On Wed, 2007-08-15 at 13:03 +0200, Nail El-Sourani wrote:
> Hi Ian,
>
> That hack is indeed present in OpenSolaris. I can confirm the below
> patch is working 100%. Will it be merged into autofs5?
Yep, just give me a while to check against other changes and think about
it for a while to try to ensure that it doesn't break anything else.
>
> Thx,
> *nail
>
> Ian Kent wrote:
> > On Tue, 2007-08-14 at 17:44 -0500, Wolfe, Allan wrote:
> >> Good question.
> >>
> >> I spent some time testing today. They only test box I could quickly
> >> test on was a Solaris 8 with patch 108993-36 applied that affects
> >> autofs, NSS, PAM, ldapclient and associated user utilities (this patch
> >> is quite old --> current is 108993-67).
> >>
> >> The results were quite surprising as I distinctly remember having to
> >> insert those delimited cn entries for the benefit of Solaris back 3
> >> years ago when we integrated LDAP into our enterprise. Bottom line, I
> >> see that a delimited entry is seemingly no longer needed. No matter
> >> what the test case that was run, the cn as described in the dn prevailed
> >> by default to appear as the stub. Oddly, when accessing a mount
> >> directly pathed as an alternate cn, it would mount and appear in that
> >> form. Here are notes from my testing below:
> >
> > But you guys confirmed that the % hack is present in OpenSolaris so
> > perhaps the patch below will provide the behavior we need.
> >
> > Could someone try this patch out please.
> >
> > ---
> > diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c
> > index de8d515..7cb4e58 100644
> > --- a/modules/lookup_ldap.c
> > +++ b/modules/lookup_ldap.c
> > @@ -1226,34 +1226,50 @@ static int read_one_map(struct autofs_point *ap,
> > * value.
> > */
> > count = ldap_count_values_len(bvKey);
> > - if (count > 2) {
> > - error(ap->logopt,
> > - MODPREFIX
> > - "key %.*s has duplicate entries - ignoring",
> > - bvKey[0]->bv_len, bvKey[0]->bv_val);
> > - goto next;
> > - } else if (count == 2) {
> > + if (count > 1) {
> > unsigned int i;
> >
> > /* Check for the "/" and "*" and use as "/" if found */
> > for (i = 0; i < count; i++) {
> > - /* check for wildcard */
> > - if (bvKey[i]->bv_len != 1)
> > - continue;
> > - if (*bvKey[i]->bv_val != '/' &&
> > - *bvKey[i]->bv_val != '*')
> > + bvKey[i]->bv_val[bvKey[i]->bv_len] = '\0';
> > +
> > + /*
> > + * If multiple entries are present they could
> > + * be the result of people using the "%" hack so
> > + * ignore them.
> > + */
> > + if (strchr(bvKey[i]->bv_val, '%'))
> > continue;
> > - /* always use '/' internally */
> > - *bvKey[i]->bv_val = '/';
> > +
> > + /* check for wildcard */
> > + if (bvKey[i]->bv_len == 1 &&
> > + (*bvKey[i]->bv_val == '/' ||
> > + *bvKey[i]->bv_val == '*')) {
> > + /* always use '/' internally */
> > + *bvKey[i]->bv_val = '/';
> > + k_val = bvKey[i]->bv_val;
> > + k_len = 1;
> > + break;
> > + }
> > +
> > + /*
> > + * We have a result from LDAP so this is a
> > + * valid entry. Set the result to the LDAP
> > + * key that isn't a wildcard and doesn't have
> > + * any "%" hack values present. This should be
> > + * the case insensitive match string for the
> > + * nis schema, the default value.
> > + */
> > k_val = bvKey[i]->bv_val;
> > - k_len = 1;
> > + k_len = bvKey[i]->bv_len;
> > +
> > break;
> > }
> >
> > if (!k_val) {
> > error(ap->logopt,
> > MODPREFIX
> > - "key %.*s has duplicate entries -
> > ignoring",
> > + "invalid entry %.*s - ignoring",
> > bvKey[0]->bv_len, bvKey[0]->bv_val);
> > goto next;
> > }
> > @@ -1509,34 +1525,48 @@ static int lookup_one(struct autofs_point *ap,
> > * value.
> > */
> > count = ldap_count_values_len(bvKey);
> > - if (count > 2) {
> > - error(ap->logopt,
> > - MODPREFIX
> > - "key %.*s has duplicate entries - ignoring",
> > - bvKey[0]->bv_len, bvKey[0]->bv_val);
> > - goto next;
> > - } else if (count == 2) {
> > + if (count > 1) {
> > unsigned int i;
> >
> > /* Check for the "/" and "*" and use as "/" if found */
> > for (i = 0; i < count; i++) {
> > - /* check for wildcard */
> > - if (bvKey[i]->bv_len != 1)
> > + bvKey[i]->bv_val[bvKey[i]->bv_len] = '\0';
> > +
> > + /*
> > + * If multiple entries are present they could
> > + * be the result of people using the "%" hack so
> > + * ignore them.
> > + */
> > + if (strchr(bvKey[i]->bv_val, '%'))
> > continue;
> > - if (*bvKey[i]->bv_val != '/' &&
> > - *bvKey[i]->bv_val != '*')
> > - continue;
> > - /* always use '/' internally */
> > - *bvKey[i]->bv_val = '/';
> > - k_val = bvKey[i]->bv_val;
> > - k_len = 1;
> > +
> > + /* check for wildcard */
> > + if (bvKey[i]->bv_len == 1 &&
> > + (*bvKey[i]->bv_val == '/' ||
> > + *bvKey[i]->bv_val == '*')) {
> > + /* always use '/' internally */
> > + *bvKey[i]->bv_val = '/';
> > + k_val = bvKey[i]->bv_val;
> > + k_len = 1;
> > + break;
> > + }
> > +
> > + /*
> > + * The key was matched by LDAP so this is a
> > + * valid entry. Set the result key to the
> > + * lookup key to provide the mixed case
> > + * matching provided by the "%" hack.
> > + */
> > + k_val = qKey;
> > + k_len = strlen(qKey);
> > +
> > break;
> > }
> >
> > if (!k_val) {
> > error(ap->logopt,
> > - MODPREFIX "key %.*s has duplicate
> > entries",
> > - bvKey[0]->bv_len, bvKey[0]->bv_val);
> > + MODPREFIX "no valid key found for %.*s",
> > + qKey_len, qKey);
> > ret = CHE_FAIL;
> > goto next;
> > }
> >
_______________________________________________
autofs mailing list
[email protected]
http://linux.kernel.org/mailman/listinfo/autofs
