Imported Upstream version 0.16.2
Michael Biebl
8 years ago
102 | 102 | |
103 | 103 | include doc/manual/Makefile.am |
104 | 104 | include doc/internals/Makefile.am |
105 | include doc/website/Makefile.am | |
105 | 106 | |
106 | 107 | EXTRA_DIST += \ |
107 | 108 | doc/version.xml.in \ |
108 | 109 | doc/version.xml |
109 | 110 | |
110 | 111 | DISTCLEANFILES += \ |
111 | website/Makefile | |
112 | doc/website/Makefile | |
112 | 113 | |
113 | website: | |
114 | make -C website all | |
115 | ||
116 | upload-website: manual/index.html internals/realmd-internals.html | |
117 | make -C website upload | |
114 | upload-website: website manual/index.html internals/realmd-internals.html | |
118 | 115 | rsync -Hvax manual/./ anarchy.freedesktop.org:/srv/www.freedesktop.org/www/software/realmd/docs/./ |
119 | 116 | rsync -Hvax internals/./ anarchy.freedesktop.org:/srv/www.freedesktop.org/www/software/realmd/internals/./ |
117 | rsync -Hvax --exclude docs --exclude internals --exclude releases \ | |
118 | html/* anarchy.freedesktop.org:/srv/www.freedesktop.org/www/software/realmd/ | |
120 | 119 | |
121 | 120 | dist-doc-hook: manual/index.html |
122 | 121 | @mkdir $(distdir)/manual |
113 | 113 | @ENABLE_DOC_TRUE@ $(DBUS_DOC_GENERATED) $(DBUS_ESCAPED) \ |
114 | 114 | @ENABLE_DOC_TRUE@ $(man8_MANS) $(man5_MANS) manual/index.html \ |
115 | 115 | @ENABLE_DOC_TRUE@ *.tmp $(NULL) internals/realmd-internals.html \ |
116 | @ENABLE_DOC_TRUE@ $(NULL) | |
116 | @ENABLE_DOC_TRUE@ $(NULL) html/* | |
117 | 117 | @ENABLE_DOC_TRUE@am__append_5 = \ |
118 | @ENABLE_DOC_TRUE@ website/Makefile | |
118 | @ENABLE_DOC_TRUE@ doc/website/Makefile | |
119 | 119 | |
120 | 120 | subdir = . |
121 | 121 | ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 |
579 | 579 | DIST_SUBDIRS = $(SUBDIRS) |
580 | 580 | am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/config.h.in \ |
581 | 581 | $(srcdir)/dbus/Makefile.am $(srcdir)/doc/internals/Makefile.am \ |
582 | $(srcdir)/doc/manual/Makefile.am $(srcdir)/service/Makefile.am \ | |
583 | $(srcdir)/tests/Makefile.am $(srcdir)/tools/Makefile.am \ | |
584 | $(top_srcdir)/build/compile $(top_srcdir)/build/depcomp \ | |
585 | $(top_srcdir)/build/install-sh $(top_srcdir)/build/missing \ | |
586 | $(top_srcdir)/build/test-driver \ | |
582 | $(srcdir)/doc/manual/Makefile.am \ | |
583 | $(srcdir)/doc/website/Makefile.am \ | |
584 | $(srcdir)/service/Makefile.am $(srcdir)/tests/Makefile.am \ | |
585 | $(srcdir)/tools/Makefile.am $(top_srcdir)/build/compile \ | |
586 | $(top_srcdir)/build/depcomp $(top_srcdir)/build/install-sh \ | |
587 | $(top_srcdir)/build/missing $(top_srcdir)/build/test-driver \ | |
587 | 588 | $(top_srcdir)/doc/version.xml.in AUTHORS COPYING ChangeLog \ |
588 | 589 | INSTALL NEWS README build/compile build/depcomp \ |
589 | 590 | build/install-sh build/missing |
1153 | 1154 | .SUFFIXES: .conf .conf.in .desktop.in .desktop.in.in .service .service.in .5 .8 .c .log .o .obj .test .test$(EXEEXT) .trs .xml |
1154 | 1155 | am--refresh: Makefile |
1155 | 1156 | @: |
1156 | $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/dbus/Makefile.am $(srcdir)/service/Makefile.am $(srcdir)/tests/Makefile.am $(srcdir)/tools/Makefile.am $(srcdir)/doc/manual/Makefile.am $(srcdir)/doc/internals/Makefile.am $(am__configure_deps) | |
1157 | $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/dbus/Makefile.am $(srcdir)/service/Makefile.am $(srcdir)/tests/Makefile.am $(srcdir)/tools/Makefile.am $(srcdir)/doc/manual/Makefile.am $(srcdir)/doc/internals/Makefile.am $(srcdir)/doc/website/Makefile.am $(am__configure_deps) | |
1157 | 1158 | @for dep in $?; do \ |
1158 | 1159 | case '$(am__configure_deps)' in \ |
1159 | 1160 | *$$dep*) \ |
1175 | 1176 | echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe)'; \ |
1176 | 1177 | cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe);; \ |
1177 | 1178 | esac; |
1178 | $(srcdir)/dbus/Makefile.am $(srcdir)/service/Makefile.am $(srcdir)/tests/Makefile.am $(srcdir)/tools/Makefile.am $(srcdir)/doc/manual/Makefile.am $(srcdir)/doc/internals/Makefile.am $(am__empty): | |
