public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

* Some slightly hacky LDAP support. The problem is that Glibc has to

Browse Source 
be able to find the LDAP NSS module, which is normally installed in
  Glibc's prefix (under /lib/libnss_ldap...).  Of course, we can't do
  that; it wouldn't be pure.  As a workaround, we simply add nss_ldap
  to the LD_LIBRARY_PATH of the nscd daemon, which every other program
  uses for lookups.  So we don't have to put nss_ldap in the
  LD_LIBRARY_PATH of every program.

svn path=/nixos/trunk/; revision=7684
This commit is contained in:
Eelco Dolstra 2007-01-15 17:19:41 +00:00
parent af19b39a4b
commit 554ae9908b
5 changed files with 22 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
system/etc/nsswitch.conf
View File

@ -1,5 +1,6 @@
passwd: compat passwd: ldap files
group: compat group: ldap files
shadow: ldap files
hosts: files dns hosts: files dns
networks: files dns networks: files dns

9
system/system.nix
View File

@ -115,9 +115,16 @@ rec {
}; };
# NSS modules. Hacky!
nssModules = [pkgs.nss_ldap];
nssModulesPath = pkgs.lib.concatStrings (pkgs.lib.intersperse ":"
(map (mod: mod + "/lib") nssModules));
# The services (Upstart) configuration for the system. # The services (Upstart) configuration for the system.
upstartJobs = import ./upstart.nix { upstartJobs = import ./upstart.nix {
inherit config pkgs nix; inherit config pkgs nix nssModulesPath;
}; };

4
system/upstart.nix
View File

@ -1,4 +1,4 @@
{config, pkgs, nix}: {config, pkgs, nix, nssModulesPath}:
let let
@ -80,6 +80,7 @@ import ../upstart-jobs/gather.nix {
# Name service cache daemon. # Name service cache daemon.
(import ../upstart-jobs/nscd.nix { (import ../upstart-jobs/nscd.nix {
inherit (pkgs) glibc pwdutils; inherit (pkgs) glibc pwdutils;
inherit nssModulesPath;
}) })
# Handles the maintenance/stalled event (single-user shell). # Handles the maintenance/stalled event (single-user shell).
@ -97,6 +98,7 @@ import ../upstart-jobs/gather.nix {
(import ../upstart-jobs/sshd.nix { (import ../upstart-jobs/sshd.nix {
inherit (pkgs) writeText openssh glibc pwdutils; inherit (pkgs) writeText openssh glibc pwdutils;
inherit (pkgs.xorg) xauth; inherit (pkgs.xorg) xauth;
inherit nssModulesPath;
forwardX11 = config.get ["services" "sshd" "forwardX11"]; forwardX11 = config.get ["services" "sshd" "forwardX11"];
allowSFTP = config.get ["services" "sshd" "allowSFTP"]; allowSFTP = config.get ["services" "sshd" "allowSFTP"];
}) })

6
upstart-jobs/nscd.nix
View File

@ -1,4 +1,4 @@
{glibc, pwdutils}: {glibc, pwdutils, nssModulesPath}:
{ {
name = "nscd"; name = "nscd";
@ -9,6 +9,8 @@ description \"Name Service Cache Daemon\"
start on startup start on startup
stop on shutdown stop on shutdown
env LD_LIBRARY_PATH=${nssModulesPath}
start script start script
if ! ${glibc}/bin/getent passwd nscd > /dev/null; then if ! ${glibc}/bin/getent passwd nscd > /dev/null; then
@ -18,6 +20,8 @@ start script
mkdir -m 0755 -p /var/run/nscd mkdir -m 0755 -p /var/run/nscd
mkdir -m 0755 -p /var/db/nscd mkdir -m 0755 -p /var/db/nscd
rm -f /var/db/nscd/* # for testing
end script end script

3
upstart-jobs/sshd.nix
View File

@ -1,4 +1,5 @@
{ writeText, openssh, glibc, pwdutils, xauth { writeText, openssh, glibc, pwdutils, xauth
, nssModulesPath
, forwardX11, allowSFTP , forwardX11, allowSFTP
}: }:
@ -32,6 +33,8 @@ description \"SSH server\"
start on network-interfaces/started start on network-interfaces/started
stop on network-interfaces/stop stop on network-interfaces/stop
env LD_LIBRARY_PATH=${nssModulesPath}
start script start script
mkdir -m 0555 -p /var/empty mkdir -m 0555 -p /var/empty