Imported Upstream version 0.9
Laurent Bigonville
11 years ago
0 | 0 | # Generate automatically. Do not edit. |
1 | ||
2 | commit a39fb7aa7289ba51c81a62f707c0c27c1de05038 | |
3 | Author: Stef Walter <stefw@gnome.org> | |
4 | Date: 2012-10-17 | |
5 | ||
6 | Release version 0.9 | |
7 | ||
8 | NEWS | 22 ++++++++++++++++++++++ | |
9 | configure.ac | 2 +- | |
10 | 2 files changed, 23 insertions(+), 1 deletion(-) | |
11 | ||
12 | commit 1ec56a3b93c52e03903a73e05432932515660f45 | |
13 | Author: Stef Walter <stefw@gnome.org> | |
14 | Date: 2012-10-17 | |
15 | ||
16 | Fix gcc warning about uninitialized use of varialbe | |
17 | ||
18 | tools/realm-client.c | 2 +- | |
19 | 1 file changed, 1 insertion(+), 1 deletion(-) | |
20 | ||
21 | commit ba87f3846b5d072887afb5e6c1f915303a961215 | |
22 | Author: Stef Walter <stefw@gnome.org> | |
23 | Date: 2012-10-17 | |
24 | ||
25 | Distribute documentation files properly. | |
26 | ||
27 | doc/Makefile.am | 1 + | |
28 | 1 file changed, 1 insertion(+) | |
29 | ||
30 | commit 0cae3140956b9c4901c9cfa9902514661cb68057 | |
31 | Author: Stef Walter <stefw@gnome.org> | |
32 | Date: 2012-10-17 | |
33 | ||
34 | Install realm command to sbin, and move manpage to 8 category | |
35 | ||
36 | https://bugs.freedesktop.org/show_bug.cgi?id=56094 | |
37 | ||
38 | .gitignore | 2 +- | |
39 | doc/Makefile.am | 6 +++--- | |
40 | doc/realm.xml | 2 +- | |
41 | tools/Makefile.am | 2 +- | |
42 | 4 files changed, 6 insertions(+), 6 deletions(-) | |
43 | ||
44 | commit 294dca367eb143b9c19c5f7f9d3649ad78fdacfa | |
45 | Author: Marius Vollmer <marius.vollmer@redhat.com> | |
46 | Date: 2012-10-17 | |
47 | ||
48 | Fix assertion with discovery caching. | |
49 | ||
50 | * When discovery occurs multiple times for same client and | |
51 | operation within a short period of time we cache the results. | |
52 | * However when returning the cache results we get an assertion. | |
53 | ||
54 | https://bugs.freedesktop.org/show_bug.cgi?id=56082 | |
55 | ||
56 | service/realm-kerberos-discover.c | 17 +++++++++++------ | |
57 | 1 file changed, 11 insertions(+), 6 deletions(-) | |
58 | ||
59 | commit 6e72f2b9d59d892e1f5350fe5d218aec8bed36c3 | |
60 | Author: Stef Walter <stefw@gnome.org> | |
61 | Date: 2012-10-17 | |
62 | ||
63 | Remove extra blank line when removing section from ini config | |
64 | ||
65 | When we add and remove sections from the sssd.conf we need to | |
66 | remove one extra line above the section header, because that | |
67 | was added when adding the section. | |
68 | ||
69 | https://bugs.freedesktop.org/show_bug.cgi?id=56067 | |
70 | ||
71 | service/realm-ini-config.c | 21 +++++++++++++++++++++ | |
72 | tests/test-sssd-config.c | 32 ++++++++++++++++++++++++++++++++ | |
73 | 2 files changed, 53 insertions(+) | |
74 | ||
75 | commit de449ef42274a87ea96cc2415a95aad6d77ca3a1 | |
76 | Author: Stef Walter <stefw@gnome.org> | |
77 | Date: 2012-10-17 | |
78 | ||
79 | Move the home/shell into [users] section of realmd settings | |
80 | ||
81 | * This makes sense because for sssd, shell applies to all users | |
82 | * In addition fix the tests that were broken recently when we | |
83 | placed the shell stuff in the [nss] section. | |
84 | ||
85 | https://bugs.freedesktop.org/show_bug.cgi?id=56066 | |
86 | ||
87 | doc/realmd-guide-configuring.xml | 21 +++++++++++++++------ | |
88 | service/realm-samba.c | 4 ++-- | |
89 | service/realm-sssd-ad.c | 2 +- | |
90 | service/realm-sssd-config.c | 2 +- | |
91 | service/realmd-defaults.conf | 7 +++---- | |
92 | tests/files/realmd-defaults.conf | 6 +++++- | |
93 | tests/test-sssd-config.c | 4 ++-- | |
94 | 7 files changed, 29 insertions(+), 17 deletions(-) | |
95 | ||
96 | commit 3e5369e57789cc58ca9dc56254244e60466027a9 | |
97 | Author: Stef Walter <stefw@gnome.org> | |
98 | Date: 2012-10-17 | |
99 | ||
100 | Allow --verbose to work with 'realm permit --all' | |
101 | ||
102 | * Make diagnostic output work with 'realm permit --all' and | |
103 | 'realm deny --all' | |
104 | ||
105 | https://bugs.freedesktop.org/show_bug.cgi?id=56064 | |
106 | ||
107 | tools/realm-logins.c | 19 +++++++++++++++---- | |
108 | 1 file changed, 15 insertions(+), 4 deletions(-) | |
109 | ||
110 | commit 337cc688a782094c2c3e36a04b11adac9160b39d | |
111 | Author: Stef Walter <stefw@gnome.org> | |
112 | Date: 2012-10-17 | |
113 | ||
114 | Make sure we only work with configured realms for login policy | |
115 | ||
116 | https://bugs.freedesktop.org/show_bug.cgi?id=56063 | |
117 | ||
118 | tools/realm-logins.c | 17 ++++++++++++++--- | |
119 | 1 file changed, 14 insertions(+), 3 deletions(-) | |
120 | ||
121 | commit 6914e7aa9fb046577ea182dfc9abe2396ac76845 | |
122 | Author: Stef Walter <stefw@gnome.org> | |
123 | Date: 2012-10-17 | |
124 | ||
125 | Remove unnecessary check when setting login policy | |
126 | ||
127 | service/realm-sssd.c | 31 ++++++++++++++----------------- | |
128 | 1 file changed, 14 insertions(+), 17 deletions(-) | |
129 | ||
130 | commit 8dff6aa93a37eb996ffd462d4de8db3cd20ce940 | |
131 | Author: Stef Walter <stefw@gnome.org> | |
132 | Date: 2012-10-17 | |
133 | ||
134 | Set the simple_allow_users to a comma by default for AD realms | |
135 | ||
136 | * When creating a new AD sssd realm we want to be in the | |
137 | allow-permitted-logins login policy by default. | |
138 | * In order to do this we need to set simple_allow_users to a | |
139 | comma in order to work around an sssd bug. Otherwise all | |
140 | users are allowed, not just those explicitly permitted. | |
141 | ||
142 | https://bugs.freedesktop.org/show_bug.cgi?id=56062 | |
143 | ||
144 | service/realm-sssd-ad.c | 1 + | |
145 | 1 file changed, 1 insertion(+) | |
146 | ||
147 | commit 142b810261bb72034e7e467463c202c1a32d0958 | |
148 | Author: Stef Walter <stefw@gnome.org> | |
149 | Date: 2012-10-17 | |
150 | ||
151 | Cleanup setting of empty ',' simple_allow_users | |
152 | ||
153 | We were setting simple_allow_users previously to ',' to work around | |
154 | a bug in sssd. But we don't need to do this when access_provider | |
155 | is permit or deny. | |
156 | ||
157 | https://bugs.freedesktop.org/show_bug.cgi?id=56061 | |
158 | ||
159 | service/realm-sssd.c | 23 ++++++++++++++++++----- | |
160 | 1 file changed, 18 insertions(+), 5 deletions(-) | |
161 | ||
162 | commit a499898ae806938601cccf8dbb45d549181bf80b | |
163 | Author: Stef Walter <stefw@gnome.org> | |
164 | Date: 2012-10-17 | |
165 | ||
166 | Update realm properties after changing login policy | |
167 | ||
168 | https://bugs.freedesktop.org/show_bug.cgi?id=56060 | |
169 | ||
170 | service/realm-sssd.c | 6 ++++++ | |
171 | 1 file changed, 6 insertions(+) | |
172 | ||
173 | commit 64a102cefee0873cf28ba97881409a15a7347414 | |
174 | Author: Stef Walter <stefw@gnome.org> | |
175 | Date: 2012-10-17 | |
176 | ||
177 | Use the correct DBus string for deny login policy | |
178 | ||
179 | https://bugs.freedesktop.org/show_bug.cgi?id=56059 | |
180 | ||
181 | service/realm-kerberos.c | 2 +- | |
182 | 1 file changed, 1 insertion(+), 1 deletion(-) | |
183 | ||
184 | commit 830376ba11dc95c4a2f2f05e5a85cb7e00173591 | |
185 | Author: Stef Walter <stefw@gnome.org> | |
186 | Date: 2012-10-17 | |
187 | ||
188 | Make sure we can read values out from ini config before writing | |
189 | ||
190 | service/realm-ini-config.c | 1 + | |
191 | tests/test-ini-config.c | 17 +++++++++++++++++ | |
192 | 2 files changed, 18 insertions(+) | |
193 | ||
194 | commit 73717f46b1e9f069894e0359b581901c77a806f0 | |
195 | Author: Stef Walter <stefw@gnome.org> | |
196 | Date: 2012-10-16 | |
197 | ||
198 | Use sss_cache to clear the sssd caches when removing a domain | |
199 | ||
200 | * We do this so libnss_sss.so stops answering with responses from | |
201 | the cache, which can be confusing and wrong. | |
202 | * Also move the code for removing an sssd domain into the base | |
203 | RealmSssd class so that the IPA code can use it. | |
204 | * Call sss_cache before removing the domain from sssd.conf. This | |
205 | is unfortunate as it can allow a race condition. | |
206 | * No longer remove libnss_sss from nssswitch.conf. libc caches the | |
207 | contents of nsswitch.conf and the modules, so removing stuff there | |
208 | is of dubious value. | |
209 | ||
210 | https://bugs.freedesktop.org/show_bug.cgi?id=56047 | |
211 | ||
212 | service/realm-sssd-ad.c | 127 +++----------------------------------- | |
213 | service/realm-sssd.c | 149 +++++++++++++++++++++++++++++++++++++++++++++ | |
214 | service/realm-sssd.h | 4 ++ | |
215 | service/realmd-redhat.conf | 4 +- | |
216 | 4 files changed, 165 insertions(+), 119 deletions(-) | |
217 | ||
218 | commit 0c5d673db8aa0d7f0a03d3db871dcba194ad48ca | |
219 | Author: Stef Walter <stefw@gnome.org> | |
220 | Date: 2012-10-16 | |
221 | ||
222 | Make 'realm discover' only print out one realm per domain | |
223 | ||
224 | * Check if we've already seen a domain in the discovery and don't | |
225 | print out multiples of the same domain, unless --all is used. | |
226 | ||
227 | https://bugs.freedesktop.org/show_bug.cgi?id=56034 | |
228 | ||
229 | tools/realm-discover.c | 22 +++++++++++++++++----- | |
230 | 1 file changed, 17 insertions(+), 5 deletions(-) | |
231 | ||
232 | commit 7af1f9f91cd4603d71c76e3aac58f7d226b8828b | |
233 | Author: Stef Walter <stefw@gnome.org> | |
234 | Date: 2012-10-16 | |
235 | ||
236 | Only list configured realms in 'realm list' by default | |
237 | ||
238 | * Can now specify --all to show other realms that realmd | |
239 | knows about but which are not configured. | |
240 | ||
241 | https://bugs.freedesktop.org/show_bug.cgi?id=56033 | |
242 | ||
243 | tools/realm-discover.c | 21 ++++++++++++++++----- | |
244 | 1 file changed, 16 insertions(+), 5 deletions(-) | |
245 | ||
246 | commit a91b9ebdaca3771d5b4f05b3698ed37a634d4e79 | |
247 | Author: Stef Walter <stefw@gnome.org> | |
248 | Date: 2012-10-16 | |
249 | ||
250 | Work around the strange behavior of the sssd 'simple' access_provider | |
251 | ||
252 | When a realm is in the allow-permitted-logins mode, but no such | |
253 | logins have been set, the simple_allow_users is empty. sssd treats | |
254 | this as if the line is not present, and allows any login. | |
255 | ||
256 | Setting the value to a comma gets around this problem. Further discussion | |
257 | will take place on the sssd mailing list. | |
258 | ||
259 | https://bugs.freedesktop.org/show_bug.cgi?id=56027 | |
260 | ||
261 | service/realm-sssd.c | 14 ++++++++++++++ | |
262 | 1 file changed, 14 insertions(+) | |
263 | ||
264 | commit 41fb5b07e7f38cff52c6f850346785d98888a9de | |
265 | Author: Stef Walter <stefw@gnome.org> | |
266 | Date: 2012-10-16 | |
267 | ||
268 | Support offline logins with sssd | |
269 | ||
270 | * Just needed to set cache_credentials = True | |
271 | ||
272 | https://bugs.freedesktop.org/show_bug.cgi?id=56024 | |
273 | ||
274 | service/realm-sssd-ad.c | 2 +- | |
275 | 1 file changed, 1 insertion(+), 1 deletion(-) | |
276 | ||
277 | commit 2d4b26831e9a17105d2ddeeda7884c9425c1fbd7 | |
278 | Author: Stef Walter <stefw@gnome.org> | |
279 | Date: 2012-10-15 | |
280 | ||
281 | Add support for the realm tool for leave without removal | |
282 | ||
283 | * Make the default 'realm leave' behavior be to deconfigure the | |
284 | local machine without removing stuff from the directory. | |
285 | * Add a --remove option to use the old behavior | |
286 | ||
287 | https://bugs.freedesktop.org/show_bug.cgi?id=56021 | |
288 | ||
289 | doc/realm.xml | 8 ++++- | |
290 | tools/realm-leave.c | 91 ++++++++++++++++++++++++++++++++++++++++++----------- | |
291 | 2 files changed, 80 insertions(+), 19 deletions(-) | |
292 | ||
293 | commit 0bf9364c07793d49e3324f9698d74dab5f8594c3 | |
294 | Author: Stef Walter <stefw@gnome.org> | |
295 | Date: 2012-10-15 | |
296 | ||
297 | Add support for Deconfigure(), or automatic leaving of a realm | |
298 | ||
299 | * This just removes entries from a keytab and deconfigures, restarts | |
300 | services etc. | |
301 | * Cleanup the unenroll/leave/deconfigure code a bit in the process | |
302 | ||
303 | https://bugs.freedesktop.org/show_bug.cgi?id=56021 | |
304 | ||
305 | service/realm-kerberos.c | 76 +++++++++++++ | |
306 | service/realm-kerberos.h | 3 + | |
307 | service/realm-samba-enroll.c | 72 ++++--------- | |
308 | service/realm-samba.c | 196 ++++++++++++++++++++++------------ | |
309 | service/realm-sssd-ad.c | 246 +++++++++++++++++++++++++++++-------------- | |
310 | 5 files changed, 393 insertions(+), 200 deletions(-) | |
311 | ||
312 | commit c7d4fa5acd727448702aabf15b17fc5c8653b8ab | |
313 | Author: Stef Walter <stefw@gnome.org> | |
314 | Date: 2012-10-15 | |
315 | ||
316 | Put check for computer-ou option during Leave() in subclass | |
317 | ||
318 | * This is so it doesn't have to be reimplemented by each realm | |
319 | derived class. | |
320 | * A later commit will remove it from the derived classes. | |
321 | ||
322 | https://bugs.freedesktop.org/show_bug.cgi?id=56021 | |
323 | ||
324 | service/realm-kerberos.c | 7 +++++++ | |
325 | 1 file changed, 7 insertions(+) | |
326 | ||
327 | commit f295231c12c45f40f5f4edb855f33364646645af | |
328 | Author: Stef Walter <stefw@gnome.org> | |
329 | Date: 2012-10-15 | |
330 | ||
331 | Refactor how kerberos errors are propagated and warned | |
332 | ||
333 | * Certain local kerberos errors are unexpected, so cleanup how they're | |
334 | transformed to warnings. | |
335 | * Rework how we propagate real kerberos errors, taking into account | |
336 | later commits. | |
337 | ||
338 | https://bugs.freedesktop.org/show_bug.cgi?id=56021 | |
339 | ||
340 | service/realm-kerberos.c | 62 +++++++++++++++++++++++++++++------------------- | |
341 | 1 file changed, 38 insertions(+), 24 deletions(-) | |
342 | ||
343 | commit 0e00612ae7c8c28e4ee0a8564db4eee36f72a28a | |
344 | Author: Stef Walter <stefw@gnome.org> | |
345 | Date: 2012-10-15 | |
346 | ||
347 | Set 'kerberos method' setting in smb.conf correctly | |
348 | ||
349 | * This is needed to use the 'net ads keytab' functionality | |
350 | * Fixes a warning | |
351 | ||
352 | https://bugs.freedesktop.org/show_bug.cgi?id=56005 | |
353 | ||
354 | service/realm-samba-enroll.c | 33 +++++++++++++++++++++++++++++++-- | |
355 | 1 file changed, 31 insertions(+), 2 deletions(-) | |
356 | ||
357 | commit 0f1f6aa1c22ae579ea1f04e0d3d005f4ff64e34c | |
358 | Author: Stef Walter <stefw@gnome.org> | |
359 | Date: 2012-10-15 | |
360 | ||
361 | Work around for problem with running authconfig without /sbin in path | |
362 | ||
363 | https://bugs.freedesktop.org/show_bug.cgi?id=56004 | |
364 | ||
365 | service/realm-daemon.c | 11 +++++++++++ | |
366 | 1 file changed, 11 insertions(+) | |
367 | ||
368 | commit b982f1f3435795b6d6f8c4dff9a36b88cb782d85 | |
369 | Author: Stef Walter <stefw@gnome.org> | |
370 | Date: 2012-10-15 | |
371 | ||
372 | Use --enablemkhomedir with authconfig to auto create home directories | |
373 | ||
374 | https://bugs.freedesktop.org/show_bug.cgi?id=56002 | |
375 | ||
376 | service/realmd-redhat.conf | 4 ++-- | |
377 | 1 file changed, 2 insertions(+), 2 deletions(-) | |
378 | ||
379 | commit c9814c18bdd6d5b6f0a3678b5e5dfaf072f9f3c9 | |
380 | Author: Stef Walter <stefw@gnome.org> | |
381 | Date: 2012-10-15 | |
382 | ||
383 | Allow specifying client-software and server-software when leaving realm | |
384 | ||
385 | https://bugs.freedesktop.org/show_bug.cgi?id=56001 | |
386 | ||
387 | doc/realm.xml | 14 +++++++++++++ | |
388 | tools/realm-leave.c | 57 +++++++++++++++++++++++++++++++++++++++++++++++------ | |
389 | 2 files changed, 65 insertions(+), 6 deletions(-) | |
390 | ||
391 | commit 55fd0e6be201a1830a06ccabde1798b3250efd07 | |
392 | Author: Stef Walter <stefw@gnome.org> | |
393 | Date: 2012-10-15 | |
394 | ||
395 | Combine the SssdAd and SssdIpa providers | |
396 | ||
397 | * Now that discovery is combined, we can do discovery for all SSSD | |
398 | supported domains together. | |
399 | * Instantiate the various realms from /etc/sssd/sssd.conf as appropriate | |
400 | for the id_provider type. | |
401 | ||
402 | https://bugs.freedesktop.org/show_bug.cgi?id=55999 | |
403 | ||
404 | service/Makefile.am | 3 +- | |
405 | service/realm-daemon.c | 10 +- | |
406 | service/realm-sssd-ad-provider.c | 228 --------------------------------- | |
407 | service/realm-sssd-ad-provider.h | 38 ------ | |
408 | service/realm-sssd-ipa-provider.c | 227 --------------------------------- | |
409 | service/realm-sssd-ipa-provider.h | 38 ------ | |
410 | service/realm-sssd-provider.c | 259 ++++++++++++++++++++++++++++++++++++++ | |
411 | service/realm-sssd-provider.h | 38 ++++++ | |
412 | 8 files changed, 300 insertions(+), 541 deletions(-) | |
413 | ||
414 | commit 8b9402c92feeea19d0a3e09d1c6576aba255f75c | |
415 | Author: Stef Walter <stefw@gnome.org> | |
416 | Date: 2012-10-13 | |
417 | ||
418 | Fill in the default shell and home directory for SSSD | |
419 | ||
420 | * This is for AD where no home directory or shell is set on the server | |
421 | * The default shell goes in the [nss] section | |
422 | ||
423 | https://bugs.freedesktop.org/show_bug.cgi?id=55957 | |
424 | ||
425 | doc/realmd-guide-configuring.xml | 63 ++++++++++++++++++++++++++++++++++++++++ | |
426 | service/realm-samba.c | 3 ++ | |
427 | service/realm-sssd-ad.c | 6 ++++ | |
428 | service/realm-sssd-config.c | 9 ++++++ | |
429 | service/realm-sssd.c | 20 +++++++++++++ | |
430 | service/realm-sssd.h | 2 ++ | |
431 | service/realmd-defaults.conf | 2 ++ | |
432 | 7 files changed, 105 insertions(+) | |
433 | ||
434 | commit a6f494b74b81aeed20047a86a79d5cfa7d12cefb | |
435 | Author: Stef Walter <stefw@gnome.org> | |
436 | Date: 2012-10-06 | |
437 | ||
438 | Try to restart the accounts-daemon after joining/leaving | |
439 | ||
440 | * This is because accounts-daemon uses getpwnam() which caches the | |
441 | /etc/nsswitch.conf module list. As an interim we need to be able | |
442 | to restart the process. | |
443 | ||
444 | * Long term solution: http://sourceware.org/bugzilla/show_bug.cgi?id=12459 | |
445 | ||
446 | https://bugs.freedesktop.org/show_bug.cgi?id=55704 | |
447 | ||
448 | service/realm-kerberos.c | 33 ++++++++++++++++++++++++++++++--- | |
449 | service/realmd-redhat.conf | 2 ++ | |
450 | 2 files changed, 32 insertions(+), 3 deletions(-) | |
451 | ||
452 | commit 31c305fd88d76b7e3680038b3d539d5f1f8f5524 | |
453 | Author: Stef Walter <stefw@gnome.org> | |
454 | Date: 2012-10-02 | |
455 | ||
456 | Clearer message when automatic join fails | |
457 | ||
458 | https://bugs.freedesktop.org/show_bug.cgi?id=55530 | |
459 | ||
460 | service/realm-sssd-ad.c | 13 +++++++++++-- | |
461 | 1 file changed, 11 insertions(+), 2 deletions(-) | |
462 | ||
463 | commit 04c4a6be48bc10e536e0cc282d8ecaa4d95738c5 | |
464 | Author: Stef Walter <stefw@gnome.org> | |
465 | Date: 2012-10-02 | |
466 | ||
467 | Use lower case realm names. | |
468 | ||
469 | * Don't use kerberos realm names as the realmd realm names. ETERM | |
470 | * Make sure to continue to provide the correct kerberos realm names | |
471 | on the ofr.Kerberos interface. | |
472 | ||
473 | https://bugs.freedesktop.org/show_bug.cgi?id=55389 | |
474 | ||
475 | service/realm-kerberos-discover.c | 5 ++++- | |
476 | service/realm-samba-provider.c | 11 +++++++---- | |
477 | service/realm-sssd.c | 2 +- | |
478 | 3 files changed, 12 insertions(+), 6 deletions(-) | |
479 | ||
480 | commit 909c99175bbdf1730861da6ee4994e0b4313b17c | |
481 | Author: Stef Walter <stefw@gnome.org> | |
482 | Date: 2012-10-02 | |
483 | ||
484 | Don't track permitted logins in samba winbind realms | |
485 | ||
486 | * We were just tracking these in name only, and not enforcing | |
487 | things anyway. | |
488 | * We allow permitted logins to be added, as long as the login | |
489 | policy is not changed to only allow permitted logins to log in. | |
490 | * This removes a warning when we added an unsupported line to | |
491 | smb.conf | |
492 | ||
493 | https://bugs.freedesktop.org/show_bug.cgi?id=55549 | |
494 | ||
495 | service/realm-samba.c | 47 ++++++++++++++++++++++------------------------- | |
496 | 1 file changed, 22 insertions(+), 25 deletions(-) | |
497 | ||
498 | commit d745d77c036355eb2e11ec38af6a2e41e2b8f41f | |
499 | Author: Stef Walter <stefw@gnome.org> | |
500 | Date: 2012-09-30 | |
501 | ||
502 | Fix search for LDAP libraries. Make it a hard requirement | |
503 | ||
504 | configure.ac | 13 ++++++++----- | |
505 | 1 file changed, 8 insertions(+), 5 deletions(-) | |
506 | ||
507 | commit 8ebe72464f463b6c89be1345b3b824698a42f787 | |
508 | Author: Stef Walter <stefw@gnome.org> | |
509 | Date: 2012-09-28 | |
510 | ||
511 | Add Administrative Guide to the documentation | |
512 | ||
513 | doc/Makefile.am | 9 +- | |
514 | doc/html.css | 11 ++ | |
515 | doc/realmd-docs.sgml | 53 ++++++--- | |
516 | doc/realmd-guide-active-directory.xml | 208 ++++++++++++++++++++++++++++++++++ | |
517 | doc/realmd-guide-configuring.xml | 128 +++++++++++++++++++++ | |
518 | doc/realmd-guide-freeipa.xml | 62 ++++++++++ | |
519 | doc/realmd-guide-kerberos.xml | 50 ++++++++ | |
520 | 7 files changed, 502 insertions(+), 19 deletions(-) | |
521 | ||
522 | commit c909edc1b1060fa78feb9c335d2d2e420dbcb424 | |
523 | Author: Stef Walter <stefw@gnome.org> | |
524 | Date: 2012-09-26 | |
525 | ||
526 | Commit the appropriate xml file for the realm manual | |
527 | ||
528 | ... and remove the compiled manual page that was accidentally | |
529 | committed. | |
530 | ||
531 | .gitignore | 2 +- | |
532 | doc/realm.1 | 332 ---------------------------------------------------------- | |
533 | doc/realm.xml | 332 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ | |
534 | 3 files changed, 333 insertions(+), 333 deletions(-) | |
535 | ||
536 | commit 7f8c4b853f9e2d414f8e0fe1870bf386937dfd7a | |
537 | Author: Stef Walter <stefw@gnome.org> | |
538 | Date: 2012-09-25 | |
539 | ||
540 | Use commands to manage services | |
541 | ||
542 | * Rather than interacting with systemd and upstart via dbus | |
543 | * The upstart support was poor anyway. | |
544 | * This allows more compatibility with various distros | |
545 | * Less code. | |
546 | ||
547 | https://bugs.freedesktop.org/show_bug.cgi?id=55319 | |
548 | ||
549 | service/Makefile.am | 2 - | |
550 | service/realm-samba-winbind.c | 4 +- | |
551 | service/realm-service-systemd.c | 305 ------------------------- | |
552 | service/realm-service-systemd.h | 41 ---- | |
553 | service/realm-service-upstart.c | 362 ------------------------------ | |
554 | service/realm-service-upstart.h | 41 ---- | |
555 | service/realm-service.c | 476 +++++++--------------------------------- | |
556 | service/realm-service.h | 88 +------- | |
557 | service/realmd-debian.conf | 20 +- | |
558 | service/realmd-defaults.conf | 4 - | |
559 | service/realmd-redhat.conf | 9 + | |
560 | 11 files changed, 110 insertions(+), 1242 deletions(-) | |
561 | ||
562 | commit cf4e7543c8eadf61b611668d7bb60ba2ec6b496b | |
563 | Author: Stef Walter <stefw@gnome.org> | |
564 | Date: 2012-09-25 | |
565 | ||
566 | Quiet down the command logging output | |
567 | ||
568 | service/realm-command.c | 7 ++++++- | |
569 | 1 file changed, 6 insertions(+), 1 deletion(-) | |
570 | ||
571 | commit 6b701df3bc89b94715d8c01d4bab2e203d4f12bd | |
572 | Author: Stef Walter <stefw@gnome.org> | |
573 | Date: 2012-09-21 | |
574 | ||
575 | Add a manual page for the realm command | |
576 | ||
577 | https://bugs.freedesktop.org/show_bug.cgi?id=54491 | |
578 | ||
579 | .gitignore | 1 + | |
580 | configure.ac | 5 + | |
581 | doc/Makefile.am | 25 +++- | |
582 | doc/realm.1 | 332 +++++++++++++++++++++++++++++++++++++++++++++++++++ | |
583 | doc/realmd-docs.sgml | 4 + | |
584 | 5 files changed, 365 insertions(+), 2 deletions(-) | |
585 | ||
586 | commit d8fad1d7bcf6ab0969abee1284fedf80c4bf4079 | |
587 | Author: Stef Walter <stefw@gnome.org> | |
588 | Date: 2012-09-19 | |
589 | ||
590 | Release version 0.8.1 | |
591 | ||
592 | NEWS | 3 +++ | |
593 | configure.ac | 2 +- | |
594 | 2 files changed, 4 insertions(+), 1 deletion(-) | |
595 | ||
596 | commit 6459665dd1cd2714432173ea2eaeeae5dd6d3894 | |
597 | Author: Stef Walter <stefw@gnome.org> | |
598 | Date: 2012-09-19 | |
599 | ||
600 | Distribute debian settings file correctly | |
601 | ||
602 | service/Makefile.am | 4 +++- | |
603 | 1 file changed, 3 insertions(+), 1 deletion(-) | |
1 | 604 | |
2 | 605 | commit 297d1b67119d68ce798067b35ca83ec0e1521f1c |
3 | 606 | Author: Stef Walter <stefw@gnome.org> |
49 | 49 | DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \ |
50 | 50 | $(srcdir)/Makefile.in $(srcdir)/config.h.in \ |
51 | 51 | $(top_srcdir)/Makefile.decl $(top_srcdir)/configure AUTHORS \ |
52 | COPYING ChangeLog INSTALL NEWS compile depcomp install-sh \ | |
53 | missing | |
52 | COPYING ChangeLog INSTALL NEWS compile config.guess depcomp \ | |
53 | install-sh missing | |
54 | 54 | subdir = . |
55 | 55 | ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 |
56 | 56 | am__aclocal_m4_deps = $(top_srcdir)/build/m4/gtk-doc.m4 \ |
243 | 243 | USE_NLS = @USE_NLS@ |
244 | 244 | VERSION = @VERSION@ |
245 | 245 | XGETTEXT = @XGETTEXT@ |
246 | XSLTPROC = @XSLTPROC@ | |
246 | 247 | abs_builddir = @abs_builddir@ |
247 | 248 | abs_srcdir = @abs_srcdir@ |
248 | 249 | abs_top_builddir = @abs_top_builddir@ |
0 | 0.9 | |
1 | * Add support for deconfiguring a realm without removing computer account | |
2 | * Cleanup the krb5.keytab from realmd itself, rather than relying on samba | |
3 | * Fix problems running authconfig from a system service | |
4 | * Automatically create home directories for logged in accounts on Fedora and RHEL | |
5 | * Setup a default shell and home directory for AD users coming via sssd | |
6 | * Restart the accouts-daemon after joining a domain | |
7 | * Use lower case realm names | |
8 | * Enable offline logins with sssd | |
9 | * Make sure the allow-permitted-logins policy works with sssd even when | |
10 | no permitted logins specified | |
11 | * Use systemctl and service commands to manage services rather than DBus | |
12 | * Move the realm command to /usr/sbin | |
13 | * Make --verbose work with 'realm permit -all' and 'realm deny --all' | |
14 | * Make sure realm permit/deny only work with configured realms | |
15 | * Work around sssd simple access provider issues | |
16 | * Use sss_cache to clear caches when removing a domain | |
17 | * Make 'realm discover' only print out realm line per domain by default | |
18 | * Only list configured realms in 'realm list' by default | |
19 | * Bug fixes | |
20 | * Documentation | |
21 | ||
22 | 0.8.1 | |
23 | * Distribute debian settings file correctly | |
24 | ||
0 | 25 | 0.8 |
1 | 26 | * Cleaner, faster and robuster IPA discovery |
2 | 27 | * Don't refret the PackageKit cache when installing |
181 | 181 | USE_NLS = @USE_NLS@ |
182 | 182 | VERSION = @VERSION@ |
183 | 183 | XGETTEXT = @XGETTEXT@ |
184 | XSLTPROC = @XSLTPROC@ | |
184 | 185 | abs_builddir = @abs_builddir@ |
185 | 186 | abs_srcdir = @abs_srcdir@ |
186 | 187 | abs_top_builddir = @abs_top_builddir@ |
0 | #! /bin/sh | |
1 | # Attempt to guess a canonical system name. | |
2 | # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, | |
3 | # 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, | |
4 | # 2011, 2012 Free Software Foundation, Inc. | |
5 | ||
6 | timestamp='2012-06-10' | |
7 | ||
8 | # This file is free software; you can redistribute it and/or modify it | |
9 | # under the terms of the GNU General Public License as published by | |
10 | # the Free Software Foundation; either version 2 of the License, or | |
11 | # (at your option) any later version. | |
12 | # | |
13 | # This program is distributed in the hope that it will be useful, but | |
14 | # WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
16 | # General Public License for more details. | |
17 | # | |
18 | # You should have received a copy of the GNU General Public License | |
19 | # along with this program; if not, see <http://www.gnu.org/licenses/>. | |
20 | # | |
21 | # As a special exception to the GNU General Public License, if you | |
22 | # distribute this file as part of a program that contains a | |
23 | # configuration script generated by Autoconf, you may include it under | |
24 | # the same distribution terms that you use for the rest of that program. | |
25 | ||
26 | ||
27 | # Originally written by Per Bothner. Please send patches (context | |
28 | # diff format) to <config-patches@gnu.org> and include a ChangeLog | |
29 | # entry. | |
30 | # | |
31 | # This script attempts to guess a canonical system name similar to | |
32 | # config.sub. If it succeeds, it prints the system name on stdout, and | |
33 | # exits with 0. Otherwise, it exits with 1. | |
34 | # | |
35 | # You can get the latest version of this script from: | |
36 | # http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD | |
37 | ||
38 | me=`echo "$0" | sed -e 's,.*/,,'` | |
39 | ||
40 | usage="\ | |
41 | Usage: $0 [OPTION] | |
42 | ||
43 | Output the configuration name of the system \`$me' is run on. | |
44 | ||
45 | Operation modes: | |
46 | -h, --help print this help, then exit | |
47 | -t, --time-stamp print date of last modification, then exit | |
48 | -v, --version print version number, then exit | |
49 | ||
50 | Report bugs and patches to <config-patches@gnu.org>." | |
51 | ||
52 | version="\ | |
53 | GNU config.guess ($timestamp) | |
54 | ||
55 | Originally written by Per Bothner. | |
56 | Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, | |
57 | 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 | |
58 | Free Software Foundation, Inc. | |
59 | ||
60 | This is free software; see the source for copying conditions. There is NO | |
61 | warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." | |
62 | ||
63 | help=" | |
64 | Try \`$me --help' for more information." | |
65 | ||
66 | # Parse command line | |
67 | while test $# -gt 0 ; do | |
68 | case $1 in | |
69 | --time-stamp | --time* | -t ) | |
70 | echo "$timestamp" ; exit ;; | |
71 | --version | -v ) | |
72 | echo "$version" ; exit ;; | |
73 | --help | --h* | -h ) | |
74 | echo "$usage"; exit ;; | |
75 | -- ) # Stop option processing | |
76 | shift; break ;; | |
77 | - ) # Use stdin as input. | |
78 | break ;; | |
79 | -* ) | |
80 | echo "$me: invalid option $1$help" >&2 | |
81 | exit 1 ;; | |
82 | * ) | |
83 | break ;; | |
84 | esac | |
85 | done | |
86 | ||
87 | if test $# != 0; then | |
88 | echo "$me: too many arguments$help" >&2 | |
89 | exit 1 | |
90 | fi | |
91 | ||
92 | trap 'exit 1' 1 2 15 | |
93 | ||
94 | # CC_FOR_BUILD -- compiler used by this script. Note that the use of a | |
95 | # compiler to aid in system detection is discouraged as it requires | |
96 | # temporary files to be created and, as you can see below, it is a | |
97 | # headache to deal with in a portable fashion. | |
98 | ||
99 | # Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still | |
100 | # use `HOST_CC' if defined, but it is deprecated. | |
101 | ||
102 | # Portable tmp directory creation inspired by the Autoconf team. | |
103 | ||
104 | set_cc_for_build=' | |
105 | trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; | |
106 | trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; | |
107 | : ${TMPDIR=/tmp} ; | |
108 | { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || | |
109 | { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || | |
110 | { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || | |
111 | { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; | |
112 | dummy=$tmp/dummy ; | |
113 | tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; | |
114 | case $CC_FOR_BUILD,$HOST_CC,$CC in | |
115 | ,,) echo "int x;" > $dummy.c ; | |
116 | for c in cc gcc c89 c99 ; do | |
117 | if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then | |
118 | CC_FOR_BUILD="$c"; break ; | |
119 | fi ; | |
120 | done ; | |
121 | if test x"$CC_FOR_BUILD" = x ; then | |
122 | CC_FOR_BUILD=no_compiler_found ; | |
123 | fi | |
124 | ;; | |
125 | ,,*) CC_FOR_BUILD=$CC ;; | |
126 | ,*,*) CC_FOR_BUILD=$HOST_CC ;; | |
127 | esac ; set_cc_for_build= ;' | |
128 | ||
129 | # This is needed to find uname on a Pyramid OSx when run in the BSD universe. | |
130 | # (ghazi@noc.rutgers.edu 1994-08-24) | |
131 | if (test -f /.attbin/uname) >/dev/null 2>&1 ; then | |
132 | PATH=$PATH:/.attbin ; export PATH | |
133 | fi | |
134 | ||
135 | UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown | |
136 | UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown | |
137 | UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown | |
138 | UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown | |
139 | ||
140 | # Note: order is significant - the case branches are not exclusive. | |
141 | ||
142 | case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in | |
143 | *:NetBSD:*:*) | |
144 | # NetBSD (nbsd) targets should (where applicable) match one or | |
145 | # more of the tuples: *-*-netbsdelf*, *-*-netbsdaout*, | |
146 | # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently | |
147 | # switched to ELF, *-*-netbsd* would select the old | |
148 | # object file format. This provides both forward | |
149 | # compatibility and a consistent mechanism for selecting the | |
150 | # object file format. | |
151 | # | |
152 | # Note: NetBSD doesn't particularly care about the vendor | |
153 | # portion of the name. We always set it to "unknown". | |
154 | sysctl="sysctl -n hw.machine_arch" | |
155 | UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \ | |
156 | /usr/sbin/$sysctl 2>/dev/null || echo unknown)` | |
157 | case "${UNAME_MACHINE_ARCH}" in | |
158 | armeb) machine=armeb-unknown ;; | |
159 | arm*) machine=arm-unknown ;; | |
160 | sh3el) machine=shl-unknown ;; | |
161 | sh3eb) machine=sh-unknown ;; | |
162 | sh5el) machine=sh5le-unknown ;; | |
163 | *) machine=${UNAME_MACHINE_ARCH}-unknown ;; | |
164 | esac | |
165 | # The Operating System including object format, if it has switched | |
166 | # to ELF recently, or will in the future. | |
167 | case "${UNAME_MACHINE_ARCH}" in | |
168 | arm*|i386|m68k|ns32k|sh3*|sparc|vax) | |
169 | eval $set_cc_for_build | |
170 | if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ | |
171 | | grep -q __ELF__ | |
172 | then | |
173 | # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). | |
174 | # Return netbsd for either. FIX? | |
175 | os=netbsd | |
176 | else | |
177 | os=netbsdelf | |
178 | fi | |
179 | ;; | |
180 | *) | |
181 | os=netbsd | |
182 | ;; | |
183 | esac | |
184 | # The OS release | |
185 | # Debian GNU/NetBSD machines have a different userland, and | |
186 | # thus, need a distinct triplet. However, they do not need | |
187 | # kernel version information, so it can be replaced with a | |
188 | # suitable tag, in the style of linux-gnu. | |
189 | case "${UNAME_VERSION}" in | |
190 | Debian*) | |
191 | release='-gnu' | |
192 | ;; | |
193 | *) | |
194 | release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` | |
195 | ;; | |
196 | esac | |
197 | # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: | |
198 | # contains redundant information, the shorter form: | |
199 | # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. | |
200 | echo "${machine}-${os}${release}" | |
201 | exit ;; | |
202 | *:OpenBSD:*:*) | |
203 | UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` | |
204 | echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} | |
205 | exit ;; | |
206 | *:ekkoBSD:*:*) | |
207 | echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} | |
208 | exit ;; | |
209 | *:SolidBSD:*:*) | |
210 | echo ${UNAME_MACHINE}-unknown-solidbsd${UNAME_RELEASE} | |
211 | exit ;; | |
212 | macppc:MirBSD:*:*) | |
213 | echo powerpc-unknown-mirbsd${UNAME_RELEASE} | |
214 | exit ;; | |
215 | *:MirBSD:*:*) | |
216 | echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE} | |
217 | exit ;; | |
218 | alpha:OSF1:*:*) | |
219 | case $UNAME_RELEASE in | |
220 | *4.0) | |
221 | UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` | |
222 | ;; | |
223 | *5.*) | |
224 | UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` | |
225 | ;; | |
226 | esac | |
227 | # According to Compaq, /usr/sbin/psrinfo has been available on | |
228 | # OSF/1 and Tru64 systems produced since 1995. I hope that | |
229 | # covers most systems running today. This code pipes the CPU | |
230 | # types through head -n 1, so we only detect the type of CPU 0. | |
231 | ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` | |
232 | case "$ALPHA_CPU_TYPE" in | |
233 | "EV4 (21064)") | |
234 | UNAME_MACHINE="alpha" ;; | |
235 | "EV4.5 (21064)") | |
236 | UNAME_MACHINE="alpha" ;; | |
237 | "LCA4 (21066/21068)") | |
238 | UNAME_MACHINE="alpha" ;; | |
239 | "EV5 (21164)") | |
240 | UNAME_MACHINE="alphaev5" ;; | |
241 | "EV5.6 (21164A)") | |
242 | UNAME_MACHINE="alphaev56" ;; | |
243 | "EV5.6 (21164PC)") | |
244 | UNAME_MACHINE="alphapca56" ;; | |
245 | "EV5.7 (21164PC)") | |
246 | UNAME_MACHINE="alphapca57" ;; | |
247 | "EV6 (21264)") | |
248 | UNAME_MACHINE="alphaev6" ;; | |
249 | "EV6.7 (21264A)") | |
250 | UNAME_MACHINE="alphaev67" ;; | |
251 | "EV6.8CB (21264C)") | |
252 | UNAME_MACHINE="alphaev68" ;; | |
253 | "EV6.8AL (21264B)") | |
254 | UNAME_MACHINE="alphaev68" ;; | |
255 | "EV6.8CX (21264D)") | |
256 | UNAME_MACHINE="alphaev68" ;; | |
257 | "EV6.9A (21264/EV69A)") | |
258 | UNAME_MACHINE="alphaev69" ;; | |
259 | "EV7 (21364)") | |
260 | UNAME_MACHINE="alphaev7" ;; | |
261 | "EV7.9 (21364A)") | |
262 | UNAME_MACHINE="alphaev79" ;; | |
263 | esac | |
264 | # A Pn.n version is a patched version. | |
265 | # A Vn.n version is a released version. | |
266 | # A Tn.n version is a released field test version. | |
267 | # A Xn.n version is an unreleased experimental baselevel. | |
268 | # 1.2 uses "1.2" for uname -r. | |
269 | echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` | |
270 | # Reset EXIT trap before exiting to avoid spurious non-zero exit code. | |
271 | exitcode=$? | |
272 | trap '' 0 | |
273 | exit $exitcode ;; | |
274 | Alpha\ *:Windows_NT*:*) | |
275 | # How do we know it's Interix rather than the generic POSIX subsystem? | |
276 | # Should we change UNAME_MACHINE based on the output of uname instead | |
277 | # of the specific Alpha model? | |
278 | echo alpha-pc-interix | |
279 | exit ;; | |
280 | 21064:Windows_NT:50:3) | |
281 | echo alpha-dec-winnt3.5 | |
282 | exit ;; | |
283 | Amiga*:UNIX_System_V:4.0:*) | |
284 | echo m68k-unknown-sysv4 | |
285 | exit ;; | |
286 | *:[Aa]miga[Oo][Ss]:*:*) | |
287 | echo ${UNAME_MACHINE}-unknown-amigaos | |
288 | exit ;; | |
289 | *:[Mm]orph[Oo][Ss]:*:*) | |
290 | echo ${UNAME_MACHINE}-unknown-morphos | |
291 | exit ;; | |
292 | *:OS/390:*:*) | |
293 | echo i370-ibm-openedition | |
294 | exit ;; | |
295 | *:z/VM:*:*) | |
296 | echo s390-ibm-zvmoe | |
297 | exit ;; | |
298 | *:OS400:*:*) | |
299 | echo powerpc-ibm-os400 | |
300 | exit ;; | |
301 | arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) | |
302 | echo arm-acorn-riscix${UNAME_RELEASE} | |
303 | exit ;; | |
304 | arm:riscos:*:*|arm:RISCOS:*:*) | |
305 | echo arm-unknown-riscos | |
306 | exit ;; | |
307 | SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) | |
308 | echo hppa1.1-hitachi-hiuxmpp | |
309 | exit ;; | |
310 | Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) | |
311 | # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. | |
312 | if test "`(/bin/universe) 2>/dev/null`" = att ; then | |
313 | echo pyramid-pyramid-sysv3 | |
314 | else | |
315 | echo pyramid-pyramid-bsd | |
316 | fi | |
317 | exit ;; | |
318 | NILE*:*:*:dcosx) | |
319 | echo pyramid-pyramid-svr4 | |
320 | exit ;; | |
321 | DRS?6000:unix:4.0:6*) | |
322 | echo sparc-icl-nx6 | |
323 | exit ;; | |
324 | DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) | |
325 | case `/usr/bin/uname -p` in | |
326 | sparc) echo sparc-icl-nx7; exit ;; | |
327 | esac ;; | |
328 | s390x:SunOS:*:*) | |
329 | echo ${UNAME_MACHINE}-ibm-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` | |
330 | exit ;; | |
331 | sun4H:SunOS:5.*:*) | |
332 | echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` | |
333 | exit ;; | |
334 | sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) | |
335 | echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` | |
336 | exit ;; | |
337 | i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*) | |
338 | echo i386-pc-auroraux${UNAME_RELEASE} | |
339 | exit ;; | |
340 | i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*) | |
341 | eval $set_cc_for_build | |
342 | SUN_ARCH="i386" | |
343 | # If there is a compiler, see if it is configured for 64-bit objects. | |
344 | # Note that the Sun cc does not turn __LP64__ into 1 like gcc does. | |
345 | # This test works for both compilers. | |
346 | if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then | |
347 | if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \ | |
348 | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ | |
349 | grep IS_64BIT_ARCH >/dev/null | |
350 | then | |
351 | SUN_ARCH="x86_64" | |
352 | fi | |
353 | fi | |
354 | echo ${SUN_ARCH}-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` | |
355 | exit ;; | |
356 | sun4*:SunOS:6*:*) | |
357 | # According to config.sub, this is the proper way to canonicalize | |
358 | # SunOS6. Hard to guess exactly what SunOS6 will be like, but | |
359 | # it's likely to be more like Solaris than SunOS4. | |
360 | echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` | |
361 | exit ;; | |
362 | sun4*:SunOS:*:*) | |
363 | case "`/usr/bin/arch -k`" in | |
364 | Series*|S4*) | |
365 | UNAME_RELEASE=`uname -v` | |
366 | ;; | |
367 | esac | |
368 | # Japanese Language versions have a version number like `4.1.3-JL'. | |
369 | echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` | |
370 | exit ;; | |
371 | sun3*:SunOS:*:*) | |
372 | echo m68k-sun-sunos${UNAME_RELEASE} | |
373 | exit ;; | |
374 | sun*:*:4.2BSD:*) | |
375 | UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` | |
376 | test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 | |
377 | case "`/bin/arch`" in | |
378 | sun3) | |
379 | echo m68k-sun-sunos${UNAME_RELEASE} | |
380 | ;; | |
381 | sun4) | |
382 | echo sparc-sun-sunos${UNAME_RELEASE} | |
383 | ;; | |
384 | esac | |
385 | exit ;; | |
386 | aushp:SunOS:*:*) | |
387 | echo sparc-auspex-sunos${UNAME_RELEASE} | |
388 | exit ;; | |
389 | # The situation for MiNT is a little confusing. The machine name | |
390 | # can be virtually everything (everything which is not | |
391 | # "atarist" or "atariste" at least should have a processor | |
392 | # > m68000). The system name ranges from "MiNT" over "FreeMiNT" | |
393 | # to the lowercase version "mint" (or "freemint"). Finally | |
394 | # the system name "TOS" denotes a system which is actually not | |
395 | # MiNT. But MiNT is downward compatible to TOS, so this should | |
396 | # be no problem. | |
397 | atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) | |
398 | echo m68k-atari-mint${UNAME_RELEASE} | |
399 | exit ;; | |
400 | atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) | |
401 | echo m68k-atari-mint${UNAME_RELEASE} | |
402 | exit ;; | |
403 | *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) | |
404 | echo m68k-atari-mint${UNAME_RELEASE} | |
405 | exit ;; | |
406 | milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) | |
407 | echo m68k-milan-mint${UNAME_RELEASE} | |
408 | exit ;; | |
409 | hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) | |
410 | echo m68k-hades-mint${UNAME_RELEASE} | |
411 | exit ;; | |
412 | *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) | |
413 | echo m68k-unknown-mint${UNAME_RELEASE} | |
414 | exit ;; | |
415 | m68k:machten:*:*) | |
416 | echo m68k-apple-machten${UNAME_RELEASE} | |
417 | exit ;; | |
418 | powerpc:machten:*:*) | |
419 | echo powerpc-apple-machten${UNAME_RELEASE} | |
420 | exit ;; | |
421 | RISC*:Mach:*:*) | |
422 | echo mips-dec-mach_bsd4.3 | |
423 | exit ;; | |
424 | RISC*:ULTRIX:*:*) | |
425 | echo mips-dec-ultrix${UNAME_RELEASE} | |
426 | exit ;; | |
427 | VAX*:ULTRIX*:*:*) | |
428 | echo vax-dec-ultrix${UNAME_RELEASE} | |
429 | exit ;; | |
430 | 2020:CLIX:*:* | 2430:CLIX:*:*) | |
431 | echo clipper-intergraph-clix${UNAME_RELEASE} | |
432 | exit ;; | |
433 | mips:*:*:UMIPS | mips:*:*:RISCos) | |
434 | eval $set_cc_for_build | |
435 | sed 's/^ //' << EOF >$dummy.c | |
436 | #ifdef __cplusplus | |
437 | #include <stdio.h> /* for printf() prototype */ | |
438 | int main (int argc, char *argv[]) { | |
439 | #else | |
440 | int main (argc, argv) int argc; char *argv[]; { | |
441 | #endif | |
442 | #if defined (host_mips) && defined (MIPSEB) | |
443 | #if defined (SYSTYPE_SYSV) | |
444 | printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0); | |
445 | #endif | |
446 | #if defined (SYSTYPE_SVR4) | |
447 | printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0); | |
448 | #endif | |
449 | #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD) | |
450 | printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0); | |
451 | #endif | |
452 | #endif | |
453 | exit (-1); | |
454 | } | |
455 | EOF | |
456 | $CC_FOR_BUILD -o $dummy $dummy.c && | |
457 | dummyarg=`echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` && | |
458 | SYSTEM_NAME=`$dummy $dummyarg` && | |
459 | { echo "$SYSTEM_NAME"; exit; } | |
460 | echo mips-mips-riscos${UNAME_RELEASE} | |
461 | exit ;; | |
462 | Motorola:PowerMAX_OS:*:*) | |
463 | echo powerpc-motorola-powermax | |
464 | exit ;; | |
465 | Motorola:*:4.3:PL8-*) | |
466 | echo powerpc-harris-powermax | |
467 | exit ;; | |
468 | Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) | |
469 | echo powerpc-harris-powermax | |
470 | exit ;; | |
471 | Night_Hawk:Power_UNIX:*:*) | |
472 | echo powerpc-harris-powerunix | |
473 | exit ;; | |
474 | m88k:CX/UX:7*:*) | |
475 | echo m88k-harris-cxux7 | |
476 | exit ;; | |
477 | m88k:*:4*:R4*) | |
478 | echo m88k-motorola-sysv4 | |
479 | exit ;; | |
480 | m88k:*:3*:R3*) | |
481 | echo m88k-motorola-sysv3 | |
482 | exit ;; | |
483 | AViiON:dgux:*:*) | |
484 | # DG/UX returns AViiON for all architectures | |
485 | UNAME_PROCESSOR=`/usr/bin/uname -p` | |
486 | if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] | |
487 | then | |
488 | if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ | |
489 | [ ${TARGET_BINARY_INTERFACE}x = x ] | |
490 | then | |
491 | echo m88k-dg-dgux${UNAME_RELEASE} | |
492 | else | |
493 | echo m88k-dg-dguxbcs${UNAME_RELEASE} | |
494 | fi | |
495 | else | |
496 | echo i586-dg-dgux${UNAME_RELEASE} | |
497 | fi | |
498 | exit ;; | |
499 | M88*:DolphinOS:*:*) # DolphinOS (SVR3) | |
500 | echo m88k-dolphin-sysv3 | |
501 | exit ;; | |
502 | M88*:*:R3*:*) | |
503 | # Delta 88k system running SVR3 | |
504 | echo m88k-motorola-sysv3 | |
505 | exit ;; | |
506 | XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) | |
507 | echo m88k-tektronix-sysv3 | |
508 | exit ;; | |
509 | Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) | |
510 | echo m68k-tektronix-bsd | |
511 | exit ;; | |
512 | *:IRIX*:*:*) | |
513 | echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` | |
514 | exit ;; | |
515 | ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. | |
516 | echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id | |
517 | exit ;; # Note that: echo "'`uname -s`'" gives 'AIX ' | |
518 | i*86:AIX:*:*) | |
519 | echo i386-ibm-aix | |
520 | exit ;; | |
521 | ia64:AIX:*:*) | |
522 | if [ -x /usr/bin/oslevel ] ; then | |
523 | IBM_REV=`/usr/bin/oslevel` | |
524 | else | |
525 | IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} | |
526 | fi | |
527 | echo ${UNAME_MACHINE}-ibm-aix${IBM_REV} | |
528 | exit ;; | |
529 | *:AIX:2:3) | |
530 | if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then | |
531 | eval $set_cc_for_build | |
532 | sed 's/^ //' << EOF >$dummy.c | |
533 | #include <sys/systemcfg.h> | |
534 | ||
535 | main() | |
536 | { | |
537 | if (!__power_pc()) | |
538 | exit(1); | |
539 | puts("powerpc-ibm-aix3.2.5"); | |
540 | exit(0); | |
541 | } | |
542 | EOF | |
543 | if $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` | |
544 | then | |
545 | echo "$SYSTEM_NAME" | |
546 | else | |
547 | echo rs6000-ibm-aix3.2.5 | |
548 | fi | |
549 | elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then | |
550 | echo rs6000-ibm-aix3.2.4 | |
551 | else | |
552 | echo rs6000-ibm-aix3.2 | |
553 | fi | |
554 | exit ;; | |
555 | *:AIX:*:[4567]) | |
556 | IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` | |
557 | if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then | |
558 | IBM_ARCH=rs6000 | |
559 | else | |
560 | IBM_ARCH=powerpc | |
561 | fi | |
562 | if [ -x /usr/bin/oslevel ] ; then | |
563 | IBM_REV=`/usr/bin/oslevel` | |
564 | else | |
565 | IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} | |
566 | fi | |
567 | echo ${IBM_ARCH}-ibm-aix${IBM_REV} | |
568 | exit ;; | |
569 | *:AIX:*:*) | |
570 | echo rs6000-ibm-aix | |
571 | exit ;; | |
572 | ibmrt:4.4BSD:*|romp-ibm:BSD:*) | |
573 | echo romp-ibm-bsd4.4 | |
574 | exit ;; | |
575 | ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and | |
576 | echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to | |
577 | exit ;; # report: romp-ibm BSD 4.3 | |
578 | *:BOSX:*:*) | |
579 | echo rs6000-bull-bosx | |
580 | exit ;; | |
581 | DPX/2?00:B.O.S.:*:*) | |
582 | echo m68k-bull-sysv3 | |
583 | exit ;; | |
584 | 9000/[34]??:4.3bsd:1.*:*) | |
585 | echo m68k-hp-bsd | |
586 | exit ;; | |
587 | hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) | |
588 | echo m68k-hp-bsd4.4 | |
589 | exit ;; | |
590 | 9000/[34678]??:HP-UX:*:*) | |
591 | HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` | |
592 | case "${UNAME_MACHINE}" in | |
593 | 9000/31? ) HP_ARCH=m68000 ;; | |
594 | 9000/[34]?? ) HP_ARCH=m68k ;; | |
595 | 9000/[678][0-9][0-9]) | |
596 | if [ -x /usr/bin/getconf ]; then | |
597 | sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` | |
598 | sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` | |
599 | case "${sc_cpu_version}" in | |
600 | 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 | |
601 | 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 | |
602 | 532) # CPU_PA_RISC2_0 | |
603 | case "${sc_kernel_bits}" in | |
604 | 32) HP_ARCH="hppa2.0n" ;; | |
605 | 64) HP_ARCH="hppa2.0w" ;; | |
606 | '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 | |
607 | esac ;; | |
608 | esac | |
609 | fi | |
610 | if [ "${HP_ARCH}" = "" ]; then | |
611 | eval $set_cc_for_build | |
612 | sed 's/^ //' << EOF >$dummy.c | |
613 | ||
614 | #define _HPUX_SOURCE | |
615 | #include <stdlib.h> | |
616 | #include <unistd.h> | |
617 | ||
618 | int main () | |
619 | { | |
620 | #if defined(_SC_KERNEL_BITS) | |
621 | long bits = sysconf(_SC_KERNEL_BITS); | |
622 | #endif | |
623 | long cpu = sysconf (_SC_CPU_VERSION); | |
624 | ||
625 | switch (cpu) | |
626 | { | |
627 | case CPU_PA_RISC1_0: puts ("hppa1.0"); break; | |
628 | case CPU_PA_RISC1_1: puts ("hppa1.1"); break; | |
629 | case CPU_PA_RISC2_0: | |
630 | #if defined(_SC_KERNEL_BITS) | |
631 | switch (bits) | |
632 | { | |
633 | case 64: puts ("hppa2.0w"); break; | |
634 | case 32: puts ("hppa2.0n"); break; | |
635 | default: puts ("hppa2.0"); break; | |
636 | } break; | |
637 | #else /* !defined(_SC_KERNEL_BITS) */ | |
638 | puts ("hppa2.0"); break; | |
639 | #endif | |
640 | default: puts ("hppa1.0"); break; | |
641 | } | |
642 | exit (0); | |
643 | } | |
644 | EOF | |
645 | (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` | |
646 | test -z "$HP_ARCH" && HP_ARCH=hppa | |
647 | fi ;; | |
648 | esac | |
649 | if [ ${HP_ARCH} = "hppa2.0w" ] | |
650 | then | |
651 | eval $set_cc_for_build | |
652 | ||
653 | # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating | |
654 | # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler | |
655 | # generating 64-bit code. GNU and HP use different nomenclature: | |
656 | # | |
657 | # $ CC_FOR_BUILD=cc ./config.guess | |
658 | # => hppa2.0w-hp-hpux11.23 | |
659 | # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess | |
660 | # => hppa64-hp-hpux11.23 | |
661 | ||
662 | if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | | |
663 | grep -q __LP64__ | |
664 | then | |
665 | HP_ARCH="hppa2.0w" | |
666 | else | |
667 | HP_ARCH="hppa64" | |
668 | fi | |