1179 | $(srcdir)/dbus/Makefile.am $(srcdir)/service/Makefile.am $(srcdir)/tests/Makefile.am $(srcdir)/tools/Makefile.am $(srcdir)/doc/manual/Makefile.am $(srcdir)/doc/internals/Makefile.am $(srcdir)/doc/website/Makefile.am $(am__empty): | |
1179 | 1180 | |
1180 | 1181 | $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) |
1181 | 1182 | $(SHELL) ./config.status --recheck |
3468 | 3469 | @ENABLE_DOC_TRUE@ done |
3469 | 3470 | |
3470 | 3471 | @ENABLE_DOC_TRUE@website: |
3471 | @ENABLE_DOC_TRUE@ make -C website all | |
3472 | ||
3473 | @ENABLE_DOC_TRUE@upload-website: manual/index.html internals/realmd-internals.html | |
3474 | @ENABLE_DOC_TRUE@ make -C website upload | |
3472 | @ENABLE_DOC_TRUE@ SRCDIR=$(srcdir) BUILDDIR=$(builddir) python $(srcdir)/doc/website/jinja2-build.py | |
3473 | ||
3474 | @ENABLE_DOC_TRUE@upload-website: website manual/index.html internals/realmd-internals.html | |
3475 | 3475 | @ENABLE_DOC_TRUE@ rsync -Hvax manual/./ anarchy.freedesktop.org:/srv/www.freedesktop.org/www/software/realmd/docs/./ |
3476 | 3476 | @ENABLE_DOC_TRUE@ rsync -Hvax internals/./ anarchy.freedesktop.org:/srv/www.freedesktop.org/www/software/realmd/internals/./ |
3477 | @ENABLE_DOC_TRUE@ rsync -Hvax --exclude docs --exclude internals --exclude releases \ | |
3478 | @ENABLE_DOC_TRUE@ html/* anarchy.freedesktop.org:/srv/www.freedesktop.org/www/software/realmd/ | |
3477 | 3479 | |
3478 | 3480 | @ENABLE_DOC_TRUE@dist-doc-hook: manual/index.html |
3479 | 3481 | @ENABLE_DOC_TRUE@ @mkdir $(distdir)/manual |
0 | 0.16.2 | |
1 | * Be more liberal with domain name chars | |
2 | * Increase timeout when calling PackageKit | |
3 | * List package names with spaces between them [#89464] | |
4 | * Install to $prefix/lib instead of $libdir | |
5 | ||
0 | 6 | 0.16.1 |
1 | 7 | * libsystemd build fix [#90519] |
2 | 8 | * Change default home directory to /home/%U@%D |
0 | 0 | #! /bin/sh |
1 | 1 | # Guess values for system-dependent variables and create Makefiles. |
2 | # Generated by GNU Autoconf 2.69 for realmd 0.16.1. | |
2 | # Generated by GNU Autoconf 2.69 for realmd 0.16.2. | |
3 | 3 | # |
4 | 4 | # Report bugs to <http://bugs.freedesktop.org/enter_bug.cgi?product=realmd>. |
5 | 5 | # |
580 | 580 | # Identity of this package. |
581 | 581 | PACKAGE_NAME='realmd' |
582 | 582 | PACKAGE_TARNAME='realmd' |
583 | PACKAGE_VERSION='0.16.1' | |
584 | PACKAGE_STRING='realmd 0.16.1' | |
583 | PACKAGE_VERSION='0.16.2' | |
584 | PACKAGE_STRING='realmd 0.16.2' | |
585 | 585 | PACKAGE_BUGREPORT='http://bugs.freedesktop.org/enter_bug.cgi?product=realmd' |
586 | 586 | PACKAGE_URL='' |
587 | 587 | |
1372 | 1372 | # Omit some internal or obsolete options to make the list less imposing. |
1373 | 1373 | # This message is too long to be a string in the A/UX 3.1 sh. |
1374 | 1374 | cat <<_ACEOF |
1375 | \`configure' configures realmd 0.16.1 to adapt to many kinds of systems. | |
1375 | \`configure' configures realmd 0.16.2 to adapt to many kinds of systems. | |
1376 | 1376 | |
1377 | 1377 | Usage: $0 [OPTION]... [VAR=VALUE]... |
1378 | 1378 | |
1438 | 1438 | |
1439 | 1439 | if test -n "$ac_init_help"; then |
1440 | 1440 | case $ac_init_help in |
1441 | short | recursive ) echo "Configuration of realmd 0.16.1:";; | |
1441 | short | recursive ) echo "Configuration of realmd 0.16.2:";; | |
1442 | 1442 | esac |
1443 | 1443 | cat <<\_ACEOF |
1444 | 1444 | |
1565 | 1565 | test -n "$ac_init_help" && exit $ac_status |
1566 | 1566 | if $ac_init_version; then |
1567 | 1567 | cat <<\_ACEOF |
1568 | realmd configure 0.16.1 | |
1568 | realmd configure 0.16.2 | |
1569 | 1569 | generated by GNU Autoconf 2.69 |
1570 | 1570 | |
1571 | 1571 | Copyright (C) 2012 Free Software Foundation, Inc. |
1934 | 1934 | This file contains any messages produced by compilers while |
1935 | 1935 | running configure, to aid debugging if configure makes a mistake. |
1936 | 1936 | |
1937 | It was created by realmd $as_me 0.16.1, which was | |
1937 | It was created by realmd $as_me 0.16.2, which was | |
1938 | 1938 | generated by GNU Autoconf 2.69. Invocation command line was |
1939 | 1939 | |
1940 | 1940 | $ $0 $@ |
2810 | 2810 | |
2811 | 2811 | # Define the identity of the package. |
2812 | 2812 | PACKAGE='realmd' |
2813 | VERSION='0.16.1' | |
2813 | VERSION='0.16.2' | |
2814 | 2814 | |
2815 | 2815 | |
