From 91f39a6e38e6e6fd1e9b6582fb85cd273f3249bb Mon Sep 17 00:00:00 2001
From: Amy Fong <amy.fong@windriver.com>
Date: Tue, 22 Jul 2014 09:55:30 -0400
Subject: ldap/pam: enable pam/ldap authentication

- modify pam configuration files to use ldap
- modify sshd to enable pam
- modify nsswitch.conf to use ldap

Signed-off-by: Amy Fong <amy.fong@windriver.com>
---
 .../base-files/base-files_3.0.14.bbappend             | 15 +++++++++++++++
 .../recipes-core/base-files/files/nsswitch.conf       | 19 +++++++++++++++++++
 2 files changed, 34 insertions(+)
 create mode 100644 meta-openstack/recipes-core/base-files/base-files_3.0.14.bbappend
 create mode 100644 meta-openstack/recipes-core/base-files/files/nsswitch.conf

(limited to 'meta-openstack/recipes-core')

diff --git a/meta-openstack/recipes-core/base-files/base-files_3.0.14.bbappend b/meta-openstack/recipes-core/base-files/base-files_3.0.14.bbappend
new file mode 100644
index 0000000..a24bc7f
--- /dev/null
+++ b/meta-openstack/recipes-core/base-files/base-files_3.0.14.bbappend
@@ -0,0 +1,15 @@
+PRINC = "1"
+
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+
+SRC_URI += "file://nsswitch.conf"
+
+PACKAGECONFIG ?= "${@base_contains('DISTRO_FEATURES', 'OpenLDAP', 'OpenLDAP', '', d)}"
+PACKAGECONFIG[OpenLDAP] = ",,,nss-pam-ldapd"
+
+do_install_append() {
+    if ${@base_contains('DISTRO_FEATURES', 'OpenLDAP', 'true', 'false', d)}; then
+        install -m 755 -d ${D}/etc/
+        install -m 644 ${WORKDIR}/nsswitch.conf ${D}/etc/
+    fi
+}
diff --git a/meta-openstack/recipes-core/base-files/files/nsswitch.conf b/meta-openstack/recipes-core/base-files/files/nsswitch.conf
new file mode 100644
index 0000000..0bc04be
--- /dev/null
+++ b/meta-openstack/recipes-core/base-files/files/nsswitch.conf
@@ -0,0 +1,19 @@
+# /etc/nsswitch.conf
+#
+# Example configuration of GNU Name Service Switch functionality.
+# If you have the `glibc-doc' and `info' packages installed, try:
+# `info libc "Name Service Switch"' for information about this file.
+
+passwd:         compat ldap
+group:          compat ldap
+shadow:         compat ldap
+
+hosts:          files dns
+networks:       files
+
+protocols:      db files
+services:       db files
+ethers:         db files
+rpc:            db files
+
+netgroup:       nis
-- 
cgit v1.2.3-54-g00ecf