669 | fi | |
670 | echo ${HP_ARCH}-hp-hpux${HPUX_REV} | |
671 | exit ;; | |
672 | ia64:HP-UX:*:*) | |
673 | HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` | |
674 | echo ia64-hp-hpux${HPUX_REV} | |
675 | exit ;; | |
676 | 3050*:HI-UX:*:*) | |
677 | eval $set_cc_for_build | |
678 | sed 's/^ //' << EOF >$dummy.c | |
679 | #include <unistd.h> | |
680 | int | |
681 | main () | |
682 | { | |
683 | long cpu = sysconf (_SC_CPU_VERSION); | |
684 | /* The order matters, because CPU_IS_HP_MC68K erroneously returns | |
685 | true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct | |
686 | results, however. */ | |
687 | if (CPU_IS_PA_RISC (cpu)) | |
688 | { | |
689 | switch (cpu) | |
690 | { | |
691 | case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break; | |
692 | case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break; | |
693 | case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break; | |
694 | default: puts ("hppa-hitachi-hiuxwe2"); break; | |
695 | } | |
696 | } | |
697 | else if (CPU_IS_HP_MC68K (cpu)) | |
698 | puts ("m68k-hitachi-hiuxwe2"); | |
699 | else puts ("unknown-hitachi-hiuxwe2"); | |
700 | exit (0); | |
701 | } | |
702 | EOF | |
703 | $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` && | |
704 | { echo "$SYSTEM_NAME"; exit; } | |
705 | echo unknown-hitachi-hiuxwe2 | |
706 | exit ;; | |
707 | 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) | |
708 | echo hppa1.1-hp-bsd | |
709 | exit ;; | |
710 | 9000/8??:4.3bsd:*:*) | |
711 | echo hppa1.0-hp-bsd | |
712 | exit ;; | |
713 | *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) | |
714 | echo hppa1.0-hp-mpeix | |
715 | exit ;; | |
716 | hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) | |
717 | echo hppa1.1-hp-osf | |
718 | exit ;; | |
719 | hp8??:OSF1:*:*) | |
720 | echo hppa1.0-hp-osf | |
721 | exit ;; | |
722 | i*86:OSF1:*:*) | |
723 | if [ -x /usr/sbin/sysversion ] ; then | |
724 | echo ${UNAME_MACHINE}-unknown-osf1mk | |
725 | else | |
726 | echo ${UNAME_MACHINE}-unknown-osf1 | |
727 | fi | |
728 | exit ;; | |
729 | parisc*:Lites*:*:*) | |
730 | echo hppa1.1-hp-lites | |
731 | exit ;; | |
732 | C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) | |
733 | echo c1-convex-bsd | |
734 | exit ;; | |
735 | C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) | |
736 | if getsysinfo -f scalar_acc | |
737 | then echo c32-convex-bsd | |
738 | else echo c2-convex-bsd | |
739 | fi | |
740 | exit ;; | |
741 | C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) | |
742 | echo c34-convex-bsd | |
743 | exit ;; | |
744 | C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) | |
745 | echo c38-convex-bsd | |
746 | exit ;; | |
747 | C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) | |
748 | echo c4-convex-bsd | |
749 | exit ;; | |
750 | CRAY*Y-MP:*:*:*) | |
751 | echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' | |
752 | exit ;; | |
753 | CRAY*[A-Z]90:*:*:*) | |
754 | echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ | |
755 | | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ | |
756 | -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \ | |
757 | -e 's/\.[^.]*$/.X/' | |
758 | exit ;; | |
759 | CRAY*TS:*:*:*) | |
760 | echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' | |
761 | exit ;; | |
762 | CRAY*T3E:*:*:*) | |
763 | echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' | |
764 | exit ;; | |
765 | CRAY*SV1:*:*:*) | |
766 | echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' | |
767 | exit ;; | |
768 | *:UNICOS/mp:*:*) | |
769 | echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' | |
770 | exit ;; | |
771 | F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) | |
772 | FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` | |
773 | FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` | |
774 | FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` | |
775 | echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" | |
776 | exit ;; | |
777 | 5000:UNIX_System_V:4.*:*) | |
778 | FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` | |
779 | FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` | |
780 | echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" | |
781 | exit ;; | |
782 | i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) | |
783 | echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} | |
784 | exit ;; | |
785 | sparc*:BSD/OS:*:*) | |
786 | echo sparc-unknown-bsdi${UNAME_RELEASE} | |
787 | exit ;; | |
788 | *:BSD/OS:*:*) | |
789 | echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} | |
790 | exit ;; | |
791 | *:FreeBSD:*:*) | |
792 | UNAME_PROCESSOR=`/usr/bin/uname -p` | |
793 | case ${UNAME_PROCESSOR} in | |
794 | amd64) | |
795 | echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; | |
796 | *) | |
797 | echo ${UNAME_PROCESSOR}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; | |
798 | esac | |
799 | exit ;; | |
800 | i*:CYGWIN*:*) | |
801 | echo ${UNAME_MACHINE}-pc-cygwin | |
802 | exit ;; | |
803 | *:MINGW*:*) | |
804 | echo ${UNAME_MACHINE}-pc-mingw32 | |
805 | exit ;; | |
806 | i*:MSYS*:*) | |
807 | echo ${UNAME_MACHINE}-pc-msys | |
808 | exit ;; | |
809 | i*:windows32*:*) | |
810 | # uname -m includes "-pc" on this system. | |
811 | echo ${UNAME_MACHINE}-mingw32 | |
812 | exit ;; | |
813 | i*:PW*:*) | |
814 | echo ${UNAME_MACHINE}-pc-pw32 | |
815 | exit ;; | |
816 | *:Interix*:*) | |
817 | case ${UNAME_MACHINE} in | |
818 | x86) | |
819 | echo i586-pc-interix${UNAME_RELEASE} | |
820 | exit ;; | |
821 | authenticamd | genuineintel | EM64T) | |
822 | echo x86_64-unknown-interix${UNAME_RELEASE} | |
823 | exit ;; | |
824 | IA64) | |
825 | echo ia64-unknown-interix${UNAME_RELEASE} | |
826 | exit ;; | |
827 | esac ;; | |
828 | [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) | |
829 | echo i${UNAME_MACHINE}-pc-mks | |
830 | exit ;; | |
831 | 8664:Windows_NT:*) | |
832 | echo x86_64-pc-mks | |
833 | exit ;; | |
834 | i*:Windows_NT*:* | Pentium*:Windows_NT*:*) | |
835 | # How do we know it's Interix rather than the generic POSIX subsystem? | |
836 | # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we | |
837 | # UNAME_MACHINE based on the output of uname instead of i386? | |
838 | echo i586-pc-interix | |
839 | exit ;; | |
840 | i*:UWIN*:*) | |
841 | echo ${UNAME_MACHINE}-pc-uwin | |
842 | exit ;; | |
843 | amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*) | |
844 | echo x86_64-unknown-cygwin | |
845 | exit ;; | |
846 | p*:CYGWIN*:*) | |
847 | echo powerpcle-unknown-cygwin | |
848 | exit ;; | |
849 | prep*:SunOS:5.*:*) | |
850 | echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` | |
851 | exit ;; | |
852 | *:GNU:*:*) | |
853 | # the GNU system | |
854 | echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` | |
855 | exit ;; | |
856 | *:GNU/*:*:*) | |
857 | # other systems with GNU libc and userland | |
858 | echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu | |
859 | exit ;; | |
860 | i*86:Minix:*:*) | |
861 | echo ${UNAME_MACHINE}-pc-minix | |
862 | exit ;; | |
863 | aarch64:Linux:*:*) | |
864 | echo ${UNAME_MACHINE}-unknown-linux-gnu | |
865 | exit ;; | |
866 | aarch64_be:Linux:*:*) | |
867 | UNAME_MACHINE=aarch64_be | |
868 | echo ${UNAME_MACHINE}-unknown-linux-gnu | |
869 | exit ;; | |
870 | alpha:Linux:*:*) | |
871 | case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in | |
872 | EV5) UNAME_MACHINE=alphaev5 ;; | |
873 | EV56) UNAME_MACHINE=alphaev56 ;; | |
874 | PCA56) UNAME_MACHINE=alphapca56 ;; | |
875 | PCA57) UNAME_MACHINE=alphapca56 ;; | |
876 | EV6) UNAME_MACHINE=alphaev6 ;; | |
877 | EV67) UNAME_MACHINE=alphaev67 ;; | |
878 | EV68*) UNAME_MACHINE=alphaev68 ;; | |
879 | esac | |
880 | objdump --private-headers /bin/sh | grep -q ld.so.1 | |
881 | if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi | |
882 | echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} | |
883 | exit ;; | |
884 | arm*:Linux:*:*) | |
885 | eval $set_cc_for_build | |
886 | if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \ | |
887 | | grep -q __ARM_EABI__ | |
888 | then | |
889 | echo ${UNAME_MACHINE}-unknown-linux-gnu | |
890 | else | |
891 | if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \ | |
892 | | grep -q __ARM_PCS_VFP | |
893 | then | |
894 | echo ${UNAME_MACHINE}-unknown-linux-gnueabi | |
895 | else | |
896 | echo ${UNAME_MACHINE}-unknown-linux-gnueabihf | |
897 | fi | |
898 | fi | |
899 | exit ;; | |
900 | avr32*:Linux:*:*) | |
901 | echo ${UNAME_MACHINE}-unknown-linux-gnu | |
902 | exit ;; | |
903 | cris:Linux:*:*) | |
904 | echo ${UNAME_MACHINE}-axis-linux-gnu | |
905 | exit ;; | |
906 | crisv32:Linux:*:*) | |
907 | echo ${UNAME_MACHINE}-axis-linux-gnu | |
908 | exit ;; | |
909 | frv:Linux:*:*) | |
910 | echo ${UNAME_MACHINE}-unknown-linux-gnu | |
911 | exit ;; | |
912 | hexagon:Linux:*:*) | |
913 | echo ${UNAME_MACHINE}-unknown-linux-gnu | |
914 | exit ;; | |
915 | i*86:Linux:*:*) | |
916 | LIBC=gnu | |
917 | eval $set_cc_for_build | |
918 | sed 's/^ //' << EOF >$dummy.c | |
919 | #ifdef __dietlibc__ | |
920 | LIBC=dietlibc | |
921 | #endif | |
922 | EOF | |
923 | eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'` | |
924 | echo "${UNAME_MACHINE}-pc-linux-${LIBC}" | |
925 | exit ;; | |
926 | ia64:Linux:*:*) | |
927 | echo ${UNAME_MACHINE}-unknown-linux-gnu | |
928 | exit ;; | |
929 | m32r*:Linux:*:*) | |
930 | echo ${UNAME_MACHINE}-unknown-linux-gnu | |
931 | exit ;; | |
932 | m68*:Linux:*:*) | |
933 | echo ${UNAME_MACHINE}-unknown-linux-gnu | |
934 | exit ;; | |
935 | mips:Linux:*:* | mips64:Linux:*:*) | |
936 | eval $set_cc_for_build | |
937 | sed 's/^ //' << EOF >$dummy.c | |
938 | #undef CPU | |
939 | #undef ${UNAME_MACHINE} | |
940 | #undef ${UNAME_MACHINE}el | |
941 | #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) | |
942 | CPU=${UNAME_MACHINE}el | |
943 | #else | |
944 | #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) | |
945 | CPU=${UNAME_MACHINE} | |
946 | #else | |
947 | CPU= | |
948 | #endif | |
949 | #endif | |
950 | EOF | |
951 | eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'` | |
952 | test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } | |
953 | ;; | |
954 | or32:Linux:*:*) | |
955 | echo ${UNAME_MACHINE}-unknown-linux-gnu | |
956 | exit ;; | |
957 | padre:Linux:*:*) | |
958 | echo sparc-unknown-linux-gnu | |
959 | exit ;; | |
960 | parisc64:Linux:*:* | hppa64:Linux:*:*) | |
961 | echo hppa64-unknown-linux-gnu | |
962 | exit ;; | |
963 | parisc:Linux:*:* | hppa:Linux:*:*) | |
964 | # Look for CPU level | |
965 | case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in | |
966 | PA7*) echo hppa1.1-unknown-linux-gnu ;; | |
967 | PA8*) echo hppa2.0-unknown-linux-gnu ;; | |
968 | *) echo hppa-unknown-linux-gnu ;; | |
969 | esac | |
970 | exit ;; | |
971 | ppc64:Linux:*:*) | |
972 | echo powerpc64-unknown-linux-gnu | |
973 | exit ;; | |
974 | ppc:Linux:*:*) | |
975 | echo powerpc-unknown-linux-gnu | |
976 | exit ;; | |
977 | s390:Linux:*:* | s390x:Linux:*:*) | |
978 | echo ${UNAME_MACHINE}-ibm-linux | |
979 | exit ;; | |
980 | sh64*:Linux:*:*) | |
981 | echo ${UNAME_MACHINE}-unknown-linux-gnu | |
982 | exit ;; | |
983 | sh*:Linux:*:*) | |
984 | echo ${UNAME_MACHINE}-unknown-linux-gnu | |
985 | exit ;; | |
986 | sparc:Linux:*:* | sparc64:Linux:*:*) | |
987 | echo ${UNAME_MACHINE}-unknown-linux-gnu | |
988 | exit ;; | |
989 | tile*:Linux:*:*) | |
990 | echo ${UNAME_MACHINE}-unknown-linux-gnu | |
991 | exit ;; | |
992 | vax:Linux:*:*) | |
993 | echo ${UNAME_MACHINE}-dec-linux-gnu | |
994 | exit ;; | |
995 | x86_64:Linux:*:*) | |
996 | echo ${UNAME_MACHINE}-unknown-linux-gnu | |
997 | exit ;; | |
998 | xtensa*:Linux:*:*) | |
999 | echo ${UNAME_MACHINE}-unknown-linux-gnu | |
1000 | exit ;; | |
1001 | i*86:DYNIX/ptx:4*:*) | |
1002 | # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. | |
1003 | # earlier versions are messed up and put the nodename in both | |
1004 | # sysname and nodename. | |
1005 | echo i386-sequent-sysv4 | |
1006 | exit ;; | |
1007 | i*86:UNIX_SV:4.2MP:2.*) | |
1008 | # Unixware is an offshoot of SVR4, but it has its own version | |
1009 | # number series starting with 2... | |
1010 | # I am not positive that other SVR4 systems won't match this, | |
1011 | # I just have to hope. -- rms. | |
1012 | # Use sysv4.2uw... so that sysv4* matches it. | |
1013 | echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} | |
1014 | exit ;; | |
1015 | i*86:OS/2:*:*) | |
1016 | # If we were able to find `uname', then EMX Unix compatibility | |
1017 | # is probably installed. | |
1018 | echo ${UNAME_MACHINE}-pc-os2-emx | |
1019 | exit ;; | |
1020 | i*86:XTS-300:*:STOP) | |
1021 | echo ${UNAME_MACHINE}-unknown-stop | |
1022 | exit ;; | |
1023 | i*86:atheos:*:*) | |
1024 | echo ${UNAME_MACHINE}-unknown-atheos | |
1025 | exit ;; | |
1026 | i*86:syllable:*:*) | |
1027 | echo ${UNAME_MACHINE}-pc-syllable | |
1028 | exit ;; | |
1029 | i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*) | |
1030 | echo i386-unknown-lynxos${UNAME_RELEASE} | |
1031 | exit ;; | |
1032 | i*86:*DOS:*:*) | |
1033 | echo ${UNAME_MACHINE}-pc-msdosdjgpp | |
1034 | exit ;; | |
1035 | i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*) | |
1036 | UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` | |
1037 | if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then | |
1038 | echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL} | |
1039 | else | |
1040 | echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} | |
1041 | fi | |
1042 | exit ;; | |
1043 | i*86:*:5:[678]*) | |
1044 | # UnixWare 7.x, OpenUNIX and OpenServer 6. | |
1045 | case `/bin/uname -X | grep "^Machine"` in | |
1046 | *486*) UNAME_MACHINE=i486 ;; | |
1047 | *Pentium) UNAME_MACHINE=i586 ;; | |
1048 | *Pent*|*Celeron) UNAME_MACHINE=i686 ;; | |
1049 | esac | |
1050 | echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} | |
1051 | exit ;; | |
1052 | i*86:*:3.2:*) | |
1053 | if test -f /usr/options/cb.name; then | |
1054 | UNAME_REL=`sed -n 's/.*Version //p' </usr/options/cb.name` | |
1055 | echo ${UNAME_MACHINE}-pc-isc$UNAME_REL | |
1056 | elif /bin/uname -X 2>/dev/null >/dev/null ; then | |
1057 | UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')` | |
1058 | (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486 | |
1059 | (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \ | |
1060 | && UNAME_MACHINE=i586 | |
1061 | (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \ | |
1062 | && UNAME_MACHINE=i686 | |
1063 | (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \ | |
1064 | && UNAME_MACHINE=i686 | |
1065 | echo ${UNAME_MACHINE}-pc-sco$UNAME_REL | |
1066 | else | |
1067 | echo ${UNAME_MACHINE}-pc-sysv32 | |
1068 | fi | |
1069 | exit ;; | |
1070 | pc:*:*:*) | |
1071 | # Left here for compatibility: | |
1072 | # uname -m prints for DJGPP always 'pc', but it prints nothing about | |
1073 | # the processor, so we play safe by assuming i586. | |
1074 | # Note: whatever this is, it MUST be the same as what config.sub | |
1075 | # prints for the "djgpp" host, or else GDB configury will decide that | |
1076 | # this is a cross-build. | |
1077 | echo i586-pc-msdosdjgpp | |
1078 | exit ;; | |
1079 | Intel:Mach:3*:*) | |
1080 | echo i386-pc-mach3 | |
1081 | exit ;; | |
1082 | paragon:*:*:*) | |
1083 | echo i860-intel-osf1 | |
1084 | exit ;; | |
1085 | i860:*:4.*:*) # i860-SVR4 | |
1086 | if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then | |
1087 | echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 | |
1088 | else # Add other i860-SVR4 vendors below as they are discovered. | |
1089 | echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 | |
1090 | fi | |
1091 | exit ;; | |
1092 | mini*:CTIX:SYS*5:*) | |
1093 | # "miniframe" | |
1094 | echo m68010-convergent-sysv | |
1095 | exit ;; | |
1096 | mc68k:UNIX:SYSTEM5:3.51m) | |
1097 | echo m68k-convergent-sysv | |
1098 | exit ;; | |
1099 | M680?0:D-NIX:5.3:*) | |
1100 | echo m68k-diab-dnix | |
1101 | exit ;; | |
1102 | M68*:*:R3V[5678]*:*) | |
1103 | test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;; | |
1104 | 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) | |
1105 | OS_REL='' | |
1106 | test -r /etc/.relid \ | |
1107 | && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` | |
1108 | /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ | |
1109 | && { echo i486-ncr-sysv4.3${OS_REL}; exit; } | |
1110 | /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ | |
1111 | && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; | |
1112 | 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) | |
1113 | /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ | |
1114 | && { echo i486-ncr-sysv4; exit; } ;; | |
1115 | NCR*:*:4.2:* | MPRAS*:*:4.2:*) | |
1116 | OS_REL='.3' | |
1117 | test -r /etc/.relid \ | |
1118 | && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` | |
1119 | /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ | |
1120 | && { echo i486-ncr-sysv4.3${OS_REL}; exit; } | |
1121 | /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ | |
1122 | && { echo i586-ncr-sysv4.3${OS_REL}; exit; } | |
1123 | /bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \ | |
1124 | && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; | |
1125 | m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) | |
1126 | echo m68k-unknown-lynxos${UNAME_RELEASE} | |
1127 | exit ;; | |
1128 | mc68030:UNIX_System_V:4.*:*) | |
1129 | echo m68k-atari-sysv4 | |
1130 | exit ;; | |
1131 | TSUNAMI:LynxOS:2.*:*) | |
1132 | echo sparc-unknown-lynxos${UNAME_RELEASE} | |
1133 | exit ;; | |
1134 | rs6000:LynxOS:2.*:*) | |
1135 | echo rs6000-unknown-lynxos${UNAME_RELEASE} | |
1136 | exit ;; | |
1137 | PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*) | |
1138 | echo powerpc-unknown-lynxos${UNAME_RELEASE} | |
1139 | exit ;; | |
1140 | SM[BE]S:UNIX_SV:*:*) | |
1141 | echo mips-dde-sysv${UNAME_RELEASE} | |
1142 | exit ;; | |
1143 | RM*:ReliantUNIX-*:*:*) | |
1144 | echo mips-sni-sysv4 | |
1145 | exit ;; | |
1146 | RM*:SINIX-*:*:*) | |
1147 | echo mips-sni-sysv4 | |
1148 | exit ;; | |
1149 | *:SINIX-*:*:*) | |
1150 | if uname -p 2>/dev/null >/dev/null ; then | |
1151 | UNAME_MACHINE=`(uname -p) 2>/dev/null` | |
1152 | echo ${UNAME_MACHINE}-sni-sysv4 | |
1153 | else | |
1154 | echo ns32k-sni-sysv | |
1155 | fi | |
1156 | exit ;; | |
1157 | PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort | |
1158 | # says <Richard.M.Bartel@ccMail.Census.GOV> | |
1159 | echo i586-unisys-sysv4 | |
1160 | exit ;; | |
1161 | *:UNIX_System_V:4*:FTX*) | |
1162 | # From Gerald Hewes <hewes@openmarket.com>. | |
1163 | # How about differentiating between stratus architectures? -djm | |
1164 | echo hppa1.1-stratus-sysv4 | |
1165 | exit ;; | |
1166 | *:*:*:FTX*) | |
1167 | # From seanf@swdc.stratus.com. | |
1168 | echo i860-stratus-sysv4 | |
1169 | exit ;; | |
1170 | i*86:VOS:*:*) | |
1171 | # From Paul.Green@stratus.com. | |
1172 | echo ${UNAME_MACHINE}-stratus-vos | |
1173 | exit ;; | |
1174 | *:VOS:*:*) | |
1175 | # From Paul.Green@stratus.com. | |
1176 | echo hppa1.1-stratus-vos | |
1177 | exit ;; | |
1178 | mc68*:A/UX:*:*) | |
1179 | echo m68k-apple-aux${UNAME_RELEASE} | |
1180 | exit ;; | |
1181 | news*:NEWS-OS:6*:*) | |
1182 | echo mips-sony-newsos6 | |
1183 | exit ;; | |
1184 | R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) | |
1185 | if [ -d /usr/nec ]; then | |
1186 | echo mips-nec-sysv${UNAME_RELEASE} | |
1187 | else | |
1188 | echo mips-unknown-sysv${UNAME_RELEASE} | |
1189 | fi | |
1190 | exit ;; | |
1191 | BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. | |
1192 | echo powerpc-be-beos | |
1193 | exit ;; | |
1194 | BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. | |
1195 | echo powerpc-apple-beos | |
1196 | exit ;; | |
1197 | BePC:BeOS:*:*) # BeOS running on Intel PC compatible. | |
1198 | echo i586-pc-beos | |
1199 | exit ;; | |
1200 | BePC:Haiku:*:*) # Haiku running on Intel PC compatible. | |
1201 | echo i586-pc-haiku | |
1202 | exit ;; | |
1203 | SX-4:SUPER-UX:*:*) | |
1204 | echo sx4-nec-superux${UNAME_RELEASE} | |
1205 | exit ;; | |
1206 | SX-5:SUPER-UX:*:*) | |
1207 | echo sx5-nec-superux${UNAME_RELEASE} | |
1208 | exit ;; | |
1209 | SX-6:SUPER-UX:*:*) | |
1210 | echo sx6-nec-superux${UNAME_RELEASE} | |
1211 | exit ;; | |
1212 | SX-7:SUPER-UX:*:*) | |
1213 | echo sx7-nec-superux${UNAME_RELEASE} | |
1214 | exit ;; | |
1215 | SX-8:SUPER-UX:*:*) | |
1216 | echo sx8-nec-superux${UNAME_RELEASE} | |
1217 | exit ;; | |
1218 | SX-8R:SUPER-UX:*:*) | |
1219 | echo sx8r-nec-superux${UNAME_RELEASE} | |
1220 | exit ;; | |
1221 | Power*:Rhapsody:*:*) | |
1222 | echo powerpc-apple-rhapsody${UNAME_RELEASE} | |
1223 | exit ;; | |
1224 | *:Rhapsody:*:*) | |
1225 | echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} | |
1226 | exit ;; | |
1227 | *:Darwin:*:*) | |
1228 | UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown | |
1229 | case $UNAME_PROCESSOR in | |
1230 | i386) | |
1231 | eval $set_cc_for_build | |
1232 | if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then | |
1233 | if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ | |
1234 | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ | |
1235 | grep IS_64BIT_ARCH >/dev/null | |
1236 | then | |
1237 | UNAME_PROCESSOR="x86_64" | |
1238 | fi | |
1239 | fi ;; | |
1240 | unknown) UNAME_PROCESSOR=powerpc ;; | |
1241 | esac | |
1242 | echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} | |
1243 | exit ;; | |
1244 | *:procnto*:*:* | *:QNX:[0123456789]*:*) | |
1245 | UNAME_PROCESSOR=`uname -p` | |
1246 | if test "$UNAME_PROCESSOR" = "x86"; then | |
1247 | UNAME_PROCESSOR=i386 | |
1248 | UNAME_MACHINE=pc | |
1249 | fi | |
1250 | echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE} | |
1251 | exit ;; | |
1252 | *:QNX:*:4*) | |
1253 | echo i386-pc-qnx | |
1254 | exit ;; | |
1255 | NEO-?:NONSTOP_KERNEL:*:*) | |
1256 | echo neo-tandem-nsk${UNAME_RELEASE} | |
1257 | exit ;; | |
1258 | NSE-*:NONSTOP_KERNEL:*:*) | |
1259 | echo nse-tandem-nsk${UNAME_RELEASE} | |
1260 | exit ;; | |
1261 | NSR-?:NONSTOP_KERNEL:*:*) | |
1262 | echo nsr-tandem-nsk${UNAME_RELEASE} | |
1263 | exit ;; | |
1264 | *:NonStop-UX:*:*) | |
1265 | echo mips-compaq-nonstopux | |
1266 | exit ;; | |
1267 | BS2000:POSIX*:*:*) | |
1268 | echo bs2000-siemens-sysv | |
1269 | exit ;; | |
1270 | DS/*:UNIX_System_V:*:*) | |
1271 | echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} | |
1272 | exit ;; | |
1273 | *:Plan9:*:*) | |
1274 | # "uname -m" is not consistent, so use $cputype instead. 386 | |
1275 | # is converted to i386 for consistency with other x86 | |
1276 | # operating systems. | |
1277 | if test "$cputype" = "386"; then | |
1278 | UNAME_MACHINE=i386 | |
1279 | else | |
1280 | UNAME_MACHINE="$cputype" | |
1281 | fi | |
1282 | echo ${UNAME_MACHINE}-unknown-plan9 | |
1283 | exit ;; | |
1284 | *:TOPS-10:*:*) | |
1285 | echo pdp10-unknown-tops10 | |
1286 | exit ;; | |
1287 | *:TENEX:*:*) | |
1288 | echo pdp10-unknown-tenex | |
1289 | exit ;; | |
1290 | KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) | |
1291 | echo pdp10-dec-tops20 | |
1292 | exit ;; | |
1293 | XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) | |
1294 | echo pdp10-xkl-tops20 | |
1295 | exit ;; | |
1296 | *:TOPS-20:*:*) | |
1297 | echo pdp10-unknown-tops20 | |
1298 | exit ;; | |
1299 | *:ITS:*:*) | |
1300 | echo pdp10-unknown-its | |
1301 | exit ;; | |
1302 | SEI:*:*:SEIUX) | |
1303 | echo mips-sei-seiux${UNAME_RELEASE} | |
1304 | exit ;; | |
1305 | *:DragonFly:*:*) | |
1306 | echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` | |
1307 | exit ;; | |
1308 | *:*VMS:*:*) | |
1309 | UNAME_MACHINE=`(uname -p) 2>/dev/null` | |
1310 | case "${UNAME_MACHINE}" in | |
1311 | A*) echo alpha-dec-vms ; exit ;; | |
1312 | I*) echo ia64-dec-vms ; exit ;; | |
1313 | V*) echo vax-dec-vms ; exit ;; | |
1314 | esac ;; | |
1315 | *:XENIX:*:SysV) | |
1316 | echo i386-pc-xenix | |
1317 | exit ;; | |
1318 | i*86:skyos:*:*) | |
1319 | echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//' | |
1320 | exit ;; | |
1321 | i*86:rdos:*:*) | |
1322 | echo ${UNAME_MACHINE}-pc-rdos | |
1323 | exit ;; | |
1324 | i*86:AROS:*:*) | |
1325 | echo ${UNAME_MACHINE}-pc-aros | |
1326 | exit ;; | |
1327 | x86_64:VMkernel:*:*) | |
1328 | echo ${UNAME_MACHINE}-unknown-esx | |
1329 | exit ;; | |
1330 | esac | |
1331 | ||
1332 | #echo '(No uname command or uname output not recognized.)' 1>&2 | |
1333 | #echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 | |
1334 | ||
1335 | eval $set_cc_for_build | |
1336 | cat >$dummy.c <<EOF | |
1337 | #ifdef _SEQUENT_ | |
1338 | # include <sys/types.h> | |
1339 | # include <sys/utsname.h> | |
1340 | #endif | |
1341 | main () | |
1342 | { | |
1343 | #if defined (sony) | |
1344 | #if defined (MIPSEB) | |
1345 | /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, | |
1346 | I don't know.... */ | |
1347 | printf ("mips-sony-bsd\n"); exit (0); | |
1348 | #else | |
1349 | #include <sys/param.h> | |
1350 | printf ("m68k-sony-newsos%s\n", | |
1351 | #ifdef NEWSOS4 | |
1352 | "4" | |
1353 | #else | |
1354 | "" | |
1355 | #endif | |
1356 | ); exit (0); | |
1357 | #endif | |
1358 | #endif | |
1359 | ||
1360 | #if defined (__arm) && defined (__acorn) && defined (__unix) | |
1361 | printf ("arm-acorn-riscix\n"); exit (0); | |
1362 | #endif | |
1363 | ||
1364 | #if defined (hp300) && !defined (hpux) | |
1365 | printf ("m68k-hp-bsd\n"); exit (0); | |
1366 | #endif | |
1367 | ||
1368 | #if defined (NeXT) | |
1369 | #if !defined (__ARCHITECTURE__) | |
1370 | #define __ARCHITECTURE__ "m68k" | |
1371 | #endif | |
1372 | int version; | |
1373 | version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; | |
1374 | if (version < 4) | |
1375 | printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); | |
1376 | else | |
1377 | printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); | |
1378 | exit (0); | |
1379 | #endif | |
1380 | ||
1381 | #if defined (MULTIMAX) || defined (n16) | |
1382 | #if defined (UMAXV) | |
1383 | printf ("ns32k-encore-sysv\n"); exit (0); | |
1384 | #else | |
1385 | #if defined (CMU) | |
1386 | printf ("ns32k-encore-mach\n"); exit (0); | |
1387 | #else | |
1388 | printf ("ns32k-encore-bsd\n"); exit (0); | |
1389 | #endif | |
1390 | #endif | |
1391 | #endif | |
1392 | ||
1393 | #if defined (__386BSD__) | |
1394 | printf ("i386-pc-bsd\n"); exit (0); | |
1395 | #endif | |
1396 | ||
1397 | #if defined (sequent) | |
1398 | #if defined (i386) | |
1399 | printf ("i386-sequent-dynix\n"); exit (0); | |
1400 | #endif | |
1401 | #if defined (ns32000) | |
1402 | printf ("ns32k-sequent-dynix\n"); exit (0); | |
1403 | #endif | |
1404 | #endif | |
1405 | ||
1406 | #if defined (_SEQUENT_) | |
1407 | struct utsname un; | |
1408 | ||
1409 | uname(&un); | |
1410 | ||
1411 | if (strncmp(un.version, "V2", 2) == 0) { | |
1412 | printf ("i386-sequent-ptx2\n"); exit (0); | |
1413 | } | |
1414 | if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ | |
1415 | printf ("i386-sequent-ptx1\n"); exit (0); | |
1416 | } | |
1417 | printf ("i386-sequent-ptx\n"); exit (0); | |
1418 | ||
1419 | #endif | |
1420 | ||
1421 | #if defined (vax) | |
1422 | # if !defined (ultrix) | |
1423 | # include <sys/param.h> | |
1424 | # if defined (BSD) | |
1425 | # if BSD == 43 | |
1426 | printf ("vax-dec-bsd4.3\n"); exit (0); | |
1427 | # else | |
1428 | # if BSD == 199006 | |
1429 | printf ("vax-dec-bsd4.3reno\n"); exit (0); | |
1430 | # else | |
1431 | printf ("vax-dec-bsd\n"); exit (0); | |
1432 | # endif | |
1433 | # endif | |
1434 | # else | |
1435 | printf ("vax-dec-bsd\n"); exit (0); | |
1436 | # endif | |
1437 | # else | |
1438 | printf ("vax-dec-ultrix\n"); exit (0); | |
1439 | # endif | |
1440 | #endif | |
1441 | ||
1442 | #if defined (alliant) && defined (i860) | |
1443 | printf ("i860-alliant-bsd\n"); exit (0); | |
1444 | #endif | |
1445 | ||
1446 | exit (1); | |
1447 | } | |
1448 | EOF | |
1449 | ||
1450 | $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` && | |
1451 | { echo "$SYSTEM_NAME"; exit; } | |
1452 | ||
1453 | # Apollos put the system type in the environment. | |
1454 | ||
1455 | test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; } | |
1456 | ||
1457 | # Convex versions that predate uname can use getsysinfo(1) | |
1458 | ||
1459 | if [ -x /usr/convex/getsysinfo ] | |
1460 | then | |
1461 | case `getsysinfo -f cpu_type` in | |
1462 | c1*) | |
1463 | echo c1-convex-bsd | |
1464 | exit ;; | |
1465 | c2*) | |
1466 | if getsysinfo -f scalar_acc | |
1467 | then echo c32-convex-bsd | |
1468 | else echo c2-convex-bsd | |
1469 | fi | |
1470 | exit ;; | |
1471 | c34*) | |
1472 | echo c34-convex-bsd | |
1473 | exit ;; | |
1474 | c38*) | |
1475 | echo c38-convex-bsd | |
1476 | exit ;; | |
1477 | c4*) | |
1478 | echo c4-convex-bsd | |
1479 | exit ;; | |
1480 | esac | |
1481 | fi | |
1482 | ||
1483 | cat >&2 <<EOF | |
1484 | $0: unable to guess system type | |
1485 | ||
1486 | This script, last modified $timestamp, has failed to recognize | |
1487 | the operating system you are using. It is advised that you | |
1488 | download the most up to date version of the config scripts from | |
1489 | ||
1490 | http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD | |
1491 | and | |
1492 | http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD | |
1493 | ||
1494 | If the version you run ($0) is already up to date, please | |
1495 | send the following data and any information you think might be | |
1496 | pertinent to <config-patches@gnu.org> in order to provide the needed | |
1497 | information to handle your system. | |
1498 | ||
1499 | config.guess timestamp = $timestamp | |
1500 | ||
1501 | uname -m = `(uname -m) 2>/dev/null || echo unknown` | |
1502 | uname -r = `(uname -r) 2>/dev/null || echo unknown` | |
1503 | uname -s = `(uname -s) 2>/dev/null || echo unknown` | |
1504 | uname -v = `(uname -v) 2>/dev/null || echo unknown` | |
1505 | ||
1506 | /usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null` | |
1507 | /bin/uname -X = `(/bin/uname -X) 2>/dev/null` | |
1508 | ||
1509 | hostinfo = `(hostinfo) 2>/dev/null` | |
1510 | /bin/universe = `(/bin/universe) 2>/dev/null` | |
1511 | /usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null` | |
1512 | /bin/arch = `(/bin/arch) 2>/dev/null` | |
1513 | /usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null` | |
1514 | /usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null` | |
1515 | ||
1516 | UNAME_MACHINE = ${UNAME_MACHINE} | |
1517 | UNAME_RELEASE = ${UNAME_RELEASE} | |
1518 | UNAME_SYSTEM = ${UNAME_SYSTEM} | |
1519 | UNAME_VERSION = ${UNAME_VERSION} | |
1520 | EOF | |
1521 | ||
1522 | exit 1 | |
1523 | ||
1524 | # Local variables: | |
1525 | # eval: (add-hook 'write-file-hooks 'time-stamp) | |
1526 | # time-stamp-start: "timestamp='" | |
1527 | # time-stamp-format: "%:y-%02m-%02d" | |
1528 | # time-stamp-end: "'" | |
1529 | # End: |
0 | 0 | #! /bin/sh |
1 | 1 | # Guess values for system-dependent variables and create Makefiles. |
2 | # Generated by GNU Autoconf 2.69 for realmd 0.8. | |
2 | # Generated by GNU Autoconf 2.69 for realmd 0.9. | |
3 | 3 | # |
4 | 4 | # Report bugs to <http://bugs.freedesktop.org/enter_bug.cgi?product=realmd>. |
5 | 5 | # |
580 | 580 | # Identity of this package. |
581 | 581 | PACKAGE_NAME='realmd' |
582 | 582 | PACKAGE_TARNAME='realmd' |
583 | PACKAGE_VERSION='0.8' | |
584 | PACKAGE_STRING='realmd 0.8' | |
583 | PACKAGE_VERSION='0.9' | |
584 | PACKAGE_STRING='realmd 0.9' | |
585 | 585 | PACKAGE_BUGREPORT='http://bugs.freedesktop.org/enter_bug.cgi?product=realmd' |
586 | 586 | PACKAGE_URL='' |
587 | 587 | |
645 | 645 | POLKIT_CFLAGS |
646 | 646 | PACKAGEKIT_LIBS |
647 | 647 | PACKAGEKIT_CFLAGS |
648 | XSLTPROC | |
648 | 649 | GTK_DOC_USE_REBASE_FALSE |
649 | 650 | GTK_DOC_USE_REBASE_TRUE |
650 | 651 | GTK_DOC_USE_LIBTOOL_FALSE |
1383 | 1384 | # Omit some internal or obsolete options to make the list less imposing. |
1384 | 1385 | # This message is too long to be a string in the A/UX 3.1 sh. |
1385 | 1386 | cat <<_ACEOF |
1386 | \`configure' configures realmd 0.8 to adapt to many kinds of systems. | |
1387 | \`configure' configures realmd 0.9 to adapt to many kinds of systems. | |
1387 | 1388 | |
1388 | 1389 | Usage: $0 [OPTION]... [VAR=VALUE]... |
1389 | 1390 | |
1449 | 1450 | |
1450 | 1451 | if test -n "$ac_init_help"; then |
1451 | 1452 | case $ac_init_help in |
1452 | short | recursive ) echo "Configuration of realmd 0.8:";; | |
1453 | short | recursive ) echo "Configuration of realmd 0.9:";; | |
1453 | 1454 | esac |
1454 | 1455 | cat <<\_ACEOF |
1455 | 1456 | |
1580 | 1581 | test -n "$ac_init_help" && exit $ac_status |
1581 | 1582 | if $ac_init_version; then |
1582 | 1583 | cat <<\_ACEOF |
1583 | realmd configure 0.8 | |
1584 | realmd configure 0.9 | |
1584 | 1585 | generated by GNU Autoconf 2.69 |
1585 | 1586 | |
1586 | 1587 | Copyright (C) 2012 Free Software Foundation, Inc. |
1949 | 1950 | This file contains any messages produced by compilers while |
1950 | 1951 | running configure, to aid debugging if configure makes a mistake. |
1951 | 1952 | |
1952 | It was created by realmd $as_me 0.8, which was | |
1953 | It was created by realmd $as_me 0.9, which was | |
1953 | 1954 | generated by GNU Autoconf 2.69. Invocation command line was |
1954 | 1955 | |
1955 | 1956 | $ $0 $@ |
2777 | 2778 | |
2778 | 2779 | # Define the identity of the package. |
2779 | 2780 | PACKAGE='realmd' |
2780 | VERSION='0.8' | |
2781 | VERSION='0.9' | |
2781 | 2782 | |
2782 | 2783 | |
2783 | 2784 | cat >>confdefs.h <<_ACEOF |
7553 | 7554 | |
7554 | 7555 | |
7555 | 7556 | |
7557 | # Extract the first word of "xsltproc", so it can be a program name with args. | |
7558 | set dummy xsltproc; ac_word=$2 | |
7559 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 | |
7560 | $as_echo_n "checking for $ac_word... " >&6; } | |
7561 | if ${ac_cv_path_XSLTPROC+:} false; then : | |
7562 | $as_echo_n "(cached) " >&6 | |
7563 | else | |
7564 | case $XSLTPROC in | |
7565 | [\\/]* | ?:[\\/]*) | |
7566 | ac_cv_path_XSLTPROC="$XSLTPROC" # Let the user override the test with a path. | |
7567 | ;; | |
7568 | *) | |
7569 | as_save_IFS=$IFS; IFS=$PATH_SEPARATOR | |
7570 | for as_dir in $PATH | |
7571 | do | |
7572 | IFS=$as_save_IFS | |
7573 | test -z "$as_dir" && as_dir=. | |
7574 | for ac_exec_ext in '' $ac_executable_extensions; do | |
7575 | if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then | |
7576 | ac_cv_path_XSLTPROC="$as_dir/$ac_word$ac_exec_ext" | |
7577 | $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 | |
7578 | break 2 | |
7579 | fi | |
7580 | done | |
7581 | done | |
7582 | IFS=$as_save_IFS | |
7583 | ||
7584 | ;; | |
7585 | esac | |
7586 | fi | |
7587 | XSLTPROC=$ac_cv_path_XSLTPROC | |
7588 | if test -n "$XSLTPROC"; then | |
7589 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $XSLTPROC" >&5 | |
7590 | $as_echo "$XSLTPROC" >&6; } | |
7591 | else | |
7592 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 | |
7593 | $as_echo "no" >&6; } | |
7594 | fi | |
7595 | ||
7596 | ||
7597 | if test x$XSLTPROC = x; then | |
7598 | as_fn_error $? "xsltproc is required to build documentation" "$LINENO" 5 | |
7599 | fi | |
7600 | ||
7556 | 7601 | # -------------------------------------------------------------------- |
7557 | 7602 | # PackageKit |
7558 | 7603 | |
7826 | 7871 | # ------------------------------------------------------------------- |
7827 | 7872 | # LDAP |
7828 | 7873 | |
7829 | LDAP_LIBS="" | |
7830 | ||
7831 | 7874 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ldap_search in -lldap" >&5 |
7832 | 7875 | $as_echo_n "checking for ldap_search in -lldap... " >&6; } |
7833 | 7876 | if ${ac_cv_lib_ldap_ldap_search+:} false; then : |
7871 | 7914 | |
7872 | 7915 | LIBS="-lldap $LIBS" |
7873 | 7916 | |
7917 | else | |
7918 | ldap_invalid=yes | |
7874 | 7919 | fi |
7875 | 7920 | |
7876 | 7921 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ber_pvt_opt_on in -llber" >&5 |
7916 | 7961 | |
7917 | 7962 | LIBS="-llber $LIBS" |
7918 | 7963 | |
7964 | else | |
7965 | ldap_invalid=yes | |
7919 | 7966 | fi |
7920 | 7967 | |
7921 | 7968 | for ac_header in ldap.h |
7926 | 7973 | #define HAVE_LDAP_H 1 |
7927 | 7974 | _ACEOF |
7928 | 7975 | |
7976 | else | |
7977 | ldap_invalid=yes | |
7929 | 7978 | fi |
7930 | 7979 | |
7931 | 7980 | done |
7932 | 7981 | |
7982 | ||
7983 | if test "$ldap_invalid" = "yes"; then | |
7984 | as_fn_error $? "\"Couldn't find OpenLDAP headers or libraries\"" "$LINENO" 5 | |
7985 | fi | |
7986 | ||
7987 | LDAP_LIBS="" | |
7933 | 7988 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for res_query in -lresolv" >&5 |
7934 | 7989 | $as_echo_n "checking for res_query in -lresolv... " >&6; } |
7935 | 7990 | if ${ac_cv_lib_resolv_res_query+:} false; then : |
7969 | 8024 | if test "x$ac_cv_lib_resolv_res_query" = xyes; then : |
7970 | 8025 | LDAP_LIBS="-lresolv" |
7971 | 8026 | fi |
7972 | ||
7973 | 8027 | |
7974 | 8028 | LDAP_LIBS="$LDAP_LIBS -lldap -llber" |
7975 | 8029 | LDAP_CFLAGS="" |
8873 | 8927 | # report actual input values of CONFIG_FILES etc. instead of their |
8874 | 8928 | # values after options handling. |
8875 | 8929 | ac_log=" |
8876 | This file was extended by realmd $as_me 0.8, which was | |
8930 | This file was extended by realmd $as_me 0.9, which was | |
8877 | 8931 | generated by GNU Autoconf 2.69. Invocation command line was |
8878 | 8932 | |
8879 | 8933 | CONFIG_FILES = $CONFIG_FILES |
8939 | 8993 | cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 |
8940 | 8994 | ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" |
8941 | 8995 | ac_cs_version="\\ |
8942 | realmd config.status 0.8 | |
8996 | realmd config.status 0.9 | |
8943 | 8997 | configured by $0, generated by GNU Autoconf 2.69, |
8944 | 8998 | with options \\"\$ac_cs_config\\" |
8945 | 8999 |
0 | 0 | AC_PREREQ(2.63) |
1 | 1 | |
2 | AC_INIT([realmd], [0.8], | |
2 | AC_INIT([realmd], [0.9], | |
3 | 3 | [http://bugs.freedesktop.org/enter_bug.cgi?product=realmd], |
4 | 4 | [realmd]) |
5 | 5 | |
69 | 69 | |
70 | 70 | GTK_DOC_CHECK(1.9) |
71 | 71 | |
72 | AC_PATH_PROG([XSLTPROC], [xsltproc]) | |
73 | if test x$XSLTPROC = x; then | |
74 | AC_MSG_ERROR([xsltproc is required to build documentation]) | |
75 | fi | |
76 | ||
72 | 77 | # -------------------------------------------------------------------- |
73 | 78 | # PackageKit |
74 | 79 | |
123 | 128 | # ------------------------------------------------------------------- |
124 | 129 | # LDAP |
125 | 130 | |
131 | AC_CHECK_LIB(ldap, ldap_search, , [ldap_invalid=yes]) | |
132 | AC_CHECK_LIB(lber, ber_pvt_opt_on, , [ldap_invalid=yes]) | |
133 | AC_CHECK_HEADERS([ldap.h], , [ldap_invalid=yes]) | |
134 | ||
135 | if test "$ldap_invalid" = "yes"; then | |
136 | AC_MSG_ERROR(["Couldn't find OpenLDAP headers or libraries"]) | |
137 | fi | |
138 | ||
126 | 139 | LDAP_LIBS="" |
127 | ||
128 | AC_CHECK_LIB(ldap, ldap_search) | |
129 | AC_CHECK_LIB(lber, ber_pvt_opt_on) | |
130 | AC_CHECK_HEADERS(ldap.h) | |
131 | 140 | AC_CHECK_LIB(resolv, res_query, LDAP_LIBS="-lresolv") |
132 | ||
133 | 141 | LDAP_LIBS="$LDAP_LIBS -lldap -llber" |
134 | 142 | LDAP_CFLAGS="" |
135 | 143 |
250 | 250 | USE_NLS = @USE_NLS@ |
251 | 251 | VERSION = @VERSION@ |
252 | 252 | XGETTEXT = @XGETTEXT@ |
253 | XSLTPROC = @XSLTPROC@ | |
253 | 254 | abs_builddir = @abs_builddir@ |
254 | 255 | abs_srcdir = @abs_srcdir@ |
255 | 256 | abs_top_builddir = @abs_top_builddir@ |
0 | 0 | abs_top_builddir = @abs_top_builddir@ |
1 | ||
2 | NULL = | |
1 | 3 | |
2 | 4 | # We require automake 1.6 at least. |
3 | 5 | AUTOMAKE_OPTIONS = 1.6 |
30 | 32 | |
31 | 33 | # Extra SGML files that are included by $(DOC_MAIN_SGML_FILE). |
32 | 34 | # e.g. content_files=running.sgml building.sgml changes-2.0.sgml |
33 | content_files= $(DBUS_GENERATED) $(DBUS_ESCAPED) | |
35 | content_files= \ | |
36 | $(DBUS_GENERATED) \ | |
37 | $(DBUS_ESCAPED) \ | |
38 | html.css \ | |
39 | realm.xml \ | |
40 | realmd-guide-active-directory.xml \ | |
41 | realmd-guide-configuring.xml \ | |
42 | realmd-guide-freeipa.xml \ | |
43 | realmd-guide-kerberos.xml \ | |
44 | $(NULL) | |
34 | 45 | |
35 | 46 | # SGML files where gtk-doc abbrevations (#GtkWidget) are expanded |
36 | 47 | # These files must be listed here *and* in content_files |
40 | 51 | # This includes the standard gtk-doc make rules, copied by gtkdocize. |
41 | 52 | include $(top_srcdir)/gtk-doc.make |
42 | 53 | |
54 | XSLTPROC_FLAGS = \ | |
55 | --nonet \ | |
56 | --stringparam man.output.quietly 1 \ | |
57 | --stringparam funcsynopsis.style ansi \ | |
58 | --stringparam man.th.extra1.suppress 1 \ | |
59 | --stringparam man.authors.section.enabled 0 \ | |
60 | --stringparam man.copyright.section.enabled 0 | |
61 | ||
62 | .xml.8: | |
63 | $(AM_V_GEN) $(XSLTPROC) $(XSLTPROC_FLAGS) http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $< | |
64 | ||
65 | man_MANS = \ | |
66 | realm.8 | |
67 | ||
68 | xml_files = $(man_MANS:.8=.xml) | |
69 | ||
43 | 70 | EXTRA_DIST += \ |
44 | 71 | $(DBUS_GENERATED) \ |
45 | 72 | $(DBUS_ESCAPED) \ |
73 | $(xml_files) \ | |
46 | 74 | escape-xml-to-text.xsl \ |
47 | 75 | version.xml.in \ |
48 | 76 | version.xml \ |
51 | 79 | CLEANFILES += \ |
52 | 80 | $(DBUS_GENERATED) \ |
53 | 81 | $(DBUS_ESCAPED) \ |
82 | $(man_MANS) \ | |
54 | 83 | style.stamp |
55 | 84 | |
56 | 85 | noinst_DATA = style.stamp |
65 | 94 | --generate-docbook realmd $< |
66 | 95 | |
67 | 96 | $(DBUS_ESCAPED): $(DBUS_INTERFACE) $(srcdir)/escape-xml-to-text.xsl |
68 | $(AM_V_GEN) xsltproc --nonet --novalid --output $(DBUS_ESCAPED) \ | |
97 | $(AM_V_GEN) $(XSLTPROC) --nonet --novalid --output $(DBUS_ESCAPED) \ | |
69 | 98 | $(srcdir)/escape-xml-to-text.xsl $(DBUS_INTERFACE) |
70 | 99 | @sed -i '/^[ ]*$$/d' $(DBUS_ESCAPED) |
84 | 84 | n|no|NO) false;; \ |
85 | 85 | *) (install-info --version) >/dev/null 2>&1;; \ |
86 | 86 | esac |
87 | am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; | |
88 | am__vpath_adj = case $$p in \ | |
89 | $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ | |
90 | *) f=$$p;; \ | |
91 | esac; | |
92 | am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; | |
93 | am__install_max = 40 | |
94 | am__nobase_strip_setup = \ | |
95 | srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` | |
96 | am__nobase_strip = \ | |
97 | for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" | |
98 | am__nobase_list = $(am__nobase_strip_setup); \ | |
99 | for p in $$list; do echo "$$p $$p"; done | \ | |
100 | sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ | |
101 | $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ | |
102 | if (++n[$$2] == $(am__install_max)) \ | |
103 | { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ | |
104 | END { for (dir in files) print dir, files[dir] }' | |
105 | am__base_list = \ | |
106 | sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ | |
107 | sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | |
108 | am__uninstall_files_from_dir = { \ | |
109 | test -z "$$files" \ | |
110 | || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ | |
111 | || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ | |
112 | $(am__cd) "$$dir" && rm -f $$files; }; \ | |
113 | } | |
114 | man8dir = $(mandir)/man8 | |
115 | am__installdirs = "$(DESTDIR)$(man8dir)" | |
116 | NROFF = nroff | |
117 | MANS = $(man_MANS) | |
87 | 118 | DATA = $(noinst_DATA) |
88 | 119 | DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) |
89 | 120 | ACLOCAL = @ACLOCAL@ |
189 | 220 | USE_NLS = @USE_NLS@ |
190 | 221 | VERSION = @VERSION@ |
191 | 222 | XGETTEXT = @XGETTEXT@ |
223 | XSLTPROC = @XSLTPROC@ | |
192 | 224 | abs_builddir = @abs_builddir@ |
193 | 225 | abs_srcdir = @abs_srcdir@ |
194 | 226 | abs_top_builddir = @abs_top_builddir@ |
234 | 266 | top_build_prefix = @top_build_prefix@ |
235 | 267 | top_builddir = @top_builddir@ |
236 | 268 | top_srcdir = @top_srcdir@ |
269 | NULL = | |
237 | 270 | |
238 | 271 | # We require automake 1.6 at least. |
239 | 272 | AUTOMAKE_OPTIONS = 1.6 |
265 | 298 | |
266 | 299 | # Extra SGML files that are included by $(DOC_MAIN_SGML_FILE). |
267 | 300 | # e.g. content_files=running.sgml building.sgml changes-2.0.sgml |
268 | content_files = $(DBUS_GENERATED) $(DBUS_ESCAPED) | |
301 | content_files = \ | |
302 | $(DBUS_GENERATED) \ | |
303 | $(DBUS_ESCAPED) \ | |
304 | html.css \ | |
305 | realm.xml \ | |
306 | realmd-guide-active-directory.xml \ | |
307 | realmd-guide-configuring.xml \ | |
308 | realmd-guide-freeipa.xml \ | |
309 | realmd-guide-kerberos.xml \ | |
310 | $(NULL) | |
311 | ||
269 | 312 | |
270 | 313 | # SGML files where gtk-doc abbrevations (#GtkWidget) are expanded |
271 | 314 | # These files must be listed here *and* in content_files |
291 | 334 | $(DOC_MODULE)-sections.txt \ |
292 | 335 | $(DOC_MODULE)-overrides.txt |
293 | 336 | |
294 | ||
295 | # This includes the standard gtk-doc make rules, copied by gtkdocize. | |
296 | 337 | EXTRA_DIST = $(HTML_IMAGES) $(SETUP_FILES) $(DBUS_GENERATED) \ |
297 | $(DBUS_ESCAPED) escape-xml-to-text.xsl version.xml.in \ | |
298 | version.xml html.css | |
338 | $(DBUS_ESCAPED) $(xml_files) escape-xml-to-text.xsl \ | |
339 | version.xml.in version.xml html.css | |
299 | 340 | DOC_STAMPS = setup-build.stamp scan-build.stamp tmpl-build.stamp sgml-build.stamp \ |
300 | 341 | html-build.stamp pdf-build.stamp \ |
301 | 342 | tmpl.stamp sgml.stamp html.stamp pdf.stamp |
313 | 354 | $(DOC_MODULE)-unused.txt |
314 | 355 | |
315 | 356 | CLEANFILES = $(SCANOBJ_FILES) $(REPORT_FILES) $(DOC_STAMPS) \ |
316 | $(DBUS_GENERATED) $(DBUS_ESCAPED) style.stamp | |
357 | $(DBUS_GENERATED) $(DBUS_ESCAPED) $(man_MANS) style.stamp | |
317 | 358 | @ENABLE_GTK_DOC_TRUE@@GTK_DOC_BUILD_HTML_FALSE@HTML_BUILD_STAMP = |
318 | 359 | @ENABLE_GTK_DOC_TRUE@@GTK_DOC_BUILD_HTML_TRUE@HTML_BUILD_STAMP = html-build.stamp |
319 | 360 | @ENABLE_GTK_DOC_TRUE@@GTK_DOC_BUILD_PDF_FALSE@PDF_BUILD_STAMP = |
320 | 361 | @ENABLE_GTK_DOC_TRUE@@GTK_DOC_BUILD_PDF_TRUE@PDF_BUILD_STAMP = pdf-build.stamp |
362 | ||
363 | # This includes the standard gtk-doc make rules, copied by gtkdocize. | |
364 | XSLTPROC_FLAGS = \ | |
365 | --nonet \ | |
366 | --stringparam man.output.quietly 1 \ | |
367 | --stringparam funcsynopsis.style ansi \ | |
368 | --stringparam man.th.extra1.suppress 1 \ | |
369 | --stringparam man.authors.section.enabled 0 \ | |
370 | --stringparam man.copyright.section.enabled 0 | |
371 | ||
372 | man_MANS = \ | |
373 | realm.8 | |
374 | ||
375 | xml_files = $(man_MANS:.8=.xml) | |
321 | 376 | noinst_DATA = style.stamp |
322 | 377 | all: all-am |
323 | 378 | |
324 | 379 | .SUFFIXES: |
380 | .SUFFIXES: .8 .xml | |
325 | 381 | $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/gtk-doc.make $(am__configure_deps) |
326 | 382 | @for dep in $?; do \ |
327 | 383 | case '$(am__configure_deps)' in \ |
355 | 411 | $(am__aclocal_m4_deps): |
356 | 412 | version.xml: $(top_builddir)/config.status $(srcdir)/version.xml.in |
357 | 413 | cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ |
414 | install-man8: $(man_MANS) | |
415 | @$(NORMAL_INSTALL) | |
416 | @list1=''; \ | |
417 | list2='$(man_MANS)'; \ | |
418 | test -n "$(man8dir)" \ | |
419 | && test -n "`echo $$list1$$list2`" \ | |
420 | || exit 0; \ | |
421 | echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ | |
422 | $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ | |
423 | { for i in $$list1; do echo "$$i"; done; \ | |
424 | if test -n "$$list2"; then \ | |
425 | for i in $$list2; do echo "$$i"; done \ | |
426 | | sed -n '/\.8[a-z]*$$/p'; \ | |
427 | fi; \ | |
428 | } | while read p; do \ | |
429 | if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ | |
430 | echo "$$d$$p"; echo "$$p"; \ | |
431 | done | \ | |
432 | sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ | |
433 | -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ | |
434 | sed 'N;N;s,\n, ,g' | { \ | |
435 | list=; while read file base inst; do \ | |
436 | if test "$$base" = "$$inst"; then list="$$list $$file"; else \ | |
437 | echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ | |
438 | $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ | |
439 | fi; \ | |
440 | done; \ | |
441 | for i in $$list; do echo "$$i"; done | $(am__base_list) | \ | |
442 | while read files; do \ | |
443 | test -z "$$files" || { \ | |
444 | echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ | |
445 | $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ | |
446 | done; } | |
447 | ||
448 | uninstall-man8: | |
449 | @$(NORMAL_UNINSTALL) | |
450 | @list=''; test -n "$(man8dir)" || exit 0; \ | |
451 | files=`{ for i in $$list; do echo "$$i"; done; \ | |
452 | l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ | |
453 | sed -n '/\.8[a-z]*$$/p'; \ | |
454 | } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ | |
455 | -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ | |
456 | dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) | |
358 | 457 | tags: TAGS |
359 | 458 | TAGS: |
360 | 459 | |
365 | 464 | |
366 | 465 | |
367 | 466 | distdir: $(DISTFILES) |
467 | @list='$(MANS)'; if test -n "$$list"; then \ | |
468 | list=`for p in $$list; do \ | |
469 | if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ | |
470 | if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ | |
471 | if test -n "$$list" && \ | |
472 | grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ | |
473 | echo "error: found man pages containing the 'missing help2man' replacement text:" >&2; \ | |
474 | grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ | |
475 | echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ | |
476 | echo " typically 'make maintainer-clean' will remove them" >&2; \ | |
477 | exit 1; \ | |
478 | else :; fi; \ | |
479 | else :; fi | |
368 | 480 | @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ |
369 | 481 | topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ |
370 | 482 | list='$(DISTFILES)'; \ |
399 | 511 | dist-hook |
400 | 512 | check-am: all-am |
401 | 513 | check: check-am |
402 | all-am: Makefile $(DATA) all-local | |
514 | all-am: Makefile $(MANS) $(DATA) all-local | |
403 | 515 | installdirs: |
516 | for dir in "$(DESTDIR)$(man8dir)"; do \ | |
517 | test -z "$$dir" || $(MKDIR_P) "$$dir"; \ | |
518 | done | |
404 | 519 | install: install-am |
405 | 520 | install-exec: install-exec-am |
406 | 521 | install-data: install-data-am |
452 | 567 | |
453 | 568 | info-am: |
454 | 569 | |
455 | install-data-am: install-data-local | |
570 | install-data-am: install-data-local install-man | |
456 | 571 | |
457 | 572 | install-dvi: install-dvi-am |
458 | 573 | |
468 | 583 | |
469 | 584 | install-info-am: |
470 | 585 | |
471 | install-man: | |
586 | install-man: install-man8 | |
472 | 587 | |
473 | 588 | install-pdf: install-pdf-am |
474 | 589 | |
497 | 612 | |
498 | 613 | ps-am: |
499 | 614 | |
500 | uninstall-am: uninstall-local | |
615 | uninstall-am: uninstall-local uninstall-man | |
616 | ||
617 | uninstall-man: uninstall-man8 | |
501 | 618 | |
502 | 619 | .MAKE: install-am install-strip |
503 | 620 | |
507 | 624 | install install-am install-data install-data-am \ |
508 | 625 | install-data-local install-dvi install-dvi-am install-exec \ |
509 | 626 | install-exec-am install-html install-html-am install-info \ |
510 | install-info-am install-man install-pdf install-pdf-am \ | |
511 | install-ps install-ps-am install-strip installcheck \ | |
512 | installcheck-am installdirs maintainer-clean \ | |
627 | install-info-am install-man install-man8 install-pdf \ | |
628 | install-pdf-am install-ps install-ps-am install-strip \ | |
629 | installcheck installcheck-am installdirs maintainer-clean \ | |
513 | 630 | maintainer-clean-generic maintainer-clean-local mostlyclean \ |
514 | 631 | mostlyclean-generic pdf pdf-am ps ps-am uninstall uninstall-am \ |
515 | uninstall-local | |
632 | uninstall-local uninstall-man uninstall-man8 | |
516 | 633 | |
517 | 634 | |
518 | 635 | @ENABLE_GTK_DOC_TRUE@all-local: $(HTML_BUILD_STAMP) $(PDF_BUILD_STAMP) |
726 | 843 | |
727 | 844 | .PHONY : dist-hook-local docs |
728 | 845 | |
846 | .xml.8: | |
847 | $(AM_V_GEN) $(XSLTPROC) $(XSLTPROC_FLAGS) http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $< | |
848 | ||
729 | 849 | style.stamp: html.css html-build.stamp |
