-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/22/2011 12:10 PM, Sumit Bose wrote: >> Sorry, I just realized that my testing was flawed. You access >> options->id->basic in ipa_service_init() before it is initialized by >> ipa_get_id_options().
Add krb5_realm to the basic IPA options Previously, this was only handled by the internal LDAP and Kerberos providers, but this wasn't available early enough to properly handle setting up the krb5_service for failover and creating the krb5info files. - -- Stephen Gallagher RHCE 804006346421761 Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk1j9hUACgkQeiVVYja6o6N2YACfW1TQKx3nOUU6C8UT5KbWNXEi MZ0An1W8nHKxqTqo+w2mEuI46wPLVXmY =9Yio -----END PGP SIGNATURE-----
From 05d1840c0d4822160a6959c9a9c8152d5ef42981 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgall...@redhat.com>
Date: Tue, 22 Feb 2011 12:42:43 -0500
Subject: [PATCH] Add krb5_realm to the basic IPA options
Previously, this was only handled by the internal LDAP and Kerberos
providers, but this wasn't available early enough to properly
handle setting up the krb5_service for failover and creating the
krb5info files.
---
src/providers/ipa/ipa_common.c | 5 +++--
src/providers/ipa/ipa_common.h | 1 +
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/providers/ipa/ipa_common.c b/src/providers/ipa/ipa_common.c
index 9af7710b534b159f608e2c3fa861db17683d730b..397e418b9fc855d51873048a57f95c2e1f10786a 100644
--- a/src/providers/ipa/ipa_common.c
+++ b/src/providers/ipa/ipa_common.c
@@ -35,7 +35,8 @@ struct dp_option ipa_basic_opts[] = {
{ "ipa_hostname", DP_OPT_STRING, NULL_STRING, NULL_STRING },
{ "ipa_dyndns_update", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
{ "ipa_dyndns_iface", DP_OPT_STRING, NULL_STRING, NULL_STRING},
- { "ipa_hbac_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING}
+ { "ipa_hbac_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING},
+ { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING}
};
struct dp_option ipa_def_ldap_opts[] = {
@@ -642,7 +643,7 @@ int ipa_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx,
service->sdap->kinit_service_name = service->krb5_service->name;
/* First check whether the realm has been manually specified */
- realm = dp_opt_get_string(options->id->basic, SDAP_KRB5_REALM);
+ realm = dp_opt_get_string(options->basic, IPA_KRB5_REALM);
if (realm) {
/* krb5_realm exists in the configuration, use it */
service->krb5_service->realm =
diff --git a/src/providers/ipa/ipa_common.h b/src/providers/ipa/ipa_common.h
index 85f22e8df7f5329b61d456039ae269050856426c..588aa63e412dc2ba006714729bb4710a4075ff25 100644
--- a/src/providers/ipa/ipa_common.h
+++ b/src/providers/ipa/ipa_common.h
@@ -49,6 +49,7 @@ enum ipa_basic_opt {
IPA_DYNDNS_UPDATE,
IPA_DYNDNS_IFACE,
IPA_HBAC_SEARCH_BASE,
+ IPA_KRB5_REALM,
IPA_OPTS_BASIC /* opts counter */
};
--
1.7.4
0001-Add-krb5_realm-to-the-basic-IPA-options.patch.sig
Description: PGP signature
_______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
