From 6bd9abb65bc9ec9850bf55af638ff9b186cb59df Mon Sep 17 00:00:00 2001 From: Packit Date: Sep 16 2020 08:03:32 +0000 Subject: nss-pam-ldapd-0.9.9 base --- diff --git a/AUTHORS b/AUTHORS new file mode 100644 index 0000000..456f6e9 --- /dev/null +++ b/AUTHORS @@ -0,0 +1,145 @@ +The original nss_ldap library was written by Luke Howard of PADL Software Pty +Ltd. In 2006 Arthur de Jong of West Consuling forked the library to split it +into a thin NSS part and a server part. The copyright holders of most of the +code are: + +Luke Howard +West Consulting +Arthur de Jong +Howard Chu +Symas Corporation (contributed by Ted C. Cheng ) + +The following people (in no particular order) have also volunteered their +time, effort, and ideas to make this software available. If you feel you are +unjustly left out of this list, please send an email. + +Steven Barrus +David Begley +Maxim Batourine +Michael Brownea +Max Caines +Carlos Celso +Peter Cherny +Ben Collins +Stephan Cremer +Alejandro Forero Cuervo +Guenther Deschner +Luca Filipozzi +Andrew Findlay +Cristian Gafton +Gabor Gombas +DJ Gregor +Bob Guo +Daniel Hanks +Leif Hedstrom +Emile Heitor +Geert Jansen +Szymon Juraszczyk +Anselm Kruis +Thorsten Kukuk +Steve Langasek +Joe Little +Phillip Liu +Larry Lile +Jeff Mandel +Peter Marschall +Michael Mattice +Dejan Muhamedagic +Doug Nazar +Frode Nordahl +Lars Oergel +Fredrik Ohrn +Rakesh Patel +Nathan Hawkins +Andrew Rechenberg +Greg Retowski +Alain Richard +Michael Shuey +Oliver Schulze L. +Alexander Spannagel +Scott M. Stone +Gero Treuner +Jarkko Turkulainen +Stein Vrale +Simon Wilkinson +Davide Puricelli +Sami Haahtinen +Stephen Frost +Américo Monteiro +Cyril Brulebois +Kenshi Muto +Andreas Schneider +Ralf Haferkamp +Michael Calmer +Erik Schanze +Bart Cornelis +Rudy Godoy Guillén +Petter Reinholdtsen +Dan White +Leigh Wedding +Jan Schampera +Nalin Dahyabhai +Daniel Dehennin +Bjørn Steensrud +Chris Leick +Christian Perrier +David Bartley +Esko Arajärvi +Francisco Javier Cuadrado +Guillaume Delacour +Jonas Smedegaard +Justin B Rye +Marce Villarino +Martin Ågren +Miroslav Kure +Thaddeus J. Kollar +Vincenzo Campanella +Yuri Kozlov +zym +Agustí Grau +Clytie Siddall +Pierre Gambarotto +Ted C. Cheng +Jacques Vidrine +Artem Kazakov +Alexander V. Chernikov +SATOH Fumiyasu +Wesley Mason +Stefan Völkel +Slavko +Joe Hansen +Denis Doria +James M. Leddy +Jakub Hrozek +Andreas B. Mundt +Paul Gevers +Jeroen Schot +Tom Judge +Maxim Vetrov +Matthew L. Dailey +Chris Hiestand +Jon Severinsson +Thorsten Glaser +Steve Hill +Caleb Callaway +Bersl +John Sullivan +Joshua Shire +Francois Tigeot +Davy Defaud +Lukas Slebodnik +ushi +Tim Harder +Patrick McLean +Jianhai Luan +Jason Luan +Mark R Bannister +Dalibor Pospíšil +Tim Rice +Andrew Elble +Jed Liu +Geoffrey McRae +Mathieu Baeumler +Vasilis Tsiligiannis +Giovanni Mascellani +Seth Wright diff --git a/COPYING b/COPYING new file mode 100644 index 0000000..5ab7695 --- /dev/null +++ b/COPYING @@ -0,0 +1,504 @@ + GNU LESSER GENERAL PUBLIC LICENSE + Version 2.1, February 1999 + + Copyright (C) 1991, 1999 Free Software Foundation, Inc. + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + +[This is the first released version of the Lesser GPL. It also counts + as the successor of the GNU Library Public License, version 2, hence + the version number 2.1.] + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +Licenses are intended to guarantee your freedom to share and change +free software--to make sure the software is free for all its users. + + This license, the Lesser General Public License, applies to some +specially designated software packages--typically libraries--of the +Free Software Foundation and other authors who decide to use it. You +can use it too, but we suggest you first think carefully about whether +this license or the ordinary General Public License is the better +strategy to use in any particular case, based on the explanations below. + + When we speak of free software, we are referring to freedom of use, +not price. Our General Public Licenses are designed to make sure that +you have the freedom to distribute copies of free software (and charge +for this service if you wish); that you receive source code or can get +it if you want it; that you can change the software and use pieces of +it in new free programs; and that you are informed that you can do +these things. + + To protect your rights, we need to make restrictions that forbid +distributors to deny you these rights or to ask you to surrender these +rights. These restrictions translate to certain responsibilities for +you if you distribute copies of the library or if you modify it. + + For example, if you distribute copies of the library, whether gratis +or for a fee, you must give the recipients all the rights that we gave +you. You must make sure that they, too, receive or can get the source +code. If you link other code with the library, you must provide +complete object files to the recipients, so that they can relink them +with the library after making changes to the library and recompiling +it. And you must show them these terms so they know their rights. + + We protect your rights with a two-step method: (1) we copyright the +library, and (2) we offer you this license, which gives you legal +permission to copy, distribute and/or modify the library. + + To protect each distributor, we want to make it very clear that +there is no warranty for the free library. Also, if the library is +modified by someone else and passed on, the recipients should know +that what they have is not the original version, so that the original +author's reputation will not be affected by problems that might be +introduced by others. + + Finally, software patents pose a constant threat to the existence of +any free program. We wish to make sure that a company cannot +effectively restrict the users of a free program by obtaining a +restrictive license from a patent holder. Therefore, we insist that +any patent license obtained for a version of the library must be +consistent with the full freedom of use specified in this license. + + Most GNU software, including some libraries, is covered by the +ordinary GNU General Public License. This license, the GNU Lesser +General Public License, applies to certain designated libraries, and +is quite different from the ordinary General Public License. We use +this license for certain libraries in order to permit linking those +libraries into non-free programs. + + When a program is linked with a library, whether statically or using +a shared library, the combination of the two is legally speaking a +combined work, a derivative of the original library. The ordinary +General Public License therefore permits such linking only if the +entire combination fits its criteria of freedom. The Lesser General +Public License permits more lax criteria for linking other code with +the library. + + We call this license the "Lesser" General Public License because it +does Less to protect the user's freedom than the ordinary General +Public License. It also provides other free software developers Less +of an advantage over competing non-free programs. These disadvantages +are the reason we use the ordinary General Public License for many +libraries. However, the Lesser license provides advantages in certain +special circumstances. + + For example, on rare occasions, there may be a special need to +encourage the widest possible use of a certain library, so that it becomes +a de-facto standard. To achieve this, non-free programs must be +allowed to use the library. A more frequent case is that a free +library does the same job as widely used non-free libraries. In this +case, there is little to gain by limiting the free library to free +software only, so we use the Lesser General Public License. + + In other cases, permission to use a particular library in non-free +programs enables a greater number of people to use a large body of +free software. For example, permission to use the GNU C Library in +non-free programs enables many more people to use the whole GNU +operating system, as well as its variant, the GNU/Linux operating +system. + + Although the Lesser General Public License is Less protective of the +users' freedom, it does ensure that the user of a program that is +linked with the Library has the freedom and the wherewithal to run +that program using a modified version of the Library. + + The precise terms and conditions for copying, distribution and +modification follow. Pay close attention to the difference between a +"work based on the library" and a "work that uses the library". The +former contains code derived from the library, whereas the latter must +be combined with the library in order to run. + + GNU LESSER GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License Agreement applies to any software library or other +program which contains a notice placed by the copyright holder or +other authorized party saying it may be distributed under the terms of +this Lesser General Public License (also called "this License"). +Each licensee is addressed as "you". + + A "library" means a collection of software functions and/or data +prepared so as to be conveniently linked with application programs +(which use some of those functions and data) to form executables. + + The "Library", below, refers to any such software library or work +which has been distributed under these terms. A "work based on the +Library" means either the Library or any derivative work under +copyright law: that is to say, a work containing the Library or a +portion of it, either verbatim or with modifications and/or translated +straightforwardly into another language. (Hereinafter, translation is +included without limitation in the term "modification".) + + "Source code" for a work means the preferred form of the work for +making modifications to it. For a library, complete source code means +all the source code for all modules it contains, plus any associated +interface definition files, plus the scripts used to control compilation +and installation of the library. + + Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running a program using the Library is not restricted, and output from +such a program is covered only if its contents constitute a work based +on the Library (independent of the use of the Library in a tool for +writing it). Whether that is true depends on what the Library does +and what the program that uses the Library does. + + 1. You may copy and distribute verbatim copies of the Library's +complete source code as you receive it, in any medium, provided that +you conspicuously and appropriately publish on each copy an +appropriate copyright notice and disclaimer of warranty; keep intact +all the notices that refer to this License and to the absence of any +warranty; and distribute a copy of this License along with the +Library. + + You may charge a fee for the physical act of transferring a copy, +and you may at your option offer warranty protection in exchange for a +fee. + + 2. You may modify your copy or copies of the Library or any portion +of it, thus forming a work based on the Library, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) The modified work must itself be a software library. + + b) You must cause the files modified to carry prominent notices + stating that you changed the files and the date of any change. + + c) You must cause the whole of the work to be licensed at no + charge to all third parties under the terms of this License. + + d) If a facility in the modified Library refers to a function or a + table of data to be supplied by an application program that uses + the facility, other than as an argument passed when the facility + is invoked, then you must make a good faith effort to ensure that, + in the event an application does not supply such function or + table, the facility still operates, and performs whatever part of + its purpose remains meaningful. + + (For example, a function in a library to compute square roots has + a purpose that is entirely well-defined independent of the + application. Therefore, Subsection 2d requires that any + application-supplied function or table used by this function must + be optional: if the application does not supply it, the square + root function must still compute square roots.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Library, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Library, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote +it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Library. + +In addition, mere aggregation of another work not based on the Library +with the Library (or with a work based on the Library) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may opt to apply the terms of the ordinary GNU General Public +License instead of this License to a given copy of the Library. To do +this, you must alter all the notices that refer to this License, so +that they refer to the ordinary GNU General Public License, version 2, +instead of to this License. (If a newer version than version 2 of the +ordinary GNU General Public License has appeared, then you can specify +that version instead if you wish.) Do not make any other change in +these notices. + + Once this change is made in a given copy, it is irreversible for +that copy, so the ordinary GNU General Public License applies to all +subsequent copies and derivative works made from that copy. + + This option is useful when you wish to copy part of the code of +the Library into a program that is not a library. + + 4. You may copy and distribute the Library (or a portion or +derivative of it, under Section 2) in object code or executable form +under the terms of Sections 1 and 2 above provided that you accompany +it with the complete corresponding machine-readable source code, which +must be distributed under the terms of Sections 1 and 2 above on a +medium customarily used for software interchange. + + If distribution of object code is made by offering access to copy +from a designated place, then offering equivalent access to copy the +source code from the same place satisfies the requirement to +distribute the source code, even though third parties are not +compelled to copy the source along with the object code. + + 5. A program that contains no derivative of any portion of the +Library, but is designed to work with the Library by being compiled or +linked with it, is called a "work that uses the Library". Such a +work, in isolation, is not a derivative work of the Library, and +therefore falls outside the scope of this License. + + However, linking a "work that uses the Library" with the Library +creates an executable that is a derivative of the Library (because it +contains portions of the Library), rather than a "work that uses the +library". The executable is therefore covered by this License. +Section 6 states terms for distribution of such executables. + + When a "work that uses the Library" uses material from a header file +that is part of the Library, the object code for the work may be a +derivative work of the Library even though the source code is not. +Whether this is true is especially significant if the work can be +linked without the Library, or if the work is itself a library. The +threshold for this to be true is not precisely defined by law. + + If such an object file uses only numerical parameters, data +structure layouts and accessors, and small macros and small inline +functions (ten lines or less in length), then the use of the object +file is unrestricted, regardless of whether it is legally a derivative +work. (Executables containing this object code plus portions of the +Library will still fall under Section 6.) + + Otherwise, if the work is a derivative of the Library, you may +distribute the object code for the work under the terms of Section 6. +Any executables containing that work also fall under Section 6, +whether or not they are linked directly with the Library itself. + + 6. As an exception to the Sections above, you may also combine or +link a "work that uses the Library" with the Library to produce a +work containing portions of the Library, and distribute that work +under terms of your choice, provided that the terms permit +modification of the work for the customer's own use and reverse +engineering for debugging such modifications. + + You must give prominent notice with each copy of the work that the +Library is used in it and that the Library and its use are covered by +this License. You must supply a copy of this License. If the work +during execution displays copyright notices, you must include the +copyright notice for the Library among them, as well as a reference +directing the user to the copy of this License. Also, you must do one +of these things: + + a) Accompany the work with the complete corresponding + machine-readable source code for the Library including whatever + changes were used in the work (which must be distributed under + Sections 1 and 2 above); and, if the work is an executable linked + with the Library, with the complete machine-readable "work that + uses the Library", as object code and/or source code, so that the + user can modify the Library and then relink to produce a modified + executable containing the modified Library. (It is understood + that the user who changes the contents of definitions files in the + Library will not necessarily be able to recompile the application + to use the modified definitions.) + + b) Use a suitable shared library mechanism for linking with the + Library. A suitable mechanism is one that (1) uses at run time a + copy of the library already present on the user's computer system, + rather than copying library functions into the executable, and (2) + will operate properly with a modified version of the library, if + the user installs one, as long as the modified version is + interface-compatible with the version that the work was made with. + + c) Accompany the work with a written offer, valid for at + least three years, to give the same user the materials + specified in Subsection 6a, above, for a charge no more + than the cost of performing this distribution. + + d) If distribution of the work is made by offering access to copy + from a designated place, offer equivalent access to copy the above + specified materials from the same place. + + e) Verify that the user has already received a copy of these + materials or that you have already sent this user a copy. + + For an executable, the required form of the "work that uses the +Library" must include any data and utility programs needed for +reproducing the executable from it. However, as a special exception, +the materials to be distributed need not include anything that is +normally distributed (in either source or binary form) with the major +components (compiler, kernel, and so on) of the operating system on +which the executable runs, unless that component itself accompanies +the executable. + + It may happen that this requirement contradicts the license +restrictions of other proprietary libraries that do not normally +accompany the operating system. Such a contradiction means you cannot +use both them and the Library together in an executable that you +distribute. + + 7. You may place library facilities that are a work based on the +Library side-by-side in a single library together with other library +facilities not covered by this License, and distribute such a combined +library, provided that the separate distribution of the work based on +the Library and of the other library facilities is otherwise +permitted, and provided that you do these two things: + + a) Accompany the combined library with a copy of the same work + based on the Library, uncombined with any other library + facilities. This must be distributed under the terms of the + Sections above. + + b) Give prominent notice with the combined library of the fact + that part of it is a work based on the Library, and explaining + where to find the accompanying uncombined form of the same work. + + 8. You may not copy, modify, sublicense, link with, or distribute +the Library except as expressly provided under this License. Any +attempt otherwise to copy, modify, sublicense, link with, or +distribute the Library is void, and will automatically terminate your +rights under this License. However, parties who have received copies, +or rights, from you under this License will not have their licenses +terminated so long as such parties remain in full compliance. + + 9. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Library or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Library (or any work based on the +Library), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Library or works based on it. + + 10. Each time you redistribute the Library (or any work based on the +Library), the recipient automatically receives a license from the +original licensor to copy, distribute, link with or modify the Library +subject to these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties with +this License. + + 11. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Library at all. For example, if a patent +license would not permit royalty-free redistribution of the Library by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Library. + +If any portion of this section is held invalid or unenforceable under any +particular circumstance, the balance of the section is intended to apply, +and the section as a whole is intended to apply in other circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 12. If the distribution and/or use of the Library is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Library under this License may add +an explicit geographical distribution limitation excluding those countries, +so that distribution is permitted only in or among countries not thus +excluded. In such case, this License incorporates the limitation as if +written in the body of this License. + + 13. The Free Software Foundation may publish revised and/or new +versions of the Lesser General Public License from time to time. +Such new versions will be similar in spirit to the present version, +but may differ in detail to address new problems or concerns. + +Each version is given a distinguishing version number. If the Library +specifies a version number of this License which applies to it and +"any later version", you have the option of following the terms and +conditions either of that version or of any later version published by +the Free Software Foundation. If the Library does not specify a +license version number, you may choose any version ever published by +the Free Software Foundation. + + 14. If you wish to incorporate parts of the Library into other free +programs whose distribution conditions are incompatible with these, +write to the author to ask for permission. For software which is +copyrighted by the Free Software Foundation, write to the Free +Software Foundation; we sometimes make exceptions for this. Our +decision will be guided by the two goals of preserving the free status +of all derivatives of our free software and of promoting the sharing +and reuse of software generally. + + NO WARRANTY + + 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO +WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. +EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR +OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY +KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE +LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME +THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN +WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY +AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU +FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR +CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE +LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING +RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A +FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF +SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH +DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Libraries + + If you develop a new library, and you want it to be of the greatest +possible use to the public, we recommend making it free software that +everyone can redistribute and change. You can do so by permitting +redistribution under these terms (or, alternatively, under the terms of the +ordinary General Public License). + + To apply these terms, attach the following notices to the library. It is +safest to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least the +"copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + +Also add information on how to contact you by electronic and paper mail. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the library, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the + library `Frob' (a library for tweaking knobs) written by James Random Hacker. + + , 1 April 1990 + Ty Coon, President of Vice + +That's all there is to it! + + diff --git a/ChangeLog b/ChangeLog new file mode 100644 index 0000000..76150f3 --- /dev/null +++ b/ChangeLog @@ -0,0 +1,1296 @@ +2018-02-18 Arthur de Jong + + * [382b6ea] INSTALL, ar-lib, config.guess, config.sub, depcomp, + py-compile: Update files from latest automake + +2018-02-17 Arthur de Jong + + * [e8a4705] tests/test_pylint.sh: Fix running pylint on distcheck + + This sets PYTHONPATH so that both the source and build directories + are used to find constants.py. + +2018-02-17 Arthur de Jong + + * [9a50971] common/expr.c, compat/attrs.h: Mark case blocks without + break statement + + This avoids a gcc warning in non-empty case blocks without a + break statement by explicitly marking those blocks. + +2018-02-16 Arthur de Jong + + * [c05e326] nslcd/cfg.c, nslcd/common.h: Increase size of hostname + buffer + + This increases the host name buffer to support host names (that + include FQDNs) to 255 characters and removes the reliance on + HOST_NAME_MAX and _POSIX_HOST_NAME_MAX which may be smaller in + some situations. + + Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/22 + +2017-12-23 Arthur de Jong + + * [9760dce] nslcd/cfg.c: Increase size of config file token + + This increases the maximum size of tokens that are read from + the nslcd.conf configuration file to 256 characters. This was + a problem for some very long uri values. + + Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/21 + +2017-10-13 Arthur de Jong + + * [8f76d24] nslcd/cfg.c, tests/test_cfg.c: Support spaces in + attribute mapping expressions + +2017-06-26 Arthur de Jong + + * [47fd03b] AUTHORS, ChangeLog, NEWS, configure.ac, + man/chsh.ldap.1.xml, man/getent.ldap.1.xml, man/nslcd.8.xml, + man/nslcd.conf.5.xml, man/pam_ldap.8.xml, man/pynslcd.8.xml, + nslcd/nslcd.c, pynslcd/pynslcd.py, utils/cmdline.py: Get files + ready for 0.9.8 release + +2017-06-25 Arthur de Jong + + * [7920d85] tests/test_ldapcmds.sh, tests/test_nsscmds.sh: Ignore + password hashes in consistent manner + + This changes the getent and getent.ldap tests to ignore password + hashes that may be present in shadow lookups in a consistent + manner. + + This also adds minor compatibility improvements. + +2017-06-25 Arthur de Jong + + * [65695aa] pynslcd/cfg.py, pynslcd/mypidfile.py, pynslcd/pynslcd.py: + Create pidfile directory in pynslcd + + This ensures that /var/run/nslcd is created (when it does not + exist) when starting pynslcd. + +2017-06-25 Arthur de Jong + + * [419aab2] pynslcd/cfg.py, pynslcd/group.py, pynslcd/passwd.py: + Add nss_uid_offset and nss_gid_offset to pynslcd + +2017-03-20 Seth Wright + + * [5103173] man/nslcd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, + nslcd/group.c, nslcd/passwd.c: Add the ability to offset UID + and GID numbers + +2017-06-18 Arthur de Jong + + * [fee74d9] tests/Makefile.am, tests/test_ldapcmds.sh: Portability + improvements to test_ldapcmds.sh + + This fixes an issue with the export statement in POSIX shell + scripts, ensures that the commands in the output match those + in the script, strips password hashes for shadow lookups (for + systems without PAM where these are exposed) and only runs the + tests if we enabled the utils. + + Fixes 246a1f3. + +2017-06-17 Arthur de Jong + + * [5126b26] nslcd/ether.c: Use uint8_t instead of u_int8_t + + The former seems to be available on more platforms than the latter. + + Fixes be26510. + +2017-06-17 Arthur de Jong + + * [fe3772f] compat/pam_compat.h: Fix HAVE_DECL_PAM_ERROR usage + + The macro is supposed to be defined to 0 (instead of undefined) + if pam_info() and pam_error() are not found. + + Fixes 3d5ab89. + +2017-06-17 Arthur de Jong + + * [ca62f59] nslcd/shadow.c: Also filter shadow entries by validnames + +2017-06-17 Arthur de Jong + + * [e68b85a] nslcd/passwd.c, nslcd/shadow.c: Fix and clarify a + few comments + +2017-06-16 Arthur de Jong + + * [3d5ab89] compat/pam_compat.h, configure.ac: Fix pam_info() + and pam_error() replacement + + On FreeBSD these are functions while on Linux they are macros + causing them to be incorrectly replaced on FreeBSD. This resulted + in a crash of the PAM module when e.g. presenting messages about + password expiry. + +2017-06-16 Arthur de Jong + + * [b5d1dd2] tests/Makefile.am: Clean log from test_pamcmds.expect + + This removes test_pamcmds.log that is generated by + test_pamcmds.expect when running the test suite. This avoids an + error in the distcheck target. + +2017-06-16 Arthur de Jong + + * [246a1f3] tests/test_ldapcmds.sh: Fix running test_ldapcmds.sh + during distcheck + + This ensures that Python can find both getent.py (from source + directory) and constants.py (from build directory) when running + the tests from the distcheck target. + + This also makes the script more similar to test_nsscmds.sh. + + Fixes 9c803d7. + +2017-06-15 Arthur de Jong + + * [43862ba] : Add pam_authc_search option + + This option can be used to configure the search operation that + should be performed after authentication. + +2017-06-15 Arthur de Jong + + * [5141b09] man/nslcd.conf.5.xml, nslcd/pam.c: Allow skipping + post-authentication search altogether + +2017-06-14 Arthur de Jong + + * [0cafb08] nslcd/myldap.c, nslcd/myldap.h, nslcd/pam.c, + nslcd/usermod.c: Implement myldap_bind() function + + This function integrates the myldap_set_credentials() and + myldap_get_policy_response() and performs the bind operation + witout actually performing a search. + + The function performs a "fake" search that returns after performing + the LDAP BIND operation. + + This replaces a number of dummy search operations that were there + to ensure that the connection was open. This allows us to skip + the search operation after authentication. + +2017-06-14 Arthur de Jong + + * [9564dd0] nslcd/pam.c: Implement handling of pam_authc_search + option + + This allows performing a different, configurable search from + the default BASE search after the BIND operation. + +2017-06-14 Arthur de Jong + + * [f72aaa2] man/nslcd.conf.5.xml: Document pam_authc_search option + +2017-06-14 Arthur de Jong + + * [5d11cb8] nslcd/cfg.c, nslcd/cfg.h, nslcd/pam.c: Add + pam_authc_search option parsing + +2017-06-14 Arthur de Jong + + * [bcc3a08] nslcd/pam.c, pynslcd/pam.py: Reorganise PAM search + var building functions + + This moves the autzsearch_var_add(), autzsearch_vars_free(), + autzsearch_var_get() and do_autzsearches() functions to the top of + the file using more generic names and introduces search_vars_new() + in prepartion of other similar searches. + + This also renames the remaining authzsearch functions to + authz_search to be consistent with the pam_authz_search option. + +2017-06-13 Arthur de Jong + + * [ebc0f76] README, configure.ac, tests/test.ldif: Switch to + HTTPS URLs + +2017-06-13 Arthur de Jong + + * [be26510] compat/ether.c, compat/ether.h, configure.ac, + nslcd/ether.c, pynslcd/ether.py: Query ethernet addresses in + compact and long format + + This ensures that when querying the address 0:18:8a:54:1a:8b + both that format and 00:18:8a:54:1a:8b is searched for in LDAP. + + This was triggerred by the fact that ether_ntoa() on FreeBSD + returns the long format while glibc uses the compact format. + + Since we are no longer using the libc version of ether_ntoa() we + can also drop the compatibility implementation of ether_ntoa_r(). + +2017-06-07 Arthur de Jong + + * [becc883] nslcd/passwd.c: Log entries and lookups failing + nss_min_uid + + This logs (at debug level) any LDAP uidNumber attribute values + (or translated objectSid attribute values) that are lower than + nss_min_uid. It also logs getpwuid() requests for such uids. + +2017-06-04 Arthur de Jong + + * [5a84be2] utils/chsh.py, utils/cmdline.py, utils/getent.py, + utils/nslcd.py, utils/shells.py, utils/users.py: Make nslcd-utils + Python 3 compatible + + This changes the getent.ldap and chsh.ldap commands to be + compatible with Python 2 and Python 3 with the same code. + + This does switch to raw I/O because Python 3 does not support + bufferred I/O on sockets. + +2017-06-04 Arthur de Jong + + * [9c803d7] tests/Makefile.am, tests/test_ldapcmds.sh, + tests/test_nsscmds.sh, tests/testenv.sh: Add tests for getent.ldap + command + + This more or less duplicates the tests from test_nsscmds.sh to + test_ldapcmds.sh with some modifications for the differences + in output. + + This also extends the test_nsscmds.sh tests to handle the case + where shadow lookups do not go through LDAP. + +2017-06-04 Arthur de Jong + + * [a357131] utils/getent.py: Fix output of getent.ldap networks + + Contrary to the hosts output the network name is listed first. + +2017-06-03 Arthur de Jong + + * [58c7a94] utils/getent.py: Fix IPv6 lookups in getent.ldap + +2017-06-03 Arthur de Jong + + * [5173e55] man/getent.ldap.1.xml, utils/getent.py: Accept multiple + key arguments to getent.ldap + + This allows supplying multiple arguments to getent.ldap that + will each act as a search key for lookups, similar to what normal + getent allows. + +2017-02-07 Arthur de Jong + + * [53f797b] nslcd/nslcd.c: Exit with 0 when stopping nslcd + + When receiving a signal this will result in nslcd returning with + a success exit code. + + Thanks Stanislav Moravec for pointing this out. + +2016-09-04 Arthur de Jong + + * [c12cd14] nslcd/nslcd.c: Remove duplicate break statement + +2016-09-04 Arthur de Jong + + * [d8ad7b1] nslcd/myldap.c: Do not try all LDAP servers on failed + authentication + + See https://bugs.launchpad.net/bugs/1618190 + +2016-08-30 Arthur de Jong + + * [a3da150] utils/nslcd.py: Replace Python assertions with exceptions + + The assertions can be optimised out when compiling the modules + with -O which would break the protocol handling. This ensures + that errors are properly handled even if optimisation is enabled. + + Thanks Yu-Chun Huang for reporting this. + https://github.com/arthurdejong/nss-pam-ldapd/issues/14 + +2016-08-14 Arthur de Jong + + * [c286bb5] AUTHORS, ChangeLog, NEWS, README, configure.ac, + man/chsh.ldap.1.xml, man/getent.ldap.1.xml, man/nslcd.8.xml, + man/nslcd.conf.5.xml, man/pam_ldap.8.xml, man/pynslcd.8.xml, + nslcd/nslcd.c, pynslcd/pynslcd.py, utils/cmdline.py: Get files + ready for 0.9.7 release + +2016-08-14 Arthur de Jong + + * [db9494e] tests/Makefile.am: Only run doctests when building + pynslcd + +2016-08-14 Arthur de Jong + + * [cb16e4c] nss/bsdnss.c: Avoid some warnings on FreeBSD + + This adds casts to and from void * for the function pointers + that are passed around. + +2016-07-27 Arthur de Jong + + * [b7a0b23] ChangeLog, ChangeLog-2013, Makefile.am: Archive 2013 + ChangeLog entries + +2016-07-27 Arthur de Jong + + * [e4df12c] config.guess, config.sub, install-sh: Update files + from latest automake + +2016-07-27 Arthur de Jong + + * [db8034a] man/Makefile.am, utils/Makefile.am, utils/getent.py: + Also use module-name in utilities and man pages + + This ensures that getent.ldap, chsh.ldap and manual pages with + ldap in the name will be installed with the name as specified + with --with-module-name. + + Note that the manual page content still describes the working + within nss-pam-ldapd and still mention the ldap name. + +2016-06-04 Arthur de Jong + + * [281b0ec] tests/test_doctest.sh: Ensure doctest also run in + distcheck + + This fixes test_doctest.sh to also work when the build directory + is different from the source directory. This is needed because + constants.py is only available in the build directory. + +2016-06-03 Arthur de Jong + + * [a89eda7] nslcd/pam.c: Also honor ignorecase in PAM + + This avoids changing the cannonical username to the value as + specified in LDAP when ignorecase is used. + + See https://github.com/arthurdejong/nss-pam-ldapd/issues/12 + +2016-06-03 Arthur de Jong + + * [7eb1d69] pynslcd/expr.py: Support ${var:offset:length} in pynslcd + +2016-06-02 Arthur de Jong + + * [c90a537] pynslcd/attmap.py: Fix pynslcd expression representation + + The problem was that the ExpressionMapping string value did not + include the quotes which will cause problems when printing the + expression (e.g. when logging or dumping config, etc.). + +2016-06-02 Arthur de Jong + + * [fd61bb6] tests/Makefile.am, tests/test_doctest.sh: Add test + for running doctests + +2016-05-30 Giovanni Mascellani + + * [2ba9560] common/expr.c, man/nslcd.conf.5.xml, tests/test_expr.c: + Support substituting expresions of type ${var:offset:length} + +2016-05-30 Giovanni Mascellani + + * [3a4860c] man/nslcd.conf.5.xml: Fix small typo + +2016-05-24 Arthur de Jong + + * [917ded7] common/expr.c: Refactor out expression parsing to + functions + + This moves the parsing of the various ${var...} expressions to + separate functions so they can be extended more easily. + +2016-02-22 Arthur de Jong + + * [4be9c59] pam/pam.c: Fix logic error + + This could result in a free(NULL) call. This code path can + only be triggered if pam_ldap changes the logged-in username + (introduced in 6a74d8d). + + Thanks 依云, see + https://github.com/arthurdejong/nss-pam-ldapd/issues/11 + +2016-01-30 Mathieu Baeumler + + * [985aec3] nslcd/myldap.c: Display human readable expiry message + + Display a human readable message (days+hours, or hours+minutes, + or seconds) when the password expiring warning is issued. + +2016-02-13 Arthur de Jong + + * [b795f6c] nslcd/cfg.c: Fix nss_disable_enumeration configuration + + This fixes a copy-paste bug where nss_disable_enumeration was + incorrectly handled. Fixes c0366d8. + + Thanks Andrew W Elble for pointing this out. + +2016-01-18 Arthur de Jong + + * [525c996] tests/test.ldif, tests/test_nsscmds.sh: Add a few + IPv6 tests + + This adds a few test hosts that have IPv6 addresses. This + ensures that we have an IPv6-only host and hosts which have + address values in different order in the ipHostNumber attribute + (although attribute order is probably not guaranteed). + +2015-10-18 Mathieu Baeumler + + * [31cd2cf] man/nslcd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, + nslcd/myldap.c: Add pam_authc_ppolicy option + + This option allows completely disabling ppolicy handling. + +2016-01-06 Arthur de Jong + + * [117c9cb] nslcd/pam.c: Fix error handling on credential change + + This fixes setting the correct LDAP error code and also fixes + formatting in 027df03. + +2015-12-23 Vasilis Tsiligiannis + + * [027df03] nslcd/pam.c: Fix updating of 'shadowLastChange' + attribute when chasing referrals + + This fixes a bug where 'shadowLastChange' attribute cannot be + updated when chasing a referral. After a password is succesfully + changed, the credentials for binding should also be updated with + the new password for the session. + + Signed-off-by: Vasilis Tsiligiannis + + +2015-11-13 Arthur de Jong + + * [fcea92d] nslcd/cfg.c: Correct file readability check + + This uses access() instead of stat() to see if the file is + readable by the current process. This fixes f089e01. + +2015-09-20 Arthur de Jong + + * [c879485] nslcd/myldap.c: Fail-over and retry on more errors + + Also try to fail over to another LDAP server on a larger number + of errors. Specifically errors that point to problems connecting + to the LDAP server. + +2015-08-29 Arthur de Jong + + * [3d09e28] nslcd/myldap.c: Open connection before do_try_search() + + This is in preparation for splitting the BIND from the search + phase for authentication. + +2015-08-27 Arthur de Jong + + * [f089e01] nslcd/cfg.c: Loosen up file existence check + + This changes the check (for configuration options that specify + file names) to just check that the specified path is readable + instead of ensisting that it points to a file. + + This allows tls_randfile to point to /dev/urandom (a character + device) or a pipe. This fixes 6779a51. + + This also applies the same check to the krb5_ccname option. + + Thanks to Patrick McLean for pointing this out. + +2015-08-14 Arthur de Jong + + * [309f127] pam/pam.c: Have PAM module log messages to syslog + + This logs informational messages that are presented to the user + tot syslog. This normally includes password expiry and grace + login information which may be useful to log. + +2015-08-14 Arthur de Jong + + * [263a443] nslcd/myldap.c: Simplify password policy message handling + + This simplifies the check for overwriging pending password + expiry and grace logins warnigns and updates handling of the + LDAP_CONTROL_PWEXPIRING control to be consistent with that of + the expire value of LDAP_CONTROL_PASSWORDPOLICYRESPONSE. + + This also corrects the function name, also logs empty password + policy responses in debug mode and documents the meaning of the + various password policy values. + +2015-07-09 Mathieu Baeumler + + * [4302901] nslcd/myldap.c: Fix password policy expiration warnings + + If a password expiration warning (pwdExpireWarning) is set in + slapd, and the password is about to expire, slapd sends the + timeBeforeExpiration value as part of the passwordPolicyResponse. + + nslcd would incorrectly instruct the PAM module to require + immediate password change. This has been fixed for both + timeBeforeExpiration and graceLoginsRemaining. + +2015-07-19 Arthur de Jong + + * [89b471b] ar-lib, autogen.sh, compile, configure.ac, depcomp, + install-sh, missing, py-compile, test-driver: Update files from + automake 1.15 + + This also includes the m4 directory when invoking aclocal because + not all versions seem to handle AC_CONFIG_MACRO_DIR. + +2015-07-19 Arthur de Jong + + * [86a4618] m4/ax_tls.m4: Disable quoting in AX_TLS notfound case + + This ensures that AS_IF does not generate an empty else clause + which will result in an invalid configure script. + +2015-07-19 Arthur de Jong + + * [6779a51] nslcd/cfg.c: Check file existence for configuration + options + + This adds addition checks to the tls_cacertdir, tls_cacertfile, + tls_randfile, tls_cert and tls_key options to ensure that they + point to an existing file when parsing nslcd.conf. + +2015-07-19 Arthur de Jong + + * [a6c7c63] pynslcd/pynslcd.py: Work around bug in python-daemon + + See https://bugs.debian.org/792871 + +2015-07-08 Arthur de Jong + + * [c32e8c0] m4/ax_pthread.m4, m4/ax_tls.m4: Update macros from + autoconf-archive + +2015-06-14 Arthur de Jong + + * [d949bd4] AUTHORS, ChangeLog, NEWS, configure.ac, + man/chsh.ldap.1.xml, man/getent.ldap.1.xml, man/nslcd.8.xml, + man/nslcd.conf.5.xml, man/pam_ldap.8.xml, man/pynslcd.8.xml: + Get files ready for 0.9.6 release + +2015-06-14 Arthur de Jong + + * [4236dd6] Makefile.am: Correctly insert emtpy lines in ChangeLog + +2015-06-13 Arthur de Jong + + * [e916a2b] man/nslcd.conf.5.xml: Manual page improvements + +2015-06-13 Arthur de Jong + + * [9a7921f] nslcd/common.c, nslcd/common.h: Also fix signed integer + bug in binsid2id() + + This should have been part of d217632. + +2015-06-11 Geoffrey McRae + + * [d217632] nslcd/common.c: Fixed signed 32bit overflow bug on + 32bit systems + +2015-05-23 Jed Liu + + * [3add5f0] nslcd/cfg.c: Allow configuration values longer than + 63 characters + +2015-03-06 Arthur de Jong + + * [d58fba9] nss/netgroup.c: Provide innetgr function on Solaris + + This implements a function in the Solaris version of the NSS module + to check if a specifc netgroup triplet is part of a netgroup. + + This also avoids a compiler warning and includes improvements + and testing by Mark R Bannister. + +2015-05-01 Andrew Elble + + * [c0366d8] man/nslcd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, + nslcd/nslcd.c, pynslcd/cfg.py, pynslcd/group.py, pynslcd/passwd.py, + pynslcd/shadow.py: Implement disable_enumeration + + If this option is present, functions which cause all user/group + entries to be loaded (getpwent(), getgrent()) from the directory + will not succeed in doing so. This can dramatically reduce + ldap server load in situations where there are a great number + of users and/or groups. Applications that depend on being able + to sequentially read all users and/or groups may fail to operate + correctly. This option is not recommended for most configurations. + +2015-04-17 Arthur de Jong + + * [96045d2] man/nslcd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, + nslcd/group.c, pynslcd/cfg.py, pynslcd/group.py: Implement + nss_getgrent_skipmembers + + This option allows skipping group member list retrieval to + improve performance with very large groups. This option results + in inconsistent group membership information being presented + that may confuse some applications. + +2015-04-15 Arthur de Jong + + * [530cc24] nslcd/daemonize.c, nslcd/nslcd.c: Avoid signal race + condition on start-up + + This only restores the signal mask after signal handlers are in + place and the daemon has completely daemonised to avoid a race + condition in the start-up phase of nslcd where a signal could + be sent to nslcd causing it to quit or fail to write information + to the parent process. + +2015-03-29 Arthur de Jong + + * [16fd8c6] AUTHORS, ChangeLog, NEWS, README, configure.ac, + man/chsh.ldap.1.xml, man/getent.ldap.1.xml, man/nslcd.8.xml, + man/pam_ldap.8.xml, man/pynslcd.8.xml: Get files ready for + 0.9.5 release + +2015-03-11 Tim Rice + + * [ae08830] common/Makefile.am, compat/Makefile.am, configure.ac, + nss/Makefile.am, pam/Makefile.am: Use correct PIC arg for + non-GCC compilers + +2015-03-22 Arthur de Jong + + * [fdbca17] config.sub: Update files from latest automake + +2015-03-22 Arthur de Jong + + * [9f9a5c5] nss/networks.c: Fix for networks lookup under Solaris + + This fixes a byte order issue when nscd is running. + +2015-03-22 Arthur de Jong + + * [52ea3f5] configure.ac: Add checks to configure + + This adds tests for a function and type used in the code. + +2015-03-22 Arthur de Jong + + * [4ec1c08] nslcd/daemonize.c: ENODATA is missing on FreeBSD + + FreeBSD doesn't have ENODATA so we use ENOATTR instead. + +2015-03-22 Arthur de Jong + + * [b2563b0] compat/nss_compat.h, configure.ac: Remove use of + irs-nss.h + + This was a compatibility leftover from the nss_ldap days. + +2015-03-21 Arthur de Jong + + * [4c5a3c9] tests/test_clock.c: Prevent numer overflow in test_clock + +2015-03-21 Arthur de Jong + + * [0420232] nslcd/nslcd.c, nslcd/nsswitch.c, nss/Makefile.am, + tests/testenv.sh: Various small fixes when using --with-module-name + + This updates the test framework to support --with-module-name, + ensures that exports.map is rebuilt when configure is re-ran, + fixes parsing of nsswitch.conf (to determine what to return for + passwd lookups) and fixes the check for _nss_ldap_version. + +2015-03-21 Arthur de Jong + + * [788475f] nss/common.h: Also support platforms without TLS + + This disables the use of thread-local storage in the NSS module + when it is not available in libc. This results in the get*ent() + functions not being thread-safe. However, on most platforms they + are not expected to be thread-safe anyway. + +2015-03-20 Dalibor Pospíšil + + * [95d621e] man/nslcd.conf.5.xml: Document that multiple URIs can + be specified + + Update nslcd.conf man page that multiple URIs can be set by + using more uri lines or more URIs defined on one uri line. + + https://bugzilla.redhat.com/show_bug.cgi?id=1204195 + +2015-03-11 Patrick McLean + + * [fa6affc] common/tio.c, nslcd/attmap.c, nslcd/cfg.c, + nslcd/myldap.c: Fix formatting of size_t values + + In several places the code used a %d format to print a size_t + variable. On amd64 at least size_t is an unsigned long, so use + %lu instead. + + An alternative would be to use %ud for size_t and %zd fo ssize_t + but not all platforms seem to support that formatter. + +2015-03-11 Patrick McLean + + * [246aba5] nslcd/myldap.c, pam/pam.c: Avoid comparison of static + array to null pointer + + There are several places where a static length array in a struct + is compared to a null pointer. These comparisons will always + be false, since an array in a struct is not actually a pointer, + so they can be removed. + +2015-03-10 Patrick McLean + + * [d0f896a] AUTHORS, nslcd/nslcd.c: Don't let the oom killer + kill nslcd + + Adjust the Linux OOM (Out-Of-Memory) killer score by -1000 for + nslcd so that it should not be killed. + +2015-01-19 Arthur de Jong + + * [ee82d2f] .gitignore, configure.ac, nslcd/nslcd.c, + nss/Makefile.am, nss/aliases.c, nss/bsdnss.c, nss/common.c, + nss/common.h, nss/ethers.c, nss/group.c, nss/hosts.c, + nss/netgroup.c, nss/networks.c, nss/passwd.c, nss/protocols.c, + nss/prototypes.h, nss/rpc.c, nss/services.c, nss/shadow.c, + pam/pam.c, pynslcd/constants.py.in, pynslcd/pynslcd.py: Allow + configuration of NSS and PAM names + + This introduces the --with-module-name configure option to + allow building of NSS and PAM modules with different namespaces + than ldap. + +2015-01-12 Mark R Bannister + + * [ed8b312] nss/hosts.c: Fix uninitialised variable + + This fixes a bug in the NSS library when encountering IPv6 + addresses in the hosts map. + +2014-12-12 Arthur de Jong + + * [8b33057] nslcd/myldap.c: Avoid accessing searches outside array + + Thanks David Binderma for pointing this out. + + Note that in practical situations this should not result in any + errors due to the position of searches within the ldap_session + struct. + +2014-11-02 Arthur de Jong + + * [9ee854e] man/nslcd.conf.5.xml: Document that rootpwmoddn needs + to exist + + See + http://lists.arthurdejong.org/nss-pam-ldapd-users/2014/msg00166.html + +2014-10-10 Arthur de Jong + + * [4262122] nslcd/nslcd.c: Fix format string + + Thanks Jianhai Luan. + +2014-10-04 Arthur de Jong + + * [1d3b19b] nslcd/nslcd.c: Block signals sooner to avoid race + conditions + +2014-08-27 Jason Luan + + * [78627c9] nslcd/cfg.c, nslcd/group.c, nslcd/nslcd.c, + nslcd/passwd.c: uid_t/gid_t should be formatted as unsigned long + + mmkfilter_passwd_byuid()/mkfilter_group_bygid() get wrong filter + string because "%d" will return negative when uid/gid larger + than 2^31, and result to "Authentiction failure". + + This also changes the other places where uid_t or gid_t values + are formatted. + +2014-09-21 Arthur de Jong + + * [a726d29] nslcd/daemonize.c: Fix issues with daemonising + + This fixes a problem with a buffer that could end up padded + with garbage. + + This also clarifies the code a bit and adds extra logging for + errors that could occur during daemonising. + +2014-06-30 Tim Harder + + * [82e4423] nslcd/myldap.c: Minor comment spelling fix + +2014-06-30 Tim Harder + + * [2950797] AUTHORS, nslcd/myldap.c: Check a socket's connectivity + before trying to use it + + This alleviates some cases where multi-second lag occurs before a + query returns due to some or all connections having been closed + by the peer, e.g. a load balancer timing out old connections, + but they are all tried before opening new connections. + + Tested and working on Linux. + +2014-06-20 Arthur de Jong + + * [1765e34] nslcd/common.h: Fix copy-pasto + +2014-06-12 Arthur de Jong + + * [9516479] tests/test.ldif, tests/test_nsscmds.sh: Use other IP + range for tests + + This uses IP addresses from the RFC 5737 TEST-NET-1 range that is + meant for use in documentation. This avoids issues with running + the tests environments that also use the 10.0.0.0/8 range. + +2014-06-06 Arthur de Jong + + * [b3cf0aa] AUTHORS, ChangeLog, NEWS, configure.ac, + man/chsh.ldap.1.xml, man/getent.ldap.1.xml, man/nslcd.8.xml, + man/nslcd.conf.5.xml, man/pam_ldap.8.xml, man/pynslcd.8.xml: + Get files ready for 0.9.4 release + +2014-06-06 Arthur de Jong + + * [abb2452] nss/services.c: Return correct port number on Solaris + + This is a small fix for when using nscd (which still does not + seem to work completely). The port is stored in network byte + order but should be printed in host byte order. + +2014-06-06 Arthur de Jong + + * [b977d3f] tests/lookup_groupbyuser.c: Add missing include + for FreeBSD + +2014-06-06 Arthur de Jong + + * [258d671] nslcd/pam.c: Fix password modification by root + + This fixes 15fc13c. + +2014-06-06 Arthur de Jong + + * [8eeb1cc] common/tio.c: Clear proper buffer length + + This fixes 3d29861. + +2014-06-06 Arthur de Jong + + * [3d65b84] nslcd/common.h: Fix code indentation + + This fixes 2274b41. + +2014-06-06 Arthur de Jong + + * [e867727] config.guess, config.sub: Update files from latest + automake + +2014-06-05 Arthur de Jong + + * [f5ee208] pynslcd/cache.py: Fix comment + +2014-06-05 Arthur de Jong + + * [13483f9] .gitignore, configure.ac, tests/Makefile.am, + tests/lookup_groupbyuser.c: Introduce lookup_groupbyuser test + command + + This command can be used to perform a lookup using getgrouplist() + to present a list of returned numeric group ids. This can be + used to avoid the additional lookups that are done with the id + and groups commands. + +2014-05-14 Arthur de Jong + + * [3d29861] common/tio.c, nslcd/myldap.c, nslcd/pam.c: Clear + buffers before free-ing + + This clears most buffers that may hold credentials at one point + before free()ing the memory. + +2014-05-08 Arthur de Jong + + * [aa1d810] HACKING: Clarify code contribution + +2014-05-04 Arthur de Jong + + * [94eacb5] nslcd/pam.c: Improve error logging of user login failures + +2014-05-04 Arthur de Jong + + * [ca36a50] nslcd/myldap.c: Also extract policy controls on + BIND failure + + This ensures that controls returned by an LDAP server as part of + a failed BIND operation are also returned. This makes it possible + to distinguish between a wrong password and an expired password. + + This also only logs the BIND operation result on DEBUG level + (the error is logged later on). + +2014-05-04 Arthur de Jong + + * [d6163e2] configure.ac: Use FreeBSD lib directory and SONAME + on Dragonfly + +2014-05-04 Arthur de Jong + + * [f6f3730] README, man/nslcd.conf.5.xml: Small documentation + improvements + + This includes a number of minor changes to the documentation. This + also documents the children search scope (related to 2caeef4). + +2014-05-04 Arthur de Jong + + * [ed79110] nslcd/daemonize.c, nslcd/nslcd.c: Log daemonising + failures + + This also clears errno in the main function to ensure that no + incorrect errno value is logged on errors. + +2014-05-04 Arthur de Jong + + * [18d05b0] .gitignore, tests/Makefile.am, tests/test_attmap.c: + Add a test for setting member attribute mapping + +2014-05-04 Arthur de Jong + + * [fbea2a5] nslcd/attmap.c: Fix mapping group member attribute to + empty string + + This fixes be94912. + +2014-05-04 Arthur de Jong + + * [2274b41] nslcd/alias.c, nslcd/attmap.c, nslcd/cfg.c, + nslcd/common.h, nslcd/ether.c, nslcd/group.c, nslcd/host.c, + nslcd/invalidator.c, nslcd/myldap.c, nslcd/netgroup.c, + nslcd/network.c, nslcd/pam.c, nslcd/passwd.c, nslcd/protocol.c, + nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c: Make buffer size + error logging consistent + + This adds logging of most cases where a defined buffer is not + large enough to hold provided data on error log level. + +2014-05-04 Arthur de Jong + + * [15fc13c] nslcd/myldap.c, nslcd/myldap.h, nslcd/pam.c, + nslcd/usermod.c: Warn when binddn buffer is too small + +2014-05-04 Arthur de Jong + + * [f987891] nslcd/common.h: Grow DN buffer size + + The buffer size seems to be a problem in environments with long + names or environments with non-ASCII characters. + +2014-05-02 ushi + + * [119cebf] nslcd/common.h: Use larger nslcd password buffer + + I had some edge cases where 64 bytes were not enough. People + are using password managers with long generated passwords. I + increased the buffer size to 128. + +2014-03-12 Arthur de Jong + + * [8f12c15] AUTHORS, ChangeLog, NEWS, configure.ac, + man/chsh.ldap.1.xml, man/getent.ldap.1.xml, man/nslcd.8.xml, + man/nslcd.conf.5.xml, man/pam_ldap.8.xml, man/pynslcd.8.xml, + pynslcd/pynslcd.py: Get files ready for 0.9.3 release + +2014-03-12 Arthur de Jong + + * [1ec7739] INSTALL, missing, test-driver: Update files from + recent automake + +2014-03-10 Arthur de Jong + + * [44764f0] tests/Makefile.am, tests/test_myldap.sh, + tests/test_nsscmds.sh: Run the correct executables for the tests + + This fixes issues with running the tests when using a separate + build directory (fixes ef0eddaa). + +2014-03-10 Arthur de Jong + + * [77444ac] tests/test_myldap.sh: Fix nslcd-test.conf permissions + for test + + This ensures that configuration file is not world readable when + the tests are run. This avoids test failure for the use of the + rootpwmodpw option. + +2014-03-10 Arthur de Jong + + * [96e4171] common/nslcd-prot.h: Interpret transferred integers + as signed again + + This fixes an issue with unsigned values ending up in signed + fields and missing sign extension. + + See: https://bugs.debian.org/739330 + +2014-01-27 Nalin Dahyabhai + + * [2d35feb] nss/hosts.c, nss/networks.c: Use right h_errnop for + retrying with larger buffer + + The libc nsswitch code expects h_errno to be set to NETDB_INTERNAL + when it needs to try again with a larger buffer. + + Signed-off-by: Lukas Slebodnik + +2014-01-27 Lukas Slebodnik + + * [8532f40] nss/hosts.c, nss/networks.c: Fix crash when retrieving + large networks entries + + If NSS_STATUS_TRYAGAIN is returned from read_one_hostent or + read_one_netent then fp will be closed and function tio_skipall + will be called with NULL pointer. It could happend in functions: + _nss_ldap_getnetbyname_r _nss_ldap_getnetbyaddr_r + _nss_ldap_gethostbyname2_r _nss_ldap_gethostbyaddr_r + + Fixes r548 (aka afd5d9b). + +2014-01-30 Davy Defaud + + * [4211961] nslcd/group.c: Support builtin Windows groups + + This maps the gid (gidNumber) to an AD SID for builtin + groups when searching a group by gid (RID) between 544 and + 552. In that case the SID prefix is not the domain's prefix + (S-1-5-21-dddddd-dddddd-dddddd) but the BUILTIN SID prefix + (1-5-32). + + For example, if you add a user to the Administrators builtin + group (S-1-5-32-544), now you should be able to get this group + through nslcd, instead of receiving an error message. + +2014-01-25 Arthur de Jong + + * [f6a0675] configure.ac: Add test for krb5 thread safety + + This adds a test that checks the return value of + krb5_is_thread_safe() to see if krb5 is thread safe (during build) + and issues a warning if it is not. + + nslcd does not directly link to krb5 but the library may be + loaded (by GSSAPI) if Kerberos is used to authenticate nslcd to + the LDAP server. + +2014-01-25 Francois Tigeot + + * [043838c] configure.ac: Also detect DragonFly as BSD + + This fixes the detection of DragonFly as requiring the freebsd + NSS interface flavour. + +2014-01-24 joshuashire + + * [2181cca] nslcd/shadow.c: Update shadow.c to resolve pwdLastSet + issue + + We read the date into the buffer to the specified length to get it + to the Unix time (i.e. seconds) from its AD value of nanoseconds, + then convert it to days for shadow. If we use date rather than + buffer we end up trying to convert the original nanosecond value. + +2014-01-05 Arthur de Jong + + * [c6c317e] : Implement deref control handling + + This uses the LDAP_CONTROL_X_DEREF control as described in + draft-masarati-ldap-deref-00 to request the LDAP server to + dereference group member attribute values to uid attribute values. + + This should reduce the number of searches that are required for + expanding group members that use the member attribute. + + This mechanism could also be used to extract information on + nested groups but the gains are less clear there. + + Not all LDAP servers support this control. In OpenLDAP, load the + (currently undocumented) deref overlay and enable it for the + database to take advantage of this improvement. + + There is a functional difference when using this control. Any + returned deferred uid value returned by the LDAP server is accepted + as a member. No checks are performed to see if the user matches + the search base and search filters set for passwd entries. + +2014-01-05 Arthur de Jong + + * [309b4bb] README: Update documentation + + This documents the way the deref controls are used. + +2014-01-05 Arthur de Jong + + * [cecc024] nslcd/group.c: Use myldap_get_deref_values() to get + member uids + + This uses information from the deref control (if available) + to get the username for each of the members of the group. Any + missing deref member attribute values will be seen as nested + groups and will be traversed if nested group support is enabled. + +2014-01-05 Arthur de Jong + + * [c973834] configure.ac, nslcd/myldap.c, nslcd/myldap.h: Provide + a myldap_get_deref_values() function + + This function looks for deref response controls + (LDAP_CONTROL_X_DEREF) in the entry and returns the information + from the dereferenced attribute in two lists: dereferenced values + and attribute values that could not be dereferenced. + +2014-01-05 Arthur de Jong + + * [3992e15] nslcd/group.c: Skip member attributes in bymember search + + This changes the group by member searches to not request the + member attributes. This will speed up result parsing by a fraction + because less data is transferred but will also cause the deref + control not to be added to these searches. + +2013-12-28 Arthur de Jong + + * [15ee2fc] compat/Makefile.am, compat/derefctrl.c, + compat/ldap_compat.h, configure.ac: Provide replacement + ldap_create_deref_control() + + This adds a test for a bug in OpenLDAP that allocated a + LDAP_CONTROL_PAGEDRESULTS control instead of a LDAP_CONTROL_X_DEREF + control. + +2014-01-05 Arthur de Jong + + * [547e479] configure.ac, nslcd/myldap.c: Request attribute deref + via search control + + This uses the LDAP_CONTROL_X_DEREF control as descibed in + draft-masarati-ldap-deref-00 to request the LDAP server to + dereference member attribute values to uid attribute values in + order to avoid doing extra searches. + + This control is currently only added for group search by looking + for the member attribute in the search. + +2014-01-04 Arthur de Jong + + * [c22eb08] nslcd/myldap.c: Rename entry property to indicate + storage type + + This changes entrye->rangedattributevalues to entry->buffers + because the propery is not only used for ranged attribute values + but for anything that can be freed with free(). + +2014-01-03 Arthur de Jong + + * [f009c96] nslcd/myldap.c: Ignore missing page controls + + Since we could get arbitrray controls and are only interested + in page controls we ignore failures to find page controls. + +2014-01-03 Arthur de Jong + + * [4f6dfdd] nslcd/myldap.c: Use do_try_search() also for paged + searches + + This also changes do_try_search() to support building continued + paged controls and lays the groundwork for adding more search + controls. + +2014-01-05 Arthur de Jong + + * [be94912] nslcd/attmap.c, nslcd/group.c, pynslcd/group.py: + Support blanking the member attribute + + This allows remapping the member attribute to an empty string + which removes support for that attribute. This can reduce the + number of search operations if the attribute is not used. + +2014-01-05 Arthur de Jong + + * [0d3fa5d] nslcd/group.c: Fix typo + +2014-01-05 Arthur de Jong + + * [8e74848] nslcd/group.c, nss/netgroup.c, tests/test_set.c: + Fix memory leaks related to set_pop() + + Some pieces of code did not properly free() the value returned + by set_pop(). + + The leak in group code was related to the introduction of nested + group functionality in 41ba574 (merged in 3daa68d) so should + only be present in releases 0.9.0 forward. + + The leak in the netgroup code only ended up in the Solaris + version of the NSS module and was introduced in 4ea9ad1 (merged in + 5c8779d). This leak is present in all releases from 0.8.0 forward. + +2014-01-04 Arthur de Jong + + * [3288942] tests/test_myldap.c: Fix compiler warnings in the + myldap test + +2014-01-02 Arthur de Jong + + * [2b8fbc2] : Only exit nslcd when daemon is ready + + This removes a race condition between the exit of the initial + nslcd process (as started by the init script) and nslcd services + being ready. + +2014-01-02 Arthur de Jong + + * [3afedc4] compat/Makefile.am, compat/daemon.c, compat/daemon.h, + configure.ac: Remove daemon() replacement function + +2014-01-02 Arthur de Jong + + * [907d49d] configure.ac, nslcd/daemonize.c: Close daemon pipe + file descriptor on fork or exec + + This tries to avoid child processes ending up with a copy of + the pipe file descriptor that is used to signal readiness of + the daemon. + +2014-01-02 Arthur de Jong + + * [42a1a3d] nslcd/Makefile.am, nslcd/daemonize.c, nslcd/daemonize.h, + nslcd/nslcd.c: Properly daemonise nslcd and only exit when ready + + This introduces a new daemonize module that provides functions for + closing all file descriptors, redirecting stdin/stdout/stderr to + /dev/null and a function for backgrounding an application while + only exiting the original process after the daemon process has + indicated readiness. + + This is used to exit the original process only after the listening + socket has been set up and the worker threads have been started. diff --git a/ChangeLog-2006 b/ChangeLog-2006 new file mode 100644 index 0000000..98745ac --- /dev/null +++ b/ChangeLog-2006 @@ -0,0 +1,801 @@ +2006-12-31 arthur + + * [r210] nslcd-common.h: if the string to write is NULL, write an + empty string + * [r209] nslcd-common.h: ensure that all arrays that are allocated + in the buffer are now aligned to the pointer size + * [r208] nslcd-common.h, nss/hosts.c: extract some more common + macros + +2006-12-30 arthur + + * [r207] nslcd/ldap-nss.c, tests/test_group.c: get rid of a few + warnings + +2006-12-29 arthur + + * [r206] config.sub: update to newer version again (got lost in + r205) + * [r205] config.sub, nslcd/group.c, nslcd/ldap-nss.c, + nslcd/ldap-nss.h, nslcd/util.c: get rid of debug() function and + call log_log() instead + +2006-12-27 arthur + + * [r204] nslcd-common.h, nslcd/alias.c, nslcd/common.h, + nslcd/ether.c, nslcd/group.c, nslcd/host.c, nslcd/netgroup.c, + nslcd/network.c, nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, + nslcd/service.c, nslcd/shadow.c: do not allocate new memory with + malloc() for each request with a string parameter but use a + buffer allocated on the stack instead (this simplifies free()-ing + the buffer(s) in case of problems) + +2006-12-25 arthur + + * [r203] nslcd/dnsconfig.c, nslcd/group.c, nslcd/ldap-nss.c, + nslcd/ldap-nss.h, nslcd/passwd.c, nslcd/util.c, nslcd/util.h: get + rid of NSS_BUFSIZ, rename _nss_ldap_oc_check() to + has_objectclass(), redo _nss_ldap_escape_string() with simpler + logic and slightly different signature and redid layout of some + code + +2006-12-23 arthur + + * [r201] ChangeLog, NEWS, TODO, configure.ac, debian/changelog: get + files ready for 0.1 release + +2006-12-22 arthur + + * [r200] nslcd.8: fix name of configuration file and update date + and version number + * [r199] NEWS, TODO, nslcd/alias.c, nslcd/dnsconfig.c, + nslcd/dnsconfig.h, nslcd/ether.c, nslcd/group.c, nslcd/host.c, + nslcd/ldap-nss.c, nslcd/ldap-nss.h, nslcd/ldap-schema.c, + nslcd/ldap-schema.h, nslcd/netgroup.c, nslcd/network.c, + nslcd/pagectrl.c, nslcd/pagectrl.h, nslcd/passwd.c, + nslcd/protocol.c, nslcd/resolve.c, nslcd/resolve.h, nslcd/rpc.c, + nslcd/service.c, nslcd/shadow.c, nslcd/util.c, nslcd/util.h, + nss-ldapd.conf, nss-ldapd.conf.5, nss/exports.linux: remove last + keyword and disable keyword expansion + * [r198] nslcd/Makefile.am: make list of source files a little + clearer + * [r197] HACKING: change reference to directory name + +2006-12-21 arthur + + * [r196] Makefile.am, configure.ac, debian/copyright, nslcd, + server: rename server directory to nslcd + * [r195] ChangeLog, Makefile.am: add code for generating ChangeLog + and add initial ChangeLog + +2006-12-21 arthur + + * [r194] .: change trunk location in repository to match package + name + * [r193] server/alias.c, server/dnsconfig.c, server/dnsconfig.h, + server/ether.c, server/group.c, server/host.c, server/ldap-nss.c, + server/ldap-nss.h, server/ldap-schema.c, server/ldap-schema.h, + server/log.c, server/log.h, server/netgroup.c, server/network.c, + server/pagectrl.c, server/pagectrl.h, server/passwd.c, + server/protocol.c, server/rpc.c, server/service.c, + server/shadow.c, server/util.c, server/util.h, server/xmalloc.c, + server/xmalloc.h: normalize copyright headers + +2006-12-20 arthur + + * [r192] debian/copyright: update copyright file with current + copyright information + * [r191] Makefile.am, nss/Makefile.am, server/Makefile.am, + tests/Makefile.am: properly capitalize company name + * [r190] README: fix wrapping + * [r189] README: integrate remaining parts in documentation + * [r188] Makefile.am, debian/libnss-ldapd.examples: ship + nss-ldapd.conf as an example in the Debian package + +2006-12-19 arthur + + * [r187] ., debian/changelog, debian/control: change Debian source + package name to nss-ldapd + * [r186] Makefile.am: do not try to ship gone README.Debian but do + ship new HACKING + * [r185] nss-ldapd.conf: get rid of pam stuff + * [r184] HACKING, NEWS, README, TODO: first step at improving + documentation + * [r183] configure.ac, debian/changelog: change version number to + 0.1 + * [r182] debian/libnss-ldapd.postinst: change some tests with grep + to be correct, add some comments and improve import of old + configuration file + * [r181] debian/README.Debian: the README.Debian does not contain + any more relevant information + * [r180] server/nslcd.c: add TODO + * [r179] Makefile.am, configure.ac, debian/libnss-ldapd.config, + debian/libnss-ldapd.nslcd.init, debian/libnss-ldapd.postinst, + debian/libnss-ldapd.postrm, debian/rules, ldap.conf, + nss-ldapd.conf, nss-ldapd.conf.5, nss_ldap.5: change default + configuration file name to /etc/nss-ldapd.conf + +2006-12-18 arthur + + * [r178] Makefile.am, nslcd.8: add initial nslcd manual page + * [r177] server/nslcd.c: output of --help no longer shows --config + option (which isn't there) + * [r176] configure.ac: change name of package also in configure + * [r175] debian/libnss-ldapd.config: handle cases where commands in + backticks return an error code + * [r174] nss/hosts.c: only set h_errno to error value on problems + and change the returned value in some cases + +2006-12-17 arthur + + * [r173] debian/libnss-ldapd.nslcd.init: report process id in + status + * [r172] configure.ac, debian/changelog, + debian/libnss-ldapd.config, debian/libnss-ldapd.nslcd.init, + debian/libnss-ldapd.postinst, nss/common.h, server/nslcd.c, + tests/test_networks.c: remove trailing spaces + * [r171] nss/prototypes.h: add note about glibc manual + * [r170] nss/Makefile.am: fix comment as to installing libraries + * [r169] debian/control: add a snippet to the package description + as to what the main differences to libnss-ldap are + * [r168] debian/rules: move the nss libraries to /lib instead of + /usr/lib + * [r167] debian/rules: remove some unneeded configure options + +2006-12-16 arthur + + * [r166] Makefile.am, debian/libnss-ldapd.lintian-overrides, + debian/rules: fix some lintian warnings regarding shared + libraries with an override file and generating shlibs for now + * [r165] debian/rules: fix configuration file manual page name + * [r164] debian/libnss-ldapd.templates, debian/po/ca.po, + debian/po/cs.po, debian/po/da.po, debian/po/de.po, + debian/po/es.po, debian/po/fr.po, debian/po/ja.po, + debian/po/nl.po, debian/po/pt_BR.po, debian/po/ru.po, + debian/po/sv.po, debian/po/templates.pot, debian/po/vi.po: end + every short description line with a colon (and run + debconf-updatepo) (thanks lintian) + * [r163] server/nslcd.c: set correct permissions on socket creation + and remove socket and pidfile on exit + * [r162] nss/exports.linux, nss/group.c, nss/prototypes.h, + tests/test_group.c: remove _nss_ldap_initgroups_dyn() from + interface for now because it is currently not working + * [r161] configure.ac: fix configure --help strings to be more + consistent and list default values + * [r160] Makefile.am: fix debian files to ship and split off those + files into a separate variable + * [r159] debian/po/POTFILES.in, debian/po/ca.po, debian/po/cs.po, + debian/po/da.po, debian/po/de.po, debian/po/es.po, + debian/po/fr.po, debian/po/ja.po, debian/po/nl.po, + debian/po/pt_BR.po, debian/po/ru.po, debian/po/sv.po, + debian/po/templates.pot, debian/po/vi.po: update po and pot files + based on current templates + * [r158] debian/config, debian/libnss-ldapd.config, + debian/libnss-ldapd.postinst, debian/libnss-ldapd.postrm, + debian/libnss-ldapd.templates, debian/rules, debian/templates: + redid Debian packaging: on installation a search is done for any + reasonable configuration information (existing nss_ldap config, + hostname info, etc), configuring nsswitch.conf is also done and + all files in the debian directory have more logical names + * [r157] Makefile.am, debian/libnss-ldapd.nslcd.init, debian/rules: + ship an init script for starting nslcd + +2006-12-14 arthur + + * [r156] AUTHORS: fix format of AUTHORS file and include new + authors + * [r155] ANNOUNCE, README: include ANNOUNCE document in README + * [r154] ChangeLog, NEWS: rename ChangeLog to NEWS and change + formatting of file to follow common format + +2006-12-13 arthur + + * [r153] NEWS, TODO: NEWS looks more like a TODO + +2006-12-08 arthur + + * [r152] Makefile.am, debian/changelog, debian/control, + debian/libnss-ldapd.postinst, debian/rules: clean up Debian + packaging a bit + * [r151] tests/ldaptest.pl, tests/nsswitch.test, tests/testd.c, + tests/testgr.c, tests/testnss.c, tests/testpw.c, tests/testpw3.c, + tests/testpw4.c, tests/testpw5.c, tests/testpw6.c: get rid of old + test code (most of it should be covered by the new test code) + * [r150] .: ignore generated debuild files + * [r149] debian/po/ca.po, debian/po/cs.po, debian/po/da.po, + debian/po/de.po, debian/po/es.po, debian/po/fr.po, + debian/po/ja.po, debian/po/nl.po, debian/po/pt_BR.po, + debian/po/ru.po, debian/po/sv.po, debian/po/templates.pot, + debian/po/vi.po, debian/templates: do not make default values + translatable + * [r148] nss/common.c: fix indentation + * [r147] README, debian/LDAP-Permissions.txt, debian/examples, + debian/libnss-ldapd.docs: get rid of more documentation in an + attempt to include all useful documentation in one place + * [r146] Makefile.am, README, doc: reasonable configuration + information (existing nss_ldap config, parts in top-level README + * [r145] configure.ac, nslcd.h: specify socket and pidfile location + with configure script + * [r144] debian/po/ca.po, debian/po/cs.po, debian/po/da.po, + debian/po/de.po, debian/po/es.po, debian/po/fr.po, + debian/po/ja.po, debian/po/nl.po, debian/po/pt_BR.po, + debian/po/ru.po, debian/po/sv.po, debian/po/templates.pot, + debian/po/vi.po: run debconf-updatepo to get pot and po files in + a consistent state + * [r143] debian/control: get rid of cdbs build dependency + +2006-12-07 arthur + + * [r142] debian, debian/README.Debian, debian/changelog, + debian/control, debian/libnss-ldap.dirs, debian/libnss-ldap.init, + debian/libnss-ldap.install, debian/libnss-ldap.links, + debian/libnss-ldap.postinst, debian/libnss-ldap.postrm, + debian/libnss-ldapd.docs, debian/libnss-ldapd.postinst, + debian/libnss-ldapd.postrm, debian/rules: initial step to get + working Debian packaging + +2006-12-05 arthur + + * [r141] Makefile.am, compile, config.sub, configure.ac, + nss/Makefile.am, server/Makefile.am: clean up build scripts to + only link nslcd to OpenSSL and to cleanly create a nss_ldap.so + file + * [r140] server/ldap-nss.c, server/ldap-nss.h: get rid of + _nss_ldap_get_ld_errno() which wasn't used + +2006-12-03 arthur + + * [r139] server/nslcd.c: fix logging levels and remove some + commented out code + * [r138] server/ldap-nss.c, server/ldap-schema.c, server/passwd.c: + get rid of some more unneeded code + * [r137] tests/Makefile.am: split out common files into own + variable and disable (comment out) protocol debugging + * [r136] nss/exports.linux: regenerate from prototypes.h + +2006-11-30 arthur + + * [r135] server/Makefile.am, server/alias.c, server/common.h, + server/ether.c, server/group.c, server/host.c, server/ldap-nss.c, + server/netgroup.c, server/network.c, server/nslcd-server.c, + server/nslcd-server.h, server/nslcd.c, server/passwd.c, + server/protocol.c, server/rpc.c, server/service.c, + server/shadow.c, server/util.c: implement a simple threading + solution and move code from nslcd-server.c to nslcd.c + +2006-11-28 arthur + + * [r134] nslcd.h, nss/aliases.c, nss/ethers.c, nss/group.c, + nss/passwd.c, nss/protocols.c, nss/rpc.c, nss/services.c, + nss/shadow.c, server/alias.c, server/ether.c, server/group.c, + server/passwd.c, server/protocol.c, server/rpc.c, + server/service.c, server/shadow.c: rename LDF_ marcos to NSLCD_ + macros to have a single namespace + * [r133] server: ignore generated nslcd binary + * [r132] configure.ac: look for nslcd.h now since nslcd.c has been + moved into the server directory + * [r131] ., Makefile.am, configure.ac, exports.linux, log.c, log.h, + nslcd-common.h, nslcd-server.c, nslcd-server.h, nslcd.c, + nss/Makefile.am, nss/exports.linux, server, server/Makefile.am, + server/log.c, server/log.h, server/nslcd-server.c, + server/nslcd-server.h, server/nslcd.c, server/xmalloc.c, + server/xmalloc.h, testnss.c, tests, tests/Makefile.am, + tests/test_aliases.c, tests/test_ethers.c, tests/test_group.c, + tests/test_hosts.c, tests/test_netgroup.c, tests/test_networks.c, + tests/test_passwd.c, tests/test_protocols.c, tests/test_rpc.c, + tests/test_services.c, tests/test_shadow.c, tests/testnss.c, + xmalloc.c, xmalloc.h: get as many files from the root directory + as possible, moving all server related code to the server + directory and moving and splitting the test code to the tests + directory + * [r130] nslcd-server.c, nss/networks.c, server/network.c, + testnss.c: implement network name lookups on server side plus + some fixes on the client side + * [r129] nslcd-server.c, server/common.c: include config.h as first + statement + * [r128] nslcd-common.h: implement more detailed protocol logging + (dumping the actual byte values read and written) + +2006-11-27 arthur + + * [r127] Makefile.am, nslcd-client.c, nslcd-client.h, + nss/Makefile.am, nss/aliases.c, nss/common.c, nss/common.h, + nss/ethers.c, nss/group.c, nss/hosts.c, nss/netgroup.c, + nss/networks.c, nss/passwd.c, nss/protocols.c, nss/rpc.c, + nss/services.c, nss/shadow.c: get rid of nslcd-client.{c,h} and + move it to nss/common.{c,h}, this ensures that all code that is + needed for the nss part is in the nss directory + * [r126] server/host.c, server/rpc.c: fix typos + +2006-11-26 arthur + + * [r125] server/Makefile.am, server/dnsconfig.c, + server/dnsconfig.h, server/ether.c, server/group.c, + server/ldap-nss.c, server/ldap-nss.h, server/ldap-parse.h, + server/ldap-schema.c, server/ldap-schema.h, server/network.c, + server/passwd.c, server/util.c, server/util.h: clean up header + files + * [r124] doc/autofs-4.1.3-lookup-nssldap.patch, + doc/lookup_nssldap.c, ldap.conf, nslcd-server.c, nslcd-server.h, + nslcd.h, nss/Makefile.am, nss/automount.c, nss/prototypes.h, + server/Makefile.am, server/automount.c, server/ldap-nss.h, + server/ldap-schema.c, server/ldap-schema.h, server/rpc.c, + server/util.c, server/util.h: get rid of automount map + information lookups through NSS as this is not used (at least not + with glibc), autofs-ldap looks up the information on it's own + (but does parse /etc/nsswitch.conf) + +2006-11-25 arthur + + * [r123] nslcd-server.c, nss/services.c, server/service.c, + testnss.c: implement server end of service name lookup and fix + client end to translate between host and network byte order and + to also pass protocol in request + * [r122] nslcd-common.h: fix bug that always causes a + READ_STRING_ALLOC to read to a variable called name + * [r121] nslcd-server.c, server/rpc.c, testnss.c: implement rpc + service on server side + * [r120] server/host.c: get rid of superfluous test + * [r119] server/protocol.c: only flush the stream after writing all + records + * [r118] nslcd-server.c, server/protocol.c, testnss.c: implement + protocol handling (server side) + * [r117] nslcd.h, nss/netgroup.c, nss/prototypes.h: trip trailing + whitespace + * [r116] nslcd-common.h: include stdio for definitions of fread(), + fwrite() etc + +2006-11-24 arthur + + * [r115] nslcd-server.c, server/host.c, testnss.c: implement server + end of host name lookups (without IPv6 support sofar) + * [r114] nss/hosts.c: fix problem with allocated array for storing + addresses, properly set h_errnop and check empty address (only + addresses of other address family) in nss functions, not in + read_hostent() + * [r113] nslcd-common.h: make protocol logging a little more + readable and do not use fseek() in streams because that is not + supported + +2006-11-22 arthur + + * [r112] server/alias.c, server/ether.c, server/group.c, + server/passwd.c, server/shadow.c: only flush the stream after + writing all records (not every time) and more logging consistency + * [r111] nslcd-server.c, server/shadow.c, testnss.c: implement + server end of shadow lookups + * [r110] server/alias.c, server/passwd.c: make logging a little bit + more consistent + * [r109] server/netgroup.c: add extra copyright information (the + exact same code was seen in glibc) + +2006-11-21 arthur + + * [r108] nslcd-server.c, nslcd.h, nss/netgroup.c, + server/netgroup.c, testnss.c: implement netgroup lookups, + including test code + +2006-11-19 arthur + + * [r107] nslcd.h: include a note about encoding of strings + * [r106] nslcd-server.c, server/ether.c: implement nslcd_ether_*() + functions + * [r105] nslcd-server.c, nslcd-server.h: create prototypes for all + server methods + * [r104] nss/ethers.c: write contents of ethernet address not + pointer + * [r103] server/group.c: add missing semicolon + * [r102] nslcd-common.h: add more verbose protocol logging, + including logging of errors + * [r101] ., debian, doc, nss, server, tests: ignore stale nfs files + * [r100] nss/common.h: fix bug: the readfn() function was executed + twice + +2006-11-18 arthur + + * [r99] server/group.c, server/netgroup.c: some layout changes + * [r98] nslcd.h: include changes to handle protocol, rpc, service + and netgroup nslcd calls + +2006-11-17 arthur + + * [r97] nss/Makefile.am, nss/netgroup.c, nss/prototypes.h: + implement netgroup lookups + * [r96] nss/aliases.c, nss/automount.c, nss/common.h, nss/ethers.c, + nss/group.c, nss/hosts.c, nss/networks.c, nss/passwd.c, + nss/protocols.c, nss/rpc.c, nss/services.c, nss/shadow.c: do some + refactoring in the generated code and add some documentation on + generated code in comments in common.h + +2006-11-16 arthur + + * [r95] nss/Makefile.am, nss/services.c: implement reading of + services entities + * [r94] nss/Makefile.am, nss/rpc.c: implement reading of rpc + entities + * [r93] nss/Makefile.am, nss/protocols.c: implement reading of + protocol entities + * [r92] nss/aliases.c, nss/common.h, nss/ethers.c, nss/group.c, + nss/hosts.c, nss/networks.c, nss/passwd.c, nss/shadow.c: switch + to a simpler and more compact framework to generate methods (one + reader function to deserialize a struct from the stream and + auto-generated functions) + +2006-11-15 arthur + + * [r91] nslcd.h, nss/Makefile.am, nss/networks.c, nss/prototypes.h: + implement network information lookups through NSS + * [r90] nss/hosts.c: properly filter out empty returned address + records and return NOTFOUND for entries without addresses in our + address family + +2006-11-14 arthur + + * [r89] xmalloc.h: add xxmalloc() macro to simply allocate a + structure of a certain type + * [r88] nslcd.h, nss/Makefile.am, nss/automount.c, + nss/prototypes.h: implement automounter maps lookups + * [r87] nss/common.h: just close the stream in case of problems + instead of calling endent() + +2006-11-11 arthur + + * [r86] server/group.c: include some other functions into lookup + functions to increase readability + * [r85] server/Makefile.am, server/alias.c, server/aliases.c, + server/automount.c, server/common.c, server/common.h, + server/ether.c, server/ethers.c, server/group.c, server/host.c, + server/hosts.c, server/ldap-nss.c, server/ldap-nss.h, + server/ldap-parse.h, server/ldap-schema.c, server/ldap-schema.h, + server/netgroup.c, server/network.c, server/networks.c, + server/passwd.c, server/protocol.c, server/protocols.c, + server/rpc.c, server/service.c, server/services.c, + server/shadow.c, server/util.c, server/util.h: fix naming and + copyright headers + * [r84] server/aliases.c, server/ldap-nss.c, server/ldap-nss.h, + server/util.c, server/util.h: simplify some functions to pass + file pointer around instead of struct and buffer (initially only + for alias_byname()) + * [r83] server/ldap-nss.h: some reformatting + +2006-11-10 arthur + + * [r82] nslcd.h, nss/Makefile.am, nss/aliases.c, nss/ethers.c, + nss/exports.h, nss/group.c, nss/hosts.c, nss/passwd.c, + nss/prototypes.h, nss/shadow.c, testnss.c: rename nss/exports.h + to nss/prototypes.h + * [r81] nss/exports.h, nss/group.c, nss/hosts.c, nss/passwd.c, + nss/shadow.c: switch to using prototypes that are defined in + glibc 2.3.6 + * [r80] nslcd.h, nss/Makefile.am, nss/shadow.c, testnss.c: + implement NSS-side shadow lookups (plus test code) + * [r79] nslcd.h, nss/Makefile.am, nss/ethers.c, nss/exports.h, + testnss.c: implement NSS-side ethers database lookups plus test + code + * [r78] nss/exports.h, nss/hosts.c, testnss.c: add test code for + host database and add const to function definition + * [r77] nss/aliases.c, nss/group.c, nss/hosts.c: use better names + for our thread-local file pointer + +2006-11-07 arthur + + * [r76] server/aliases.c: expand some marcos and combine some code + * [r75] server/passwd.c: expand some marcos and combine some code + +2006-11-05 arthur + + * [r74] nslcd-common.h, testnss.c: add proper copyright headers + * [r73] nslcd-server.c, nslcd-server.h, server/group.c, testnss.c: + implement group functions in server but currently + group_bymember() does not work + * [r72] nslcd-common.h: remove testing stuff + * [r71] nslcd-common.h: fix some variable usage bugs in READ_* + marcos and change protocol debugging marcos to not use variadic + arguments + +2006-11-04 arthur + + * [r70] Makefile.am, certutil, doc/nsswitch.ldap, nsswitch.ldap: + reorganize (and get rid of) some files + +2006-11-03 arthur + + * [r69] nslcd.h, nss/Makefile.am, nss/hosts.c: implement initial + host database lookups NSS-side + * [r68] nslcd-common.h: make SKIP more consistent with READ + * [r67] nslcd-server.c: clean struct sockaddr_un structure before + usage + * [r66] nslcd-common.h, nss/group.c: fix bogus reuse of tmpint32, + introducing tmp3int32 + * [r65] nslcd-common.h: split buffer management macros into + separate macros + * [r64] nslcd-common.h, nslcd.h, nss/aliases.c, nss/group.c, + server/aliases.c: rename LOOP to STRINGLIST as that is currently + the only supported format + * [r63] nslcd-common.h, nss/group.c: add _nss_ldap_initgroups_dyn() + function + * [r62] nslcd-common.h, nss/aliases.c, nss/common.h, nss/group.c, + nss/passwd.c: make loop macros common, create macros for + expanding {set,get,end}ent() functions and implement + {set,get,end}aliasent + * [r61] nslcd.h: small documentation fixes + * [r60] nslcd-server.h: implement nslcd_alias_all() server-side + * [r59] nslcd-server.c, server/aliases.c: implement + nslcd_alias_all() server-side + * [r58] server/group.c: get rid of some more unneeded code + +2006-11-02 arthur + + * [r57] server/aliases.c, server/passwd.c: some small fixes + * [r56] nslcd-client.h, nslcd-server.c, nslcd-server.h, nslcd.h, + nss/aliases.c, nss/common.c, nss/passwd.c, server/aliases.c, + server/common.c, server/passwd.c: rename some constants and + switch to a more sane naming scheme + * [r55] nss/exports.h: we only need to export + _nss_ldap_initgroups_dyn(), not _nss_ldap_initgroups() + * [r54] nslcd-client.h, nss/aliases.c, nss/group.c, nss/passwd.c: + rename READ_RESPONSE() macro to READ_RESPONSE_CODE() + +2006-11-01 arthur + + * [r53] nslcd.h, nss/Makefile.am, nss/group.c, testnss.c: implement + NSS side of getgrnam(), getgrgid() and {set,get,end}grent() + * [r52] nss/aliases.c, nss/common.h, nss/passwd.c: always set + *errnop correctly + * [r51] CVSVersionInfo.txt, Makefile.am: get rid of + CVSVersionInfo.txt + * [r50] nslcd.c: prevent recursive hostname lookups through ldap + * [r49] Makefile.am: add some files to EXTRA_DIST + * [r48] nslcd-server.c, nslcd.h, server/common.c, server/group.c, + server/passwd.c: get rid of some trailing spaces + * [r47] nslcd.c: ignore SIGPIPE and get rid of some trailing spaces + * [r46] testnss.c: only print result on success and errors on + failure + * [r45] server/common.h: do not close the server-side stream as the + main dispatcher will close it + * [r44] nss/passwd.c: implement _nss_ldap_{set,get,end}pwent() + functions with thread-local opened file + * [r43] nss/common.h: also set file pointer to NULL when closing a + stream to properly handle reuse of stream + * [r42] log.c: prefix debugging messages with DEBUG + * [r41] configure.ac: look for different file in source directory, + improve --enable-debug option and add checking for __thread + keyword + * [r40] nslcd-common.h: do not try to read and write zero length + strings and add protocol debugging option + * [r39] Makefile.am, dnsconfig.c, dnsconfig.h, ldap-nss.c, + ldap-nss.h, ldap-parse.h, ldap-schema.c, ldap-schema.h, nslcd.c, + pagectrl.c, pagectrl.h, resolve.c, resolve.h, server/Makefile.am, + server/dnsconfig.c, server/dnsconfig.h, server/ldap-nss.c, + server/ldap-nss.h, server/ldap-parse.h, server/ldap-schema.c, + server/ldap-schema.h, server/pagectrl.c, server/pagectrl.h, + server/resolve.c, server/resolve.h, server/util.c, server/util.h, + util.c, util.h: move some remaining files into the server/ + directory + +2006-10-31 arthur + + * [r38] nslcd-common.h, nslcd-server.c, nslcd-server.h, nslcd.h, + nss/aliases.c, server/aliases.c, server/passwd.c, testnss.c: + implement reading of alias information through getaliasbyname() + * [r37] nss/aliases.c, nss/common.c, nss/common.h, nss/exports.h, + nss/passwd.c: make code consistent by adding headers, removing + trailing whitespace and proper ifdefs for header files + * [r36] .: ignore more files + * [r35] nslcd-common.h: add header file defining read and write + macros + * [r34] nslcd-client.c, nslcd-client.h, nslcd-server.c, + nslcd-server.h, nslcd.h, nss/Makefile.am, nss/common.c, + nss/common.h, nss/passwd.c, server/common.h, server/passwd.c, + testnss.c: clear up protocol macros while implementing getpwuid() + and {set,get,end}pwent() functions (last not yet on NSS side) + * [r33] nslcd.h: document protocol a little better + +2006-10-30 arthur + + * [r32] Makefile.am, nslcd-client.c, nslcd-client.h, + nslcd-server.c, nslcd-server.h, nslcd.c, nslcd.h, testnss.c: get + first working version of end-to-end test of nss call using simple + test program + * [r31] Makefile.am, configure.ac: add server directory + * [r30] nss/passwd.c: get rid of some empty lines + * [r29] server, server/Makefile.am, server/common.c, + server/common.h, server/passwd.c: implement simple password + lookup with nslcd_getpwnam() function + * [r28] nss/common.h, nss/passwd.c: return read data in struct and + fix some marcos + * [r27] nss/Makefile.am: do not build libnss_ldap.so in this + directory, only build nss object functions + +2006-10-25 arthur + + * [r26] configure.ac, nss: build nss directory + * [r25] ldap-alias.c, ldap-automount.c, ldap-ethers.c, ldap-grp.c, + ldap-hosts.c, ldap-netgrp.c, ldap-network.c, ldap-proto.c, + ldap-pwd.c, ldap-rpc.c, ldap-service.c, ldap-spwd.c, server, + server/aliases.c, server/automount.c, server/ethers.c, + server/group.c, server/hosts.c, server/netgroup.c, + server/networks.c, server/passwd.c, server/protocols.c, + server/rpc.c, server/services.c, server/shadow.c: move ldap + server code into separate directory + * [r24] Makefile.am, nslcd-client.c, nslcd-client.h, nslcd.h, nss, + nss/Makefile.am, nss/aliases.c, nss/common.c, nss/common.h, + nss/exports.h, nss/passwd.c: add some basic minimal NSS code that + can be generated from macros + +2006-10-23 arthur + + * [r23] ., Makefile.am, configure.ac, log.c, log.h, nslcd-client.c, + nslcd-client.h, nslcd-server.c, nslcd-server.h, nslcd.c, nslcd.h, + xmalloc.c, xmalloc.h: implemented basic client/server setup with + a thin client comminicating with a local server over a socket + (initial version of code, much needs to be done) + * [r22] ldap-grp.c, ldap-parse.h: rearrange functions in more + logical order + * [r21] ldap-nss.h: align comments + * [r20] ldap-pwd.c: export function _nss_ldap_parse_pw() + +2006-10-17 arthur + + * [r19] Makefile.am, dnsconfig.c, dnsconfig.h, ldap-alias.c, + ldap-automount.c, ldap-ethers.c, ldap-grp.c, ldap-hosts.c, + ldap-netgrp.c, ldap-network.c, ldap-nss.c, ldap-nss.h, + ldap-parse.h, ldap-proto.c, ldap-pwd.c, ldap-rpc.c, + ldap-schema.c, ldap-schema.h, ldap-service.c, ldap-spwd.c, ltf.c, + ltf.h, pagectrl.c, pagectrl.h, resolve.c, resolve.h, util.c: get + rid of ltf files (which contain NPL licenced code btw) clean up + includes and general small code cleanups + * [r18] .cvsignore: get rid of this file + +2006-10-16 arthur + + * [r17] Makefile.am, dnsconfig.c, dnsconfig.h, ldap-alias.c, + ldap-automount.c, ldap-ethers.c, ldap-grp.c, ldap-hosts.c, + ldap-netgrp.c, ldap-network.c, ldap-nss.c, ldap-nss.h, + ldap-parse.h, ldap-proto.c, ldap-pwd.c, ldap-rpc.c, + ldap-schema.h, ldap-service.c, ldap-spwd.c, ltf.c, nss_common.h, + nss_ldap.spec, util.c, util.h: some more cleanups, expanding some + MACROs and typedefs and get rid of some more code + +2006-10-15 arthur + + * [r16] configure.ac: add --enable-warnings option for extra + compiler warnings + +2006-10-12 arthur + + * [r15] Makefile.am, exports.solaris, ldap-alias.c, ldap-alias.h, + ldap-automount.c, ldap-automount.h, ldap-bp.c, ldap-bp.h, + ldap-ethers.c, ldap-ethers.h, ldap-grp.c, ldap-grp.h, + ldap-hosts.c, ldap-hosts.h, ldap-netgrp.c, ldap-netgrp.h, + ldap-network.c, ldap-network.h, ldap-proto.c, ldap-proto.h, + ldap-pwd.c, ldap-pwd.h, ldap-rpc.c, ldap-rpc.h, ldap-service.c, + ldap-service.h, ldap-spwd.c, ldap-spwd.h: get rid of some + unnecessary header files (and a c file) + * [r14] ANNOUNCE, AUTHORS, COPYING, ChangeLog, Makefile.am, NEWS, + README, certutil, configure.ac, dnsconfig.c, dnsconfig.h, + ldap-alias.c, ldap-alias.h, ldap-automount.c, ldap-automount.h, + ldap-bp.c, ldap-bp.h, ldap-ethers.c, ldap-ethers.h, ldap-grp.c, + ldap-grp.h, ldap-hosts.c, ldap-hosts.h, ldap-netgrp.c, + ldap-netgrp.h, ldap-network.c, ldap-network.h, ldap-nss.c, + ldap-nss.h, ldap-parse.h, ldap-proto.c, ldap-proto.h, ldap-pwd.c, + ldap-pwd.h, ldap-rpc.c, ldap-rpc.h, ldap-schema.c, ldap-schema.h, + ldap-service.c, ldap-service.h, ldap-spwd.c, ldap-spwd.h, + ldap.conf, ltf.c, ltf.h, nss_common.h, nss_ldap.5, nss_ldap.spec, + pagectrl.c, pagectrl.h, resolve.c, resolve.h, util.c, util.h: + remove trailing spaces + * [r13] ANNOUNCE, AUTHORS, Makefile.am, NEWS, README, certutil, + configure.ac, dnsconfig.c, dnsconfig.h, exports.aix, + exports.hpux, exports.linux, exports.solaris, ldap-alias.c, + ldap-alias.h, ldap-automount.c, ldap-automount.h, ldap-bp.c, + ldap-bp.h, ldap-ethers.c, ldap-ethers.h, ldap-grp.c, ldap-grp.h, + ldap-hosts.c, ldap-hosts.h, ldap-netgrp.c, ldap-netgrp.h, + ldap-network.c, ldap-network.h, ldap-nss.c, ldap-nss.h, + ldap-parse.h, ldap-proto.c, ldap-proto.h, ldap-pwd.c, ldap-rpc.c, + ldap-rpc.h, ldap-schema.c, ldap-schema.h, ldap-service.c, + ldap-service.h, ldap-spwd.c, ldap-spwd.h, ldap.conf, ltf.c, + nsswitch.ldap, pagectrl.c, resolve.c, resolve.h, util.c, util.h: + some more small cleanups of code for non-supported systems and + convert tabs to spaces + * [r12] configure.ac: include templates from acconfig.h into + configure.ac + * [r11] debian/rules: set as executable + * [r10] Makefile.am, aix_authmeth.c, dnsconfig.c, dnsconfig.h, + irs-grp.c, irs-hosts.c, irs-netgrp.c, irs-network.c, irs-nss.c, + irs-nss.h, irs-proto.c, irs-pwd.c, irs-service.c, irs.h, + ldap-alias.c, ldap-alias.h, ldap-automount.c, ldap-automount.h, + ldap-bp.c, ldap-bp.h, ldap-ethers.c, ldap-ethers.h, ldap-grp.c, + ldap-grp.h, ldap-hosts.c, ldap-hosts.h, ldap-netgrp.c, + ldap-netgrp.h, ldap-network.c, ldap-network.h, ldap-nss.c, + ldap-nss.h, ldap-parse.h, ldap-proto.c, ldap-proto.h, ldap-pwd.c, + ldap-pwd.h, ldap-rpc.c, ldap-rpc.h, ldap-schema.c, ldap-schema.h, + ldap-service.c, ldap-service.h, ldap-sldap.c, ldap-sldap.h, + ldap-spwd.c, ldap-spwd.h, ltf.c, ltf.h, nss_common.h, + nss_dbdefs.h, nss_ldap.5, pagectrl.c, pagectrl.h, resolve.c, + resolve.h, snprintf.c, snprintf.h, util.c, util.h: first round of + cleanups, all non-glibc NSS stuff has been removed, because we + are going to do some major restructuring it will not likely + remain valid anyway and we can always re-add it later + * [r9] CVSVersionInfo.txt, ChangeLog, NEWS, aix_authmeth.c, + certutil, dnsconfig.c, dnsconfig.h, + doc/autofs-4.1.3-lookup-nssldap.patch, doc/lookup_nssldap.c, + exports.linux, exports.solaris, irs-grp.c, irs-hosts.c, + irs-netgrp.c, irs-network.c, irs-nss.c, irs-nss.h, irs-proto.c, + irs-pwd.c, irs-service.c, irs.h, ldap-alias.c, ldap-alias.h, + ldap-automount.c, ldap-automount.h, ldap-bp.c, ldap-bp.h, + ldap-ethers.c, ldap-ethers.h, ldap-grp.c, ldap-grp.h, + ldap-hosts.c, ldap-hosts.h, ldap-netgrp.c, ldap-netgrp.h, + ldap-network.c, ldap-network.h, ldap-nss.c, ldap-nss.h, + ldap-parse.h, ldap-proto.c, ldap-proto.h, ldap-pwd.c, ldap-pwd.h, + ldap-rpc.c, ldap-rpc.h, ldap-schema.c, ldap-schema.h, + ldap-service.c, ldap-service.h, ldap-sldap.c, ldap-sldap.h, + ldap-spwd.c, ldap-spwd.h, ldap.conf, ltf.c, ltf.h, nss_common.h, + nss_dbdefs.h, nss_ldap.5, nsswitch.ldap, pagectrl.c, pagectrl.h, + resolve.c, resolve.h, snprintf.c, snprintf.h, + tests/nsswitch.test, tests/testpw.c, tests/testpw4.c, + tests/testpw5.c, tests/testpw6.c, util.c, util.h: add keyword + expansion (svn:keywords) to all files containing keywords + * [r8] Makefile.am, configure.ac: add West to copyrights notice + +2006-10-11 arthur + + * [r7] INSTALL: install newer version from automake + * [r6] Makefile.am, acconfig.h, aclocal.m4, autogen.sh, + config.guess, config.h.in, config.sub, configure.ac, + configure.in, depcomp, install-sh, missing, mkinstalldirs, + stamp-h, stamp-h.in: first step in cleaning up build process + (switch to newer autoconf/automake and remove generated files + from version control) + * [r5] ., Makefile.in, configure: remove some files from version + control and add more ignores + * [r4] ., debian: ignore some generated files + * [r3] .: branch off latest Debian version + +2006-10-11 arthur + + * [r2] ., Makefile.am, Makefile.in, aclocal.m4, configure, + configure.in, debian, debian/LDAP-Permissions.txt, + debian/README.Debian, debian/changelog, debian/compat, + debian/config, debian/control, debian/copyright, debian/examples, + debian/examples/groups.ldif, debian/examples/people.ldif, + debian/libnss-ldap.dirs, debian/libnss-ldap.init, + debian/libnss-ldap.install, debian/libnss-ldap.links, + debian/libnss-ldap.postinst, debian/libnss-ldap.postrm, + debian/po, debian/po/POTFILES.in, debian/po/ca.po, + debian/po/cs.po, debian/po/da.po, debian/po/de.po, + debian/po/es.po, debian/po/fr.po, debian/po/ja.po, + debian/po/nl.po, debian/po/pt_BR.po, debian/po/ru.po, + debian/po/sv.po, debian/po/templates.pot, debian/po/vi.po, + debian/rules, debian/templates, ldap-nss.c, ldap-nss.h, + ldap-pwd.c, ldap.conf, stamp-h: import Debian release 251-5.2 + +2006-10-11 arthur + + * [r1] ., .cvsignore, ANNOUNCE, AUTHORS, COPYING, + CVSVersionInfo.txt, ChangeLog, INSTALL, Makefile.am, Makefile.in, + NEWS, README, acconfig.h, aclocal.m4, aix_authmeth.c, autogen.sh, + certutil, config.guess, config.h.in, config.sub, configure, + configure.in, depcomp, dnsconfig.c, dnsconfig.h, doc, + doc/README.AIX, doc/README.HPUX, doc/README.IRS, doc/README.SFU, + doc/README.paged, doc/SolarisInstallNotes.txt, + doc/autofs-4.1.3-lookup-nssldap.patch, doc/lookup_nssldap.c, + exports.aix, exports.hpux, exports.linux, exports.solaris, + install-sh, irs-grp.c, irs-hosts.c, irs-netgrp.c, irs-network.c, + irs-nss.c, irs-nss.h, irs-proto.c, irs-pwd.c, irs-service.c, + irs.h, ldap-alias.c, ldap-alias.h, ldap-automount.c, + ldap-automount.h, ldap-bp.c, ldap-bp.h, ldap-ethers.c, + ldap-ethers.h, ldap-grp.c, ldap-grp.h, ldap-hosts.c, + ldap-hosts.h, ldap-netgrp.c, ldap-netgrp.h, ldap-network.c, + ldap-network.h, ldap-nss.c, ldap-nss.h, ldap-parse.h, + ldap-proto.c, ldap-proto.h, ldap-pwd.c, ldap-pwd.h, ldap-rpc.c, + ldap-rpc.h, ldap-schema.c, ldap-schema.h, ldap-service.c, + ldap-service.h, ldap-sldap.c, ldap-sldap.h, ldap-spwd.c, + ldap-spwd.h, ldap.conf, ltf.c, ltf.h, missing, mkinstalldirs, + nss_common.h, nss_dbdefs.h, nss_ldap.5, nss_ldap.spec, + nsswitch.ldap, pagectrl.c, pagectrl.h, resolve.c, resolve.h, + snprintf.c, snprintf.h, stamp-h.in, tests, tests/ldaptest.pl, + tests/nsswitch.test, tests/testd.c, tests/testgr.c, + tests/testpw.c, tests/testpw3.c, tests/testpw4.c, + tests/testpw5.c, tests/testpw6.c, util.c, util.h: import release + 251 of nss-ldap + diff --git a/ChangeLog-2007 b/ChangeLog-2007 new file mode 100644 index 0000000..5137e4e --- /dev/null +++ b/ChangeLog-2007 @@ -0,0 +1,1051 @@ +2007-12-31 arthur + + * [r546] nslcd/common.h: fix get_userpassword() function + description + * [r545] nslcd/shadow.c: fix incorrect references to attribute map + entries + * [r544] nslcd/group.c: remove TODO (was done) + * [r543] nslcd/common.c: fix bug that would return a password of + one character short + +2007-12-27 arthur + + * [r542] nslcd/cfg.c: do not define variable if we're not going to + use it + * [r541] configure.ac: check for all used ldap functions + * [r539] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for + 0.5 release + +2007-12-26 arthur + + * [r538] tests/test_cfg.c: remove temporary file to make distcheck + succeed + * [r537] README, debian/copyright: some documentation cleanups + * [r536] tests/test_nsscmds.sh: ignore erros in nss commands + * [r535] nslcd/myldap.c: only log "connected to LDAP server" if it + is a new connection + * [r534] nslcd/cfg.c, nslcd/cfg.h, tests, tests/test_cfg.c: + properly handle spaces in some configuration options (major + change in code in cfg module) + * [r533] tests/test_myldap.c: in test_two_searches() test that we + can read from the second search if the first search as abandoned + * [r532] nslcd/myldap.c: properly flag running searches as invalid + if the connection to the LDAP server is reset + +2007-12-25 arthur + + * [r531] nslcd/common.h, nslcd/myldap.c, nslcd/myldap.h, + tests/test_myldap.c: have myldap_get_entry() return an LDAP + status code that can signal errors in the lookup + * [r530] nslcd.h, nslcd/common.h, nss/common.c, nss/group.c: remove + NSLCD_RESULT_UNAVAIL because it's not needed anymore (the + connection is broken when an error occurs) and rename + NSLCD_RESULT_NOTFOUND into NSLCD_RESULT_END to better match its + meaning + * [r529] nslcd/common.h: no need for us to flush the buffer since + our caller closes the stream immediatly (or could otherwise pass + the flushing to another thread) + +2007-12-24 arthur + + * [r528] man/nss-ldapd.conf.5.xml: some general cleanups and + document the krb5_ccname option + * [r527] debian/libnss-ldapd.config: disable rootbinddn and + rootbindpw questions for now because they are not supported + * [r526] man/nss-ldapd.conf.5.xml: document current timing and + reconnect options + * [r525] nslcd/myldap.c: merge the do_map_error(), + do_with_reconnect() into the myldap_search() and do_try_search() + functions having more understandable reconnect and retry logic + * [r524] nslcd/myldap.h: add some more documentation for using the + myldap module + +2007-12-22 arthur + + * [r523] tests/nss-ldapd-test.conf, tests/test_myldap.c: add + limited test for reconnect logic + * [r522] nslcd/cfg.c, nslcd/cfg.h, nslcd/myldap.c: remove + bind_policy option because the same effect is achieved by setting + reconnect_tries to 1 + * [r521] nslcd/cfg.c, nslcd/cfg.h: reorder timing and reconnect + options to be more logical and remove nss_ prefix from reconnect + options + * [r520] tests/test_myldap.c: limit printing of results in test to + just 10 + * [r519] tests/test_myldap.sh: include script name in messages and + have srcdir default to . + * [r518] nslcd/myldap.c: integrate do_result() into + myldap_get_entry() reducing complexity and improving error + handling + * [r517] nslcd/myldap.c: remove duplicate comment + * [r516] nslcd/cfg.c, nslcd/cfg.h: remove some unused configuration + file options + * [r515] nslcd/myldap.c: bring more uniformity to log messages + * [r514] nslcd/myldap.c: give struct myldap_session members more + logical names + +2007-12-21 arthur + + * [r513] tests/test_myldap.sh, tests/test_nsscmds.sh: only test the + first URI in the configfile + +2007-12-20 arthur + + * [r512] tests/Makefile.am, tests/test_myldap.c, + tests/test_myldap.sh: pass configfile to use as a command-line + paramter to test_myldap, use the myldap_session_close() function, + print a limited number of results, add a wrapper script to test + whether the LDAP server is available for the test and ship all + needed files in the tarball + * [r511] tests/test_nsscmds.sh: fail on any command and specify + configfile separately + * [r510] debian/copyright: remove FSF copyright since we no longer + use their code + * [r509] nslcd/myldap.c, nslcd/myldap.h: refactor myldap code to + get rid of most of the old nss status codes, properly handle + failures of ldap function calls and improve sourcecode comments + * [r508] nslcd/myldap.c, nslcd/myldap.h: add myldap_session_close() + function (mainly for testing purposes) + * [r507] nslcd/myldap.c: move checks of validity of passed entries + to separate functions + * [r506] nslcd/myldap.c: remove msg member from struct myldap_entry + and just reference the same message in the search + * [r505] nslcd/shadow.c: rewrite GET_OPTIONAL_DATE() as an + extension to GET_OPTIONAL_LONG() + * [r504] configure.ac: add/change some tests for currently used + functions, relayout some complexer tests and use AC_CHECK_TYPE + instead of custom test + * [r503] nslcd/ether.c: use ether_ntoa_r() instead of ether_ntoa() + * [r502] compat/ldap.h, configure.ac: remove unused tests and + compatibility code + * [r501] tests/nss-ldapd-test.conf: set pagesize to some more + reasonable value + * [r500] tests/test_myldap.c: have assertion on correct search + +2007-12-16 arthur + + * [r498] nss-ldapd.conf: fix typo in description + +2007-12-14 arthur + + * [r497] nslcd/myldap.c: potential fix for double free() bug like + in nss_ldap (Debian bug #366172) + * [r496] nslcd/myldap.h: improve description of myldap interface in + comments + * [r495] nslcd/common.c: explain why we write an invalid address + (in comment) and add TODO to describe we need to change the log + format + * [r494] tests/test_myldap.c: fix typo in comment + +2007-12-09 arthur + + * [r493] debian/control: update package description + * [r492] tests/Makefile.am: fix objects that are needed to get + tests linkable (due to namechange from ldap-nss to myldap) + * [r491] compat/ldap.h, nslcd/cfg.c, nslcd/cfg.h, nslcd/myldap.c: + some small layout changes + * [r490] tests/test_nsscmds.sh: remove ugly space + * [r489] nslcd-common.h, nslcd/Makefile.am, nslcd/alias.c, + nslcd/attmap.h, nslcd/cfg.c, nslcd/common.h, nslcd/group.c, + nslcd/ldap-nss.c, nslcd/ldap-nss.h, nslcd/myldap.c, + nslcd/myldap.h: get rid of some old code and rename ldap-nss to + myldap since there is no more NSS-related code in there + * [r488] nslcd-common.h, nslcd/alias.c, nslcd/common.c, + nslcd/common.h, nslcd/ether.c, nslcd/group.c, nslcd/host.c, + nslcd/netgroup.c, nslcd/network.