diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2009-08-05 14:45:14 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2009-08-11 12:29:34 -0400 |
commit | b3b55f167063417c285524ba35bd9298965b834a (patch) | |
tree | 4c918ec839222dd55d0090d03d27b9b932491c57 | |
parent | 28bbb2ec4c5f29339488f07f63f55e5c6657e9a1 (diff) | |
download | sssd-b3b55f167063417c285524ba35bd9298965b834a.tar.gz sssd-b3b55f167063417c285524ba35bd9298965b834a.tar.bz2 sssd-b3b55f167063417c285524ba35bd9298965b834a.zip |
Make socket paths a compile-time option
Previously, we had hardcoded the paths for the NSS, PAM and
private PAM sockets to /var/lib/sss/pipes. With this patch, we
will specify the sockets with --with-pipe-path.
-rw-r--r-- | server/Makefile.am | 3 | ||||
-rw-r--r-- | server/providers/data_provider_be.c | 1 | ||||
-rw-r--r-- | server/providers/krb5/krb5_auth.c | 1 | ||||
-rw-r--r-- | server/providers/proxy.c | 1 | ||||
-rw-r--r-- | server/responder/nss/nsssrv.h | 1 | ||||
-rw-r--r-- | server/responder/pam/pamsrv.c | 1 | ||||
-rw-r--r-- | sss_client/Makefile.am | 7 | ||||
-rw-r--r-- | sss_client/configure.ac | 19 | ||||
-rw-r--r-- | sss_client/sss_cli.h | 6 | ||||
-rw-r--r-- | sssd.spec.in | 13 |
10 files changed, 37 insertions, 16 deletions
diff --git a/server/Makefile.am b/server/Makefile.am index 400d31f3..2d2c65f1 100644 --- a/server/Makefile.am +++ b/server/Makefile.am @@ -115,6 +115,9 @@ AM_CPPFLAGS = -Wall \ -DSHADOW_UTILS_PATH=\"$(shadow_utils_path)\" \ -DSSSD_INTROSPECT_PATH=\"$(dbusinstropectdir)\" \ -DSSSD_CONF_DIR=\"$(sssdconfdir)\" \ + -DSSS_NSS_SOCKET_NAME=\"$(pipepath)/nss\" \ + -DSSS_PAM_SOCKET_NAME=\"$(pipepath)/pam\" \ + -DSSS_PAM_PRIV_SOCKET_NAME=\"$(pipepath)/private/pam\" \ -DUSE_MMAP=1 \ -DLOCALEDIR=\"\$(localedir)\" diff --git a/server/providers/data_provider_be.c b/server/providers/data_provider_be.c index 872c9d76..c93c4531 100644 --- a/server/providers/data_provider_be.c +++ b/server/providers/data_provider_be.c @@ -50,7 +50,6 @@ #include "providers/dp_sbus.h" #include "monitor/monitor_sbus.h" #include "monitor/monitor_interfaces.h" -#include "../sss_client/sss_cli.h" #define BE_CONF_ENTRY "config/domains/%s" diff --git a/server/providers/krb5/krb5_auth.c b/server/providers/krb5/krb5_auth.c index 24250b9f..ffbfd7b2 100644 --- a/server/providers/krb5/krb5_auth.c +++ b/server/providers/krb5/krb5_auth.c @@ -37,7 +37,6 @@ #include "util/util.h" #include "providers/dp_backend.h" #include "db/sysdb.h" -#include "../sss_client/sss_cli.h" #include "krb5_plugin/sssd_krb5_locator_plugin.h" #include "providers/krb5/krb5_auth.h" diff --git a/server/providers/proxy.c b/server/providers/proxy.c index 106530fc..2aee5334 100644 --- a/server/providers/proxy.c +++ b/server/providers/proxy.c @@ -31,7 +31,6 @@ #include "util/util.h" #include "providers/dp_backend.h" #include "db/sysdb.h" -#include "../sss_client/sss_cli.h" struct proxy_nss_ops { enum nss_status (*getpwnam_r)(const char *name, struct passwd *result, diff --git a/server/responder/nss/nsssrv.h b/server/responder/nss/nsssrv.h index f79d056c..f34456f4 100644 --- a/server/responder/nss/nsssrv.h +++ b/server/responder/nss/nsssrv.h @@ -28,7 +28,6 @@ #include "talloc.h" #include "tevent.h" #include "ldb.h" -#include "../sss_client/sss_cli.h" #include "dbus/dbus.h" #include "sbus/sssd_dbus.h" #include "responder/common/responder_packet.h" diff --git a/server/responder/pam/pamsrv.c b/server/responder/pam/pamsrv.c index 48286ecd..92fa4aec 