2816 | 2816 | cat >>confdefs.h <<_ACEOF |
8487 | 8487 | # ------------------------------------------------------------------------------ |
8488 | 8488 | # Results |
8489 | 8489 | |
8490 | privatedir='${libdir}/realmd' | |
8490 | privatedir='${prefix}/lib/realmd' | |
8491 | 8491 | |
8492 | 8492 | |
8493 | 8493 | cachedir='${localstatedir}/cache/realmd' |
9057 | 9057 | # report actual input values of CONFIG_FILES etc. instead of their |
9058 | 9058 | # values after options handling. |
9059 | 9059 | ac_log=" |
9060 | This file was extended by realmd $as_me 0.16.1, which was | |
9060 | This file was extended by realmd $as_me 0.16.2, which was | |
9061 | 9061 | generated by GNU Autoconf 2.69. Invocation command line was |
9062 | 9062 | |
9063 | 9063 | CONFIG_FILES = $CONFIG_FILES |
9123 | 9123 | cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 |
9124 | 9124 | ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" |
9125 | 9125 | ac_cs_version="\\ |
9126 | realmd config.status 0.16.1 | |
9126 | realmd config.status 0.16.2 | |
9127 | 9127 | configured by $0, generated by GNU Autoconf 2.69, |
9128 | 9128 | with options \\"\$ac_cs_config\\" |
9129 | 9129 |
0 | 0 | AC_PREREQ(2.63) |
1 | 1 | |
2 | AC_INIT([realmd], [0.16.1], | |
2 | AC_INIT([realmd], [0.16.2], | |
3 | 3 | [http://bugs.freedesktop.org/enter_bug.cgi?product=realmd], |
4 | 4 | [realmd]) |
5 | 5 | |
370 | 370 | # ------------------------------------------------------------------------------ |
371 | 371 | # Results |
372 | 372 | |
373 | privatedir='${libdir}/realmd' | |
373 | privatedir='${prefix}/lib/realmd' | |
374 | 374 | AC_SUBST(privatedir) |
375 | 375 | |
376 | 376 | cachedir='${localstatedir}/cache/realmd' |
0 | ||
1 | website: | |
2 | SRCDIR=$(srcdir) BUILDDIR=$(builddir) python $(srcdir)/doc/website/jinja2-build.py | |
3 | ||
4 | CLEANFILES += html/* |
35 | 35 | <td valign="top" align="right"></td> |
36 | 36 | </tr></table></div> |
37 | 37 | <div class="refsect1"> |
38 | <a name="idm47297892231984"></a><h2>Properties</h2> | |
38 | <a name="idm139813439150944"></a><h2>Properties</h2> | |
39 | 39 | <pre class="synopsis"> |
40 | 40 | <GTKDOCLINK HREF="gdbus-property-org-freedesktop-realmd-Kerberos.RealmName">RealmName</GTKDOCLINK> readable s |
41 | 41 | <GTKDOCLINK HREF="gdbus-property-org-freedesktop-realmd-Kerberos.DomainName">DomainName</GTKDOCLINK> readable s |
45 | 45 | </pre> |
46 | 46 | </div> |
47 | 47 | <div class="refsect1"> |
48 | <a name="idm47297889943312"></a><h2>Properties</h2> | |
48 | <a name="idm139813440320336"></a><h2>Properties</h2> | |
49 | 49 | <pre class="synopsis"> |
50 | 50 | <GTKDOCLINK HREF="gdbus-property-org-freedesktop-realmd-KerberosMembership.SuggestedAdministrator">SuggestedAdministrator</GTKDOCLINK> readable s |
51 | 51 | <GTKDOCLINK HREF="gdbus-property-org-freedesktop-realmd-KerberosMembership.SupportedJoinCredentials">SupportedJoinCredentials</GTKDOCLINK> readable a(ss) |
45 | 45 | </pre> |
46 | 46 | </div> |
47 | 47 | <div class="refsect1"> |
48 | <a name="idm47297895308560"></a><h2>Properties</h2> | |
48 | <a name="idm139813445279152"></a><h2>Properties</h2> | |
49 | 49 | <pre class="synopsis"> |
50 | 50 | <GTKDOCLINK HREF="gdbus-property-org-freedesktop-realmd-Provider.Name">Name</GTKDOCLINK> readable s |
51 | 51 | <GTKDOCLINK HREF="gdbus-property-org-freedesktop-realmd-Provider.Version">Version</GTKDOCLINK> readable s |
46 | 46 | </pre> |
47 | 47 | </div> |
48 | 48 | <div class="refsect1"> |
49 | <a name="idm47297891890320"></a><h2>Properties</h2> | |
49 | <a name="idm139813439218848"></a><h2>Properties</h2> | |
50 | 50 | <pre class="synopsis"> |
51 | 51 | <GTKDOCLINK HREF="gdbus-property-org-freedesktop-realmd-Realm.Name">Name</GTKDOCLINK> readable s |
52 | 52 | <GTKDOCLINK HREF="gdbus-property-org-freedesktop-realmd-Realm.Configured">Configured</GTKDOCLINK> readable s |
44 | 44 | </pre> |
45 | 45 | </div> |
46 | 46 | <div class="refsect1"> |
47 | <a name="idm47297890480336"></a><h2>Signals</h2> | |
47 | <a name="idm139813440124880"></a><h2>Signals</h2> | |
48 | 48 | <pre class="synopsis"> |
49 | 49 | <GTKDOCLINK HREF="gdbus-signal-org-freedesktop-realmd-Service.Diagnostics">Diagnostics</GTKDOCLINK> (s data, |