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c: + switch to new LDAP entry parsing code that is much simpler and + more readable + * [r487] tests/test_nsscmds.sh: add some comments to tests, enable + netgroup tests and extend ether and services tests + * [r486] nslcd/ldap-nss.c: ignore decoding errors from + ldap_get_values() as they are just nonexisting attribute values + +2007-12-07 arthur + + * [r485] debian/control: fix Vcs-* links to point to the trunk + * [r484] debian/control: upgrade to standards-version 3.7.3 (no + changes needed) + * [r483] nslcd/nslcd.c: don't use backticks as quote mark + +2007-12-01 arthur + + * [r482] common/dict.c: simple check for validity of key value in + dict_put() + +2007-11-26 arthur + + * [r481] configure.ac, man/nss-ldapd.conf.5.xml, nslcd/cfg.c, + nslcd/cfg.h, nslcd/ldap-nss.c: clean up Kerberos ccname code, + moving it to cfg.c, fixing some bugs in the putenv() code, making + the gss_krb5_ccache_name() automatically used if the function is + available and removing the --with-gssapi-dir, + --enable-configurable-krb5-ccname-gssapi and + --enable-configurable-krb5-ccname-env configure options + +2007-11-25 arthur + + * [r480] AUTHORS, README, configure.ac, man/nss-ldapd.conf.5.xml, + nslcd/cfg.c: implement LDAP server discovery through DNS, based + on a patch by Ralf Haferkamp and Michael Calmer + + +2007-11-24 arthur + + * [r479] HACKING: update versions of used tools + +2007-11-20 arthur + + * [r478] debian/control: remove XS- prefix from version control + fields + * [r477] debian/control: put Homepage field in source stanza + +2007-11-16 arthur + + * [r476] AUTHORS, nslcd/ldap-nss.c: patch from Andreas Schneider + to get krb5_ccname option working + +2007-10-31 arthur + + * [r475] nslcd.h: improve comments about protocol, also describing + the final NSLCD_RESULT_NOTFOUND + +2007-10-28 arthur + + * [r474] nslcd/ldap-nss.c: some smaller cleanups and + simplifications to the code (getting rid of the is_connected flag + * [r473] nslcd/ldap-nss.c: remove sizelimit parameter + * [r472] nslcd/ldap-nss.c: integrate ent_context attributes into + ldap_search + * [r471] nslcd/ldap-nss.c: remove session from context and remove + sycnhronous search functions + * [r470] nslcd/ldap-nss.c, nslcd/ldap-nss.h, nslcd/netgroup.c, + nslcd/service.c: replace calls to _nss_ldap_get_values() by + myldap_get_values(), remove unused functions, remove struct + ldap_state and replace remaining references to context to use + search instead + * [r469] man/nss-ldapd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, + nslcd/ldap-nss.c: remove support for nss_connect_policy + configfile option and remove some supporting code for it + * [r468] nslcd/alias.c, nslcd/common.h, nslcd/ether.c, + nslcd/group.c, nslcd/host.c, nslcd/ldap-nss.c, nslcd/ldap-nss.h, + nslcd/netgroup.c, nslcd/network.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c: + first step to use the new myldap interface + * [r467] tests/test_nsscmds.sh: script to run a number of NSS + commands (mainly getent) and check the result (this requires an + LDAP setup that is yet to be documented) + +2007-10-27 arthur + + * [r466] man/nss-ldapd.conf.5.xml: include pagesize option in + manual page since this is tested now + * [r465] nss-ldapd.conf: add pointer to pagesize in AD section of + sample configfile + * [r464] nslcd/nslcd.c: clean up myldap session after each request + * [r463] nslcd/cfg.c: make cfg_init() only callable once and add + note about not free()ing memory + * [r462] common/tio.c: fix memory leak in I/O module not free()ing + allocated storage for file info on file close + * [r461] common/tio.c: portability improvement to fall back to + ETIMEDOUT when ETIME is unavailable + +2007-10-26 arthur + + * [r460] NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: integrate changes from + 0.4.1 release + +2007-10-25 arthur + + * [r455] nslcd/rpc.c: fix rpc filter and remove unused objectClass + attmap entry + * [r454] nslcd/ldap-nss.c: clean up any messages after abandoning + the search because that returns a new message (fix memory leak) + * [r453] nslcd/ldap-nss.c: fix a memory leak, not storing search + entries so they could be freed later on + * [r452] nslcd/ldap-nss.c: fix using unassigned status + * [r451] nslcd/ldap-nss.c: fix memory leak + * [r450] debian/libnss-ldapd.nslcd.init: remove S runlevel from + Default-Stop in init script + +2007-10-21 arthur + + * [r449] nss/networks.c: correct calls to + NSLCD_ACTION_NETWORK_BYNAME and NSLCD_ACTION_NETWORK_BYADDR and + get address in correct byte order with the last call + +2007-10-20 arthur + + * [r448] nslcd/passwd.c, nslcd/protocol.c: call mysnprintf() + instead of snprintf() where needed (bugfix) + +2007-10-19 arthur + + * [r444] nslcd/ldap-nss.c: make a replacement for + _nss_ldap_getbyname() which uses the myldap calls internally + * [r443] nslcd/Makefile.am, nslcd/ldap-nss.c, nslcd/ldap-nss.h, + nslcd/myldap.h, tests, tests/Makefile.am, + tests/nss-ldapd-test.conf, tests/test_myldap.c: integrate basic + myldap interface (partially merged from dev-myldap branch) + * [r442] tests/Makefile.am: include debugging information in object + files + * [r441] tests/Makefile.am: move most C[PP]FLAGS options to + AM_C[PP]FLAGS and clean up a little + * [r440] common/tio.c: fix usage of DEBUG_TIO_STATS + +2007-10-14 arthur + + * [r438] AUTHORS: add translator to Japanese of templates + * [r437] debian/po/ja.po: update Japanese (ja) translation of + debconf templates by Kenshi Muto + +2007-10-08 arthur + + * [r436] debian/copyright, debian/po/fr.po: update French (fr) + translation of debconf templates by Cyril Brulebois + + +2007-10-05 arthur + + * [r434] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for + 0.4 release + +2007-10-04 arthur + + * [r433] .: ignore tarballs + * [r432] configure.ac: remove linking with libresolv because it's + not needed on Linux + +2007-10-03 arthur + + * [r431] nss-ldapd.conf: some reordering to make the file more + logical and minor fixes + * [r430] Makefile.am: pass --enable-warnings when running the + distcheck target + * [r429] README: some general documentation improvements + +2007-09-28 arthur + + * [r428] man/nss-ldapd.conf.5.xml: add note about escaping of + ldapi:// scheme + * [r427] debian/libnss-ldapd.templates, debian/po/ca.po, + debian/po/cs.po, debian/po/da.po, debian/po/de.po, + debian/po/es.po, debian/po/fr.po, debian/po/ja.po, + debian/po/nl.po, debian/po/pt.po, debian/po/pt_BR.po, + debian/po/ru.po, debian/po/sv.po, debian/po/templates.pot, + debian/po/vi.po: remove note about escaping of ldapi:// url + scheme + * [r426] nslcd/cfg.c: add warnings and errors to untested and + unsupported configfile options + +2007-09-25 arthur + + * [r425] man/nss-ldapd.conf.5.xml: manual page improvements + +2007-09-24 arthur + + * [r424] configure.ac: switch to defining __thread as empty string + and issue warning if __thread keyword is not supported + * [r423] common/tio.c: also initialize sa_sigaction although it's + not used + * [r422] debian/libnss-ldapd.postinst: do something special for + setting the uri parameter because it may be speicified multiple + times + * [r421] debian/libnss-ldapd.config: fix newline mangling + +2007-09-23 arthur + + * [r420] debian/libnss-ldapd.config: properly handle multiple uri + lines in config file + * [r419] debian/libnss-ldapd.postinst: trim preceding spaces when + adding an entry in /etc/nsswitch.conf + * [r418] Makefile.am, common/tio.c, nslcd/ldap-nss.h, + nslcd/nslcd.c, nss/common.c: some small improvements to the code + based on some source code checks + * [r417] Makefile.am: remove pscan target as these checks are + sufficiently covered by the other tests + +2007-09-22 arthur + + * [r416] nslcd/Makefile.am: add compat files to sources so they end + up in the tarball + * [r415] tests/Makefile.am: add all objects that are now needed to + test the configuration module + * [r414] tests/test_cfg.c: remove test for alloc_lsd() because we + don't use struct ldap_service_search_descriptor any more + +2007-09-21 arthur + + * [r412] nslcd/ldap-nss.c: remove unneeded variables and slightly + improve logging + * [r411] common/Makefile.am: just use -fPIC on all files in this + directory + +2007-09-19 arthur + + * [r410] nslcd/cfg.c, nslcd/cfg.h, nslcd/nslcd.c: put config + filename as a parameter to cfg_init() + +2007-09-15 arthur + + * [r409] nslcd/ldap-nss.c: centralize opening of connection to LDAP + server in do_open() and refactor do_bind() to be simpler (making + do_rebind() just one line) + * [r408] man/nss-ldapd.conf.5.xml: remove documentation for + nss_schema option since it isn't used any more and probably never + will be + * [r407] nslcd/attmap.c, nslcd/attmap.h, nslcd/cfg.c, nslcd/cfg.h, + nslcd/common.h, nslcd/group.c, nslcd/ldap-nss.c, + nslcd/ldap-nss.h, nslcd/passwd.c: remove support for nested + groups and use of uniqueMember and member attributes as well as + memberOf attribute (this removes quite some functionality but + helps us in refactoring because the code was one big exception to + all the other modules) + * [r406] nslcd/group.c, nslcd/ldap-nss.c, nslcd/ldap-nss.h: some + more code cleanup, changing return type of _nss_ldap_init(), + integrating _nss_ldap_init(), do_init_session(), do_parse_async() + and _nss_ldap_search_async() into the functions that call them + (each was only called once) + * [r404] nslcd/alias.c, nslcd/ether.c, nslcd/group.c, nslcd/host.c, + nslcd/ldap-nss.c, nslcd/ldap-nss.h, nslcd/netgroup.c, + nslcd/network.c, nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, + nslcd/service.c, nslcd/shadow.c: do not pass useless errnos + around because they aren't used anymore + * [r403] nslcd/cfg.h: remove unused include + +2007-09-14 arthur + + * [r402] nslcd/ldap-nss.c: some type fixes and logic + simplifications + * [r401] nslcd/group.c: minor code improvements + * [r400] nslcd/Makefile.am, nslcd/alias.c, nslcd/cfg.c, + nslcd/ether.c, nslcd/group.c, nslcd/host.c, nslcd/ldap-nss.c, + nslcd/ldap-nss.h, nslcd/netgroup.c, nslcd/network.c, + nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, + nslcd/shadow.c, nslcd/util.c, nslcd/util.h: move the two + remaining useful functions from util.c to ldap-nss.c + * [r399] nslcd/group.c, nslcd/util.c, nslcd/util.h: move + _nss_ldap_dn2uid() from util.c to group.c + * [r398] nslcd/common.h, nslcd/passwd.c: add note about free()ing + the returned value and add logging + * [r397] nslcd/common.h, nslcd/group.c, nslcd/passwd.c: move + user2dn() from group.c to passwd_username2dn() in passwd.c + * [r396] nslcd/alias.c, nslcd/ether.c, nslcd/group.c, nslcd/host.c, + nslcd/network.c, nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, + nslcd/service.c, nslcd/shadow.c: do not flush streams: our caller + closes the streams flusing them + * [r395] nslcd/alias.c, nslcd/ether.c, nslcd/group.c, + nslcd/network.c, nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, + nslcd/service.c, nslcd/shadow.c: make use of write_*ent() + functions consistent + * [r394] nslcd/alias.c, nslcd/ldap-nss.c, nslcd/ldap-nss.h, + nslcd/util.c, nslcd/util.h: revert special casing for + alias_byname() to other functions and some logging strings + simplifications + * [r393] nslcd/group.c: remove some more references to the old + locked functions + * [r392] nslcd/alias.c, nslcd/ether.c, nslcd/group.c, nslcd/host.c, + nslcd/ldap-nss.c, nslcd/ldap-nss.h, nslcd/network.c, + nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, + nslcd/shadow.c, nslcd/util.c: remove mutex from all LDAP + operations because we now have a session and a connection per + thread + * [r391] nslcd/alias.c, nslcd/common.h, nslcd/ether.c, + nslcd/group.c, nslcd/host.c, nslcd/ldap-nss.c, nslcd/ldap-nss.h, + nslcd/netgroup.c, nslcd/network.c, nslcd/nslcd.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c, + nslcd/util.c, nslcd/util.h: get rid of global session and instead + pass the session as a parameter with every request and allocate a + session per thread + +2007-09-12 arthur + + * [r390] nslcd/ldap-nss.c: some code cleanup and fixes to the + layout + +2007-09-09 arthur + + * [r389] nslcd/group.c, nslcd/ldap-nss.c, nslcd/ldap-nss.h, + nslcd/util.c: change naming of search functions to clearly + indicate whether the synchronous or the asynchronous interface is + used + * [r388] compat/ldap.h, nslcd/cfg.c, nslcd/cfg.h, nslcd/ldap-nss.c: + some simplifications in the reconnect loging, removing the + undocumented nss_reconnect_maxconntries configfile option and + some work to split out LDAP compatibility code to a separate file + +2007-09-08 arthur + + * [r387] nslcd/common.c, nslcd/common.h, nslcd/ldap-nss.c: move + nss2nslcd() to ldap-nss.c + * [r386] nslcd/group.c, nslcd/ldap-nss.c, nslcd/ldap-nss.h: rename + a function and a little bit of cleanup + * [r385] nslcd/ldap-nss.c: fix endless loop bug + * [r384] nslcd/alias.c, nslcd/attmap.c, nslcd/attmap.h, + nslcd/cfg.c, nslcd/cfg.h, nslcd/ether.c, nslcd/group.c, + nslcd/host.c, nslcd/ldap-nss.c, nslcd/ldap-nss.h, + nslcd/netgroup.c, nslcd/network.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c, + nslcd/util.c: move base and scope handling to database specific + modules, gettting rid of ldap_service_search_descriptor + * [r383] nslcd/alias.c, nslcd/attmap.c, nslcd/attmap.h, + nslcd/cfg.c, nslcd/cfg.h, nslcd/ether.c, nslcd/group.c, + nslcd/host.c, nslcd/ldap-nss.c, nslcd/netgroup.c, + nslcd/network.c, nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, + nslcd/service.c, nslcd/shadow.c, nslcd/util.c: move filters + definitions to the database modules themselves (and already + define base and scope but don't use them yet) + +2007-09-07 arthur + + * [r382] nslcd/alias.c, nslcd/ether.c, nslcd/group.c, nslcd/host.c, + nslcd/ldap-nss.c, nslcd/ldap-nss.h, nslcd/netgroup.c, + nslcd/network.c, nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, + nslcd/service.c, nslcd/shadow.c: make handling of ent_context + consistent and simpler + * [r381] nslcd/alias.c, nslcd/ether.c, nslcd/host.c, + nslcd/network.c, nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, + nslcd/service.c, nslcd/shadow.c, nslcd/util.h: properly + initialize all contexts + * [r380] nslcd/ldap-nss.h: remove struct ldap_args stuff + * [r379] nslcd/group.c: remove last usage of struct ldap_args and + add FIXME + * [r378] nslcd/Makefile.am, nslcd/alias.c, nslcd/cfg.c, + nslcd/ether.c, nslcd/group.c, nslcd/host.c, nslcd/ldap-nss.c, + nslcd/ldap-schema.c, nslcd/ldap-schema.h, nslcd/netgroup.c, + nslcd/network.c, nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, + nslcd/service.c, nslcd/shadow.c, nslcd/util.c: remove the + ldap-schema.[ch] files since this is now fully implemented in the + database specific files + * [r377] nslcd/alias.c, nslcd/ether.c, nslcd/group.c, nslcd/host.c, + nslcd/ldap-nss.c, nslcd/ldap-nss.h, nslcd/ldap-schema.c, + nslcd/netgroup.c, nslcd/network.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c: + also pass search filter for the *_all() functions from the + database module instead of doing it in ldap-nss.c + * [r376] nslcd/alias.c, nslcd/ether.c, nslcd/group.c, nslcd/host.c, + nslcd/netgroup.c, nslcd/network.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c: + rename attlst stuff to attrs since that is the name of the + parameter that is passed + * [r375] nslcd/alias.c, nslcd/common.c, nslcd/common.h, + nslcd/ether.c, nslcd/group.c, nslcd/host.c, nslcd/ldap-nss.c, + nslcd/ldap-nss.h, nslcd/ldap-schema.c, nslcd/ldap-schema.h, + nslcd/netgroup.c, nslcd/network.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c, + nslcd/util.h: move some of the filter code to the database + specific modules to be able to reduce complexity of ldap-nss.c + later on + +2007-09-05 arthur + + * [r374] man/Makefile.am: clean generated manual pages in + maintainer-clean target + +2007-09-03 arthur + + * [r373] nslcd/alias.c, nslcd/ether.c, nslcd/group.c, nslcd/host.c, + nslcd/netgroup.c, nslcd/network.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c: + include service name in attlst storage and functions + * [r372] nslcd/ldap-nss.c: remove sigpipe handling code since + sigpipe is ignored throughout the program + +2007-08-27 arthur + + * [r371] man/Makefile.am: always ship docbook sources and generated + manual pages and always install manual pages (even without + docbook2x-man) + * [r370] INSTALL, autogen.sh, depcomp, install-sh, missing, + mkinstalldirs: upgrade to using automake 1.10 + * [r369] configure.ac: use AM_PROG_CC_C_O to have per-target + compiler flags + +2007-08-26 arthur + + * [r366] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for + 0.3 release + * [r365] Makefile.am: workaround for problems splint has in parsing + system header files + * [r364] nslcd/cfg.h, nslcd/ldap-nss.h: move enum ldap_map_selector + and struct ldap_service_search_descriptor from ldap-nss.h to + cfg.h + +2007-08-25 arthur + + * [r363] debian/libnss-ldapd.postinst: fix handling of configfile + values with spaces and symbols that could cause problems with sed + * [r362] debian/libnss-ldapd.postinst: change regular expression + boundry to | instead of % because it is less likely to appear + with normal use + * [r361] debian/libnss-ldapd.config: clear password informating in + Debconf database if binddn is not used + +2007-08-19 arthur + + * [r360] tests, tests/Makefile.am, tests/test_cfg.c: add some + checks for the configuration module + * [r359] configure.ac, tests/Makefile.am, tests/dict, + tests/test_dict.c, tests/test_tio.c, tests/tio: move dict and tio + tests into the tests directory + * [r358] debian/po/pt.po: include updated Portugese translation by + Américo Monteiro + * [r357] debian/po/templates.pot: change Project-Id-Version project + name + * [r356] debian/po/ca.po, debian/po/cs.po, debian/po/da.po, + debian/po/de.po, debian/po/es.po, debian/po/fr.po, + debian/po/ja.po, debian/po/nl.po, debian/po/pt.po, + debian/po/pt_BR.po, debian/po/ru.po, debian/po/sv.po, + debian/po/templates.pot, debian/po/vi.po: update + Project-Id-Version and Report-Msgid-Bugs-To headers + * [r355] debian/copyright, m4/acx_pthread.m4: include newer version + of acx_pthread.m4 + * [r354] README: add a note about case-sensitivity of NSS and LDAP + databases + * [r353] debian/libnss-ldapd.config, debian/libnss-ldapd.postinst: + fix some bugs in mangling of configfile and be more cautious + about replacing values (only replace first occurrence and only + match options with the correct number of options) + * [r352] debian/libnss-ldapd.postinst: remove passwords from + configfile if the [root]binddn option was removed and always + unset the passwd in the debconf database + * [r351] config.guess, config.sub: include updated files + * [r350] debian/libnss-ldapd.postinst: no longer use + /etc/libnss-ldap.conf as a basis for creating a new configuration + file since the syntax is no longer compatible + * [r349] debian/libnss-ldapd.postinst: only restart nscd on + configure + * [r348] debian/libnss-ldapd.config, debian/libnss-ldapd.postinst, + debian/libnss-ldapd.templates, debian/po/ca.po, debian/po/cs.po, + debian/po/da.po, debian/po/de.po, debian/po/es.po, + debian/po/fr.po, debian/po/ja.po, debian/po/nl.po, + debian/po/pt.po, debian/po/pt_BR.po, debian/po/ru.po, + debian/po/sv.po, debian/po/templates.pot, debian/po/vi.po: remove + the ldap-version question as it should be unneeded in the most + common installations (where it needs to be set the whole config + is likely te need tweaking) + +2007-08-18 arthur + + * [r347] debian/libnss-ldapd.templates, debian/po/ca.po, + debian/po/cs.po, debian/po/da.po, debian/po/de.po, + debian/po/es.po, debian/po/fr.po, debian/po/ja.po, + debian/po/nl.po, debian/po/pt.po, debian/po/pt_BR.po, + debian/po/ru.po, debian/po/sv.po, debian/po/templates.pot, + debian/po/vi.po: rephrase the uri question and add some more + pointers on how to specify the value + * [r346] debian/libnss-ldapd.nslcd.init: change remaining reference + to $PIDFILE into $NSLCD_PIDFILE + * [r345] nslcd/ldap-nss.c: fix a couple of uses of per-map bases + that could be NULL and remove the ldap_proxy_bind_args that + wasn't used anywhere + * [r344] man/nslcd.8.xml: replace remaining \- with - + * [r343] configure.ac, man/nss-ldapd.conf.5.xml, nslcd/attmap.c, + nslcd/attmap.h, nslcd/cfg.c, nslcd/cfg.h, nslcd/ldap-nss.c, + nslcd/ldap-schema.h, nslcd/nslcd.c, nss-ldapd.conf: rewrite + configuration file handling to be simpler and more consistent, + this does mean that the syntax of the configfile has changed from + the PADL one and that some options were removed (also update + manual page and sample config file to reflect changes) + +2007-08-03 arthur + + * [r342] nslcd/cfg.c, nslcd/cfg.h, nslcd/group.c: remove + nss_initgroups and nss_initgroups_ignoreusers configfile options + * [r341] HACKING, README: documentation improvements + * [r340] README, configure.ac, man/nss-ldapd.conf.5.xml, + nslcd/cfg.c, nslcd/cfg.h, nslcd/ldap-nss.c, nslcd/ldap-nss.h: + remove --enable-paged-results configure option and now always do + runtime configuration, remove nss_paged_results configfile option + and use pagesize option to specify usage of paging or not + +2007-08-02 arthur + + * [r339] README: some spelling fixes, added a section on + unsupported features and rephrased default LDAP schema + objectclasses as filters + +2007-07-31 arthur + + * [r338] Makefile.am, configure.ac, debian/control, man, + man/Makefile.am, man/nslcd.8.xml, man/nss-ldapd.conf.5.xml, + nslcd.8, nss-ldapd.conf.5: switch to using docbook for manual + pages, use docbook2x-man for generating the manual pages and + update the nss-ldapd.conf manual page slightly + +2007-07-28 arthur + + * [r337] nslcd/alias.c, nslcd/cfg.h, nslcd/ether.c, nslcd/group.c, + nslcd/host.c, nslcd/ldap-nss.c, nslcd/ldap-nss.h, + nslcd/ldap-schema.c, nslcd/ldap-schema.h, nslcd/netgroup.c, + nslcd/network.c, nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, + nslcd/service.c, nslcd/shadow.c: define the list of attributes to + look up in searches in the service modules instead of in + ldap-schema + * [r336] nslcd/attmap.h: fix typo in comment + +2007-07-27 arthur + + * [r334] nslcd.h: fix typo + +2007-07-26 arthur + + * [r332] nslcd/cfg.c, nslcd/ldap-schema.h: remove some more old + mapping stuff and change configuration file keyword to map with + the new syntax + * [r331] nslcd/alias.c, nslcd/attmap.c, nslcd/attmap.h, + nslcd/cfg.c, nslcd/cfg.h, nslcd/ether.c, nslcd/group.c, + nslcd/host.c, nslcd/ldap-nss.c, nslcd/netgroup.c, + nslcd/network.c, nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, + nslcd/service.c, nslcd/shadow.c: switch to the new attribute + mapping code + * [r330] nslcd/cfg.c, nslcd/cfg.h, nslcd/ldap-nss.c, + nslcd/ldap-nss.h, nslcd/ldap-schema.c: get rid of default and + override attribute value mappings and remove host and port + configuration options + * [r329] nslcd/ldap-nss.c, nslcd/ldap-nss.h, nslcd/shadow.c: move + some shadow specific functions to shadow.c + * [r328] nslcd/cfg.c, nslcd/cfg.h: make function + _nss_ldap_add_uri() static + +2007-07-24 arthur + + * [r327] nslcd/ldap-nss.c, nslcd/ldap-nss.h, nslcd/ldap-schema.c: + remove some more unused code + * [r326] nslcd/Makefile.am, nslcd/alias.c, nslcd/attmap.c, + nslcd/attmap.h, nslcd/cfg.c, nslcd/ether.c, nslcd/group.c, + nslcd/host.c, nslcd/ldap-nss.c, nslcd/ldap-nss.h, + nslcd/ldap-schema.c, nslcd/ldap-schema.h, nslcd/netgroup.c, + nslcd/network.c, nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, + nslcd/service.c, nslcd/shadow.c, nslcd/util.c: switch to a new + interface for doing attribute mapping, splitting the attribute + mapping stuff into a separate file + * [r325] nslcd/cfg.c, nslcd/ldap-schema.c, nslcd/ldap-schema.h: get + rid of some unused attribute mappings and a small reorganisation + of code + * [r324] debian/libnss-ldapd.templates, debian/po/ca.po, + debian/po/cs.po, debian/po/da.po, debian/po/de.po, + debian/po/es.po, debian/po/fr.po, debian/po/ja.po, + debian/po/nl.po, debian/po/pt.po, debian/po/pt_BR.po, + debian/po/ru.po, debian/po/sv.po, debian/po/templates.pot, + debian/po/vi.po: rephrase nsswitch.conf question and removed + reference to example file we don't ship + * [r323] debian/copyright, nslcd/Makefile.am, nslcd/cfg.c, + nslcd/cfg.h, nslcd/dnsconfig.c, nslcd/dnsconfig.h, + nslcd/resolve.c, nslcd/resolve.h, nss-ldapd.conf.5: get rid of + dnsconfig stuff since that probably didn't work anyway and it + cleans up some stuff + +2007-07-23 arthur + + * [r315] common/dict.c, tests/dict/test_dict.c: fix a serious bug + in dict_values_next() that would return map pointers instead of + values and write a test for it + * [r314] debian/rules: use stricter distclean run in clean target + as suggested by lintian + * [r313] common/dict.c, common/dict.h, tests/dict/test_dict.c: add + support for removing entries from a DICT by setting the value to + NULL (this does not free any memory) + +2007-07-21 arthur + + * [r310] AUTHORS: include translater of debconf templates to French + +2007-07-18 arthur + + * [r309] debian/po/fr.po: typo fix by Cyril Brulebois + + +2007-07-16 arthur + + * [r308] debian/po/fr.po: update French (fr) translation of debconf + templates by Cyril Brulebois + +2007-07-15 arthur + + * [r307] tests/tio/test_tio.c: disable test that will always fail + * [r306] common/tio.c: fix typo + * [r305] common/tio.c: fix bug with buffer magic in writing code + +2007-07-14 arthur + + * [r304] AUTHORS, debian/copyright, debian/po/pt.po: add Portuguese + (pt) translation of debconf templates by Américo Monteiro + + +2007-07-13 arthur + + * [r303] tests/dict/Makefile.am, tests/tio/Makefile.am: do the + simple unit tests at make check time + * [r302] Makefile.am: don't include config diretory which we don't + use + * [r301] common/tio.c: add const and add FIXME about a to-be-fixed + race condition + * [r300] nss/networks.c: flag the address family parameter as + unused + * [r299] README: add notes about format of host and ethers entries + in LDAP database + * [r298] debian/control: add XS-Vcs-Svn and XS-Vcs-Browser as + specified in #391023 + +2007-06-18 arthur + + * [r297] nslcd/nslcd.c: add comment explaining the use of chmod() + over fchmod() + +2007-06-17 arthur + + * [r294] ChangeLog, NEWS, configure.ac, debian/changelog, + nss-ldapd.conf.5: get files ready for 0.2.1 release + * [r293] Makefile.am: do proper wildcard expansion + * [r292] Makefile.am, nss/Makefile.am: add proper support for make + uninstall + * [r291] autogen.sh: force regeneration of all files + * [r290] Makefile.am, autogen.sh, configure.ac: include stuff from + the m4 directory automatically + * [r289] common/Makefile.am, nslcd/Makefile.am, nss/Makefile.am, + tests/Makefile.am, tests/dict/Makefile.am, tests/tio/Makefile.am: + support building outside the source directory + * [r288] Makefile.am, configure.ac, debian/copyright, m4, + m4/acx_pthread.m4, nslcd/Makefile.am: use the ACX_PTHREAD macro + to check for platform independant pthread support and required + options + * [r287] debian/copyright: further clarification of use of + autoconf/automake code + +2007-06-16 arthur + + * [r286] nslcd/nslcd.c: change fchmod() into chmod() since fchmod() + has undifined behaviour on named sockets (fails silently) + +2007-06-12 arthur + + * [r285] common/dict.c, nslcd/ldap-nss.c, nslcd/ldap-schema.c, + nslcd/util.c: fix casts of types where needed + * [r284] nslcd/host.c: fix type of host address and handle errors + in writing hostent + +2007-06-11 arthur + + * [r280] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + nss-ldapd.conf.5: get files ready for 0.2 release + * [r279] common/Makefile.am, common/dict.c, common/dict.h, + nslcd/Makefile.am, nslcd/cfg.h, nslcd/dict.c, nslcd/dict.h, + tests/dict/Makefile.am, tests/dict/test_dict.c: move dict into + the common directory + * [r278] nss-ldapd.conf.5: add a note about the status of this + manual page + +2007-06-10 arthur + + * [r277] common/Makefile.am: compile tio module with -fPIC because + it is used in the NSS shared library + * [r276] debian/libnss-ldapd.postinst: add note about modifying + /etc/nsswitch.conf in postinst + +2007-06-09 arthur + + * [r275] Makefile.am: have better rules to generate ChangeLog + * [r274] common/tio.h: remove some trailing spaces + * [r273] nss-ldapd.conf.5: add proper copyright header + +2007-06-08 arthur + + * [r272] Makefile.am, common, common/Makefile.am, common/tio.c, + common/tio.h, configure.ac, nslcd-common.h, nslcd/Makefile.am, + nslcd/alias.c, nslcd/common.h, nslcd/ether.c, nslcd/group.c, + nslcd/host.c, nslcd/ldap-nss.c, nslcd/ldap-nss.h, + nslcd/netgroup.c, nslcd/network.c, nslcd/nslcd.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c, + nslcd/util.c, nslcd/util.h, nss/Makefile.am, nss/aliases.c, + nss/common.c, nss/common.h, nss/ethers.c, nss/group.c, + nss/hosts.c, nss/netgroup.c, nss/networks.c, nss/passwd.c, + nss/protocols.c, nss/rpc.c, nss/services.c, nss/shadow.c, + tests/Makefile.am, tests/tio, tests/tio/Makefile.am, + tests/tio/test_tio.c: implement our own stdio-like library that + handles IO with a simple configurable timeout mechanism with + buffering + +2007-06-05 arthur + + * [r271] NEWS, README, configure.ac, tests/dict/test_dict.c: some + remaining tabs to spaces and trim trailing spaces + +2007-06-02 arthur + + * [r270] configure.ac, debian/copyright: fix some remaining + references to the GNU Library General Public License + +2007-06-01 arthur + + * [r269] nslcd/nslcd.c: add some comments describing some problems + that this code may have + +2007-05-20 arthur + + * [r268] HACKING: add a section on build dependencies + +2007-05-13 arthur + + * [r267] config.guess, config.sub: include updated files + +2007-03-05 arthur + + * [r266] ., Makefile.am: include some targets to tun flawfinder, + pscan, rats and splint + +2007-03-04 arthur + + * [r265] nslcd-common.h, nslcd/alias.c, nslcd/ether.c, + nslcd/group.c, nslcd/ldap-nss.c, nslcd/ldap-nss.h, + nslcd/ldap-schema.c, nslcd/ldap-schema.h, nslcd/log.c, + nslcd/nslcd.c, nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, + nslcd/shadow.c, nslcd/util.c, nslcd/util.h, nss/common.c, + nss/common.h, nss/group.c, nss/hosts.c, nss/netgroup.c, + nss/networks.c, nss/prototypes.h, nss/services.c: code + improvements by making type casts explicit, flagging ignored + return values, renames and flagging of parameters and some + miscelanious improvements (thanks to gcc warnings, splint, rats + and flawfinder) + +2007-03-02 arthur + + * [r264] nslcd/ldap-nss.c: remove runtime checking for existance of + /lib/init/rw/libnss-ldap.bind_policy_soft + * [r263] nss-ldapd.conf: add missing attribute mapping for AD + * [r262] nslcd/nslcd.c: do chmod on file descriptor instead of on + file name + +2007-02-17 arthur + + * [r251] nslcd-common.h, nslcd/cfg.c, nss/hosts.c: fix a few bugs + found thanks to the new warnings + * [r250] compat, compat/attrs.h, nslcd/cfg.h, nslcd/common.h, + nslcd/dict.h, nslcd/log.h, nslcd/nslcd.c, nss/Makefile.am, + nss/common.h, nss/ethers.c, nss/group.c, nss/hosts.c, + nss/netgroup.c, nss/networks.c, nss/passwd.c, nss/protocols.c, + nss/rpc.c, nss/services.c, nss/shadow.c, tests/dict/test_dict.c, + tests/test_aliases.c: add gcc attributes to some functions and + parameters + * [r249] configure.ac: add some extra type checks and worarounds + * [r248] configure.ac: add extra compiler warnings + +2007-02-10 arthur + + * [r240] nslcd/dnsconfig.c, nslcd/ldap-nss.c, nslcd/ldap-nss.h, + nslcd/ldap-schema.c, nslcd/util.c: replace syslog calls to calls + with our own logging module + +2007-02-06 arthur + + * [r237] README: fix a typo and update copyright info + +2007-02-04 arthur + + * [r236] configure.ac, tests/Makefile.am, tests/dict, + tests/dict/Makefile.am, tests/dict/test_dict.c: add simple test + for dict module + * [r235] nslcd/dict.c: fix list corruption bug in dict_put() and + ignore setting value to NULL + * [r234] nslcd/dict.c, nslcd/dict.h: don't store const void * as + value, just void * + +2007-02-01 arthur + + * [r233] nslcd/util.c, nslcd/util.h: declare old dict functions + static as thay are only used from within util.c + * [r232] nslcd/dict.h, nslcd/ldap-nss.h: trim trailing whitespace + * [r231] nslcd/Makefile.am, nslcd/cfg.c, nslcd/cfg.h, nslcd/dict.c, + nslcd/dict.h, nslcd/ldap-nss.c, nslcd/util.c, nslcd/util.h: add + new dictionary module and use it for the attribute mapping stuff + * [r230] nslcd/Makefile.am, nslcd/log.c, nslcd/xmalloc.c, + nslcd/xmalloc.h: get rid of xmalloc.[ch] + +2007-01-17 arthur + + * [r229] nss/Makefile.am: no longer install libc-versioned symlink + and hardcode nss soname because we will likely need to change our + code if the ABI changes + * [r228] debian/rules: in Debian package install NSS files in + /usr/lib instead of /lib + * [r227] nss/aliases.c, nss/common.h, nss/ethers.c, nss/group.c, + nss/hosts.c, nss/netgroup.c, nss/networks.c, nss/passwd.c, + nss/protocols.c, nss/rpc.c, nss/services.c, nss/shadow.c: ensure + that all NSS functions can be generated by the marcos in common.h + and spell out the read_..() function for every type + * [r226] debian/copyright: indent license blubs and include license + information for nslcd/resolve.[ch] + * [r225] nslcd.h: add a little bit more documentation + * [r224] nslcd/cfg.c: remove a const where it really wasn't + * [r223] nslcd/cfg.c, nslcd/cfg.h, nslcd/group.c, nslcd/ldap-nss.c, + nslcd/util.c, nslcd/util.h: move most config code into cfg.c, + clean up dictornary stuff in util.c and do some more smaller + restructuring + * [r222] nslcd/group.c, nslcd/ldap-nss.h, nslcd/util.c, + nslcd/util.h: move name_list stuff to group.c as that is the only + place it's used at the moment + * [r221] nslcd/netgroup.c: replace __netgrent with mynetgrent + removing the fields that are not used + * [r220] nslcd/Makefile.am, nslcd/cfg.c, nslcd/cfg.h, + nslcd/ldap-nss.c, nslcd/ldap-nss.h, nslcd/ldap-schema.h, + nslcd/util.c, nslcd/util.h: first step to split out all + configuration stuff into separate file + * [r219] nslcd/ldap-nss.c, nslcd/ldap-nss.h: get rid of more code + that would check if the socket was changed from under us by our + caller + * [r218] nslcd/ldap-nss.c: get rid of rebinding-on-fork() logic as + our threading model is very predictable + +2007-01-10 arthur + + * [r217] nslcd/netgroup.c: write a final result code of + NSLCD_RESULT_NOTFOUND for netgroup lookups + * [r216] nss/netgroup.c, nss/prototypes.h: fix netgroup lookups so + that _nss_ldap_getnetgrent_r() returns NSS_STATUS_RETURN if there + are no more entries to return but there was a first entry + +2007-01-09 arthur + + * [r215] COPYING, Makefile.am, README, configure.ac, + debian/copyright, debian/libnss-ldapd.nslcd.init, nslcd-common.h, + nslcd.8, nslcd.h, nslcd/Makefile.am, nslcd/alias.c, + nslcd/common.c, nslcd/common.h, nslcd/dnsconfig.c, + nslcd/dnsconfig.h, nslcd/ether.c, nslcd/group.c, nslcd/host.c, + nslcd/ldap-nss.c, nslcd/ldap-nss.h, nslcd/ldap-schema.c, + nslcd/ldap-schema.h, nslcd/log.c, nslcd/log.h, nslcd/netgroup.c, + nslcd/network.c, nslcd/nslcd.c, nslcd/pagectrl.c, + nslcd/pagectrl.h, nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, + nslcd/service.c, nslcd/shadow.c, nslcd/util.c, nslcd/util.h, + nslcd/xmalloc.c, nslcd/xmalloc.h, nss/Makefile.am, nss/aliases.c, + nss/common.c, nss/common.h, nss/ethers.c, nss/group.c, + nss/hosts.c, nss/netgroup.c, nss/networks.c, nss/passwd.c, + nss/protocols.c, nss/prototypes.h, nss/rpc.c, nss/services.c, + nss/shadow.c, tests/Makefile.am, tests/test_aliases.c, + tests/test_ethers.c, tests/test_group.c, tests/test_hosts.c, + tests/test_netgroup.c, tests/test_networks.c, + tests/test_passwd.c, tests/test_protocols.c, tests/test_rpc.c, + tests/test_services.c, tests/test_shadow.c: change license from + GNU Library General Public License v.2 to GNU Lesser General + Public License v.2.1 with permission from Luke Howard + +2007-01-08 arthur + + * [r214] nss/netgroup.c, nss/prototypes.h: use our own thread-local + file pointer for doing requests instead of misusing the data + field in the __netgrent struct + * [r213] debian/control: add a provide line for libnss-ldap so we + can seamlessly replace it (it should provide the same + functionality) + * [r212] debian/libnss-ldapd.postinst: only modify nsswitch + databases we support, leave everything else alone (e.g. + automount) + +2007-01-02 arthur + + * [r211] debian/libnss-ldapd.nslcd.init: change description in init + script + diff --git a/ChangeLog-2008 b/ChangeLog-2008 new file mode 100644 index 0000000..f9c5229 --- /dev/null +++ b/ChangeLog-2008 @@ -0,0 +1,792 @@ +2008-12-15 arthur + + * [r806] man/nss-ldapd.conf.5.xml: add a note about permissions of + configfile when bindpw is used + +2008-12-06 arthur + + * [r805] man/nss-ldapd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, + nslcd/myldap.c, nss-ldapd.conf: rename the tls_checkpeer option + to tls_reqcert, deprecating the old name and supporting all + options that OpenLDAP supports for that value + +2008-12-03 arthur + + * [r804] nslcd/common.c, tests/test_common.c: allow backslashes in + names execpt as first or last character + * [r803] configure.ac, nslcd/nslcd.c: clean the environment and set + LDAPNOINIT to disable parsing of LDAP configfiles (.ldaprc, + /etc/ldap/ldap.conf, etc) + +2008-11-29 arthur + + * [r802] nslcd/myldap.c: use tls_* options also for StartTLS + connections + * [r801] man/nss-ldapd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h: remove + sslpath option because it wasn't used for anything + * [r800] debian/changelog: add missing pound sign + +2008-11-14 arthur + + * [r798] ChangeLog, NEWS, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for + 0.6.7 release + +2008-11-13 arthur + + * [r797] debian/libnss-ldapd.templates: also leave out empty + Default line for libnss-ldapd/ldap-binddn + * [r796] debian/libnss-ldapd.config, debian/libnss-ldapd.templates: + set debconf values from the environment only when they are empty + or if configfile is present to fix installation problem + +2008-11-11 arthur + + * [r795] debian/libnss-ldapd.postinst: any output should go to + stderr to not confuse debconf + +2008-11-04 arthur + + * [r793] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for + 0.6.6 release + * [r792] NEWS: some spelling fixes + * [r791] man/nss-ldapd.conf.5.xml: update manual page with current + timeout numbers + +2008-11-01 arthur + + * [r790] debian/libnss-ldapd.postrm: fail on errors + +2008-10-31 arthur + + * [r789] debian/libnss-ldapd.postinst: check for existance of init + script instead of daemon + +2008-10-01 arthur + + * [r788] nslcd/common.c: also allow spaces in user and group names + because it was causing problems in some environments + +2008-09-24 arthur + + * [r787] nslcd/myldap.c: also retry if ldap_result() failed and + getting error number returned LDAP_SUCCESS + * [r786] nslcd/myldap.c: log option name instead of option value + for ldap_set_option() value + * [r785] debian/control: clarify relationship to nss_ldap in + package description + +2008-08-22 arthur + + * [r783] ChangeLog, NEWS, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for + 0.6.5 release + +2008-08-07 arthur + + * [r782] debian/copyright, debian/po/da.po: updated Danish (da) + translation of debconf templates by Jonas Smedegaard + + * [r781] debian/po/sv.po: updated Swedish (sv) translation of + debconf templates by Martin Ågren + +2008-07-20 arthur + + * [r778] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for + 0.6.4 release + * [r777] nslcd/cfg.c: rename get_base_from_dse() to + get_base_from_rootdse() + * [r776] nslcd/cfg.c: make the get_base_from_dse() function cleaner + and add a comment describing the function + * [r775] man/nss-ldapd.conf.5.xml, nslcd/cfg.c: implement looking + up search base in DSE of LDAP server + * [r774] tests/test_nsscmds.sh: reflect change in test LDAP setup + +2008-07-10 arthur + + * [r773] nslcd/myldap.c: LDAP_OPT_X_TLS_REQUIRE_CERT is not a + boolean + +2008-06-21 arthur + + * [r772] README: small change to documentation + * [r771] nss-ldapd.conf: further improvements to Active Directory + filters and attribute mappings by Petter Reinholdtsen + + +2008-06-17 arthur + + * [r770] nslcd/cfg.c, nslcd/myldap.c: replace https:// by ldaps:// + (stupid typo) + * [r769] nss-ldapd.conf: Active Directory sample configuration + improvement by Jelmer Jaarsma + +2008-06-15 arthur + + * [r767] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for + 0.6.3 release + * [r766] Makefile.am, debian/libnss-ldapd.lintian-overrides, + debian/rules: lintian override seems to be no longer necessary + * [r765] debian/control: upgrade to standards-version 3.8.0 (no + changes needed) + * [r764] debian/libnss-ldapd.nslcd.init: create /var/run/nslcd + directory with owner nslcd:nslcd by default so nslcd can remove + socket and pidfile at exit + * [r763] nslcd/nslcd.c: give pidfile and socket creation functions + more logical names + +2008-06-14 arthur + + * [r762] AUTHORS, configure.ac, man/nss-ldapd.conf.5.xml, + nslcd/cfg.c, nslcd/cfg.h, nslcd/myldap.c: implement SASL + authentication based on a patch by Dan White + * [r761] man/nss-ldapd.conf.5.xml: make formatting of manual page + options consistent + +2008-06-13 arthur + + * [r760] tests, tests/Makefile.am, tests/test_common.c: add some + very basic tests for the isvalidname() function + * [r759] nslcd/common.c, nslcd/common.h, nslcd/group.c, + nslcd/passwd.c: combine isvalidusername() and isvalidgroupname() + into isvalidname() because they are similar enough and we just + want to check to see if it is a reasonable name (e.g. not a DN) + +2008-06-12 arthur + + * [r758] common/tio.c: restore the old writing code which masks + SIGPIPE on platforms that can't use send() + * [r757] nslcd/cfg.c: don't perform SSL/TLS sanity checks if it + isn't available on the platform + * [r756] tests: ignore test_getpeercred + +2008-06-11 arthur + + * [r755] tests: ignore core files + * [r754] tests/test_getpeercred.c: remove test socket at end of + test + +2008-06-06 arthur + + * [r753] compat/getpeercred.c: use the cr_ prefix when getting a + xucred struct (needed for kfreebsd) + * [r752] tests/Makefile.am, tests/test_getpeercred.c: implement a + very basic test for getpeercred() + * [r751] nslcd/cfg.c: remove warning on using ssl option + * [r750] nslcd/cfg.c: check that all URLs start with https:// if + "ssl on" is specified + * [r749] nslcd/myldap.c: also set TLS options if an ldaps:// URL is + specified + * [r748] debian/control: add dependency on adduser as required by + the previous commit + * [r747] debian/libnss-ldapd.postinst: create a nslcd user in + postinst and ensure that it is used by default + * [r746] man/nss-ldapd.conf.5.xml: add uid and gid options to + manual page + * [r745] nslcd/cfg.c, nslcd/cfg.h, nslcd/nslcd.c: add uid and gid + configuration keywords that set the user id and group id of the + running nslcd process + * [r744] nslcd/nslcd.c: environ is defined in unistd.h + * [r743] nslcd/nslcd.c, nss/common.c: increase write buffer size in + nslcd to free up threads earlier and increase timeout for nslcd + to nss communication to one minute (at both places) + * [r742] common/dict.c, compat/ether.c, nslcd/group.c, + nslcd/myldap.c, nslcd/passwd.c, tests/test_tio.c: miscellaneous + portability improvements + +2008-05-18 arthur + + * [r741] TODO: from a review of glibc 2.3.6 code it shows that + strerror() is only non-threadsafe in some very unlikely + circumstances + +2008-05-17 arthur + + * [r740] common/tio.c: use send() with a flag to ignore SIGPIPE + instead of write() so we don't have to muck with signal handlers + +2008-05-16 arthur + + * [r739] nslcd/log.c, nslcd/log.h, nslcd/nslcd.c: include a random + string in every log message to be able to group log messages for + a single request + * [r738] common/tio.c, nslcd/myldap.c: add sanity checks to sleep + calls to never sleep too long (problems could occur when the + clock moves backwards) + * [r737] nss/group.c: remove comment about limitation that has now + been removed + * [r736] nss/common.c: grow the read buffer maximum size to 2Mbyte + to allow for groups with about 150000 members maximum + +2008-05-15 arthur + + * [r735] README: add some documentation on supported group to + member mappings + * [r734] nslcd/myldap.h: improve documentation for + myldap_get_rdn_value() function + +2008-05-11 arthur + + * [r733] nslcd/myldap.c: close the connection and retry the search + (once) if the search fails with the first call to + myldap_get_entry() (starting a search doesn't always give an + error when the connection has been broken) + * [r732] nslcd/myldap.c: split retry mechanism of myldap_search() + into a new do_retry_search() function + * [r731] nslcd/myldap.c: allocate the search memory region in + myldap_search() instead of in do_try_search() and have the latter + return an LDAP status code + * [r730] nslcd/myldap.c: also allow closing of searches that no + longer have a valid connection and integrate myldap_search_free() + into myldap_search_close() + +2008-05-04 arthur + + * [r728] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for + 0.6.2 release + * [r727] HACKING, README: some documentation cleanups and updates + * [r726] tests/test_nslcd_group.c: add some tests for + isvalidgroupname() + * [r725] man/nss-ldapd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, + nslcd/nslcd.c: make number of threads configurable with the + threads keyword + * [r724] nslcd/myldap.h: add reference to note about + thread-safeness of OpenLDAP + * [r723] nslcd/nslcd.c: fix copyright year + +2008-05-03 arthur + + * [r722] nslcd/passwd.c: implement a cache for dn2uid() lookups + that saves some time doing LDAP searches for groups with a lot of + members, based on a patch by Petter Reinholdtsen + + * [r721] debian/libnss-ldapd.nslcd.init: add soft dependency on + slapd, simplify network and file system dependencies and add + reverse dependencies on some common daemons that may want to do + NSS lookups + +2008-05-02 arthur + + * [r720] nss/netgroup.c, nss/prototypes.h: remove checking for + first entry and always return NSS_STATUS_RETURN when no more data + is available in the netgroup (this has the side effect of not + returning NSS_STATUS_NOTFOUND for non-existing netgroups but + seems to be what other NSS modules do) to properly handle empty + netgroups + * [r719] tests, tests/Makefile.am, tests/test_nslcd_group.c: add + file for testing nslcd/group.c + * [r718] tests/Makefile.am: don't even compile the test programs on + make check + * [r717] tests/Makefile.am: don't compile test code on every build + and fix LDADD lists to include correct objects + * [r716] nslcd/cfg.c, nslcd/cfg.h, nslcd/myldap.c: only support + tls-related options if LDAP library supports TLS, only add rebind + code if ldap_set_rebind_proc() is found and only set + LDAP_X_OPT_CONNECT_TIMEOUT if that option is supported + +2008-05-01 arthur + + * [r715] nslcd/myldap.c: support ranged attribute values + * [r714] nss/common.h: fix comment of return value of + NSS_STATUS_TRYAGAIN + * [r713] tests/test_myldap.c: fix a warning + * [r712] tests/test_myldap.c: ensure that filter_get_var() and + filter_get_var() return non-NULL to enable parsing of config file + with attribute mapping and filter settings and use base from + config file + +2008-04-29 arthur + + * [r711] man/nss-ldapd.conf.5.xml: make language about pagesize + option a little clearer + +2008-04-27 arthur + + * [r710] nslcd/cfg.c: support the case where an attribute mapping + variable is NULL + +2008-04-26 arthur + + * [r709] nslcd/myldap.c: also close the LDAP connection on + LDAP_SERVER_DOWN (besides LDAP_UNAVAILABLE) + * [r708] man/nss-ldapd.conf.5.xml, nss/common.c: increase time out + values because now nslcd will error out more quickly if the LDAP + server is known to be unavailable + * [r707] nslcd/nslcd.c: spelling fix in comment + * [r706] man/nss-ldapd.conf.5.xml: some spelling fixes and a + clarification of the retry mechanism + * [r705] nslcd/cfg.c: fix log message of incorrect map statement + * [r704] nslcd/passwd.c: make log message a little more descriptive + * [r703] configure.ac: fix quote in comment + * [r702] nslcd/myldap.c: ensure that the connection to the LDAP + server is closed whenever any of the ldap_*() functions return + LDAP_UNAVAILABLE + +2008-04-25 arthur + + * [r701] man/nss-ldapd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, + nslcd/myldap.c, tests/nss-ldapd-test.conf, tests/test_cfg.c, + tests/test_myldap.c: implement new timing mechanism for retries + to quickly fail lookups to LDAP server that have been failing for + some time, removing the reconnect_tries option and giving + reconnect_sleeptime and reconnect_maxsleeptime options a new + meaning + * [r700] tests/test_myldap.c: include missing include + * [r699] tests/test_myldap.c: ignore SIGPIPE in myldap tests + * [r698] tests/test_myldap.c: fix assert to be test instead of + assignment + * [r697] tests/test_myldap.c, tests/test_myldap.sh: have the binary + look up the file name and only use the shell script wrapper to + determine if LDAP server is available + * [r696] compat/ether.h: fix typos in references to + HAVE_ETHER_NTOA_R and HAVE_ETHER_ATON_R macros + +2008-04-23 arthur + + * [r695] tests/test_nsscmds.sh: fix order of members in group in + tests because of new hashing dict (maybe we should fix the script + instead to always sort members properly) + * [r694] common/dict.c: fix problem where first item in the + hashtable could be returned twice while looping + * [r693] tests/test_dict.c: add test for problem with duplicate + entries being returned while looping over results + * [r692] nslcd/passwd.c: don't issue warning when + myldap_get_entry() returns NULL and LDAP_SUCCESS + +2008-04-21 arthur + + * [r691] common/dict.c: allocate room for key string just after + entry to save on calls to malloc() and make it simpler + +2008-04-20 arthur + + * [r690] nslcd/group.c, nslcd/passwd.c: fix tests for valid user + and group names + * [r689] nslcd/common.h, nslcd/group.c, nslcd/passwd.c: add checks + for valid user and group names in incoming requests and for data + returned from LDAP + * [r688] nslcd/group.c: only support uniqueMember containing DN + values + * [r687] nslcd/group.c: fix warning message to not refer to alias + * [r686] nslcd/myldap.c: make warning message more verbose, fix + comment and don't try to store empty results + +2008-04-19 arthur + + * [r685] debian/libnss-ldapd.config: only guess the searchbase if + the value doesn't seem to be preseeded (based on a patch by + Petter Reinholdtsen ) + * [r684] common/dict.c: fix wrapping and indenting of comments + * [r683] nslcd/group.c: correctly call set_free() instead of free() + * [r682] nslcd/group.c: use the new set data structure to gather + the group members + * [r681] common/Makefile.am, common/set.c, common/set.h, tests, + tests/Makefile.am, tests/test_set.c: implement a set that uses + the dict module as back-end + * [r680] common/dict.c: implement new dict module that uses a + hashtable which is around 40 times faster for large (around 2000) + entries but with around 40% more memory used + * [r679] tests/Makefile.am, tests/test_dict.c, tests/usernames.txt: + some new tests for the dictionary module + * [r678] nslcd/passwd.c: add test for emtpy DN + +2008-04-18 arthur + + * [r677] nslcd/myldap.c: instead of using the dict module to build + a cache just store the values in an fixed-sized array because no + more than 9 attributes are currently retrieved from an entry and + we never retrieve the same value more than once (so the cache is + useless) + +2008-04-17 arthur + + * [r676] common/dict.h: add note about freed values + * [r675] common/dict.c, common/dict.h, nslcd/myldap.c, + tests/test_dict.c: change dict_values_first() and + dict_values_next() into dict_loop_first() and dict_loop_next() to + have a looping mechanism over keys and values + +2008-04-13 arthur + + * [r674] tests/nss-ldapd-test.conf: remote hopefully last reference + to rootbind{dn,pw} + +2008-04-06 arthur + + * [r673] nslcd/common.h: return values of dn2uid() and uid2dn() + should always be used + * [r672] nslcd/group.c: properly handle the case where dn2uid() + couldn't do a DN->uid lookup + * [r670] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for + 0.6.1 release + * [r669] config.guess, config.sub: include updated files + +2008-04-05 arthur + + * [r668] AUTHORS: include Petter Reinholdtsen for reporting many + bugs and even some fixes + * [r667] debian/libnss-ldapd.postinst: handle case where value + contains spaces properly + * [r666] debian/libnss-ldapd.postinst: support having a binddn set + without a bindpw + * [r665] debian/libnss-ldapd.config: fix typo in comment + * [r664] debian/libnss-ldapd.config, debian/libnss-ldapd.postinst, + debian/libnss-ldapd.templates, debian/po/ca.po, debian/po/cs.po, + debian/po/da.po, debian/po/de.po, debian/po/es.po, + debian/po/fr.po, debian/po/ja.po, debian/po/nl.po, + debian/po/pt.po, debian/po/pt_BR.po, debian/po/ru.po, + debian/po/sv.po, debian/po/templates.pot, debian/po/vi.po: remove + rootbind{dn,pw} options from packaging because the options are + not likely to be implemented in the future + * [r663] nslcd/common.h, nslcd/group.c, nslcd/passwd.c: fix + member->group searches by also searching for DN in uniqueMember + attribute + * [r662] nslcd/log.c: make log line a little bigger to properly log + more search filters + * [r661] nslcd/nslcd.c: only return shadow entries to root users + * [r660] nss/group.c: correctly implement buffer handling in + _nss_ldap_initgroups_dyn() to grow buffer when needed, check + limits and handle extra group parameter (had a closer look at + nis-initgroups.c) + * [r659] tests/test_nsscmds.sh: no problem to shout a little with + failed tests + * [r658] nss/group.c: properly check the limit (as seen in + nis-initgroups.c) + * [r657] nslcd/shadow.c: partial support for reading AD date format + for pwdLastSet attribute + * [r656] nslcd/myldap.c: split closing of LDAP session to separate + funtion to invalidate running searches always and closes + connection if setting up search failed + * [r655] tests/test_group.c: use a larger buffer for group + membership results + * [r654] tests/test_myldap.c: check that the last + myldap_get_entry() returned success + +2008-04-04 arthur + + * [r653] README, man/nss-ldapd.conf.5.xml, nslcd/cfg.c, + nslcd/cfg.h, nslcd/myldap.c, nss-ldapd.conf: remove code that + handles special cases when calling as root (removing rootbinddn, + rootbindpw, rootuse_sasl and rootsasl_authid options) + * [r652] nslcd/myldap.c: revert r628 (using ldap_str2dn() instead + of ldap_explode_r?dn()) for now to make this compile on older + versions of OpenLDAP + * [r651] man/nss-ldapd.conf.5.xml: add some more documentation to + the pagesize option + +2008-04-02 arthur + + * [r650] debian/libnss-ldapd.nslcd.init: make start not fail if + nslcd is already running and stop not fail if it wasn't running + before + +2008-03-30 arthur + + * [r649] nss-ldapd.conf: some fixes to the configuration when using + Active Directory (provided by Petter Reinholdtsen + ) + * [r648] configure.ac, nslcd/myldap.c: only define and use + do_sasl_interact() if we have a sasl library + * [r647] compat/attrs.h: make test for compiler versions simpler + and per used attribute + +2008-03-29 arthur + + * [r646] HACKING, README: add contact information on reporting bugs + and contributing patches + * [r645] HACKING: add some more notes about the design and + direction I want to go in + +2008-03-28 arthur + + * [r644] nslcd/myldap.c: don't warn about problems retreiving the + objectClass from en entry + +2008-03-27 arthur + + * [r643] nslcd/group.c: fix a problem where the newly allocated + storage by realloc() wasn't used (thanks to Petter Reinholdtsen + for the patch) + +2008-03-16 arthur + + * [r642] debian/libnss-ldapd.config, debian/libnss-ldapd.postinst: + comment out all rootbind{dn,pw} code as to not copy those + directives because they are unsupported + * [r641] debian/libnss-ldapd.config: use tail instead of head to + avoid conflicts becase nss_ldap seems to pick up the last option + in the file + * [r640] debian/libnss-ldapd.config: handle the case where an + option is defined multiple times + +2008-03-06 arthur + + * [r639] AUTHORS, debian/copyright, debian/po/es.po: updated + Spanish (es) translation of debconf templates by Rudy Godoy + Guillén + +2008-03-04 arthur + + * [r638] AUTHORS, debian/po/nl.po: updated Dutch (nl) translation + of debconf templates by Bart Cornelis + +2008-02-19 arthur + + * [r637] README: some updates to reflect recent changes + * [r636] man/Makefile.am: have a better way to specify the manual + page rule + +2008-02-15 arthur + + * [r635] common/tio.c: split out the flushing of the buffers to + separate functions and see if we can flush some data from the + buffer if it is overflowing before growing the buffer + * [r634] nslcd/myldap.c: add StartTLS support by Ralf Haferkamp + + * [r633] nslcd/myldap.c: pass URI to do_bind() to make it work with + do_rebind() and use that URI (thanks Ralf Haferkamp + ) + * [r632] tests/test_myldap.c: add tests for myldap_get_rdn_value() + and myldap_cpy_rdn_value() + +2008-02-12 arthur + + * [r631] configure.ac: make using implicit function definitions an + error + * [r630] common/tio.c, common/tio.h, nslcd/nslcd.c, nss/common.c, + tests/test_tio.c: implement resizable I/O buffers and tune buffer + sizes to normal requests + * [r629] common/tio.c: always allocate the read and write buffers + and make the struct tio_buffer inline in struct tio_fileinfo + +2008-02-10 arthur + + * [r628] nslcd/myldap.c: replace the calls to ldap_explode_dn() and + ldap_explode_rdn() with a call to ldap_str2dn() resulting in much + simpler code + +2008-02-08 arthur + + * [r627] nslcd/cfg.c: only support "dns" and "domain" values on + platforms with the necessary functions available + * [r626] nslcd/ether.c: don't define struct ether_addr here, it was + moved to compat/ether.h + +2008-02-04 arthur + + * [r625] nslcd/myldap.c: make some changes to allow it to compile + on more platforms + * [r624] compat/Makefile.am, compat/ether.c, compat/ether.h, + configure.ac, nslcd/ether.c: provide replacements for + ether_aton_r() and ether_ntoa_r() for platforms that don't have + them + * [r623] configure.ac, nslcd/nslcd.c: only call + __nss_configure_lookup() if it is available, if it isn't the + platform is out of luck + * [r622] nslcd/myldap.h: defined LDAP_SCOPE_DEFAULT it's not + defined elsewhere + * [r621] nslcd/nslcd.c: fix missing casts + * [r620] nslcd/nslcd.c: actually include the compat header files + when needed + +2008-02-03 arthur + + * [r618] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for + 0.6 release + * [r617] configure.ac: also check for sasl2 library + * [r616] tests/test_myldap.c, tests/test_nsscmds.sh: add tests for + new LDAP lookups + * [r615] nslcd/attmap.c, nslcd/attmap.h, nslcd/group.c: support the + uniqueMember LDAP attribute that holds DN values (they are + translated with dn2uid() from passwd.c) + * [r614] debian/libnss-ldapd.postinst, debian/libnss-ldapd.postrm, + debian/rules: don't use dh_makeshlibs any more because we don't + need the shlibs file; call ldconfig from maintainer scripts + ourselves + * [r613] debian/rules: install the NSS library under /lib instead + of /usr/lib to make it easyer to unmount /usr if it's on a + separate filesystem + +2008-02-02 arthur + + * [r612] debian/rules: don't pass options to configure which are + not used + * [r611] configure.ac: remove --with-ngroups option because it + isn't used + * [r610] nslcd/common.h, nslcd/passwd.c: implement a dn2uid() + function to transform a DN into a username (looking inside the DN + or doing an LDAP lookup if neede) + * [r609] nslcd/myldap.c, nslcd/myldap.h: implement + myldap_cpy_rdn_value() function to copy rdn value into a buffer + (functionality like myldap_get_rdn_value()) + * [r608] nslcd/myldap.c: log and otherwise ignore errors in + ldap_parse_page_control() + * [r607] nslcd/myldap.c: fix copy-pasto + * [r606] nslcd/myldap.c: don't request paging when doing a search + with scope base and ignore errors of ldap_create_page_control() + * [r605] nslcd/myldap.c: reset LDAP error flag if ldap_get_values() + returned an error because some LDAP functions don't do this + correctly + +2008-02-01 arthur + + * [r604] nslcd/myldap.c: have proper checks and logs of all ldap + operations + * [r603] tests/test_group.c: enable _nss_ldap_initgroups_dyn() test + because it's working now + * [r602] nslcd-common.h: fix buffer size debug message + * [r601] nss/common.h, nss/hosts.c, nss/netgroup.c, nss/networks.c: + do not set errno (and h_errno) if we got the last entry from + get*ent() (this apparently is needed by coreutils' id and groups + commands) + * [r600] tests/Makefile.am: pagectrl module has moved + * [r599] tests/test_nsscmds.sh: test for hugegroup + * [r598] tests/test_nsscmds.sh: the groups command no longer lists + the username + * [r597] nss/common.c, nss/common.h, nss/group.c, nss/hosts.c, + nss/netgroup.c, nss/networks.c: remove the nslcd2nss() function + because it's not needed with the current protocol + * [r596] nss/common.h: fail with a permanent error if resetting the + stream failed to prevent indefinite retries + +2008-01-31 arthur + + * [r595] nslcd/myldap.c: defined LDAP_DEPRECATED to also have + definitions for deprecated functions + * [r594] compat/attrs.h: only define MUST_USE attribute if gcc + version is more recent than 3.4 + * [r593] debian/copyright: update copyright information + * [r592] compat/Makefile.am, compat/pagectrl.c, compat/pagectrl.h, + configure.ac, debian/copyright, nslcd/Makefile.am, + nslcd/myldap.c, nslcd/pagectrl.c, nslcd/pagectrl.h: move pagectrl + code into compat directory + * [r591] configure.ac: make comments lowercase for consistency + * [r590] tests/test_myldap.c: re-add test URIs that accidentally + got commented out in the last commit + * [r589] tests/Makefile.am, tests/test_cfg.c, tests/test_myldap.c, + tests/test_nsscmds.sh: pass the correct pthread flags for all + calls to compiler and linker and link in compat code, handle + other assert.h setups and avoid some ! in if statements in shell + scripts + * [r588] configure.ac: improve LDAP library autodetection and make + if statements consistent + * [r587] configure.ac: move finding of replacement functions to a + more logical place + * [r586] configure.ac: define extra macros to import system + extensions from system header files and remove duplicate check + for ldap_set_rebind_proc() + * [r585] configure.ac: test to see if the compiler supports certain + -W flags before using them + +2008-01-30 arthur + + * [r584] nslcd/ether.c: include stdint.h + * [r583] nslcd.h, nslcd/ether.c, nss/ethers.c: use uint8_t instead + of u_int8_t because the former seems to be available on more + platforms + * [r582] INSTALL, depcomp, install-sh: update some files from + recent automake + * [r581] compat/Makefile.am, compat/daemon.c, compat/daemon.h, + compat/getopt_long.c, compat/getopt_long.h, configure.ac: provide + replacement functions for daemon() and getopt_long() when they + are not available on the system + * [r580] configure.ac: remove duplicate warning flags + * [r579] compat/attrs.h: define __STRING() if it's not defined by + the system + * [r578] tests/test_tio.c: include errno in assertion statement + * [r577] compat/getpeercred.c: some fixes for LOCAL_PEERCRED (still + untested) + +2008-01-27 arthur + + * [r576] AUTHORS, debian/po/de.po: updated German (de) translation + of debconf templates by Erik Schanze + * [r575] compat/ldap.h, nslcd/Makefile.am, nslcd/myldap.c: + integrate some compatibility code into myldap.c, the only place + it's used + * [r573] nslcd/myldap.c: work around some LDAP libraries not having + all options + * [r572] configure.ac, nslcd/myldap.h: on some systems lber.h needs + to be included before ldap.h + * [r571] common/tio.c, nslcd-common.h, nslcd/nslcd.c, nss/common.c, + tests/test_tio.c: when including stdint.h check if we actually + have it + * [r570] nslcd/pagectrl.c, nslcd/pagectrl.h: correct #endif comment + +2008-01-26 arthur + + * [r569] nslcd/cfg.c: have a fallback value for HOST_NAME_MAX if it + is not defined + * [r568] tests/test_nsscmds.sh: handle the case where + /etc/nss-ldapd.conf does not exist a little more graceful + * [r567] nslcd/nslcd.c: log error when getpeercred() returned + nothing + * [r566] compat/getpeercred.c, compat/getpeercred.h, configure.ac: + add (untested) support for the Solaris getpeerucred() function + * [r565] Makefile.am, compat, compat/Makefile.am, + compat/getpeercred.c, compat/getpeercred.h, configure.ac, + nslcd/Makefile.am, nslcd/nslcd.c: move code to get information + from socket peer to the compat directory because it is very + platform specific + * [r564] tests/test_myldap.c, tests/test_nsscmds.sh, + tests/test_tio.c: somewhat improve the output from the tests + * [r563] nslcd/cfg.c: fix marsing of map statement + * [r562] tests/test_cfg.c: also test map filter and scope + configuration options + +2008-01-16 arthur + + * [r561] nslcd/cfg.c: fix problem in map statement end-of-line + handling + * [r560] tests/test_cfg.c: add a test for the map statement + +2008-01-03 arthur + + * [r559] nslcd/nslcd.c: close connections in worker threads at + program termination + * [r558] nslcd/nslcd.c: make code a little more compact, don't + include debug twice in the log message and remove the + capabilities code because it will probably never be used + * [r557] tests/test_nsscmds.sh: support the case where + is in + /etc/group + * [r556] nss/aliases.c, nss/common.h, nss/ethers.c, nss/group.c, + nss/hosts.c, nss/netgroup.c, nss/networks.c, nss/passwd.c, + nss/protocols.c, nss/rpc.c, nss/services.c, nss/shadow.c: only + start the NSLCD_ACTION_*_ALL requests with the first call to + getent() instead of with setent() to avoid unneeded requests if + compat is used (except with netgroups) + * [r555] nslcd/passwd.c, nss/prototypes.h: update copyright year + * [r554] tests/test_nsscmds.sh: get the number of groups and + services from files in /etc for comparison + * [r553] nslcd/passwd.c: do not warn about missing loginShell + attribute because it is not mandatory + * [r552] nss/group.c: increment value that is pointed to, not the + pointer (fixes segfault) + +2008-01-02 arthur + + * [r551] nslcd/common.h: immediatly bail out if write entity + function failed (prevents numerous "error writing to client" + messages from filling up the logs) + +2008-01-01 arthur + + * [r550] tests/test_nsscmds.sh: check to see if nslcd is running + and add test for a large group (100 members) + * [r549] nss/exports.linux, nss/group.c, nss/prototypes.h: enable + the _nss_ldap_initgroups_dyn() function that is now implemented + in nslcd + * [r548] nss/common.h: use the new tio_mark()/tio_reset() functions + to support retries of the getent() functions when + NSS_STATUS_TRYAGAIN would be returned + * [r547] common/tio.c, common/tio.h, tests/test_tio.c: add limited + implementation of tio_mark() and tio_reset() functions to do + limited seeks in the read stream, clean up header file comments + and write tests for new code + diff --git a/ChangeLog-2009 b/ChangeLog-2009 new file mode 100644 index 0000000..8c39f22 --- /dev/null +++ b/ChangeLog-2009 @@ -0,0 +1,711 @@ +2009-12-29 arthur + + * [r1046] nslcd/cfg.h, nslcd/myldap.c: some small simplifcations + and clarifications + +2009-12-28 arthur + + * [r1044] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get + files ready for 0.7.2 release + * [r1043] debian/nslcd.postrm: fix removal of old configuration + file (thanks piuparts) + * [r1042] debian/control: fix Conflicts relationship + * [r1041] common/Makefile.am, common/expr.c, common/expr.h, + man/nslcd.conf.5.xml, nslcd.conf, nslcd/Makefile.am, + nslcd/attmap.c, nslcd/attmap.h, nslcd/cfg.c, nslcd/passwd.c, + nslcd/shadow.c, tests, tests/Makefile.am, tests/test_cfg.c, + tests/test_common.c, tests/test_expr.c, tests/test_myldap.c: + implement attribute mapping using shell-like expressions + * [r1040] nss/networks.c: fix missing argument (problem in r1039) + * [r1039] nss/networks.c: Glibc changed the addr parameter of + getnetbyaddr_r() from network-byte-order to host-byte-order + * [r1038] tests/test_nsscmds.sh: preload our own NSS module for + tests + * [r1037] common/nslcd-prot.h: WRITE_STRINGLIST(): properly handle + the case where the list is null (result of change in r1028) + +2009-12-27 arthur + + * [r1036] nslcd/shadow.c: fix log message + * [r1035] nslcd/group.c: fix comment + * [r1034] debian/po/it.po: updated Italian (it) translation of + debconf templates by Vincenzo Campanella + +2009-12-21 arthur + + * [r1033] configure.ac: remove -Wunreachable-code because it was + turning up too many false positives (our use of macros, system + string functions, etc) + * [r1032] nss/prototypes.h: also use compat/ether.h for nss + functions + * [r1031] configure.ac: include the same headers in configure as in + compat/ether.h + +2009-12-13 arthur + + * [r1028] common/dict.c, common/dict.h, common/set.c, common/set.h, + nslcd/group.c, nslcd/myldap.c, tests/test_dict.c, + tests/test_set.c: change dict and set API to perform loops with a + list of strings instead of loop_first() and loop_next() functions + +2009-12-06 arthur + + * [r1027] debian/control: recommend libpam-krb5 als an alternative + to libpam-ldapd for Kerberos environments + +2009-11-14 arthur + + * [r1024] debian/po/it.po: updated Italian (it) translation of + debconf templates by Vincenzo Campanella + +2009-11-13 arthur + + * [r1023] configure.ac: fix lber library check for function we + actually use and another small reorganisation + +2009-11-11 arthur + + * [r1022] configure.ac: simplify structure of configure script and + see if -llber is needed + +2009-11-02 arthur + + * [r1017] configure.ac: fix PAM library check for systems without + pam_get_authtok() + +2009-11-01 arthur + + * [r1016] configure.ac: fail in configure if PAM functionality is + missing + * [r1015] tests/test.ldif.gz, tests/test_nsscmds.sh: add test case + for comma in DN attribute value + * [r1014] nslcd/alias.c, nslcd/ether.c, nslcd/group.c, + nslcd/host.c, nslcd/netgroup.c, nslcd/network.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c: + give search filter escaping buffers more logical names + * [r1013] nslcd/group.c: also do proper escaping in + mkfilter_group_bymember() + * [r1012] nslcd/myldap.c: also log uri when ldap_start_tls_s() + fails + * [r1011] configure.ac: make --disable-* configure options default + values clearer + +2009-10-20 arthur + + * [r1009] ChangeLog, NEWS, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get + files ready for 0.7.1 release + +2009-10-17 arthur + + * [r1008] compat/Makefile.am, compat/pam_compat.h, + compat/pam_get_authtok.c, configure.ac, pam/Makefile.am, + pam/pam.c: provide a replacement for the pam_get_authtok() + functions for systems without it + * [r1007] compat/Makefile.am, compat/ldap_compat.h, + compat/ldap_initialize.c, compat/ldap_passwd_s.c, + compat/pagectrl.c, compat/pagectrl.h, configure.ac, + nslcd/myldap.c: provide replacement functions for + ldap_initialize() and ldap_passwd_s() and centralise LDAP + compatibility hacks into ldap_compat.h + * [r1006] compat/ether.c: also provide some function definitions + for ether_ntoa() and ether_aton() because definitions seem to be + missing on some platforms + +2009-10-11 arthur + + * [r1005] nslcd/common.h: make NSLCD_HANDLE_PARAMS() macro simpler + and not have empty argument + * [r1004] configure.ac, pam/pam.c: only include security/pam_ext.h + for systems that have it + +2009-10-08 arthur + + * [r1003] configure.ac, nslcd/myldap.c: fix some header checks in + configure and fix ldap_set_rebind_proc() return type check + * [r1002] nss/common.h: don't pass an empty parameter to a macro + * [r1001] configure.ac, nss/Makefile.am: re-organise configure + script and only run tests for parts that are enabled + +2009-10-07 arthur + + * [r1000] debian/libpam-ldapd.pam-auth-update, man/pam_ldap.8.xml, + nslcd/myldap.c, nslcd/myldap.h, nslcd/nslcd.c, nslcd/pam.c, + pam/pam.c: implement password changing in the PAM module by + performing an LDAP password modify EXOP request + * [r999] common/nslcd-prot.h: fix the case where the string passed + to WRITE_STRING() is an expression + +2009-10-05 arthur + + * [r998] configure.ac, nslcd/cfg.c, nslcd/cfg.h, nslcd/myldap.c, + pam/pam.c: some compatibility improvements + +2009-09-29 arthur + + * [r997] pam/pam.c: fix return of authorisation check (patch by + Howard Chu ) + +2009-09-27 arthur + + * [r996] debian/po/vi.po: updated Vietnamese (vi) translation of + debconf templates by Clytie Siddall + * [r995] nslcd/common.h: log reading and writing errors with errno + message + +2009-09-24 arthur + + * [r994] debian/po/vi.po: partially updated Vietnamese (vi) + translation of debconf templates by Clytie Siddall + + * [r993] pam/pam.c: general code cleanup and add missing casts and + includes + * [r992] nslcd/pam.c: fix for problem when authenticating to LDAP + entries without a uid attribute + +2009-09-13 arthur + + * [r991] debian/po/de.po: updated German (de) translation of + debconf templates by Erik Schanze + +2009-09-08 arthur + + * [r990] configure.ac: add the possibility to specify + --disable-maintainer-mode + * [r989] debian/nslcd.config: fix "Use StartTLS?" debconf question + when no ssl option is defined in the config + +2009-09-04 arthur + + * [r987] ChangeLog, Makefile.am, NEWS, configure.ac, debian/NEWS, + debian/changelog, man/nslcd.8.xml, man/nslcd.conf.5.xml, + man/pam_ldap.8.xml: get files ready for 0.7.0 release + * [r986] configure.ac, nslcd/cfg.c, nslcd/common.c, + nss/prototypes.h: some simple changes in includes to make FreeBSD + diff smaller + +2009-09-01 arthur + + * [r985] configure.ac, nslcd/cfg.c: add a + --disable-configfile-checking option to configure to cause + unknown options to be ignored from the configuration + * [r984] configure.ac: fix help message to indicate that PAM module + is built by default + * [r983] man/nslcd.conf.5.xml, nslcd/cfg.c: lower the default + values for bind_timelimit and reconnect_maxsleeptime from 30 to + 10 seconds + * [r982] Makefile.am: fix generation of ChangeLog + * [r981] .: rename trunk to nss-pam-ldapd + +2009-08-31 arthur + + * [r980] Makefile.am, README, configure.ac, + debian/libnss-ldapd.config, debian/nslcd.config, + debian/nslcd.examples, debian/nslcd.init, debian/nslcd.postinst, + debian/nslcd.postrm, debian/nslcd.templates, debian/po/ca.po, + debian/po/cs.po, debian/po/da.po, debian/po/de.po, + debian/po/es.po, debian/po/fi.po, debian/po/fr.po, + debian/po/gl.po, debian/po/it.po, debian/po/ja.po, + debian/po/nl.po, debian/po/pt.po, debian/po/pt_BR.po, + debian/po/ru.po, debian/po/sv.po, debian/po/templates.pot, + debian/po/vi.po, debian/po/zh_CN.po, debian/rules, man, + man/Makefile.am, man/nslcd.8.xml, man/nslcd.conf.5.xml, + man/nss-ldapd.conf.5.xml, man/pam_ldap.8.xml, nslcd.conf, + nslcd/nslcd.c, nss-ldapd.conf, tests/Makefile.am, tests/README, + tests/nslcd-test.conf, tests/nss-ldapd-test.conf, + tests/test_myldap.c, tests/test_myldap.sh, + tests/test_nslcd_group.c, tests/test_nsscmds.sh: rename + configfile to /etc/nslcd.conf and make debian packaging copy the + file to the new name on upgrade + * [r979] INSTALL, autogen.sh, compile, depcomp, install-sh, + missing, mkinstalldirs: upgrade to using automake 1.11 + * [r978] ., HACKING, README, common/dict.c, common/dict.h, + common/set.c, common/set.h, common/tio.c, common/tio.h, + compat/getpeercred.c, compat/getpeercred.h, compat/pagectrl.c, + compat/pagectrl.h, configure.ac, debian/control, + debian/copyright, debian/nslcd.config, debian/nslcd.init, + debian/nslcd.postinst, debian/nslcd.templates, debian/po/ca.po, + debian/po/cs.po, debian/po/da.po, debian/po/de.po, + debian/po/es.po, debian/po/fi.po, debian/po/fr.po, + debian/po/gl.po, debian/po/it.po, debian/po/ja.po, + debian/po/nl.po, debian/po/pt.po, debian/po/pt_BR.po, + debian/po/ru.po, debian/po/sv.po, debian/po/templates.pot, + debian/po/vi.po, debian/po/zh_CN.po, nslcd.h, nslcd/alias.c, + nslcd/attmap.c, nslcd/attmap.h, nslcd/cfg.c, nslcd/cfg.h, + nslcd/common.c, nslcd/common.h, nslcd/ether.c, nslcd/group.c, + nslcd/host.c, nslcd/myldap.c, nslcd/myldap.h, nslcd/netgroup.c, + nslcd/network.c, nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, + nslcd/service.c, nslcd/shadow.c, tests/README, tests/test_cfg.c, + tests/test_common.c, tests/test_dict.c, tests/test_getpeercred.c, + tests/test_myldap.c, tests/test_nsscmds.sh, tests/test_set.c, + tests/test_tio.c: rename software to nss-pam-ldapd + * [r977] debian/control: upgrade to standards-version 3.8.3 (no + changes needed) + * [r975] Makefile.am, debian/control, debian/libnss-ldapd.config, + debian/libnss-ldapd.docs, debian/libnss-ldapd.examples, + debian/libnss-ldapd.install, debian/libnss-ldapd.nslcd.init, + debian/libnss-ldapd.postinst, debian/libnss-ldapd.postrm, + debian/libnss-ldapd.templates, debian/libpam-ldapd.install, + debian/libpam-ldapd.pam-auth-update, + debian/libpam-ldapd.postinst, debian/libpam-ldapd.prerm, + debian/nslcd.config, debian/nslcd.docs, debian/nslcd.examples, + debian/nslcd.init, debian/nslcd.install, debian/nslcd.postinst, + debian/nslcd.postrm, debian/nslcd.templates, + debian/po/POTFILES.in, debian/po/ca.po, debian/po/cs.po, + debian/po/da.po, debian/po/de.po, debian/po/es.po, + debian/po/fi.po, debian/po/fr.po, debian/po/gl.po, + debian/po/it.po, debian/po/ja.po, debian/po/nl.po, + debian/po/pt.po, debian/po/pt_BR.po, debian/po/ru.po, + debian/po/sv.po, debian/po/templates.pot, debian/po/vi.po, + debian/po/zh_CN.po, debian/rules: split into binary packages + libnss-ldapd, libpam-ldapd and nslcd packages, using a patch for + libpam-ldap by Steve Langasek for the + libpam-ldapd package + * [r974] debian/libnss-ldapd.nslcd.init: patch by Petter + Reinholdtsen to fix init script to start before + autofs + +2009-08-16 arthur + + * [r973] config.guess, config.sub: include updated files + * [r972] Makefile.am, configure.ac: enable building PAM module by + default + * [r971] nslcd.h: remove development warning + * [r970] man, man/Makefile.am, man/pam_ldap.8.xml: add basic + pam_ldap manual page + +2009-08-12 arthur + + * [r969] nslcd/common.h, nslcd/nslcd.c, nslcd/passwd.c: don't + return password hashes at all for non-root users, based on a + patch by Alexander V. Chernikov + +2009-07-18 arthur + + * [r968] debian/po/gl.po: updated Galician (gl) translation of + debconf ates by Marce Villarino + +2009-07-12 arthur + + * [r966] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for + 0.6.11 release + * [r965] debian/po/fr.po: updated French (fr) translation of + debconf templates by Christian Perrier + +2009-07-10 arthur + + * [r962] debian/po/cs.po: updated Czech (cs) translation of debconf + templates by Miroslav Kure + +2009-07-04 arthur + + * [r961] debian/po/cs.po: unfuzzy translations that were due to + fixes in the English template + * [r960] debian/po/cs.po: updated Czech (cs) translation of debconf + templates by Miroslav Kure + * [r959] debian/po/pt.po: updated Portuguese (pt) translation of + debconf templates by Américo Monteiro + +2009-07-02 arthur + + * [r958] debian/po/es.po: updated Spanish (es) translation of + debconf templates by Francisco Javier Cuadrado + + +2009-06-29 arthur + + * [r957] nslcd/group.c: fix off by one error in the maximum number + of gidNumber attributes in an LDAP group entry + * [r956] nslcd/passwd.c: fix off by one error in the maximum number + of uidNumber attributes in an LDAP entry (thanks to David + Binderman for finding this) + +2009-06-27 arthur + + * [r955] debian/po/sv.po: updated Swedish (sv) translation of + debconf templates by Martin Ågren + * [r954] debian/control: upgrade to standards-version 3.8.2 (no + changes needed) + * [r953] debian/po/ru.po: updated Russian (ru) translation of + debconf templates by Yuri Kozlov + +2009-06-26 arthur + + * [r951] debian/control: add missing slash to homepage + +2009-06-24 arthur + + * [r950] debian/po/ja.po: updated Japanese (ja) translation of + debconf templates by Kenshi Muto + * [r949] debian/po/fi.po: updated Finnish (fi) translation of + debconf templates by Esko Arajärvi + +2009-06-23 arthur + + * [r948] debian/libnss-ldapd.templates, debian/po/ca.po, + debian/po/cs.po, debian/po/da.po, debian/po/de.po, + debian/po/es.po, debian/po/fi.po, debian/po/fr.po, + debian/po/gl.po, debian/po/it.po, debian/po/ja.po, + debian/po/nl.po, debian/po/pt.po, debian/po/pt_BR.po, + debian/po/ru.po, debian/po/sv.po, debian/po/templates.pot, + debian/po/vi.po, debian/po/zh_CN.po: change reqcert choice + description and make choices translatable + * [r947] debian/po/zh_CN.po: added Simplified Chinese (zh_CN) + translation of debconf templates by zym + +2009-06-22 arthur + + * [r946] debian/po/fi.po: fix non-ascii characters that got lost + when importing the file + +2009-06-21 arthur + + * [r945] debian/libnss-ldapd.templates, debian/po/ca.po, + debian/po/cs.po, debian/po/da.po, debian/po/de.po, + debian/po/es.po, debian/po/fi.po, debian/po/fr.po, + debian/po/gl.po, debian/po/it.po, debian/po/ja.po, + debian/po/nl.po, debian/po/pt.po, debian/po/pt_BR.po, + debian/po/ru.po, debian/po/sv.po, debian/po/templates.pot, + debian/po/vi.po: improvements to debconf templates (English + language review by Justin B Rye + +2009-06-20 arthur + + * [r944] debian/po/ca.po, debian/po/cs.po, debian/po/da.po, + debian/po/de.po, debian/po/es.po, debian/po/fi.po, + debian/po/fr.po, debian/po/gl.po, debian/po/it.po, + debian/po/ja.po, debian/po/nl.po, debian/po/pt.po, + debian/po/pt_BR.po, debian/po/ru.po, debian/po/sv.po, + debian/po/templates.pot, debian/po/vi.po: update debconf + translation files + * [r943] debian/libnss-ldapd.config, debian/libnss-ldapd.postinst, + debian/libnss-ldapd.templates: make configuring SSL/TLS possible + with debconf + * [r942] nslcd/cfg.c: also support starttls as value for the ssl + option + +2009-06-19 arthur + + * [r941] debian/libnss-ldapd.templates, debian/po/ca.po, + debian/po/cs.po, debian/po/da.po, debian/po/de.po, + debian/po/es.po, debian/po/fi.po, debian/po/fr.po, + debian/po/gl.po, debian/po/it.po, debian/po/ja.po, + debian/po/nl.po, debian/po/pt.po, debian/po/pt_BR.po, + debian/po/ru.po, debian/po/sv.po, debian/po/templates.pot, + debian/po/vi.po: rephrase LDAP server URI question based on + pam_ldap's new debconf templates + * [r940] debian/libnss-ldapd.templates, debian/po/ca.po, + debian/po/cs.po, debian/po/da.po, debian/po/de.po, + debian/po/es.po, debian/po/fi.po, debian/po/fr.po, + debian/po/gl.po, debian/po/it.po, debian/po/ja.po, + debian/po/nl.po, debian/po/pt.po, debian/po/pt_BR.po, + debian/po/ru.po, debian/po/sv.po, debian/po/templates.pot, + debian/po/vi.po: fix wrapping, use of double spaces and unfuzzy + translations + +2009-06-14 arthur + + * [r939] debian/control: fix Vcs-Browser link + +2009-06-12 arthur + + * [r938] AUTHORS, HACKING, README, configure.ac, debian/control, + debian/copyright, man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: + replace references to ch.tudelft.nl with arthurdejong.org + * [r937] nslcd/nslcd.c: make error message a little clearer + +2009-06-06 arthur + + * [r934] README, nslcd/alias.c, nslcd/ether.c, nslcd/group.c, + nslcd/netgroup.c, nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, + nslcd/service.c, nslcd/shadow.c, tests/test_nsscmds.sh: implement + case-sensitive filtering for group, netgroup, passwd, protocols, + rpc, services and shadow lookups + * [r933] tests/README: fix wrapping + * [r932] HACKING, tests/README, tests/test.ldif.gz, + tests/test_nsscmds.sh: update and document test suite + * [r931] nss/group.c: fix buffer check for user to groups mapping + function + * [r930] configure.ac: add --disable-sasl and --disable-kerberos + configure options + +2009-06-04 arthur + + * [r929] nslcd/myldap.c: also compile correctly if + HAVE_LDAP_SASL_INTERACTIVE_BIND_S is not set + * [r928] configure.ac: let configure --help show the correct + behaviour + +2009-06-03 arthur + + * [r926] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for + 0.6.10 release + * [r925] nslcd/cfg.c: remove SSL/TLS warning messages during + startup + * [r924] README: add note about creating a user to run nslcd + * [r923] nslcd/Makefile.am, nslcd/common.h, nslcd/nslcd.c, + nslcd/pam.c: import preliminary version of PAM functionality into + nslcd + * [r922] nslcd/common.h, nslcd/passwd.c: make lookup_dn2uid() + available to other modules and split uid2dn() into uid2entry() + and uid2dn() (from nss-pam-ldapd branch) + * [r921] nslcd/myldap.c, nslcd/myldap.h: implement + myldap_set_credentials() and myldap_cpy_dn() which will be used + in the PAM lookups (from nss-pam-ldapd branch) + * [r920] pam/pam.c: remove trailing spaces + * [r919] nslcd.h, pam/pam.c: change PAM authorisation request to + also include ruser, rhost and tty (based on OpenLDAP cvs, r916 in + nss-pam-ldapd branch) + * [r917] debian/control: add Richard A Nelson (Rick) + to uploaders + +2009-06-01 arthur + + * [r914] HACKING, README, man/nss-ldapd.conf.5.xml, nss-ldapd.conf: + clean up documentation + +2009-05-30 arthur + + * [r910] nslcd/cfg.c: don't look inside the passed variable + get_strdup() because it could point to uninitialized memory + +2009-05-29 arthur + + * [r908] pam/common.h, pam/pam.c: partially refactor to follow + local coding convention and introduce READ_PAM_CODE macro (r896 + from nss-pam-ldapd) + * [r907] pam/pam.c: tabs to spaces (r889 from nss-pam-ldapd) + * [r906] pam/common.h, pam/pam.c: make request-response functions + simpler (r888 from nss-pam-ldapd) + * [r905] common/Makefile.am: remove unneeded EXTRA_DIST + * [r904] Makefile.am, common/Makefile.am, common/nslcd-prot.c, + common/nslcd-prot.h, nslcd-common.h, nslcd/Makefile.am, + nslcd/alias.c, nslcd/common.h, nslcd/ether.c, nslcd/group.c, + nslcd/host.c, nslcd/netgroup.c, nslcd/network.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c, + nss/Makefile.am, nss/aliases.c, nss/common.c, nss/common.h, + nss/ethers.c, nss/group.c, nss/hosts.c, nss/netgroup.c, + nss/networks.c, nss/passwd.c, nss/protocols.c, nss/rpc.c, + nss/services.c, nss/shadow.c, pam/Makefile.am, pam/common.h, + pam/pam.c, tests/Makefile.am: refactor protocol reading and + writing macros to the common directory, use more logical names + and in the PAM module no longer use NSS status codes (import of + r887 from nss-pam-ldapd) + * [r903] tests/Makefile.am: add missing objects to test programs + +2009-05-24 arthur + + * [r895] man/nss-ldapd.conf.5.xml: document that you can specify + base option multiple times + * [r894] Makefile.am: also build PAM module for make distcheck + * [r893] nslcd/alias.c, nslcd/cfg.c, nslcd/common.h, nslcd/ether.c, + nslcd/group.c, nslcd/host.c, nslcd/netgroup.c, nslcd/network.c, + nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, + nslcd/shadow.c: initialise database modules only once after + parsing config + * [r892] AUTHORS, nslcd/alias.c, nslcd/attmap.c, nslcd/cfg.c, + nslcd/cfg.h, nslcd/common.h, nslcd/ether.c, nslcd/group.c, + nslcd/host.c, nslcd/netgroup.c, nslcd/network.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c, + tests/test_cfg.c, tests/test_myldap.c: support multiple search + bases, partially based on a patch by Leigh Wedding + + * [r891] AUTHORS: don't mention Howard Chu twice + +2009-05-23 arthur + + * [r890] debian/po/fi.po: added Finnish (fi) translation of debconf + templates by Esko Arajärvi + +2009-05-16 arthur + + * [r885] nss/common.h, pam/pam.c: quick fix for building PAM module + +2009-05-09 arthur + + * [r881] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for + 0.6.9 release + * [r880] debian/libnss-ldapd.postinst: if base is blank disable the + base option to let nslcd attempt search base autodiscovery + * [r879] nss/common.h: also close any open stream on buffer error + * [r878] nss/common.h, nss/group.c: check the buffer passed by + Glibc for validity + * [r877] nslcd-common.h: make sure that when writing a list of + strings the number of strings is always checked when excluding an + entry + * [r876] ., AUTHORS, Makefile.am, configure.ac, debian, + debian/copyright, nslcd.h, pam: import the PAM module from the + nss-ldapd branch (r875) based on the OpenLDAP nssov tree and + allow configuring which modules should be built (PAM module + disabled by default) + * [r872] configure.ac, nslcd/nslcd.c: according to autoupdate + RETSIGTYPE can be considered void always + +2009-05-08 arthur + + * [r868] debian/copyright: aggregate years + +2009-05-07 arthur + + * [r867] INSTALL, config.guess, config.sub: include updated files + * [r864] nslcd.h, nslcd/netgroup.c, nss/netgroup.c: prefix + NETGROUP_TYPE macros with NSLCD_ + * [r861] debian/po/gl.po: added Galician (gl) translation of + debconf templates by Marce Villarino + +2009-05-06 arthur + + * [r860] debian/po/es.po: updated Spanish (es) translation of + debconf templates by Francisco Javier Cuadrado + + +2009-05-05 arthur + + * [r859] debian/po/ru.po: updated Russian (ru) translation of + debconf templates by Yuri Kozlov + * [r858] debian/po/ru.po: convert translation to UTF-8 + +2009-05-03 arthur + + * [r857] debian/po/sv.po: updated Swedish (sv) translation of + debconf templates by Martin Ågren + +2009-05-02 arthur + + * [r856] debian/po/fr.po: updated French (fr) translation of + debconf templates by Guillaume Delacour + +2009-05-01 arthur + + * [r855] debian/po/it.po: fix incorrect references to nss-ldap + (without the d at the end) + * [r854] man/nslcd.8.xml: document that you can specify -d multiple + times + * [r853] nslcd/cfg.c, nslcd/cfg.h, nslcd/myldap.c: set most SSL/TLS + related options globally instead of per connection + +2009-04-30 arthur + + * [r852] nslcd/cfg.c, nslcd/cfg.h, nslcd/myldap.c, nslcd/myldap.h, + nslcd/nslcd.c: move debugging initialisation to + myldap_set_debuglevel() function + +2009-04-27 arthur + + * [r851] debian/po/it.po: added Italian (it) translation of debconf + templates by Vincenzo Campanella + +2009-04-25 arthur + + * [r850] nslcd/myldap.c: produce more logging and get OpenLDAP + logging working by logging to stderr (and implement temporary + workaround for reqcert problems) + * [r849] nslcd/cfg.h: include ldap.h to ensure that struct + ldap_config will be the same in every file + * [r848] nslcd/myldap.c: clear errno before ldap calls to get + usable returned errno + * [r847] debian/po/pt.po: updated Portuguese (pt) translation of + debconf templates by Américo Monteiro + +2009-04-22 arthur + + * [r846] debian/libnss-ldapd.templates, debian/po/ca.po, + debian/po/cs.po, debian/po/da.po, debian/po/de.po, + debian/po/es.po, debian/po/fr.po, debian/po/ja.po, + debian/po/nl.po, debian/po/pt.po, debian/po/pt_BR.po, + debian/po/ru.po, debian/po/sv.po, debian/po/templates.pot, + debian/po/vi.po: fix spelling in English debconf template (thanks + Vincenzo Campanella) + * [r845] debian/po/ja.po: updated Japanese (ja) translation of + debconf templates by Kenshi Muto + * [r844] debian/po/da.po: updated Danish (da) translation of + debconf templates by Jonas Smedegaard + +2009-04-21 arthur + + * [r843] debian/libnss-ldapd.postrm, debian/libnss-ldapd.templates, + debian/po/ca.po, debian/po/cs.po, debian/po/da.po, + debian/po/de.po, debian/po/es.po, debian/po/fr.po, + debian/po/ja.po, debian/po/nl.po, debian/po/pt.po, + debian/po/pt_BR.po, debian/po/ru.po, debian/po/sv.po, + debian/po/templates.pot, debian/po/vi.po: ask on removal and on + purge whether to edit /etc/nsswitch.conf and remove ldap entries + +2009-04-19 arthur + + * [r834] nslcd.h, nslcd/alias.c, nslcd/ether.c, nslcd/group.c, + nslcd/host.c, nslcd/netgroup.c, nslcd/network.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c, + nss/common.h, nss/group.c: clear up protocol description in + nslcd.h, renaming NSLCD_RESULT_SUCCESS to NSLCD_RESULT_BEGIN + +2009-04-17 arthur + + * [r830] nslcd.h: include definitions of PAM-related actions from + current OpenLDAP work in nssov + * [r829] debian/libnss-ldapd.postrm: fix spelling in comment + +2009-04-04 arthur + + * [r828] debian/libnss-ldapd.postrm: remove /var/run/nslcd on + package removal + +2009-03-31 arthur + + * [r827] debian/changelog: add CVE identifier + +2009-03-22 arthur + + * [r825] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for + 0.6.8 release + * [r824] README, debian/copyright: update copyright year + * [r823] nslcd/nslcd.c: update copyright year + * [r822] debian/compat, debian/control, debian/rules: upgrade to + debhelper compatibility level 7 + * [r821] debian/control: upgrade to standards-version 3.8.1 (no + changes needed) + * [r820] Makefile.am, debian/libnss-ldapd.lintian-overrides, + debian/rules: add lintian override for missing shlibs and symbols + control files (we are a shared library that should not be + directly linked to) + +2009-03-21 arthur + + * [r818] NEWS: fix version numbers in NEWS file + * [r817] nss-ldapd.conf: add a note about permissions of + nss-ldapd.conf when using the bindpw option + * [r816] debian/libnss-ldapd.postinst: instead of bindpw check + always create config file with proper permissions and fix + permissions once on upgrade + +2009-03-20 arthur + + * [r814] debian/libnss-ldapd.postinst: add bindpw-related warning + message to default installed config file + * [r813] debian/libnss-ldapd.postinst: fix permissions of + configfile if passwords are stored + +2009-03-15 arthur + + * [r812] debian/control: follow change in override file + +2009-02-27 arthur + + * [r811] debian/control: use misc:Depends to generate debconf + dependency + * [r810] nslcd/common.c: check user and group names against + LOGIN_NAME_MAX if it is defined + * [r809] man/Makefile.am: generate utf-8 encoded manual page (no + non-ascii characters used at the moment) + * [r808] nslcd/passwd.c: add some more documentation + +2009-01-30 arthur + + * [r807] compat/getpeercred.c: fix for getpeercred() on Solaris by + David Bartley + diff --git a/ChangeLog-2010 b/ChangeLog-2010 new file mode 100644 index 0000000..3adbb47 --- /dev/null +++ b/ChangeLog-2010 @@ -0,0 +1,934 @@ +2010-12-30 arthur + + * [r1358] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get + files ready for 0.8.0 release + * [r1357] README, debian/copyright: update copyright information + * [r1356] debian/po/ca.po, debian/po/cs.po, debian/po/da.po, + debian/po/de.po, debian/po/es.po, debian/po/fi.po, + debian/po/fr.po, debian/po/gl.po, debian/po/it.po, + debian/po/ja.po, debian/po/nb.po, debian/po/nl.po, + debian/po/pt.po, debian/po/pt_BR.po, debian/po/ru.po, + debian/po/sv.po, debian/po/templates.pot, debian/po/vi.po, + debian/po/zh_CN.po: run debconf-updatepo (new and updated + templates) + * [r1355] debian/po/ca.po, debian/po/cs.po, debian/po/da.po, + debian/po/de.po, debian/po/es.po, debian/po/fi.po, + debian/po/fr.po, debian/po/gl.po, debian/po/it.po, + debian/po/ja.po, debian/po/nb.po, debian/po/nl.po, + debian/po/pt.po, debian/po/pt_BR.po, debian/po/ru.po, + debian/po/sv.po, debian/po/vi.po, debian/po/zh_CN.po: put headers + of .po files in a consistent format + * [r1354] ., AUTHORS, HACKING, README, configure.ac, + debian/copyright, nss/Makefile.am, nss/common.h, nss/ethers.c, + nss/exports.solaris, nss/group.c, nss/hosts.c, nss/netgroup.c, + nss/networks.c, nss/passwd.c, nss/protocols.c, nss/prototypes.h, + nss/rpc.c, nss/services.c, nss/shadow.c, nss/solnss.c: integrate + Solaris support developed by Ted C. Cheng of Symas Corporation + that was developed on the -solaris branch + +2010-12-29 arthur + + * [r1348] Makefile.am, pam/Makefile.am: fix distcheck by passing + --with-pam-seclib-dir to configure and remove unneeded slashes + * [r1347] Makefile.am, configure.ac, py-compile, pynslcd, + pynslcd/Makefile.am, pynslcd/alias.py, pynslcd/cfg.py, + pynslcd/common.py, pynslcd/config.py.in, pynslcd/debugio.py, + pynslcd/ether.py, pynslcd/group.py, pynslcd/mypidfile.py, + pynslcd/pam.py, pynslcd/passwd.py, pynslcd/pynslcd.py, + pynslcd/shadow.py, pynslcd/tio.py: add an experimental (currently + partial) Python implementation of nslcd to see if we can get the + same features with easier to maintain code + +2010-12-28 arthur + + * [r1346] man/nslcd.conf.5.xml, nslcd/attmap.c, nslcd/common.c, + nslcd/common.h, nslcd/group.c, nslcd/passwd.c, nslcd/shadow.c: + allow attribute mapping with an expression for the userPassword + attribute for passwd, group and shadow entries and by default map + it to the unmatchable password ("*") to avoid accidentally + leaking password information + +2010-12-26 arthur + + * [r1345] nslcd/common.h, nslcd/myldap.c, nslcd/myldap.h, + nslcd/pam.c, nslcd/shadow.c: try to update the shadowLastChange + attribute of a user on password change (the update is only tried + if the attribute is present to begin with) + * [r1344] common/tio.c: return connection reset when connection was + closed by the other end + * [r1343] tests/nslcd-test.conf: paging isn't supported by OpenLDAP + when chasing referrals + * [r1342] nslcd/cfg.c: also support the tls_cacert option as an + alias for tls_cacertfile + * [r1341] man/nslcd.conf.5.xml: add notes on ignored options when + using GnuTLS (based on #513270 which was reported against the + openldap package by Peter Palfrader) + +2010-12-24 arthur + + * [r1340] nslcd/common.c: also support tilde (~) in user and group + names, except as first character + * [r1339] nslcd/common.c: make logic of character tests easier to + read + +2010-12-20 arthur + + * [r1338] man/nslcd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, + nslcd/group.c, nslcd/passwd.c: implement a nss_min_uid option to + filter user entries returned by LDAP + +2010-12-18 arthur + + * [r1337] tests/test_nsscmds.sh: sort group members by alphabet to + not be dependant on the order of attributes returned and the + internal softing of the set + * [r1336] tests/README, tests/test.ldif.gz, tests/test_nsscmds.sh: + update tests with current test set-up (with chasing a referral + and some other minor changes) + +2010-12-12 arthur + + * [r1328] nslcd/myldap.c: pass the ld to do_bind() instead of the + session to use the correct ld from do_rebind() + * [r1327] nslcd/pam.c: always return a positive authorisation + result during authentication because we don't do any + authorisation checks during authentication and this may confuse + the PAM module if it's only used for authorisation + * [r1326] pam/pam.c: fallback to standard PAM error message if one + wasn't returned by nslcd + * [r1325] nslcd/myldap.c: fix comment + +2010-12-11 arthur + + * [r1322] tests/test_myldap.c: include extra assertion checks + +2010-12-08 arthur + + * [r1319] nslcd/myldap.c, nslcd/myldap.h, nslcd/nslcd.c: in each + worker wake up once in a while to check whether any existing LDAP + connections should be closed + +2010-12-03 arthur + + * [r1318] nslcd/pam.c: in try_bind(), perform the search ourselves + instead of using lookup_dn2uid() to also be able to match + administrator DNs (thanks to Thaddeus J. Kollar for spotting + this) + * [r1317] nslcd/pam.c: fix handling of try_bind() result code in + nslcd_pam_authc() (patch by Thaddeus J. Kollar) + +2010-11-26 arthur + + * [r1316] nslcd/nslcd.c: close all open file descriptors on start + +2010-11-17 arthur + + * [r1315] nslcd/common.h, nslcd/pam.c, nslcd/passwd.c: return + correct PAM status code for when LDAP server is unavailable + (based on a patch by Pierre Gambarotto) + * [r1314] nslcd/pam.c: switch all internal functions to return an + LDAP status code + * [r1313] nslcd/pam.c: return correct kind of error code from + try_pwmod() (bug) + +2010-11-10 arthur + + * [r1312] debian/nslcd.config, debian/nslcd.postinst, + debian/nslcd.templates: implement configuring SASL authentication + using Debconf, based on a patch by Daniel Dehennin + * [r1311] debian/nslcd.config: fix for problem with undefined + values in read_config() function + +2010-11-07 arthur + + * [r1310] debian/nslcd.config: split reading values from a + configfile into a separate function and also ensure that + tls_reqcert is correctly read + * [r1309] debian/nslcd.postinst: add comment describing function + * [r1308] debian/nslcd.postinst: split updating configuration file + based on debconf value to separate function and make config + option renaming consistent + * [r1307] pam/Makefile.am: fix installation directory for PAM + module (was broken in r1239) + * [r1306] debian/nslcd.postinst: move special casing of handling + bindpw removal to cfg_disable() function + * [r1305] debian/nslcd.config, debian/nslcd.postinst: handle + tls_reqcert option consistently with other options + * [r1304] debian/nslcd.config: remove extra slash character + * [r1303] configure.ac: guess NSS SONAME on freebsd + * [r1302] configure.ac: use NSS flavour to determine which exports + file to use + * [r1301] nslcd/alias.c, nslcd/common.h, nslcd/ether.c, + nslcd/group.c, nslcd/host.c, nslcd/log.c, nslcd/log.h, + nslcd/netgroup.c, nslcd/network.c, nslcd/pam.