730 | 850 | @cp $(srcdir)/html.css $(builddir)/html/html.css |
731 | 851 | @sed -i 's/href="style.css"/href="html.css"/' $(builddir)/html/*.html |
736 | 856 | --generate-docbook realmd $< |
737 | 857 | |
738 | 858 | $(DBUS_ESCAPED): $(DBUS_INTERFACE) $(srcdir)/escape-xml-to-text.xsl |
739 | $(AM_V_GEN) xsltproc --nonet --novalid --output $(DBUS_ESCAPED) \ | |
859 | $(AM_V_GEN) $(XSLTPROC) --nonet --novalid --output $(DBUS_ESCAPED) \ | |
740 | 860 | $(srcdir)/escape-xml-to-text.xsl $(DBUS_INTERFACE) |
741 | 861 | @sed -i '/^[ ]*$$/d' $(DBUS_ESCAPED) |
742 | 862 |
4 | 4 | <title>Raw DBus Interfaces</title> |
5 | 5 | <meta name="generator" content="DocBook XSL Stylesheets V1.77.1"> |
6 | 6 | <link rel="home" href="index.html" title="realmd"> |
7 | <link rel="up" href="index.html" title="realmd"> | |
7 | <link rel="up" href="development.html" title="Part II. Developer Reference"> | |
8 | 8 | <link rel="prev" href="gdbus-org.freedesktop.realmd.Service.html" title="org.freedesktop.realmd.Service"> |
9 | 9 | <meta name="generator" content="GTK-Doc V1.18 (XML mode)"> |
10 | 10 | <link rel="stylesheet" href="html.css" type="text/css"> |
12 | 12 | <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> |
13 | 13 | <table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle"> |
14 | 14 | <td><a accesskey="p" href="gdbus-org.freedesktop.realmd.Service.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td> |
15 | <td> </td> | |
15 | <td><a accesskey="u" href="development.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td> | |
16 | 16 | <td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td> |
17 | 17 | <th width="100%" align="center">realmd</th> |
18 | 18 | <td> </td> |
19 | 19 | </tr></table> |
20 | 20 | <div class="chapter"> |
21 | <div class="titlepage"><div><div><h1 class="title"> | |
22 | <a name="dbus-interface-raw"></a>Raw DBus Interfaces</h1></div></div></div> | |
21 | <div class="titlepage"><div><div><h2 class="title"> | |
22 | <a name="dbus-interface-raw"></a>Raw DBus Interfaces</h2></div></div></div> | |
23 | 23 | <p>These are the current raw DBus interfaces for realmd.</p> |
24 | 24 | <pre class="programlisting"> |
25 | 25 | <span><node name='/'> |
84 | 84 | </method> |
85 | 85 | </interface> |
86 | 86 | </node></span> |
87 | </pre> | |
87 | </pre> | |
88 | 88 | </div> |
89 | 89 | <div class="footer"> |
90 | 90 | <hr> |
4 | 4 | <title>DBus Interface Reference</title> |
5 | 5 | <meta name="generator" content="DocBook XSL Stylesheets V1.77.1"> |
6 | 6 | <link rel="home" href="index.html" title="realmd"> |
7 | <link rel="up" href="index.html" title="realmd"> | |
8 | <link rel="prev" href="index.html" title="realmd"> | |
7 | <link rel="up" href="development.html" title="Part II. Developer Reference"> | |
8 | <link rel="prev" href="development.html" title="Part II. Developer Reference"> | |
9 | 9 | <link rel="next" href="gdbus-org.freedesktop.realmd.Provider.html" title="org.freedesktop.realmd.Provider"> |
10 | 10 | <meta name="generator" content="GTK-Doc V1.18 (XML mode)"> |
11 | 11 | <link rel="stylesheet" href="html.css" type="text/css"> |
12 | 12 | </head> |
13 | 13 | <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> |
14 | 14 | <table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle"> |
15 | <td><a accesskey="p" href="index.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td> | |
16 | <td> </td> | |
15 | <td><a accesskey="p" href="development.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td> | |
16 | <td><a accesskey="u" href="development.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td> | |
17 | 17 | <td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td> |
18 | 18 | <th width="100%" align="center">realmd</th> |
19 | 19 | <td><a accesskey="n" href="gdbus-org.freedesktop.realmd.Provider.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td> |
20 | 20 | </tr></table> |
21 | 21 | <div class="chapter"> |
22 | <div class="titlepage"><div><div><h1 class="title"> | |
23 | <a name="dbus-interface-reference"></a>DBus Interface Reference</h1></div></div></div> | |
22 | <div class="titlepage"><div><div><h2 class="title"> | |
23 | <a name="dbus-interface-reference"></a>DBus Interface Reference</h2></div></div></div> | |
24 | 24 | <div class="toc"><dl> |
25 | 25 | <dt> |
26 | 26 | <span class="refentrytitle"><a href="gdbus-org.freedesktop.realmd.Provider.html">org.freedesktop.realmd.Provider</a></span><span class="refpurpose"> — a realm provider</span> |
0 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> | |
1 | <html> | |
2 | <head> | |
3 | <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> | |
4 | <title>Part II. Developer Reference</title> | |
5 | <meta name="generator" content="DocBook XSL Stylesheets V1.77.1"> | |
6 | <link rel="home" href="index.html" title="realmd"> | |
7 | <link rel="up" href="index.html" title="realmd"> | |
8 | <link rel="prev" href="guide-integration.html" title="Integration"> | |
9 | <link rel="next" href="dbus-interface-reference.html" title="DBus Interface Reference"> | |
10 | <meta name="generator" content="GTK-Doc V1.18 (XML mode)"> | |
11 | <link rel="stylesheet" href="html.css" type="text/css"> | |
12 | </head> | |
13 | <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> | |
14 | <table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle"> | |
15 | <td><a accesskey="p" href="guide-integration.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td> | |
16 | <td> </td> | |
17 | <td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td> | |
18 | <th width="100%" align="center">realmd</th> | |
19 | <td><a accesskey="n" href="dbus-interface-reference.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td> | |
20 | </tr></table> | |
21 | <div class="part"> | |
22 | <div class="titlepage"><div><div><h1 class="title"> | |
23 | <a name="development"></a>Part II. Developer Reference</h1></div></div></div> | |
24 | <div class="toc"> | |
25 | <p><b>Table of Contents</b></p> | |
26 | <dl> | |
27 | <dt><span class="chapter"><a href="dbus-interface-reference.html">DBus Interface Reference</a></span></dt> | |
28 | <dd><dl> | |
29 | <dt> | |
30 | <span class="refentrytitle"><a href="gdbus-org.freedesktop.realmd.Provider.html">org.freedesktop.realmd.Provider</a></span><span class="refpurpose"> — a realm provider</span> | |
31 | </dt> | |
32 | <dt> | |
33 | <span class="refentrytitle"><a href="gdbus-org.freedesktop.realmd.Realm.html">org.freedesktop.realmd.Realm</a></span><span class="refpurpose"> — a realm</span> | |
34 | </dt> | |
35 | <dt> | |
36 | <span class="refentrytitle"><a href="gdbus-org.freedesktop.realmd.Kerberos.html">org.freedesktop.realmd.Kerberos</a></span><span class="refpurpose"> — a kerberos realm</span> | |
37 | </dt> | |
38 | <dt> | |
39 | <span class="refentrytitle"><a href="gdbus-org.freedesktop.realmd.KerberosMembership.html">org.freedesktop.realmd.KerberosMembership</a></span><span class="refpurpose"></span> | |
40 | </dt> | |
41 | <dt> | |
42 | <span class="refentrytitle"><a href="gdbus-org.freedesktop.realmd.Service.html">org.freedesktop.realmd.Service</a></span><span class="refpurpose"> — the realmd service</span> | |
43 | </dt> | |
44 | </dl></dd> | |
45 | <dt><span class="chapter"><a href="dbus-interface-raw.html">Raw DBus Interfaces</a></span></dt> | |
46 | </dl> | |
47 | </div> | |
48 | </div> | |
49 | <div class="footer"> | |
50 | <hr> | |
51 | Generated by GTK-Doc V1.18</div> | |
52 | </body> | |
53 | </html>⏎ |
36 | 36 | <td valign="top" align="right"></td> |
37 | 37 | </tr></table></div> |
38 | 38 | <div class="refsect1"> |
39 | <a name="idp7266192"></a><h2>Properties</h2> | |
39 | <a name="idp8541248"></a><h2>Properties</h2> | |
40 | 40 | <pre class="synopsis"> |
41 | 41 | <a class="link" href="gdbus-org.freedesktop.realmd.Kerberos.html#gdbus-property-org-freedesktop-realmd-Kerberos.RealmName" title='The "RealmName" property'>RealmName</a> readable s |
42 | 42 | <a class="link" href="gdbus-org.freedesktop.realmd.Kerberos.html#gdbus-property-org-freedesktop-realmd-Kerberos.DomainName" title='The "DomainName" property'>DomainName</a> readable s |
46 | 46 | </pre> |
47 | 47 | </div> |
48 | 48 | <div class="refsect1"> |
49 | <a name="idm40448"></a><h2>Properties</h2> | |
49 | <a name="idp9134320"></a><h2>Properties</h2> | |
50 | 50 | <pre class="synopsis"> |
51 | 51 | <a class="link" href="gdbus-org.freedesktop.realmd.KerberosMembership.html#gdbus-property-org-freedesktop-realmd-KerberosMembership.SuggestedAdministrator" title='The "SuggestedAdministrator" property'>SuggestedAdministrator</a> readable s |
52 | 52 | <a class="link" href="gdbus-org.freedesktop.realmd.KerberosMembership.html#gdbus-property-org-freedesktop-realmd-KerberosMembership.SupportedJoinCredentials" title='The "SupportedJoinCredentials" property'>SupportedJoinCredentials</a> readable a(ss) |
46 | 46 | </pre> |
47 | 47 | </div> |
48 | 48 | <div class="refsect1"> |
49 | <a name="idp7799360"></a><h2>Properties</h2> | |
49 | <a name="idp10945232"></a><h2>Properties</h2> | |
50 | 50 | <pre class="synopsis"> |
51 | 51 | <a class="link" href="gdbus-org.freedesktop.realmd.Provider.html#gdbus-property-org-freedesktop-realmd-Provider.Name" title='The "Name" property'>Name</a> readable s |
52 | 52 | <a class="link" href="gdbus-org.freedesktop.realmd.Provider.html#gdbus-property-org-freedesktop-realmd-Provider.Version" title='The "Version" property'>Version</a> readable s |
47 | 47 | </pre> |
48 | 48 | </div> |
49 | 49 | <div class="refsect1"> |
50 | <a name="idp9178496"></a><h2>Properties</h2> | |
50 | <a name="idp7480416"></a><h2>Properties</h2> | |
51 | 51 | <pre class="synopsis"> |
52 | 52 | <a class="link" href="gdbus-org.freedesktop.realmd.Realm.html#gdbus-property-org-freedesktop-realmd-Realm.Name" title='The "Name" property'>Name</a> readable s |
53 | 53 | <a class="link" href="gdbus-org.freedesktop.realmd.Realm.html#gdbus-property-org-freedesktop-realmd-Realm.Configured" title='The "Configured" property'>Configured</a> readable s |
45 | 45 | </pre> |
46 | 46 | </div> |
47 | 47 | <div class="refsect1"> |
48 | <a name="idp9138144"></a><h2>Signals</h2> | |
48 | <a name="idp10157408"></a><h2>Signals</h2> | |
49 | 49 | <pre class="synopsis"> |
50 | 50 | <a class="link" href="gdbus-org.freedesktop.realmd.Service.html#gdbus-signal-org-freedesktop-realmd-Service.Diagnostics" title='The "Diagnostics" signal'>Diagnostics</a> (s data, |
51 | 51 | s operation); |
0 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> | |
1 | <html> | |
2 | <head> | |
3 | <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> | |
4 | <title>Active Directory client software</title> | |
5 | <meta name="generator" content="DocBook XSL Stylesheets V1.77.1"> | |
6 | <link rel="home" href="index.html" title="realmd"> | |
7 | <link rel="up" href="guide-active-directory.html" title="Using with Active Directory"> | |
8 | <link rel="prev" href="guide-active-directory.html" title="Using with Active Directory"> | |
9 | <link rel="next" href="guide-active-directory-join.html" title="Joining an Active Directory domain"> | |
10 | <meta name="generator" content="GTK-Doc V1.18 (XML mode)"> | |
11 | <link rel="stylesheet" href="html.css" type="text/css"> | |
12 | </head> | |
13 | <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> | |
14 | <table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle"> | |
15 | <td><a accesskey="p" href="guide-active-directory.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td> | |
16 | <td><a accesskey="u" href="guide-active-directory.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td> | |
17 | <td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td> | |
18 | <th width="100%" align="center">realmd</th> | |
19 | <td><a accesskey="n" href="guide-active-directory-join.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td> | |
20 | </tr></table> | |
21 | <div class="section"> | |
22 | <div class="titlepage"><div><div><h2 class="title" style="clear: both"> | |
23 | <a name="guide-active-directory-client"></a>Active Directory client software</h2></div></div></div> | |
24 | <p>As part of configuring an Active Directory domain for use | |
25 | on the local computer, <span class="command"><strong>realmd</strong></span> will configure | |
26 | client software to enable domain accounts to be used on the local | |
27 | computer.</p> | |
28 | <p><span class="command"><strong>realmd</strong></span> supports two types of client | |
29 | software for Active Directory: | |
30 | <a class="ulink" href="https://fedorahosted.org/sssd/" target="_top">SSSD</a> and | |
31 | <a class="ulink" href="http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html" target="_top">Winbind</a>. | |
32 | By default SSSD is used.</p> | |
33 | <div class="section"> | |
34 | <div class="titlepage"><div><div><h3 class="title"> | |
35 | <a name="idp10880368"></a>Using SSSD with Active Directory</h3></div></div></div> | |
36 | <p><a class="ulink" href="https://fedorahosted.org/sssd/" target="_top">SSSD</a> | |
37 | provides client software for various kerberos and/or LDAP | |
38 | directories. Since version 1.9.x it provides good support | |
39 | for Active Directory.</p> | |
40 | <p>When joining a computer to an Active Directory domain, | |
41 | <span class="command"><strong>realmd</strong></span> will use SSSD as the client software | |
42 | by default. You can force use of SSSD by specifying the | |
43 | <code class="option">--client-software=sssd</code> when joining the | |
44 | domain with the | |
45 | <a class="link" href="realm.html" title="realm"><span class="command"><strong>realm</strong></span></a> | |
46 | command like this:</p> | |
47 | <div class="informalexample"><pre class="screen"> | |
48 | $ <span class="command"><strong>realm join --client-software=sssd domain.example.com</strong></span> | |
49 | </pre></div> | |
50 | </div> | |
51 | <div class="section"> | |
52 | <div class="titlepage"><div><div><h3 class="title"> | |
53 | <a name="idp6592816"></a>Using Winbind with Active Directory</h3></div></div></div> | |
54 | <p>Samba | |
55 | <a class="ulink" href="http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html" target="_top">Winbind</a> | |
56 | provides client software for use with Active Directory.</p> | |
57 | <p>To have <span class="command"><strong>realmd</strong></span> use Winbind as the | |
58 | client software, configure the | |
59 | <a class="link" href="guide-configuring.html#guide-configuring-active-directory" title="active-directory"><code class="option">default-client</code> setting</a>. | |
60 | You can force use of Winbind by specifying the | |
61 | <code class="option">--client-software=winbind</code> when joining the | |
62 | domain with the | |
63 | <a class="link" href="realm.html" title="realm"><span class="command"><strong>realm</strong></span></a> | |
64 | command like this:</p> | |
65 | <div class="informalexample"><pre class="screen"> | |
66 | $ <span class="command"><strong>realm join --client-software=winbind domain.example.com</strong></span> | |
67 | </pre></div> | |
68 | </div> | |
69 | </div> | |
70 | <div class="footer"> | |
71 | <hr> | |
72 | Generated by GTK-Doc V1.18</div> | |
73 | </body> | |
74 | </html>⏎ |
0 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> | |
1 | <html> | |
2 | <head> | |
3 | <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> | |
4 | <title>Joining an Active Directory domain</title> | |
5 | <meta name="generator" content="DocBook XSL Stylesheets V1.77.1"> | |
6 | <link rel="home" href="index.html" title="realmd"> | |
7 | <link rel="up" href="guide-active-directory.html" title="Using with Active Directory"> | |
8 | <link rel="prev" href="guide-active-directory-client.html" title="Active Directory client software"> | |
9 | <link rel="next" href="guide-active-directory-permit.html" title="Logins using Domain Accounts"> | |
10 | <meta name="generator" content="GTK-Doc V1.18 (XML mode)"> | |
11 | <link rel="stylesheet" href="html.css" type="text/css"> | |
12 | </head> | |
13 | <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> | |
14 | <table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle"> | |
15 | <td><a accesskey="p" href="guide-active-directory-client.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td> | |
16 | <td><a accesskey="u" href="guide-active-directory.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td> | |
17 | <td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td> | |
18 | <th width="100%" align="center">realmd</th> | |
19 | <td><a accesskey="n" href="guide-active-directory-permit.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td> | |
20 | </tr></table> | |
21 | <div class="section"> | |
22 | <div class="titlepage"><div><div><h2 class="title" style="clear: both"> | |
23 | <a name="guide-active-directory-join"></a>Joining an Active Directory domain</h2></div></div></div> | |
24 | <p>To join an Active Directory domain with <span class="command"><strong>realmd</strong></span> | |
25 | you can use the <a class="link" href="realm.html" title="realm"><span class="command"><strong>realm</strong></span></a> | |
26 | command line tool:</p> | |
27 | <div class="informalexample"><pre class="screen"> | |
28 | $ <span class="command"><strong>realm join --verbose domain.example.com</strong></span> | |
29 | </pre></div> | |
30 | <p>By specifying the <code class="option">--verbose</code> it's easier | |
31 | to see what went wrong if the join fails.</p> | |
32 | <p>Other tools also use <span class="command"><strong>realmd</strong></span> which can | |
33 | be used to perform the join operation, for example: GNOME | |
34 | Control Center.</p> | |
35 | <p>The join operation does the following:</p> | |
36 | <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "> | |
37 | <li class="listitem"><p>Discovers information about the domain.</p></li> | |
38 | <li class="listitem"><p>Installs the necessary software to join the domain, such as SSSD or Winbind.</p></li> | |
39 | <li class="listitem"><p>Tries to join the domain automatically, without administrative credentials.</p></li> | |
40 | <li class="listitem"><p>If administrative credentials are required, a password will be prompted for.</p></li> | |
41 | <li class="listitem"><p>A computer account in the domain will be created, and or updated.</p></li> | |
42 | <li class="listitem"><p>A host keytab file at <code class="filename">/etc/krb5.keytab</code> is created.</p></li> | |
43 | <li class="listitem"><p>Configures the SSSD or Winbind services, and restarts and enables them as appropriate.</p></li> | |
44 | <li class="listitem"><p>Enables domain users in <code class="filename">/etc/nsswitch.conf</code></p></li> | |
45 | </ul></div> | |
46 | <p>After the join operation is complete, domain accounts should | |
47 | be usable locally, although logins using domain accounts are | |
48 | not necessarily enabled.</p> | |
49 | <p>You verify that domain accounts are working with with a | |
50 | command like this:</p> | |
51 | <div class="informalexample"><pre class="screen"> | |
52 | $ <span class="command"><strong>getent passwd DOMAIN\Administrator</strong></span> | |
53 | </pre></div> | |
54 | <p>The join operation will create or update a computer account | |
55 | in the domain. If you wish to specify a specific organizational unit | |
56 | where this account is created, you can use the | |
57 | <a class="link" href="guide-configuring-realm.html" title="Realm specific settings"><code class="option">computer-ou</code> setting</a>.</p> | |
58 | </div> | |
59 | <div class="footer"> | |
60 | <hr> | |
61 | Generated by GTK-Doc V1.18</div> | |
62 | </body> | |
63 | </html>⏎ |
0 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> | |
1 | <html> | |
2 | <head> | |
3 | <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> | |
4 | <title>Logins using Domain Accounts</title> | |
5 | <meta name="generator" content="DocBook XSL Stylesheets V1.77.1"> | |
6 | <link rel="home" href="index.html" title="realmd"> | |
7 | <link rel="up" href="guide-active-directory.html" title="Using with Active Directory"> | |
8 | <link rel="prev" href="guide-active-directory-join.html" title="Joining an Active Directory domain"> | |
9 | <link rel="next" href="guide-freeipa.html" title="Using with FreeIPA"> | |
10 | <meta name="generator" content="GTK-Doc V1.18 (XML mode)"> | |
11 | <link rel="stylesheet" href="html.css" type="text/css"> | |
12 | </head> | |
13 | <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> | |
14 | <table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle"> | |
15 | <td><a accesskey="p" href="guide-active-directory-join.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td> | |
16 | <td><a accesskey="u" href="guide-active-directory.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td> | |
17 | <td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td> | |
18 | <th width="100%" align="center">realmd</th> | |
19 | <td><a accesskey="n" href="guide-freeipa.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td> | |
20 | </tr></table> | |
21 | <div class="section"> | |
22 | <div class="titlepage"><div><div><h2 class="title" style="clear: both"> | |
23 | <a name="guide-active-directory-permit"></a>Logins using Domain Accounts</h2></div></div></div> | |
24 | <p>Once the | |
25 | <a class="link" href="guide-active-directory-join.html" title="Joining an Active Directory domain">computer is joined</a> | |
26 | to an Active Directory domain, you can configure the machine so | |
27 | that you can log in with domain accounts.</p> | |
28 | <p>To permit any domain account to log in, use the following | |
29 | command.</p> | |
30 | <div class="informalexample"><pre class="screen"> | |
31 | $ <span class="command"><strong>realm permit --realm domain.example.com --all</strong></span> | |
32 | </pre></div> | |
33 | <p>To permit only specific accounts from the domain to log in | |
34 | use the following command. The first time this command is run | |
35 | it will change the mode to only allow logins by specific accounts, | |
36 | and then add the specified accounts to the list of accounts | |
37 | to permit.</p> | |
38 | <div class="informalexample"><pre class="screen"> | |
39 | $ <span class="command"><strong>realm permit --realm domain.example.com DOMAIN\\User1 DOMAIN\\User2</strong></span> | |
40 | </pre></div> | |
41 | <p>To deny logins from any domain account, use the following | |
42 | command.</p> | |
43 | <div class="informalexample"><pre class="screen"> | |
44 | $ <span class="command"><strong>realm deny --realm domain.example.com --all</strong></span> | |
45 | </pre></div> | |
46 | </div> | |
47 | <div class="footer"> | |
48 | <hr> | |
49 | Generated by GTK-Doc V1.18</div> | |
50 | </body> | |
51 | </html>⏎ |
0 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> | |
1 | <html> | |
2 | <head> | |
3 | <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> | |
4 | <title>Using with Active Directory</title> | |
5 | <meta name="generator" content="DocBook XSL Stylesheets V1.77.1"> | |
6 | <link rel="home" href="index.html" title="realmd"> | |
7 | <link rel="up" href="guide.html" title="Part I. Administrative Guide"> | |
8 | <link rel="prev" href="realm.html" title="realm"> | |
9 | <link rel="next" href="guide-active-directory-client.html" title="Active Directory client software"> | |
10 | <meta name="generator" content="GTK-Doc V1.18 (XML mode)"> | |
11 | <link rel="stylesheet" href="html.css" type="text/css"> | |
12 | </head> | |
13 | <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> | |
14 | <table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle"> | |
15 | <td><a accesskey="p" href="realm.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td> | |
16 | <td><a accesskey="u" href="guide.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td> | |
17 | <td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td> | |
18 | <th width="100%" align="center">realmd</th> | |
19 | <td><a accesskey="n" href="guide-active-directory-client.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td> | |
20 | </tr></table> | |
21 | <div class="chapter"> | |
22 | <div class="titlepage"><div><div><h2 class="title"> | |
23 | <a name="guide-active-directory"></a>Using with Active Directory</h2></div></div></div> | |
24 | <div class="toc"><dl> | |
25 | <dt><span class="section"><a href="guide-active-directory.html#guide-active-directory-discover">Discovering Active Directory domains</a></span></dt> | |
26 | <dt><span class="section"><a href="guide-active-directory-client.html">Active Directory client software</a></span></dt> | |
27 | <dd><dl> | |
28 | <dt><span class="section"><a href="guide-active-directory-client.html#idp10880368">Using SSSD with Active Directory</a></span></dt> | |
29 | <dt><span class="section"><a href="guide-active-directory-client.html#idp6592816">Using Winbind with Active Directory</a></span></dt> | |
30 | </dl></dd> | |
31 | <dt><span class="section"><a href="guide-active-directory-join.html">Joining an Active Directory domain</a></span></dt> | |
32 | <dt><span class="section"><a href="guide-active-directory-permit.html">Logins using Domain Accounts</a></span></dt> | |
33 | </dl></div> | |
34 | <p><span class="command"><strong>realmd</strong></span> can discover Active Directory domains | |
35 | and join the current computer as an account on that domain. This allows | |
36 | using domain users locally, as well as use a domain account to log | |
37 | into the machine.</p> | |
38 | <div class="section"> | |
39 | <div class="titlepage"><div><div><h2 class="title" style="clear: both"> | |
40 | <a name="guide-active-directory-discover"></a>Discovering Active Directory domains</h2></div></div></div> | |
41 | <p><span class="command"><strong>realmd</strong></span> discovers which domains or | |
42 | realms it can use or configure. It can discover and identify | |
43 | Active Directory domains by looking up the appropriate DNS SRV | |
44 | records.</p> | |
45 | <p>The following DNS SRV records are required to be present | |
46 | for <span class="command"><strong>realmd</strong></span> to identify a provided realm as | |
47 | an Active Directory domain. The DNS server that comes with | |
48 | Active Directory on Windows Server automatically creates | |
49 | these DNS records.</p> | |
50 | <div class="informalexample"><pre class="screen"> | |
51 | # In this example the Active Directory domain is 'domain.example.com' | |
52 | <span class="emphasis"><em>_kerberos._udp.</em></span>domain.example.com. | |
53 | <span class="emphasis"><em>_kerberos._tcp.dc._msdcs.</em></span>domain.example.com. | |
54 | </pre></div> | |
55 | <p>To see how <span class="command"><strong>realmd</strong></span> is discovering a | |
56 | particular domain name, try a command like the following. Using | |
57 | the <code class="option">--verbose</code> argument displays verbose | |
58 | discovery information.</p> | |
59 | <div class="informalexample"><pre class="screen"> | |
60 | $ <span class="command"><strong>realm --verbose domain.example.com</strong></span> | |
61 | * Searching for kerberos SRV records for domain: _kerberos._udp.domain.example.com | |
62 | * Searching for MSDCS SRV records on domain: _kerberos._tcp.dc._msdcs.domain.example.com | |
63 | * dc.domain.example.com:88 | |
64 | * Found kerberos DNS records for: domain.example.com | |
65 | * Found AD style DNS records for: domain.example.com | |
66 | * Successfully discovered: domain.example.com | |
67 | ... | |
68 | </pre></div> | |
69 | </div> | |
70 | </div> | |
71 | <div class="footer"> | |
72 | <hr> | |
73 | Generated by GTK-Doc V1.18</div> | |
74 | </body> | |
75 | </html>⏎ |
0 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> | |
1 | <html> | |
2 | <head> | |
3 | <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> | |
4 | <title>Realm specific settings</title> | |
5 | <meta name="generator" content="DocBook XSL Stylesheets V1.77.1"> | |
6 | <link rel="home" href="index.html" title="realmd"> | |
7 | <link rel="up" href="guide-configuring.html" title="Configuring realmd"> | |
8 | <link rel="prev" href="guide-configuring-users.html" title="user"> | |
9 | <link rel="next" href="guide-integration.html" title="Integration"> | |
10 | <meta name="generator" content="GTK-Doc V1.18 (XML mode)"> | |
11 | <link rel="stylesheet" href="html.css" type="text/css"> | |
12 | </head> | |
13 | <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> | |
14 | <table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle"> | |
15 | <td><a accesskey="p" href="guide-configuring-users.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td> | |
16 | <td><a accesskey="u" href="guide-configuring.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td> | |
17 | <td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td> | |
18 | <th width="100%" align="center">realmd</th> | |
19 | <td><a accesskey="n" href="guide-integration.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td> | |
20 | </tr></table> | |
21 | <div class="section"> | |
22 | <div class="titlepage"><div><div><h2 class="title" style="clear: both"> | |
23 | <a name="guide-configuring-realm"></a>Realm specific settings</h2></div></div></div> | |
24 | <p>These options should go in an section with the same name | |
25 | as the realm in the <code class="filename">/etc/realmd.conf</code> file. | |
26 | For example for the <code class="option">domain.example.com</code> domain | |
27 | the section would be called <code class="option">[domain.example.com]</code>. | |
28 | To figure out the canonical name for a realm use the | |
29 | <span class="command"><strong>realm</strong></span> command:</p> | |
30 | <div class="informalexample"><pre class="screen"> | |
31 | $ <span class="command"><strong>realm discover --name DOMAIN.example.com</strong></span> | |
32 | domain.example.com | |
33 | ... | |
34 | </pre></div> | |
35 | <p>Only specify the settings you wish to override.</p> | |
36 | <div class="section"> | |
37 | <div class="titlepage"><div><div><h3 class="title"> | |
38 | <a name="idp9639264"></a>computer-ou</h3></div></div></div> | |
39 | <p>Specify this option to create directory computer accounts | |
40 | in a location other than the default. This currently only works | |
41 | with Active Directory domains.</p> | |
42 | <div class="informalexample"> | |
43 | <table class="listing_frame" border="0" cellpadding="0" cellspacing="0"> | |
44 | <tbody> | |
45 | <tr> | |
46 | <td class="listing_lines" align="right"><pre>1 | |
47 | 2 | |
48 | 3</pre></td> | |
49 | <td class="listing_code"><pre class="programlisting"><span class="symbol">[</span><span class="normal">domain</span><span class="symbol">.</span><span class="normal">example</span><span class="symbol">.</span><span class="normal">com</span><span class="symbol">]</span> | |
50 | <span class="normal">computer</span><span class="symbol">-</span><span class="normal">ou </span><span class="symbol">=</span><span class="normal"> OU</span><span class="symbol">=</span><span class="usertype">Linux</span><span class="normal"> Computers</span><span class="symbol">,</span><span class="normal">DC</span><span class="symbol">=</span><span class="normal">domain</span><span class="symbol">,</span><span class="normal">DC</span><span class="symbol">=</span><span class="normal">example</span><span class="symbol">,</span><span class="normal">DC</span><span class="symbol">=</span><span class="normal">com</span> | |
51 | <span class="preproc"># computer</span><span class="symbol">-</span><span class="normal">ou </span><span class="symbol">=</span><span class="normal"> OU</span><span class="symbol">=</span><span class="usertype">Linux</span><span class="normal"> Computers</span><span class="symbol">,</span></pre></td> | |
52 | </tr> | |
53 | </tbody> | |
54 | </table> | |
55 | </div> | |
56 | ||
57 | <p>Specify the OU as an LDAP DN. It can be relative to the | |
58 | Root DSE, or a complete LDAP DN. Obviously the OU must exist | |
59 | in the directory.</p> | |
60 | <p>It is also possible to use the <code class="option">--computer-ou</code> | |
61 | argument of the <a class="link" href="realm.html" title="realm">realm</a> command to | |
62 | create a computer account at a specific OU.</p> | |
63 | </div> | |
64 | </div> | |
65 | <div class="footer"> | |
66 | <hr> | |
67 | Generated by GTK-Doc V1.18</div> | |
68 | </body> | |
69 | </html>⏎ |
0 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> | |
1 | <html> | |
2 | <head> | |
3 | <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> | |
4 | <title>user</title> | |
5 | <meta name="generator" content="DocBook XSL Stylesheets V1.77.1"> | |
6 | <link rel="home" href="index.html" title="realmd"> | |
7 | <link rel="up" href="guide-configuring.html" title="Configuring realmd"> | |
8 | <link rel="prev" href="guide-configuring.html" title="Configuring realmd"> | |
9 | <link rel="next" href="guide-configuring-realm.html" title="Realm specific settings"> | |
10 | <meta name="generator" content="GTK-Doc V1.18 (XML mode)"> | |
11 | <link rel="stylesheet" href="html.css" type="text/css"> | |
12 | </head> | |
13 | <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> | |
14 | <table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle"> | |
15 | <td><a accesskey="p" href="guide-configuring.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td> | |
16 | <td><a accesskey="u" href="guide-configuring.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td> | |
17 | <td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td> | |
18 | <th width="100%" align="center">realmd</th> | |
19 | <td><a accesskey="n" href="guide-configuring-realm.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td> | |
20 | </tr></table> | |
21 | <div class="section"> | |
22 | <div class="titlepage"><div><div><h2 class="title" style="clear: both"> | |
23 | <a name="guide-configuring-users"></a>user</h2></div></div></div> | |
24 | <p>These options should go in an <code class="option">[users]</code> | |
25 | section of the <code class="filename">/etc/realmd.conf</code> file. Only | |
26 | specify the settings you wish to override.</p> | |
27 | <div class="section"> | |
28 | <div class="titlepage"><div><div><h3 class="title"> | |
29 | <a name="idp6023568"></a>default-home</h3></div></div></div> | |
30 | <p>Specify the <code class="option">default-home</code> setting in | |
31 | order to control how to set the home directory for accounts | |
32 | that have no home directory explicitly set.</p> | |
33 | <div class="informalexample"> | |
34 | <table class="listing_frame" border="0" cellpadding="0" cellspacing="0"> | |
35 | <tbody> | |
36 | <tr> | |
37 | <td class="listing_lines" align="right"><pre>1 | |
38 | 2 | |
39 | 3</pre></td> | |
40 | <td class="listing_code"><pre class="programlisting"><span class="symbol">[</span><span class="normal">active</span><span class="symbol">-</span><span class="normal">directory</span><span class="symbol">]</span> | |
41 | <span class="keyword">default</span><span class="symbol">-</span><span class="normal">home </span><span class="symbol">=</span><span class="normal"> </span><span class="symbol">/</span><span class="normal">home</span><span class="symbol">/%</span><span class="normal">D</span><span class="symbol">/%</span><span class="normal">U</span> | |
42 | <span class="preproc"># default</span><span class="symbol">-</span><span class="normal">home </span><span class="symbol">=</span><span class="normal"> </span><span class="symbol">/</span><span class="normal">nfs</span><span class="symbol">/</span><span class="normal">home</span><span class="symbol">/%</span><span class="normal">D</span><span class="symbol">-%</span><span class="normal">U</span></pre></td> | |
43 | </tr> | |
44 | </tbody> | |
45 | </table> | |
46 | </div> | |
47 | ||
48 | <p>The default setting for this is <code class="option">/home/%D/%U</code>. The | |
49 | <code class="option">%D</code> format is replaced by the domain name. In the case of | |
50 | Active Directory this is the short domain name. The <code class="option">%U</code> | |
51 | format is replaced by the user name.</p> | |
52 | <p>You can verify the home directory for a user by running the | |
53 | following command.</p> | |
54 | <div class="informalexample"><pre class="screen"> | |
55 | $ <span class="command"><strong>getent passwd 'DOMAIN/User'</strong></span> | |
56 | DOMAIN\user:*:1344600500:1344600513:User Name:/home/DOMAIN/user:/bin/bash | |
57 | </pre></div> | |
58 | </div> | |
59 | <div class="section"> | |
60 | <div class="titlepage"><div><div><h3 class="title"> | |
61 | <a name="idp6557504"></a>default-shell</h3></div></div></div> | |
62 | <p>Specify the <code class="option">default-shell</code> setting in | |
63 | order to control how to set the Unix shell for accounts that | |
64 | have no shell explicitly set.</p> | |
65 | <div class="informalexample"> | |
66 | <table class="listing_frame" border="0" cellpadding="0" cellspacing="0"> | |
67 | <tbody> | |
68 | <tr> | |
69 | <td class="listing_lines" align="right"><pre>1 | |
70 | 2 | |
71 | 3</pre></td> | |
72 | <td class="listing_code"><pre class="programlisting"><span class="symbol">[</span><span class="normal">active</span><span class="symbol">-</span><span class="normal">directory</span><span class="symbol">]</span> | |
73 | <span class="keyword">default</span><span class="symbol">-</span><span class="normal">shell </span><span class="symbol">=</span><span class="normal"> </span><span class="symbol">/</span><span class="normal">bin</span><span class="symbol">/</span><span class="normal">bash</span> | |
74 | <span class="preproc"># default</span><span class="symbol">-</span><span class="normal">shell </span><span class="symbol">=</span><span class="normal"> </span><span class="symbol">/</span><span class="normal">bin</span><span class="symbol">/</span><span class="normal">sh</span></pre></td> | |
75 | </tr> | |
76 | </tbody> | |
77 | </table> | |
78 | </div> | |
79 | ||
80 | <p>The default setting for this is <code class="option">/bin/bash</code> shell. The | |
81 | shell should be a valid shell if you expect the domain users be able to log | |
82 | in. For example it should exist in the <code class="filename">/etc/shells</code> file.</p> | |
83 | <p>You can verify the shell for a user by running the | |
84 | following command.</p> | |
85 | <div class="informalexample"><pre class="screen"> | |
86 | $ <span class="command"><strong>getent passwd 'DOMAIN/User'</strong></span> | |
87 | DOMAIN\user:*:1344600500:1344600513:User Name:/home/DOMAIN/user:/bin/bash | |
88 | </pre></div> | |
89 | </div> | |
90 | </div> | |
91 | <div class="footer"> | |
92 | <hr> | |
93 | Generated by GTK-Doc V1.18</div> | |
94 | </body> | |
95 | </html>⏎ |
0 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> | |
1 | <html> | |
2 | <head> | |
3 | <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> | |
4 | <title>Configuring realmd</title> | |
5 | <meta name="generator" content="DocBook XSL Stylesheets V1.77.1"> | |
6 | <link rel="home" href="index.html" title="realmd"> | |
7 | <link rel="up" href="guide.html" title="Part I. Administrative Guide"> | |
8 | <link rel="prev" href="guide-freeipa.html" title="Using with other Kerberos realms"> | |
9 | <link rel="next" href="guide-configuring-users.html" title="user"> | |
10 | <meta name="generator" content="GTK-Doc V1.18 (XML mode)"> | |
11 | <link rel="stylesheet" href="html.css" type="text/css"> | |
12 | </head> | |
13 | <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> | |
14 | <table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle"> | |
15 | <td><a accesskey="p" href="guide-freeipa.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td> | |
16 | <td><a accesskey="u" href="guide.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td> | |
17 | <td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td> | |
18 | <th width="100%" align="center">realmd</th> | |
19 | <td><a accesskey="n" href="guide-configuring-users.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td> | |
20 | </tr></table> | |
21 | <div class="chapter"> | |
22 | <div class="titlepage"><div><div><h2 class="title"> | |
23 | <a name="guide-configuring"></a>Configuring realmd</h2></div></div></div> | |
24 | <div class="toc"><dl> | |
25 | <dt><span class="section"><a href="guide-configuring.html#guide-configuring-active-directory">active-directory</a></span></dt> | |
26 | <dd><dl><dt><span class="section"><a href="guide-configuring.html#idp7104192">default-client</a></span></dt></dl></dd> | |
27 | <dt><span class="section"><a href="guide-configuring-users.html">user</a></span></dt> | |
28 | <dd><dl> | |
29 | <dt><span class="section"><a href="guide-configuring-users.html#idp6023568">default-home</a></span></dt> | |
30 | <dt><span class="section"><a href="guide-configuring-users.html#idp6557504">default-shell</a></span></dt> | |
31 | </dl></dd> | |
32 | <dt><span class="section"><a href="guide-configuring-realm.html">Realm specific settings</a></span></dt> | |
33 | <dd><dl><dt><span class="section"><a href="guide-configuring-realm.html#idp9639264">computer-ou</a></span></dt></dl></dd> | |
34 | </dl></div> | |
35 | <p><span class="command"><strong>realmd</strong></span> can be tweaked by network administrators | |
36 | to act in specific ways. This is done by placing settings in a | |
37 | <code class="filename">/etc/realmd.conf</code>. The syntax of this file is the | |
38 | same as an INI file or Desktop Entry file.</p> | |
39 | <p>Only specify the settings you wish to override in the | |
40 | <code class="filename">/etc/realmd.conf</code> file. Settings not specified will | |
41 | be loaded either from their packaged defaults. Only override the settings | |
42 | below. You may find other settings if you root around the | |
43 | <span class="command"><strong>realmd</strong></span> source code. However these are not guaranteed | |
44 | to remain stable.</p> | |
45 | <div class="section"> | |
46 | <div class="titlepage"><div><div><h2 class="title" style="clear: both"> | |
47 | <a name="guide-configuring-active-directory"></a>active-directory</h2></div></div></div> | |
48 | <p>These options should go in an <code class="option">[active-directory]</code> | |
49 | section of the <code class="filename">/etc/realmd.conf</code> file. Only | |
50 | specify the settings you wish to override.</p> | |
51 | <div class="section"> | |
52 | <div class="titlepage"><div><div><h3 class="title"> | |
53 | <a name="idp7104192"></a>default-client</h3></div></div></div> | |
54 | <p>Specify the <code class="option">default-client</code> setting in | |
55 | order to control which client software is the preferred default | |
56 | for use with Active Directory.</p> | |
57 | <div class="informalexample"> | |
58 | <table class="listing_frame" border="0" cellpadding="0" cellspacing="0"> | |
59 | <tbody> | |
60 | <tr> | |
61 | <td class="listing_lines" align="right"><pre>1 | |
62 | 2 | |
63 | 3</pre></td> | |
64 | <td class="listing_code"><pre class="programlisting"><span class="symbol">[</span><span class="normal">active</span><span class="symbol">-</span><span class="normal">directory</span><span class="symbol">]</span> | |
65 | <span class="keyword">default</span><span class="symbol">-</span><span class="normal">client </span><span class="symbol">=</span><span class="normal"> sssd</span> | |
66 | <span class="preproc"># default</span><span class="symbol">-</span><span class="normal">client </span><span class="symbol">=</span><span class="normal"> winbind</span></pre></td> | |
67 | </tr> | |
68 | </tbody> | |
69 | </table> | |
70 | </div> | |
71 | ||
72 | <p>The default setting for this is | |
73 | <code class="option">sssd</code> which uses | |
74 | <a class="ulink" href="https://fedorahosted.org/sssd/" target="_top">SSSD</a> as | |
75 | the Active Directory client. You can also specify | |
76 | <code class="option">winbind</code> to use | |
77 | <a class="ulink" href="http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html" target="_top">Samba Winbind</a>. | |
78 | </p> | |
79 | <p>Some callers of <span class="command"><strong>realmd</strong></span> such as the | |
80 | <a class="link" href="realm.html" title="realm"><span class="command"><strong>realm</strong></span></a> | |
81 | command line tool allow specifying which client software should | |
82 | be used. Others, such as GNOME Control Center, simplify choose | |
83 | the default.</p> | |
84 | <p>You can verify the preferred default client softawre by | |
85 | running the following command. The realm with the preferred | |
86 | client software will be listed first.</p> | |
87 | <div class="informalexample"><pre class="screen"> | |
88 | $ <span class="command"><strong>realm discover domain.example.com</strong></span> | |
89 | domain.example.com | |
90 | configured: no | |
91 | server-software: active-directory | |
92 | client-software: sssd | |
93 | type: kerberos | |
94 | realm-name: AD.THEWALTER.LAN | |
95 | domain-name: ad.thewalter.lan | |
96 | domain.example.com | |
97 | configured: no | |
98 | server-software: active-directory | |
99 | client-software: winbind | |
100 | type: kerberos | |
101 | realm-name: AD.THEWALTER.LAN | |
102 | domain-name: ad.thewalter.lan | |
103 | </pre></div> | |
104 | </div> | |
105 | </div> | |
106 | </div> | |
107 | <div class="footer"> | |
108 | <hr> | |
109 | Generated by GTK-Doc V1.18</div> | |
110 | </body> | |
111 | </html>⏎ |
0 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> | |
1 | <html> | |
2 | <head> | |
3 | <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> | |
4 | <title>Using with other Kerberos realms</title> | |
5 | <meta name="generator" content="DocBook XSL Stylesheets V1.77.1"> | |
6 | <link rel="home" href="index.html" title="realmd"> | |
7 | <link rel="up" href="guide.html" title="Part I. Administrative Guide"> | |
8 | <link rel="prev" href="guide-freeipa.html" title="Using with FreeIPA"> | |
9 | <link rel="next" href="guide-configuring.html" title="Configuring realmd"> | |
10 | <meta name="generator" content="GTK-Doc V1.18 (XML mode)"> | |
11 | <link rel="stylesheet" href="html.css" type="text/css"> | |
12 | </head> | |
13 | <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> | |
14 | <table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle"> | |
15 | <td><a accesskey="p" href="guide-freeipa.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td> | |
16 | <td><a accesskey="u" href="guide.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td> | |
17 | <td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td> | |
18 | <th width="100%" align="center">realmd</th> | |
19 | <td><a accesskey="n" href="guide-configuring.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td> | |
20 | </tr></table> | |
21 | <div class="chapter"> | |
22 | <div class="titlepage"><div><div><h2 class="title"> | |
23 | <a name="guide-freeipa"></a>Using with other Kerberos realms</h2></div></div></div> | |
24 | <div class="toc"><dl><dt><span class="section"><a href="guide-freeipa.html#idp8851920">Discovering Kerberos realms</a></span></dt></dl></div> | |
25 | <p><span class="command"><strong>realmd</strong></span> can discover generic Kerberos realms. | |
26 | Since there is no standard way to enroll a computer against a Kerberos | |
27 | server, it is not possible to do this with <span class="command"><strong>realmd</strong></span>.</p> | |
28 | <div class="section"> | |
29 | <div class="titlepage"><div><div><h2 class="title" style="clear: both"> | |
30 | <a name="idp8851920"></a>Discovering Kerberos realms</h2></div></div></div> | |
31 | <p><span class="command"><strong>realmd</strong></span> discovers which domains or | |
32 | realms it can use or configure. It can discover and identify | |
33 | Kerberos domains by looking up the appropriate DNS SRV | |
34 | records.</p> | |
35 | <p>The following DNS SRV record is required to be present | |
36 | for <span class="command"><strong>realmd</strong></span> to identify a provided realm as | |
37 | a Kerberos domain.</p> | |
38 | <div class="informalexample"><pre class="screen"> | |
39 | # In this example the Kerberos domain is 'domain.example.com' | |
40 | <span class="emphasis"><em>_kerberos._udp.</em></span>domain.example.com. | |
41 | </pre></div> | |
42 | <div class="informalexample"><pre class="screen"> | |
43 | $ <span class="command"><strong>realm --verbose discover domain.example.com</strong></span> | |
44 | * Searching for kerberos SRV records for domain: _kerberos._udp.domain.example.com | |
45 | * Searching for MSDCS SRV records on domain: _kerberos._tcp.dc._msdcs.domain.example.com | |
46 | * dc.domain.example.com:88 | |
47 | * Trying to retrieve IPA certificate from dc.domain.example.com | |
48 | ! Couldn't read certificate via HTTP: No PEM-encoded certificate found | |
49 | ! Couldn't discover IPA KDC: No PEM-encoded certificate found | |
50 | * Found kerberos DNS records for: domain.example.com | |
51 | * Successfully discovered: domain.example.com | |
52 | ... | |
53 | </pre></div> | |
54 | </div> | |
55 | </div> | |
56 | <div class="footer"> | |
57 | <hr> | |
58 | Generated by GTK-Doc V1.18</div> | |
59 | </body> | |
60 | </html>⏎ |
0 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> | |
1 | <html> | |
2 | <head> | |
3 | <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> | |
4 | <title>Integration</title> | |
5 | <meta name="generator" content="DocBook XSL Stylesheets V1.77.1"> | |
6 | <link rel="home" href="index.html" title="realmd"> | |
7 | <link rel="up" href="guide.html" title="Part I. Administrative Guide"> | |
8 | <link rel="prev" href="guide-configuring-realm.html" title="Realm specific settings"> | |
9 | <link rel="next" href="development.html" title="Part II. Developer Reference"> | |
10 | <meta name="generator" content="GTK-Doc V1.18 (XML mode)"> | |
11 | <link rel="stylesheet" href="html.css" type="text/css"> | |
12 | </head> | |
13 | <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> | |
14 | <table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle"> | |
15 | <td><a accesskey="p" href="guide-configuring-realm.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td> | |
16 | <td><a accesskey="u" href="guide.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td> | |
17 | <td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td> | |
18 | <th width="100%" align="center">realmd</th> | |
19 | <td><a accesskey="n" href="development.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td> | |
20 | </tr></table> | |
21 | <div class="chapter"><div class="titlepage"><div><div><h2 class="title"> | |
22 | <a name="guide-integration"></a>Integration</h2></div></div></div></div> | |
23 | <div class="footer"> | |
24 | <hr> | |
25 | Generated by GTK-Doc V1.18</div> | |
26 | </body> | |
27 | </html>⏎ |
0 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> | |
1 | <html> | |
2 | <head> | |
3 | <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> | |
4 | <title>Part I. Administrative Guide</title> | |
5 | <meta name="generator" content="DocBook XSL Stylesheets V1.77.1"> | |
6 | <link rel="home" href="index.html" title="realmd"> | |
7 | <link rel="up" href="index.html" title="realmd"> | |
8 | <link rel="prev" href="index.html" title="realmd"> | |
9 | <link rel="next" href="realm-manual.html" title="Command manual pages"> | |
10 | <meta name="generator" content="GTK-Doc V1.18 (XML mode)"> | |
11 | <link rel="stylesheet" href="html.css" type="text/css"> | |
12 | </head> | |
13 | <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> | |
14 | <table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle"> | |
15 | <td><a accesskey="p" href="index.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td> | |
16 | <td> </td> | |
17 | <td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td> | |
18 | <th width="100%" align="center">realmd</th> | |
19 | <td><a accesskey="n" href="realm-manual.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td> | |
20 | </tr></table> | |
21 | <div class="part"> | |
22 | <div class="titlepage"><div><div><h1 class="title"> | |
23 | <a name="guide"></a>Part I. Administrative Guide</h1></div></div></div> | |
24 | <div class="toc"> | |
25 | <p><b>Table of Contents</b></p> | |
26 | <dl> | |