50 | 50 | s operation); |
31 | 31 | By default SSSD is used.</p> |
32 | 32 | <div class="section"> |
33 | 33 | <div class="titlepage"><div><div><h3 class="title"> |
34 | <a name="idm47297896462208"></a>Using SSSD with Active Directory</h3></div></div></div> | |
34 | <a name="idm139813439423648"></a>Using SSSD with Active Directory</h3></div></div></div> | |
35 | 35 | <p><a class="ulink" href="https://fedorahosted.org/sssd/" target="_top">SSSD</a> |
36 | 36 | provides client software for various kerberos and/or LDAP |
37 | 37 | directories. Since version 1.9.x it provides good support |
49 | 49 | </div> |
50 | 50 | <div class="section"> |
51 | 51 | <div class="titlepage"><div><div><h3 class="title"> |
52 | <a name="idm47297889828816"></a>Using Winbind with Active Directory</h3></div></div></div> | |
52 | <a name="idm139813443480672"></a>Using Winbind with Active Directory</h3></div></div></div> | |
53 | 53 | <p>Samba |
54 | 54 | <a class="ulink" href="http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html" target="_top">Winbind</a> |
55 | 55 | provides client software for use with Active Directory.</p> |
24 | 24 | <dt><span class="section"><a href="guide-active-directory.html#guide-active-directory-discover">Discovering Active Directory domains</a></span></dt> |
25 | 25 | <dt><span class="section"><a href="guide-active-directory-client.html">Active Directory client software</a></span></dt> |
26 | 26 | <dd><dl> |
27 | <dt><span class="section"><a href="guide-active-directory-client.html#idm47297896462208">Using SSSD with Active Directory</a></span></dt> | |
28 | <dt><span class="section"><a href="guide-active-directory-client.html#idm47297889828816">Using Winbind with Active Directory</a></span></dt> | |
27 | <dt><span class="section"><a href="guide-active-directory-client.html#idm139813439423648">Using SSSD with Active Directory</a></span></dt> | |
28 | <dt><span class="section"><a href="guide-active-directory-client.html#idm139813443480672">Using Winbind with Active Directory</a></span></dt> | |
29 | 29 | </dl></dd> |
30 | 30 | <dt><span class="section"><a href="guide-active-directory-join.html">Joining an Active Directory domain</a></span></dt> |
31 | 31 | <dt><span class="section"><a href="guide-active-directory-permit.html">Logins using Domain Accounts</a></span></dt> |
21 | 21 | <div class="titlepage"><div><div><h2 class="title"> |
22 | 22 | <a name="guide-ipa"></a>Using with IPA</h2></div></div></div> |
23 | 23 | <div class="toc"><dl class="toc"> |
24 | <dt><span class="section"><a href="guide-ipa.html#idm47297889722256">Discovering IPA domains</a></span></dt> | |
24 | <dt><span class="section"><a href="guide-ipa.html#idm139813442275680">Discovering IPA domains</a></span></dt> | |
25 | 25 | <dt><span class="section"><a href="guide-ipa-client.html">IPA client software</a></span></dt> |
26 | 26 | <dt><span class="section"><a href="guide-ipa-join.html">Joining a IPA domain</a></span></dt> |
27 | 27 | <dt><span class="section"><a href="guide-ipa-permit.html">Logins using Domain Accounts</a></span></dt> |
32 | 32 | credentials.</p> |
33 | 33 | <div class="section"> |
34 | 34 | <div class="titlepage"><div><div><h2 class="title" style="clear: both"> |
35 | <a name="idm47297889722256"></a>Discovering IPA domains</h2></div></div></div> | |
35 | <a name="idm139813442275680"></a>Discovering IPA domains</h2></div></div></div> | |
36 | 36 | <p><span class="command"><strong>realmd</strong></span> discovers which domains or |
37 | 37 | realms it can use or configure. It can discover and identify |
38 | 38 | IPA domains by looking up the appropriate DNS SRV |
20 | 20 | <div class="chapter"> |
21 | 21 | <div class="titlepage"><div><div><h2 class="title"> |
22 | 22 | <a name="guide-kerberos"></a>Using with other Kerberos realms</h2></div></div></div> |
23 | <div class="toc"><dl class="toc"><dt><span class="section"><a href="guide-kerberos.html#idm47297892183456">Discovering Kerberos realms</a></span></dt></dl></div> | |
23 | <div class="toc"><dl class="toc"><dt><span class="section"><a href="guide-kerberos.html#idm139813442855920">Discovering Kerberos realms</a></span></dt></dl></div> | |
