberos"></a>Using with other Kerberos realms</h2></div></div></div> |
23 | <div class="toc"><dl class="toc"><dt><span class="section"><a href="guide-kerberos.html#idm47306140783248">Discovering Kerberos realms</a></span></dt></dl></div> | |
23 | <div class="toc"><dl class="toc"><dt><span class="section"><a href="guide-kerberos.html#idm47297892183456">Discovering Kerberos realms</a></span></dt></dl></div> | |
24 | 24 | <p><span class="command"><strong>realmd</strong></span> can discover generic Kerberos realms. |
25 | 25 | Since there is no standard way to enroll a computer against a Kerberos |
26 | 26 | server, it is not possible to do this with <span class="command"><strong>realmd</strong></span>.</p> |
27 | 27 | <div class="section"> |
28 | 28 | <div class="titlepage"><div><div><h2 class="title" style="clear: both"> |
29 | <a name="idm47306140783248"></a>Discovering Kerberos realms</h2></div></div></div> | |
29 | <a name="idm47297892183456"></a>Discovering Kerberos realms</h2></div></div></div> | |
30 | 30 | <p><span class="command"><strong>realmd</strong></span> discovers which domains or |
31 | 31 | realms it can use or configure. It can discover and identify |
32 | 32 | Kerberos domains by looking up the appropriate DNS SRV |
37 | 37 | <dt><span class="section"><a href="guide-active-directory.html#guide-active-directory-discover">Discovering Active Directory domains</a></span></dt> |
38 | 38 | <dt><span class="section"><a href="guide-active-directory-client.html">Active Directory client software</a></span></dt> |
39 | 39 | <dd><dl> |
40 | <dt><span class="section"><a href="guide-active-directory-client.html#idm47306144011552">Using SSSD with Active Directory</a></span></dt> | |
41 | <dt><span class="section"><a href="guide-active-directory-client.html#idm47306141455584">Using Winbind with Active Directory</a></span></dt> | |
40 | <dt><span class="section"><a href="guide-active-directory-client.html#idm47297896462208">Using SSSD with Active Directory</a></span></dt> | |
41 | <dt><span class="section"><a href="guide-active-directory-client.html#idm47297889828816">Using Winbind with Active Directory</a></span></dt> | |
42 | 42 | </dl></dd> |
43 | 43 | <dt><span class="section"><a href="guide-active-directory-join.html">Joining an Active Directory domain</a></span></dt> |
44 | 44 | <dt><span class="section"><a href="guide-active-directory-permit.html">Logins using Domain Accounts</a></span></dt> |
45 | 45 | </dl></dd> |
46 | 46 | <dt><span class="chapter"><a href="guide-ipa.html">Using with IPA</a></span></dt> |
47 | 47 | <dd><dl> |
48 | <dt><span class="section"><a href="guide-ipa.html#idm47306144588960">Discovering IPA domains</a></span></dt> | |
48 | <dt><span class="section"><a href="guide-ipa.html#idm47297889722256">Discovering IPA domains</a></span></dt> | |
49 | 49 | <dt><span class="section"><a href="guide-ipa-client.html">IPA client software</a></span></dt> |
50 | 50 | <dt><span class="section"><a href="guide-ipa-join.html">Joining a IPA domain</a></span></dt> |
51 | 51 | <dt><span class="section"><a href="guide-ipa-permit.html">Logins using Domain Accounts</a></span></dt> |
52 | 52 | </dl></dd> |
53 | 53 | <dt><span class="chapter"><a href="guide-kerberos.html">Using with other Kerberos realms</a></span></dt> |
54 | <dd><dl><dt><span class="section"><a href="guide-kerberos.html#idm47306140783248">Discovering Kerberos realms</a></span></dt></dl></dd> | |
54 | <dd><dl><dt><span class="section"><a href="guide-kerberos.html#idm47297892183456">Discovering Kerberos realms</a></span></dt></dl></dd> | |