27 | <dt><span class="chapter"><a href="realm-manual.html">Command manual pages</a></span></dt> | |
28 | <dd><dl><dt> | |
29 | <span class="refentrytitle"><a href="realm.html">realm</a></span><span class="refpurpose"> — Manage enrollment in realms</span> | |
30 | </dt></dl></dd> | |
31 | <dt><span class="chapter"><a href="guide-active-directory.html">Using with Active Directory</a></span></dt> | |
32 | <dd><dl> | |
33 | <dt><span class="section"><a href="guide-active-directory.html#guide-active-directory-discover">Discovering Active Directory domains</a></span></dt> | |
34 | <dt><span class="section"><a href="guide-active-directory-client.html">Active Directory client software</a></span></dt> | |
35 | <dd><dl> | |
36 | <dt><span class="section"><a href="guide-active-directory-client.html#idp10880368">Using SSSD with Active Directory</a></span></dt> | |
37 | <dt><span class="section"><a href="guide-active-directory-client.html#idp6592816">Using Winbind with Active Directory</a></span></dt> | |
38 | </dl></dd> | |
39 | <dt><span class="section"><a href="guide-active-directory-join.html">Joining an Active Directory domain</a></span></dt> | |
40 | <dt><span class="section"><a href="guide-active-directory-permit.html">Logins using Domain Accounts</a></span></dt> | |
41 | </dl></dd> | |
42 | <dt><span class="chapter"><a href="guide-freeipa.html">Using with FreeIPA</a></span></dt> | |
43 | <dd><dl><dt><span class="section"><a href="guide-freeipa.html#idp9009232">Discovering FreeIPA domains</a></span></dt></dl></dd> | |
44 | <dt><span class="chapter"><a href="guide-freeipa.html">Using with other Kerberos realms</a></span></dt> | |
45 | <dd><dl><dt><span class="section"><a href="guide-freeipa.html#idp8851920">Discovering Kerberos realms</a></span></dt></dl></dd> | |
46 | <dt><span class="chapter"><a href="guide-configuring.html">Configuring realmd</a></span></dt> | |
47 | <dd><dl> | |
48 | <dt><span class="section"><a href="guide-configuring.html#guide-configuring-active-directory">active-directory</a></span></dt> | |
49 | <dd><dl><dt><span class="section"><a href="guide-configuring.html#idp7104192">default-client</a></span></dt></dl></dd> | |
50 | <dt><span class="section"><a href="guide-configuring-users.html">user</a></span></dt> | |
51 | <dd><dl> | |
52 | <dt><span class="section"><a href="guide-configuring-users.html#idp6023568">default-home</a></span></dt> | |
53 | <dt><span class="section"><a href="guide-configuring-users.html#idp6557504">default-shell</a></span></dt> | |
54 | </dl></dd> | |
55 | <dt><span class="section"><a href="guide-configuring-realm.html">Realm specific settings</a></span></dt> | |
56 | <dd><dl><dt><span class="section"><a href="guide-configuring-realm.html#idp9639264">computer-ou</a></span></dt></dl></dd> | |
57 | </dl></dd> | |
58 | <dt><span class="chapter"><a href="guide-integration.html">Integration</a></span></dt> | |
59 | </dl> | |
60 | </div> | |
61 | </div> | |
62 | <div class="footer"> | |
63 | <hr> | |
64 | Generated by GTK-Doc V1.18</div> | |
65 | </body> | |
66 | </html>⏎ |
90 | 90 | left: -1em; |
91 | 91 | font-weight: normal !important; |
92 | 92 | } |
93 | ||
94 | DD > DL { | |
95 | margin-top: 0.3em; | |
96 | margin-bottom: 0.3em; | |
97 | } | |
98 | ||
99 | PRE.screen { | |
100 | border: solid 1px #729fcf; | |
101 | padding: 0.5em; | |
102 | background: #e6f3ff; | |
103 | } |
4 | 4 | <title>realmd</title> |
5 | 5 | <meta name="generator" content="DocBook XSL Stylesheets V1.77.1"> |
6 | 6 | <link rel="home" href="index.html" title="realmd"> |
7 | <link rel="next" href="dbus-interface-reference.html" title="DBus Interface Reference"> | |
7 | <link rel="next" href="guide.html" title="Part I. Administrative Guide"> | |
8 | 8 | <meta name="generator" content="GTK-Doc V1.18 (XML mode)"> |
9 | 9 | <link rel="stylesheet" href="html.css" type="text/css"> |
10 | 10 | </head> |
13 | 13 | <div class="titlepage"> |
14 | 14 | <div> |
15 | 15 | <div><table class="navigation" id="top" width="100%" cellpadding="2" cellspacing="0"><tr><th valign="middle"><p class="title">realmd</p></th></tr></table></div> |
16 | <div><p class="releaseinfo">for 0.7 | |
16 | <div><p class="releaseinfo">for 0.8.1 | |
17 | 17 | </p></div> |
18 | 18 | </div> |
19 | 19 | <hr> |
20 | 20 | </div> |
21 | 21 | <div class="toc"><dl> |
22 | <dt><span class="part"><a href="guide.html">I. Administrative Guide</a></span></dt> | |
23 | <dd><dl> | |
24 | <dt><span class="chapter"><a href="realm-manual.html">Command manual pages</a></span></dt> | |
25 | <dd><dl><dt> | |
26 | <span class="refentrytitle"><a href="realm.html">realm</a></span><span class="refpurpose"> — Manage enrollment in realms</span> | |
27 | </dt></dl></dd> | |
28 | <dt><span class="chapter"><a href="guide-active-directory.html">Using with Active Directory</a></span></dt> | |
29 | <dd><dl> | |
30 | <dt><span class="section"><a href="guide-active-directory.html#guide-active-directory-discover">Discovering Active Directory domains</a></span></dt> | |
31 | <dt><span class="section"><a href="guide-active-directory-client.html">Active Directory client software</a></span></dt> | |
32 | <dd><dl> | |
33 | <dt><span class="section"><a href="guide-active-directory-client.html#idp10880368">Using SSSD with Active Directory</a></span></dt> | |
34 | <dt><span class="section"><a href="guide-active-directory-client.html#idp6592816">Using Winbind with Active Directory</a></span></dt> | |
35 | </dl></dd> | |
36 | <dt><span class="section"><a href="guide-active-directory-join.html">Joining an Active Directory domain</a></span></dt> | |
37 | <dt><span class="section"><a href="guide-active-directory-permit.html">Logins using Domain Accounts</a></span></dt> | |
38 | </dl></dd> | |
39 | <dt><span class="chapter"><a href="guide-freeipa.html">Using with FreeIPA</a></span></dt> | |
40 | <dd><dl><dt><span class="section"><a href="guide-freeipa.html#idp9009232">Discovering FreeIPA domains</a></span></dt></dl></dd> | |
41 | <dt><span class="chapter"><a href="guide-freeipa.html">Using with other Kerberos realms</a></span></dt> | |
42 | <dd><dl><dt><span class="section"><a href="guide-freeipa.html#idp8851920">Discovering Kerberos realms</a></span></dt></dl></dd> | |
43 | <dt><span class="chapter"><a href="guide-configuring.html">Configuring realmd</a></span></dt> | |
44 | <dd><dl> | |
45 | <dt><span class="section"><a href="guide-configuring.html#guide-configuring-active-directory">active-directory</a></span></dt> | |
46 | <dd><dl><dt><span class="section"><a href="guide-configuring.html#idp7104192">default-client</a></span></dt></dl></dd> | |
47 | <dt><span class="section"><a href="guide-configuring-users.html">user</a></span></dt> | |
48 | <dd><dl> | |
49 | <dt><span class="section"><a href="guide-configuring-users.html#idp6023568">default-home</a></span></dt> | |
50 | <dt><span class="section"><a href="guide-configuring-users.html#idp6557504">default-shell</a></span></dt> | |
51 | </dl></dd> | |
52 | <dt><span class="section"><a href="guide-configuring-realm.html">Realm specific settings</a></span></dt> | |
53 | <dd><dl><dt><span class="section"><a href="guide-configuring-realm.html#idp9639264">computer-ou</a></span></dt></dl></dd> | |
54 | </dl></dd> | |
55 | <dt><span class="chapter"><a href="guide-integration.html">Integration</a></span></dt> | |
56 | </dl></dd> | |
57 | <dt><span class="part"><a href="development.html">II. Developer Reference</a></span></dt> | |
58 | <dd><dl> | |
22 | 59 | <dt><span class="chapter"><a href="dbus-interface-reference.html">DBus Interface Reference</a></span></dt> |
23 | 60 | <dd><dl> |
24 | 61 | <dt> |
38 | 75 | </dt> |
39 | 76 | </dl></dd> |
40 | 77 | <dt><span class="chapter"><a href="dbus-interface-raw.html">Raw DBus Interfaces</a></span></dt> |
78 | </dl></dd> | |
41 | 79 | </dl></div> |
42 | 80 | </div> |
43 | 81 | <div class="footer"> |
0 | <ANCHOR id="realm" href="realmd/realm.html"> | |
0 | 1 | <ANCHOR id="gdbus-org.freedesktop.realmd.Provider" href="realmd/gdbus-org.freedesktop.realmd.Provider.html"> |
1 | 2 | <ANCHOR id="gdbus-interface-org-freedesktop-realmd-Provider" href="realmd/gdbus-org.freedesktop.realmd.Provider.html#gdbus-interface-org-freedesktop-realmd-Provider"> |
2 | 3 | <ANCHOR id="gdbus-methods-org.freedesktop.realmd.Provider" href="realmd/gdbus-org.freedesktop.realmd.Provider.html#gdbus-methods-org.freedesktop.realmd.Provider"> |
0 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> | |
1 | <html> | |
2 | <head> | |
3 | <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> | |
4 | <title>Command manual pages</title> | |
5 | <meta name="generator" content="DocBook XSL Stylesheets V1.77.1"> | |
6 | <link rel="home" href="index.html" title="realmd"> | |
7 | <link rel="up" href="guide.html" title="Part I. Administrative Guide"> | |
8 | <link rel="prev" href="guide.html" title="Part I. Administrative Guide"> | |
9 | <link rel="next" href="realm.html" title="realm"> | |
10 | <meta name="generator" content="GTK-Doc V1.18 (XML mode)"> | |
11 | <link rel="stylesheet" href="html.css" type="text/css"> | |
12 | </head> | |
13 | <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> | |
14 | <table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle"> | |
15 | <td><a accesskey="p" href="guide.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td> | |
16 | <td><a accesskey="u" href="guide.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td> | |
17 | <td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td> | |
18 | <th width="100%" align="center">realmd</th> | |
19 | <td><a accesskey="n" href="realm.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td> | |
20 | </tr></table> | |
21 | <div class="chapter"> | |
22 | <div class="titlepage"><div><div><h2 class="title"> | |
23 | <a name="realm-manual"></a>Command manual pages</h2></div></div></div> | |
24 | <div class="toc"><dl><dt> | |
25 | <span class="refentrytitle"><a href="realm.html">realm</a></span><span class="refpurpose"> — Manage enrollment in realms</span> | |
26 | </dt></dl></div> | |
27 | </div> | |
28 | <div class="footer"> | |
29 | <hr> | |
30 | Generated by GTK-Doc V1.18</div> | |
31 | </body> | |
32 | </html>⏎ |
0 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> | |
1 | <html> | |
2 | <head> | |
3 | <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> | |
4 | <title>realm</title> | |
5 | <meta name="generator" content="DocBook XSL Stylesheets V1.77.1"> | |
6 | <link rel="home" href="index.html" title="realmd"> | |
7 | <link rel="up" href="realm-manual.html" title="Command manual pages"> | |
8 | <link rel="prev" href="realm-manual.html" title="Command manual pages"> | |
9 | <link rel="next" href="guide-active-directory.html" title="Using with Active Directory"> | |
10 | <meta name="generator" content="GTK-Doc V1.18 (XML mode)"> | |
11 | <link rel="stylesheet" href="html.css" type="text/css"> | |
12 | </head> | |
13 | <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> | |
14 | <table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle"> | |
15 | <td><a accesskey="p" href="realm-manual.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td> | |
16 | <td><a accesskey="u" href="realm-manual.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td> | |
17 | <td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td> | |
18 | <th width="100%" align="center">realmd</th> | |
19 | <td><a accesskey="n" href="guide-active-directory.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td> | |
20 | </tr></table> | |
21 | <div class="refentry"> | |
22 | <a name="realm"></a><div class="titlepage"></div> | |
23 | <div class="refnamediv"><table width="100%"><tr> | |
24 | <td valign="top"> | |
25 | <h2><span class="refentrytitle">realm</span></h2> | |
26 | <p>realm — Manage enrollment in realms</p> | |
27 | </td> | |
28 | <td valign="top" align="right"></td> | |
29 | </tr></table></div> | |
30 | <div class="refsynopsisdiv"> | |
31 | <h2>Synopsis</h2> | |
32 | <div class="cmdsynopsis"><p><code class="command">realm discover -v [realm-name]</code> </p></div> | |
33 | <div class="cmdsynopsis"><p><code class="command">realm join -v [-U user] [realm-name]</code> </p></div> | |
34 | <div class="cmdsynopsis"><p><code class="command">realm leave -v [-U user] [realm-name]</code> </p></div> | |
35 | <div class="cmdsynopsis"><p><code class="command">realm list</code> </p></div> | |
36 | <div class="cmdsynopsis"><p><code class="command">realm permit [-a] [-R realm] {user} ...</code> </p></div> | |
37 | <div class="cmdsynopsis"><p><code class="command">realm deny [-a] [-R realm] {user} ...</code> </p></div> | |
38 | </div> | |
39 | <div class="refsect1"> | |
40 | <a name="idp7433168"></a><h2>Description</h2> | |
41 | <p><span class="command"><strong>realm</strong></span> is a command line tool that | |
42 | can be used to manage enrollment in kerberos realms, like Active | |
43 | Directory domains or IPA domains.</p> | |
44 | </div> | |
45 | <div class="refsect1"> | |
46 | <a name="idp7435184"></a><h2>Discover</h2> | |
47 | <p>Discover a realm and its capabilities.</p> | |
48 | <div class="informalexample"> | |
49 | <pre class="programlisting"> | |
50 | $ realm discover | |
51 | </pre> | |
52 | <pre class="programlisting"> | |
53 | $ realm discover domain.example.com | |
54 | </pre> | |
55 | </div> | |
56 | <p>After discovering a realm, | |
57 | its name, type and capabilities are displayed.</p> | |
58 | <p>If no domain is specified, then the domain assigned through | |
59 | DHCP is used as a default.</p> | |
60 | <p>The following options can be used:</p> | |
61 | <div class="variablelist"><table border="0" class="variablelist"> | |
62 | <colgroup> | |
63 | <col align="left" valign="top"> | |
64 | <col> | |
65 | </colgroup> | |
66 | <tbody> | |
67 | <tr> | |
68 | <td><p><span class="term"><code class="option">--client-software=xxx</code></span></p></td> | |
69 | <td><p>Only discover realms for which we can | |
70 | use the given client software. Possible values include | |
71 | <em class="replaceable"><code>sssd</code></em> or | |
72 | <em class="replaceable"><code>winbind</code></em>.</p></td> | |
73 | </tr> | |
74 | <tr> | |
75 | <td><p><span class="term"><code class="option">--server-software=xxx</code></span></p></td> | |
76 | <td><p>Only discover realms for run the | |
77 | given server software. Possible values include | |
78 | <em class="replaceable"><code>active-directory</code></em> or | |
79 | <em class="replaceable"><code>freeipa</code></em>.</p></td> | |
80 | </tr> | |
81 | <tr> | |
82 | <td><p><span class="term"><code class="option">--verbose, -v</code></span></p></td> | |
83 | <td><p>Display verbose diagnostics while doing | |
84 | the discovery.</p></td> | |
85 | </tr> | |
86 | </tbody> | |
87 | </table></div> | |
88 | </div> | |
89 | <div class="refsect1"> | |
90 | <a name="idp7446752"></a><h2>Join</h2> | |
91 | <p>Configure the local machine for use with a realm.</p> | |
92 | <div class="informalexample"> | |
93 | <pre class="programlisting"> | |
94 | $ realm join domain.example.com | |
95 | </pre> | |
96 | <pre class="programlisting"> | |
97 | $ realm join -user=admin --computer-ou=OU=Special domain.example.com | |
98 | </pre> | |
99 | </div> | |
100 | <p>The realm is first discovered, as we would with the | |
101 | <code class="option">discover</code> command. If no domain is specified, then the | |
102 | domain assigned through DHCP is used as a default.</p> | |
103 | <p>After a successful join, the computer will be in a state where | |
104 | it is able to resolve remote user and group names from the realm. | |
105 | For kerberos realms, a computer account and host keytab is created.</p> | |
106 | <p>Joining arbitrary kerberos realms is not supported. The realm | |
107 | must have a supported mechanism for joining from a client machine, such | |
108 | as Active Directory or FreeIPA.</p> | |
109 | <p>Unless a [--user] is explicitly specified, then if | |
110 | possible, an automatic join is attempted first.</p> | |
111 | <p>The following options can be used:</p> | |
112 | <div class="variablelist"><table border="0" class="variablelist"> | |
113 | <colgroup> | |
114 | <col align="left" valign="top"> | |
115 | <col> | |
116 | </colgroup> | |
117 | <tbody> | |
118 | <tr> | |
119 | <td><p><span class="term"><code class="option">--client-software=xxx</code></span></p></td> | |
120 | <td><p>Only join realms for which we can | |
121 | use the given client software. Possible values include | |
122 | <em class="replaceable"><code>sssd</code></em> or | |
123 | <em class="replaceable"><code>winbind</code></em>. Not all values are | |
124 | supported for all realms. By default the client software | |
125 | is automatically selected.</p></td> | |
126 | </tr> | |
127 | <tr> | |
128 | <td><p><span class="term"><code class="option">--computer-ou=OU=xxx</code></span></p></td> | |
129 | <td><p>The distinguished name of an organizational | |
130 | unit to create the computer account. The exact format | |
131 | of the distinguished name depends on the client software | |
132 | and membership software. You can usually omit the root | |
133 | DSE portion of distinguished name.</p></td> | |
134 | </tr> | |
135 | <tr> | |
136 | <td><p><span class="term"><code class="option">--membership-software=xxx</code></span></p></td> | |
137 | <td><p>The software to use when joining to the | |
138 | realm. Possible values include <em class="replaceable"><code>samba</code></em> or | |
139 | <em class="replaceable"><code>adcli</code></em>. Not all values are | |
140 | supported for all realms. By default the membership software | |
141 | is automatically selected.</p></td> | |
142 | </tr> | |
143 | <tr> | |
144 | <td><p><span class="term"><code class="option">--one-time-password=xxxx</code></span></p></td> | |
145 | <td><p>Perform the join using a one time password | |
146 | specified on the command line. This is not possible with | |
147 | all types of realms.</p></td> | |
148 | </tr> | |
149 | <tr> | |
150 | <td><p><span class="term"><code class="option">--server-software=xxx</code></span></p></td> | |
151 | <td><p>Only join realms for run the | |
152 | given server software. Possible values include | |
153 | <em class="replaceable"><code>active-directory</code></em> or | |
154 | <em class="replaceable"><code>freeipa</code></em>.</p></td> | |
155 | </tr> | |
156 | <tr> | |
157 | <td><p><span class="term"><code class="option">--user</code></span></p></td> | |
158 | <td><p>The user name to be used to authenticate | |
159 | with when joining the machine to the realm. You will | |
160 | be prompted for a password.</p></td> | |
161 | </tr> | |
162 | <tr> | |
163 | <td><p><span class="term"><code class="option">--verbose, -v</code></span></p></td> | |
164 | <td><p>Display verbose diagnostics while doing | |
165 | the discovery and join.</p></td> | |
166 | </tr> | |
167 | </tbody> | |
168 | </table></div> | |
169 | </div> | |
170 | <div class="refsect1"> | |
171 | <a name="idp7469072"></a><h2>Leave</h2> | |
172 | <p>Deconfigure the local machine for use with a realm.</p> | |
173 | <div class="informalexample"> | |
174 | <pre class="programlisting"> | |
175 | $ realm leave | |
176 | </pre> | |
177 | <pre class="programlisting"> | |
178 | $ realm leave domain.example.com | |
179 | </pre> | |
180 | </div> | |
181 | <p>If no realm name is specified, then the first configured realm | |
182 | will be used.</p> | |
183 | <p>The following options can be used:</p> | |
184 | <div class="variablelist"><table border="0" class="variablelist"> | |
185 | <colgroup> | |
186 | <col align="left" valign="top"> | |
187 | <col> | |
188 | </colgroup> | |
189 | <tbody> | |
190 | <tr> | |
191 | <td><p><span class="term"><code class="option">--client-software=xxx</code></span></p></td> | |
192 | <td><p>Only leave the realm which is using | |
193 | the given client software. Possible values include | |
194 | <em class="replaceable"><code>sssd</code></em> or | |
195 | <em class="replaceable"><code>winbind</code></em>.</p></td> | |
196 | </tr> | |
197 | <tr> | |
198 | <td><p><span class="term"><code class="option">--server-software=xxx</code></span></p></td> | |
199 | <td><p>Only leave the realm which is using the | |
200 | given server software. Possible values include | |
201 | <em class="replaceable"><code>active-directory</code></em> or | |
202 | <em class="replaceable"><code>freeipa</code></em>.</p></td> | |
203 | </tr> | |
204 | <tr> | |
205 | <td><p><span class="term"><code class="option">--remove</code></span></p></td> | |
206 | <td><p>Remove or disable computer account from the | |
207 | directory while leaving the realm. This will usually prompt | |
208 | for a pasword.</p></td> | |
209 | </tr> | |
210 | <tr> | |
211 | <td><p><span class="term"><code class="option">--user</code></span></p></td> | |
212 | <td><p>The user name to be used to authenticate | |
213 | with when leaving the realm. You will be prompted for a | |
214 | password. Implies <code class="option">--remove</code>.</p></td> | |
215 | </tr> | |
216 | <tr> | |
217 | <td><p><span class="term"><code class="option">--verbose, -v</code></span></p></td> | |
218 | <td><p>Display verbose diagnostics while doing | |
219 | the leave operation.</p></td> | |
220 | </tr> | |
221 | </tbody> | |
222 | </table></div> | |
223 | </div> | |
224 | <div class="refsect1"> | |
225 | <a name="idp10245296"></a><h2>List</h2> | |
226 | <p>List all the discovered and configured realms.</p> | |
227 | <div class="informalexample"> | |
228 | <table class="listing_frame" border="0" cellpadding="0" cellspacing="0"> | |
229 | <tbody> | |
230 | <tr> | |
231 | <td class="listing_lines" align="right"><pre>1</pre></td> | |
232 | <td class="listing_code"><pre class="programlisting"><span class="normal">$ realm list</span></pre></td> | |
233 | </tr> | |
234 | </tbody> | |
235 | </table> | |
236 | </div> | |
237 | ||
238 | <p>The following options can be used:</p> | |
239 | <div class="variablelist"><table border="0" class="variablelist"> | |
240 | <colgroup> | |
241 | <col align="left" valign="top"> | |
242 | <col> | |
243 | </colgroup> | |
244 | <tbody><tr> | |
245 | <td><p><span class="term"><code class="option">--verbose, -v</code></span></p></td> | |
246 | <td><p>Display verbose diagnostics while | |
247 | listing.</p></td> | |
248 | </tr></tbody> | |
249 | </table></div> | |
250 | </div> | |
251 | <div class="refsect1"> | |
252 | <a name="idp10249632"></a><h2>Permit</h2> | |
253 | <p>Permit local login by users of the realm.</p> | |
254 | <div class="informalexample"> | |
255 | <pre class="programlisting"> | |
256 | $ realm permit -a | |
257 | </pre> | |
258 | <pre class="programlisting"> | |
259 | $ realm permit DOMAIN\User | |
260 | </pre> | |
261 | </div> | |
262 | <p>If more than one realm is configured, then use the <code class="option">--realm</code> | |
263 | option to specify which realm to permit the users on.</p> | |
264 | <p>The format of the user name can be seen by using the | |
265 | <code class="option">list</code> command.</p> | |
266 | <p>The following options can be used:</p> | |
267 | <div class="variablelist"><table border="0" class="variablelist"> | |
268 | <colgroup> | |
269 | <col align="left" valign="top"> | |
270 | <col> | |
271 | </colgroup> | |
272 | <tbody> | |
273 | <tr> | |
274 | <td><p><span class="term"><code class="option">--all, -a</code></span></p></td> | |
275 | <td><p>Permit login by any valid user of the | |
276 | realm.</p></td> | |
277 | </tr> | |
278 | <tr> | |
279 | <td><p><span class="term"><code class="option">--realm, -R</code></span></p></td> | |
280 | <td><p>Specify the name of the realm to permit | |
281 | users to log into.</p></td> | |
282 | </tr> | |
283 | <tr> | |
284 | <td><p><span class="term"><code class="option">--verbose, -v</code></span></p></td> | |
285 | <td><p>Display verbose diagnostics while | |
286 | doing the operation.</p></td> | |
287 | </tr> | |
288 | </tbody> | |
289 | </table></div> | |
290 | </div> | |
291 | <div class="refsect1"> | |
292 | <a name="idp10258944"></a><h2>Deny</h2> | |
293 | <p>Deny local login by users of the realm.</p> | |
294 | <div class="informalexample"> | |
295 | <pre class="programlisting"> | |
296 | $ realm deny -a | |
297 | </pre> | |
298 | <pre class="programlisting"> | |
299 | $ realm deny DOMAIN\User | |
300 | </pre> | |
301 | </div> | |
302 | <p>If more than one realm is configured, then use the <code class="option">--realm</code> | |
303 | option to specify which realm to deny the users' login via.</p> | |
304 | <p>The format of the user name can be seen by using the | |
305 | <code class="option">list</code> command.</p> | |
306 | <p>The following options can be used:</p> | |
307 | <div class="variablelist"><table border="0" class="variablelist"> | |
308 | <colgroup> | |
309 | <col align="left" valign="top"> | |
310 | <col> | |
311 | </colgroup> | |
312 | <tbody> | |
313 | <tr> | |
314 | <td><p><span class="term"><code class="option">--all, -a</code></span></p></td> | |
315 | <td><p>Deny login by any validuser of the | |
316 | realm.</p></td> | |
317 | </tr> | |
318 | <tr> | |
319 | <td><p><span class="term"><code class="option">--realm, -R</code></span></p></td> | |
320 | <td><p>Specify the name of the realm to deny | |
321 | users login to.</p></td> | |
322 | </tr> | |
323 | <tr> | |
324 | <td><p><span class="term"><code class="option">--verbose, -v</code></span></p></td> | |
325 | <td><p>Display verbose diagnostics while | |
326 | doing the operation.</p></td> | |
327 | </tr> | |
328 | </tbody> | |
329 | </table></div> | |
330 | </div> | |
331 | </div> | |
332 | <div class="footer"> | |
333 | <hr> | |
334 | Generated by GTK-Doc V1.18</div> | |
335 | </body> | |
336 | </html>⏎ |
1 | 1 | <!DOCTYPE book PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" ""> |
2 | 2 | <book xmlns="http://www.devhelp.net/book" title="realmd" link="index.html" author="" name="realmd" version="2" language="c"> |
3 | 3 | <chapters> |
4 | <sub name="DBus Interface Reference" link="dbus-interface-reference.html"> | |
5 | <sub name="org.freedesktop.realmd.Provider" link="gdbus-org.freedesktop.realmd.Provider.html"/> | |
6 | <sub name="org.freedesktop.realmd.Realm" link="gdbus-org.freedesktop.realmd.Realm.html"/> | |
7 | <sub name="org.freedesktop.realmd.Kerberos" link="gdbus-org.freedesktop.realmd.Kerberos.html"/> | |
8 | <sub name="org.freedesktop.realmd.KerberosMembership" link="gdbus-org.freedesktop.realmd.KerberosMembership.html"/> | |
9 | <sub name="org.freedesktop.realmd.Service" link="gdbus-org.freedesktop.realmd.Service.html"/> | |
4 | <sub name="Administrative Guide" link="guide.html"> | |
5 | <sub name="Command manual pages" link="realm-manual.html"> | |
6 | <sub name="realm" link="realm.html"/> | |
7 | </sub> | |
8 | <sub name="Using with Active Directory" link="guide-active-directory.html"> | |
9 | <sub name="Discovering Active Directory domains" link="guide-active-directory.html#guide-active-directory-discover"/> | |
10 | <sub name="Active Directory client software" link="guide-active-directory-client.html"> | |
11 | <sub name="Using SSSD with Active Directory" link="guide-active-directory-client.html#idp10880368"/> | |
12 | <sub name="Using Winbind with Active Directory" link="guide-active-directory-client.html#idp6592816"/> | |
13 | </sub> | |
14 | <sub name="Joining an Active Directory domain" link="guide-active-directory-join.html"/> | |
15 | <sub name="Logins using Domain Accounts" link="guide-active-directory-permit.html"/> | |
16 | </sub> | |
17 | <sub name="Using with FreeIPA" link="guide-freeipa.html"> | |
18 | <sub name="Discovering FreeIPA domains" link="guide-freeipa.html#idp9009232"/> | |
19 | </sub> | |
20 | <sub name="Using with other Kerberos realms" link="guide-freeipa.html"> | |
21 | <sub name="Discovering Kerberos realms" link="guide-freeipa.html#idp8851920"/> | |
22 | </sub> | |
23 | <sub name="Configuring realmd" link="guide-configuring.html"> | |
24 | <sub name="active-directory" link="guide-configuring.html#guide-configuring-active-directory"> | |
25 | <sub name="default-client" link="guide-configuring.html#idp7104192"/> | |
26 | </sub> | |
27 | <sub name="user" link="guide-configuring-users.html"> | |
28 | <sub name="default-home" link="guide-configuring-users.html#idp6023568"/> | |
29 | <sub name="default-shell" link="guide-configuring-users.html#idp6557504"/> | |
30 | </sub> | |
31 | <sub name="Realm specific settings" link="guide-configuring-realm.html"> | |
32 | <sub name="computer-ou" link="guide-configuring-realm.html#idp9639264"/> | |
33 | </sub> | |
34 | </sub> | |
35 | <sub name="Integration" link="guide-integration.html"/> | |
10 | 36 | </sub> |
11 | <sub name="Raw DBus Interfaces" link="dbus-interface-raw.html"/> | |
37 | <sub name="Developer Reference" link="development.html"> | |
38 | <sub name="DBus Interface Reference" link="dbus-interface-reference.html"> | |
39 | <sub name="org.freedesktop.realmd.Provider" link="gdbus-org.freedesktop.realmd.Provider.html"/> | |
40 | <sub name="org.freedesktop.realmd.Realm" link="gdbus-org.freedesktop.realmd.Realm.html"/> | |
41 | <sub name="org.freedesktop.realmd.Kerberos" link="gdbus-org.freedesktop.realmd.Kerberos.html"/> | |
42 | <sub name="org.freedesktop.realmd.KerberosMembership" link="gdbus-org.freedesktop.realmd.KerberosMembership.html"/> | |
43 | <sub name="org.freedesktop.realmd.Service" link="gdbus-org.freedesktop.realmd.Service.html"/> | |
44 | </sub> | |
45 | <sub name="Raw DBus Interfaces" link="dbus-interface-raw.html"/> | |
46 | </sub> | |
12 | 47 | </chapters> |
13 | 48 | <functions> |
14 | 49 | <keyword type="method" name="The Discover() method" link="gdbus-org.freedesktop.realmd.Provider.html#gdbus-method-org-freedesktop-realmd-Provider.Discover"/> |
90 | 90 | left: -1em; |
91 | 91 | font-weight: normal !important; |
92 | 92 | } |
93 | ||
94 | DD > DL { | |
95 | margin-top: 0.3em; | |
96 | margin-bottom: 0.3em; | |
97 | } | |
98 | ||
99 | PRE.screen { | |
100 | border: solid 1px #729fcf; | |
101 | padding: 0.5em; | |
102 | background: #e6f3ff; | |
103 | } |
0 | <?xml version='1.0'?> | |
1 | <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" | |
2 | "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> | |
3 | ||
4 | <refentry id="realm"> | |
5 | ||
6 | <refentryinfo> | |
7 | <title>realm</title> | |
8 | <productname>realmd</productname> | |
9 | <authorgroup> | |
10 | <author> | |
11 | <contrib>Maintainer</contrib> | |
12 | <firstname>Stef</firstname> | |
13 | <surname>Walter</surname> | |
14 | <email>stef@thewalter.net</email> | |
15 | </author> | |
16 | </authorgroup> | |
17 | </refentryinfo> | |
18 | ||
19 | <refmeta> | |
20 | <refentrytitle>realm</refentrytitle> | |
21 | <manvolnum>8</manvolnum> | |
22 | <refmiscinfo class="manual">User Commands</refmiscinfo> | |
23 | </refmeta> | |
24 | ||
25 | <refnamediv> | |
26 | <refname>realm</refname> | |
27 | <refpurpose>Manage enrollment in realms</refpurpose> | |
28 | </refnamediv> | |
29 | ||
30 | <refsynopsisdiv> | |
31 | <cmdsynopsis> | |
32 | <command>realm discover <arg choice="plain">-v</arg> <arg choice="opt">realm-name</arg></command> | |
33 | </cmdsynopsis> | |
34 | <cmdsynopsis> | |
35 | <command>realm join <arg choice="plain">-v</arg> <arg choice="opt">-U user</arg> <arg choice="opt">realm-name</arg></command> | |
36 | </cmdsynopsis> | |
37 | <cmdsynopsis> | |
38 | <command>realm leave <arg choice="plain">-v</arg> <arg choice="opt">-U user</arg> <arg choice="opt">realm-name</arg></command> | |
39 | </cmdsynopsis> | |
40 | <cmdsynopsis> | |
41 | <command>realm list</command> | |
42 | </cmdsynopsis> | |
43 | <cmdsynopsis> | |
44 | <command>realm permit <arg choice="opt">-a</arg> <arg choice="opt">-R realm</arg> <arg choice="req">user</arg> ...</command> | |
45 | </cmdsynopsis> | |
46 | <cmdsynopsis> | |
47 | <command>realm deny <arg choice="opt">-a</arg> <arg choice="opt">-R realm</arg> <arg choice="req">user</arg> ...</command> | |
48 | </cmdsynopsis> | |
49 | </refsynopsisdiv> | |
50 | ||
51 | <refsect1> | |
52 | <title>Description</title> | |
53 | <para><command>realm</command> is a command line tool that | |
54 | can be used to manage enrollment in kerberos realms, like Active | |
55 | Directory domains or IPA domains.</para> | |
56 | </refsect1> | |
57 | ||
58 | <refsect1> | |
59 | <title>Discover</title> | |
60 | ||
61 | <para>Discover a realm and its capabilities.</para> | |
62 | ||
63 | <informalexample> | |
64 | <programlisting> | |
65 | $ realm discover | |
66 | </programlisting> | |
67 | <programlisting> | |
68 | $ realm discover domain.example.com | |
69 | </programlisting> | |
70 | </informalexample> | |
71 | ||
72 | <para>After discovering a realm, | |
73 | its name, type and capabilities are displayed.</para> | |
74 | ||
75 | <para>If no domain is specified, then the domain assigned through | |
76 | DHCP is used as a default.</para> | |
77 | ||
78 | <para>The following options can be used:</para> | |
79 | ||
80 | <variablelist> | |
81 | <varlistentry> | |
82 | <term><option>--client-software=xxx</option></term> | |
83 | <listitem><para>Only discover realms for which we can | |
84 | use the given client software. Possible values include | |
85 | <replaceable>sssd</replaceable> or | |
86 | <replaceable>winbind</replaceable>.</para></listitem> | |
87 | </varlistentry> | |
88 | <varlistentry> | |
89 | <term><option>--server-software=xxx</option></term> | |
90 | <listitem><para>Only discover realms for run the | |
91 | given server software. Possible values include | |
92 | <replaceable>active-directory</replaceable> or | |
93 | <replaceable>freeipa</replaceable>.</para></listitem> | |
94 | </varlistentry> | |
95 | <varlistentry> | |
96 | <term><option>--verbose, -v</option></term> | |
97 | <listitem><para>Display verbose diagnostics while doing | |
98 | the discovery.</para></listitem> | |
99 | </varlistentry> | |
100 | </variablelist> | |
101 | ||
102 | </refsect1> | |
103 | ||
104 | <refsect1> | |
105 | <title>Join</title> | |
106 | ||
107 | <para>Configure the local machine for use with a realm.</para> | |
108 | ||
109 | <informalexample> | |
110 | <programlisting> | |
111 | $ realm join domain.example.com | |
112 | </programlisting> | |
113 | <programlisting> | |
114 | $ realm join -user=admin --computer-ou=OU=Special domain.example.com | |
115 | </programlisting> | |
116 | </informalexample> | |
117 | ||
118 | <para>The realm is first discovered, as we would with the | |
119 | <option>discover</option> command. If no domain is specified, then the | |
120 | domain assigned through DHCP is used as a default.</para> | |
121 | ||
122 | <para>After a successful join, the computer will be in a state where | |
123 | it is able to resolve remote user and group names from the realm. | |
124 | For kerberos realms, a computer account and host keytab is created.</para> | |
125 | ||
126 | <para>Joining arbitrary kerberos realms is not supported. The realm | |
127 | must have a supported mechanism for joining from a client machine, such | |
128 | as Active Directory or FreeIPA.</para> | |
129 | ||
130 | <para>Unless a <arg>--user</arg> is explicitly specified, then if | |
131 | possible, an automatic join is attempted first.</para> | |
132 | ||
133 | <para>The following options can be used:</para> | |
134 | ||
135 | <variablelist> | |
136 | <varlistentry> | |
137 | <term><option>--client-software=xxx</option></term> | |
138 | <listitem><para>Only join realms for which we can | |
139 | use the given client software. Possible values include | |
140 | <replaceable>sssd</replaceable> or | |
141 | <replaceable>winbind</replaceable>. Not all values are | |
142 | supported for all realms. By default the client software | |
143 | is automatically selected.</para></listitem> | |
144 | </varlistentry> | |
145 | <varlistentry> | |
146 | <term><option>--computer-ou=OU=xxx</option></term> | |
147 | <listitem><para>The distinguished name of an organizational | |
148 | unit to create the computer account. The exact format | |
149 | of the distinguished name depends on the client software | |
150 | and membership software. You can usually omit the root | |
151 | DSE portion of distinguished name.</para></listitem> | |
152 | </varlistentry> | |
153 | <varlistentry> | |
154 | <term><option>--membership-software=xxx</option></term> | |
155 | <listitem><para>The software to use when joining to the | |
156 | realm. Possible values include <replaceable>samba</replaceable> or | |
157 | <replaceable>adcli</replaceable>. Not all values are | |
158 | supported for all realms. By default the membership software | |
159 | is automatically selected.</para></listitem> | |
160 | </varlistentry> | |
161 | <varlistentry> | |
162 | <term><option>--one-time-password=xxxx</option></term> | |
163 | <listitem><para>Perform the join using a one time password | |
164 | specified on the command line. This is not possible with | |
165 | all types of realms.</para></listitem> | |
166 | </varlistentry> | |
167 | <varlistentry> | |
168 | <term><option>--server-software=xxx</option></term> | |
169 | <listitem><para>Only join realms for run the | |
170 | given server software. Possible values include | |
171 | <replaceable>active-directory</replaceable> or | |
172 | <replaceable>freeipa</replaceable>.</para></listitem> | |
173 | </varlistentry> | |
174 | <varlistentry> | |
175 | <term><option>--user</option></term> | |
176 | <listitem><para>The user name to be used to authenticate | |
177 | with when joining the machine to the realm. You will | |
178 | be prompted for a password.</para></listitem> | |
179 | </varlistentry> | |
180 | <varlistentry> | |
181 | <term><option>--verbose, -v</option></term> | |
182 | <listitem><para>Display verbose diagnostics while doing | |
183 | the discovery and join.</para></listitem> | |
184 | </varlistentry> | |
185 | </variablelist> | |
186 | ||
187 | </refsect1> | |
188 | ||
189 | <refsect1> | |
190 | <title>Leave</title> | |
191 | ||
192 | <para>Deconfigure the local machine for use with a realm.</para> | |
193 | ||
194 | <informalexample> | |
195 | <programlisting> | |
196 | $ realm leave | |
197 | </programlisting> | |
198 | <programlisting> | |
199 | $ realm leave domain.example.com | |
200 | </programlisting> | |
201 | </informalexample> | |
202 | ||
203 | <para>If no realm name is specified, then the first configured realm | |
204 | will be used.</para> | |
205 | ||
206 | <para>The following options can be used:</para> | |
207 | ||
208 | <variablelist> | |
209 | <varlistentry> | |
210 | <term><option>--client-software=xxx</option></term> | |
211 | <listitem><para>Only leave the realm which is using | |
212 | the given client software. Possible values include | |
213 | <replaceable>sssd</replaceable> or | |
214 | <replaceable>winbind</replaceable>.</para></listitem> | |
215 | </varlistentry> | |
216 | <varlistentry> | |
217 | <term><option>--server-software=xxx</option></term> | |
218 | <listitem><para>Only leave the realm which is using the | |
219 | given server software. Possible values include | |
220 | <replaceable>active-directory</replaceable> or | |
221 | <replaceable>freeipa</replaceable>.</para></listitem> | |
222 | </varlistentry> | |
223 | <varlistentry> | |
224 | <term><option>--remove</option></term> | |
225 | <listitem><para>Remove or disable computer account from the | |
226 | directory while leaving the realm. This will usually prompt | |
227 | for a pasword.</para></listitem> | |
228 | </varlistentry> | |
229 | <varlistentry> | |
230 | <term><option>--user</option></term> | |
231 | <listitem><para>The user name to be used to authenticate | |
232 | with when leaving the realm. You will be prompted for a | |
233 | password. Implies <option>--remove</option>.</para></listitem> | |
234 | </varlistentry> | |
235 | <varlistentry> | |
236 | <term><option>--verbose, -v</option></term> | |
237 | <listitem><para>Display verbose diagnostics while doing | |
238 | the leave operation.</para></listitem> | |
239 | </varlistentry> | |
240 | </variablelist> | |
241 | ||
242 | </refsect1> | |
243 | ||
244 | <refsect1> | |
245 | <title>List</title> | |
246 | ||
247 | <para>List all the discovered and configured realms.</para> | |
248 | ||
249 | <informalexample> | |
250 | <programlisting> | |
251 | $ realm list | |
252 | </programlisting> | |
253 | </informalexample> | |
254 | ||
255 | <para>The following options can be used:</para> | |
256 | ||
257 | <variablelist> | |
258 | <varlistentry> | |
259 | <term><option>--verbose, -v</option></term> | |
260 | <listitem><para>Display verbose diagnostics while | |
261 | listing.</para></listitem> | |
262 | </varlistentry> | |
263 | </variablelist> | |
264 | ||
265 | </refsect1> | |
266 | ||
267 | <refsect1> | |
268 | <title>Permit</title> | |
269 | ||
270 | <para>Permit local login by users of the realm.</para> | |
271 | ||
272 | <informalexample> | |
273 | <programlisting> | |
274 | $ realm permit -a | |
275 | </programlisting> | |
276 | <programlisting> | |
277 | $ realm permit DOMAIN\User | |
278 | </programlisting> | |
279 | </informalexample> | |
280 | ||
281 | <para>If more than one realm is configured, then use the <option>--realm</option> | |
282 | option to specify which realm to permit the users on.</para> | |
283 | ||
284 | <para>The format of the user name can be seen by using the | |
285 | <option>list</option> command.</para> | |
286 | ||
287 | <para>The following options can be used:</para> | |
288 | ||
289 | <variablelist> | |
290 | <varlistentry> | |
291 | <term><option>--all, -a</option></term> | |
292 | <listitem><para>Permit login by any valid user of the | |
293 | realm.</para></listitem> | |
294 | </varlistentry> | |
295 | <varlistentry> | |
296 | <term><option>--realm, -R</option></term> | |
297 | <listitem><para>Specify the name of the realm to permit | |
298 | users to log into.</para></listitem> | |
299 | </varlistentry> | |
300 | <varlistentry> | |
301 | <term><option>--verbose, -v</option></term> | |
302 | <listitem><para>Display verbose diagnostics while | |
303 | doing the operation.</para></listitem> | |
304 | </varlistentry> | |
305 | </variablelist> | |
306 | ||
307 | </refsect1> | |
308 | ||
309 | <refsect1> | |
310 | <title>Deny</title> | |
311 | ||
312 | <para>Deny local login by users of the realm.</para> | |
313 | ||
314 | <informalexample> | |
315 | <programlisting> | |
316 | $ realm deny -a | |
317 | </programlisting> | |
318 | <programlisting> | |
319 | $ realm deny DOMAIN\User | |
320 | </programlisting> | |
321 | </informalexample> | |
322 | ||
323 | <para>If more than one realm is configured, then use the <option>--realm</option> | |
324 | option to specify which realm to deny the users' login via.</para> | |
325 | ||
326 | <para>The format of the user name can be seen by using the | |
327 | <option>list</option> command.</para> | |
328 | ||
329 | <para>The following options can be used:</para> | |
330 | ||
331 | <variablelist> | |
332 | <varlistentry> | |
333 | <term><option>--all, -a</option></term> | |
334 | <listitem><para>Deny login by any validuser of the | |
335 | realm.</para></listitem> | |
336 | </varlistentry> | |
337 | <varlistentry> | |
338 | <term><option>--realm, -R</option></term> | |
339 | <listitem><para>Specify the name of the realm to deny | |
340 | users login to.</para></listitem> | |
341 | </varlistentry> | |
342 | <varlistentry> | |
343 | <term><option>--verbose, -v</option></term> | |
344 | <listitem><para>Display verbose diagnostics while | |
345 | doing the operation.</para></listitem> | |
346 | </varlistentry> | |
347 | </variablelist> | |
348 | ||
349 | </refsect1> | |
350 | ||
351 | </refentry> |
10 | 10 | <releaseinfo>for &version;</releaseinfo> |
11 | 11 | </bookinfo> |
12 | 12 | |
13 | <chapter xml:id="dbus-interface-reference"> | |
14 | <title>DBus Interface Reference</title> | |
15 | <xi:include href="realmd-org.freedesktop.realmd.Provider.xml"/> | |
16 | <xi:include href="realmd-org.freedesktop.realmd.Realm.xml"/> | |
17 | <xi:include href="realmd-org.freedesktop.realmd.Kerberos.xml"/> | |
18 | <xi:include href="realmd-org.freedesktop.realmd.KerberosMembership.xml"/> | |
19 | <xi:include href="realmd-org.freedesktop.realmd.Service.xml"/> | |
20 | </chapter> | |
21 | <chapter xml:id="dbus-interface-raw"> | |
22 | <title>Raw DBus Interfaces</title> | |
23 | <para>These are the current raw DBus interfaces for realmd.</para> | |
24 | <programlisting role="rawhtml"> | |
13 | <part id="guide"> | |
14 | <title>Administrative Guide</title> | |
15 | <chapter xml:id="realm-manual"> | |
16 | <title>Command manual pages</title> | |
17 | <xi:include href="realm.xml"/> | |
18 | </chapter> | |
19 | ||
20 | <xi:include href="realmd-guide-active-directory.xml"/> | |
21 | <xi:include href="realmd-guide-freeipa.xml"/> | |
22 | <xi:include href="realmd-guide-kerberos.xml"/> | |
23 | <xi:include href="realmd-guide-configuring.xml"/> | |
24 | ||
25 | <chapter id="guide-integration"> | |
26 | <title>Integration</title> | |
27 | </chapter> | |
28 | </part> | |
29 | ||
30 | <part id="development"> | |
31 | <title>Developer Reference</title> | |
32 | <chapter xml:id="dbus-interface-reference"> | |
33 | <title>DBus Interface Reference</title> | |
34 | <xi:include href="realmd-org.freedesktop.realmd.Provider.xml"/> | |
35 | <xi:include href="realmd-org.freedesktop.realmd.Realm.xml"/> | |
36 | <xi:include href="realmd-org.freedesktop.realmd.Kerberos.xml"/> | |
37 | <xi:include href="realmd-org.freedesktop.realmd.KerberosMembership.xml"/> | |
38 | <xi:include href="realmd-org.freedesktop.realmd.Service.xml"/> | |
39 | </chapter> | |
40 | <chapter xml:id="dbus-interface-raw"> | |
41 | <title>Raw DBus Interfaces</title> | |
42 | <para>These are the current raw DBus interfaces for realmd.</para> | |
43 | <programlisting role="rawhtml"> | |
25 | 44 | <textobject> |
26 | 45 | <?dbhtml-include href="realmd-org.freedesktop.realmd.xml"?> |
27 | 46 | </textobject> |
28 | </programlisting> | |
29 | </chapter> | |
47 | </programlisting> | |
48 | </chapter> | |
49 | </part> | |
50 | ||
30 | 51 | </book> |
0 | <?xml version="1.0"?> | |
1 | <!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" | |
2 | "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" | |
3 | [ | |
4 | <!ENTITY % local.common.attrib "xmlns:xi CDATA #FIXED 'http://www.w3.org/2003/XInclude'"> | |
5 | ]> | |
6 | ||
7 | <chapter id="guide-active-directory"> | |
8 | <title>Using with Active Directory</title> | |
9 | ||
10 | <para><command>realmd</command> can discover Active Directory domains | |
11 | and join the current computer as an account on that domain. This allows | |
12 | using domain users locally, as well as use a domain account to log | |
13 | into the machine.</para> | |
14 | ||
15 | <section id="guide-active-directory-discover"> | |
16 | <title>Discovering Active Directory domains</title> | |
17 | <para><command>realmd</command> discovers which domains or | |
18 | realms it can use or configure. It can discover and identify | |
19 | Active Directory domains by looking up the appropriate DNS SRV | |
20 | records.</para> | |
21 | ||
22 | <para>The following DNS SRV records are required to be present | |
23 | for <command>realmd</command> to identify a provided realm as | |
24 | an Active Directory domain. The DNS server that comes with | |
25 | Active Directory on Windows Server automatically creates | |
26 | these DNS records.</para> | |
27 | ||
28 | <informalexample> | |
29 | <screen> | |
30 | # In this example the Active Directory domain is 'domain.example.com' | |
31 | <emphasis>_kerberos._udp.</emphasis>domain.example.com. | |
32 | <emphasis>_kerberos._tcp.dc._msdcs.</emphasis>domain.example.com. | |
33 | </screen> | |
34 | </informalexample> | |
35 | ||
36 | <para>To see how <command>realmd</command> is discovering a | |
37 | particular domain name, try a command like the following. Using | |
38 | the <option>--verbose</option> argument displays verbose | |
39 | discovery information.</para> | |
40 | ||
41 | <informalexample> | |
42 | <screen> | |
43 | $ <command>realm --verbose domain.example.com</command> | |
44 | * Searching for kerberos SRV records for domain: _kerberos._udp.domain.example.com | |
45 | * Searching for MSDCS SRV records on domain: _kerberos._tcp.dc._msdcs.domain.example.com | |
46 | * dc.domain.example.com:88 | |
47 | * Found kerberos DNS records for: domain.example.com | |
48 | * Found AD style DNS records for: domain.example.com | |
49 | * Successfully discovered: domain.example.com | |
50 | ... | |
51 | </screen> | |
52 | </informalexample> | |
53 | ||
54 | </section> | |
55 | ||
56 | <section id="guide-active-directory-client"> | |
57 | <title>Active Directory client software</title> | |
58 | <para>As part of configuring an Active Directory domain for use | |
59 | on the local computer, <command>realmd</command> will configure | |
60 | client software to enable domain accounts to be used on the local | |
61 | computer.</para> | |
62 | ||
63 | <para><command>realmd</command> supports two types of client | |
64 | software for Active Directory: | |
65 | <ulink url="https://fedorahosted.org/sssd/">SSSD</ulink> and | |
66 | <ulink url="http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html">Winbind</ulink>. | |
67 | By default SSSD is used.</para> | |
68 | ||
69 | <section> | |
70 | <title>Using SSSD with Active Directory</title> | |
71 | <para><ulink url="https://fedorahosted.org/sssd/">SSSD</ulink> | |
72 | provides client software for various kerberos and/or LDAP | |
73 | directories. Since version 1.9.x it provides good support | |
74 | for Active Directory.</para> | |
75 | ||
76 | <para>When joining a computer to an Active Directory domain, | |
77 | <command>realmd</command> will use SSSD as the client software | |
78 | by default. You can force use of SSSD by specifying the | |
79 | <option>--client-software=sssd</option> when joining the | |
80 | domain with the | |
81 | <link linkend="realm"><command>realm</command></link> | |
82 | command like this:</para> | |
83 | ||
84 | <informalexample> | |
85 | <screen> | |
86 | $ <command>realm join --client-software=sssd domain.example.com</command> | |
87 | </screen> | |
88 | </informalexample> | |
89 | </section> | |
90 | ||
91 | <section> | |
92 | <title>Using Winbind with Active Directory</title> | |
93 | <para>Samba | |
94 | <ulink url="http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html">Winbind</ulink> | |
95 | provides client software for use with Active Directory.</para> | |
96 | ||
97 | <para>To have <command>realmd</command> use Winbind as the | |
98 | client software, configure the | |
99 | <link linkend="guide-configuring-active-directory"><option>default-client</option> setting</link>. | |
100 | You can force use of Winbind by specifying the | |
101 | <option>--client-software=winbind</option> when joining the | |
102 | domain with the | |
103 | <link linkend="realm"><command>realm</command></link> | |
104 | command like this:</para> | |
105 | ||
106 | <informalexample> | |
107 | <screen> | |
108 | $ <command>realm join --client-software=winbind domain.example.com</command> | |
109 | </screen> | |
110 | </informalexample> | |
111 | ||
112 | </section> | |
113 | </section> | |
114 | ||
115 | <section id="guide-active-directory-join"> | |
116 | <title>Joining an Active Directory domain</title> | |
117 | ||
118 | <para>To join an Active Directory domain with <command>realmd</command> | |
119 | you can use the <link linkend="realm"><command>realm</command></link> | |
120 | command line tool:</para> | |
121 | ||
122 | <informalexample> | |
123 | <screen> | |
124 | $ <command>realm join --verbose domain.example.com</command> | |
125 | </screen> | |
126 | </informalexample> | |
127 | ||
128 | <para>By specifying the <option>--verbose</option> it's easier | |
129 | to see what went wrong if the join fails.</para> | |
130 | ||
131 | <para>Other tools also use <command>realmd</command> which can | |
132 | be used to perform the join operation, for example: GNOME | |
133 | Control Center.</para> | |
134 | ||
135 | <para>The join operation does the following:</para> | |
136 | <itemizedlist> | |
137 | <listitem><para>Discovers information about the domain.</para></listitem> | |
138 | <listitem><para>Installs the necessary software to join the domain, such as SSSD or Winbind.</para></listitem> | |