24 | 24 | <p><span class="command"><strong>realmd</strong></span> can discover generic Kerberos realms. |
25 | 25 | Since there is no standard way to enroll a computer against a Kerberos |
26 | 26 | server, it is not possible to do this with <span class="command"><strong>realmd</strong></span>.</p> |
27 | 27 | <div class="section"> |
28 | 28 | <div class="titlepage"><div><div><h2 class="title" style="clear: both"> |
29 | <a name="idm47297892183456"></a>Discovering Kerberos realms</h2></div></div></div> | |
29 | <a name="idm139813442855920"></a>Discovering Kerberos realms</h2></div></div></div> | |
30 | 30 | <p><span class="command"><strong>realmd</strong></span> discovers which domains or |
31 | 31 | realms it can use or configure. It can discover and identify |
32 | 32 | Kerberos domains by looking up the appropriate DNS SRV |
37 | 37 | <dt><span class="section"><a href="guide-active-directory.html#guide-active-directory-discover">Discovering Active Directory domains</a></span></dt> |
38 | 38 | <dt><span class="section"><a href="guide-active-directory-client.html">Active Directory client software</a></span></dt> |
39 | 39 | <dd><dl> |
40 | <dt><span class="section"><a href="guide-active-directory-client.html#idm47297896462208">Using SSSD with Active Directory</a></span></dt> | |
41 | <dt><span class="section"><a href="guide-active-directory-client.html#idm47297889828816">Using Winbind with Active Directory</a></span></dt> | |
40 | <dt><span class="section"><a href="guide-active-directory-client.html#idm139813439423648">Using SSSD with Active Directory</a></span></dt> | |
41 | <dt><span class="section"><a href="guide-active-directory-client.html#idm139813443480672">Using Winbind with Active Directory</a></span></dt> | |
42 | 42 | </dl></dd> |
43 | 43 | <dt><span class="section"><a href="guide-active-directory-join.html">Joining an Active Directory domain</a></span></dt> |
44 | 44 | <dt><span class="section"><a href="guide-active-directory-permit.html">Logins using Domain Accounts</a></span></dt> |
45 | 45 | </dl></dd> |
46 | 46 | <dt><span class="chapter"><a href="guide-ipa.html">Using with IPA</a></span></dt> |
47 | 47 | <dd><dl> |
48 | <dt><span class="section"><a href="guide-ipa.html#idm47297889722256">Discovering IPA domains</a></span></dt> | |
48 | <dt><span class="section"><a href="guide-ipa.html#idm139813442275680">Discovering IPA domains</a></span></dt> | |
49 | 49 | <dt><span class="section"><a href="guide-ipa-client.html">IPA client software</a></span></dt> |
50 | 50 | <dt><span class="section"><a href="guide-ipa-join.html">Joining a IPA domain</a></span></dt> |
51 | 51 | <dt><span class="section"><a href="guide-ipa-permit.html">Logins using Domain Accounts</a></span></dt> |
52 | 52 | </dl></dd> |
53 | 53 | <dt><span class="chapter"><a href="guide-kerberos.html">Using with other Kerberos realms</a></span></dt> |
54 | <dd><dl><dt><span class="section"><a href="guide-kerberos.html#idm47297892183456">Discovering Kerberos realms</a></span></dt></dl></dd> | |
54 | <dd><dl><dt><span class="section"><a href="guide-kerberos.html#idm139813442855920">Discovering Kerberos realms</a></span></dt></dl></dd> | |
55 | 55 | <dt><span class="chapter"><a href="guide-integration.html">Integration</a></span></dt> |
56 | 56 | </dl> |
57 | 57 | </div> |
12 | 12 | <div class="titlepage"> |
13 | 13 | <div> |
14 | 14 | <div><table class="navigation" id="top" width="100%" cellpadding="2" cellspacing="0"><tr><th valign="middle"><p class="title">realmd</p></th></tr></table></div> |
15 | <div><p class="releaseinfo">for 0.16.1 | |
15 | <div><p class="releaseinfo">for 0.16.2 | |
16 | 16 | </p></div> |
17 | 17 | </div> |
18 | 18 | <hr> |
34 | 34 | <dt><span class="section"><a href="guide-active-directory.html#guide-active-directory-discover">Discovering Active Directory domains</a></span></dt> |
35 | 35 | <dt><span class="section"><a href="guide-active-directory-client.html">Active Directory client software</a></span></dt> |
36 | 36 | <dd><dl> |
37 | <dt><span class="section"><a href="guide-active-directory-client.html#idm47297896462208">Using SSSD with Active Directory</a></span></dt> | |
38 | <dt><span class="section"><a href="guide-active-directory-client.html#idm47297889828816">Using Winbind with Active Directory</a></span></dt> | |