55 | 55 | <dt><span class="chapter"><a href="guide-integration.html">Integration</a></span></dt> |
56 | 56 | </dl> |
57 | 57 | </div> |
12 | 12 | <div class="titlepage"> |
13 | 13 | <div> |
14 | 14 | <div><table class="navigation" id="top" width="100%" cellpadding="2" cellspacing="0"><tr><th valign="middle"><p class="title">realmd</p></th></tr></table></div> |
15 | <div><p class="releaseinfo">for 0.15.2 | |
15 | <div><p class="releaseinfo">for 0.16.1 | |
16 | 16 | </p></div> |
17 | 17 | </div> |
18 | 18 | <hr> |
34 | 34 | <dt><span class="section"><a href="guide-active-directory.html#guide-active-directory-discover">Discovering Active Directory domains</a></span></dt> |
35 | 35 | <dt><span class="section"><a href="guide-active-directory-client.html">Active Directory client software</a></span></dt> |
36 | 36 | <dd><dl> |
37 | <dt><span class="section"><a href="guide-active-directory-client.html#idm47306144011552">Using SSSD with Active Directory</a></span></dt> | |
38 | <dt><span class="section"><a href="guide-active-directory-client.html#idm47306141455584">Using Winbind with Active Directory</a></span></dt> | |
37 | <dt><span class="section"><a href="guide-active-directory-client.html#idm47297896462208">Using SSSD with Active Directory</a></span></dt> | |
38 | <dt><span class="section"><a href="guide-active-directory-client.html#idm47297889828816">Using Winbind with Active Directory</a></span></dt> | |
39 | 39 | </dl></dd> |
40 | 40 | <dt><span class="section"><a href="guide-active-directory-join.html">Joining an Active Directory domain</a></span></dt> |
41 | 41 | <dt><span class="section"><a href="guide-active-directory-permit.html">Logins using Domain Accounts</a></span></dt> |
42 | 42 | </dl></dd> |
43 | 43 | <dt><span class="chapter"><a href="guide-ipa.html">Using with IPA</a></span></dt> |
44 | 44 | <dd><dl> |
45 | <dt><span class="section"><a href="guide-ipa.html#idm47306144588960">Discovering IPA domains</a></span></dt> | |
45 | <dt><span class="section"><a href="guide-ipa.html#idm47297889722256">Discovering IPA domains</a></span></dt> | |
46 | 46 | <dt><span class="section"><a href="guide-ipa-client.html">IPA client software</a></span></dt> |
47 | 47 | <dt><span class="section"><a href="guide-ipa-join.html">Joining a IPA domain</a></span></dt> |
48 | 48 | <dt><span class="section"><a href="guide-ipa-permit.html">Logins using Domain Accounts</a></span></dt> |
49 | 49 | </dl></dd> |
50 | 50 | <dt><span class="chapter"><a href="guide-kerberos.html">Using with other Kerberos realms</a></span></dt> |
51 | <dd><dl><dt><span class="section"><a href="guide-kerberos.html#idm47306140783248">Discovering Kerberos realms</a></span></dt></dl></dd> | |
51 | <dd><dl><dt><span class="section"><a href="guide-kerberos.html#idm47297892183456">Discovering Kerberos realms</a></span></dt></dl></dd> | |
52 | 52 | <dt><span class="chapter"><a href="guide-integration.html">Integration</a></span></dt> |
53 | 53 | </dl></dd> |
54 | 54 | <dt><span class="part"><a href="development.html">II. Developer Reference</a></span></dt> |
36 | 36 | <div class="cmdsynopsis"><p><code class="command">realm deny</code> -a [-R realm]</p></div> |
37 | 37 | </div> |
38 | 38 | <div class="refsect1"> |
39 | <a name="idm47306143342256"></a><h2>Description</h2> | |
39 | <a name="idm47297891142432"></a><h2>Description</h2> | |
40 | 40 | <p><span class="command"><strong>realm</strong></span> is a command line tool that |
41 | 41 | can be used to manage enrollment in kerberos realms, like Active |
42 | 42 | Directory domains or IPA domains.</p> |