139 | <listitem><para>Tries to join the domain automatically, without administrative credentials.</para></listitem> | |
140 | <listitem><para>If administrative credentials are required, a password will be prompted for.</para></listitem> | |
141 | <listitem><para>A computer account in the domain will be created, and or updated.</para></listitem> | |
142 | <listitem><para>A host keytab file at <filename>/etc/krb5.keytab</filename> is created.</para></listitem> | |
143 | <listitem><para>Configures the SSSD or Winbind services, and restarts and enables them as appropriate.</para></listitem> | |
144 | <listitem><para>Enables domain users in <filename>/etc/nsswitch.conf</filename></para></listitem> | |
145 | </itemizedlist> | |
146 | ||
147 | <para>After the join operation is complete, domain accounts should | |
148 | be usable locally, although logins using domain accounts are | |
149 | not necessarily enabled.</para> | |
150 | ||
151 | <para>You verify that domain accounts are working with with a | |
152 | command like this:</para> | |
153 | ||
154 | <informalexample> | |
155 | <screen> | |
156 | $ <command>getent passwd DOMAIN\Administrator</command> | |
157 | </screen> | |
158 | </informalexample> | |
159 | ||
160 | <para>The join operation will create or update a computer account | |
161 | in the domain. If you wish to specify a specific organizational unit | |
162 | where this account is created, you can use the | |
163 | <link linkend="guide-configuring-realm"><option>computer-ou</option> setting</link>.</para> | |
164 | ||
165 | </section> | |
166 | ||
167 | <section id="guide-active-directory-permit"> | |
168 | <title>Logins using Domain Accounts</title> | |
169 | ||
170 | <para>Once the | |
171 | <link linkend="guide-active-directory-join">computer is joined</link> | |
172 | to an Active Directory domain, you can configure the machine so | |
173 | that you can log in with domain accounts.</para> | |
174 | ||
175 | <para>To permit any domain account to log in, use the following | |
176 | command.</para> | |
177 | ||
178 | <informalexample> | |
179 | <screen> | |
180 | $ <command>realm permit --realm domain.example.com --all</command> | |
181 | </screen> | |
182 | </informalexample> | |
183 | ||
184 | <para>To permit only specific accounts from the domain to log in | |
185 | use the following command. The first time this command is run | |
186 | it will change the mode to only allow logins by specific accounts, | |
187 | and then add the specified accounts to the list of accounts | |
188 | to permit.</para> | |
189 | ||
190 | <informalexample> | |
191 | <screen> | |
192 | $ <command>realm permit --realm domain.example.com DOMAIN\\User1 DOMAIN\\User2</command> | |
193 | </screen> | |
194 | </informalexample> | |
195 | ||
196 | <para>To deny logins from any domain account, use the following | |
197 | command.</para> | |
198 | ||
199 | <informalexample> | |
200 | <screen> | |
201 | $ <command>realm deny --realm domain.example.com --all</command> | |
202 | </screen> | |
203 | </informalexample> | |
204 | ||
205 | </section> | |
206 | ||
207 | </chapter> |
0 | <?xml version="1.0"?> | |
1 | <!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" | |
2 | "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" | |
3 | [ | |
4 | <!ENTITY % local.common.attrib "xmlns:xi CDATA #FIXED 'http://www.w3.org/2003/XInclude'"> | |
5 | ]> | |
6 | ||
7 | <chapter id="guide-configuring"> | |
8 | <title>Configuring realmd</title> | |
9 | ||
10 | <para><command>realmd</command> can be tweaked by network administrators | |
11 | to act in specific ways. This is done by placing settings in a | |
12 | <filename>/etc/realmd.conf</filename>. The syntax of this file is the | |
13 | same as an INI file or Desktop Entry file.</para> | |
14 | ||
15 | <para>Only specify the settings you wish to override in the | |
16 | <filename>/etc/realmd.conf</filename> file. Settings not specified will | |
17 | be loaded either from their packaged defaults. Only override the settings | |
18 | below. You may find other settings if you root around the | |
19 | <command>realmd</command> source code. However these are not guaranteed | |
20 | to remain stable.</para> | |
21 | ||
22 | <section id="guide-configuring-active-directory"> | |
23 | <title>active-directory</title> | |
24 | <para>These options should go in an <option>[active-directory]</option> | |
25 | section of the <filename>/etc/realmd.conf</filename> file. Only | |
26 | specify the settings you wish to override.</para> | |
27 | ||
28 | <section> | |
29 | <title>default-client</title> | |
30 | ||
31 | <para>Specify the <option>default-client</option> setting in | |
32 | order to control which client software is the preferred default | |
33 | for use with Active Directory.</para> | |
34 | ||
35 | <informalexample> | |
36 | <programlisting language="js"> | |
37 | [active-directory] | |
38 | default-client = sssd | |
39 | # default-client = winbind | |
40 | </programlisting> | |
41 | </informalexample> | |
42 | ||
43 | <para>The default setting for this is | |
44 | <option>sssd</option> which uses | |
45 | <ulink url="https://fedorahosted.org/sssd/">SSSD</ulink> as | |
46 | the Active Directory client. You can also specify | |
47 | <option>winbind</option> to use | |
48 | <ulink url="http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html">Samba Winbind</ulink>. | |
49 | </para> | |
50 | ||
51 | <para>Some callers of <command>realmd</command> such as the | |
52 | <link linkend="realm"><command>realm</command></link> | |
53 | command line tool allow specifying which client software should | |
54 | be used. Others, such as GNOME Control Center, simplify choose | |
55 | the default.</para> | |
56 | ||
57 | <para>You can verify the preferred default client softawre by | |
58 | running the following command. The realm with the preferred | |
59 | client software will be listed first.</para> | |
60 | ||
61 | <informalexample> | |
62 | <screen> | |
63 | $ <command>realm discover domain.example.com</command> | |
64 | domain.example.com | |
65 | configured: no | |
66 | server-software: active-directory | |
67 | client-software: sssd | |
68 | type: kerberos | |
69 | realm-name: AD.THEWALTER.LAN | |
70 | domain-name: ad.thewalter.lan | |
71 | domain.example.com | |
72 | configured: no | |
73 | server-software: active-directory | |
74 | client-software: winbind | |
75 | type: kerberos | |
76 | realm-name: AD.THEWALTER.LAN | |
77 | domain-name: ad.thewalter.lan | |
78 | </screen> | |
79 | </informalexample> | |
80 | ||
81 | </section> | |
82 | ||
83 | </section> | |
84 | ||
85 | <section id="guide-configuring-users"> | |
86 | <title>user</title> | |
87 | <para>These options should go in an <option>[users]</option> | |
88 | section of the <filename>/etc/realmd.conf</filename> file. Only | |
89 | specify the settings you wish to override.</para> | |
90 | ||
91 | <section> | |
92 | <title>default-home</title> | |
93 | ||
94 | <para>Specify the <option>default-home</option> setting in | |
95 | order to control how to set the home directory for accounts | |
96 | that have no home directory explicitly set.</para> | |
97 | ||
98 | <informalexample> | |
99 | <programlisting language="js"> | |
100 | [active-directory] | |
101 | default-home = /home/%D/%U | |
102 | # default-home = /nfs/home/%D-%U | |
103 | </programlisting> | |
104 | </informalexample> | |
105 | ||
106 | <para>The default setting for this is <option>/home/%D/%U</option>. The | |
107 | <option>%D</option> format is replaced by the domain name. In the case of | |
108 | Active Directory this is the short domain name. The <option>%U</option> | |
109 | format is replaced by the user name.</para> | |
110 | ||
111 | <para>You can verify the home directory for a user by running the | |
112 | following command.</para> | |
113 | ||
114 | <informalexample> | |
115 | <screen> | |
116 | $ <command>getent passwd 'DOMAIN/User'</command> | |
117 | DOMAIN\user:*:1344600500:1344600513:User Name:/home/DOMAIN/user:/bin/bash | |
118 | </screen> | |
119 | </informalexample> | |
120 | ||
121 | </section> | |
122 | ||
123 | <section> | |
124 | <title>default-shell</title> | |
125 | ||
126 | <para>Specify the <option>default-shell</option> setting in | |
127 | order to control how to set the Unix shell for accounts that | |
128 | have no shell explicitly set.</para> | |
129 | ||
130 | <informalexample> | |
131 | <programlisting language="js"> | |
132 | [active-directory] | |
133 | default-shell = /bin/bash | |
134 | # default-shell = /bin/sh | |
135 | </programlisting> | |
136 | </informalexample> | |
137 | ||
138 | <para>The default setting for this is <option>/bin/bash</option> shell. The | |
139 | shell should be a valid shell if you expect the domain users be able to log | |
140 | in. For example it should exist in the <filename>/etc/shells</filename> file.</para> | |
141 | ||
142 | <para>You can verify the shell for a user by running the | |
143 | following command.</para> | |
144 | ||
145 | <informalexample> | |
146 | <screen> | |
147 | $ <command>getent passwd 'DOMAIN/User'</command> | |
148 | DOMAIN\user:*:1344600500:1344600513:User Name:/home/DOMAIN/user:/bin/bash | |
149 | </screen> | |
150 | </informalexample> | |
151 | ||
152 | </section> | |
153 | ||
154 | </section> | |
155 | ||
156 | <section id="guide-configuring-realm"> | |
157 | <title>Realm specific settings</title> | |
158 | <para>These options should go in an section with the same name | |
159 | as the realm in the <filename>/etc/realmd.conf</filename> file. | |
160 | For example for the <option>domain.example.com</option> domain | |
161 | the section would be called <option>[domain.example.com]</option>. | |
162 | To figure out the canonical name for a realm use the | |
163 | <command>realm</command> command:</para> | |
164 | ||
165 | <informalexample> | |
166 | <screen> | |
167 | $ <command>realm discover --name DOMAIN.example.com</command> | |
168 | domain.example.com | |
169 | ... | |
170 | </screen> | |
171 | </informalexample> | |
172 | ||
173 | <para>Only specify the settings you wish to override.</para> | |
174 | <section> | |
175 | <title>computer-ou</title> | |
176 | ||
177 | <para>Specify this option to create directory computer accounts | |
178 | in a location other than the default. This currently only works | |
179 | with Active Directory domains.</para> | |
180 | ||
181 | <informalexample> | |
182 | <programlisting> | |
183 | [domain.example.com] | |
184 | computer-ou = OU=Linux Computers,DC=domain,DC=example,DC=com | |
185 | # computer-ou = OU=Linux Computers, | |
186 | </programlisting> | |
187 | </informalexample> | |
188 | ||
189 | <para>Specify the OU as an LDAP DN. It can be relative to the | |
190 | Root DSE, or a complete LDAP DN. Obviously the OU must exist | |
191 | in the directory.</para> | |
192 | ||
193 | <para>It is also possible to use the <option>--computer-ou</option> | |
194 | argument of the <link linkend="realm">realm</link> command to | |
195 | create a computer account at a specific OU.</para> | |
196 | ||
197 | </section> | |
198 | </section> | |
199 | </chapter> |
0 | <?xml version="1.0"?> | |
1 | <!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" | |
2 | "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" | |
3 | [ | |
4 | <!ENTITY % local.common.attrib "xmlns:xi CDATA #FIXED 'http://www.w3.org/2003/XInclude'"> | |
5 | ]> | |
6 | ||
7 | <chapter id="guide-freeipa"> | |
8 | <title>Using with FreeIPA</title> | |
9 | ||
10 | <para><command>realmd</command> can discover FreeIPA domains. It is not | |
11 | yet possible to join the computer to the domain.</para> | |
12 | ||
13 | <section> | |
14 | <title>Discovering FreeIPA domains</title> | |
15 | <para><command>realmd</command> discovers which domains or | |
16 | realms it can use or configure. It can discover and identify | |
17 | FreeIPA domains by looking up the appropriate DNS SRV | |
18 | records and by connecting to the server and retrieving | |
19 | its TLS certificate.</para> | |
20 | ||
21 | <para>The following DNS SRV records are required to be present | |
22 | for <command>realmd</command> to identify a provided realm as | |
23 | an Kerberos domain.</para> | |
24 | ||
25 | <informalexample> | |
26 | <screen> | |
27 | # In this example the FreeIPA domain is 'domain.example.com' | |
28 | <emphasis>_kerberos._udp.</emphasis>domain.example.com. | |
29 | </screen> | |
30 | </informalexample> | |
31 | ||
32 | <para>In addition <command>realmd</command> connects to the first | |
33 | three KDC's listed and tests if they are FreeIPA servers. It | |
34 | does this by connecting via HTTPS and retrieving their certificate | |
35 | from the <filename>/ipa/config/ca.crt</filename> location. It | |
36 | compares this certificate with the one being used on KDC HTTPS | |
37 | server. If they match the domain is treated as a FreeIPA domain.</para> | |
38 | ||
39 | <para>To see how <command>realmd</command> is discovering a | |
40 | particular domain name, try a command like the following. Using | |
41 | the <option>--verbose</option> argument displays verbose | |
42 | discovery information.</para> | |
43 | ||
44 | <informalexample> | |
45 | <screen> | |
46 | $ <command>realm --verbose discover domain.example.com</command> | |
47 | * Searching for kerberos SRV records for domain: _kerberos._udp.ipa.thewalter.lan | |
48 | * Searching for MSDCS SRV records on domain: _kerberos._tcp.dc._msdcs.ipa.thewalter.lan | |
49 | * dc.domain.example.com:88 | |
50 | * Trying to retrieve IPA certificate from dc.domain.example.com | |
51 | * Retrieved IPA CA certificate verifies the HTTPS connection | |
52 | * Found kerberos DNS records for: domain.example.com | |
53 | * Found IPA style certificate for: domain.example.com | |
54 | * Successfully discovered: domain.example.com | |
55 | ... | |
56 | </screen> | |
57 | </informalexample> | |
58 | ||
59 | </section> | |
60 | ||
61 | </chapter> |
0 | <?xml version="1.0"?> | |
1 | <!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" | |
2 | "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" | |
3 | [ | |
4 | <!ENTITY % local.common.attrib "xmlns:xi CDATA #FIXED 'http://www.w3.org/2003/XInclude'"> | |
5 | ]> | |
6 | ||
7 | <chapter id="guide-freeipa"> | |
8 | <title>Using with other Kerberos realms</title> | |
9 | ||
10 | <para><command>realmd</command> can discover generic Kerberos realms. | |
11 | Since there is no standard way to enroll a computer against a Kerberos | |
12 | server, it is not possible to do this with <command>realmd</command>.</para> | |
13 | ||
14 | <section> | |
15 | <title>Discovering Kerberos realms</title> | |
16 | <para><command>realmd</command> discovers which domains or | |
17 | realms it can use or configure. It can discover and identify | |
18 | Kerberos domains by looking up the appropriate DNS SRV | |
19 | records.</para> | |
20 | ||
21 | <para>The following DNS SRV record is required to be present | |
22 | for <command>realmd</command> to identify a provided realm as | |
23 | a Kerberos domain.</para> | |
24 | ||
25 | <informalexample> | |
26 | <screen> | |
27 | # In this example the Kerberos domain is 'domain.example.com' | |
28 | <emphasis>_kerberos._udp.</emphasis>domain.example.com. | |
29 | </screen> | |
30 | </informalexample> | |
31 | ||
32 | <informalexample> | |
33 | <screen> | |
34 | $ <command>realm --verbose discover domain.example.com</command> | |
35 | * Searching for kerberos SRV records for domain: _kerberos._udp.domain.example.com | |
36 | * Searching for MSDCS SRV records on domain: _kerberos._tcp.dc._msdcs.domain.example.com | |
37 | * dc.domain.example.com:88 | |
38 | * Trying to retrieve IPA certificate from dc.domain.example.com | |
39 | ! Couldn't read certificate via HTTP: No PEM-encoded certificate found | |
40 | ! Couldn't discover IPA KDC: No PEM-encoded certificate found | |
41 | * Found kerberos DNS records for: domain.example.com | |
42 | * Successfully discovered: domain.example.com | |
43 | ... | |
44 | </screen> | |
45 | </informalexample> | |
46 | ||
47 | </section> | |
48 | ||
49 | </chapter> |
4 | 4 | |
5 | 5 | REALMD_CONFIGS = \ |
6 | 6 | realmd-defaults.conf \ |
7 | realmd-redhat.conf | |
7 | realmd-redhat.conf \ | |
8 | realmd-debian.conf \ | |
9 | $(NULL) | |
8 | 10 | |
9 | 11 | private_DATA = \ |
10 | 12 | net-ads-smb.conf \ |
40 | 42 | realm-samba-util.c realm-samba-util.h \ |
41 | 43 | realm-samba-winbind.c realm-samba-winbind.h \ |
42 | 44 | realm-service.c realm-service.h \ |
43 | realm-service-systemd.c realm-service-systemd.h \ | |
44 | realm-service-upstart.c realm-service-upstart.h \ | |
45 | 45 | realm-settings.c realm-settings.h \ |
46 | 46 | realm-sssd.c realm-sssd.h \ |
47 | 47 | realm-sssd-ad.c realm-sssd-ad.h \ |
48 | realm-sssd-ad-provider.c realm-sssd-ad-provider.h \ | |
48 | realm-sssd-provider.c realm-sssd-provider.h \ | |
49 | 49 | realm-sssd-config.c realm-sssd-config.h \ |
50 | 50 | realm-sssd-ipa.c realm-sssd-ipa.h \ |
51 | realm-sssd-ipa-provider.c realm-sssd-ipa-provider.h \ | |
52 | 51 | $(NULL) |
53 | 52 | |
54 | 53 | realmd_CFLAGS = \ |
84 | 84 | realmd-realm-samba-provider.$(OBJEXT) \ |
85 | 85 | realmd-realm-samba-util.$(OBJEXT) \ |
86 | 86 | realmd-realm-samba-winbind.$(OBJEXT) \ |
87 | realmd-realm-service.$(OBJEXT) \ | |
88 | realmd-realm-service-systemd.$(OBJEXT) \ | |
89 | realmd-realm-service-upstart.$(OBJEXT) \ | |
90 | realmd-realm-settings.$(OBJEXT) realmd-realm-sssd.$(OBJEXT) \ | |
91 | realmd-realm-sssd-ad.$(OBJEXT) \ | |
92 | realmd-realm-sssd-ad-provider.$(OBJEXT) \ | |
87 | realmd-realm-service.$(OBJEXT) realmd-realm-settings.$(OBJEXT) \ | |
88 | realmd-realm-sssd.$(OBJEXT) realmd-realm-sssd-ad.$(OBJEXT) \ | |
89 | realmd-realm-sssd-provider.$(OBJEXT) \ | |
93 | 90 | realmd-realm-sssd-config.$(OBJEXT) \ |
94 | realmd-realm-sssd-ipa.$(OBJEXT) \ | |
95 | realmd-realm-sssd-ipa-provider.$(OBJEXT) $(am__objects_1) | |
91 | realmd-realm-sssd-ipa.$(OBJEXT) $(am__objects_1) | |
96 | 92 | realmd_OBJECTS = $(am_realmd_OBJECTS) |
97 | 93 | am__DEPENDENCIES_1 = |
98 | 94 | realmd_DEPENDENCIES = $(top_builddir)/dbus/librealm-dbus.a \ |
274 | 270 | USE_NLS = @USE_NLS@ |
275 | 271 | VERSION = @VERSION@ |
276 | 272 | XGETTEXT = @XGETTEXT@ |
273 | XSLTPROC = @XSLTPROC@ | |
277 | 274 | abs_builddir = @abs_builddir@ |
278 | 275 | abs_srcdir = @abs_srcdir@ |
279 | 276 | abs_top_builddir = @abs_top_builddir@ |
344 | 341 | SUFFIXES = .conf .conf.in .desktop.in .desktop.in.in .service .service.in |
345 | 342 | REALMD_CONFIGS = \ |
346 | 343 | realmd-defaults.conf \ |
347 | realmd-redhat.conf | |
344 | realmd-redhat.conf \ | |
345 | realmd-debian.conf \ | |
346 | $(NULL) | |
348 | 347 | |
349 | 348 | private_DATA = \ |
350 | 349 | net-ads-smb.conf \ |
378 | 377 | realm-samba-util.c realm-samba-util.h \ |
379 | 378 | realm-samba-winbind.c realm-samba-winbind.h \ |
380 | 379 | realm-service.c realm-service.h \ |
381 | realm-service-systemd.c realm-service-systemd.h \ | |
382 | realm-service-upstart.c realm-service-upstart.h \ | |
383 | 380 | realm-settings.c realm-settings.h \ |
384 | 381 | realm-sssd.c realm-sssd.h \ |
385 | 382 | realm-sssd-ad.c realm-sssd-ad.h \ |
386 | realm-sssd-ad-provider.c realm-sssd-ad-provider.h \ | |
383 | realm-sssd-provider.c realm-sssd-provider.h \ | |
387 | 384 | realm-sssd-config.c realm-sssd-config.h \ |
388 | 385 | realm-sssd-ipa.c realm-sssd-ipa.h \ |
389 | realm-sssd-ipa-provider.c realm-sssd-ipa-provider.h \ | |
390 | 386 | $(NULL) |
391 | 387 | |
392 | 388 | realmd_CFLAGS = \ |
539 | 535 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/realmd-realm-samba-util.Po@am__quote@ |
540 | 536 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/realmd-realm-samba-winbind.Po@am__quote@ |
541 | 537 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/realmd-realm-samba.Po@am__quote@ |
542 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/realmd-realm-service-systemd.Po@am__quote@ | |
543 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/realmd-realm-service-upstart.Po@am__quote@ | |
544 | 538 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/realmd-realm-service.Po@am__quote@ |
545 | 539 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/realmd-realm-settings.Po@am__quote@ |
546 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/realmd-realm-sssd-ad-provider.Po@am__quote@ | |
547 | 540 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/realmd-realm-sssd-ad.Po@am__quote@ |
548 | 541 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/realmd-realm-sssd-config.Po@am__quote@ |
549 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/realmd-realm-sssd-ipa-provider.Po@am__quote@ | |
550 | 542 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/realmd-realm-sssd-ipa.Po@am__quote@ |
543 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/realmd-realm-sssd-provider.Po@am__quote@ | |
551 | 544 | @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/realmd-realm-sssd.Po@am__quote@ |
552 | 545 | |
553 | 546 | .c.o: |
900 | 893 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
901 | 894 | @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -c -o realmd-realm-service.obj `if test -f 'realm-service.c'; then $(CYGPATH_W) 'realm-service.c'; else $(CYGPATH_W) '$(srcdir)/realm-service.c'; fi` |
902 | 895 | |
903 | realmd-realm-service-systemd.o: realm-service-systemd.c | |
904 | @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -MT realmd-realm-service-systemd.o -MD -MP -MF $(DEPDIR)/realmd-realm-service-systemd.Tpo -c -o realmd-realm-service-systemd.o `test -f 'realm-service-systemd.c' || echo '$(srcdir)/'`realm-service-systemd.c | |
905 | @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/realmd-realm-service-systemd.Tpo $(DEPDIR)/realmd-realm-service-systemd.Po | |
906 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='realm-service-systemd.c' object='realmd-realm-service-systemd.o' libtool=no @AMDEPBACKSLASH@ | |
907 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ | |
908 | @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -c -o realmd-realm-service-systemd.o `test -f 'realm-service-systemd.c' || echo '$(srcdir)/'`realm-service-systemd.c | |
909 | ||
910 | realmd-realm-service-systemd.obj: realm-service-systemd.c | |
911 | @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -MT realmd-realm-service-systemd.obj -MD -MP -MF $(DEPDIR)/realmd-realm-service-systemd.Tpo -c -o realmd-realm-service-systemd.obj `if test -f 'realm-service-systemd.c'; then $(CYGPATH_W) 'realm-service-systemd.c'; else $(CYGPATH_W) '$(srcdir)/realm-service-systemd.c'; fi` | |
912 | @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/realmd-realm-service-systemd.Tpo $(DEPDIR)/realmd-realm-service-systemd.Po | |
913 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='realm-service-systemd.c' object='realmd-realm-service-systemd.obj' libtool=no @AMDEPBACKSLASH@ | |
914 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ | |
915 | @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -c -o realmd-realm-service-systemd.obj `if test -f 'realm-service-systemd.c'; then $(CYGPATH_W) 'realm-service-systemd.c'; else $(CYGPATH_W) '$(srcdir)/realm-service-systemd.c'; fi` | |
916 | ||
917 | realmd-realm-service-upstart.o: realm-service-upstart.c | |
918 | @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -MT realmd-realm-service-upstart.o -MD -MP -MF $(DEPDIR)/realmd-realm-service-upstart.Tpo -c -o realmd-realm-service-upstart.o `test -f 'realm-service-upstart.c' || echo '$(srcdir)/'`realm-service-upstart.c | |
919 | @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/realmd-realm-service-upstart.Tpo $(DEPDIR)/realmd-realm-service-upstart.Po | |
920 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='realm-service-upstart.c' object='realmd-realm-service-upstart.o' libtool=no @AMDEPBACKSLASH@ | |
921 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ | |
922 | @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -c -o realmd-realm-service-upstart.o `test -f 'realm-service-upstart.c' || echo '$(srcdir)/'`realm-service-upstart.c | |
923 | ||
924 | realmd-realm-service-upstart.obj: realm-service-upstart.c | |
925 | @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -MT realmd-realm-service-upstart.obj -MD -MP -MF $(DEPDIR)/realmd-realm-service-upstart.Tpo -c -o realmd-realm-service-upstart.obj `if test -f 'realm-service-upstart.c'; then $(CYGPATH_W) 'realm-service-upstart.c'; else $(CYGPATH_W) '$(srcdir)/realm-service-upstart.c'; fi` | |
926 | @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/realmd-realm-service-upstart.Tpo $(DEPDIR)/realmd-realm-service-upstart.Po | |
927 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='realm-service-upstart.c' object='realmd-realm-service-upstart.obj' libtool=no @AMDEPBACKSLASH@ | |
928 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ | |
929 | @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -c -o realmd-realm-service-upstart.obj `if test -f 'realm-service-upstart.c'; then $(CYGPATH_W) 'realm-service-upstart.c'; else $(CYGPATH_W) '$(srcdir)/realm-service-upstart.c'; fi` | |
930 | ||
931 | 896 | realmd-realm-settings.o: realm-settings.c |
932 | 897 | @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -MT realmd-realm-settings.o -MD -MP -MF $(DEPDIR)/realmd-realm-settings.Tpo -c -o realmd-realm-settings.o `test -f 'realm-settings.c' || echo '$(srcdir)/'`realm-settings.c |
933 | 898 | @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/realmd-realm-settings.Tpo $(DEPDIR)/realmd-realm-settings.Po |
970 | 935 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
971 | 936 | @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -c -o realmd-realm-sssd-ad.obj `if test -f 'realm-sssd-ad.c'; then $(CYGPATH_W) 'realm-sssd-ad.c'; else $(CYGPATH_W) '$(srcdir)/realm-sssd-ad.c'; fi` |
972 | 937 | |
973 | realmd-realm-sssd-ad-provider.o: realm-sssd-ad-provider.c | |
974 | @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -MT realmd-realm-sssd-ad-provider.o -MD -MP -MF $(DEPDIR)/realmd-realm-sssd-ad-provider.Tpo -c -o realmd-realm-sssd-ad-provider.o `test -f 'realm-sssd-ad-provider.c' || echo '$(srcdir)/'`realm-sssd-ad-provider.c | |
975 | @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/realmd-realm-sssd-ad-provider.Tpo $(DEPDIR)/realmd-realm-sssd-ad-provider.Po | |
976 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='realm-sssd-ad-provider.c' object='realmd-realm-sssd-ad-provider.o' libtool=no @AMDEPBACKSLASH@ | |
977 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ | |
978 | @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -c -o realmd-realm-sssd-ad-provider.o `test -f 'realm-sssd-ad-provider.c' || echo '$(srcdir)/'`realm-sssd-ad-provider.c | |
979 | ||
980 | realmd-realm-sssd-ad-provider.obj: realm-sssd-ad-provider.c | |
981 | @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -MT realmd-realm-sssd-ad-provider.obj -MD -MP -MF $(DEPDIR)/realmd-realm-sssd-ad-provider.Tpo -c -o realmd-realm-sssd-ad-provider.obj `if test -f 'realm-sssd-ad-provider.c'; then $(CYGPATH_W) 'realm-sssd-ad-provider.c'; else $(CYGPATH_W) '$(srcdir)/realm-sssd-ad-provider.c'; fi` | |
982 | @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/realmd-realm-sssd-ad-provider.Tpo $(DEPDIR)/realmd-realm-sssd-ad-provider.Po | |
983 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='realm-sssd-ad-provider.c' object='realmd-realm-sssd-ad-provider.obj' libtool=no @AMDEPBACKSLASH@ | |
984 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ | |
985 | @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -c -o realmd-realm-sssd-ad-provider.obj `if test -f 'realm-sssd-ad-provider.c'; then $(CYGPATH_W) 'realm-sssd-ad-provider.c'; else $(CYGPATH_W) '$(srcdir)/realm-sssd-ad-provider.c'; fi` | |
938 | realmd-realm-sssd-provider.o: realm-sssd-provider.c | |
939 | @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -MT realmd-realm-sssd-provider.o -MD -MP -MF $(DEPDIR)/realmd-realm-sssd-provider.Tpo -c -o realmd-realm-sssd-provider.o `test -f 'realm-sssd-provider.c' || echo '$(srcdir)/'`realm-sssd-provider.c | |
940 | @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/realmd-realm-sssd-provider.Tpo $(DEPDIR)/realmd-realm-sssd-provider.Po | |
941 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='realm-sssd-provider.c' object='realmd-realm-sssd-provider.o' libtool=no @AMDEPBACKSLASH@ | |
942 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ | |
943 | @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -c -o realmd-realm-sssd-provider.o `test -f 'realm-sssd-provider.c' || echo '$(srcdir)/'`realm-sssd-provider.c | |
944 | ||
945 | realmd-realm-sssd-provider.obj: realm-sssd-provider.c | |
946 | @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -MT realmd-realm-sssd-provider.obj -MD -MP -MF $(DEPDIR)/realmd-realm-sssd-provider.Tpo -c -o realmd-realm-sssd-provider.obj `if test -f 'realm-sssd-provider.c'; then $(CYGPATH_W) 'realm-sssd-provider.c'; else $(CYGPATH_W) '$(srcdir)/realm-sssd-provider.c'; fi` | |
947 | @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/realmd-realm-sssd-provider.Tpo $(DEPDIR)/realmd-realm-sssd-provider.Po | |
948 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='realm-sssd-provider.c' object='realmd-realm-sssd-provider.obj' libtool=no @AMDEPBACKSLASH@ | |
949 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ | |
950 | @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -c -o realmd-realm-sssd-provider.obj `if test -f 'realm-sssd-provider.c'; then $(CYGPATH_W) 'realm-sssd-provider.c'; else $(CYGPATH_W) '$(srcdir)/realm-sssd-provider.c'; fi` | |
986 | 951 | |
987 | 952 | realmd-realm-sssd-config.o: realm-sssd-config.c |
988 | 953 | @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -MT realmd-realm-sssd-config.o -MD -MP -MF $(DEPDIR)/realmd-realm-sssd-config.Tpo -c -o realmd-realm-sssd-config.o `test -f 'realm-sssd-config.c' || echo '$(srcdir)/'`realm-sssd-config.c |
1011 | 976 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='realm-sssd-ipa.c' object='realmd-realm-sssd-ipa.obj' libtool=no @AMDEPBACKSLASH@ |
1012 | 977 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
1013 | 978 | @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -c -o realmd-realm-sssd-ipa.obj `if test -f 'realm-sssd-ipa.c'; then $(CYGPATH_W) 'realm-sssd-ipa.c'; else $(CYGPATH_W) '$(srcdir)/realm-sssd-ipa.c'; fi` |
1014 | ||
1015 | realmd-realm-sssd-ipa-provider.o: realm-sssd-ipa-provider.c | |
1016 | @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -MT realmd-realm-sssd-ipa-provider.o -MD -MP -MF $(DEPDIR)/realmd-realm-sssd-ipa-provider.Tpo -c -o realmd-realm-sssd-ipa-provider.o `test -f 'realm-sssd-ipa-provider.c' || echo '$(srcdir)/'`realm-sssd-ipa-provider.c | |
1017 | @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/realmd-realm-sssd-ipa-provider.Tpo $(DEPDIR)/realmd-realm-sssd-ipa-provider.Po | |
1018 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='realm-sssd-ipa-provider.c' object='realmd-realm-sssd-ipa-provider.o' libtool=no @AMDEPBACKSLASH@ | |
1019 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ | |
1020 | @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -c -o realmd-realm-sssd-ipa-provider.o `test -f 'realm-sssd-ipa-provider.c' || echo '$(srcdir)/'`realm-sssd-ipa-provider.c | |
1021 | ||
1022 | realmd-realm-sssd-ipa-provider.obj: realm-sssd-ipa-provider.c | |
1023 | @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -MT realmd-realm-sssd-ipa-provider.obj -MD -MP -MF $(DEPDIR)/realmd-realm-sssd-ipa-provider.Tpo -c -o realmd-realm-sssd-ipa-provider.obj `if test -f 'realm-sssd-ipa-provider.c'; then $(CYGPATH_W) 'realm-sssd-ipa-provider.c'; else $(CYGPATH_W) '$(srcdir)/realm-sssd-ipa-provider.c'; fi` | |
1024 | @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/realmd-realm-sssd-ipa-provider.Tpo $(DEPDIR)/realmd-realm-sssd-ipa-provider.Po | |
1025 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='realm-sssd-ipa-provider.c' object='realmd-realm-sssd-ipa-provider.obj' libtool=no @AMDEPBACKSLASH@ | |
1026 | @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ | |
1027 | @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(realmd_CFLAGS) $(CFLAGS) -c -o realmd-realm-sssd-ipa-provider.obj `if test -f 'realm-sssd-ipa-provider.c'; then $(CYGPATH_W) 'realm-sssd-ipa-provider.c'; else $(CYGPATH_W) '$(srcdir)/realm-sssd-ipa-provider.c'; fi` | |
1028 | 979 | install-polkit_policyDATA: $(polkit_policy_DATA) |
1029 | 980 | @$(NORMAL_INSTALL) |
1030 | 981 | @list='$(polkit_policy_DATA)'; test -n "$(polkit_policydir)" || list=; \ |
32 | 32 | NUM_FDS |
33 | 33 | }; |
34 | 34 | |
35 | #define DEBUG_VERBOSE 0 | |
35 | 36 | |
36 | 37 | typedef struct { |
37 | 38 | GBytes *input; |
73 | 74 | static void |
74 | 75 | complete_source_is_done (ProcessSource *process_source) |
75 | 76 | { |
77 | #if DEBUG_VERBOSE | |
76 | 78 | g_debug ("all fds closed and process exited, completing"); |
79 | #endif | |
77 | 80 | |
78 | 81 | g_assert (process_source->child_sig == 0); |
79 | 82 | |
94 | 97 | { |
95 | 98 | g_assert (fd); |
96 | 99 | if (*fd >= 0) { |
100 | #if DEBUG_VERBOSE | |
97 | 101 | g_debug ("closing fd: %d", *fd); |
102 | #endif | |
98 | 103 | close (*fd); |
99 | 104 | } |
100 | 105 | *fd = -1; |
379 | 384 | { |
380 | 385 | ProcessSource *process_source = user_data; |
381 | 386 | |
382 | g_debug ("process cancelled"); | |
387 | g_debug ("process cancelled: %d", process_source->child_pid); | |
383 | 388 | |
384 | 389 | /* Set an error, which is respected when this actually completes. */ |
385 | 390 | g_simple_async_result_set_error (process_source->res, G_IO_ERROR, G_IO_ERROR_CANCELLED, |
22 | 22 | #include "realm-kerberos-provider.h" |
23 | 23 | #include "realm-samba-provider.h" |
24 | 24 | #include "realm-settings.h" |
25 | #include "realm-sssd-ad-provider.h" | |
26 | #include "realm-sssd-ipa-provider.h" | |
25 | #include "realm-sssd-provider.h" | |
27 | 26 | |
28 | 27 | #include <glib.h> |
29 | 28 | #include <glib/gi18n.h> |
420 | 419 | |
421 | 420 | all_provider = realm_all_provider_new_and_export (connection); |
422 | 421 | |
423 | provider = realm_sssd_ad_provider_new (); | |
424 | g_dbus_object_manager_server_export (object_server, G_DBUS_OBJECT_SKELETON (provider)); | |
425 | realm_all_provider_register (all_provider, provider); | |
426 | g_object_unref (provider); | |
427 | ||
428 | provider = realm_sssd_ipa_provider_new (); | |
422 | provider = realm_sssd_provider_new (); | |
429 | 423 | g_dbus_object_manager_server_export (object_server, G_DBUS_OBJECT_SKELETON (provider)); |
430 | 424 | realm_all_provider_register (all_provider, provider); |
431 | 425 | g_object_unref (provider); |
489 | 483 | RealmDbusService *service; |
490 | 484 | GOptionContext *context; |
491 | 485 | GError *error = NULL; |
486 | const gchar *env; | |
487 | gchar *path; | |
492 | 488 | |
493 | 489 | GOptionEntry option_entries[] = { |
494 | 490 | { "debug", 'd', 0, G_OPTION_ARG_NONE, &service_debug, |
503 | 499 | #endif |
504 | 500 | |
505 | 501 | g_type_init (); |
502 | ||
503 | /* | |
504 | * Add /sbin to path as a around for problems with authconfig. | |
505 | * See bug: | |
506 | */ | |
507 | env = g_getenv ("PATH"); | |
508 | path = g_strdup_printf ("%s:/usr/sbin:/sbin", env ? env : "/usr/bin:/bin"); | |
509 | g_setenv ("PATH", path, TRUE); | |
510 | g_free (path); | |
506 | 511 | |
507 | 512 | context = g_option_context_new ("realmd"); |
508 | 513 | g_option_context_add_main_entries (context, option_entries, NULL); |
773 | 773 | line->bytes = g_bytes_new_take (data, strlen (data)); |
774 | 774 | line->name = g_strdup (name); |
775 | 775 | insert_config_line (self, sect->tail, line); |
776 | g_hash_table_insert (sect->parameters, line->name, line); | |
776 | 777 | |
777 | 778 | /* Already have this line, replace the data */ |
778 | 779 | } else { |
975 | 976 | return g_hash_table_lookup (self->sections, section) != NULL; |
976 | 977 | } |
977 | 978 | |
979 | static gboolean | |
980 | is_blank_line (GBytes *bytes) | |
981 | { | |
982 | const gchar *data; | |
983 | gsize length; | |
984 | ||
985 | data = g_bytes_get_data (bytes, &length); | |
986 | return (length == 1 && data[0] == '\n'); | |
987 | } | |
988 | ||
978 | 989 | void |
979 | 990 | realm_ini_config_remove_section (RealmIniConfig *self, |
980 | 991 | const gchar *section) |
993 | 1004 | g_assert (sect->tail != NULL); |
994 | 1005 | head = sect->head; |
995 | 1006 | tail = sect->tail; |
1007 | ||
1008 | /* | |
1009 | * If the prior line is a blank line, remove that too. | |
1010 | * This matches the behavior of config_set_value() so that | |
1011 | * when we add/remove sections we don't get a file full of | |
1012 | * empty lines. | |
1013 | */ | |
1014 | if (head->prev != NULL) { | |
1015 | if (is_blank_line (head->prev->bytes)) | |
1016 | head = head->prev; | |
1017 | } | |
996 | 1018 | |
997 | 1019 | g_hash_table_remove (self->sections, section); |
998 | 1020 |
127 | 127 | } DiscoverClosure; |
128 | 128 | |
129 | 129 | static void |
130 | kerberos_discover_complete (RealmKerberosDiscover *self) | |
130 | kerberos_discover_call_callbacks (RealmKerberosDiscover *self) | |
131 | 131 | { |
132 | 132 | Callback *call, *next; |
133 | 133 | |
134 | g_object_ref (self); | |
135 | ||
136 | g_assert (!self->completed); | |
137 | self->completed = TRUE; | |
138 | 134 | call = self->callback; |
139 | 135 | self->callback = NULL; |
140 | 136 | |
148 | 144 | g_slice_free (Callback, call); |
149 | 145 | call = next; |
150 | 146 | } |
151 | ||
147 | } | |
148 | ||
149 | static void | |
150 | kerberos_discover_complete (RealmKerberosDiscover *self) | |
151 | { | |
152 | g_object_ref (self); | |
153 | ||
154 | g_assert (!self->completed); | |
155 | self->completed = TRUE; | |
156 | kerberos_discover_call_callbacks (self); | |
152 | 157 | g_object_unref (self); |
153 | 158 | } |
154 | 159 | |
422 | 427 | { |
423 | 428 | RealmKerberosDiscover *self = REALM_KERBEROS_DISCOVER (user_data); |
424 | 429 | g_assert (self->completed); |
425 | kerberos_discover_complete (self); | |
430 | kerberos_discover_call_callbacks (self); | |
426 | 431 | return FALSE; |
427 | 432 | } |
428 | 433 | |
492 | 497 | { |
493 | 498 | RealmKerberosDiscover *self; |
494 | 499 | gchar *realm; |
500 | gchar *name; | |
495 | 501 | |
496 | 502 | g_return_val_if_fail (REALM_IS_KERBEROS_DISCOVER (result), NULL); |
497 | 503 | g_return_val_if_fail (error == NULL || *error == NULL, NULL); |
510 | 516 | return NULL; |
511 | 517 | |
512 | 518 | realm = g_ascii_strup (self->domain, -1); |
519 | name = g_ascii_strdown (self->domain, -1); | |
513 | 520 | |
514 | 521 | if (discovery) { |
515 | 522 | *discovery = realm_discovery_new (); |
538 | 545 | } |
539 | 546 | } |
540 | 547 | |
541 | return realm; | |
542 | } | |
548 | g_free (realm); | |
549 | return name; | |
550 | } |
13 | 13 | |
14 | 14 | #include "config.h" |
15 | 15 | |
16 | #include "realm-command.h" | |
16 | 17 | #include "realm-daemon.h" |
17 | 18 | #include "realm-dbus-constants.h" |
18 | 19 | #include "realm-dbus-generated.h" |
52 | 53 | |
53 | 54 | G_DEFINE_TYPE (RealmKerberos, realm_kerberos, G_TYPE_DBUS_OBJECT_SKELETON); |
54 | 55 | |
56 | #define return_if_krb5_failed(ctx, code) G_STMT_START \ | |
57 | if G_LIKELY ((code) == 0) { } else { \ | |
58 | g_warn_message (G_LOG_DOMAIN, __FILE__, __LINE__, G_STRFUNC, \ | |
59 | krb5_get_error_message ((ctx), (code))); \ | |
60 | return; \ | |
61 | } G_STMT_END | |
62 | ||
63 | #define return_val_if_krb5_failed(ctx, code, val) G_STMT_START \ | |
64 | if G_LIKELY ((code) == 0) { } else { \ | |
65 | g_warn_message (G_LOG_DOMAIN, __FILE__, __LINE__, G_STRFUNC, \ | |
66 | krb5_get_error_message ((ctx), (code))); \ | |
67 | return (val); \ | |
68 | } G_STMT_END | |
69 | ||
70 | #define warn_if_krb5_failed(ctx, code) G_STMT_START \ | |
71 | if G_LIKELY ((code) == 0) { } else { \ | |
72 | g_warn_message (G_LOG_DOMAIN, __FILE__, __LINE__, G_STRFUNC, \ | |
73 | krb5_get_error_message ((ctx), (code))); \ | |
74 | } G_STMT_END | |
75 | ||
55 | 76 | typedef struct { |
56 | 77 | RealmKerberos *self; |
57 | 78 | GDBusMethodInvocation *invocation; |
97 | 118 | } |
98 | 119 | |
99 | 120 | static void |
121 | on_name_caches_flush (GObject *source, | |
122 | GAsyncResult *result, | |
123 | gpointer user_data) | |
124 | { | |
125 | MethodClosure *closure = user_data; | |
126 | GError *error = NULL; | |
127 | gint status; | |
128 | ||
129 | status = realm_command_run_finish (result, NULL, &error); | |
130 | if (status != 0) { | |
131 | realm_diagnostics_error (closure->invocation, error, | |
132 | "Flushing name caches failed"); | |
133 | } | |
134 | ||
135 | g_clear_error (&error); | |
136 | enroll_method_reply (closure->invocation, NULL); | |
137 | method_closure_free (closure); | |
138 | } | |
139 | ||
140 | static void | |
100 | 141 | on_enroll_complete (GObject *source, |
101 | 142 | GAsyncResult *result, |
102 | 143 | gpointer user_data) |
109 | 150 | g_return_if_fail (iface->unenroll_finish != NULL); |
110 | 151 | |
111 | 152 | (iface->enroll_finish) (REALM_KERBEROS_MEMBERSHIP (closure->self), result, &error); |
112 | enroll_method_reply (closure->invocation, error); | |
113 | ||
114 | g_clear_error (&error); | |
115 | method_closure_free (closure); | |
153 | ||
154 | if (error == NULL) { | |
155 | realm_command_run_known_async ("name-caches-flush", NULL, closure->invocation, | |
156 | NULL, on_name_caches_flush, closure); | |
157 | ||
158 | } else { | |
159 | enroll_method_reply (closure->invocation, error); | |
160 | method_closure_free (closure); | |
161 | g_clear_error (&error); | |
162 | } | |
116 | 163 | } |
117 | 164 | |
118 | 165 | static void |
456 | 503 | RealmKerberos *self = REALM_KERBEROS (user_data); |
457 | 504 | RealmKerberosFlags flags = 0; |
458 | 505 | GVariant *creds; |
506 | const gchar *computer_ou; | |
459 | 507 | RealmKerberosCredential cred_type; |
460 | 508 | |
461 | 509 | /* Make note of the current operation id, for diagnostics */ |
462 | 510 | realm_diagnostics_setup_options (invocation, options); |
511 | ||
512 | if (g_variant_lookup (options, REALM_DBUS_OPTION_COMPUTER_OU, "&s", &computer_ou)) { | |
513 | g_dbus_method_invocation_return_error (invocation, G_DBUS_ERROR, G_DBUS_ERROR_INVALID_ARGS, | |
514 | "The computer-ou argument is not supported when leaving a domain."); | |
515 | return TRUE; | |
516 | } | |
463 | 517 | |
464 | 518 | if (!validate_and_parse_credentials (invocation, credentials, &flags, &cred_type, &creds)) |
465 | 519 | return TRUE; |
881 | 935 | |
882 | 936 | |
883 | 937 | static void |
884 | kinit_handle_error (GSimpleAsyncResult *async, | |
885 | krb5_error_code code, | |
886 | krb5_context context, | |
887 | const gchar *message, | |
888 | ...) | |
938 | set_krb5_error (GError **error, | |
939 | krb5_error_code code, | |
940 | krb5_context context, | |
941 | const gchar *message, | |
942 | ...) | |
889 | 943 | { |
890 | 944 | gchar *string; |
891 | 945 | va_list va; |
894 | 948 | string = g_strdup_vprintf (message, va); |
895 | 949 | va_end (va); |
896 | 950 | |
897 | g_simple_async_result_set_error (async, REALM_KRB5_ERROR, code, | |
898 | "%s: %s", string, krb5_get_error_message (context, code)); | |
951 | g_set_error (error, REALM_KRB5_ERROR, code, | |
952 | "%s: %s", string, krb5_get_error_message (context, code)); | |
899 | 953 | g_free (string); |
900 | 954 | } |
901 | 955 | |
946 | 1000 | krb5_error_code code; |
947 | 1001 | krb5_ccache ccache = NULL; |
948 | 1002 | krb5_creds my_creds; |
1003 | GError *error = NULL; | |
949 | 1004 | int temp_fd; |
950 | 1005 | |
951 | 1006 | code = krb5_init_context (&context); |
952 | 1007 | if (code != 0) { |
953 | kinit_handle_error (async, code, NULL, "Couldn't initialize kerberos"); | |
1008 | set_krb5_error (&error, code, NULL, "Couldn't initialize kerberos"); | |
1009 | g_simple_async_result_take_error (async, error); | |
954 | 1010 | goto cleanup; |
955 | 1011 | } |
956 | 1012 | |
957 | 1013 | code = krb5_parse_name (context, kinit->principal, &principal); |
958 | 1014 | if (code != 0) { |
959 | kinit_handle_error (async, code, context, | |
960 | "Couldn't parse principal: %s", kinit->principal); | |
1015 | set_krb5_error (&error, code, context, "Couldn't parse principal: %s", kinit->principal); | |
1016 | g_simple_async_result_take_error (async, error); | |
961 | 1017 | goto cleanup; |
962 | 1018 | } |
963 | 1019 | |
964 | 1020 | code = krb5_get_init_creds_opt_alloc (context, &options); |
965 | if (code != 0) { | |
966 | g_warning ("Couldn't setup kerberos options: %s", | |
967 | krb5_get_error_message (context, code)); | |
968 | goto cleanup; | |
969 | } | |
1021 | warn_if_krb5_failed (context, code); | |
970 | 1022 | |
971 | 1023 | kinit->ccache_file = g_build_filename (g_get_tmp_dir (), "realmd-krb5-cache.XXXXXX", NULL); |
972 | 1024 | temp_fd = g_mkstemp_full (kinit->ccache_file, O_RDWR, S_IRUSR | S_IWUSR); |
980 | 1032 | |
981 | 1033 | code = krb5_cc_resolve (context, kinit->ccache_file, &ccache); |
982 | 1034 | if (code != 0) { |
983 | kinit_handle_error (async, code, context, | |
984 | "Couldn't resolve credential cache: %s", kinit->ccache_file); | |
1035 | set_krb5_error (&error, code, context, "Couldn't resolve credential cache: %s", kinit->ccache_file); | |
1036 | g_simple_async_result_take_error (async, error); | |
985 | 1037 | goto cleanup; |
986 | 1038 | } |
987 | 1039 | |
989 | 1041 | krb5_get_init_creds_opt_set_etype_list (options, kinit->enctypes, kinit->n_enctypes); |
990 | 1042 | |
991 | 1043 | code = krb5_get_init_creds_opt_set_out_ccache (context, options, ccache); |
992 | if (code != 0) { | |
993 | g_warning ("Couldn't setup credential cache: %s", | |
994 | krb5_get_error_message (context, code)); | |
995 | goto cleanup; | |
996 | } | |
1044 | warn_if_krb5_failed (context, code); | |
997 | 1045 | |
998 | 1046 | code = krb5_get_init_creds_password (context, &my_creds, principal, |
999 | 1047 | NULL, bytes_prompter, kinit->password, |
1000 | 1048 | 0, NULL, options); |
1001 | 1049 | if (code != 0) { |
1002 | kinit_handle_error (async, code, context, | |
1003 | "Couldn't authenticate as: %s", kinit->principal); | |
1050 | set_krb5_error (&error, code, context, "Couldn't authenticate as: %s", kinit->principal); | |
1051 | g_simple_async_result_take_error (async, error); | |
1004 | 1052 | goto cleanup; |
1005 | 1053 | } |
1006 | 1054 | |
1190 | 1238 | policy = REALM_DBUS_LOGIN_POLICY_PERMITTED; |
1191 | 1239 | break; |
1192 | 1240 | case REALM_KERBEROS_DENY_ANY_LOGIN: |
1193 | policy = REALM_DBUS_LOGIN_POLICY_ANY; | |
1241 | policy = REALM_DBUS_LOGIN_POLICY_DENY; | |
1194 | 1242 | break; |
1195 | 1243 | case REALM_KERBEROS_POLICY_NOT_SET: |
1196 | 1244 | policy = ""; |
1275 | 1323 | |
1276 | 1324 | return g_strdup (computer_ou); |
1277 | 1325 | } |
1326 | ||
1327 | static gboolean | |
1328 | flush_keytab_entries (krb5_context ctx, | |
1329 | krb5_keytab keytab, | |
1330 | krb5_principal realm_princ, | |
1331 | GError **error) | |
1332 | { | |
1333 | krb5_error_code code; | |
1334 | krb5_kt_cursor cursor; | |
1335 | krb5_keytab_entry entry; | |
1336 | ||
1337 | code = krb5_kt_start_seq_get (ctx, keytab, &cursor); | |
1338 | if (code == KRB5_KT_END || code == ENOENT ) | |
1339 | return TRUE; | |
1340 | ||
1341 | while (!krb5_kt_next_entry (ctx, keytab, &entry, &cursor)) { | |
1342 | if (krb5_realm_compare (ctx, realm_princ, entry.principal)) { | |
1343 | code = krb5_kt_end_seq_get (ctx, keytab, &cursor); | |
1344 | return_val_if_krb5_failed (ctx, code, FALSE); | |
1345 | ||
1346 | code = krb5_kt_remove_entry (ctx, keytab, &entry); | |
1347 | return_val_if_krb5_failed (ctx, code, FALSE); | |
1348 | ||
1349 | code = krb5_kt_start_seq_get (ctx, keytab, &cursor); | |
1350 | return_val_if_krb5_failed (ctx, code, FALSE); | |
1351 | } | |
1352 | ||
1353 | code = krb5_kt_free_entry (ctx, &entry); | |
1354 | return_val_if_krb5_failed (ctx, code, FALSE); | |
1355 | } | |
1356 | ||
1357 | code = krb5_kt_end_seq_get (ctx, keytab, &cursor); | |
1358 | return_val_if_krb5_failed (ctx, code, FALSE); | |
1359 | ||
1360 | return TRUE; | |
1361 | } | |
1362 | ||
1363 | gboolean | |
1364 | realm_kerberos_flush_keytab (const gchar *realm_name, | |
1365 | GError **error) | |
1366 | { | |
1367 | krb5_error_code code; | |
1368 | krb5_keytab keytab; | |
1369 | krb5_context ctx; | |
1370 | krb5_principal princ; | |
1371 | gchar *name; | |
1372 | gboolean ret; | |
1373 | ||
1374 | code = krb5_init_context (&ctx); | |
1375 | if (code != 0) { | |
1376 | set_krb5_error (error, code, NULL, "Couldn't initialize kerberos"); | |
1377 | return FALSE; | |
1378 | } | |
1379 | ||
1380 | code = krb5_kt_default (ctx, &keytab); | |
1381 | if (code != 0) { | |
1382 | set_krb5_error (error, code, NULL, "Couldn't open default host keytab"); | |
1383 | krb5_free_context (ctx); | |
1384 | return FALSE; | |
1385 | } | |
1386 | ||
1387 | name = g_strdup_printf ("user@%s", realm_name); | |
1388 | code = krb5_parse_name (ctx, name, &princ); | |
1389 | return_val_if_krb5_failed (ctx, code, FALSE); | |
1390 | g_free (name); | |
1391 | ||
1392 | ret = flush_keytab_entries (ctx, keytab, princ, error); | |
1393 | krb5_free_principal (ctx, princ); | |
1394 | ||
1395 | code = krb5_kt_close (ctx, keytab); | |
1396 | warn_if_krb5_failed (ctx, code); | |
1397 | ||
1398 | krb5_free_context (ctx); | |
1399 | return ret; | |
1400 | ||
1401 | } |
93 | 93 | |
94 | 94 | void realm_keberos_ccache_delete_and_free (gchar *ccache_file); |
95 | 95 | |
96 | gboolean realm_kerberos_flush_keytab (const gchar *realm_name, | |
97 | GError **error); | |
98 | ||
96 | 99 | const gchar * realm_kerberos_get_name (RealmKerberos *self); |
97 | 100 | |
98 | 101 | const gchar * realm_kerberos_get_realm_name (RealmKerberos *self); |
71 | 71 | join_closure_init (const gchar *realm, |
72 | 72 | const gchar *user_name, |
73 | 73 | GBytes *password, |
74 | GDBusMethodInvocation *invocation, | |
75 | GError **error) | |
74 | GDBusMethodInvocation *invocation) | |
76 | 75 | { |
77 | 76 | JoinClosure *join; |
78 | 77 | GByteArray *array; |
280 | 279 | } |
281 | 280 | |
282 | 281 | static void |
283 | on_conf_do_join (GObject *source, | |
282 | on_conf_kerberos_method_do_join (GObject *source, | |
284 | 283 | GAsyncResult *result, |
285 | 284 | gpointer user_data) |
286 | 285 | { |
301 | 300 | "-U", join->user_name, "ads", "join", join->realm, |
302 | 301 | join->create_computer_arg, NULL); |
303 | 302 | |
303 | } else { | |
304 | g_simple_async_result_take_error (res, error); | |
305 | g_simple_async_result_complete (res); | |
306 | } | |
307 | ||
308 | g_object_unref (res); | |
309 | } | |
310 | ||
311 | static void | |
312 | on_conf_realm_do_kerberos_method (GObject *source, | |
313 | GAsyncResult *result, | |
314 | gpointer user_data) | |
315 | { | |
316 | GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); | |
317 | JoinClosure *join = g_simple_async_result_get_op_res_gpointer (res); | |
318 | GError *error = NULL; | |
319 | gint status; | |
320 | ||
321 | status = realm_command_run_finish (result, NULL, &error); | |
322 | if (error == NULL && status != 0) { | |
323 | g_set_error (&error, REALM_ERROR, REALM_ERROR_INTERNAL, | |
324 | "Configuring samba failed"); | |
325 | } | |
326 | ||
327 | if (error == NULL) { | |
328 | begin_net_process (join, NULL, | |
329 | on_conf_kerberos_method_do_join, g_object_ref (res), | |
330 | "conf", "setparm", REALM_SAMBA_CONFIG_GLOBAL, | |
331 | "kerberos method", "system keytab", NULL); | |
304 | 332 | } else { |
305 | 333 | g_simple_async_result_take_error (res, error); |
306 | 334 | g_simple_async_result_complete (res); |
330 | 358 | res = g_simple_async_result_new (NULL, callback, user_data, |
331 | 359 | realm_samba_enroll_join_async); |
332 | 360 | |
333 | join = join_closure_init (realm, user_name, password, invocation, &error); | |
334 | ||
335 | if (error == NULL) { | |
336 | g_simple_async_result_set_op_res_gpointer (res, join, join_closure_free); | |
337 | ||
338 | if (computer_ou != NULL) { | |
339 | strange_ou = realm_samba_util_build_strange_ou (computer_ou, realm); | |
340 | if (strange_ou) { | |
341 | join->create_computer_arg = g_strdup_printf ("createcomputer=%s", strange_ou); | |
342 | g_free (strange_ou); | |
343 | } else { | |
344 | g_set_error (&error, G_DBUS_ERROR, G_DBUS_ERROR_INVALID_ARGS, | |