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c: + log the request with any logged messages + * [r1300] compat/ldap_compat.h: SASL compatibility definition + +2010-11-04 arthur + + * [r1298] nslcd/nslcd.c: move acceptconnection() function body + inside the worker() so we can more easily break out of the + connection handling thread, close the server socket inside the + signal handler to cause all threads waiting on accept() to fail + and ensure that signals are handled in the main thread by + blocking them in the worker threads (r1290 from -solaris branch) + * [r1297] nslcd/common.h, nslcd/pam.c, nslcd/passwd.c: avoid + unneeded strdup()s by using a passed buffer to lookup_dn2uid() + and using strcmp() in dn2uid() to see if the existing cached + value is ok + * [r1296] nslcd/passwd.c: fix race condition that could cause a + memory leak + * [r1295] common/nslcd-prot.c, nslcd/nslcd.c: pass the actual size + of the address family and the path length to bind() and connect() + for named sockets + +2010-11-03 arthur + + * [r1294] nslcd/myldap.c: call myldap_session_check() before adding + a new search to the session so the connection actually gets + closed on timeout (the connection isn't closed when there are + active searches) + +2010-10-16 arthur + + * [r1288] configure.ac: chage test for compiling with gcc to be + simpler and not use deprecated ac_cv_prog_gcc + * [r1287] nslcd/nslcd.c: fix log message + * [r1286] nslcd/cfg.h: remove obsolete note + +2010-10-15 arthur + + * [r1279] common/dict.c, common/dict.h, common/set.c, common/set.h, + tests/test_set.c: implement dict_getany() and set_pop() functions + to be able to pick and remove entries + * [r1278] common/dict.c, common/dict.h, common/set.h, + tests/test_dict.c, tests/test_set.c: make DICTs and SETs + case-sensitive + * [r1277] nss/common.h: split out checking of NSS module + availability and buffer correctness to separate macros (taken + from the -solaris branch) + * [r1276] nslcd/myldap.c: set a longer socket timout for the normal + connection (just in case mostly) and a short one to use when + shutting down the connection (also see + http://www.openldap.org/its/index.cgi?selectid=6673) + +2010-10-14 arthur + + * [r1274] configure.ac: set {nss,pam}_ldap_so_LINK from configure + to allow custom linker properties for Solaris (r1261 and r1263 + from -solaris branch) + * [r1273] configure.ac: also include sys/types.h for + ethernet-related tests (same as in compat/ether.h) (r1259 from + -solaris branch) + * [r1272] nss/group.c: move _nss_ldap_initgroups_dyn() definition + to the end to have more logical order + * [r1271] nslcd/myldap.c: simplify SASL includes + +2010-10-13 arthur + + * [r1270] nss/Makefile.am: link local modules before .a files from + common directory to pick symbols up in correct order + * [r1269] configure.ac: move ethernet function checks outside + nslcd-specific tests to also compile without warnings when only + compiling NSS module + * [r1267] nslcd/pam.c: make buffer sizes for PAM requests + consistent (and large enough for most situations) + * [r1266] configure.ac: rename --with-nss-ldap-maps to + --with-nss-maps + * [r1265] compat/ldap_passwd_s.c: small fix + +2010-10-12 arthur + + * [r1264] nslcd/myldap.c: set timeout options on LDAP socket to + avoid problems when the LDAP library hangs on a read() (e.g. at + ldap_unbind()) + +2010-10-10 arthur + + * [r1256] nslcd/myldap.c, nss/netgroup.c, pam/pam.c: make use of + UNUSED() consistent throughout the code + * [r1255] nss/rpc.c: correctly name shared file handle + * [r1254] ChangeLog: undo changes to ChangeLog accidentally checked + in in r1253) + * [r1253] ChangeLog, configure.ac, nss/Makefile.am, + nss/exports.glibc, nss/exports.solaris, nss/nss_ldap.map, + pam/Makefile.am: put all logic on how to run linker for NSS and + PAM components in configure script (remove stuff from + Makefile.ams) and add Solaris version script (renaming version + scripts as needed) (r1250 from -solaris branch) + * [r1252] compat/ether.c, compat/ether.h: move missing declarations + of ether_ntoa() and ether_aton() to header file so they are + available for other sources also (r1243 from -solaris branch) + * [r1251] configure.ac: fix test of returnlen struct member check + (r1244 from -solaris branch) + +2010-10-08 arthur + + * [r1245] nss/services.c: correctly name shared file handle + +2010-10-04 arthur + + * [r1240] nss/Makefile.am, nss/aliases.c, nss/ethers.c, + nss/group.c, nss/hosts.c, nss/netgroup.c, nss/networks.c, + nss/passwd.c, nss/protocols.c, nss/rpc.c, nss/services.c, + nss/shadow.c, pam/Makefile.am: improve consistency of code layout + * [r1239] compat/nss_compat.h, configure.ac, nss/Makefile.am, + nss/common.h, nss/hosts.c, nss/networks.c, nss/prototypes.h, + pam/Makefile.am: merge some of the changes for Solaris + portability to ease merging, adding --with-pam-seclib-dir, + --with-pam-ldap-soname and --with-nss-flavour options and having + some auto-detection for SONAMEs and NSS flavour + +2010-10-02 arthur + + * [r1235] .: ignore configure.lineno + +2010-10-01 arthur + + * [r1233] compat/ether.c, compat/ldap_passwd_s.c, configure.ac: use + AC_CHECK_DECLS to check for definitions of functions we provide a + replacement definition for + +2010-09-30 arthur + + * [r1229] debian/po/vi.po: updated Vietnamese (vi) translation of + debconf templates by Clytie Siddall + * [r1228] configure.ac: fix test quoting + +2010-09-29 arthur + + * [r1227] compat/ether.c, configure.ac: only provide definitions + for ether_aton() and ether_ntoa() for platforms missing a + definition + * [r1226] compat/ether.c: fix definitions of ether_aton() and + ether_ntoa() + +2010-09-28 arthur + + * [r1225] compat/nss_compat.h, compat/pam_get_authtok.c, + configure.ac: begin merging some of the compatibility + improvements from Ted C. Cheng of Symas Corporation + * [r1224] compat/nss_compat.h: no need to provide a enum nss_status + replacement because we don't use it + * [r1223] tests/test_aliases.c, tests/test_ethers.c, + tests/test_group.c, tests/test_hosts.c, tests/test_netgroup.c, + tests/test_networks.c, tests/test_passwd.c, + tests/test_protocols.c, tests/test_rpc.c, tests/test_services.c, + tests/test_shadow.c: also switch to nss_status_t for test code + * [r1222] configure.ac: simplify appending OBJEXT sed expression + +2010-09-27 arthur + + * [r1221] nslcd/myldap.c: remove variables which are no longer + necessary due to r1220 + * [r1220] nslcd/myldap.c: remove disabling keepalives since we + handle SIGPIPE anyway + +2010-09-26 arthur + + * [r1219] nslcd/myldap.c: remove ugly empty line + * [r1218] configure.ac: properly define PACKAGE_URL + * [r1217] nslcd/group.c: update description of group schema + supported + * [r1216] Makefile.am: switch to nicer mechanism to specify + subdirectories to build + +2010-09-25 arthur + + * [r1215] configure.ac, nss/Makefile.am: have a way to limit which + NSS maps should be built + +2010-09-24 arthur + + * [r1214] compat/nss_compat.h, nss/aliases.c, nss/common.h, + nss/ethers.c, nss/group.c, nss/hosts.c, nss/netgroup.c, + nss/networks.c, nss/passwd.c, nss/protocols.c, nss/prototypes.h, + nss/rpc.c, nss/services.c, nss/shadow.c: switch to using + nss_status_t throughout the code and provide compatibility code + to use whatever nss_status type is used on the system + +2010-09-23 arthur + + * [r1208] nslcd/myldap.c: add some more error cases which should + trigger a disconnect + +2010-09-20 arthur + + * [r1207] nslcd/myldap.c: handle errors from ldap_result() + consistently and also retry in case it times out + +2010-09-05 arthur + + * [r1206] man/nslcd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, + nslcd/common.h, nslcd/nslcd.c, nslcd/pam.c, pam/pam.c: implement + a rootpwmodpw option that allows root users to change user + passwords without a password prompt + +2010-08-28 arthur + + * [r1204] ChangeLog, NEWS, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get + files ready for 0.7.9 release + * [r1203] debian/po/nl.po: unfuzzy a few Dutch translations and + improve some others + * [r1202] debian/po/it.po: fix package name + * [r1201] debian/po/es.po: updated Spanish (es) translation of + debconf templates by Francisco Javier Cuadrado + * [r1200] debian/libpam-ldapd.templates, debian/po/ca.po, + debian/po/cs.po, debian/po/da.po, debian/po/de.po, + debian/po/es.po, debian/po/fi.po, debian/po/fr.po, + debian/po/gl.po, debian/po/it.po, debian/po/ja.po, + debian/po/nb.po, debian/po/nl.po, debian/po/pt.po, + debian/po/pt_BR.po, debian/po/ru.po, debian/po/sv.po, + debian/po/templates.pot, debian/po/vi.po, debian/po/zh_CN.po: fix + incorrect reference from /etc/nsswitch to /etc/nsswitch.conf + * [r1199] debian/po/da.po, debian/po/de.po, debian/po/it.po, + debian/po/ja.po, debian/po/nb.po, debian/po/ru.po, + debian/po/sv.po: fix wrapping of po files + * [r1198] debian/po/ca.po, debian/po/cs.po, debian/po/da.po, + debian/po/de.po, debian/po/fr.po, debian/po/it.po, + debian/po/ja.po, debian/po/nb.po, debian/po/pt.po, + debian/po/ru.po, debian/po/sv.po, debian/po/zh_CN.po: correct + references to package name for up-to-date translations + * [r1197] debian/po/es.po, debian/po/fr.po, debian/po/gl.po, + debian/po/ja.po: fix translations that had a reference to the old + location of the configuration file + * [r1196] debian/po/sv.po: updated Swedish (sv) translation of + debconf templates by Martin Ågren + * [r1195] debian/po/ca.po: unfuzzy translated string (confirmed OK + by Agustí Grau) + +2010-08-27 arthur + + * [r1194] debian/po/ca.po: updated Catalan (ca) translation of + debconf templates by Agusti Grau + +2010-08-26 arthur + + * [r1193] debian/po/de.po: updated German (de) translation of + debconf templates by Chris Leick + +2010-08-25 arthur + + * [r1192] debian/po/fr.po: updated French (fr) translation of + debconf templates by Christian Perrier + +2010-08-24 arthur + + * [r1191] debian/po/da.po: updated Danish (da) translation of + debconf templates by Joe Hansen + +2010-08-20 arthur + + * [r1190] debian/po/ja.po: updated Japanese (ja) translation of + debconf templates by Kenshi Muto + +2010-08-19 arthur + + * [r1189] debian/nslcd.templates, debian/po/ca.po, debian/po/cs.po, + debian/po/da.po, debian/po/de.po, debian/po/es.po, + debian/po/fi.po, debian/po/fr.po, debian/po/gl.po, + debian/po/it.po, debian/po/ja.po, debian/po/nb.po, + debian/po/nl.po, debian/po/pt.po, debian/po/pt_BR.po, + debian/po/ru.po, debian/po/sv.po, debian/po/templates.pot, + debian/po/vi.po, debian/po/zh_CN.po: fix double "be" in English + template thanks to Christian PERRIER + * [r1188] debian/po/it.po: updated Italian (it) translation of + debconf templates by Vincenzo Campanella + * [r1187] debian/po/zh_CN.po: updated Simplified Chinese (zh_CN) + translation of debconf templates by zym + * [r1186] debian/po/cs.po: updated Czech (cs) translation of + debconf templates by Miroslav Kure + * [r1185] configure.ac: fix for --with-nss-ldap-soname option by + Julien Cristau + +2010-08-18 arthur + + * [r1183] ChangeLog, NEWS, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get + files ready for 0.7.8 release + * [r1182] debian/po/nb.po: added Norwegian Bokmål (nb) translation + of debconf templates by Bjørn Steensrud + * [r1181] debian/po/ru.po: updated Russian (ru) translation of + debconf templates by Yuri Kozlov + * [r1180] debian/po/pt.po: updated Portuguese (pt) translation of + debconf templates by Américo Monteir + +2010-08-17 arthur + + * [r1179] debian/po/da.po, debian/po/vi.po, debian/po/zh_CN.po: + remove invalid and bouncing addresses + * [r1178] debian/po/ca.po, debian/po/cs.po, debian/po/da.po, + debian/po/de.po, debian/po/es.po, debian/po/fi.po, + debian/po/fr.po, debian/po/gl.po, debian/po/it.po, + debian/po/ja.po, debian/po/nl.po, debian/po/pt.po, + debian/po/pt_BR.po, debian/po/ru.po, debian/po/sv.po, + debian/po/templates.pot, debian/po/vi.po, debian/po/zh_CN.po: + update debian/po files with modified template + * [r1177] debian/libpam-ldapd.postinst: only offer to fix + nsswitch.conf if PAM has been converted with pam-auth-update + * [r1176] debian/libpam-ldapd.templates: updated debconf template + thanks to Justin B Rye + +2010-08-15 arthur + + * [r1175] debian/po/POTFILES.in, debian/po/ca.po, debian/po/cs.po, + debian/po/da.po, debian/po/de.po, debian/po/es.po, + debian/po/fi.po, debian/po/fr.po, debian/po/gl.po, + debian/po/it.po, debian/po/ja.po, debian/po/nl.po, + debian/po/pt.po, debian/po/pt_BR.po, debian/po/ru.po, + debian/po/sv.po, debian/po/templates.pot, debian/po/vi.po, + debian/po/zh_CN.po: update debian/po files with added template + +2010-08-14 arthur + + * [r1174] debian/control: upgrade to standards-version 3.9.1 + * [r1173] debian/control: add libpam-sss as an alternative to + libpam-ldapd + * [r1172] debian/control: merge the recommends from libnss-ldapd + and libpam-ldapd into those of nslcd so we can track all the PAM + alternatives in one place + * [r1171] Makefile.am, debian/libnss-ldapd.postinst, + debian/libnss-ldapd.postrm, + debian/libpam-ldapd.lintian-overrides, + debian/libpam-ldapd.postinst, debian/libpam-ldapd.templates: + offer to add ldap to shadow in nsswitch.conf if a potential + broken configuration is found + * [r1170] ChangeLog, ChangeLog-2006, ChangeLog-2007, + ChangeLog-2008, Makefile.am: archive older ChangeLog entries in + year files + * [r1169] common/expr.c: also don't expand variables in rest of + ${var:+rest} expressions if var is not set or empty + * [r1168] common/expr.c: do not expand variables in rest of + ${var:-rest} expressions if var is not blank or empty + +2010-07-27 arthur + + * [r1167] nss/services.c: use htons() instead of ntohs() (thanks + Ted C. Cheng) + +2010-07-18 arthur + + * [r1166] compat/nss_compat.h, configure.ac: compatibility + improvement: also check for nss_common.h and see if enum + nss_status exists + * [r1165] nslcd/pam.c: fix comment + * [r1164] nss/Makefile.am: use -h linker flag instead of -soname + which seems more portable + * [r1163] compat/pam_compat.h: define pam_info(), pam_error() and + pam_syslog() compatibility macros to allow no arguments for + format + +2010-07-17 arthur + + * [r1162] debian/nslcd.config: only go back one step on Debconf + back + +2010-07-07 arthur + + * [r1161] configure.ac, nslcd/nslcd.c, nss/Makefile.am: allow + configuring NSS module's SONAME from configure and use this in + nslcd to dlopen() the correct library (thanks to Alexander V. + Chernikov for the idea) + +2010-07-03 arthur + + * [r1159] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get + files ready for 0.7.7 release + * [r1158] debian/control: upgrade to standards-version 3.9.0 + * [r1157] debian/libnss-ldapd.config, debian/nslcd.config: don't + use dh_title to set the Debconf title, the default should be fine + * [r1156] debian/control: use Replaces/Breaks instead of Conflicts + for introduction of nslcd package (as per policy 3.9.0) + +2010-06-25 arthur + + * [r1155] Makefile.am, debian/libpam-ldapd.manpages, + debian/nslcd.install, debian/nslcd.manpages: make sure the + pam_ldap manual page is in the libpam-ldapd package + +2010-06-19 arthur + + * [r1154] nslcd/myldap.c: add logging to SASL interaction function + * [r1153] nslcd/myldap.c: improve debug logging of SASL bind calls + * [r1152] debian/nslcd.default: updated based on comments by Daniel + Dehennin + +2010-06-18 arthur + + * [r1151] AUTHORS, Makefile.am, debian/control, + debian/nslcd.conffile, debian/nslcd.default, debian/nslcd.init: + start k5start from the init script to keep the Kerberos ticket + active if nslcd is configured for SASL GSSAPI kerberos + authentication, based on a patch by Daniel Dehennin + + * [r1150] man/nslcd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h: remove + warning messages from parsing the sasl_* options and document + them in the nslcd.conf(5) manual page (they should be functional) + * [r1149] nslcd/myldap.c: make SASL binding code a little earier to + read + * [r1148] man/nslcd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, + nslcd/myldap.c: remove the use_sasl option and instead rely on + sasl_mech being specified + * [r1147] debian/nslcd.init: group options more + +2010-06-17 arthur + + * [r1146] compat/Makefile.am, compat/nss_compat.h, configure.ac, + nss/common.h, nss/prototypes.h: have more compatibility code for + NSS module and move compatibility code to compat directory + +2010-06-16 arthur + + * [r1145] debian/nslcd.init: ensure that nslcd is started after + hostname lookups are available so getting to the LDAP server via + DNS lookups will work (patch by Petter Reinholdtsen) + * [r1144] nslcd/nslcd.c: use RTLD_NODELETE during dlopen() instead + of not using dlclose() + +2010-06-15 arthur + + * [r1143] configure.ac, nss/Makefile.am, nss/exports.linux, + nss/nss_ldap.map, pam/Makefile.am, pam/exports.linux, + pam/pam_ldap.map: rename symbol map files and check for the + linker option to specify the file with + * [r1142] configure.ac, nslcd/Makefile.am: pass pthread flags + correctly to nslcd Makefile and rename save_ vars to not conflict + with AX_PTHREAD test + +2010-06-14 arthur + + * [r1141] configure.ac, nslcd/nslcd.c, nss/Makefile.am, + nss/common.c, nss/common.h, nss/exports.linux, nss/netgroup.c, + nss/prototypes.h, tests/Makefile.am: implement a global symbol + inside the NSS module to allow applications to disable NSS + lookups over LDAP and use it in nslcd to avoid deadlocks + * [r1140] common/dict.h, common/expr.h, common/nslcd-prot.h, + common/set.h, common/tio.h, compat/attrs.h, compat/daemon.h, + compat/ether.h, compat/getopt_long.h, compat/getpeercred.h, + compat/ldap_compat.h, compat/pam_compat.h, nslcd/attmap.h, + nslcd/cfg.h, nslcd/common.h, nslcd/log.h, nslcd/myldap.h, + nss/common.h, nss/prototypes.h, pam/common.h: make include guard + names consistent throughout the source and avoid conflicts with + system headers + * [r1139] nss/aliases.c, nss/ethers.c, nss/group.c, nss/hosts.c, + nss/netgroup.c, nss/networks.c, nss/passwd.c, nss/protocols.c, + nss/rpc.c, nss/services.c, nss/shadow.c: remove some unused + include statements + +2010-06-12 arthur + + * [r1138] README, common/tio.c, nslcd/attmap.c, nslcd/attmap.h, + nslcd/group.c, nslcd/network.c: remove commented out memberOf and + ipNetmaskNumber attributes and small cleanups + * [r1137] debian/po/ca.po, debian/po/cs.po, debian/po/da.po, + debian/po/de.po, debian/po/es.po, debian/po/fi.po, + debian/po/fr.po, debian/po/gl.po, debian/po/it.po, + debian/po/ja.po, debian/po/nl.po, debian/po/pt.po, + debian/po/pt_BR.po, debian/po/ru.po, debian/po/sv.po, + debian/po/vi.po, debian/po/zh_CN.po: run translations through + debconf-updatepo -v + +2010-06-11 arthur + + * [r1136] nslcd/nslcd.c: fix and remove source code comments + +2010-06-04 arthur + + * [r1135] ChangeLog, debian/changelog: revert part of r1134 that + was accidentally commited + * [r1134] ChangeLog, debian/changelog, pam/pam.c: fix nullok test + for password modification + +2010-06-03 arthur + + * [r1133] debian/libpam-ldapd.pam-auth-update: also ignore other + ignorable PAM return codes + +2010-06-02 arthur + + * [r1132] compat/pam_get_authtok.c: add a warning to the limitation + of our pam_get_authtok() implementation + * [r1131] pam/pam.c: simplify PAM module splitting remapping for + ignore_* options to a separate function, parsing of + try_first_pass and use_first_pass is done by pam_get_authtok(), + don't report session errors to the user and make error handling + consistent + +2010-06-01 arthur + + * [r1130] nslcd/pam.c: fix bug in test (r1127) + * [r1129] man/pam_ldap.8.xml, pam/pam.c: implement an nullok PAM + option and disable empty passwords by default + * [r1128] pam/pam.c: don't log failure to do nslcd request to user + and log authentication errors during password change + * [r1127] nslcd/pam.c: add a debug log message when user + authentication was successful + * [r1126] debian/libpam-ldapd.pam-auth-update: don't use + use_authtok for password modification by default + +2010-05-31 arthur + + * [r1125] pam/pam.c: fix typo + +2010-05-27 arthur + + * [r1123] AUTHORS, ChangeLog, NEWS, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get + files ready for 0.7.6 release + +2010-05-26 arthur + + * [r1122] debian/control: drop extra parts of package descriptions + that should no longer be really relevant and update libpam-ldapd + description + +2010-05-24 arthur + + * [r1121] debian/libpam-ldapd.pam-auth-update: update + pam-auth-update configuration to always perform LDAP + autorisation, also pass use_authtok on password modification and + spell out session result handling + * [r1120] pam/pam.c: make code more consistent + * [r1119] man/pam_ldap.8.xml: fix typo + * [r1118] pam/pam.c: don't store use_authtok because + pam_get_authtok() looks at the arguments itself + +2010-05-23 arthur + + * [r1117] HACKING, README, man/nslcd.8.xml, man/nslcd.conf.5.xml: + update documentation + * [r1116] nslcd.conf: include uid and gid options in default + configuration file + * [r1115] configure.ac, m4/acx_pthread.m4, m4/ax_pthread.m4: update + AC?X_PTHREAD macro and update configure script to be simpler and + add some more checks + * [r1114] debian/nslcd.init: use nslcd --check in init script's + status command + +2010-05-22 arthur + + * [r1113] nslcd/pam.c: make debug logging for pam_authz_search + option a little more readable + +2010-05-20 arthur + + * [r1112] debian/control: add libpam-heimdal as an alternative + recommends for libnss-ldapd + +2010-05-15 arthur + + * [r1111] nslcd/attmap.c, nslcd/attmap.h: always clear returned + buffer when performing attribute mapping (based on a patch by + Nalin Dahyabhai ) + +2010-05-14 arthur + + * [r1109] ChangeLog, NEWS, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get + files ready for 0.7.5 release + * [r1108] Makefile.am, debian/source, debian/source/format: switch + to source format 3.0 (native) + * [r1107] pam/pam.c: print uid as a long + * [r1106] compat/pam_compat.h, configure.ac, man/pam_ldap.8.xml, + pam/common.h, pam/pam.c: perform logging from PAM module to + syslog and support the debug option to log debugging information + +2010-05-13 arthur + + * [r1105] pam/pam.c: centralise initialising functions needed for + every PAM call into one function + * [r1104] common/nslcd-prot.h, nslcd/common.h: make logging of + buffer checks consistent + * [r1103] pam/pam.c: also use PAM username instead of one from + context for session open and close + * [r1102] pam/pam.c: replace my_pam_get_authtok() with standard + pam_get_authtok() function, get rid of get_old_password() and + general cleanups and simplifications + +2010-05-12 arthur + + * [r1101] pam/pam.c: make parsing configuration options global, + reorganise a bit and make code more consistent and easier to read + * [r1100] compat/pam_compat.h, nslcd/pam.c: small compatibility + improvements + +2010-05-10 arthur + + * [r1099] pam/pam.c: only log "LDAP session failed" if we actually + tried + * [r1098] compat/Makefile.am, compat/pam_compat.h, + compat/pam_get_authtok.c, compat/pam_prompt.c, configure.ac, + pam/pam.c: replace my_pam_warn() with pam_info() and pam_error() + and provide replacement for pam_prompt() also using it in our + pam_get_authtok() replacement + +2010-05-09 arthur + + * [r1096] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get + files ready for 0.7.4 release + * [r1095] nslcd/myldap.c: only log "connected to LDAP server" if + the previous connect failed or we are failing over to a different + server + * [r1094] debian/nslcd.postinst, man/nslcd.conf.5.xml, nslcd/cfg.c, + nslcd/cfg.h, nslcd/myldap.c, tests/README, tests/nslcd-test.conf: + rename reconnect_maxsleeptime option to reconnect_retrytime + * [r1093] nslcd/myldap.c: don't log errno if it is not set (make + error less confusing) + * [r1092] nslcd/myldap.c: handle authentication searches a little + differently (only try once if an authentication error is + returned) + * [r1091] man/nslcd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, + nslcd/myldap.c: refactor retry timing mechanism to use time + between first and last error to determin when to rerty and only + try once (and don't sleep) when we have been failing for a long + time + +2010-05-08 arthur + + * [r1090] man/nslcd.conf.5.xml: fix wrapping of long line (thanks + lintian) + * [r1089] man/nslcd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, + nslcd/pam.c: rename authz_search option to pam_authz_search + +2010-05-07 arthur + + * [r1088] man/nslcd.conf.5.xml, man/pam_ldap.8.xml, nslcd/cfg.c, + nslcd/cfg.h, nslcd/pam.c: implement an authz_search option to + test whether the user is authorised + * [r1087] nslcd/alias.c, nslcd/ether.c, nslcd/group.c, + nslcd/host.c, nslcd/netgroup.c, nslcd/network.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c: + tune some buffer sizes and small cleanups + * [r1086] tests/test_myldap.c: implement test for buffer overflow + * [r1085] nslcd/myldap.c: fix buffer overflow + * [r1084] man, man/Makefile.am: have the possibility to generate + HTML for manual pages (not done by default) + * [r1083] man/nslcd.conf.5.xml, man/pam_ldap.8.xml: use docbook + elements where possible + +2010-05-06 arthur + + * [r1082] compat/pam_compat.h, configure.ac, + debian/libpam-ldapd.pam-auth-update, man/pam_ldap.8.xml, + pam/pam.c: implement a minimum_uid option for the PAM module to + ignore users that have a lower numeric user id + +2010-05-05 arthur + + * [r1081] config.guess, config.sub: include updated files + +2010-05-03 arthur + + * [r1080] debian/nslcd.config: also parse /etc/ldap.conf for + systems that use that for NSS and PAM configuration + +2010-04-13 arthur + + * [r1079] nslcd/myldap.c, nslcd/myldap.h, nslcd/pam.c: don't have + myldap_set_credentials() try to open a connection but have the + PAM code perform a search with the new credentials so we re-use + the fail-over mechanism in myldap_search() + * [r1078] nslcd/cfg.c, nslcd/common.h, nslcd/myldap.c, + nslcd/myldap.h, nslcd/passwd.c, tests/test_myldap.c: also have + myldap_search() return an LDAP status code + +2010-04-01 arthur + + * [r1077] tests/README, tests/test.ldif.gz, tests/test_nsscmds.sh: + small improvements to the test setup + +2010-03-20 arthur + + * [r1076] man/nslcd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, + nslcd/group.c: add an nss_initgroups_ignoreusers option to ignore + username to group lookups for the specified users + +2010-03-13 arthur + + * [r1075] man/nslcd.conf.5.xml: remove commented-oud default option + because it is not implemented and we have a better mechanism now + +2010-02-28 arthur + + * [r1074] nslcd/myldap.c: have less warnings when LDAP_OPT_X_TLS + isn't defined + * [r1073] man/nslcd.conf.5.xml: document which attributes may be + mapped with an expression + +2010-02-27 arthur + + * [r1071] ChangeLog, NEWS, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get + files ready for 0.7.3 release + * [r1070] debian/NEWS: add blank line for apt-listchanges + * [r1069] debian/control: upgrade to standards-version 3.8.4 (no + changes needed) + * [r1068] common/dict.h: fix typo + * [r1067] debian/nslcd.postinst, man/nslcd.conf.5.xml, nslcd.conf, + nslcd.h, nslcd/cfg.c, nslcd/cfg.h, nslcd/pam.c: rename admindn + option to rootpwmoddn + * [r1066] INSTALL, compile: update from latest automake + * [r1065] HACKING, tests/README: small updates to documentation + +2010-02-17 arthur + + * [r1064] nslcd/myldap.c: first try password modification without + the old password and if that fails with the old password + * [r1063] compat/ldap_passwd_s.c: add pointer to RFC 3062 + +2010-01-28 arthur + + * [r1062] man/nslcd.8.xml, nslcd/nslcd.c: patch by Jan Schampera to + implement a --check option + +2010-01-25 arthur + + * [r1061] nslcd/myldap.c: fix for type mismatch (thanks to Jan + Schampera) + +2010-01-24 arthur + + * [r1060] configure.ac, nslcd/cfg.c: add --with-bindpw-file + configure option to enable reading the bindpw option from a file + * [r1059] debian/nslcd.postinst, man/nslcd.conf.5.xml, nslcd.conf, + nslcd.h, nslcd/cfg.c, nslcd/cfg.h, nslcd/pam.c, pam/pam.c: add + admindn configuration file option that is used when modifying + another user's password + * [r1058] man/nslcd.conf.5.xml: fix example + * [r1057] nslcd/myldap.c: make logging of passwords consistent and + support a NULL oldpassword value in myldap_passwd() + * [r1056] nslcd/myldap.c: free data returned from ldap_passwd_s() + call if needed and add missing casts + * [r1055] HACKING: general updates and add PAM module information + +2010-01-23 arthur + + * [r1054] nss/prototypes.h: simple improvement for FreeBSD + * [r1053] nslcd/nslcd.c: lock the pidfile at start-up to ensure + only one nslcd process is running (based on a patch by Jan + Schampera ) + +2010-01-21 arthur + + * [r1052] debian/nslcd.init: start nslcd before apache for systems + that use LDAP users to run virtual hosts + * [r1051] HACKING, README, configure.ac: set contact address to + mailing list + * [r1050] debian/NEWS: change format of NEWS entry based on + Developer's Reference + * [r1049] debian/rules: install lintian overrides with dh_lintian + +2010-01-08 arthur + + * [r1048] nslcd/cfg.c: improve getting of domain name by also + checking hostname aliases (based on patch by Jan Schampera + ) + * [r1047] AUTHORS: improve getting of domain name by also checking + hostname aliases (based on patch by Jan Schampera + ) + diff --git a/ChangeLog-2011 b/ChangeLog-2011 new file mode 100644 index 0000000..e1e1734 --- /dev/null +++ b/ChangeLog-2011 @@ -0,0 +1,744 @@ +2011-12-31 arthur + + * [r1584] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get + files ready for 0.8.5 release + +2011-12-30 arthur + + * [r1583] debian/control: fix versioned build dependency on + debhelper + +2011-12-28 arthur + + * [r1582] pynslcd/config.py.in: remove some information from config + that we don't expect to use + * [r1581] configure.ac, pynslcd/cfg.py, pynslcd/common.py, + pynslcd/config.py.in, pynslcd/group.py, pynslcd/pynslcd.py: + support for reading the configuration file (not all options are + used though) + * [r1580] pynslcd/cfg.py, pynslcd/pynslcd.py: move the state + variables (from command line) from the configuration to the main + module + * [r1579] pynslcd/pam.py: fall back to trying to authenticate with + provided password (in case rootpwmodpw is not set or unusable) + * [r1578] pynslcd/group.py: never request group members for + GroupByMemberRequest + * [r1577] pynslcd/group.py: instead of modifying attmap, modify + attribute list + * [r1576] pynslcd/group.py, pynslcd/passwd.py: fix references to + attmap (broken in r1571) + * [r1575] nslcd/nslcd.c: typo fix in comment + +2011-12-27 arthur + + * [r1574] pynslcd/common.py, pynslcd/group.py, pynslcd/netgroup.py, + pynslcd/passwd.py, pynslcd/shadow.py: make logging more + consistent and remove test bases from shadow and passwd maps + * [r1573] pynslcd/cfg.py, pynslcd/ether.py, pynslcd/group.py, + pynslcd/netgroup.py, pynslcd/pam.py, pynslcd/passwd.py, + pynslcd/pynslcd.py, pynslcd/shadow.py, pynslcd/tio.py: PEP8 fixes + * [r1572] debian/copyright: update copyright information + +2011-12-12 arthur + + * [r1571] pynslcd/alias.py, pynslcd/common.py, pynslcd/ether.py, + pynslcd/group.py, pynslcd/host.py, pynslcd/netgroup.py, + pynslcd/network.py, pynslcd/passwd.py, pynslcd/protocol.py, + pynslcd/rpc.py, pynslcd/service.py, pynslcd/shadow.py: define the + search separately from the request + * [r1570] pynslcd/alias.py, pynslcd/attmap.py, pynslcd/common.py, + pynslcd/ether.py, pynslcd/group.py, pynslcd/host.py, + pynslcd/netgroup.py, pynslcd/network.py, pynslcd/passwd.py, + pynslcd/protocol.py, pynslcd/rpc.py, pynslcd/service.py, + pynslcd/shadow.py: move check of required attributes and other + common tests to the Request.handle_entry() method + +2011-12-10 arthur + + * [r1569] nslcd/cfg.c: properly log failures to lookup DNS SRV + records + * [r1568] nslcd/nslcd.c: properly handle failures to truncate the + pid file + * [r1567] debian/nslcd.config: get the first configuration value + instead of the last because that one is also written + * [r1566] debian/nslcd.config: fix a deprecated use of head without + the -n option + * [r1565] debian/rules: enable more hardening options (-fPIE + doesn't work yet because we use -fPIC in some places) + * [r1564] debian/libnss-ldapd.config, debian/libnss-ldapd.postrm: + ensure that the output of nss_list_configured() is space + separated + * [r1563] m4/ax_pthread.m4: update macro from autoconf-archive + +2011-12-09 jhrozek + + * [r1560] nslcd/myldap.c: Fix a typo in disconnect logic + +2011-12-01 arthur + + * [r1558] nslcd/nslcd.c: ensure that uid, gid and pid vars are + properly initialised and log denied requests + +2011-11-30 arthur + + * [r1557] nslcd/passwd.c: ensure that /etc/nsswitch.conf is only + loaded once after start-up + +2011-11-18 arthur + + * [r1556] debian/libnss-ldapd.config: simplification of logic to + overwrite list of enabled /etc/nsswitch.conf services in debconf + (based on r1555 of 0.7 branch) + +2011-10-12 arthur + + * [r1554] debian/control: add versioned dependency on libpam for + mutiarch support + * [r1553] AUTHORS, nss/bsdnss.c: implement group membership NSS + function by Tom Judge (taken from FreeBSD PR 154000) + +2011-10-10 arthur + + * [r1552] debian/rules: keep nslcd running during package upgrades + +2011-10-02 arthur + + * [r1551] nslcd/pam.c: reduce loglevel of user not found messages + to avoid spamming the logs with useless information (thanks Wakko + Warner) + +2011-09-30 jhrozek + + * [r1547] nslcd/cfg.c, nslcd/group.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c: + Use an explicit base of 10 for strtouid()/strtogid()/strtol() + calls + +2011-09-21 arthur + + * [r1546] debian/nslcd.config: treat the "hard" value for + tls_reqcert as if it was "demand" + +2011-09-14 arthur + + * [r1543] debian/libnss-ldapd.config, debian/libnss-ldapd.postrm, + debian/nslcd.config, debian/nslcd.init, debian/nslcd.postinst: + make whitespace matching consistent in regular expressions + (thanks Nick) + +2011-09-09 arthur + + * [r1542] nslcd/alias.c, nslcd/attmap.c, nslcd/common.c, + nslcd/common.h, nslcd/ether.c, nslcd/group.c, nslcd/host.c, + nslcd/netgroup.c, nslcd/network.c, nslcd/pam.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c: + make validation log messages consistent + * [r1541] nslcd/nsswitch.c: add missing include + +2011-09-08 arthur + + * [r1540] nslcd/network.c, nslcd/passwd.c: grow gecos buffer size + and consistency improvements to other buffers + * [r1539] nslcd/ether.c, nslcd/host.c, nslcd/network.c: give string + representations of addresses more logical names + +2011-09-07 arthur + + * [r1538] debian/copyright, debian/po/sv.po: updated Swedish (sv) + translation of debconf templates by Martin Bagge + +2011-09-04 arthur + + * [r1536] AUTHORS, ChangeLog, NEWS, TODO, configure.ac, + debian/changelog, debian/copyright, man/nslcd.8.xml, + man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get files ready for + 0.8.4 release + * [r1535] tests/test_getpeercred.c: warn when we couldn't get the + gid or pid, the uid is the only really interesting bit + * [r1534] tests/test_tio.c: add casts from size_t to int for printf + * [r1533] debian/rules: ignore failures in tests + * [r1532] debian/rules: use auto-detection for LDAP library and + defaults for config file, socket and pidfile (no changes) + +2011-09-03 arthur + + * [r1531] debian/libnss-ldapd.config, debian/libnss-ldapd.postinst, + debian/libnss-ldapd.postrm, debian/libpam-ldapd.postinst: support + spaces before and after database name while parsing + /etc/nsswitch.conf and reduce the number of places where parsing + is done + +2011-08-30 arthur + + * [r1530] debian/nslcd.postinst: correctly handle leading and + trailing spaces in preseeded uri option (patch by Andreas B. + Mundt) + * [r1529] configure.ac, nslcd/myldap.c: move LDAP_DEPRECATED and + LDAP_REFERRALS to configure.ac to ensure that tests from + configure see the same API + +2011-08-29 arthur + + * [r1528] configure.ac, nslcd/common.c, nslcd/common.h: implement + and use a strtoui() function if uid_t or gid_t is of size + unsigned int (thanks Jakub Hrozek) + * [r1527] pynslcd/Makefile.am: get rid of automake warning + * [r1526] configure.ac: silence autoconf warnings, patch by Jakub + Hrozek + * [r1525] debian/po/nl.po: some changes based on feedback by Jeroen + Schot + +2011-08-27 arthur + + * [r1524] configure.ac, nslcd/cfg.c, nslcd/common.h, nslcd/group.c, + nslcd/passwd.c: provide strtouid() and strtogid() functions that + use strtoul() or strtoull() (thanks Jakub Hrozek) + * [r1523] nslcd/cfg.c, nslcd/group.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c: + check errno after calls to strtol() to ensure that numbers that + are too large for type will be reported (thanks Jakub Hrozek) + * [r1522] AUTHORS, nslcd/myldap.c: pass a statically allocated + callback structure to OpenLDAP because it doesn't make it's own + copy (thanks Jakub Hrozek) (fixes a problem in r1490) + * [r1521] debian/po/nl.po: some changes based on feedback by Paul + Gevers + +2011-08-26 arthur + + * [r1520] debian/po/nl.po: first attempt at Dutch (nl) translation + * [r1519] debian/po/ca.po, debian/po/fi.po, debian/po/gl.po, + debian/po/it.po, debian/po/nb.po, debian/po/nl.po, + debian/po/sv.po, debian/po/vi.po, debian/po/zh_CN.po: small + formatting changes to header + +2011-08-25 arthur + + * [r1518] debian/po/es.po: updated Spanish (es) translation of + debconf templates by Francisco Javier Cuadrado + +2011-08-24 arthur + + * [r1517] nslcd/cfg.c: fix typo (thanks Nalin Dahyabhai) + * [r1515] nslcd/cfg.c: fix a problem with uninitialised memory + while parsing the tls_ciphers option (was broken in r853, similar + problem was fixed in r910, reported by Isaac Freeman) + * [r1514] debian/po/de.po: updated German (de) translation of + debconf templates by Chris Leick + * [r1513] AUTHORS, man/nslcd.conf.5.xml, nslcd/cfg.c: support + querying DNS SRV records from a different domain than the current + one (based on a patch by James M. Leddy) + +2011-08-23 arthur + + * [r1512] debian/po/cs.po: updated Czech (cs) translation of + debconf templates by Miroslav Kure + +2011-08-19 arthur + + * [r1511] debian/po/fr.po: typo fix provided by Christian Perrier + +2011-08-17 arthur + + * [r1510] AUTHORS: add new translators to AUTHORS file + * [r1509] debian/po/ja.po: updated Japanese (ja) translation of + debconf templates by Kenshi Muto + * [r1508] debian/po/pt.po: updated Portuguese (pt) translation of + debconf templates by Américo Monteiro + +2011-08-14 arthur + + * [r1507] debian/po/pt_BR.po: updated Brazilian Portuguese (pt_BR) + translation of debconf templates by Denis Doria + * [r1506] ChangeLog, ChangeLog-2009, ChangeLog-2010, Makefile.am: + split 2009 and 2010 changes to separate ChangeLog files + * [r1505] nss/networks.c: remove unused variable + * [r1504] nslcd/Makefile.am, pam/Makefile.am, tests/Makefile.am: + put external libraries at the end when linking + * [r1503] configure.ac: remove some tests for symbols we aren't + using + * [r1502] debian/libnss-ldapd.lintian-overrides: add lintian + override for SONAME check + * [r1501] debian/po/pt_BR.po: updated Brazilian Portuguese (pt_BR) + translation of debconf templates by Denis Doria + * [r1500] debian/po/da.po: update Danish (da) translation of + debconf templates by Joe Hansen + * [r1499] debian/po/sk.po: added Slovak (sk) translation of debconf + templates by Slavko + * [r1498] debian/po/fr.po: updated French (fr) translation of + debconf templates by Christian Perrier + * [r1497] debian/po/ru.po: updated Russian (ru) translation of + debconf templates by Yuri Kozlov + +2011-08-10 arthur + + * [r1496] AUTHORS: fix spelling of name (sorry about that) + +2011-08-09 arthur + + * [r1495] nslcd/passwd.c: check nsswitch.conf mtime to see whether + file should be reloaded + * [r1494] debian/po/ca.po, debian/po/cs.po, debian/po/da.po, + debian/po/de.po, debian/po/es.po, debian/po/fi.po, + debian/po/fr.po, debian/po/gl.po, debian/po/it.po, + debian/po/ja.po, debian/po/nb.po, debian/po/nl.po, + debian/po/pt.po, debian/po/pt_BR.po, debian/po/ru.po, + debian/po/sv.po, debian/po/templates.pot, debian/po/vi.po, + debian/po/zh_CN.po: run debconf-updatepo to update .pot and .po + files + * [r1493] debian/nslcd.templates, man/nslcd.conf.5.xml: small + language updates based on feedback by Justin B Rye + +2011-08-08 arthur + + * [r1492] debian/nslcd.templates: incorporate feedback on debconf + templates by debian-l10n-english@lists.debian.org (thanks Justin + B Rye and Christian PERRIER) + +2011-08-07 arthur + + * [r1491] Makefile.am, debian/compat, debian/control, + debian/libnss-ldapd.install, + debian/libnss-ldapd.lintian-overrides, + debian/libnss-ldapd.postinst, debian/libpam-ldapd.install, + debian/rules, debian/source/lintian-overrides: build Debian + packages with multiarch support + * [r1490] AUTHORS, nslcd/myldap.c: set the socket timeout in a + connection callback to avoid timeout issues during the SSL + handshake (based on a patch by Stefan Völkel) + +2011-08-06 arthur + + * [r1489] debian/copyright, m4/ax_pthread.m4: update AX_PTHREAD + from http://www.gnu.org/software/autoconf-archive/ax_pthread.html + +2011-08-05 arthur + + * [r1488] pynslcd/group.py, tests/test_myldap.c: replace last + traces of groupOfUniqueNames + * [r1487] nslcd/Makefile.am, nslcd/common.h, nslcd/nsswitch.c, + nslcd/passwd.c, tests/Makefile.am: check whether the NSS shadow + map queries LDAP before returning x as a password has for shadow + users + * [r1486] tests/README, tests/test.ldif.gz, tests/test_nsscmds.sh: + update tests with change of member/uniqueMember default change + (r1484) + * [r1485] nslcd/group.c, nslcd/myldap.c, nslcd/myldap.h, + nslcd/passwd.c: implementation of myldap_get_values_len() to use + ldap_get_values_len() instead of ldap_get_values() to fix some + problems with binary data in returned attribute values (patch by + Wesley Mason) + +2011-08-03 arthur + + * [r1484] README, nslcd.conf, nslcd/attmap.c, nslcd/attmap.h, + nslcd/group.c, pynslcd/group.py, tests/test_myldap.c: switch to + using the member attribute by default instead of uniqueMember + +2011-07-21 arthur + + * [r1483] README: remove obsolete attribute from documentation + +2011-07-15 arthur + + * [r1482] debian/nslcd.init: on restart only log_end_msg once + +2011-07-04 arthur + + * [r1481] configure.ac: show the default value for the + pam-seclib-dir option + +2011-07-03 arthur + + * [r1480] compat/getpeercred.c: fix header + * [r1479] compat/pam_compat.h: provide PAM_AUTHTOK_RECOVERY_ERR for + systems with only PAM_AUTHTOK_RECOVER_ERR + +2011-07-02 arthur + + * [r1478] Makefile.am, debian/compat, debian/control, + debian/libpam-ldapd.install, debian/libpam-ldapd.pam-auth-update, + debian/nslcd.install, debian/pam-configs, + debian/pam-configs/ldap, debian/rules: switch to dh for + debian/rules and bump debhelper compatibility to 8 + * [r1476] nslcd/group.c, nslcd/host.c, nslcd/network.c, + nslcd/passwd.c, nslcd/shadow.c: make buffer sizes consistent, + grow gidNumber buffer to hold larger numbers and small + consistency improvements + +2011-06-10 arthur + + * [r1475] nslcd/pam.c: correctly only check password expiration + when authenticating, only check account expiration when doing + authorisation check + +2011-06-05 arthur + + * [r1474] nslcd/cfg.c, nslcd/pam.c: check all variables in + pam_authz_search to see if they exist + * [r1473] nslcd/cfg.c, nslcd/common.c: mark more strings as const + and don't free() data returned by cfg_getdomainname() + * [r1471] common/expr.c, tests/test_expr.c: handle expressions + where the expander function returns NULL (handle it as an empty + string) + * [r1470] nslcd/myldap.c: fix r1468 + * [r1468] nslcd/myldap.c: simplify and correct find_rdn_value() to + handle splitting attribute and value correctly + * [r1467] config.guess, config.sub: include updated files + +2011-05-23 arthur + + * [r1466] tests/test_common.c: add test case for two-character user + name + +2011-05-21 arthur + + * [r1464] nslcd/myldap.c: fix problem with partial attribute name + matches in DN (e.g. uid vs. uidNumber) (thanks to Timothy White + for the fix) + +2011-05-13 arthur + + * [r1462] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get + files ready for 0.8.3 release + * [r1461] debian/libnss-ldapd.postinst: don't unconditionally + restart nscd but just try to invalidate the cache for the maps + that change + * [r1460] debian/libnss-ldapd.config: correctly pick up current + configuration of /etc/nsswitch.conf when running dpkg-reconfigure + * [r1459] debian/control: upgrade to standards-version 3.9.2 + * [r1458] common/expr.c, common/expr.h: switch variable expander + function type name because _t suffix is reserved + * [r1457] debian/control, debian/nslcd.config: search for LDAP + server by looking for SRV _ldap._tcp DNS records and try to query + LDAP server for base DN during package configuration (based on + work by Petter Reinholdtsen for the sssd package) + * [r1456] debian/nslcd.config: fix domain to basedn expansion when + having more than two domain parts (patch by Per Carlson) + * [r1455] pynslcd/alias.py, pynslcd/common.py, pynslcd/ether.py, + pynslcd/group.py, pynslcd/host.py, pynslcd/netgroup.py, + pynslcd/network.py, pynslcd/pam.py, pynslcd/passwd.py, + pynslcd/protocol.py, pynslcd/rpc.py, pynslcd/service.py, + pynslcd/shadow.py: simplify request handling by passing read + parameters around in a dict instead of setting object properties + (this mainly simplifies search filter building) + +2011-05-01 arthur + + * [r1454] pynslcd/alias.py, pynslcd/attmap.py, pynslcd/common.py, + pynslcd/ether.py, pynslcd/group.py, pynslcd/host.py, + pynslcd/netgroup.py, pynslcd/network.py, pynslcd/pam.py, + pynslcd/passwd.py, pynslcd/protocol.py, pynslcd/rpc.py, + pynslcd/service.py, pynslcd/shadow.py, pynslcd/tio.py: implement + attribute mapping functionality and do some refactoring + * [r1453] pynslcd/pam.py: remove unneeded import + * [r1452] pynslcd/alias.py, pynslcd/common.py, pynslcd/ether.py, + pynslcd/host.py, pynslcd/netgroup.py, pynslcd/network.py, + pynslcd/pam.py, pynslcd/passwd.py, pynslcd/protocol.py, + pynslcd/rpc.py, pynslcd/service.py, pynslcd/shadow.py: pass dn + and attributes to functions separately + * [r1451] pynslcd/group.py, pynslcd/pam.py, pynslcd/pynslcd.py: + small code improvements + +2011-04-30 arthur + + * [r1450] pam/common.h: make log message clearer when nslcd returns + an empty response (user not handled) + * [r1449] nslcd/pam.c: close the nslcd connection to signal LDAP + server unavailable to PAM module + * [r1448] pam/pam.c: split setting up of configuration into + separate function + * [r1447] nslcd/pam.c: improve password change failed error message + * [r1446] nslcd/common.h, nslcd/pam.c, nslcd/shadow.c: check shadow + properties (similarly to what pam_unix does) in the PAM handling + code + * [r1445] pam/pam.c: do not attempt to change password as root when + changing an expired password + * [r1444] nslcd/pam.c: fix return value of try_autzsearch() when no + match found + * [r1443] nslcd/pam.c: use the right DN in the pam_authz_search + option + * [r1442] nslcd/shadow.c: move code for getting shadow expiry + properties to a separate function + +2011-04-29 arthur + + * [r1441] nslcd/pam.c: move most of the code for building the + authorisation search into the try_autzsearch() function + * [r1440] nslcd.h, pam/pam.c: support more PAM status codes over + the nslcd protocol + * [r1439] nslcd/shadow.c, pynslcd/shadow.py: set maxdays to -1 to + indicate no expiry (instead of a long time) + +2011-04-28 arthur + + * [r1438] pynslcd/alias.py, pynslcd/common.py, pynslcd/ether.py, + pynslcd/group.py, pynslcd/host.py, pynslcd/netgroup.py, + pynslcd/network.py, pynslcd/pam.py, pynslcd/passwd.py, + pynslcd/protocol.py, pynslcd/rpc.py, pynslcd/service.py, + pynslcd/shadow.py: put standard library imports before + application imports and remove some unused imports + * [r1437] pynslcd/group.py: remove duplicate and wrong write() + method + +2011-04-24 arthur + + * [r1436] nslcd/pam.c: make request indicator shorter + * [r1435] nslcd.h: document use of returned authorisation message + * [r1434] nslcd/pam.c: no longer use the userdn parameter passed + along with each request (this may mean one or two more lookups + when doing authentication but simplifies things) + * [r1433] tests/test_pamcmds.expect: improve handling of + test_login_unknown + +2011-04-22 arthur + + * [r1431] nslcd/myldap.c: report correct reported error from + ldap_abandon() + +2011-04-18 arthur + + * [r1430] nslcd/nslcd.c: fix r1429 to properly handle absence of + RTLD_NODELETE + * [r1429] nslcd/nslcd.c: support systems without RTLD_NODELETE + +2011-04-16 arthur + + * [r1428] nslcd.conf: add example configuration provided by Wesley + Mason + +2011-04-15 arthur + + * [r1427] compat/Makefile.am, compat/strndup.c, compat/strndup.h, + configure.ac, nslcd/group.c, nslcd/passwd.c: provide replacement + implementation for strndup() for systems that don't have it + * [r1426] AUTHORS: add Wesley Mason to AUTHOS file (was missing + from r1425) + * [r1425] man/nslcd.conf.5.xml, nslcd/common.c, nslcd/common.h, + nslcd/group.c, nslcd/passwd.c: support using the objectSid + attribute to provide numeric user and group ids, based on a patch + by Wesley Mason + * [r1424] tests/test_nsscmds.sh, tests/test_pamcmds.expect, + tests/test_pamcmds.sh: allow running test_{nss,pam}cmds tests + from another directory + +2011-04-03 arthur + + * [r1423] nslcd/group.c, nslcd/pam.c, nslcd/passwd.c: make user and + group name validation errors a little more informative + +2011-03-31 arthur + + * [r1422] AUTHORS: add some people who seemed to be missing from + the AUTHORS file + * [r1421] common/tio.c: tv_usec in struct timeval must be lower + than 1000000 (patch by SATOH Fumiyasu) + * [r1420] AUTHORS, Makefile.am: use $(mkinstalldirs) instead of + $(INSTALL_DATA) -D because -D is not supported on all operating + systems (patch by SATOH Fumiyasu) + * [r1419] man/nslcd.conf.5.xml, nslcd/cfg.c: allow usernames of + only two characters + +2011-03-26 arthur + + * [r1417] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get + files ready for 0.8.2 release + * [r1416] tests/Makefile.am, tests/test_nsscmds.sh, + tests/test_pamcmds.sh: ensure that all test source files are + distibuted and can tests can be run when source directory differs + from build directory + * [r1415] pynslcd/common.py: sync validname regular expression with + nslcd + +2011-03-25 arthur + + * [r1414] configure.ac, nslcd/nslcd.c: no longer indefinitely wait + for all worker threads to finish before exiting (but wait a few + seconds on platforms with pthread_timedjoin_np()) + * [r1413] tests/Makefile.am, tests/test_cfg.c, tests/test_common.c, + tests/test_myldap.c: re-organise tests somewhat making things + more consistent + * [r1412] debian/nslcd.config, debian/nslcd.postinst: integrate + patch by Daniel Dehennin to not loose debconf values of + previously set options with dpkg-reconfigure + * [r1411] configure.ac, man/nslcd.conf.5.xml, nslcd/cfg.c, + nslcd/cfg.h, nslcd/common.c, tests/Makefile.am, + tests/test_common.c: implement a validnames option that can be + used to fine-tune the test for valid user and group names using a + regular expression + +2011-03-24 arthur + + * [r1410] pynslcd/protocol.py, pynslcd/pynslcd.py, pynslcd/rpc.py, + pynslcd/service.py: implement service, protocol and rpc lookups + * [r1409] pynslcd/host.py, pynslcd/network.py: fix the case where + the RDN is for some reason not in the cn + * [r1408] pynslcd/pam.py: fix configuration name + * [r1407] pynslcd/mypidfile.py: truncate pidfile to ensure remains + of previous value is gone + +2011-03-23 arthur + + * [r1406] pynslcd/host.py: fix use of spaces + * [r1405] nslcd/protocol.c, nslcd/shadow.c: fix descriptions of + files + * [r1403] compat/daemon.h, configure.ac, nslcd/nslcd.c: provide a + definition of daemon() for systems that lack it + * [r1402] compat/ether.h: typo fix in comment + +2011-03-19 arthur + + * [r1401] Makefile.am, common, compat, nslcd, nss, pam, tests, + tests/test_expr.c, tests/test_pamcmds.expect, tests/test_tio.c: + more tests and general test improvements + * [r1400] common/expr.c, nslcd/myldap.h, nslcd/nslcd.c, + nss/common.h, nss/prototypes.h, pam/common.h, pam/pam.c: small + code improvements + * [r1399] nslcd/log.c, nslcd/log.h: remove logging functionality + that isn't used + +2011-03-18 arthur + + * [r1398] tests, tests/Makefile.am, tests/in_testenv.sh, + tests/test_nsscmds.sh, tests/test_pamcmds.expect, + tests/test_pamcmds.sh: implement test cases for some of the + common PAM actions (test environment required for this) + +2011-03-17 arthur + + * [r1397] configure.ac, tests/Makefile.am, tests/common.h, + tests/test_cfg.c, tests/test_common.c, tests/test_expr.c, + tests/test_getpeercred.c, tests/test_myldap.c, tests/test_tio.c: + put all assertion functions and compatibility code into one + header file + * [r1396] nslcd.conf: put idle_timelimit option in Active Directory + example with low enough default + +2011-03-16 arthur + + * [r1395] tests/Makefile.am, tests/test_aliases.c, + tests/test_ethers.c, tests/test_group.c, tests/test_hosts.c, + tests/test_netgroup.c, tests/test_networks.c, + tests/test_nslcd_group.c, tests/test_passwd.c, + tests/test_protocols.c, tests/test_rpc.c, tests/test_services.c, + tests/test_shadow.c: remove legacy test code that is no longer + used + +2011-03-14 arthur + + * [r1394] pam/pam.c: check for user existence before trying + password change + * [r1393] common/tio.c: fix a problem in the timeout paramater that + was being passed to select() and could contain too many µsec + (fixes Solaris runtime issue) + +2011-03-13 arthur + + * [r1392] tests/test_nsscmds.sh: fix name of script in header + +2011-03-12 arthur + + * [r1391] configure.ac: include the resolv library for hstrerror() + on platforms that need it (thanks Peter Bray) + * [r1390] nslcd/common.h, nslcd/pam.c: put all HOST_NAME_MAX + fallbacks in common.h and fall back to _POSIX_HOST_NAME_MAX + (thanks Peter Bray) + +2011-03-11 arthur + + * [r1389] Makefile.am: ensure that permissions are sane in the + distributed tarball + * [r1388] nslcd/myldap.c: fix problem with endless loop on + incorrect password + * [r1387] nslcd/common.c, nslcd/common.h: move HOST_NAME_MAX + fallback definition to header file + +2011-03-10 arthur + + * [r1385] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, + man/nslcd.8.xml, man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get + files ready for 0.8.1 release + * [r1384] Makefile.am, common/tio.c, compat/Makefile.am, + compat/ether.h, compat/ldap_compat.h, compat/pam_get_authtok.c, + man/Makefile.am, nslcd/attmap.c, nslcd/attmap.h, nslcd/common.c, + nslcd/common.h, nss/prototypes.h, pam/common.h, pynslcd/ether.py, + pynslcd/pynslcd.py, pynslcd/tio.py: update copyright headers to + add missing years + +2011-03-09 arthur + + * [r1383] nslcd/pam.c: fix compiler warning + * [r1382] nslcd/pam.c, nslcd/passwd.c: properly handle + user-not-found errors when doing authentication (CVE-2011-0438) + +2011-03-06 arthur + + * [r1381] pynslcd/Makefile.am, pynslcd/netgroup.py, + pynslcd/pynslcd.py: implement module for netgroup lookups + * [r1380] pynslcd/Makefile.am, pynslcd/network.py, + pynslcd/pynslcd.py: add network name lookups + * [r1379] tests/test.ldif.gz, tests/test_nsscmds.sh: add some test + groups and add the arthur user to them to test whether all are + returned correctly + * [r1378] Makefile.am: pass --enable-pynslcd with distcheck + * [r1377] pynslcd/Makefile.am: clean up compiled python files + * [r1376] pynslcd/host.py: fix search filter objectClass for hosts + * [r1375] nslcd/log.c, nslcd/log.h, nslcd/nslcd.c: ensure that + session id is only logged while handling a connection + * [r1374] man/nslcd.conf.5.xml: note that attribute mapping + expressions cannot be used for all attributes + +2011-02-14 arthur + + * [r1373] pynslcd/Makefile.am, pynslcd/host.py, pynslcd/pynslcd.py, + pynslcd/tio.py: implement module for hostname lookups + * [r1372] pynslcd/ether.py: fix comment + * [r1371] pynslcd/Makefile.am, pynslcd/debugio.py: clean up and add + missing files to installation + +2011-02-11 arthur + + * [r1370] configure.ac: fix FreeBSD nss_ldap soname (as seen in + current FreeBSD packaging) + * [r1369] nslcd/nslcd.c: create the directory for the socket and + pidfile + +2011-01-29 arthur + + * [r1368] man/nslcd.conf.5.xml: document a proper replacement for + pam_check_host_attr (thanks Luca Capello) and add a section on + quoting + * [r1367] man/nslcd.conf.5.xml, nslcd/cfg.c, nslcd/common.c, + nslcd/common.h, nslcd/pam.c: implement a fqdn variable that can + be used inside pam_authz_search filters + +2011-01-23 arthur + + * [r1366] man/nslcd.conf.5.xml: name pam_check_service_attr and + pam_check_host_attr options in manual page and indicate how + pam_authz_search replaces them + +2011-01-05 arthur + + * [r1365] AUTHORS, HACKING, configure.ac, debian/copyright, + nss/Makefile.am, nss/bsdnss.c, nss/exports.freebsd, + nss/prototypes.h: add FreeBSD support, partially imported from + the FreeBSD port (thanks to Jacques Vidrine, Artem Kazakov and + Alexander V. Chernikov) + +2011-01-01 arthur + + * [r1364] nss/Makefile.am: put solnss.c under + EXTRA_nss_ldap_so_SOURCES + * [r1363] man/nslcd.8.xml, man/nslcd.conf.5.xml, + man/pam_ldap.8.xml: add ids to options so we can more easily + reference them from elsewhere (especially useful for generated + HTML) + * [r1362] nslcd/myldap.c: include definition of rc in all code + paths because it's used most of the time + * [r1361] configure.ac: fix quoting of NSS_MODULE_OBJS expression + to one that is supported by more shells + * [r1360] nss/Makefile.am: ensure that solnss.c ends up in tarball + diff --git a/ChangeLog-2012 b/ChangeLog-2012 new file mode 100644 index 0000000..0090af5 --- /dev/null +++ b/ChangeLog-2012 @@ -0,0 +1,658 @@ +2012-12-30 arthur + + * [r1891] tests/lookup_netgroup.c: code style fix + * [r1890] nslcd/cfg.c: remove deprecated use_sasl, reconnect_tries, + reconnect_maxsleeptime and tls_checkpeer options which have been + replaced some time ago + * [r1889] nslcd/cfg.c, nslcd/cfg.h, nslcd/myldap.c: remove + undocumented restart configuration option + * [r1888] nslcd/cfg.c, nslcd/cfg.h, nslcd/myldap.c, nslcd/pam.c, + tests/test_cfg.c, tests/test_myldap.c: reorganise and rename + configuration options to be in line with manual page + * [r1887] nslcd/alias.c, nslcd/cfg.c, nslcd/cfg.h, nslcd/common.h, + nslcd/ether.c, nslcd/group.c, nslcd/host.c, nslcd/myldap.c, + nslcd/netgroup.c, nslcd/network.c, nslcd/nslcd.c, nslcd/pam.c, + nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, + nslcd/shadow.c, tests/test_cfg.c, tests/test_myldap.c: remove the + ldc_ prefix from struct ldap_config fields + * [r1886] configure.ac: use the newer style AM_INIT_AUTOMAKE + * [r1885] pynslcd/Makefile.am: add dependency information to + regenerate constants.py + * [r1884] man/Makefile.am: make the way manual pages are selected + for installation more maintainable + +2012-12-29 arthur + + * [r1883] nslcd.h: remove unnecessary comment + * [r1882] .gitignore, tests, tests/Makefile.am, + tests/lookup_netgroup.c: implement a lookup_netgroup command for + systems that cannot use getent to list netgroups + +2012-12-28 arthur + + * [r1881] nslcd/service.c: another comment typo fix + * [r1880] nslcd/cfg.h: re-order enum values to use the same order + as elsewhere + +2012-12-24 arthur + + * [r1879] nslcd/common.h, pynslcd/alias.py, pynslcd/shadow.py: more + comment fixes + * [r1878] nslcd/pam.c: fix typo in comment + +2012-12-23 arthur + + * [r1877] nslcd/alias.c, nslcd/common.h, nslcd/ether.c, + nslcd/group.c, nslcd/host.c, nslcd/netgroup.c, nslcd/network.c, + nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, + nslcd/shadow.c: move the action argument to NSLCD_HANDLE to the + front + * [r1876] nss/aliases.c, nss/common.h, nss/ethers.c, nss/group.c, + nss/hosts.c, nss/networks.c, nss/passwd.c, nss/protocols.c, + nss/rpc.c, nss/services.c, nss/shadow.c: merge NSS_BYNAME and + NSS_BYINT32 into NSS_BYGEN and rename to NSS_GETONE + * [r1875] nss/netgroup.c: adapt Solaris netgroup lookup code + * [r1874] nslcd.h, nslcd/netgroup.c, nss/netgroup.c, + pynslcd/netgroup.py, tests/test_nsscmds.sh: update the netgroup + by name request to have one result entry per netgroup with + multiple rows within one result + +2012-12-22 arthur + + * [r1873] common/dict.c, common/dict.h, common/expr.c, + common/expr.h, common/nslcd-prot.c, common/nslcd-prot.h, + common/set.c, common/set.h, common/tio.c, common/tio.h, + compat/attrs.h, compat/daemon.c, compat/daemon.h, compat/ether.c, + compat/ether.h, compat/getopt_long.c, compat/getopt_long.h, + compat/getpeercred.c, compat/getpeercred.h, compat/ldap_compat.h, + compat/ldap_initialize.c, compat/ldap_passwd_s.c, + compat/nss_compat.h, compat/pam_compat.h, + compat/pam_get_authtok.c, compat/pam_prompt.c, compat/socket.h, + compat/strndup.c, compat/strndup.h, configure.ac, nslcd/alias.c, + nslcd/attmap.c, nslcd/attmap.h, nslcd/cfg.c, nslcd/cfg.h, + nslcd/common.c, nslcd/common.h, nslcd/config.c, nslcd/ether.c, + nslcd/group.c, nslcd/host.c, nslcd/log.c, nslcd/log.h, + nslcd/myldap.c, nslcd/myldap.h, nslcd/netgroup.c, + nslcd/network.c, nslcd/nslcd.c, nslcd/nsswitch.c, nslcd/pam.c, + nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, + nslcd/shadow.c, nss/aliases.c, nss/bsdnss.c, nss/common.c, + nss/common.h, nss/ethers.c, nss/group.c, nss/hosts.c, + nss/netgroup.c, nss/networks.c, nss/passwd.c, nss/protocols.c, + nss/prototypes.h, nss/rpc.c, nss/services.c, nss/shadow.c, + nss/solnss.c, nss/solnss.h, pam/common.h, pam/pam.c, + tests/common.h, tests/test_cfg.c, tests/test_common.c, + tests/test_dict.c, tests/test_expr.c, tests/test_getpeercred.c, + tests/test_myldap.c, tests/test_set.c, tests/test_tio.c: update C + coding style to a more commonly used style + +2012-12-20 arthur + + * [r1870] nslcd/passwd.c: don't process the passwd_byuid request at + all for uids < nss_min_uid + * [r1868] nslcd/myldap.c: fix logic error (use && instead of & for + logical and) + +2012-12-16 arthur + + * [r1867] nss/ethers.c, nss/group.c, nss/passwd.c: also no longer + use NSS_BYINT32() in Solaris (fixes r1864) + * [r1866] nslcd.h, nslcd/nslcd.c: make nslcd actions hexadecimal + values with some structure to make debugging easier + * [r1865] nslcd.h, nslcd/pam.c, pam/common.h, pam/pam.c: change PAM + protocol to be more consistent and simpler + * [r1864] common/nslcd-prot.h, nslcd.h, nslcd/common.c, + nslcd/ether.c, nslcd/group.c, nslcd/nslcd.c, nslcd/passwd.c, + nss/common.h, nss/ethers.c, nss/group.c, nss/networks.c, + nss/passwd.c, nss/services.c, pam/common.h, pam/pam.c, + pynslcd/group.py, pynslcd/passwd.py, pynslcd/tio.py: switch + protocol from host byte order to network byte order and switch + use of uid_t and gid_t in the protocol to int32 + +2012-12-15 arthur + + * [r1863] .gitignore, configure.ac, pynslcd, pynslcd/Makefile.am, + pynslcd/config.py.in, pynslcd/constants.py.in, + pynslcd/pynslcd.py, pynslcd/tio.py: merge config.py into + constants.py and generate it from configure + +2012-12-14 arthur + + * [r1859] pynslcd/pynslcd.py: remove unneeded brackets + * [r1858] tests/test_tio.c: also test for correct value of errno on + timeout and make read and write timeout tests consistent + * [r1857] tests/test_tio.c: also output debugging info in + test_timeout_reader test + +2012-12-08 arthur + + * [r1848] common/tio.c: update microseconds when setting deadline, + not seconds (thanks Julien Cristau) + +2012-12-06 arthur + + * [r1846] common/tio.c, tests/test_tio.c: make test even more + verbose and set number of writes back at 10000 to avoid issues + with systems with large buffers + +2012-11-30 arthur + + * [r1845] tests/test_tio.c: rephrase test to more clearly explain + what we're testing and be a little more verbose + +2012-11-25 arthur + + * [r1842] nslcd/nsswitch.c: remove inline keyword (should have been + removed in r1840) + * [r1841] nslcd/nsswitch.c: if nsswitch.conf is missing a shadow + entry, fall back to checking the passwd mapping + * [r1840] nslcd/common.h, nslcd/nsswitch.c, nslcd/passwd.c: move + all nsswitch-parsing related functions to nsswitch.c + * [r1839] .gitignore: small fix for .gitignore + +2012-11-22 arthur + + * [r1838] nslcd/group.c, nslcd/passwd.c, nslcd/protocol.c, + nslcd/rpc.c, nslcd/service.c: ensure that values are logged as + unsigned numbers + +2012-11-18 arthur + + * [r1834] ChangeLog, NEWS, TODO, configure.ac, man/nslcd.8.xml, + man/nslcd.conf.5.xml, man/pam_ldap.8.xml, man/pynslcd.8.xml: get + files ready for 0.8.12 release + * [r1833] configure.ac, nss/passwd.c: properly initialise + passwd.pw_class on FreeBSD to empty string (was set to NULL due + to the memset which was introduced in r1767) + +2012-11-17 arthur + + * [r1832] pam/pam.c: use pam_modutil_getpwnam() instead of + getpwnam() in PAM module + * [r1831] man/nslcd.8.xml, man/pynslcd.8.xml: fix formatting and + improve consistency in manaual pages + +2012-11-16 arthur + + * [r1828] man/nslcd.8.xml, man/pynslcd.8.xml: remove dots from + short description in manual page + * [r1827] nslcd/config.c: fix comment in header + +2012-11-13 arthur + + * [r1824] man/nslcd.conf.5.xml, nslcd/cfg.c, nslcd/myldap.c, + pynslcd/cfg.py, pynslcd/pynslcd.py: to only set + LDAP_OPT_X_SASL_NOCANON if the sasl_canonicalize option is + explicitly set in the configuration file + +2012-11-11 arthur + + * [r1823] pam/pam.c: log the PAM error message along with the + message from nslcd if it is available + * [r1822] .gitignore: add a .gitignore file for those working with + git + * [r1821] common/nslcd-prot.c: set FD_CLOEXEC in NSS and PAM + modules to ensure that nslcd file descriptor is not leaked to + child processes + * [r1814] nslcd/myldap.c: log connection message before clearing + error indicators to not hide these log messages in most + configurations (fixes r1095) + +2012-10-28 arthur + + * [r1812] nss/Makefile.am, nss/common.h, nss/group.c, nss/hosts.c, + nss/networks.c, nss/passwd.c, nss/protocols.c, nss/rpc.c, + nss/services.c, nss/shadow.c, nss/solnss.h: refactor the + read_result() functions into a common macro and move all the + Solaris-specific definitions to solnss.h + * [r1811] nss/hosts.c: combine read_hostent_erronempty() and + read_hostent_nextonempty() into a read_hostent() with a retry + parameter + * [r1810] nss/group.c: fix typo (thanks Ted C. Cheng) + +2012-10-26 arthur + + * [r1809] nss/group.c: fix buffer size checking in group by member + NSS function on Solaris + * [r1808] nss/ethers.c, nss/group.c, nss/hosts.c, nss/netgroup.c, + nss/networks.c, nss/passwd.c, nss/protocols.c, nss/rpc.c, + nss/services.c, nss/shadow.c: introduce ent2str() functions for + each database (except ether and netgroup) and make buffer + handling consistent (for Solaris) + +2012-10-21 arthur + + * [r1807] configure.ac: remove duplicate checks from the configure + script + * [r1806] man: ignore generated pynslcd manual pages + * [r1805] nss/passwd.c: fix a problem on Solaris (fixes r1793) + * [r1804] man/Makefile.am, man/nslcd.8.xml, man/pynslcd.8.xml: make + a pynslcd manual page and install it if pynslcd is enabled (and + small fix in nslcd manual page) + +2012-10-19 arthur + + * [r1803] common/expr.c, tests/test_expr.c: allow attribute options + in attribute mapping expressions + +2012-10-14 arthur + + * [r1798] ChangeLog, NEWS, configure.ac, man/nslcd.8.xml, + man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get files ready for + 0.8.11 release + * [r1797] configure.ac: remove extra code that sets PACKAGE_URL + (which isn't used) + * [r1796] nss/netgroup.c: do not clear the netgroup struct because + it contains information for others as well (fixes r1767) + * [r1795] nslcd/nslcd.c: if nslcd creates the state directory, try + to set the right ownership + +2012-10-13 arthur + + * [r1794] nss/passwd.c: include missing definition (fixes r1793) + * [r1793] nss/passwd.c: do proper range checking and replace + READ_RESULT macro with read_result function (Solaris) + * [r1792] nss/hosts.c: return correct error for buffer too small + (Solaris) + * [r1791] HACKING, nss/ethers.c: in ether handling only write to + output values and return correct error for buffer too small + * [r1790] nss/common.h: on Solaris initialise the output values + * [r1789] nss/common.h: fix code indentation + * [r1787] tests/common.h: provide alternatives for assertion + failures on Solaris and FreeBSD + * [r1786] Makefile.am: pass CPPFLAGS and LDFLAGS to distcheck's + configure and put nslcd.conf under prefix + * [r1785] pynslcd/Makefile.am: use $(top_srcdir)/nslcd.h instead of + $< to avoid problems with FreeBSD's make + * [r1784] tests/test_tio.c: update tests to new tio interface + (fixes r1783) + +2012-10-12 arthur + + * [r1783] common/nslcd-prot.c, common/tio.c, common/tio.h, + nslcd/nslcd.c: use poll() instead of select() for checking file + descriptor activity to also correctly work if more than + FD_SETSIZE files are already open + * [r1781] common/tio.c: check if the file descriptor can be stored + in the select() file descriptor set + * [r1780] README: small clarifications to shadow properties + +2012-09-16 arthur + + * [r1771] nslcd/passwd.c: fix problem storing negative hit to + dn2uid cache (thanks scan-build) + * [r1770] nslcd/myldap.c: fix logic error when falling back to + getting ranged attribute values for possibly binary attributes + (thanks scan-build) + * [r1769] nslcd/myldap.c: swap values and buf assignment to avoid + compiler alignment warnings + +2012-09-15 arthur + + * [r1768] nslcd/passwd.c: only check nsswitch.conf for shadow + mapping on glibc (Solaris shadow map follows passwd's mapping and + FreeBSD doesn't have shadow at all) + * [r1767] nss/aliases.c, nss/ethers.c, nss/group.c, nss/hosts.c, + nss/netgroup.c, nss/networks.c, nss/passwd.c, nss/protocols.c, + nss/rpc.c, nss/services.c, nss/shadow.c: clear the *ent structs + before writing fields to avoid problems with extra fields (fixes + password field weirdness on Solaris 10) + +2012-09-14 arthur + + * [r1766] nss/hosts.c: fix host name lookups for Solaris (tested + with Solaris 10) + * [r1765] nss/ethers.c: use the standard constructor and destructor + eventhough be->fp isn't used + * [r1764] nss/ethers.c: fix ethernet lookups for Solaris (tested + with Solaris 10) + * [r1763] nslcd/alias.c, nslcd/ether.c, nslcd/group.c, + nslcd/host.c, nslcd/netgroup.c, nslcd/network.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c: + grow all search filter buffers to 4096 bytes (thanks flavio) + * [r1762] nslcd/pam.c: rename filter_buffer to filter for + consistency + +2012-09-08 arthur + + * [r1761] ChangeLog, ChangeLog-2011, Makefile.am: archive older + ChangeLog entries in year files + +2012-09-03 arthur + + * [r1749] nss/group.c: a few fixes in the Solaris group lookups + * [r1748] nss/common.h, nss/passwd.c: fix indenting of code + * [r1747] nss/ethers.c, nss/group.c, nss/hosts.c, nss/netgroup.c, + nss/networks.c, nss/passwd.c, nss/protocols.c, nss/rpc.c, + nss/services.c, nss/shadow.c: on Solaris store the errno value in + NSS_ARGS(args)->erange + +2012-09-01 arthur + + * [r1746] compat/pam_get_authtok.c: include a missing cast + * [r1745] nslcd/myldap.c: provide an alternative do_rebind() for + Netscape LDAP + * [r1744] nslcd/nslcd.c: include an explicit cast to int when + printing gid_t (fixes r1723) + +2012-08-31 arthur + + * [r1736] depcomp: mark file as executable + * [r1735] man/nslcd.conf.5.xml, nslcd/cfg.c, pynslcd/cfg.py: change + the default value of sasl_canonicalize to yes (thanks Marcus + Moeller) + +2012-08-14 arthur + + * [r1734] nslcd/myldap.c: remove variable definition that was + introduced in r1626 but should have been removed in r1714 + * [r1733] man/nslcd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, + nslcd/myldap.c, pynslcd/cfg.py, pynslcd/pynslcd.py: introduce a + sasl_canonicalize option that will now, by default, disable + reverse host name lookups in OpenLDAP + +2012-07-23 arthur + + * [r1731] nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c: ensure + that all places where stdint.h is included it is surrounded by + #ifdefs + +2012-07-21 arthur + + * [r1725] nslcd/common.h: only inlude stdint.h if we have it + * [r1724] nslcd/common.h: add missing includes to ensure all types + are defined in header + +2012-07-20 arthur + + * [r1723] configure.ac, nslcd/cfg.c, nslcd/cfg.h, nslcd/nslcd.c, + pynslcd/pynslcd.py: on startup have the gid option default to the + primary group of the specified user and load the user's + supplementary groups + * [r1722] Makefile.am, ldapns.ldif: add an LDIF version of the + ldapns.schema schema file + +2012-07-15 arthur + + * [r1721] pynslcd/pynslcd.py: avoid setting tls_randfile twice and + remove fixed FIXME (fixed in r1717) + * [r1720] pynslcd/pynslcd.py: set the pynslcd process name if + possible + * [r1719] pynslcd/cfg.py: support getting + pam_password_prohibit_message from configuration (but don't + handle it yet) + * [r1718] pynslcd/cfg.py, pynslcd/pam.py: rename internal + pam_authz_search to pam_authz_searches + * [r1717] pynslcd/pynslcd.py: properly set most LDAP options from + configuration + +2012-07-11 arthur + + * [r1716] pam/pam.c: also check pam_password_prohibit_message in + pam_sm_authenticate() because Solaris does authentication before + pam_sm_chauthtok() (thanks Ted Cheng) + +2012-07-08 arthur + + * [r1715] man/nslcd.conf.5.xml, nslcd.h, nslcd/Makefile.am, + nslcd/cfg.c, nslcd/cfg.h, nslcd/common.h, nslcd/config.c, + nslcd/nslcd.c, nslcd/pam.c, pam/pam.c: implement a + pam_password_prohibit_message nslcd.conf option to deny password + change introducing a NSLCD_ACTION_CONFIG_GET request thanks to + Ted Cheng + * [r1714] nslcd/myldap.c: remove duplicate getting of + LDAP_OPT_DIAGNOSTIC_MESSAGE (should have been part of r1639) + +2012-07-07 arthur + + * [r1713] AUTHORS, pynslcd/Makefile.am: ensure that cache.py is + installed (thanks Jon Severinsson) + +2012-06-29 arthur + + * [r1707] ChangeLog, NEWS, TODO, configure.ac, man/nslcd.8.xml, + man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get files ready for + 0.8.10 release + * [r1706] config.sub: update from latest automake + +2012-06-17 arthur + + * [r1705] HACKING: minor documentation touch-ups + +2012-06-15 arthur + + * [r1704] Makefile.am: install the default configuration file with + reduced permissions (further protection for CVE-2009-1073) + * [r1703] nslcd/pam.c: log successful password change in nslcd and + correctly terminate protocol on password change failure + * [r1702] pam/pam.c: fix problem with returning wrong error code + when changing password with wrong old password (thanks Anton + Helwart) + +2012-05-25 arthur + + * [r1701] README: reword section on bug reporting and add a + reference to the ignorecase option on the case sensitivity + section + * [r1700] HACKING: include list of required libraries and do not + put information on AUTHORS file on the patch requirements + +2012-05-20 arthur + + * [r1695] ChangeLog, NEWS, configure.ac, man/nslcd.8.xml, + man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get files ready for + 0.8.9 release + * [r1694] nslcd/cfg.c, nslcd/common.c, nslcd/group.c, + nslcd/passwd.c, nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, + nslcd/shadow.c: implement extra range checking of all numeric + values + +2012-05-18 arthur + + * [r1693] configure.ac, nslcd/myldap.c, nslcd/nslcd.c, + nss/bsdnss.c: get rid of a few compiler warnings on FreeBSD + +2012-05-11 arthur + + * [r1690] compat/nss_compat.h, configure.ac: provide a + compatibility version of struct spwd for systems without it + * [r1688] compat/socket.h: fix fallback definition of SUN_LEN() + (fixes r1686) + +2012-05-09 arthur + + * [r1686] common/nslcd-prot.c, compat/Makefile.am, + compat/nss_compat.h, compat/socket.h, nslcd/nslcd.c: provide a + compatibility definition of SUN_LEN() for systems that lack it + * [r1685] nslcd/nslcd.c: remove duplicate debug from log message + +2012-05-04 arthur + + * [r1684] pynslcd/pam.py: implement PAM authorisation check using + pam_authz_search option + * [r1683] pynslcd/pam.py: ignore user-supplied DN for PAM requests + and don't send it back + * [r1682] pynslcd/Makefile.am, pynslcd/attmap.py, pynslcd/cfg.py, + pynslcd/expr.py: move expression handling to own module + * [r1681] pynslcd/common.py: ensure search also works without + attribute map + * [r1680] pynslcd/cfg.py: small code style improvements + * [r1679] man/nslcd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, + nslcd/pam.c, pynslcd/cfg.py: allow the pam_authz_search option to + be specified multiple times + * [r1678] nslcd/nslcd.c: don't try to close _SC_OPEN_MAX file + descriptor + +2012-05-02 arthur + + * [r1677] compat/pam_compat.h, compat/pam_get_authtok.c: move all + PAM_AUTHTOK_RECOVERY_ERR compatibility definitions to + compat/pam_compat.h + +2012-04-29 arthur + + * [r1673] README: documentation touch-ups + +2012-04-27 arthur + + * [r1662] ChangeLog, NEWS, configure.ac, man/nslcd.8.xml, + man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get files ready for + 0.8.8 release + * [r1660] Makefile.am, ldapns.schema: add a schema file that some + people use for PAM + +2012-04-26 arthur + + * [r1659] common/tio.c, common/tio.h, nss/common.h: split the + functionality to read everything from the stream into a separate + function and don't assume we use non-blocking IO (fix r1637) + * [r1658] tests/test_pamcmds.expect: support alternative unknown + user response + +2012-04-22 arthur + + * [r1653] ChangeLog, NEWS, configure.ac, man/nslcd.8.xml, + man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get files ready for + 0.8.7 release + +2012-04-09 arthur + + * [r1649] compile, depcomp: update files from recent automake + +2012-03-23 arthur + + * [r1643] nslcd/pam.c: increase buffer for pam_authz_search as + suggested by Chris J Arges + +2012-03-16 arthur + + * [r1642] pynslcd/attmap.py: support the upper and lower functions + in attribute mapping expressions + * [r1641] pynslcd/attmap.py, pynslcd/common.py, pynslcd/pam.py: + refactor some of the attribute mapping code to introduce a + mapping instance that does the hard work and support the lower() + and upper() attribute mapping functions + * [r1640] pynslcd/pynslcd.py: implement a getpeercred() function + * [r1639] nslcd/myldap.c: always try to log the ldap error, the + diagnostic message and errno if available in a consistent format + * [r1638] nss/common.h: put both tio_skip() and tio_close() within + if (fixes r1637) and clarify documentation of one part of the + code + +2012-03-14 arthur + + * [r1637] common/tio.c, common/tio.h, nss/common.h: read any + remaining available data from the stream when closing the + connection in a normal way to prevent Broken pipe messages in + nslcd + * [r1636] common/tio.c: ensure that we don't try to read more than + SSIZE_MAX bytes + +2012-03-13 arthur + + * [r1635] AUTHORS, man/nslcd.conf.5.xml: document the fact that + each thread opens it's own connection (patch by Chris Hiestand) + * [r1634] AUTHORS, man/nslcd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, + nslcd/common.h, nslcd/group.c, nslcd/netgroup.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c: + make whether or not to do case-sensitive filtering configurable + (patch by Matthew L. Dailey) + * [r1633] compile, config.guess, config.sub, missing: update from + latest automake + +2012-03-10 arthur + + * [r1632] nslcd/cfg.c: when doing DNS queries for SRV records + recognise default ldap and ldaps ports + * [r1631] nslcd/common.h: add missing include for + _POSIX_HOST_NAME_MAX (thanks Mel Flynn) + * [r1628] nslcd/pam.c: fix log message for invalid pam_authz_search + as reported by Matt Rae + +2012-03-05 arthur + + * [r1627] nslcd/myldap.c: remove extra newline from log message + * [r1626] compat/ldap_compat.h, nslcd/myldap.c: provide more + detailed logging information for ldap_start_tls_s() failures + (based on a patch by Mel Flynn) + +2012-02-29 arthur + + * [r1625] nslcd/myldap.c: log the first 10 search results in debug + mode to make debugging easier (patch by Matthijs Kooijman) + * [r1624] README, nslcd/nslcd.c: update copyright years + +2012-01-29 arthur + + * [r1616] ChangeLog, NEWS, configure.ac, man/nslcd.8.xml, + man/nslcd.conf.5.xml, man/pam_ldap.8.xml: get files ready for + 0.8.6 release + * [r1615] pynslcd/alias.py, pynslcd/cache.py, pynslcd/common.py, + pynslcd/ether.py, pynslcd/group.py, pynslcd/host.py, + pynslcd/netgroup.py, pynslcd/network.py, pynslcd/passwd.py, + pynslcd/protocol.py, pynslcd/rpc.py, pynslcd/service.py, + pynslcd/shadow.py: implement a naive offline cache + * [r1614] pynslcd/group.py: small simplification in group lookups + (member attributes are not requested anyway) + * [r1613] pynslcd/alias.py, pynslcd/common.py, pynslcd/ether.py, + pynslcd/group.py, pynslcd/host.py, pynslcd/netgroup.py, + pynslcd/network.py, pynslcd/passwd.py, pynslcd/protocol.py, + pynslcd/rpc.py, pynslcd/service.py, pynslcd/shadow.py: split the + result handling into a convert() and write() step + +2012-01-20 arthur + + * [r1611] nslcd/netgroup.c, pynslcd/pynslcd.py: formatting fixes + * [r1605] nslcd/nslcd.c: clarify error messages and fix typo in + comment + * [r1604] Makefile.am, debian: separate the Debian packaging from + main sources switching to non-native Debian package (using + svn-buildpackage) + * [r1603] pynslcd/Makefile.am: add missing Python modules to + tarball + +2012-01-17 arthur + + * [r1597] AUTHORS, nss/bsdnss.c: FreeBSD compilation fixes by Maxim + Vetrov + * [r1596] common/nslcd-prot.c, nslcd/nslcd.c: pass the correct size + of named socket address (fixes FreeBSD issue, fixes r1295) + +2012-01-16 arthur + + * [r1595] INSTALL, compile, depcomp, install-sh, py-compile: update + files from recent automake + +2012-01-09 jhrozek + + * [r1594] nslcd/common.c: Add a matching va_end() for va_start() in + mysnprintf() + * [r1593] nslcd/myldap.c: Warn if ldap_set_option() fails for + LDAP_OPT_ERROR_NUM + * [r1592] nslcd/nslcd.c: Warn if fd cannot be closed in is_locked() + * [r1591] nslcd/netgroup.c: Check NULL return in write_netgroup() + * [r1590] nslcd/pam.c: Do not leak memory if myldap_escape() fails + * [r1589] nslcd/pam.c: Return from update_username() if + myldap_get_values() returns invalid value + + If myldap_get_values() failed for the attmap_passwd_uid, + nss-pam-ldapd + would dereference a NULL pointer. + +2012-01-06 arthur + + * [r1588] pynslcd/alias.py, pynslcd/cfg.py, pynslcd/common.py, + pynslcd/ether.py, pynslcd/group.py, pynslcd/host.py, + pynslcd/mypidfile.py, pynslcd/netgroup.py, pynslcd/network.py, + pynslcd/pam.py, pynslcd/passwd.py, pynslcd/protocol.py, + pynslcd/pynslcd.py, pynslcd/rpc.py: user the logging framework, + handle exceptions properly and some cleanups + +2012-01-05 arthur + + * [r1587] debian/po/zh_CN.po: updated Simplified Chinese (zh_CN) + translation of debconf templates by zym + +2012-01-02 arthur + + * [r1586] debian/po/nb.po: updated Norwegian Bokmål (nb) + translation of debconf templates by Bjørn Steensrud diff --git a/ChangeLog-2013 b/ChangeLog-2013 new file mode 100644 index 0000000..96da034 --- /dev/null +++ b/ChangeLog-2013 @@ -0,0 +1,1274 @@ +2013-12-28 Arthur de Jong + + * [e3f0453] configure.ac: Re-organise ldap function tests + +2013-12-21 Arthur de Jong + + * [3ce5ef9] : Make dn2uid cache tuneable + + This introduces a new cache configuration option that allows + setting positive and negative cache lifetimes for the dn2uid cache. + + * [19f3cc3] tests/test_cfg.c: Add a test for new configuration option + + * [09969cf] man/nslcd.conf.5.xml: Document cache option in + manual page + + * [a0c90d2] nslcd/passwd.c: Use dn2uid cache options + + The configuration values are used in the cache to determine + positive and negative hit TTLs. This also allows completely + disabling the cache. + + * [99ad1b4] nslcd/cfg.c, nslcd/cfg.h: Implement a cache configuration + option + + This adds the cache nslcd.conf configuration option to configure + the dn2uid cache in nslcd with a positive and negative cache + lifetime. + +2013-12-19 Arthur de Jong + + * [82bac61] nslcd/passwd.c: Have positive and negative cache timeouts + + The positive value determines the time a found entry is valid, + the negative timeout determines the lifetime of not found entries. + + * [b9ec6df] nslcd/cfg.c: Support printing children search scope + + This fixes 2caeef4. + +2013-12-18 Arthur de Jong + + * [9f02853] nslcd/alias.c, nslcd/common.c, nslcd/common.h, + nslcd/ether.c, nslcd/group.c, nslcd/host.c, nslcd/myldap.c, + nslcd/netgroup.c, nslcd/network.c, nslcd/pam.c, nslcd/passwd.c, + nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c, + nslcd/usermod.c: Centralise buffer sizes + + Common buffer sizes are now stored centrally so it can be easily + and consistently updated if required. Some buffers remain with + locally defined sizes that do not match a global buffer size. + +2013-11-25 Arthur de Jong + + * [23a41ce] compat/pam_get_authtok.c, compat/pam_prompt.c, + configure.ac, pam/pam.c: Add a test for pam_get_item() argument + type + + This checks whether pam_get_item() takes a const void ** or void + ** item value argument and defines a PAM_ITEM_CONST macro that + is const when it should. This avoids some compiler warnings. + +2013-10-30 Arthur de Jong + + * [81bfb8b] ChangeLog, NEWS, configure.ac, man/chsh.ldap.1.xml, + man/getent.ldap.1.xml, man/nslcd.8.xml, man/nslcd.conf.5.xml, + man/pam_ldap.8.xml, man/pynslcd.8.xml: Get files ready for + 0.9.2 release + +2013-10-29 Arthur de Jong + + * [ef0edda] tests/test_myldap.sh, tests/test_nsscmds.sh, + tests/test_pamcmds.expect: Portability fixes to environment tests + + This mostly tries to reduce the influences of the test environment + (local users and groups) on the tests. This uses another username + (vsefcovic) in the PAM tests instead of the user arthur to avoid + clashes with existing users. + + The PAM tests are skipped if passwd claims that it cannot modify + LDAP passwords (for FreeBSD). + + * [f8af48f] compat/ldap_parse_passwordpolicy_control.c, + nslcd/common.c, nslcd/config.c, nslcd/group.c, nslcd/nslcd.c, + nslcd/pam.c, nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, + nss/bsdnss.c, nss/ethers.c, nss/group.c, nss/netgroup.c, + nss/networks.c, nss/passwd.c, nss/protocols.c, nss/rpc.c, + nss/services.c, pam/pam.c: Fix a number of compiler warnings + + This includes a number of small fixes for issues that were + formerly masked by the incorrect AC_LANG_PROGRAM check. + + * [88801f9] configure.ac: Add -Werror=implicit if compiler + supports it + + * [933bf8e] configure.ac: Fix usage of AC_LANG_PROGRAM + + Apparently the macro got changed a long time ago to provide a + main() definition. This bug caused the extra warning flags to + not be added. + + * [6028226] compat/Makefile.am, compat/shell.h, configure.ac, + nslcd/usermod.c: Compatibility definitions for + {set,get,end}usershell() + + This provides compatibility definitions for systems that don't + have these functions (some Solaris flavours). + +2013-10-28 Arthur de Jong + + * [ed4cf47] nslcd/nslcd.c: Start invalidator after locking pidfile + + This causes the pidfile to be written as the first thing after + daemonising nslcd to minimise the race between service script + completion and pidfile being locked. + +2013-10-27 Arthur de Jong + + * [503644b] HACKING, README: Update documentation + + * [6be316e] autogen.sh, configure.ac: Specify m4 directory in + configure script + +2013-10-25 Arthur de Jong + + * [1d8db24] nslcd/myldap.c, pynslcd/search.py: Also run invalidators + on initial connect + + This also invalidates the caches configured with + reconnect_invalidate on the first successful search. This should + handle the case more gracefully where caches were filled with + negative hits before nslcd was running. + + * [ee8737f] tests/Makefile.am: Distribute setup_slapd.sh and + associated files + +2013-10-22 Arthur de Jong + + * [e28e937] tests/test_myldap.sh, tests/testenv.sh: Improve + portability of ldap test + + This supports old ldapsearch commands that don't support the -x + and -H options and ldapsearch commands that don't exit with a + failure code if nothing is found. + + This also switches the test_myldap test to use the testenv check + for the LDAP server. + +2013-10-20 Arthur de Jong + + * [8cc354a] tests/test_pamcmds.expect: Handle other responses + in test_pamcmds + + This extends test_pamcmds to handle other pam/su/passwd errors + and responses (as seen on CentOS 5). Also switch to stronger + password when changing the test user's password to avoid problems + with password strength checks. + + * [0a95557] tests/Makefile.am, tests/in_testenv.sh, + tests/test_nsscmds.sh, tests/test_pamcmds.expect, + tests/test_pamcmds.sh, tests/testenv.sh: Make script to check + test environment + + This changes the in_testenv.sh script into testenv.sh which has + more checks and a few functions to configure the test environment. + + * [1899e9a] tests/test.ldif: Remove unnecessary attributes from + test.ldif + + * [cebc2a1] tests/README: Update tests README + + This refreshes the documentation of the tests, especially the + test environment. + + * [7cbb439] tests/config.ldif, tests/setup_slapd.sh: Provide a + script for setting up slapd + + The setup_slapd.sh script can be used to set up and start a + slapd instance in a single (temporary) directory. The slapd + instance is configured and loaded with test data for use in the + test environment. + +2013-10-19 Arthur de Jong + + * [aeccbfe] tests/test_nsscmds.sh: Fix sortgroup function + + This fixes an issue with the sortgroup function which failed to + handle a group line with only two colons correctly. Such group + entries have been seen in the wild on FreeBSD. + + Also, comment lines in group files are now ignored (also seen + on FreeBSD). + +2013-10-14 Arthur de Jong + + * [0697347] common/dict.c: Use djb2 hash in dict module + + This slightly modifies the string hashing function to use the + djb2 hash. This hash is supposed to be reasonably fast and have + reasonably few collisions. + +2013-10-07 Arthur de Jong + + * [61e96bf] nslcd/cfg.h: Increase NSS_LDAP_CONFIG_MAX_BASES to 31 + + This allows more search bases which may be useful in some + environments. + +2013-09-15 Arthur de Jong + + * [2f088ec] common/tio.c: Also support poll() returning EAGAIN + +2013-09-13 Arthur de Jong + + * [173d768] configure.ac: Add more python module checks to configure + + * [b7ca95a] configure.ac: Make missing Python modules a waring + + This avoids having to have all modules installed in the build + environment. A Python version is still required during build. + + * [f36bb81] pynslcd/cache.py, pynslcd/group.py: Remove unneeded + imports + + * [8ae8b9a] Makefile.am, configure.ac, tests/Makefile.am: Cleanups + and fixes related to automake upgrade + + This removes a few legacy workarounds and fixes for older versions + of automake. This also removes adding specific DEBUG flags for + tests since subdir objects are handled differently now. + + * [2bd2bc4] pam/pam.c: Initialise msg to avoid potential NULL + pointer dereference + + The NULL pointer dereference in the PAM module should not occur due + to the relationship with the rc value that is handled alongside + it. This change mostly silences the compiler and protects from + future changes. + + * [dccc9cf] configure.ac: Add configure test for + {set,get,end}usershell() availability + +2013-09-08 Arthur de Jong + + * [4fc4197] autogen.sh: Upgrade to automake 1.14 + + * [bc6a18e] nslcd/nslcd.c: Use larger nslcd send buffers + + By using bigger write buffers in nslcd we reduce the number of + writes in nslcd and consequently the number of reads in the NSS + and PAM modules for bigger responses. + + This reduces the number of system calls that are made during + a request and brings a small performance improvement that is + mainly measurable in the NSS module. A measurement showed 30-80% + reduction in the number of system calls in the NSS module and + around 10% reduction in CPU usage (CPU time, only small reduction + in wallclock time). + + Thanks John Sullivan for pointing this out. + + * [58d50bf] configure.ac, man/Makefile.am: Add configure check to + see whether to install manual pages + + This also reworks the manual page generation check in the configure + script and avoids build errors if no tool for generating manual + pages is present when working on a Git checkout. + +2013-09-04 Arthur de Jong + + * [ce95b41] ldapns.ldif: Reformat LDIF file to follow OpenLDAP format + + This fixes a wrapping problem. Thanks to Paul Boven for pointing + this out. + +2013-09-02 Arthur de Jong + + * [8b169f1] tests/test_common.c: Fix permissions of test + configuration + + This sets the permissions on the nslcd-test.conf file while + running the tests to ensure that the permission checks for the + bindpwn and rootpwmodpw options do not fail the test. + + * [560e5de] .gitignore, tests/Makefile.am, tests/test_tio_timeout.c: + Add a test for tio timeout calculations + + This test checks whether the proposed remaining time to sleep + is reasonable. + + * [db5382e] .gitignore, tests/Makefile.am, tests/test_clock.c: + Add a test for clock_gettime() supported clocks + + This probes the system for available clocks to see if they can + be reliably used to get a monotonic-like timer (the test doesn't + verify the monotonic part, just usability). + + * [7895739] AUTHORS, common/tio.c, configure.ac: Use clock_gettime() + instead of gettimeofday() + + This avoids problems with system clock changes (though there + are some safeguards in place to avoid waiting too long on clock + changes). + + Thanks to John Sullivan for pointing this out. + + We can't easily use CLOCK_MONOTONIC_RAW or CLOCK_MONOTONIC_COARSE + even on platforms that define the clock because we can get + runtime errors. CLOCK_MONOTONIC seems to work on all tested + platforms that provide it. + + * [a683aa8] tests/test_manpages.sh: Small protability fix + + * [c8800eb] tests/test_manpages.sh: Improve robustness of + test_manpages + +2013-08-31 Arthur de Jong + + * [644df52] common/tio.c, common/tio.h: Use normal timeout handling + in tio_skipall() + + Use the same mechanism in tio_skipall() as in tio_read(), except + use a different timeout value. + + * [0787d45] common/tio.c: Refactor tio_wait() + + This changes the function to accept a file descriptor, an event + and timeout parameter directly instead of a confusing flag. + + * [07a8170] common/tio.c: Fix buffer overflow on interupted read + + The tio_read() function will read past its buffer and return + garbadge to the calling function if the call to read() was + interrupted by a signal. + + The likelyhood of read() being interupted is low because previously + a call to poll() has determined that data is available to be read. + + Thanks to John Sullivan for pointing this out. + + See: https://bugzilla.redhat.com/show_bug.cgi?id=1003011 + +2013-08-30 Arthur de Jong + + * [4897033] nslcd/common.h: In nslcd, log EPIPE only on debug level + + See: https://bugzilla.redhat.com/show_bug.cgi?id=1003011 + + * [c9e2f97] common/tio.c, common/tio.h, nss/common.h: Use a timeout + when skipping remaining result data + + When the NSS modules closes the connection and skips any remaining + result data, wait for up to 500 msec to read any available data. + + See: https://bugzilla.redhat.com/show_bug.cgi?id=1003011 + +2013-08-27 Bersl + + * [7140d21] AUTHORS, nslcd/group.c, nslcd/passwd.c, nslcd/shadow.c: + Increase password buffer size + + With the smaller buffers some password hashes would be truncated. + +2013-08-28 Arthur de Jong + + * [8571bc1] NEWS, README, common/dict.c, compat/attrs.h, + compat/nss_compat.h, man/nslcd.conf.5.xml, nslcd/myldap.c: + Fix for common spelling mistake + +2013-08-25 Arthur de Jong + + * [890d227] AUTHORS, ChangeLog, NEWS, configure.ac, + man/chsh.ldap.1.xml, man/getent.ldap.1.xml, man/nslcd.8.xml, + man/nslcd.conf.5.xml, man/pam_ldap.8.xml, man/pynslcd.8.xml: + Get files ready for 0.9.1 release + + * [f9b4b43] Makefile.am: Have a nicer way of generating the ChangeLog + + This adds the commit id, improves the line wrapping and also + gets rid of the external dependency. + + * [321d8a3] pynslcd/pynslcd.py: Handle failure of getpeercred + more gracefully + + * [f18729e] tests/Makefile.am: Only run pynslcd tests if it + is enabled + + * [f54f2ad] configure.ac, m4/ax_python_module.m4: Add configure + test for Python modules + + This uses the AX_PYTHON_MODULE test to check for availability + of used Python modules. All third-party modules and modules that + are not a builtin for Python 2.5 are tested. + + This also splits the tests for the utils and pynslcd. + + * [6f61482] pynslcd/attmap.py, pynslcd/group.py, pynslcd/pynslcd.py, + pynslcd/tio.py, utils/getent.py, utils/nslcd.py: Rearrange + Python imports + +2013-08-23 Arthur de Jong + + * [f6c20ee] nslcd/nslcd.c: Ignore SIGUSR2 for future compatibility + + * [27abbbb] man/Makefile.am, tests/Makefile.am, + tests/test_manpages.sh: Add a test for the manual pages + + This replaces e0491d2 to run xmlto from the man directory. This + handles the case more gracefully if xmlto is not available. + +2013-08-18 Arthur de Jong + + * [494833d] config.guess, config.sub: Update files from latest + automake + +2013-08-21 Arthur de Jong + + * [7b474d0] pynslcd/group.py, pynslcd/passwd.py, pynslcd/shadow.py: + Have pynslcd handle mapped userPassword + + This fixes an error that could occur when the userPassword was + retrieved from LDAP and insufficient privileges were available + for reading the attribute. + + * [b0358f7] : Retry LDAP servers quickly after receiving SIGUSR1 + + When nslcd receives the SIGUSR1 signal it will retry connecting + to unavailable LDAP servers sooner. + + This signal can for example be sent when (re)stablishing a + network connection. + +2013-08-20 Arthur de Jong + + * [ebbe8a6] man/nslcd.8.xml, nslcd/nslcd.c: Handle SIGUSR1 by + resetting the retry timer + + This implements and documents handling of the SIGUSR1 signal in + nslcd to reset the reconnect_sleeptime and reconnect_retrytime + timers to re-check availability of the LDAP server. + + * [8bdb289] nslcd/myldap.c, nslcd/myldap.h: Implement function + for resetting reconnect times + + This implemens a myldap_immediate_reconnect() function that + resets the reconnect timer to retry failing connections to the + LDAP server upon the next search. + + This can be used to cut the reconnect_sleeptime and + reconnect_retrytime sleeping periodss short if we have some + indication that the LDAP server is available again. + + * [d58f163] nslcd/common.h, nslcd/nslcd.c, nslcd/shadow.c: Return + partial shadow information to non-root users + + This also returns everything except the password hash from + the shadow database to non-root users (nothing was returned + before). This allows non-root users to do PAM authentication in + some configurations. + + On some systems there is a setgid executable that is allowed to + read /etc/shadow for authentication by e.g. screensavers. Returning + no shadow information will cause pam_unix to deny authorisation + in common configurations. + + See: http://bugs.debian.org/706913 + + * [34365b4] nslcd/cfg.c: Add cast to int when logging configuration + summary + +2013-08-18 Arthur de Jong + + * [44a38eb] pam/pam.c: Small fix in NEW_AUTHTOK_REQD handling + + There is a potential memory leak if the old password is saved + multiple times. Furthermore, PAM_NEW_AUTHTOK_REQD is only allowed + as a result of the authorisation phase, not the authentication + phase so there is no use in checking. + + * [d8637bb] pynslcd/pam.py: Fix rootpwmodpw handling in pynslcd + + * [13d31b7] pynslcd/common.py: Fix not logging passwords in pynslcd + (7108b1f) + + * [7e90541] tests/nslcd-test.conf, tests/test.ldif: Update files + from test environment + +2013-07-29 Arthur de Jong + + * [724a75f] utils/getent.py: Improve error and help output of + getent command + +2013-08-18 Arthur de Jong + + * [882f7be] tests/Makefile.am, tests/pylint.rc, tests/test_pylint.sh: + Run pylint as a test + + This runs a somewhat limited pylint run against the source + files. It should at least catch some issues. + + * [79209ee] pynslcd/common.py, pynslcd/group.py, pynslcd/pam.py, + pynslcd/passwd.py: Rename isvalidname() to is_valid_name() + in pynslcd + +2013-08-10 Arthur de Jong + + * [e0491d2] man/Makefile.am: Run xmlto on manual pages as part of + the tests + +2013-08-18 Arthur de Jong + + * [7108b1f] pynslcd/common.py: Do not log passwords in pynslcd + + * [cda6dcd] : Implement an option to run in the foreground + + This introduces a -n, --nofork option that skips the deamonising + step on start-up. This may be required for running nslcd from + upstart. + + See: https://bugs.launchpad.net/bugs/806761 + + * [1825be6] man/nslcd.8.xml, man/pynslcd.8.xml: Document -n, + --nofork option + + * [82bcfd7] pynslcd/pynslcd.py: -n switch for pynslcd + +2013-08-17 Caleb Callaway + + * [14b93b9] nslcd/nslcd.c: -n switch for nslcd (prevents process + from forking) + +2013-08-17 Arthur de Jong + + * [8a3f0f5] : Improvements to pynslcd caching functionality + + This fixes most of the existing caching functionality. Cache + expiry, negative hits and entries going away remain to be + implemented. + +2013-08-16 Arthur de Jong + + * [a066bcb] configure.ac, tests/Makefile.am, + tests/test_pynslcd_cache.py: Implement tests for caching + functionality + +2013-08-12 Arthur de Jong + + * [d66162a] pynslcd/alias.py, pynslcd/cache.py, pynslcd/group.py, + pynslcd/host.py, pynslcd/netgroup.py, pynslcd/network.py, + pynslcd/protocol.py, pynslcd/rpc.py, pynslcd/service.py: Use + retrieve_by, group_by and group_columns in the cache + + This removes custom retrieve() functions and Query classes from + the database modules and uses retrieve_sql retrieve_by, group_by + and group_columns to make a custom retrieval query. + + In the cache module this completely replaces how the query grouping + is done. The Query class is now only used inside the cache and the + CnAliasedQuery, RowGrouper and related classed have been removed. + +2013-04-23 Arthur de Jong + + * [bfe22cc] pynslcd/cache.py: Make Cache a context manager + +2013-08-12 Arthur de Jong + + * [1b89df5] pynslcd/alias.py, pynslcd/cache.py, pynslcd/group.py, + pynslcd/host.py, pynslcd/netgroup.py, pynslcd/network.py, + pynslcd/protocol.py, pynslcd/rpc.py, pynslcd/service.py: Give + cache tables friendlier names + + This also defined the tables for netgroup storage. + +2013-08-11 Arthur de Jong + + * [7671276] pynslcd/alias.py, pynslcd/cache.py, pynslcd/group.py, + pynslcd/host.py, pynslcd/network.py, pynslcd/protocol.py, + pynslcd/rpc.py, pynslcd/service.py: Explicitly define tables + used for cache + + This introduces the tables property in the Cache object that is + used to define the used tables. + + This also fixes the storing of mulit-valued attributes in + the cache. + +2013-04-16 Arthur de Jong + + * [b0b5723] pynslcd/alias.py, pynslcd/cache.py, pynslcd/ether.py, + pynslcd/group.py, pynslcd/host.py, pynslcd/netgroup.py, + pynslcd/network.py, pynslcd/passwd.py, pynslcd/protocol.py, + pynslcd/rpc.py, pynslcd/service.py, pynslcd/shadow.py: Move + cache table creation to modules + + This also moves the creation of a SQLite database connection to + a _get_connection() function to ensure the cache is only created + when the caches are instantiated. + +2013-07-30 Arthur de Jong + + * [84d22e6] pynslcd/passwd.py: Fix missing part of d659e83 + +2013-07-29 Arthur de Jong + + * [ec53918] pynslcd/group.py, pynslcd/passwd.py: Use cleaner import + and get rid of uid2dn function in pynslcd + + * [d659e83] pynslcd/cfg.py, pynslcd/passwd.py: Handle the nss_min_uid + option in pynslcd + + * [7092d40] pynslcd/cfg.py, pynslcd/group.py: Handle the + nss_initgroups_ignoreusers option in pynslcd + + * [a0e12e6] pynslcd/cfg.py, pynslcd/pam.py: Fix handling of + pam_password_prohibit_message in pynslcd + + * [fa97bcc] pynslcd/Makefile.am, pynslcd/config.py, + pynslcd/pynslcd.py: Implement config request handling in pynslcd + + This allows the PAM module to request the + pam_password_prohibit_message option for denying password change. + + * [a3acbec] pynslcd/pam.py: Implement PAM session handling in pynslcd + + Just like in nslcd this doesn't actually do anything with the + session ids except generating them. + +2013-07-26 Arthur de Jong + + * [4031750] pynslcd/search.py: Properly handle start_tls in pynslcd + +2013-07-27 Arthur de Jong + + * [5d3f681] configure.ac: Have configure show --disable-utils + by default + + Since the utils are automatically built if Python is available + --disable is more appropriate a default then --enable. + + * [5adc2ca] tests/test_pycompile.sh: Have test_pycompile not write + any pyc files + + We need to avoid writing pyc files because during make distcheck, + the source directory is read-only. + + This also ensures that the test is skipped if the Python + interpreter is not found. + + * [e17730f] README: Dcoumentation updates + + This fixes a typo, clarifies the section on the LDAP schema + values that are supported and updates the differences between + nss-pam-ldapd and nss_ldap and pam_ldap. + +2013-07-26 Arthur de Jong + + * [30ffdb2] tests/Makefile.am, tests/test_pycompile.sh: Test Python + syntax on make check + + * [10eec70] : Merge fixes for reconnect_invalidate option + + The branch accidentally got merged before it was fully tested. + + * [dce98a5] nslcd/cfg.c, nslcd/invalidator.c, pynslcd/invalidator.py, + pynslcd/pynslcd.py: Fix errors in invalidator changes + + This fixes a few typos and an omission in the configuration file + parsing code. + + * [7c85202] : Make cache invalidation more generic + + This changes the nscd_invalidate option into a more generic + reconnect_invalidate and also allows clearing the nfsidmap cache. + + * [e1b0399] man/nslcd.conf.5.xml, nslcd/Makefile.am, nslcd/cfg.c, + nslcd/cfg.h, nslcd/common.h, nslcd/invalidator.c, nslcd/myldap.c, + nslcd/nscd.c, nslcd/nslcd.c, pynslcd/Makefile.am, pynslcd/cfg.py, + pynslcd/invalidator.py, pynslcd/nscd.py, pynslcd/pynslcd.py, + pynslcd/search.py, tests/Makefile.am: Rename nscd_invalidate + option to reconnect_invalidate + + This also renames the internal nscd module to invalidator for + both nslcd and