From 07a08c91977aff9daff2dfe030f312582ea5e27d Mon Sep 17 00:00:00 2001 From: Ratan Gupta Date: Mon, 3 Sep 2018 08:41:52 +0530 Subject: ldap: Pull nss-pam-ldapd into the openbmc image Bringing the LDAP authentication module support in openbmc stack requires to pull the nss-pam-ldapd which allows the LDAP server to provide the user, passwd, group info that we normally get from the /etc flat files. nss-pam-ldapd provides libnss-ldap and pam_ldap module which delegate the work to the nslcd(daemon) that queries the LDAP server. pam_ldap uses the openldap client API to interact with the LDAP server. nss-pam-ldapd files are pulled from http://git.yoctoproject.org/cgit/cgit.cgi/meta-cloud-services/ tree/recipes-support/nss-pam-ldapd meta-cloud-services sha: 38cc19fb3a813673051de314aafabda0545d8466 Tested: Adding the "ldap" distro feature brings the nss-pam-ldapd and its dependencies into the image and removing the "ldap" from the distro feature doesn't bring the nss-pam-ldapd and its dependencies. (From meta-phosphor rev: 4835bb3901a4bff777a97d4f363e3a731b87f21c) Change-Id: Ifa5da20e7ac47b0c9d9af305ae621252e6d765f3 Signed-off-by: Ratan Gupta Signed-off-by: Brad Bishop --- .../nss-pam-ldapd/nss-pam-ldapd_0.9.8.bb | 61 ++++++++++++++++++++++ 1 file changed, 61 insertions(+) create mode 100644 meta-phosphor/recipes-support/nss-pam-ldapd/nss-pam-ldapd_0.9.8.bb (limited to 'meta-phosphor/recipes-support/nss-pam-ldapd/nss-pam-ldapd_0.9.8.bb') diff --git a/meta-phosphor/recipes-support/nss-pam-ldapd/nss-pam-ldapd_0.9.8.bb b/meta-phosphor/recipes-support/nss-pam-ldapd/nss-pam-ldapd_0.9.8.bb new file mode 100644 index 000000000..5fcfeea17 --- /dev/null +++ b/meta-phosphor/recipes-support/nss-pam-ldapd/nss-pam-ldapd_0.9.8.bb @@ -0,0 +1,61 @@ +SUMMARY = "NSS and PAM module for using LDAP as a naming service" +DESCRIPTION = "\ + daemon for NSS and PAM lookups using LDAP \ + This package provides a daemon for retrieving user accounts and similar \ + system information from LDAP. It is used by the libnss-ldapd and \ + libpam-ldapd packages but is not very useful by itself. \ + " + +HOMEPAGE = "http://arthurdejong.org/nss-pam-ldapd/" + +LICENSE = "LGPLv2.1" +LIC_FILES_CHKSUM = "file://COPYING;md5=fbc093901857fcd118f065f900982c24" +SECTION = "base" + +FILESEXTRAPATHS_prepend := "${THISDIR}/files:" + +SRC_URI = "\ + http://arthurdejong.org/nss-pam-ldapd/${BPN}-${PV}.tar.gz \ + file://nslcd.init \ + file://nslcd.service \ + " + +inherit autotools + +SRC_URI[md5sum] = "8c99fdc54f4bf9aca8c5f53fdb1403ff" +SRC_URI[sha256sum] = "ef7362e7f2003da8c7beb7bcc03c30494acf712625aaac8badc6e7eb16f3453f" + +DEPENDS += "libpam openldap krb5" + +RDEPENDS_${PN} += "nscd" + +EXTRA_OECONF = "\ + --disable-pynslcd \ + --libdir=${base_libdir} \ + --with-pam-seclib-dir=${base_libdir}/security \ + " + +CONFFILES_${PN} += "${sysconfdir}/nslcd.conf" + +FILES_${PN} += "${base_libdir}/security ${datadir}" +FILES_${PN}-dbg += "${base_libdir}/security/.debug" + +LDAP_DN ?= "dc=my-domain,dc=com" + +do_install_append() { + install -D -m 0755 ${WORKDIR}/nslcd.init ${D}${sysconfdir}/init.d/nslcd + + sed -i -e 's/^uid nslcd/# uid nslcd/;' ${D}${sysconfdir}/nslcd.conf + sed -i -e 's/^gid nslcd/# gid nslcd/;' ${D}${sysconfdir}/nslcd.conf + sed -i -e 's/^base dc=example,dc=com/base ${LDAP_DN}/;' ${D}${sysconfdir}/nslcd.conf + + install -d ${D}${systemd_unitdir}/system + install -m 0644 ${WORKDIR}/nslcd.service ${D}${systemd_unitdir}/system +} + +inherit update-rc.d systemd + +INITSCRIPT_NAME = "nslcd" +INITSCRIPT_PARAMS = "defaults" + +SYSTEMD_SERVICE_${PN} = "nslcd.service" -- cgit v1.2.3