345 | "The computer-ou argument must be a valid LDAP DN and contain only OU=xxx RDN values."); | |
346 | } | |
361 | join = join_closure_init (realm, user_name, password, invocation); | |
362 | ||
363 | g_simple_async_result_set_op_res_gpointer (res, join, join_closure_free); | |
364 | ||
365 | if (computer_ou != NULL) { | |
366 | strange_ou = realm_samba_util_build_strange_ou (computer_ou, realm); | |
367 | if (strange_ou) { | |
368 | join->create_computer_arg = g_strdup_printf ("createcomputer=%s", strange_ou); | |
369 | g_free (strange_ou); | |
370 | } else { | |
371 | g_set_error (&error, G_DBUS_ERROR, G_DBUS_ERROR_INVALID_ARGS, | |
372 | "The computer-ou argument must be a valid LDAP DN and contain only OU=xxx RDN values."); | |
347 | 373 | } |
348 | 374 | } |
349 | 375 | |
352 | 378 | g_simple_async_result_complete_in_idle (res); |
353 | 379 | } else { |
354 | 380 | begin_net_process (join, NULL, |
355 | on_conf_do_join, g_object_ref (res), | |
381 | on_conf_realm_do_kerberos_method, g_object_ref (res), | |
356 | 382 | "conf", "setparm", REALM_SAMBA_CONFIG_GLOBAL, |
357 | 383 | "realm", join->realm, NULL); |
358 | 384 | } |
403 | 429 | g_simple_async_result_take_error (res, error); |
404 | 430 | |
405 | 431 | g_simple_async_result_complete (res); |
406 | g_object_unref (res); | |
407 | } | |
408 | ||
409 | static void | |
410 | on_flush_do_leave (GObject *source, | |
411 | GAsyncResult *result, | |
412 | gpointer user_data) | |
413 | { | |
414 | GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); | |
415 | JoinClosure *join = g_simple_async_result_get_op_res_gpointer (res); | |
416 | GError *error = NULL; | |
417 | gint status; | |
418 | ||
419 | status = realm_command_run_finish (result, NULL, &error); | |
420 | if (error != NULL || status != 0) | |
421 | realm_diagnostics_error (join->invocation, error, "Flushing entries from the keytab failed"); | |
422 | g_clear_error (&error); | |
423 | ||
424 | begin_net_process (join, join->password_input, | |
425 | on_leave_complete, g_object_ref (res), | |
426 | "-U", join->user_name, "ads", "leave", NULL); | |
427 | 432 | g_object_unref (res); |
428 | 433 | } |
429 | 434 | |
435 | 440 | GAsyncReadyCallback callback, |
436 | 441 | gpointer user_data) |
437 | 442 | { |
438 | GSimpleAsyncResult *res; | |
443 | GSimpleAsyncResult *async; | |
439 | 444 | JoinClosure *join; |
440 | GError *error = NULL; | |
441 | ||
442 | res = g_simple_async_result_new (NULL, callback, user_data, | |
443 | realm_samba_enroll_leave_async); | |
444 | ||
445 | join = join_closure_init (realm, user_name, password, invocation, &error); | |
446 | if (error == NULL) { | |
447 | g_simple_async_result_set_op_res_gpointer (res, join, join_closure_free); | |
448 | begin_net_process (join, join->password_input, | |
449 | on_flush_do_leave, g_object_ref (res), | |
450 | "-U", join->user_name, "ads", "keytab", "flush", NULL); | |
451 | ||
452 | } else { | |
453 | g_simple_async_result_take_error (res, error); | |
454 | g_simple_async_result_complete_in_idle (res); | |
455 | } | |
456 | ||
457 | g_object_unref (res); | |
445 | ||
446 | async = g_simple_async_result_new (NULL, callback, user_data, | |
447 | realm_samba_enroll_leave_async); | |
448 | ||
449 | join = join_closure_init (realm, user_name, password, invocation); | |
450 | g_simple_async_result_set_op_res_gpointer (async, join, join_closure_free); | |
451 | ||
452 | begin_net_process (join, join->password_input, | |
453 | on_leave_complete, g_object_ref (async), | |
454 | "-U", join->user_name, "ads", "leave", NULL); | |
455 | ||
456 | g_object_unref (async); | |
458 | 457 | } |
459 | 458 | |
460 | 459 | gboolean |
60 | 60 | realm_samba_provider_constructed (GObject *obj) |
61 | 61 | { |
62 | 62 | RealmSambaProvider *self; |
63 | gchar *name = NULL; | |
63 | gchar *krb_realm = NULL; | |
64 | 64 | gchar *security; |
65 | gchar *name; | |
65 | 66 | |
66 | 67 | G_OBJECT_CLASS (realm_samba_provider_parent_class)->constructed (obj); |
67 | 68 | |
71 | 72 | |
72 | 73 | security = realm_ini_config_get (self->config, REALM_SAMBA_CONFIG_GLOBAL, "security"); |
73 | 74 | if (security != NULL && g_ascii_strcasecmp (security, "ADS") == 0) |
74 | name = realm_ini_config_get (self->config, REALM_SAMBA_CONFIG_GLOBAL, "realm"); | |
75 | ||
76 | if (name != NULL) { | |
75 | krb_realm = realm_ini_config_get (self->config, REALM_SAMBA_CONFIG_GLOBAL, "realm"); | |
76 | ||
77 | if (krb_realm != NULL) { | |
78 | name = g_ascii_strdown (krb_realm, -1); | |
77 | 79 | realm_provider_lookup_or_register_realm (REALM_PROVIDER (self), |
78 | 80 | REALM_TYPE_SAMBA, name, NULL); |
79 | } | |
80 | ||
81 | g_free (name); | |
81 | g_free (name); | |
82 | } | |
83 | ||
84 | g_free (krb_realm); | |
82 | 85 | g_free (security); |
83 | 86 | } |
84 | 87 |
76 | 76 | { |
77 | 77 | GSimpleAsyncResult *res; |
78 | 78 | GError *error = NULL; |
79 | const gchar *service; | |
80 | 79 | |
81 | 80 | g_return_if_fail (config != NULL); |
82 | 81 | g_return_if_fail (invocation != NULL || G_IS_DBUS_METHOD_INVOCATION (invocation)); |
100 | 99 | NULL); |
101 | 100 | |
102 | 101 | if (error == NULL) { |
103 | service = realm_settings_string ("services", "winbind"); | |
104 | realm_service_enable_and_restart (service, invocation, | |
102 | realm_service_enable_and_restart ("winbind", invocation, | |
105 | 103 | on_enable_do_nss, g_object_ref (res)); |
106 | 104 | } else { |
107 | 105 | g_simple_async_result_take_error (res, error); |
27 | 27 | #include "realm-samba-config.h" |
28 | 28 | #include "realm-samba-enroll.h" |
29 | 29 | #include "realm-samba-winbind.h" |
30 | #include "realm-settings.h" | |
30 | 31 | |
31 | 32 | #include <glib/gstdio.h> |
32 | 33 | #include <glib/gi18n.h> |
76 | 77 | |
77 | 78 | /* |
78 | 79 | * Each line is a combination of owner and what kind of credentials are supported, |
79 | * same for enroll/unenroll. We can't accept a ccache, because samba3 needs | |
80 | * same for enroll/leave. We can't accept a ccache, because samba3 needs | |
80 | 81 | * to have credentials limited to RC4. |
81 | 82 | */ |
82 | 83 | supported = realm_kerberos_membership_build_supported ( |
83 | 84 | REALM_KERBEROS_CREDENTIAL_PASSWORD, REALM_KERBEROS_OWNER_ADMIN, |
84 | 85 | REALM_KERBEROS_CREDENTIAL_PASSWORD, REALM_KERBEROS_OWNER_USER, |
86 | REALM_KERBEROS_CREDENTIAL_AUTOMATIC, REALM_KERBEROS_OWNER_NONE, | |
85 | 87 | 0); |
86 | 88 | g_variant_ref_sink (supported); |
87 | 89 | realm_kerberos_set_supported_join_creds (kerberos, supported); |
203 | 205 | "security", "ads", |
204 | 206 | "realm", enroll->realm_name, |
205 | 207 | "workgroup", workgroup, |
208 | "template homedir", realm_settings_string ("users", "default-home"), | |
209 | "template shell", realm_settings_string ("users", "default-shell"), | |
206 | 210 | NULL); |
207 | 211 | } |
208 | 212 | |
313 | 317 | GDBusMethodInvocation *invocation; |
314 | 318 | gchar *realm_name; |
315 | 319 | gchar *ccache_file; |
316 | } UnenrollClosure; | |
317 | ||
318 | static void | |
319 | unenroll_closure_free (gpointer data) | |
320 | { | |
321 | UnenrollClosure *unenroll = data; | |
322 | g_free (unenroll->realm_name); | |
323 | if (unenroll->ccache_file) | |
324 | realm_keberos_ccache_delete_and_free (unenroll->ccache_file); | |
325 | g_object_unref (unenroll->invocation); | |
326 | g_slice_free (UnenrollClosure, unenroll); | |
327 | } | |
328 | ||
329 | static void | |
330 | on_remove_winbind_done (GObject *source, | |
331 | GAsyncResult *result, | |
332 | gpointer user_data) | |
333 | { | |
334 | GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); | |
320 | } LeaveClosure; | |
321 | ||
322 | static void | |
323 | leave_closure_free (gpointer data) | |
324 | { | |
325 | LeaveClosure *leave = data; | |
326 | g_free (leave->realm_name); | |
327 | if (leave->ccache_file) | |
328 | realm_keberos_ccache_delete_and_free (leave->ccache_file); | |
329 | g_object_unref (leave->invocation); | |
330 | g_slice_free (LeaveClosure, leave); | |
331 | } | |
332 | ||
333 | static void | |
334 | on_deconfigure_done (GObject *source, | |
335 | GAsyncResult *result, | |
336 | gpointer user_data) | |
337 | { | |
338 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); | |
335 | 339 | GError *error = NULL; |
336 | 340 | |
337 | 341 | realm_samba_winbind_deconfigure_finish (result, &error); |
338 | 342 | if (error != NULL) |
339 | g_simple_async_result_take_error (res, error); | |
340 | g_simple_async_result_complete (res); | |
341 | ||
342 | g_object_unref (res); | |
343 | } | |
344 | ||
345 | static void | |
346 | on_leave_do_winbind (GObject *source, | |
347 | GAsyncResult *result, | |
348 | gpointer user_data) | |
343 | g_simple_async_result_take_error (async, error); | |
344 | g_simple_async_result_complete (async); | |
345 | g_object_unref (async); | |
346 | } | |
347 | ||
348 | static void | |
349 | leave_deconfigure_begin (RealmSamba *self, | |
350 | GSimpleAsyncResult *async) | |
351 | { | |
352 | LeaveClosure *leave; | |
353 | GError *error = NULL; | |
354 | ||
355 | leave = g_simple_async_result_get_op_res_gpointer (async); | |
356 | ||
357 | /* Flush the keytab of all the entries for this realm */ | |
358 | realm_diagnostics_info (leave->invocation, "Removing entries from keytab for realm"); | |
359 | ||
360 | if (!realm_kerberos_flush_keytab (leave->realm_name, &error)) { | |
361 | g_simple_async_result_take_error (async, error); | |
362 | g_simple_async_result_complete_in_idle (async); | |
363 | return; | |
364 | } | |
365 | ||
366 | /* Deconfigure smb.conf */ | |
367 | realm_diagnostics_info (leave->invocation, "Updating smb.conf file"); | |
368 | if (!realm_ini_config_change (self->config, REALM_SAMBA_CONFIG_GLOBAL, &error, | |
369 | "workgroup", NULL, | |
370 | "realm", NULL, | |
371 | "security", "user", | |
372 | NULL)) { | |
373 | g_simple_async_result_take_error (async, error); | |
374 | g_simple_async_result_complete_in_idle (async); | |
375 | return; | |
376 | } | |
377 | ||
378 | /* And then deconfigure winbind */ | |
379 | realm_samba_winbind_deconfigure_async (self->config, leave->invocation, | |
380 | on_deconfigure_done, g_object_ref (async)); | |
381 | } | |
382 | ||
383 | static void | |
384 | on_leave_do_deconfigure (GObject *source, | |
385 | GAsyncResult *result, | |
386 | gpointer user_data) | |
349 | 387 | { |
350 | 388 | GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); |
351 | UnenrollClosure *unenroll = g_simple_async_result_get_op_res_gpointer (res); | |
389 | LeaveClosure *leave = g_simple_async_result_get_op_res_gpointer (res); | |
352 | 390 | RealmSamba *self = REALM_SAMBA (g_async_result_get_source_object (user_data)); |
353 | 391 | GError *error = NULL; |
354 | 392 | |
355 | 393 | /* We don't care if we can leave or not, just continue with other steps */ |
356 | realm_samba_enroll_leave_finish (result, NULL); | |
357 | ||
358 | realm_ini_config_change (self->config, REALM_SAMBA_CONFIG_GLOBAL, &error, | |
359 | "workgroup", NULL, | |
360 | "realm", NULL, | |
361 | "security", "user", | |
362 | NULL); | |
363 | ||
364 | if (error == NULL) { | |
365 | realm_samba_winbind_deconfigure_async (self->config, | |
366 | unenroll->invocation, | |
367 | on_remove_winbind_done, | |
368 | g_object_ref (res)); | |
369 | } else { | |
370 | g_simple_async_result_take_error (res, error); | |
371 | g_simple_async_result_complete (res); | |
372 | } | |
394 | realm_samba_enroll_leave_finish (result, &error); | |
395 | if (error != NULL) { | |
396 | realm_diagnostics_error (leave->invocation, error, NULL); | |
397 | g_error_free (error); | |
398 | } | |
399 | ||
400 | leave_deconfigure_begin (self, res); | |
373 | 401 | |
374 | 402 | g_object_unref (self); |
375 | 403 | g_object_unref (res); |
376 | 404 | } |
377 | 405 | |
378 | static void | |
379 | realm_samba_unenroll_async (RealmKerberosMembership *membership, | |
380 | const gchar *name, | |
381 | GBytes *password, | |
382 | RealmKerberosFlags flags, | |
383 | GVariant *options, | |
384 | GDBusMethodInvocation *invocation, | |
385 | GAsyncReadyCallback callback, | |
386 | gpointer user_data) | |
387 | { | |
388 | RealmKerberos *realm = REALM_KERBEROS (membership); | |
389 | RealmSamba *self = REALM_SAMBA (realm); | |
390 | GSimpleAsyncResult *res; | |
391 | UnenrollClosure *unenroll; | |
406 | static GSimpleAsyncResult * | |
407 | setup_leave (RealmSamba *self, | |
408 | GVariant *options, | |
409 | GDBusMethodInvocation *invocation, | |
410 | GAsyncReadyCallback callback, | |
411 | gpointer user_data) | |
412 | { | |
413 | LeaveClosure *leave; | |
414 | GSimpleAsyncResult *async; | |
392 | 415 | const gchar *realm_name; |
393 | const gchar *computer_ou; | |
394 | 416 | gchar *enrolled; |
395 | 417 | |
396 | 418 | realm_name = realm_kerberos_get_realm_name (REALM_KERBEROS (self)); |
397 | 419 | |
398 | res = g_simple_async_result_new (G_OBJECT (realm), callback, user_data, | |
399 | realm_samba_unenroll_async); | |
400 | unenroll = g_slice_new0 (UnenrollClosure); | |
401 | unenroll->realm_name = g_strdup (realm_name); | |
402 | unenroll->invocation = g_object_ref (invocation); | |
403 | g_simple_async_result_set_op_res_gpointer (res, unenroll, unenroll_closure_free); | |
420 | async = g_simple_async_result_new (G_OBJECT (self), callback, user_data, setup_leave); | |
421 | leave = g_slice_new0 (LeaveClosure); | |
422 | leave->realm_name = g_strdup (realm_name); | |
423 | leave->invocation = g_object_ref (invocation); | |
424 | g_simple_async_result_set_op_res_gpointer (async, leave, leave_closure_free); | |
404 | 425 | |
405 | 426 | /* Check that enrolled in this realm */ |
406 | 427 | enrolled = lookup_enrolled_realm (self); |
407 | 428 | if (g_strcmp0 (enrolled, realm_name) != 0) { |
408 | g_simple_async_result_set_error (res, REALM_ERROR, REALM_ERROR_NOT_CONFIGURED, | |
409 | _("Not currently joined to a domain")); | |
410 | g_simple_async_result_complete_in_idle (res); | |
411 | ||
412 | } else if (g_variant_lookup (options, REALM_DBUS_OPTION_COMPUTER_OU, "&s", &computer_ou)) { | |
413 | g_simple_async_result_set_error (res, G_DBUS_ERROR, G_DBUS_ERROR_INVALID_ARGS, | |
414 | "The computer-ou argument is not supported when leaving a domain (using samba)."); | |
415 | g_simple_async_result_complete_in_idle (res); | |
416 | ||
417 | } else { | |
418 | realm_samba_enroll_leave_async (unenroll->realm_name, name, password, | |
419 | unenroll->invocation, on_leave_do_winbind, | |
420 | g_object_ref (res)); | |
421 | } | |
422 | ||
423 | g_object_unref (res); | |
429 | g_simple_async_result_set_error (async, REALM_ERROR, REALM_ERROR_NOT_CONFIGURED, | |
430 | _("Not currently joined to this domain")); | |
431 | g_simple_async_result_complete_in_idle (async); | |
432 | g_object_unref (async); | |
433 | return NULL; | |
434 | ||
435 | } | |
436 | ||
437 | return async; | |
438 | } | |
439 | ||
440 | static void | |
441 | realm_samba_leave_password_async (RealmKerberosMembership *membership, | |
442 | const gchar *name, | |
443 | GBytes *password, | |
444 | RealmKerberosFlags flags, | |
445 | GVariant *options, | |
446 | GDBusMethodInvocation *invocation, | |
447 | GAsyncReadyCallback callback, | |
448 | gpointer user_data) | |
449 | { | |
450 | RealmSamba *self = REALM_SAMBA (membership); | |
451 | GSimpleAsyncResult *async; | |
452 | LeaveClosure *leave; | |
453 | ||
454 | async = setup_leave (self, options, invocation, callback, user_data); | |
455 | if (async == NULL) | |
456 | return; | |
457 | ||
458 | leave = g_simple_async_result_get_op_res_gpointer (async); | |
459 | realm_samba_enroll_leave_async (leave->realm_name, name, password, | |
460 | leave->invocation, on_leave_do_deconfigure, | |
461 | g_object_ref (async)); | |
462 | g_object_unref (async); | |
463 | } | |
464 | ||
465 | static void | |
466 | realm_samba_leave_automatic_async (RealmKerberosMembership *membership, | |
467 | RealmKerberosFlags flags, | |
468 | GVariant *options, | |
469 | GDBusMethodInvocation *invocation, | |
470 | GAsyncReadyCallback callback, | |
471 | gpointer user_data) | |
472 | { | |
473 | RealmSamba *self = REALM_SAMBA (membership); | |
474 | GSimpleAsyncResult *async; | |
475 | ||
476 | async = setup_leave (self, options, invocation, callback, user_data); | |
477 | if (async == NULL) | |
478 | return; | |
479 | ||
480 | leave_deconfigure_begin (self, async); | |
481 | g_object_unref (async); | |
424 | 482 | } |
425 | 483 | |
426 | 484 | static gboolean |
431 | 489 | GError **error) |
432 | 490 | { |
433 | 491 | RealmSamba *self = REALM_SAMBA (realm); |
434 | gchar **remove_names = NULL; | |
435 | gchar **add_names = NULL; | |
436 | gboolean ret = FALSE; | |
492 | gchar **names; | |
437 | 493 | |
438 | 494 | if (!lookup_is_enrolled (self)) { |
439 | 495 | g_set_error (error, REALM_ERROR, REALM_ERROR_NOT_CONFIGURED, |
441 | 497 | return FALSE; |
442 | 498 | } |
443 | 499 | |
444 | add_names = realm_kerberos_parse_logins (realm, TRUE, add, error); | |
445 | if (add_names != NULL) | |
446 | remove_names = realm_kerberos_parse_logins (realm, TRUE, add, error); | |
447 | ||
448 | if (add_names && remove_names) { | |
449 | ret = realm_ini_config_change_list (self->config, | |
450 | REALM_SAMBA_CONFIG_GLOBAL, | |
451 | "realmd permitted logins", ",", | |
452 | (const gchar **)add_names, | |
453 | (const gchar **)remove_names, | |
454 | error); | |
455 | } | |
456 | ||
457 | g_strfreev (remove_names); | |
458 | g_strfreev (add_names); | |
459 | ||
460 | return ret; | |
500 | /* We cannot handle removing logins */ | |
501 | names = realm_kerberos_parse_logins (realm, TRUE, remove, error); | |
502 | if (names == NULL) | |
503 | return FALSE; | |
504 | if (names[0] != NULL) { | |
505 | g_set_error (error, G_DBUS_ERROR, G_DBUS_ERROR_NOT_SUPPORTED, | |
506 | _("The Samba provider cannot restrict permitted logins.")); | |
507 | g_strfreev (names); | |
508 | return FALSE; | |
509 | } | |
510 | ||
511 | g_strfreev (names); | |
512 | names = realm_kerberos_parse_logins (realm, TRUE, add, error); | |
513 | if (names == NULL) | |
514 | return FALSE; | |
515 | ||
516 | /* | |
517 | * Samba cannot restrict the set of logins. We allow specific logins to be | |
518 | * added, but not changing the mode to only allow the permitted logins. | |
519 | * In addition we don't keep track of the list of permitted logins. | |
520 | */ | |
521 | ||
522 | g_strfreev (names); | |
523 | return TRUE; | |
461 | 524 | } |
462 | 525 | |
463 | 526 | static void |
499 | 562 | const gchar *name; |
500 | 563 | gchar *domain; |
501 | 564 | gchar *realm; |
502 | gchar **values; | |
503 | 565 | gchar *prefix; |
504 | gint i; | |
505 | 566 | |
506 | 567 | g_object_freeze_notify (G_OBJECT (self)); |
507 | 568 | |
530 | 591 | } |
531 | 592 | |
532 | 593 | permitted = g_ptr_array_new_full (0, g_free); |
533 | values = realm_ini_config_get_list (self->config, REALM_SAMBA_CONFIG_GLOBAL, | |
534 | "realmd permitted logins", ","); | |
535 | ||
536 | for (i = 0; values != NULL && values[i] != NULL; i++) | |
537 | g_ptr_array_add (permitted, realm_kerberos_format_login (REALM_KERBEROS (self), values[i])); | |
538 | 594 | g_ptr_array_add (permitted, NULL); |
539 | 595 | |
540 | 596 | realm_kerberos_set_permitted_logins (kerberos, (const gchar **)permitted->pdata); |
541 | 597 | g_ptr_array_free (permitted, TRUE); |
542 | g_strfreev (values); | |
543 | 598 | |
544 | 599 | g_object_thaw_notify (G_OBJECT (self)); |
545 | 600 | } |
642 | 697 | { |
643 | 698 | iface->enroll_password_async = realm_samba_enroll_async; |
644 | 699 | iface->enroll_finish = realm_samba_membership_generic_finish; |
645 | iface->unenroll_password_async = realm_samba_unenroll_async; | |
700 | iface->unenroll_password_async = realm_samba_leave_password_async; | |
701 | iface->unenroll_automatic_async = realm_samba_leave_automatic_async; | |
646 | 702 | iface->unenroll_finish = realm_samba_membership_generic_finish; |
647 | 703 | } |
648 | 704 |
0 | /* realmd -- Realm configuration service | |
1 | * | |
2 | * Copyright 2012 Red Hat Inc | |
3 | * | |
4 | * This program is free software: you can redistribute it and/or modify | |
5 | * it under the terms of the GNU Lesser General Public License as published | |
6 | * by the Free Software Foundation; either version 2 of the licence or (at | |
7 | * your option) any later version. | |
8 | * | |
9 | * See the included COPYING file for more information. | |
10 | * | |
11 | * Author: Stef Walter <stefw@gnome.org> | |
12 | */ | |
13 | ||
14 | #include "config.h" | |
15 | ||
16 | #include "realm-diagnostics.h" | |
17 | #include "realm-service.h" | |
18 | #include "realm-service-systemd.h" | |
19 | ||
20 | enum { | |
21 | PROP_0, | |
22 | PROP_SERVICE_NAME | |
23 | }; | |
24 | ||
25 | struct _RealmServiceSystemd { | |
26 | RealmService parent; | |
27 | gchar *name; | |
28 | }; | |
29 | ||
30 | typedef struct _RealmServiceSystemdClass { | |
31 | RealmServiceClass parent_class; | |
32 | } RealmServiceSystemdClass; | |
33 | ||
34 | G_DEFINE_TYPE (RealmServiceSystemd, realm_service_systemd, REALM_TYPE_SERVICE); | |
35 | ||
36 | static gboolean | |
37 | realm_service_systemd_dbus_finish (RealmService *service, | |
38 | GAsyncResult *result, | |
39 | GError **error) | |
40 | { | |
41 | RealmServiceSystemd *self = REALM_SERVICE_SYSTEMD (service); | |
42 | GError *lerror = NULL; | |
43 | GVariant *retval; | |
44 | ||
45 | retval = g_dbus_proxy_call_finish (G_DBUS_PROXY (service), result, &lerror); | |
46 | if (retval != NULL) | |
47 | g_variant_unref (retval); | |
48 | ||
49 | if (lerror != NULL) { | |
50 | g_debug ("Service call failed: %s: %s", self->name, lerror->message); | |
51 | g_propagate_error (error, lerror); | |
52 | } | |
53 | ||
54 | return retval != NULL; | |
55 | } | |
56 | ||
57 | static void | |
58 | realm_service_systemd_enable (RealmService *service, | |
59 | GDBusMethodInvocation *invocation, | |
60 | GAsyncReadyCallback callback, | |
61 | gpointer user_data) | |
62 | { | |
63 | RealmServiceSystemd *self = REALM_SERVICE_SYSTEMD (service); | |
64 | ||
65 | const gchar *unit_files[] = { | |
66 | self->name, | |
67 | NULL, | |
68 | }; | |
69 | ||
70 | realm_diagnostics_info (invocation, "Enabling service via systemd: %s", self->name); | |
71 | ||
72 | g_dbus_proxy_call (G_DBUS_PROXY (self), "EnableUnitFiles", | |
73 | g_variant_new ("(^asbb)", unit_files, FALSE, FALSE), | |
74 | G_DBUS_CALL_FLAGS_NONE, -1, NULL, callback, user_data); | |
75 | } | |
76 | ||
77 | static void | |
78 | realm_service_systemd_disable (RealmService *service, | |
79 | GDBusMethodInvocation *invocation, | |
80 | GAsyncReadyCallback callback, | |
81 | gpointer user_data) | |
82 | { | |
83 | RealmServiceSystemd *self = REALM_SERVICE_SYSTEMD (service); | |
84 | ||
85 | const gchar *unit_files[] = { | |
86 | self->name, | |
87 | NULL, | |
88 | }; | |
89 | ||
90 | realm_diagnostics_info (invocation, "Disabling service via systemd: %s", self->name); | |
91 | ||
92 | g_dbus_proxy_call (G_DBUS_PROXY (self), "DisableUnitFiles", | |
93 | g_variant_new ("(^asb)", unit_files, FALSE), | |
94 | G_DBUS_CALL_FLAGS_NONE, -1, NULL, callback, user_data); | |
95 | } | |
96 | ||
97 | static void | |
98 | realm_service_systemd_restart (RealmService *service, | |
99 | GDBusMethodInvocation *invocation, | |
100 | GAsyncReadyCallback callback, | |
101 | gpointer user_data) | |
102 | { | |
103 | RealmServiceSystemd *self = REALM_SERVICE_SYSTEMD (service); | |
104 | ||
105 | realm_diagnostics_info (invocation, "Restarting service via systemd: %s", self->name); | |
106 | ||
107 | g_dbus_proxy_call (G_DBUS_PROXY (self), "RestartUnit", | |
108 | g_variant_new ("(ss)", self->name, "fail"), | |
109 | G_DBUS_CALL_FLAGS_NONE, -1, NULL, callback, user_data); | |
110 | } | |
111 | ||
112 | static void | |
113 | realm_service_systemd_stop (RealmService *service, | |
114 | GDBusMethodInvocation *invocation, | |
115 | GAsyncReadyCallback callback, | |
116 | gpointer user_data) | |
117 | { | |
118 | RealmServiceSystemd *self = REALM_SERVICE_SYSTEMD (service); | |
119 | ||
120 | realm_diagnostics_info (invocation, "Stopping service via systemd: %s", self->name); | |
121 | ||
122 | g_dbus_proxy_call (G_DBUS_PROXY (self), "StopUnit", | |
123 | g_variant_new ("(ss)", self->name, "fail"), | |
124 | G_DBUS_CALL_FLAGS_NONE, -1, NULL, callback, user_data); | |
125 | } | |
126 | ||
127 | static void | |
128 | realm_service_systemd_init (RealmServiceSystemd *self) | |
129 | { | |
130 | ||
131 | } | |
132 | ||
133 | static void | |
134 | realm_service_systemd_set_property (GObject *obj, | |
135 | guint property_id, | |
136 | const GValue *value, | |
137 | GParamSpec *pspec) | |
138 | { | |
139 | RealmServiceSystemd *self = REALM_SERVICE_SYSTEMD (obj); | |
140 | ||
141 | switch (property_id) { | |
142 | case PROP_SERVICE_NAME: | |
143 | self->name = g_value_dup_string (value); | |
144 | break; | |
145 | default: | |
146 | G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, property_id, pspec); | |
147 | break; | |
148 | } | |
149 | } | |
150 | ||
151 | static void | |
152 | realm_service_systemd_get_property (GObject *obj, | |
153 | guint property_id, | |
154 | GValue *value, | |
155 | GParamSpec *pspec) | |
156 | { | |
157 | RealmServiceSystemd *self = REALM_SERVICE_SYSTEMD (obj); | |
158 | ||
159 | switch (property_id) { | |
160 | case PROP_SERVICE_NAME: | |
161 | g_value_set_string (value, self->name); | |
162 | break; | |
163 | default: | |
164 | G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, property_id, pspec); | |
165 | break; | |
166 | } | |
167 | } | |
168 | ||
169 | static void | |
170 | realm_service_systemd_finalize (GObject *obj) | |
171 | { | |
172 | RealmServiceSystemd *self = REALM_SERVICE_SYSTEMD (obj); | |
173 | ||
174 | g_free (self->name); | |
175 | ||
176 | G_OBJECT_CLASS (realm_service_systemd_parent_class)->finalize (obj); | |
177 | } | |
178 | ||
179 | static void | |
180 | realm_service_systemd_class_init (RealmServiceSystemdClass *klass) | |
181 | { | |
182 | RealmServiceClass *service_class = REALM_SERVICE_CLASS (klass); | |
183 | GObjectClass *object_class = G_OBJECT_CLASS (klass); | |
184 | ||
185 | object_class->get_property = realm_service_systemd_get_property; | |
186 | object_class->set_property = realm_service_systemd_set_property; | |
187 | object_class->finalize = realm_service_systemd_finalize; | |
188 | ||
189 | service_class->enable = realm_service_systemd_enable; | |
190 | service_class->enable_finish = realm_service_systemd_dbus_finish; | |
191 | service_class->disable = realm_service_systemd_disable; | |
192 | service_class->disable_finish = realm_service_systemd_dbus_finish; | |
193 | service_class->restart = realm_service_systemd_restart; | |
194 | service_class->restart_finish = realm_service_systemd_dbus_finish; | |
195 | service_class->stop = realm_service_systemd_stop; | |
196 | service_class->stop_finish = realm_service_systemd_dbus_finish; | |
197 | ||
198 | g_object_class_install_property (object_class, PROP_SERVICE_NAME, | |
199 | g_param_spec_string ("service-name", "Service Name", "Service Name", | |
200 | "", G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_STRINGS)); | |
201 | } | |
202 | ||
203 | static void | |
204 | on_systemd_ping (GObject *source, | |
205 | GAsyncResult *result, | |
206 | gpointer user_data) | |
207 | { | |
208 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); | |
209 | GError *error = NULL; | |
210 | GVariant *retval; | |
211 | ||
212 | retval = g_dbus_connection_call_finish (G_DBUS_CONNECTION (source), | |
213 | result, &error); | |
214 | if (error == NULL) { | |
215 | g_debug ("Pinged systemd successfully"); | |
216 | g_variant_unref (retval); | |
217 | } else { | |
218 | g_debug ("Pinging systemd failed: %s", error->message); | |
219 | g_simple_async_result_take_error (async, error); | |
220 | } | |
221 | ||
222 | g_simple_async_result_complete (async); | |
223 | g_object_unref (async); | |
224 | } | |
225 | ||
226 | static void | |
227 | on_systemd_created (GObject *source, | |
228 | GAsyncResult *result, | |
229 | gpointer user_data) | |
230 | { | |
231 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); | |
232 | GError *error = NULL; | |
233 | GDBusProxy *self; | |
234 | ||
235 | self = G_DBUS_PROXY (g_async_initable_new_finish (G_ASYNC_INITABLE (source), | |
236 | result, &error)); | |
237 | ||
238 | if (error == NULL) { | |
239 | g_debug ("Pinging systemd to make sure it's running"); | |
240 | g_simple_async_result_set_op_res_gpointer (async, self, g_object_unref); | |
241 | g_dbus_connection_call (g_dbus_proxy_get_connection (self), | |
242 | g_dbus_proxy_get_name (self), | |
243 | "/", "org.freedesktop.DBus.Peer", | |
244 | "Ping", g_variant_new ("()"), | |
245 | G_VARIANT_TYPE ("()"), | |
246 | G_DBUS_PROXY_FLAGS_DO_NOT_AUTO_START, | |
247 | -1, NULL, on_systemd_ping, g_object_ref (async)); | |
248 | } else { | |
249 | g_debug ("Failed to connect to systemd: %s", error->message); | |
250 | g_simple_async_result_take_error (async, error); | |
251 | g_simple_async_result_complete (async); | |
252 | } | |
253 | ||
254 | g_object_unref (async); | |
255 | } | |
256 | ||
257 | void | |
258 | realm_service_systemd_new (const gchar *service_name, | |
259 | GAsyncReadyCallback callback, | |
260 | gpointer user_data) | |
261 | { | |
262 | GSimpleAsyncResult *async; | |
263 | gchar *service; | |
264 | ||
265 | g_debug ("Connecting to systemd for service: %s", service_name); | |
266 | ||
267 | service = g_strdup_printf ("%s.service", service_name); | |
268 | async = g_simple_async_result_new (NULL, callback, user_data, | |
269 | realm_service_systemd_new); | |
270 | ||
271 | g_async_initable_new_async (REALM_TYPE_SERVICE_SYSTEMD, G_PRIORITY_DEFAULT, NULL, | |
272 | on_systemd_created, g_object_ref (async), | |
273 | "service-name", service, | |
274 | "g-flags", G_DBUS_PROXY_FLAGS_DO_NOT_AUTO_START, | |
275 | "g-name", "org.freedesktop.systemd1", | |
276 | "g-bus-type", G_BUS_TYPE_SYSTEM, | |
277 | "g-object-path", "/org/freedesktop/systemd1", | |
278 | "g-interface-name", "org.freedesktop.systemd1.Manager", | |
279 | NULL); | |
280 | ||
281 | g_free (service); | |
282 | g_object_unref (async); | |
283 | } | |
284 | ||
285 | RealmService * | |
286 | realm_service_systemd_new_finish (GAsyncResult *result, | |
287 | GError **error) | |
288 | { | |
289 | GSimpleAsyncResult *async; | |
290 | RealmService *service; | |
291 | ||
292 | g_return_val_if_fail (g_simple_async_result_is_valid (result, NULL, | |
293 | realm_service_systemd_new), NULL); | |
294 | g_return_val_if_fail (error == NULL || *error == NULL, NULL); | |
295 | ||
296 | async = G_SIMPLE_ASYNC_RESULT (result); | |
297 | if (g_simple_async_result_propagate_error (async, error)) | |
298 | return NULL; | |
299 | ||
300 | service = REALM_SERVICE (g_simple_async_result_get_op_res_gpointer (async)); | |
301 | if (service != NULL) | |
302 | g_object_ref (service); | |
303 | return service; | |
304 | } |
0 | /* realmd -- Realm configuration service | |
1 | * | |
2 | * Copyright 2012 Red Hat Inc | |
3 | * | |
4 | * This program is free software: you can redistribute it and/or modify | |
5 | * it under the terms of the GNU Lesser General Public License as published | |
6 | * by the Free Software Foundation; either version 2 of the licence or (at | |
7 | * your option) any later version. | |
8 | * | |
9 | * See the included COPYING file for more information. | |
10 | * | |
11 | * Author: Stef Walter <stefw@gnome.org> | |
12 | */ | |
13 | ||
14 | #include "config.h" | |
15 | ||
16 | #ifndef __REALM_SERVICE_SYSTEMD_H__ | |
17 | #define __REALM_SERVICE_SYSTEMD_H__ | |
18 | ||
19 | #include <gio/gio.h> | |
20 | ||
21 | G_BEGIN_DECLS | |
22 | ||
23 | #define REALM_TYPE_SERVICE_SYSTEMD (realm_service_systemd_get_type ()) | |
24 | #define REALM_SERVICE_SYSTEMD(inst) (G_TYPE_CHECK_INSTANCE_CAST ((inst), REALM_TYPE_SERVICE_SYSTEMD, RealmServiceSystemd)) | |
25 | #define REALM_IS_SERVICE_SYSTEMD(inst) (G_TYPE_CHECK_INSTANCE_TYPE ((inst), REALM_TYPE_SERVICE_SYSTEMD)) | |
26 | ||
27 | typedef struct _RealmServiceSystemd RealmServiceSystemd; | |
28 | ||
29 | GType realm_service_systemd_get_type (void) G_GNUC_CONST; | |
30 | ||
31 | void realm_service_systemd_new (const gchar *service_name, | |
32 | GAsyncReadyCallback callback, | |
33 | gpointer user_data); | |
34 | ||
35 | RealmService * realm_service_systemd_new_finish (GAsyncResult *result, | |
36 | GError **error); | |
37 | ||
38 | G_END_DECLS | |
39 | ||
40 | #endif /* __REALM_SERVICE_SYSTEMD_H__ */ |
0 | /* realmd -- Realm configuration service | |
1 | * | |
2 | * Copyright 2012 Red Hat Inc | |
3 | * | |
4 | * This program is free software: you can redistribute it and/or modify | |
5 | * it under the terms of the GNU Lesser General Public License as published | |
6 | * by the Free Software Foundation; either version 2 of the licence or (at | |
7 | * your option) any later version. | |
8 | * | |
9 | * See the included COPYING file for more information. | |
10 | * | |
11 | * Author: Stef Walter <stefw@gnome.org> | |
12 | */ | |
13 | ||
14 | #include "config.h" | |
15 | ||
16 | #include "realm-diagnostics.h" | |
17 | #include "realm-service.h" | |
18 | #include "realm-service-upstart.h" | |
19 | ||
20 | enum { | |
21 | PROP_0, | |
22 | PROP_SERVICE_NAME | |
23 | }; | |
24 | ||
25 | struct _RealmServiceUpstart { | |
26 | RealmService parent; | |
27 | gchar *name; | |
28 | }; | |
29 | ||
30 | typedef struct _RealmServiceUpstartClass { | |
31 | RealmServiceClass parent_class; | |
32 | } RealmServiceUpstartClass; | |
33 | ||
34 | G_DEFINE_TYPE (RealmServiceUpstart, realm_service_upstart, REALM_TYPE_SERVICE); | |
35 | ||
36 | static gboolean | |
37 | realm_service_upstart_dbus_finish (RealmService *service, | |
38 | GAsyncResult *result, | |
39 | GError **error) | |
40 | { | |
41 | RealmServiceUpstart *self = REALM_SERVICE_UPSTART (service); | |
42 | GVariant *retval; | |
43 | GError *lerror = NULL; | |
44 | ||
45 | retval = g_dbus_proxy_call_finish (G_DBUS_PROXY (service), result, &lerror); | |
46 | if (retval != NULL) | |
47 | g_variant_unref (retval); | |
48 | ||
49 | if (lerror != NULL) { | |
50 | g_debug ("Service call failed: %s: %s", self->name, lerror->message); | |
51 | g_propagate_error (error, lerror); | |
52 | } | |
53 | ||
54 | return retval != NULL; | |
55 | } | |
56 | ||
57 | static gboolean | |
58 | realm_service_upstart_stub_finish (RealmService *service, | |
59 | GAsyncResult *result, | |
60 | GError **error) | |
61 | { | |
62 | if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result), error)) | |
63 | return FALSE; | |
64 | return TRUE; | |
65 | } | |
66 | ||
67 | static void | |
68 | realm_service_upstart_enable (RealmService *service, | |
69 | GDBusMethodInvocation *invocation, | |
70 | GAsyncReadyCallback callback, | |
71 | gpointer user_data) | |
72 | { | |
73 | RealmServiceUpstart *self = REALM_SERVICE_UPSTART (service); | |
74 | GSimpleAsyncResult *async; | |
75 | ||
76 | /* TODO: Not sure what to do here for upstart */ | |
77 | g_debug ("Enabling Upstart service '%s' is not implemented", self->name); | |
78 | ||
79 | async = g_simple_async_result_new (G_OBJECT (service), callback, user_data, | |
80 | realm_service_upstart_stub_finish); | |
81 | g_simple_async_result_complete_in_idle (async); | |
82 | ||
83 | g_object_unref (async); | |
84 | } | |
85 | ||
86 | static void | |
87 | realm_service_upstart_disable (RealmService *service, | |
88 | GDBusMethodInvocation *invocation, | |
89 | GAsyncReadyCallback callback, | |
90 | gpointer user_data) | |
91 | { | |
92 | RealmServiceUpstart *self = REALM_SERVICE_UPSTART (service); | |
93 | GSimpleAsyncResult *async; | |
94 | ||
95 | /* TODO: Not sure what to do here for upstart */ | |
96 | g_debug ("Disabling Upstart service '%s' is not implemented", self->name); | |
97 | ||
98 | async = g_simple_async_result_new (G_OBJECT (service), callback, user_data, | |
99 | realm_service_upstart_stub_finish); | |
100 | g_simple_async_result_complete_in_idle (async); | |
101 | g_object_unref (async); | |
102 | } | |
103 | ||
104 | static void | |
105 | realm_service_upstart_restart (RealmService *service, | |
106 | GDBusMethodInvocation *invocation, | |
107 | GAsyncReadyCallback callback, | |
108 | gpointer user_data) | |
109 | { | |
110 | RealmServiceUpstart *self = REALM_SERVICE_UPSTART (service); | |
111 | const char *environ = { NULL }; | |
112 | ||
113 | realm_diagnostics_info (invocation, "Restarting service via upstart: %s", self->name); | |
114 | ||
115 | g_dbus_proxy_call (G_DBUS_PROXY (self), "Restart", | |
116 | g_variant_new ("(^asb)", environ, TRUE), | |
117 | G_DBUS_CALL_FLAGS_NONE, -1, NULL, | |
118 | callback, user_data); | |
119 | } | |
120 | ||
121 | static void | |
122 | realm_service_upstart_stop (RealmService *service, | |
123 | GDBusMethodInvocation *invocation, | |
124 | GAsyncReadyCallback callback, | |
125 | gpointer user_data) | |
126 | { | |
127 | RealmServiceUpstart *self = REALM_SERVICE_UPSTART (service); | |
128 | const char *environ = { NULL }; | |
129 | ||
130 | realm_diagnostics_info (invocation, "Stopping service via upstart: %s", self->name); | |
131 | ||
132 | g_dbus_proxy_call (G_DBUS_PROXY (self), "Stop", | |
133 | g_variant_new ("(^asb)", environ, TRUE), | |
134 | G_DBUS_CALL_FLAGS_NONE, -1, NULL, | |
135 | callback, user_data); | |
136 | } | |
137 | ||
138 | static void | |
139 | realm_service_upstart_init (RealmServiceUpstart *self) | |
140 | { | |
141 | ||
142 | } | |
143 | ||
144 | static void | |
145 | realm_service_upstart_set_property (GObject *obj, | |
146 | guint property_id, | |
147 | const GValue *value, | |
148 | GParamSpec *pspec) | |
149 | { | |
150 | RealmServiceUpstart *self = REALM_SERVICE_UPSTART (obj); | |
151 | ||
152 | switch (property_id) { | |
153 | case PROP_SERVICE_NAME: | |
154 | self->name = g_value_dup_string (value); | |
155 | break; | |
156 | default: | |
157 | G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, property_id, pspec); | |
158 | break; | |
159 | } | |
160 | } | |
161 | ||
162 | static void | |
163 | realm_service_upstart_get_property (GObject *obj, | |
164 | guint property_id, | |
165 | GValue *value, | |
166 | GParamSpec *pspec) | |
167 | { | |
168 | RealmServiceUpstart *self = REALM_SERVICE_UPSTART (obj); | |
169 | ||
170 | switch (property_id) { | |
171 | case PROP_SERVICE_NAME: | |
172 | g_value_set_string (value, self->name); | |
173 | break; | |
174 | default: | |
175 | G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, property_id, pspec); | |
176 | break; | |
177 | } | |
178 | } | |
179 | ||
180 | static void | |
181 | realm_service_upstart_finalize (GObject *obj) | |
182 | { | |
183 | RealmServiceUpstart *self = REALM_SERVICE_UPSTART (obj); | |
184 | ||
185 | g_free (self->name); | |
186 | ||
187 | G_OBJECT_CLASS (realm_service_upstart_parent_class)->finalize (obj); | |
188 | } | |
189 | ||
190 | static void | |
191 | realm_service_upstart_class_init (RealmServiceUpstartClass *klass) | |
192 | { | |
193 | RealmServiceClass *service_class = REALM_SERVICE_CLASS (klass); | |
194 | GObjectClass *object_class = G_OBJECT_CLASS (klass); | |
195 | ||
196 | object_class->get_property = realm_service_upstart_get_property; | |
197 | object_class->set_property = realm_service_upstart_set_property; | |
198 | object_class->finalize = realm_service_upstart_finalize; | |
199 | ||
200 | service_class->enable = realm_service_upstart_enable; | |
201 | service_class->enable_finish = realm_service_upstart_stub_finish; | |
202 | service_class->disable = realm_service_upstart_disable; | |
203 | service_class->disable_finish = realm_service_upstart_stub_finish; | |
204 | service_class->restart = realm_service_upstart_restart; | |
205 | service_class->restart_finish = realm_service_upstart_dbus_finish; | |
206 | service_class->stop = realm_service_upstart_stop; | |
207 | service_class->stop_finish = realm_service_upstart_dbus_finish; | |
208 | ||
209 | g_object_class_install_property (object_class, PROP_SERVICE_NAME, | |
210 | g_param_spec_string ("service-name", "Service Name", "Service Name", | |
211 | "", G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_STRINGS)); | |
212 | } | |
213 | ||
214 | typedef struct { | |
215 | gchar *name; | |
216 | RealmService *service; | |
217 | } UpstartClosure; | |
218 | ||
219 | static void | |
220 | upstart_closure_free (gpointer data) | |
221 | { | |
222 | UpstartClosure *upstart = data; | |
223 | g_free (upstart->name); | |
224 | if (upstart->service) | |
225 | g_object_unref (upstart->service); | |
226 | g_slice_free (UpstartClosure, upstart); | |
227 | } | |
228 | static void | |
229 | on_upstart_created (GObject *source, | |
230 | GAsyncResult *result, | |
231 | gpointer user_data) | |
232 | { | |
233 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); | |
234 | UpstartClosure *upstart = g_simple_async_result_get_op_res_gpointer (async); | |
235 | RealmService *self; | |
236 | GError *error = NULL; | |
237 | ||
238 | self = REALM_SERVICE (g_async_initable_new_finish (G_ASYNC_INITABLE (source), | |
239 | result, &error)); | |
240 | ||
241 | if (error == NULL) { | |
242 | g_debug ("Connected to Upstart job for service: %s", upstart->name); | |
243 | upstart->service = self; | |
244 | ||
245 | } else { | |
246 | g_debug ("Failed to create proxy for Upstart job: %s", error->message); | |
247 | g_simple_async_result_take_error (async, error); | |
248 | } | |
249 | ||
250 | g_simple_async_result_complete (async); | |
251 | g_object_unref (async); | |
252 | } | |
253 | ||
254 | static void | |
255 | on_upstart_get_job (GObject *source, | |
256 | GAsyncResult *result, | |
257 | gpointer user_data) | |
258 | { | |
259 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); | |
260 | UpstartClosure *upstart = g_simple_async_result_get_op_res_gpointer (async); | |
261 | const gchar *job_path; | |
262 | GVariant *retval; | |
263 | GError *error = NULL; | |
264 | ||
265 | retval = g_dbus_connection_call_finish (G_DBUS_CONNECTION (source), result, &error); | |
266 | if (error == NULL) { | |
267 | g_variant_get (retval, "(&o)", &job_path); | |
268 | g_debug ("GetJobByName returned object path '%s', creating proxy", job_path); | |
269 | ||
270 | g_async_initable_new_async (REALM_TYPE_SERVICE_UPSTART, | |
271 | G_PRIORITY_DEFAULT, NULL, | |
272 | on_upstart_created, g_object_ref (async), | |
273 | "service-name", upstart->name, | |
274 | "g-flags", G_DBUS_PROXY_FLAGS_DO_NOT_AUTO_START, | |
275 | "g-name", "com.ubuntu.Upstart", | |
276 | "g-connection", G_DBUS_CONNECTION (source), | |
277 | "g-object-path", job_path, | |
278 | "g-interface-name", "com.ubuntu.Upstart0_6.Job", | |
279 | NULL); | |
280 | g_variant_unref (retval); | |
281 | } else { | |
282 | g_debug ("GetJobByName failed: %s", error->message); | |
283 | g_simple_async_result_take_error (async, error); | |
284 | g_simple_async_result_complete (async); | |
285 | } | |
286 | ||
287 | g_object_unref (async); | |
288 | } | |
289 | ||
290 | static void | |
291 | on_upstart_bus (GObject *source, | |
292 | GAsyncResult *result, | |
293 | gpointer user_data) | |
294 | { | |
295 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); | |
296 | UpstartClosure *upstart = g_simple_async_result_get_op_res_gpointer (async); | |
297 | GError *error = NULL; | |
298 | GDBusConnection *conn; | |
299 | ||
300 | conn = g_bus_get_finish (result, &error); | |
301 | if (error == NULL) { | |
302 | g_debug ("Calling Upstart GetJobByName for service: %s", upstart->name); | |
303 | g_dbus_connection_call (conn, "com.ubuntu.Upstart", | |
304 | "/com/ubuntu/Upstart", | |
305 | "com.ubuntu.Upstart0_6", | |
306 | "GetJobByName", | |
307 | g_variant_new ("(s)", upstart->name), | |
308 | G_VARIANT_TYPE ("(o)"), | |
309 | G_DBUS_PROXY_FLAGS_DO_NOT_AUTO_START, | |
310 | -1, NULL, on_upstart_get_job, | |
311 | g_object_ref (async)); | |
312 | } else { | |
313 | g_debug ("Failed to connect to system bus: %s", error->message); | |
314 | g_simple_async_result_take_error (async, error); | |
315 | g_simple_async_result_complete (async); | |
316 | } | |
317 | ||
318 | g_object_unref (async); | |
319 | } | |
320 | ||
321 | void | |
322 | realm_service_upstart_new (const gchar *service_name, | |
323 | GAsyncReadyCallback callback, | |
324 | gpointer user_data) | |
325 | { | |
326 | GSimpleAsyncResult *async; | |
327 | UpstartClosure *upstart; | |
328 | ||
329 | g_debug ("Connecting to Upstart for service: %s", service_name); | |
330 | ||
331 | async = g_simple_async_result_new (NULL, callback, user_data, | |
332 | realm_service_upstart_new); | |
333 | upstart = g_slice_new0 (UpstartClosure); | |
334 | upstart->name = g_strdup (service_name); | |
335 | g_simple_async_result_set_op_res_gpointer (async, upstart, upstart_closure_free); | |
336 | ||
337 | g_bus_get (G_BUS_TYPE_SYSTEM, NULL, on_upstart_bus, g_object_ref (async)); | |
338 | ||
339 | g_object_unref (async); | |
340 | } | |
341 | ||
342 | RealmService * | |
343 | realm_service_upstart_new_finish (GAsyncResult *result, | |
344 | GError **error) | |
345 | { | |
346 | GSimpleAsyncResult *async; | |
347 | UpstartClosure *upstart; | |
348 | ||
349 | g_return_val_if_fail (g_simple_async_result_is_valid (result, NULL, | |
350 | realm_service_upstart_new), NULL); | |
351 | g_return_val_if_fail (error == NULL || *error == NULL, NULL); | |
352 | ||
353 | async = G_SIMPLE_ASYNC_RESULT (result); | |
354 | if (g_simple_async_result_propagate_error (async, error)) | |
355 | return NULL; | |
356 | ||
357 | upstart = g_simple_async_result_get_op_res_gpointer (async); | |
358 | if (upstart->service == NULL) | |
359 | return NULL; | |
360 | return g_object_ref (upstart->service); | |
361 | } |
0 | /* realmd -- Realm configuration service | |
1 | * | |
2 | * Copyright 2012 Red Hat Inc | |
3 | * | |
4 | * This program is free software: you can redistribute it and/or modify | |
5 | * it under the terms of the GNU Lesser General Public License as published | |
6 | * by the Free Software Foundation; either version 2 of the licence or (at | |
7 | * your option) any later version. | |
8 | * | |
9 | * See the included COPYING file for more information. | |
10 | * | |
11 | * Author: Stef Walter <stefw@gnome.org> | |
12 | */ | |
13 | ||
14 | #include "config.h" | |
15 | ||
16 | #ifndef __REALM_SERVICE_UPSTART_H__ | |
17 | #define __REALM_SERVICE_UPSTART_H__ | |
18 | ||
19 | #include <gio/gio.h> | |
20 | ||
21 | G_BEGIN_DECLS | |
22 | ||
23 | #define REALM_TYPE_SERVICE_UPSTART (realm_service_upstart_get_type ()) | |
24 | #define REALM_SERVICE_UPSTART(inst) (G_TYPE_CHECK_INSTANCE_CAST ((inst), REALM_TYPE_SERVICE_UPSTART, RealmServiceUpstart)) | |
25 | #define REALM_IS_SERVICE_UPSTART(inst) (G_TYPE_CHECK_INSTANCE_TYPE ((inst), REALM_TYPE_SERVICE_UPSTART)) | |
26 | ||
27 | typedef struct _RealmServiceUpstart RealmServiceUpstart; | |
28 | ||
29 | GType realm_service_upstart_get_type (void) G_GNUC_CONST; | |
30 | ||
31 | void realm_service_upstart_new (const gchar *service_name, | |
32 | GAsyncReadyCallback callback, | |
33 | gpointer user_data); | |
34 | ||
35 | RealmService * realm_service_upstart_new_finish (GAsyncResult *result, | |
36 | GError **error); | |
37 | ||
38 | G_END_DECLS | |
39 | ||
40 | #endif /* __REALM_SERVICE_UPSTART_H__ */ |
13 | 13 | |
14 | 14 | #include "config.h" |
15 | 15 | |
16 | #include "realm-command.h" | |
16 | 17 | #include "realm-service.h" |
17 | #include "realm-service-systemd.h" | |
18 | #include "realm-service-upstart.h" | |
19 | 18 | #include "realm-settings.h" |
20 | 19 | |
21 | 20 | #include <glib/gi18n.h> |
22 | 21 | |
23 | static void (* discovered_service_new) (const gchar *service_name, | |
24 | GAsyncReadyCallback callback, | |
25 | gpointer user_data); | |
26 | ||
27 | static RealmService * (* discovered_service_new_finish) (GAsyncResult *result, | |
28 | GError **error); | |
29 | ||
30 | G_DEFINE_TYPE (RealmService, realm_service, G_TYPE_DBUS_PROXY); | |
31 | ||
32 | static void | |
33 | realm_service_init (RealmService *self) | |
34 | { | |
35 | ||
36 | } | |
37 | ||
38 | static void | |
39 | realm_service_class_init (RealmServiceClass *klass) | |
40 | { | |
41 | ||
42 | } | |
43 | ||
44 | typedef struct { | |
45 | gchar *name; | |
46 | RealmService *service; | |
47 | } InitClosure; | |
48 | ||
49 | static void | |
50 | init_closure_free (gpointer data) | |
51 | { | |
52 | InitClosure *init = data; | |
53 | g_free (init->name); | |
54 | if (init->service) | |
55 | g_object_unref (init->service); | |
56 | g_slice_free (InitClosure, init); | |
57 | } | |
58 | ||
59 | static void | |
60 | on_service_new_upstart (GObject *source, | |
61 | GAsyncResult *result, | |
62 | gpointer user_data) | |
63 | { | |
64 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); | |
65 | InitClosure *init = g_simple_async_result_get_op_res_gpointer (async); | |
66 | GError *error = NULL; | |
67 | RealmService *service; | |
68 | ||
69 | service = realm_service_upstart_new_finish (result, &error); | |
70 | ||
71 | if (error != NULL) { | |
72 | g_simple_async_result_take_error (async, error); | |
73 | ||
74 | } else { | |
75 | g_debug ("Connected to Upstart, discovered the service manager"); | |
76 | discovered_service_new = realm_service_upstart_new; | |
77 | discovered_service_new_finish = realm_service_upstart_new_finish; | |
78 | init->service = service; | |
79 | } | |
80 | ||
81 | g_simple_async_result_complete (async); | |
82 | g_object_unref (async); | |
83 | } | |
84 | ||
85 | static void | |
86 | on_service_new_systemd (GObject *source, | |
87 | GAsyncResult *result, | |
88 | gpointer user_data) | |
89 | { | |
90 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); | |
91 | InitClosure *init = g_simple_async_result_get_op_res_gpointer (async); | |
92 | GError *error = NULL; | |
93 | RealmService *service; | |
94 | ||
95 | service = realm_service_systemd_new_finish (result, &error); | |
96 | ||
97 | /* If no such service, then try Upstart */ | |
98 | if (g_error_matches (error, G_DBUS_ERROR, G_DBUS_ERROR_SERVICE_UNKNOWN)) { | |
99 | g_debug ("Couldn't connect to systemd, trying Upstart"); | |
100 | realm_service_upstart_new (init->name, on_service_new_upstart, | |
101 | g_object_ref (async)); | |
102 | ||
103 | /* Some other error? */ | |
104 | } else if (error != NULL) { | |
105 | g_simple_async_result_take_error (async, error); | |
106 | g_simple_async_result_complete (async); | |
107 | ||
108 | /* Success yay */ | |
109 | } else { | |
110 | g_debug ("Connected to systemd, discovered the service manager"); | |
111 | discovered_service_new = realm_service_systemd_new; | |
112 | discovered_service_new_finish = realm_service_systemd_new_finish; | |
113 | init->service = service; | |
114 | g_simple_async_result_complete (async); | |
115 | } | |
116 | ||
117 | g_object_unref (async); | |
118 | } | |
119 | ||
120 | void | |
121 | realm_service_new (const gchar *service_name, | |
122 | GDBusMethodInvocation *invocation, | |
123 | GAsyncReadyCallback callback, | |
124 | gpointer user_data) | |
125 | { | |
126 | GSimpleAsyncResult *async; | |
127 | InitClosure *init; | |
128 | const gchar *name; | |
129 | ||
130 | g_return_if_fail (service_name != NULL); | |
131 | ||
132 | name = realm_settings_string ("services", service_name); | |
133 | if (name == NULL) | |
134 | name = service_name; | |
135 | ||
136 | /* Discover which service type works */ | |
137 | if (discovered_service_new == NULL) { | |
138 | g_debug ("No service manager discovered, trying systemd"); | |
139 | async = g_simple_async_result_new (NULL, callback, user_data, | |
140 | realm_service_new); | |
141 | init = g_slice_new0 (InitClosure); | |
142 | init->name = g_strdup (name); | |
143 | g_simple_async_result_set_op_res_gpointer (async, init, init_closure_free); | |
144 | realm_service_systemd_new (init->name, on_service_new_systemd, | |
145 | g_object_ref (async)); | |
146 | g_object_unref (async); | |
147 | ||
148 | /* Already discovered which service type works */ | |
149 | } else { | |
150 | discovered_service_new (name, callback, user_data); | |
151 | } | |
152 | } | |
153 | ||
154 | RealmService * | |
155 | realm_service_new_finish (GAsyncResult *result, | |
156 | GError **error) | |
157 | { | |
158 | GSimpleAsyncResult *async; | |
159 | RealmService *service = NULL; | |
160 | InitClosure *init; | |
161 | ||