pynslcd. The new invalidator module is now no + longer nscd-specific. + + * [6054499] man/nslcd.conf.5.xml, nslcd/attmap.c, nslcd/cfg.c, + nslcd/cfg.h, nslcd/nscd.c, pynslcd/cfg.py, pynslcd/nscd.py: + Allow invalidating the nfsidmap cache + + This introduces an nfsidmap value for nscd_invalidate which will + cause the nfsidmap -c command to be run. + +2013-07-17 Arthur de Jong + + * [d2e2e40] pynslcd/nscd.py: Fix nscd cache flushing bug in pynslcd + + The pynslcd implementation would always clear the passwd nscd + cache regardless of the provided map. + +2013-07-11 Arthur de Jong + + * [5b78508] .gitignore, INSTALL, ar-lib, autogen.sh, compile, + config.guess, config.sub, configure.ac, depcomp, install-sh, + missing, mkinstalldirs, py-compile, test-driver: Upgrade to + automake 1.13 + +2013-05-20 Arthur de Jong + + * [ee7b2e9] tests/lookup_shadow.c: Add an explicit cast to int + in lookup_shadow + +2013-04-14 Arthur de Jong + + * [b6f5047] nslcd/nscd.c: Make tests for system call failures a + little more robustly + +2013-05-10 Arthur de Jong + + * [97d35f3] pynslcd/pynslcd.py: Ignore errors in opening NSS module + +2013-04-12 Arthur de Jong + + * [b15dc66] pynslcd/cache.py, pynslcd/cfg.py, pynslcd/group.py, + pynslcd/nscd.py, pynslcd/pynslcd.py, pynslcd/search.py, + pynslcd/shadow.py, pynslcd/tio.py, pynslcd/usermod.py, + utils/chsh.py, utils/getent.py, utils/nslcd.py, utils/users.py: + Python style changes + + This tries to conform more closely to PEP8. Imports have been + checked and, if used only once, moved closer to the use to avoid + potential import loops. This also includes a few other minor + changes, like using __main__ for utility scripts and variable + renames to avoid name clashes. + + * [d3c6a66] pynslcd/pam.py: Raise an error with a missing old + password on password modification + + * [f45b24d] utils/nslcd.py: Set FD_CLOEXEC on the client socket + in utilities + + * [bc35197] pynslcd/pam.py: Fix getting caller's uid on password + change (pynslcd) + +2013-04-06 Arthur de Jong + + * [84402e5] utils/Makefile.am: Install utilities in share/nslcd-utils + + * [b5b4239] man/Makefile.am: Fix the way manual pages are installed + + The :u flag apparently isn't portable across versions of make + and automake rules complain if a manual page is added twice to + a target. + +2013-04-05 Arthur de Jong + + * [187c626] ChangeLog, NEWS, TODO, configure.ac, + man/getent.ldap.1.xml, man/nslcd.8.xml, man/nslcd.conf.5.xml, + man/pam_ldap.8.xml, man/pynslcd.8.xml: Get files ready for + 0.9.0 release + + * [2616f43] pynslcd/Makefile.am: Include the usermod.py file in + the distribution + + * [c519729] man/chsh.ldap.1.xml: Fix docbook validation + +2013-04-03 Arthur de Jong + + * [1c31305] configure.ac: Ignore missing Python in initial test + + * [4b01125] nslcd/nslcd.c: Fix comment + +2013-03-30 Arthur de Jong + + * [d7990de] pynslcd/pam.py: Update the shadowLastChange on password + change in pynslcd + + * [ea6bff3] pynslcd/pam.py: Implement password modification + in pynslcd + + * [62a409c] : Implement used modification functionality + + This adds user information modification functionality to nslcd + and pynslcd and implements a chsh.ldap utility that can be + used to change the login shell of a user (similar to the normal + chsh command). + + The user modification functionality should allow for generic + modifications of user information. More utility commands to + perform modifications remain to be implemented. + + * [012b185] .gitignore, man/Makefile.am, man/chsh.ldap.1.xml, + utils/Makefile.am, utils/chsh.py, utils/cmdline.py, utils/nslcd.py, + utils/shells.py, utils/users.py: Initial version of a chsh.ldap + utility + + * [d0482fb] pynslcd/pynslcd.py, pynslcd/usermod.py: Handle user + modification requests in pynslcd + + Similar to the nslcd implementation, this currently only covers + modifying the homeDirectory and loginShell attributes. + + * [f1895f9] nslcd/Makefile.am, nslcd/common.h, nslcd/nslcd.c, + nslcd/usermod.c: Handle user modification requests in nslcd + + This is currently limited to supporting modification of the + homeDirectory and loginShell attributes. + + Modifications as root currently use the rootpwmoddn and rootpwmodpw + options. + + * [8fb5eb1] nslcd.h: Define a NSLCD_ACTION_USERMOD request + + The modification can either be requested by root or by the + user itself. + + Modifications by the user should be done by connecting to the + LDAP server with the user-supplied credentials. It is expected + that access controls in the LDAP server prevent unwanted + modifications. The nslcd process is expected to check whether + supplied values are sensible. + + * [aae36cf] pynslcd/pam.py: Rename authentication function and + return connection + + * [355c2af] configure.ac: Fix test for absence of Python + + * [f478830] pynslcd/cfg.py: Mark unsupported pynslcd configuration + options + + * [2b097f7] configure.ac: Preset default configure values + consistently + + * [6ceb1df] configure.ac: Give an error when the Python interpreter + is missing + +2013-03-29 Arthur de Jong + + * [a47b20f] configure.ac: Build command-line utilities by default + if Python is available + + * [adde1d4] : Implement clearing of nscd cache in pynslcd + + * [a75cfb9] pynslcd/nscd.py, pynslcd/search.py: Detect and handle + connection failure and recovery + + Logs a connection recovery message and run a nscd cache + invalidation if configured. + + * [585d388] pynslcd/pynslcd.py: Start the nscd invalidator process + if needed + + * [d4c5c96] pynslcd/cfg.py: Parse the nscd_invalidate option + + * [11b1739] pynslcd/Makefile.am, pynslcd/nscd.py: Functionality + for clearing the nscd cache in pynslcd + + * [65a65ad] pynslcd/pynslcd.py: Switch to using os.environ instead + of os.putenv() + + The os.putenv() call doesn't update os.environ and Python + documentation recommends using os.environ. + + * [46cf240] pynslcd/pam.py: Rename validate_request to validate + + * [7d1e492] pynslcd/pam.py: Also perform authentication search + using LDAPSearch class + +2013-03-28 Arthur de Jong + + * [302c2fa] tests/test_nsscmds.sh: Make the NSS tests dependant + on the configuration of nsswitch.conf + + * [8790b40] tests/test_myldap.c: Do not rely on printf() being + able to print NULL strings + +2013-03-24 Arthur de Jong + + * [932c641] man/nslcd.conf.5.xml: Fix manual page generation + + * [07ca836] nslcd/cfg.h: Fix comment for nss_nested_groups config + option + + * [3daa68d] : Implement support for nested groups + + * [642064c] tests/test.ldif, tests/test_nsscmds.sh: Add tests for + nested group functionality + + This also includes some changes to the test directory contents + that were for other tests and functionality. + + * [b1b7648] README, man/nslcd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, + nslcd/group.c, pynslcd/cfg.py, pynslcd/group.py: Implement a + nss_nested_groups configuration option + + This option can be used in both nslcd and pynslcd to enable + recursive group member lookups. By default the functionality is + disabled. This also updates the documentation. + + * [d6a6e8b] pynslcd/common.py, pynslcd/group.py: Implement support + for nested groups in pynslcd + + * [41ba574] nslcd/group.c: Implement support for nested groups + in nslcd + + This differs from the code provided by Steve Hill in that it avoids + (recursively) performing parallel LDAP searches by queueing groups + and check for extra members per queued group (in the forward + lookup) or check for extra parents (for the user to groups lookup). + + For the reverse lookup handling the NSLCD_HANDLE macro could no + longer be used because extra care should be taken to free the + sets before returning and two search phases are needed. + +2013-03-20 Steve Hill + + * [08f5301] AUTHORS, nslcd/group.c: Implement a + mkfilter_group_bymemberdn() function + + This was part of a bigger change to implement nested groups, + however most of the other parts were re-implemented differently. + + For the original changes, see: + http://lists.arthurdejong.org/nss-pam-ldapd-users/2013/msg00034.html + +2013-03-24 Arthur de Jong + + * [edd119c] tests/test.ldif, tests/test.ldif.gz: Unpack the LDIF + file to make diffs clearer + + * [b0785de] nslcd/cfg.h, nslcd/myldap.c: spelling fixes + +2013-03-22 Arthur de Jong + + * [402d3f3] nslcd/service.c: fix service request logging + +2013-03-19 Jakub Hrozek + + * [f21efd6] nss/common.h: NSS: Return TRYAGAIN on zero-length buffer + + One of our customers was running into a situation where glibc + provided a zero buffer, which is a condition that is retriable + and the nss module should return NSS_STATUS_TRYAGAIN not + NSS_STATUS_UNAVAIL. + +2013-03-11 Arthur de Jong + + * [7926326] nss/shadow.c: fix the text representation of shadow + information for nscd on Solaris + + * [83c5788] .gitignore, tests/Makefile.am, tests/lookup_shadow.c: + implement a lookup_shadow test command for use on systems that + don't allow querying shadow via getent + +2013-03-10 Arthur de Jong + + * [fa27d94] nslcd/cfg.c, nslcd/nscd.c: fix a few compiler warnings + + * [0b5b4d1] configure.ac: guess the value for --with-pam-seclib-dir + if it is not specified + +2013-03-10 Arthur de Jong + + * [24c565c] tests/test_pamcmds.sh: small portability fix in + test_pamcmds.sh + + * [6a92621] nslcd/service.c: only log protocol name if it is present + + * [f7c6771] compat/ldap_parse_passwordpolicy_control.c, configure.ac: + also support systems without bet_get_enum() + +2013-03-09 Arthur de Jong + + * [ba5f39f] pynslcd/pynslcd.py: log hex value of action id to make + debugging easier + + * [11ca816] pynslcd/pam.py: ensure consistent naming of DN variables + + * [116d215] pynslcd/attmap.py, pynslcd/group.py, + pynslcd/netgroup.py, pynslcd/pam.py, pynslcd/search.py, + pynslcd/service.py, pynslcd/shadow.py: clean up imports and use + ldap.filter.escape_filter_chars() directly + + * [ac30060] pynslcd/pam.py, pynslcd/pynslcd.py, pynslcd/search.py: + move get_connection function to search module as Connection class + as subclass of ReconnectLDAPObject to automatically reconnect + to the LDAP server + + * [4e60340] pynslcd/Makefile.am, pynslcd/alias.py, pynslcd/common.py, + pynslcd/ether.py, pynslcd/group.py, pynslcd/host.py, + pynslcd/netgroup.py, pynslcd/network.py, pynslcd/pam.py, + pynslcd/passwd.py, pynslcd/protocol.py, pynslcd/rpc.py, + pynslcd/search.py, pynslcd/service.py, pynslcd/shadow.py: move + Search class to search module + + * [975ee2c] pynslcd/cfg.py: fix default logging configuration + setting in pynslcd + + * [8a67c9f] common/tio.c: fix the description of the + tio_time_remaining() function + + * [d19f1df] man/nslcd.conf.5.xml: document the nscd_invalidate option + + * [bf64710] nslcd/myldap.c, nslcd/nscd.c, nslcd/nslcd.c: start the + nscd invalidator and invalidate the nscd cache after reconnecting + to the LDAP server after failure + + * [d413a64] nslcd/cfg.c, nslcd/cfg.h: implement parsing of the + nscd_invalidate option + + * [008f8a9] configure.ac, nslcd/Makefile.am, nslcd/common.h, + nslcd/nscd.c, tests/Makefile.am: implement functionality to send + a cache invalidation signal to nscd + + * [9a6f5b2] nslcd/common.c, nslcd/common.h, nslcd/nslcd.c: move + signame() function to common.c to make it available to all modules + +2013-03-03 Arthur de Jong + + * [646dfa8] man/nslcd.conf.5.xml: document the trimming expressions + in the nslcd.conf(5) manual page + + * [54a3dba] pynslcd/expr.py: support trimming expressions with + full shell glob matching in pynslcd + + * [8655355] tests/test_expr.c: add tests for trimming expressions + +2013-01-04 Arthur de Jong + + * [6c05b76] common/expr.c: update the trimming expressions code + to follow the new coding style + +2012-12-03 Thorsten Glaser + + * [3731964] AUTHORS, common/expr.c: allow trimming expressions + with ${foo#bar} syntax in nslcd + +2013-03-01 Arthur de Jong + + * [f56f926] nslcd/myldap.c, nslcd/myldap.h, nslcd/pam.c: return + the password policy bind information via PAM + +2013-01-04 Arthur de Jong + + * [5fce062] compat/Makefile.am, compat/ldap_compat.h, + compat/ldap_passwordpolicy_err2txt.c, configure.ac: provide a + basic replacement implementation of ldap_passwordpolicy_err2txt() + for systems that don't have it + + * [37151df] compat/Makefile.am, compat/ldap_compat.h, + compat/ldap_parse_passwordpolicy_control.c, configure.ac: provide + a replacement implementation of ldap_parse_passwordpolicy_control() + for systems that don't have it + +2013-03-01 Arthur de Jong + + * [1c2ab50] compat/ldap_compat.h, configure.ac, nslcd/myldap.c: + request and parse password policy controls when doing user + authentication in nslcd + +2013-01-18 Arthur de Jong + + * [f2c49e6] nslcd/myldap.c: pass the session along to the do_bind() + function + +2013-03-03 Arthur de Jong + + * [117327e] configure.ac: add some missing checks to the configure + script + +2013-03-01 Arthur de Jong + + * [b4afe7c] nslcd/pam.c: log a more meaningful error in nslcd when + trying to authenticate as administrator when rootpwmoddn is not set + + * [31f9098] nslcd/common.h, nslcd/pam.c, nslcd/shadow.c: move + update_lastchange() function from shadow to pam code + + * [1a1bb07] utils/getent.py: move parsing to command line arguments + to main body + +2013-02-28 Arthur de Jong + + * [38fb524] TODO: update TODO (setnetgrent() returns an error + since r1874) + +2013-02-27 Arthur de Jong + + * [798820e] man/nslcd.conf.5.xml: include information about when + some of the options were added + + * [11283a5] nss/common.c: add missing include statement for NULL + definition + +2013-02-23 Arthur de Jong + + * [12076c7] nslcd/nslcd.c, pynslcd/pynslcd.py: log version + information from the NSS module + + * [3155cdf] nss/common.c, nss/exports.freebsd, nss/exports.glibc, + nss/exports.solaris: define and export an _nss_ldap_version symbol + + * [61a3fce] pynslcd/ether.py: also search for alternative macAddress + representation in pynslcd + +2013-02-12 Arthur de Jong + + * [a9aea20] nslcd/nslcd.c: extra sanity check to ensure not too + many file descriptors are open + +2013-02-23 Arthur de Jong + + * [bfdf7cd] nslcd.h: clarify NSLCD_ACTION_SERVICE_* request + parameter description + + * [1c6d856] man/nslcd.conf.5.xml, nslcd/cfg.c, tests/test_common.c: + allow names with one character in default validnames option and + allow parentheses (taken from Fedora packages) + + * [d54243a] man/nslcd.conf.5.xml: document the log option + + * [c75599d] pynslcd/cfg.py, pynslcd/pynslcd.py: handle the log + configuration option in pynslcd + + * [efca5ca] nslcd/cfg.c, nslcd/log.c, nslcd/log.h, nslcd/nslcd.c: + handle the log configuration option in nslcd + + * [22be9b0] nslcd/log.c, nslcd/log.h: implement functions for + configuring alternative logging + +2013-02-12 Arthur de Jong + + * [c12768a] man/getent.ldap.1.xml: fix docbook tag for file name + +2013-01-05 Arthur de Jong + + * [60f1d85] Makefile.am: generate ChangeLog with git2cl + + * [ba93d8f] ChangeLog, ChangeLog-2012: archive 2012 changelog + messages into a year file including the change from Subversion + +2013-01-28 Arthur de Jong + + * [91440f7] .gitignore, man/Makefile.am, man/getent.ldap.1.xml: + add getent.ldap(1) manual page + + * [ded7bd2] utils/Makefile.am, utils/cmdline.py, utils/getent.py, + utils/nslcd.py: implement a getent command to query nslcd while + bypassing NSS stack + +2013-01-26 Arthur de Jong + + * [3117668] .gitignore, Makefile.am, configure.ac, utils/Makefile.am: + add an --enable-utils option to configure to build command-line + utilities + +2013-01-09 Arthur de Jong + + * [7c01898] pynslcd/cache.py, pynslcd/common.py: disable pynslcd + cache for now + +2013-01-27 Arthur de Jong + + * [b9395c8] nslcd.h, nslcd/common.h, nslcd/netgroup.c, nslcd/nslcd.c, + pynslcd/netgroup.py: implement a netgroup_all request + +2013-01-18 Arthur de Jong + + * [0ae8e56] nslcd/nslcd.c: make checking dlsym() result a little + safer + + * [fb5d587] compat/ldap_passwd_s.c: fix copyright year + + * [16db596] common/tio.c: restructure timeout calculation in tio + to reduce the number of times gettimeofday() is called + + * [b01cd22] nslcd/log.c: use pthreads thread-local storage as + fallback mechanism if compiler doesn't provide a keyword for TLS + + * [d86497b] configure.ac, m4/ax_tls.m4, nslcd/log.c, nss/aliases.c, + nss/ethers.c, nss/group.c, nss/hosts.c, nss/netgroup.c, + nss/networks.c, nss/passwd.c, nss/protocols.c, nss/rpc.c, + nss/services.c, nss/shadow.c: use the AX_TLS macro to find + correct thread-local storage class compiler directive + + * [fa62cd3] nslcd/cfg.c, nslcd/cfg.h: dump full nslcd configuration + at debug level on start-up + +2013-01-16 Arthur de Jong + + * [2765100] man/Makefile.am: fix the way manual pages are generated + and distributed + +2013-01-14 Arthur de Jong + + * [2caeef4] man/nslcd.conf.5.xml, nslcd/cfg.c, pynslcd/cfg.py, + tests/test_cfg.c: support children search scope for systems that + have it + + * [4197ec3] pynslcd/cfg.py: fix parsing of scope option in pynslcd + + * [5e0bb05] tests/test_tio.c: support systems without ETIME + + * [b5b6c48] configure.ac, tests/lookup_netgroup.c: check whether + setnetgrent() returns int or void (for FreeBSD) + +2013-01-12 Arthur de Jong + + * [0a5ac8b] nslcd/cfg.c, tests/test_cfg.c: reorganise configuration + file parsing code + + * [82b31fe] nslcd/myldap.c: have myldap_get_ranged_values() return + a list of values instead of a set + + * [388821a] nslcd/cfg.c, nslcd/group.c, nslcd/passwd.c, + nslcd/shadow.c: check result of set_tolist() to ensure that + memory allocation problems are logged + + * [cdae946] nslcd/myldap.c: fix memory leak in + myldap_get_values_len() when using ranged attributes (very + unlikely to occur) + + * [9b11d41] nslcd/myldap.c: fix a problem in memory handling in + myldap_get_values_len() if malloc() would fail + + * [2a73fa1] configure.ac: drop -Wcase-qual when using + --enable-warnings because it was causing too much noise + +2013-01-10 Arthur de Jong + + * [4689d5f] nslcd/myldap.c: fix typo in comment + +2013-01-06 Arthur de Jong + + * [eb86f87] pynslcd/pam.py: request and parse password policy + controls when doing user authentication in pynslcd + + * [28aeaa4] pam/pam.c: do not recheck the user password in first + password phase if it was stored in the authentication phase + + * [ba18be7] nslcd/pam.c: perform search for pam_authz_search on + all search bases + +2013-01-05 Arthur de Jong + + * [65e184d] pynslcd/pam.py: some simplifications in the current + pynslcd PAM request handling + + * [8d054c8] nslcd/myldap.c, tests/test_cfg.c: update FIXMEs + + * [086a1a5] nslcd/ether.c: change ethernet address formatting from + FIXME to note + + * [c89c41b] pam/pam.c: save the old password if either the + authentication or the authorisation response is NEW_AUTHTOK_REQD + + * [33518d5] nslcd/myldap.c: inline most is_valid_...() functions + + * [5242233] compat/ldap_initialize.c: remove not needed define + + * [7a2b63f] common/nslcd-prot.h: log hex values when debugging + the protocol + +2013-01-01 Arthur de Jong + + * [82010e2] nslcd/myldap.c, nslcd/myldap.h, nslcd/pam.c: log and + return a diagnostic message instead of just the LDAP error on + password change failure + + * [2f6f6a2] nslcd/pam.c: retry updating the lastChange attribute + with the normal nslcd LDAP connection if the update with the + user's connection failed + + * [864c522] pynslcd/pam.py: update pynslcd PAM protocol handling + to be in line with r1865 diff --git a/HACKING b/HACKING new file mode 100644 index 0000000..ecaef10 --- /dev/null +++ b/HACKING @@ -0,0 +1,260 @@ +This document tries to describe the software layout and design of +nss-pam-ldapd. It should provide some help for contributing code to this +package. + +CONTRIBUTING TO NSS-PAM-LDAPD +============================= + +Contributions to nss-pam-ldapd are most welcome. Integrating contributions +will be done on a best-effort basis and can be made easier if the following +are considered: + +* for large changes it is a good idea to send an email first +* send your patches in unified diff (diff -u) format, Git patches or Git pull + requests +* try to use the Git version of the software to develop the patch +* clearly state which problem you're trying to solve and how this is + accomplished +* please follow the existing coding conventions +* please test the patch and include information on tested platforms, etc. +* add a copyright statement with the patch if you feel the contribution is + significant enough (e.g. more than a few lines) +* ensure that the code you contribute can be integrated in the project + under the LGPL (when including third-party code, retain copyright + information license, you have permission to distribute the code, etc.) + +Please email nss-pam-ldapd-users@lists.arthurdejong.org if you want to +contribute. All contributions will be acknowledged in the AUTHORS file. + + +BUILD DEPENDENCIES +================== + +For building Git snapshots the following tools are needed: + +* autoconf (2.65 is currently used but 2.61 is minimal) +* automake (1.14 is currently used but older versions may also work) +* OpenLDAP libraries (2.4 is generally used) +* PAM libraries +* optionally a Kerberos library (MIT Kerberos is tested) +* optionally a SASL library (only Cyrus SASL is tested) +* docbook2x for generating the manual pages + +To build the Git snapshot run the autogen.sh shell script to build the +configure script. When developing patches please use --enable-warnings with +configure and avoid introducing new warnings. + + +RELEASE VERSIONING +================== + +The versioning scheme of nss-pam-ldapd is a simple major.minor.micro +numbering. The idea is to keep a stable (x.y) branch that only gets bug fixes +and small enhancements while development goes in another branch. Backwards +incompatible changes should be announced clearly. + + +GENERAL DESIGN +============== + +The basic design splits the functionality in three parts. The NSS part +interfaces with libc and translates the NSS requests into simple generic +requests (e.g. "get user with name test", "get group with gid 101" or "get all +shadow entries"). + +Another part is the PAM module which handles authentication requests from the +system. The PAM operations are also translated into atomic, stateless +requests. + +Both these parts translate the queries in a simple protocol used to +communicate with the nslcd daemon. This daemon translates the requests into +LDAP searches. As a result, the NSS and PAM modules don't need to known +anything about LDAP (in fact replacing it with another lookup method should be +very simple) and don't have to link with the LDAP libraries. + + libc NSS -> libnss_ldap.so + \ + |-> nslcd -> OpenLDAP -> LDAP server + / + PAM stack -> pam_ldap.so + +An alternative implementation of nslcd in Python is provided as pynslcd. This +implementation is less mature but it easier to add advanced features there. A +collection of utilities is also provided that communicate with nslcd that can +provide additional functions. + +design goals +------------ +* make it as simple as possible +* simpler configuration and semantics +* simpler, clearer and completer documentation +* split source code into manageable parts +* get rid of unneeded code and complexity +* have a stable, easily maintainable piece of high quality software + + +NSS MODULE +========== + +The NSS module is implemented in the nss directory. The functions are split +into files according to the database they support. The files support multiple +NSS implementations. + +The NSS interface is specific to the C library that is used. The original +implementation was for the GNU C Library but now also includes an +implementation for Solaris' C Library and has some support for FreeBSD. + +GNU C Library notes +------------------- + +Function definitions for glibc look like: + +_nss_ldap_FUNCTION_r(...) + This function opens the connection to the nslcd (with a time-out), builds + the correct data structures and does a request (write()) to the nslcd + waiting for an answer (again with a time-out) + +The complete list of exported functions can be found in exports.linux and +prototypes.h. + +Currently a number of macros are used to build most of the function bodies for +these functions. Part of this is defined in the common/nslcd-prot.h file and +the NSS-specific stuff is in nss/common.h. + +For memory management, the general mechanism that is expected to be used is to +return NSS_STATUS_TRYAGAIN and set errno to ERANGE. This causes glibc to retry +the request with a larger buffer. + +Some useful links: +http://www.gnu.org/software/libc/manual/html_node/index.html + +Solaris C Library notes +----------------------- + +The Solaris C library uses a different mechanism. For each map a back-end +object is allocated per thread which is used to do queries. The object is +created with a constructor (e.g. _nss_ldap_passwd_constr()) that returns a +back-end that contains a list of function pointer to lookup methods and a +destructor. + +A buffer is passed with every request but a local buffer that is stored in the +back-end can presumably also be created. + +Earlier versions of Solaris expected the NSS functions to return the binary +representation of the lookups (e.g. struct passwd) but later versions expect a +string representation of the data to be returned (just like a single line out +of /etc/passwd was read) but only if running from nscd. If args->buf.result is +NULL a string representation is requested (except for ether by address lookup +which is special). + +Source and documentation pointers for Solaris NSS: +https://java.net/projects/solaris/sources/on-src/show/usr/src/lib/nsswitch +https://java.net/projects/solaris/sources/on-src/content/usr/src/head/nss_common.h +https://java.net/projects/solaris/sources/on-src/content/usr/src/head/nss_dbdefs.h +https://hg.openindiana.org/upstream/illumos/illumos-gate/file/tip/usr/src/lib/nsswitch +https://hg.openindiana.org/upstream/illumos/illumos-gate/file/tip/usr/src/head/nss_common.h +https://hg.openindiana.org/upstream/illumos/illumos-gate/file/tip/usr/src/head/nss_dbdefs.h + +FreeBSD C Libarary notes +------------------------ + +The FreeBSD C library seems to have support for exposing GNU C Library NSS +module functions through a wrapper function. This makes it very easy to +implement NSS support on FreeBSD. + +Pointers for more documentation on this is welcome. Some information is +available here: +http://www.freebsd.org/cgi/man.cgi?query=nsdispatch +https://github.com/freebsd/freebsd/blob/master/include/nss.h + + +PAM MODULE +========== + +The PAM module is implemented in the pam directory. Implementation is fairly +straight-forward. The PAM module stores some state between calls to nslcd in a +struct. The calls to nslcd are however stateless. The PAM module may supply +some information that help lookups (most notably DNs of user entries). + +Care must be taken with the communication because the nslcd requests are not +authenticated (e.g. changing passwords requests should include all +credentials). The PAM requests may result in state changes on the LDAP server +and this is where they are most notably different from the NSS requests. + +Some useful links: +http://www.kernel.org/pub/linux/libs/pam/ +http://www.opengroup.org/tech/rfc/rfc86.0.html + + +THE COMMUNICATIONS PROTOCOL +=========================== + +The protocol used for communicating between the NSS library and PAM module on +one end and the nslcd daemon on the other is very simple and almost fully +described in the nslcd.h header file. The common/nslcd-prot.h header file +defines some macros that are used for reading and writing protocol entities +(strings, 32-bit integers, etc). + +Every NSS database has a corresponding source file in the nss and the nslcd +directory. The PAM module is built up of a single file in both the pam and +nslcd directories. + +If the protocol is changed in an incompatible way the protocol version should +be incremented in nslcd.h. There is currently no versioning scheme available +for this. + +A communications module (common/tio.c) was made so we can define simpler +semantics for time-out values and buffer sizes. All components use this module +which means that it includes functionality that is needed for both (e.g. large +write buffers for the server part and large resettable read buffers for the +NSS part). Maybe building two modules from the same source with different +features in them is an option (e.g. the NSS part needs the read buffers and +handling of SIGPIPE and the nslcd part needs the write buffers and possibly +flushing in the background). + +The common directory also contains some other generally useful modules that +are used in some components. + + +SERVER PART +=========== + +At the server end a dispatcher picks up the request and delegates it to one of +the database specific functions. + +nslcd_FUNCION(...) + This functions fills in the correct parameters from the request. This + function should write responses to the stream. + +Big parts of the request handling functions are generated by macros because +the structure is very similar across the different NSS requests. + + +SECURITY NOTES +============== + +This design does open up the system to more potential security issues +(relative to nss_ldap) because there is now a local interface to a daemon with +privileges. With nss_ldad, processes could only potentially exploit bugs in +the library and gain the privileges of the process that was doing the name +lookups. In this case the privileges of the daemon are potentially exposed. + +Extra care should be taken with processes that normally require extra +privileges (getting shadow entries, authentication, updating session +information, etc). + +Any user on the system can perform nslcd queries so either the nslcd daemon +needs to check the userid of the caller or the request needs to contain the +needed credentials itself. + +On the other hand the design also offers some security improvements. It is +much easier to handle security updates of the LDAP, SSL or related libraries +and access to privileged LDAP configuration information can be much better +constrained. + + +TEST SET-UP +=========== + +In the test directory there are a number of tests available. See the file +README in the test directory for more details. diff --git a/INSTALL b/INSTALL new file mode 100644 index 0000000..8865734 --- /dev/null +++ b/INSTALL @@ -0,0 +1,368 @@ +Installation Instructions +************************* + + Copyright (C) 1994-1996, 1999-2002, 2004-2016 Free Software +Foundation, Inc. + + Copying and distribution of this file, with or without modification, +are permitted in any medium without royalty provided the copyright +notice and this notice are preserved. This file is offered as-is, +without warranty of any kind. + +Basic Installation +================== + + Briefly, the shell command './configure && make && make install' +should configure, build, and install this package. The following +more-detailed instructions are generic; see the 'README' file for +instructions specific to this package. Some packages provide this +'INSTALL' file but do not implement all of the features documented +below. The lack of an optional feature in a given package is not +necessarily a bug. More recommendations for GNU packages can be found +in *note Makefile Conventions: (standards)Makefile Conventions. + + The 'configure' shell script attempts to guess correct values for +various system-dependent variables used during compilation. It uses +those values to create a 'Makefile' in each directory of the package. +It may also create one or more '.h' files containing system-dependent +definitions. Finally, it creates a shell script 'config.status' that +you can run in the future to recreate the current configuration, and a +file 'config.log' containing compiler output (useful mainly for +debugging 'configure'). + + It can also use an optional file (typically called 'config.cache' and +enabled with '--cache-file=config.cache' or simply '-C') that saves the +results of its tests to speed up reconfiguring. Caching is disabled by +default to prevent problems with accidental use of stale cache files. + + If you need to do unusual things to compile the package, please try +to figure out how 'configure' could check whether to do them, and mail +diffs or instructions to the address given in the 'README' so they can +be considered for the next release. If you are using the cache, and at +some point 'config.cache' contains results you don't want to keep, you +may remove or edit it. + + The file 'configure.ac' (or 'configure.in') is used to create +'configure' by a program called 'autoconf'. You need 'configure.ac' if +you want to change it or regenerate 'configure' using a newer version of +'autoconf'. + + The simplest way to compile this package is: + + 1. 'cd' to the directory containing the package's source code and type + './configure' to configure the package for your system. + + Running 'configure' might take a while. While running, it prints + some messages telling which features it is checking for. + + 2. Type 'make' to compile the package. + + 3. Optionally, type 'make check' to run any self-tests that come with + the package, generally using the just-built uninstalled binaries. + + 4. Type 'make install' to install the programs and any data files and + documentation. When installing into a prefix owned by root, it is + recommended that the package be configured and built as a regular + user, and only the 'make install' phase executed with root + privileges. + + 5. Optionally, type 'make installcheck' to repeat any self-tests, but + this time using the binaries in their final installed location. + This target does not install anything. Running this target as a + regular user, particularly if the prior 'make install' required + root privileges, verifies that the installation completed + correctly. + + 6. You can remove the program binaries and object files from the + source code directory by typing 'make clean'. To also remove the + files that 'configure' created (so you can compile the package for + a different kind of computer), type 'make distclean'. There is + also a 'make maintainer-clean' target, but that is intended mainly + for the package's developers. If you use it, you may have to get + all sorts of other programs in order to regenerate files that came + with the distribution. + + 7. Often, you can also type 'make uninstall' to remove the installed + files again. In practice, not all packages have tested that + uninstallation works correctly, even though it is required by the + GNU Coding Standards. + + 8. Some packages, particularly those that use Automake, provide 'make + distcheck', which can by used by developers to test that all other + targets like 'make install' and 'make uninstall' work correctly. + This target is generally not run by end users. + +Compilers and Options +===================== + + Some systems require unusual options for compilation or linking that +the 'configure' script does not know about. Run './configure --help' +for details on some of the pertinent environment variables. + + You can give 'configure' initial values for configuration parameters +by setting variables in the command line or in the environment. Here is +an example: + + ./configure CC=c99 CFLAGS=-g LIBS=-lposix + + *Note Defining Variables::, for more details. + +Compiling For Multiple Architectures +==================================== + + You can compile the package for more than one kind of computer at the +same time, by placing the object files for each architecture in their +own directory. To do this, you can use GNU 'make'. 'cd' to the +directory where you want the object files and executables to go and run +the 'configure' script. 'configure' automatically checks for the source +code in the directory that 'configure' is in and in '..'. This is known +as a "VPATH" build. + + With a non-GNU 'make', it is safer to compile the package for one +architecture at a time in the source code directory. After you have +installed the package for one architecture, use 'make distclean' before +reconfiguring for another architecture. + + On MacOS X 10.5 and later systems, you can create libraries and +executables that work on multiple system types--known as "fat" or +"universal" binaries--by specifying multiple '-arch' options to the +compiler but only a single '-arch' option to the preprocessor. Like +this: + + ./configure CC="gcc -arch i386 -arch x86_64 -arch ppc -arch ppc64" \ + CXX="g++ -arch i386 -arch x86_64 -arch ppc -arch ppc64" \ + CPP="gcc -E" CXXCPP="g++ -E" + + This is not guaranteed to produce working output in all cases, you +may have to build one architecture at a time and combine the results +using the 'lipo' tool if you have problems. + +Installation Names +================== + + By default, 'make install' installs the package's commands under +'/usr/local/bin', include files under '/usr/local/include', etc. You +can specify an installation prefix other than '/usr/local' by giving +'configure' the option '--prefix=PREFIX', where PREFIX must be an +absolute file name. + + You can specify separate installation prefixes for +architecture-specific files and architecture-independent files. If you +pass the option '--exec-prefix=PREFIX' to 'configure', the package uses +PREFIX as the prefix for installing programs and libraries. +Documentation and other data files still use the regular prefix. + + In addition, if you use an unusual directory layout you can give +options like '--bindir=DIR' to specify different values for particular +kinds of files. Run 'configure --help' for a list of the directories +you can set and what kinds of files go in them. In general, the default +for these options is expressed in terms of '${prefix}', so that +specifying just '--prefix' will affect all of the other directory +specifications that were not explicitly provided. + + The most portable way to affect installation locations is to pass the +correct locations to 'configure'; however, many packages provide one or +both of the following shortcuts of passing variable assignments to the +'make install' command line to change installation locations without +having to reconfigure or recompile. + + The first method involves providing an override variable for each +affected directory. For example, 'make install +prefix=/alternate/directory' will choose an alternate location for all +directory configuration variables that were expressed in terms of +'${prefix}'. Any directories that were specified during 'configure', +but not in terms of '${prefix}', must each be overridden at install time +for the entire installation to be relocated. The approach of makefile +variable overrides for each directory variable is required by the GNU +Coding Standards, and ideally causes no recompilation. However, some +platforms have known limitations with the semantics of shared libraries +that end up requiring recompilation when using this method, particularly +noticeable in packages that use GNU Libtool. + + The second method involves providing the 'DESTDIR' variable. For +example, 'make install DESTDIR=/alternate/directory' will prepend +'/alternate/directory' before all installation names. The approach of +'DESTDIR' overrides is not required by the GNU Coding Standards, and +does not work on platforms that have drive letters. On the other hand, +it does better at avoiding recompilation issues, and works well even +when some directory options were not specified in terms of '${prefix}' +at 'configure' time. + +Optional Features +================= + + If the package supports it, you can cause programs to be installed +with an extra prefix or suffix on their names by giving 'configure' the +option '--program-prefix=PREFIX' or '--program-suffix=SUFFIX'. + + Some packages pay attention to '--enable-FEATURE' options to +'configure', where FEATURE indicates an optional part of the package. +They may also pay attention to '--with-PACKAGE' options, where PACKAGE +is something like 'gnu-as' or 'x' (for the X Window System). The +'README' should mention any '--enable-' and '--with-' options that the +package recognizes. + + For packages that use the X Window System, 'configure' can usually +find the X include and library files automatically, but if it doesn't, +you can use the 'configure' options '--x-includes=DIR' and +'--x-libraries=DIR' to specify their locations. + + Some packages offer the ability to configure how verbose the +execution of 'make' will be. For these packages, running './configure +--enable-silent-rules' sets the default to minimal output, which can be +overridden with 'make V=1'; while running './configure +--disable-silent-rules' sets the default to verbose, which can be +overridden with 'make V=0'. + +Particular systems +================== + + On HP-UX, the default C compiler is not ANSI C compatible. If GNU CC +is not installed, it is recommended to use the following options in +order to use an ANSI C compiler: + + ./configure CC="cc -Ae -D_XOPEN_SOURCE=500" + +and if that doesn't work, install pre-built binaries of GCC for HP-UX. + + HP-UX 'make' updates targets which have the same time stamps as their +prerequisites, which makes it generally unusable when shipped generated +files such as 'configure' are involved. Use GNU 'make' instead. + + On OSF/1 a.k.a. Tru64, some versions of the default C compiler cannot +parse its '' header file. The option '-nodtk' can be used as a +workaround. If GNU CC is not installed, it is therefore recommended to +try + + ./configure CC="cc" + +and if that doesn't work, try + + ./configure CC="cc -nodtk" + + On Solaris, don't put '/usr/ucb' early in your 'PATH'. This +directory contains several dysfunctional programs; working variants of +these programs are available in '/usr/bin'. So, if you need '/usr/ucb' +in your 'PATH', put it _after_ '/usr/bin'. + + On Haiku, software installed for all users goes in '/boot/common', +not '/usr/local'. It is recommended to use the following options: + + ./configure --prefix=/boot/common + +Specifying the System Type +========================== + + There may be some features 'configure' cannot figure out +automatically, but needs to determine by the type of machine the package +will run on. Usually, assuming the package is built to be run on the +_same_ architectures, 'configure' can figure that out, but if it prints +a message saying it cannot guess the machine type, give it the +'--build=TYPE' option. TYPE can either be a short name for the system +type, such as 'sun4', or a canonical name which has the form: + + CPU-COMPANY-SYSTEM + +where SYSTEM can have one of these forms: + + OS + KERNEL-OS + + See the file 'config.sub' for the possible values of each field. If +'config.sub' isn't included in this package, then this package doesn't +need to know the machine type. + + If you are _building_ compiler tools for cross-compiling, you should +use the option '--target=TYPE' to select the type of system they will +produce code for. + + If you want to _use_ a cross compiler, that generates code for a +platform different from the build platform, you should specify the +"host" platform (i.e., that on which the generated programs will +eventually be run) with '--host=TYPE'. + +Sharing Defaults +================ + + If you want to set default values for 'configure' scripts to share, +you can create a site shell script called 'config.site' that gives +default values for variables like 'CC', 'cache_file', and 'prefix'. +'configure' looks for 'PREFIX/share/config.site' if it exists, then +'PREFIX/etc/config.site' if it exists. Or, you can set the +'CONFIG_SITE' environment variable to the location of the site script. +A warning: not all 'configure' scripts look for a site script. + +Defining Variables +================== + + Variables not defined in a site shell script can be set in the +environment passed to 'configure'. However, some packages may run +configure again during the build, and the customized values of these +variables may be lost. In order to avoid this problem, you should set +them in the 'configure' command line, using 'VAR=value'. For example: + + ./configure CC=/usr/local2/bin/gcc + +causes the specified 'gcc' to be used as the C compiler (unless it is +overridden in the site shell script). + +Unfortunately, this technique does not work for 'CONFIG_SHELL' due to an +Autoconf limitation. Until the limitation is lifted, you can use this +workaround: + + CONFIG_SHELL=/bin/bash ./configure CONFIG_SHELL=/bin/bash + +'configure' Invocation +====================== + + 'configure' recognizes the following options to control how it +operates. + +'--help' +'-h' + Print a summary of all of the options to 'configure', and exit. + +'--help=short' +'--help=recursive' + Print a summary of the options unique to this package's + 'configure', and exit. The 'short' variant lists options used only + in the top level, while the 'recursive' variant lists options also + present in any nested packages. + +'--version' +'-V' + Print the version of Autoconf used to generate the 'configure' + script, and exit. + +'--cache-file=FILE' + Enable the cache: use and save the results of the tests in FILE, + traditionally 'config.cache'. FILE defaults to '/dev/null' to + disable caching. + +'--config-cache' +'-C' + Alias for '--cache-file=config.cache'. + +'--quiet' +'--silent' +'-q' + Do not print messages saying which checks are being made. To + suppress all normal output, redirect it to '/dev/null' (any error + messages will still be shown). + +'--srcdir=DIR' + Look for the package's source code in directory DIR. Usually + 'configure' can determine that directory automatically. + +'--prefix=DIR' + Use DIR as the installation prefix. *note Installation Names:: for + more details, including other options available for fine-tuning the + installation locations. + +'--no-create' +'-n' + Run the configure checks, but stop before creating any output + files. + +'configure' also accepts some other, not widely useful, options. Run +'configure --help' for more details. diff --git a/Makefile.am b/Makefile.am new file mode 100644 index 0000000..1bb330a --- /dev/null +++ b/Makefile.am @@ -0,0 +1,92 @@ +# Makefile.am - use automake to generate Makefile.in +# +# Copyright (C) 2006 Luke Howard +# Copyright (C) 2006 West Consulting +# Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +SUBDIRS = compat common +if ENABLE_NSS + SUBDIRS += nss +endif +if ENABLE_PAM + SUBDIRS += pam +endif +if ENABLE_NSLCD + SUBDIRS += nslcd +endif +if ENABLE_PYNSLCD + SUBDIRS += pynslcd +endif +if ENABLE_UTILS + SUBDIRS += utils +endif +SUBDIRS += man tests + +EXTRA_DIST = nslcd.conf nslcd.h $(wildcard ChangeLog-20??) \ + $(wildcard m4/*.m4) HACKING ldapns.schema ldapns.ldif + +DISTCHECK_CONFIGURE_FLAGS = --enable-warnings --enable-pynslcd --enable-utils \ + --with-pam-seclib-dir="\$${libdir}/security" \ + --with-ldap-conf-file="\$${prefix}/nslcd.conf" \ + CPPFLAGS=$(CPPFLAGS) LDFLAGS=$(LDFLAGS) + +ACLOCAL_AMFLAGS = -I m4 + +NSLCD_CONF_PATH = @NSLCD_CONF_PATH@ + +install-data-local: install-nslcd_conf +uninstall-local: uninstall-nslcd_conf + +# install a default configuration file if it is not already there +install-nslcd_conf: + @if [ -f $(DESTDIR)$(NSLCD_CONF_PATH) ]; then \ + echo "$(DESTDIR)$(NSLCD_CONF_PATH) already exists, install will not overwrite"; \ + else \ + $(mkinstalldirs) `dirname $(DESTDIR)$(NSLCD_CONF_PATH)`; \ + $(INSTALL) -m 600 $(srcdir)/nslcd.conf $(DESTDIR)$(NSLCD_CONF_PATH); \ + fi +uninstall-nslcd_conf: + -rm -f $(DESTDIR)$(NSLCD_CONF_PATH) + +# target for generating the ChangeLog file +changelog: + git log --date=short --name-only \ + --format="%x0c%ad %aN <%aE>%n%n%x09* [%h]%x00%s%n%x00%+b%x00" \ + e3f0453... | \ + awk 'BEGIN { RS="\f"; FS="\0" } { if ($$1) { gsub(/\n*$$/, "", $$4); gsub(/^\n*/, "", $$4); gsub(/\n/, ", ", $$4); gsub(/\n*$$/, "", $$3); gsub(/\n/, "\n\t ", $$3); gsub(/.$$/, "&\n", $$3); print $$1 " " $$4 ": "; print "\t " $$2 $$3 }}' | \ + fmt --width=78 -c > ChangeLog + +flawfinder.html: + flawfinder --quiet --html --context --followdotdir . > $@ + +rats.html: + rats --quiet --html --context . > $@ + +splint.txt: + -env LARCH_PATH=/usr/share/splint/lib/ \ + LCLIMPORTDIR=/usr/share/splint/imports/ \ + splint -checks -mustfreefresh \ + -warnposix +showsummary +showalluses +hints -namechecks \ + -globstate -predboolint -mustfreeonly -temptrans -kepttrans \ + -I. -I$(srcdir) -I$(top_builddir) $(DEFS) -D_REENTRANT -DDEBUG \ + -D__signed__=signed -D__thread= -D__gnuc_va_list=__ptr_t \ + -Dkrb5_int32=int32_t -Dkrb5_ui_4=uint32_t \ + -D__u16=uint16_t -D__u32=uint32_t \ + *.[ch] nss/*.[ch] nslcd/*.[ch] common/*.[ch] compat/*.[ch] > $@ 2>&1 + +.PHONY: flawfinder.html rats.html splint.txt diff --git a/Makefile.in b/Makefile.in new file mode 100644 index 0000000..9430c77 --- /dev/null +++ b/Makefile.in @@ -0,0 +1,904 @@ +# Makefile.in generated by automake 1.15.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2017 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# Makefile.am - use automake to generate Makefile.in +# +# Copyright (C) 2006 Luke Howard +# Copyright (C) 2006 West Consulting +# Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA +VPATH = @srcdir@ +am__is_gnu_make = { \ + if test -z '$(MAKELEVEL)'; then \ + false; \ + elif test -n '$(MAKE_HOST)'; then \ + true; \ + elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ + true; \ + else \ + false; \ + fi; \ +} +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +target_triplet = @target@ +@ENABLE_NSS_TRUE@am__append_1 = nss +@ENABLE_PAM_TRUE@am__append_2 = pam +@ENABLE_NSLCD_TRUE@am__append_3 = nslcd +@ENABLE_PYNSLCD_TRUE@am__append_4 = pynslcd +@ENABLE_UTILS_TRUE@am__append_5 = utils +subdir = . +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_pthread.m4 \ + $(top_srcdir)/m4/ax_python_module.m4 \ + $(top_srcdir)/m4/ax_tls.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am $(top_srcdir)/configure \ + $(am__configure_deps) $(am__DIST_COMMON) +am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ + configure.lineno config.status.lineno +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +SOURCES = +DIST_SOURCES = +RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \ + ctags-recursive dvi-recursive html-recursive info-recursive \ + install-data-recursive install-dvi-recursive \ + install-exec-recursive install-html-recursive \ + install-info-recursive install-pdf-recursive \ + install-ps-recursive install-recursive installcheck-recursive \ + installdirs-recursive pdf-recursive ps-recursive \ + tags-recursive uninstall-recursive +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ + distclean-recursive maintainer-clean-recursive +am__recursive_targets = \ + $(RECURSIVE_TARGETS) \ + $(RECURSIVE_CLEAN_TARGETS) \ + $(am__extra_recursive_targets) +AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \ + cscope distdir dist dist-all distcheck +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) \ + $(LISP)config.h.in +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +CSCOPE = cscope +DIST_SUBDIRS = compat common nss pam nslcd pynslcd utils man tests +am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/config.h.in AUTHORS \ + COPYING ChangeLog INSTALL NEWS README TODO ar-lib compile \ + config.guess config.sub depcomp install-sh missing \ + mkinstalldirs py-compile +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +distdir = $(PACKAGE)-$(VERSION) +top_distdir = $(distdir) +am__remove_distdir = \ + if test -d "$(distdir)"; then \ + find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \ + && rm -rf "$(distdir)" \ + || { sleep 5 && rm -rf "$(distdir)"; }; \ + else :; fi +am__post_remove_distdir = $(am__remove_distdir) +am__relativize = \ + dir0=`pwd`; \ + sed_first='s,^\([^/]*\)/.*$$,\1,'; \ + sed_rest='s,^[^/]*/*,,'; \ + sed_last='s,^.*/\([^/]*\)$$,\1,'; \ + sed_butlast='s,/*[^/]*$$,,'; \ + while test -n "$$dir1"; do \ + first=`echo "$$dir1" | sed -e "$$sed_first"`; \ + if test "$$first" != "."; then \ + if test "$$first" = ".."; then \ + dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \ + dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \ + else \ + first2=`echo "$$dir2" | sed -e "$$sed_first"`; \ + if test "$$first2" = "$$first"; then \ + dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \ + else \ + dir2="../$$dir2"; \ + fi; \ + dir0="$$dir0"/"$$first"; \ + fi; \ + fi; \ + dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \ + done; \ + reldir="$$dir2" +DIST_ARCHIVES = $(distdir).tar.gz +GZIP_ENV = --best +DIST_TARGETS = dist-gzip +distuninstallcheck_listfiles = find . -type f -print +am__distuninstallcheck_listfiles = $(distuninstallcheck_listfiles) \ + | sed 's|^\./|$(prefix)/|' | grep -v '$(infodir)/dir$$' +distcleancheck_listfiles = find . -type f -print +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DOCBOOK2X_MAN = @DOCBOOK2X_MAN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ +MODULE_NAME = @MODULE_NAME@ +NSLCD_BINDPW_PATH = @NSLCD_BINDPW_PATH@ +NSLCD_CONF_PATH = @NSLCD_CONF_PATH@ +NSLCD_PIDFILE = @NSLCD_PIDFILE@ +NSLCD_SOCKET = @NSLCD_SOCKET@ +NSS_FLAVOUR = @NSS_FLAVOUR@ +NSS_LDAP_SONAME = @NSS_LDAP_SONAME@ +NSS_MODULE_OBJS = @NSS_MODULE_OBJS@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PAM_LDAP_SONAME = @PAM_LDAP_SONAME@ +PAM_SECLIB_DIR = @PAM_SECLIB_DIR@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PIC_CFLAGS = @PIC_CFLAGS@ +PTHREAD_CC = @PTHREAD_CC@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LIBS = @PTHREAD_LIBS@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ +RANLIB = @RANLIB@ +RELEASE_MONTH = @RELEASE_MONTH@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +ax_pthread_config = @ax_pthread_config@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +nslcd_LIBS = @nslcd_LIBS@ +nss_ldap_so_LDFLAGS = @nss_ldap_so_LDFLAGS@ +nss_ldap_so_LINK = @nss_ldap_so_LINK@ +oldincludedir = @oldincludedir@ +pam_ldap_so_LDFLAGS = @pam_ldap_so_LDFLAGS@ +pam_ldap_so_LINK = @pam_ldap_so_LINK@ +pdfdir = @pdfdir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ +runstatedir = @runstatedir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target = @target@ +target_alias = @target_alias@ +target_cpu = @target_cpu@ +target_os = @target_os@ +target_vendor = @target_vendor@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +SUBDIRS = compat common $(am__append_1) $(am__append_2) \ + $(am__append_3) $(am__append_4) $(am__append_5) man tests +EXTRA_DIST = nslcd.conf nslcd.h $(wildcard ChangeLog-20??) \ + $(wildcard m4/*.m4) HACKING ldapns.schema ldapns.ldif + +DISTCHECK_CONFIGURE_FLAGS = --enable-warnings --enable-pynslcd --enable-utils \ + --with-pam-seclib-dir="\$${libdir}/security" \ + --with-ldap-conf-file="\$${prefix}/nslcd.conf" \ + CPPFLAGS=$(CPPFLAGS) LDFLAGS=$(LDFLAGS) + +ACLOCAL_AMFLAGS = -I m4 +all: config.h + $(MAKE) $(AM_MAKEFLAGS) all-recursive + +.SUFFIXES: +am--refresh: Makefile + @: +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + echo ' cd $(srcdir) && $(AUTOMAKE) --gnu'; \ + $(am__cd) $(srcdir) && $(AUTOMAKE) --gnu \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + echo ' $(SHELL) ./config.status'; \ + $(SHELL) ./config.status;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + $(SHELL) ./config.status --recheck + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + $(am__cd) $(srcdir) && $(AUTOCONF) +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + $(am__cd) $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS) +$(am__aclocal_m4_deps): + +config.h: stamp-h1 + @test -f $@ || rm -f stamp-h1 + @test -f $@ || $(MAKE) $(AM_MAKEFLAGS) stamp-h1 + +stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status + @rm -f stamp-h1 + cd $(top_builddir) && $(SHELL) ./config.status config.h +$(srcdir)/config.h.in: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + ($(am__cd) $(top_srcdir) && $(AUTOHEADER)) + rm -f stamp-h1 + touch $@ + +distclean-hdr: + -rm -f config.h stamp-h1 + +# This directory's subdirectories are mostly independent; you can cd +# into them and run 'make' without going through this Makefile. +# To change the values of 'make' variables: instead of editing Makefiles, +# (1) if the variable is set in 'config.status', edit 'config.status' +# (which will cause the Makefiles to be regenerated when you run 'make'); +# (2) otherwise, pass the desired values on the 'make' command line. +$(am__recursive_targets): + @fail=; \ + if $(am__make_keepgoing); then \ + failcom='fail=yes'; \ + else \ + failcom='exit 1'; \ + fi; \ + dot_seen=no; \ + target=`echo $@ | sed s/-recursive//`; \ + case "$@" in \ + distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ + *) list='$(SUBDIRS)' ;; \ + esac; \ + for subdir in $$list; do \ + echo "Making $$target in $$subdir"; \ + if test "$$subdir" = "."; then \ + dot_seen=yes; \ + local_target="$$target-am"; \ + else \ + local_target="$$target"; \ + fi; \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + || eval $$failcom; \ + done; \ + if test "$$dot_seen" = "no"; then \ + $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ + fi; test -z "$$fail" + +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-recursive +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ + include_option=--etags-include; \ + empty_fix=.; \ + else \ + include_option=--include; \ + empty_fix=; \ + fi; \ + list='$(SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + test ! -f $$subdir/TAGS || \ + set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ + fi; \ + done; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-recursive + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscope: cscope.files + test ! -s cscope.files \ + || $(CSCOPE) -b -q $(AM_CSCOPEFLAGS) $(CSCOPEFLAGS) -i cscope.files $(CSCOPE_ARGS) +clean-cscope: + -rm -f cscope.files +cscope.files: clean-cscope cscopelist +cscopelist: cscopelist-recursive + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + -rm -f cscope.out cscope.in.out cscope.po.out cscope.files + +distdir: $(DISTFILES) + @case `sed 15q $(srcdir)/NEWS` in \ + *"$(VERSION)"*) : ;; \ + *) \ + echo "NEWS not updated; not releasing" 1>&2; \ + exit 1;; \ + esac + $(am__remove_distdir) + test -d "$(distdir)" || mkdir "$(distdir)" + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + $(am__make_dryrun) \ + || test -d "$(distdir)/$$subdir" \ + || $(MKDIR_P) "$(distdir)/$$subdir" \ + || exit 1; \ + dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ + $(am__relativize); \ + new_distdir=$$reldir; \ + dir1=$$subdir; dir2="$(top_distdir)"; \ + $(am__relativize); \ + new_top_distdir=$$reldir; \ + echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \ + echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \ + ($(am__cd) $$subdir && \ + $(MAKE) $(AM_MAKEFLAGS) \ + top_distdir="$$new_top_distdir" \ + distdir="$$new_distdir" \ + am__remove_distdir=: \ + am__skip_length_check=: \ + am__skip_mode_fix=: \ + distdir) \ + || exit 1; \ + fi; \ + done + -test -n "$(am__skip_mode_fix)" \ + || find "$(distdir)" -type d ! -perm -755 \ + -exec chmod u+rwx,go+rx {} \; -o \ + ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \ + ! -type d ! -perm -400 -exec chmod a+r {} \; -o \ + ! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \ + || chmod -R a+r "$(distdir)" +dist-gzip: distdir + tardir=$(distdir) && $(am__tar) | eval GZIP= gzip $(GZIP_ENV) -c >$(distdir).tar.gz + $(am__post_remove_distdir) + +dist-bzip2: distdir + tardir=$(distdir) && $(am__tar) | BZIP2=$${BZIP2--9} bzip2 -c >$(distdir).tar.bz2 + $(am__post_remove_distdir) + +dist-lzip: distdir + tardir=$(distdir) && $(am__tar) | lzip -c $${LZIP_OPT--9} >$(distdir).tar.lz + $(am__post_remove_distdir) + +dist-xz: distdir + tardir=$(distdir) && $(am__tar) | XZ_OPT=$${XZ_OPT--e} xz -c >$(distdir).tar.xz + $(am__post_remove_distdir) + +dist-tarZ: distdir + @echo WARNING: "Support for distribution archives compressed with" \ + "legacy program 'compress' is deprecated." >&2 + @echo WARNING: "It will be removed altogether in Automake 2.0" >&2 + tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z + $(am__post_remove_distdir) + +dist-shar: distdir + @echo WARNING: "Support for shar distribution archives is" \ + "deprecated." >&2 + @echo WARNING: "It will be removed altogether in Automake 2.0" >&2 + shar $(distdir) | eval GZIP= gzip $(GZIP_ENV) -c >$(distdir).shar.gz + $(am__post_remove_distdir) + +dist-zip: distdir + -rm -f $(distdir).zip + zip -rq $(distdir).zip $(distdir) + $(am__post_remove_distdir) + +dist dist-all: + $(MAKE) $(AM_MAKEFLAGS) $(DIST_TARGETS) am__post_remove_distdir='@:' + $(am__post_remove_distdir) + +# This target untars the dist file and tries a VPATH configuration. Then +# it guarantees that the distribution is self-contained by making another +# tarfile. +distcheck: dist + case '$(DIST_ARCHIVES)' in \ + *.tar.gz*) \ + eval GZIP= gzip $(GZIP_ENV) -dc $(distdir).tar.gz | $(am__untar) ;;\ + *.tar.bz2*) \ + bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\ + *.tar.lz*) \ + lzip -dc $(distdir).tar.lz | $(am__untar) ;;\ + *.tar.xz*) \ + xz -dc $(distdir).tar.xz | $(am__untar) ;;\ + *.tar.Z*) \ + uncompress -c $(distdir).tar.Z | $(am__untar) ;;\ + *.shar.gz*) \ + eval GZIP= gzip $(GZIP_ENV) -dc $(distdir).shar.gz | unshar ;;\ + *.zip*) \ + unzip $(distdir).zip ;;\ + esac + chmod -R a-w $(distdir) + chmod u+w $(distdir) + mkdir $(distdir)/_build $(distdir)/_build/sub $(distdir)/_inst + chmod a-w $(distdir) + test -d $(distdir)/_build || exit 0; \ + dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \ + && dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \ + && am__cwd=`pwd` \ + && $(am__cd) $(distdir)/_build/sub \ + && ../../configure \ + $(AM_DISTCHECK_CONFIGURE_FLAGS) \ + $(DISTCHECK_CONFIGURE_FLAGS) \ + --srcdir=../.. --prefix="$$dc_install_base" \ + && $(MAKE) $(AM_MAKEFLAGS) \ + && $(MAKE) $(AM_MAKEFLAGS) dvi \ + && $(MAKE) $(AM_MAKEFLAGS) check \ + && $(MAKE) $(AM_MAKEFLAGS) install \ + && $(MAKE) $(AM_MAKEFLAGS) installcheck \ + && $(MAKE) $(AM_MAKEFLAGS) uninstall \ + && $(MAKE) $(AM_MAKEFLAGS) distuninstallcheck_dir="$$dc_install_base" \ + distuninstallcheck \ + && chmod -R a-w "$$dc_install_base" \ + && ({ \ + (cd ../.. && umask 077 && mkdir "$$dc_destdir") \ + && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" install \ + && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" uninstall \ + && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" \ + distuninstallcheck_dir="$$dc_destdir" distuninstallcheck; \ + } || { rm -rf "$$dc_destdir"; exit 1; }) \ + && rm -rf "$$dc_destdir" \ + && $(MAKE) $(AM_MAKEFLAGS) dist \ + && rm -rf $(DIST_ARCHIVES) \ + && $(MAKE) $(AM_MAKEFLAGS) distcleancheck \ + && cd "$$am__cwd" \ + || exit 1 + $(am__post_remove_distdir) + @(echo "$(distdir) archives ready for distribution: "; \ + list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \ + sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x' +distuninstallcheck: + @test -n '$(distuninstallcheck_dir)' || { \ + echo 'ERROR: trying to run $@ with an empty' \ + '$$(distuninstallcheck_dir)' >&2; \ + exit 1; \ + }; \ + $(am__cd) '$(distuninstallcheck_dir)' || { \ + echo 'ERROR: cannot chdir into $(distuninstallcheck_dir)' >&2; \ + exit 1; \ + }; \ + test `$(am__distuninstallcheck_listfiles) | wc -l` -eq 0 \ + || { echo "ERROR: files left after uninstall:" ; \ + if test -n "$(DESTDIR)"; then \ + echo " (check DESTDIR support)"; \ + fi ; \ + $(distuninstallcheck_listfiles) ; \ + exit 1; } >&2 +distcleancheck: distclean + @if test '$(srcdir)' = . ; then \ + echo "ERROR: distcleancheck can only run from a VPATH build" ; \ + exit 1 ; \ + fi + @test `$(distcleancheck_listfiles) | wc -l` -eq 0 \ + || { echo "ERROR: files left in build directory after distclean:" ; \ + $(distcleancheck_listfiles) ; \ + exit 1; } >&2 +check-am: all-am +check: check-recursive +all-am: Makefile config.h +installdirs: installdirs-recursive +installdirs-am: +install: install-recursive +install-exec: install-exec-recursive +install-data: install-data-recursive +uninstall: uninstall-recursive + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-recursive +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-recursive + +clean-am: clean-generic mostlyclean-am + +distclean: distclean-recursive + -rm -f $(am__CONFIG_DISTCLEAN_FILES) + -rm -f Makefile +distclean-am: clean-am distclean-generic distclean-hdr distclean-tags + +dvi: dvi-recursive + +dvi-am: + +html: html-recursive + +html-am: + +info: info-recursive + +info-am: + +install-data-am: install-data-local + +install-dvi: install-dvi-recursive + +install-dvi-am: + +install-exec-am: + +install-html: install-html-recursive + +install-html-am: + +install-info: install-info-recursive + +install-info-am: + +install-man: + +install-pdf: install-pdf-recursive + +install-pdf-am: + +install-ps: install-ps-recursive + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-recursive + -rm -f $(am__CONFIG_DISTCLEAN_FILES) + -rm -rf $(top_srcdir)/autom4te.cache + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-recursive + +mostlyclean-am: mostlyclean-generic + +pdf: pdf-recursive + +pdf-am: + +ps: ps-recursive + +ps-am: + +uninstall-am: uninstall-local + +.MAKE: $(am__recursive_targets) all install-am install-strip + +.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am \ + am--refresh check check-am clean clean-cscope clean-generic \ + cscope cscopelist-am ctags ctags-am dist dist-all dist-bzip2 \ + dist-gzip dist-lzip dist-shar dist-tarZ dist-xz dist-zip \ + distcheck distclean distclean-generic distclean-hdr \ + distclean-tags distcleancheck distdir distuninstallcheck dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-data-local install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am install-man \ + install-pdf install-pdf-am install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + installdirs-am maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-generic pdf pdf-am ps ps-am tags \ + tags-am uninstall uninstall-am uninstall-local + +.PRECIOUS: Makefile + + +install-data-local: install-nslcd_conf +uninstall-local: uninstall-nslcd_conf + +# install a default configuration file if it is not already there +install-nslcd_conf: + @if [ -f $(DESTDIR)$(NSLCD_CONF_PATH) ]; then \ + echo "$(DESTDIR)$(NSLCD_CONF_PATH) already exists, install will not overwrite"; \ + else \ + $(mkinstalldirs) `dirname $(DESTDIR)$(NSLCD_CONF_PATH)`; \ + $(INSTALL) -m 600 $(srcdir)/nslcd.conf $(DESTDIR)$(NSLCD_CONF_PATH); \ + fi +uninstall-nslcd_conf: + -rm -f $(DESTDIR)$(NSLCD_CONF_PATH) + +# target for generating the ChangeLog file +changelog: + git log --date=short --name-only \ + --format="%x0c%ad %aN <%aE>%n%n%x09* [%h]%x00%s%n%x00%+b%x00" \ + e3f0453... | \ + awk 'BEGIN { RS="\f"; FS="\0" } { if ($$1) { gsub(/\n*$$/, "", $$4); gsub(/^\n*/, "", $$4); gsub(/\n/, ", ", $$4); gsub(/\n*$$/, "", $$3); gsub(/\n/, "\n\t ", $$3); gsub(/.$$/, "&\n", $$3); print $$1 " " $$4 ": "; print "\t " $$2 $$3 }}' | \ + fmt --width=78 -c > ChangeLog + +flawfinder.html: + flawfinder --quiet --html --context --followdotdir . > $@ + +rats.html: + rats --quiet --html --context . > $@ + +splint.txt: + -env LARCH_PATH=/usr/share/splint/lib/ \ + LCLIMPORTDIR=/usr/share/splint/imports/ \ + splint -checks -mustfreefresh \ + -warnposix +showsummary +showalluses +hints -namechecks \ + -globstate -predboolint -mustfreeonly -temptrans -kepttrans \ + -I. -I$(srcdir) -I$(top_builddir) $(DEFS) -D_REENTRANT -DDEBUG \ + -D__signed__=signed -D__thread= -D__gnuc_va_list=__ptr_t \ + -Dkrb5_int32=int32_t -Dkrb5_ui_4=uint32_t \ + -D__u16=uint16_t -D__u32=uint32_t \ + *.[ch] nss/*.[ch] nslcd/*.[ch] common/*.[ch] compat/*.[ch] > $@ 2>&1 + +.PHONY: flawfinder.html rats.html splint.txt + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/NEWS b/NEWS new file mode 100644 index 0000000..55f6164 --- /dev/null +++ b/NEWS @@ -0,0 +1,2765 @@ +changes from 0.9.8 to 0.9.9 +--------------------------- + +* support spaces in attribute mapping expressions +* allow parsing longer lines in the configuration file +* allow for longer host names + + +changes from 0.9.7 to 0.9.8 +--------------------------- + +* add a pam_authc_search option that can be used to configure the search + operation that is performed after authentication +* add nss_uid_offset and nss_gid_offset options that can be used to + change returned numeric user and group ids from LDAP (thanks Seth Wright) +* do not retry failed user password on second LDAP server +* fix a crash in the PAM module on FreeBSD when showing password expiration + messages +* the validnames option now also applies to shadow lookups +* support ethernet addresses in LDAP in compact and long formats +* improvements to getent.ldap command (a few minor bug fixes and preparations + for Python 3 support) +* log entries and lookups failing nss_min_uid at debug level +* improvements to the test suite (including tests for getent.ldap) + + +changes from 0.9.6 to 0.9.7 +--------------------------- + +* check existence of TLS certificate and key files on start-up +* fix password policy expiration handling when password was about to expire + (thanks Mathieu Baeumler for tracking this down) +* fix updating of shadowLastChange attribute when chasing referrals + (thanks Vasilis Tsiligiannis) +* add an pam_authc_ppolicy option to allows completely disabling ppolicy + handling (thanks Mathieu Baeumler) +* fix handling of nss_disable_enumeration (thanks Andrew W Elble for pointing + this out) +* display human readable password expiry messages (thanks Mathieu Baeumler) +* fix error when changing PAM user name (thanks 依云) +* support substring expressions ${var:offset:length} in attribute mapping + (thanks Giovanni Mascellani) +* also honor the ignorecase option in PAM + + +changes from 0.9.5 to 0.9.6 +--------------------------- + +* fix a race condition in signal handling during start-up that would cause + nslcd to exit if a signal (such as SIGUSR1 that can be sent when network + status changes) is received +* fix signed integer overflow on 32bit systems when using objectSid (thanks + Geoffrey McRae) +* allow longer configuration values (thanks Jed Liu) +* add an nss_getgrent_skipmembers option to disable retrieving group members + to improve performance in specific environments +* add an nss_disable_enumeration option to disable full listing of all users + and groups to improve performance in specific environments (thanks Andrew + Elble) +* implement an innetgr function in the Solaris NSS module + + +changes from 0.9.4 to 0.9.5 +--------------------------- + +* improve test suite (change IP range) +* handle situation better when server (or firewall) closed the connection + (thanks Tim Harder) +* make daemonising a little more robust and try to log more failures +* fix integer format strings (thanks Jianhai Luan and Patrick McLean) +* documentation updates (thanks Dalibor Pospíšil) +* fix range check for search access (thanks David Binderma) +* fix a bug in the NSS library when encountering IPv6 addresses in + the hosts map (thanks Mark R Bannister) +* allow configuring the name of the NSS and PAM modules (--with-module-name) +* adjust the Linux OOM (Out-Of-Memory) killer score to avoid killing nslcd + (thanks Patrick McLean) +* portability improvements (thanks Tim Rice) + + +changes from 0.9.3 to 0.9.4 +--------------------------- + +* also handle password policy information on BIND failure (this makes it + possible to distinguish between a wrong password and an expired password) +* fix mapping the member attribute to an empty string +* any buffers that may have held passwords are cleared before the memory is + released +* increase buffer size for passwords to support extremely long passwords + (thanks ushi) +* increase buffer size for DN to support very long names or names with + non-ASCII characters +* log an error in almost all places where a defined buffer is not large + enough to hold the provided data instead of just (sometimes silently) + failing +* logging improvements (start-up problems, login failures) +* small improvement for Solaris + + +changes from 0.9.2 to 0.9.3 +--------------------------- + +* make the dn2uid cache lifetime configurable with the cache configuration + option +* have the nslcd process only exit after the service is completely available + to avoid race conditions in the init script +* the nslcd daemon now properly daemonises (double fork) +* support mapping the member attribute to an empty string to disable the + functionality to do extra lookups for member DN to member uid translations +* implement deref control handling to request the LDAP server to dereference + group member attribute values to uid values +* support getting built-in groups from Active Directory (thanks Davy Defaud) +* fix for pwdLastSet attribute value handling (thanks Joshua Shire) +* fix a possible crash in the NSS module when retrieving large networks + entries (thanks Lukas Slebodnik) +* correct NSS h_errnop return value to indicate buffer too small (thanks + Nalin Dahyabhai) +* fix a bug with shadow values on 64-bit architectures +* automatically detect DragonFly as using the FreeBSD NSS interface (thanks + Francois Tigeot) +* add a build-time test to see if krb5 is thread-safe +* various minor bug fixes + + +changes from 0.9.1 to 0.9.2 +--------------------------- + +* increase password value buffer size (by Bersl) +* avoid more broken pipe errors by using a low timeout when aborting reading + requested information from nslcd (thanks John Sullivan) +* only log broken pipe errors in debugging mode +* fix buffer overflow on interrupted read that is hard to trigger (thanks + John Sullivan) +* use clock_gettime() with CLOCK_MONOTONIC for timeout calculations to avoid + clock adjustments errors (thanks John Sullivan) +* extend test suite to test for CLOCK_MONOTONIC and timed IO timeout + calculations +* increase the maximum number of base statements per map to 31 +* use larger nslcd send buffers to reduce the number of write operations in + nslcd and consequently the number of reads in the NSS and PAM modules + (thanks John Sullivan) +* also run invalidators after first successful search +* various clean-ups, portability improvements and fixes for compiler warnings +* import configure checks of Python modules +* provide a script for setting up slapd in a test environment, automatically + loaded with the required test data +* add script for evaluating test environment availability +* portability improvements in the test scripts and test environment + + +changes from 0.9.0 to 0.9.1 +--------------------------- + +* rename the nscd_invalidate option to reconnect_invalidate and allow flushing + the nfsidmap cache with the new option +* implement an -n switch to not daemonise (by Caleb Callaway) +* nslcd will now return partial shadow information to non-root users to avoid + authorisation problems with setgid shadow authentication helpers with some + PAM stacks +* nslcd will now retry failing LDAP connections after receiving SIGUSR1 + (SIGUSR1 could be sent after re-establishing a network connection) +* fix the way manual pages are installed in some situations +* the code for the nslcd utilities (getent.ldap and chsh.ldap) is now + installed in {prefix}/share/nslcd-utils +* improve error and help output of the getent.ldap command +* documentation updates +* a number of tests were added and existing tests were extended +* fix for a potential, small memory leak in PAM module regarding temporary + saving of old password +* a large number of bug fixes and improvements in pynslcd +* hide passwords from the pynslcd debug output +* support start_tls, pam_password_prohibit_message, nss_initgroups_ignoreusers + and nss_min_uid in pynslcd +* fix rootpwmodpw handling in pynslcd +* complete a basic PAM implementation in pynslcd (some things such as shadow + attribute checking remain to be implemented) +* clean up the caching functionality in pynslcd (functionality is still + disabled) + + +changes from 0.8.12 to 0.9.0 +---------------------------- + +* backwards incompatible change to the communications protocol between nslcd + and NSS and PAM modules to use network byte order to be able to work on + mixed endian multiarch systems +* netgroup lookups now makes a distinction between empty netgroups and + non-existing netgroups +* the PAM protocol is now more consistent (cleaner support for password + modification by root, have all request parameters in the same order and + limit the information returned from the call) +* request and handle password policy controls on LDAP authentication +* implement support for nested groups which can be enabled with the + nss_nested_groups option (thanks Steve Hill) +* add a log option to configure log level and logging to plain files +* add an nscd_invalidate option to invalidate the nscd cache after recovering + from LDAP connection problems (to clear any negative cache entries) +* allow trimming expressions with ${foo#bar} syntax in attribute mapping + expressions (thanks Thorsten Glaser) +* pynslcd supports trimming expressions with full shell glob matching +* support password modification in pynslcd +* support children search scope for systems that have it +* add a getent.ldap utility to perform nslcd queries bypassing the libc NSS + stack +* implement functionality for changing user information and provide a + chsh.ldap utility to allow users to change their login shell +* remove deprecated use_sasl, reconnect_tries, reconnect_maxsleeptime and + tls_checkpeer options which have been replaced long ago +* allow names with one character in default validnames option and allow + parentheses (taken from Fedora packages) +* fall back to updating the lastChange attribute with the normal LDAP + connection +* dump full nslcd configuration at debug level on start-up +* export an _nss_ldap_version symbol in the NSS module to make finding version + mismatches easier (the NSS module version is logged from nslcd) +* documentation improvements +* update the coding style for the C source code to follow a more modern and + commonly used coding convention +* some parts of the code were refactored or rewritten to take into account the + changes within the software (e.g. configuration file handling, reduction in + the number of system calls for normal communication) +* numerous smaller fixes +* portability and robustness improvements to the tests +* implement lookup_netgroup and lookup_shadow test commands for systems that + cannot use getent to query these +* guess the value for --with-pam-seclib-dir configure option if it is not + specified +* temporary disable the caching functionality of pynslcd +* usability improvements in the pynslcd implementation +* various fixes for Solaris + + +changes from 0.8.11 to 0.8.12 +----------------------------- + +* fix a problem with the sasl_canonicalize option that would cause errors + on non-SASL enabled systems +* ensure that the file descriptors in the NSS and PAM modules for connecting + to nslcd are closed on exec of the process +* allow attribute options in attribute mapping expressions +* show reconnect messages when failing over to a different LDAP server or + re-establishing the connection to an LDAP server (the message accidentally + got hidden in 0.7.4) +* fix a problem with the pw_class attribute in FreeBSD (fixes 0.8.11) +* more fixes and improvements for Solaris (running under nscd may still give + problems though) +* small improvement to PAM error logging +* provide a pynslcd manual if pynslcd is built + + +changes from 0.8.10 to 0.8.11 +----------------------------- + +* add a pam_password_prohibit_message nslcd.conf option to deny password + change (thanks to Ted Cheng) +* add a sasl_canonicalize option to allow disabling of hostname + canonicalisation in OpenLDAP +* have the nslcd daemon load the nslcd user's supplementary groups to have + more flexibility with assigning group permissions +* fix logic error when falling back to getting ranged attribute values for + possibly binary attributes (thanks scan-build) +* fix a problem when storing negative hit to dn2uid cache (thanks scan-build) +* use poll() instead of select() for checking file descriptor activity to also + correctly work if more than FD_SETSIZE files are already open +* small portability improvements +* improve support for using Netscape LDAP libraries +* improvements and fixes to the Solaris NSS code +* grow all search filter buffers to 4096 bytes +* some improvements to the pynslcd implementation +* add an LDIF version of the ldapns.schema schema file + + +changes from 0.8.9 to 0.8.10 +---------------------------- + +* documentation improvements +* fix a problem that causes the PAM module to prompt for a new password + even though the old one was wrong +* log successful password change in nslcd +* install default configuration file with reduced permissions (further + protection for CVE-2009-1073) + + +changes from 0.8.8 to 0.8.9 +--------------------------- + +* allow the pam_authz_search option to be specified multiple times +* improvements to pynslcd adding support for pam_authz_search +* implement extra range checking of all numeric values +* make documentation up-to-date +* compatibility improvements, especially for FreeBSD + + +changes from 0.8.7 to 0.8.8 +--------------------------- + +* fix a regression in the handling of PAM requests +* add the ldapns.schema file from pam_ldap to the tarball + + +changes from 0.8.6 to 0.8.7 +--------------------------- + +* log the first 10 search results in debug mode to make debugging easier + (patch by Matthijs Kooijman) +* provide more detailed logging information for LDAP errors, this should + especially help for TLS related problems (based on a patch by Mel Flynn) +* fix logging of invalid pam_authz_search value +* when doing DNS queries for SRV records recognise default ldap and ldaps + ports +* make whether or not to do case-sensitive filtering configurable (patch by + Matthew L. Dailey) +* document the fact that each thread opens its own connection (patch by + Chris Hiestand) +* some small portability improvements +* try to prevent some of the Broken pipe messages in nslcd +* increase buffer used for pam_authz_search as suggested by Chris J Arges +* pynslcd now handles privileged requests correctly +* pynslcd now supports attribute mapping using the lower() and upper() + functions + + +changes from 0.8.5 to 0.8.6 +--------------------------- + +* a number of code improvements by Jakub Hrozek +* fixes for FreeBSD (thanks Maxim Vetrov) +* include missing pynslcd files from tarball +* improvements to the pynslcd implementation +* implement an offline cache in pynslcd +* the Debian packaging was split from the main source tree + + +changes from 0.8.4 to 0.8.5 +--------------------------- + +* support larger gecos values +* reduce loglevel of user not found messages to avoid spamming the logs + with useless information (thanks Wakko Warner) +* other logging improvements +* explicitly parse numbers as base 10 (thanks Jakub Hrozek) +* implement FreeBSD group membership NSS function (thanks Tom Judge) +* fix an issue with detecting the uid of the calling process and log + denied shadow requests in debug mode +* fix a typo in the disconnect logic code (thanks Martin Poole) +* implement configuration file handling in pynslcd and other pynslcd + improvements +* Debian packaging improvements + + +changes from 0.8.3 to 0.8.4 +--------------------------- + +* switch to using the member attribute by default instead of + uniqueMember (backwards incompatible change) +* only return "x" as a password hash when the object has the shadowAccount + objectClass and nsswitch.conf is configured to do shadow lookups using + LDAP (this avoids some problems with pam_unix) +* fix problem with partial attribute name matches in DN (thanks Timothy + White) +* fix a problem with objectSid mappings with recent versions of OpenLDAP + (patch by Wesley Mason) +* set the socket timeout in a connection callback to avoid timeout + issues during the SSL handshake (patch by Stefan Völkel) +* check for unknown variables in pam_authz_search +* only check password expiration when authenticating, only check account + expiration when doing authorisation +* make buffer sizes consistent and grow all buffers holding string + representations of numbers to be able to hold 64-bit numbers +* update AX_PTHREAD from autoconf-archive +* support querying DNS SRV records from a different domain than the current + one (based on a patch by James M. Leddy) +* fix a problem with uninitialised memory while parsing the tls_ciphers + option +* implement bounds checking of numeric values read from LDAP (patch by + Jakub Hrozek) +* correctly support large uid and gid values from LDAP (patch by Jakub + Hrozek) +* improvements to the configure script (patch by Jakub Hrozek) +* Debian packaging improvements + + +changes from 0.8.2 to 0.8.3 +--------------------------- + +* support using the objectSid attribute to provide numeric user and group + ids, based on a patch by Wesley Mason +* check shadow account and password expiry properties (similarly to what + pam_unix does) in the PAM handling code +* implement attribute mapping functionality in pynslcd +* relax default for validnames option to allow user names of only two + characters +* make user and group name validation errors a little more informative +* small portability improvements +* general code improvements and refactoring in pynslcd +* some simplifications in the protocol between the PAM module and nslcd + (without actual protocol changes so far) +* Debian packaging improvements + + +changes from 0.8.1 to 0.8.2 +--------------------------- + +* fix problem with endless loop on incorrect password +* fix a communication problem between nslcd and the NSS and PAM modules when + running on Solaris 10 +* fix a compilation issue on systems without HOST_NAME_MAX +* link to the resolv library for hstrerror() on platforms that need it +* ignore password change requests for users not in LDAP +* many clean-ups to the tests and added some new tests including some + integration tests for the PAM functionality +* some smaller code clean-ups and improvements +* improvements to pynslcd, including implementations for service, protocol and + rpc lookups +* implement a validnames option that can be used to filter valid user and + group names using a regular expression +* improvements to the way nslcd shuts down with hanging worker threads + + +changes from 0.8.0 to 0.8.1 +--------------------------- + +* SECURITY FIX: the PAM module will allow authentication for users that do not + exist in LDAP, this allows login to local users with an + incorrect password (CVE-2011-0438) + the exploitability of the problem depends on the details of + the PAM stack and the use of the minimum_uid PAM option +* include a file that was missing for Solaris support +* add FreeBSD support, partially imported from the FreeBSD port (thanks to + Jacques Vidrine, Artem Kazakov and Alexander V. Chernikov) +* document how to replace name pam_check_service_attr and pam_check_host_attr + options in PADL's pam_ldap with with pam_authz_search in nss-pam-ldapd +* implement a fqdn variable that can be used in pam_authz_search filters +* create the directory to hold the socket and pidfile on startup +* implement host, network and netgroup support in pynslcd + + +changes from 0.7.13 to 0.8.0 +---------------------------- + +* include Solaris support developed by Ted C. Cheng of Symas Corporation +* include an experimental partial implementation of nslcd in Python (disabled + by default, see --enable-pynslcd configure option) +* implement a nss_min_uid option to filter user entries returned by LDAP +* implement a rootpwmodpw option that allows the root user to change a user's + password without a password prompt +* try to update the shadowLastChange attribute on password change +* all log messages now include a description of the request to more easily + track problems when not running in debug mode +* allow attribute mapping expressions for the userPassword attribute for + passwd, group and shadow entries and by default map it to the unmatchable + password ("*") to avoid accidentally leaking password information +* numerous compatibility improvements +* add --with-pam-seclib-dir and --with-pam-ldap-soname configure options to + allow more control of hot to install the PAM module +* add --with-nss-flavour and --with-nss-maps configure options to support + other C libraries and limit which NSS modules to install +* allow tilde (~) in user and group names +* improvements to the timeout mechanism (connections are now actively timed + out using the idle_timelimit option) +* set socket timeouts on the LDAP connection to disconnect regardless of LDAP + and possibly TLS handling of connection +* better disconnect/reconnect handling of error conditions +* some code improvements and cleanups and several smaller bug fixes +* all internal string comparisons are now also case sensitive (e.g. for + providing DN to username lookups, etc) +* signal handling in the daemon was changed to behave more reliable across + different threading implementations +* nslcd will now always return a positive authorisation result during + authentication to avoid confusing the PAM module when it is only used for + authorisation +* Debian packaging improvement: implement configuring SASL authentication + using Debconf, based on a patch by Daniel Dehennin + + +changes from 0.7.12 to 0.7.13 +----------------------------- + +* fix handling of idle_timelimit option +* fix error code for problem while doing password modification + + +changes from 0.7.11 to 0.7.12 +----------------------------- + +* set a short socket timeout when shutting down the connection to the LDAP + server to avoid disconnect problems when using TLS + + +changes from 0.7.10 to 0.7.11 +----------------------------- + +* grow the buffer for the PAM ruser to not reject logins for users with + a ruser including a domain part +* Debian packaging improvements + + +changes from 0.7.9 to 0.7.10 +---------------------------- + +* handle errors from ldap_result() better and disconnect (and reconnect) + in more cases + + +changes from 0.7.8 to 0.7.9 +--------------------------- + +* fix for --with-nss-ldap-soname configure option by Julien Cristau +* Debian packaging improvements + + +changes from 0.7.7 to 0.7.8 +--------------------------- + +* minor portability improvements and clean-ups (thanks Alexander V. + Chernikov and Ted C. Cheng) +* don't expand variables in rest of ${var:-rest} and ${var:+rest} + expressions if it is not needed +* Debian packaging improvements + + +changes from 0.7.6 to 0.7.7 +--------------------------- + +* refactoring and simplification of PAM module which also improves logging +* implement a nullok PAM option and disable empty passwords by default +* portability improvements and other minor code improvements +* the mechanism to disable name lookups through LDAP from within the nslcd + process has been improved +* the undocumented use_sasl option has been removed (specifying sasl_mech now + implies use_sasl) +* the sasl_mech, sasl_realm, sasl_authcid, sasl_authzid and sasl_secprops + configuration options are now documented +* Debian packaging improvements + + +changes from 0.7.5 to 0.7.6 +--------------------------- + +* fix a problem with empty attributes if expression-based attribute + mapping is used (patch by Nalin Dahyabhai) +* make debug logging for pam_authz_search option a little more informative +* documentation improvements +* Debian packaging improvements + + +changes from 0.7.4 to 0.7.5 +--------------------------- + +* fix a problem in the session handling of the PAM module if the minimum_uid + option was used +* refactor the PAM module code to be simpler and better maintainable +* perform logging from PAM module to syslog and support the debug option to + log more information + + +changes from 0.7.3 to 0.7.4 +--------------------------- + +* fix a buffer overflow that should have no security consequences +* perform proper fail-over when authenticating in the PAM module +* add an nss_initgroups_ignoreusers option to ignore user name to group + lookups for the specified users +* add an pam_authz_search option to perform a flexible authorisation check on + login (e.g. to restrict which users can login to which hosts, etc) +* implement a minimum_uid option for the PAM module to ignore users that have + a lower numeric user id +* change the way retries are done to error out quicker if the LDAP server is + down for some time (this should make the system more responsive when the + LDAP server is unavailable) and rename the reconnect_maxsleeptime option to + reconnect_retrytime to better describe the behaviour +* only log "connected to LDAP server" if the previous connection failed +* documentation improvements + + +changes from 0.7.2 to 0.7.3 +--------------------------- + +* allow password modification by root using the rootpwmoddn configuration file + option (the user will be prompted for the password for rootpwmoddn instead + of the user's password) +* the LDAP password modify EXOP is first tried without the old password and if + that fails retried with the old password +* when determining the domain name (used for some value of the base and uri + options) also try to use the hostname aliases to build the domain name + (patch by Jan Schampera) +* perform locking on the pidfile on start-up to ensure that only one nslcd + process is running and implement a --check option (patch by Jan Schampera) +* documentation improvements + + +changes from 0.7.1 to 0.7.2 +--------------------------- + +* some attributes may be mapped to a shell-like expression that expand + attributes from LDAP entries; this allows attributes overrides, defaults and + much more (as a result the passwd cn attribute mapping has been removed + because the gecos mapping is now "${gecos:-$cn}" by default) +* update the NSS module to follow the change in Glibc where the addr + parameter of getnetbyaddr_r() was changed from network-byte-order to + host-byte-order +* properly escape searches for uniqueMember attributes for DN with a comma in + an attribute value +* miscellaneous improvements to the configure script implementing better (and + simpler) library detection +* some general refactoring and other miscellaneous improvements + + +changes from 0.7.0 to 0.7.1 +--------------------------- + +* implement password changing by performing an LDAP password modify EXOP + request +* fix return of authorisation check in PAM module (patch by Howard Chu) +* fix for problem when authenticating to LDAP entries without a uid attribute + in the DN +* general code clean-up and portability improvements +* provide more information with communication error messages + + +changes from 0.6.11 to 0.7.0 +---------------------------- + +* rename software to nss-pam-ldapd to indicate that PAM module is now a + standard part of the software +* the PAM module is now built by default (the configure script can be + instructed whether or not to build certain parts) +* the default configuration file name has been changed to /etc/nslcd.conf +* the default values for bind_timelimit and reconnect_maxsleeptime were + lowered from 30 to 10 seconds +* password hashes are no longer returned to non-root users (based on a patch + by Alexander V. Chernikov) +* a pam_ldap(8) manual page was added +* unknown options in the configuration file can now be ignored with a new + --disable-configfile-checking configure option + + +changes from 0.6.10 to 0.6.11 +----------------------------- + +* fix user name to groups mapping (a bug in buffer checking in initgroups() + that was introduced in 0.6.9) +* fix a possible buffer overflow with too many uidNumber or gidNumber + attributes (thanks to David Binderman for finding this) +* lookups for group, netgroup, passwd, protocols, rpc, services and shadow + maps are now case-sensitive +* test suite is now minimally documented +* added --disable-sasl and --disable-kerberos configure options +* changed references to home page and contact email addresses to use + arthurdejong.org +* Debian packaging improvements + + +changes from 0.6.9 to 0.6.10 +---------------------------- + +* implement searching through multiple search bases, based on a patch by Leigh + Wedding +* fix a segmentation fault that could occur when using any of the tls_* + options with a string parameter +* miscellaneous improvements to the experimental PAM module +* implement PAM authentication function in the nslcd daemon +* the code for reading and writing protocol entries between the NSS module and + the daemon was improved +* documentation updates +* removed SSL/TLS related warnings during startup +* Debian packaging improvements + + +changes from 0.6.8 to 0.6.9 +--------------------------- + +* produce more detailed logging in debug mode and allow multiple -d options to + be specified to also include logging from the LDAP library +* some LDAP configuration options are now initialized globally instead of per + connection which should fix problems with the tls_reqcert option +* documentation improvements for the NSLCD protocol used between the NSS + module and the nslcd server +* imported the new PAM module from the OpenLDAP nssov tree by Howard Chu (note + that the PAM-related NSLCD protocol is not yet finalised and this module is + not built by default) +* in configure script allow disabling of building certain components +* fix a bug with writing alternate service names and add checks for + validity of passed buffer in NSS module +* Debian packaging improvements + + +changes from 0.6.7 to 0.6.8 +--------------------------- + +* SECURITY FIX: the nss-ldapd.conf file that is installed by the Debian + package was created world-readable which could cause problems + if the bindpw option is used (CVE-2009-1073) + this has been fixed in the Debian package but other users + should check the permissions of the nss-ldapd.conf file when + the bindpw option is used (warnings have been added to the + manual page and sample nss-ldapd.conf) +* clean the environment and set LDAPNOINIT to disable parsing of LDAP + configuration files (.ldaprc, /etc/ldap/ldap.conf, etc) +* remove sslpath option because it wasn't used +* correctly set SSL/TLS options when using StartTLS +* rename the tls_checkpeer option to tls_reqcert, deprecating the old name and + supporting all values that OpenLDAP supports +* allow backslashes in user and group names except as first or last character +* check user and group names against LOGIN_NAME_MAX if it is defined +* fix for getpeercred() on Solaris by David Bartley +* Debian packaging improvements + + +changes form 0.6.6 to 0.6.7 +--------------------------- + +* a fix for a problem in the Debian packaging that would cause user-configured + options be ignored + + +changes form 0.6.5 to 0.6.6 +--------------------------- + +* Debian packaging improvements +* allow spaces in user and group names because it was causing problems in + some environments +* if ldap_set_option() fails log the option name instead of number +* retry connecting to LDAP server in more cases + + +changes form 0.6.4 to 0.6.5 +--------------------------- + +* Debian package configuration translation updates + + +changes form 0.6.3 to 0.6.4 +--------------------------- + +* fix for the tls_checkpeer option +* fix incorrect test for ssl option in combination with ldaps:// URIs +* improvements to Active Directory sample configuration +* implement looking up search base in rootDSE of LDAP server + + +changes form 0.6.2 to 0.6.3 +--------------------------- + +* retry connection and search if getting results failed with connection + problems (some errors only occur when getting the results, not when starting + the search) +* add support for groups with up to around 150000 members (assuming user names + on average are a little under 10 characters) +* problem with possible SIGPIPE race condition was fixed by using send() + instead of write() +* add uid and gid configuration keywords that set the user and group of the + nslcd daemon +* add some documentation on supported group to member mappings +* add sanity checking to code for when clock moves backward +* log messages now include a session id that makes it easier to track errors + to requests (especially useful in debugging mode) +* miscellaneous portability improvements +* increase buffers and time-outs to handle large lookups more gracefully +* implement SASL authentication based on a patch by Dan White +* allow more characters in user and group names + + +changes form 0.6.1 to 0.6.2 +--------------------------- + +* all user and group names are now checked for validity are specified in the + POSIX Portable Filename Character Set +* support retrieval of ranged attribute values as sometimes returned by Active + Directory +* added the threads keyword to configure the number of threads that should be + started in nslcd +* handle empty netgroups properly +* change the time-out and retry mechanism for connecting to the LDAP server to + return an error quickly if the LDAP server is known to be unavailable for a + long time (this removed the reconnect_tries option and changes the meaning + of the reconnect_sleeptime and reconnect_maxsleeptime options) +* increased the time-out values between the NSS module and nslcd because of + new retry mechanism +* implement new dict and set modules that use a hashtable to map keys + efficiently +* use the new set to store group membership to simplify memory management and + eliminate duplicate members +* the uniqueMember attribute now only supports DN values +* implement a cache for DN to user name lookups (15 minute timeout) used for + the uniqueMember attribute to save on doing LDAP searches for groups with a + lot of members, based on a patch by Petter Reinholdtsen +* improvements to the tests +* if any of the ldap calls return LDAP_UNAVAILABLE or LDAP_SERVER_DOWN the + connection is closed +* improve dependencies in LSB init script header to improve dependency based + booting + + +changes from 0.6 to 0.6.1 +------------------------- + +* numerous small fixes and compatibility improvements +* the I/O buffers between nslcd and NSS module are now dynamically sized and + tuned for common requests +* correctly follow referrals +* add StartTLS support by Ralf Haferkamp of SuSE +* miscellaneous documentation improvements +* remove code for handling rootbinddn/pw because it is unlikely to be + supported any time soon +* fix a problem with realloc()ed memory that was not referenced +* fix for a crash in group membership buffer growing code thanks to Petter + Reinholdtsen +* some improvements to the Active Directory sample configuration +* fix init script exit code with stop while not running +* fixes to the _nss_ldap_initgroups_dyn() function to properly handle the + buffer and limits passed by Glibc +* fixes to the member to groups search functions to correctly handle + uniqueMember attributes +* only return shadow entries to root users +* miscellaneous Debian packaging improvements + + +changes from 0.5 to 0.6 +----------------------- + +* fix parsing of map option in nss-ldapd.conf +* fix bug in handling of userPassword values +* remove warning about missing loginShell attribute +* support the uniqueMember LDAP attribute that holds DN values +* support ldap as a compat service in /etc/nsswitch.conf +* implement _nss_ldap_initgroups_dyn() to allow username->groups searches +* fix retry mechanism with get*ent() functions where a too small buffer was + passed by libc (to support groups with a lot of members) +* fix a bug in reporting of communications problems between nslcd and the NSS + library +* test and log failures of all LDAP library calls +* improved tests +* miscellaneous compatibility improvements to try to support more LDAP + libraries and platforms +* support compilation with OpenLDAP 2.4 and newer +* some configure script improvements +* Debian packaging improvements + + +changes from 0.4.1 to 0.5 +------------------------- + +* major structural changes in the LDAP lookup code using a newly implemented + module that does memory management, session handling, paging and all other + painful things with a simple interface +* rewritten LDAP query and result handling code, now generating warnings + about incorrect entries in the LDAP directory +* IPv6 addresses in host lookups are now supported +* added Kerberos ccname support (with the krb5_ccname option) thanks to + Andreas Schneider and Ralf Haferkamp from SuSE and remove --with-gssapi-dir, + --enable-configurable-krb5-ccname-gssapi and + --enable-configurable-krb5-ccname-env configure options and having automatic + detection instead +* added support for DNS SRV record lookups by specifying DNS as uri thanks to + Ralf Haferkamp and Michael Calmer from SuSE +* added support for DOMAIN as base DN which uses the host's domain to + construct a DN +* removed nss_connect_policy, bind_policy and sizelimit options +* cleaned up and documented reconnect logic with reconnect_tries, + reconnect_sleeptime and reconnect_maxsleeptime options +* configuration values with spaces in them (e.g. distinguished names) are now + handled properly +* fix a small memory leak in the I/O module +* miscellaneous code improvements (better source code comments, more + consistent logging, portability improvements, more tests, etc) +* improvements to documentation + + +changes from 0.4 to 0.4.1 +------------------------- + +* added French debconf translation by Cyril Brulebois +* added Japanese debconf translation by Kenshi Muto +* fix a problem with network name lookups where the lookup would result + in the wrong call to nslcd +* fix wrong default filter for rpc lookups +* fix a number of memory leaks (thanks valgrind) + (all memory leaks during normal operation should be fixed now) + + +changes from 0.3 to 0.4 +----------------------- + +* remove nss_schema configfile option +* temporary remove support for uniqueMember group membership attributes (will + be re-added in a later release) +* removed support for nested groups, if this is really needed (please ask or + file a bug if you want it) it can be re-added later on +* added missing docbook sources for manual pages to tarball +* major cleanups and simplifications in the core LDAP query code (we don't + need to worry about SIGPIPE because nslcd does that globally, locking + because a connection is only used by one thread) and more simplifications in + the the LDAP connection and query state +* get base, scope, filter and map configfile directives properly working +* simplifications in LDAP reconnect logic (some work remains to be done in + this area) +* issue warnings or errors for untested or unsupported configuration options +* properly handle multiple URIs in Debian configuration +* documentation improvements + + +changes from 0.2.1 to 0.3 +------------------------- + +* a bug in the communication buffer handling code was fixed +* a bug in the dictionary code was fixed (code not yet in use) +* a fix for the init script that used a wrong pidfile +* configuration file handling code was rewritten to be better maintainable +* some configuration file options have changed which means that compatibility + with the nss_ldap configuration file is lost +* configuration syntax is now documented in the nss-ldapd.conf(5) manual page +* support for dnsconfig was removed +* the configuration file no longer supports using multiple search bases +* removed nss_initgroups and nss_initgroups_ignoreusers options +* removed --enable-paged-results configure option and use pagesize + configuration file option to specify usage of paging at runtime +* added Portuguese debconf translation by Américo Monteiro +* Debian package configuration improvements and simplifications +* use docbook2x-man for generating manual pages +* miscellaneous documentation improvements including improved manual pages +* general code reorganisation and clean-ups to achieve another 9% code + reduction relative to 0.2.1 release (more than 40% relative to nss_ldap) +* SASL, Kerberos and SSL/TLS support remain untested + + +changes from 0.2 to 0.2.1 +------------------------- + +* fix permissions of server socket (this fixes a problem where non-root users + were unable to do lookups) +* fix configure script to properly check for pthread support +* small code improvements +* general build system cleanups + + +changes from 0.1 to 0.2 +----------------------- + +* fixes to the netgroup lookup code +* more simplifications and improvements in the code almost 5% code reduction + (compared to release 0.1) and 37% reduction in gcc warnings (from 443 in 251 + to 389 in 0.1 and 244 in 0.2) +* a lot of code improvements thanks to flawfinder, more gcc warnings, splint + and rats +* license change from GNU Library General Public License to GNU Lesser General + Public License (with the permission of Luke Howard) +* fix logging code to be cleaner and always use our own logging module +* a start has been made to make the code more testable and initial work to set + up a testing framework has been done +* implemented a timeout mechanism in the communication between the NSS part + and the nslcd server part + + +changes from nss_ldap 251 to nss-ldapd 0.1 +------------------------------------------ + +* initial release of nss-ldapd (should be functional but not yet stable enough + for production use) +* fork from the nss_ldap which was originally written by Luke Howard of PADL + Software Pty Ltd. changing package name to nss-ldapd and versioning scheme +* the functionality was split into a thin NSS library and a simple daemon + proxying the requests to the LDAP server (see README for rationale) +* a lot of dead and old compatibility code was removed (about 25% of the code + was removed) (more simplifications to come) +* the test code was rewritten +* build script simplifications +* default configuration file has been changed to /etc/nss-ldapd.conf +* most documentation has been updated and rewritten +* dropped support for non-glibc NSS interfaces and assumed OpenLDAP compatible + library + + +changes from 250 to 251 +----------------------- + +* remove doc/rfc2307.txt, it is available from + http://www.ietf.org/rfc/rfc2307.txt +* make objectClass a mappable attribute + + +changes from 249 to 250 +----------------------- + +* don't use static _nss_ldap_no_members buffer, causes crash when nss_ldap is + unloaded and memory is still referenced +* fix for BUG#249: tcsh closes file descriptors, confuses nss_ldap and hangs + (from David Houlder) +* fix for BUG#257: initgroups() broken in RFC2307bis support disabled +* fix for BUG#261: sslpath example wrong +* fix for BUG#263: compile do_triple_permutations() when IRS enabled + + +changes from 248 to 249 +----------------------- + +* fix for BUG#253: build broken on AIX +* fix for BUG#255: deadlock in initgroups + + +changes from 247 to 248 +----------------------- + +* fix regression in per-objectclass attribute mapping introduced in + nss_ldap-246 + + +changes from 246 to 247 +----------------------- + +* double-check *ld != NULL even if mapped eror return from ldap_initialize() + returns NSS_SUCCESS + + +changes from 245 to 246 +----------------------- + +* paged results and RFC2307bis support are now always compiled in; they are by + default disabled unless you configured with --enable-paged-results and + --enable-rfc2307bis, respectively. See nss_ldap(5) for configuration + options. +* fix for BUG#219: paged results delivers wrong results +* fix for BUG#222: use asynchronous start TLS if available, using bind_timeout + value +* fix for BUG#235: make DNS SRV lookup domain configurable (nss_srv_domain) +* fix for BUG#240: return "*" rather than "x" for userPassword if not present +* fix for BUG#245: paged results broken since nss_ldap-241 +* patch from Ralf Haferkamp : compile fix for IPv6 +* compile for Solaris +* schema mapping is always enabled, cleanup schema mapping code +* allow for map-specific objectclass mapping +* partial implementation of Solaris Simplified LDAP API, allows automountd + support on Solaris via nss_ldap +* for Linux automounter, always close connection after endautomntent() to + avoid persistent connection +* add nss_connect_policy argument to ldap.conf + + +changes from 244 to 245 +----------------------- + +* don't leak LDAP connection if do_bind() failed or descriptor owner had + changed. If do_bind() failed the underlying descriptor would also be leaked, + causing a large number of sockets to be consumed during failover +* add nss_initgroups_ignoreusers parameter to ldap.conf, returns NOTFOUND if + nss_ldap's initgroups() is called for users (comma separated) +* try to deal with systems that have headers for both versions of the SASL + library installed +* better logging of failed connections and reconnections +* patch from Dean Michaels : build with Netscape 5 + library on Solaris +* patch from Ralf Haferkamp : manual page fix to bind_policy + + +changes from 243 to 244 +----------------------- + +* patch from Ralf Haferkamp : enusre bytesleft macro does not + return values < 0 +* include in ldap-nss.c + + +changes from 242 to 243 +----------------------- + +* fix for BUG#225: invalid pointer dereferencing when reading rootpw + + +changes from 241 to 242 +----------------------- + +* fixes for compiling on Solaris 10 + + +changes from 240 to 241 +----------------------- + +* new, more robust reconnection logic +* both "host" and "uri" directives can be used in ldap.conf +* new (undocumented) nss_reconnect_tries, nss_reconnect_sleeptime, + nss_reconnect_maxsleeptime, nss_reconnect_maxconntries directives +* reload configuration file if changed + + +changes from 239 to 240 +----------------------- + +* new API for resolving automounts (requires custom autofs plugin for Linux at + present): _nss_ldap_setautomntent(), _nss_ldap_getautomntent(), + _nss_ldap_endautomntent(), _nss_ldap_getautomntbyname_r() +* fix for BUG#200: rename SOCKLEN_T as it conflicts on AIX +* fix for BUG#205: accept line feeds in ldap.conf +* fix for BUG#211: nss_ldap fails to start TLS on referred connections +* fix for BUG#213: initgroups crash if RFC2307bis undefined +* turn down reconnection logging volume + + +changes from 238 to 239 +----------------------- + +* support for initgroups using backlinks (selectable at runtime if RFC2307bis + support is enabled, using the nss_initgroups backlink configuration + directive) +* support for dynamically expanding filter sizes +* from Peter Marschall : revert the deletion of blanks/tabs in + ldap.conf that happened between 235 and 238 +* from Peter Marschall : This patch changes configure.in and + Makefile.am so that ldap.conf gets installed in the place and with the name + that is given to the configure option --with-ldap-conf-file. In addition to + that it fixes a long standing bug in Makefile.am that tries to install a + file before the destination directory is guaranteed to be created (hunk #3), + and uses $(mkinstalldirs) for AIX (hunk #2). + + +changes from 237 to 238 +----------------------- + +* more manual page updates + + +changes from 236 to 237 +----------------------- + +* more manual page updates + + +changes from 235 to 236 +----------------------- + +* fix for BUG#201: typo in ldap-schema.c causing build to fail +* add manual page for nss_ldap + + +changes from 234 to 235 +----------------------- + +* fix for BUG#198: make pagesize configurable +* fix for BUG#199: correct fix for BUG#138 (blind last char remove in + ldap.secret) + + +changes from 233 to 234 +----------------------- + +* don't reacquire global lock in do_next_page() +* restore old "bind_policy hard" behaviour (don't try to reconnect if + initialization failed). The behaviour introduced in nss_ldap-227 can be + enabled with "bind_policy hard_init". + + +changes from 232 to 233 +----------------------- + +* if do_open() returns NSS_UNAVAIL, don't try to do server reconnect; only do + it if NSS_TRYAGAIN is returned This should fix the problems introduced by + the fixes in nss_ldap-227 (delayed binding) + + +changes from 231 to 232 +----------------------- + +* fix for BUG#138 (blind last char remove in ldap.secret) + + +changes from 229 to 230 +----------------------- + +* don't free gss_krb5_ccache_name() output (Heimdal) + + +changes from 228 to 229 +----------------------- + +* more debugging in initgroups and _nss_ldap_getentry() +* fix _nss_ldap_getentry() enumeration behaviour, and optimize by not + searching if the requested attribute cannot be mapped + + +changes from 227 to 228 +----------------------- + +* fix for BUG#188: better documentation for OpenLDAP SSL options +* fix for BUG#189: do not configure tls_checkpeer unless it is explicitly + specifier in ldap.conf +* fix for BUG#190: set ls_state to LS_UNINITIALIZED after fork + + +changes from 226 to 227 +----------------------- + +* separate initializing LDAP session with actually connecting to the DSA, so + that we don't try to bind until we actually need to search (which allows the + retry logic in the search function to also apply to binding). NB: this will + only provide improved behavior for LDAP client libraries that support + ldap_init() or ldap_initialize() rather than ldap_open +* fix for BUG#183: support pw_change and pw_expire on BSD +* fix for BUG#187: NSS_BUFLEN_DEFAULT causing problems on IRS platforms +* fix for glibc 2.1 from Alexander Spannagel + + +changes from 225 to 226 +----------------------- + +* make LDAP_NSS_NGROUPS configurable with --with-ngroups (experts only) option + + +changes from 224 to 225 +----------------------- + +* make LDAP_NSS_NGROUPS 64 - better choice for small directories + + +changes from 223 to 224 +----------------------- + +* don't double-free on realloc() failure in do_parse_group_members() +* don't pass LDAP session as an argument, as it may refer to a stale LDAP + handle. If this does not work we will need to replace LDAPMessage pointers + with pointers to a structure that contains a reference-counted LDAP handle + as well as the message +* fix crasher when internal group membership buffer was reallocated + (introduced with nested group expansion code) +* immediately return NSS_TRYAGAIN and errno=ERANGE if there is not enough + buffer space to handle LDAP_NSS_NGROUPS groups; this prevents getgrXXX() + from expensive repeated directory searches when there is a priori knowledge + that group memberships are large + + +changes from 222 to 223 +----------------------- + +* allow empty lines in /etc/ldap.conf +* do loop detection in nested groups +* fixes for building with IRS on FreeBSD 4.10 + + +changes from 221 to 222 +----------------------- + +* fix deadlock in _nss_ldap_getentry() +* support more AIX usersec attributes +* more AIX porting fixes +* support Heimdal as well as MIT Kerberos + + +changes from 220 to 221 +----------------------- + +* AIX fix from Recall #169033 +* support for expansion of nested RFC2307bis groups +* support for searching using range retrieval +* fix memory leak with private contexts +* fix memory leak in do_result() +* implement _nss_ldap_getentry for AIX enumeration +* implement netgroups for IRS/AIX +* remove dependency on Berkeley DB - schema mapping and RFC2307bis no longer + requires DB +* remove old NeXT cruft in resolve.c + + +changes from 218 to 220 +----------------------- + +* fix for BUG#169: getntohost() on Solaris +* fix for BUG#170: _nss_ldap_getgroupsbymember_r fails to return all groups + when NSCD is running and attribute mapping is enabled on Solaris +* fix for BUG#173: reinstate use of sigaction() (XXX what is the correct fix + here?) +* fix for BUG#174: innetgr() depth checking + + +changes from 217 to 218 +----------------------- + +* fix for BUG#168: set errnop to ENOENT if not found +* check for -lgssapi before -lgssapi_krb5 + + +changes from 216 to 217 +----------------------- + +* fix for BUG#167: compilation fails on Solaris + + +changes from 215 to 216 +----------------------- + +* patch from Thorsten Kukuk to avoid overwriting sockaddr storage for IPv6; + use struct sockaddr_storage if available +* fix for BUG#153: use asynchronous search API in initgroups() +* fix for BUG#157: check for __pthread_once rather than __pthread_atfork on + glibc, as the latter is no longer exported +* fix for BUG#158: escape netgroup search filters correctly +* fix for BUG#161: remove redundant lock in _nss_ldap_innetgr() +* fix for BUG#164: set schema element array size to LM_NONE + 1 not LM_NONE +* fix for BUG#165: make _nss_ldap_result() private +* fix for BUG#166: chase all nested netgroups in innetgr() +* fix deadlock if getXXXent() called without first calling setXXXent() +* only request gidNumber attribute when initgroups() (avoids sending back rest + of a group's entry) +* don't request any attributes when mapping a user to a DN (we want the DN + only) + + +changes from 214 to 215 +----------------------- + +* choose between using native GSS-API and putenv() for setting ccache path +* per-map attribute mapping for attributes that appear in multiple maps + + +changes from 213 to 214 +----------------------- + +* define LDAP_DEPRECATED for compiling against OpenLDAP 2.2 + + +changes from 212 to 213 +----------------------- + +* fix netgroup compilation error when debugging is enabled +* support GSS-API for setting ccache name +* initgroups() should require user to be a POSIX account +* define LOGNAME_MAX for HP-UX +* do not use sigprocmask() - this blocks rather than disabling signals +* SASL version check fix from Howard Chu + + +changes from 211 to 212 +----------------------- + +* Solaris netgroup support test release +* fix crasher in do_sasl_interact() +* do_sasl_interact() needs to strdup() result for Cyrus SASL 1.x but not 2.x +* merge in LDAP debug patch from Howard Chu +* try alternate search descriptors on NSS_NOTFOUND as well as NSS_SUCCESS + + +changes from 210 to 211 +----------------------- + +* do AT_OC_MAP cache initialization at config init +* BSD build fixes +* replace [h]errno2nssstat lookup tables with switch statement; should help + building on AIX! + + +changes from 209 to 210 +----------------------- + +* initialize DBT structures +* fix SASL crasher + + +changes from 208 to 209 +----------------------- + +* fix SASL breakage + + +changes from 207 to 208 +----------------------- + +* use socklen_t not int +* remove OpenLDAP SASL code +* incorporated patches from (see below) Geert Jansen +* add the "sasl_secprops" option to configure SASL security layers (usage as + for OpenLDAP ldap.conf) +* add the "krb5_ccname" option to specify the location of the Kerberos ticket + cache (requires --enable-configurable-krb5-ccname for now as it is a fairly + coarse solution to a lack of appropriate API in the Kerberos libraries) +* add support for native Active Directory password policy attributes (enabled + if shadowLastChange is mapped to pwdLastSet) +* add "nss_override_attribute_value" and "nss_default_attribute_value" + keywords for over- riding and setting default attribute values, respectively + + +changes from 205 to 207 +----------------------- + +* work without LDAP_OPT_X_TLS_RANDOM_FILE +* fix schema mapping regression from nss_ldap-205; attribute mapping now works + again + + +changes from 204 to 205 +----------------------- + +* build with Sleepycat DB without db185 compat layer (tested with 4.x; needs + testing on 3.x) + + +changes from 203 to 204 +----------------------- + +* Linux netgroup implementation from Larry Lile +* Multiple service search descriptor support from Symas +* IPv6 patch from Thorsten Kukuk at SuSE + + +changes from 202 to 203 +----------------------- + +* fix for BUG#115 +* fix for BUG#121 + + +changes from 201 to 202 +----------------------- + +* getsockname() fixes from Howard Chu +* configuration parser crasher fix + + +changes from 200 to 201 +----------------------- + +* Berkeley DB fixes from Howard Chu +* Netscape client library build fix + + +changes from 199 to 200 +----------------------- + +* use sigprocmask() if available to block SIGPIPE +* fix build breakage with OpenLDAP HEAD + + +changes from 198 to 199 +----------------------- + +* HP-UX port +* BUG#111: incorrect debugging statement in _nss_ldap_enter() +* export required symbols only on Linux +* corrected symbol names for glibc alias enumeration functions +* the DNS response parser doesn't stop after parsing the right number of + records, and doesn't handle long responses (Nalin at RedHat) + + +changes from 197 to 198 +----------------------- + +* BUG#108: fix potential buffer overflow in dnsconfig.c (could be triggered if + no flat file configuration for nss_ldap and large DNS SRV data for domain; + because nss_ldap in SRV mode trusts DNS we do not believe this to be + exploitable to elevate privilege in the default configuration) +* do not malloc() configuration structure; use buffer + + +changes from 196 to 197 +----------------------- + +* improved AIX documentation from Dejan Muhamedagic +* define LDAP_OPT_SSL for Solaris 9 + + +changes from 195 to 196 +----------------------- + +* return NSS_TRYAGAIN not NSS_NOTFOUND for insufficient buffer space in + dn2uid_cache_get() +* support automake 1.5 and friends +* out of box build on AIX 4.3.3 +* fixed BUG#104: do_ssl_options() return code ignored + + +changes from 194 to 195 +----------------------- + +* fixed BUG#98: large groups cause buffer length wraparound with rfc2307bis + + +changes from 193 to 194 +----------------------- + +* bugfix for Debian Bug report #147553: lack of global mutex use in + initgroups() + + +changes from 192 to 193 +----------------------- + +* support for PADL GSS-SASL client library + + +changes from 191 to 192 +----------------------- + +* more carefully compare cached socket and peer addresses + + +changes from 190 to 191 +----------------------- + +* added configurable [hard|soft] reconnect, see the bind_policy parameter in + ldap.conf. + + +changes from 189 to 190 +----------------------- + +* check for Netscape 4 SDK without SSL; don't require pthreads for these + + +changes from 188 to 189 +----------------------- + +* patch for building on OpenLDAP 1.x from Nalin at RedHat + + +changes from 187 to 188 +----------------------- + +* specify runtime path for LDAP library correctly to native Solaris linker +* check for gcc correctly +* use native linker on Solaris and AIX + + +changes from 186 to 187 +----------------------- + +* make bogusSd in ldap-nss.c conditional on !HAVE_LDAP_LD_FREE +* merge in paged result support from Max Caines +* bugfixes for Debian Bug report #140854 + + +changes from 185 to 186 +----------------------- + +* incorporated patch for Debian Bug report #140854, where nss_ldap could in + some cases close a descriptor it did not own. Patch was provided by Luca + Filipozzi. + + +changes from 184 to 185 +----------------------- + +* updated copyrights +* fix for BUG#82: set close on exec (Debian bug 136953) + + +changes from 183 to 184 +----------------------- + +* return NSS_TRYAGAIN if no buffer space in ldap-grp.c + + +changes from 181 to 183 +----------------------- + +* return error strings in AIX authentication routine +* initialize schema in getgroupsbymember() +* fix for tls_checkpeer; pass NULL session in to set global option +* BUG#77: configurable config file locations + + +changes from 181 to 181 +----------------------- + +* ignore SIGPIPE whilst inside nss_ldap library routines to prevent crashing + on down LDAP server; possible fix for Debian bug 130006 +* removed --enable-no-so-keepalive; always try to disable SO_KEEPALIVE on + underlying socket to LDAP server +* include local copy of irs.h under AIX +* general cleanup of locking code +* _nss_ldap_no_members appears to only need defining for when RFC2307bis is + enabled + + +changes from 179 to 180 +----------------------- + +* pull in libpthreads on AIX + + +changes from 178 to 179 +----------------------- + +* a couple more patches for AIX + + +changes from 177 to 178 +----------------------- + +* patch from Gabor Gombas for AIX support +* Makefile.am: sasl.o needed by NSS_LDAP +* aix_authmeth.c: method_passwordexpired is really method_passwdexpired; but + since the struct was bzero()ed no need to set it to NULL +* configure.in: support both gcc and xlc_r +* exports.aix: sv_byport was not exported +* ldap-grp.c: getgrset() returned group names instead of gid numbers + + +changes from 176 to 177 +----------------------- + +* patch for building on AIX from IBM +* added simple authentication support for AIX +* cleaned up SASL patch to not break if Cyrus SASL is not installed + + +changes from 175 to 176 +----------------------- + +* fixed bug in SASL patch which had required OpenLDAP headers + + +changes from 174 to 175 +----------------------- + +* incorporated GSS-API SASL patches +* rebind to server on LDAP_LOCAL_ERROR + + +changes from 173 to 174 +----------------------- + +* added patches from Maxim Batourine for compiling with Sun workshop compiler +* added notes re: 64-bit compile on Solaris from above source + + +changes from 172 to 173 +----------------------- + +* notes on IRS in doc/README.IRS +* added irs.h for AIX compat +* patch from Bob Guo for stripping trailing spaces in ldap.conf. + + +changes from 171 to 172 +----------------------- + +* fixed schema mapping bug by storing a copy of the mapped schema in the + Berkeley DB rather than the element itself. Because the DB library returns + static storage, this was causing problems where the schema mapping calls + were used to build the attribute table in ldap-schema.c. This bugfix was + sponsored by n2h2.com; thanks! + + +changes from 170 to 171 +----------------------- + +* added ldap.conf stanza for AIX +* workaround for schema mapping bug. + + +changes from 169 to 170 +----------------------- + +* use _nss_ldap_getrdnvalue() for determining canonical group name + + +changes from 168 to 169 +----------------------- + +* fixed typo in ldap-service.c; prefix filters now with _nss_ldap + + +changes from 167 to 168 +----------------------- + +* initialize old_handler to SIG_DFL +* incorporate Stephan Cremer's mapping patches, a big thanks to Stephan for + these! +* use LDAP_OPT_NETWORK_TIMEOUT if available for network connect timeout +* removed hard-coded schema mapping for authPassword, NDS and MSSFU + + +changes from 166 to 167 +----------------------- + +* support for new OpenLDAP rebind proc prototype +* in rebind function, respect timeout +* fix for PADL Release Control + + +changes from 165 to 166 +----------------------- + +* corrected small typos + + +changes from 164 to 165 +----------------------- + +* posixMember is a distinguished name, don't pretend it is a login name +* cleaned up code referencing different member syntaxes + + +changes from 163 to 164 +----------------------- + +* removed IDS_UID code, never worked properly + + +changes from 162 to 163 +----------------------- + +* removed context_free function, usage confusing + + +changes from 161 to 162 +----------------------- + +* in reconnect harness, do not treat entry not found errors as requiring a + reconnect + + +changes from 160 to 161 +----------------------- + +* hopefully fixed use of synchronous searches in _nss_ldap_getbyname() + + +changes from 159 to 160 +----------------------- + +* patch from RedHat to check for DB3, override install user/group optionally +* use synchronous searches for _nss_ldap_getbyname() +* only set SSL options if we have values for those options + + +changes from 158 to 159 +----------------------- + +* make do_ssl_options() take a config parameter; avoid segfault with SSL? + + +changes from 157 to 158 +----------------------- + +* in the distinguished name to login cache (dn2uid) make sure we use the + AT(uid) macro for the uid attribute rather than the hard-coded value of + "uid" This should enable the cache for MSSFU support. + + +changes from 156 to 157 +----------------------- + +* for MSSFU, use posixMember for group memberships rather than member + (reported by Andy Rechenberg) +* ignore SIGPIPE before calling do_close() for idle_timeout + + +changes from 155 to 156 +----------------------- + +* logic was around the wrong way in do_search(), all searches were broken! +* --disable-ssl option for configure +* removed "Obsoletes: pam_ldap" from spec file + + +changes from 154 to 155 +----------------------- + +* do not use private API when setting OpenLDAP TLS options (do_ssl_options()) + + +changes from 153 to 154 +----------------------- + +* notes from Scott M. Stone +* idle timeout patch from Steve Barrus + + +changes from 152 to 153 +----------------------- + +* SSL fix + + +changes from 151 to 152 +----------------------- + +* further patch from Jarkko for TLS/SSL auth: support for LDAPS/cipher suite + selection/ client key/cert authentication + + +changes from 150 to 151 +----------------------- + +* patch from Andrew Rechenberg for Active Directory schema support +* patch from Jarkko Turkulainen for peer certificate support + with OpenLDAP + + +changes from 149 to 150 +----------------------- + +* patch from Anselm Kruis for URI support + + +changes from 148 to 149 +----------------------- + +* fixed compile on Solaris, broken in 145 by malformed Linux patch + + +changes from 147 to 148 +----------------------- + +* check for HAVE_LDAP_SET_OPTION always + + +changes from 146 to 147 +----------------------- + +* check for ldap_set_option(), as LDAP_OPT_REFERRALS is defined for OpenLDAP + 1.x but without the ldap_set_option() function + + +changes from 145 to 146 +----------------------- + +* mass re-indentation, GNU style +* patch from Simon Wilkinson for compatibility with old + initgroups entry point +* request authPassword attribute if --enable-authpassword +* authPassword support in ldap-spwd.c (shadow) + + +changes from 144 to 145 +----------------------- + +* preliminary support for authPassword attribute +* updated COPYING +* patch from Szymon Juraszczyk to suppot _nss_ldap_initgroups_dyn prototype + + +changes from 143 to 144 +----------------------- + +* when specifying filters with nss_base_XXX, only escape the filter argument + not the entire filter + + +changes from 142 to 143 +----------------------- + +* patch from nalin@redhat.com to avoid corrupting the heap when the + configuration file exists but has no host and base values. + _nss_ldap_readconfigfromdns() will write to the region which was already + freed. + + +changes from 141 to 142 +----------------------- + +* patch from Simon Wilkinson for memory leak in + ldap-service.c + + +changes from 140 to 141 +----------------------- + +* fix for BUG#54 (AIX detection broken) +* use -rpath on all platforms except Solaris, + not just Linux + + +changes from 139 to 140 +----------------------- + +* fix configure bug for DISABLE_SO_KEEPALIVE +* fix alignment bug in util.c; this was causing Solaris to crash whenever + per-map search descriptors were specified in ldap.conf + + +changes from 138 to 139 +----------------------- + +* updated INSTALL file with boilerplate +* fixed pointer error in ldap-nss.c + + +changes from 137.1 to 138 +------------------------- + +* close config file FILE * if out of buffer space for parsing search + descriptor +* fixed bug where non-recognized directives in ldap.conf would cause the + configuration file to not be parsed at all, if they were the last entries in + the config file. + + +changes from 137 to 137.1 +------------------------- + +* patch from nalin@redhat.com; return { NULL } not NULL for no group members +* cleaned up usage of libc-lock.h weak aliases to pthreads API; use in ltf.c + also +* use __libc_atfork() or pthread_atfork() to close off connection on fork, + rather than checking PIDs; this is expensive and breaks on Linux where each + thread may have a different PID. + + +changes from 136 to 137 +----------------------- + +* build nss_ldap as a loadable module on AIX +* doco on AIX + + +changes from 135 to 136 +----------------------- + +* define -DPIC for FreeBSD +* link with -shared not --shared +* fixes for AIX + + +changes from 134 to 135 +----------------------- + +* merged ldap.conf +* fixed bug in concatenating relative search bases in ldap-nss.c (profile + support) + + +changes from 133 to 134 +----------------------- + +* fixed Makefile.am +* reordered DB search order in util.c + + +changes from 132 to 133 +----------------------- + +* make /usr/lib directory in Makefile.am +* new spec file from Joe Little + + +changes from 131 to 132 +----------------------- + +* fixed rebind preprocessor logic + + +changes from 130 to 131 +----------------------- + +* created files for automake happiness + + +changes from 129 to 130 +----------------------- + +* fixed typo preventing build with Netscape client library + + +changes from 128 to 129 +----------------------- + +* updated version number +* fixed build bug on Solaris + + +changes from 127 to 128 +----------------------- + +* fixed logic bug in util.c introduced in nss_ldap-127 + + +changes from 126 to 127 +----------------------- + +* updating copyright notices +* autoconf support; IRIX and OSF/1 support has been dropped (dl-*.[ch]) as no + one really used this, the implementation was a hack, and these operating + systems have their own LDAP implementations now +* added support for "referrals" and "restart" options to ldap.conf +* use OpenLDAP 2.x rebind proc with correct arguments +* added "timelimit" and "bind_timelimit" directives to ldap.conf +* fixed bug with dereferencing aliases +* preliminary support for profiles; recognise profile semantics in + ldap-nss.c/util.c +* parity with pam_ldap; "ssl" directive in ldap.conf can now specify "yes" or + "start_tls" for Start TLS +* hopefully fixed Berkeley DB include mess in util.c +* fixed potential buffer overflow in util.c +* default to LDAP protocol version 3 +* fixed leaks in util.c, dnsconfig.c +* accept on/yes/true for boolean configuration values +* tested building on FreeBSD, Solaris 8, Linux +* tested functionality on RedHat 6.2 + + +changes from 124 to 126 +----------------------- + +* fixed up Linux Makefiles to build libnss_ldap + + +changes from 123 to 124 +----------------------- + +* patch from nalin@redhat.com for StartTLS +* fixed up indenting + + +changes from 122.BZ52.2 to 123 +------------------------------ + +* rolled in BUG#52 branch with fixes for AIX + + +changes from 122.BZ52.1 to 122.BZ52.2 +------------------------------------- + +* included ldap-schema.c; omitted from previous checkpoint + + +changes from 122 to 122.BZ52.1 +------------------------------ + +* preliminary fix for BUG#52 (support for different naming contexts for each + map) +* fixed bug in enumerating services map + + +changes from 121 to 122 +----------------------- + +* fixed BUG#50 (check return value of ldap_simple_bind()) + + +changes from 120 to 121 +----------------------- + +* fixed BUG#49 (fix acknowledged race condition) + + +changes from 119 to 120 +----------------------- + +* added Makefile.aix and exports.aix (forgot) + + +changes from 118 to 119 +----------------------- + +* patch from Gabor Gombas to support AIX implementation + of BIND IRS + + +changes from 117 to 118 +----------------------- + +* Makefile.RPM.openldap2 from Joe Little + + +changes from 116 to 117 +----------------------- + +* permanently ignore SIGPIPE when using SSL. This bug should be fixed + properly. + + +changes from 115 to 116 +----------------------- + +* added irs-nss.diff and README.IRS from Emile Heitor + + +changes from 113 to 115 +----------------------- + +* fixed filter escaping +* call ldapssl_client_init() once only +* include db_185.h not db.h for dn2uid cache +* fixes for FreeBSD (IRS) support from Emile Heitor + + +changes from 110 to 113 +----------------------- + +* patch from Ben Collins to escape '*' in filters + + +changes from 109 to 110 +----------------------- + +* patch from Phlilip Liu for async binds + + +changes from 108 to 109 +----------------------- + +* omit socket check for -DSSL; it doesn't work +* updated CONTRIBUTORS +* updated README re HAVE_LDAP_LD_FREE + + +changes from 107 to 108 +----------------------- + +* included "deref" option in /etc/ldap.conf, compatible with OpenLDAP syntax. + Patch from Michael Mattice. + + +changes from 106.2 to 107 +------------------------- + +* fixed argument to _nss_ldap_getent() in ldap-ethers.c + + +changes from 106.1 to 106.2 +--------------------------- + +* if root, use rootbinddn/rootbindpw in rebind proc +* include objectClass in pwd required attributes + + +changes from 105 to 106.1 +------------------------- + +* if user is a shadowAccount, then don't return password in getpwent(), + getpwuid() or getpwnam() +* incorporated patch (from Doug Nazar): +* allow getgrent() to be called without setgrent(); note arguments to + _nss_ldap_getent() have changed. +* return NSS_NOTFOUND instead of NSS_UNAVAIL at the end of a search +* initialize len for getpeername() + + +changes from 104 to 105 +----------------------- + +* incorporated patch for deadlock under Solaris (from Dave Begley) + + +changes from 103 to 104 +----------------------- + +* new spec file + + +changes from 102 to 103 +----------------------- + +* don't call ldap_parse_result() with V2 API + + +changes from 101 to 102 +----------------------- + +* added defines for LDAP_MSG_ONE et al if not in ldap.h +* removed LDAP_MORE_RESULTS_TO_RETURN test + + +changes from 100 to 101 +----------------------- + +* fixed spec file + + +changes from 99 to 100 +---------------------- + +* support for asynchronous search API! +* added some contributors +* notes about ldap_ld_free() +* merged in ChangeLog + + +changes from 98 to 99 +--------------------- + +* added some netgroup implementation tips +* do_close_no_unbind() cleanup + + +changes from 97 to 98 +--------------------- + +* /etc/nss_ldap.secret -> /etc/ldap.secret (sorry, Doug!) +* deleted crypt-mechanism code. Junk. +* fixed call to _nss_ldap_read() after changing prototypes in nss_ldap-88 + + +changes from 96 to 97 +--------------------- + +* #ifndef HAVE_LDAP_LD_FREE, still call ldap_unbind(), but having closed the + descriptor. + + +changes from 95 to 96 +--------------------- + +* re-orged + + +changes from 94 to 95 +--------------------- + +* disable SO_KEEPALIVE on socket rather than blocking SIGPIPE. Need to figure + out the right way to do this. + + +changes from 93 to 94 +--------------------- + +* committed some changes for the parent/child close problem. It relies on + internal libldap APIs so it may be non-portable but should work with + OpenLDAP and Netscape client libraries, and perhaps most UMich- derived + client libraries. There's a possible workaround for client libraries without + this; undefine HAVE_LDAP_LD_FREE to test this. + + +changes from 92 to 93 +--------------------- + +* important fix: make sure return status is reset after do_open() == + NSS_SUCCESS, just in case no entries are returned. This bug was introduced + in nss_ldap-88 and could potentially cause a security hole. + + +changes from 91 to 92 +--------------------- + +* signal handling fix: don't restore handler unnecessarily. +* don't open nss_ldap.secret unless a root pw is specified in ldap.conf + + +changes from 90 to 91 +--------------------- + +* reorganized SIGPIPE blocking code +* added SSL support + + +changes from 89 to 90 +--------------------- + +* only reconnect if we've changed to/from root + + +changes from 88 to 89 +--------------------- + +* cleaned up a few things + + +changes from 87 to 88 +--------------------- + +* added breaks to switch in _nss_ldap_lookup (thanks to Nathan.Hawkins@FMR.COM + for pointing this out) +* save signal handler and ignore SIGPIPE for appropriate sections of do_open() + and confirm connection is still active (patch from rpatel@globix.com) +* allow root users to bind as a different user, to provide quasi-shadow + password support (patch from nazard@dragoninc.on.ca) +* under Linux, make Makefile look at last libc version (patch from + nazard@dragoninc.on.ca) +* never clobber nsswitch.ldap/ldap.conf when making install (patch from + nazard@dragoninc.on.ca) +* change do_open() to not unbind the parent ldap connection when the pid + changes but simply open a new connection (patch from nazard@dragoninc.on.ca) +* changed _nss_ldap_lookup() and _nss_ldap_read() prototypes to return + NSS_STATUS error codes, so that NSS_UNAVAIL percolates as appropriate. + + +changes from 86 to 87 +--------------------- + +* fixed looking up DN-membered groups by member. Thanks to Jeff Mandel for + spotting this hard to find bug. + + +changes from 85 to 86 +--------------------- + +* member for NDS vs uniqueMember (needs further investigation; -DNDS) + + +changes from 84 to 85 +--------------------- + +* check non-NULLity of userdn before freeing +* use AT(uid) for groupsbymember filter + + +changes from 81 to 84 +--------------------- + +* implemented _nss_ldap_initgroups() + + +changes from 80 to 81 +--------------------- + +* removed extraneous do_sleep() code +* updated spec file + + +changes from 2.79 to 80 +----------------------- + +* (really 2.80) changed version number a la Solaris 7! +* cleaned up schema stuff into ldap-schema.h + + +changes from 2.78 to 2.79 +------------------------- + +* implemented exponential backoff reconnect logic + + +changes from 2.76 to 2.78 +------------------------- + +* removed ldap.conf.ragenet from lineup +* removed spurious do_close() + + +changes from 2.75 to 2.76 +------------------------- + +* added -lresolv to Solaris makefiles + + +changes from 2.72 to 2.75 +------------------------- + +* incorporated RPM patches from stein@terminator.net + + +changes from 2.71 to 2.72 +------------------------- + +* implemented getgroupsbymember() for Solaris. Supplementary groups should be + initialized now. (NB: doesn't appear to be quite working for RFC2307bis + yet.) +* GNU indent-ified + + +changes from 2.70 to 2.71 +------------------------- + +* removed -DDEBUG as default build flag + + +changes from 2.69 to 2.70 +------------------------- + +* put /usr/ucblib back into linker search path for Solaris. + + +changes from 2.68 to 2.69 +------------------------- + +* added timeout, unavailable, and server busy conditions to rebind logic +* indent -gnu all source files + + +changes from 2.65 to 2.68 +------------------------- + +* mods for glibc 2.1 (__set_errno is obselete it seems) + + +changes from 2.64 to 2.65 +------------------------- + +* mods to compile with OpenLDAP 2 + + +changes from 2.63 to 2.64 +------------------------- + +* changed alias schema to Sun SDS nisMailAlias schema +* updated TODO list to reflect Bugzilla entries +* restored capitalization of attributes for "niceness" + + +changes from 2.62 to 2.63 +------------------------- + +* added patch from gero@faveve.uni-stuttgart.de for parsing of ldap.conf with + tabs +* some fixes for BSDI BSD/OS IRS + + +changes from 2.61 to 2.62 +------------------------- + +* added experimental support for DN-membered groups; to enable, define + RFC2307BIS +* fixed align bug (where buflen wasn't being decremented after pointer + alignment) + + +changes from 2.60 to 2.61 +------------------------- + +* added warning about compiling with DS 4.1 LDAP SDK + + +changes from 2.59 to 2.60 +------------------------- + +* fixed missing close brace + + +changes from 2.56 to 2.59 +------------------------- + +* pw_comment field defaults to pw_gecos (Solaris only) + + +changes from 2.55 to 2.56 +------------------------- + +* fixed Makefile.linux.mozilla NSSLIBVER + + +changes from 2.54.6 to 2.55 +--------------------------- + +* merged in glibc-2.1 branch + + +changes from 2.54.5 to 2.54.6 +----------------------------- + +* misc fixes. + + +changes from 2.54.4 to 2.54.5 +----------------------------- + +* misc fixes. + + +changes from 2.54.3 to 2.54.4 +----------------------------- + +* glibc-2.1 patches from bcollins@debian.org + + +changes from 2.51 to 2.54.3 +--------------------------- + +* glibc-2.1 support. (Recall #93) +* set erange correctly on Solaris (related to above) +* added rebind function + + +changes from 2.49 to 2.51 +------------------------- + +* added stuff for RC + + +changes from 2.47 to 2.49 +------------------------- + +* configuration file is now case insensitive + + +changes from 2.45 to 2.47 +------------------------- + +* RFC2052BIS (_ldap._tcp) support + + +changes from 2.44 to 2.45 +------------------------- + +* added #include to globals.c + + +changes from 2.42 to 2.44 +------------------------- + +* NULL search base allowed (omit basedn from config file) + + +changes from 2.39 to 2.42 +------------------------- + +* fixed potential crasher in dnsconfig.c +* LDAP session is now persistent for performance reasons. Removed references + to the session anywhere outside ldap-nss.c. The process ID is cached and the + session reopened after a fork(). + + +changes from 2.38 to 2.39 +------------------------- + +* fixed warning in ldap-ethers.c (removed const from struct ether) +* added ldap_version keyword to ldap.conf for parity with pam_ldap + + +changes from 2.37 to 2.38 +------------------------- + +* debugged ldap_explode_rdn() code +* added support for Mozilla LDAP client library; see Makefile.linux.mozilla + and ltf.c for more information. Thanks to Netscape for making their library + available. + + +changes from 2.36 to 2.37 +------------------------- + +* moved to CVS repository and Linux as development environment +* incorporated ldap-service.c fix from Greg + + +changes from 2.35 to 2.36 +------------------------- + +* util.c: will use ldap_explode_rdn() if it exists + + +changes from 2.34 to 2.35 +------------------------- + +* made util.c compile again. Silly me. + + +changes from 2.33 to 2.34 +------------------------- + +* fixed #endif in testpw.c +* fixed another DN freeing leak in util.c +* added RFC 2307 to distribution (fixed the two typos in it: +* fixed bug in ...getrdnvalue() (thanks, Greg) +* diff rfc2307.txt ~/rfc2307.txt +480c480 +< MUST ( cn $ ipProtocolNumber ) +--- +> MUST ( cn $ ipProtocolNumber $ description ) +1038c1038 +< lester:X5/DBrWPOQQaI:10:10:Lester:/home/lester:/bin/csh +--- +> lester:X5/DBrWPOQQaI:10:10:Lester:/home/lester:/bin/sh + + +changes from 2.32 to 2.33 +------------------------- + +* rolled in more patches from greg@rage.net: +* removed _r from setXXXent and endXXXent functions for GNU_NSS +* cleaned up testpw.c to use pthreads and protos +* fixed prototype for gethostbyaddr_r on GNU_NSS +* braced conditional in getservbyname_r +* merged in Makefile.linux and README.LINUX diffs +* added htons(port) in getservbyport_r +* added nsswitch.test +* added ldaptest.pl +* added ldap.conf.ragenet + + +changes from 2.31 to 2.32 +------------------------- + +* moved Makefile to Makefile.solaris +* cleaned up mutex code for Linux, hopefully + + +changes from 2.30 to 2.31 +------------------------- + +* fixed leak in util.c (need to free dn) +* rolled in patches from greg@rage.net: +* fixed ldap-ethers.c to use struct ether +* fixed bracing in ldap-hosts.c (?) +* added SSLEAY patch to ldap-nss.h +* fixed locking in ldap-nss.h +* Makefile changes incorporated into Makefile.linux + + +changes from 2.29e to 2.30 +-------------------------- + +* synced into DevMan repository again +* RFC 2307 is the one! + + +changes from 2.29d to 2.29e +--------------------------- + +* util.c: fixed memory leak (call to ldap_value_free()) + + +changes from 2.29c to 2.29d +--------------------------- + +* ldap-ethers.c: fixed to use HOSTNAME attribute + + +changes from 2.29b to 2.29c +--------------------------- + +* ieee8022Device -> ieee802Device + + +changes from 2.29a to 2.29b +--------------------------- + +* added ieee8022Device and bootableDevice classes, + at Sun's request. + + +changes from 2.29 to 2.29a +-------------------------- + +* dc -> cn + + +changes from 2.28 to 2.29 +------------------------- + +* changed host/network/ethers naming schema see the -02 draft revision for + more info + + +changes from 2.27 to 2.28 +------------------------- + +* ldap-pwd.c, ldap-spwd.c: fixed tmpbuf stuff. Yuck. + + +changes from 2.26 to 2.27 +------------------------- + +* ANNOUNCE: reflected draft-howard-nis-schema-01.txt +* ldap-spwd.c: default for shadow integer values is -1, not 0 and fixed + crasher (thanks to dj@gregor.com) + + +changes from 2.25 to 2.26 +------------------------- + +* globals.c: added offset stuff back for mapping errnumbers. Weird: this stuff + *was* in an earlier version of the work area. I have no idea where it went. + Scary. + + +changes from 2.24 to 2.25 +------------------------- + +* irs-nss.h: added prototype for irs_ldap_acc() +* ldap-*.[ch]: removed redundent PARSER macro +* unbroke for GNU NSS (context_key_t changed to context_handle_t) + + +changes from 2.23 to 2.24 +------------------------- + +* irs-nss.c: added dispatch table for IRS library +* testpw5.c: added additional test program +* ldap-nss.c: removed spurious debug statement +* ldap-nss.c, util.c, dnsconfig.c: cleaned up memory allocation for config. + (This could be improved, but there is no longer a static ldap_config_t + structure.) +* Makefile: general cleanup + + +changes from 2.22 to 2.23 +------------------------- + +* default destructor is now simply wrapped around by individual backend + destructors +* __EXTENSIONS__ defined for Solaris 2.6 to import strncasecmp() +* getbyname: fixed crasher in ldap-nss.c due to uninitialized variable +* ldap-parse.h, assorted others: tidied up resolver calls to use NSS_ARGS() + macro and not to interfere with the previous backend's status (bad thing!) +* ldap-service.c: cleaned up potential uninitialized var in parser +* ldap-nss.c: no valued arrays are now { NULL } instead of NULL. + + +changes from 2.21 to 2.22 +------------------------- + +* testpw.c: XXX problem. dies with segfault, but gdb doesn't give me enough + information; it's definitely within nss_ldap.so though. I just can't see the + symbols. (Maybe dbx would be better...) However, testpw doesn't work at + *all* under 2.5.1, and technically it shouldn't as it's not linked against + liblthread. I haven't been able to duplicate this with testpw2, which is the + same code linked with the thread library. +* backported to NeXT + + +changes from 2.20 to 2.21 +------------------------- + +* resolve.h: renamed functions so as to keep namespace clean +* snprintf.h: tidied up for systems which already have snprintf() and renamed + anyway to keep namespace clean (_nss_ldap_snprintf) +* ldap-*.h: made character constants const to avoid nasty warnings +* globals.[ch]: as above +* README, TODO, ANNOUNCE: general documentation updates +* ldap-nss.c, et al: general work on Solaris 2.6 port, to get nscd working. + Lots of fiddling with the locking. +* Major architectural changes to Solaris NSS implementation. Thread specific + data is now stored in the backend, where it should be: just like it is in + IRS. Locking is a little more coarse now, but it will do for the moment. +* Paul Henson's DCE module gave me the inspiration to do the backend stuff the + "right" way -- thanks, Paul! +* As a result, a lot of the bugs listed in TODO have mysteriously fixed + themselves. :-) + + +changes from 2.19 to 2.20 +------------------------- + +* Makefile.*: ensured resolve.[ch] and dnsconfig.[ch] were there. +* Makefile: should link now with gcc -shared instead of requiring cc. + + +changes from 2.18 to 2.19 +------------------------- + +* testpw4.c: added irs hostbyname() test +* Makefile: added correct flags to build position indepdenent code with Sun's + compiler (thanks, Bill). Added SRV sources. +* testpw.c: works under NeXT, cleaned up a bit. +* ldap.conf: documented what this file does +* util.c: ignore blank lines in ldap.conf properly +* resolve.h: fixed up for Solaris + + +changes from 2.17 to 2.18 +------------------------- + +* ldap-network.c: fixed infinite loop in getnetbyname() +* util.c: goto out causes a compiler warning under Solaris. Documented this. + Should fix this, I suppose, but we need to break out of two blocks. (We + could remove the code that handles multivalued DNs, as it's fairly unlikely + that someone will use a DN of o=Xedoc+dc=xedoc,c=US+dc=com, but who knows?) +* ldap-ethers.c: line 215, result was not assigned to an lvalue (should have + been args->status, not args). Fixed. + + +changes from 2.16 to 2.17 +------------------------- + +* Cleaned up documentation and testpw4.c +* dnsconfig.c: Fixed strtok() bug which was clobbering domain + + +changes from 2.15 to 2.16 +------------------------- + +* util.c (_nss_ldap_readconfig) fixed strtok() typo + + +changes from 2.2 to 2.15 +------------------------ + +* dnsconfig.c: got DNS SRV support working under NEXTSTEP +* util.c: (_nss_ldap_getdomainname) made host and network DN parsing compliant + with current draft + + +changes from 2.1 to 2.2 +----------------------- + +* I'll get around to merging in the RCS log here one day. Nothing very + exciting happened, I just backported the code to NEXTSTEP and compiled it. diff --git a/README b/README new file mode 100644 index 0000000..f496de3 --- /dev/null +++ b/README @@ -0,0 +1,406 @@ + nss-pam-ldapd - NSS and PAM libraries for name lookups and authentication + using LDAP + + nss-pam-ldapd started as nss-ldapd which was a fork from nss_ldap which was + originally written by Luke Howard of PADL Software Pty Ltd. + + In 2006 Arthur de Jong of West Consuling forked the library to split it + into a thin NSS part and a server part. Most of the code was rewritten. + + The software was renamed to nss-pam-ldapd when PAM code contributed by + Howard Chu for the OpenLDAP nssov module was integrated. Solaris + compatibility was developed by Ted C. Cheng of Symas Corporation. + + https://arthurdejong.org/nss-pam-ldapd/ + + Copyright (C) 1997-2006 Luke Howard + Copyright (C) 2006-2007 West Consulting + Copyright (C) 2006-2018 Arthur de Jong + Copyright (C) 2009 Howard Chu + Copyright (C) 2010 Symas Corporation + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA + + +INTRODUCTION +============ + +This is the nss-pam-ldapd library which consists of an NSS module to do name +lookups to an LDAP directory server and a PAM module to do authentication to +an LDAP server. The NSS part of this library was forked from nss_ldap as +provided by Luke Howard of PADL Software Pty Ltd. The PAM module was mostly +provided by Howard Chu of the OpenLDAP project. + +The NSS library allows distributing account, group, host and other +configuration information from a central LDAP server. Because LDAP is a +hierarchical directory service, information can be organised in a manner which +reflects an organisational structure. This contrasts with the flat, single +domain policy of NIS. LDAP has many of the advantages of NIS+ (security and +scalability) without the complexity. The system will work alongside your +existing NIS, NIS+, DNS and flat file name services. + +The PAM library (module) can be used to perform authentication based on +information inside the LDAP directory. + +Both libraries consist of a thin NSS or PAM part that proxies the requests to +a local daemon (nslcd) that handles the LDAP lookups. This simplifies the +software architecture and fixes some scalability and locking problems in the +original design of nss_ldap. + +It is also possible to use the thin NSS and PAM modules together with the +nssov overlay in the OpenLDAP server (slapd). + +The three parts (NSS module, PAM module, and nslcd server) can be built +separately and are not strongly tied together. This means that for instance +you can still use pam_ldap and use the NSS module from nss-pam-ldapd or use an +alternative implementation of nslcd (for instance with the nssov slapd overlay +or the pynslcd implementation). + +improvements over nss_ldap +-------------------------- + +The fork from nss_ldap was done to implement some major design changes to fix +some structural problems in the library. + +One of those problems were host name lookups through LDAP which could cause +deadlocks. Another is that nss_ldap loaded an SSL library into executables +that may not be designed to load it (e.g. problem with suid applications). + +A number of refactoring steps were done to simplify the code and improve +maintainability. Legacy code was removed and support for non-Linux operating +systems was initially removed to make the code more readable. Portability was +re-added using compatibility wrappers. + +The most practical improvements over nss_ldap are: +- the LDAP library is not loaded for every process doing LDAP lookups +- the number of connections to the LDAP server is limited, because not every + process will open its own connection +- hostname lookups should now be deadlock-free because the LDAP server name is + no longer looked up using the ldap method +- avoid problems with TLS connections in suid binaries and other process-local + configuration +- it is easier to debug because logging in nslcd can be enabled without + the need to restart all processes doing name lookups +- unavailability timeouts are global instead of per-process + +comparison to pam_ldap +---------------------- + +The PAM module that is currently implemented contains functionality for +authentication, account management, password management and session +management. The nslcd daemon currently implements authentication, +authorisation and password modification. The OpenLDAP nssov overlay also +implements session functionality. + +supported C libraries (for NSS module) +-------------------------------------- + +This library currently supports the GNU C Library, the Solaris C library and +the FreeBSD C library. + +supported name databases +------------------------ + +Currently the following name databases are supported: + + aliases, ethers, group, hosts, netgroup, networks, passwd, protocols, rpc, + services and shadow + +When using IPv6 ipHostNumber attributes, the address in LDAP must be in the +preferred form as defined in section 2.2 of RFC1884, specifically the format +as returned by inet_ntop(3). All leading zeros should be omitted and the +longest range of zeroes should be replaced with :: (e.g. +fe80::218:bff:fe55:c9f). + +MAC addresses in the macAddress attribute should be in maximal, colon +separated hex notation (e.g. 00:00:92:90:ee:e2). + +automounter map lookups (which are also defined in /etc/nsswitch.conf) are +currently not supported because the NSS interface is not used for these. The +common autofs implementation (on GNU/Linux) currently uses its own method for +getting the maps from LDAP. + +Although mail aliases are exposed through NSS, most mail servers parse +/etc/aliases themselves (bypassing NSS) and getting aliases from LDAP requires +some configuration in the mail server. + +The publickey, bootparams and netmasks are currently unsupported. Some +investigation should be done if these are needed for anything, which +interfaces should be exported and how the LDAP schema part should look like. + +supported PAM implementation +---------------------------- + +The PAM module is currently only regularly tested on Linux PAM but other PAM +implementations should also work. + +supported LDAP libraries +------------------------ + +The current version of nss-pam-ldapd has been developed with OpenLDAP 2.4 but +other LDAP libraries and older versions of OpenLDAP may also work. + +unsupported features +-------------------- + +Since nss-pam-ldapd was forked from nss_ldap most of the features that came +with nss_ldap are available. The most important differences: +- the configuration file formats are not fully compatible +- rootbinddn/rootbindpw support is removed and is not likely to return + (the rootpwmoddn and rootpwmodpw work differently but accomplish the same + thing) + +For the PAM module some functionality is missing. Comparing it to pam_ldap: +- only BIND authentication is supported +- only LDAP password modify EXOP is supported as password changing mechanism + +Some things work a little different in nss-pam-ldapd. For instance the +attribute defaults and overrides of nss_ldap are implemented with mapping +expressions and pam_ldap's pam_check_*_attr options can be implemented with +the pam_authz_search option. + + +INSTALLATION +============ + +The nss-pam-ldapd library uses autoconf and automake for building. Installing +nss-pam-ldapd should be as simple as: + + % ./configure + % make + % make install + +It is a good idea to first go through the options of configure by running: + + % ./configure --help + +The last step (make install) should install the libnss_ldap.so.* and +pam_ldap.so files and the daemon (nslcd). The proper location of the NSS and +PAM modules are guessed. The boot process needs to be modified to start the +nslcd daemon at the right time. + +It is recommended to create a dedicated user for the nslcd daemon. Configure +this user in /etc/nslcd.conf using the uid and gid options. + + +CONFIGURATION +============= + +After installation, the name service switch configuration file +(/etc/nsswitch.conf) needs to be modified to do name lookups using the new +module. This consist mostly of adding ldap in the list of lookup methods in +the right place. See the nsswitch.conf(5) manual page for details on the +format. As an example the file could look a little like this: + + # the following contain normal unix user and group information + passwd: files ldap + group: files ldap + shadow: files ldap + + # hostname lookups through ldap before dns should work now + hosts: files ldap dns + networks: files ldap + + # normal flat-file definitions + protocols: files ldap + services: files ldap + ethers: files ldap + rpc: files ldap + netgroup: ldap + + # whether alias lookups really use NSS depends on the mail server + aliases: files ldap + +Configuring PAM differs a little from platform to platform but this is a +minimal set-up for files under /etc/pam.d: + + auth sufficient pam_unix.so + auth sufficient pam_ldap.so use_first_pass + auth required pam_deny.so + + account required pam_unix.so + account sufficient pam_ldap.so + account required pam_permit.so + + session required pam_unix.so + session optional pam_ldap.so + + password sufficient pam_unix.so nullok md5 shadow use_authtok + password sufficient pam_ldap.so try_first_pass + password required pam_deny.so + +Lastly, a configuration file for nslcd (by default /etc/nslcd.conf) needs to +be made. See the shipped manual page for details on the format and options. It +should at the very least contain something like: + + # the location of LDAP server + uri ldap://localhost/ + + # search base for all queries. + base dc=example,dc=net + +service discovery through DNS +----------------------------- + +nss-pam-ldapd supports looking up LDAP server names through DNS SRV records as +specified in RFC 2782. However, Priority and Weight are not considered +separately and a single list of servers in added as if they had been specified +with uri options in the configuration file. + +To use this feature specify DNS as an uri in the configuration file and +include something like the following in your zone: + + _ldap._tcp SRV 10 0 389 ldapserver + + +LDAP SCHEMA +=========== + +nss-pam-ldapd supports a wide range of possible LDAP schema configurations and +it can be customized heavily. The LDAP schema used is described in RFC 2307. +Groups using the member attribute that hold distinguished names (RFC 2307bis) +are also supported (but see group membership below for more information). + +default attributes +------------------ + +This paragraph describes the mapping between the NSS lookups and the LDAP +database. The mapping may be modified by changing the nslcd.conf configuration +file. See the nslcd.conf(5) manual page for details. + +aliases (objectClass=nisMailAlias) + cn - alias name + rfc822MailMember - members of the alias (recipients) +ethers (objectClass=ieee802Device) + cn - host name + macAddress - ethernet address +group (objectClass=posixGroup) + cn - group name + userPassword - password (by default mapped to "*") + gidNumber - gid + memberUid - members (user names) + member - members (DN values) +hosts (objectClass=ipHost) + cn - host name (and aliases) + ipHostNumber - addresses +netgroup (objectClass=nisNetgroup) + cn - netgroup name + nisNetgroupTriple - triplets describing netgroup entries + memberNisNetgroup - reference to other netgroup +networks (objectClass=ipNetwork) + cn - network name + ipNetworkNumber - network address +passwd (objectClass=posixAccount) + uid - account name + userPassword - password (by default mapped to "*") + uidNumber - uid + gidNumber - gid + gecos - gecos + homeDirectory - home directory + loginShell - shell +protocols (objectClass=ipProtocol) + cn - protocol name + ipProtocolNumber - protocol number +rpc (oncRpc) + cn - rpc name + oncRpcNumber - rpc number +services (objectClass=ipService) + cn - service name + ipServicePort - service port + ipServiceProtocol - service protocol +shadow (objectClass=shadowAccount) + uid - use name + userPassword - password + shadowLastChange - date of last password change + shadowMin - days before password may be changed again + shadowMax - days after which password must be changed + shadowWarning - days before max password age to present a warning + shadowInactive - days after max password age that account is disabled + shadowExpire - account expiration date + shadowFlag - reserved field + +using Microsoft Active Directory +-------------------------------- + +When using Microsoft Active Directory server some changes need to be made to +the nslcd.conf configuration file. The included sample configuration file has +some commented out attribute mappings for such a set-up. + +group membership +---------------- + +Currently, two ways of specifying group membership are supported. The first, +by using the memberUid attribute, is the simplest and by far the fastest +(takes the least number of lookups). The attribute values are user names (same +as the uid attribute for posixAccount entries) and are returned without +further processing. + +The second method is to use DN values in the member attribute (attribute names +can be changed by using the attribute mapping options as described in the +manual page). This is potentially a lot slower because in the worst case every +DN has to be looked up in the LDAP server to find the proper value for the uid +attribute. + +If the LDAP server supports the deref control (provided by the deref overlay +in OpenLDAP) the DN to uid expansing is performed by the LDAP server. + +If the DN value already contains a uid value (e.g. uid=arthur, dc=example, +dc=com) a further lookup is skipped and the uid value from the DN is used. + +For other DN values an extra lookup is performed to expand it to a uid. These +lookups are cached and are configurable with the cache dn2uid configuration +option. + +The member attribute may also contain the DN of another group entry. These +nested groups are parsed recursively depending on the nss_nested_groups +option. + +Currently, the memberOf attribute in posixAccount entries is unsupported. + +case sensitivity +---------------- + +Most values in NSS databases are considered case-sensitive (e.g. the user +"Foo" is a different user from the user "foo"). Most values in an LDAP +database are however considered case-insensitive. nss-pam-ldapd tries to solve +this problem by adding an extra filtering layer to ensure that when looking +for the user "foo" it will not consider a user "Foo" that is found in LDAP. + +For the group, netgroup, passwd, protocols, rpc, services and shadow maps the +matches will be checked case-sensitively and for aliases, ethers, hosts and +networks matches will be case-insensitive (this seems to be what Glibc is +doing currently in flat files). Only searching for groups by user is done +case-insensitive. In all cases the case-use in the LDAP directory is returned. + +This behaviour can be disabled with the ignorecase configuration option but +may be a security risk. + +Note that having entries that only differ in case is a bad idea and will +likely get you in trouble. One example of such a problem is that the DN +uid=test,dc=example,dc=com is considered the same in LDAP as +uid=TEST,dc=example,dc=com. + + +REPORTING BUGS +============== + +If you find any bugs or missing features please send email to + nss-pam-ldapd-users@lists.arthurdejong.org +If you are using a packaged version of nss-pam-ldapd you are encouraged to use +the distributor's bug tracking system. Please include as much information as +possible (platform, output of configure if compilation fails, error messages, +output of nslcd -d, etc). Patches are more than welcome (also see the file +HACKING). diff --git a/TODO b/TODO new file mode 100644 index 0000000..b7984d6 --- /dev/null +++ b/TODO @@ -0,0 +1,21 @@ +* write more unit tests +* add sanity checking code (e.g. not too large buffer allocation and checking + that host, user, etc do not contain funky characters) in all server modules +* log some statistics: "passwd=100 shadow=10 host=20 rpc=10" (10 req/minute) +* add an option to create an extra socket somewhere (so it may be used in + chroot jails) +* make I/O timeout between NSS lib and daemon configurable with configure +* protocols/rpc: the description attribute should be used as an alias? +* maybe rate-limit LDAP entry warnings +* handle repeated calls to getent() better + (see http://bugzilla.padl.com/show_bug.cgi?id=376) +* make it possible to start nslcd real early in the boot process and have + it become available when it determines it can (other timeout/retry mechanism + on startup) +* implement other services in nslcd: sudo and autofs are candidates +* complete pynslcd implementation +* implement chfn functionality in nslcd and make chfn.ldap binary +* add a max uid option for PAM module +* support changing Samba password attributes on password change +* while running NSS tests, check if nscd isn't running +* implement keepalives on the LDAP connection diff --git a/aclocal.m4 b/aclocal.m4 new file mode 100644 index 0000000..b2f75aa --- /dev/null +++ b/aclocal.m4 @@ -0,0 +1,1487 @@ +# generated automatically by aclocal 1.15.1 -*- Autoconf -*- + +# Copyright (C) 1996-2017 Free Software Foundation, Inc. + +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +m4_ifndef([AC_CONFIG_MACRO_DIRS], [m4_defun([_AM_CONFIG_MACRO_DIRS], [])m4_defun([AC_CONFIG_MACRO_DIRS], [_AM_CONFIG_MACRO_DIRS($@)])]) +m4_ifndef([AC_AUTOCONF_VERSION], + [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl +m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.69],, +[m4_warning([this file was generated for autoconf 2.69. +You have another version of autoconf. It may work, but is not guaranteed to. +If you have problems, you may need to regenerate the build system entirely. +To do so, use the procedure documented by the package, typically 'autoreconf'.])]) + +# Copyright (C) 2002-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_AUTOMAKE_VERSION(VERSION) +# ---------------------------- +# Automake X.Y traces this macro to ensure aclocal.m4 has been +# generated from the m4 files accompanying Automake X.Y. +# (This private macro should not be called outside this file.) +AC_DEFUN([AM_AUTOMAKE_VERSION], +[am__api_version='1.15' +dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to +dnl require some minimum version. Point them to the right macro. +m4_if([$1], [1.15.1], [], + [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl +]) + +# _AM_AUTOCONF_VERSION(VERSION) +# ----------------------------- +# aclocal traces this macro to find the Autoconf version. +# This is a private macro too. Using m4_define simplifies +# the logic in aclocal, which can simply ignore this definition. +m4_define([_AM_AUTOCONF_VERSION], []) + +# AM_SET_CURRENT_AUTOMAKE_VERSION +# ------------------------------- +# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. +# This function is AC_REQUIREd by AM_INIT_AUTOMAKE. +AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], +[AM_AUTOMAKE_VERSION([1.15.1])dnl +m4_ifndef([AC_AUTOCONF_VERSION], + [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl +_AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) + +# Copyright (C) 2011-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_PROG_AR([ACT-IF-FAIL]) +# ------------------------- +# Try to determine the archiver interface, and trigger the ar-lib wrapper +# if it is needed. If the detection of archiver interface fails, run +# ACT-IF-FAIL (default is to abort configure with a proper error message). +AC_DEFUN([AM_PROG_AR], +[AC_BEFORE([$0], [LT_INIT])dnl +AC_BEFORE([$0], [AC_PROG_LIBTOOL])dnl +AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl +AC_REQUIRE_AUX_FILE([ar-lib])dnl +AC_CHECK_TOOLS([AR], [ar lib "link -lib"], [false]) +: ${AR=ar} + +AC_CACHE_CHECK([the archiver ($AR) interface], [am_cv_ar_interface], + [AC_LANG_PUSH([C]) + am_cv_ar_interface=ar + AC_COMPILE_IFELSE([AC_LANG_SOURCE([[int some_variable = 0;]])], + [am_ar_try='$AR cru libconftest.a conftest.$ac_objext >&AS_MESSAGE_LOG_FD' + AC_TRY_EVAL([am_ar_try]) + if test "$ac_status" -eq 0; then + am_cv_ar_interface=ar + else + am_ar_try='$AR -NOLOGO -OUT:conftest.lib conftest.$ac_objext >&AS_MESSAGE_LOG_FD' + AC_TRY_EVAL([am_ar_try]) + if test "$ac_status" -eq 0; then + am_cv_ar_interface=lib + else + am_cv_ar_interface=unknown + fi + fi + rm -f conftest.lib libconftest.a + ]) + AC_LANG_POP([C])]) + +case $am_cv_ar_interface in +ar) + ;; +lib) + # Microsoft lib, so override with the ar-lib wrapper script. + # FIXME: It is wrong to rewrite AR. + # But if we don't then we get into trouble of one sort or another. + # A longer-term fix would be to have automake use am__AR in this case, + # and then we could set am__AR="$am_aux_dir/ar-lib \$(AR)" or something + # similar. + AR="$am_aux_dir/ar-lib $AR" + ;; +unknown) + m4_default([$1], + [AC_MSG_ERROR([could not determine $AR interface])]) + ;; +esac +AC_SUBST([AR])dnl +]) + +# AM_AUX_DIR_EXPAND -*- Autoconf -*- + +# Copyright (C) 2001-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets +# $ac_aux_dir to '$srcdir/foo'. In other projects, it is set to +# '$srcdir', '$srcdir/..', or '$srcdir/../..'. +# +# Of course, Automake must honor this variable whenever it calls a +# tool from the auxiliary directory. The problem is that $srcdir (and +# therefore $ac_aux_dir as well) can be either absolute or relative, +# depending on how configure is run. This is pretty annoying, since +# it makes $ac_aux_dir quite unusable in subdirectories: in the top +# source directory, any form will work fine, but in subdirectories a +# relative path needs to be adjusted first. +# +# $ac_aux_dir/missing +# fails when called from a subdirectory if $ac_aux_dir is relative +# $top_srcdir/$ac_aux_dir/missing +# fails if $ac_aux_dir is absolute, +# fails when called from a subdirectory in a VPATH build with +# a relative $ac_aux_dir +# +# The reason of the latter failure is that $top_srcdir and $ac_aux_dir +# are both prefixed by $srcdir. In an in-source build this is usually +# harmless because $srcdir is '.', but things will broke when you +# start a VPATH build or use an absolute $srcdir. +# +# So we could use something similar to $top_srcdir/$ac_aux_dir/missing, +# iff we strip the leading $srcdir from $ac_aux_dir. That would be: +# am_aux_dir='\$(top_srcdir)/'`expr "$ac_aux_dir" : "$srcdir//*\(.*\)"` +# and then we would define $MISSING as +# MISSING="\${SHELL} $am_aux_dir/missing" +# This will work as long as MISSING is not called from configure, because +# unfortunately $(top_srcdir) has no meaning in configure. +# However there are other variables, like CC, which are often used in +# configure, and could therefore not use this "fixed" $ac_aux_dir. +# +# Another solution, used here, is to always expand $ac_aux_dir to an +# absolute PATH. The drawback is that using absolute paths prevent a +# configured tree to be moved without reconfiguration. + +AC_DEFUN([AM_AUX_DIR_EXPAND], +[AC_REQUIRE([AC_CONFIG_AUX_DIR_DEFAULT])dnl +# Expand $ac_aux_dir to an absolute path. +am_aux_dir=`cd "$ac_aux_dir" && pwd` +]) + +# AM_CONDITIONAL -*- Autoconf -*- + +# Copyright (C) 1997-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_CONDITIONAL(NAME, SHELL-CONDITION) +# ------------------------------------- +# Define a conditional. +AC_DEFUN([AM_CONDITIONAL], +[AC_PREREQ([2.52])dnl + m4_if([$1], [TRUE], [AC_FATAL([$0: invalid condition: $1])], + [$1], [FALSE], [AC_FATAL([$0: invalid condition: $1])])dnl +AC_SUBST([$1_TRUE])dnl +AC_SUBST([$1_FALSE])dnl +_AM_SUBST_NOTMAKE([$1_TRUE])dnl +_AM_SUBST_NOTMAKE([$1_FALSE])dnl +m4_define([_AM_COND_VALUE_$1], [$2])dnl +if $2; then + $1_TRUE= + $1_FALSE='#' +else + $1_TRUE='#' + $1_FALSE= +fi +AC_CONFIG_COMMANDS_PRE( +[if test -z "${$1_TRUE}" && test -z "${$1_FALSE}"; then + AC_MSG_ERROR([[conditional "$1" was never defined. +Usually this means the macro was only invoked conditionally.]]) +fi])]) + +# Copyright (C) 1999-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + + +# There are a few dirty hacks below to avoid letting 'AC_PROG_CC' be +# written in clear, in which case automake, when reading aclocal.m4, +# will think it sees a *use*, and therefore will trigger all it's +# C support machinery. Also note that it means that autoscan, seeing +# CC etc. in the Makefile, will ask for an AC_PROG_CC use... + + +# _AM_DEPENDENCIES(NAME) +# ---------------------- +# See how the compiler implements dependency checking. +# NAME is "CC", "CXX", "OBJC", "OBJCXX", "UPC", or "GJC". +# We try a few techniques and use that to set a single cache variable. +# +# We don't AC_REQUIRE the corresponding AC_PROG_CC since the latter was +# modified to invoke _AM_DEPENDENCIES(CC); we would have a circular +# dependency, and given that the user is not expected to run this macro, +# just rely on AC_PROG_CC. +AC_DEFUN([_AM_DEPENDENCIES], +[AC_REQUIRE([AM_SET_DEPDIR])dnl +AC_REQUIRE([AM_OUTPUT_DEPENDENCY_COMMANDS])dnl +AC_REQUIRE([AM_MAKE_INCLUDE])dnl +AC_REQUIRE([AM_DEP_TRACK])dnl + +m4_if([$1], [CC], [depcc="$CC" am_compiler_list=], + [$1], [CXX], [depcc="$CXX" am_compiler_list=], + [$1], [OBJC], [depcc="$OBJC" am_compiler_list='gcc3 gcc'], + [$1], [OBJCXX], [depcc="$OBJCXX" am_compiler_list='gcc3 gcc'], + [$1], [UPC], [depcc="$UPC" am_compiler_list=], + [$1], [GCJ], [depcc="$GCJ" am_compiler_list='gcc3 gcc'], + [depcc="$$1" am_compiler_list=]) + +AC_CACHE_CHECK([dependency style of $depcc], + [am_cv_$1_dependencies_compiler_type], +[if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then + # We make a subdir and do the tests there. Otherwise we can end up + # making bogus files that we don't know about and never remove. For + # instance it was reported that on HP-UX the gcc test will end up + # making a dummy file named 'D' -- because '-MD' means "put the output + # in D". + rm -rf conftest.dir + mkdir conftest.dir + # Copy depcomp to subdir because otherwise we won't find it if we're + # using a relative directory. + cp "$am_depcomp" conftest.dir + cd conftest.dir + # We will build objects and dependencies in a subdirectory because + # it helps to detect inapplicable dependency modes. For instance + # both Tru64's cc and ICC support -MD to output dependencies as a + # side effect of compilation, but ICC will put the dependencies in + # the current directory while Tru64 will put them in the object + # directory. + mkdir sub + + am_cv_$1_dependencies_compiler_type=none + if test "$am_compiler_list" = ""; then + am_compiler_list=`sed -n ['s/^#*\([a-zA-Z0-9]*\))$/\1/p'] < ./depcomp` + fi + am__universal=false + m4_case([$1], [CC], + [case " $depcc " in #( + *\ -arch\ *\ -arch\ *) am__universal=true ;; + esac], + [CXX], + [case " $depcc " in #( + *\ -arch\ *\ -arch\ *) am__universal=true ;; + esac]) + + for depmode in $am_compiler_list; do + # Setup a source with many dependencies, because some compilers + # like to wrap large dependency lists on column 80 (with \), and + # we should not choose a depcomp mode which is confused by this. + # + # We need to recreate these files for each test, as the compiler may + # overwrite some of them when testing with obscure command lines. + # This happens at least with the AIX C compiler. + : > sub/conftest.c + for i in 1 2 3 4 5 6; do + echo '#include "conftst'$i'.h"' >> sub/conftest.c + # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with + # Solaris 10 /bin/sh. + echo '/* dummy */' > sub/conftst$i.h + done + echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf + + # We check with '-c' and '-o' for the sake of the "dashmstdout" + # mode. It turns out that the SunPro C++ compiler does not properly + # handle '-M -o', and we need to detect this. Also, some Intel + # versions had trouble with output in subdirs. + am__obj=sub/conftest.${OBJEXT-o} + am__minus_obj="-o $am__obj" + case $depmode in + gcc) + # This depmode causes a compiler race in universal mode. + test "$am__universal" = false || continue + ;; + nosideeffect) + # After this tag, mechanisms are not by side-effect, so they'll + # only be used when explicitly requested. + if test "x$enable_dependency_tracking" = xyes; then + continue + else + break + fi + ;; + msvc7 | msvc7msys | msvisualcpp | msvcmsys) + # This compiler won't grok '-c -o', but also, the minuso test has + # not run yet. These depmodes are late enough in the game, and + # so weak that their functioning should not be impacted. + am__obj=conftest.${OBJEXT-o} + am__minus_obj= + ;; + none) break ;; + esac + if depmode=$depmode \ + source=sub/conftest.c object=$am__obj \ + depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ + $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ + >/dev/null 2>conftest.err && + grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && + grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && + grep $am__obj sub/conftest.Po > /dev/null 2>&1 && + ${MAKE-make} -s -f confmf > /dev/null 2>&1; then + # icc doesn't choke on unknown options, it will just issue warnings + # or remarks (even with -Werror). So we grep stderr for any message + # that says an option was ignored or not supported. + # When given -MP, icc 7.0 and 7.1 complain thusly: + # icc: Command line warning: ignoring option '-M'; no argument required + # The diagnosis changed in icc 8.0: + # icc: Command line remark: option '-MP' not supported + if (grep 'ignoring option' conftest.err || + grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else + am_cv_$1_dependencies_compiler_type=$depmode + break + fi + fi + done + + cd .. + rm -rf conftest.dir +else + am_cv_$1_dependencies_compiler_type=none +fi +]) +AC_SUBST([$1DEPMODE], [depmode=$am_cv_$1_dependencies_compiler_type]) +AM_CONDITIONAL([am__fastdep$1], [ + test "x$enable_dependency_tracking" != xno \ + && test "$am_cv_$1_dependencies_compiler_type" = gcc3]) +]) + + +# AM_SET_DEPDIR +# ------------- +# Choose a directory name for dependency files. +# This macro is AC_REQUIREd in _AM_DEPENDENCIES. +AC_DEFUN([AM_SET_DEPDIR], +[AC_REQUIRE([AM_SET_LEADING_DOT])dnl +AC_SUBST([DEPDIR], ["${am__leading_dot}deps"])dnl +]) + + +# AM_DEP_TRACK +# ------------ +AC_DEFUN([AM_DEP_TRACK], +[AC_ARG_ENABLE([dependency-tracking], [dnl +AS_HELP_STRING( + [--enable-dependency-tracking], + [do not reject slow dependency extractors]) +AS_HELP_STRING( + [--disable-dependency-tracking], + [speeds up one-time build])]) +if test "x$enable_dependency_tracking" != xno; then + am_depcomp="$ac_aux_dir/depcomp" + AMDEPBACKSLASH='\' + am__nodep='_no' +fi +AM_CONDITIONAL([AMDEP], [test "x$enable_dependency_tracking" != xno]) +AC_SUBST([AMDEPBACKSLASH])dnl +_AM_SUBST_NOTMAKE([AMDEPBACKSLASH])dnl +AC_SUBST([am__nodep])dnl +_AM_SUBST_NOTMAKE([am__nodep])dnl +]) + +# Generate code to set up dependency tracking. -*- Autoconf -*- + +# Copyright (C) 1999-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + + +# _AM_OUTPUT_DEPENDENCY_COMMANDS +# ------------------------------ +AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS], +[{ + # Older Autoconf quotes --file arguments for eval, but not when files + # are listed without --file. Let's play safe and only enable the eval + # if we detect the quoting. + case $CONFIG_FILES in + *\'*) eval set x "$CONFIG_FILES" ;; + *) set x $CONFIG_FILES ;; + esac + shift + for mf + do + # Strip MF so we end up with the name of the file. + mf=`echo "$mf" | sed -e 's/:.*$//'` + # Check whether this is an Automake generated Makefile or not. + # We used to match only the files named 'Makefile.in', but + # some people rename them; so instead we look at the file content. + # Grep'ing the first line is not enough: some people post-process + # each Makefile.in and add a new line on top of each file to say so. + # Grep'ing the whole file is not good either: AIX grep has a line + # limit of 2048, but all sed's we know have understand at least 4000. + if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then + dirpart=`AS_DIRNAME("$mf")` + else + continue + fi + # Extract the definition of DEPDIR, am__include, and am__quote + # from the Makefile without running 'make'. + DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` + test -z "$DEPDIR" && continue + am__include=`sed -n 's/^am__include = //p' < "$mf"` + test -z "$am__include" && continue + am__quote=`sed -n 's/^am__quote = //p' < "$mf"` + # Find all dependency output files, they are included files with + # $(DEPDIR) in their names. We invoke sed twice because it is the + # simplest approach to changing $(DEPDIR) to its actual value in the + # expansion. + for file in `sed -n " + s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ + sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g'`; do + # Make sure the directory exists. + test -f "$dirpart/$file" && continue + fdir=`AS_DIRNAME(["$file"])` + AS_MKDIR_P([$dirpart/$fdir]) + # echo "creating $dirpart/$file" + echo '# dummy' > "$dirpart/$file" + done + done +} +])# _AM_OUTPUT_DEPENDENCY_COMMANDS + + +# AM_OUTPUT_DEPENDENCY_COMMANDS +# ----------------------------- +# This macro should only be invoked once -- use via AC_REQUIRE. +# +# This code is only required when automatic dependency tracking +# is enabled. FIXME. This creates each '.P' file that we will +# need in order to bootstrap the dependency handling code. +AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS], +[AC_CONFIG_COMMANDS([depfiles], + [test x"$AMDEP_TRUE" != x"" || _AM_OUTPUT_DEPENDENCY_COMMANDS], + [AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir"]) +]) + +# Do all the work for Automake. -*- Autoconf -*- + +# Copyright (C) 1996-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This macro actually does too much. Some checks are only needed if +# your package does certain things. But this isn't really a big deal. + +dnl Redefine AC_PROG_CC to automatically invoke _AM_PROG_CC_C_O. +m4_define([AC_PROG_CC], +m4_defn([AC_PROG_CC]) +[_AM_PROG_CC_C_O +]) + +# AM_INIT_AUTOMAKE(PACKAGE, VERSION, [NO-DEFINE]) +# AM_INIT_AUTOMAKE([OPTIONS]) +# ----------------------------------------------- +# The call with PACKAGE and VERSION arguments is the old style +# call (pre autoconf-2.50), which is being phased out. PACKAGE +# and VERSION should now be passed to AC_INIT and removed from +# the call to AM_INIT_AUTOMAKE. +# We support both call styles for the transition. After +# the next Automake release, Autoconf can make the AC_INIT +# arguments mandatory, and then we can depend on a new Autoconf +# release and drop the old call support. +AC_DEFUN([AM_INIT_AUTOMAKE], +[AC_PREREQ([2.65])dnl +dnl Autoconf wants to disallow AM_ names. We explicitly allow +dnl the ones we care about. +m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl +AC_REQUIRE([AM_SET_CURRENT_AUTOMAKE_VERSION])dnl +AC_REQUIRE([AC_PROG_INSTALL])dnl +if test "`cd $srcdir && pwd`" != "`pwd`"; then + # Use -I$(srcdir) only when $(srcdir) != ., so that make's output + # is not polluted with repeated "-I." + AC_SUBST([am__isrc], [' -I$(srcdir)'])_AM_SUBST_NOTMAKE([am__isrc])dnl + # test to see if srcdir already configured + if test -f $srcdir/config.status; then + AC_MSG_ERROR([source directory already configured; run "make distclean" there first]) + fi +fi + +# test whether we have cygpath +if test -z "$CYGPATH_W"; then + if (cygpath --version) >/dev/null 2>/dev/null; then + CYGPATH_W='cygpath -w' + else + CYGPATH_W=echo + fi +fi +AC_SUBST([CYGPATH_W]) + +# Define the identity of the package. +dnl Distinguish between old-style and new-style calls. +m4_ifval([$2], +[AC_DIAGNOSE([obsolete], + [$0: two- and three-arguments forms are deprecated.]) +m4_ifval([$3], [_AM_SET_OPTION([no-define])])dnl + AC_SUBST([PACKAGE], [$1])dnl + AC_SUBST([VERSION], [$2])], +[_AM_SET_OPTIONS([$1])dnl +dnl Diagnose old-style AC_INIT with new-style AM_AUTOMAKE_INIT. +m4_if( + m4_ifdef([AC_PACKAGE_NAME], [ok]):m4_ifdef([AC_PACKAGE_VERSION], [ok]), + [ok:ok],, + [m4_fatal([AC_INIT should be called with package and version arguments])])dnl + AC_SUBST([PACKAGE], ['AC_PACKAGE_TARNAME'])dnl + AC_SUBST([VERSION], ['AC_PACKAGE_VERSION'])])dnl + +_AM_IF_OPTION([no-define],, +[AC_DEFINE_UNQUOTED([PACKAGE], ["$PACKAGE"], [Name of package]) + AC_DEFINE_UNQUOTED([VERSION], ["$VERSION"], [Version number of package])])dnl + +# Some tools Automake needs. +AC_REQUIRE([AM_SANITY_CHECK])dnl +AC_REQUIRE([AC_ARG_PROGRAM])dnl +AM_MISSING_PROG([ACLOCAL], [aclocal-${am__api_version}]) +AM_MISSING_PROG([AUTOCONF], [autoconf]) +AM_MISSING_PROG([AUTOMAKE], [automake-${am__api_version}]) +AM_MISSING_PROG([AUTOHEADER], [autoheader]) +AM_MISSING_PROG([MAKEINFO], [makeinfo]) +AC_REQUIRE([AM_PROG_INSTALL_SH])dnl +AC_REQUIRE([AM_PROG_INSTALL_STRIP])dnl +AC_REQUIRE([AC_PROG_MKDIR_P])dnl +# For better backward compatibility. To be removed once Automake 1.9.x +# dies out for good. For more background, see: +# +# +AC_SUBST([mkdir_p], ['$(MKDIR_P)']) +# We need awk for the "check" target (and possibly the TAP driver). The +# system "awk" is bad on some platforms. +AC_REQUIRE([AC_PROG_AWK])dnl +AC_REQUIRE([AC_PROG_MAKE_SET])dnl +AC_REQUIRE([AM_SET_LEADING_DOT])dnl +_AM_IF_OPTION([tar-ustar], [_AM_PROG_TAR([ustar])], + [_AM_IF_OPTION([tar-pax], [_AM_PROG_TAR([pax])], + [_AM_PROG_TAR([v7])])]) +_AM_IF_OPTION([no-dependencies],, +[AC_PROVIDE_IFELSE([AC_PROG_CC], + [_AM_DEPENDENCIES([CC])], + [m4_define([AC_PROG_CC], + m4_defn([AC_PROG_CC])[_AM_DEPENDENCIES([CC])])])dnl +AC_PROVIDE_IFELSE([AC_PROG_CXX], + [_AM_DEPENDENCIES([CXX])], + [m4_define([AC_PROG_CXX], + m4_defn([AC_PROG_CXX])[_AM_DEPENDENCIES([CXX])])])dnl +AC_PROVIDE_IFELSE([AC_PROG_OBJC], + [_AM_DEPENDENCIES([OBJC])], + [m4_define([AC_PROG_OBJC], + m4_defn([AC_PROG_OBJC])[_AM_DEPENDENCIES([OBJC])])])dnl +AC_PROVIDE_IFELSE([AC_PROG_OBJCXX], + [_AM_DEPENDENCIES([OBJCXX])], + [m4_define([AC_PROG_OBJCXX], + m4_defn([AC_PROG_OBJCXX])[_AM_DEPENDENCIES([OBJCXX])])])dnl +]) +AC_REQUIRE([AM_SILENT_RULES])dnl +dnl The testsuite driver may need to know about EXEEXT, so add the +dnl 'am__EXEEXT' conditional if _AM_COMPILER_EXEEXT was seen. This +dnl macro is hooked onto _AC_COMPILER_EXEEXT early, see below. +AC_CONFIG_COMMANDS_PRE(dnl +[m4_provide_if([_AM_COMPILER_EXEEXT], + [AM_CONDITIONAL([am__EXEEXT], [test -n "$EXEEXT"])])])dnl + +# POSIX will say in a future version that running "rm -f" with no argument +# is OK; and we want to be able to make that assumption in our Makefile +# recipes. So use an aggressive probe to check that the usage we want is +# actually supported "in the wild" to an acceptable degree. +# See automake bug#10828. +# To make any issue more visible, cause the running configure to be aborted +# by default if the 'rm' program in use doesn't match our expectations; the +# user can still override this though. +if rm -f && rm -fr && rm -rf; then : OK; else + cat >&2 <<'END' +Oops! + +Your 'rm' program seems unable to run without file operands specified +on the command line, even when the '-f' option is present. This is contrary +to the behaviour of most rm programs out there, and not conforming with +the upcoming POSIX standard: + +Please tell bug-automake@gnu.org about your system, including the value +of your $PATH and any error possibly output before this message. This +can help us improve future automake versions. + +END + if test x"$ACCEPT_INFERIOR_RM_PROGRAM" = x"yes"; then + echo 'Configuration will proceed anyway, since you have set the' >&2 + echo 'ACCEPT_INFERIOR_RM_PROGRAM variable to "yes"' >&2 + echo >&2 + else + cat >&2 <<'END' +Aborting the configuration process, to ensure you take notice of the issue. + +You can download and install GNU coreutils to get an 'rm' implementation +that behaves properly: . + +If you want to complete the configuration process using your problematic +'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM +to "yes", and re-run configure. + +END + AC_MSG_ERROR([Your 'rm' program is bad, sorry.]) + fi +fi +dnl The trailing newline in this macro's definition is deliberate, for +dnl backward compatibility and to allow trailing 'dnl'-style comments +dnl after the AM_INIT_AUTOMAKE invocation. See automake bug#16841. +]) + +dnl Hook into '_AC_COMPILER_EXEEXT' early to learn its expansion. Do not +dnl add the conditional right here, as _AC_COMPILER_EXEEXT may be further +dnl mangled by Autoconf and run in a shell conditional statement. +m4_define([_AC_COMPILER_EXEEXT], +m4_defn([_AC_COMPILER_EXEEXT])[m4_provide([_AM_COMPILER_EXEEXT])]) + +# When config.status generates a header, we must update the stamp-h file. +# This file resides in the same directory as the config header +# that is generated. The stamp files are numbered to have different names. + +# Autoconf calls _AC_AM_CONFIG_HEADER_HOOK (when defined) in the +# loop where config.status creates the headers, so we can generate +# our stamp files there. +AC_DEFUN([_AC_AM_CONFIG_HEADER_HOOK], +[# Compute $1's index in $config_headers. +_am_arg=$1 +_am_stamp_count=1 +for _am_header in $config_headers :; do + case $_am_header in + $_am_arg | $_am_arg:* ) + break ;; + * ) + _am_stamp_count=`expr $_am_stamp_count + 1` ;; + esac +done +echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count]) + +# Copyright (C) 2001-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_PROG_INSTALL_SH +# ------------------ +# Define $install_sh. +AC_DEFUN([AM_PROG_INSTALL_SH], +[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl +if test x"${install_sh+set}" != xset; then + case $am_aux_dir in + *\ * | *\ *) + install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;; + *) + install_sh="\${SHELL} $am_aux_dir/install-sh" + esac +fi +AC_SUBST([install_sh])]) + +# Copyright (C) 2003-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# Check whether the underlying file-system supports filenames +# with a leading dot. For instance MS-DOS doesn't. +AC_DEFUN([AM_SET_LEADING_DOT], +[rm -rf .tst 2>/dev/null +mkdir .tst 2>/dev/null +if test -d .tst; then + am__leading_dot=. +else + am__leading_dot=_ +fi +rmdir .tst 2>/dev/null +AC_SUBST([am__leading_dot])]) + +# Add --enable-maintainer-mode option to configure. -*- Autoconf -*- +# From Jim Meyering + +# Copyright (C) 1996-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_MAINTAINER_MODE([DEFAULT-MODE]) +# ---------------------------------- +# Control maintainer-specific portions of Makefiles. +# Default is to disable them, unless 'enable' is passed literally. +# For symmetry, 'disable' may be passed as well. Anyway, the user +# can override the default with the --enable/--disable switch. +AC_DEFUN([AM_MAINTAINER_MODE], +[m4_case(m4_default([$1], [disable]), + [enable], [m4_define([am_maintainer_other], [disable])], + [disable], [m4_define([am_maintainer_other], [enable])], + [m4_define([am_maintainer_other], [enable]) + m4_warn([syntax], [unexpected argument to AM@&t@_MAINTAINER_MODE: $1])]) +AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles]) + dnl maintainer-mode's default is 'disable' unless 'enable' is passed + AC_ARG_ENABLE([maintainer-mode], + [AS_HELP_STRING([--]am_maintainer_other[-maintainer-mode], + am_maintainer_other[ make rules and dependencies not useful + (and sometimes confusing) to the casual installer])], + [USE_MAINTAINER_MODE=$enableval], + [USE_MAINTAINER_MODE=]m4_if(am_maintainer_other, [enable], [no], [yes])) + AC_MSG_RESULT([$USE_MAINTAINER_MODE]) + AM_CONDITIONAL([MAINTAINER_MODE], [test $USE_MAINTAINER_MODE = yes]) + MAINT=$MAINTAINER_MODE_TRUE + AC_SUBST([MAINT])dnl +] +) + +# Check to see how 'make' treats includes. -*- Autoconf -*- + +# Copyright (C) 2001-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_MAKE_INCLUDE() +# ----------------- +# Check to see how make treats includes. +AC_DEFUN([AM_MAKE_INCLUDE], +[am_make=${MAKE-make} +cat > confinc << 'END' +am__doit: + @echo this is the am__doit target +.PHONY: am__doit +END +# If we don't find an include directive, just comment out the code. +AC_MSG_CHECKING([for style of include used by $am_make]) +am__include="#" +am__quote= +_am_result=none +# First try GNU make style include. +echo "include confinc" > confmf +# Ignore all kinds of additional output from 'make'. +case `$am_make -s -f confmf 2> /dev/null` in #( +*the\ am__doit\ target*) + am__include=include + am__quote= + _am_result=GNU + ;; +esac +# Now try BSD make style include. +if test "$am__include" = "#"; then + echo '.include "confinc"' > confmf + case `$am_make -s -f confmf 2> /dev/null` in #( + *the\ am__doit\ target*) + am__include=.include + am__quote="\"" + _am_result=BSD + ;; + esac +fi +AC_SUBST([am__include]) +AC_SUBST([am__quote]) +AC_MSG_RESULT([$_am_result]) +rm -f confinc confmf +]) + +# Fake the existence of programs that GNU maintainers use. -*- Autoconf -*- + +# Copyright (C) 1997-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_MISSING_PROG(NAME, PROGRAM) +# ------------------------------ +AC_DEFUN([AM_MISSING_PROG], +[AC_REQUIRE([AM_MISSING_HAS_RUN]) +$1=${$1-"${am_missing_run}$2"} +AC_SUBST($1)]) + +# AM_MISSING_HAS_RUN +# ------------------ +# Define MISSING if not defined so far and test if it is modern enough. +# If it is, set am_missing_run to use it, otherwise, to nothing. +AC_DEFUN([AM_MISSING_HAS_RUN], +[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl +AC_REQUIRE_AUX_FILE([missing])dnl +if test x"${MISSING+set}" != xset; then + case $am_aux_dir in + *\ * | *\ *) + MISSING="\${SHELL} \"$am_aux_dir/missing\"" ;; + *) + MISSING="\${SHELL} $am_aux_dir/missing" ;; + esac +fi +# Use eval to expand $SHELL +if eval "$MISSING --is-lightweight"; then + am_missing_run="$MISSING " +else + am_missing_run= + AC_MSG_WARN(['missing' script is too old or missing]) +fi +]) + +# Helper functions for option handling. -*- Autoconf -*- + +# Copyright (C) 2001-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# _AM_MANGLE_OPTION(NAME) +# ----------------------- +AC_DEFUN([_AM_MANGLE_OPTION], +[[_AM_OPTION_]m4_bpatsubst($1, [[^a-zA-Z0-9_]], [_])]) + +# _AM_SET_OPTION(NAME) +# -------------------- +# Set option NAME. Presently that only means defining a flag for this option. +AC_DEFUN([_AM_SET_OPTION], +[m4_define(_AM_MANGLE_OPTION([$1]), [1])]) + +# _AM_SET_OPTIONS(OPTIONS) +# ------------------------ +# OPTIONS is a space-separated list of Automake options. +AC_DEFUN([_AM_SET_OPTIONS], +[m4_foreach_w([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])]) + +# _AM_IF_OPTION(OPTION, IF-SET, [IF-NOT-SET]) +# ------------------------------------------- +# Execute IF-SET if OPTION is set, IF-NOT-SET otherwise. +AC_DEFUN([_AM_IF_OPTION], +[m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])]) + +# Copyright (C) 1999-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# _AM_PROG_CC_C_O +# --------------- +# Like AC_PROG_CC_C_O, but changed for automake. We rewrite AC_PROG_CC +# to automatically call this. +AC_DEFUN([_AM_PROG_CC_C_O], +[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl +AC_REQUIRE_AUX_FILE([compile])dnl +AC_LANG_PUSH([C])dnl +AC_CACHE_CHECK( + [whether $CC understands -c and -o together], + [am_cv_prog_cc_c_o], + [AC_LANG_CONFTEST([AC_LANG_PROGRAM([])]) + # Make sure it works both with $CC and with simple cc. + # Following AC_PROG_CC_C_O, we do the test twice because some + # compilers refuse to overwrite an existing .o file with -o, + # though they will create one. + am_cv_prog_cc_c_o=yes + for am_i in 1 2; do + if AM_RUN_LOG([$CC -c conftest.$ac_ext -o conftest2.$ac_objext]) \ + && test -f conftest2.$ac_objext; then + : OK + else + am_cv_prog_cc_c_o=no + break + fi + done + rm -f core conftest* + unset am_i]) +if test "$am_cv_prog_cc_c_o" != yes; then + # Losing compiler, so override with the script. + # FIXME: It is wrong to rewrite CC. + # But if we don't then we get into trouble of one sort or another. + # A longer-term fix would be to have automake use am__CC in this case, + # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" + CC="$am_aux_dir/compile $CC" +fi +AC_LANG_POP([C])]) + +# For backward compatibility. +AC_DEFUN_ONCE([AM_PROG_CC_C_O], [AC_REQUIRE([AC_PROG_CC])]) + +# Copyright (C) 1999-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + + +# AM_PATH_PYTHON([MINIMUM-VERSION], [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) +# --------------------------------------------------------------------------- +# Adds support for distributing Python modules and packages. To +# install modules, copy them to $(pythondir), using the python_PYTHON +# automake variable. To install a package with the same name as the +# automake package, install to $(pkgpythondir), or use the +# pkgpython_PYTHON automake variable. +# +# The variables $(pyexecdir) and $(pkgpyexecdir) are provided as +# locations to install python extension modules (shared libraries). +# Another macro is required to find the appropriate flags to compile +# extension modules. +# +# If your package is configured with a different prefix to python, +# users will have to add the install directory to the PYTHONPATH +# environment variable, or create a .pth file (see the python +# documentation for details). +# +# If the MINIMUM-VERSION argument is passed, AM_PATH_PYTHON will +# cause an error if the version of python installed on the system +# doesn't meet the requirement. MINIMUM-VERSION should consist of +# numbers and dots only. +AC_DEFUN([AM_PATH_PYTHON], + [ + dnl Find a Python interpreter. Python versions prior to 2.0 are not + dnl supported. (2.0 was released on October 16, 2000). + dnl FIXME: Remove the need to hard-code Python versions here. + m4_define_default([_AM_PYTHON_INTERPRETER_LIST], +[python python2 python3 python3.8 python3.7 python3.6 python3.5 python3.4 python3.3 python3.2 python3.1 python3.0 python2.7 dnl + python2.6 python2.5 python2.4 python2.3 python2.2 python2.1 python2.0]) + + AC_ARG_VAR([PYTHON], [the Python interpreter]) + + m4_if([$1],[],[ + dnl No version check is needed. + # Find any Python interpreter. + if test -z "$PYTHON"; then + AC_PATH_PROGS([PYTHON], _AM_PYTHON_INTERPRETER_LIST, :) + fi + am_display_PYTHON=python + ], [ + dnl A version check is needed. + if test -n "$PYTHON"; then + # If the user set $PYTHON, use it and don't search something else. + AC_MSG_CHECKING([whether $PYTHON version is >= $1]) + AM_PYTHON_CHECK_VERSION([$PYTHON], [$1], + [AC_MSG_RESULT([yes])], + [AC_MSG_RESULT([no]) + AC_MSG_ERROR([Python interpreter is too old])]) + am_display_PYTHON=$PYTHON + else + # Otherwise, try each interpreter until we find one that satisfies + # VERSION. + AC_CACHE_CHECK([for a Python interpreter with version >= $1], + [am_cv_pathless_PYTHON],[ + for am_cv_pathless_PYTHON in _AM_PYTHON_INTERPRETER_LIST none; do + test "$am_cv_pathless_PYTHON" = none && break + AM_PYTHON_CHECK_VERSION([$am_cv_pathless_PYTHON], [$1], [break]) + done]) + # Set $PYTHON to the absolute path of $am_cv_pathless_PYTHON. + if test "$am_cv_pathless_PYTHON" = none; then + PYTHON=: + else + AC_PATH_PROG([PYTHON], [$am_cv_pathless_PYTHON]) + fi + am_display_PYTHON=$am_cv_pathless_PYTHON + fi + ]) + + if test "$PYTHON" = :; then + dnl Run any user-specified action, or abort. + m4_default([$3], [AC_MSG_ERROR([no suitable Python interpreter found])]) + else + + dnl Query Python for its version number. Getting [:3] seems to be + dnl the best way to do this; it's what "site.py" does in the standard + dnl library. + + AC_CACHE_CHECK([for $am_display_PYTHON version], [am_cv_python_version], + [am_cv_python_version=`$PYTHON -c "import sys; sys.stdout.write(sys.version[[:3]])"`]) + AC_SUBST([PYTHON_VERSION], [$am_cv_python_version]) + + dnl Use the values of $prefix and $exec_prefix for the corresponding + dnl values of PYTHON_PREFIX and PYTHON_EXEC_PREFIX. These are made + dnl distinct variables so they can be overridden if need be. However, + dnl general consensus is that you shouldn't need this ability. + + AC_SUBST([PYTHON_PREFIX], ['${prefix}']) + AC_SUBST([PYTHON_EXEC_PREFIX], ['${exec_prefix}']) + + dnl At times (like when building shared libraries) you may want + dnl to know which OS platform Python thinks this is. + + AC_CACHE_CHECK([for $am_display_PYTHON platform], [am_cv_python_platform], + [am_cv_python_platform=`$PYTHON -c "import sys; sys.stdout.write(sys.platform)"`]) + AC_SUBST([PYTHON_PLATFORM], [$am_cv_python_platform]) + + # Just factor out some code duplication. + am_python_setup_sysconfig="\ +import sys +# Prefer sysconfig over distutils.sysconfig, for better compatibility +# with python 3.x. See automake bug#10227. +try: + import sysconfig +except ImportError: + can_use_sysconfig = 0 +else: + can_use_sysconfig = 1 +# Can't use sysconfig in CPython 2.7, since it's broken in virtualenvs: +# +try: + from platform import python_implementation + if python_implementation() == 'CPython' and sys.version[[:3]] == '2.7': + can_use_sysconfig = 0 +except ImportError: + pass" + + dnl Set up 4 directories: + + dnl pythondir -- where to install python scripts. This is the + dnl site-packages directory, not the python standard library + dnl directory like in previous automake betas. This behavior + dnl is more consistent with lispdir.m4 for example. + dnl Query distutils for this directory. + AC_CACHE_CHECK([for $am_display_PYTHON script directory], + [am_cv_python_pythondir], + [if test "x$prefix" = xNONE + then + am_py_prefix=$ac_default_prefix + else + am_py_prefix=$prefix + fi + am_cv_python_pythondir=`$PYTHON -c " +$am_python_setup_sysconfig +if can_use_sysconfig: + sitedir = sysconfig.get_path('purelib', vars={'base':'$am_py_prefix'}) +else: + from distutils import sysconfig + sitedir = sysconfig.get_python_lib(0, 0, prefix='$am_py_prefix') +sys.stdout.write(sitedir)"` + case $am_cv_python_pythondir in + $am_py_prefix*) + am__strip_prefix=`echo "$am_py_prefix" | sed 's|.|.