37 | <dt><span class="section"><a href="guide-active-directory-client.html#idm139813439423648">Using SSSD with Active Directory</a></span></dt> | |
38 | <dt><span class="section"><a href="guide-active-directory-client.html#idm139813443480672">Using Winbind with Active Directory</a></span></dt> | |
39 | 39 | </dl></dd> |
40 | 40 | <dt><span class="section"><a href="guide-active-directory-join.html">Joining an Active Directory domain</a></span></dt> |
41 | 41 | <dt><span class="section"><a href="guide-active-directory-permit.html">Logins using Domain Accounts</a></span></dt> |
42 | 42 | </dl></dd> |
43 | 43 | <dt><span class="chapter"><a href="guide-ipa.html">Using with IPA</a></span></dt> |
44 | 44 | <dd><dl> |
45 | <dt><span class="section"><a href="guide-ipa.html#idm47297889722256">Discovering IPA domains</a></span></dt> | |
45 | <dt><span class="section"><a href="guide-ipa.html#idm139813442275680">Discovering IPA domains</a></span></dt> | |
46 | 46 | <dt><span class="section"><a href="guide-ipa-client.html">IPA client software</a></span></dt> |
47 | 47 | <dt><span class="section"><a href="guide-ipa-join.html">Joining a IPA domain</a></span></dt> |
48 | 48 | <dt><span class="section"><a href="guide-ipa-permit.html">Logins using Domain Accounts</a></span></dt> |
49 | 49 | </dl></dd> |
50 | 50 | <dt><span class="chapter"><a href="guide-kerberos.html">Using with other Kerberos realms</a></span></dt> |
51 | <dd><dl><dt><span class="section"><a href="guide-kerberos.html#idm47297892183456">Discovering Kerberos realms</a></span></dt></dl></dd> | |
51 | <dd><dl><dt><span class="section"><a href="guide-kerberos.html#idm139813442855920">Discovering Kerberos realms</a></span></dt></dl></dd> | |
52 | 52 | <dt><span class="chapter"><a href="guide-integration.html">Integration</a></span></dt> |
53 | 53 | </dl></dd> |
54 | 54 | <dt><span class="part"><a href="development.html">II. Developer Reference</a></span></dt> |
36 | 36 | <div class="cmdsynopsis"><p><code class="command">realm deny</code> -a [-R realm]</p></div> |
37 | 37 | </div> |
38 | 38 | <div class="refsect1"> |
39 | <a name="idm47297891142432"></a><h2>Description</h2> | |
39 | <a name="idm139813441667168"></a><h2>Description</h2> | |
40 | 40 | <p><span class="command"><strong>realm</strong></span> is a command line tool that |
41 | 41 | can be used to manage enrollment in kerberos realms, like Active |
42 | 42 | Directory domains or IPA domains.</p> |
70 | 70 | </table></div> |
71 | 71 | </div> |
72 | 72 | <div class="refsect1"> |
73 | <a name="idm47297891134592"></a><h2>Discover</h2> | |
73 | <a name="idm139813441659328"></a><h2>Discover</h2> | |
74 | 74 | <p>Discover a realm and its capabilities.</p> |
75 | 75 | <div class="informalexample"> |
76 | 76 | <pre class="programlisting"> |
121 | 121 | </table></div> |
122 | 122 | </div> |
123 | 123 | <div class="refsect1"> |
124 | <a name="idm47297891120416"></a><h2>Join</h2> | |
124 | <a name="idm139813441644912"></a><h2>Join</h2> | |
125 | 125 | <p>Configure the local machine for use with a realm.</p> |
126 | 126 | <div class="informalexample"> |
127 | 127 | <pre class="programlisting"> |
228 | 228 | </table></div> |
229 | 229 | </div> |
230 | 230 | <div class="refsect1"> |
231 | <a name="idm47297888766064"></a><h2>Leave</h2> | |
231 | <a name="idm139813441612112"></a><h2>Leave</h2> | |
232 | 232 | <p>Deconfigure the local machine for use with a realm.</p> |
233 | 233 | <div class="informalexample"> |
234 | 234 | <pre class="programlisting"> |
277 | 277 | </table></div> |
278 | 278 | </div> |
279 | 279 | <div class="refsect1"> |
280 | <a name="idm47297888753968"></a><h2>List</h2> | |
280 | <a name="idm139813441598448"></a><h2>List</h2> | |
281 | 281 | <p>List all the discovered and configured realms.</p> |
282 | 282 | <div class="informalexample"><pre class="programlisting"> |
283 | 283 | $ realm list |
307 | 307 | </table></div> |
308 | 308 | </div> |
309 | 309 | <div class="refsect1"> |
310 | <a name="idm47297888747088"></a><h2>Permit</h2> | |
310 | <a name="idm139813441590720"></a><h2>Permit</h2> | |
311 | 311 | <p>Permit local login by users of the realm.</p> |
