220379 – [patch] net/nss-pam-ldapd: introducing very basic LOGIN_CLASS(3) support

Bug 220379 - [patch] net/nss-pam-ldapd: introducing very basic LOGIN_CLASS(3) support

Summary: [patch] net/nss-pam-ldapd: introducing very basic LOGIN_CLASS(3) support

Status:	New

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Only Me
Assignee:	Ryan Steinmetz

URL:
Keywords:	patch

Depends on:
Blocks:

Reported:	2017-06-30 08:38 UTC by Marek Zarychta
Modified:	2017-07-03 23:29 UTC (History)
CC List:	0 users

See Also:

Flags:	bugzilla: maintainer-feedback? (zi)

Attachments
nss-pam-ldapd-0.9.8.loginClass.patch (3.28 KB, patch) 2017-06-30 08:38 UTC, Marek Zarychta	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marek Zarychta 2017-06-30 08:38:55 UTC

Created attachment 183936 [details]
nss-pam-ldapd-0.9.8.loginClass.patch

Currently, all users from LDAP are mapped to "default" login class. This patch adds very basic LOGIN_CLASS(3) support to net/nss-pam-ldapd. 

There is no loginClass or equivalent attribute in OpenLDAP NIS schema, but some other attributes could be easily mapped to loginClass attribute in nslcd.conf. 

This is the example how to map loginClass to "description" attribute, in absence of destcritpion in user field, the user is mapped to class "student":

map passwd loginClass "${description:-student}"

I am using this feature for more than two years, may be someone in the community will also find this patch useful.

Comment 1 Ryan Steinmetz freebsd_committer

2017-06-30 16:56:44 UTC

Has this been submitted upstream yet?  If not, please do so.

Comment 2 Marek Zarychta 2017-07-03 23:29:32 UTC

The upstream discards it silently as strictly BSDish related feature.