|g'` + am_cv_python_pythondir=`echo "$am_cv_python_pythondir" | sed "s,^$am__strip_prefix,$PYTHON_PREFIX,"` + ;; + *) + case $am_py_prefix in + /usr|/System*) ;; + *) + am_cv_python_pythondir=$PYTHON_PREFIX/lib/python$PYTHON_VERSION/site-packages + ;; + esac + ;; + esac + ]) + AC_SUBST([pythondir], [$am_cv_python_pythondir]) + + dnl pkgpythondir -- $PACKAGE directory under pythondir. Was + dnl PYTHON_SITE_PACKAGE in previous betas, but this naming is + dnl more consistent with the rest of automake. + + AC_SUBST([pkgpythondir], [\${pythondir}/$PACKAGE]) + + dnl pyexecdir -- directory for installing python extension modules + dnl (shared libraries) + dnl Query distutils for this directory. + AC_CACHE_CHECK([for $am_display_PYTHON extension module directory], + [am_cv_python_pyexecdir], + [if test "x$exec_prefix" = xNONE + then + am_py_exec_prefix=$am_py_prefix + else + am_py_exec_prefix=$exec_prefix + fi + am_cv_python_pyexecdir=`$PYTHON -c " +$am_python_setup_sysconfig +if can_use_sysconfig: + sitedir = sysconfig.get_path('platlib', vars={'platbase':'$am_py_prefix'}) +else: + from distutils import sysconfig + sitedir = sysconfig.get_python_lib(1, 0, prefix='$am_py_prefix') +sys.stdout.write(sitedir)"` + case $am_cv_python_pyexecdir in + $am_py_exec_prefix*) + am__strip_prefix=`echo "$am_py_exec_prefix" | sed 's|.|.|g'` + am_cv_python_pyexecdir=`echo "$am_cv_python_pyexecdir" | sed "s,^$am__strip_prefix,$PYTHON_EXEC_PREFIX,"` + ;; + *) + case $am_py_exec_prefix in + /usr|/System*) ;; + *) + am_cv_python_pyexecdir=$PYTHON_EXEC_PREFIX/lib/python$PYTHON_VERSION/site-packages + ;; + esac + ;; + esac + ]) + AC_SUBST([pyexecdir], [$am_cv_python_pyexecdir]) + + dnl pkgpyexecdir -- $(pyexecdir)/$(PACKAGE) + + AC_SUBST([pkgpyexecdir], [\${pyexecdir}/$PACKAGE]) + + dnl Run any user-specified action. + $2 + fi + +]) + + +# AM_PYTHON_CHECK_VERSION(PROG, VERSION, [ACTION-IF-TRUE], [ACTION-IF-FALSE]) +# --------------------------------------------------------------------------- +# Run ACTION-IF-TRUE if the Python interpreter PROG has version >= VERSION. +# Run ACTION-IF-FALSE otherwise. +# This test uses sys.hexversion instead of the string equivalent (first +# word of sys.version), in order to cope with versions such as 2.2c1. +# This supports Python 2.0 or higher. (2.0 was released on October 16, 2000). +AC_DEFUN([AM_PYTHON_CHECK_VERSION], + [prog="import sys +# split strings by '.' and convert to numeric. Append some zeros +# because we need at least 4 digits for the hex conversion. +# map returns an iterator in Python 3.0 and a list in 2.x +minver = list(map(int, '$2'.split('.'))) + [[0, 0, 0]] +minverhex = 0 +# xrange is not present in Python 3.0 and range returns an iterator +for i in list(range(0, 4)): minverhex = (minverhex << 8) + minver[[i]] +sys.exit(sys.hexversion < minverhex)" + AS_IF([AM_RUN_LOG([$1 -c "$prog"])], [$3], [$4])]) + +# Copyright (C) 2001-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_RUN_LOG(COMMAND) +# ------------------- +# Run COMMAND, save the exit status in ac_status, and log it. +# (This has been adapted from Autoconf's _AC_RUN_LOG macro.) +AC_DEFUN([AM_RUN_LOG], +[{ echo "$as_me:$LINENO: $1" >&AS_MESSAGE_LOG_FD + ($1) >&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD + (exit $ac_status); }]) + +# Check to make sure that the build environment is sane. -*- Autoconf -*- + +# Copyright (C) 1996-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_SANITY_CHECK +# --------------- +AC_DEFUN([AM_SANITY_CHECK], +[AC_MSG_CHECKING([whether build environment is sane]) +# Reject unsafe characters in $srcdir or the absolute working directory +# name. Accept space and tab only in the latter. +am_lf=' +' +case `pwd` in + *[[\\\"\#\$\&\'\`$am_lf]]*) + AC_MSG_ERROR([unsafe absolute working directory name]);; +esac +case $srcdir in + *[[\\\"\#\$\&\'\`$am_lf\ \ ]]*) + AC_MSG_ERROR([unsafe srcdir value: '$srcdir']);; +esac + +# Do 'set' in a subshell so we don't clobber the current shell's +# arguments. Must try -L first in case configure is actually a +# symlink; some systems play weird games with the mod time of symlinks +# (eg FreeBSD returns the mod time of the symlink's containing +# directory). +if ( + am_has_slept=no + for am_try in 1 2; do + echo "timestamp, slept: $am_has_slept" > conftest.file + set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` + if test "$[*]" = "X"; then + # -L didn't work. + set X `ls -t "$srcdir/configure" conftest.file` + fi + if test "$[*]" != "X $srcdir/configure conftest.file" \ + && test "$[*]" != "X conftest.file $srcdir/configure"; then + + # If neither matched, then we have a broken ls. This can happen + # if, for instance, CONFIG_SHELL is bash and it inherits a + # broken ls alias from the environment. This has actually + # happened. Such a system could not be considered "sane". + AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken + alias in your environment]) + fi + if test "$[2]" = conftest.file || test $am_try -eq 2; then + break + fi + # Just in case. + sleep 1 + am_has_slept=yes + done + test "$[2]" = conftest.file + ) +then + # Ok. + : +else + AC_MSG_ERROR([newly created file is older than distributed files! +Check your system clock]) +fi +AC_MSG_RESULT([yes]) +# If we didn't sleep, we still need to ensure time stamps of config.status and +# generated files are strictly newer. +am_sleep_pid= +if grep 'slept: no' conftest.file >/dev/null 2>&1; then + ( sleep 1 ) & + am_sleep_pid=$! +fi +AC_CONFIG_COMMANDS_PRE( + [AC_MSG_CHECKING([that generated files are newer than configure]) + if test -n "$am_sleep_pid"; then + # Hide warnings about reused PIDs. + wait $am_sleep_pid 2>/dev/null + fi + AC_MSG_RESULT([done])]) +rm -f conftest.file +]) + +# Copyright (C) 2009-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_SILENT_RULES([DEFAULT]) +# -------------------------- +# Enable less verbose build rules; with the default set to DEFAULT +# ("yes" being less verbose, "no" or empty being verbose). +AC_DEFUN([AM_SILENT_RULES], +[AC_ARG_ENABLE([silent-rules], [dnl +AS_HELP_STRING( + [--enable-silent-rules], + [less verbose build output (undo: "make V=1")]) +AS_HELP_STRING( + [--disable-silent-rules], + [verbose build output (undo: "make V=0")])dnl +]) +case $enable_silent_rules in @%:@ ((( + yes) AM_DEFAULT_VERBOSITY=0;; + no) AM_DEFAULT_VERBOSITY=1;; + *) AM_DEFAULT_VERBOSITY=m4_if([$1], [yes], [0], [1]);; +esac +dnl +dnl A few 'make' implementations (e.g., NonStop OS and NextStep) +dnl do not support nested variable expansions. +dnl See automake bug#9928 and bug#10237. +am_make=${MAKE-make} +AC_CACHE_CHECK([whether $am_make supports nested variables], + [am_cv_make_support_nested_variables], + [if AS_ECHO([['TRUE=$(BAR$(V)) +BAR0=false +BAR1=true +V=1 +am__doit: + @$(TRUE) +.PHONY: am__doit']]) | $am_make -f - >/dev/null 2>&1; then + am_cv_make_support_nested_variables=yes +else + am_cv_make_support_nested_variables=no +fi]) +if test $am_cv_make_support_nested_variables = yes; then + dnl Using '$V' instead of '$(V)' breaks IRIX make. + AM_V='$(V)' + AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)' +else + AM_V=$AM_DEFAULT_VERBOSITY + AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY +fi +AC_SUBST([AM_V])dnl +AM_SUBST_NOTMAKE([AM_V])dnl +AC_SUBST([AM_DEFAULT_V])dnl +AM_SUBST_NOTMAKE([AM_DEFAULT_V])dnl +AC_SUBST([AM_DEFAULT_VERBOSITY])dnl +AM_BACKSLASH='\' +AC_SUBST([AM_BACKSLASH])dnl +_AM_SUBST_NOTMAKE([AM_BACKSLASH])dnl +]) + +# Copyright (C) 2001-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_PROG_INSTALL_STRIP +# --------------------- +# One issue with vendor 'install' (even GNU) is that you can't +# specify the program used to strip binaries. This is especially +# annoying in cross-compiling environments, where the build's strip +# is unlikely to handle the host's binaries. +# Fortunately install-sh will honor a STRIPPROG variable, so we +# always use install-sh in "make install-strip", and initialize +# STRIPPROG with the value of the STRIP variable (set by the user). +AC_DEFUN([AM_PROG_INSTALL_STRIP], +[AC_REQUIRE([AM_PROG_INSTALL_SH])dnl +# Installed binaries are usually stripped using 'strip' when the user +# run "make install-strip". However 'strip' might not be the right +# tool to use in cross-compilation environments, therefore Automake +# will honor the 'STRIP' environment variable to overrule this program. +dnl Don't test for $cross_compiling = yes, because it might be 'maybe'. +if test "$cross_compiling" != no; then + AC_CHECK_TOOL([STRIP], [strip], :) +fi +INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" +AC_SUBST([INSTALL_STRIP_PROGRAM])]) + +# Copyright (C) 2006-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# _AM_SUBST_NOTMAKE(VARIABLE) +# --------------------------- +# Prevent Automake from outputting VARIABLE = @VARIABLE@ in Makefile.in. +# This macro is traced by Automake. +AC_DEFUN([_AM_SUBST_NOTMAKE]) + +# AM_SUBST_NOTMAKE(VARIABLE) +# -------------------------- +# Public sister of _AM_SUBST_NOTMAKE. +AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)]) + +# Check how to create a tarball. -*- Autoconf -*- + +# Copyright (C) 2004-2017 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# _AM_PROG_TAR(FORMAT) +# -------------------- +# Check how to create a tarball in format FORMAT. +# FORMAT should be one of 'v7', 'ustar', or 'pax'. +# +# Substitute a variable $(am__tar) that is a command +# writing to stdout a FORMAT-tarball containing the directory +# $tardir. +# tardir=directory && $(am__tar) > result.tar +# +# Substitute a variable $(am__untar) that extract such +# a tarball read from stdin. +# $(am__untar) < result.tar +# +AC_DEFUN([_AM_PROG_TAR], +[# Always define AMTAR for backward compatibility. Yes, it's still used +# in the wild :-( We should find a proper way to deprecate it ... +AC_SUBST([AMTAR], ['$${TAR-tar}']) + +# We'll loop over all known methods to create a tar archive until one works. +_am_tools='gnutar m4_if([$1], [ustar], [plaintar]) pax cpio none' + +m4_if([$1], [v7], + [am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -'], + + [m4_case([$1], + [ustar], + [# The POSIX 1988 'ustar' format is defined with fixed-size fields. + # There is notably a 21 bits limit for the UID and the GID. In fact, + # the 'pax' utility can hang on bigger UID/GID (see automake bug#8343 + # and bug#13588). + am_max_uid=2097151 # 2^21 - 1 + am_max_gid=$am_max_uid + # The $UID and $GID variables are not portable, so we need to resort + # to the POSIX-mandated id(1) utility. Errors in the 'id' calls + # below are definitely unexpected, so allow the users to see them + # (that is, avoid stderr redirection). + am_uid=`id -u || echo unknown` + am_gid=`id -g || echo unknown` + AC_MSG_CHECKING([whether UID '$am_uid' is supported by ustar format]) + if test $am_uid -le $am_max_uid; then + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + _am_tools=none + fi + AC_MSG_CHECKING([whether GID '$am_gid' is supported by ustar format]) + if test $am_gid -le $am_max_gid; then + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + _am_tools=none + fi], + + [pax], + [], + + [m4_fatal([Unknown tar format])]) + + AC_MSG_CHECKING([how to create a $1 tar archive]) + + # Go ahead even if we have the value already cached. We do so because we + # need to set the values for the 'am__tar' and 'am__untar' variables. + _am_tools=${am_cv_prog_tar_$1-$_am_tools} + + for _am_tool in $_am_tools; do + case $_am_tool in + gnutar) + for _am_tar in tar gnutar gtar; do + AM_RUN_LOG([$_am_tar --version]) && break + done + am__tar="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$$tardir"' + am__tar_="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$tardir"' + am__untar="$_am_tar -xf -" + ;; + plaintar) + # Must skip GNU tar: if it does not support --format= it doesn't create + # ustar tarball either. + (tar --version) >/dev/null 2>&1 && continue + am__tar='tar chf - "$$tardir"' + am__tar_='tar chf - "$tardir"' + am__untar='tar xf -' + ;; + pax) + am__tar='pax -L -x $1 -w "$$tardir"' + am__tar_='pax -L -x $1 -w "$tardir"' + am__untar='pax -r' + ;; + cpio) + am__tar='find "$$tardir" -print | cpio -o -H $1 -L' + am__tar_='find "$tardir" -print | cpio -o -H $1 -L' + am__untar='cpio -i -H $1 -d' + ;; + none) + am__tar=false + am__tar_=false + am__untar=false + ;; + esac + + # If the value was cached, stop now. We just wanted to have am__tar + # and am__untar set. + test -n "${am_cv_prog_tar_$1}" && break + + # tar/untar a dummy directory, and stop if the command works. + rm -rf conftest.dir + mkdir conftest.dir + echo GrepMe > conftest.dir/file + AM_RUN_LOG([tardir=conftest.dir && eval $am__tar_ >conftest.tar]) + rm -rf conftest.dir + if test -s conftest.tar; then + AM_RUN_LOG([$am__untar /dev/null 2>&1 && break + fi + done + rm -rf conftest.dir + + AC_CACHE_VAL([am_cv_prog_tar_$1], [am_cv_prog_tar_$1=$_am_tool]) + AC_MSG_RESULT([$am_cv_prog_tar_$1])]) + +AC_SUBST([am__tar]) +AC_SUBST([am__untar]) +]) # _AM_PROG_TAR + +m4_include([m4/ax_pthread.m4]) +m4_include([m4/ax_python_module.m4]) +m4_include([m4/ax_tls.m4]) diff --git a/ar-lib b/ar-lib new file mode 100755 index 0000000..05094d3 --- /dev/null +++ b/ar-lib @@ -0,0 +1,270 @@ +#! /bin/sh +# Wrapper for Microsoft lib.exe + +me=ar-lib +scriptversion=2012-03-01.08; # UTC + +# Copyright (C) 2010-2017 Free Software Foundation, Inc. +# Written by Peter Rosin . +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# This file is maintained in Automake, please report +# bugs to or send patches to +# . + + +# func_error message +func_error () +{ + echo "$me: $1" 1>&2 + exit 1 +} + +file_conv= + +# func_file_conv build_file +# Convert a $build file to $host form and store it in $file +# Currently only supports Windows hosts. +func_file_conv () +{ + file=$1 + case $file in + / | /[!/]*) # absolute file, and not a UNC file + if test -z "$file_conv"; then + # lazily determine how to convert abs files + case `uname -s` in + MINGW*) + file_conv=mingw + ;; + CYGWIN*) + file_conv=cygwin + ;; + *) + file_conv=wine + ;; + esac + fi + case $file_conv in + mingw) + file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'` + ;; + cygwin) + file=`cygpath -m "$file" || echo "$file"` + ;; + wine) + file=`winepath -w "$file" || echo "$file"` + ;; + esac + ;; + esac +} + +# func_at_file at_file operation archive +# Iterate over all members in AT_FILE performing OPERATION on ARCHIVE +# for each of them. +# When interpreting the content of the @FILE, do NOT use func_file_conv, +# since the user would need to supply preconverted file names to +# binutils ar, at least for MinGW. +func_at_file () +{ + operation=$2 + archive=$3 + at_file_contents=`cat "$1"` + eval set x "$at_file_contents" + shift + + for member + do + $AR -NOLOGO $operation:"$member" "$archive" || exit $? + done +} + +case $1 in + '') + func_error "no command. Try '$0 --help' for more information." + ;; + -h | --h*) + cat <&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +target_triplet = @target@ +subdir = common +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_pthread.m4 \ + $(top_srcdir)/m4/ax_python_module.m4 \ + $(top_srcdir)/m4/ax_tls.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +LIBRARIES = $(noinst_LIBRARIES) +ARFLAGS = cru +AM_V_AR = $(am__v_AR_@AM_V@) +am__v_AR_ = $(am__v_AR_@AM_DEFAULT_V@) +am__v_AR_0 = @echo " AR " $@; +am__v_AR_1 = +libdict_a_AR = $(AR) $(ARFLAGS) +libdict_a_LIBADD = +am_libdict_a_OBJECTS = dict.$(OBJEXT) set.$(OBJEXT) +libdict_a_OBJECTS = $(am_libdict_a_OBJECTS) +libexpr_a_AR = $(AR) $(ARFLAGS) +libexpr_a_LIBADD = +am_libexpr_a_OBJECTS = expr.$(OBJEXT) +libexpr_a_OBJECTS = $(am_libexpr_a_OBJECTS) +libprot_a_AR = $(AR) $(ARFLAGS) +libprot_a_LIBADD = +am_libprot_a_OBJECTS = nslcd-prot.$(OBJEXT) +libprot_a_OBJECTS = $(am_libprot_a_OBJECTS) +libtio_a_AR = $(AR) $(ARFLAGS) +libtio_a_LIBADD = +am_libtio_a_OBJECTS = tio.$(OBJEXT) +libtio_a_OBJECTS = $(am_libtio_a_OBJECTS) +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = +SOURCES = $(libdict_a_SOURCES) $(libexpr_a_SOURCES) \ + $(libprot_a_SOURCES) $(libtio_a_SOURCES) +DIST_SOURCES = $(libdict_a_SOURCES) $(libexpr_a_SOURCES) \ + $(libprot_a_SOURCES) $(libtio_a_SOURCES) +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp \ + $(top_srcdir)/mkinstalldirs +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DOCBOOK2X_MAN = @DOCBOOK2X_MAN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ +MODULE_NAME = @MODULE_NAME@ +NSLCD_BINDPW_PATH = @NSLCD_BINDPW_PATH@ +NSLCD_CONF_PATH = @NSLCD_CONF_PATH@ +NSLCD_PIDFILE = @NSLCD_PIDFILE@ +NSLCD_SOCKET = @NSLCD_SOCKET@ +NSS_FLAVOUR = @NSS_FLAVOUR@ +NSS_LDAP_SONAME = @NSS_LDAP_SONAME@ +NSS_MODULE_OBJS = @NSS_MODULE_OBJS@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PAM_LDAP_SONAME = @PAM_LDAP_SONAME@ +PAM_SECLIB_DIR = @PAM_SECLIB_DIR@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PIC_CFLAGS = @PIC_CFLAGS@ +PTHREAD_CC = @PTHREAD_CC@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LIBS = @PTHREAD_LIBS@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ +RANLIB = @RANLIB@ +RELEASE_MONTH = @RELEASE_MONTH@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +ax_pthread_config = @ax_pthread_config@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +nslcd_LIBS = @nslcd_LIBS@ +nss_ldap_so_LDFLAGS = @nss_ldap_so_LDFLAGS@ +nss_ldap_so_LINK = @nss_ldap_so_LINK@ +oldincludedir = @oldincludedir@ +pam_ldap_so_LDFLAGS = @pam_ldap_so_LDFLAGS@ +pam_ldap_so_LINK = @pam_ldap_so_LINK@ +pdfdir = @pdfdir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ +runstatedir = @runstatedir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target = @target@ +target_alias = @target_alias@ +target_cpu = @target_cpu@ +target_os = @target_os@ +target_vendor = @target_vendor@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +noinst_LIBRARIES = libtio.a libprot.a libdict.a libexpr.a +AM_CPPFLAGS = -I$(top_srcdir) +AM_CFLAGS = $(PIC_CFLAGS) +libtio_a_SOURCES = tio.c tio.h +libprot_a_SOURCES = nslcd-prot.c nslcd-prot.h +libdict_a_SOURCES = dict.c dict.h \ + set.c set.h + +libexpr_a_SOURCES = expr.c expr.h +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .o .obj +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu common/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu common/Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +clean-noinstLIBRARIES: + -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) + +libdict.a: $(libdict_a_OBJECTS) $(libdict_a_DEPENDENCIES) $(EXTRA_libdict_a_DEPENDENCIES) + $(AM_V_at)-rm -f libdict.a + $(AM_V_AR)$(libdict_a_AR) libdict.a $(libdict_a_OBJECTS) $(libdict_a_LIBADD) + $(AM_V_at)$(RANLIB) libdict.a + +libexpr.a: $(libexpr_a_OBJECTS) $(libexpr_a_DEPENDENCIES) $(EXTRA_libexpr_a_DEPENDENCIES) + $(AM_V_at)-rm -f libexpr.a + $(AM_V_AR)$(libexpr_a_AR) libexpr.a $(libexpr_a_OBJECTS) $(libexpr_a_LIBADD) + $(AM_V_at)$(RANLIB) libexpr.a + +libprot.a: $(libprot_a_OBJECTS) $(libprot_a_DEPENDENCIES) $(EXTRA_libprot_a_DEPENDENCIES) + $(AM_V_at)-rm -f libprot.a + $(AM_V_AR)$(libprot_a_AR) libprot.a $(libprot_a_OBJECTS) $(libprot_a_LIBADD) + $(AM_V_at)$(RANLIB) libprot.a + +libtio.a: $(libtio_a_OBJECTS) $(libtio_a_DEPENDENCIES) $(EXTRA_libtio_a_DEPENDENCIES) + $(AM_V_at)-rm -f libtio.a + $(AM_V_AR)$(libtio_a_AR) libtio.a $(libtio_a_OBJECTS) $(libtio_a_LIBADD) + $(AM_V_at)$(RANLIB) libtio.a + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dict.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/expr.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/nslcd-prot.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/set.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tio.Po@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< + +.c.obj: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` + +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(LIBRARIES) +installdirs: +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ + clean-noinstLIBRARIES cscopelist-am ctags ctags-am distclean \ + distclean-compile distclean-generic distclean-tags distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-dvi install-dvi-am \ + install-exec install-exec-am install-html install-html-am \ + install-info install-info-am install-man install-pdf \ + install-pdf-am install-ps install-ps-am install-strip \ + installcheck installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic pdf pdf-am ps ps-am tags tags-am uninstall \ + uninstall-am + +.PRECIOUS: Makefile + + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/common/dict.c b/common/dict.c new file mode 100644 index 0000000..d4cfd8e --- /dev/null +++ b/common/dict.c @@ -0,0 +1,291 @@ +/* + dict.c - dictionary functions + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2007, 2008, 2009, 2010, 2012, 2013 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#ifdef HAVE_STDINT_H +#include +#endif /* HAVE_STDINT_H */ + +#include "dict.h" + +/* + This module uses a hashtable to store its key to value mappings. The + structure is basically as follows: + + [struct dictionary] + \- holds an array of pointers to a linked list of [struct dict_entry] + \- each entry has a key/value mapping + + The hashmap can be resized when the total number of elements in the hashmap + exceeds a certain load factor. + + All the keys are copied in a separate linked list of buffers where each new + buffer that is allocated is larger than the previous one. The first buffer + in the linked list is always the current one. +*/ + +/* an entry stores one key/value pair */ +struct dict_entry { + uint32_t hash; /* used for quick matching and rehashing */ + const char *key; /* a reference to a copy of the key */ + void *value; /* the stored value */ + struct dict_entry *next; +}; + +/* the initial size of the hashtable */ +#define DICT_INITSIZE 7 + +/* load factor at which point to grow hashtable */ +#define DICT_LOADPERCENTAGE 400 + +/* the dictionary is a hashtable */ +struct dictionary { + int size; /* size of the hashtable */ + int num; /* total number of keys stored */ + struct dict_entry **table; /* the hashtable */ +}; + +/* Simple hash function that computes the hash value of a string. */ +static uint32_t stringhash(const char *str) +{ + uint32_t hash = 5381; + uint32_t c; + while ((c = *str++) != '\0') + hash = 33 * hash + c; + return hash; +} + +/* Grow the hashtable. */ +static void growhashtable(DICT *dict) +{ + int i; + int newsize; + struct dict_entry **newtable; + struct dict_entry *entry, *tmp; + newsize = dict->size * 3 + 1; + /* allocate room for new hashtable */ + newtable = (struct dict_entry **)malloc(newsize * sizeof(struct dict_entry *)); + if (newtable == NULL) + return; /* allocating memory failed continue to fill the existing table */ + /* clear new table */ + for (i = 0; i < newsize; i++) + newtable[i] = NULL; + /* copy old hashtable into new table */ + for (i = 0; i < dict->size; i++) + { + /* go over elements in linked list */ + entry = dict->table[i]; + while (entry != NULL) + { + tmp = entry; + entry = entry->next; + /* put in new position */ + tmp->next = newtable[tmp->hash % newsize]; + newtable[tmp->hash % newsize] = tmp; + } + } + /* free the old hashtable */ + free(dict->table); + /* put new hashtable in place */ + dict->size = newsize; + dict->table = newtable; +} + +DICT *dict_new(void) +{ + struct dictionary *dict; + int i; + /* allocate room for dictionary information */ + dict = (struct dictionary *)malloc(sizeof(struct dictionary)); + if (dict == NULL) + return NULL; + dict->size = DICT_INITSIZE; + dict->num = 0; + /* allocate initial hashtable */ + dict->table = (struct dict_entry **)malloc(DICT_INITSIZE * sizeof(struct dict_entry *)); + if (dict->table == NULL) + { + free(dict); + return NULL; + } + /* clear the hashtable */ + for (i = 0; i < DICT_INITSIZE; i++) + dict->table[i] = NULL; + /* we're done */ + return dict; +} + +void dict_free(DICT *dict) +{ + struct dict_entry *entry, *etmp; + int i; + /* free hashtable entries */ + for (i = 0; i < dict->size; i++) + { + entry = dict->table[i]; + while (entry != NULL) + { + etmp = entry; + entry = entry->next; + free(etmp); + } + } + /* free the hashtable */ + free(dict->table); + /* free dictionary struct itself */ + free(dict); +} + +void *dict_get(DICT *dict, const char *key) +{ + uint32_t hash; + struct dict_entry *entry; + /* calculate the hash */ + hash = stringhash(key); + /* loop over the linked list in the hashtable */ + for (entry = dict->table[hash % dict->size]; entry != NULL; entry = entry->next) + { + if ((entry->hash == hash) && (strcmp(entry->key, key) == 0)) + return entry->value; + } + /* no matches found */ + return NULL; +} + +const char *dict_getany(DICT *dict) +{ + int i; + /* loop over the linked list in the hashtable */ + for (i = 0; i < dict->size; i++) + if (dict->table[i]) + return dict->table[i]->key; + /* no matches found */ + return NULL; +} + +int dict_put(DICT *dict, const char *key, void *value) +{ + uint32_t hash; + int l; + char *buf; + int idx; + struct dict_entry *entry, *prev; + /* check if we should grow the hashtable */ + if (dict->num >= ((dict->size * DICT_LOADPERCENTAGE) / 100)) + growhashtable(dict); + /* calculate the hash and position in the hashtable */ + hash = stringhash(key); + idx = hash % dict->size; + /* check if the entry is already present */ + for (entry = dict->table[idx], prev = NULL; entry != NULL; prev = entry, entry = entry->next) + { + if ((entry->hash == hash) && (strcmp(entry->key, key) == 0)) + { + /* check if we should unset the entry */ + if (value == NULL) + { + /* remove from linked list */ + if (prev == NULL) + dict->table[idx] = entry->next; + else + prev->next = entry->next; + /* free entry memory and register removal */ + free(entry); + dict->num--; + return 0; + } + /* just set the new value */ + entry->value = value; + return 0; + } + } + /* if entry should be unset we're done */ + if (value == NULL) + return 0; + /* entry is not present, make new entry */ + l = strlen(key) + 1; + buf = (char *)malloc(sizeof(struct dict_entry) + l); + if (buf == NULL) + return -1; + entry = (struct dict_entry *)(void *)buf; + buf += sizeof(struct dict_entry); + strcpy(buf, key); + entry->hash = hash; + entry->key = buf; + entry->value = value; + /* insert into hashtable/linked list */ + entry->next = dict->table[idx]; + dict->table[idx] = entry; + /* increment number of stored items */ + dict->num++; + return 0; +} + +const char **dict_keys(DICT *dict) +{ + int i; + struct dict_entry *entry; + char *buf; + const char **values; + size_t sz; + int num; + /* figure out how much memory to allocate */ + num = 0; + sz = 0; + for (i = 0; i < dict->size; i++) + { + entry = dict->table[i]; + while (entry != NULL) + { + num++; + sz += strlen(entry->key) + 1; + entry = entry->next; + } + } + /* allocate the needed memory */ + buf = (char *)malloc((num + 1) * sizeof(char *) + sz); + if (buf == NULL) + return NULL; + values = (const char **)(void *)buf; + buf += (num + 1) * sizeof(char *); + /* fill the array with the keys */ + num = 0; + for (i = 0; i < dict->size; i++) + { + entry = dict->table[i]; + while (entry != NULL) + { + strcpy(buf, entry->key); + values[num++] = buf; + buf += strlen(buf) + 1; + entry = entry->next; + } + } + values[num] = NULL; + /* done */ + return values; +} diff --git a/common/dict.h b/common/dict.h new file mode 100644 index 0000000..ffb3b44 --- /dev/null +++ b/common/dict.h @@ -0,0 +1,71 @@ +/* + dict.h - dictionary functions + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2007, 2008, 2009, 2010, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef COMMON__DICT_H +#define COMMON__DICT_H + +#include "compat/attrs.h" + +/* + These functions provide a mapping between a string and a pointer. +*/ +typedef struct dictionary DICT; + +/* Create a new instance of a dictionary. Returns NULL + in case of memory allocation errors. */ +DICT *dict_new(void) + LIKE_MALLOC MUST_USE; + +/* Add a relation in the dictionary. The key is duplicated + and can be reused by the caller. The pointer is just stored. + This function returns non-zero in case of memory allocation + errors. If the key was previously in use the value + is replaced. All key comparisons are case sensitive. */ +int dict_put(DICT *dict, const char *key, void *value); + +/* Look up a key in the dictionary and return the associated + value. NULL is returned if the key is not found in the dictionary. + All key comparisons are case sensitive. */ +void *dict_get(DICT *dict, const char *key) + MUST_USE; + +/* Get a key from the dictionary that has a value set. The caller does + not need to free the returned value (it is freed when dict_free() + is called). */ +const char *dict_getany(DICT *dict); + +/* Delete a key-value association from the dictionary. + All key comparisons are case sensitive. */ +/*void dict_del(DICT *dict, const char *key);*/ + +/* Remove the dictionary from memory. All allocated storage + for the dictionary and the keys is freed. + Note that values are not freed. This is the responsibility + of the caller. */ +void dict_free(DICT *dict); + +/* Return the keys of the dict as a list of strings. + The caller should free the memory with a single call to free(). */ +const char **dict_keys(DICT *dict) + MUST_USE; + +#endif /* COMMON__DICT_H */ diff --git a/common/expr.c b/common/expr.c new file mode 100644 index 0000000..092ce7a --- /dev/null +++ b/common/expr.c @@ -0,0 +1,366 @@ +/* + expr.c - limited shell-like expression parsing functions + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2009-2016 Arthur de Jong + Copyright (c) 2012 Thorsten Glaser + Copyright (c) 2016 Giovanni Mascellani + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include + +#include "expr.h" +#include "compat/attrs.h" + +/* the maximum length of a variable name */ +#define MAXVARLENGTH 30 + +static inline int my_isalpha(const char c) +{ + return ((c >= 'a') && (c <= 'z')) || ((c >= 'A') && (c <= 'Z')); +} + +static inline int my_isdigit(const char c) +{ + return (c >= '0') && (c <= '9'); +} + +static inline int my_isalphanum(const char c) +{ + return my_isalpha(c) || ((c >= '0') && (c <= '9')); +} + +/* return the part of the string that is a valid name */ +MUST_USE static const char *parse_name(const char *str, int *ptr, + char *buffer, size_t buflen) +{ + int i = 0; + /* clear the buffer */ + buffer[i] = '\0'; + /* look for an alpha + alphanumeric* string */ + if (!my_isalpha(str[*ptr])) + return NULL; + while (my_isalphanum(str[*ptr]) || (str[*ptr] == ';')) + { + if ((size_t)i >= buflen) + return NULL; + buffer[i++] = str[(*ptr)++]; + } + /* NULL-terminate the string */ + if ((size_t)i >= buflen) + return NULL; + buffer[i++] = '\0'; + return buffer; +} + +/* dummy expander function to always return an empty string */ +static const char *empty_expander(const char UNUSED(*name), + void UNUSED(*expander_arg)) +{ + return ""; +} + +/* definition of the parse functions (they call eachother) */ +MUST_USE static const char *parse_dollar_expression( + const char *str, int *ptr, char *buffer, size_t buflen, + expr_expander_func expander, void *expander_arg); +MUST_USE static const char *parse_expression( + const char *str, int *ptr, int endat, char *buffer, size_t buflen, + expr_expander_func expander, void *expander_arg); + +/* handle ${attr:-word} expressions */ +MUST_USE static const char *parse_dollar_default( + const char *str, int *ptr, char *buffer, size_t buflen, + expr_expander_func expander, void *expander_arg, + const char *varvalue) +{ + if ((varvalue != NULL) && (*varvalue != '\0')) + { + /* value is set, skip rest of expression and use value */ + if (parse_expression(str, ptr, '}', buffer, buflen, empty_expander, NULL) == NULL) + return NULL; + if (strlen(varvalue) >= buflen) + return NULL; + strcpy(buffer, varvalue); + } + else + { + /* value is not set, evaluate rest of expression */ + if (parse_expression(str, ptr, '}', buffer, buflen, expander, expander_arg) == NULL) + return NULL; + } + return buffer; +} + +/* handle ${attr:+word} expressions */ +MUST_USE static const char *parse_dollar_alternative( + const char *str, int *ptr, char *buffer, size_t buflen, + expr_expander_func expander, void *expander_arg, + const char *varvalue) +{ + if ((varvalue != NULL) && (*varvalue != '\0')) + { + /* value is set, evaluate rest of expression */ + if (parse_expression(str, ptr, '}', buffer, buflen, expander, expander_arg) == NULL) + return NULL; + } + else + { + /* value is not set, skip rest of expression and blank */ + if (parse_expression(str, ptr, '}', buffer, buflen, empty_expander, NULL) == NULL) + return NULL; + buffer[0] = '\0'; + } + return buffer; +} + +/* handle ${attr:offset:length} expressions */ +MUST_USE static const char *parse_dollar_substring( + const char *str, int *ptr, char *buffer, size_t buflen, + const char *varvalue) +{ + char *tmp; + unsigned long int offset, length; + size_t varlen; + /* parse input */ + tmp = (char *)str + *ptr; + if (!my_isdigit(*tmp)) + return NULL; + errno = 0; + offset = strtoul(tmp, &tmp, 10); + if ((*tmp != ':') || (errno != 0)) + return NULL; + tmp += 1; + errno = 0; + length = strtoul(tmp, &tmp, 10); + if ((*tmp != '}') || (errno != 0)) + return NULL; + /* don't skip closing '}' here, because it will be skipped later */ + *ptr += tmp - (str + *ptr); + varlen = strlen(varvalue); + if (offset > varlen) + offset = varlen; + if (offset + length > varlen) + length = varlen - offset; + if (length >= buflen) + return NULL; + /* everything's ok, copy data; we use memcpy instead of strncpy + because we already know the exact lenght in play */ + memcpy(buffer, varvalue + offset, length); + buffer[length] = '\0'; + return buffer; +} + +/* handle ${attr#word} expressions */ +MUST_USE static const char *parse_dollar_match( + const char *str, int *ptr, char *buffer, size_t buflen, + const char *varvalue) +{ + char c; + const char *cp, *vp; + int ismatch; + size_t vallen; + cp = str + *ptr; + vp = varvalue; + ismatch = 1; + while (((c = *cp++) != '\0') && (c != '}')) + { + if (ismatch && (*vp =='\0')) + ismatch = 0; /* varvalue shorter than trim string */ + if (c == '?') + { + /* match any one character */ + vp++; + continue; + } + if (c == '\\') + { + if ((c = *cp++) == '\0') + return NULL; /* end of input: syntax error */ + /* escape the next character c */ + } + if (ismatch && (*vp != c)) + ismatch = 0; /* they differ */ + vp++; + } + if (c == '\0') + return NULL; /* end of input: syntax error */ + /* at this point, cp points to after the closing } */ + (*ptr) = cp - str - 1; + /* if ismatch, vp points to the beginning of the + data after trimming, otherwise vp is invalid */ + if (!ismatch) + vp = varvalue; + /* now copy the (trimmed or not) value to the buffer */ + if ((vallen = strlen(vp) + 1) > buflen) + return NULL; + memcpy(buffer, vp, vallen); + return buffer; +} + +MUST_USE static const char *parse_dollar_expression( + const char *str, int *ptr, char *buffer, size_t buflen, + expr_expander_func expander, void *expander_arg) +{ + char varname[MAXVARLENGTH]; + const char *varvalue; + if ((buflen <= 0) || (buffer == NULL) || (str == NULL) || (ptr == NULL)) + return NULL; + if (str[*ptr] == '{') + { + (*ptr)++; + /* the first part is always a variable name */ + if (parse_name(str, ptr, varname, sizeof(varname)) == NULL) + return NULL; + varvalue = expander(varname, expander_arg); + if (varvalue == NULL) + varvalue = ""; + if (str[*ptr] == '}') + { + /* simple substitute */ + if (strlen(varvalue) >= buflen) + return NULL; + strcpy(buffer, varvalue); + } + else if (strncmp(str + *ptr, ":-", 2) == 0) + { + /* if variable is not set or empty, substitute remainder */ + (*ptr) += 2; + if (parse_dollar_default(str, ptr, buffer, buflen, expander, expander_arg, varvalue) == NULL) + return NULL; + } + else if (strncmp(str + *ptr, ":+", 2) == 0) + { + /* if variable is set, substitute remainder */ + (*ptr) += 2; + if (parse_dollar_alternative(str, ptr, buffer, buflen, expander, expander_arg, varvalue) == NULL) + return NULL; + } + else if (str[*ptr] == ':') + { + /* substitute substring of variable */ + (*ptr) += 1; + if (parse_dollar_substring(str, ptr, buffer, buflen, varvalue) == NULL) + return NULL; + } + else if (str[*ptr] == '#') + { + /* try to strip the remainder value from variable beginning */ + (*ptr) += 1; + if (parse_dollar_match(str, ptr, buffer, buflen, varvalue) == NULL) + return NULL; + } + else + return NULL; + (*ptr)++; /* skip closing } */ + } + else + { + /* it is a simple reference to a variable, like $uidNumber */ + if (parse_name(str, ptr, varname, sizeof(varname)) == NULL) + return NULL; + varvalue = expander(varname, expander_arg); + if (varvalue == NULL) + varvalue = ""; + if (strlen(varvalue) >= buflen) + return NULL; + strcpy(buffer, varvalue); + } + return buffer; +} + +MUST_USE static const char *parse_expression( + const char *str, int *ptr, int endat, char *buffer, size_t buflen, + expr_expander_func expander, void *expander_arg) +{ + int j = 0; + /* go over string */ + while ((str[*ptr] != endat) && (str[*ptr] != '\0')) + { + switch (str[*ptr]) + { + case '$': /* beginning of an expression */ + (*ptr)++; + if ((size_t)j >= buflen) + return NULL; + if (parse_dollar_expression(str, ptr, buffer + j, buflen - j, + expander, expander_arg) == NULL) + return NULL; + j = strlen(buffer); + break; + case '\\': /* escaped character, unescape */ + (*ptr)++; + FALLTHROUGH; /* no break needed here */ + default: /* just copy the text */ + if ((size_t)j >= buflen) + return NULL; + buffer[j++] = str[*ptr]; + (*ptr)++; + } + } + /* NULL-terminate buffer */ + if ((size_t)j >= buflen) + return NULL; + buffer[j++] = '\0'; + return buffer; +} + +MUST_USE const char *expr_parse(const char *str, char *buffer, size_t buflen, + expr_expander_func expander, void *expander_arg) +{ + int i = 0; + return parse_expression(str, &i, '\0', buffer, buflen, + expander, expander_arg); +} + +SET *expr_vars(const char *str, SET *set) +{ + char varname[MAXVARLENGTH]; + int i = 0; + /* allocate set if needed */ + if (set == NULL) + set = set_new(); + if (set == NULL) + return NULL; + /* go over string */ + while (str[i] != '\0') + { + switch (str[i]) + { + case '$': /* beginning of a $-expression */ + i++; + if (str[i] == '{') + i++; + /* the rest should start with a variable name */ + if (parse_name(str, &i, varname, sizeof(varname)) != NULL) + set_add(set, varname); + break; + case '\\': /* escaped character, unescape */ + i++; + FALLTHROUGH; /* no break needed here */ + default: /* just skip */ + i++; + } + } + return set; +} diff --git a/common/expr.h b/common/expr.h new file mode 100644 index 0000000..2f6ca1b --- /dev/null +++ b/common/expr.h @@ -0,0 +1,41 @@ +/* + expr.h - limited shell-like expression parsing functions + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2009, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef COMMON__EXPR_H +#define COMMON__EXPR_H 1 + +#include "compat/attrs.h" +#include "common/set.h" + +typedef const char *(*expr_expander_func) (const char *name, void *expander_arg); + +/* Parse the expression and store the result in buffer, using the + expander function to expand variable names to values. If the expression + is invalid or the result didn't fit in the buffer NULL is returned. */ +MUST_USE const char *expr_parse(const char *expr, char *buffer, size_t buflen, + expr_expander_func expander, void *expander_arg); + +/* Return the variable names that are used in expr. If set is NULL a new one + is allocated, otherwise the passed set is added to. */ +SET *expr_vars(const char *expr, SET *set); + +#endif /* not _COMMON__ */ diff --git a/common/nslcd-prot.c b/common/nslcd-prot.c new file mode 100644 index 0000000..87c0066 --- /dev/null +++ b/common/nslcd-prot.c @@ -0,0 +1,95 @@ +/* + nslcd-prot.c - common functions for NSLCD lookups + + Copyright (C) 2006 West Consulting + Copyright (C) 2006, 2007, 2008, 2009, 2010, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#ifdef HAVE_STDINT_H +#include +#endif /* HAVE_STDINT_H */ +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "nslcd.h" +#include "nslcd-prot.h" +#include "compat/socket.h" + +/* read timeout is 60 seconds because looking up stuff may take some time + write timeout is 10 secods because nslcd could be loaded with requests */ +#define READ_TIMEOUT 60 * 1000 +#define WRITE_TIMEOUT 10 * 1000 + +/* buffer sizes for I/O */ +#define READBUFFER_MINSIZE 1024 +#define READBUFFER_MAXSIZE 2 * 1024 * 1024 +#define WRITEBUFFER_MINSIZE 32 +#define WRITEBUFFER_MAXSIZE 32 + +/* Note that the READBUFFER_MAXSIZE should be large enough to hold any single + result entity as defined in nslcd.h because the get*ent() functions expect + to be able to tio_reset() the stream to re-read the current entity. + Since group entities can grow arbitrarily large, this setting limits the + number of users that can be put in a group. */ + +/* returns a socket to the server or NULL on error (see errno), + socket should be closed with fclose() */ +TFILE *nslcd_client_open() +{ + int sock; + struct sockaddr_un addr; + TFILE *fp; + int flags; + /* create a socket */ + if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) + return NULL; + /* create socket address structure */ + memset(&addr, 0, sizeof(struct sockaddr_un)); + addr.sun_family = AF_UNIX; + strncpy(addr.sun_path, NSLCD_SOCKET, sizeof(addr.sun_path)); + addr.sun_path[sizeof(addr.sun_path) - 1] = '\0'; + /* close the file descriptor on exec (ignore errors) */ + flags = fcntl(sock, F_GETFL); + if (flags >= 0) + (void)fcntl(sock, F_SETFD, flags | FD_CLOEXEC); + /* connect to the socket */ + if (connect(sock, (struct sockaddr *)&addr, SUN_LEN(&addr)) < 0) + { + (void)close(sock); + return NULL; + } + /* create a stream object */ + if ((fp = tio_fdopen(sock, READ_TIMEOUT, WRITE_TIMEOUT, + READBUFFER_MINSIZE, READBUFFER_MAXSIZE, + WRITEBUFFER_MINSIZE, WRITEBUFFER_MAXSIZE)) == NULL) + { + (void)close(sock); + return NULL; + } + /* return the stream */ + return fp; +} diff --git a/common/nslcd-prot.h b/common/nslcd-prot.h new file mode 100644 index 0000000..649be89 --- /dev/null +++ b/common/nslcd-prot.h @@ -0,0 +1,381 @@ +/* + nslcd-prot.h - helper macros for reading and writing in protocol streams + + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2014 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef COMMON__NSLCD_PROT_H +#define COMMON__NSLCD_PROT_H 1 + +#include +#include + +#include "tio.h" + +/* If you use these macros you should define the following macros to + handle error conditions (these marcos should clean up and return from the + function): + ERROR_OUT_WRITEERROR(fp) + ERROR_OUT_READERROR(fp) + ERROR_OUT_BUFERROR(fp) + ERROR_OUT_NOSUCCESS(fp) */ + + +/* Debugging marcos that can be used to enable detailed protocol logging, + pass -DDEBUG_PROT to do overall protocol debugging, and -DDEBUG_PROT_DUMP + to dump the actual bytestream. */ + +#ifdef DEBUG_PROT +/* define a debugging macro to output logging */ +#include +#include +#define DEBUG_PRINT(fmt, arg) \ + fprintf(stderr, "%s:%d:%s: " fmt "\n", __FILE__, __LINE__, \ + __PRETTY_FUNCTION__, arg); +#else /* DEBUG_PROT */ +/* define an empty debug macro to disable logging */ +#define DEBUG_PRINT(fmt, arg) +#endif /* not DEBUG_PROT */ + +#ifdef DEBUG_PROT_DUMP +/* define a debugging macro to output detailed logging */ +#ifdef HAVE_STDINT_H +#include +#endif /* HAVE_STDINT_H */ +static void debug_dump(const void *ptr, size_t size) +{ + int i; + for (i = 0; i < size; i++) + fprintf(stderr, " %02x", ((const uint8_t *)ptr)[i]); + fprintf(stderr, "\n"); +} +#define DEBUG_DUMP(ptr, size) \ + fprintf(stderr, "%s:%d:%s:", __FILE__, __LINE__, __PRETTY_FUNCTION__); \ + debug_dump(ptr, size); +#else /* DEBUG_PROT_DUMP */ +/* define an empty debug macro to disable logging */ +#define DEBUG_DUMP(ptr, size) +#endif /* not DEBUG_PROT_DUMP */ + + +/* WRITE marcos, used for writing data, on write error they will + call the ERROR_OUT_WRITEERROR macro + these macros may require the availability of the following + variables: + int32_t tmpint32; - temporary variable + */ + +#define WRITE(fp, ptr, size) \ + DEBUG_PRINT("WRITE : var="__STRING(ptr)" size=%d", (int)size); \ + DEBUG_DUMP(ptr, size); \ + if (tio_write(fp, ptr, (size_t)size)) \ + { \ + DEBUG_PRINT("WRITE : var="__STRING(ptr)" error: %s", \ + strerror(errno)); \ + ERROR_OUT_WRITEERROR(fp); \ + } + +#define WRITE_INT32(fp, i) \ + DEBUG_PRINT("WRITE_INT32 : var="__STRING(i)" int32=%08x", (int)i); \ + tmpint32 = htonl((int32_t)(i)); \ + WRITE(fp, &tmpint32, sizeof(int32_t)) + +#define WRITE_STRING(fp, str) \ + DEBUG_PRINT("WRITE_STRING: var="__STRING(str)" string=\"%s\"", (str)); \ + if ((str) == NULL) \ + { \ + WRITE_INT32(fp, 0); \ + } \ + else \ + { \ + WRITE_INT32(fp, strlen(str)); \ + tmpint32 = ntohl(tmpint32); \ + if (tmpint32 > 0) \ + { \ + WRITE(fp, (str), tmpint32); \ + } \ + } + +#define WRITE_STRINGLIST(fp, arr) \ + if ((arr) == NULL) \ + { \ + DEBUG_PRINT("WRITE_STRLST: var="__STRING(arr)" num=%d", 0); \ + WRITE_INT32(fp, 0); \ + } \ + else \ + { \ + /* first determine length of array */ \ + for (tmp3int32 = 0; (arr)[tmp3int32] != NULL; tmp3int32++) \ + /* noting */ ; \ + /* write number of strings */ \ + DEBUG_PRINT("WRITE_STRLST: var="__STRING(arr)" num=%d", (int)tmp3int32); \ + WRITE_INT32(fp, tmp3int32); \ + /* write strings */ \ + for (tmp2int32 = 0; tmp2int32 < tmp3int32; tmp2int32++) \ + { \ + WRITE_STRING(fp, (arr)[tmp2int32]); \ + } \ + } + +#define WRITE_STRINGLIST_EXCEPT(fp, arr, not) \ + /* first determine length of array */ \ + tmp3int32 = 0; \ + for (tmp2int32 = 0; (arr)[tmp2int32] != NULL; tmp2int32++) \ + if (strcmp((arr)[tmp2int32], (not)) != 0) \ + tmp3int32++; \ + /* write number of strings (mius one because we intend to skip one) */ \ + DEBUG_PRINT("WRITE_STRLST: var="__STRING(arr)" num=%d", (int)tmp3int32); \ + WRITE_INT32(fp, tmp3int32); \ + /* write strings */ \ + for (tmp2int32 = 0; (arr)[tmp2int32] != NULL; tmp2int32++) \ + { \ + if (strcmp((arr)[tmp2int32], (not)) != 0) \ + { \ + WRITE_STRING(fp, (arr)[tmp2int32]); \ + } \ + } + +/* READ macros, used for reading data, on read error they will + call the ERROR_OUT_READERROR or ERROR_OUT_BUFERROR macro + these macros may require the availability of the following + variables: + int32_t tmpint32; - temporary variable + */ + +#define READ(fp, ptr, size) \ + if (tio_read(fp, ptr, (size_t)size)) \ + { \ + DEBUG_PRINT("READ : var="__STRING(ptr)" error: %s", \ + strerror(errno)); \ + ERROR_OUT_READERROR(fp); \ + } \ + DEBUG_PRINT("READ : var="__STRING(ptr)" size=%d", (int)(size)); \ + DEBUG_DUMP(ptr, size); + +#define READ_INT32(fp, i) \ + READ(fp, &tmpint32, sizeof(int32_t)); \ + (i) = (int32_t)ntohl(tmpint32); \ + DEBUG_PRINT("READ_INT32 : var="__STRING(i)" int32==%08x", (int)(i)); + +/* read a string in a fixed-size "normal" buffer */ +#define READ_STRING(fp, buffer) \ + /* read the size of the string */ \ + READ(fp, &tmpint32, sizeof(int32_t)); \ + tmpint32 = ntohl(tmpint32); \ + DEBUG_PRINT("READ_STRING: var="__STRING(buffer)" strlen=%d", tmpint32); \ + /* check if read would fit */ \ + if (((size_t)tmpint32) >= sizeof(buffer)) \ + { \ + /* will not fit */ \ + tmpint32 = (tmpint32 - sizeof(buffer)) + 1; \ + DEBUG_PRINT("READ : buffer %d bytes too small", tmpint32); \ + ERROR_OUT_BUFERROR(fp); \ + } \ + /* read string from the stream */ \ + if (tmpint32 > 0) \ + { \ + READ(fp, buffer, (size_t)tmpint32); \ + } \ + /* null-terminate string in buffer */ \ + buffer[tmpint32] = '\0'; \ + DEBUG_PRINT("READ_STRING: var="__STRING(buffer)" string=\"%s\"", buffer); + + +/* READ BUF macros that read data into a pre-allocated buffer. + these macros may require the availability of the following + variables: + int32_t tmpint32; - temporary variable + char *buffer; - pointer to a buffer for reading strings + size_t buflen; - the size of the buffer + size_t bufptr; - the current position in the buffer + */ + +/* current position in the buffer */ +#define BUF_CUR \ + (buffer + bufptr) + +/* check that the buffer has sz bytes left in it */ +#define BUF_CHECK(fp, sz) \ + if ((bufptr + (size_t)(sz)) > buflen) \ + { \ + /* will not fit */ \ + tmpint32 = bufptr + (sz) - (buflen); \ + DEBUG_PRINT("READ : buffer %d bytes too small", tmpint32); \ + ERROR_OUT_BUFERROR(fp); \ + } + +/* move the buffer pointer */ +#define BUF_SKIP(sz) \ + bufptr += (size_t)(sz); + +/* move BUF_CUR foreward so that it is aligned to the specified + type width */ +#define BUF_ALIGN(fp, type) \ + /* figure out number of bytes to skip foreward */ \ + tmp2int32 = (sizeof(type) - ((BUF_CUR - (char *)NULL) % sizeof(type))) \ + % sizeof(type); \ + /* check and skip */ \ + BUF_CHECK(fp, tmp2int32); \ + BUF_SKIP(tmp2int32); + +/* allocate a piece of the buffer to store an array in */ +#define BUF_ALLOC(fp, ptr, type, num) \ + /* align to the specified type width */ \ + BUF_ALIGN(fp, type); \ + /* check that we have enough room */ \ + BUF_CHECK(fp, (size_t)(num) * sizeof(type)); \ + /* store the pointer */ \ + (ptr) = (type *)BUF_CUR; \ + /* reserve the space */ \ + BUF_SKIP((size_t)(num) * sizeof(type)); + +/* read a binary blob into the buffer */ +#define READ_BUF(fp, ptr, sz) \ + /* check that there is enough room and read */ \ + BUF_CHECK(fp, sz); \ + READ(fp, BUF_CUR, (size_t)sz); \ + /* store pointer and skip */ \ + (ptr) = BUF_CUR; \ + BUF_SKIP(sz); + +/* read string in the buffer (using buffer, buflen and bufptr) + and store the actual location of the string in field */ +#define READ_BUF_STRING(fp, field) \ + /* read the size of the string */ \ + READ(fp, &tmpint32, sizeof(int32_t)); \ + tmpint32 = ntohl(tmpint32); \ + DEBUG_PRINT("READ_BUF_STRING: var="__STRING(field)" strlen=%d", tmpint32); \ + /* check if read would fit */ \ + BUF_CHECK(fp, tmpint32 + 1); \ + /* read string from the stream */ \ + if (tmpint32 > 0) \ + { \ + READ(fp, BUF_CUR, (size_t)tmpint32); \ + } \ + /* null-terminate string in buffer */ \ + BUF_CUR[tmpint32] = '\0'; \ + DEBUG_PRINT("READ_BUF_STRING: var="__STRING(field)" string=\"%s\"", BUF_CUR); \ + /* prepare result */ \ + (field) = BUF_CUR; \ + BUF_SKIP(tmpint32 + 1); + +/* read an array from a stram and store it as a null-terminated + array list (size for the array is allocated) */ +#define READ_BUF_STRINGLIST(fp, arr) \ + /* read the number of entries */ \ + READ(fp, &tmp3int32, sizeof(int32_t)); \ + tmp3int32 = ntohl(tmp3int32); \ + DEBUG_PRINT("READ_STRLST: var="__STRING(arr)" num=%d", (int)tmp3int32); \ + /* allocate room for *char[num + 1] */ \ + BUF_ALLOC(fp, arr, char *, tmp3int32 + 1); \ + /* read all entries */ \ + for (tmp2int32 = 0; tmp2int32 < tmp3int32; tmp2int32++) \ + { \ + READ_BUF_STRING(fp, (arr)[tmp2int32]); \ + } \ + /* set last entry to NULL */ \ + (arr)[tmp2int32] = NULL; + + +/* SKIP macros for skipping over certain parts of the protocol stream. */ + +/* skip a number of bytes foreward */ +#define SKIP(fp, sz) \ + DEBUG_PRINT("READ : skip %d bytes", (int)(sz)); \ + /* read (skip) the specified number of bytes */ \ + if (tio_skip(fp, sz)) \ + { \ + DEBUG_PRINT("READ : skip error: %s", strerror(errno)); \ + ERROR_OUT_READERROR(fp); \ + } + +/* read a string from the stream but don't do anything with the result */ +#define SKIP_STRING(fp) \ + /* read the size of the string */ \ + READ(fp, &tmpint32, sizeof(int32_t)); \ + tmpint32 = ntohl(tmpint32); \ + DEBUG_PRINT("READ_STRING: skip %d bytes", (int)tmpint32); \ + /* read (skip) the specified number of bytes */ \ + SKIP(fp, tmpint32); + +/* skip a list of strings */ +#define SKIP_STRINGLIST(fp) \ + /* read the number of entries */ \ + READ(fp, &tmp3int32, sizeof(int32_t)); \ + tmp3int32 = ntohl(tmp3int32); \ + DEBUG_PRINT("READ_STRLST: skip %d strings", (int)tmp3int32); \ + /* read all entries */ \ + for (tmp2int32 = 0; tmp2int32 < tmp3int32; tmp2int32++) \ + { \ + SKIP_STRING(fp); \ + } + + +/* These are functions and macors for performing common operations in + the nslcd request/response protocol. */ + +/* returns a socket to the server or NULL on error (see errno), + socket should be closed with tio_close() */ +TFILE *nslcd_client_open(void) + MUST_USE; + +/* generic request code */ +#define NSLCD_REQUEST(fp, action, writefn) \ + /* open a client socket */ \ + if ((fp = nslcd_client_open()) == NULL) \ + { \ + ERROR_OUT_OPENERROR; \ + } \ + /* write a request header with a request code */ \ + WRITE_INT32(fp, (int32_t)NSLCD_VERSION) \ + WRITE_INT32(fp, (int32_t)action) \ + /* write the request parameters (if any) */ \ + writefn; \ + /* flush the stream */ \ + if (tio_flush(fp) < 0) \ + { \ + DEBUG_PRINT("WRITE_FLUSH : error: %s", strerror(errno)); \ + ERROR_OUT_WRITEERROR(fp); \ + } \ + /* read and check response version number */ \ + READ(fp, &tmpint32, sizeof(int32_t)); \ + tmpint32 = ntohl(tmpint32); \ + if (tmpint32 != (int32_t)NSLCD_VERSION) \ + { \ + ERROR_OUT_READERROR(fp); \ + } \ + /* read and check response request number */ \ + READ(fp, &tmpint32, sizeof(int32_t)); \ + tmpint32 = ntohl(tmpint32); \ + if (tmpint32 != (int32_t)(action)) \ + { \ + ERROR_OUT_READERROR(fp); \ + } + +/* Read the response code (the result code of the query) from + the stream. */ +#define READ_RESPONSE_CODE(fp) \ + READ(fp, &tmpint32, sizeof(int32_t)); \ + tmpint32 = ntohl(tmpint32); \ + if (tmpint32 != (int32_t)NSLCD_RESULT_BEGIN) \ + { \ + ERROR_OUT_NOSUCCESS(fp); \ + } + +#endif /* not COMMON__NSLCD_PROT_H */ diff --git a/common/set.c b/common/set.c new file mode 100644 index 0000000..7b3c2b0 --- /dev/null +++ b/common/set.c @@ -0,0 +1,75 @@ +/* + set.c - set functions + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2008, 2009, 2010, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include + +#include "set.h" +#include "dict.h" + +/* + The SET object is just a DICT which is passed around. The value + for each entry in the dict is just the pointer to the dict. + Another API is provided to give it a more set-like interface. +*/ + +SET *set_new(void) +{ + return (SET *)dict_new(); +} + +int set_add(SET *set, const char *value) +{ + return dict_put((DICT *)set, value, set); +} + +char *set_pop(SET *set) +{ + const char *key; + char *value; + key = dict_getany((DICT *)set); + if (key == NULL) + return NULL; /* no more entries in set */ + /* remove the entry from the dict and return a copy */ + value = strdup(key); + dict_put((DICT *)set, key, NULL); + return value; +} + +int set_contains(SET *set, const char *value) +{ + return dict_get((DICT *)set, value) != NULL; +} + +void set_free(SET *set) +{ + dict_free((DICT *)set); +} + +const char **set_tolist(SET *set) +{ + return dict_keys((DICT *)set); +} diff --git a/common/set.h b/common/set.h new file mode 100644 index 0000000..0a12923 --- /dev/null +++ b/common/set.h @@ -0,0 +1,64 @@ +/* + set.h - set functions + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2008, 2009, 2010, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef COMMON__SET_H +#define COMMON__SET_H + +#include "compat/attrs.h" + +/* + These functions provide a set of strings in an unordered + collection. +*/ +typedef struct set SET; + +/* Create a new instance of a set. Returns NULL + in case of memory allocation errors. */ +SET *set_new(void) + LIKE_MALLOC MUST_USE; + +/* Add a string in the set. The value is duplicated + and can be reused by the caller. + This function returns non-zero in case of memory allocation + errors. All value comparisons are case sensitive. */ +int set_add(SET *set, const char *value); + +/* Return non-zero if the value is in the set. + All value comparisons are case sensitive. */ +int set_contains(SET *set, const char *value) + MUST_USE; + +/* Get an element from the set and removes it from the set. + Returns NULL on an empty set. A copy of the string in the set + is returned, the caller should use free() to free it. */ +char *set_pop(SET *set); + +/* Remove the set from memory. All allocated storage + for the set and the values is freed. */ +void set_free(SET *set); + +/* Return the content of the set as a list of strings. + The caller should free the memory with a single call to free(). */ +const char **set_tolist(SET *set) + MUST_USE; + +#endif /* COMMON__SET_H */ diff --git a/common/tio.c b/common/tio.c new file mode 100644 index 0000000..8095dfb --- /dev/null +++ b/common/tio.c @@ -0,0 +1,520 @@ +/* + tio.c - timed io functions + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2007-2014 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#ifdef HAVE_STDINT_H +#include +#endif /* HAVE_STDINT_H */ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "tio.h" + +/* for platforms that don't have ETIME use ETIMEDOUT */ +#ifndef ETIME +#define ETIME ETIMEDOUT +#endif /* ETIME */ + +/* structure that holds a buffer + the buffer contains the data that is between the application and the + file descriptor that is used for efficient transfer + the buffer is built up as follows: + |.....********......| + ^start ^size + ^--len--^ */ +struct tio_buffer { + uint8_t *buffer; + size_t size; /* the size of the buffer */ + size_t maxsize; /* the maximum size of the buffer */ + size_t start; /* the start of the data (before start is unused) */ + size_t len; /* size of the data (from the start) */ +}; + +/* structure that holds all the state for files */ +struct tio_fileinfo { + int fd; + struct tio_buffer readbuffer; + struct tio_buffer writebuffer; + int readtimeout; + int writetimeout; + int read_resettable; /* whether the tio_reset() function can be called */ +#ifdef DEBUG_TIO_STATS + /* this is used to collect statistics on the use of the streams + and can be used to tune the buffer sizes */ + size_t byteswritten; + size_t bytesread; +#endif /* DEBUG_TIO_STATS */ +}; + +/* some older versions of Solaris don't provide CLOCK_MONOTONIC but do have + a CLOCK_HIGHRES that has the same properties we need */ +#ifndef CLOCK_MONOTONIC +#ifdef CLOCK_HIGHRES +#define CLOCK_MONOTONIC CLOCK_HIGHRES +#endif /* CLOCK_HIGHRES */ +#endif /* not CLOCK_MONOTONIC */ + +/* update the timeout to the value that is remaining before the deadline + returns the number of milliseconds before the deadline (or a negative + value of the deadline has expired) */ +static inline int tio_time_remaining(struct timespec *deadline, int timeout) +{ + struct timespec tv; + /* if this is the first call, set the deadline and return the full time */ + if ((deadline->tv_sec == 0) && (deadline->tv_nsec == 0)) + { + if (clock_gettime(CLOCK_MONOTONIC, deadline) == 0) + { + deadline->tv_sec += timeout / 1000; + deadline->tv_nsec += (timeout % 1000) * 1000000; + } + return timeout; + } + /* get the current time (fall back to full time on error) */ + if (clock_gettime(CLOCK_MONOTONIC, &tv)) + return timeout; + /* calculate time remaining in milliseconds */ + return (deadline->tv_sec - tv.tv_sec) * 1000 + + (deadline->tv_nsec - tv.tv_nsec) / 1000000; +} + +/* open a new TFILE based on the file descriptor */ +TFILE *tio_fdopen(int fd, int readtimeout, int writetimeout, + size_t initreadsize, size_t maxreadsize, + size_t initwritesize, size_t maxwritesize) +{ + struct tio_fileinfo *fp; + fp = (struct tio_fileinfo *)malloc(sizeof(struct tio_fileinfo)); + if (fp == NULL) + return NULL; + fp->fd = fd; + /* initialize read buffer */ + fp->readbuffer.buffer = (uint8_t *)malloc(initreadsize); + if (fp->readbuffer.buffer == NULL) + { + free(fp); + return NULL; + } + fp->readbuffer.size = initreadsize; + fp->readbuffer.maxsize = maxreadsize; + fp->readbuffer.start = 0; + fp->readbuffer.len = 0; + /* initialize write buffer */ + fp->writebuffer.buffer = (uint8_t *)malloc(initwritesize); + if (fp->writebuffer.buffer == NULL) + { + free(fp->readbuffer.buffer); + free(fp); + return NULL; + } + fp->writebuffer.size = initwritesize; + fp->writebuffer.maxsize = maxwritesize; + fp->writebuffer.start = 0; + fp->writebuffer.len = 0; + /* initialize other attributes */ + fp->readtimeout = readtimeout; + fp->writetimeout = writetimeout; + fp->read_resettable = 0; +#ifdef DEBUG_TIO_STATS + fp->byteswritten = 0; + fp->bytesread = 0; +#endif /* DEBUG_TIO_STATS */ + return fp; +} + +/* wait for any activity on the specified file descriptor using + the specified deadline */ +static int tio_wait(int fd, short events, int timeout, + struct timespec *deadline) +{ + int t; + struct pollfd fds[1]; + int rv; + while (1) + { + fds[0].fd = fd; + fds[0].events = events; + /* figure out the time we need to wait */ + if ((t = tio_time_remaining(deadline, timeout)) < 0) + { + errno = ETIME; + return -1; + } + /* sanitiy check for moving clock */ + if (t > timeout) + t = timeout; + /* wait for activity */ + rv = poll(fds, 1, t); + if (rv > 0) + return 0; /* we have activity */ + else if (rv == 0) + { + /* no file descriptors were available within the specified time */ + errno = ETIME; + return -1; + } + else if ((errno != EINTR) && (errno != EAGAIN)) + /* some error ocurred */ + return -1; + /* we just try again on EINTR or EAGAIN */ + } +} + +/* do a read on the file descriptor, returning the data in the buffer + if no data was read in the specified time an error is returned */ +int tio_read(TFILE *fp, void *buf, size_t count) +{ + struct timespec deadline = {0, 0}; + int rv; + uint8_t *tmp; + size_t newsz; + size_t len; + /* have a more convenient storage type for the buffer */ + uint8_t *ptr = (uint8_t *)buf; + /* loop until we have returned all the needed data */ + while (1) + { + /* check if we have enough data in the buffer */ + if (fp->readbuffer.len >= count) + { + if (count > 0) + { + if (ptr != NULL) + memcpy(ptr, fp->readbuffer.buffer + fp->readbuffer.start, count); + /* adjust buffer position */ + fp->readbuffer.start += count; + fp->readbuffer.len -= count; + } + return 0; + } + /* empty what we have and continue from there */ + if (fp->readbuffer.len > 0) + { + if (ptr != NULL) + { + memcpy(ptr, fp->readbuffer.buffer + fp->readbuffer.start, + fp->readbuffer.len); + ptr += fp->readbuffer.len; + } + count -= fp->readbuffer.len; + fp->readbuffer.start += fp->readbuffer.len; + fp->readbuffer.len = 0; + } + /* after this point until the read fp->readbuffer.len is 0 */ + if (!fp->read_resettable) + { + /* the stream is not resettable, re-use the buffer */ + fp->readbuffer.start = 0; + } + else if (fp->readbuffer.start >= (fp->readbuffer.size - 4)) + { + /* buffer is running empty, try to grow buffer */ + if (fp->readbuffer.size < fp->readbuffer.maxsize) + { + newsz = fp->readbuffer.size * 2; + if (newsz > fp->readbuffer.maxsize) + newsz = fp->readbuffer.maxsize; + tmp = realloc(fp->readbuffer.buffer, newsz); + if (tmp != NULL) + { + fp->readbuffer.buffer = tmp; + fp->readbuffer.size = newsz; + } + } + /* if buffer still does not contain enough room, clear resettable */ + if (fp->readbuffer.start >= (fp->readbuffer.size - 4)) + { + fp->readbuffer.start = 0; + fp->read_resettable = 0; + } + } + /* wait until we have input */ + if (tio_wait(fp->fd, POLLIN, fp->readtimeout, &deadline)) + return -1; + /* read the input in the buffer */ + len = fp->readbuffer.size - fp->readbuffer.start; +#ifdef SSIZE_MAX + if (len > SSIZE_MAX) + len = SSIZE_MAX; +#endif /* SSIZE_MAX */ + rv = read(fp->fd, fp->readbuffer.buffer + fp->readbuffer.start, len); + /* check for errors */ + if (rv == 0) + { + errno = ECONNRESET; + return -1; + } + else if ((rv < 0) && (errno != EINTR) && (errno != EAGAIN)) + return -1; /* something went wrong with the read */ + else if (rv > 0) + fp->readbuffer.len = rv; /* skip the read part in the buffer */ +#ifdef DEBUG_TIO_STATS + fp->bytesread += rv; +#endif /* DEBUG_TIO_STATS */ + } +} + +/* Read and discard the specified number of bytes from the stream. */ +int tio_skip(TFILE *fp, size_t count) +{ + return tio_read(fp, NULL, count); +} + +/* Read all available data from the stream and empty the read buffer. */ +int tio_skipall(TFILE *fp, int timeout) +{ + struct timespec deadline = {0, 0}; + int rv; + size_t len; + /* clear the read buffer */ + fp->readbuffer.start = 0; + fp->readbuffer.len = 0; + fp->read_resettable = 0; + /* read until we can't read no more */ + len = fp->readbuffer.size; +#ifdef SSIZE_MAX + if (len > SSIZE_MAX) + len = SSIZE_MAX; +#endif /* SSIZE_MAX */ + while (1) + { + /* wait until we have input */ + if (tio_wait(fp->fd, POLLIN, timeout, &deadline)) + return -1; + /* read data from the stream */ + rv = read(fp->fd, fp->readbuffer.buffer, len); + if (rv == 0) + return 0; /* end-of-file */ + if ((rv < 0) && (errno == EWOULDBLOCK)) + return 0; /* we've ready everything we can without blocking */ + if ((rv < 0) && (errno != EINTR) && (errno != EAGAIN)) + return -1; /* something went wrong with the read */ + } +} + +/* the caller has assured us that we can write to the file descriptor + and we give it a shot */ +static int tio_writebuf(TFILE *fp) +{ + int rv; + /* write the buffer */ +#ifdef MSG_NOSIGNAL + rv = send(fp->fd, fp->writebuffer.buffer + fp->writebuffer.start, + fp->writebuffer.len, MSG_NOSIGNAL); +#else /* not MSG_NOSIGNAL */ + /* on platforms that cannot use send() with masked signals, we change the + signal mask and change it back after the write (note that there is a + race condition here) */ + struct sigaction act, oldact; + /* set up sigaction */ + memset(&act, 0, sizeof(struct sigaction)); + act.sa_sigaction = NULL; + act.sa_handler = SIG_IGN; + sigemptyset(&act.sa_mask); + act.sa_flags = SA_RESTART; + /* ignore SIGPIPE */ + if (sigaction(SIGPIPE, &act, &oldact) != 0) + return -1; /* error setting signal handler */ + /* write the buffer */ + rv = write(fp->fd, fp->writebuffer.buffer + fp->writebuffer.start, + fp->writebuffer.len); + /* restore the old handler for SIGPIPE */ + if (sigaction(SIGPIPE, &oldact, NULL) != 0) + return -1; /* error restoring signal handler */ +#endif + /* check for errors */ + if ((rv == 0) || ((rv < 0) && (errno != EINTR) && (errno != EAGAIN))) + return -1; /* something went wrong with the write */ + /* skip the written part in the buffer */ + if (rv > 0) + { + fp->writebuffer.start += rv; + fp->writebuffer.len -= rv; +#ifdef DEBUG_TIO_STATS + fp->byteswritten += rv; +#endif /* DEBUG_TIO_STATS */ + /* reset start if len is 0 */ + if (fp->writebuffer.len == 0) + fp->writebuffer.start = 0; + /* move contents of the buffer to the front if it will save enough room */ + if (fp->writebuffer.start >= (fp->writebuffer.size / 4)) + { + memmove(fp->writebuffer.buffer, + fp->writebuffer.buffer + fp->writebuffer.start, + fp->writebuffer.len); + fp->writebuffer.start = 0; + } + } + return 0; +} + +/* write all the data in the buffer to the stream */ +int tio_flush(TFILE *fp) +{ + struct timespec deadline = {0, 0}; + /* loop until we have written our buffer */ + while (fp->writebuffer.len > 0) + { + /* wait until we can write */ + if (tio_wait(fp->fd, POLLOUT, fp->writetimeout, &deadline)) + return -1; + /* write one block */ + if (tio_writebuf(fp)) + return -1; + } + return 0; +} + +/* try a single write of data in the buffer if the file descriptor + will accept data */ +static int tio_flush_nonblock(TFILE *fp) +{ + struct pollfd fds[1]; + int rv; + /* see if we can write without blocking */ + fds[0].fd = fp->fd; + fds[0].events = POLLOUT; + rv = poll(fds, 1, 0); + /* check if any file descriptors were ready (timeout) or we were + interrupted */ + if ((rv == 0) || ((rv < 0) && ((errno == EINTR) || (errno == EAGAIN)))) + return 0; + /* any other errors? */ + if (rv < 0) + return -1; + /* so file descriptor will accept writes */ + return tio_writebuf(fp); +} + +int tio_write(TFILE *fp, const void *buf, size_t count) +{ + size_t fr; + uint8_t *tmp; + size_t newsz; + const uint8_t *ptr = (const uint8_t *)buf; + /* keep filling the buffer until we have bufferred everything */ + while (count > 0) + { + /* figure out free size in buffer */ + fr = fp->writebuffer.size - (fp->writebuffer.start + fp->writebuffer.len); + if (count <= fr) + { + /* the data fits in the buffer */ + memcpy(fp->writebuffer.buffer + fp->writebuffer.start + + fp->writebuffer.len, ptr, count); + fp->writebuffer.len += count; + return 0; + } + else if (fr > 0) + { + /* fill the buffer with data that will fit */ + memcpy(fp->writebuffer.buffer + fp->writebuffer.start + + fp->writebuffer.len, ptr, fr); + fp->writebuffer.len += fr; + ptr += fr; + count -= fr; + } + /* try to flush some of the data that is in the buffer */ + if (tio_flush_nonblock(fp)) + return -1; + /* if we have room now, try again */ + if (fp->writebuffer.size > (fp->writebuffer.start + fp->writebuffer.len)) + continue; + /* try to grow the buffer */ + if (fp->writebuffer.size < fp->writebuffer.maxsize) + { + newsz = fp->writebuffer.size * 2; + if (newsz > fp->writebuffer.maxsize) + newsz = fp->writebuffer.maxsize; + tmp = realloc(fp->writebuffer.buffer, newsz); + if (tmp != NULL) + { + fp->writebuffer.buffer = tmp; + fp->writebuffer.size = newsz; + continue; /* try again */ + } + } + /* write the buffer to the stream */ + if (tio_flush(fp)) + return -1; + } + return 0; +} + +int tio_close(TFILE *fp) +{ + int retv; + /* write any buffered data */ + retv = tio_flush(fp); +#ifdef DEBUG_TIO_STATS + /* dump statistics to stderr */ + fprintf(stderr, "DEBUG_TIO_STATS READ=%lu WRITTEN=%lu\n", + (unsigned long)fp->bytesread, (unsigned long)fp->byteswritten); +#endif /* DEBUG_TIO_STATS */ + /* close file descriptor */ + if (close(fp->fd)) + retv = -1; + /* free any allocated buffers */ + memset(fp->readbuffer.buffer, 0, fp->readbuffer.size); + memset(fp->writebuffer.buffer, 0, fp->writebuffer.size); + free(fp->readbuffer.buffer); + free(fp->writebuffer.buffer); + /* free the tio struct itself */ + free(fp); + /* return the result of the earlier operations */ + return retv; +} + +void tio_mark(TFILE *fp) +{ + /* move any data in the buffer to the start of the buffer */ + if ((fp->readbuffer.start > 0) && (fp->readbuffer.len > 0)) + { + memmove(fp->readbuffer.buffer, + fp->readbuffer.buffer + fp->readbuffer.start, fp->readbuffer.len); + fp->readbuffer.start = 0; + } + /* mark the stream as resettable */ + fp->read_resettable = 1; +} + +int tio_reset(TFILE *fp) +{ + /* check if the stream is (still) resettable */ + if (!fp->read_resettable) + return -1; + /* reset the buffer */ + fp->readbuffer.len += fp->readbuffer.start; + fp->readbuffer.start = 0; + return 0; +} diff --git a/common/tio.h b/common/tio.h new file mode 100644 index 0000000..3e0af12 --- /dev/null +++ b/common/tio.h @@ -0,0 +1,83 @@ +/* + tio.h - timed io functions + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2007, 2008, 2010, 2012, 2013 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +/* + + TODO: Add some documentation here. + + the SIGPIPE signal should be ignored (is ignored in this code) + + This library is not thread safe. You cannot share TFILE objects between + threads and expect to be able to read and write from them in different + threads. All the state is in the TFILE object so calls to this library on + different objects can be done in parallel. + +*/ + +#ifndef COMMON__TIO_H +#define COMMON__TIO_H + +#include +#include + +#include "compat/attrs.h" + +/* This is a generic file handle used for reading and writing + (something like FILE from stdio.h). */ +typedef struct tio_fileinfo TFILE; + +/* Open a new TFILE based on the file descriptor. The timeout is set for any + operation (value in milliseconds). */ +TFILE *tio_fdopen(int fd, int readtimeout, int writetimeout, + size_t initreadsize, size_t maxreadsize, + size_t initwritesize, size_t maxwritesize) + LIKE_MALLOC MUST_USE; + +/* Read the specified number of bytes from the stream. */ +int tio_read(TFILE *fp, void *buf, size_t count); + +/* Read and discard the specified number of bytes from the stream. */ +int tio_skip(TFILE *fp, size_t count); + +/* Read all available data from the stream and empty the read buffer. */ +int tio_skipall(TFILE *fp, int timeout); + +/* Write the specified buffer to the stream. */ +int tio_write(TFILE *fp, const void *buf, size_t count); + +/* Write out all buffered data to the stream. */ +int tio_flush(TFILE *fp); + +/* Flush the streams and closes the underlying file descriptor. */ +int tio_close(TFILE *fp); + +/* Store the current position in the stream so that we can jump back to it + with the tio_reset() function. */ +void tio_mark(TFILE *fp); + +/* Rewinds the stream to the point set by tio_mark(). Note that this only + resets the read stream and not the write stream. This function returns + whether the reset was successful (this function may fail if the buffers + were full). */ +int tio_reset(TFILE *fp); + +#endif /* COMMON__TIO_H */ diff --git a/compat/Makefile.am b/compat/Makefile.am new file mode 100644 index 0000000..0e7ad69 --- /dev/null +++ b/compat/Makefile.am @@ -0,0 +1,36 @@ +# Makefile.am - use automake to generate Makefile.in +# +# Copyright (C) 2008-2014 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +noinst_LIBRARIES = libcompat.a + +AM_CPPFLAGS=-I$(top_srcdir) +AM_CFLAGS = $(PIC_CFLAGS) + +EXTRA_DIST = getopt_long.c getopt_long.h \ + ether.c ether.h \ + shell.h \ + strndup.c strndup.h \ + nss_compat.h socket.h \ + ldap_compat.h pagectrl.c ldap_passwd_s.c ldap_initialize.c \ + ldap_parse_passwordpolicy_control.c ldap_passwordpolicy_err2txt.c \ + derefctrl.c \ + pam_compat.h pam_get_authtok.c pam_prompt.c + +libcompat_a_SOURCES = getpeercred.c getpeercred.h +libcompat_a_LIBADD = @LIBOBJS@ diff --git a/compat/Makefile.in b/compat/Makefile.in new file mode 100644 index 0000000..13cefe7 --- /dev/null +++ b/compat/Makefile.in @@ -0,0 +1,624 @@ +# Makefile.in generated by automake 1.15.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2017 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# Makefile.am - use automake to generate Makefile.in +# +# Copyright (C) 2008-2014 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +VPATH = @srcdir@ +am__is_gnu_make = { \ + if test -z '$(MAKELEVEL)'; then \ + false; \ + elif test -n '$(MAKE_HOST)'; then \ + true; \ + elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ + true; \ + else \ + false; \ + fi; \ +} +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +target_triplet = @target@ +subdir = compat +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_pthread.m4 \ + $(top_srcdir)/m4/ax_python_module.m4 \ + $(top_srcdir)/m4/ax_tls.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +LIBRARIES = $(noinst_LIBRARIES) +ARFLAGS = cru +AM_V_AR = $(am__v_AR_@AM_V@) +am__v_AR_ = $(am__v_AR_@AM_DEFAULT_V@) +am__v_AR_0 = @echo " AR " $@; +am__v_AR_1 = +libcompat_a_AR = $(AR) $(ARFLAGS) +libcompat_a_DEPENDENCIES = @LIBOBJS@ +am_libcompat_a_OBJECTS = getpeercred.$(OBJEXT) +libcompat_a_OBJECTS = $(am_libcompat_a_OBJECTS) +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = +SOURCES = $(libcompat_a_SOURCES) +DIST_SOURCES = $(libcompat_a_SOURCES) +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp \ + $(top_srcdir)/mkinstalldirs derefctrl.c ether.c getopt_long.c \ + ldap_initialize.c ldap_parse_passwordpolicy_control.c \ + ldap_passwd_s.c ldap_passwordpolicy_err2txt.c pagectrl.c \ + pam_get_authtok.c pam_prompt.c strndup.c +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DOCBOOK2X_MAN = @DOCBOOK2X_MAN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ +MODULE_NAME = @MODULE_NAME@ +NSLCD_BINDPW_PATH = @NSLCD_BINDPW_PATH@ +NSLCD_CONF_PATH = @NSLCD_CONF_PATH@ +NSLCD_PIDFILE = @NSLCD_PIDFILE@ +NSLCD_SOCKET = @NSLCD_SOCKET@ +NSS_FLAVOUR = @NSS_FLAVOUR@ +NSS_LDAP_SONAME = @NSS_LDAP_SONAME@ +NSS_MODULE_OBJS = @NSS_MODULE_OBJS@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PAM_LDAP_SONAME = @PAM_LDAP_SONAME@ +PAM_SECLIB_DIR = @PAM_SECLIB_DIR@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PIC_CFLAGS = @PIC_CFLAGS@ +PTHREAD_CC = @PTHREAD_CC@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LIBS = @PTHREAD_LIBS@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ +RANLIB = @RANLIB@ +RELEASE_MONTH = @RELEASE_MONTH@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +ax_pthread_config = @ax_pthread_config@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +nslcd_LIBS = @nslcd_LIBS@ +nss_ldap_so_LDFLAGS = @nss_ldap_so_LDFLAGS@ +nss_ldap_so_LINK = @nss_ldap_so_LINK@ +oldincludedir = @oldincludedir@ +pam_ldap_so_LDFLAGS = @pam_ldap_so_LDFLAGS@ +pam_ldap_so_LINK = @pam_ldap_so_LINK@ +pdfdir = @pdfdir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ +runstatedir = @runstatedir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target = @target@ +target_alias = @target_alias@ +target_cpu = @target_cpu@ +target_os = @target_os@ +target_vendor = @target_vendor@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +noinst_LIBRARIES = libcompat.a +AM_CPPFLAGS = -I$(top_srcdir) +AM_CFLAGS = $(PIC_CFLAGS) +EXTRA_DIST = getopt_long.c getopt_long.h \ + ether.c ether.h \ + shell.h \ + strndup.c strndup.h \ + nss_compat.h socket.h \ + ldap_compat.h pagectrl.c ldap_passwd_s.c ldap_initialize.c \ + ldap_parse_passwordpolicy_control.c ldap_passwordpolicy_err2txt.c \ + derefctrl.c \ + pam_compat.h pam_get_authtok.c pam_prompt.c + +libcompat_a_SOURCES = getpeercred.c getpeercred.h +libcompat_a_LIBADD = @LIBOBJS@ +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .o .obj +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu compat/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu compat/Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +clean-noinstLIBRARIES: + -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) + +libcompat.a: $(libcompat_a_OBJECTS) $(libcompat_a_DEPENDENCIES) $(EXTRA_libcompat_a_DEPENDENCIES) + $(AM_V_at)-rm -f libcompat.a + $(AM_V_AR)$(libcompat_a_AR) libcompat.a $(libcompat_a_OBJECTS) $(libcompat_a_LIBADD) + $(AM_V_at)$(RANLIB) libcompat.a + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/derefctrl.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ether.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/getopt_long.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ldap_initialize.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ldap_parse_passwordpolicy_control.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ldap_passwd_s.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ldap_passwordpolicy_err2txt.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/pagectrl.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/pam_get_authtok.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/pam_prompt.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strndup.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/getpeercred.Po@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< + +.c.obj: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` + +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(LIBRARIES) +installdirs: +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am + +distclean: distclean-am + -rm -rf $(DEPDIR) ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf $(DEPDIR) ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ + clean-noinstLIBRARIES cscopelist-am ctags ctags-am distclean \ + distclean-compile distclean-generic distclean-tags distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-dvi install-dvi-am \ + install-exec install-exec-am install-html install-html-am \ + install-info install-info-am install-man install-pdf \ + install-pdf-am install-ps install-ps-am install-strip \ + installcheck installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic pdf pdf-am ps ps-am tags tags-am uninstall \ + uninstall-am + +.PRECIOUS: Makefile + + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/compat/attrs.h b/compat/attrs.h new file mode 100644 index 0000000..0d13073 --- /dev/null +++ b/compat/attrs.h @@ -0,0 +1,98 @@ +/* + attrs.h - wrapper macros for the gcc __attribute__(()) directive + + Copyright (C) 2007, 2008, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef COMPAT__ATTRS_H +#define COMPAT__ATTRS_H 1 + +/* macro for testing the version of GCC */ +#define GCC_VERSION(major, minor) \ + ((__GNUC__ > (major)) || (__GNUC__ == (major) && __GNUC_MINOR__ >= (minor))) + +/* These are macros to use some gcc-specific flags in case the're available + and otherwise define them to empty strings. This allows us to give + the compiler some extra information. + See http://gcc.gnu.org/onlinedocs/gcc/Attribute-Syntax.html + for a list of attributes supported by gcc */ + +/* this is used to flag function parameters that are not used in the function + body. */ +#if GCC_VERSION(3, 0) +#define UNUSED(x) x __attribute__((__unused__)) +#else +#define UNUSED(x) x +#endif + +/* this is used to add extra format checking to the function calls as if this + was a printf()-like function */ +#if GCC_VERSION(3, 0) +#define LIKE_PRINTF(format_idx, arg_idx) \ + __attribute__((__format__(__printf__, format_idx, arg_idx))) +#else +#define LIKE_PRINTF(format_idx, arg_idx) /* no attribute */ +#endif + +/* indicates that the function is "pure": its result is purely based on + the parameters and has no side effects or used static data */ +#if GCC_VERSION(3, 0) +#define PURE __attribute__((__pure__)) +#else +#define PURE /* no attribute */ +#endif + +/* the function returns a new data structure that has been freshly + allocated */ +#if GCC_VERSION(3, 0) +#define LIKE_MALLOC __attribute__((__malloc__)) +#else +#define LIKE_MALLOC /* no attribute */ +#endif + +/* the function's return value should be used by the caller */ +#if GCC_VERSION(3, 4) +#define MUST_USE __attribute__((__warn_unused_result__)) +#else +#define MUST_USE /* no attribute */ +#endif + +/* the function's return value should be used by the caller */ +#if GCC_VERSION(2, 5) +#define NORETURN __attribute__((__noreturn__)) +#else +#define NORETURN /* no attribute */ +#endif + +/* we don't need an explicit break statement in this case block */ +#if GCC_VERSION(7, 0) +#define FALLTHROUGH __attribute__((fallthrough)) +#else +#define FALLTHROUGH /* no attribute */ +#endif + +/* define __STRING if it's not yet defined */ +#ifndef __STRING +#ifdef __STDC__ +#define __STRING(x) #x +#else /* __STDC__ */ +#define __STRING(x) "x" +#endif /* not __STDC__ */ +#endif /* not __STRING */ + +#endif /* not COMPAT__ATTRS_H */ diff --git a/compat/derefctrl.c b/compat/derefctrl.c new file mode 100644 index 0000000..9676c55 --- /dev/null +++ b/compat/derefctrl.c @@ -0,0 +1,50 @@ +/* + derefctrl.c - replacement function + + Copyright (C) 2013 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include + +#include "compat/ldap_compat.h" +#include "compat/attrs.h" + +#ifdef REPLACE_LDAP_CREATE_DEREF_CONTROL +int replacement_ldap_create_deref_control(LDAP *ld, LDAPDerefSpec *ds, + int iscritical, LDAPControl **ctrlp) +{ + int rc; + struct berval value; + if (ctrlp == NULL) + return LDAP_PARAM_ERROR; + rc = ldap_create_deref_control_value(ld, ds, &value); + if (rc != LDAP_SUCCESS) + return rc; + rc = ldap_control_create(LDAP_CONTROL_X_DEREF, iscritical, &value, 0, ctrlp); + if (rc != LDAP_SUCCESS) + { + ber_memfree(value.bv_val); + } + return rc; +} +#endif /* REPLACE_LDAP_CREATE_DEREF_CONTROL */ diff --git a/compat/ether.c b/compat/ether.c new file mode 100644 index 0000000..bda1718 --- /dev/null +++ b/compat/ether.c @@ -0,0 +1,48 @@ +/* + ether.c - useful ethernet functions for systems lacking those + + Copyright (C) 2008-2017 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include +#ifdef HAVE_NETINET_ETHER_H +#include +#endif + +#include "ether.h" + +/* these functions are not really reentrant */ + +#ifndef HAVE_ETHER_ATON_R +struct ether_addr *ether_aton_r(const char *asc, struct ether_addr *addr) +{ + struct ether_addr *tmp; + tmp = ether_aton(asc); + if (tmp == NULL) + return NULL; + memcpy(addr, tmp, sizeof(struct ether_addr)); + return addr; +} +#endif /* not HAVE_ETHER_ATON_R */ diff --git a/compat/ether.h b/compat/ether.h new file mode 100644 index 0000000..02f6ff4 --- /dev/null +++ b/compat/ether.h @@ -0,0 +1,52 @@ +/* + ether.h - ethernet definitions for systems lacking those + + Copyright (C) 2008-2017 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef COMPAT__ETHER_H +#define COMPAT__ETHER_H 1 + +#include +#include +#include +#include +#include +#ifdef HAVE_NETINET_ETHER_H +#include +#endif + +#ifndef HAVE_STRUCT_ETHER_ADDR +struct ether_addr { + uint8_t ether_addr_octet[6]; +}; +#endif /* not HAVE_STRUCT_ETHER_ADDR */ + +#ifndef HAVE_ETHER_ATON_R +struct ether_addr *ether_aton_r(const char *asc, struct ether_addr *addr); +#endif /* not HAVE_ETHER_ATON_R */ + +#ifdef HAVE_ETHER_ATON +#if !HAVE_DECL_ETHER_ATON +/* we define ether_aton() here because on some platforms the function is + undefined */ +extern struct ether_addr *ether_aton(const char *s); +#endif /* not HAVE_DECL_ETHER_ATON */ +#endif /* HAVE_ETHER_ATON */ + +#endif /* not COMPAT__ETHER_H */ diff --git a/compat/getopt_long.c b/compat/getopt_long.c new file mode 100644 index 0000000..eba9079 --- /dev/null +++ b/compat/getopt_long.c @@ -0,0 +1,90 @@ +/* + getopt_long.c - implementation of getopt_long() for systems that lack it + + Copyright (C) 2001, 2002, 2008, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include +#include +#include + +#include "getopt_long.h" + +/* this is a (poor) getopt_long() replacement for systems that don't have it + (getopt_long() is generaly a GNU extention) + this implementation is by no meens flawless, especialy the optional arguments + to options and options following filenames is not quite right, allso + minimal error checking is provided + */ +int getopt_long(int argc, char *const argv[], + const char *optstring, + const struct option *longopts, int *longindex) +{ + int i, l; + /* first check if there realy is a -- option */ + if ((optind > 0) && (optind < argc) && + (strncmp(argv[optind], "--", 2) == 0) && + (argv[optind][2] != '\0')) + { + /* check the longopts list for a valid option */ + for (i = 0; longopts[i].name != NULL; i++) + { + /* save the length for later */ + l = strlen(longopts[i].name); + if (strncmp(argv[optind] + 2, longopts[i].name, l) == 0) + { + /* we have a match */ + if ((longopts[i].has_arg == no_argument) && + (argv[optind][2 + l] == '\0')) + { + optind++; + return longopts[i].val; + } + else if ((longopts[i].has_arg == required_argument) && + (argv[optind][2 + l] == '=')) + { + optarg = argv[optind] + 3 + l; + optind++; + return longopts[i].val; + } + else if ((longopts[i].has_arg == required_argument) && + (argv[optind][2 + l] == '\0')) + { + optarg = argv[optind + 1]; + optind += 2; + return longopts[i].val; + } + else if ((longopts[i].has_arg == optional_argument) && + (argv[optind][2 + l] == '=')) + { + optarg = argv[optind] + 3 + l; + optind++; + return longopts[i].val; + } + else if ((longopts[i].has_arg == optional_argument) && + (argv[optind][2 + l] == '\0')) + { + optind++; + return longopts[i].val; + } + } + } + } + /* if all else fails use plain getopt() */ + return getopt(argc, argv, optstring); +} diff --git a/compat/getopt_long.h b/compat/getopt_long.h new file mode 100644 index 0000000..6182be3 --- /dev/null +++ b/compat/getopt_long.h @@ -0,0 +1,50 @@ +/* + getopt_long.h - definition of getopt_long() for systems that lack it + + Copyright (C) 2001, 2002, 2008, 2010, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef COMPAT__GETOPT_LONG_H +#define COMPAT__GETOPT_LONG_H 1 + +#ifndef HAVE_GETOPT_LONG + +#define no_argument 0 +#define required_argument 1 +#define optional_argument 2 + +struct option { + const char *name; + int has_arg; + int *flag; + int val; +}; + +/* this is a (poor) getopt_long() replacement for systems that don't have it + (this is generaly a GNU extention) + this implementation is by no meens flawless, especialy the optional arguments + to options and options following filenames is not quite right, allso + minimal error checking + */ +int getopt_long(int argc, char *const argv[], + const char *optstring, + const struct option *longopts, int *longindex); + +#endif /* not HAVE_GETOPT_LONG */ + +#endif /* COMPAT__GETOPT_LONG_H */ diff --git a/compat/getpeercred.c b/compat/getpeercred.c new file mode 100644 index 0000000..4b3f781 --- /dev/null +++ b/compat/getpeercred.c @@ -0,0 +1,120 @@ +/* + getpeercred.c - function for determining information about the + other end of a unix socket + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2008, 2009, 2011, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#ifdef HAVE_SYS_UCRED_H +#include +#endif /* HAVE SYS_UCRED_H */ +#include +#ifdef HAVE_UCRED_H +#include +#endif /* HAVE_UCRED_H */ + +#include "getpeercred.h" + +/* Note: most of this code is untested, except for the first + implementation (it may even fail to compile) */ + +int getpeercred(int sock, uid_t *uid, gid_t *gid, pid_t *pid) +{ +#if defined(SO_PEERCRED) + socklen_t l; + struct ucred cred; + /* initialize client information (in case getsockopt() breaks) */ + cred.pid = (pid_t)0; + cred.uid = (uid_t)-1; + cred.gid = (gid_t)-1; + /* look up process information from peer */ + l = (socklen_t)sizeof(struct ucred); + if (getsockopt(sock, SOL_SOCKET, SO_PEERCRED, &cred, &l) < 0) + return -1; /* errno already set */ + /* return the data */ + if (uid != NULL) + *uid = cred.uid; + if (gid != NULL) + *gid = cred.gid; + if (pid != NULL) + *pid = cred.pid; + return 0; +#elif defined(LOCAL_PEERCRED) + socklen_t l; + struct xucred cred; + /* look up process information from peer */ + l = (socklen_t)sizeof(struct xucred); + if (getsockopt(sock, 0, LOCAL_PEERCRED, &cred, &l) < 0) + return -1; /* errno already set */ + if (cred.cr_version != XUCRED_VERSION) + { + errno = EINVAL; + return -1; + } + /* return the data */ + if (uid != NULL) + *uid = cred.cr_uid; + if (gid != NULL) + *gid = cred.cr_gid; + if (pid != NULL) + *pid = (pid_t)-1; + return 0; +#elif defined(HAVE_GETPEERUCRED) + ucred_t *cred = NULL; + if (getpeerucred(sock, &cred)) + return -1; + /* save the data */ + if (uid != NULL) + *uid = ucred_geteuid(cred); + if (gid != NULL) + *gid = ucred_getegid(cred); + if (pid != NULL) + *pid = ucred_getpid(cred); + /* free cred and return */ + ucred_free(cred); + return 0; +#elif defined(HAVE_GETPEEREID) + uid_t tuid; + gid_t tgid; + if (uid == NULL) + uid = &tuid; + if (gid == NULL) + gid = &tguid; + if (getpeereid(sock, uid, gid)) + return -1; + /* return the data */ + if (uid != NULL) + *uid = cred.uid; + if (gid != NULL) + *gid = cred.gid; + if (pid != NULL) + *pid = -1; /* we return a -1 pid because we have no usable pid */ + return 0; +#else + /* nothing found that is supported */ + errno = ENOSYS; + return -1; +#endif +} diff --git a/compat/getpeercred.h b/compat/getpeercred.h new file mode 100644 index 0000000..5f96cc1 --- /dev/null +++ b/compat/getpeercred.h @@ -0,0 +1,35 @@ +/* + getpeercred.h - function for determining information about the + other end of a unix socket + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2008, 2009, 2010, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef COMPAT__GETPEERCRED_H +#define COMPAT__GETPEERCRED_H 1 + +/* This function tries to determine the (effective) user id, group id + and process id of the other end of the specified socket. + Any of the uid, gid and pid paramaters may be NULL to not update + that information. + On success, zero is returned. On error, -1 is returned, and errno + is set appropriately. */ +int getpeercred(int sock, uid_t *uid, gid_t *gid, pid_t *pid); + +#endif /* not COMPAT__GETPEERCRED_H */ diff --git a/compat/ldap_compat.h b/compat/ldap_compat.h new file mode 100644 index 0000000..b69974f --- /dev/null +++ b/compat/ldap_compat.h @@ -0,0 +1,121 @@ +/* + ldap_compat.h - provide a replacement definitions for some ldap functions + + Copyright (C) 2009-2013 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef COMPAT__LDAP_COMPAT_H +#define COMPAT__LDAP_COMPAT_H 1 + +#include +#include + +/* compatibility macros */ +#ifndef LDAP_CONST +#define LDAP_CONST const +#endif /* not LDAP_CONST */ +#ifndef LDAP_MSG_ONE +#define LDAP_MSG_ONE 0x00 +#endif /* not LDAP_MSG_ONE */ + +#ifndef HAVE_LDAP_INITIALIZE +/* provide a wrapper around ldap_init() if the system doesn't have + ldap_initialize() */ +int ldap_initialize(LDAP **ldp, const char *url); +#endif /* not HAVE_LDAP_INITIALIZE */ + +#ifndef HAVE_LDAP_CREATE_PAGE_CONTROL +int ldap_create_page_control(LDAP *ld, unsigned long pagesize, + struct berval *cookiep, int iscritical, + LDAPControl **ctrlp); +#endif /* not HAVE_LDAP_CREATE_PAGE_CONTROL */ + +#ifndef HAVE_LDAP_PARSE_PAGE_CONTROL +int ldap_parse_page_control(LDAP *ld, LDAPControl **ctrls, + unsigned long *list_countp, + struct berval **cookiep); +#endif /* not HAVE_LDAP_PARSE_PAGE_CONTROL */ + +#ifndef HAVE_LDAP_PASSWD_S +int ldap_passwd_s(LDAP *ld, struct berval *user, struct berval *oldpw, + struct berval *newpw, struct berval *newpasswd, + LDAPControl **sctrls, LDAPControl **cctrls); +#endif /* not HAVE_LDAP_PASSWD_S */ + +#ifndef HAVE_LDAP_PARSE_PASSWORDPOLICY_CONTROL +/* definition lifted from ldap.h */ +typedef enum passpolicyerror_enum { + PP_passwordExpired = 0, + PP_accountLocked = 1, + PP_changeAfterReset = 2, + PP_passwordModNotAllowed = 3, + PP_mustSupplyOldPassword = 4, + PP_insufficientPasswordQuality = 5, + PP_passwordTooShort = 6, + PP_passwordTooYoung = 7, + PP_passwordInHistory = 8, + PP_noError = 65535 +} LDAPPasswordPolicyError; +int ldap_parse_passwordpolicy_control(LDAP *ld, LDAPControl *ctrl, + ber_int_t *expirep, ber_int_t *gracep, + LDAPPasswordPolicyError *errorp); +#endif /* HAVE_LDAP_PARSE_PASSWORDPOLICY_CONTROL */ + +#ifndef HAVE_LDAP_PASSWORDPOLICY_ERR2TXT +const char *ldap_passwordpolicy_err2txt(LDAPPasswordPolicyError error); +#endif /* HAVE_LDAP_PASSWORDPOLICY_ERR2TXT */ + +#ifdef REPLACE_LDAP_CREATE_DEREF_CONTROL +/* provide a replacement implementation of ldap_create_deref_control() */ +int replacement_ldap_create_deref_control(LDAP *ld, LDAPDerefSpec *ds, + int iscritical, LDAPControl **ctrlp); +#define ldap_create_deref_control(ld, dc, iscritical, ctrlp) \ + replacement_ldap_create_deref_control(ld, dc, iscritical, ctrlp) +#endif /* REPLACE_LDAP_CREATE_DEREF_CONTROL */ + +/* compatibility definition */ +#ifndef LDAP_SASL_QUIET +#define LDAP_SASL_QUIET 2U +#endif /* not LDAP_SASL_QUIET */ + +/* on some systems LDAP_OPT_DIAGNOSTIC_MESSAGE isn't there but + LDAP_OPT_ERROR_STRING is */ +#ifndef LDAP_OPT_DIAGNOSTIC_MESSAGE +#ifdef LDAP_OPT_ERROR_STRING +#define LDAP_OPT_DIAGNOSTIC_MESSAGE LDAP_OPT_ERROR_STRING +#endif /* LDAP_OPT_ERROR_STRING */ +#endif /* not LDAP_OPT_DIAGNOSTIC_MESSAGE */ + +/* provide replacement oid definitions */ +#ifndef LDAP_CONTROL_PWEXPIRED +#define LDAP_CONTROL_PWEXPIRED "2.16.840.1.113730.3.4.4" +#endif /* LDAP_CONTROL_PWEXPIRED */ +#ifndef LDAP_CONTROL_PWEXPIRING +#define LDAP_CONTROL_PWEXPIRING "2.16.840.1.113730.3.4.5" +#endif /* LDAP_CONTROL_PWEXPIRING */ +#ifndef LDAP_CONTROL_PASSWORDPOLICYREQUEST +#define LDAP_CONTROL_PASSWORDPOLICYREQUEST "1.3.6.1.4.1.42.2.27.8.5.1" +#endif /* LDAP_CONTROL_PASSWORDPOLICYREQUEST */ +#ifndef LDAP_CONTROL_PASSWORDPOLICYRESPONSE +#define LDAP_CONTROL_PASSWORDPOLICYRESPONSE "1.3.6.1.4.1.42.2.27.8.5.1" +#endif /* LDAP_CONTROL_PASSWORDPOLICYRESPONSE */ +#ifndef LDAP_CONTROL_X_DEREF +#define LDAP_CONTROL_X_DEREF "1.3.6.1.4.1.4203.666.5.16" +#endif /* LDAP_CONTROL_X_DEREF */ + +#endif /* COMPAT__LDAP_COMPAT_H */ diff --git a/compat/ldap_initialize.c b/compat/ldap_initialize.c new file mode 100644 index 0000000..3b89708 --- /dev/null +++ b/compat/ldap_initialize.c @@ -0,0 +1,61 @@ +/* + ldap_initialize.c - replacement function for ldap_initialize() + + Copyright (C) 2009, 2012, 2013 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include + +#include "compat/ldap_compat.h" +#include "nslcd/log.h" + + +/* provide a wrapper around ldap_init() if the system doesn't have + ldap_initialize() */ +int ldap_initialize(LDAP **ldp, const char *url) +{ + char host[80]; + /* check schema part */ + if (strncasecmp(url, "ldap://", 7) == 0) + { + strncpy(host, url + 7, sizeof(host)); + host[sizeof(host) - 1] = '\0'; + } + else if (strncasecmp(url, "ldaps://", 8) == 0) + { + strncpy(host, url + 8, sizeof(host)); + host[sizeof(host) - 1] = '\0'; + } + else + { + log_log(LOG_ERR, "ldap_initialize(): schema not supported: %s", url); + exit(EXIT_FAILURE); + } + /* strip trailing slash */ + if ((strlen(host) > 0) && (host[strlen(host) - 1] == '/')) + host[strlen(host) - 1] = '\0'; + /* call ldap_init() */ + *ldp = ldap_init(host, LDAP_PORT); + return (*ldp == NULL) ? LDAP_OPERATIONS_ERROR : LDAP_SUCCESS; +} diff --git a/compat/ldap_parse_passwordpolicy_control.c b/compat/ldap_parse_passwordpolicy_control.c new file mode 100644 index 0000000..de8dd8d --- /dev/null +++ b/compat/ldap_parse_passwordpolicy_control.c @@ -0,0 +1,107 @@ +/* + ldap_parse_passwordpolicy_control.c - replacement function + + Copyright (C) 2013 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include + +#include "compat/ldap_compat.h" +#include "compat/attrs.h" + +#ifndef PPOLICY_WARNING +#define PPOLICY_WARNING 160 +#endif +#ifndef PPOLICY_ERROR +#define PPOLICY_ERROR 129 +#endif +#ifndef PPOLICY_EXPIRE +#define PPOLICY_EXPIRE 128 +#endif +#ifndef PPOLICY_GRACE +#define PPOLICY_GRACE 129 +#endif + +/* based on Openldap and pam_ldap implementations */ + +int ldap_parse_passwordpolicy_control(LDAP UNUSED(*ld), LDAPControl *ctrl, + ber_int_t *expirep, ber_int_t *gracep, + LDAPPasswordPolicyError UNUSED(*errorp)) +{ + BerElement *ber; + ber_tag_t tag; + ber_len_t berLen; + char *last; +#ifdef HAVE_BER_GET_ENUM + int err = PP_noError; +#endif /* HAVE_BER_GET_ENUM */ + /* get a BerElement from the control */ + ber = ber_init(&ctrl->ldctl_value); + if (ber == NULL) + return LDAP_LOCAL_ERROR; + /* go over tags */ + for(tag = ber_first_element(ber, &berLen, &last); tag != LBER_DEFAULT; tag = ber_next_element(ber, &berLen, last)) + { + switch (tag) + { + case PPOLICY_WARNING: + ber_skip_tag(ber, &berLen); + tag = ber_peek_tag(ber, &berLen); + switch (tag) + { + case PPOLICY_EXPIRE: + if (ber_get_int(ber, expirep) == LBER_DEFAULT) + { + ber_free(ber, 1); + return LDAP_DECODING_ERROR; + } + break; + case PPOLICY_GRACE: + if (ber_get_int(ber, gracep) == LBER_DEFAULT) + { + ber_free(ber, 1); + return LDAP_DECODING_ERROR; + } + break; + default: + ber_free(ber, 1); + return LDAP_DECODING_ERROR; + } + break; +#ifdef HAVE_BER_GET_ENUM + case PPOLICY_ERROR: + if (ber_get_enum(ber, &err) == LBER_DEFAULT) + { + ber_free(ber, 1); + return LDAP_DECODING_ERROR; + } + break; +#endif /* HAVE_BER_GET_ENUM */ + default: + ber_free(ber, 1); + return LDAP_DECODING_ERROR; + } + } + ber_free(ber, 1); + return LDAP_SUCCESS; +} diff --git a/compat/ldap_passwd_s.c b/compat/ldap_passwd_s.c new file mode 100644 index 0000000..f683a52 --- /dev/null +++ b/compat/ldap_passwd_s.c @@ -0,0 +1,107 @@ +/* + ldap_passwd_s.c - replacement function for ldap_passwd_s() + Parts of this file were based on parts of the pam_ldap library + (taken from _update_authtok() in pam_ldap.c). + + Copyright (C) 1998-2004 Luke Howard + Copyright (C) 2009, 2010, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include + +#include "compat/ldap_compat.h" +#include "compat/attrs.h" + +#ifndef LDAP_EXOP_MODIFY_PASSWD +#ifdef LDAP_EXOP_X_MODIFY_PASSWD +#define LDAP_EXOP_MODIFY_PASSWD LDAP_EXOP_X_MODIFY_PASSWD +#define LDAP_TAG_EXOP_MODIFY_PASSWD_ID LDAP_TAG_EXOP_X_MODIFY_PASSWD_ID +#define LDAP_TAG_EXOP_MODIFY_PASSWD_OLD LDAP_TAG_EXOP_X_MODIFY_PASSWD_OLD +#define LDAP_TAG_EXOP_MODIFY_PASSWD_NEW LDAP_TAG_EXOP_X_MODIFY_PASSWD_NEW +#else /* not LDAP_EXOP_X_MODIFY_PASSWD */ +#define LDAP_EXOP_MODIFY_PASSWD "1.3.6.1.4.1.4203.1.11.1" +#define LDAP_TAG_EXOP_MODIFY_PASSWD_ID ((ber_tag_t)0x80U) +#define LDAP_TAG_EXOP_MODIFY_PASSWD_OLD ((ber_tag_t)0x81U) +#define LDAP_TAG_EXOP_MODIFY_PASSWD_NEW ((ber_tag_t)0x82U) +#endif /* not LDAP_EXOP_X_MODIFY_PASSWD */ +#endif /* not LDAP_EXOP_MODIFY_PASSWD */ + +#ifndef LBER_USE_DER +#define LBER_USE_DER 1 +#endif /* not LBER_USE_DER */ + +#ifndef HAVE_BER_MEMFREE +#define ber_memfree free +#endif /* not HAVE_BER_MEMFREE */ + +#if !HAVE_DECL_LDAP_EXTENDED_OPERATION_S +/* we define this ourselves here because some LDAP header versions don't + seem to define this */ +extern int ldap_extended_operation_s(LDAP *ld, LDAP_CONST char *reqoid, + struct berval *reqdata, LDAPControl **serverctrls, + LDAPControl **clientctrls, char **retoidp, struct berval **retdatap); +#endif /* not HAVE_DECL_LDAP_EXTENDED_OPERATION_S */ + +/* Replacement for password modification. user is the DN of the entry to + change, oldpw is the old password (may not always be needed?), newpw is + the new password to set and newpasswd is sometimes returned (though not + by us). See RFC 3062 for details. */ +int ldap_passwd_s(LDAP *ld, struct berval *user, struct berval *oldpw, + struct berval *newpw, struct berval UNUSED(*newpasswd), + LDAPControl **sctrls, LDAPControl **cctrls) +{ +#ifndef HAVE_LDAP_EXTENDED_OPERATION_S + return LDAP_OPERATIONS_ERROR; +#else /* HAVE_LDAP_EXTENDED_OPERATION_S */ + int rc; + BerElement *ber; + struct berval *bv; + char *retoid; + struct berval *retdata; + /* set up request data */ + ber = ber_alloc_t(LBER_USE_DER); + if (ber == NULL) + return LDAP_NO_MEMORY; + ber_printf(ber, "{"); + ber_printf(ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_ID, user); + if (oldpw != NULL) + ber_printf(ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_OLD, oldpw); + ber_printf(ber, "tO", LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, newpw); + ber_printf(ber, "N}"); + rc = ber_flatten(ber, &bv); + ber_free(ber, 1); + if (rc < 0) + return LDAP_NO_MEMORY; + /* perform the operation */ + rc = ldap_extended_operation_s(ld, LDAP_EXOP_MODIFY_PASSWD, bv, sctrls, + cctrls, &retoid, &retdata); + /* free data */ + ber_bvfree(bv); + if (rc == LDAP_SUCCESS) + { + ber_bvfree(retdata); + ber_memfree(retoid); + } + /* return result code */ + return rc; +#endif /* HAVE_LDAP_EXTENDED_OPERATION_S */ +} diff --git a/compat/ldap_passwordpolicy_err2txt.c b/compat/ldap_passwordpolicy_err2txt.c new file mode 100644 index 0000000..09bd0ea --- /dev/null +++ b/compat/ldap_passwordpolicy_err2txt.c @@ -0,0 +1,48 @@ +/* + ldap_passwordpolicy_err2txt.c - replacement function + + Copyright (C) 2013 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include + +#include "compat/ldap_compat.h" +#include "compat/attrs.h" + +const char *ldap_passwordpolicy_err2txt(LDAPPasswordPolicyError error) +{ + switch (error) + { + case PP_passwordExpired: return "Password expired"; + case PP_accountLocked: return "Account locked"; + case PP_changeAfterReset: return "Change after reset"; + case PP_passwordModNotAllowed: return "Password modification not allowed"; + case PP_mustSupplyOldPassword: return "Must supply old password"; + case PP_insufficientPasswordQuality: return "Insufficient password quality"; + case PP_passwordTooShort: return "Password too short"; + case PP_passwordTooYoung: return "Password too young"; + case PP_passwordInHistory: return "Password in history"; + case PP_noError: return "No error"; + default: return "Unknown error"; + } +} diff --git a/compat/nss_compat.h b/compat/nss_compat.h new file mode 100644 index 0000000..755ce91 --- /dev/null +++ b/compat/nss_compat.h @@ -0,0 +1,156 @@ +/* + nss_compat.h - compatibility definitions for NSS functions + + Copyright (C) 2010, 2012 Arthur de Jong + Copyright (C) 2010 Symas Corporation + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef COMPAT__NSS_H +#define COMPAT__NSS_H 1 + +#ifdef HAVE_NSS_H +#include +#endif /* HAVE_NSS_H */ +#ifdef HAVE_NSS_COMMON_H +#include +#endif /* HAVE_NSS_COMMON_H */ +#ifdef HAVE_ALIASES_H +#include +#endif +#include +#include +#include +#include +#include +#ifdef HAVE_SHADOW_H +#include +#endif /* HAVE_SHADOW_H */ +#ifdef HAVE_RPC_RPCENT_H +#include +#endif /* HAVE_RPC_RPCENT_H */ +#ifdef HAVE_NSS_DBDEFS_H +#include +#endif /* HAVE_NSS_DBDEFS_H */ +#ifdef HAVE_NSSWITCH_H +#include +#endif /* HAVE_NSSWITCH_H */ + +#include "compat/ether.h" + +/* define missing status codes */ +#ifndef HAVE_ENUM_NSS_STATUS +#ifndef NSS_STATUS_SUCCESS +#define NSS_STATUS_SUCCESS NSS_SUCCESS +#endif +#ifndef NSS_STATUS_NOTFOUND +#define NSS_STATUS_NOTFOUND NSS_NOTFOUND +#endif +#ifndef NSS_STATUS_UNAVAIL +#define NSS_STATUS_UNAVAIL NSS_UNAVAIL +#endif +#ifndef NSS_STATUS_TRYAGAIN +#define NSS_STATUS_TRYAGAIN NSS_TRYAGAIN +#endif +#ifndef NSS_STATUS_RETURN +#define NSS_STATUS_RETURN NSS_NOTFOUND +#endif +#endif /* not HAVE_ENUM_NSS_STATUS */ + +/* define nss_status_t */ +#ifdef HAVE_ENUM_NSS_STATUS +typedef enum nss_status nss_status_t; +#endif + +/* Define an aliasent if it was not found on the system. */ +#ifndef HAVE_STRUCT_ALIASENT +struct aliasent { + char *alias_name; + size_t alias_members_len; + char **alias_members; + int alias_local; +}; +#endif /* not HAVE_STRUCT_ALIASENT */ + +/* Define an rpcent if it was not found on the system */ +#ifndef HAVE_STRUCT_RPCENT +struct rpcent { + char *r_name; + char **r_aliases; + int r_number; +}; +#endif /* not HAVE_STRUCT_RPCENT */ + +/* We define struct etherent here because it does not seem to + be defined in any publicly available header file exposed + by glibc. This is taken from include/netinet/ether.h + of the glibc (2.3.6) source tarball. */ +#ifndef HAVE_STRUCT_ETHERENT +struct etherent { + const char *e_name; + struct ether_addr e_addr; +}; +#endif /* not HAVE_STRUCT_ETHERENT */ + +/* We also define struct __netgrent because its definition is + not publically available. This is taken from inet/netgroup.h + of the glibc (2.3.6) source tarball. + The first part of the struct is the only part that is modified + by our getnetgrent() function, all the other fields are not + touched at all. */ +struct __netgrent { + enum { triple_val, group_val } type; + union { + struct { + const char *host; + const char *user; + const char *domain; + } triple; + const char *group; + } val; + /* the following stuff is used by some NSS services + but not by ours (it's not completely clear how these + are shared between different services) or is used + by our caller */ + char *data; + size_t data_size; + union { + char *cursor; + unsigned long int position; + } insertedname; /* added name to union to avoid warning */ + int first; + struct name_list *known_groups; + struct name_list *needed_groups; + void *nip; /* changed from `service_user *nip' */ +}; + +/* Define struct spwd if it was not found on the system. */ +#ifndef HAVE_STRUCT_SPWD +struct spwd { + char *sp_namp; + char *sp_pwdp; + long sp_lstchg; + long sp_min; + long sp_max; + long sp_warn; + long sp_inact; + long sp_expire; + unsigned long sp_flag; +}; +#endif /* not HAVE_STRUCT_SPWD */ + +#endif /* not COMPAT__NSS_H */ diff --git a/compat/pagectrl.c b/compat/pagectrl.c new file mode 100644 index 0000000..d846623 --- /dev/null +++ b/compat/pagectrl.c @@ -0,0 +1,217 @@ +/* + pagectrl.c - provide a replacement ldap_create_page_control() function. + This file was part of the nss_ldap library which has been + forked into the nss-pam-ldapd library. + + Copyright (C) 2002 Max Caines + This software is not subject to any license of the University + of Wolverhampton. + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include + +#include "compat/ldap_compat.h" + +#ifndef LDAP_CONTROL_PAGE_OID +#define LDAP_CONTROL_PAGE_OID "1.2.840.113556.1.4.319" +#endif + +#ifndef HAVE_LDAP_CREATE_PAGE_CONTROL +/*--- + ldap_create_page_control + + Create and encode the Paged Results control. + + ld (IN) An LDAP session handle, as obtained from a call to + ldap_init(). + + pagesize (IN) The number of entries to return in each page + + cookiep (IN) Pointer to a berVal structure that the server uses to + determine the current location in the + result set (opaque). Set to NULL the + first time. + + iscritical (IN) Is this control critical to the search? + + ctrlp (OUT) A result parameter that will be assigned the address + of an LDAPControl structure that contains the + PagedResult control created by this function. + The memory occupied by the LDAPControl structure + SHOULD be freed when it is no longer in use by + calling ldap_control_free(). + + + Ber encoding + + PageResult ::= SEQUENCE { + pageSize INTEGER + cookie OCTET STRING } + + + Note: The first time the Page control is created, the cookie + should be set to a zero-length string. The cookie obtained + from calling ldap_parse_page_control() should be used as + the cookie in the next ldap_create_page_control call. + + ---*/ + +int +ldap_create_page_control (LDAP * ld, + unsigned long pagesize, + struct berval *cookiep, + int iscritical, LDAPControl ** ctrlp) +{ + ber_tag_t tag; + BerElement *ber; + BerElement *ldap_alloc_ber_with_options (LDAP * ld); + int rc; + + if ((ld == NULL) || (ctrlp == NULL)) + { + return (LDAP_PARAM_ERROR); + } + + if ((ber = ldap_alloc_ber_with_options (ld)) == NULL) + { + return (LDAP_NO_MEMORY); + } + + tag = ber_printf (ber, "{i", pagesize); + if (tag == LBER_ERROR) + goto exit; + + if (cookiep == NULL) + tag = ber_printf (ber, "o", "", 0); + else + tag = ber_printf (ber, "O", cookiep); + if (tag == LBER_ERROR) + goto exit; + + tag = ber_printf (ber, /*{ */ "N}"); + if (tag == LBER_ERROR) + goto exit; + + rc = ldap_create_control (LDAP_CONTROL_PAGE_OID, ber, iscritical, ctrlp); + + ber_free (ber, 1); + return (rc); + +exit: + ber_free (ber, 1); + return (LDAP_ENCODING_ERROR); +} +#endif /* not HAVE_LDAP_CREATE_PAGE_CONTROL */ + +#ifndef HAVE_LDAP_PARSE_PAGE_CONTROL +/*--- + ldap_parse_page_control + + Decode the Virtual List View control return information. + + ld (IN) An LDAP session handle. + + ctrls (IN) The address of a NULL-terminated array of + LDAPControl structures, typically obtained + by a call to ldap_parse_result(). + + list_countp (OUT) This result parameter is filled in with the number + of entries returned in this page + + cookiep (OUT) This result parameter is filled in with the address + of a struct berval that contains the server- + generated cookie. + The returned cookie SHOULD be used in the next call + to create a Page sort control. The struct berval + returned SHOULD be disposed of by calling ber_bvfree() + when it is no longer needed. + +---*/ +int +ldap_parse_page_control (LDAP * ld, + LDAPControl ** ctrls, + unsigned long *list_countp, struct berval **cookiep) +{ + BerElement *ber; + LDAPControl *pControl; + int i; + unsigned long count; + ber_tag_t tag; + + if (cookiep) + { + *cookiep = NULL; /* Make sure we return a NULL if error occurs. */ + } + + if (ld == NULL) + { + return (LDAP_PARAM_ERROR); + } + + if (ctrls == NULL) + { + return (LDAP_CONTROL_NOT_FOUND); + } + + /* Search the list of control responses for a Page control. */ + for (i = 0; ctrls[i]; i++) + { + pControl = ctrls[i]; + if (!strcmp (LDAP_CONTROL_PAGE_OID, pControl->ldctl_oid)) + goto foundPageControl; + } + + /* No page control was found. */ + return (LDAP_CONTROL_NOT_FOUND); + +foundPageControl: + /* Create a BerElement from the berval returned in the control. */ + ber = ber_init (&pControl->ldctl_value); + + if (ber == NULL) + { + return (LDAP_NO_MEMORY); + } + + /* Extract the data returned in the control. */ + tag = ber_scanf (ber, "{iO" /*} */ , &count, cookiep); + + if (tag == LBER_ERROR) + { + ber_free (ber, 1); + return (LDAP_DECODING_ERROR); + } + + ber_free (ber, 1); + + /* Return data to the caller for items that were requested. */ + if (list_countp) + { + *list_countp = count; + } + + return (LDAP_SUCCESS); +} +#endif /* not HAVE_LDAP_PARSE_PAGE_CONTROL */ diff --git a/compat/pam_compat.h b/compat/pam_compat.h new file mode 100644 index 0000000..5388fc6 --- /dev/null +++ b/compat/pam_compat.h @@ -0,0 +1,91 @@ +/* + pam_compat.h - provide a replacement definitions for some pam functions + + Copyright (C) 2009-2017 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef COMPAT__PAM_COMPAT_H +#define COMPAT__PAM_COMPAT_H 1 + +#ifdef HAVE_SECURITY_PAM_APPL_H +#include +#endif /* HAVE_SECURITY_PAM_APPL_H */ +#ifndef HAVE_PAM_PAM_MODULES_H +#include +#ifdef HAVE_SECURITY_PAM_EXT_H +#include +#endif /* HAVE_SECURITY_PAM_EXT_H */ +#else /* not HAVE_PAM_PAM_MODULES_H */ +#include +#endif /* not HAVE_PAM_PAM_MODULES_H */ +#ifdef HAVE_SECURITY_PAM_MODUTIL_H +#include +#endif /* HAVE_SECURITY_PAM_MODUTIL_H */ + +/* find value of PAM_AUTHTOK_RECOVERY_ERR */ +#ifndef PAM_AUTHTOK_RECOVERY_ERR +#ifdef PAM_AUTHTOK_RECOVER_ERR +#define PAM_AUTHTOK_RECOVERY_ERR PAM_AUTHTOK_RECOVER_ERR +#else +#define PAM_AUTHTOK_RECOVERY_ERR 21 /* not defined anywhere */ +#endif +#endif /* not PAM_AUTHTOK_RECOVERY_ERR */ + +/* define our own replacement pam_get_authtok() if it wasn't found */ +#ifndef HAVE_PAM_GET_AUTHTOK +int pam_get_authtok(pam_handle_t *pamh, int item, const char **authtok, + const char *prompt); +#endif /* not HAVE_PAM_GET_AUTHTOK */ + +/* replace pam_prompt() if needed */ +#ifndef HAVE_PAM_PROMPT +int pam_prompt(pam_handle_t *pamh, int style, char **response, + const char *format, ...) + LIKE_PRINTF(4, 5); +#endif /* not HAVE_PAM_PROMPT */ + +/* provide pam_info() if needed */ +#if !HAVE_DECL_PAM_INFO +#define pam_info(pamh, format...) \ + pam_prompt(pamh, PAM_TEXT_INFO, NULL, ##format) +#endif /* not HAVE_DECL_PAM_INFO */ + +/* provide pam_error() if needed */ +#if !HAVE_DECL_PAM_ERROR +#define pam_error(pamh, format...) \ + pam_prompt(pamh, PAM_ERROR_MSG, NULL, ##format) +#endif /* not HAVE_DECL_PAM_ERROR */ + +/* fall back to using getpwnam() if pam_modutil_getpwnam() isn't defined */ +#ifndef HAVE_PAM_MODUTIL_GETGWNAM +#include +#include +#define pam_modutil_getpwnam(pamh, user) \ + getpwnam(user) +#endif /* not HAVE_PAM_MODUTIL_GETGWNAM */ + +/* fall back to using syslog() if pam_syslog() doesn't exist */ +#ifndef HAVE_PAM_SYSLOG +#ifndef LOG_AUTHPRIV +#define LOG_AUTHPRIV LOG_AUTH +#endif /* not LOG_AUTHPRIV */ +#define pam_syslog(pamh, priority, format...) \ + syslog(LOG_AUTHPRIV|(priority), ##format) +#endif /* not HAVE_PAM_SYSLOG */ + +#endif /* _COMPAT_LDAP_COMPAT_H */ diff --git a/compat/pam_get_authtok.c b/compat/pam_get_authtok.c new file mode 100644 index 0000000..d83ddbe --- /dev/null +++ b/compat/pam_get_authtok.c @@ -0,0 +1,94 @@ +/* + pam_get_authtok.c - replacement function for pam_get_authtok() + + Copyright (C) 2009, 2010, 2012 Arthur de Jong + Copyright (C) 2010 Symas Corporation + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include +#include + +#include "compat/attrs.h" +#include "compat/pam_compat.h" + +/* warning: this version assumes that try_first_pass is specified */ + +int pam_get_authtok(pam_handle_t *pamh, int item, const char **authtok, + const char *prompt) +{ + int rc; + char *passwd = NULL, *retype_passwd = NULL; + const void *oldauthtok; + char retype_prompt[80]; + /* first try to see if the value is already on the stack */ + *authtok = NULL; + rc = pam_get_item(pamh, item, (PAM_ITEM_CONST void **)authtok); + if ((rc == PAM_SUCCESS) && (*authtok != NULL)) + return PAM_SUCCESS; + /* check what to prompt for and provide default prompt */ + *retype_prompt = '\0'; + if (item == PAM_OLDAUTHTOK) + prompt = (prompt != NULL) ? prompt : "Old Password: "; + else + { + rc = pam_get_item(pamh, PAM_OLDAUTHTOK, (PAM_ITEM_CONST void **)&oldauthtok); + if ((rc == PAM_SUCCESS) && (oldauthtok != NULL)) + { + prompt = (prompt != NULL) ? prompt : "New Password: "; + snprintf(retype_prompt, sizeof(retype_prompt), "Retype %s", prompt); + retype_prompt[sizeof(retype_prompt) - 1] = '\0'; + } + else + prompt = (prompt != NULL) ? prompt : "Password: "; + } + /* prepare prompt and get password */ + rc = pam_prompt(pamh, PAM_PROMPT_ECHO_OFF, &passwd, "%s", prompt); + if (rc != PAM_SUCCESS) + return rc; + /* if a second prompt should be presented, do it */ + if (*retype_prompt) + { + rc = pam_prompt(pamh, PAM_PROMPT_ECHO_OFF, &retype_passwd, "%s", + retype_prompt); + /* check passwords */ + if ((rc == PAM_SUCCESS) && (strcmp(retype_passwd, passwd) != 0)) + rc = PAM_AUTHTOK_RECOVERY_ERR; + } + /* store the password if everything went ok */ + if (rc == PAM_SUCCESS) + rc = pam_set_item(pamh, item, passwd); + /* clear and free any password information */ + memset(passwd, 0, strlen(passwd)); + free(passwd); + if (retype_passwd != NULL) + { + memset(retype_passwd, 0, strlen(retype_passwd)); + free(retype_passwd); + } + if (rc != PAM_SUCCESS) + return rc; + /* return token from the stack */ + return pam_get_item(pamh, item, (PAM_ITEM_CONST void **)authtok); +} diff --git a/compat/pam_prompt.c b/compat/pam_prompt.c new file mode 100644 index 0000000..8a9a8a8 --- /dev/null +++ b/compat/pam_prompt.c @@ -0,0 +1,73 @@ +/* + pam_prompt.c - replacement function for pam_prompt() + + Copyright (C) 2010, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include + +#include "compat/attrs.h" +#include "compat/pam_compat.h" + +int pam_prompt(pam_handle_t *pamh, int style, char **response, + const char *format, ...) +{ + int rc; + struct pam_conv *aconv; + char buffer[200]; + va_list ap; + struct pam_message msg, *pmsg; + struct pam_response *resp; + /* the the conversion function */ + rc = pam_get_item(pamh, PAM_CONV, (PAM_ITEM_CONST void **)&aconv); + if (rc != PAM_SUCCESS) + return rc; + /* make the message string */ + va_start(ap, format); + vsnprintf(buffer, sizeof(buffer), format, ap); + buffer[sizeof(buffer) - 1] = '\0'; + va_end(ap); + /* build the message */ + msg.msg_style = style; + msg.msg = buffer; + pmsg = &msg; + resp = NULL; + rc = aconv->conv(1, (const struct pam_message **)&pmsg, &resp, aconv->appdata_ptr); + if (rc != PAM_SUCCESS) + return rc; + /* assign response if it is set */ + if (response != NULL) + { + if (resp == NULL) + return PAM_CONV_ERR; + if (resp[0].resp == NULL) + { + free(resp); + return PAM_CONV_ERR; + } + *response = resp[0].resp; + } + else + free(resp[0].resp); + free(resp); + return PAM_SUCCESS; +} diff --git a/compat/shell.h b/compat/shell.h new file mode 100644 index 0000000..09c480e --- /dev/null +++ b/compat/shell.h @@ -0,0 +1,49 @@ +/* + shell.h - ethernet definitions for systems lacking those + + Copyright (C) 2013 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef COMPAT__SHELL_H +#define COMPAT__SHELL_H 1 + +#ifdef HAVE_GETUSERSHELL +#if !HAVE_DECL_GETUSERSHELL +/* we define getusershell() here because on some platforms the function is + undefined */ +extern char *getusershell(void); +#endif /* not HAVE_DECL_GETUSERSHELL */ +#endif /* HAVE_GETUSERSHELL */ + +#ifdef HAVE_SETUSERSHELL +#if !HAVE_DECL_SETUSERSHELL +/* we define setusershell() here because on some platforms the function is + undefined */ +extern char *setusershell(void); +#endif /* not HAVE_DECL_SETUSERSHELL */ +#endif /* HAVE_SETUSERSHELL */ + +#ifdef HAVE_ENDUSERSHELL +#if !HAVE_DECL_ENDUSERSHELL +/* we define getusershell() here because on some platforms the function is + undefined */ +extern char *endusershell(void); +#endif /* not HAVE_DECL_ENDUSERSHELL */ +#endif /* HAVE_ENDUSERSHELL */ + +#endif /* not COMPAT__SHELL_H */ diff --git a/compat/socket.h b/compat/socket.h new file mode 100644 index 0000000..7f69950 --- /dev/null +++ b/compat/socket.h @@ -0,0 +1,34 @@ +/* + socket.h - compatibility hacks for socket functions + + Copyright (C) 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef COMPAT__SOCKET_H +#define COMPAT__SOCKET_H 1 + +#include +#include +#include + +/* provide a definition for SUN_LEN for systems without it */ +#ifndef SUN_LEN +#define SUN_LEN(addr) (sizeof((addr)->sun_family) + strlen((addr)->sun_path) + 1) +#endif /* not SUN_LEN */ + +#endif /* not COMPAT__SOCKET_H */ diff --git a/compat/strndup.c b/compat/strndup.c new file mode 100644 index 0000000..bd7c5d6 --- /dev/null +++ b/compat/strndup.c @@ -0,0 +1,41 @@ +/* + strndup.c - implementation of strndup() for systems that lack it + + Copyright (C) 2011, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include + +#include "strndup.h" + +/* this is a strndup() replacement for systems that don't have it + (strndup() is in POSIX 2008 now) */ +char *strndup(const char *s, size_t size) +{ + char *result; + result = (char *)malloc(size + 1); + if (result != NULL) + { + strncpy(result, s, size); + result[size] = '\0'; + } + return result; +} diff --git a/compat/strndup.h b/compat/strndup.h new file mode 100644 index 0000000..461ec86 --- /dev/null +++ b/compat/strndup.h @@ -0,0 +1,33 @@ +/* + strndup.h - definition of strndup() for systems that lack it + + Copyright (C) 2011, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef COMPAT__STRNDUP_H +#define COMPAT__STRNDUP_H 1 + +#ifndef HAVE_STRNDUP + +/* this is a strndup() replacement for systems that don't have it + (strndup() is in POSIX 2008 now) */ +char *strndup(const char *s, size_t size); + +#endif /* not HAVE_STRNDUP */ + +#endif /* COMPAT__STRNDUP_H */ diff --git a/compile b/compile new file mode 100755 index 0000000..a85b723 --- /dev/null +++ b/compile @@ -0,0 +1,347 @@ +#! /bin/sh +# Wrapper for compilers which do not understand '-c -o'. + +scriptversion=2012-10-14.11; # UTC + +# Copyright (C) 1999-2014 Free Software Foundation, Inc. +# Written by Tom Tromey . +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# This file is maintained in Automake, please report +# bugs to or send patches to +# . + +nl=' +' + +# We need space, tab and new line, in precisely that order. Quoting is +# there to prevent tools from complaining about whitespace usage. +IFS=" "" $nl" + +file_conv= + +# func_file_conv build_file lazy +# Convert a $build file to $host form and store it in $file +# Currently only supports Windows hosts. If the determined conversion +# type is listed in (the comma separated) LAZY, no conversion will +# take place. +func_file_conv () +{ + file=$1 + case $file in + / | /[!