70 | 70 | </table></div> |
71 | 71 | </div> |
72 | 72 | <div class="refsect1"> |
73 | <a name="idm47306143334416"></a><h2>Discover</h2> | |
73 | <a name="idm47297891134592"></a><h2>Discover</h2> | |
74 | 74 | <p>Discover a realm and its capabilities.</p> |
75 | 75 | <div class="informalexample"> |
76 | 76 | <pre class="programlisting"> |
121 | 121 | </table></div> |
122 | 122 | </div> |
123 | 123 | <div class="refsect1"> |
124 | <a name="idm47306143320240"></a><h2>Join</h2> | |
124 | <a name="idm47297891120416"></a><h2>Join</h2> | |
125 | 125 | <p>Configure the local machine for use with a realm.</p> |
126 | 126 | <div class="informalexample"> |
127 | 127 | <pre class="programlisting"> |
162 | 162 | </colgroup> |
163 | 163 | <tbody> |
164 | 164 | <tr> |
165 | <td><p><span class="term"><code class="option">--automatic-id-mapping=no</code></span></p></td> | |
166 | <td><p>Do not perform UID/GID mapping for users | |
167 | and groups, but expect these identifiers to be present | |
168 | in the domain already.</p></td> | |
169 | </tr> | |
170 | <tr> | |
165 | 171 | <td><p><span class="term"><code class="option">--user=xxx</code></span></p></td> |
166 | 172 | <td><p>The user name to be used to authenticate |
167 | 173 | with when joining the machine to the realm. You will |
222 | 228 | </table></div> |
223 | 229 | </div> |
224 | 230 | <div class="refsect1"> |
225 | <a name="idm47306143289264"></a><h2>Leave</h2> | |
231 | <a name="idm47297888766064"></a><h2>Leave</h2> | |
226 | 232 | <p>Deconfigure the local machine for use with a realm.</p> |
227 | 233 | <div class="informalexample"> |
228 | 234 | <pre class="programlisting"> |
271 | 277 | </table></div> |
272 | 278 | </div> |
273 | 279 | <div class="refsect1"> |
274 | <a name="idm47306143275600"></a><h2>List</h2> | |
280 | <a name="idm47297888753968"></a><h2>List</h2> | |
275 | 281 | <p>List all the discovered and configured realms.</p> |
276 | 282 | <div class="informalexample"><pre class="programlisting"> |
277 | 283 | $ realm list |
301 | 307 | </table></div> |
302 | 308 | </div> |
303 | 309 | <div class="refsect1"> |
304 | <a name="idm47306143267872"></a><h2>Permit</h2> | |
310 | <a name="idm47297888747088"></a><h2>Permit</h2> | |
305 | 311 | <p>Permit local login by users of the realm.</p> |
306 | 312 | <div class="informalexample"><pre class="programlisting"> |
307 | 313 | $ realm permit --all |
345 | 351 | </table></div> |
346 | 352 | </div> |
347 | 353 | <div class="refsect1"> |
348 | <a name="idm47306143256464"></a><h2>Deny</h2> | |
354 | <a name="idm47297888736880"></a><h2>Deny</h2> | |
349 | 355 | <p>Deny local login by realm accounts.</p> |
350 | 356 | <div class="informalexample"><pre class="programlisting"> |
351 | 357 | $ realm deny --all |
27 | 27 | <td valign="top" align="right"></td> |
28 | 28 | </tr></table></div> |
29 | 29 | <div class="refsect1"> |
30 | <a name="idm47306142918832"></a><h2>Configuration File</h2> | |
30 | <a name="idm47297889063200"></a><h2>Configuration File</h2> | |
31 | 31 | <p><span class="command"><strong>realmd</strong></span> can be tweaked by network administrators |
32 | 32 | to act in specific ways. This is done by placing settings in a |
33 | 33 | <code class="filename">/etc/realmd.conf</code>. This file does not exist by |
181 | 181 | that have no home directory explicitly set.</p> |
182 | 182 | <div class="informalexample"><pre class="programlisting"> |
183 | 183 | [users] |
184 | default-home = /home/%D/%U | |
184 | default-home = /home/%U@%D | |
185 | 185 | # default-home = /nfs/home/%D-%U |
