diff options
| -rw-r--r-- | debian/libnss-ldapd.config | 21 | ||||
| -rw-r--r-- | debian/libnss-ldapd.postinst | 45 |
2 files changed, 35 insertions, 31 deletions
diff --git a/debian/libnss-ldapd.config b/debian/libnss-ldapd.config index 0274f57..3bddfe6 100644 --- a/debian/libnss-ldapd.config +++ b/debian/libnss-ldapd.config @@ -82,12 +82,13 @@ parsecfg() # find bindpw bindpw=`sed -n 's/^bindpw[[:space:]]*//ip' "$cfgfile" | tail -n 1` db_set libnss-ldapd/ldap-bindpw "$bindpw" - # find rootbinddb - rootbinddn=`sed -n 's/^rootbinddn[[:space:]]*//ip' "$cfgfile" | tail -n 1` - db_set libnss-ldapd/ldap-rootbinddn "$rootbinddn" - # find rootbindpw - rootbindpw=`sed -n 's/^rootbindpw[[:space:]]*//ip' "$cfgfile" | tail -n 1` - db_set libnss-ldapd/ldap-rootbindpw "$rootbindpw" +# DISABLE rootbinddn for now because it's not supported +# # find rootbinddb +# rootbinddn=`sed -n 's/^rootbinddn[[:space:]]*//ip' "$cfgfile" | tail -n 1` +# db_set libnss-ldapd/ldap-rootbinddn "$rootbinddn" +# # find rootbindpw +# rootbindpw=`sed -n 's/^rootbindpw[[:space:]]*//ip' "$cfgfile" | tail -n 1` +# db_set libnss-ldapd/ldap-rootbindpw "$rootbindpw" # we're done return 0 } @@ -108,8 +109,9 @@ parsensswitch() # clear some settings in case they are not set in the config db_set libnss-ldapd/ldap-binddn "" db_set libnss-ldapd/ldap-bindpw "" -db_set libnss-ldapd/ldap-rootbinddn "" -db_set libnss-ldapd/ldap-rootbindpw "" +# DISABLE rootbinddn for now because it's not supported +#db_set libnss-ldapd/ldap-rootbinddn "" +#db_set libnss-ldapd/ldap-rootbindpw "" # fill our defaults with the current configuration if available # and fall back to guessing the config from some other system files @@ -197,7 +199,8 @@ do db_capb multiselect db_input high libnss-ldapd/nsswitch || true state="done" - db_go || state="rootbindpw" +# db_go || state="rootbindpw" + db_go || state="bindpw" ;; esac done diff --git a/debian/libnss-ldapd.postinst b/debian/libnss-ldapd.postinst index 08e91b9..32cfe59 100644 --- a/debian/libnss-ldapd.postinst +++ b/debian/libnss-ldapd.postinst @@ -140,12 +140,12 @@ base dc=example,dc=net #ldap_version 3 # The DN to bind with for normal lookups. -binddn cn=annonymous,dc=example,dc=net -bindpw secret +#binddn cn=annonymous,dc=example,dc=net +#bindpw secret # The DN to bind with for lookups as root. -rootbinddn cn=administrator,dc=example,dc=net -rootbindpw verysecret +#rootbinddn cn=administrator,dc=example,dc=net +#rootbindpw verysecret # The search scope. #scope sub @@ -187,24 +187,25 @@ then fi # remove password from database db_set libnss-ldapd/ldap-bindpw "" - # set root bind dn/pw - db_get libnss-ldapd/ldap-rootbinddn - if [ -n "$RET" ] - then - cfg_set rootbinddn "$RET" - db_get libnss-ldapd/ldap-rootbindpw - cfg_set rootbindpw "$RET" - else - # no binddn/pw, disable options - cfg_disable rootbinddn - if grep -i -q "^rootbindpw " $CONFFILE - then - cfg_set rootbindpw "*removed*" - cfg_disable rootbindpw - fi - fi - # remove password from database - db_set libnss-ldapd/ldap-rootbindpw "" +# DISABLE rootbinddn for now because it's not supported +# # set root bind dn/pw +# db_get libnss-ldapd/ldap-rootbinddn +# if [ -n "$RET" ] +# then +# cfg_set rootbinddn "$RET" +# db_get libnss-ldapd/ldap-rootbindpw +# cfg_set rootbindpw "$RET" +# else +# # no binddn/pw, disable options +# cfg_disable rootbinddn +# if grep -i -q "^rootbindpw " $CONFFILE +# then +# cfg_set rootbindpw "*removed*" +# cfg_disable rootbindpw +# fi +# fi +# # remove password from database +# db_set libnss-ldapd/ldap-rootbindpw "" # modify /etc/nsswitch.conf db_get libnss-ldapd/nsswitch enablenss=`echo "$RET" | sed 's/,//g'` |