/]*) # absolute file, and not a UNC file + if test -z "$file_conv"; then + # lazily determine how to convert abs files + case `uname -s` in + MINGW*) + file_conv=mingw + ;; + CYGWIN*) + file_conv=cygwin + ;; + *) + file_conv=wine + ;; + esac + fi + case $file_conv/,$2, in + *,$file_conv,*) + ;; + mingw/*) + file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'` + ;; + cygwin/*) + file=`cygpath -m "$file" || echo "$file"` + ;; + wine/*) + file=`winepath -w "$file" || echo "$file"` + ;; + esac + ;; + esac +} + +# func_cl_dashL linkdir +# Make cl look for libraries in LINKDIR +func_cl_dashL () +{ + func_file_conv "$1" + if test -z "$lib_path"; then + lib_path=$file + else + lib_path="$lib_path;$file" + fi + linker_opts="$linker_opts -LIBPATH:$file" +} + +# func_cl_dashl library +# Do a library search-path lookup for cl +func_cl_dashl () +{ + lib=$1 + found=no + save_IFS=$IFS + IFS=';' + for dir in $lib_path $LIB + do + IFS=$save_IFS + if $shared && test -f "$dir/$lib.dll.lib"; then + found=yes + lib=$dir/$lib.dll.lib + break + fi + if test -f "$dir/$lib.lib"; then + found=yes + lib=$dir/$lib.lib + break + fi + if test -f "$dir/lib$lib.a"; then + found=yes + lib=$dir/lib$lib.a + break + fi + done + IFS=$save_IFS + + if test "$found" != yes; then + lib=$lib.lib + fi +} + +# func_cl_wrapper cl arg... +# Adjust compile command to suit cl +func_cl_wrapper () +{ + # Assume a capable shell + lib_path= + shared=: + linker_opts= + for arg + do + if test -n "$eat"; then + eat= + else + case $1 in + -o) + # configure might choose to run compile as 'compile cc -o foo foo.c'. + eat=1 + case $2 in + *.o | *.[oO][bB][jJ]) + func_file_conv "$2" + set x "$@" -Fo"$file" + shift + ;; + *) + func_file_conv "$2" + set x "$@" -Fe"$file" + shift + ;; + esac + ;; + -I) + eat=1 + func_file_conv "$2" mingw + set x "$@" -I"$file" + shift + ;; + -I*) + func_file_conv "${1#-I}" mingw + set x "$@" -I"$file" + shift + ;; + -l) + eat=1 + func_cl_dashl "$2" + set x "$@" "$lib" + shift + ;; + -l*) + func_cl_dashl "${1#-l}" + set x "$@" "$lib" + shift + ;; + -L) + eat=1 + func_cl_dashL "$2" + ;; + -L*) + func_cl_dashL "${1#-L}" + ;; + -static) + shared=false + ;; + -Wl,*) + arg=${1#-Wl,} + save_ifs="$IFS"; IFS=',' + for flag in $arg; do + IFS="$save_ifs" + linker_opts="$linker_opts $flag" + done + IFS="$save_ifs" + ;; + -Xlinker) + eat=1 + linker_opts="$linker_opts $2" + ;; + -*) + set x "$@" "$1" + shift + ;; + *.cc | *.CC | *.cxx | *.CXX | *.[cC]++) + func_file_conv "$1" + set x "$@" -Tp"$file" + shift + ;; + *.c | *.cpp | *.CPP | *.lib | *.LIB | *.Lib | *.OBJ | *.obj | *.[oO]) + func_file_conv "$1" mingw + set x "$@" "$file" + shift + ;; + *) + set x "$@" "$1" + shift + ;; + esac + fi + shift + done + if test -n "$linker_opts"; then + linker_opts="-link$linker_opts" + fi + exec "$@" $linker_opts + exit 1 +} + +eat= + +case $1 in + '') + echo "$0: No command. Try '$0 --help' for more information." 1>&2 + exit 1; + ;; + -h | --h*) + cat <<\EOF +Usage: compile [--help] [--version] PROGRAM [ARGS] + +Wrapper for compilers which do not understand '-c -o'. +Remove '-o dest.o' from ARGS, run PROGRAM with the remaining +arguments, and rename the output as expected. + +If you are trying to build a whole package this is not the +right script to run: please start by reading the file 'INSTALL'. + +Report bugs to . +EOF + exit $? + ;; + -v | --v*) + echo "compile $scriptversion" + exit $? + ;; + cl | *[/\\]cl | cl.exe | *[/\\]cl.exe ) + func_cl_wrapper "$@" # Doesn't return... + ;; +esac + +ofile= +cfile= + +for arg +do + if test -n "$eat"; then + eat= + else + case $1 in + -o) + # configure might choose to run compile as 'compile cc -o foo foo.c'. + # So we strip '-o arg' only if arg is an object. + eat=1 + case $2 in + *.o | *.obj) + ofile=$2 + ;; + *) + set x "$@" -o "$2" + shift + ;; + esac + ;; + *.c) + cfile=$1 + set x "$@" "$1" + shift + ;; + *) + set x "$@" "$1" + shift + ;; + esac + fi + shift +done + +if test -z "$ofile" || test -z "$cfile"; then + # If no '-o' option was seen then we might have been invoked from a + # pattern rule where we don't need one. That is ok -- this is a + # normal compilation that the losing compiler can handle. If no + # '.c' file was seen then we are probably linking. That is also + # ok. + exec "$@" +fi + +# Name of file we expect compiler to create. +cofile=`echo "$cfile" | sed 's|^.*[\\/]||; s|^[a-zA-Z]:||; s/\.c$/.o/'` + +# Create the lock directory. +# Note: use '[/\\:.-]' here to ensure that we don't use the same name +# that we are using for the .o file. Also, base the name on the expected +# object file name, since that is what matters with a parallel build. +lockdir=`echo "$cofile" | sed -e 's|[/\\:.-]|_|g'`.d +while true; do + if mkdir "$lockdir" >/dev/null 2>&1; then + break + fi + sleep 1 +done +# FIXME: race condition here if user kills between mkdir and trap. +trap "rmdir '$lockdir'; exit 1" 1 2 15 + +# Run the compile. +"$@" +ret=$? + +if test -f "$cofile"; then + test "$cofile" = "$ofile" || mv "$cofile" "$ofile" +elif test -f "${cofile}bj"; then + test "${cofile}bj" = "$ofile" || mv "${cofile}bj" "$ofile" +fi + +rmdir "$lockdir" +exit $ret + +# Local Variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: diff --git a/config.guess b/config.guess new file mode 100755 index 0000000..31e01ef --- /dev/null +++ b/config.guess @@ -0,0 +1,1463 @@ +#! /bin/sh +# Attempt to guess a canonical system name. +# Copyright 1992-2017 Free Software Foundation, Inc. + +timestamp='2017-11-07' + +# This file is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, see . +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that +# program. This Exception is an additional permission under section 7 +# of the GNU General Public License, version 3 ("GPLv3"). +# +# Originally written by Per Bothner; maintained since 2000 by Ben Elliston. +# +# You can get the latest version of this script from: +# https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess +# +# Please send patches to . + + +me=`echo "$0" | sed -e 's,.*/,,'` + +usage="\ +Usage: $0 [OPTION] + +Output the configuration name of the system \`$me' is run on. + +Options: + -h, --help print this help, then exit + -t, --time-stamp print date of last modification, then exit + -v, --version print version number, then exit + +Report bugs and patches to ." + +version="\ +GNU config.guess ($timestamp) + +Originally written by Per Bothner. +Copyright 1992-2017 Free Software Foundation, Inc. + +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." + +help=" +Try \`$me --help' for more information." + +# Parse command line +while test $# -gt 0 ; do + case $1 in + --time-stamp | --time* | -t ) + echo "$timestamp" ; exit ;; + --version | -v ) + echo "$version" ; exit ;; + --help | --h* | -h ) + echo "$usage"; exit ;; + -- ) # Stop option processing + shift; break ;; + - ) # Use stdin as input. + break ;; + -* ) + echo "$me: invalid option $1$help" >&2 + exit 1 ;; + * ) + break ;; + esac +done + +if test $# != 0; then + echo "$me: too many arguments$help" >&2 + exit 1 +fi + +trap 'exit 1' 1 2 15 + +# CC_FOR_BUILD -- compiler used by this script. Note that the use of a +# compiler to aid in system detection is discouraged as it requires +# temporary files to be created and, as you can see below, it is a +# headache to deal with in a portable fashion. + +# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still +# use `HOST_CC' if defined, but it is deprecated. + +# Portable tmp directory creation inspired by the Autoconf team. + +set_cc_for_build=' +trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; +trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; +: ${TMPDIR=/tmp} ; + { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || + { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || + { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || + { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; +dummy=$tmp/dummy ; +tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; +case $CC_FOR_BUILD,$HOST_CC,$CC in + ,,) echo "int x;" > $dummy.c ; + for c in cc gcc c89 c99 ; do + if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then + CC_FOR_BUILD="$c"; break ; + fi ; + done ; + if test x"$CC_FOR_BUILD" = x ; then + CC_FOR_BUILD=no_compiler_found ; + fi + ;; + ,,*) CC_FOR_BUILD=$CC ;; + ,*,*) CC_FOR_BUILD=$HOST_CC ;; +esac ; set_cc_for_build= ;' + +# This is needed to find uname on a Pyramid OSx when run in the BSD universe. +# (ghazi@noc.rutgers.edu 1994-08-24) +if (test -f /.attbin/uname) >/dev/null 2>&1 ; then + PATH=$PATH:/.attbin ; export PATH +fi + +UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown +UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown +UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown +UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown + +case "${UNAME_SYSTEM}" in +Linux|GNU|GNU/*) + # If the system lacks a compiler, then just pick glibc. + # We could probably try harder. + LIBC=gnu + + eval $set_cc_for_build + cat <<-EOF > $dummy.c + #include + #if defined(__UCLIBC__) + LIBC=uclibc + #elif defined(__dietlibc__) + LIBC=dietlibc + #else + LIBC=gnu + #endif + EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC' | sed 's, ,,g'` + ;; +esac + +# Note: order is significant - the case branches are not exclusive. + +case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in + *:NetBSD:*:*) + # NetBSD (nbsd) targets should (where applicable) match one or + # more of the tuples: *-*-netbsdelf*, *-*-netbsdaout*, + # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently + # switched to ELF, *-*-netbsd* would select the old + # object file format. This provides both forward + # compatibility and a consistent mechanism for selecting the + # object file format. + # + # Note: NetBSD doesn't particularly care about the vendor + # portion of the name. We always set it to "unknown". + sysctl="sysctl -n hw.machine_arch" + UNAME_MACHINE_ARCH=`(uname -p 2>/dev/null || \ + /sbin/$sysctl 2>/dev/null || \ + /usr/sbin/$sysctl 2>/dev/null || \ + echo unknown)` + case "${UNAME_MACHINE_ARCH}" in + armeb) machine=armeb-unknown ;; + arm*) machine=arm-unknown ;; + sh3el) machine=shl-unknown ;; + sh3eb) machine=sh-unknown ;; + sh5el) machine=sh5le-unknown ;; + earmv*) + arch=`echo ${UNAME_MACHINE_ARCH} | sed -e 's,^e\(armv[0-9]\).*$,\1,'` + endian=`echo ${UNAME_MACHINE_ARCH} | sed -ne 's,^.*\(eb\)$,\1,p'` + machine=${arch}${endian}-unknown + ;; + *) machine=${UNAME_MACHINE_ARCH}-unknown ;; + esac + # The Operating System including object format, if it has switched + # to ELF recently (or will in the future) and ABI. + case "${UNAME_MACHINE_ARCH}" in + earm*) + os=netbsdelf + ;; + arm*|i386|m68k|ns32k|sh3*|sparc|vax) + eval $set_cc_for_build + if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep -q __ELF__ + then + # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). + # Return netbsd for either. FIX? + os=netbsd + else + os=netbsdelf + fi + ;; + *) + os=netbsd + ;; + esac + # Determine ABI tags. + case "${UNAME_MACHINE_ARCH}" in + earm*) + expr='s/^earmv[0-9]/-eabi/;s/eb$//' + abi=`echo ${UNAME_MACHINE_ARCH} | sed -e "$expr"` + ;; + esac + # The OS release + # Debian GNU/NetBSD machines have a different userland, and + # thus, need a distinct triplet. However, they do not need + # kernel version information, so it can be replaced with a + # suitable tag, in the style of linux-gnu. + case "${UNAME_VERSION}" in + Debian*) + release='-gnu' + ;; + *) + release=`echo ${UNAME_RELEASE} | sed -e 's/[-_].*//' | cut -d. -f1,2` + ;; + esac + # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: + # contains redundant information, the shorter form: + # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. + echo "${machine}-${os}${release}${abi}" + exit ;; + *:Bitrig:*:*) + UNAME_MACHINE_ARCH=`arch | sed 's/Bitrig.//'` + echo ${UNAME_MACHINE_ARCH}-unknown-bitrig${UNAME_RELEASE} + exit ;; + *:OpenBSD:*:*) + UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` + echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} + exit ;; + *:LibertyBSD:*:*) + UNAME_MACHINE_ARCH=`arch | sed 's/^.*BSD\.//'` + echo ${UNAME_MACHINE_ARCH}-unknown-libertybsd${UNAME_RELEASE} + exit ;; + *:MidnightBSD:*:*) + echo ${UNAME_MACHINE}-unknown-midnightbsd${UNAME_RELEASE} + exit ;; + *:ekkoBSD:*:*) + echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} + exit ;; + *:SolidBSD:*:*) + echo ${UNAME_MACHINE}-unknown-solidbsd${UNAME_RELEASE} + exit ;; + macppc:MirBSD:*:*) + echo powerpc-unknown-mirbsd${UNAME_RELEASE} + exit ;; + *:MirBSD:*:*) + echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE} + exit ;; + *:Sortix:*:*) + echo ${UNAME_MACHINE}-unknown-sortix + exit ;; + *:Redox:*:*) + echo ${UNAME_MACHINE}-unknown-redox + exit ;; + alpha:OSF1:*:*) + case $UNAME_RELEASE in + *4.0) + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` + ;; + *5.*) + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` + ;; + esac + # According to Compaq, /usr/sbin/psrinfo has been available on + # OSF/1 and Tru64 systems produced since 1995. I hope that + # covers most systems running today. This code pipes the CPU + # types through head -n 1, so we only detect the type of CPU 0. + ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` + case "$ALPHA_CPU_TYPE" in + "EV4 (21064)") + UNAME_MACHINE=alpha ;; + "EV4.5 (21064)") + UNAME_MACHINE=alpha ;; + "LCA4 (21066/21068)") + UNAME_MACHINE=alpha ;; + "EV5 (21164)") + UNAME_MACHINE=alphaev5 ;; + "EV5.6 (21164A)") + UNAME_MACHINE=alphaev56 ;; + "EV5.6 (21164PC)") + UNAME_MACHINE=alphapca56 ;; + "EV5.7 (21164PC)") + UNAME_MACHINE=alphapca57 ;; + "EV6 (21264)") + UNAME_MACHINE=alphaev6 ;; + "EV6.7 (21264A)") + UNAME_MACHINE=alphaev67 ;; + "EV6.8CB (21264C)") + UNAME_MACHINE=alphaev68 ;; + "EV6.8AL (21264B)") + UNAME_MACHINE=alphaev68 ;; + "EV6.8CX (21264D)") + UNAME_MACHINE=alphaev68 ;; + "EV6.9A (21264/EV69A)") + UNAME_MACHINE=alphaev69 ;; + "EV7 (21364)") + UNAME_MACHINE=alphaev7 ;; + "EV7.9 (21364A)") + UNAME_MACHINE=alphaev79 ;; + esac + # A Pn.n version is a patched version. + # A Vn.n version is a released version. + # A Tn.n version is a released field test version. + # A Xn.n version is an unreleased experimental baselevel. + # 1.2 uses "1.2" for uname -r. + echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz` + # Reset EXIT trap before exiting to avoid spurious non-zero exit code. + exitcode=$? + trap '' 0 + exit $exitcode ;; + Amiga*:UNIX_System_V:4.0:*) + echo m68k-unknown-sysv4 + exit ;; + *:[Aa]miga[Oo][Ss]:*:*) + echo ${UNAME_MACHINE}-unknown-amigaos + exit ;; + *:[Mm]orph[Oo][Ss]:*:*) + echo ${UNAME_MACHINE}-unknown-morphos + exit ;; + *:OS/390:*:*) + echo i370-ibm-openedition + exit ;; + *:z/VM:*:*) + echo s390-ibm-zvmoe + exit ;; + *:OS400:*:*) + echo powerpc-ibm-os400 + exit ;; + arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) + echo arm-acorn-riscix${UNAME_RELEASE} + exit ;; + arm*:riscos:*:*|arm*:RISCOS:*:*) + echo arm-unknown-riscos + exit ;; + SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) + echo hppa1.1-hitachi-hiuxmpp + exit ;; + Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) + # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. + if test "`(/bin/universe) 2>/dev/null`" = att ; then + echo pyramid-pyramid-sysv3 + else + echo pyramid-pyramid-bsd + fi + exit ;; + NILE*:*:*:dcosx) + echo pyramid-pyramid-svr4 + exit ;; + DRS?6000:unix:4.0:6*) + echo sparc-icl-nx6 + exit ;; + DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) + case `/usr/bin/uname -p` in + sparc) echo sparc-icl-nx7; exit ;; + esac ;; + s390x:SunOS:*:*) + echo ${UNAME_MACHINE}-ibm-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4H:SunOS:5.*:*) + echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) + echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*) + echo i386-pc-auroraux${UNAME_RELEASE} + exit ;; + i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*) + eval $set_cc_for_build + SUN_ARCH=i386 + # If there is a compiler, see if it is configured for 64-bit objects. + # Note that the Sun cc does not turn __LP64__ into 1 like gcc does. + # This test works for both compilers. + if [ "$CC_FOR_BUILD" != no_compiler_found ]; then + if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + SUN_ARCH=x86_64 + fi + fi + echo ${SUN_ARCH}-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:6*:*) + # According to config.sub, this is the proper way to canonicalize + # SunOS6. Hard to guess exactly what SunOS6 will be like, but + # it's likely to be more like Solaris than SunOS4. + echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:*:*) + case "`/usr/bin/arch -k`" in + Series*|S4*) + UNAME_RELEASE=`uname -v` + ;; + esac + # Japanese Language versions have a version number like `4.1.3-JL'. + echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` + exit ;; + sun3*:SunOS:*:*) + echo m68k-sun-sunos${UNAME_RELEASE} + exit ;; + sun*:*:4.2BSD:*) + UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` + test "x${UNAME_RELEASE}" = x && UNAME_RELEASE=3 + case "`/bin/arch`" in + sun3) + echo m68k-sun-sunos${UNAME_RELEASE} + ;; + sun4) + echo sparc-sun-sunos${UNAME_RELEASE} + ;; + esac + exit ;; + aushp:SunOS:*:*) + echo sparc-auspex-sunos${UNAME_RELEASE} + exit ;; + # The situation for MiNT is a little confusing. The machine name + # can be virtually everything (everything which is not + # "atarist" or "atariste" at least should have a processor + # > m68000). The system name ranges from "MiNT" over "FreeMiNT" + # to the lowercase version "mint" (or "freemint"). Finally + # the system name "TOS" denotes a system which is actually not + # MiNT. But MiNT is downward compatible to TOS, so this should + # be no problem. + atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) + echo m68k-milan-mint${UNAME_RELEASE} + exit ;; + hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) + echo m68k-hades-mint${UNAME_RELEASE} + exit ;; + *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) + echo m68k-unknown-mint${UNAME_RELEASE} + exit ;; + m68k:machten:*:*) + echo m68k-apple-machten${UNAME_RELEASE} + exit ;; + powerpc:machten:*:*) + echo powerpc-apple-machten${UNAME_RELEASE} + exit ;; + RISC*:Mach:*:*) + echo mips-dec-mach_bsd4.3 + exit ;; + RISC*:ULTRIX:*:*) + echo mips-dec-ultrix${UNAME_RELEASE} + exit ;; + VAX*:ULTRIX*:*:*) + echo vax-dec-ultrix${UNAME_RELEASE} + exit ;; + 2020:CLIX:*:* | 2430:CLIX:*:*) + echo clipper-intergraph-clix${UNAME_RELEASE} + exit ;; + mips:*:*:UMIPS | mips:*:*:RISCos) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c +#ifdef __cplusplus +#include /* for printf() prototype */ + int main (int argc, char *argv[]) { +#else + int main (argc, argv) int argc; char *argv[]; { +#endif + #if defined (host_mips) && defined (MIPSEB) + #if defined (SYSTYPE_SYSV) + printf ("mips-mips-riscos%ssysv\\n", argv[1]); exit (0); + #endif + #if defined (SYSTYPE_SVR4) + printf ("mips-mips-riscos%ssvr4\\n", argv[1]); exit (0); + #endif + #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD) + printf ("mips-mips-riscos%sbsd\\n", argv[1]); exit (0); + #endif + #endif + exit (-1); + } +EOF + $CC_FOR_BUILD -o $dummy $dummy.c && + dummyarg=`echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` && + SYSTEM_NAME=`$dummy $dummyarg` && + { echo "$SYSTEM_NAME"; exit; } + echo mips-mips-riscos${UNAME_RELEASE} + exit ;; + Motorola:PowerMAX_OS:*:*) + echo powerpc-motorola-powermax + exit ;; + Motorola:*:4.3:PL8-*) + echo powerpc-harris-powermax + exit ;; + Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) + echo powerpc-harris-powermax + exit ;; + Night_Hawk:Power_UNIX:*:*) + echo powerpc-harris-powerunix + exit ;; + m88k:CX/UX:7*:*) + echo m88k-harris-cxux7 + exit ;; + m88k:*:4*:R4*) + echo m88k-motorola-sysv4 + exit ;; + m88k:*:3*:R3*) + echo m88k-motorola-sysv3 + exit ;; + AViiON:dgux:*:*) + # DG/UX returns AViiON for all architectures + UNAME_PROCESSOR=`/usr/bin/uname -p` + if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] + then + if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ + [ ${TARGET_BINARY_INTERFACE}x = x ] + then + echo m88k-dg-dgux${UNAME_RELEASE} + else + echo m88k-dg-dguxbcs${UNAME_RELEASE} + fi + else + echo i586-dg-dgux${UNAME_RELEASE} + fi + exit ;; + M88*:DolphinOS:*:*) # DolphinOS (SVR3) + echo m88k-dolphin-sysv3 + exit ;; + M88*:*:R3*:*) + # Delta 88k system running SVR3 + echo m88k-motorola-sysv3 + exit ;; + XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) + echo m88k-tektronix-sysv3 + exit ;; + Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) + echo m68k-tektronix-bsd + exit ;; + *:IRIX*:*:*) + echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` + exit ;; + ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. + echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id + exit ;; # Note that: echo "'`uname -s`'" gives 'AIX ' + i*86:AIX:*:*) + echo i386-ibm-aix + exit ;; + ia64:AIX:*:*) + if [ -x /usr/bin/oslevel ] ; then + IBM_REV=`/usr/bin/oslevel` + else + IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} + fi + echo ${UNAME_MACHINE}-ibm-aix${IBM_REV} + exit ;; + *:AIX:2:3) + if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #include + + main() + { + if (!__power_pc()) + exit(1); + puts("powerpc-ibm-aix3.2.5"); + exit(0); + } +EOF + if $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` + then + echo "$SYSTEM_NAME" + else + echo rs6000-ibm-aix3.2.5 + fi + elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then + echo rs6000-ibm-aix3.2.4 + else + echo rs6000-ibm-aix3.2 + fi + exit ;; + *:AIX:*:[4567]) + IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` + if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then + IBM_ARCH=rs6000 + else + IBM_ARCH=powerpc + fi + if [ -x /usr/bin/lslpp ] ; then + IBM_REV=`/usr/bin/lslpp -Lqc bos.rte.libc | + awk -F: '{ print $3 }' | sed s/[0-9]*$/0/` + else + IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} + fi + echo ${IBM_ARCH}-ibm-aix${IBM_REV} + exit ;; + *:AIX:*:*) + echo rs6000-ibm-aix + exit ;; + ibmrt:4.4BSD:*|romp-ibm:4.4BSD:*) + echo romp-ibm-bsd4.4 + exit ;; + ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and + echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to + exit ;; # report: romp-ibm BSD 4.3 + *:BOSX:*:*) + echo rs6000-bull-bosx + exit ;; + DPX/2?00:B.O.S.:*:*) + echo m68k-bull-sysv3 + exit ;; + 9000/[34]??:4.3bsd:1.*:*) + echo m68k-hp-bsd + exit ;; + hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) + echo m68k-hp-bsd4.4 + exit ;; + 9000/[34678]??:HP-UX:*:*) + HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` + case "${UNAME_MACHINE}" in + 9000/31?) HP_ARCH=m68000 ;; + 9000/[34]??) HP_ARCH=m68k ;; + 9000/[678][0-9][0-9]) + if [ -x /usr/bin/getconf ]; then + sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` + sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` + case "${sc_cpu_version}" in + 523) HP_ARCH=hppa1.0 ;; # CPU_PA_RISC1_0 + 528) HP_ARCH=hppa1.1 ;; # CPU_PA_RISC1_1 + 532) # CPU_PA_RISC2_0 + case "${sc_kernel_bits}" in + 32) HP_ARCH=hppa2.0n ;; + 64) HP_ARCH=hppa2.0w ;; + '') HP_ARCH=hppa2.0 ;; # HP-UX 10.20 + esac ;; + esac + fi + if [ "${HP_ARCH}" = "" ]; then + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + + #define _HPUX_SOURCE + #include + #include + + int main () + { + #if defined(_SC_KERNEL_BITS) + long bits = sysconf(_SC_KERNEL_BITS); + #endif + long cpu = sysconf (_SC_CPU_VERSION); + + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1"); break; + case CPU_PA_RISC2_0: + #if defined(_SC_KERNEL_BITS) + switch (bits) + { + case 64: puts ("hppa2.0w"); break; + case 32: puts ("hppa2.0n"); break; + default: puts ("hppa2.0"); break; + } break; + #else /* !defined(_SC_KERNEL_BITS) */ + puts ("hppa2.0"); break; + #endif + default: puts ("hppa1.0"); break; + } + exit (0); + } +EOF + (CCOPTS="" $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` + test -z "$HP_ARCH" && HP_ARCH=hppa + fi ;; + esac + if [ ${HP_ARCH} = hppa2.0w ] + then + eval $set_cc_for_build + + # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating + # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler + # generating 64-bit code. GNU and HP use different nomenclature: + # + # $ CC_FOR_BUILD=cc ./config.guess + # => hppa2.0w-hp-hpux11.23 + # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess + # => hppa64-hp-hpux11.23 + + if echo __LP64__ | (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | + grep -q __LP64__ + then + HP_ARCH=hppa2.0w + else + HP_ARCH=hppa64 + fi + fi + echo ${HP_ARCH}-hp-hpux${HPUX_REV} + exit ;; + ia64:HP-UX:*:*) + HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` + echo ia64-hp-hpux${HPUX_REV} + exit ;; + 3050*:HI-UX:*:*) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #include + int + main () + { + long cpu = sysconf (_SC_CPU_VERSION); + /* The order matters, because CPU_IS_HP_MC68K erroneously returns + true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct + results, however. */ + if (CPU_IS_PA_RISC (cpu)) + { + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break; + case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break; + default: puts ("hppa-hitachi-hiuxwe2"); break; + } + } + else if (CPU_IS_HP_MC68K (cpu)) + puts ("m68k-hitachi-hiuxwe2"); + else puts ("unknown-hitachi-hiuxwe2"); + exit (0); + } +EOF + $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` && + { echo "$SYSTEM_NAME"; exit; } + echo unknown-hitachi-hiuxwe2 + exit ;; + 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:*) + echo hppa1.1-hp-bsd + exit ;; + 9000/8??:4.3bsd:*:*) + echo hppa1.0-hp-bsd + exit ;; + *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) + echo hppa1.0-hp-mpeix + exit ;; + hp7??:OSF1:*:* | hp8?[79]:OSF1:*:*) + echo hppa1.1-hp-osf + exit ;; + hp8??:OSF1:*:*) + echo hppa1.0-hp-osf + exit ;; + i*86:OSF1:*:*) + if [ -x /usr/sbin/sysversion ] ; then + echo ${UNAME_MACHINE}-unknown-osf1mk + else + echo ${UNAME_MACHINE}-unknown-osf1 + fi + exit ;; + parisc*:Lites*:*:*) + echo hppa1.1-hp-lites + exit ;; + C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) + echo c1-convex-bsd + exit ;; + C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) + if getsysinfo -f scalar_acc + then echo c32-convex-bsd + else echo c2-convex-bsd + fi + exit ;; + C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) + echo c34-convex-bsd + exit ;; + C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) + echo c38-convex-bsd + exit ;; + C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) + echo c4-convex-bsd + exit ;; + CRAY*Y-MP:*:*:*) + echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*[A-Z]90:*:*:*) + echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ + | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ + -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \ + -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*TS:*:*:*) + echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*T3E:*:*:*) + echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*SV1:*:*:*) + echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + *:UNICOS/mp:*:*) + echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) + FUJITSU_PROC=`uname -m | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz` + FUJITSU_SYS=`uname -p | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` + echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + exit ;; + 5000:UNIX_System_V:4.*:*) + FUJITSU_SYS=`uname -p | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz | sed -e 's/ /_/'` + echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + exit ;; + i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) + echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} + exit ;; + sparc*:BSD/OS:*:*) + echo sparc-unknown-bsdi${UNAME_RELEASE} + exit ;; + *:BSD/OS:*:*) + echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} + exit ;; + *:FreeBSD:*:*) + UNAME_PROCESSOR=`/usr/bin/uname -p` + case ${UNAME_PROCESSOR} in + amd64) + UNAME_PROCESSOR=x86_64 ;; + i386) + UNAME_PROCESSOR=i586 ;; + esac + echo ${UNAME_PROCESSOR}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` + exit ;; + i*:CYGWIN*:*) + echo ${UNAME_MACHINE}-pc-cygwin + exit ;; + *:MINGW64*:*) + echo ${UNAME_MACHINE}-pc-mingw64 + exit ;; + *:MINGW*:*) + echo ${UNAME_MACHINE}-pc-mingw32 + exit ;; + *:MSYS*:*) + echo ${UNAME_MACHINE}-pc-msys + exit ;; + i*:PW*:*) + echo ${UNAME_MACHINE}-pc-pw32 + exit ;; + *:Interix*:*) + case ${UNAME_MACHINE} in + x86) + echo i586-pc-interix${UNAME_RELEASE} + exit ;; + authenticamd | genuineintel | EM64T) + echo x86_64-unknown-interix${UNAME_RELEASE} + exit ;; + IA64) + echo ia64-unknown-interix${UNAME_RELEASE} + exit ;; + esac ;; + i*:UWIN*:*) + echo ${UNAME_MACHINE}-pc-uwin + exit ;; + amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*) + echo x86_64-unknown-cygwin + exit ;; + prep*:SunOS:5.*:*) + echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + *:GNU:*:*) + # the GNU system + echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-${LIBC}`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` + exit ;; + *:GNU/*:*:*) + # other systems with GNU libc and userland + echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr "[:upper:]" "[:lower:]"``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-${LIBC} + exit ;; + i*86:Minix:*:*) + echo ${UNAME_MACHINE}-pc-minix + exit ;; + aarch64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + aarch64_be:Linux:*:*) + UNAME_MACHINE=aarch64_be + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + alpha:Linux:*:*) + case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in + EV5) UNAME_MACHINE=alphaev5 ;; + EV56) UNAME_MACHINE=alphaev56 ;; + PCA56) UNAME_MACHINE=alphapca56 ;; + PCA57) UNAME_MACHINE=alphapca56 ;; + EV6) UNAME_MACHINE=alphaev6 ;; + EV67) UNAME_MACHINE=alphaev67 ;; + EV68*) UNAME_MACHINE=alphaev68 ;; + esac + objdump --private-headers /bin/sh | grep -q ld.so.1 + if test "$?" = 0 ; then LIBC=gnulibc1 ; fi + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + arc:Linux:*:* | arceb:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + arm*:Linux:*:*) + eval $set_cc_for_build + if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep -q __ARM_EABI__ + then + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + else + if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep -q __ARM_PCS_VFP + then + echo ${UNAME_MACHINE}-unknown-linux-${LIBC}eabi + else + echo ${UNAME_MACHINE}-unknown-linux-${LIBC}eabihf + fi + fi + exit ;; + avr32*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + cris:Linux:*:*) + echo ${UNAME_MACHINE}-axis-linux-${LIBC} + exit ;; + crisv32:Linux:*:*) + echo ${UNAME_MACHINE}-axis-linux-${LIBC} + exit ;; + e2k:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + frv:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + hexagon:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + i*86:Linux:*:*) + echo ${UNAME_MACHINE}-pc-linux-${LIBC} + exit ;; + ia64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + k1om:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + m32r*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + m68*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + mips:Linux:*:* | mips64:Linux:*:*) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #undef CPU + #undef ${UNAME_MACHINE} + #undef ${UNAME_MACHINE}el + #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) + CPU=${UNAME_MACHINE}el + #else + #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) + CPU=${UNAME_MACHINE} + #else + CPU= + #endif + #endif +EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'` + test x"${CPU}" != x && { echo "${CPU}-unknown-linux-${LIBC}"; exit; } + ;; + mips64el:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + openrisc*:Linux:*:*) + echo or1k-unknown-linux-${LIBC} + exit ;; + or32:Linux:*:* | or1k*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + padre:Linux:*:*) + echo sparc-unknown-linux-${LIBC} + exit ;; + parisc64:Linux:*:* | hppa64:Linux:*:*) + echo hppa64-unknown-linux-${LIBC} + exit ;; + parisc:Linux:*:* | hppa:Linux:*:*) + # Look for CPU level + case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in + PA7*) echo hppa1.1-unknown-linux-${LIBC} ;; + PA8*) echo hppa2.0-unknown-linux-${LIBC} ;; + *) echo hppa-unknown-linux-${LIBC} ;; + esac + exit ;; + ppc64:Linux:*:*) + echo powerpc64-unknown-linux-${LIBC} + exit ;; + ppc:Linux:*:*) + echo powerpc-unknown-linux-${LIBC} + exit ;; + ppc64le:Linux:*:*) + echo powerpc64le-unknown-linux-${LIBC} + exit ;; + ppcle:Linux:*:*) + echo powerpcle-unknown-linux-${LIBC} + exit ;; + riscv32:Linux:*:* | riscv64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + s390:Linux:*:* | s390x:Linux:*:*) + echo ${UNAME_MACHINE}-ibm-linux-${LIBC} + exit ;; + sh64*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + sh*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + sparc:Linux:*:* | sparc64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + tile*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + vax:Linux:*:*) + echo ${UNAME_MACHINE}-dec-linux-${LIBC} + exit ;; + x86_64:Linux:*:*) + echo ${UNAME_MACHINE}-pc-linux-${LIBC} + exit ;; + xtensa*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + i*86:DYNIX/ptx:4*:*) + # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. + # earlier versions are messed up and put the nodename in both + # sysname and nodename. + echo i386-sequent-sysv4 + exit ;; + i*86:UNIX_SV:4.2MP:2.*) + # Unixware is an offshoot of SVR4, but it has its own version + # number series starting with 2... + # I am not positive that other SVR4 systems won't match this, + # I just have to hope. -- rms. + # Use sysv4.2uw... so that sysv4* matches it. + echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} + exit ;; + i*86:OS/2:*:*) + # If we were able to find `uname', then EMX Unix compatibility + # is probably installed. + echo ${UNAME_MACHINE}-pc-os2-emx + exit ;; + i*86:XTS-300:*:STOP) + echo ${UNAME_MACHINE}-unknown-stop + exit ;; + i*86:atheos:*:*) + echo ${UNAME_MACHINE}-unknown-atheos + exit ;; + i*86:syllable:*:*) + echo ${UNAME_MACHINE}-pc-syllable + exit ;; + i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*) + echo i386-unknown-lynxos${UNAME_RELEASE} + exit ;; + i*86:*DOS:*:*) + echo ${UNAME_MACHINE}-pc-msdosdjgpp + exit ;; + i*86:*:4.*:*) + UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` + if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then + echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL} + else + echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} + fi + exit ;; + i*86:*:5:[678]*) + # UnixWare 7.x, OpenUNIX and OpenServer 6. + case `/bin/uname -X | grep "^Machine"` in + *486*) UNAME_MACHINE=i486 ;; + *Pentium) UNAME_MACHINE=i586 ;; + *Pent*|*Celeron) UNAME_MACHINE=i686 ;; + esac + echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} + exit ;; + i*86:*:3.2:*) + if test -f /usr/options/cb.name; then + UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then + UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')` + (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486 + (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \ + && UNAME_MACHINE=i586 + (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \ + && UNAME_MACHINE=i686 + (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \ + && UNAME_MACHINE=i686 + echo ${UNAME_MACHINE}-pc-sco$UNAME_REL + else + echo ${UNAME_MACHINE}-pc-sysv32 + fi + exit ;; + pc:*:*:*) + # Left here for compatibility: + # uname -m prints for DJGPP always 'pc', but it prints nothing about + # the processor, so we play safe by assuming i586. + # Note: whatever this is, it MUST be the same as what config.sub + # prints for the "djgpp" host, or else GDB configure will decide that + # this is a cross-build. + echo i586-pc-msdosdjgpp + exit ;; + Intel:Mach:3*:*) + echo i386-pc-mach3 + exit ;; + paragon:*:*:*) + echo i860-intel-osf1 + exit ;; + i860:*:4.*:*) # i860-SVR4 + if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then + echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 + else # Add other i860-SVR4 vendors below as they are discovered. + echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 + fi + exit ;; + mini*:CTIX:SYS*5:*) + # "miniframe" + echo m68010-convergent-sysv + exit ;; + mc68k:UNIX:SYSTEM5:3.51m) + echo m68k-convergent-sysv + exit ;; + M680?0:D-NIX:5.3:*) + echo m68k-diab-dnix + exit ;; + M68*:*:R3V[5678]*:*) + test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;; + 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) + OS_REL='' + test -r /etc/.relid \ + && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; + 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4; exit; } ;; + NCR*:*:4.2:* | MPRAS*:*:4.2:*) + OS_REL='.3' + test -r /etc/.relid \ + && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; + m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) + echo m68k-unknown-lynxos${UNAME_RELEASE} + exit ;; + mc68030:UNIX_System_V:4.*:*) + echo m68k-atari-sysv4 + exit ;; + TSUNAMI:LynxOS:2.*:*) + echo sparc-unknown-lynxos${UNAME_RELEASE} + exit ;; + rs6000:LynxOS:2.*:*) + echo rs6000-unknown-lynxos${UNAME_RELEASE} + exit ;; + PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*) + echo powerpc-unknown-lynxos${UNAME_RELEASE} + exit ;; + SM[BE]S:UNIX_SV:*:*) + echo mips-dde-sysv${UNAME_RELEASE} + exit ;; + RM*:ReliantUNIX-*:*:*) + echo mips-sni-sysv4 + exit ;; + RM*:SINIX-*:*:*) + echo mips-sni-sysv4 + exit ;; + *:SINIX-*:*:*) + if uname -p 2>/dev/null >/dev/null ; then + UNAME_MACHINE=`(uname -p) 2>/dev/null` + echo ${UNAME_MACHINE}-sni-sysv4 + else + echo ns32k-sni-sysv + fi + exit ;; + PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort + # says + echo i586-unisys-sysv4 + exit ;; + *:UNIX_System_V:4*:FTX*) + # From Gerald Hewes . + # How about differentiating between stratus architectures? -djm + echo hppa1.1-stratus-sysv4 + exit ;; + *:*:*:FTX*) + # From seanf@swdc.stratus.com. + echo i860-stratus-sysv4 + exit ;; + i*86:VOS:*:*) + # From Paul.Green@stratus.com. + echo ${UNAME_MACHINE}-stratus-vos + exit ;; + *:VOS:*:*) + # From Paul.Green@stratus.com. + echo hppa1.1-stratus-vos + exit ;; + mc68*:A/UX:*:*) + echo m68k-apple-aux${UNAME_RELEASE} + exit ;; + news*:NEWS-OS:6*:*) + echo mips-sony-newsos6 + exit ;; + R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) + if [ -d /usr/nec ]; then + echo mips-nec-sysv${UNAME_RELEASE} + else + echo mips-unknown-sysv${UNAME_RELEASE} + fi + exit ;; + BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. + echo powerpc-be-beos + exit ;; + BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. + echo powerpc-apple-beos + exit ;; + BePC:BeOS:*:*) # BeOS running on Intel PC compatible. + echo i586-pc-beos + exit ;; + BePC:Haiku:*:*) # Haiku running on Intel PC compatible. + echo i586-pc-haiku + exit ;; + x86_64:Haiku:*:*) + echo x86_64-unknown-haiku + exit ;; + SX-4:SUPER-UX:*:*) + echo sx4-nec-superux${UNAME_RELEASE} + exit ;; + SX-5:SUPER-UX:*:*) + echo sx5-nec-superux${UNAME_RELEASE} + exit ;; + SX-6:SUPER-UX:*:*) + echo sx6-nec-superux${UNAME_RELEASE} + exit ;; + SX-7:SUPER-UX:*:*) + echo sx7-nec-superux${UNAME_RELEASE} + exit ;; + SX-8:SUPER-UX:*:*) + echo sx8-nec-superux${UNAME_RELEASE} + exit ;; + SX-8R:SUPER-UX:*:*) + echo sx8r-nec-superux${UNAME_RELEASE} + exit ;; + SX-ACE:SUPER-UX:*:*) + echo sxace-nec-superux${UNAME_RELEASE} + exit ;; + Power*:Rhapsody:*:*) + echo powerpc-apple-rhapsody${UNAME_RELEASE} + exit ;; + *:Rhapsody:*:*) + echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} + exit ;; + *:Darwin:*:*) + UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown + eval $set_cc_for_build + if test "$UNAME_PROCESSOR" = unknown ; then + UNAME_PROCESSOR=powerpc + fi + if test `echo "$UNAME_RELEASE" | sed -e 's/\..*//'` -le 10 ; then + if [ "$CC_FOR_BUILD" != no_compiler_found ]; then + if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + case $UNAME_PROCESSOR in + i386) UNAME_PROCESSOR=x86_64 ;; + powerpc) UNAME_PROCESSOR=powerpc64 ;; + esac + fi + # On 10.4-10.6 one might compile for PowerPC via gcc -arch ppc + if (echo '#ifdef __POWERPC__'; echo IS_PPC; echo '#endif') | \ + (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_PPC >/dev/null + then + UNAME_PROCESSOR=powerpc + fi + fi + elif test "$UNAME_PROCESSOR" = i386 ; then + # Avoid executing cc on OS X 10.9, as it ships with a stub + # that puts up a graphical alert prompting to install + # developer tools. Any system running Mac OS X 10.7 or + # later (Darwin 11 and later) is required to have a 64-bit + # processor. This is not true of the ARM version of Darwin + # that Apple uses in portable devices. + UNAME_PROCESSOR=x86_64 + fi + echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} + exit ;; + *:procnto*:*:* | *:QNX:[0123456789]*:*) + UNAME_PROCESSOR=`uname -p` + if test "$UNAME_PROCESSOR" = x86; then + UNAME_PROCESSOR=i386 + UNAME_MACHINE=pc + fi + echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE} + exit ;; + *:QNX:*:4*) + echo i386-pc-qnx + exit ;; + NEO-*:NONSTOP_KERNEL:*:*) + echo neo-tandem-nsk${UNAME_RELEASE} + exit ;; + NSE-*:NONSTOP_KERNEL:*:*) + echo nse-tandem-nsk${UNAME_RELEASE} + exit ;; + NSR-*:NONSTOP_KERNEL:*:*) + echo nsr-tandem-nsk${UNAME_RELEASE} + exit ;; + NSX-*:NONSTOP_KERNEL:*:*) + echo nsx-tandem-nsk${UNAME_RELEASE} + exit ;; + *:NonStop-UX:*:*) + echo mips-compaq-nonstopux + exit ;; + BS2000:POSIX*:*:*) + echo bs2000-siemens-sysv + exit ;; + DS/*:UNIX_System_V:*:*) + echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} + exit ;; + *:Plan9:*:*) + # "uname -m" is not consistent, so use $cputype instead. 386 + # is converted to i386 for consistency with other x86 + # operating systems. + if test "$cputype" = 386; then + UNAME_MACHINE=i386 + else + UNAME_MACHINE="$cputype" + fi + echo ${UNAME_MACHINE}-unknown-plan9 + exit ;; + *:TOPS-10:*:*) + echo pdp10-unknown-tops10 + exit ;; + *:TENEX:*:*) + echo pdp10-unknown-tenex + exit ;; + KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) + echo pdp10-dec-tops20 + exit ;; + XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) + echo pdp10-xkl-tops20 + exit ;; + *:TOPS-20:*:*) + echo pdp10-unknown-tops20 + exit ;; + *:ITS:*:*) + echo pdp10-unknown-its + exit ;; + SEI:*:*:SEIUX) + echo mips-sei-seiux${UNAME_RELEASE} + exit ;; + *:DragonFly:*:*) + echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` + exit ;; + *:*VMS:*:*) + UNAME_MACHINE=`(uname -p) 2>/dev/null` + case "${UNAME_MACHINE}" in + A*) echo alpha-dec-vms ; exit ;; + I*) echo ia64-dec-vms ; exit ;; + V*) echo vax-dec-vms ; exit ;; + esac ;; + *:XENIX:*:SysV) + echo i386-pc-xenix + exit ;; + i*86:skyos:*:*) + echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE} | sed -e 's/ .*$//'` + exit ;; + i*86:rdos:*:*) + echo ${UNAME_MACHINE}-pc-rdos + exit ;; + i*86:AROS:*:*) + echo ${UNAME_MACHINE}-pc-aros + exit ;; + x86_64:VMkernel:*:*) + echo ${UNAME_MACHINE}-unknown-esx + exit ;; + amd64:Isilon\ OneFS:*:*) + echo x86_64-unknown-onefs + exit ;; +esac + +echo "$0: unable to guess system type" >&2 + +case "${UNAME_MACHINE}:${UNAME_SYSTEM}" in + mips:Linux | mips64:Linux) + # If we got here on MIPS GNU/Linux, output extra information. + cat >&2 <&2 </dev/null || echo unknown` +uname -r = `(uname -r) 2>/dev/null || echo unknown` +uname -s = `(uname -s) 2>/dev/null || echo unknown` +uname -v = `(uname -v) 2>/dev/null || echo unknown` + +/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null` +/bin/uname -X = `(/bin/uname -X) 2>/dev/null` + +hostinfo = `(hostinfo) 2>/dev/null` +/bin/universe = `(/bin/universe) 2>/dev/null` +/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null` +/bin/arch = `(/bin/arch) 2>/dev/null` +/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null` +/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null` + +UNAME_MACHINE = ${UNAME_MACHINE} +UNAME_RELEASE = ${UNAME_RELEASE} +UNAME_SYSTEM = ${UNAME_SYSTEM} +UNAME_VERSION = ${UNAME_VERSION} +EOF + +exit 1 + +# Local variables: +# eval: (add-hook 'write-file-functions 'time-stamp) +# time-stamp-start: "timestamp='" +# time-stamp-format: "%:y-%02m-%02d" +# time-stamp-end: "'" +# End: diff --git a/config.h.in b/config.h.in new file mode 100644 index 0000000..60df2d9 --- /dev/null +++ b/config.h.in @@ -0,0 +1,753 @@ +/* config.h.in. Generated from configure.ac by autoheader. */ + +/* Whether to check configfile options. */ +#undef ENABLE_CONFIGFILE_CHECKING + +/* Define to 1 if you have the header file. */ +#undef HAVE_ALIASES_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_ARPA_INET_H + +/* Define to 1 if you have the `atexit' function. */ +#undef HAVE_ATEXIT + +/* Define to 1 if you have the `ber_bvfree' function. */ +#undef HAVE_BER_BVFREE + +/* Define to 1 if you have the `ber_free' function. */ +#undef HAVE_BER_FREE + +/* Define to 1 if you have the `ber_get_enum' function. */ +#undef HAVE_BER_GET_ENUM + +/* Define to 1 if you have the `ber_set_option' function. */ +#undef HAVE_BER_SET_OPTION + +/* Define to 1 if you have the `clearenv' function. */ +#undef HAVE_CLEARENV + +/* Define to 1 if you have the header file. */ +#undef HAVE_CTYPE_H + +/* Define to 1 if you have the declaration of `endusershell', and to 0 if you + don't. */ +#undef HAVE_DECL_ENDUSERSHELL + +/* Define to 1 if you have the declaration of `ether_aton', and to 0 if you + don't. */ +#undef HAVE_DECL_ETHER_ATON + +/* Define to 1 if you have the declaration of `ether_ntoa', and to 0 if you + don't. */ +#undef HAVE_DECL_ETHER_NTOA + +/* Define to 1 if you have the declaration of `getusershell', and to 0 if you + don't. */ +#undef HAVE_DECL_GETUSERSHELL + +/* Define to 1 if you have the declaration of `ldap_extended_operation_s', and + to 0 if you don't. */ +#undef HAVE_DECL_LDAP_EXTENDED_OPERATION_S + +/* Define to 1 if you have the declaration of `pam_error', and to 0 if you + don't. */ +#undef HAVE_DECL_PAM_ERROR + +/* Define to 1 if you have the declaration of `pam_info', and to 0 if you + don't. */ +#undef HAVE_DECL_PAM_INFO + +/* Define to 1 if you have the declaration of `setusershell', and to 0 if you + don't. */ +#undef HAVE_DECL_SETUSERSHELL + +/* Define to 1 if you have the `dlerror' function. */ +#undef HAVE_DLERROR + +/* Define to 1 if you have the `dlopen' function. */ +#undef HAVE_DLOPEN + +/* Define to 1 if you have the `dlsym' function. */ +#undef HAVE_DLSYM + +/* Define to 1 if you have the `endusershell' function. */ +#undef HAVE_ENDUSERSHELL + +/* Define to 1 if the system has the type `enum nss_status'. */ +#undef HAVE_ENUM_NSS_STATUS + +/* Define to 1 if you have the `ether_aton' function. */ +#undef HAVE_ETHER_ATON + +/* Define to 1 if you have the `ether_aton_r' function. */ +#undef HAVE_ETHER_ATON_R + +/* Define to 1 if you have the `ether_ntoa' function. */ +#undef HAVE_ETHER_NTOA + +/* Define to 1 if you have the `ether_ntoa_r' function. */ +#undef HAVE_ETHER_NTOA_R + +/* Define to 1 if you have the `execvp' function. */ +#undef HAVE_EXECVP + +/* Define to 1 if you have the `execvpe' function. */ +#undef HAVE_EXECVPE + +/* Define to 1 if you have the header file. */ +#undef HAVE_FCNTL_H + +/* Define to 1 if you have the `fork' function. */ +#undef HAVE_FORK + +/* Define to 1 if you have the `getenv' function. */ +#undef HAVE_GETENV + +/* Define to 1 if you have the `getgrouplist' function. */ +#undef HAVE_GETGROUPLIST + +/* Define to 1 if you have the header file. */ +#undef HAVE_GETOPT_H + +/* Define to 1 if you have the `getopt_long' function. */ +#undef HAVE_GETOPT_LONG + +/* Define to 1 if you have the `getpeereid' function. */ +#undef HAVE_GETPEEREID + +/* Define to 1 if you have the `getpeerucred' function. */ +#undef HAVE_GETPEERUCRED + +/* Define to 1 if you have the `getusershell' function. */ +#undef HAVE_GETUSERSHELL + +/* Define to 1 if you have the header file. */ +#undef HAVE_GRP_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_GSSAPI_GSSAPI_GENERIC_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_GSSAPI_GSSAPI_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_GSSAPI_GSSAPI_KRB5_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_GSSAPI_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_GSSLDAP_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_GSSSASL_H + +/* Define to 1 if you have the `gss_krb5_ccache_name' function. */ +#undef HAVE_GSS_KRB5_CCACHE_NAME + +/* Define to 1 if you have the `hstrerror' function. */ +#undef HAVE_HSTRERROR + +/* Define to 1 if you have the `initgroups' function. */ +#undef HAVE_INITGROUPS + +/* Define to 1 if you have the header file. */ +#undef HAVE_INTTYPES_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_KRB5_H + +/* Define to 1 if you have the `krb5_is_thread_safe' function. */ +#undef HAVE_KRB5_IS_THREAD_SAFE + +/* Define to 1 if you have the header file. */ +#undef HAVE_LBER_H + +/* Define to 1 if you have the `ldap_abandon' function. */ +#undef HAVE_LDAP_ABANDON + +/* Define to 1 if you have the `ldap_controls_free' function. */ +#undef HAVE_LDAP_CONTROLS_FREE + +/* Define to 1 if you have the `ldap_control_create' function. */ +#undef HAVE_LDAP_CONTROL_CREATE + +/* Define to 1 if you have the `ldap_control_find' function. */ +#undef HAVE_LDAP_CONTROL_FIND + +/* Define to 1 if you have the `ldap_control_free' function. */ +#undef HAVE_LDAP_CONTROL_FREE + +/* Define to 1 if you have the `ldap_count_values_len' function. */ +#undef HAVE_LDAP_COUNT_VALUES_LEN + +/* Define to 1 if you have the `ldap_create_control' function. */ +#undef HAVE_LDAP_CREATE_CONTROL + +/* Define to 1 if you have the `ldap_create_deref_control' function. */ +#undef HAVE_LDAP_CREATE_DEREF_CONTROL + +/* Define to 1 if you have the `ldap_create_deref_control_value' function. */ +#undef HAVE_LDAP_CREATE_DEREF_CONTROL_VALUE + +/* Define to 1 if you have the `ldap_create_page_control' function. */ +#undef HAVE_LDAP_CREATE_PAGE_CONTROL + +/* Define to 1 if you have the `ldap_derefresponse_free' function. */ +#undef HAVE_LDAP_DEREFRESPONSE_FREE + +/* Define to 1 if you have the `ldap_domain2dn' function. */ +#undef HAVE_LDAP_DOMAIN2DN + +/* Define to 1 if you have the `ldap_domain2hostlist' function. */ +#undef HAVE_LDAP_DOMAIN2HOSTLIST + +/* Define to 1 if you have the `ldap_err2string' function. */ +#undef HAVE_LDAP_ERR2STRING + +/* Define to 1 if you have the `ldap_explode_dn' function. */ +#undef HAVE_LDAP_EXPLODE_DN + +/* Define to 1 if you have the `ldap_explode_rdn' function. */ +#undef HAVE_LDAP_EXPLODE_RDN + +/* Define to 1 if you have the `ldap_extended_operation_s' function. */ +#undef HAVE_LDAP_EXTENDED_OPERATION_S + +/* Define to 1 if you have the `ldap_first_attribute' function. */ +#undef HAVE_LDAP_FIRST_ATTRIBUTE + +/* Define to 1 if you have the `ldap_get_dn' function. */ +#undef HAVE_LDAP_GET_DN + +/* Define to 1 if you have the `ldap_get_entry_controls' function. */ +#undef HAVE_LDAP_GET_ENTRY_CONTROLS + +/* Define to 1 if you have the `ldap_get_option' function. */ +#undef HAVE_LDAP_GET_OPTION + +/* Define to 1 if you have the `ldap_get_values' function. */ +#undef HAVE_LDAP_GET_VALUES + +/* Define to 1 if you have the `ldap_get_values_len' function. */ +#undef HAVE_LDAP_GET_VALUES_LEN + +/* Define to 1 if you have the header file. */ +#undef HAVE_LDAP_H + +/* Define to 1 if you have the `ldap_initialize' function. */ +#undef HAVE_LDAP_INITIALIZE + +/* Define to 1 if you have the `ldap_memfree' function. */ +#undef HAVE_LDAP_MEMFREE + +/* Define to 1 if you have the `ldap_modify_ext_s' function. */ +#undef HAVE_LDAP_MODIFY_EXT_S + +/* Define to 1 if you have the `ldap_msgfree' function. */ +#undef HAVE_LDAP_MSGFREE + +/* Define to 1 if you have the `ldap_next_attribute' function. */ +#undef HAVE_LDAP_NEXT_ATTRIBUTE + +/* Define to 1 if you have the `ldap_parse_deref_control' function. */ +#undef HAVE_LDAP_PARSE_DEREF_CONTROL + +/* Define to 1 if you have the `ldap_parse_page_control' function. */ +#undef HAVE_LDAP_PARSE_PAGE_CONTROL + +/* Define to 1 if you have the `ldap_parse_passwordpolicy_control' function. + */ +#undef HAVE_LDAP_PARSE_PASSWORDPOLICY_CONTROL + +/* Define to 1 if you have the `ldap_parse_result' function. */ +#undef HAVE_LDAP_PARSE_RESULT + +/* Define to 1 if you have the `ldap_passwd_s' function. */ +#undef HAVE_LDAP_PASSWD_S + +/* Define to 1 if you have the `ldap_passwordpolicy_err2txt' function. */ +#undef HAVE_LDAP_PASSWORDPOLICY_ERR2TXT + +/* Define to 1 if you have the `ldap_result' function. */ +#undef HAVE_LDAP_RESULT + +/* Define to 1 if you have the `ldap_sasl_bind' function. */ +#undef HAVE_LDAP_SASL_BIND + +/* Define to 1 if you have the `ldap_sasl_bind_s' function. */ +#undef HAVE_LDAP_SASL_BIND_S + +/* Define to 1 if you have the `ldap_sasl_interactive_bind_s' function. */ +#undef HAVE_LDAP_SASL_INTERACTIVE_BIND_S + +/* Define to 1 if you have the `ldap_search_ext' function. */ +#undef HAVE_LDAP_SEARCH_EXT + +/* Define to 1 if you have the `ldap_set_option' function. */ +#undef HAVE_LDAP_SET_OPTION + +/* Define to 1 if you have the `ldap_set_rebind_proc' function. */ +#undef HAVE_LDAP_SET_REBIND_PROC + +/* Define to 1 if you have the `ldap_simple_bind_s' function. */ +#undef HAVE_LDAP_SIMPLE_BIND_S + +/* Define to 1 if you have the header file. */ +#undef HAVE_LDAP_SSL_H + +/* Define to 1 if you have the `ldap_start_tls_s' function. */ +#undef HAVE_LDAP_START_TLS_S + +/* Define to 1 if you have the `ldap_unbind' function. */ +#undef HAVE_LDAP_UNBIND + +/* Define to 1 if you have the `ldap_value_free' function. */ +#undef HAVE_LDAP_VALUE_FREE + +/* Define to 1 if you have the `ldap_value_free_len' function. */ +#undef HAVE_LDAP_VALUE_FREE_LEN + +/* Define to 1 if you have the header file. */ +#undef HAVE_LIMITS_H + +/* Define to 1 if you have the `malloc' function. */ +#undef HAVE_MALLOC + +/* Define to 1 if you have the header file. */ +#undef HAVE_MEMORY_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_NETDB_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_NETINET_ETHER_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_NETINET_IN_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_NSSWITCH_H + +/* Define to 1 if the system has the type `nss_backend_t'. */ +#undef HAVE_NSS_BACKEND_T + +/* Define to 1 if you have the header file. */ +#undef HAVE_NSS_COMMON_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_NSS_DBDEFS_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_NSS_H + +/* Define to 1 if you have the `pam_get_authtok' function. */ +#undef HAVE_PAM_GET_AUTHTOK + +/* Define to 1 if you have the `pam_modutil_getpwnam' function. */ +#undef HAVE_PAM_MODUTIL_GETPWNAM + +/* Define to 1 if you have the header file. */ +#undef HAVE_PAM_PAM_MODULES_H + +/* Define to 1 if you have the `pam_prompt' function. */ +#undef HAVE_PAM_PROMPT + +/* Define to 1 if you have the `pam_syslog' function. */ +#undef HAVE_PAM_SYSLOG + +/* Define if you have POSIX threads libraries and header files. */ +#undef HAVE_PTHREAD + +/* Define to 1 if you have the `pthread_atfork' function. */ +#undef HAVE_PTHREAD_ATFORK + +/* Define to 1 if you have the header file. */ +#undef HAVE_PTHREAD_H + +/* Define to 1 if you have the `pthread_join' function. */ +#undef HAVE_PTHREAD_JOIN + +/* Define to 1 if you have the `pthread_mutex_lock' function. */ +#undef HAVE_PTHREAD_MUTEX_LOCK + +/* Define to 1 if you have the header file. */ +#undef HAVE_PTHREAD_NP_H + +/* Have PTHREAD_PRIO_INHERIT. */ +#undef HAVE_PTHREAD_PRIO_INHERIT + +/* Define to 1 if you have the `pthread_timedjoin_np' function. */ +#undef HAVE_PTHREAD_TIMEDJOIN_NP + +/* Define to 1 if you have the `putenv' function. */ +#undef HAVE_PUTENV + +/* Define to 1 if you have the `realloc' function. */ +#undef HAVE_REALLOC + +/* Define to 1 if you have the `regcomp' function. */ +#undef HAVE_REGCOMP + +/* Define to 1 if you have the `regerror' function. */ +#undef HAVE_REGERROR + +/* Define to 1 if you have the `regexec' function. */ +#undef HAVE_REGEXEC + +/* Define to 1 if you have the header file. */ +#undef HAVE_REGEX_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_RPC_RPCENT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SASL_H + +/* Define to 1 if you have a `sasl_interact_t' definition. */ +#undef HAVE_SASL_INTERACT_T + +/* Define to 1 if you have the header file. */ +#undef HAVE_SASL_SASL_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SECURITY_PAM_APPL_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SECURITY_PAM_EXT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SECURITY_PAM_MODULES_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SECURITY_PAM_MODUTIL_H + +/* Define to 1 if you have the `setgroups' function. */ +#undef HAVE_SETGROUPS + +/* Define to 1 if you have the `setusershell' function. */ +#undef HAVE_SETUSERSHELL + +/* Define to 1 if you have the header file. */ +#undef HAVE_SHADOW_H + +/* Define to 1 if you have the `sigaction' function. */ +#undef HAVE_SIGACTION + +/* Define to 1 if you have the `snprintf' function. */ +#undef HAVE_SNPRINTF + +/* Define to 1 if you have the header file. */ +#undef HAVE_STDDEF_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_STDINT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_STDLIB_H + +/* Define to 1 if you have the `strcasecmp' function. */ +#undef HAVE_STRCASECMP + +/* Define to 1 if you have the `strchr' function. */ +#undef HAVE_STRCHR + +/* Define to 1 if you have the `strcspn' function. */ +#undef HAVE_STRCSPN + +/* Define to 1 if you have the header file. */ +#undef HAVE_STRINGS_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_STRING_H + +/* Define to 1 if you have the `strncasecmp' function. */ +#undef HAVE_STRNCASECMP + +/* Define to 1 if you have the `strndup' function. */ +#undef HAVE_STRNDUP + +/* Define to 1 if you have the `strspn' function. */ +#undef HAVE_STRSPN + +/* Define to 1 if you have the `strtol' function. */ +#undef HAVE_STRTOL + +/* Define to 1 if you have the `strtoul' function. */ +#undef HAVE_STRTOUL + +/* Define to 1 if you have the `strtoull' function. */ +#undef HAVE_STRTOULL + +/* Define to 1 if the system has the type `struct aliasent'. */ +#undef HAVE_STRUCT_ALIASENT + +/* Define to 1 if the system has the type `struct etherent'. */ +#undef HAVE_STRUCT_ETHERENT + +/* Define to 1 if the system has the type `struct ether_addr'. */ +#undef HAVE_STRUCT_ETHER_ADDR + +/* Define to 1 if `returnlen' is a member of `struct nss_XbyY_args'. */ +#undef HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN + +/* Define to 1 if `pw_class' is a member of `struct passwd'. */ +#undef HAVE_STRUCT_PASSWD_PW_CLASS + +/* Define to 1 if the system has the type `struct rpcent'. */ +#undef HAVE_STRUCT_RPCENT + +/* Define to 1 if the system has the type `struct spwd'. */ +#undef HAVE_STRUCT_SPWD + +/* Define to 1 if you have a `struct ucred' definition. */ +#undef HAVE_STRUCT_UCRED + +/* Define to 1 if the system has the type `suseconds_t'. */ +#undef HAVE_SUSECONDS_T + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYSLOG_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_PARAM_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_SOCKET_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_STAT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_TIME_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_TYPES_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_UCRED_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_UN_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_UCRED_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_UNISTD_H + +/* Define to 1 if you have the `vfork' function. */ +#undef HAVE_VFORK + +/* Define to 1 if you have the header file. */ +#undef HAVE_VFORK_H + +/* Define to 1 if `fork' works. */ +#undef HAVE_WORKING_FORK + +/* Define to 1 if `vfork' works. */ +#undef HAVE_WORKING_VFORK + +/* Define to 1 if you have the `__assert_fail' function. */ +#undef HAVE___ASSERT_FAIL + +/* Define to 1 if you have the `__nss_configure_lookup' function. */ +#undef HAVE___NSS_CONFIGURE_LOOKUP + +/* Define to activate deprecated features in OpenLDAP */ +#undef LDAP_DEPRECATED + +/* Define to get some functions on Solaris */ +#undef LDAP_REFERRALS + +/* Define to the number of arguments to ldap_set_rebindproc. */ +#undef LDAP_SET_REBIND_PROC_ARGS + +/* Define to 1 if ldap_set_rebind_proc() returns void. */ +#undef LDAP_SET_REBIND_PROC_RETURNS_VOID + +/* The name of the NSS and PAM modules. */ +#undef MODULE_NAME + +/* Path to bindpw value. */ +#undef NSLCD_BINDPW_PATH + +/* Path to nslcd configuration file. */ +#undef NSLCD_CONF_PATH + +/* The location of the pidfile used for checking availability of the nslcd. */ +#undef NSLCD_PIDFILE + +/* The location of the socket used for communicating. */ +#undef NSLCD_SOCKET + +/* Whether to use the FreeBSD NSS interface flavour. */ +#undef NSS_FLAVOUR_FREEBSD + +/* Whether to use the Glibc NSS interface flavour. */ +#undef NSS_FLAVOUR_GLIBC + +/* Whether to use the Solaris NSS interface flavour. */ +#undef NSS_FLAVOUR_SOLARIS + +/* The SONAME of the NSS library module. */ +#undef NSS_LDAP_SONAME + +/* Expand to NSS symbol name. */ +#undef NSS_NAME + +/* Name of package */ +#undef PACKAGE + +/* Define to the address where bug reports for this package should be sent. */ +#undef PACKAGE_BUGREPORT + +/* Define to the full name of this package. */ +#undef PACKAGE_NAME + +/* Define to the full name and version of this package. */ +#undef PACKAGE_STRING + +/* Define to the one symbol short name of this package. */ +#undef PACKAGE_TARNAME + +/* Define to the home page for this package. */ +#undef PACKAGE_URL + +/* Define to the version of this package. */ +#undef PACKAGE_VERSION + +/* Define to empty if pam_get_item() doesn't take `const` parameter. */ +#undef PAM_ITEM_CONST + +/* Expand to PAM symbol name. */ +#undef PAM_NAME + +/* path to PAM security library */ +#undef PAM_SECLIB_DIR + +/* Define to necessary symbol if this constant uses a non-standard name on + your system. */ +#undef PTHREAD_CREATE_JOINABLE + +/* Define to 1 if ldap_create_deref_control() is broken. */ +#undef REPLACE_LDAP_CREATE_DEREF_CONTROL + +/* Define to 1 if setnetgrent() returns void. */ +#undef SETNETGRENT_RETURNS_VOID + +/* The size of `gid_t', as computed by sizeof. */ +#undef SIZEOF_GID_T + +/* The size of `uid_t', as computed by sizeof. */ +#undef SIZEOF_UID_T + +/* The size of `unsigned int', as computed by sizeof. */ +#undef SIZEOF_UNSIGNED_INT + +/* The size of `unsigned long int', as computed by sizeof. */ +#undef SIZEOF_UNSIGNED_LONG_INT + +/* The size of `unsigned long long int', as computed by sizeof. */ +#undef SIZEOF_UNSIGNED_LONG_LONG_INT + +/* Define to 1 if you have the ANSI C header files. */ +#undef STDC_HEADERS + +/* If the compiler supports a TLS storage class define it to that here */ +#undef TLS + +/* Enable extensions on AIX 3, Interix. */ +#ifndef _ALL_SOURCE +# undef _ALL_SOURCE +#endif +/* Enable GNU extensions on systems that have them. */ +#ifndef _GNU_SOURCE +# undef _GNU_SOURCE +#endif +/* Enable threading extensions on Solaris. */ +#ifndef _POSIX_PTHREAD_SEMANTICS +# undef _POSIX_PTHREAD_SEMANTICS +#endif +/* Enable extensions on HP NonStop. */ +#ifndef _TANDEM_SOURCE +# undef _TANDEM_SOURCE +#endif +/* Enable general extensions on Solaris. */ +#ifndef __EXTENSIONS__ +# undef __EXTENSIONS__ +#endif + + +/* Version number of package */ +#undef VERSION + +/* Define to 1 if on MINIX. */ +#undef _MINIX + +/* Define to 2 if the system does not provide POSIX.1 features except with + this defined. */ +#undef _POSIX_1_SOURCE + +/* Define to 1 if you need to in order for `stat' and other things to work. */ +#undef _POSIX_SOURCE + +/* Define for Solaris 2.5.1 so the uint32_t typedef from , + , or is not used. If the typedef were allowed, the + #define below would cause a syntax error. */ +#undef _UINT32_T + +/* Define for Solaris 2.5.1 so the uint8_t typedef from , + , or is not used. If the typedef were allowed, the + #define below would cause a syntax error. */ +#undef _UINT8_T + +/* Define to empty if `const' does not conform to ANSI C. */ +#undef const + +/* Define to `int' if doesn't define. */ +#undef gid_t + +/* Define to `__inline__' or `__inline' if that's what the C compiler + calls it, or to nothing if 'inline' is not supported under any name. */ +#ifndef __cplusplus +#undef inline +#endif + +/* Define to the type of a signed integer type of width exactly 32 bits if + such a type exists and the standard includes do not define it. */ +#undef int32_t + +/* Define to `int' if does not define. */ +#undef mode_t + +/* Define to `int' if does not define. */ +#undef pid_t + +/* Define to `unsigned int' if does not define. */ +#undef size_t + +/* Define to `sockaddr_in' if not defined elsewhere. */ +#undef sockaddr_storage + +/* Define to `size_t' if not defined elswhere. */ +#undef socklen_t + +/* Define to `int' if doesn't define. */ +#undef uid_t + +/* Define to the type of an unsigned integer type of width exactly 16 bits if + such a type exists and the standard includes do not define it. */ +#undef uint16_t + +/* Define to the type of an unsigned integer type of width exactly 32 bits if + such a type exists and the standard includes do not define it. */ +#undef uint32_t + +/* Define to the type of an unsigned integer type of width exactly 8 bits if + such a type exists and the standard includes do not define it. */ +#undef uint8_t + +/* Define as `fork' if `vfork' does not work. */ +#undef vfork diff --git a/config.sub b/config.sub new file mode 100755 index 0000000..00f68b8 --- /dev/null +++ b/config.sub @@ -0,0 +1,1848 @@ +#! /bin/sh +# Configuration validation subroutine script. +# Copyright 1992-2017 Free Software Foundation, Inc. + +timestamp='2017-11-23' + +# This file is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, see . +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that +# program. This Exception is an additional permission under section 7 +# of the GNU General Public License, version 3 ("GPLv3"). + + +# Please send patches to . +# +# Configuration subroutine to validate and canonicalize a configuration type. +# Supply the specified configuration type as an argument. +# If it is invalid, we print an error message on stderr and exit with code 1. +# Otherwise, we print the canonical config type on stdout and succeed. + +# You can get the latest version of this script from: +# https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub + +# This file is supposed to be the same for all GNU packages +# and recognize all the CPU types, system types and aliases +# that are meaningful with *any* GNU software. +# Each package is responsible for reporting which valid configurations +# it does not support. The user should be able to distinguish +# a failure to support a valid configuration from a meaningless +# configuration. + +# The goal of this file is to map all the various variations of a given +# machine specification into a single specification in the form: +# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM +# or in some cases, the newer four-part form: +# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM +# It is wrong to echo any other type of specification. + +me=`echo "$0" | sed -e 's,.*/,,'` + +usage="\ +Usage: $0 [OPTION] CPU-MFR-OPSYS or ALIAS + +Canonicalize a configuration name. + +Options: + -h, --help print this help, then exit + -t, --time-stamp print date of last modification, then exit + -v, --version print version number, then exit + +Report bugs and patches to ." + +version="\ +GNU config.sub ($timestamp) + +Copyright 1992-2017 Free Software Foundation, Inc. + +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." + +help=" +Try \`$me --help' for more information." + +# Parse command line +while test $# -gt 0 ; do + case $1 in + --time-stamp | --time* | -t ) + echo "$timestamp" ; exit ;; + --version | -v ) + echo "$version" ; exit ;; + --help | --h* | -h ) + echo "$usage"; exit ;; + -- ) # Stop option processing + shift; break ;; + - ) # Use stdin as input. + break ;; + -* ) + echo "$me: invalid option $1$help" + exit 1 ;; + + *local*) + # First pass through any local machine types. + echo $1 + exit ;; + + * ) + break ;; + esac +done + +case $# in + 0) echo "$me: missing argument$help" >&2 + exit 1;; + 1) ;; + *) echo "$me: too many arguments$help" >&2 + exit 1;; +esac + +# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). +# Here we must recognize all the valid KERNEL-OS combinations. +maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` +case $maybe_os in + nto-qnx* | linux-gnu* | linux-android* | linux-dietlibc | linux-newlib* | \ + linux-musl* | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \ + knetbsd*-gnu* | netbsd*-gnu* | netbsd*-eabi* | \ + kopensolaris*-gnu* | cloudabi*-eabi* | \ + storm-chaos* | os2-emx* | rtmk-nova*) + os=-$maybe_os + basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` + ;; + android-linux) + os=-linux-android + basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`-unknown + ;; + *) + basic_machine=`echo $1 | sed 's/-[^-]*$//'` + if [ $basic_machine != $1 ] + then os=`echo $1 | sed 's/.*-/-/'` + else os=; fi + ;; +esac + +### Let's recognize common machines as not being operating systems so +### that things like config.sub decstation-3100 work. We also +### recognize some manufacturers as not being operating systems, so we +### can provide default operating systems below. +case $os in + -sun*os*) + # Prevent following clause from handling this invalid input. + ;; + -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ + -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ + -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ + -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ + -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ + -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ + -apple | -axis | -knuth | -cray | -microblaze*) + os= + basic_machine=$1 + ;; + -bluegene*) + os=-cnk + ;; + -sim | -cisco | -oki | -wec | -winbond) + os= + basic_machine=$1 + ;; + -scout) + ;; + -wrs) + os=-vxworks + basic_machine=$1 + ;; + -chorusos*) + os=-chorusos + basic_machine=$1 + ;; + -chorusrdb) + os=-chorusrdb + basic_machine=$1 + ;; + -hiux*) + os=-hiuxwe2 + ;; + -sco6) + os=-sco5v6 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco5) + os=-sco3.2v5 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco4) + os=-sco3.2v4 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco3.2.[4-9]*) + os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco3.2v[4-9]*) + # Don't forget version if it is 3.2v4 or newer. + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco5v6*) + # Don't forget version if it is 3.2v4 or newer. + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco*) + os=-sco3.2v2 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -udk*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -isc) + os=-isc2.2 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -clix*) + basic_machine=clipper-intergraph + ;; + -isc*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -lynx*178) + os=-lynxos178 + ;; + -lynx*5) + os=-lynxos5 + ;; + -lynx*) + os=-lynxos + ;; + -ptx*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'` + ;; + -psos*) + os=-psos + ;; + -mint | -mint[0-9]*) + basic_machine=m68k-atari + os=-mint + ;; +esac + +# Decode aliases for certain CPU-COMPANY combinations. +case $basic_machine in + # Recognize the basic CPU types without company name. + # Some are omitted here because they have special meanings below. + 1750a | 580 \ + | a29k \ + | aarch64 | aarch64_be \ + | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ + | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ + | am33_2.0 \ + | arc | arceb \ + | arm | arm[bl]e | arme[lb] | armv[2-8] | armv[3-8][lb] | armv7[arm] \ + | avr | avr32 \ + | ba \ + | be32 | be64 \ + | bfin \ + | c4x | c8051 | clipper \ + | d10v | d30v | dlx | dsp16xx \ + | e2k | epiphany \ + | fido | fr30 | frv | ft32 \ + | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ + | hexagon \ + | i370 | i860 | i960 | ia16 | ia64 \ + | ip2k | iq2000 \ + | k1om \ + | le32 | le64 \ + | lm32 \ + | m32c | m32r | m32rle | m68000 | m68k | m88k \ + | maxq | mb | microblaze | microblazeel | mcore | mep | metag \ + | mips | mipsbe | mipseb | mipsel | mipsle \ + | mips16 \ + | mips64 | mips64el \ + | mips64octeon | mips64octeonel \ + | mips64orion | mips64orionel \ + | mips64r5900 | mips64r5900el \ + | mips64vr | mips64vrel \ + | mips64vr4100 | mips64vr4100el \ + | mips64vr4300 | mips64vr4300el \ + | mips64vr5000 | mips64vr5000el \ + | mips64vr5900 | mips64vr5900el \ + | mipsisa32 | mipsisa32el \ + | mipsisa32r2 | mipsisa32r2el \ + | mipsisa32r6 | mipsisa32r6el \ + | mipsisa64 | mipsisa64el \ + | mipsisa64r2 | mipsisa64r2el \ + | mipsisa64r6 | mipsisa64r6el \ + | mipsisa64sb1 | mipsisa64sb1el \ + | mipsisa64sr71k | mipsisa64sr71kel \ + | mipsr5900 | mipsr5900el \ + | mipstx39 | mipstx39el \ + | mn10200 | mn10300 \ + | moxie \ + | mt \ + | msp430 \ + | nds32 | nds32le | nds32be \ + | nios | nios2 | nios2eb | nios2el \ + | ns16k | ns32k \ + | open8 | or1k | or1knd | or32 \ + | pdp10 | pdp11 | pj | pjl \ + | powerpc | powerpc64 | powerpc64le | powerpcle \ + | pru \ + | pyramid \ + | riscv32 | riscv64 \ + | rl78 | rx \ + | score \ + | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[234]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ + | sh64 | sh64le \ + | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \ + | sparcv8 | sparcv9 | sparcv9b | sparcv9v \ + | spu \ + | tahoe | tic4x | tic54x | tic55x | tic6x | tic80 | tron \ + | ubicom32 \ + | v850 | v850e | v850e1 | v850e2 | v850es | v850e2v3 \ + | visium \ + | wasm32 \ + | x86 | xc16x | xstormy16 | xtensa \ + | z8k | z80) + basic_machine=$basic_machine-unknown + ;; + c54x) + basic_machine=tic54x-unknown + ;; + c55x) + basic_machine=tic55x-unknown + ;; + c6x) + basic_machine=tic6x-unknown + ;; + leon|leon[3-9]) + basic_machine=sparc-$basic_machine + ;; + m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | nvptx | picochip) + basic_machine=$basic_machine-unknown + os=-none + ;; + m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k) + ;; + ms1) + basic_machine=mt-unknown + ;; + + strongarm | thumb | xscale) + basic_machine=arm-unknown + ;; + xgate) + basic_machine=$basic_machine-unknown + os=-none + ;; + xscaleeb) + basic_machine=armeb-unknown + ;; + + xscaleel) + basic_machine=armel-unknown + ;; + + # We use `pc' rather than `unknown' + # because (1) that's what they normally are, and + # (2) the word "unknown" tends to confuse beginning users. + i*86 | x86_64) + basic_machine=$basic_machine-pc + ;; + # Object if more than one company name word. + *-*-*) + echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 + exit 1 + ;; + # Recognize the basic CPU types with company name. + 580-* \ + | a29k-* \ + | aarch64-* | aarch64_be-* \ + | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ + | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ + | alphapca5[67]-* | alpha64pca5[67]-* | arc-* | arceb-* \ + | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ + | avr-* | avr32-* \ + | ba-* \ + | be32-* | be64-* \ + | bfin-* | bs2000-* \ + | c[123]* | c30-* | [cjt]90-* | c4x-* \ + | c8051-* | clipper-* | craynv-* | cydra-* \ + | d10v-* | d30v-* | dlx-* \ + | e2k-* | elxsi-* \ + | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ + | h8300-* | h8500-* \ + | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ + | hexagon-* \ + | i*86-* | i860-* | i960-* | ia16-* | ia64-* \ + | ip2k-* | iq2000-* \ + | k1om-* \ + | le32-* | le64-* \ + | lm32-* \ + | m32c-* | m32r-* | m32rle-* \ + | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ + | m88110-* | m88k-* | maxq-* | mcore-* | metag-* \ + | microblaze-* | microblazeel-* \ + | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ + | mips16-* \ + | mips64-* | mips64el-* \ + | mips64octeon-* | mips64octeonel-* \ + | mips64orion-* | mips64orionel-* \ + | mips64r5900-* | mips64r5900el-* \ + | mips64vr-* | mips64vrel-* \ + | mips64vr4100-* | mips64vr4100el-* \ + | mips64vr4300-* | mips64vr4300el-* \ + | mips64vr5000-* | mips64vr5000el-* \ + | mips64vr5900-* | mips64vr5900el-* \ + | mipsisa32-* | mipsisa32el-* \ + | mipsisa32r2-* | mipsisa32r2el-* \ + | mipsisa32r6-* | mipsisa32r6el-* \ + | mipsisa64-* | mipsisa64el-* \ + | mipsisa64r2-* | mipsisa64r2el-* \ + | mipsisa64r6-* | mipsisa64r6el-* \ + | mipsisa64sb1-* | mipsisa64sb1el-* \ + | mipsisa64sr71k-* | mipsisa64sr71kel-* \ + | mipsr5900-* | mipsr5900el-* \ + | mipstx39-* | mipstx39el-* \ + | mmix-* \ + | mt-* \ + | msp430-* \ + | nds32-* | nds32le-* | nds32be-* \ + | nios-* | nios2-* | nios2eb-* | nios2el-* \ + | none-* | np1-* | ns16k-* | ns32k-* \ + | open8-* \ + | or1k*-* \ + | orion-* \ + | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ + | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \ + | pru-* \ + | pyramid-* \ + | riscv32-* | riscv64-* \ + | rl78-* | romp-* | rs6000-* | rx-* \ + | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ + | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ + | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ + | sparclite-* \ + | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | sv1-* | sx*-* \ + | tahoe-* \ + | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ + | tile*-* \ + | tron-* \ + | ubicom32-* \ + | v850-* | v850e-* | v850e1-* | v850es-* | v850e2-* | v850e2v3-* \ + | vax-* \ + | visium-* \ + | wasm32-* \ + | we32k-* \ + | x86-* | x86_64-* | xc16x-* | xps100-* \ + | xstormy16-* | xtensa*-* \ + | ymp-* \ + | z8k-* | z80-*) + ;; + # Recognize the basic CPU types without company name, with glob match. + xtensa*) + basic_machine=$basic_machine-unknown + ;; + # Recognize the various machine names and aliases which stand + # for a CPU type and a company and sometimes even an OS. + 386bsd) + basic_machine=i386-unknown + os=-bsd + ;; + 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) + basic_machine=m68000-att + ;; + 3b*) + basic_machine=we32k-att + ;; + a29khif) + basic_machine=a29k-amd + os=-udi + ;; + abacus) + basic_machine=abacus-unknown + ;; + adobe68k) + basic_machine=m68010-adobe + os=-scout + ;; + alliant | fx80) + basic_machine=fx80-alliant + ;; + altos | altos3068) + basic_machine=m68k-altos + ;; + am29k) + basic_machine=a29k-none + os=-bsd + ;; + amd64) + basic_machine=x86_64-pc + ;; + amd64-*) + basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + amdahl) + basic_machine=580-amdahl + os=-sysv + ;; + amiga | amiga-*) + basic_machine=m68k-unknown + ;; + amigaos | amigados) + basic_machine=m68k-unknown + os=-amigaos + ;; + amigaunix | amix) + basic_machine=m68k-unknown + os=-sysv4 + ;; + apollo68) + basic_machine=m68k-apollo + os=-sysv + ;; + apollo68bsd) + basic_machine=m68k-apollo + os=-bsd + ;; + aros) + basic_machine=i386-pc + os=-aros + ;; + asmjs) + basic_machine=asmjs-unknown + ;; + aux) + basic_machine=m68k-apple + os=-aux + ;; + balance) + basic_machine=ns32k-sequent + os=-dynix + ;; + blackfin) + basic_machine=bfin-unknown + os=-linux + ;; + blackfin-*) + basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'` + os=-linux + ;; + bluegene*) + basic_machine=powerpc-ibm + os=-cnk + ;; + c54x-*) + basic_machine=tic54x-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + c55x-*) + basic_machine=tic55x-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + c6x-*) + basic_machine=tic6x-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + c90) + basic_machine=c90-cray + os=-unicos + ;; + cegcc) + basic_machine=arm-unknown + os=-cegcc + ;; + convex-c1) + basic_machine=c1-convex + os=-bsd + ;; + convex-c2) + basic_machine=c2-convex + os=-bsd + ;; + convex-c32) + basic_machine=c32-convex + os=-bsd + ;; + convex-c34) + basic_machine=c34-convex + os=-bsd + ;; + convex-c38) + basic_machine=c38-convex + os=-bsd + ;; + cray | j90) + basic_machine=j90-cray + os=-unicos + ;; + craynv) + basic_machine=craynv-cray + os=-unicosmp + ;; + cr16 | cr16-*) + basic_machine=cr16-unknown + os=-elf + ;; + crds | unos) + basic_machine=m68k-crds + ;; + crisv32 | crisv32-* | etraxfs*) + basic_machine=crisv32-axis + ;; + cris | cris-* | etrax*) + basic_machine=cris-axis + ;; + crx) + basic_machine=crx-unknown + os=-elf + ;; + da30 | da30-*) + basic_machine=m68k-da30 + ;; + decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) + basic_machine=mips-dec + ;; + decsystem10* | dec10*) + basic_machine=pdp10-dec + os=-tops10 + ;; + decsystem20* | dec20*) + basic_machine=pdp10-dec + os=-tops20 + ;; + delta | 3300 | motorola-3300 | motorola-delta \ + | 3300-motorola | delta-motorola) + basic_machine=m68k-motorola + ;; + delta88) + basic_machine=m88k-motorola + os=-sysv3 + ;; + dicos) + basic_machine=i686-pc + os=-dicos + ;; + djgpp) + basic_machine=i586-pc + os=-msdosdjgpp + ;; + dpx20 | dpx20-*) + basic_machine=rs6000-bull + os=-bosx + ;; + dpx2*) + basic_machine=m68k-bull + os=-sysv3 + ;; + e500v[12]) + basic_machine=powerpc-unknown + os=$os"spe" + ;; + e500v[12]-*) + basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` + os=$os"spe" + ;; + ebmon29k) + basic_machine=a29k-amd + os=-ebmon + ;; + elxsi) + basic_machine=elxsi-elxsi + os=-bsd + ;; + encore | umax | mmax) + basic_machine=ns32k-encore + ;; + es1800 | OSE68k | ose68k | ose | OSE) + basic_machine=m68k-ericsson + os=-ose + ;; + fx2800) + basic_machine=i860-alliant + ;; + genix) + basic_machine=ns32k-ns + ;; + gmicro) + basic_machine=tron-gmicro + os=-sysv + ;; + go32) + basic_machine=i386-pc + os=-go32 + ;; + h3050r* | hiux*) + basic_machine=hppa1.1-hitachi + os=-hiuxwe2 + ;; + h8300hms) + basic_machine=h8300-hitachi + os=-hms + ;; + h8300xray) + basic_machine=h8300-hitachi + os=-xray + ;; + h8500hms) + basic_machine=h8500-hitachi + os=-hms + ;; + harris) + basic_machine=m88k-harris + os=-sysv3 + ;; + hp300-*) + basic_machine=m68k-hp + ;; + hp300bsd) + basic_machine=m68k-hp + os=-bsd + ;; + hp300hpux) + basic_machine=m68k-hp + os=-hpux + ;; + hp3k9[0-9][0-9] | hp9[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hp9k2[0-9][0-9] | hp9k31[0-9]) + basic_machine=m68000-hp + ;; + hp9k3[2-9][0-9]) + basic_machine=m68k-hp + ;; + hp9k6[0-9][0-9] | hp6[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hp9k7[0-79][0-9] | hp7[0-79][0-9]) + basic_machine=hppa1.1-hp + ;; + hp9k78[0-9] | hp78[0-9]) + # FIXME: really hppa2.0-hp + basic_machine=hppa1.1-hp + ;; + hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) + # FIXME: really hppa2.0-hp + basic_machine=hppa1.1-hp + ;; + hp9k8[0-9][13679] | hp8[0-9][13679]) + basic_machine=hppa1.1-hp + ;; + hp9k8[0-9][0-9] | hp8[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hppa-next) + os=-nextstep3 + ;; + hppaosf) + basic_machine=hppa1.1-hp + os=-osf + ;; + hppro) + basic_machine=hppa1.1-hp + os=-proelf + ;; + i370-ibm* | ibm*) + basic_machine=i370-ibm + ;; + i*86v32) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv32 + ;; + i*86v4*) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv4 + ;; + i*86v) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv + ;; + i*86sol2) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-solaris2 + ;; + i386mach) + basic_machine=i386-mach + os=-mach + ;; + i386-vsta | vsta) + basic_machine=i386-unknown + os=-vsta + ;; + iris | iris4d) + basic_machine=mips-sgi + case $os in + -irix*) + ;; + *) + os=-irix4 + ;; + esac + ;; + isi68 | isi) + basic_machine=m68k-isi + os=-sysv + ;; + leon-*|leon[3-9]-*) + basic_machine=sparc-`echo $basic_machine | sed 's/-.*//'` + ;; + m68knommu) + basic_machine=m68k-unknown + os=-linux + ;; + m68knommu-*) + basic_machine=m68k-`echo $basic_machine | sed 's/^[^-]*-//'` + os=-linux + ;; + m88k-omron*) + basic_machine=m88k-omron + ;; + magnum | m3230) + basic_machine=mips-mips + os=-sysv + ;; + merlin) + basic_machine=ns32k-utek + os=-sysv + ;; + microblaze*) + basic_machine=microblaze-xilinx + ;; + mingw64) + basic_machine=x86_64-pc + os=-mingw64 + ;; + mingw32) + basic_machine=i686-pc + os=-mingw32 + ;; + mingw32ce) + basic_machine=arm-unknown + os=-mingw32ce + ;; + miniframe) + basic_machine=m68000-convergent + ;; + *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) + basic_machine=m68k-atari + os=-mint + ;; + mips3*-*) + basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` + ;; + mips3*) + basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown + ;; + monitor) + basic_machine=m68k-rom68k + os=-coff + ;; + morphos) + basic_machine=powerpc-unknown + os=-morphos + ;; + moxiebox) + basic_machine=moxie-unknown + os=-moxiebox + ;; + msdos) + basic_machine=i386-pc + os=-msdos + ;; + ms1-*) + basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` + ;; + msys) + basic_machine=i686-pc + os=-msys + ;; + mvs) + basic_machine=i370-ibm + os=-mvs + ;; + nacl) + basic_machine=le32-unknown + os=-nacl + ;; + ncr3000) + basic_machine=i486-ncr + os=-sysv4 + ;; + netbsd386) + basic_machine=i386-unknown + os=-netbsd + ;; + netwinder) + basic_machine=armv4l-rebel + os=-linux + ;; + news | news700 | news800 | news900) + basic_machine=m68k-sony + os=-newsos + ;; + news1000) + basic_machine=m68030-sony + os=-newsos + ;; + news-3600 | risc-news) + basic_machine=mips-sony + os=-newsos + ;; + necv70) + basic_machine=v70-nec + os=-sysv + ;; + next | m*-next) + basic_machine=m68k-next + case $os in + -nextstep* ) + ;; + -ns2*) + os=-nextstep2 + ;; + *) + os=-nextstep3 + ;; + esac + ;; + nh3000) + basic_machine=m68k-harris + os=-cxux + ;; + nh[45]000) + basic_machine=m88k-harris + os=-cxux + ;; + nindy960) + basic_machine=i960-intel + os=-nindy + ;; + mon960) + basic_machine=i960-intel + os=-mon960 + ;; + nonstopux) + basic_machine=mips-compaq + os=-nonstopux + ;; + np1) + basic_machine=np1-gould + ;; + neo-tandem) + basic_machine=neo-tandem + ;; + nse-tandem) + basic_machine=nse-tandem + ;; + nsr-tandem) + basic_machine=nsr-tandem + ;; + nsx-tandem) + basic_machine=nsx-tandem + ;; + op50n-* | op60c-*) + basic_machine=hppa1.1-oki + os=-proelf + ;; + openrisc | openrisc-*) + basic_machine=or32-unknown + ;; + os400) + basic_machine=powerpc-ibm + os=-os400 + ;; + OSE68000 | ose68000) + basic_machine=m68000-ericsson + os=-ose + ;; + os68k) + basic_machine=m68k-none + os=-os68k + ;; + pa-hitachi) + basic_machine=hppa1.1-hitachi + os=-hiuxwe2 + ;; + paragon) + basic_machine=i860-intel + os=-osf + ;; + parisc) + basic_machine=hppa-unknown + os=-linux + ;; + parisc-*) + basic_machine=hppa-`echo $basic_machine | sed 's/^[^-]*-//'` + os=-linux + ;; + pbd) + basic_machine=sparc-tti + ;; + pbb) + basic_machine=m68k-tti + ;; + pc532 | pc532-*) + basic_machine=ns32k-pc532 + ;; + pc98) + basic_machine=i386-pc + ;; + pc98-*) + basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentium | p5 | k5 | k6 | nexgen | viac3) + basic_machine=i586-pc + ;; + pentiumpro | p6 | 6x86 | athlon | athlon_*) + basic_machine=i686-pc + ;; + pentiumii | pentium2 | pentiumiii | pentium3) + basic_machine=i686-pc + ;; + pentium4) + basic_machine=i786-pc + ;; + pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) + basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentiumpro-* | p6-* | 6x86-* | athlon-*) + basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) + basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentium4-*) + basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pn) + basic_machine=pn-gould + ;; + power) basic_machine=power-ibm + ;; + ppc | ppcbe) basic_machine=powerpc-unknown + ;; + ppc-* | ppcbe-*) + basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppcle | powerpclittle) + basic_machine=powerpcle-unknown + ;; + ppcle-* | powerpclittle-*) + basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppc64) basic_machine=powerpc64-unknown + ;; + ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppc64le | powerpc64little) + basic_machine=powerpc64le-unknown + ;; + ppc64le-* | powerpc64little-*) + basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ps2) + basic_machine=i386-ibm + ;; + pw32) + basic_machine=i586-unknown + os=-pw32 + ;; + rdos | rdos64) + basic_machine=x86_64-pc + os=-rdos + ;; + rdos32) + basic_machine=i386-pc + os=-rdos + ;; + rom68k) + basic_machine=m68k-rom68k + os=-coff + ;; + rm[46]00) + basic_machine=mips-siemens + ;; + rtpc | rtpc-*) + basic_machine=romp-ibm + ;; + s390 | s390-*) + basic_machine=s390-ibm + ;; + s390x | s390x-*) + basic_machine=s390x-ibm + ;; + sa29200) + basic_machine=a29k-amd + os=-udi + ;; + sb1) + basic_machine=mipsisa64sb1-unknown + ;; + sb1el) + basic_machine=mipsisa64sb1el-unknown + ;; + sde) + basic_machine=mipsisa32-sde + os=-elf + ;; + sei) + basic_machine=mips-sei + os=-seiux + ;; + sequent) + basic_machine=i386-sequent + ;; + sh) + basic_machine=sh-hitachi + os=-hms + ;; + sh5el) + basic_machine=sh5le-unknown + ;; + sh64) + basic_machine=sh64-unknown + ;; + sparclite-wrs | simso-wrs) + basic_machine=sparclite-wrs + os=-vxworks + ;; + sps7) + basic_machine=m68k-bull + os=-sysv2 + ;; + spur) + basic_machine=spur-unknown + ;; + st2000) + basic_machine=m68k-tandem + ;; + stratus) + basic_machine=i860-stratus + os=-sysv4 + ;; + strongarm-* | thumb-*) + basic_machine=arm-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + sun2) + basic_machine=m68000-sun + ;; + sun2os3) + basic_machine=m68000-sun + os=-sunos3 + ;; + sun2os4) + basic_machine=m68000-sun + os=-sunos4 + ;; + sun3os3) + basic_machine=m68k-sun + os=-sunos3 + ;; + sun3os4) + basic_machine=m68k-sun + os=-sunos4 + ;; + sun4os3) + basic_machine=sparc-sun + os=-sunos3 + ;; + sun4os4) + basic_machine=sparc-sun + os=-sunos4 + ;; + sun4sol2) + basic_machine=sparc-sun + os=-solaris2 + ;; + sun3 | sun3-*) + basic_machine=m68k-sun + ;; + sun4) + basic_machine=sparc-sun + ;; + sun386 | sun386i | roadrunner) + basic_machine=i386-sun + ;; + sv1) + basic_machine=sv1-cray + os=-unicos + ;; + symmetry) + basic_machine=i386-sequent + os=-dynix + ;; + t3e) + basic_machine=alphaev5-cray + os=-unicos + ;; + t90) + basic_machine=t90-cray + os=-unicos + ;; + tile*) + basic_machine=$basic_machine-unknown + os=-linux-gnu + ;; + tx39) + basic_machine=mipstx39-unknown + ;; + tx39el) + basic_machine=mipstx39el-unknown + ;; + toad1) + basic_machine=pdp10-xkl + os=-tops20 + ;; + tower | tower-32) + basic_machine=m68k-ncr + ;; + tpf) + basic_machine=s390x-ibm + os=-tpf + ;; + udi29k) + basic_machine=a29k-amd + os=-udi + ;; + ultra3) + basic_machine=a29k-nyu + os=-sym1 + ;; + v810 | necv810) + basic_machine=v810-nec + os=-none + ;; + vaxv) + basic_machine=vax-dec + os=-sysv + ;; + vms) + basic_machine=vax-dec + os=-vms + ;; + vpp*|vx|vx-*) + basic_machine=f301-fujitsu + ;; + vxworks960) + basic_machine=i960-wrs + os=-vxworks + ;; + vxworks68) + basic_machine=m68k-wrs + os=-vxworks + ;; + vxworks29k) + basic_machine=a29k-wrs + os=-vxworks + ;; + wasm32) + basic_machine=wasm32-unknown + ;; + w65*) + basic_machine=w65-wdc + os=-none + ;; + w89k-*) + basic_machine=hppa1.1-winbond + os=-proelf + ;; + x64) + basic_machine=x86_64-pc + ;; + xbox) + basic_machine=i686-pc + os=-mingw32 + ;; + xps | xps100) + basic_machine=xps100-honeywell + ;; + xscale-* | xscalee[bl]-*) + basic_machine=`echo $basic_machine | sed 's/^xscale/arm/'` + ;; + ymp) + basic_machine=ymp-cray + os=-unicos + ;; + z8k-*-coff) + basic_machine=z8k-unknown + os=-sim + ;; + z80-*-coff) + basic_machine=z80-unknown + os=-sim + ;; + none) + basic_machine=none-none + os=-none + ;; + +# Here we handle the default manufacturer of certain CPU types. It is in +# some cases the only manufacturer, in others, it is the most popular. + w89k) + basic_machine=hppa1.1-winbond + ;; + op50n) + basic_machine=hppa1.1-oki + ;; + op60c) + basic_machine=hppa1.1-oki + ;; + romp) + basic_machine=romp-ibm + ;; + mmix) + basic_machine=mmix-knuth + ;; + rs6000) + basic_machine=rs6000-ibm + ;; + vax) + basic_machine=vax-dec + ;; + pdp10) + # there are many clones, so DEC is not a safe bet + basic_machine=pdp10-unknown + ;; + pdp11) + basic_machine=pdp11-dec + ;; + we32k) + basic_machine=we32k-att + ;; + sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele) + basic_machine=sh-unknown + ;; + sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v) + basic_machine=sparc-sun + ;; + cydra) + basic_machine=cydra-cydrome + ;; + orion) + basic_machine=orion-highlevel + ;; + orion105) + basic_machine=clipper-highlevel + ;; + mac | mpw | mac-mpw) + basic_machine=m68k-apple + ;; + pmac | pmac-mpw) + basic_machine=powerpc-apple + ;; + *-unknown) + # Make sure to match an already-canonicalized machine name. + ;; + *) + echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 + exit 1 + ;; +esac + +# Here we canonicalize certain aliases for manufacturers. +case $basic_machine in + *-digital*) + basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'` + ;; + *-commodore*) + basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'` + ;; + *) + ;; +esac + +# Decode manufacturer-specific aliases for certain operating systems. + +if [ x"$os" != x"" ] +then +case $os in + # First match some system type aliases that might get confused + # with valid system types. + # -solaris* is a basic system type, with this one exception. + -auroraux) + os=-auroraux + ;; + -solaris1 | -solaris1.