162 | if (g_simple_async_result_is_valid (result, NULL, realm_service_new)) { | |
163 | async = G_SIMPLE_ASYNC_RESULT (result); | |
164 | if (g_simple_async_result_propagate_error (async, error)) | |
165 | return NULL; | |
166 | init = g_simple_async_result_get_op_res_gpointer (async); | |
167 | if (init->service == NULL) | |
168 | return NULL; | |
169 | else | |
170 | return g_object_ref (init->service); | |
171 | } else { | |
172 | return discovered_service_new_finish (result, error); | |
173 | } | |
174 | ||
175 | return service; | |
176 | } | |
177 | ||
178 | void | |
179 | realm_service_impl_enable (RealmService *self, | |
180 | GDBusMethodInvocation *invocation, | |
181 | GAsyncReadyCallback callback, | |
182 | gpointer user_data) | |
183 | { | |
184 | RealmServiceClass *klass; | |
185 | ||
186 | g_return_if_fail (REALM_IS_SERVICE (self)); | |
187 | ||
188 | klass = REALM_SERVICE_GET_CLASS (self); | |
189 | g_return_if_fail (klass->enable != NULL); | |
190 | ||
191 | (klass->enable) (self, invocation, callback, user_data); | |
192 | } | |
193 | ||
194 | gboolean | |
195 | realm_service_impl_enable_finish (RealmService *self, | |
196 | GAsyncResult *result, | |
197 | GError **error) | |
198 | { | |
199 | RealmServiceClass *klass; | |
200 | ||
201 | g_return_val_if_fail (REALM_IS_SERVICE (self), FALSE); | |
202 | ||
203 | klass = REALM_SERVICE_GET_CLASS (self); | |
204 | g_return_val_if_fail (klass->enable_finish != NULL, FALSE); | |
205 | ||
206 | return (klass->enable_finish) (self, result, error); | |
207 | } | |
208 | ||
209 | void | |
210 | realm_service_impl_disable (RealmService *self, | |
211 | GDBusMethodInvocation *invocation, | |
212 | GAsyncReadyCallback callback, | |
213 | gpointer user_data) | |
214 | { | |
215 | RealmServiceClass *klass; | |
216 | ||
217 | g_return_if_fail (REALM_IS_SERVICE (self)); | |
218 | ||
219 | klass = REALM_SERVICE_GET_CLASS (self); | |
220 | g_return_if_fail (klass->disable != NULL); | |
221 | ||
222 | (klass->disable) (self, invocation, callback, user_data); | |
223 | } | |
224 | ||
225 | gboolean | |
226 | realm_service_impl_disable_finish (RealmService *self, | |
227 | GAsyncResult *result, | |
228 | GError **error) | |
229 | { | |
230 | RealmServiceClass *klass; | |
231 | ||
232 | g_return_val_if_fail (REALM_IS_SERVICE (self), FALSE); | |
233 | ||
234 | klass = REALM_SERVICE_GET_CLASS (self); | |
235 | g_return_val_if_fail (klass->disable_finish != NULL, FALSE); | |
236 | ||
237 | return (klass->disable_finish) (self, result, error); | |
238 | } | |
239 | ||
240 | void | |
241 | realm_service_impl_restart (RealmService *self, | |
242 | GDBusMethodInvocation *invocation, | |
243 | GAsyncReadyCallback callback, | |
244 | gpointer user_data) | |
245 | { | |
246 | RealmServiceClass *klass; | |
247 | ||
248 | g_return_if_fail (REALM_IS_SERVICE (self)); | |
249 | ||
250 | klass = REALM_SERVICE_GET_CLASS (self); | |
251 | g_return_if_fail (klass->restart != NULL); | |
252 | ||
253 | (klass->restart) (self, invocation, callback, user_data); | |
254 | } | |
255 | ||
256 | gboolean | |
257 | realm_service_impl_restart_finish (RealmService *self, | |
258 | GAsyncResult *result, | |
259 | GError **error) | |
260 | { | |
261 | RealmServiceClass *klass; | |
262 | ||
263 | g_return_val_if_fail (REALM_IS_SERVICE (self), FALSE); | |
264 | ||
265 | klass = REALM_SERVICE_GET_CLASS (self); | |
266 | g_return_val_if_fail (klass->restart_finish != NULL, FALSE); | |
267 | ||
268 | return (klass->restart_finish) (self, result, error); | |
269 | } | |
270 | ||
271 | void | |
272 | realm_service_impl_stop (RealmService *self, | |
273 | GDBusMethodInvocation *invocation, | |
274 | GAsyncReadyCallback callback, | |
275 | gpointer user_data) | |
276 | { | |
277 | RealmServiceClass *klass; | |
278 | ||
279 | g_return_if_fail (REALM_IS_SERVICE (self)); | |
280 | ||
281 | klass = REALM_SERVICE_GET_CLASS (self); | |
282 | g_return_if_fail (klass->stop != NULL); | |
283 | ||
284 | (klass->stop) (self, invocation, callback, user_data); | |
285 | } | |
286 | ||
287 | gboolean | |
288 | realm_service_impl_stop_finish (RealmService *self, | |
289 | GAsyncResult *result, | |
290 | GError **error) | |
291 | { | |
292 | RealmServiceClass *klass; | |
293 | ||
294 | g_return_val_if_fail (REALM_IS_SERVICE (self), FALSE); | |
295 | ||
296 | klass = REALM_SERVICE_GET_CLASS (self); | |
297 | g_return_val_if_fail (klass->stop_finish != NULL, FALSE); | |
298 | ||
299 | return (klass->stop_finish) (self, result, error); | |
300 | } | |
301 | ||
302 | static void | |
303 | on_restart_restarted (GObject *source, | |
304 | GAsyncResult *result, | |
22 | void | |
23 | realm_service_enable (const gchar *service_name, | |
24 | GDBusMethodInvocation *invocation, | |
25 | GAsyncReadyCallback callback, | |
305 | 26 | gpointer user_data) |
306 | 27 | { |
307 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); | |
308 | RealmService *service = REALM_SERVICE (source); | |
309 | GError *error = NULL; | |
310 | ||
311 | realm_service_impl_restart_finish (service, result, &error); | |
312 | if (error != NULL) | |
313 | g_simple_async_result_take_error (async, error); | |
314 | g_simple_async_result_complete (async); | |
315 | ||
316 | g_object_unref (async); | |
317 | } | |
318 | ||
319 | static void | |
320 | on_restart_created (GObject *source, | |
321 | GAsyncResult *result, | |
322 | gpointer user_data) | |
323 | { | |
324 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); | |
325 | GDBusMethodInvocation *invocation; | |
326 | RealmService *service; | |
327 | GError *error = NULL; | |
328 | ||
329 | service = realm_service_new_finish (result, &error); | |
330 | if (error == NULL) { | |
331 | invocation = g_simple_async_result_get_op_res_gpointer (async); | |
332 | realm_service_impl_restart (service, invocation, on_restart_restarted, | |
333 | g_object_ref (async)); | |
334 | g_object_unref (service); | |
335 | } else { | |
336 | g_simple_async_result_take_error (async, error); | |
337 | g_simple_async_result_complete (async); | |
338 | } | |
339 | ||
340 | g_object_unref (async); | |
28 | gchar *command; | |
29 | ||
30 | command = g_strdup_printf ("%s-enable-service", service_name); | |
31 | realm_command_run_known_async (command, NULL, invocation, NULL, callback, user_data); | |
32 | g_free (command); | |
33 | } | |
34 | ||
35 | gboolean | |
36 | realm_service_enable_finish (GAsyncResult *result, | |
37 | GError **error) | |
38 | { | |
39 | return realm_command_run_finish (result, NULL, error) != -1; | |
40 | } | |
41 | ||
42 | void | |
43 | realm_service_disable (const gchar *service_name, | |
44 | GDBusMethodInvocation *invocation, | |
45 | GAsyncReadyCallback callback, | |
46 | gpointer user_data) | |
47 | { | |
48 | gchar *command; | |
49 | ||
50 | command = g_strdup_printf ("%s-disable-service", service_name); | |
51 | realm_command_run_known_async (command, NULL, invocation, NULL, callback, user_data); | |
52 | g_free (command); | |
53 | } | |
54 | ||
55 | gboolean | |
56 | realm_service_disable_finish (GAsyncResult *result, | |
57 | GError **error) | |
58 | { | |
59 | return realm_command_run_finish (result, NULL, error) != -1; | |
341 | 60 | } |
342 | 61 | |
343 | 62 | void |
346 | 65 | GAsyncReadyCallback callback, |
347 | 66 | gpointer user_data) |
348 | 67 | { |
349 | GSimpleAsyncResult *async; | |
350 | ||
351 | async = g_simple_async_result_new (NULL, callback, user_data, | |
352 | realm_service_restart); | |
353 | if (invocation) { | |
354 | g_simple_async_result_set_op_res_gpointer (async, | |
355 | g_object_ref (invocation), | |
356 | g_object_unref); | |
357 | } | |
358 | ||
359 | realm_service_new (service_name, invocation, | |
360 | on_restart_created, g_object_ref (async)); | |
361 | ||
362 | g_object_unref (async); | |
68 | gchar *command; | |
69 | ||
70 | command = g_strdup_printf ("%s-restart-service", service_name); | |
71 | realm_command_run_known_async (command, NULL, invocation, NULL, callback, user_data); | |
72 | g_free (command); | |
363 | 73 | } |
364 | 74 | |
365 | 75 | gboolean |
366 | 76 | realm_service_restart_finish (GAsyncResult *result, |
367 | 77 | GError **error) |
368 | 78 | { |
369 | GSimpleAsyncResult *async; | |
370 | ||
371 | g_return_val_if_fail (g_simple_async_result_is_valid (result, NULL, | |
372 | realm_service_restart), FALSE); | |
373 | g_return_val_if_fail (error == NULL || *error == NULL, FALSE); | |
374 | ||
375 | async = G_SIMPLE_ASYNC_RESULT (result); | |
376 | if (g_simple_async_result_propagate_error (async, error)) | |
377 | return FALSE; | |
378 | ||
379 | return TRUE; | |
79 | return realm_command_run_finish (result, NULL, error) != -1; | |
80 | } | |
81 | ||
82 | void | |
83 | realm_service_stop (const gchar *service_name, | |
84 | GDBusMethodInvocation *invocation, | |
85 | GAsyncReadyCallback callback, | |
86 | gpointer user_data) | |
87 | { | |
88 | gchar *command; | |
89 | ||
90 | command = g_strdup_printf ("%s-stop-service", service_name); | |
91 | realm_command_run_known_async (command, NULL, invocation, NULL, callback, user_data); | |
92 | g_free (command); | |
93 | } | |
94 | ||
95 | gboolean | |
96 | realm_service_stop_finish (GAsyncResult *result, | |
97 | GError **error) | |
98 | { | |
99 | return realm_command_run_finish (result, NULL, error) != -1; | |
100 | } | |
101 | ||
102 | typedef struct { | |
103 | gchar *service_name; | |
104 | GDBusMethodInvocation *invocation; | |
105 | } CallClosure; | |
106 | ||
107 | static void | |
108 | call_closure_free (gpointer data) | |
109 | { | |
110 | CallClosure *call = data; | |
111 | g_free (call->service_name); | |
112 | g_clear_object (&call->invocation); | |
113 | g_slice_free (CallClosure, call); | |
380 | 114 | } |
381 | 115 | |
382 | 116 | static void |
385 | 119 | gpointer user_data) |
386 | 120 | { |
387 | 121 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); |
388 | RealmService *service = REALM_SERVICE (source); | |
389 | GError *error = NULL; | |
390 | ||
391 | realm_service_impl_restart_finish (service, result, &error); | |
122 | GError *error = NULL; | |
123 | ||
124 | realm_service_restart_finish (result, &error); | |
392 | 125 | if (error != NULL) |
393 | 126 | g_simple_async_result_take_error (async, error); |
394 | 127 | g_simple_async_result_complete (async); |
403 | 136 | gpointer user_data) |
404 | 137 | { |
405 | 138 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); |
406 | RealmService *service = REALM_SERVICE (source); | |
407 | GDBusMethodInvocation *invocation; | |
408 | GError *error = NULL; | |
409 | ||
410 | realm_service_impl_enable_finish (service, result, &error); | |
139 | CallClosure *call = g_simple_async_result_get_op_res_gpointer (async); | |
140 | GError *error = NULL; | |
141 | ||
142 | realm_service_enable_finish (result, &error); | |
411 | 143 | if (error == NULL) { |
412 | invocation = g_simple_async_result_get_op_res_gpointer (async); | |
413 | realm_service_impl_restart (service, invocation, on_enable_restarted, | |
414 | g_object_ref (async)); | |
415 | } else { | |
416 | g_simple_async_result_take_error (async, error); | |
417 | g_simple_async_result_complete (async); | |
418 | } | |
419 | ||
420 | g_object_unref (async); | |
421 | } | |
422 | ||
423 | static void | |
424 | on_enable_created (GObject *source, | |
425 | GAsyncResult *result, | |
426 | gpointer user_data) | |
427 | { | |
428 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); | |
429 | GDBusMethodInvocation *invocation; | |
430 | RealmService *service; | |
431 | GError *error = NULL; | |
432 | ||
433 | service = realm_service_new_finish (result, &error); | |
434 | if (error == NULL) { | |
435 | invocation = g_simple_async_result_get_op_res_gpointer (async); | |
436 | realm_service_impl_enable (service, invocation, on_enable_enabled, | |
437 | g_object_ref (async)); | |
438 | g_object_unref (service); | |
144 | realm_service_restart (call->service_name, call->invocation, | |
145 | on_enable_restarted, g_object_ref (async)); | |
439 | 146 | } else { |
440 | 147 | g_simple_async_result_take_error (async, error); |
441 | 148 | g_simple_async_result_complete (async); |
451 | 158 | gpointer user_data) |
452 | 159 | { |
453 | 160 | GSimpleAsyncResult *async; |
161 | CallClosure *call; | |
454 | 162 | |
455 | 163 | async = g_simple_async_result_new (NULL, callback, user_data, |
456 | 164 | realm_service_enable_and_restart); |
457 | if (invocation) { | |
458 | g_simple_async_result_set_op_res_gpointer (async, | |
459 | g_object_ref (invocation), | |
460 | g_object_unref); | |
461 | } | |
462 | ||
463 | realm_service_new (service_name, invocation, | |
464 | on_enable_created, g_object_ref (async)); | |
165 | call = g_slice_new0 (CallClosure); | |
166 | call->service_name = g_strdup (service_name); | |
167 | call->invocation = invocation ? g_object_ref (invocation) : invocation; | |
168 | g_simple_async_result_set_op_res_gpointer (async, call, call_closure_free); | |
169 | ||
170 | realm_service_enable (call->service_name, call->invocation, | |
171 | on_enable_enabled, g_object_ref (async)); | |
465 | 172 | |
466 | 173 | g_object_unref (async); |
467 | 174 | } |
489 | 196 | gpointer user_data) |
490 | 197 | { |
491 | 198 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); |
492 | RealmService *service = REALM_SERVICE (source); | |
493 | GError *error = NULL; | |
494 | ||
495 | realm_service_impl_stop_finish (service, result, &error); | |
199 | GError *error = NULL; | |
200 | ||
201 | realm_service_stop_finish (result, &error); | |
496 | 202 | if (error != NULL) |
497 | 203 | g_simple_async_result_take_error (async, error); |
498 | 204 | g_simple_async_result_complete (async); |
507 | 213 | gpointer user_data) |
508 | 214 | { |
509 | 215 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); |
510 | RealmService *service = REALM_SERVICE (source); | |
511 | GDBusMethodInvocation *invocation; | |
512 | GError *error = NULL; | |
513 | ||
514 | realm_service_impl_disable_finish (service, result, &error); | |
216 | CallClosure *call = g_simple_async_result_get_op_res_gpointer (async); | |
217 | GError *error = NULL; | |
218 | ||
219 | realm_service_disable_finish (result, &error); | |
515 | 220 | if (error == NULL) { |
516 | invocation = g_simple_async_result_get_op_res_gpointer (async); | |
517 | realm_service_impl_stop (service, invocation, on_disable_stopped, | |
518 | g_object_ref (async)); | |
519 | } else { | |
520 | g_simple_async_result_take_error (async, error); | |
521 | g_simple_async_result_complete (async); | |
522 | } | |
523 | ||
524 | g_object_unref (async); | |
525 | } | |
526 | ||
527 | static void | |
528 | on_disable_created (GObject *source, | |
529 | GAsyncResult *result, | |
530 | gpointer user_data) | |
531 | { | |
532 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); | |
533 | GDBusMethodInvocation *invocation; | |
534 | RealmService *service; | |
535 | GError *error = NULL; | |
536 | ||
537 | service = realm_service_new_finish (result, &error); | |
538 | if (error == NULL) { | |
539 | invocation = g_simple_async_result_get_op_res_gpointer (async); | |
540 | realm_service_impl_disable (service, invocation, on_disable_disabled, | |
541 | g_object_ref (async)); | |
542 | g_object_unref (service); | |
221 | realm_service_stop (call->service_name, call->invocation, | |
222 | on_disable_stopped, g_object_ref (async)); | |
543 | 223 | } else { |
544 | 224 | g_simple_async_result_take_error (async, error); |
545 | 225 | g_simple_async_result_complete (async); |
555 | 235 | gpointer user_data) |
556 | 236 | { |
557 | 237 | GSimpleAsyncResult *async; |
238 | CallClosure *call; | |
558 | 239 | |
559 | 240 | async = g_simple_async_result_new (NULL, callback, user_data, |
560 | 241 | realm_service_disable_and_stop); |
561 | if (invocation) { | |
562 | g_simple_async_result_set_op_res_gpointer (async, | |
563 | g_object_ref (invocation), | |
564 | g_object_unref); | |
565 | } | |
566 | ||
567 | realm_service_new (service_name, invocation, | |
568 | on_disable_created, g_object_ref (async)); | |
242 | call = g_slice_new0 (CallClosure); | |
243 | call->service_name = g_strdup (service_name); | |
244 | call->invocation = invocation ? g_object_ref (invocation) : invocation; | |
245 | g_simple_async_result_set_op_res_gpointer (async, call, call_closure_free); | |
246 | ||
247 | realm_service_disable (call->service_name, call->invocation, | |
248 | on_disable_disabled, g_object_ref (async)); | |
569 | 249 | |
570 | 250 | g_object_unref (async); |
571 | 251 | } |
20 | 20 | |
21 | 21 | G_BEGIN_DECLS |
22 | 22 | |
23 | #define REALM_TYPE_SERVICE (realm_service_get_type ()) | |
24 | #define REALM_SERVICE(inst) (G_TYPE_CHECK_INSTANCE_CAST ((inst), REALM_TYPE_SERVICE, RealmService)) | |
25 | #define REALM_IS_SERVICE(inst) (G_TYPE_CHECK_INSTANCE_TYPE ((inst), REALM_TYPE_SERVICE)) | |
26 | #define REALM_SERVICE_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), REALM_TYPE_SERVICE, RealmServiceClass)) | |
27 | #define REALM_IS_SERVICE_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), REALM_TYPE_SERVICE)) | |
28 | #define REALM_SERVICE_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), REALM_TYPE_SERVICE, RealmServiceClass)) | |
29 | ||
30 | typedef struct _RealmService RealmService; | |
31 | typedef struct _RealmServiceClass RealmServiceClass; | |
32 | ||
33 | struct _RealmService { | |
34 | GDBusProxy parent; | |
35 | }; | |
36 | ||
37 | struct _RealmServiceClass { | |
38 | GDBusProxyClass parent_class; | |
39 | ||
40 | void (* enable) (RealmService *service, | |
41 | GDBusMethodInvocation *invocation, | |
42 | GAsyncReadyCallback callback, | |
43 | gpointer user_data); | |
44 | ||
45 | gboolean (* enable_finish) (RealmService *service, | |
46 | GAsyncResult *result, | |
47 | GError **error); | |
48 | ||
49 | void (* disable) (RealmService *service, | |
50 | GDBusMethodInvocation *invocation, | |
51 | GAsyncReadyCallback callback, | |
52 | gpointer user_data); | |
53 | ||
54 | gboolean (* disable_finish) (RealmService *service, | |
55 | GAsyncResult *result, | |
56 | GError **error); | |
57 | ||
58 | void (* restart) (RealmService *service, | |
59 | GDBusMethodInvocation *invocation, | |
60 | GAsyncReadyCallback callback, | |
61 | gpointer user_data); | |
62 | ||
63 | gboolean (* restart_finish) (RealmService *service, | |
64 | GAsyncResult *result, | |
65 | GError **error); | |
66 | ||
67 | void (* stop) (RealmService *service, | |
68 | GDBusMethodInvocation *invocation, | |
69 | GAsyncReadyCallback callback, | |
70 | gpointer user_data); | |
71 | ||
72 | gboolean (* stop_finish) (RealmService *service, | |
73 | GAsyncResult *result, | |
74 | GError **error); | |
75 | }; | |
76 | ||
77 | GType realm_service_get_type (void) G_GNUC_CONST; | |
78 | ||
79 | void realm_service_new (const gchar *service_name, | |
23 | void realm_service_enable (const gchar *service_name, | |
80 | 24 | GDBusMethodInvocation *invocation, |
81 | 25 | GAsyncReadyCallback callback, |
82 | 26 | gpointer user_data); |
83 | 27 | |
84 | RealmService * realm_service_new_finish (GAsyncResult *result, | |
28 | gboolean realm_service_enable_finish (GAsyncResult *result, | |
85 | 29 | GError **error); |
86 | 30 | |
87 | void realm_service_impl_enable (RealmService *service, | |
31 | void realm_service_disable (const gchar *service_name, | |
88 | 32 | GDBusMethodInvocation *invocation, |
89 | 33 | GAsyncReadyCallback callback, |
90 | 34 | gpointer user_data); |
91 | 35 | |
92 | gboolean realm_service_impl_enable_finish (RealmService *service, | |
93 | GAsyncResult *result, | |
36 | gboolean realm_service_disable_finish (GAsyncResult *result, | |
94 | 37 | GError **error); |
95 | 38 | |
96 | void realm_service_impl_disable (RealmService *service, | |
39 | void realm_service_stop (const gchar *service_name, | |
97 | 40 | GDBusMethodInvocation *invocation, |
98 | 41 | GAsyncReadyCallback callback, |
99 | 42 | gpointer user_data); |
100 | 43 | |
101 | gboolean realm_service_impl_disable_finish (RealmService *service, | |
102 | GAsyncResult *result, | |
103 | GError **error); | |
104 | ||
105 | void realm_service_impl_restart (RealmService *service, | |
106 | GDBusMethodInvocation *invocation, | |
107 | GAsyncReadyCallback callback, | |
108 | gpointer user_data); | |
109 | ||
110 | gboolean realm_service_impl_restart_finish (RealmService *service, | |
111 | GAsyncResult *result, | |
112 | GError **error); | |
113 | ||
114 | void realm_service_impl_stop (RealmService *service, | |
115 | GDBusMethodInvocation *invocation, | |
116 | GAsyncReadyCallback callback, | |
117 | gpointer user_data); | |
118 | ||
119 | gboolean realm_service_impl_stop_finish (RealmService *service, | |
120 | GAsyncResult *result, | |
44 | gboolean realm_service_stop_finish (GAsyncResult *result, | |
121 | 45 | GError **error); |
122 | 46 | |
123 | 47 | void realm_service_restart (const gchar *service_name, |
0 | /* realmd -- Realm configuration service | |
1 | * | |
2 | * Copyright 2012 Red Hat Inc | |
3 | * | |
4 | * This program is free software: you can redistribute it and/or modify | |
5 | * it under the terms of the GNU Lesser General Public License as published | |
6 | * by the Free Software Foundation; either version 2 of the licence or (at | |
7 | * your option) any later version. | |
8 | * | |
9 | * See the included COPYING file for more information. | |
10 | * | |
11 | * Author: Stef Walter <stefw@gnome.org> | |
12 | */ | |
13 | ||
14 | #include "config.h" | |
15 | ||
16 | #include "realm-command.h" | |
17 | #include "realm-daemon.h" | |
18 | #include "realm-dbus-constants.h" | |
19 | #include "realm-diagnostics.h" | |
20 | #include "realm-discovery.h" | |
21 | #include "realm-errors.h" | |
22 | #include "realm-kerberos.h" | |
23 | #include "realm-kerberos-discover.h" | |
24 | #include "realm-packages.h" | |
25 | #include "realm-sssd-ad.h" | |
26 | #include "realm-sssd-ad-provider.h" | |
27 | #include "realm-sssd-config.h" | |
28 | ||
29 | #include <glib/gstdio.h> | |
30 | ||
31 | #include <errno.h> | |
32 | ||
33 | struct _RealmSssdAdProvider { | |
34 | RealmProvider parent; | |
35 | RealmIniConfig *config; | |
36 | }; | |
37 | ||
38 | typedef struct { | |
39 | RealmProviderClass parent_class; | |
40 | } RealmSssdAdProviderClass; | |
41 | ||
42 | enum { | |
43 | PROP_0, | |
44 | PROP_SSSD_CONFIG, | |
45 | }; | |
46 | ||
47 | #define REALM_DBUS_SSSD_AD_PATH "/org/freedesktop/realmd/SssdAd" | |
48 | ||
49 | G_DEFINE_TYPE (RealmSssdAdProvider, realm_sssd_ad_provider, REALM_TYPE_PROVIDER); | |
50 | ||
51 | static void | |
52 | realm_sssd_ad_provider_init (RealmSssdAdProvider *self) | |
53 | { | |
54 | self->config = realm_sssd_config_new (NULL); | |
55 | } | |
56 | ||
57 | static void | |
58 | realm_sssd_ad_provider_constructed (GObject *obj) | |
59 | { | |
60 | RealmSssdAdProvider *self; | |
61 | gchar **domains; | |
62 | gchar *section; | |
63 | gchar *realm; | |
64 | gchar *type; | |
65 | gint i; | |
66 | ||
67 | G_OBJECT_CLASS (realm_sssd_ad_provider_parent_class)->constructed (obj); | |
68 | ||
69 | self = REALM_SSSD_AD_PROVIDER (obj); | |
70 | ||
71 | realm_provider_set_name (REALM_PROVIDER (self), "SssdAd"); | |
72 | ||
73 | domains = realm_sssd_config_get_domains (self->config); | |
74 | for (i = 0; domains && domains[i] != 0; i++) { | |
75 | section = realm_sssd_config_domain_to_section (domains[i]); | |
76 | type = realm_ini_config_get (self->config, section, "id_provider"); | |
77 | realm = realm_ini_config_get (self->config, section, "krb5_realm"); | |
78 | g_free (section); | |
79 | ||
80 | if (g_strcmp0 (type, "ad") == 0) { | |
81 | realm_provider_lookup_or_register_realm (REALM_PROVIDER (self), | |
82 | REALM_TYPE_SSSD_AD, | |
83 | realm ? realm : domains[i], NULL); | |
84 | } | |
85 | ||
86 | g_free (realm); | |
87 | g_free (type); | |
88 | } | |
89 | g_strfreev (domains); | |
90 | } | |
91 | ||
92 | static void | |
93 | on_kerberos_discover (GObject *source, | |
94 | GAsyncResult *result, | |
95 | gpointer user_data) | |
96 | { | |
97 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); | |
98 | g_simple_async_result_set_op_res_gpointer (async, g_object_ref (result), g_object_unref); | |
99 | g_simple_async_result_complete (async); | |
100 | g_object_unref (async); | |
101 | } | |
102 | ||
103 | static void | |
104 | realm_sssd_ad_provider_discover_async (RealmProvider *provider, | |
105 | const gchar *string, | |
106 | GVariant *options, | |
107 | GDBusMethodInvocation *invocation, | |
108 | GAsyncReadyCallback callback, | |
109 | gpointer user_data) | |
110 | { | |
111 | GSimpleAsyncResult *async; | |
112 | ||
113 | async = g_simple_async_result_new (G_OBJECT (provider), callback, user_data, | |
114 | realm_sssd_ad_provider_discover_async); | |
115 | ||
116 | if (!realm_provider_match_options (options, | |
117 | REALM_DBUS_IDENTIFIER_ACTIVE_DIRECTORY, | |
118 | REALM_DBUS_IDENTIFIER_SSSD)) { | |
119 | g_simple_async_result_complete_in_idle (async); | |
120 | ||
121 | } else { | |
122 | realm_kerberos_discover_async (string, invocation, on_kerberos_discover, | |
123 | g_object_ref (async)); | |
124 | } | |
125 | ||
126 | g_object_unref (async); | |
127 | } | |
128 | ||
129 | static gint | |
130 | realm_sssd_ad_provider_discover_finish (RealmProvider *provider, | |
131 | GAsyncResult *result, | |
132 | GVariant **realms, | |
133 | GError **error) | |
134 | { | |
135 | GSimpleAsyncResult *async; | |
136 | GAsyncResult *ad_result; | |
137 | RealmKerberos *realm = NULL; | |
138 | GHashTable *discovery; | |
139 | const gchar *object_path; | |
140 | gchar *name; | |
141 | ||
142 | async = G_SIMPLE_ASYNC_RESULT (result); | |
143 | ad_result = g_simple_async_result_get_op_res_gpointer (async); | |
144 | if (ad_result == NULL) | |
145 | return 0; | |
146 | ||
147 | name = realm_kerberos_discover_finish (ad_result, &discovery, error); | |
148 | if (name == NULL) | |
149 | return 0; | |
150 | ||
151 | if (realm_discovery_has_string (discovery, | |
152 | REALM_DBUS_OPTION_SERVER_SOFTWARE, | |
153 | REALM_DBUS_IDENTIFIER_ACTIVE_DIRECTORY)) { | |
154 | ||
155 | realm = realm_provider_lookup_or_register_realm (provider, | |
156 | REALM_TYPE_SSSD_AD, | |
157 | name, discovery); | |
158 | } | |
159 | ||
160 | g_free (name); | |
161 | g_hash_table_unref (discovery); | |
162 | ||
163 | if (realm == NULL) | |
164 | return 0; | |
165 | ||
166 | object_path = g_dbus_object_get_object_path (G_DBUS_OBJECT (realm)); | |
167 | *realms = g_variant_new_objv (&object_path, 1); | |
168 | g_variant_ref_sink (*realms); | |
169 | ||
170 | /* Return a higher priority if we're the default */ | |
171 | return realm_provider_is_default (REALM_DBUS_IDENTIFIER_ACTIVE_DIRECTORY, REALM_DBUS_IDENTIFIER_SSSD) ? 100 : 50; | |
172 | } | |
173 | ||
174 | static void | |
175 | realm_sssd_ad_provider_get_property (GObject *obj, | |
176 | guint prop_id, | |
177 | GValue *value, | |
178 | GParamSpec *pspec) | |
179 | { | |
180 | RealmSssdAdProvider *self = REALM_SSSD_AD_PROVIDER (obj); | |
181 | ||
182 | switch (prop_id) { | |
183 | case PROP_SSSD_CONFIG: | |
184 | g_value_set_object (value, self->config); | |
185 | break; | |
186 | default: | |
187 | G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec); | |
188 | break; | |
189 | } | |
190 | } | |
191 | ||
192 | static void | |
193 | realm_sssd_ad_provider_finalize (GObject *obj) | |
194 | { | |
195 | RealmSssdAdProvider *self = REALM_SSSD_AD_PROVIDER (obj); | |
196 | ||
197 | g_object_unref (self->config); | |
198 | ||
199 | G_OBJECT_CLASS (realm_sssd_ad_provider_parent_class)->finalize (obj); | |
200 | } | |
201 | ||
202 | void | |
203 | realm_sssd_ad_provider_class_init (RealmSssdAdProviderClass *klass) | |
204 | { | |
205 | RealmProviderClass *provider_class = REALM_PROVIDER_CLASS (klass); | |
206 | GObjectClass *object_class = G_OBJECT_CLASS (klass); | |
207 | ||
208 | provider_class->discover_async = realm_sssd_ad_provider_discover_async; | |
209 | provider_class->discover_finish = realm_sssd_ad_provider_discover_finish; | |
210 | ||
211 | object_class->constructed = realm_sssd_ad_provider_constructed; | |
212 | object_class->get_property = realm_sssd_ad_provider_get_property; | |
213 | object_class->finalize = realm_sssd_ad_provider_finalize; | |
214 | ||
215 | g_object_class_install_property (object_class, PROP_SSSD_CONFIG, | |
216 | g_param_spec_object ("sssd-config", "Sssd Config", "Sssd Config", | |
217 | REALM_TYPE_INI_CONFIG, G_PARAM_READABLE | G_PARAM_STATIC_STRINGS)); | |
218 | ||
219 | } | |
220 | ||
221 | RealmProvider * | |
222 | realm_sssd_ad_provider_new (void) | |
223 | { | |
224 | return g_object_new (REALM_TYPE_SSSD_AD_PROVIDER, | |
225 | "g-object-path", REALM_DBUS_SSSD_AD_PATH, | |
226 | NULL); | |
227 | } |
0 | /* realmd -- Realm configuration service | |
1 | * | |
2 | * Copyright 2012 Red Hat Inc | |
3 | * | |
4 | * This program is free software: you can redistribute it and/or modify | |
5 | * it under the terms of the GNU Lesser General Public License as published | |
6 | * by the Free Software Foundation; either version 2 of the licence or (at | |
7 | * your option) any later version. | |
8 | * | |
9 | * See the included COPYING file for more information. | |
10 | * | |
11 | * Author: Stef Walter <stefw@gnome.org> | |
12 | */ | |
13 | ||
14 | #include "config.h" | |
15 | ||
16 | #ifndef __REALM_SSSD_AD_PROVIDER_H__ | |
17 | #define __REALM_SSSD_AD_PROVIDER_H__ | |
18 | ||
19 | #include <gio/gio.h> | |
20 | ||
21 | #include "realm-provider.h" | |
22 | ||
23 | G_BEGIN_DECLS | |
24 | ||
25 | #define REALM_TYPE_SSSD_AD_PROVIDER (realm_sssd_ad_provider_get_type ()) | |
26 | #define REALM_SSSD_AD_PROVIDER(inst) (G_TYPE_CHECK_INSTANCE_CAST ((inst), REALM_TYPE_SSSD_AD_PROVIDER, RealmSssdAdProvider)) | |
27 | #define REALM_IS_SSSD_AD_PROVIDER(inst) (G_TYPE_CHECK_INSTANCE_TYPE ((inst), REALM_TYPE_SSSD_AD_PROVIDER)) | |
28 | ||
29 | typedef struct _RealmSssdAdProvider RealmSssdAdProvider; | |
30 | ||
31 | GType realm_sssd_ad_provider_get_type (void) G_GNUC_CONST; | |
32 | ||
33 | RealmProvider * realm_sssd_ad_provider_new (void); | |
34 | ||
35 | G_END_DECLS | |
36 | ||
37 | #endif /* __REALM_SSSD_AD_PROVIDER_H__ */ |
22 | 22 | #include "realm-packages.h" |
23 | 23 | #include "realm-samba-enroll.h" |
24 | 24 | #include "realm-service.h" |
25 | #include "realm-settings.h" | |
25 | 26 | #include "realm-sssd.h" |
26 | 27 | #include "realm-sssd-ad.h" |
27 | 28 | #include "realm-sssd-config.h" |
79 | 80 | |
80 | 81 | /* |
81 | 82 | * Each line is a combination of owner and what kind of credentials are supported, |
82 | * same for enroll/unenroll. We can't accept a ccache, because samba3 needs | |
83 | * same for enroll/leave. We can't accept a ccache, because samba3 needs | |
83 | 84 | * to have credentials limited to RC4. |
84 | 85 | */ |
85 | 86 | supported = realm_kerberos_membership_build_supported ( |
94 | 95 | supported = realm_kerberos_membership_build_supported ( |
95 | 96 | REALM_KERBEROS_CREDENTIAL_PASSWORD, REALM_KERBEROS_OWNER_ADMIN, |
96 | 97 | REALM_KERBEROS_CREDENTIAL_PASSWORD, REALM_KERBEROS_OWNER_USER, |
98 | REALM_KERBEROS_CREDENTIAL_AUTOMATIC, REALM_KERBEROS_OWNER_NONE, | |
97 | 99 | 0); |
98 | 100 | realm_kerberos_set_supported_leave_creds (kerberos, supported); |
99 | 101 | |
110 | 112 | const gchar **packages; |
111 | 113 | |
112 | 114 | /* Used for adcli enroll */ |
115 | gboolean automatic; | |
113 | 116 | GBytes *one_time_password; |
114 | 117 | gchar *ccache_file; |
115 | 118 | |
187 | 190 | gchar **parts; |
188 | 191 | gchar *rdn; |
189 | 192 | gchar *dn; |
193 | gchar *home; | |
190 | 194 | gint i; |
191 | 195 | |
192 | 196 | /* Calculate the domain and dn */ |
200 | 204 | dn = g_strjoinv (",", parts); |
201 | 205 | g_strfreev (parts); |
202 | 206 | |
207 | home = realm_sssd_build_default_home (realm_settings_string ("users", "default-home")); | |
208 | ||
203 | 209 | ret = realm_sssd_config_add_domain (config, workgroup, error, |
204 | 210 | "enumerate", "False", |
205 | 211 | "re_expression", "(?P<domain>[^\\\\]+)\\\\(?P<name>[^\\\\]+)", |
206 | 212 | "full_name_format", "%2$s\\%1$s", |
207 | 213 | "case_sensitive", "False", |
208 | "cache_credentials", "False", | |
214 | "cache_credentials", "True", | |
209 | 215 | "use_fully_qualified_names", "True", |
210 | 216 | |
211 | 217 | "id_provider", "ad", |
212 | 218 | "auth_provider", "ad", |
213 | 219 | "access_provider", "simple", |
220 | "simple_allow_users", ",", | |
214 | 221 | "chpass_provider", "ad", |
215 | 222 | |
216 | 223 | "ad_domain", domain, |
217 | 224 | "krb5_realm", realm, |
218 | 225 | "krb5_store_password_if_offline", "True", |
219 | 226 | |
227 | "fallback_homedir", home, | |
220 | 228 | NULL); |
221 | 229 | |
230 | g_free (home); | |
222 | 231 | g_free (domain); |
223 | 232 | g_free (dn); |
224 | 233 | |
239 | 248 | |
240 | 249 | |
241 | 250 | if (join->use_adcli) { |
242 | if (!realm_adcli_enroll_join_finish (result, &workgroup, &error)) | |
251 | if (!realm_adcli_enroll_join_finish (result, &workgroup, &error)) { | |
243 | 252 | workgroup = NULL; |
253 | if (join->automatic && | |
254 | g_error_matches (error, REALM_ERROR, REALM_ERROR_AUTH_FAILED)) { | |
255 | g_clear_error (&error); | |
256 | g_set_error (&error, REALM_ERROR, REALM_ERROR_AUTH_FAILED, | |
257 | _("Unable to automatically join the domain")); | |
258 | } | |
259 | } | |
244 | 260 | } else { |
245 | 261 | if (realm_samba_enroll_join_finish (result, &settings, &error)) { |
246 | 262 | workgroup = g_strdup (g_hash_table_lookup (settings, "workgroup")); |
300 | 316 | g_object_ref (async)); |
301 | 317 | |
302 | 318 | } else if (join->use_adcli) { |
319 | g_assert (join->automatic); | |
303 | 320 | realm_adcli_enroll_join_automatic_async (join->realm_name, |
304 | 321 | join->computer_ou, |
305 | 322 | join->invocation, |
487 | 504 | |
488 | 505 | if (async) { |
489 | 506 | join = g_simple_async_result_get_op_res_gpointer (async); |
507 | join->automatic = TRUE; | |
490 | 508 | realm_packages_install_async (join->packages, join->invocation, |
491 | 509 | on_install_do_join, g_object_ref (async)); |
492 | 510 | g_object_unref (async); |
536 | 554 | if (async) { |
537 | 555 | join = g_simple_async_result_get_op_res_gpointer (async); |
538 | 556 | |
539 | /* If using samba, then only for a subset of enctypes */ | |
540 | 557 | if (join->use_adcli) { |
541 | 558 | realm_kerberos_kinit_ccache_async (REALM_KERBEROS (membership), |
542 | 559 | user_name, password, NULL, |
557 | 574 | GDBusMethodInvocation *invocation; |
558 | 575 | gchar *realm_name; |
559 | 576 | gchar *ccache_file; |
560 | } UnenrollClosure; | |
561 | ||
562 | static void | |
563 | unenroll_closure_free (gpointer data) | |
564 | { | |
565 | UnenrollClosure *unenroll = data; | |
566 | g_free (unenroll->realm_name); | |
567 | if (unenroll->ccache_file) | |
568 | realm_keberos_ccache_delete_and_free (unenroll->ccache_file); | |
569 | g_object_unref (unenroll->invocation); | |
570 | g_slice_free (UnenrollClosure, unenroll); | |
571 | } | |
572 | ||
573 | static void | |
574 | on_service_disable_done (GObject *source, | |
577 | } LeaveClosure; | |
578 | ||
579 | static void | |
580 | leave_closure_free (gpointer data) | |
581 | { | |
582 | LeaveClosure *leave = data; | |
583 | g_free (leave->realm_name); | |
584 | if (leave->ccache_file) | |
585 | realm_keberos_ccache_delete_and_free (leave->ccache_file); | |
586 | g_object_unref (leave->invocation); | |
587 | g_slice_free (LeaveClosure, leave); | |
588 | } | |
589 | ||
590 | static void | |
591 | on_leave_do_deconfigure (GObject *source, | |
575 | 592 | GAsyncResult *result, |
576 | 593 | gpointer user_data) |
577 | 594 | { |
578 | 595 | GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); |
579 | GError *error = NULL; | |
580 | ||
581 | realm_service_disable_and_stop_finish (result, &error); | |
582 | if (error != NULL) | |
583 | g_simple_async_result_take_error (res, error); | |
584 | g_simple_async_result_complete (res); | |
585 | ||
586 | g_object_unref (res); | |
587 | } | |
588 | ||
589 | static void | |
590 | on_service_restart_done (GObject *source, | |
591 | GAsyncResult *result, | |
592 | gpointer user_data) | |
593 | { | |
594 | GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); | |
595 | GError *error = NULL; | |
596 | ||
597 | realm_service_restart_finish (result, &error); | |
598 | if (error != NULL) | |
599 | g_simple_async_result_take_error (res, error); | |
600 | g_simple_async_result_complete (res); | |
601 | ||
602 | g_object_unref (res); | |
603 | } | |
604 | ||
605 | static void | |
606 | on_leave_do_sssd (GObject *source, | |
607 | GAsyncResult *result, | |
608 | gpointer user_data) | |
609 | { | |
610 | GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); | |
611 | UnenrollClosure *unenroll = g_simple_async_result_get_op_res_gpointer (res); | |
596 | LeaveClosure *leave = g_simple_async_result_get_op_res_gpointer (res); | |
612 | 597 | RealmSssd *sssd = REALM_SSSD (g_async_result_get_source_object (user_data)); |
613 | 598 | GError *error = NULL; |
614 | RealmIniConfig *config; | |
615 | gchar **domains; | |
616 | ||
617 | realm_samba_enroll_leave_finish (result, NULL); | |
618 | 599 | |
619 | 600 | /* We don't care if we can leave or not, just continue with other steps */ |
620 | config = realm_sssd_get_config (sssd); | |
621 | realm_sssd_config_remove_domain (config, realm_sssd_get_config_domain (sssd), &error); | |
622 | ||
601 | realm_samba_enroll_leave_finish (result, &error); | |
623 | 602 | if (error != NULL) { |
624 | g_simple_async_result_take_error (res, error); | |
625 | g_simple_async_result_complete (res); | |
603 | realm_diagnostics_error (leave->invocation, error, NULL); | |
626 | 604 | g_error_free (error); |
627 | ||
628 | } else { | |
629 | /* If no domains, then disable sssd */ | |
630 | domains = realm_sssd_config_get_domains (config); | |
631 | if (domains == NULL || g_strv_length (domains) == 0) { | |
632 | realm_service_disable_and_stop ("sssd", unenroll->invocation, | |
633 | on_service_disable_done, g_object_ref (res)); | |
634 | ||
635 | /* If any domains left, then restart sssd */ | |
636 | } else { | |
637 | realm_service_restart ("sssd", unenroll->invocation, | |
638 | on_service_restart_done, g_object_ref (res)); | |
639 | } | |
640 | g_strfreev (domains); | |
641 | } | |
605 | } | |
606 | ||
607 | realm_sssd_deconfigure_domain_tail (sssd, res, leave->invocation); | |
642 | 608 | |
643 | 609 | g_object_unref (sssd); |
644 | 610 | g_object_unref (res); |
645 | 611 | } |
646 | 612 | |
647 | static void | |
648 | realm_sssd_ad_unenroll_async (RealmKerberosMembership *membership, | |
649 | const gchar *user_name, | |
650 | GBytes *password, | |
651 | RealmKerberosFlags flags, | |
652 | GVariant *options, | |
653 | GDBusMethodInvocation *invocation, | |
654 | GAsyncReadyCallback callback, | |
655 | gpointer user_data) | |
656 | { | |
657 | RealmKerberos *realm = REALM_KERBEROS (membership); | |
658 | RealmSssd *sssd = REALM_SSSD (realm); | |
659 | GSimpleAsyncResult *res; | |
660 | UnenrollClosure *unenroll; | |
661 | const gchar *computer_ou; | |
662 | ||
663 | res = g_simple_async_result_new (G_OBJECT (realm), callback, user_data, | |
664 | realm_sssd_ad_unenroll_async); | |
665 | unenroll = g_slice_new0 (UnenrollClosure); | |
666 | unenroll->realm_name = g_strdup (realm_kerberos_get_realm_name (realm)); | |
667 | unenroll->invocation = g_object_ref (invocation); | |
668 | g_simple_async_result_set_op_res_gpointer (res, unenroll, unenroll_closure_free); | |
613 | static GSimpleAsyncResult * | |
614 | setup_leave (RealmSssdAd *self, | |
615 | GVariant *options, | |
616 | GDBusMethodInvocation *invocation, | |
617 | GAsyncReadyCallback callback, | |
618 | gpointer user_data) | |
619 | { | |
620 | GSimpleAsyncResult *async; | |
621 | ||
622 | async = g_simple_async_result_new (G_OBJECT (self), callback, user_data, setup_leave); | |
669 | 623 | |
670 | 624 | /* Check that enrolled in this realm */ |
671 | if (!realm_sssd_get_config_section (sssd)) { | |
672 | g_simple_async_result_set_error (res, REALM_ERROR, REALM_ERROR_NOT_CONFIGURED, | |
625 | if (!realm_sssd_get_config_section (REALM_SSSD (self))) { | |
626 | g_simple_async_result_set_error (async, REALM_ERROR, REALM_ERROR_NOT_CONFIGURED, | |
673 | 627 | _("Not currently joined to this domain")); |
674 | g_simple_async_result_complete_in_idle (res); | |
675 | ||
676 | } else if (g_variant_lookup (options, REALM_DBUS_OPTION_COMPUTER_OU, "&s", &computer_ou)) { | |
677 | g_simple_async_result_set_error (res, G_DBUS_ERROR, G_DBUS_ERROR_INVALID_ARGS, | |
678 | "The computer-ou argument is not supported when leaving a domain (using samba)."); | |
679 | g_simple_async_result_complete_in_idle (res); | |
680 | ||
681 | } else { | |
682 | realm_samba_enroll_leave_async (unenroll->realm_name, user_name, password, | |
683 | unenroll->invocation, on_leave_do_sssd, | |
684 | g_object_ref (res)); | |
685 | } | |
686 | ||
687 | g_object_unref (res); | |
628 | g_simple_async_result_complete_in_idle (async); | |
629 | g_object_unref (async); | |
630 | return NULL; | |
631 | } | |
632 | ||
633 | return async; | |
634 | } | |
635 | ||
636 | static void | |
637 | realm_sssd_ad_leave_password_async (RealmKerberosMembership *membership, | |
638 | const gchar *user_name, | |
639 | GBytes *password, | |
640 | RealmKerberosFlags flags, | |
641 | GVariant *options, | |
642 | GDBusMethodInvocation *invocation, | |
643 | GAsyncReadyCallback callback, | |
644 | gpointer user_data) | |
645 | { | |
646 | RealmSssdAd *self = REALM_SSSD_AD (membership); | |
647 | GSimpleAsyncResult *async; | |
648 | LeaveClosure *leave; | |
649 | ||
650 | async = setup_leave (self, options, invocation, callback, user_data); | |
651 | if (async == NULL) | |
652 | return; | |
653 | ||
654 | leave = g_slice_new0 (LeaveClosure); | |
655 | leave->realm_name = g_strdup (realm_kerberos_get_realm_name (REALM_KERBEROS (self))); | |
656 | leave->invocation = g_object_ref (invocation); | |
657 | g_simple_async_result_set_op_res_gpointer (async, leave, leave_closure_free); | |
658 | ||
659 | realm_samba_enroll_leave_async (leave->realm_name, user_name, password, | |
660 | leave->invocation, on_leave_do_deconfigure, | |
661 | g_object_ref (async)); | |
662 | g_object_unref (async); | |
663 | } | |
664 | ||
665 | static void | |
666 | realm_sssd_ad_leave_automatic_async (RealmKerberosMembership *membership, | |
667 | RealmKerberosFlags flags, | |
668 | GVariant *options, | |
669 | GDBusMethodInvocation *invocation, | |
670 | GAsyncReadyCallback callback, | |
671 | gpointer user_data) | |
672 | { | |
673 | RealmSssdAd *self = REALM_SSSD_AD (membership); | |
674 | GSimpleAsyncResult *async; | |
675 | ||
676 | async = setup_leave (self, options, invocation, callback, user_data); | |
677 | if (async == NULL) | |
678 | return; | |
679 | ||
680 | realm_sssd_deconfigure_domain_tail (REALM_SSSD (self), async, invocation); | |
681 | g_object_unref (async); | |
688 | 682 | } |
689 | 683 | |
690 | 684 | static gboolean |
712 | 706 | iface->enroll_password_async = realm_sssd_ad_join_password_async; |
713 | 707 | iface->enroll_secret_async = realm_sssd_ad_join_secret_async; |
714 | 708 | iface->enroll_finish = realm_sssd_ad_generic_finish; |
715 | iface->unenroll_password_async = realm_sssd_ad_unenroll_async; | |
709 | iface->unenroll_automatic_async = realm_sssd_ad_leave_automatic_async; | |
710 | iface->unenroll_password_async = realm_sssd_ad_leave_password_async; | |
716 | 711 | iface->unenroll_finish = realm_sssd_ad_generic_finish; |
717 | 712 | } |
107 | 107 | const gchar *value; |
108 | 108 | const gchar *domains[2]; |
109 | 109 | gchar *section; |
110 | gchar *shell; | |
110 | 111 | va_list va; |
111 | 112 | |
112 | 113 | g_return_val_if_fail (REALM_IS_INI_CONFIG (config), FALSE); |
130 | 131 | realm_ini_config_set (config, "sssd", "services", "nss, pam"); |
131 | 132 | realm_ini_config_set (config, "sssd", "config_file_version", "2"); |
132 | 133 | } |
134 | ||
135 | /* Always make sure this is set */ | |
136 | shell = realm_ini_config_get (config, "nss", "default_shell"); | |
137 | if (shell == NULL) { | |
138 | realm_ini_config_set (config, "nss", "default_shell", | |
139 | realm_settings_string ("users", "default-shell")); | |
140 | } | |
141 | g_free (shell); | |
133 | 142 | |
134 | 143 | domains[0] = domain; |
135 | 144 | domains[1] = NULL; |
0 | /* realmd -- Realm configuration service | |
1 | * | |
2 | * Copyright 2012 Red Hat Inc | |
3 | * | |
4 | * This program is free software: you can redistribute it and/or modify | |
5 | * it under the terms of the GNU Lesser General Public License as published | |
6 | * by the Free Software Foundation; either version 2 of the licence or (at | |
7 | * your option) any later version. | |
8 | * | |
9 | * See the included COPYING file for more information. | |
10 | * | |
11 | * Author: Stef Walter <stefw@gnome.org> | |
12 | */ | |
13 | ||
14 | #include "config.h" | |
15 | ||
16 | #include "realm-command.h" | |
17 | #include "realm-daemon.h" | |
18 | #include "realm-dbus-constants.h" | |
19 | #include "realm-diagnostics.h" | |
20 | #include "realm-discovery.h" | |
21 | #include "realm-errors.h" | |
22 | #include "realm-kerberos.h" | |
23 | #include "realm-kerberos-discover.h" | |
24 | #include "realm-packages.h" | |
25 | #include "realm-sssd-ipa.h" | |
26 | #include "realm-sssd-ipa-provider.h" | |
27 | #include "realm-sssd-config.h" | |
28 | ||
29 | #include <glib/gstdio.h> | |
30 | ||
31 | #include <errno.h> | |
32 | ||
33 | struct _RealmSssdIpaProvider { | |
34 | RealmProvider parent; | |
35 | RealmIniConfig *config; | |
36 | }; | |
37 | ||
38 | typedef struct { | |
39 | RealmProviderClass parent_class; | |
40 | } RealmSssdIpaProviderClass; | |
41 | ||
42 | enum { | |
43 | PROP_0, | |
44 | PROP_SSSD_CONFIG, | |
45 | }; | |
46 | ||
47 | #define REALM_DBUS_SSSD_IPA_PATH "/org/freedesktop/realmd/SssdIpa" | |
48 | ||
49 | G_DEFINE_TYPE (RealmSssdIpaProvider, realm_sssd_ipa_provider, REALM_TYPE_PROVIDER); | |
50 | ||
51 | static void | |
52 | realm_sssd_ipa_provider_init (RealmSssdIpaProvider *self) | |
53 | { | |
54 | self->config = realm_sssd_config_new (NULL); | |
55 | } | |
56 | ||
57 | static void | |
58 | realm_sssd_ipa_provider_constructed (GObject *obj) | |
59 | { | |
60 | RealmSssdIpaProvider *self; | |
61 | gchar **domains; | |
62 | gchar *section; | |
63 | gchar *realm; | |
64 | gchar *type; | |
65 | gint i; | |
66 | ||
67 | G_OBJECT_CLASS (realm_sssd_ipa_provider_parent_class)->constructed (obj); | |
68 | ||
69 | self = REALM_SSSD_IPA_PROVIDER (obj); | |
70 | ||
71 | realm_provider_set_name (REALM_PROVIDER (obj), "SssdIpa"); | |
72 | ||
73 | domains = realm_sssd_config_get_domains (self->config); | |
74 | for (i = 0; domains && domains[i] != 0; i++) { | |
75 | section = realm_sssd_config_domain_to_section (domains[i]); | |
76 | type = realm_ini_config_get (self->config, section, "id_provider"); | |
77 | realm = realm_ini_config_get (self->config, section, "krb5_realm"); | |
78 | g_free (section); | |
79 | ||
80 | if (g_strcmp0 (type, "ipa") == 0) { | |
81 | realm_provider_lookup_or_register_realm (REALM_PROVIDER (self), | |
82 | REALM_TYPE_SSSD_IPA, | |
83 | realm ? realm : domains[i], NULL); | |
84 | } | |
85 | ||
86 | g_free (realm); | |
87 | g_free (type); | |
88 | } | |
89 | g_strfreev (domains); | |
90 | } | |
91 | ||
92 | static void | |
93 | on_ipa_discover (GObject *source, | |
94 | GAsyncResult *result, | |
95 | gpointer user_data) | |
96 | { | |
97 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); | |
98 | g_simple_async_result_set_op_res_gpointer (async, g_object_ref (result), g_object_unref); | |
99 | g_simple_async_result_complete (async); | |
100 | g_object_unref (async); | |
101 | } | |
102 | ||
103 | static void | |
104 | realm_sssd_ipa_provider_discover_async (RealmProvider *provider, | |
105 | const gchar *string, | |
106 | GVariant *options, | |
107 | GDBusMethodInvocation *invocation, | |
108 | GAsyncReadyCallback callback, | |
109 | gpointer user_data) | |
110 | { | |
111 | GSimpleAsyncResult *async; | |
112 | ||
113 | async = g_simple_async_result_new (G_OBJECT (provider), callback, user_data, | |
114 | realm_sssd_ipa_provider_discover_async); | |
115 | ||
116 | if (!realm_provider_match_options (options, | |
117 | REALM_DBUS_IDENTIFIER_FREEIPA, | |
118 | REALM_DBUS_IDENTIFIER_SSSD)) { | |
119 | g_simple_async_result_complete_in_idle (async); | |
120 | ||
121 | } else { | |
122 | realm_kerberos_discover_async (string, invocation, on_ipa_discover, | |
123 | g_object_ref (async)); | |
124 | } | |
125 | ||
126 | g_object_unref (async); | |
127 | ||
128 | } | |
129 | ||
130 | static gint | |
131 | realm_sssd_ipa_provider_discover_finish (RealmProvider *provider, | |
132 | GAsyncResult *result, | |
133 | GVariant **realms, | |
134 | GError **error) | |
135 | { | |
136 | GSimpleAsyncResult *async; | |
137 | GAsyncResult *ipa_result; | |
138 | RealmKerberos *realm = NULL; | |
139 | GHashTable *discovery; | |
140 | const gchar *object_path; | |
141 | gchar *name; | |
142 | ||
143 | async = G_SIMPLE_ASYNC_RESULT (result); | |
144 | ipa_result = g_simple_async_result_get_op_res_gpointer (async); | |
145 | if (ipa_result == NULL) | |
146 | return 0; | |
147 | ||
148 | name = realm_kerberos_discover_finish (ipa_result, &discovery, error); | |
149 | if (name == NULL) | |
150 | return 0; | |
151 | ||
152 | if (realm_discovery_has_string (discovery, | |
153 | REALM_DBUS_OPTION_SERVER_SOFTWARE, | |
154 | REALM_DBUS_IDENTIFIER_FREEIPA)) { | |
155 | ||
156 | realm = realm_provider_lookup_or_register_realm (provider, | |
157 | REALM_TYPE_SSSD_IPA, | |
158 | name, discovery); | |
159 | } | |
160 | ||
161 | g_free (name); | |
162 | g_hash_table_unref (discovery); | |
163 | ||
164 | if (realm == NULL) | |
165 | return 0; | |
166 | ||
167 | object_path = g_dbus_object_get_object_path (G_DBUS_OBJECT (realm)); | |
168 | *realms = g_variant_new_objv (&object_path, 1); | |
169 | g_variant_ref_sink (*realms); | |
170 | ||
171 | return 100; | |
172 | } | |
173 | ||
174 | static void | |
175 | realm_sssd_ipa_provider_get_property (GObject *obj, | |
176 | guint prop_id, | |
177 | GValue *value, | |
178 | GParamSpec *pspec) | |
179 | { | |
180 | RealmSssdIpaProvider *self = REALM_SSSD_IPA_PROVIDER (obj); | |
181 | ||
182 | switch (prop_id) { | |
183 | case PROP_SSSD_CONFIG: | |
184 | g_value_set_object (value, self->config); | |
185 | break; | |
186 | default: | |
187 | G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec); | |
188 | break; | |
189 | } | |
190 | } | |
191 | ||
192 | static void | |
193 | realm_sssd_ipa_provider_finalize (GObject *obj) | |
194 | { | |
195 | RealmSssdIpaProvider *self = REALM_SSSD_IPA_PROVIDER (obj); | |
196 | ||
197 | g_object_unref (self->config); | |
198 | ||
199 | G_OBJECT_CLASS (realm_sssd_ipa_provider_parent_class)->finalize (obj); | |
200 | } | |
201 | ||
202 | void | |
203 | realm_sssd_ipa_provider_class_init (RealmSssdIpaProviderClass *klass) | |
204 | { | |
205 | RealmProviderClass *provider_class = REALM_PROVIDER_CLASS (klass); | |
206 | GObjectClass *object_class = G_OBJECT_CLASS (klass); | |
207 | ||
208 | provider_class->discover_async = realm_sssd_ipa_provider_discover_async; | |
209 | provider_class->discover_finish = realm_sssd_ipa_provider_discover_finish; | |
210 | ||
211 | object_class->constructed = realm_sssd_ipa_provider_constructed; | |
212 | object_class->get_property = realm_sssd_ipa_provider_get_property; | |
213 | object_class->finalize = realm_sssd_ipa_provider_finalize; | |
214 | ||
215 | g_object_class_install_property (object_class, PROP_SSSD_CONFIG, | |
216 | g_param_spec_object ("sssd-config", "Sssd Config", "Sssd Config", | |
217 | REALM_TYPE_INI_CONFIG, G_PARAM_READABLE | G_PARAM_STATIC_STRINGS)); | |
218 | } | |
219 | ||
220 | RealmProvider * | |
221 | realm_sssd_ipa_provider_new (void) | |
222 | { | |
223 | return g_object_new (REALM_TYPE_SSSD_IPA_PROVIDER, | |
224 | "g-object-path", REALM_DBUS_SSSD_IPA_PATH, | |
225 | NULL); | |
226 | } |
0 | /* realmd -- Realm configuration service | |
1 | * | |
2 | * Copyright 2012 Red Hat Inc | |
3 | * | |
4 | * This program is free software: you can redistribute it and/or modify | |
5 | * it under the terms of the GNU Lesser General Public License as published | |