186 | ||
187 | </pre></div> | |
188 | <p>The default setting for this is <code class="option">/home/%D/%U</code>. The | |
186 | # default-home = /home/%D/%U | |
187 | ||
188 | </pre></div> | |
189 | <p>The default setting for this is <code class="option">/home/%U@%D</code>. The | |
189 | 190 | <code class="option">%D</code> format is replaced by the domain name. The <code class="option">%U</code> |
190 | 191 | format is replaced by the user name.</p> |
191 | 192 | <p>You can verify the home directory for a user by running the |
229 | 230 | </table></div> |
230 | 231 | </div> |
231 | 232 | <div class="refsect1"> |
232 | <a name="idm47306140429536"></a><h2>Realm specific settings</h2> | |
233 | <a name="idm47297893509472"></a><h2>Realm specific settings</h2> | |
233 | 234 | <p>These options should go in an section with the same name |
234 | 235 | as the realm in the <code class="filename">/etc/realmd.conf</code> file. |
235 | 236 | For example for the <code class="option">domain.example.com</code> domain |
82 | 82 | } |
83 | 83 | |
84 | 84 | gboolean |
85 | realm_options_automatic_mapping (const gchar *realm_name) | |
85 | realm_options_automatic_mapping (GVariant *options, | |
86 | const gchar *realm_name) | |
86 | 87 | { |
88 | gboolean mapping = FALSE; | |
89 | gboolean option = FALSE; | |
87 | 90 | gchar *section; |
88 | gboolean mapping; | |
89 | 91 | |
90 | section = g_utf8_casefold (realm_name, -1); | |
91 | mapping = realm_settings_boolean (realm_name, "automatic-id-mapping", TRUE); | |
92 | g_free (section); | |
92 | if (options) { | |
93 | option = g_variant_lookup (options, REALM_DBUS_OPTION_AUTOMATIC_ID_MAPPING, "b", &mapping); | |
94 | } | |
95 | ||
96 | if (realm_name && !option) { | |
97 | section = g_utf8_casefold (realm_name, -1); | |
98 | mapping = realm_settings_boolean (realm_name, REALM_DBUS_OPTION_AUTOMATIC_ID_MAPPING, TRUE); | |
99 | g_free (section); | |
100 | } | |
93 | 101 | |
94 | 102 | return mapping; |
95 | 103 | } |
33 | 33 | const gchar * realm_options_user_principal (GVariant *options, |
34 | 34 | const gchar *realm_name); |
35 | 35 | |
36 | gboolean realm_options_automatic_mapping (const gchar *realm_name); | |
36 | gboolean realm_options_automatic_mapping (GVariant *options, | |
37 | const gchar *realm_name); | |
37 | 38 | |
38 | 39 | gboolean realm_options_qualify_names (const gchar *realm_name); |
39 | 40 |
71 | 71 | void |
72 | 72 | realm_samba_winbind_configure_async (RealmIniConfig *config, |
73 | 73 | const gchar *domain_name, |
74 | GVariant *options, | |
74 | 75 | GDBusMethodInvocation *invocation, |
75 | 76 | GAsyncReadyCallback callback, |
76 | 77 | gpointer user_data) |
98 | 99 | "template shell", realm_settings_string ("users", "default-shell"), |
99 | 100 | NULL); |
100 | 101 | |
101 | if (realm_options_automatic_mapping (domain_name)) { | |
102 | if (realm_options_automatic_mapping (options, domain_name)) { | |
102 | 103 | realm_ini_config_set (config, REALM_SAMBA_CONFIG_GLOBAL, |
103 | 104 | "idmap uid", "10000-2000000", |
104 | 105 | "idmap gid", "10000-2000000", |
22 | 22 | |
23 | 23 | void realm_samba_winbind_configure_async (RealmIniConfig *config, |
24 | 24 | const gchar *domain_name, |
25 | GVariant *options, | |
25 | 26 | GDBusMethodInvocation *invocation, |
26 | 27 | GAsyncReadyCallback callback, |
27 | 28 | gpointer user_data); |
199 | 199 | |
200 | 200 | if (error == NULL) { |
201 | 201 | name = realm_kerberos_get_name (REALM_KERBEROS (self)); |
202 | realm_samba_winbind_configure_async (self->config, name, | |
