Patch port nss_ldap's Makefile for ldap.conf location
Jacques A. Vidrine
nectar at FreeBSD.org
Tue Jul 15 13:49:55 PDT 2003
On Thu, Jul 10, 2003 at 01:07:53PM +0200, Jean-Baptiste Quenot wrote:
> Please find below a patch that fixes the location of ldap.conf to
> reflect the location specified by the associated port pam_ldap. The
> config file should be $(PREFIX)/etc/ldap.conf, not /etc/ldap.conf.
>
> -----------------------------------8<-----------------------------------
> --- Makefile.orig Wed Jul 9 17:59:19 2003
> +++ Makefile Wed Jul 9 17:58:50 2003
> @@ -25,6 +25,9 @@
> CONFIGURE_ENV= CPPFLAGS="-I${LOCALBASE}/include" \
> LDFLAGS="-L${LOCALBASE}/lib -Wl,-rpath,${LOCALBASE}/lib"
>
> +CONFIGURE_ARGS= --with-ldap-conf-file=${PREFIX}/etc/ldap.conf \
> + --with-ldap-secret-file=${PREFIX}/etc/ldap.secret
> +
> post-extract:
> ${CP} ${FILESDIR}/bsdnss.c ${WRKSRC}
> -----------------------------------8<-----------------------------------
>
> I've been struggling for hours trying to make nss_ldap work on FreeBSD
> 5.1 Release, and it was just that damn' file.
Heh, sorry. I remember scratching my head about the default location
myself, but it never occurred to me to do something about it :-)
I agree that it should be under ${PREFIX}, and the location mentioned
at install time. I wonder if additionally it should be named
something specific to this port ... I wouldn't want the configuration
file to clash with some other use of OpenLDAP. Perhaps
${PREFIX}/etc/nss_ldap.conf and ${PREFIX}/etc/nss_ldap.secret?
> BTW, it was not clear for
> me before, but pam_ldap is only used for authentication. Without
> nss_ldap, pam_ldap is pretty useless, ie it requires user entries in the
> local password file.
Yep, PAM just does authentication, not directory services. You don't
even have to use pam_ldap in conjunction with nss_ldap... you could
use e.g. pam_krb5 instead for stronger authentication.
> Thank you, and keep up the good work!
Cheers!
--
Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal
nectar at celabo.org . jvidrine at verio.net . nectar at freebsd.org . nectar at kth.se
More information about the freebsd-ports
mailing list