312 | 312 | <div class="informalexample"><pre class="programlisting"> |
313 | 313 | $ realm permit --all |
351 | 351 | </table></div> |
352 | 352 | </div> |
353 | 353 | <div class="refsect1"> |
354 | <a name="idm47297888736880"></a><h2>Deny</h2> | |
354 | <a name="idm139813441579312"></a><h2>Deny</h2> | |
355 | 355 | <p>Deny local login by realm accounts.</p> |
356 | 356 | <div class="informalexample"><pre class="programlisting"> |
357 | 357 | $ realm deny --all |
27 | 27 | <td valign="top" align="right"></td> |
28 | 28 | </tr></table></div> |
29 | 29 | <div class="refsect1"> |
30 | <a name="idm47297889063200"></a><h2>Configuration File</h2> | |
30 | <a name="idm139813439138896"></a><h2>Configuration File</h2> | |
31 | 31 | <p><span class="command"><strong>realmd</strong></span> can be tweaked by network administrators |
32 | 32 | to act in specific ways. This is done by placing settings in a |
33 | 33 | <code class="filename">/etc/realmd.conf</code>. This file does not exist by |
230 | 230 | </table></div> |
231 | 231 | </div> |
232 | 232 | <div class="refsect1"> |
233 | <a name="idm47297893509472"></a><h2>Realm specific settings</h2> | |
233 | <a name="idm139813438651264"></a><h2>Realm specific settings</h2> | |
234 | 234 | <p>These options should go in an section with the same name |
235 | 235 | as the realm in the <code class="filename">/etc/realmd.conf</code> file. |
236 | 236 | For example for the <code class="option">domain.example.com</code> domain |
16 | 16 | #include "realm-dbus-constants.h" |
17 | 17 | #include "realm-disco-mscldap.h" |
18 | 18 | #include "realm-ldap.h" |
19 | #include "realm-options.h" | |
19 | 20 | |
20 | 21 | #include <glib/gi18n.h> |
21 | 22 | |
38 | 39 | #ifndef HOST_NAME_MAX |
39 | 40 | #define HOST_NAME_MAX 255 |
40 | 41 | #endif |
41 | ||
42 | #define DOMAIN_NAME_VALID "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-." | |
43 | 42 | |
44 | 43 | static void |
45 | 44 | closure_free (gpointer data) |
99 | 98 | guchar **at) |
100 | 99 | { |
101 | 100 | gchar buffer[HOST_NAME_MAX]; |
102 | gsize len; | |
103 | 101 | int n; |
104 | 102 | |
105 | 103 | n = dn_expand (beg, end, *at, buffer, sizeof (buffer)); |
106 | 104 | if (n < 0) |
107 | 105 | return NULL; |
108 | 106 | |
109 | len = strlen (buffer); | |
110 | if (strspn (buffer, DOMAIN_NAME_VALID) != len) { | |
107 | if (!realm_options_check_domain_name (buffer)) { | |
111 | 108 | g_message ("received invalid NetLogon string characters"); |
112 | 109 | return NULL; |
113 | 110 | } |
114 | 111 | |
115 | 112 | (*at) += n; |
116 | return g_strndup (buffer, len); | |
113 | return g_strdup (buffer); | |
117 | 114 | } |
118 | 115 | |
119 | 116 | static gboolean |
18 | 18 | #include "realm-disco-mscldap.h" |
19 | 19 | #include "realm-disco-rootdse.h" |
20 | 20 | #include "realm-ldap.h" |
21 | #include "realm-options.h" | |
21 | 22 | |
22 | 23 | #include <glib/gi18n.h> |
23 | 24 | |
24 | 25 | #include <resolv.h> |
25 | ||
26 | #define DOMAIN_NAME_VALID "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-." | |
27 | 26 | |
28 | 27 | typedef struct _Closure Closure; |
29 | 28 | |
91 | 90 | entry_get_attribute (LDAP *ldap, |
92 | 91 | LDAPMessage *entry, |
93 | 92 | const gchar *field, |
94 | const gchar *valid) | |
93 | gboolean domain_name) | |
95 | 94 | { |
96 | 95 | struct berval **bvs = NULL; |
97 | 96 | gchar *value = NULL; |
101 | 100 | |
102 | 101 | if (bvs && bvs[0]) { |
103 | 102 | value = g_strndup (bvs[0]->bv_val, bvs[0]->bv_len); |
104 | if (valid) { | |
105 | if (strspn (value, valid) != bvs[0]->bv_len) { | |
103 | if (domain_name) { | |
104 | if (!realm_options_check_domain_name (value)) { | |
106 | 105 | g_free (value); |
107 | 106 | g_message ("Invalid value in LDAP %s field", field); |
108 | 107 | value = NULL; |
154 | 153 | entry = ldap_first_entry (ldap, message); |
155 | 154 | |
156 | 155 | g_free (clo->disco->kerberos_realm); |
157 | clo->disco->kerberos_realm = entry_get_attribute (ldap, entry, "cn", DOMAIN_NAME_VALID); | |
156 | clo->disco->kerberos_realm = entry_get_attribute (ldap, entry, "cn", TRUE); | |
158 | 157 | |
159 | 158 | g_debug ("Found realm: %s", clo->disco->kerberos_realm); |
160 | 159 | |
210 | 209 | |