6 | * by the Free Software Foundation; either version 2 of the licence or (at | |
7 | * your option) any later version. | |
8 | * | |
9 | * See the included COPYING file for more information. | |
10 | * | |
11 | * Author: Stef Walter <stefw@gnome.org> | |
12 | */ | |
13 | ||
14 | #include "config.h" | |
15 | ||
16 | #ifndef __REALM_SSSD_IPA_PROVIDER_H__ | |
17 | #define __REALM_SSSD_IPA_PROVIDER_H__ | |
18 | ||
19 | #include <gio/gio.h> | |
20 | ||
21 | #include "realm-provider.h" | |
22 | ||
23 | G_BEGIN_DECLS | |
24 | ||
25 | #define REALM_TYPE_SSSD_IPA_PROVIDER (realm_sssd_ipa_provider_get_type ()) | |
26 | #define REALM_SSSD_IPA_PROVIDER(inst) (G_TYPE_CHECK_INSTANCE_CAST ((inst), REALM_TYPE_SSSD_IPA_PROVIDER, RealmSssdIpaProvider)) | |
27 | #define REALM_IS_SSSD_IPA_PROVIDER(inst) (G_TYPE_CHECK_INSTANCE_TYPE ((inst), REALM_TYPE_SSSD_IPA_PROVIDER)) | |
28 | ||
29 | typedef struct _RealmSssdIpaProvider RealmSssdIpaProvider; | |
30 | ||
31 | GType realm_sssd_ipa_provider_get_type (void) G_GNUC_CONST; | |
32 | ||
33 | RealmProvider * realm_sssd_ipa_provider_new (void); | |
34 | ||
35 | G_END_DECLS | |
36 | ||
37 | #endif /* __REALM_SSSD_IPA_PROVIDER_H__ */ |
0 | /* realmd -- Realm configuration service | |
1 | * | |
2 | * Copyright 2012 Red Hat Inc | |
3 | * | |
4 | * This program is free software: you can redistribute it and/or modify | |
5 | * it under the terms of the GNU Lesser General Public License as published | |
6 | * by the Free Software Foundation; either version 2 of the licence or (at | |
7 | * your option) any later version. | |
8 | * | |
9 | * See the included COPYING file for more information. | |
10 | * | |
11 | * Author: Stef Walter <stefw@gnome.org> | |
12 | */ | |
13 | ||
14 | #include "config.h" | |
15 | ||
16 | #include "realm-command.h" | |
17 | #include "realm-daemon.h" | |
18 | #include "realm-dbus-constants.h" | |
19 | #include "realm-diagnostics.h" | |
20 | #include "realm-discovery.h" | |
21 | #include "realm-errors.h" | |
22 | #include "realm-kerberos.h" | |
23 | #include "realm-kerberos-discover.h" | |
24 | #include "realm-packages.h" | |
25 | #include "realm-sssd-ad.h" | |
26 | #include "realm-sssd-ipa.h" | |
27 | #include "realm-sssd-provider.h" | |
28 | #include "realm-sssd-config.h" | |
29 | ||
30 | #include <glib/gstdio.h> | |
31 | ||
32 | #include <errno.h> | |
33 | ||
34 | struct _RealmSssdProvider { | |
35 | RealmProvider parent; | |
36 | RealmIniConfig *config; | |
37 | }; | |
38 | ||
39 | typedef struct { | |
40 | RealmProviderClass parent_class; | |
41 | } RealmSssdProviderClass; | |
42 | ||
43 | enum { | |
44 | PROP_0, | |
45 | PROP_SSSD_CONFIG, | |
46 | }; | |
47 | ||
48 | #define REALM_DBUS_SSSD_PATH "/org/freedesktop/realmd/Sssd" | |
49 | ||
50 | G_DEFINE_TYPE (RealmSssdProvider, realm_sssd_provider, REALM_TYPE_PROVIDER); | |
51 | ||
52 | static void | |
53 | realm_sssd_provider_init (RealmSssdProvider *self) | |
54 | { | |
55 | self->config = realm_sssd_config_new (NULL); | |
56 | } | |
57 | ||
58 | static void | |
59 | realm_sssd_provider_constructed (GObject *obj) | |
60 | { | |
61 | RealmSssdProvider *self; | |
62 | GType realm_type; | |
63 | const gchar *name; | |
64 | gchar **domains; | |
65 | gchar *section; | |
66 | gchar *realm; | |
67 | gchar *type; | |
68 | gchar *domain; | |
69 | gint i; | |
70 | ||
71 | G_OBJECT_CLASS (realm_sssd_provider_parent_class)->constructed (obj); | |
72 | ||
73 | self = REALM_SSSD_PROVIDER (obj); | |
74 | ||
75 | realm_provider_set_name (REALM_PROVIDER (self), "Sssd"); | |
76 | ||
77 | domains = realm_sssd_config_get_domains (self->config); | |
78 | for (i = 0; domains && domains[i] != 0; i++) { | |
79 | section = realm_sssd_config_domain_to_section (domains[i]); | |
80 | type = realm_ini_config_get (self->config, section, "id_provider"); | |
81 | realm = realm_ini_config_get (self->config, section, "krb5_realm"); | |
82 | domain = NULL; | |
83 | ||
84 | if (g_strcmp0 (type, "ad") == 0) { | |
85 | name = domain = realm_ini_config_get (self->config, section, "ad_domain"); | |
86 | realm_type = REALM_TYPE_SSSD_AD; | |
87 | } else if (g_strcmp0 (type, "ipa") == 0) { | |
88 | name = domain = realm_ini_config_get (self->config, section, "ipa_domain"); | |
89 | realm_type = REALM_TYPE_SSSD_IPA; | |
90 | } else { | |
91 | name = domain = NULL; | |
92 | realm_type = 0; | |
93 | } | |
94 | ||
95 | if (name == NULL) | |
96 | name = realm; | |
97 | if (name == NULL) | |
98 | name = domains[i]; | |
99 | ||
100 | if (realm_type) | |
101 | realm_provider_lookup_or_register_realm (REALM_PROVIDER (self), realm_type, name, NULL); | |
102 | ||
103 | g_free (realm); | |
104 | g_free (type); | |
105 | g_free (domain); | |
106 | g_free (section); | |
107 | } | |
108 | g_strfreev (domains); | |
109 | } | |
110 | ||
111 | static void | |
112 | on_kerberos_discover (GObject *source, | |
113 | GAsyncResult *result, | |
114 | gpointer user_data) | |
115 | { | |
116 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); | |
117 | g_simple_async_result_set_op_res_gpointer (async, g_object_ref (result), g_object_unref); | |
118 | g_simple_async_result_complete (async); | |
119 | g_object_unref (async); | |
120 | } | |
121 | ||
122 | static void | |
123 | realm_sssd_provider_discover_async (RealmProvider *provider, | |
124 | const gchar *string, | |
125 | GVariant *options, | |
126 | GDBusMethodInvocation *invocation, | |
127 | GAsyncReadyCallback callback, | |
128 | gpointer user_data) | |
129 | { | |
130 | GSimpleAsyncResult *async; | |
131 | ||
132 | async = g_simple_async_result_new (G_OBJECT (provider), callback, user_data, | |
133 | realm_sssd_provider_discover_async); | |
134 | ||
135 | if (!realm_provider_match_options (options, REALM_DBUS_IDENTIFIER_ACTIVE_DIRECTORY, | |
136 | REALM_DBUS_IDENTIFIER_SSSD) && | |
137 | !realm_provider_match_options (options, REALM_DBUS_IDENTIFIER_FREEIPA, | |
138 | REALM_DBUS_IDENTIFIER_SSSD)) { | |
139 | g_simple_async_result_complete_in_idle (async); | |
140 | ||
141 | } else { | |
142 | realm_kerberos_discover_async (string, invocation, on_kerberos_discover, | |
143 | g_object_ref (async)); | |
144 | } | |
145 | ||
146 | g_object_unref (async); | |
147 | } | |
148 | ||
149 | static gint | |
150 | realm_sssd_provider_discover_finish (RealmProvider *provider, | |
151 | GAsyncResult *result, | |
152 | GVariant **realms, | |
153 | GError **error) | |
154 | { | |
155 | GSimpleAsyncResult *async; | |
156 | GAsyncResult *ad_result; | |
157 | RealmKerberos *realm = NULL; | |
158 | GHashTable *discovery; | |
159 | const gchar *object_path; | |
160 | gint priority; | |
161 | gchar *name; | |
162 | ||
163 | async = G_SIMPLE_ASYNC_RESULT (result); | |
164 | ad_result = g_simple_async_result_get_op_res_gpointer (async); | |
165 | if (ad_result == NULL) | |
166 | return 0; | |
167 | ||
168 | name = realm_kerberos_discover_finish (ad_result, &discovery, error); | |
169 | if (name == NULL) | |
170 | return 0; | |
171 | ||
172 | if (realm_discovery_has_string (discovery, | |
173 | REALM_DBUS_OPTION_SERVER_SOFTWARE, | |
174 | REALM_DBUS_IDENTIFIER_ACTIVE_DIRECTORY)) { | |
175 | ||
176 | realm = realm_provider_lookup_or_register_realm (provider, | |
177 | REALM_TYPE_SSSD_AD, | |
178 | name, discovery); | |
179 | priority = realm_provider_is_default (REALM_DBUS_IDENTIFIER_ACTIVE_DIRECTORY, REALM_DBUS_IDENTIFIER_SSSD) ? 100 : 50; | |
180 | ||
181 | } else if (realm_discovery_has_string (discovery, | |
182 | REALM_DBUS_OPTION_SERVER_SOFTWARE, | |
183 | REALM_DBUS_IDENTIFIER_FREEIPA)) { | |
184 | ||
185 | realm = realm_provider_lookup_or_register_realm (provider, | |
186 | REALM_TYPE_SSSD_IPA, | |
187 | name, discovery); | |
188 | priority = 100; | |
189 | } | |
190 | ||
191 | g_free (name); | |
192 | g_hash_table_unref (discovery); | |
193 | ||
194 | if (realm == NULL) | |
195 | return 0; | |
196 | ||
197 | object_path = g_dbus_object_get_object_path (G_DBUS_OBJECT (realm)); | |
198 | *realms = g_variant_new_objv (&object_path, 1); | |
199 | g_variant_ref_sink (*realms); | |
200 | ||
201 | /* Return a higher priority if we're the default */ | |
202 | return priority; | |
203 | } | |
204 | ||
205 | static void | |
206 | realm_sssd_provider_get_property (GObject *obj, | |
207 | guint prop_id, | |
208 | GValue *value, | |
209 | GParamSpec *pspec) | |
210 | { | |
211 | RealmSssdProvider *self = REALM_SSSD_PROVIDER (obj); | |
212 | ||
213 | switch (prop_id) { | |
214 | case PROP_SSSD_CONFIG: | |
215 | g_value_set_object (value, self->config); | |
216 | break; | |
217 | default: | |
218 | G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec); | |
219 | break; | |
220 | } | |
221 | } | |
222 | ||
223 | static void | |
224 | realm_sssd_provider_finalize (GObject *obj) | |
225 | { | |
226 | RealmSssdProvider *self = REALM_SSSD_PROVIDER (obj); | |
227 | ||
228 | g_object_unref (self->config); | |
229 | ||
230 | G_OBJECT_CLASS (realm_sssd_provider_parent_class)->finalize (obj); | |
231 | } | |
232 | ||
233 | void | |
234 | realm_sssd_provider_class_init (RealmSssdProviderClass *klass) | |
235 | { | |
236 | RealmProviderClass *provider_class = REALM_PROVIDER_CLASS (klass); | |
237 | GObjectClass *object_class = G_OBJECT_CLASS (klass); | |
238 | ||
239 | provider_class->discover_async = realm_sssd_provider_discover_async; | |
240 | provider_class->discover_finish = realm_sssd_provider_discover_finish; | |
241 | ||
242 | object_class->constructed = realm_sssd_provider_constructed; | |
243 | object_class->get_property = realm_sssd_provider_get_property; | |
244 | object_class->finalize = realm_sssd_provider_finalize; | |
245 | ||
246 | g_object_class_install_property (object_class, PROP_SSSD_CONFIG, | |
247 | g_param_spec_object ("sssd-config", "Sssd Config", "Sssd Config", | |
248 | REALM_TYPE_INI_CONFIG, G_PARAM_READABLE | G_PARAM_STATIC_STRINGS)); | |
249 | ||
250 | } | |
251 | ||
252 | RealmProvider * | |
253 | realm_sssd_provider_new (void) | |
254 | { | |
255 | return g_object_new (REALM_TYPE_SSSD_PROVIDER, | |
256 | "g-object-path", REALM_DBUS_SSSD_PATH, | |
257 | NULL); | |
258 | } |
0 | /* realmd -- Realm configuration service | |
1 | * | |
2 | * Copyright 2012 Red Hat Inc | |
3 | * | |
4 | * This program is free software: you can redistribute it and/or modify | |
5 | * it under the terms of the GNU Lesser General Public License as published | |
6 | * by the Free Software Foundation; either version 2 of the licence or (at | |
7 | * your option) any later version. | |
8 | * | |
9 | * See the included COPYING file for more information. | |
10 | * | |
11 | * Author: Stef Walter <stefw@gnome.org> | |
12 | */ | |
13 | ||
14 | #include "config.h" | |
15 | ||
16 | #ifndef __REALM_SSSD_PROVIDER_H__ | |
17 | #define __REALM_SSSD_PROVIDER_H__ | |
18 | ||
19 | #include <gio/gio.h> | |
20 | ||
21 | #include "realm-provider.h" | |
22 | ||
23 | G_BEGIN_DECLS | |
24 | ||
25 | #define REALM_TYPE_SSSD_PROVIDER (realm_sssd_provider_get_type ()) | |
26 | #define REALM_SSSD_PROVIDER(inst) (G_TYPE_CHECK_INSTANCE_CAST ((inst), REALM_TYPE_SSSD_PROVIDER, RealmSssdProvider)) | |
27 | #define REALM_IS_SSSD_PROVIDER(inst) (G_TYPE_CHECK_INSTANCE_TYPE ((inst), REALM_TYPE_SSSD_PROVIDER)) | |
28 | ||
29 | typedef struct _RealmSssdProvider RealmSssdProvider; | |
30 | ||
31 | GType realm_sssd_provider_get_type (void) G_GNUC_CONST; | |
32 | ||
33 | RealmProvider * realm_sssd_provider_new (void); | |
34 | ||
35 | G_END_DECLS | |
36 | ||
37 | #endif /* __REALM_SSSD_PROVIDER_H__ */ |
27 | 27 | |
28 | 28 | #include <glib/gstdio.h> |
29 | 29 | |
30 | #include <string.h> | |
31 | ||
30 | 32 | struct _RealmSssdPrivate { |
31 | 33 | gchar *domain; |
32 | 34 | gchar *section; |
39 | 41 | PROP_PROVIDER, |
40 | 42 | }; |
41 | 43 | |
44 | static void update_properties (RealmSssd *self); | |
45 | ||
42 | 46 | G_DEFINE_TYPE (RealmSssd, realm_sssd, REALM_TYPE_KERBEROS); |
43 | 47 | |
44 | 48 | static void |
53 | 57 | gpointer user_data) |
54 | 58 | { |
55 | 59 | GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data); |
60 | RealmSssd *self = REALM_SSSD (g_async_result_get_source_object (user_data)); | |
56 | 61 | GError *error = NULL; |
57 | 62 | |
58 | 63 | realm_service_restart_finish (result, &error); |
59 | 64 | if (error != NULL) |
60 | 65 | g_simple_async_result_take_error (async, error); |
61 | 66 | |
67 | update_properties (self); | |
62 | 68 | g_simple_async_result_complete (async); |
69 | ||
63 | 70 | g_object_unref (async); |
71 | g_object_unref (self); | |
64 | 72 | } |
65 | 73 | |
66 | 74 | static gboolean |
71 | 79 | const gchar **remove_names, |
72 | 80 | GError **error) |
73 | 81 | { |
82 | gchar *allow; | |
83 | ||
74 | 84 | if (!realm_ini_config_begin_change (config, error)) |
75 | 85 | return FALSE; |
76 | 86 | |
78 | 88 | realm_ini_config_set (config, section, "access_provider", access_provider); |
79 | 89 | realm_ini_config_set_list_diff (config, section, "simple_allow_users", ",", |
80 | 90 | add_names, remove_names); |
91 | ||
92 | /* | |
93 | * HACK: Work around for sssd problem where it allows users if | |
94 | * simple_allow_users is empty. Set it to a comma in this case. | |
95 | */ | |
96 | allow = realm_ini_config_get (config, section, "simple_allow_users"); | |
97 | if (allow != NULL) { | |
98 | g_strstrip (allow); | |
99 | if (g_str_equal (allow, "") || g_str_equal (allow, ",")) { | |
100 | g_free (allow); | |
101 | allow = NULL; | |
102 | } | |
103 | } | |
104 | ||
105 | if (allow == NULL) { | |
106 | if (g_str_equal (access_provider, "simple")) | |
107 | realm_ini_config_set (config, section, "simple_allow_users", ","); | |
108 | else | |
109 | realm_ini_config_set (config, section, "simple_allow_users", NULL); | |
110 | } | |
111 | ||
112 | g_free (allow); | |
113 | ||
81 | 114 | return realm_ini_config_finish_change (config, error); |
82 | 115 | } |
83 | 116 | |
138 | 171 | return; |
139 | 172 | } |
140 | 173 | |
141 | if (add_names && remove_names) { | |
142 | ret = sssd_config_change_login_policy (self->pv->config, | |
143 | self->pv->section, | |
144 | access_provider, | |
145 | (const gchar **)add_names, | |
146 | (const gchar **)remove_names, | |
147 | &error); | |
148 | ||
149 | if (ret) { | |
150 | realm_service_restart ("sssd", invocation, | |
151 | on_logins_restarted, | |
152 | g_object_ref (async)); | |
153 | ||
154 | } else { | |
155 | g_simple_async_result_take_error (async, error); | |
156 | g_simple_async_result_complete_in_idle (async); | |
157 | } | |
174 | ret = sssd_config_change_login_policy (self->pv->config, | |
175 | self->pv->section, | |
176 | access_provider, | |
177 | (const gchar **)add_names, | |
178 | (const gchar **)remove_names, | |
179 | &error); | |
180 | ||
181 | if (ret) { | |
182 | realm_service_restart ("sssd", invocation, | |
183 | on_logins_restarted, | |
184 | g_object_ref (async)); | |
185 | } else { | |
186 | g_simple_async_result_take_error (async, error); | |
187 | g_simple_async_result_complete_in_idle (async); | |
158 | 188 | } |
159 | 189 | |
160 | 190 | g_strfreev (remove_names); |
285 | 315 | if (g_strcmp0 (access, "simple") == 0) { |
286 | 316 | values = realm_ini_config_get_list (self->pv->config, self->pv->section, |
287 | 317 | "simple_allow_users", ","); |
288 | for (i = 0; values != NULL && values[i] != NULL; i++) | |
289 | g_ptr_array_add (permitted, realm_kerberos_format_login (kerberos, values[i])); | |
318 | for (i = 0; values != NULL && values[i] != NULL; i++) { | |
319 | if (!g_str_equal (values[i], "")) | |
320 | g_ptr_array_add (permitted, realm_kerberos_format_login (kerberos, values[i])); | |
321 | } | |
290 | 322 | g_strfreev (values); |
291 | 323 | g_free (access); |
292 | 324 | policy = REALM_KERBEROS_ALLOW_PERMITTED_LOGINS; |
325 | 357 | for (i = 0; domains && domains[i]; i++) { |
326 | 358 | section = realm_sssd_config_domain_to_section (domains[i]); |
327 | 359 | realm = realm_ini_config_get (self->pv->config, section, "krb5_realm"); |
328 | if (g_strcmp0 (realm, name) == 0) { | |
360 | if (realm && name && g_ascii_strcasecmp (realm, name) == 0) { | |
329 | 361 | domain = g_strdup (domains[i]); |
330 | 362 | break; |
331 | 363 | } else { |
441 | 473 | g_return_val_if_fail (REALM_IS_SSSD (self), NULL); |
442 | 474 | return self->pv->domain; |
443 | 475 | } |
476 | ||
477 | gchar * | |
478 | realm_sssd_build_default_home (const gchar *value) | |
479 | { | |
480 | gchar *home; | |
481 | char *pos; | |
482 | ||
483 | /* Change from our format to the sssd format place-holders */ | |
484 | home = g_strdup (value); | |
485 | pos = strstr (home, "%U"); | |
486 | if (pos) | |
487 | pos[1] = 'u'; | |
488 | pos = strstr (home, "%D"); | |
489 | if (pos) | |
490 | pos[1] = 'd'; | |
491 | ||
492 | return home; | |
493 | } | |
494 | ||
495 | typedef struct { | |
496 | GSimpleAsyncResult *async; | |
497 | GDBusMethodInvocation *invocation; | |
498 | RealmIniConfig *config; | |
499 | gchar *domain; | |
500 | } DeconfClosure; | |
501 | ||
502 | static void | |
503 | deconfigure_closure_free (gpointer data) | |
504 | { | |
505 | DeconfClosure *deconf = data; | |
506 | g_object_unref (deconf->async); | |
507 | g_object_unref (deconf->invocation); | |
508 | g_object_unref (deconf->config); | |
509 | g_free (deconf->domain); | |
510 | g_slice_free (DeconfClosure, deconf); | |
511 | } | |
512 | ||
513 | static void | |
514 | on_service_disable_done (GObject *source, | |
515 | GAsyncResult *result, | |
516 | gpointer user_data) | |
517 | { | |
518 | DeconfClosure *deconf = user_data; | |
519 | GError *error = NULL; | |
520 | ||
521 | realm_service_disable_and_stop_finish (result, &error); | |
522 | if (error != NULL) { | |
523 | realm_diagnostics_error (deconf->invocation, error, NULL); | |
524 | g_error_free (error); | |
525 | } | |
526 | ||
527 | g_simple_async_result_complete (deconf->async); | |
528 | deconfigure_closure_free (deconf); | |
529 | } | |
530 | ||
531 | static void | |
532 | on_service_restart_done (GObject *source, | |
533 | GAsyncResult *result, | |
534 | gpointer user_data) | |
535 | { | |
536 | DeconfClosure *deconf = user_data; | |
537 | GError *error = NULL; | |
538 | ||
539 | realm_service_restart_finish (result, &error); | |
540 | if (error != NULL) { | |
541 | realm_diagnostics_error (deconf->invocation, error, NULL); | |
542 | g_error_free (error); | |
543 | } | |
544 | ||
545 | g_simple_async_result_complete (deconf->async); | |
546 | deconfigure_closure_free (deconf); | |
547 | } | |
548 | ||
549 | static void | |
550 | on_disable_nss_service (GObject *source, | |
551 | GAsyncResult *result, | |
552 | gpointer user_data) | |
553 | { | |
554 | DeconfClosure *deconf = user_data; | |
555 | GError *error = NULL; | |
556 | gint status; | |
557 | ||
558 | status = realm_command_run_finish (result, NULL, &error); | |
559 | if (error == NULL && status != 0) { | |
560 | realm_diagnostics_error (deconf->invocation, error, | |
561 | "Disabling sssd in PAM failed."); | |
562 | g_clear_error (&error); | |
563 | } | |
564 | ||
565 | realm_service_disable_and_stop ("sssd", deconf->invocation, | |
566 | on_service_disable_done, deconf); | |
567 | } | |
568 | ||
569 | static void | |
570 | on_sssd_clear_cache (GObject *source, | |
571 | GAsyncResult *result, | |
572 | gpointer user_data) | |
573 | { | |
574 | DeconfClosure *deconf = user_data; | |
575 | GError *error = NULL; | |
576 | gchar **domains; | |
577 | gint status; | |
578 | ||
579 | status = realm_command_run_finish (result, NULL, &error); | |
580 | if (status != 0) { | |
581 | realm_diagnostics_error (deconf->invocation, error, | |
582 | "Flushing the sssd cache failed"); | |
583 | g_clear_error (&error); | |
584 | } | |
585 | ||
586 | /* Deconfigure sssd.conf */ | |
587 | realm_diagnostics_info (deconf->invocation, "Removing domain configuration from sssd.conf"); | |
588 | if (!realm_sssd_config_remove_domain (deconf->config, deconf->domain, &error)) { | |
589 | g_simple_async_result_take_error (deconf->async, error); | |
590 | g_simple_async_result_complete (deconf->async); | |
591 | deconfigure_closure_free (deconf); | |
592 | return; | |
593 | } | |
594 | ||
595 | /* If no domains, then disable sssd */ | |
596 | domains = realm_sssd_config_get_domains (deconf->config); | |
597 | if (domains == NULL || g_strv_length (domains) == 0) { | |
598 | realm_command_run_known_async ("sssd-disable-logins", NULL, deconf->invocation, | |
599 | NULL, on_disable_nss_service, deconf); | |
600 | ||
601 | /* If any domains left, then restart sssd */ | |
602 | } else { | |
603 | realm_service_restart ("sssd", deconf->invocation, | |
604 | on_service_restart_done, deconf); | |
605 | } | |
606 | ||
607 | g_strfreev (domains); | |
608 | } | |
609 | ||
610 | void | |
611 | realm_sssd_deconfigure_domain_tail (RealmSssd *self, | |
612 | GSimpleAsyncResult *async, | |
613 | GDBusMethodInvocation *invocation) | |
614 | { | |
615 | DeconfClosure *deconf; | |
616 | GError *error = NULL; | |
617 | const gchar *realm_name; | |
618 | ||
619 | realm_name = realm_kerberos_get_realm_name (REALM_KERBEROS (self)); | |
620 | ||
621 | /* Flush the keytab of all the entries for this realm */ | |
622 | realm_diagnostics_info (invocation, "Removing entries from keytab for realm"); | |
623 | if (!realm_kerberos_flush_keytab (realm_name, &error)) { | |
624 | g_simple_async_result_take_error (async, error); | |
625 | g_simple_async_result_complete_in_idle (async); | |
626 | return; | |
627 | } | |
628 | ||
629 | deconf = g_new0 (DeconfClosure, 1); | |
630 | deconf->async = g_object_ref (async); | |
631 | deconf->invocation = g_object_ref (invocation); | |
632 | deconf->config = g_object_ref (self->pv->config); | |
633 | deconf->domain = g_strdup (self->pv->domain); | |
634 | ||
635 | /* | |
636 | * TODO: We would really like to do this after removing the domain, to prevent races | |
637 | * but we can't because otherwise sss_cache doesn't clear that domain :S | |
638 | */ | |
639 | ||
640 | realm_command_run_known_async ("sssd-caches-flush", NULL, deconf->invocation, | |
641 | NULL, on_sssd_clear_cache, deconf); | |
642 | } |
50 | 50 | |
51 | 51 | const gchar * realm_sssd_get_config_domain (RealmSssd *self); |
52 | 52 | |
53 | gchar * realm_sssd_build_default_home (const gchar *value); | |
54 | ||
55 | void realm_sssd_deconfigure_domain_tail (RealmSssd *self, | |
56 | GSimpleAsyncResult *async, | |
57 | GDBusMethodInvocation *invocation); | |
58 | ||
53 | 59 | G_END_DECLS |
54 | 60 | |
55 | 61 | #endif /* __REALM_SSSD_H__ */ |
0 | # Distro specific overrides for debian | |
1 | [paths] | |
2 | smb.conf = /etc/samba/smb.conf | |
3 | ||
4 | # | |
5 | # Normally in these packages sections we can specify a file | |
6 | # to quickly check if the package is installed. However | |
7 | # different archictectures put the pam and nss plugins in | |
8 | # different directories, so no really great way to check them. | |
9 | # | |
10 | # On the other hand package-kit + apt doesn't suck as much | |
11 | # as package-kit + yum, so lets just leave these blank and | |
12 | # check that they are installed through the package manager. | |
13 | # | |
14 | [samba-packages] | |
15 | samba-common-bin = /usr/bin/net | |
16 | ||
17 | [winbind-packages] | |
18 | winbind = /usr/sbin/winbindd | |
19 | libpam-winbind = | |
20 | ||
21 | [sssd-packages] | |
22 | sssd = /usr/sbin/sssd | |
23 | libnss-sss = | |
24 | libpam-sss = | |
25 | ||
26 | [adcli-packages] | |
27 | adcli = /usr/sbin/adcli | |
28 | ||
29 | [commands] | |
30 | ||
31 | # Various pam and nss plugins are automatically configured when | |
32 | # installed on debian. So just stub them out. | |
33 | ||
34 | winbind-enable-logins = | |
35 | winbind-disable-logins = | |
36 | sssd-enable-logins = | |
37 | sssd-disable-logins = | |
38 | ||
39 | winbind-enable-service = /usr/sbin/update-rc.d winbind enable | |
40 | winbind-disable-service = /usr/sbin/update-rc.d winbind disable | |
41 | winbind-restart-service = /usr/sbin/service winbind restart | |
42 | winbind-stop-service = /usr/sbin/service winbind stop | |
43 | ||
44 | sssd-enable-service = /usr/sbin/update-rc.d sssd enable | |
45 | sssd-disable-service = /usr/sbin/update-rc.d sssd disable | |
46 | sssd-restart-service = /usr/sbin/service sssd restart | |
47 | sssd-stop-service = /usr/sbin/service sssd restart |
9 | 9 | [active-directory] |
10 | 10 | default-client = sssd |
11 | 11 | |
12 | [services] | |
13 | winbind = winbind | |
14 | sssd = sssd | |
15 | ||
16 | 12 | [samba-packages] |
17 | 13 | |
18 | 14 | [winbind-packages] |
23 | 19 | |
24 | 20 | [commands] |
25 | 21 | |
26 | [user] | |
27 | shell = /bin/bash | |
22 | [users] | |
23 | default-shell = /bin/bash | |
24 | default-home = /home/%D/%U |
10 | 10 | |
11 | 11 | [sssd-packages] |
12 | 12 | sssd = /usr/sbin/sssd |
13 | sssd-tools = /usr/sbin/sss_cache | |
13 | 14 | |
14 | 15 | [adcli-packages] |
15 | 16 | adcli = /usr/sbin/adcli |
16 | 17 | |
17 | 18 | [commands] |
18 | winbind-enable-logins = /usr/sbin/authconfig --update --enablewinbind --enablewinbindauth | |
19 | winbind-enable-logins = /usr/sbin/authconfig --update --enablewinbind --enablewinbindauth --enablemkhomedir | |
19 | 20 | winbind-disable-logins = /usr/sbin/authconfig --update --disablewinbind --disablewinbindauth |
20 | sssd-enable-logins = /usr/sbin/authconfig --update --enablesssd --enablesssdauth | |
21 | sssd-disable-logins = /usr/sbin/authconfig --update --disablesssd --disablesssdauth | |
21 | winbind-enable-service = /usr/bin/systemctl enable winbind.service | |
22 | winbind-disable-service = /usr/bin/systemctl disable winbind.service | |
23 | winbind-restart-service = /usr/bin/systemctl restart winbind.service | |
24 | winbind-stop-service = /usr/bin/systemctl stop winbind.service | |
25 | ||
26 | sssd-enable-logins = /usr/sbin/authconfig --update --enablesssd --enablesssdauth --enablemkhomedir | |
27 | sssd-disable-logins = /usr/sbin/authconfig --update --disablesssdauth | |
28 | sssd-enable-service = /usr/bin/systemctl enable sssd.service | |
29 | sssd-disable-service = /usr/bin/systemctl disable sssd.service | |
30 | sssd-restart-service = /usr/bin/systemctl restart sssd.service | |
31 | sssd-stop-service = /usr/bin/systemctl stop sssd.service | |
32 | ||
33 | name-caches-flush = /usr/bin/systemctl try-restart accounts-daemon.service | |
34 | sssd-caches-flush = /usr/sbin/sss_cache --users --groups --netgroups --services --autofs-maps |
258 | 258 | USE_NLS = @USE_NLS@ |
259 | 259 | VERSION = @VERSION@ |
260 | 260 | XGETTEXT = @XGETTEXT@ |
261 | XSLTPROC = @XSLTPROC@ | |
261 | 262 | abs_builddir = @abs_builddir@ |
262 | 263 | abs_srcdir = @abs_srcdir@ |
263 | 264 | abs_top_builddir = @abs_top_builddir@ |
0 | # Empty so far⏎ | |
0 | ||
1 | # Required for sssd config tests | |
2 | [users] | |
3 | default-shell = /bin/bash | |
4 | default-home = /home/%D/%U |
328 | 328 | } |
329 | 329 | |
330 | 330 | static void |
331 | test_set_and_get (Test *test, | |
332 | gconstpointer unused) | |
333 | { | |
334 | const gchar *data = "[section]\n1=one\n2=two\n\n[another]\n4=four"; | |
335 | gchar *output; | |
336 | ||
337 | realm_ini_config_read_string (test->config, data); | |
338 | ||
339 | realm_ini_config_set (test->config, "section", "3", "three"); | |
340 | ||
341 | output = realm_ini_config_get (test->config, "section", "3"); | |
342 | g_assert_cmpstr (output, ==, "three"); | |
343 | g_free (output); | |
344 | } | |
345 | ||
346 | static void | |
331 | 347 | test_set_section (Test *test, |
332 | 348 | gconstpointer unused) |
333 | 349 | { |
623 | 639 | |
624 | 640 | g_test_add ("/realmd/ini-config/set", Test, NULL, setup, test_set, teardown); |
625 | 641 | g_test_add ("/realmd/ini-config/set-middle", Test, NULL, setup, test_set_middle, teardown); |
642 | g_test_add ("/realmd/ini-config/set-and-get", Test, NULL, setup, test_set_and_get, teardown); | |
626 | 643 | g_test_add ("/realmd/ini-config/set-section", Test, NULL, setup, test_set_section, teardown); |
627 | 644 | g_test_add ("/realmd/ini-config/set-all", Test, NULL, setup, test_set_all, teardown); |
628 | 645 |
89 | 89 | gconstpointer unused) |
90 | 90 | { |
91 | 91 | const gchar *data = "[domain/one]\nval=1\n[sssd]\ndomains=one"; |
92 | const gchar *check = "[domain/one]\nval=1\n[sssd]\ndomains = one, two\n\n[domain/two]\ndos = 2\n"; | |
92 | const gchar *check = "[domain/one]\nval=1\n[sssd]\ndomains = one, two\n\n[nss]\ndefault_shell = /bin/bash\n\n[domain/two]\ndos = 2\n"; | |
93 | 93 | GError *error = NULL; |
94 | 94 | gchar *output; |
95 | 95 | gboolean ret; |
139 | 139 | test_add_domain_only (Test *test, |
140 | 140 | gconstpointer unused) |
141 | 141 | { |
142 | const gchar *check = "\n[sssd]\ndomains = two\nconfig_file_version = 2\nservices = nss, pam\n\n[domain/two]\ndos = 2\n"; | |
142 | const gchar *check = "\n[sssd]\ndomains = two\nconfig_file_version = 2\nservices = nss, pam\n\n[nss]\ndefault_shell = /bin/bash\n\n[domain/two]\ndos = 2\n"; | |
143 | 143 | GError *error = NULL; |
144 | 144 | gchar *output; |
145 | 145 | gboolean ret; |
247 | 247 | g_free (output); |
248 | 248 | } |
249 | 249 | |
250 | static void | |
251 | test_remove_and_add_domain (Test *test, | |
252 | gconstpointer unused) | |
253 | { | |
254 | const gchar *data = "[domain/one]\nval = 1\n\n[nss]\ndefault_shell = /bin/bash\n\n[sssd]\ndomains = one, two\n\n[domain/two]\nval = 2\n"; | |
255 | GError *error = NULL; | |
256 | gchar *output; | |
257 | gboolean ret; | |
258 | ||
259 | realm_ini_config_read_string (test->config, data); | |
260 | ret = realm_ini_config_write_file (test->config, "/tmp/test-sssd.conf", &error); | |
261 | g_assert_no_error (error); | |
262 | g_assert (ret == TRUE); | |
263 | ||
264 | ret = realm_sssd_config_remove_domain (test->config, "two", &error); | |
265 | g_assert_no_error (error); | |
266 | g_assert (ret == TRUE); | |
267 | ||
268 | ret = realm_sssd_config_add_domain (test->config, "two", &error, | |
269 | "val", "2", | |
270 | NULL); | |
271 | g_assert_no_error (error); | |
272 | g_assert (ret == TRUE); | |
273 | ||
274 | ret = g_file_get_contents ("/tmp/test-sssd.conf", &output, NULL, &error); | |
275 | g_assert_no_error (error); | |
276 | g_assert (ret == TRUE); | |
277 | ||
278 | g_assert_cmpstr (output, ==, data); | |
279 | g_free (output); | |
280 | } | |
250 | 281 | |
251 | 282 | int |
252 | 283 | main (int argc, |
267 | 298 | g_test_add ("/realmd/sssd-config/remove-domain", Test, NULL, setup, test_remove_domain, teardown); |
268 | 299 | g_test_add ("/realmd/sssd-config/remove-domain-not-exist", Test, NULL, setup, test_remove_domain_not_exist, teardown); |
269 | 300 | g_test_add ("/realmd/sssd-config/remove-domain-only", Test, NULL, setup, test_remove_domain_only, teardown); |
301 | g_test_add ("/realmd/sssd-config/remove-and-add-domain", Test, NULL, setup, test_remove_and_add_domain, teardown); | |
270 | 302 | |
271 | 303 | return g_test_run (); |
272 | 304 | } |
0 | 0 | include $(top_srcdir)/Makefile.decl |
1 | 1 | |
2 | bin_PROGRAMS = \ | |
2 | sbin_PROGRAMS = \ | |
3 | 3 | realm |
4 | 4 | |
5 | 5 | realm_SOURCES = \ |
49 | 49 | POST_UNINSTALL = : |
50 | 50 | DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ |
51 | 51 | $(top_srcdir)/Makefile.decl $(top_srcdir)/depcomp |
52 | bin_PROGRAMS = realm$(EXEEXT) | |
52 | sbin_PROGRAMS = realm$(EXEEXT) | |
53 | 53 | subdir = tools |
54 | 54 | ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 |
55 | 55 | am__aclocal_m4_deps = $(top_srcdir)/build/m4/gtk-doc.m4 \ |
60 | 60 | CONFIG_HEADER = $(top_builddir)/config.h |
61 | 61 | CONFIG_CLEAN_FILES = |
62 | 62 | CONFIG_CLEAN_VPATH_FILES = |
63 | am__installdirs = "$(DESTDIR)$(bindir)" | |
64 | PROGRAMS = $(bin_PROGRAMS) | |
63 | am__installdirs = "$(DESTDIR)$(sbindir)" | |
64 | PROGRAMS = $(sbin_PROGRAMS) | |
65 | 65 | am__objects_1 = |
66 | 66 | am_realm_OBJECTS = realm.$(OBJEXT) realm-client.$(OBJEXT) \ |
67 | 67 | realm-discover.$(OBJEXT) realm-join.$(OBJEXT) \ |
213 | 213 | USE_NLS = @USE_NLS@ |
214 | 214 | VERSION = @VERSION@ |
215 | 215 | XGETTEXT = @XGETTEXT@ |
216 | XSLTPROC = @XSLTPROC@ | |
216 | 217 | abs_builddir = @abs_builddir@ |
217 | 218 | abs_srcdir = @abs_srcdir@ |
218 | 219 | abs_top_builddir = @abs_top_builddir@ |
340 | 341 | $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) |
341 | 342 | cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh |
342 | 343 | $(am__aclocal_m4_deps): |
343 | install-binPROGRAMS: $(bin_PROGRAMS) | |
344 | install-sbinPROGRAMS: $(sbin_PROGRAMS) | |
344 | 345 | @$(NORMAL_INSTALL) |
345 | @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ | |
346 | @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ | |
346 | 347 | if test -n "$$list"; then \ |
347 | echo " $(MKDIR_P) '$(DESTDIR)$(bindir)'"; \ | |
348 | $(MKDIR_P) "$(DESTDIR)$(bindir)" || exit 1; \ | |
348 | echo " $(MKDIR_P) '$(DESTDIR)$(sbindir)'"; \ | |
349 | $(MKDIR_P) "$(DESTDIR)$(sbindir)" || exit 1; \ | |
349 | 350 | fi; \ |
350 | 351 | for p in $$list; do echo "$$p $$p"; done | \ |
351 | 352 | sed 's/$(EXEEXT)$$//' | \ |
363 | 364 | while read type dir files; do \ |
364 | 365 | if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ |
365 | 366 | test -z "$$files" || { \ |
366 | echo " $(INSTALL_PROGRAM_ENV) $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ | |
367 | $(INSTALL_PROGRAM_ENV) $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ | |
367 | echo " $(INSTALL_PROGRAM_ENV) $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(sbindir)$$dir'"; \ | |
368 | $(INSTALL_PROGRAM_ENV) $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(sbindir)$$dir" || exit $$?; \ | |
368 | 369 | } \ |
369 | 370 | ; done |
370 | 371 | |
371 | uninstall-binPROGRAMS: | |
372 | uninstall-sbinPROGRAMS: | |
372 | 373 | @$(NORMAL_UNINSTALL) |
373 | @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ | |
374 | @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ | |
374 | 375 | files=`for p in $$list; do echo "$$p"; done | \ |
375 | 376 | sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ |
376 | 377 | -e 's/$$/$(EXEEXT)/' `; \ |
377 | 378 | test -n "$$list" || exit 0; \ |
378 | echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ | |
379 | cd "$(DESTDIR)$(bindir)" && rm -f $$files | |
380 | ||
381 | clean-binPROGRAMS: | |
382 | -test -z "$(bin_PROGRAMS)" || rm -f $(bin_PROGRAMS) | |
379 | echo " ( cd '$(DESTDIR)$(sbindir)' && rm -f" $$files ")"; \ | |
380 | cd "$(DESTDIR)$(sbindir)" && rm -f $$files | |
381 | ||
382 | clean-sbinPROGRAMS: | |
383 | -test -z "$(sbin_PROGRAMS)" || rm -f $(sbin_PROGRAMS) | |
383 | 384 | realm$(EXEEXT): $(realm_OBJECTS) $(realm_DEPENDENCIES) $(EXTRA_realm_DEPENDENCIES) |
384 | 385 | @rm -f realm$(EXEEXT) |
385 | 386 | $(AM_V_CCLD)$(LINK) $(realm_OBJECTS) $(realm_LDADD) $(LIBS) |
511 | 512 | check: check-am |
512 | 513 | all-am: Makefile $(PROGRAMS) |
513 | 514 | installdirs: |
514 | for dir in "$(DESTDIR)$(bindir)"; do \ | |
515 | for dir in "$(DESTDIR)$(sbindir)"; do \ | |
515 | 516 | test -z "$$dir" || $(MKDIR_P) "$$dir"; \ |
516 | 517 | done |
517 | 518 | install: install-am |
546 | 547 | @echo "it deletes files that may require special tools to rebuild." |
547 | 548 | clean: clean-am |
548 | 549 | |
549 | clean-am: clean-binPROGRAMS clean-generic mostlyclean-am | |
550 | clean-am: clean-generic clean-sbinPROGRAMS mostlyclean-am | |
550 | 551 | |
551 | 552 | distclean: distclean-am |
552 | 553 | -rm -rf ./$(DEPDIR) |
572 | 573 | |
573 | 574 | install-dvi-am: |
574 | 575 | |
575 | install-exec-am: install-binPROGRAMS | |
576 | install-exec-am: install-sbinPROGRAMS | |
576 | 577 | |
577 | 578 | install-html: install-html-am |
578 | 579 | |
611 | 612 | |
612 | 613 | ps-am: |
613 | 614 | |
614 | uninstall-am: uninstall-binPROGRAMS | |
615 | uninstall-am: uninstall-sbinPROGRAMS | |
615 | 616 | |
616 | 617 | .MAKE: install-am install-strip |
617 | 618 | |
618 | .PHONY: CTAGS GTAGS all all-am check check-am clean clean-binPROGRAMS \ | |
619 | clean-generic cscopelist ctags distclean distclean-compile \ | |
620 | distclean-generic distclean-tags distdir dvi dvi-am html \ | |
621 | html-am info info-am install install-am install-binPROGRAMS \ | |
619 | .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ | |
620 | clean-sbinPROGRAMS cscopelist ctags distclean \ | |
621 | distclean-compile distclean-generic distclean-tags distdir dvi \ | |
622 | dvi-am html html-am info info-am install install-am \ | |
622 | 623 | install-data install-data-am install-dvi install-dvi-am \ |
623 | 624 | install-exec install-exec-am install-html install-html-am \ |
624 | 625 | install-info install-info-am install-man install-pdf \ |
625 | install-pdf-am install-ps install-ps-am install-strip \ | |
626 | installcheck installcheck-am installdirs maintainer-clean \ | |
627 | maintainer-clean-generic mostlyclean mostlyclean-compile \ | |
628 | mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \ | |
629 | uninstall-am uninstall-binPROGRAMS | |
626 | install-pdf-am install-ps install-ps-am install-sbinPROGRAMS \ | |
627 | install-strip installcheck installcheck-am installdirs \ | |
628 | maintainer-clean maintainer-clean-generic mostlyclean \ | |
629 | mostlyclean-compile mostlyclean-generic pdf pdf-am ps ps-am \ | |
630 | tags uninstall uninstall-am uninstall-sbinPROGRAMS | |
630 | 631 | |
631 | 632 | |
632 | 633 | perform-memcheck: $(TEST_PROGS) $(TEST_SUPPRESSIONS) |
124 | 124 | GDBusConnection *connection; |
125 | 125 | RealmDbusProvider *provider; |
126 | 126 | GError *error = NULL; |
127 | RealmClient *client; | |
127 | RealmClient *client = NULL; | |
128 | 128 | GInitable *ret; |
129 | 129 | |
130 | 130 | connection = g_bus_get_sync (G_BUS_TYPE_SYSTEM, NULL, &error); |
100 | 100 | static int |
101 | 101 | perform_discover (RealmClient *client, |
102 | 102 | const gchar *string, |
103 | gboolean all, | |
103 | 104 | const gchar *server_software, |
104 | 105 | const gchar *client_software) |
105 | 106 | { |
107 | GHashTable *seen; | |
106 | 108 | gboolean found = FALSE; |
107 | 109 | GError *error = NULL; |
110 | const gchar *name; | |
108 | 111 | GList *realms; |
109 | 112 | GList *l; |
110 | 113 | |
116 | 119 | return 1; |
117 | 120 | } |
118 | 121 | |
122 | seen = g_hash_table_new (g_str_hash, g_str_equal); | |
123 | ||
119 | 124 | for (l = realms; l != NULL; l = g_list_next (l)) { |
120 | print_realm_info (client, l->data); | |
121 | found = TRUE; | |
122 | } | |
123 | ||
125 | name = realm_dbus_realm_get_name (l->data); | |
126 | if (all || !g_hash_table_lookup (seen, name)) { | |
127 | print_realm_info (client, l->data); | |
128 | g_hash_table_add (seen, (gchar *)name); | |
129 | found = TRUE; | |
130 | } | |
131 | } | |
132 | ||
133 | g_hash_table_destroy (seen); | |
124 | 134 | g_list_free_full (realms, g_object_unref); |
125 | 135 | |
126 | 136 | if (!found) { |
144 | 154 | gchar *arg_client_software = NULL; |
145 | 155 | gchar *arg_server_software = NULL; |
146 | 156 | GError *error = NULL; |
157 | gboolean arg_all = FALSE; | |
147 | 158 | gint result = 0; |
148 | 159 | gint ret; |
149 | 160 | gint i; |
150 | 161 | |
151 | 162 | GOptionEntry option_entries[] = { |
163 | { "all", 'a', 0, G_OPTION_ARG_NONE, &arg_all, N_("Show all discovered realms"), NULL }, | |
152 | 164 | { "verbose", 'v', 0, G_OPTION_ARG_NONE, &arg_verbose, N_("Verbose output"), NULL }, |
153 | 165 | { "client-software", 0, 0, G_OPTION_ARG_STRING, &arg_client_software, N_("Use specific client software"), NULL }, |
154 | 166 | { "server-software", 0, 0, G_OPTION_ARG_STRING, &arg_server_software, N_("Use specific server software"), NULL }, |
173 | 185 | |
174 | 186 | /* The default realm? */ |
175 | 187 | } else if (argc == 1) { |
176 | ret = perform_discover (client, NULL, arg_server_software, | |
177 | arg_client_software); | |
188 | ret = perform_discover (client, NULL, arg_all, | |
189 | arg_server_software, arg_client_software); | |
178 | 190 | g_object_unref (client); |
179 | 191 | |
180 | 192 | /* Specific realms */ |
181 | 193 | } else { |
182 | 194 | for (i = 1; i < argc; i++) { |
183 | ret = perform_discover (client, argv[i], | |
195 | ret = perform_discover (client, argv[i], arg_all, | |
184 | 196 | arg_server_software, arg_client_software); |
185 | 197 | if (ret != 0) |
186 | 198 | result = ret; |
196 | 208 | |
197 | 209 | static int |
198 | 210 | perform_list (RealmClient *client, |
211 | gboolean all, | |
199 | 212 | gboolean verbose) |
200 | 213 | { |
201 | 214 | RealmDbusProvider *provider; |
202 | 215 | const gchar *const *realms; |
203 | 216 | gboolean printed = FALSE; |
217 | const gchar *configured; | |
204 | 218 | RealmDbusRealm *realm; |
205 | 219 | gint i; |
206 | 220 | |
209 | 223 | |
210 | 224 | for (i = 0; realms && realms[i] != NULL; i++) { |
211 | 225 | realm = realm_client_get_realm (client, realms[i]); |
212 | print_realm_info (client, realm); | |
213 | printed = TRUE; | |
226 | configured = realm_dbus_realm_get_configured (realm); | |
227 | if (all || (configured && !g_str_equal (configured, ""))) { | |
228 | print_realm_info (client, realm); | |
229 | printed = TRUE; | |
230 | } | |
214 | 231 | g_object_unref (realm); |
215 | 232 | } |
216 | 233 | |
217 | if (verbose && !printed) | |
218 | g_printerr ("No known realms\n"); | |
234 | if (verbose && !printed) { | |
235 | if (all) | |
236 | g_printerr ("No known realms\n"); | |
237 | else | |
238 | g_printerr ("No configured realms\n"); | |
239 | } | |
219 | 240 | |
220 | 241 | return 0; |
221 | 242 | } |
227 | 248 | RealmClient *client; |
228 | 249 | GOptionContext *context; |
229 | 250 | gboolean arg_verbose = FALSE; |
251 | gboolean arg_all = FALSE; | |
230 | 252 | GError *error = NULL; |
231 | 253 | gint ret = 0; |
232 | 254 | |
233 | 255 | GOptionEntry option_entries[] = { |
256 | { "all", 'a', 0, G_OPTION_ARG_NONE, &arg_all, N_("Show all realms"), NULL }, | |
234 | 257 | { "verbose", 'v', 0, G_OPTION_ARG_NONE, &arg_verbose, N_("Verbose output"), NULL }, |
235 | 258 | { NULL, } |
236 | 259 | }; |
251 | 274 | } else { |
252 | 275 | client = realm_client_new (arg_verbose); |
253 | 276 | if (client) { |
254 | ret = perform_list (client, arg_verbose); | |
277 | ret = perform_list (client, arg_all, arg_verbose); | |
255 | 278 | g_object_unref (client); |
256 | 279 | } else { |
257 | 280 | ret = 1; |
66 | 66 | return ret ? 0 : 1; |
67 | 67 | } |
68 | 68 | |
69 | static RealmDbusKerberosMembership * | |
69 | static int | |
70 | call_deconfigure (RealmDbusRealm *realm, | |
71 | GVariant *options, | |
72 | GError **error) | |
73 | { | |
74 | SyncClosure sync; | |
75 | gboolean ret; | |
76 | ||
77 | sync.result = NULL; | |
78 | sync.loop = g_main_loop_new (NULL, FALSE); | |
79 | ||
80 | /* Start actual operation */ | |
81 | realm_dbus_realm_call_deconfigure (realm, options, | |
82 | NULL, on_complete_get_result, &sync); | |
83 | ||
84 | /* This mainloop is quit by on_complete_get_result */ | |
85 | g_main_loop_run (sync.loop); | |
86 | ||
87 | ret = realm_dbus_realm_call_deconfigure_finish (realm, sync.result, error); | |
88 | ||
89 | g_object_unref (sync.result); | |
90 | g_main_loop_unref (sync.loop); | |
91 | ||
92 | return ret ? 0 : 1; | |
93 | } | |
94 | ||
95 | static gboolean | |
96 | match_kerberos_realm_to_detail (RealmDbusRealm *realm, | |
97 | const gchar *field, | |
98 | const gchar *value) | |
99 | { | |
100 | GVariantIter iter; | |
101 | const gchar *vfield; | |
102 | const gchar *vvalue; | |
103 | gboolean matching = FALSE; | |
104 | ||
105 | /* If not set then anything matches */ | |
106 | if (value == NULL) | |
107 | return TRUE; | |
108 | ||
109 | g_variant_iter_init (&iter, realm_dbus_realm_get_details (realm)); | |
110 | while (g_variant_iter_loop (&iter, "(&s&s)", &vfield, &vvalue)) { | |
111 | if (g_str_equal (field, vfield) && g_str_equal (value, vvalue)) { | |
112 | matching = TRUE; | |
113 | break; | |
114 | } | |
115 | } | |
116 | ||
117 | return matching; | |
118 | } | |
119 | ||
120 | static RealmDbusRealm * | |
70 | 121 | locate_configured_matching_kerberos_realm (RealmClient *client, |
71 | const gchar *realm_name) | |
72 | { | |
73 | RealmDbusKerberosMembership *membership = NULL; | |
122 | const gchar *realm_name, | |
123 | const gchar *client_software, | |
124 | const gchar *server_software, | |
125 | RealmDbusKerberosMembership **membership) | |
126 | { | |
74 | 127 | RealmDbusProvider *provider; |
75 | 128 | const gchar *const *paths; |
76 | 129 | RealmDbusRealm *realm; |
79 | 132 | gboolean matched; |
80 | 133 | gint i; |
81 | 134 | |
135 | *membership = NULL; | |
82 | 136 | provider = realm_client_get_provider (client); |
83 | 137 | paths = realm_dbus_provider_get_realms (provider); |
84 | 138 | |
86 | 140 | matched = FALSE; |
87 | 141 | |
88 | 142 | realm = realm_client_get_realm (client, paths[i]); |
89 | membership = realm_client_to_kerberos_membership (client, realm); | |
143 | *membership = realm_client_to_kerberos_membership (client, realm); | |
90 | 144 | configured = realm_dbus_realm_get_configured (realm); |
91 | 145 | |
92 | if (membership != NULL && configured != NULL && !g_str_equal (configured, "")) { | |
146 | if (*membership != NULL && configured != NULL && !g_str_equal (configured, "")) { | |
93 | 147 | if (realm_name == NULL) { |
94 | 148 | matched = TRUE; |
95 | 149 | } else { |
98 | 152 | } |
99 | 153 | } |
100 | 154 | |
155 | if (matched) | |
156 | matched = match_kerberos_realm_to_detail (realm, "client-software", client_software); | |
157 | if (matched) | |
158 | matched = match_kerberos_realm_to_detail (realm, "server-software", server_software); | |
159 | ||
160 | if (matched) | |
161 | return realm; | |
162 | ||
163 | g_clear_object (membership); | |
101 | 164 | g_object_unref (realm); |
102 | ||
103 | if (matched) | |
104 | break; | |
105 | ||
106 | g_clear_object (&membership); | |
107 | } | |
108 | ||
109 | return membership; | |
165 | } | |
166 | ||
167 | return NULL; | |
168 | } | |
169 | ||
170 | static int | |
171 | perform_deconfigure (RealmClient *client, | |
172 | RealmDbusRealm *realm) | |
173 | { | |
174 | GError *error = NULL; | |
175 | GVariant *options; | |
176 | gint ret; | |
177 | ||
178 | options = realm_build_options(NULL, NULL); | |
179 | ret = call_deconfigure (realm, options, &error); | |
180 | ||
181 | if (error != NULL) | |
182 | realm_handle_error (error, _("Couldn't leave realm")); | |
183 | ||
184 | return ret; | |
110 | 185 | } |
111 | 186 | |
112 | 187 | static int |
139 | 214 | static int |
140 | 215 | perform_leave (RealmClient *client, |
141 | 216 | const gchar *realm_name, |
142 | const gchar *user_name) | |
217 | gboolean remove, | |
218 | const gchar *user_name, | |
219 | const gchar *client_software, | |
220 | const gchar *server_software) | |
143 | 221 | { |
144 | 222 | RealmDbusKerberosMembership *membership; |
223 | RealmDbusRealm *realm; | |
145 | 224 | gint ret; |
146 | 225 | |
147 | membership = locate_configured_matching_kerberos_realm (client, realm_name); | |
148 | if (membership == NULL) { | |
149 | if (realm_name == NULL) | |
226 | realm = locate_configured_matching_kerberos_realm (client, realm_name, client_software, | |
227 | server_software, &membership); | |
228 | if (realm == NULL) { | |
229 | if (!realm_name && !client_software && !server_software) | |
150 | 230 | realm_handle_error (NULL, "Couldn't find a configured realm"); |
151 | 231 | else |
152 | realm_handle_error (NULL, "Couldn't find the configured realm: %s", realm_name); | |
232 | realm_handle_error (NULL, "Couldn't find a matching realm"); | |
153 | 233 | return 1; |
154 | 234 | } |
155 | 235 | |
156 | ret = perform_user_leave (client, membership, user_name); | |
236 | /* Specifying a user name implies remov */ | |
237 | if (user_name && !remove) | |
238 | remove = TRUE; | |
239 | ||
240 | if (!remove) | |
241 | ret = perform_deconfigure (client, realm); | |
242 | else | |
243 | ret = perform_user_leave (client, membership, user_name); | |
244 | ||
157 | 245 | g_object_unref (membership); |
246 | g_object_unref (realm); | |
158 | 247 | |
159 | 248 | return ret; |
160 | 249 | } |
167 | 256 | GOptionContext *context; |
168 | 257 | gchar *arg_user = NULL; |
169 | 258 | gboolean arg_verbose = FALSE; |
259 | gboolean arg_remove = FALSE; | |
260 | gchar *arg_client_software = NULL; | |
261 | gchar *arg_server_software = NULL; | |
170 | 262 | GError *error = NULL; |
171 | 263 | const gchar *realm_name; |
172 | 264 | gint ret = 0; |
173 | 265 | |
174 | 266 | GOptionEntry option_entries[] = { |
175 | { "user", 'U', 0, G_OPTION_ARG_STRING, &arg_user, N_("User name to use for enrollment"), NULL }, | |
267 | { "client-software", 0, 0, G_OPTION_ARG_STRING, &arg_client_software, | |
268 | N_("Use specific client software"), NULL }, | |
269 | { "remove", 'r', 0, G_OPTION_ARG_NONE, &arg_remove, N_("Remove computer from realm"), NULL, }, | |
270 | { "server-software", 0, 0, G_OPTION_ARG_STRING, &arg_server_software, | |
271 | N_("Use specific server software"), NULL }, | |
272 | { "user", 'U', 0, G_OPTION_ARG_STRING, &arg_user, N_("User name to use for removal"), NULL }, | |
176 | 273 | { "verbose", 'v', 0, G_OPTION_ARG_NONE, &arg_verbose, N_("Verbose output"), NULL }, |
177 | 274 | { NULL, } |
178 | 275 | }; |
190 | 287 | client = realm_client_new (arg_verbose); |
191 | 288 | if (client) { |
192 | 289 | realm_name = argc < 2 ? NULL : argv[1]; |
193 | ret = perform_leave (client, realm_name, arg_user); | |
290 | ret = perform_leave (client, realm_name, arg_remove, arg_user, | |
291 | arg_client_software, arg_server_software); | |
194 | 292 | g_object_unref (client); |
195 | 293 | } else { |
196 | 294 | ret = 1; |
198 | 296 | } |
199 | 297 | |
200 | 298 | g_free (arg_user); |
299 | g_free (arg_client_software); | |
300 | g_free (arg_server_software); | |
201 | 301 | g_option_context_free (context); |
202 | 302 | return ret; |
203 | 303 | } |
43 | 43 | { |
44 | 44 | RealmDbusProvider *provider; |
45 | 45 | const gchar *const *paths; |
46 | RealmDbusRealm *realm; | |
46 | RealmDbusRealm *realm = NULL; | |
47 | const gchar *configured; | |
47 | 48 | gboolean matched; |
48 | 49 | gint i; |
49 | 50 | |
54 | 55 | matched = FALSE; |
55 | 56 | |
56 | 57 | realm = realm_client_get_realm (client, paths[i]); |
57 | if (realm != NULL && realm_dbus_realm_get_configured (realm)) { | |
58 | if (realm != NULL) { | |
59 | configured = realm_dbus_realm_get_configured (realm); | |
58 | 60 | matched = (realm_name == NULL || |
59 | g_strcmp0 (realm_dbus_realm_get_name (realm), realm_name) == 0); | |
61 | g_strcmp0 (realm_dbus_realm_get_name (realm), realm_name) == 0) && | |
62 | (configured && !g_str_equal (configured, "")); | |
60 | 63 | } |
61 | 64 | |
62 | 65 | if (matched) |
64 | 67 | |
65 | 68 | g_object_unref (realm); |
66 | 69 | realm = NULL; |
70 | } | |
71 | ||
72 | if (realm == NULL) { | |
73 | if (!realm_name) | |
74 | realm_handle_error (NULL, "Couldn't find a configured realm"); | |
75 | else | |
76 | realm_handle_error (NULL, "Couldn't find a matching realm"); | |
77 | return NULL; | |
67 | 78 | } |
68 | 79 | |
69 | 80 | return realm; |
128 | 139 | gboolean permit) |
129 | 140 | { |
130 | 141 | RealmDbusRealm *realm; |
142 | SyncClosure sync; | |
131 | 143 | const gchar *policy; |
132 | 144 | const gchar *logins[] = { NULL }; |
133 | 145 | GError *error = NULL; |
137 | 149 | if (realm == NULL) |
138 | 150 | return 1; |
139 | 151 | |
152 | sync.result = NULL; | |
153 | sync.loop = g_main_loop_new (NULL, FALSE); | |
154 | ||
140 | 155 | options = realm_build_options (NULL, NULL); |
141 | 156 | g_variant_ref_sink (options); |
142 | 157 | |
143 | 158 | policy = permit ? REALM_DBUS_LOGIN_POLICY_ANY : REALM_DBUS_LOGIN_POLICY_DENY; |
144 | realm_dbus_realm_call_change_login_policy_sync (realm, policy, | |
145 | (const gchar * const *)logins, | |
146 | (const gchar * const *)logins, | |
147 | options, NULL, &error); | |
159 | realm_dbus_realm_call_change_login_policy (realm, policy, | |
160 | (const gchar * const *)logins, | |
161 | (const gchar * const *)logins, | |
162 | options, NULL, on_complete_get_result, &sync); | |
163 | ||
164 | /* This mainloop is quit by on_complete_get_result */ | |
165 | g_main_loop_run (sync.loop); | |
166 | ||
167 | realm_dbus_realm_call_change_login_policy_finish (realm, sync.result, &error); | |
148 | 168 | |
149 | 169 | g_variant_unref (options); |
170 | g_object_unref (sync.result); | |
171 | g_main_loop_unref (sync.loop); | |
150 | 172 | g_object_unref (realm); |
151 | 173 | |
152 | 174 | if (error != NULL) { |