Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

disable sssd service on LDAP client disablemebt (bnc#772944) #6

Merged
merged 3 commits into from

1 participant

This page is out of date. Refresh to see the latest.
View
2  VERSION
@@ -1 +1 @@
-2.23.0
+2.23.1
View
3  agents/Makefile.am
@@ -5,7 +5,8 @@
#
scrconf_DATA = ldap_conf.scr \
- cfg_ldap.scr
+ cfg_ldap.scr \
+ nscd_conf.scr
fillup_DATA = sysconfig.ldap
View
24 agents/nscd_conf.scr
@@ -0,0 +1,24 @@
+/**
+ * File:
+ * nscd_conf.scr
+ * Summary:
+ * SCR Agent for reading/writing /etc/nscd.conf using the ini-agent
+ *
+ * $Id$
+ *
+ * .etc.ldap_conf
+ */
+.etc.nscd_conf
+
+`ag_ini(
+ `IniAgent(
+ "/etc/nscd.conf",
+ $[
+ "options" : ["global_values", "repeat_names"],
+ "comments" : [ "^#.*", "^[ \t]*$", ],
+ "params" : [
+ $[ "match" : [ "^[ \t]*([a-zA-Z_-]+)[ \t]+(.+)[ \t]*$", "\t%s\t%s" ] ],
+ ]
+ ]
+ )
+)
View
11 package/yast2-ldap-client.changes
@@ -1,4 +1,15 @@
-------------------------------------------------------------------
+Thu Oct 11 10:31:53 CEST 2012 - jsuchome@suse.cz
+
+- disable nscd caching when sssd is used (bnc#772944)
+- 2.23.1
+
+-------------------------------------------------------------------
+Wed Oct 10 15:19:26 CEST 2012 - jsuchome@suse.cz
+
+- disable sssd service on LDAP client disablemebt (bnc#772944)
+
+-------------------------------------------------------------------
Fri Oct 5 14:51:25 CEST 2012 - jsuchome@suse.cz
- added TLS enablement checkbox again, might be used
View
35 src/Ldap.ycp
@@ -2652,6 +2652,29 @@ Select another one.
}
/**
+ * Adpat passwd and group cache in /etc/nscd.conf
+ * Caching should be disabled with sssd on
+ * @param start_sssd if sssd will be started
+ */
+ boolean WriteNscdCache (boolean start_sssd) {
+
+ list<string> enable_cache = (list<string>) SCR::Read (.etc.nscd_conf.v.enable-cache);
+ enable_cache = maplist (string sect, enable_cache, {
+ list<string> l = filter (string part, splitstring (sect, " \t"), ``(part != ""));
+ if (l[0]:"" == "passwd" || l[0]:"" == "group")
+ {
+ return sformat ("%1\t\t%2", l[0]:"", start_sssd ? "no": "yes");
+ }
+ return sect;
+ });
+ if (enable_cache == [] || enable_cache == nil)
+ {
+ return false;
+ }
+ return SCR::Write (.etc.nscd_conf.v.enable-cache, enable_cache);
+ }
+
+ /**
* Saves LDAP configuration.
* @param abort block for abort
* @return symbol
@@ -2777,6 +2800,7 @@ Select another one.
// default value is 'yes'
WriteLdapConfEntry ("tls_checkpeer", tls_checkpeer == "yes" ? nil : tls_checkpeer);
+ WriteNscdCache (start && sssd);
}
if (start) // ldap used for authentocation
{
@@ -2976,6 +3000,11 @@ Select another one.
Service::Start ("sssd");
}
}
+ else
+ {
+ Service::Stop ("sssd");
+ Service::Adjust ("sssd", "disable");
+ }
if (Package::Installed ("nscd") && modified)
{
@@ -3026,10 +3055,10 @@ Select another one.
}
}
}
- else if (sssd && start)
+ else if (sssd)
{
- // enable the sssd daemon to be started at bootup
- Service::Adjust ("sssd", "enable");
+ // enable the sssd daemon to be started at bootup
+ Service::Adjust ("sssd", start ? "enable" : "disable");
}
// -------------------- write settings to LDAP
Something went wrong with that request. Please try again.