211 | 210 | /* What is the domain name? */ |
212 | 211 | g_free (clo->disco->domain_name); |
213 | clo->disco->domain_name = entry_get_attribute (ldap, entry, "associatedDomain", DOMAIN_NAME_VALID); | |
212 | clo->disco->domain_name = entry_get_attribute (ldap, entry, "associatedDomain", TRUE); | |
214 | 213 | |
215 | 214 | g_debug ("Got associatedDomain: %s", clo->disco->domain_name); |
216 | 215 | |
309 | 308 | entry = ldap_first_entry (ldap, message); |
310 | 309 | |
311 | 310 | /* Parse out the default naming context */ |
312 | clo->default_naming_context = entry_get_attribute (ldap, entry, "defaultNamingContext", NULL); | |
311 | clo->default_naming_context = entry_get_attribute (ldap, entry, "defaultNamingContext", FALSE); | |
313 | 312 | |
314 | 313 | g_debug ("Got defaultNamingContext: %s", clo->default_naming_context); |
315 | 314 |
16 | 16 | #include "realm-dbus-constants.h" |
17 | 17 | #include "realm-options.h" |
18 | 18 | #include "realm-settings.h" |
19 | ||
20 | #include <string.h> | |
19 | 21 | |
20 | 22 | gboolean |
21 | 23 | realm_options_automatic_install (void) |
127 | 129 | |
128 | 130 | return qualify; |
129 | 131 | } |
132 | ||
133 | gboolean | |
134 | realm_options_check_domain_name (const gchar *name) | |
135 | { | |
136 | /* | |
137 | * DNS Domain names are pretty liberal (internet domain names | |
138 | * are more restrictive) See RFC 2181 section 11 | |
139 | * | |
140 | * http://www.ietf.org/rfc/rfc2181.txt | |
141 | * | |
142 | * However we cannot consume names with whitespace and problematic | |
143 | * punctuation, due to the various programs that parse the | |
144 | * configuration files we set up. | |
145 | */ | |
146 | ||
147 | gsize i, len; | |
148 | static const gchar *invalid = "=[]:"; | |
149 | ||
150 | g_return_val_if_fail (name != NULL, FALSE); | |
151 | ||
152 | for (i = 0, len = strlen (name); i < len; i++) { | |
153 | if (name[i] <= ' ') | |
154 | return FALSE; | |
155 | if (strchr (invalid, name[i])) | |
156 | return FALSE; | |
157 | } | |
158 | ||
159 | return TRUE; | |
160 | } |
38 | 38 | |
39 | 39 | gboolean realm_options_qualify_names (const gchar *realm_name); |
40 | 40 | |
41 | gboolean realm_options_check_domain_name (const gchar *domain_name); | |
42 | ||
41 | 43 | G_END_DECLS |
42 | 44 | |
43 | 45 | #endif /* __REALM_OPTIONS_H__ */ |
23 | 23 | |
24 | 24 | #include <glib/gi18n.h> |
25 | 25 | |
26 | #define CALL_TIMEOUT (24 * 60 * 60 * 1000) | |
27 | ||
26 | 28 | static gboolean |
27 | 29 | packages_check_paths (const gchar **paths, |
28 | 30 | GDBusMethodInvocation *invocation) |
53 | 55 | for (i = 0; package_ids != NULL && package_ids[i] != NULL; i++) { |
54 | 56 | parts = g_strsplit (package_ids[i], ";", 2); |
55 | 57 | if (string->len) |
56 | g_string_append (string, ", "); | |
58 | g_string_append (string, " "); | |
57 | 59 | g_string_append (string, parts[0]); |
58 | 60 | g_strfreev (parts); |
59 | 61 | } |
225 | 227 | transaction->parameters, |
226 | 228 | G_VARIANT_TYPE ("()"), |
227 | 229 | G_DBUS_CALL_FLAGS_NO_AUTO_START, |
228 | -1, g_task_get_cancellable (task), | |
230 | CALL_TIMEOUT, g_task_get_cancellable (task), | |
229 | 231 | on_method_done, g_object_ref (task)); |
230 | 232 | } |
231 | 233 | |
275 | 277 | g_variant_new ("(^as)", hints), |
276 | 278 | G_VARIANT_TYPE ("()"), |
277 | 279 | G_DBUS_CALL_FLAGS_NO_AUTO_START, |
278 | -1, g_task_get_cancellable (task), | |
280 | CALL_TIMEOUT, g_task_get_cancellable (task), | |
279 | 281 | on_set_hints, g_object_ref (task)); |
280 | 282 | } |
281 | 283 | |
309 | 311 | g_variant_new ("()"), |
310 | 312 | G_VARIANT_TYPE ("(o)"), |
311 | 313 | G_DBUS_CALL_FLAGS_NONE, |
312 | -1, cancellable, | |
314 | CALL_TIMEOUT, cancellable, | |
313 | 315 | on_create_transaction, g_object_ref (task)); |
314 | 316 | } |
315 | 317 |
236 | 236 | return 1; |
237 | 237 | } |
238 | 238 | |
239 | g_printerr ("id mapping %d %d\n", args->automatic_id_mapping_set, args->automatic_id_mapping); | |
240 | 239 | options = realm_build_options (REALM_DBUS_OPTION_COMPUTER_OU, args->computer_ou, |
241 | 240 | REALM_DBUS_OPTION_MEMBERSHIP_SOFTWARE, args->membership_software, |
242 | 241 | REALM_DBUS_OPTION_USER_PRINCIPAL, args->user_principal, |