100644 --- a/server/responder/pam/pamsrv.c +++ b/server/responder/pam/pamsrv.c @@ -49,7 +49,6 @@ #include "monitor/monitor_interfaces.h" #include "sbus/sbus_client.h" #include "responder/pam/pamsrv.h" -#include "../sss_client/sss_cli.h" #define PAM_SBUS_SERVICE_VERSION 0x0001 #define PAM_SBUS_SERVICE_NAME "pam" diff --git a/sss_client/Makefile.am b/sss_client/Makefile.am index 4552720e..7333e4c3 100644 --- a/sss_client/Makefile.am +++ b/sss_client/Makefile.am @@ -1,9 +1,14 @@ SUBDIRS = po +pipepath=@pipepath@ + topdir=. AM_CPPFLAGS = \ -I$(topdir) \ - -DLOCALEDIR=\"\$(localedir)\" + -DLOCALEDIR=\"\$(localedir)\" \ + -DSSS_NSS_SOCKET_NAME=\"$(pipepath)/nss\" \ + -DSSS_PAM_SOCKET_NAME=\"$(pipepath)/pam\" \ + -DSSS_PAM_PRIV_SOCKET_NAME=\"$(pipepath)/private/pam\" ACLOCAL_AMFLAGS = -I m4 AM_CFLAGS = diff --git a/sss_client/configure.ac b/sss_client/configure.ac index 97fc83de..7d443ed2 100644 --- a/sss_client/configure.ac +++ b/sss_client/configure.ac @@ -37,6 +37,25 @@ AC_DEFUN([BUILD_WITH_AUX_INFO], [Build with -aux-info output])]) ]) AM_CONDITIONAL([WANT_AUX_INFO], [test x$with_aux_info = xyes]) +BUILD_WITH_AUX_INFO + +AC_DEFUN([WITH_PIPE_PATH], + [ AC_ARG_WITH([pipe-path], + [AC_HELP_STRING([--with-pipe-path=PATH], + [Where to store pipe files for the SSSD interconnects [/var/lib/sss/pipes]] + ) + ] + ) + config_pipepath="\"VARDIR\"/lib/sss/pipes" + pipepath="${localstatedir}/lib/sss/pipes" + if test x"$with_pipe_path" != x; then + config_pipepath=$with_pipe_path + pipepath=$with_pipe_path + fi + AC_SUBST(pipepath) + AC_DEFINE_UNQUOTED(PIPE_PATH, "$config_pipepath", [Where to store pipe files for the SSSD interconnects]) + ]) +WITH_PIPE_PATH AC_CONFIG_FILES([Makefile po/Makefile.in]) AC_OUTPUT diff --git a/sss_client/sss_cli.h b/sss_client/sss_cli.h index 63daf7bc..f1ccba9f 100644 --- a/sss_client/sss_cli.h +++ b/sss_client/sss_cli.h @@ -15,12 +15,6 @@ #include <pwd.h> #include <grp.h> -/* SELinux will have a better way to regulate access if they are seprate - * Also a change in one of the pipes will not affect the others */ -#define SSS_NSS_SOCKET_NAME "/var/lib/sss/pipes/nss" -#define SSS_PAM_SOCKET_NAME "/var/lib/sss/pipes/pam" -#define SSS_PAM_PRIV_SOCKET_NAME "/var/lib/sss/pipes/private/pam" - #define SSS_NSS_PROTOCOL_VERSION 1 #define SSS_PAM_PROTOCOL_VERSION 2 diff --git a/sssd.spec.in b/sssd.spec.in index aa284ff6..49e26615 100644 --- a/sssd.spec.in +++ b/sssd.spec.in @@ -20,6 +20,9 @@ Requires(preun): initscripts chkconfig Requires(postun): /sbin/service %define servicename sssd +%define sssdstatedir %{_localstatedir}/lib/sss +%define dbpath %{sssdstatedir}/db +%define pipepath %{sssdstatedir}/pipes ### Build Dependencies ### @@ -58,6 +61,8 @@ services for projects like FreeIPA. %build %configure \ --without-tests \ + --with-db-path=%{dbpath} \ + --with-pipe-path=%{pipepath} \ --with-init-dir=%{_initrddir} \ --enable-nsslibdir=/%{_lib} @@ -100,10 +105,10 @@ rm -rf $RPM_BUILD_ROOT %{_libdir}/%{name}/ %{_libdir}/ldb/memberof.so %{_libdir}/krb5/plugins/libkrb5/* -%dir %{_sharedstatedir}/sss/ -%attr(700,root,root) %dir %{_sharedstatedir}/sss/db -%dir %{_sharedstatedir}/sss/pipes -%attr(700,root,root) %dir %{_sharedstatedir}/sss/pipes/private +%dir %{sssdstatedir} +%attr(700,root,root) %dir %{dbpath} +%attr(755,root,root) %dir %{pipepath} +%attr(700,root,root) %dir %{pipepath}/private %dir %{_sysconfdir}/sssd %config(noreplace) %{_sysconfdir}/sssd/sssd.conf /%{_lib}/libnss_sss.so.2 |