202 | realm_samba_winbind_configure_async (self->config, name, enroll->options, | |
203 | 203 | enroll->invocation, |
204 | 204 | on_winbind_done, g_object_ref (task)); |
205 | 205 | } else { |
193 | 193 | "ad_domain", disco->domain_name, |
194 | 194 | "krb5_realm", disco->kerberos_realm, |
195 | 195 | "krb5_store_password_if_offline", "True", |
196 | "ldap_id_mapping", realm_options_automatic_mapping (disco->domain_name) ? "True" : "False", | |
196 | "ldap_id_mapping", realm_options_automatic_mapping (options, disco->domain_name) ? "True" : "False", | |
197 | 197 | "realmd_tags", realmd_tags->str, |
198 | 198 | |
199 | 199 | "fallback_homedir", home, |
33 | 33 | |
34 | 34 | [users] |
35 | 35 | default-shell = /bin/bash |
36 | default-home = /home/%D/%U | |
36 | default-home = /home/%U@%D | |
37 | 37 | |
38 | 38 | [example.com] |
39 | 39 | example-administrator = Administrator |
2 | 2 | smb.conf = /etc/samba/smb.conf |
3 | 3 | |
4 | 4 | [samba-packages] |
5 | samba-common = /usr/bin/net | |
5 | samba-common-tools = /usr/bin/net | |
6 | 6 | |
7 | 7 | [winbind-packages] |
8 | 8 | samba-winbind = /usr/sbin/winbindd |
1 | 1 | # Required for sssd config tests |
2 | 2 | [users] |
3 | 3 | default-shell = /bin/bash |
4 | default-home = /home/%D/%U | |
4 | default-home = /home/%U@%D |
173 | 173 | gboolean no_password; |
174 | 174 | gchar *one_time_password; |
175 | 175 | gchar *user_principal; |
176 | gboolean automatic_id_mapping_set; | |
177 | gboolean automatic_id_mapping; | |
176 | 178 | } RealmJoinArgs; |
179 | ||
180 | static void | |
181 | realm_join_args_clear (gpointer data) | |
182 | { | |
183 | RealmJoinArgs *args = data; | |
184 | g_free (args->user); | |
185 | g_free (args->computer_ou); | |
186 | g_free (args->client_software); | |
187 | g_free (args->server_software); | |
188 | g_free (args->user_principal); | |
189 | } | |
190 | ||
191 | static gboolean | |
192 | realm_join_arg_id_mapping (const gchar *option_name, | |
193 | const gchar *value, | |
194 | gpointer data, | |
195 | GError **error) | |
196 | { | |
197 | RealmJoinArgs *args = data; | |
198 | args->automatic_id_mapping_set = TRUE; | |
199 | return realm_parse_boolean (option_name, value, TRUE, &args->automatic_id_mapping, error); | |
200 | } | |
177 | 201 | |
178 | 202 | static int |
179 | 203 | perform_join (RealmClient *client, |
212 | 236 | return 1; |
213 | 237 | } |
214 | 238 | |
239 | g_printerr ("id mapping %d %d\n", args->automatic_id_mapping_set, args->automatic_id_mapping); | |
215 | 240 | options = realm_build_options (REALM_DBUS_OPTION_COMPUTER_OU, args->computer_ou, |
216 | 241 | REALM_DBUS_OPTION_MEMBERSHIP_SOFTWARE, args->membership_software, |
217 | 242 | REALM_DBUS_OPTION_USER_PRINCIPAL, args->user_principal, |
243 | args->automatic_id_mapping_set ? | |
244 | REALM_DBUS_OPTION_AUTOMATIC_ID_MAPPING : NULL, | |
245 | args->automatic_id_mapping, | |
218 | 246 | NULL); |
219 | 247 | g_variant_ref_sink (options); |
220 | 248 | |
247 | 275 | GError *error = NULL; |
248 | 276 | const gchar *realm_name; |
249 | 277 | RealmJoinArgs args; |
278 | GOptionGroup *group; | |
250 | 279 | gint ret = 0; |
251 | 280 | |
252 | 281 | GOptionEntry option_entries[] = { |
264 | 293 | N_("Join automatically without a password"), NULL }, |
265 | 294 | { "one-time-password", 0, 0, G_OPTION_ARG_STRING, &args.one_time_password, |
266 | 295 | N_("Join using a preset one time password"), NULL }, |
296 | { "automatic-id-mapping", 0, G_OPTION_FLAG_OPTIONAL_ARG, G_OPTION_ARG_CALLBACK, | |
297 | realm_join_arg_id_mapping, N_("Turn off automatic id mapping"), "no" }, | |
267 | 298 | { "user-principal", 0, 0, G_OPTION_ARG_STRING, &args.user_principal, |
268 | 299 | N_("Set the user principal for the computer account"), NULL }, |
269 | 300 | { NULL, } |
273 | 304 | |
274 | 305 | context = g_option_context_new ("realm"); |
275 | 306 | g_option_context_set_translation_domain (context, GETTEXT_PACKAGE); |
276 | g_option_context_add_main_entries (context, option_entries, NULL); | |
277 | g_option_context_add_main_entries (context, realm_global_options, NULL); | |
307 | ||
308 | group = g_option_group_new (NULL, NULL, NULL, &args, realm_join_args_clear); | |
309 | g_option_group_add_entries (group, option_entries); | |
310 | g_option_group_add_entries (group, realm_global_options); | |
311 | g_option_context_set_main_group (context, group); | |
278 | 312 | |
279 | 313 | if (!g_option_context_parse (context, &argc, &argv, &error)) { |
280 | 314 | g_printerr ("%s: %s\n", g_get_prgname (), error->message); |
300 | 334 | ret = perform_join (client, realm_name, &args); |
301 | 335 | } |
302 | 336 | |
303 | g_free (args.user); | |
304 | g_free (args.computer_ou); | |
305 | g_free (args.client_software); | |
306 | g_free (args.server_software); | |
307 | g_free (args.user_principal); | |
308 | 337 | g_option_context_free (context); |
309 | 338 | return ret; |
310 | 339 | } |
82 | 82 | |
83 | 83 | #ifdef WITH_JOURNAL |
84 | 84 | remote = error ? g_dbus_error_get_remote_error (error) : NULL; |
85 | if (diag_hint && realm_operation_id && !realm_verbose && | |
85 | if (error && diag_hint && realm_operation_id && !realm_verbose && | |
86 | 86 | g_strcmp0 (remote, REALM_DBUS_ERROR_NOT_AUTHORIZED) != 0) { |
87 | 87 | g_printerr ("See: journalctl REALMD_OPERATION=%s\n", |
88 | 88 | realm_operation_id); |
128 | 128 | opts = g_ptr_array_new (); |
129 | 129 | while (first != NULL) { |
130 | 130 | option = NULL; |
131 | if (g_str_equal (first, "groups")) { | |
131 | if (g_str_equal (first, "groups") || | |
132 | g_str_equal (first, REALM_DBUS_OPTION_AUTOMATIC_ID_MAPPING)) { | |
132 | 133 | bvalue = va_arg (va, gboolean); |
133 | 134 | option = g_variant_new ("{sv}", first, g_variant_new_boolean (bvalue)); |
134 | 135 | } else { |
157 | 158 | g_ptr_array_free (opts, TRUE); |
158 | 159 | |
159 | 160 | return options; |
161 | } | |
162 | ||
163 | gboolean | |
164 | realm_parse_boolean (const gchar *option, | |
165 | const gchar *value, | |
166 | gboolean defalt, | |
167 | gboolean *result, | |
168 | GError **error) | |
169 | { | |
170 | if (!value || g_str_equal (value, "")) { | |
171 | *result = defalt; | |
172 | return TRUE; | |
173 | } else if (g_ascii_strcasecmp (value, "yes") == 0 || | |
174 | g_ascii_strcasecmp (value, "true") == 0) { | |
175 | *result = TRUE; | |
176 | return TRUE; | |
177 | } else if (g_ascii_strcasecmp (value, "no") == 0 || | |
178 | g_ascii_strcasecmp (value, "false") == 0) { | |
179 | *result = FALSE; | |
180 | return TRUE; | |
181 | } else { | |
182 | g_set_error (error, G_OPTION_ERROR, G_OPTION_ERROR_BAD_VALUE, | |
183 | _("Invalid value for %s option: %s"), option, value); | |
184 | return FALSE; | |
185 | } | |
160 | 186 | } |
161 | 187 | |
162 | 188 | gboolean |
66 | 66 | const gchar *format, |
67 | 67 | ...) G_GNUC_PRINTF (2, 3); |
68 | 68 | |
69 | gboolean realm_parse_boolean (const gchar *option, | |
70 | const gchar *value, | |
71 | gboolean defalt, | |
72 | gboolean *result, | |
73 | GError **error); | |
74 | ||
69 | 75 | GVariant * realm_kinit_to_kerberos_cache (const gchar *name, |
70 | 76 | const gchar *realm, |
71 | 77 | const gchar *password, |