*) + os=`echo $os | sed -e 's|solaris1|sunos4|'` + ;; + -solaris) + os=-solaris2 + ;; + -svr4*) + os=-sysv4 + ;; + -unixware*) + os=-sysv4.2uw + ;; + -gnu/linux*) + os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'` + ;; + # Now accept the basic system types. + # The portable systems comes first. + # Each alternative MUST end in a * to match a version number. + # -sysv* is not here because it comes later, after sysvr4. + -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ + | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\ + | -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \ + | -sym* | -kopensolaris* | -plan9* \ + | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ + | -aos* | -aros* | -cloudabi* | -sortix* \ + | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ + | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ + | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \ + | -bitrig* | -openbsd* | -solidbsd* | -libertybsd* \ + | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ + | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ + | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ + | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ + | -chorusos* | -chorusrdb* | -cegcc* | -glidix* \ + | -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ + | -midipix* | -mingw32* | -mingw64* | -linux-gnu* | -linux-android* \ + | -linux-newlib* | -linux-musl* | -linux-uclibc* \ + | -uxpv* | -beos* | -mpeix* | -udk* | -moxiebox* \ + | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ + | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ + | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ + | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ + | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ + | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ + | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es* \ + | -onefs* | -tirtos* | -phoenix* | -fuchsia* | -redox*) + # Remember, each alternative MUST END IN *, to match a version number. + ;; + -qnx*) + case $basic_machine in + x86-* | i*86-*) + ;; + *) + os=-nto$os + ;; + esac + ;; + -nto-qnx*) + ;; + -nto*) + os=`echo $os | sed -e 's|nto|nto-qnx|'` + ;; + -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ + | -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \ + | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) + ;; + -mac*) + os=`echo $os | sed -e 's|mac|macos|'` + ;; + -linux-dietlibc) + os=-linux-dietlibc + ;; + -linux*) + os=`echo $os | sed -e 's|linux|linux-gnu|'` + ;; + -sunos5*) + os=`echo $os | sed -e 's|sunos5|solaris2|'` + ;; + -sunos6*) + os=`echo $os | sed -e 's|sunos6|solaris3|'` + ;; + -opened*) + os=-openedition + ;; + -os400*) + os=-os400 + ;; + -wince*) + os=-wince + ;; + -osfrose*) + os=-osfrose + ;; + -osf*) + os=-osf + ;; + -utek*) + os=-bsd + ;; + -dynix*) + os=-bsd + ;; + -acis*) + os=-aos + ;; + -atheos*) + os=-atheos + ;; + -syllable*) + os=-syllable + ;; + -386bsd) + os=-bsd + ;; + -ctix* | -uts*) + os=-sysv + ;; + -nova*) + os=-rtmk-nova + ;; + -ns2) + os=-nextstep2 + ;; + -nsk*) + os=-nsk + ;; + # Preserve the version number of sinix5. + -sinix5.*) + os=`echo $os | sed -e 's|sinix|sysv|'` + ;; + -sinix*) + os=-sysv4 + ;; + -tpf*) + os=-tpf + ;; + -triton*) + os=-sysv3 + ;; + -oss*) + os=-sysv3 + ;; + -svr4) + os=-sysv4 + ;; + -svr3) + os=-sysv3 + ;; + -sysvr4) + os=-sysv4 + ;; + # This must come after -sysvr4. + -sysv*) + ;; + -ose*) + os=-ose + ;; + -es1800*) + os=-ose + ;; + -xenix) + os=-xenix + ;; + -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) + os=-mint + ;; + -aros*) + os=-aros + ;; + -zvmoe) + os=-zvmoe + ;; + -dicos*) + os=-dicos + ;; + -pikeos*) + # Until real need of OS specific support for + # particular features comes up, bare metal + # configurations are quite functional. + case $basic_machine in + arm*) + os=-eabi + ;; + *) + os=-elf + ;; + esac + ;; + -nacl*) + ;; + -ios) + ;; + -none) + ;; + *) + # Get rid of the `-' at the beginning of $os. + os=`echo $os | sed 's/[^-]*-//'` + echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2 + exit 1 + ;; +esac +else + +# Here we handle the default operating systems that come with various machines. +# The value should be what the vendor currently ships out the door with their +# machine or put another way, the most popular os provided with the machine. + +# Note that if you're going to try to match "-MANUFACTURER" here (say, +# "-sun"), then you have to tell the case statement up towards the top +# that MANUFACTURER isn't an operating system. Otherwise, code above +# will signal an error saying that MANUFACTURER isn't an operating +# system, and we'll never get to this point. + +case $basic_machine in + score-*) + os=-elf + ;; + spu-*) + os=-elf + ;; + *-acorn) + os=-riscix1.2 + ;; + arm*-rebel) + os=-linux + ;; + arm*-semi) + os=-aout + ;; + c4x-* | tic4x-*) + os=-coff + ;; + c8051-*) + os=-elf + ;; + hexagon-*) + os=-elf + ;; + tic54x-*) + os=-coff + ;; + tic55x-*) + os=-coff + ;; + tic6x-*) + os=-coff + ;; + # This must come before the *-dec entry. + pdp10-*) + os=-tops20 + ;; + pdp11-*) + os=-none + ;; + *-dec | vax-*) + os=-ultrix4.2 + ;; + m68*-apollo) + os=-domain + ;; + i386-sun) + os=-sunos4.0.2 + ;; + m68000-sun) + os=-sunos3 + ;; + m68*-cisco) + os=-aout + ;; + mep-*) + os=-elf + ;; + mips*-cisco) + os=-elf + ;; + mips*-*) + os=-elf + ;; + or32-*) + os=-coff + ;; + *-tti) # must be before sparc entry or we get the wrong os. + os=-sysv3 + ;; + sparc-* | *-sun) + os=-sunos4.1.1 + ;; + pru-*) + os=-elf + ;; + *-be) + os=-beos + ;; + *-haiku) + os=-haiku + ;; + *-ibm) + os=-aix + ;; + *-knuth) + os=-mmixware + ;; + *-wec) + os=-proelf + ;; + *-winbond) + os=-proelf + ;; + *-oki) + os=-proelf + ;; + *-hp) + os=-hpux + ;; + *-hitachi) + os=-hiux + ;; + i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) + os=-sysv + ;; + *-cbm) + os=-amigaos + ;; + *-dg) + os=-dgux + ;; + *-dolphin) + os=-sysv3 + ;; + m68k-ccur) + os=-rtu + ;; + m88k-omron*) + os=-luna + ;; + *-next) + os=-nextstep + ;; + *-sequent) + os=-ptx + ;; + *-crds) + os=-unos + ;; + *-ns) + os=-genix + ;; + i370-*) + os=-mvs + ;; + *-next) + os=-nextstep3 + ;; + *-gould) + os=-sysv + ;; + *-highlevel) + os=-bsd + ;; + *-encore) + os=-bsd + ;; + *-sgi) + os=-irix + ;; + *-siemens) + os=-sysv4 + ;; + *-masscomp) + os=-rtu + ;; + f30[01]-fujitsu | f700-fujitsu) + os=-uxpv + ;; + *-rom68k) + os=-coff + ;; + *-*bug) + os=-coff + ;; + *-apple) + os=-macos + ;; + *-atari*) + os=-mint + ;; + *) + os=-none + ;; +esac +fi + +# Here we handle the case where we know the os, and the CPU type, but not the +# manufacturer. We pick the logical manufacturer. +vendor=unknown +case $basic_machine in + *-unknown) + case $os in + -riscix*) + vendor=acorn + ;; + -sunos*) + vendor=sun + ;; + -cnk*|-aix*) + vendor=ibm + ;; + -beos*) + vendor=be + ;; + -hpux*) + vendor=hp + ;; + -mpeix*) + vendor=hp + ;; + -hiux*) + vendor=hitachi + ;; + -unos*) + vendor=crds + ;; + -dgux*) + vendor=dg + ;; + -luna*) + vendor=omron + ;; + -genix*) + vendor=ns + ;; + -mvs* | -opened*) + vendor=ibm + ;; + -os400*) + vendor=ibm + ;; + -ptx*) + vendor=sequent + ;; + -tpf*) + vendor=ibm + ;; + -vxsim* | -vxworks* | -windiss*) + vendor=wrs + ;; + -aux*) + vendor=apple + ;; + -hms*) + vendor=hitachi + ;; + -mpw* | -macos*) + vendor=apple + ;; + -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) + vendor=atari + ;; + -vos*) + vendor=stratus + ;; + esac + basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"` + ;; +esac + +echo $basic_machine$os +exit + +# Local variables: +# eval: (add-hook 'write-file-functions 'time-stamp) +# time-stamp-start: "timestamp='" +# time-stamp-format: "%:y-%02m-%02d" +# time-stamp-end: "'" +# End: diff --git a/configure b/configure new file mode 100755 index 0000000..ed461b0 --- /dev/null +++ b/configure @@ -0,0 +1,12168 @@ +#! /bin/sh +# Guess values for system-dependent variables and create Makefiles. +# Generated by GNU Autoconf 2.69 for nss-pam-ldapd 0.9.9. +# +# Report bugs to . +# +# Copyright (C) 2006 Luke Howard +# Copyright (C) 2006 West Consulting +# Copyright (C) 2006-2018 Arthur de Jong +# +# This configure script is derived from configure.ac which is free software; +# you can redistribute it and/or modify it under the terms of the GNU Lesser +# General Public License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. See the +# configure.ac file for more details. +# +# +# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. +# +# +# This configure script is free software; the Free Software Foundation +# gives unlimited permission to copy, distribute and modify it. +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## + +# Be more Bourne compatible +DUALCASE=1; export DUALCASE # for MKS sh +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' + setopt NO_GLOB_SUBST +else + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi + + +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +# Prefer a ksh shell builtin over an external printf program on Solaris, +# but without wasting forks for bash or zsh. +if test -z "$BASH_VERSION$ZSH_VERSION" \ + && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='print -r --' + as_echo_n='print -rn --' +elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' + else + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in #( + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' + fi + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' +fi + +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } +fi + + +# IFS +# We need space, tab and new line, in precisely that order. Quoting is +# there to prevent editors from complaining about space-tab. +# (If _AS_PATH_WALK were called with IFS unset, it would disable word +# splitting by setting IFS to empty value.) +IFS=" "" $as_nl" + +# Find who we are. Look in the path if we contain no directory separator. +as_myself= +case $0 in #(( + *[\\/]* ) as_myself=$0 ;; + *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + done +IFS=$as_save_IFS + + ;; +esac +# We did not find ourselves, most probably we were run as `sh COMMAND' +# in which case we are not to be found in the path. +if test "x$as_myself" = x; then + as_myself=$0 +fi +if test ! -f "$as_myself"; then + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 +fi + +# Unset variables that we do not need and which cause bugs (e.g. in +# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" +# suppresses any "Segmentation fault" message there. '((' could +# trigger a bug in pdksh 5.2.14. +for as_var in BASH_ENV ENV MAIL MAILPATH +do eval test x\${$as_var+set} = xset \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : +done +PS1='$ ' +PS2='> ' +PS4='+ ' + +# NLS nuisances. +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + +# Use a proper internal environment variable to ensure we don't fall + # into an infinite loop, continuously re-executing ourselves. + if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then + _as_can_reexec=no; export _as_can_reexec; + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 +as_fn_exit 255 + fi + # We don't want this to propagate to other subprocesses. + { _as_can_reexec=; unset _as_can_reexec;} +if test "x$CONFIG_SHELL" = x; then + as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which + # is contrary to our usage. Disable this feature. + alias -g '\${1+\"\$@\"}'='\"\$@\"' + setopt NO_GLOB_SUBST +else + case \`(set -o) 2>/dev/null\` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi +" + as_required="as_fn_return () { (exit \$1); } +as_fn_success () { as_fn_return 0; } +as_fn_failure () { as_fn_return 1; } +as_fn_ret_success () { return 0; } +as_fn_ret_failure () { return 1; } + +exitcode=0 +as_fn_success || { exitcode=1; echo as_fn_success failed.; } +as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } +as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } +as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } +if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : + +else + exitcode=1; echo positional parameters were not saved. +fi +test x\$exitcode = x0 || exit 1 +test -x / || exit 1" + as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO + as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO + eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && + test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1 +test \$(( 1 + 1 )) = 2 || exit 1" + if (eval "$as_required") 2>/dev/null; then : + as_have_required=yes +else + as_have_required=no +fi + if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then : + +else + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +as_found=false +for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + as_found=: + case $as_dir in #( + /*) + for as_base in sh bash ksh sh5; do + # Try only shells that exist, to save several forks. + as_shell=$as_dir/$as_base + if { test -f "$as_shell" || test -f "$as_shell.exe"; } && + { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then : + CONFIG_SHELL=$as_shell as_have_required=yes + if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then : + break 2 +fi +fi + done;; + esac + as_found=false +done +$as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } && + { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then : + CONFIG_SHELL=$SHELL as_have_required=yes +fi; } +IFS=$as_save_IFS + + + if test "x$CONFIG_SHELL" != x; then : + export CONFIG_SHELL + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 +exit 255 +fi + + if test x$as_have_required = xno; then : + $as_echo "$0: This script requires a shell more modern than all" + $as_echo "$0: the shells that I found on your system." + if test x${ZSH_VERSION+set} = xset ; then + $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should" + $as_echo "$0: be upgraded to zsh 4.3.4 or later." + else + $as_echo "$0: Please tell bug-autoconf@gnu.org and +$0: nss-pam-ldapd-users@lists.arthurdejong.org about your +$0: system, including any error possibly output before this +$0: message. Then install a modern shell, or manually run +$0: the script under such a shell if you do have one." + fi + exit 1 +fi +fi +fi +SHELL=${CONFIG_SHELL-/bin/sh} +export SHELL +# Unset more variables known to interfere with behavior of common tools. +CLICOLOR_FORCE= GREP_OPTIONS= +unset CLICOLOR_FORCE GREP_OPTIONS + +## --------------------- ## +## M4sh Shell Functions. ## +## --------------------- ## +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" + + +} # as_fn_mkdir_p + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + + +# as_fn_error STATUS ERROR [LINENO LOG_FD] +# ---------------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with STATUS, using 1 if that was 0. +as_fn_error () +{ + as_status=$1; test $as_status -eq 0 && as_status=1 + if test "$4"; then + as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 + fi + $as_echo "$as_me: error: $2" >&2 + as_fn_exit $as_status +} # as_fn_error + +if expr a : '\(a\)' >/dev/null 2>&1 && + test "X`expr 00001 : '.*\(...\)'`" = X001; then + as_expr=expr +else + as_expr=false +fi + +if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then + as_basename=basename +else + as_basename=false +fi + +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false +fi + +as_me=`$as_basename -- "$0" || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ + s//\1/ + q + } + /^X\/\(\/\/\)$/{ + s//\1/ + q + } + /^X\/\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits + + + as_lineno_1=$LINENO as_lineno_1a=$LINENO + as_lineno_2=$LINENO as_lineno_2a=$LINENO + eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && + test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { + # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) + sed -n ' + p + /[$]LINENO/= + ' <$as_myself | + sed ' + s/[$]LINENO.*/&-/ + t lineno + b + :lineno + N + :loop + s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ + t loop + s/-\n.*// + ' >$as_me.lineno && + chmod +x "$as_me.lineno" || + { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } + + # If we had to re-execute with $CONFIG_SHELL, we're ensured to have + # already done that, so ensure we don't try to do so again and fall + # in an infinite loop. This has already happened in practice. + _as_can_reexec=no; export _as_can_reexec + # Don't try to exec as it changes $[0], causing all sort of problems + # (the dirname of $[0] is not the place where we might find the + # original and so on. Autoconf is especially sensitive to this). + . "./$as_me.lineno" + # Exit status is that of the last command. + exit +} + +ECHO_C= ECHO_N= ECHO_T= +case `echo -n x` in #((((( +-n*) + case `echo 'xy\c'` in + *c*) ECHO_T=' ';; # ECHO_T is single tab character. + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; + esac;; +*) + ECHO_N='-n';; +esac + +rm -f conf$$ conf$$.exe conf$$.file +if test -d conf$$.dir; then + rm -f conf$$.dir/conf$$.file +else + rm -f conf$$.dir + mkdir conf$$.dir 2>/dev/null +fi +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -pR'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -pR' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else + as_ln_s='cp -pR' + fi +else + as_ln_s='cp -pR' +fi +rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file +rmdir conf$$.dir 2>/dev/null + +if mkdir -p . 2>/dev/null; then + as_mkdir_p='mkdir -p "$as_dir"' +else + test -d ./-p && rmdir ./-p + as_mkdir_p=false +fi + +as_test_x='test -x' +as_executable_p=as_fn_executable_p + +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" + +# Sed expression to map a string onto a valid variable name. +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" + + +test -n "$DJDIR" || exec 7<&0 &1 + +# Name of the host. +# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, +# so uname gets run too. +ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` + +# +# Initializations. +# +ac_default_prefix=/usr/local +ac_clean_files= +ac_config_libobj_dir=. +LIBOBJS= +cross_compiling=no +subdirs= +MFLAGS= +MAKEFLAGS= + +# Identity of this package. +PACKAGE_NAME='nss-pam-ldapd' +PACKAGE_TARNAME='nss-pam-ldapd' +PACKAGE_VERSION='0.9.9' +PACKAGE_STRING='nss-pam-ldapd 0.9.9' +PACKAGE_BUGREPORT='nss-pam-ldapd-users@lists.arthurdejong.org' +PACKAGE_URL='https://arthurdejong.org/nss-pam-ldapd/' + +ac_unique_file="nslcd.h" +ac_default_prefix= +ac_config_libobj_dir=compat +# Factoring default headers for most tests. +ac_includes_default="\ +#include +#ifdef HAVE_SYS_TYPES_H +# include +#endif +#ifdef HAVE_SYS_STAT_H +# include +#endif +#ifdef STDC_HEADERS +# include +# include +#else +# ifdef HAVE_STDLIB_H +# include +# endif +#endif +#ifdef HAVE_STRING_H +# if !defined STDC_HEADERS && defined HAVE_MEMORY_H +# include +# endif +# include +#endif +#ifdef HAVE_STRINGS_H +# include +#endif +#ifdef HAVE_INTTYPES_H +# include +#endif +#ifdef HAVE_STDINT_H +# include +#endif +#ifdef HAVE_UNISTD_H +# include +#endif" + +ac_subst_vars='am__EXEEXT_FALSE +am__EXEEXT_TRUE +LTLIBOBJS +NSS_FLAVOUR_FREEBSD_FALSE +NSS_FLAVOUR_FREEBSD_TRUE +NSS_FLAVOUR_SOLARIS_FALSE +NSS_FLAVOUR_SOLARIS_TRUE +NSS_FLAVOUR_GLIBC_FALSE +NSS_FLAVOUR_GLIBC_TRUE +nslcd_LIBS +PTHREAD_CFLAGS +PTHREAD_LIBS +PTHREAD_CC +ax_pthread_config +pam_ldap_so_LINK +pam_ldap_so_LDFLAGS +LIBOBJS +nss_ldap_so_LINK +nss_ldap_so_LDFLAGS +NSS_MODULE_OBJS +NSS_FLAVOUR +PAM_LDAP_SONAME +NSS_LDAP_SONAME +MODULE_NAME +PAM_SECLIB_DIR +NSLCD_SOCKET +NSLCD_PIDFILE +NSLCD_BINDPW_PATH +NSLCD_CONF_PATH +ENABLE_PYNSLCD_FALSE +ENABLE_PYNSLCD_TRUE +ENABLE_NSLCD_FALSE +ENABLE_NSLCD_TRUE +ENABLE_UTILS_FALSE +ENABLE_UTILS_TRUE +ENABLE_PAM_FALSE +ENABLE_PAM_TRUE +ENABLE_NSS_FALSE +ENABLE_NSS_TRUE +MAINT +MAINTAINER_MODE_FALSE +MAINTAINER_MODE_TRUE +PIC_CFLAGS +HAVE_PYTHON_FALSE +HAVE_PYTHON_TRUE +pkgpyexecdir +pyexecdir +pkgpythondir +pythondir +PYTHON_PLATFORM +PYTHON_EXEC_PREFIX +PYTHON_PREFIX +PYTHON_VERSION +PYTHON +INSTMAN_FALSE +INSTMAN_TRUE +GENMAN_FALSE +GENMAN_TRUE +DOCBOOK2X_MAN +ac_ct_AR +AR +LN_S +EGREP +GREP +RANLIB +CPP +am__fastdepCC_FALSE +am__fastdepCC_TRUE +CCDEPMODE +am__nodep +AMDEPBACKSLASH +AMDEP_FALSE +AMDEP_TRUE +am__quote +am__include +DEPDIR +OBJEXT +EXEEXT +ac_ct_CC +CPPFLAGS +LDFLAGS +CFLAGS +CC +AM_BACKSLASH +AM_DEFAULT_VERBOSITY +AM_DEFAULT_V +AM_V +am__untar +am__tar +AMTAR +am__leading_dot +SET_MAKE +AWK +mkdir_p +MKDIR_P +INSTALL_STRIP_PROGRAM +STRIP +install_sh +MAKEINFO +AUTOHEADER +AUTOMAKE +AUTOCONF +ACLOCAL +VERSION +PACKAGE +CYGPATH_W +am__isrc +INSTALL_DATA +INSTALL_SCRIPT +INSTALL_PROGRAM +target_os +target_vendor +target_cpu +target +host_os +host_vendor +host_cpu +host +build_os +build_vendor +build_cpu +build +RELEASE_MONTH +target_alias +host_alias +build_alias +LIBS +ECHO_T +ECHO_N +ECHO_C +DEFS +mandir +localedir +libdir +psdir +pdfdir +dvidir +htmldir +infodir +docdir +oldincludedir +includedir +runstatedir +localstatedir +sharedstatedir +sysconfdir +datadir +datarootdir +libexecdir +sbindir +bindir +program_transform_name +prefix +exec_prefix +PACKAGE_URL +PACKAGE_BUGREPORT +PACKAGE_STRING +PACKAGE_VERSION +PACKAGE_TARNAME +PACKAGE_NAME +PATH_SEPARATOR +SHELL' +ac_subst_files='' +ac_user_opts=' +enable_option_checking +enable_silent_rules +enable_dependency_tracking +enable_debug +enable_warnings +enable_maintainer_mode +enable_nss +enable_pam +enable_utils +enable_nslcd +enable_pynslcd +enable_sasl +enable_kerberos +enable_configfile_checking +with_ldap_conf_file +with_bindpw_file +with_nslcd_pidfile +with_nslcd_socket +with_pam_seclib_dir +with_module_name +with_nss_ldap_soname +with_pam_ldap_soname +with_nss_maps +with_nss_flavour +with_ldap_lib +' + ac_precious_vars='build_alias +host_alias +target_alias +CC +CFLAGS +LDFLAGS +LIBS +CPPFLAGS +CPP +PYTHON' + + +# Initialize some variables set by options. +ac_init_help= +ac_init_version=false +ac_unrecognized_opts= +ac_unrecognized_sep= +# The variables have the same names as the options, with +# dashes changed to underlines. +cache_file=/dev/null +exec_prefix=NONE +no_create= +no_recursion= +prefix=NONE +program_prefix=NONE +program_suffix=NONE +program_transform_name=s,x,x, +silent= +site= +srcdir= +verbose= +x_includes=NONE +x_libraries=NONE + +# Installation directory options. +# These are left unexpanded so users can "make install exec_prefix=/foo" +# and all the variables that are supposed to be based on exec_prefix +# by default will actually change. +# Use braces instead of parens because sh, perl, etc. also accept them. +# (The list follows the same order as the GNU Coding Standards.) +bindir='${exec_prefix}/bin' +sbindir='${exec_prefix}/sbin' +libexecdir='${exec_prefix}/libexec' +datarootdir='${prefix}/share' +datadir='${datarootdir}' +sysconfdir='${prefix}/etc' +sharedstatedir='${prefix}/com' +localstatedir='${prefix}/var' +runstatedir='${localstatedir}/run' +includedir='${prefix}/include' +oldincludedir='/usr/include' +docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' +infodir='${datarootdir}/info' +htmldir='${docdir}' +dvidir='${docdir}' +pdfdir='${docdir}' +psdir='${docdir}' +libdir='${exec_prefix}/lib' +localedir='${datarootdir}/locale' +mandir='${datarootdir}/man' + +ac_prev= +ac_dashdash= +for ac_option +do + # If the previous option needs an argument, assign it. + if test -n "$ac_prev"; then + eval $ac_prev=\$ac_option + ac_prev= + continue + fi + + case $ac_option in + *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; + *=) ac_optarg= ;; + *) ac_optarg=yes ;; + esac + + # Accept the important Cygnus configure options, so we can diagnose typos. + + case $ac_dashdash$ac_option in + --) + ac_dashdash=yes ;; + + -bindir | --bindir | --bindi | --bind | --bin | --bi) + ac_prev=bindir ;; + -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) + bindir=$ac_optarg ;; + + -build | --build | --buil | --bui | --bu) + ac_prev=build_alias ;; + -build=* | --build=* | --buil=* | --bui=* | --bu=*) + build_alias=$ac_optarg ;; + + -cache-file | --cache-file | --cache-fil | --cache-fi \ + | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) + ac_prev=cache_file ;; + -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ + | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) + cache_file=$ac_optarg ;; + + --config-cache | -C) + cache_file=config.cache ;; + + -datadir | --datadir | --datadi | --datad) + ac_prev=datadir ;; + -datadir=* | --datadir=* | --datadi=* | --datad=*) + datadir=$ac_optarg ;; + + -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \ + | --dataroo | --dataro | --datar) + ac_prev=datarootdir ;; + -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \ + | --dataroot=* | --dataroo=* | --dataro=* | --datar=*) + datarootdir=$ac_optarg ;; + + -disable-* | --disable-*) + ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid feature name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=no ;; + + -docdir | --docdir | --docdi | --doc | --do) + ac_prev=docdir ;; + -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*) + docdir=$ac_optarg ;; + + -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv) + ac_prev=dvidir ;; + -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*) + dvidir=$ac_optarg ;; + + -enable-* | --enable-*) + ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid feature name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=\$ac_optarg ;; + + -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ + | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ + | --exec | --exe | --ex) + ac_prev=exec_prefix ;; + -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ + | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ + | --exec=* | --exe=* | --ex=*) + exec_prefix=$ac_optarg ;; + + -gas | --gas | --ga | --g) + # Obsolete; use --with-gas. + with_gas=yes ;; + + -help | --help | --hel | --he | -h) + ac_init_help=long ;; + -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) + ac_init_help=recursive ;; + -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) + ac_init_help=short ;; + + -host | --host | --hos | --ho) + ac_prev=host_alias ;; + -host=* | --host=* | --hos=* | --ho=*) + host_alias=$ac_optarg ;; + + -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht) + ac_prev=htmldir ;; + -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \ + | --ht=*) + htmldir=$ac_optarg ;; + + -includedir | --includedir | --includedi | --included | --include \ + | --includ | --inclu | --incl | --inc) + ac_prev=includedir ;; + -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ + | --includ=* | --inclu=* | --incl=* | --inc=*) + includedir=$ac_optarg ;; + + -infodir | --infodir | --infodi | --infod | --info | --inf) + ac_prev=infodir ;; + -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) + infodir=$ac_optarg ;; + + -libdir | --libdir | --libdi | --libd) + ac_prev=libdir ;; + -libdir=* | --libdir=* | --libdi=* | --libd=*) + libdir=$ac_optarg ;; + + -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ + | --libexe | --libex | --libe) + ac_prev=libexecdir ;; + -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ + | --libexe=* | --libex=* | --libe=*) + libexecdir=$ac_optarg ;; + + -localedir | --localedir | --localedi | --localed | --locale) + ac_prev=localedir ;; + -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*) + localedir=$ac_optarg ;; + + -localstatedir | --localstatedir | --localstatedi | --localstated \ + | --localstate | --localstat | --localsta | --localst | --locals) + ac_prev=localstatedir ;; + -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ + | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*) + localstatedir=$ac_optarg ;; + + -mandir | --mandir | --mandi | --mand | --man | --ma | --m) + ac_prev=mandir ;; + -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) + mandir=$ac_optarg ;; + + -nfp | --nfp | --nf) + # Obsolete; use --without-fp. + with_fp=no ;; + + -no-create | --no-create | --no-creat | --no-crea | --no-cre \ + | --no-cr | --no-c | -n) + no_create=yes ;; + + -no-recursion | --no-recursion | --no-recursio | --no-recursi \ + | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) + no_recursion=yes ;; + + -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ + | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ + | --oldin | --oldi | --old | --ol | --o) + ac_prev=oldincludedir ;; + -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ + | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ + | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) + oldincludedir=$ac_optarg ;; + + -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) + ac_prev=prefix ;; + -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) + prefix=$ac_optarg ;; + + -program-prefix | --program-prefix | --program-prefi | --program-pref \ + | --program-pre | --program-pr | --program-p) + ac_prev=program_prefix ;; + -program-prefix=* | --program-prefix=* | --program-prefi=* \ + | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) + program_prefix=$ac_optarg ;; + + -program-suffix | --program-suffix | --program-suffi | --program-suff \ + | --program-suf | --program-su | --program-s) + ac_prev=program_suffix ;; + -program-suffix=* | --program-suffix=* | --program-suffi=* \ + | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) + program_suffix=$ac_optarg ;; + + -program-transform-name | --program-transform-name \ + | --program-transform-nam | --program-transform-na \ + | --program-transform-n | --program-transform- \ + | --program-transform | --program-transfor \ + | --program-transfo | --program-transf \ + | --program-trans | --program-tran \ + | --progr-tra | --program-tr | --program-t) + ac_prev=program_transform_name ;; + -program-transform-name=* | --program-transform-name=* \ + | --program-transform-nam=* | --program-transform-na=* \ + | --program-transform-n=* | --program-transform-=* \ + | --program-transform=* | --program-transfor=* \ + | --program-transfo=* | --program-transf=* \ + | --program-trans=* | --program-tran=* \ + | --progr-tra=* | --program-tr=* | --program-t=*) + program_transform_name=$ac_optarg ;; + + -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd) + ac_prev=pdfdir ;; + -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*) + pdfdir=$ac_optarg ;; + + -psdir | --psdir | --psdi | --psd | --ps) + ac_prev=psdir ;; + -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*) + psdir=$ac_optarg ;; + + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + silent=yes ;; + + -runstatedir | --runstatedir | --runstatedi | --runstated \ + | --runstate | --runstat | --runsta | --runst | --runs \ + | --run | --ru | --r) + ac_prev=runstatedir ;; + -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \ + | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \ + | --run=* | --ru=* | --r=*) + runstatedir=$ac_optarg ;; + + -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) + ac_prev=sbindir ;; + -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ + | --sbi=* | --sb=*) + sbindir=$ac_optarg ;; + + -sharedstatedir | --sharedstatedir | --sharedstatedi \ + | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ + | --sharedst | --shareds | --shared | --share | --shar \ + | --sha | --sh) + ac_prev=sharedstatedir ;; + -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ + | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ + | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ + | --sha=* | --sh=*) + sharedstatedir=$ac_optarg ;; + + -site | --site | --sit) + ac_prev=site ;; + -site=* | --site=* | --sit=*) + site=$ac_optarg ;; + + -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) + ac_prev=srcdir ;; + -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) + srcdir=$ac_optarg ;; + + -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ + | --syscon | --sysco | --sysc | --sys | --sy) + ac_prev=sysconfdir ;; + -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ + | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) + sysconfdir=$ac_optarg ;; + + -target | --target | --targe | --targ | --tar | --ta | --t) + ac_prev=target_alias ;; + -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) + target_alias=$ac_optarg ;; + + -v | -verbose | --verbose | --verbos | --verbo | --verb) + verbose=yes ;; + + -version | --version | --versio | --versi | --vers | -V) + ac_init_version=: ;; + + -with-* | --with-*) + ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid package name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=\$ac_optarg ;; + + -without-* | --without-*) + ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid package name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=no ;; + + --x) + # Obsolete; use --with-x. + with_x=yes ;; + + -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ + | --x-incl | --x-inc | --x-in | --x-i) + ac_prev=x_includes ;; + -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ + | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) + x_includes=$ac_optarg ;; + + -x-libraries | --x-libraries | --x-librarie | --x-librari \ + | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) + ac_prev=x_libraries ;; + -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ + | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) + x_libraries=$ac_optarg ;; + + -*) as_fn_error $? "unrecognized option: \`$ac_option' +Try \`$0 --help' for more information" + ;; + + *=*) + ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` + # Reject names that are not valid shell variable names. + case $ac_envvar in #( + '' | [0-9]* | *[!_$as_cr_alnum]* ) + as_fn_error $? "invalid variable name: \`$ac_envvar'" ;; + esac + eval $ac_envvar=\$ac_optarg + export $ac_envvar ;; + + *) + # FIXME: should be removed in autoconf 3.0. + $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 + expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && + $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 + : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}" + ;; + + esac +done + +if test -n "$ac_prev"; then + ac_option=--`echo $ac_prev | sed 's/_/-/g'` + as_fn_error $? "missing argument to $ac_option" +fi + +if test -n "$ac_unrecognized_opts"; then + case $enable_option_checking in + no) ;; + fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;; + *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; + esac +fi + +# Check all directory arguments for consistency. +for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ + datadir sysconfdir sharedstatedir localstatedir includedir \ + oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ + libdir localedir mandir runstatedir +do + eval ac_val=\$$ac_var + # Remove trailing slashes. + case $ac_val in + */ ) + ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'` + eval $ac_var=\$ac_val;; + esac + # Be sure to have absolute directory names. + case $ac_val in + [\\/$]* | ?:[\\/]* ) continue;; + NONE | '' ) case $ac_var in *prefix ) continue;; esac;; + esac + as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val" +done + +# There might be people who depend on the old broken behavior: `$host' +# used to hold the argument of --host etc. +# FIXME: To remove some day. +build=$build_alias +host=$host_alias +target=$target_alias + +# FIXME: To remove some day. +if test "x$host_alias" != x; then + if test "x$build_alias" = x; then + cross_compiling=maybe + elif test "x$build_alias" != "x$host_alias"; then + cross_compiling=yes + fi +fi + +ac_tool_prefix= +test -n "$host_alias" && ac_tool_prefix=$host_alias- + +test "$silent" = yes && exec 6>/dev/null + + +ac_pwd=`pwd` && test -n "$ac_pwd" && +ac_ls_di=`ls -di .` && +ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || + as_fn_error $? "working directory cannot be determined" +test "X$ac_ls_di" = "X$ac_pwd_ls_di" || + as_fn_error $? "pwd does not report name of working directory" + + +# Find the source files, if location was not specified. +if test -z "$srcdir"; then + ac_srcdir_defaulted=yes + # Try the directory containing this script, then the parent directory. + ac_confdir=`$as_dirname -- "$as_myself" || +$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_myself" : 'X\(//\)[^/]' \| \ + X"$as_myself" : 'X\(//\)$' \| \ + X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_myself" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + srcdir=$ac_confdir + if test ! -r "$srcdir/$ac_unique_file"; then + srcdir=.. + fi +else + ac_srcdir_defaulted=no +fi +if test ! -r "$srcdir/$ac_unique_file"; then + test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." + as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir" +fi +ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" +ac_abs_confdir=`( + cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg" + pwd)` +# When building in place, set srcdir=. +if test "$ac_abs_confdir" = "$ac_pwd"; then + srcdir=. +fi +# Remove unnecessary trailing slashes from srcdir. +# Double slashes in file names in object file debugging info +# mess up M-x gdb in Emacs. +case $srcdir in +*/) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;; +esac +for ac_var in $ac_precious_vars; do + eval ac_env_${ac_var}_set=\${${ac_var}+set} + eval ac_env_${ac_var}_value=\$${ac_var} + eval ac_cv_env_${ac_var}_set=\${${ac_var}+set} + eval ac_cv_env_${ac_var}_value=\$${ac_var} +done + +# +# Report the --help message. +# +if test "$ac_init_help" = "long"; then + # Omit some internal or obsolete options to make the list less imposing. + # This message is too long to be a string in the A/UX 3.1 sh. + cat <<_ACEOF +\`configure' configures nss-pam-ldapd 0.9.9 to adapt to many kinds of systems. + +Usage: $0 [OPTION]... [VAR=VALUE]... + +To assign environment variables (e.g., CC, CFLAGS...), specify them as +VAR=VALUE. See below for descriptions of some of the useful variables. + +Defaults for the options are specified in brackets. + +Configuration: + -h, --help display this help and exit + --help=short display options specific to this package + --help=recursive display the short help of all the included packages + -V, --version display version information and exit + -q, --quiet, --silent do not print \`checking ...' messages + --cache-file=FILE cache test results in FILE [disabled] + -C, --config-cache alias for \`--cache-file=config.cache' + -n, --no-create do not create output files + --srcdir=DIR find the sources in DIR [configure dir or \`..'] + +Installation directories: + --prefix=PREFIX install architecture-independent files in PREFIX + [$ac_default_prefix] + --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX + [PREFIX] + +By default, \`make install' will install all the files in +\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify +an installation prefix other than \`$ac_default_prefix' using \`--prefix', +for instance \`--prefix=\$HOME'. + +For better control, use the options below. + +Fine tuning of the installation directories: + --bindir=DIR user executables [EPREFIX/bin] + --sbindir=DIR system admin executables [EPREFIX/sbin] + --libexecdir=DIR program executables [EPREFIX/libexec] + --sysconfdir=DIR read-only single-machine data [PREFIX/etc] + --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] + --localstatedir=DIR modifiable single-machine data [PREFIX/var] + --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] + --libdir=DIR object code libraries [EPREFIX/lib] + --includedir=DIR C header files [PREFIX/include] + --oldincludedir=DIR C header files for non-gcc [/usr/include] + --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] + --datadir=DIR read-only architecture-independent data [DATAROOTDIR] + --infodir=DIR info documentation [DATAROOTDIR/info] + --localedir=DIR locale-dependent data [DATAROOTDIR/locale] + --mandir=DIR man documentation [DATAROOTDIR/man] + --docdir=DIR documentation root [DATAROOTDIR/doc/nss-pam-ldapd] + --htmldir=DIR html documentation [DOCDIR] + --dvidir=DIR dvi documentation [DOCDIR] + --pdfdir=DIR pdf documentation [DOCDIR] + --psdir=DIR ps documentation [DOCDIR] +_ACEOF + + cat <<\_ACEOF + +Program names: + --program-prefix=PREFIX prepend PREFIX to installed program names + --program-suffix=SUFFIX append SUFFIX to installed program names + --program-transform-name=PROGRAM run sed PROGRAM on installed program names + +System types: + --build=BUILD configure for building on BUILD [guessed] + --host=HOST cross-compile to build programs to run on HOST [BUILD] + --target=TARGET configure for building compilers for TARGET [HOST] +_ACEOF +fi + +if test -n "$ac_init_help"; then + case $ac_init_help in + short | recursive ) echo "Configuration of nss-pam-ldapd 0.9.9:";; + esac + cat <<\_ACEOF + +Optional Features: + --disable-option-checking ignore unrecognized --enable/--with options + --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) + --enable-FEATURE[=ARG] include FEATURE [ARG=yes] + --enable-silent-rules less verbose build output (undo: "make V=1") + --disable-silent-rules verbose build output (undo: "make V=0") + --enable-dependency-tracking + do not reject slow dependency extractors + --disable-dependency-tracking + speeds up one-time build + --enable-debug enable extensive debugging and logging + --enable-warnings enable extra compiler warnings (gcc) + --disable-maintainer-mode + disable make rules and dependencies not useful (and + sometimes confusing) to the casual installer + --disable-nss build the NSS module [enabled] + --disable-pam build the PAM module [enabled] + --disable-utils build the the command-line utilities [auto] + --disable-nslcd build the nslcd daemon [enabled] + --enable-pynslcd build the pynslcd daemon [disabled] + --disable-sasl disable SASL support [enabled] + --disable-kerberos disable Kerberos support [enabled] + --disable-configfile-checking + check configfile options [enabled] + +Optional Packages: + --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] + --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) + --with-ldap-conf-file=PATH + path to nslcd configuration file [/etc/nslcd.conf] + --with-bindpw-file=PATH path to file with value for bindpw [disabled] + --with-nslcd-pidfile=PATH + path to pidfile [/var/run/nslcd/nslcd.pid] + --with-nslcd-socket=PATH + path to socket [/var/run/nslcd/socket] + --with-pam-seclib-dir=PAM_SECLIB_DIR + path to PAM security library [auto] + --with-module-name=NAME name of NSS and PAM modules [ldap] + --with-nss-ldap-soname=SONAME + name of NSS module [auto] + --with-pam-ldap-soname=SONAME + name of PAM module [auto] + --with-nss-maps=MAP LIST + comma separated list of NSS maps to build [all] + --with-nss-flavour=auto|glibc|solaris|freebsd + the libc flavour to build our NSS module for [auto] + --with-ldap-lib=TYPE select ldap library + (auto|netscape5|netscape4|netscape3|umich|openldap) + [auto] + +Some influential environment variables: + CC C compiler command + CFLAGS C compiler flags + LDFLAGS linker flags, e.g. -L if you have libraries in a + nonstandard directory + LIBS libraries to pass to the linker, e.g. -l + CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I if + you have headers in a nonstandard directory + CPP C preprocessor + PYTHON the Python interpreter + +Use these variables to override the choices made by `configure' or to help +it to find libraries and programs with nonstandard names/locations. + +Report bugs to . +nss-pam-ldapd home page: . +_ACEOF +ac_status=$? +fi + +if test "$ac_init_help" = "recursive"; then + # If there are subdirs, report their specific --help. + for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue + test -d "$ac_dir" || + { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } || + continue + ac_builddir=. + +case "$ac_dir" in +.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; +*) + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` + # A ".." for each directory in $ac_dir_suffix. + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` + case $ac_top_builddir_sub in + "") ac_top_builddir_sub=. ac_top_build_prefix= ;; + *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; + esac ;; +esac +ac_abs_top_builddir=$ac_pwd +ac_abs_builddir=$ac_pwd$ac_dir_suffix +# for backward compatibility: +ac_top_builddir=$ac_top_build_prefix + +case $srcdir in + .) # We are building in place. + ac_srcdir=. + ac_top_srcdir=$ac_top_builddir_sub + ac_abs_top_srcdir=$ac_pwd ;; + [\\/]* | ?:[\\/]* ) # Absolute name. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir + ac_abs_top_srcdir=$srcdir ;; + *) # Relative name. + ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_build_prefix$srcdir + ac_abs_top_srcdir=$ac_pwd/$srcdir ;; +esac +ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix + + cd "$ac_dir" || { ac_status=$?; continue; } + # Check for guested configure. + if test -f "$ac_srcdir/configure.gnu"; then + echo && + $SHELL "$ac_srcdir/configure.gnu" --help=recursive + elif test -f "$ac_srcdir/configure"; then + echo && + $SHELL "$ac_srcdir/configure" --help=recursive + else + $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 + fi || ac_status=$? + cd "$ac_pwd" || { ac_status=$?; break; } + done +fi + +test -n "$ac_init_help" && exit $ac_status +if $ac_init_version; then + cat <<\_ACEOF +nss-pam-ldapd configure 0.9.9 +generated by GNU Autoconf 2.69 + +Copyright (C) 2012 Free Software Foundation, Inc. +This configure script is free software; the Free Software Foundation +gives unlimited permission to copy, distribute and modify it. + +Copyright (C) 2006 Luke Howard +Copyright (C) 2006 West Consulting +Copyright (C) 2006-2018 Arthur de Jong + +This configure script is derived from configure.ac which is free software; +you can redistribute it and/or modify it under the terms of the GNU Lesser +General Public License as published by the Free Software Foundation; either +version 2.1 of the License, or (at your option) any later version. See the +configure.ac file for more details. +_ACEOF + exit +fi + +## ------------------------ ## +## Autoconf initialization. ## +## ------------------------ ## + +# ac_fn_c_try_compile LINENO +# -------------------------- +# Try to compile conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_compile () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + rm -f conftest.$ac_objext + if { { ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compile") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then : + ac_retval=0 +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=1 +fi + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval + +} # ac_fn_c_try_compile + +# ac_fn_c_try_cpp LINENO +# ---------------------- +# Try to preprocess conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_cpp () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if { { ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } > conftest.i && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then : + ac_retval=0 +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=1 +fi + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval + +} # ac_fn_c_try_cpp + +# ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES +# ------------------------------------------------------- +# Tests whether HEADER exists, giving a warning if it cannot be compiled using +# the include files in INCLUDES and setting the cache variable VAR +# accordingly. +ac_fn_c_check_header_mongrel () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if eval \${$3+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if eval \${$3+:} false; then : + $as_echo_n "(cached) " >&6 +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +else + # Is the header compilable? +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5 +$as_echo_n "checking $2 usability... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +#include <$2> +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_header_compiler=yes +else + ac_header_compiler=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5 +$as_echo "$ac_header_compiler" >&6; } + +# Is the header present? +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5 +$as_echo_n "checking $2 presence... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include <$2> +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + ac_header_preproc=yes +else + ac_header_preproc=no +fi +rm -f conftest.err conftest.i conftest.$ac_ext +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5 +$as_echo "$ac_header_preproc" >&6; } + +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #(( + yes:no: ) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5 +$as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 +$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} + ;; + no:yes:* ) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5 +$as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: check for missing prerequisite headers?" >&5 +$as_echo "$as_me: WARNING: $2: check for missing prerequisite headers?" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5 +$as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&5 +$as_echo "$as_me: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 +$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} +( $as_echo "## --------------------------------------------------------- ## +## Report this to nss-pam-ldapd-users@lists.arthurdejong.org ## +## --------------------------------------------------------- ##" + ) | sed "s/^/$as_me: WARNING: /" >&2 + ;; +esac + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if eval \${$3+:} false; then : + $as_echo_n "(cached) " >&6 +else + eval "$3=\$ac_header_compiler" +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +fi + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + +} # ac_fn_c_check_header_mongrel + +# ac_fn_c_try_run LINENO +# ---------------------- +# Try to link conftest.$ac_ext, and return whether this succeeded. Assumes +# that executables *can* be run. +ac_fn_c_try_run () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { ac_try='./conftest$ac_exeext' + { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; }; then : + ac_retval=0 +else + $as_echo "$as_me: program exited with status $ac_status" >&5 + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=$ac_status +fi + rm -rf conftest.dSYM conftest_ipa8_conftest.oo + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval + +} # ac_fn_c_try_run + +# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES +# ------------------------------------------------------- +# Tests whether HEADER exists and can be compiled using the include files in +# INCLUDES, setting the cache variable VAR accordingly. +ac_fn_c_check_header_compile () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if eval \${$3+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +#include <$2> +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$3=yes" +else + eval "$3=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + +} # ac_fn_c_check_header_compile + +# ac_fn_c_try_link LINENO +# ----------------------- +# Try to link conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_link () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + rm -f conftest.$ac_objext conftest$ac_exeext + if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && { + test "$cross_compiling" = yes || + test -x conftest$ac_exeext + }; then : + ac_retval=0 +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=1 +fi + # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information + # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would + # interfere with the next link command; also delete a directory that is + # left behind by Apple's compiler. We do this before executing the actions. + rm -rf conftest.dSYM conftest_ipa8_conftest.oo + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval + +} # ac_fn_c_try_link + +# ac_fn_c_check_func LINENO FUNC VAR +# ---------------------------------- +# Tests whether FUNC exists, setting the cache variable VAR accordingly +ac_fn_c_check_func () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if eval \${$3+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +/* Define $2 to an innocuous variant, in case declares $2. + For example, HP-UX 11i declares gettimeofday. */ +#define $2 innocuous_$2 + +/* System header to define __stub macros and hopefully few prototypes, + which can conflict with char $2 (); below. + Prefer to if __STDC__ is defined, since + exists even on freestanding compilers. */ + +#ifdef __STDC__ +# include +#else +# include +#endif + +#undef $2 + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char $2 (); +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined __stub_$2 || defined __stub___$2 +choke me +#endif + +int +main () +{ +return $2 (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + eval "$3=yes" +else + eval "$3=no" +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + +} # ac_fn_c_check_func + +# ac_fn_c_check_type LINENO TYPE VAR INCLUDES +# ------------------------------------------- +# Tests whether TYPE exists after having included INCLUDES, setting cache +# variable VAR accordingly. +ac_fn_c_check_type () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if eval \${$3+:} false; then : + $as_echo_n "(cached) " >&6 +else + eval "$3=no" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +if (sizeof ($2)) + return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +if (sizeof (($2))) + return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + +else + eval "$3=yes" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + +} # ac_fn_c_check_type + +# ac_fn_c_check_decl LINENO SYMBOL VAR INCLUDES +# --------------------------------------------- +# Tests whether SYMBOL is declared in INCLUDES, setting cache variable VAR +# accordingly. +ac_fn_c_check_decl () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + as_decl_name=`echo $2|sed 's/ *(.*//'` + as_decl_use=`echo $2|sed -e 's/(/((/' -e 's/)/) 0&/' -e 's/,/) 0& (/g'` + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $as_decl_name is declared" >&5 +$as_echo_n "checking whether $as_decl_name is declared... " >&6; } +if eval \${$3+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +#ifndef $as_decl_name +#ifdef __cplusplus + (void) $as_decl_use; +#else + (void) $as_decl_name; +#endif +#endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$3=yes" +else + eval "$3=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + +} # ac_fn_c_check_decl + +# ac_fn_c_find_intX_t LINENO BITS VAR +# ----------------------------------- +# Finds a signed integer type with width BITS, setting cache variable VAR +# accordingly. +ac_fn_c_find_intX_t () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for int$2_t" >&5 +$as_echo_n "checking for int$2_t... " >&6; } +if eval \${$3+:} false; then : + $as_echo_n "(cached) " >&6 +else + eval "$3=no" + # Order is important - never check a type that is potentially smaller + # than half of the expected target width. + for ac_type in int$2_t 'int' 'long int' \ + 'long long int' 'short int' 'signed char'; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_includes_default + enum { N = $2 / 2 - 1 }; +int +main () +{ +static int test_array [1 - 2 * !(0 < ($ac_type) ((((($ac_type) 1 << N) << N) - 1) * 2 + 1))]; +test_array [0] = 0; +return test_array [0]; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_includes_default + enum { N = $2 / 2 - 1 }; +int +main () +{ +static int test_array [1 - 2 * !(($ac_type) ((((($ac_type) 1 << N) << N) - 1) * 2 + 1) + < ($ac_type) ((((($ac_type) 1 << N) << N) - 1) * 2 + 2))]; +test_array [0] = 0; +return test_array [0]; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + +else + case $ac_type in #( + int$2_t) : + eval "$3=yes" ;; #( + *) : + eval "$3=\$ac_type" ;; +esac +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + if eval test \"x\$"$3"\" = x"no"; then : + +else + break +fi + done +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + +} # ac_fn_c_find_intX_t + +# ac_fn_c_find_uintX_t LINENO BITS VAR +# ------------------------------------ +# Finds an unsigned integer type with width BITS, setting cache variable VAR +# accordingly. +ac_fn_c_find_uintX_t () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for uint$2_t" >&5 +$as_echo_n "checking for uint$2_t... " >&6; } +if eval \${$3+:} false; then : + $as_echo_n "(cached) " >&6 +else + eval "$3=no" + # Order is important - never check a type that is potentially smaller + # than half of the expected target width. + for ac_type in uint$2_t 'unsigned int' 'unsigned long int' \ + 'unsigned long long int' 'unsigned short int' 'unsigned char'; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_includes_default +int +main () +{ +static int test_array [1 - 2 * !((($ac_type) -1 >> ($2 / 2 - 1)) >> ($2 / 2 - 1) == 3)]; +test_array [0] = 0; +return test_array [0]; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + case $ac_type in #( + uint$2_t) : + eval "$3=yes" ;; #( + *) : + eval "$3=\$ac_type" ;; +esac +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + if eval test \"x\$"$3"\" = x"no"; then : + +else + break +fi + done +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + +} # ac_fn_c_find_uintX_t + +# ac_fn_c_compute_int LINENO EXPR VAR INCLUDES +# -------------------------------------------- +# Tries to find the compile-time value of EXPR in a program that includes +# INCLUDES, setting VAR accordingly. Returns whether the value could be +# computed +ac_fn_c_compute_int () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if test "$cross_compiling" = yes; then + # Depending upon the size, compute the lo and hi bounds. +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +static int test_array [1 - 2 * !(($2) >= 0)]; +test_array [0] = 0; +return test_array [0]; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_lo=0 ac_mid=0 + while :; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +static int test_array [1 - 2 * !(($2) <= $ac_mid)]; +test_array [0] = 0; +return test_array [0]; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_hi=$ac_mid; break +else + as_fn_arith $ac_mid + 1 && ac_lo=$as_val + if test $ac_lo -le $ac_mid; then + ac_lo= ac_hi= + break + fi + as_fn_arith 2 '*' $ac_mid + 1 && ac_mid=$as_val +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + done +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +static int test_array [1 - 2 * !(($2) < 0)]; +test_array [0] = 0; +return test_array [0]; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_hi=-1 ac_mid=-1 + while :; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +static int test_array [1 - 2 * !(($2) >= $ac_mid)]; +test_array [0] = 0; +return test_array [0]; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_lo=$ac_mid; break +else + as_fn_arith '(' $ac_mid ')' - 1 && ac_hi=$as_val + if test $ac_mid -le $ac_hi; then + ac_lo= ac_hi= + break + fi + as_fn_arith 2 '*' $ac_mid && ac_mid=$as_val +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + done +else + ac_lo= ac_hi= +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +# Binary search between lo and hi bounds. +while test "x$ac_lo" != "x$ac_hi"; do + as_fn_arith '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo && ac_mid=$as_val + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +static int test_array [1 - 2 * !(($2) <= $ac_mid)]; +test_array [0] = 0; +return test_array [0]; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_hi=$ac_mid +else + as_fn_arith '(' $ac_mid ')' + 1 && ac_lo=$as_val +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +done +case $ac_lo in #(( +?*) eval "$3=\$ac_lo"; ac_retval=0 ;; +'') ac_retval=1 ;; +esac + else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +static long int longval () { return $2; } +static unsigned long int ulongval () { return $2; } +#include +#include +int +main () +{ + + FILE *f = fopen ("conftest.val", "w"); + if (! f) + return 1; + if (($2) < 0) + { + long int i = longval (); + if (i != ($2)) + return 1; + fprintf (f, "%ld", i); + } + else + { + unsigned long int i = ulongval (); + if (i != ($2)) + return 1; + fprintf (f, "%lu", i); + } + /* Do not output a trailing newline, as this causes \r\n confusion + on some platforms. */ + return ferror (f) || fclose (f) != 0; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + echo >>conftest.val; read $3 &5 +$as_echo_n "checking for $2.$3... " >&6; } +if eval \${$4+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$5 +int +main () +{ +static $2 ac_aggr; +if (ac_aggr.$3) +return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$4=yes" +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$5 +int +main () +{ +static $2 ac_aggr; +if (sizeof ac_aggr.$3) +return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$4=yes" +else + eval "$4=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +eval ac_res=\$$4 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + +} # ac_fn_c_check_member +cat >config.log <<_ACEOF +This file contains any messages produced by compilers while +running configure, to aid debugging if configure makes a mistake. + +It was created by nss-pam-ldapd $as_me 0.9.9, which was +generated by GNU Autoconf 2.69. Invocation command line was + + $ $0 $@ + +_ACEOF +exec 5>>config.log +{ +cat <<_ASUNAME +## --------- ## +## Platform. ## +## --------- ## + +hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` +uname -m = `(uname -m) 2>/dev/null || echo unknown` +uname -r = `(uname -r) 2>/dev/null || echo unknown` +uname -s = `(uname -s) 2>/dev/null || echo unknown` +uname -v = `(uname -v) 2>/dev/null || echo unknown` + +/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` +/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` + +/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` +/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` +/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` +/usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` +/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` +/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` +/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` + +_ASUNAME + +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + $as_echo "PATH: $as_dir" + done +IFS=$as_save_IFS + +} >&5 + +cat >&5 <<_ACEOF + + +## ----------- ## +## Core tests. ## +## ----------- ## + +_ACEOF + + +# Keep a trace of the command line. +# Strip out --no-create and --no-recursion so they do not pile up. +# Strip out --silent because we don't want to record it for future runs. +# Also quote any args containing shell meta-characters. +# Make two passes to allow for proper duplicate-argument suppression. +ac_configure_args= +ac_configure_args0= +ac_configure_args1= +ac_must_keep_next=false +for ac_pass in 1 2 +do + for ac_arg + do + case $ac_arg in + -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + continue ;; + *\'*) + ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + case $ac_pass in + 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; + 2) + as_fn_append ac_configure_args1 " '$ac_arg'" + if test $ac_must_keep_next = true; then + ac_must_keep_next=false # Got value, back to normal. + else + case $ac_arg in + *=* | --config-cache | -C | -disable-* | --disable-* \ + | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ + | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ + | -with-* | --with-* | -without-* | --without-* | --x) + case "$ac_configure_args0 " in + "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; + esac + ;; + -* ) ac_must_keep_next=true ;; + esac + fi + as_fn_append ac_configure_args " '$ac_arg'" + ;; + esac + done +done +{ ac_configure_args0=; unset ac_configure_args0;} +{ ac_configure_args1=; unset ac_configure_args1;} + +# When interrupted or exit'd, cleanup temporary files, and complete +# config.log. We remove comments because anyway the quotes in there +# would cause problems or look ugly. +# WARNING: Use '\'' to represent an apostrophe within the trap. +# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. +trap 'exit_status=$? + # Save into config.log some information that might help in debugging. + { + echo + + $as_echo "## ---------------- ## +## Cache variables. ## +## ---------------- ##" + echo + # The following way of writing the cache mishandles newlines in values, +( + for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do + eval ac_val=\$$ac_var + case $ac_val in #( + *${as_nl}*) + case $ac_var in #( + *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; + esac + case $ac_var in #( + _ | IFS | as_nl) ;; #( + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; + esac ;; + esac + done + (set) 2>&1 | + case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( + *${as_nl}ac_space=\ *) + sed -n \ + "s/'\''/'\''\\\\'\'''\''/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" + ;; #( + *) + sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" + ;; + esac | + sort +) + echo + + $as_echo "## ----------------- ## +## Output variables. ## +## ----------------- ##" + echo + for ac_var in $ac_subst_vars + do + eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac + $as_echo "$ac_var='\''$ac_val'\''" + done | sort + echo + + if test -n "$ac_subst_files"; then + $as_echo "## ------------------- ## +## File substitutions. ## +## ------------------- ##" + echo + for ac_var in $ac_subst_files + do + eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac + $as_echo "$ac_var='\''$ac_val'\''" + done | sort + echo + fi + + if test -s confdefs.h; then + $as_echo "## ----------- ## +## confdefs.h. ## +## ----------- ##" + echo + cat confdefs.h + echo + fi + test "$ac_signal" != 0 && + $as_echo "$as_me: caught signal $ac_signal" + $as_echo "$as_me: exit $exit_status" + } >&5 + rm -f core *.core core.conftest.* && + rm -f -r conftest* confdefs* conf$$* $ac_clean_files && + exit $exit_status +' 0 +for ac_signal in 1 2 13 15; do + trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal +done +ac_signal=0 + +# confdefs.h avoids OS command line length limits that DEFS can exceed. +rm -f -r conftest* confdefs.h + +$as_echo "/* confdefs.h */" > confdefs.h + +# Predefined preprocessor variables. + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_NAME "$PACKAGE_NAME" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_TARNAME "$PACKAGE_TARNAME" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_VERSION "$PACKAGE_VERSION" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_STRING "$PACKAGE_STRING" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_URL "$PACKAGE_URL" +_ACEOF + + +# Let the site file select an alternate cache file if it wants to. +# Prefer an explicitly selected file to automatically selected ones. +ac_site_file1=NONE +ac_site_file2=NONE +if test -n "$CONFIG_SITE"; then + # We do not want a PATH search for config.site. + case $CONFIG_SITE in #(( + -*) ac_site_file1=./$CONFIG_SITE;; + */*) ac_site_file1=$CONFIG_SITE;; + *) ac_site_file1=./$CONFIG_SITE;; + esac +elif test "x$prefix" != xNONE; then + ac_site_file1=$prefix/share/config.site + ac_site_file2=$prefix/etc/config.site +else + ac_site_file1=$ac_default_prefix/share/config.site + ac_site_file2=$ac_default_prefix/etc/config.site +fi +for ac_site_file in "$ac_site_file1" "$ac_site_file2" +do + test "x$ac_site_file" = xNONE && continue + if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 +$as_echo "$as_me: loading site script $ac_site_file" >&6;} + sed 's/^/| /' "$ac_site_file" >&5 + . "$ac_site_file" \ + || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "failed to load site script $ac_site_file +See \`config.log' for more details" "$LINENO" 5; } + fi +done + +if test -r "$cache_file"; then + # Some versions of bash will fail to source /dev/null (special files + # actually), so we avoid doing that. DJGPP emulates it as a regular file. + if test /dev/null != "$cache_file" && test -f "$cache_file"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 +$as_echo "$as_me: loading cache $cache_file" >&6;} + case $cache_file in + [\\/]* | ?:[\\/]* ) . "$cache_file";; + *) . "./$cache_file";; + esac + fi +else + { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 +$as_echo "$as_me: creating cache $cache_file" >&6;} + >$cache_file +fi + +# Check that the precious variables saved in the cache have kept the same +# value. +ac_cache_corrupted=false +for ac_var in $ac_precious_vars; do + eval ac_old_set=\$ac_cv_env_${ac_var}_set + eval ac_new_set=\$ac_env_${ac_var}_set + eval ac_old_val=\$ac_cv_env_${ac_var}_value + eval ac_new_val=\$ac_env_${ac_var}_value + case $ac_old_set,$ac_new_set in + set,) + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 +$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,set) + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 +$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,);; + *) + if test "x$ac_old_val" != "x$ac_new_val"; then + # differences in whitespace do not lead to failure. + ac_old_val_w=`echo x $ac_old_val` + ac_new_val_w=`echo x $ac_new_val` + if test "$ac_old_val_w" != "$ac_new_val_w"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 +$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} + ac_cache_corrupted=: + else + { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 +$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} + eval $ac_var=\$ac_old_val + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 +$as_echo "$as_me: former value: \`$ac_old_val'" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 +$as_echo "$as_me: current value: \`$ac_new_val'" >&2;} + fi;; + esac + # Pass precious variables to config.status. + if test "$ac_new_set" = set; then + case $ac_new_val in + *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; + *) ac_arg=$ac_var=$ac_new_val ;; + esac + case " $ac_configure_args " in + *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. + *) as_fn_append ac_configure_args " '$ac_arg'" ;; + esac + fi +done +if $ac_cache_corrupted; then + { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 +$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;} + as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 +fi +## -------------------- ## +## Main body of script. ## +## -------------------- ## + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + +RELEASE_MONTH="Feb 2018" + + + + +# some initialisation +ac_aux_dir= +for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do + if test -f "$ac_dir/install-sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install-sh -c" + break + elif test -f "$ac_dir/install.sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install.sh -c" + break + elif test -f "$ac_dir/shtool"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/shtool install -c" + break + fi +done +if test -z "$ac_aux_dir"; then + as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5 +fi + +# These three variables are undocumented and unsupported, +# and are intended to be withdrawn in a future Autoconf release. +# They can cause serious problems if a builder's source tree is in a directory +# whose full name contains unusual characters. +ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. +ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. +ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. + + +# Make sure we can run config.sub. +$SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 || + as_fn_error $? "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5 + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking build system type" >&5 +$as_echo_n "checking build system type... " >&6; } +if ${ac_cv_build+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_build_alias=$build_alias +test "x$ac_build_alias" = x && + ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"` +test "x$ac_build_alias" = x && + as_fn_error $? "cannot guess build type; you must specify one" "$LINENO" 5 +ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` || + as_fn_error $? "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5 + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5 +$as_echo "$ac_cv_build" >&6; } +case $ac_cv_build in +*-*-*) ;; +*) as_fn_error $? "invalid value of canonical build" "$LINENO" 5;; +esac +build=$ac_cv_build +ac_save_IFS=$IFS; IFS='-' +set x $ac_cv_build +shift +build_cpu=$1 +build_vendor=$2 +shift; shift +# Remember, the first character of IFS is used to create $*, +# except with old shells: +build_os=$* +IFS=$ac_save_IFS +case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking host system type" >&5 +$as_echo_n "checking host system type... " >&6; } +if ${ac_cv_host+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "x$host_alias" = x; then + ac_cv_host=$ac_cv_build +else + ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` || + as_fn_error $? "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5 +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5 +$as_echo "$ac_cv_host" >&6; } +case $ac_cv_host in +*-*-*) ;; +*) as_fn_error $? "invalid value of canonical host" "$LINENO" 5;; +esac +host=$ac_cv_host +ac_save_IFS=$IFS; IFS='-' +set x $ac_cv_host +shift +host_cpu=$1 +host_vendor=$2 +shift; shift +# Remember, the first character of IFS is used to create $*, +# except with old shells: +host_os=$* +IFS=$ac_save_IFS +case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking target system type" >&5 +$as_echo_n "checking target system type... " >&6; } +if ${ac_cv_target+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "x$target_alias" = x; then + ac_cv_target=$ac_cv_host +else + ac_cv_target=`$SHELL "$ac_aux_dir/config.sub" $target_alias` || + as_fn_error $? "$SHELL $ac_aux_dir/config.sub $target_alias failed" "$LINENO" 5 +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_target" >&5 +$as_echo "$ac_cv_target" >&6; } +case $ac_cv_target in +*-*-*) ;; +*) as_fn_error $? "invalid value of canonical target" "$LINENO" 5;; +esac +target=$ac_cv_target +ac_save_IFS=$IFS; IFS='-' +set x $ac_cv_target +shift +target_cpu=$1 +target_vendor=$2 +shift; shift +# Remember, the first character of IFS is used to create $*, +# except with old shells: +target_os=$* +IFS=$ac_save_IFS +case $target_os in *\ *) target_os=`echo "$target_os" | sed 's/ /-/g'`;; esac + + +# The aliases save the names the user supplied, while $host etc. +# will get canonicalized. +test -n "$target_alias" && + test "$program_prefix$program_suffix$program_transform_name" = \ + NONENONEs,x,x, && + program_prefix=${target_alias}- + + + +# display notice and initialize automake +{ $as_echo "$as_me:${as_lineno-$LINENO}: configuring nss-pam-ldapd 0.9.9" >&5 +$as_echo "$as_me: configuring nss-pam-ldapd 0.9.9" >&6;} +am__api_version='1.15' + +# Find a good install program. We prefer a C program (faster), +# so one script is as good as another. But avoid the broken or +# incompatible versions: +# SysV /etc/install, /usr/sbin/install +# SunOS /usr/etc/install +# IRIX /sbin/install +# AIX /bin/install +# AmigaOS /C/install, which installs bootblocks on floppy discs +# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag +# AFS /usr/afsws/bin/install, which mishandles nonexistent args +# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" +# OS/2's system install, which has a completely different semantic +# ./install, which can be erroneously created by make from ./install.sh. +# Reject install programs that cannot install multiple files. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 +$as_echo_n "checking for a BSD-compatible install... " >&6; } +if test -z "$INSTALL"; then +if ${ac_cv_path_install+:} false; then : + $as_echo_n "(cached) " >&6 +else + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + # Account for people who put trailing slashes in PATH elements. +case $as_dir/ in #(( + ./ | .// | /[cC]/* | \ + /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ + ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \ + /usr/ucb/* ) ;; + *) + # OSF1 and SCO ODT 3.0 have their own names for install. + # Don't use installbsd from OSF since it installs stuff as root + # by default. + for ac_prog in ginstall scoinst install; do + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then + if test $ac_prog = install && + grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # AIX install. It has an incompatible calling convention. + : + elif test $ac_prog = install && + grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # program-specific install script used by HP pwplus--don't use. + : + else + rm -rf conftest.one conftest.two conftest.dir + echo one > conftest.one + echo two > conftest.two + mkdir conftest.dir + if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" && + test -s conftest.one && test -s conftest.two && + test -s conftest.dir/conftest.one && + test -s conftest.dir/conftest.two + then + ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" + break 3 + fi + fi + fi + done + done + ;; +esac + + done +IFS=$as_save_IFS + +rm -rf conftest.one conftest.two conftest.dir + +fi + if test "${ac_cv_path_install+set}" = set; then + INSTALL=$ac_cv_path_install + else + # As a last resort, use the slow shell script. Don't cache a + # value for INSTALL within a source directory, because that will + # break other packages using the cache if that directory is + # removed, or if the value is a relative name. + INSTALL=$ac_install_sh + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5 +$as_echo "$INSTALL" >&6; } + +# Use test -z because SunOS4 sh mishandles braces in ${var-val}. +# It thinks the first close brace ends the variable substitution. +test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' + +test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' + +test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether build environment is sane" >&5 +$as_echo_n "checking whether build environment is sane... " >&6; } +# Reject unsafe characters in $srcdir or the absolute working directory +# name. Accept space and tab only in the latter. +am_lf=' +' +case `pwd` in + *[\\\"\#\$\&\'\`$am_lf]*) + as_fn_error $? "unsafe absolute working directory name" "$LINENO" 5;; +esac +case $srcdir in + *[\\\"\#\$\&\'\`$am_lf\ \ ]*) + as_fn_error $? "unsafe srcdir value: '$srcdir'" "$LINENO" 5;; +esac + +# Do 'set' in a subshell so we don't clobber the current shell's +# arguments. Must try -L first in case configure is actually a +# symlink; some systems play weird games with the mod time of symlinks +# (eg FreeBSD returns the mod time of the symlink's containing +# directory). +if ( + am_has_slept=no + for am_try in 1 2; do + echo "timestamp, slept: $am_has_slept" > conftest.file + set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` + if test "$*" = "X"; then + # -L didn't work. + set X `ls -t "$srcdir/configure" conftest.file` + fi + if test "$*" != "X $srcdir/configure conftest.file" \ + && test "$*" != "X conftest.file $srcdir/configure"; then + + # If neither matched, then we have a broken ls. This can happen + # if, for instance, CONFIG_SHELL is bash and it inherits a + # broken ls alias from the environment. This has actually + # happened. Such a system could not be considered "sane". + as_fn_error $? "ls -t appears to fail. Make sure there is not a broken + alias in your environment" "$LINENO" 5 + fi + if test "$2" = conftest.file || test $am_try -eq 2; then + break + fi + # Just in case. + sleep 1 + am_has_slept=yes + done + test "$2" = conftest.file + ) +then + # Ok. + : +else + as_fn_error $? "newly created file is older than distributed files! +Check your system clock" "$LINENO" 5 +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +# If we didn't sleep, we still need to ensure time stamps of config.status and +# generated files are strictly newer. +am_sleep_pid= +if grep 'slept: no' conftest.file >/dev/null 2>&1; then + ( sleep 1 ) & + am_sleep_pid=$! +fi + +rm -f conftest.file + +test "$program_prefix" != NONE && + program_transform_name="s&^&$program_prefix&;$program_transform_name" +# Use a double $ so make ignores it. +test "$program_suffix" != NONE && + program_transform_name="s&\$&$program_suffix&;$program_transform_name" +# Double any \ or $. +# By default was `s,x,x', remove it if useless. +ac_script='s/[\\$]/&&/g;s/;s,x,x,$//' +program_transform_name=`$as_echo "$program_transform_name" | sed "$ac_script"` + +# Expand $ac_aux_dir to an absolute path. +am_aux_dir=`cd "$ac_aux_dir" && pwd` + +if test x"${MISSING+set}" != xset; then + case $am_aux_dir in + *\ * | *\ *) + MISSING="\${SHELL} \"$am_aux_dir/missing\"" ;; + *) + MISSING="\${SHELL} $am_aux_dir/missing" ;; + esac +fi +# Use eval to expand $SHELL +if eval "$MISSING --is-lightweight"; then + am_missing_run="$MISSING " +else + am_missing_run= + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: 'missing' script is too old or missing" >&5 +$as_echo "$as_me: WARNING: 'missing' script is too old or missing" >&2;} +fi + +if test x"${install_sh+set}" != xset; then + case $am_aux_dir in + *\ * | *\ *) + install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;; + *) + install_sh="\${SHELL} $am_aux_dir/install-sh" + esac +fi + +# Installed binaries are usually stripped using 'strip' when the user +# run "make install-strip". However 'strip' might not be the right +# tool to use in cross-compilation environments, therefore Automake +# will honor the 'STRIP' environment variable to overrule this program. +if test "$cross_compiling" != no; then + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. +set dummy ${ac_tool_prefix}strip; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_STRIP+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$STRIP"; then + ac_cv_prog_STRIP="$STRIP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_STRIP="${ac_tool_prefix}strip" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +STRIP=$ac_cv_prog_STRIP +if test -n "$STRIP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5 +$as_echo "$STRIP" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_STRIP"; then + ac_ct_STRIP=$STRIP + # Extract the first word of "strip", so it can be a program name with args. +set dummy strip; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_STRIP+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_STRIP"; then + ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_STRIP="strip" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP +if test -n "$ac_ct_STRIP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5 +$as_echo "$ac_ct_STRIP" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_STRIP" = x; then + STRIP=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + STRIP=$ac_ct_STRIP + fi +else + STRIP="$ac_cv_prog_STRIP" +fi + +fi +INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a thread-safe mkdir -p" >&5 +$as_echo_n "checking for a thread-safe mkdir -p... " >&6; } +if test -z "$MKDIR_P"; then + if ${ac_cv_path_mkdir+:} false; then : + $as_echo_n "(cached) " >&6 +else + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_prog in mkdir gmkdir; do + for ac_exec_ext in '' $ac_executable_extensions; do + as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext" || continue + case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #( + 'mkdir (GNU coreutils) '* | \ + 'mkdir (coreutils) '* | \ + 'mkdir (fileutils) '4.1*) + ac_cv_path_mkdir=$as_dir/$ac_prog$ac_exec_ext + break 3;; + esac + done + done + done +IFS=$as_save_IFS + +fi + + test -d ./--version && rmdir ./--version + if test "${ac_cv_path_mkdir+set}" = set; then + MKDIR_P="$ac_cv_path_mkdir -p" + else + # As a last resort, use the slow shell script. Don't cache a + # value for MKDIR_P within a source directory, because that will + # break other packages using the cache if that directory is + # removed, or if the value is a relative name. + MKDIR_P="$ac_install_sh -d" + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $MKDIR_P" >&5 +$as_echo "$MKDIR_P" >&6; } + +for ac_prog in gawk mawk nawk awk +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_AWK+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$AWK"; then + ac_cv_prog_AWK="$AWK" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_AWK="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +AWK=$ac_cv_prog_AWK +if test -n "$AWK"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AWK" >&5 +$as_echo "$AWK" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$AWK" && break +done + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5 +$as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } +set x ${MAKE-make} +ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` +if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat >conftest.make <<\_ACEOF +SHELL = /bin/sh +all: + @echo '@@@%%%=$(MAKE)=@@@%%%' +_ACEOF +# GNU make sometimes prints "make[1]: Entering ...", which would confuse us. +case `${MAKE-make} -f conftest.make 2>/dev/null` in + *@@@%%%=?*=@@@%%%*) + eval ac_cv_prog_make_${ac_make}_set=yes;; + *) + eval ac_cv_prog_make_${ac_make}_set=no;; +esac +rm -f conftest.make +fi +if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + SET_MAKE= +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + SET_MAKE="MAKE=${MAKE-make}" +fi + +rm -rf .tst 2>/dev/null +mkdir .tst 2>/dev/null +if test -d .tst; then + am__leading_dot=. +else + am__leading_dot=_ +fi +rmdir .tst 2>/dev/null + +# Check whether --enable-silent-rules was given. +if test "${enable_silent_rules+set}" = set; then : + enableval=$enable_silent_rules; +fi + +case $enable_silent_rules in # ((( + yes) AM_DEFAULT_VERBOSITY=0;; + no) AM_DEFAULT_VERBOSITY=1;; + *) AM_DEFAULT_VERBOSITY=1;; +esac +am_make=${MAKE-make} +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5 +$as_echo_n "checking whether $am_make supports nested variables... " >&6; } +if ${am_cv_make_support_nested_variables+:} false; then : + $as_echo_n "(cached) " >&6 +else + if $as_echo 'TRUE=$(BAR$(V)) +BAR0=false +BAR1=true +V=1 +am__doit: + @$(TRUE) +.PHONY: am__doit' | $am_make -f - >/dev/null 2>&1; then + am_cv_make_support_nested_variables=yes +else + am_cv_make_support_nested_variables=no +fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_make_support_nested_variables" >&5 +$as_echo "$am_cv_make_support_nested_variables" >&6; } +if test $am_cv_make_support_nested_variables = yes; then + AM_V='$(V)' + AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)' +else + AM_V=$AM_DEFAULT_VERBOSITY + AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY +fi +AM_BACKSLASH='\' + +if test "`cd $srcdir && pwd`" != "`pwd`"; then + # Use -I$(srcdir) only when $(srcdir) != ., so that make's output + # is not polluted with repeated "-I." + am__isrc=' -I$(srcdir)' + # test to see if srcdir already configured + if test -f $srcdir/config.status; then + as_fn_error $? "source directory already configured; run \"make distclean\" there first" "$LINENO" 5 + fi +fi + +# test whether we have cygpath +if test -z "$CYGPATH_W"; then + if (cygpath --version) >/dev/null 2>/dev/null; then + CYGPATH_W='cygpath -w' + else + CYGPATH_W=echo + fi +fi + + +# Define the identity of the package. + PACKAGE='nss-pam-ldapd' + VERSION='0.9.9' + + +cat >>confdefs.h <<_ACEOF +#define PACKAGE "$PACKAGE" +_ACEOF + + +cat >>confdefs.h <<_ACEOF +#define VERSION "$VERSION" +_ACEOF + +# Some tools Automake needs. + +ACLOCAL=${ACLOCAL-"${am_missing_run}aclocal-${am__api_version}"} + + +AUTOCONF=${AUTOCONF-"${am_missing_run}autoconf"} + + +AUTOMAKE=${AUTOMAKE-"${am_missing_run}automake-${am__api_version}"} + + +AUTOHEADER=${AUTOHEADER-"${am_missing_run}autoheader"} + + +MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"} + +# For better backward compatibility. To be removed once Automake 1.9.x +# dies out for good. For more background, see: +# +# +mkdir_p='$(MKDIR_P)' + +# We need awk for the "check" target (and possibly the TAP driver). The +# system "awk" is bad on some platforms. +# Always define AMTAR for backward compatibility. Yes, it's still used +# in the wild :-( We should find a proper way to deprecate it ... +AMTAR='$${TAR-tar}' + + +# We'll loop over all known methods to create a tar archive until one works. +_am_tools='gnutar pax cpio none' + +am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -' + + + + + + +# POSIX will say in a future version that running "rm -f" with no argument +# is OK; and we want to be able to make that assumption in our Makefile +# recipes. So use an aggressive probe to check that the usage we want is +# actually supported "in the wild" to an acceptable degree. +# See automake bug#10828. +# To make any issue more visible, cause the running configure to be aborted +# by default if the 'rm' program in use doesn't match our expectations; the +# user can still override this though. +if rm -f && rm -fr && rm -rf; then : OK; else + cat >&2 <<'END' +Oops! + +Your 'rm' program seems unable to run without file operands specified +on the command line, even when the '-f' option is present. This is contrary +to the behaviour of most rm programs out there, and not conforming with +the upcoming POSIX standard: + +Please tell bug-automake@gnu.org about your system, including the value +of your $PATH and any error possibly output before this message. This +can help us improve future automake versions. + +END + if test x"$ACCEPT_INFERIOR_RM_PROGRAM" = x"yes"; then + echo 'Configuration will proceed anyway, since you have set the' >&2 + echo 'ACCEPT_INFERIOR_RM_PROGRAM variable to "yes"' >&2 + echo >&2 + else + cat >&2 <<'END' +Aborting the configuration process, to ensure you take notice of the issue. + +You can download and install GNU coreutils to get an 'rm' implementation +that behaves properly: . + +If you want to complete the configuration process using your problematic +'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM +to "yes", and re-run configure. + +END + as_fn_error $? "Your 'rm' program is bad, sorry." "$LINENO" 5 + fi +fi + + +# create a config.h file (Automake will add -DHAVE_CONFIG_H) +ac_config_headers="$ac_config_headers config.h" + + +# check for programs +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. +set dummy ${ac_tool_prefix}gcc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="${ac_tool_prefix}gcc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_CC"; then + ac_ct_CC=$CC + # Extract the first word of "gcc", so it can be a program name with args. +set dummy gcc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="gcc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +$as_echo "$ac_ct_CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_CC" = x; then + CC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + CC=$ac_ct_CC + fi +else + CC="$ac_cv_prog_CC" +fi + +if test -z "$CC"; then + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. +set dummy ${ac_tool_prefix}cc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="${ac_tool_prefix}cc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + fi +fi +if test -z "$CC"; then + # Extract the first word of "cc", so it can be a program name with args. +set dummy cc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else + ac_prog_rejected=no +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then + ac_prog_rejected=yes + continue + fi + ac_cv_prog_CC="cc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +if test $ac_prog_rejected = yes; then + # We found a bogon in the path, so make sure we never use it. + set dummy $ac_cv_prog_CC + shift + if test $# != 0; then + # We chose a different compiler from the bogus one. + # However, it has the same basename, so the bogon will be chosen + # first if we set CC to just the basename; use the full file name. + shift + ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" + fi +fi +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$CC"; then + if test -n "$ac_tool_prefix"; then + for ac_prog in cl.exe + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="$ac_tool_prefix$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$CC" && break + done +fi +if test -z "$CC"; then + ac_ct_CC=$CC + for ac_prog in cl.exe +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +$as_echo "$ac_ct_CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$ac_ct_CC" && break +done + + if test "x$ac_ct_CC" = x; then + CC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + CC=$ac_ct_CC + fi +fi + +fi + + +test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "no acceptable C compiler found in \$PATH +See \`config.log' for more details" "$LINENO" 5; } + +# Provide some information about the compiler. +$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 +set X $ac_compile +ac_compiler=$2 +for ac_option in --version -v -V -qversion; do + { { ac_try="$ac_compiler $ac_option >&5" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compiler $ac_option >&5") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + sed '10a\ +... rest of stderr output deleted ... + 10q' conftest.err >conftest.er1 + cat conftest.er1 >&5 + fi + rm -f conftest.er1 conftest.err + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } +done + +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +ac_clean_files_save=$ac_clean_files +ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out" +# Try to create an executable without -o first, disregard a.out. +# It will help us diagnose broken compilers, and finding out an intuition +# of exeext. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5 +$as_echo_n "checking whether the C compiler works... " >&6; } +ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` + +# The possible output files: +ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*" + +ac_rmfiles= +for ac_file in $ac_files +do + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; + * ) ac_rmfiles="$ac_rmfiles $ac_file";; + esac +done +rm -f $ac_rmfiles + +if { { ac_try="$ac_link_default" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link_default") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : + # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. +# So ignore a value of `no', otherwise this would lead to `EXEEXT = no' +# in a Makefile. We should not override ac_cv_exeext if it was cached, +# so that the user can short-circuit this test for compilers unknown to +# Autoconf. +for ac_file in $ac_files '' +do + test -f "$ac_file" || continue + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) + ;; + [ab].out ) + # We found the default executable, but exeext='' is most + # certainly right. + break;; + *.* ) + if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; + then :; else + ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` + fi + # We set ac_cv_exeext here because the later test for it is not + # safe: cross compilers may not add the suffix if given an `-o' + # argument, so we may need to know it at that point already. + # Even if this section looks crufty: it has the advantage of + # actually working. + break;; + * ) + break;; + esac +done +test "$ac_cv_exeext" = no && ac_cv_exeext= + +else + ac_file='' +fi +if test -z "$ac_file"; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +$as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "C compiler cannot create executables +See \`config.log' for more details" "$LINENO" 5; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 +$as_echo_n "checking for C compiler default output file name... " >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5 +$as_echo "$ac_file" >&6; } +ac_exeext=$ac_cv_exeext + +rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out +ac_clean_files=$ac_clean_files_save +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5 +$as_echo_n "checking for suffix of executables... " >&6; } +if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : + # If both `conftest.exe' and `conftest' are `present' (well, observable) +# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will +# work properly (i.e., refer to `conftest.exe'), while it won't with +# `rm'. +for ac_file in conftest.exe conftest conftest.*; do + test -f "$ac_file" || continue + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; + *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` + break;; + * ) break;; + esac +done +else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "cannot compute suffix of executables: cannot compile and link +See \`config.log' for more details" "$LINENO" 5; } +fi +rm -f conftest conftest$ac_cv_exeext +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 +$as_echo "$ac_cv_exeext" >&6; } + +rm -f conftest.$ac_ext +EXEEXT=$ac_cv_exeext +ac_exeext=$EXEEXT +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +FILE *f = fopen ("conftest.out", "w"); + return ferror (f) || fclose (f) != 0; + + ; + return 0; +} +_ACEOF +ac_clean_files="$ac_clean_files conftest.out" +# Check that the compiler produces executables we can run. If not, either +# the compiler is broken, or we cross compile. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5 +$as_echo_n "checking whether we are cross compiling... " >&6; } +if test "$cross_compiling" != yes; then + { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + if { ac_try='./conftest$ac_cv_exeext' + { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; }; then + cross_compiling=no + else + if test "$cross_compiling" = maybe; then + cross_compiling=yes + else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "cannot run C compiled programs. +If you meant to cross compile, use \`--host'. +See \`config.log' for more details" "$LINENO" 5; } + fi + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 +$as_echo "$cross_compiling" >&6; } + +rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out +ac_clean_files=$ac_clean_files_save +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 +$as_echo_n "checking for suffix of object files... " >&6; } +if ${ac_cv_objext+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +rm -f conftest.o conftest.obj +if { { ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compile") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : + for ac_file in conftest.o conftest.obj conftest.*; do + test -f "$ac_file" || continue; + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;; + *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` + break;; + esac +done +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "cannot compute suffix of object files: cannot compile +See \`config.log' for more details" "$LINENO" 5; } +fi +rm -f conftest.$ac_cv_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 +$as_echo "$ac_cv_objext" >&6; } +OBJEXT=$ac_cv_objext +ac_objext=$OBJEXT +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 +$as_echo_n "checking whether we are using the GNU C compiler... " >&6; } +if ${ac_cv_c_compiler_gnu+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ +#ifndef __GNUC__ + choke me +#endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_compiler_gnu=yes +else + ac_compiler_gnu=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +ac_cv_c_compiler_gnu=$ac_compiler_gnu + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 +$as_echo "$ac_cv_c_compiler_gnu" >&6; } +if test $ac_compiler_gnu = yes; then + GCC=yes +else + GCC= +fi +ac_test_CFLAGS=${CFLAGS+set} +ac_save_CFLAGS=$CFLAGS +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 +$as_echo_n "checking whether $CC accepts -g... " >&6; } +if ${ac_cv_prog_cc_g+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_save_c_werror_flag=$ac_c_werror_flag + ac_c_werror_flag=yes + ac_cv_prog_cc_g=no + CFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_g=yes +else + CFLAGS="" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + +else + ac_c_werror_flag=$ac_save_c_werror_flag + CFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_g=yes +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ac_c_werror_flag=$ac_save_c_werror_flag +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 +$as_echo "$ac_cv_prog_cc_g" >&6; } +if test "$ac_test_CFLAGS" = set; then + CFLAGS=$ac_save_CFLAGS +elif test $ac_cv_prog_cc_g = yes; then + if test "$GCC" = yes; then + CFLAGS="-g -O2" + else + CFLAGS="-g" + fi +else + if test "$GCC" = yes; then + CFLAGS="-O2" + else + CFLAGS= + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 +$as_echo_n "checking for $CC option to accept ISO C89... " >&6; } +if ${ac_cv_prog_cc_c89+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_cv_prog_cc_c89=no +ac_save_CC=$CC +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +struct stat; +/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ +struct buf { int x; }; +FILE * (*rcsopen) (struct buf *, struct stat *, int); +static char *e (p, i) + char **p; + int i; +{ + return p[i]; +} +static char *f (char * (*g) (char **, int), char **p, ...) +{ + char *s; + va_list v; + va_start (v,p); + s = g (p, va_arg (v,int)); + va_end (v); + return s; +} + +/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has + function prototypes and stuff, but not '\xHH' hex character constants. + These don't provoke an error unfortunately, instead are silently treated + as 'x'. The following induces an error, until -std is added to get + proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an + array size at least. It's necessary to write '\x00'==0 to get something + that's true only with -std. */ +int osf4_cc_array ['\x00' == 0 ? 1 : -1]; + +/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters + inside strings and character constants. */ +#define FOO(x) 'x' +int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; + +int test (int i, double x); +struct s1 {int (*f) (int a);}; +struct s2 {int (*f) (double a);}; +int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); +int argc; +char **argv; +int +main () +{ +return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; + ; + return 0; +} +_ACEOF +for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ + -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" +do + CC="$ac_save_CC $ac_arg" + if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_c89=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext + test "x$ac_cv_prog_cc_c89" != "xno" && break +done +rm -f conftest.$ac_ext +CC=$ac_save_CC + +fi +# AC_CACHE_VAL +case "x$ac_cv_prog_cc_c89" in + x) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +$as_echo "none needed" >&6; } ;; + xno) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +$as_echo "unsupported" >&6; } ;; + *) + CC="$CC $ac_cv_prog_cc_c89" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 +$as_echo "$ac_cv_prog_cc_c89" >&6; } ;; +esac +if test "x$ac_cv_prog_cc_c89" != xno; then : + +fi + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC understands -c and -o together" >&5 +$as_echo_n "checking whether $CC understands -c and -o together... " >&6; } +if ${am_cv_prog_cc_c_o+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF + # Make sure it works both with $CC and with simple cc. + # Following AC_PROG_CC_C_O, we do the test twice because some + # compilers refuse to overwrite an existing .o file with -o, + # though they will create one. + am_cv_prog_cc_c_o=yes + for am_i in 1 2; do + if { echo "$as_me:$LINENO: $CC -c conftest.$ac_ext -o conftest2.$ac_objext" >&5 + ($CC -c conftest.$ac_ext -o conftest2.$ac_objext) >&5 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } \ + && test -f conftest2.$ac_objext; then + : OK + else + am_cv_prog_cc_c_o=no + break + fi + done + rm -f core conftest* + unset am_i +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_cc_c_o" >&5 +$as_echo "$am_cv_prog_cc_c_o" >&6; } +if test "$am_cv_prog_cc_c_o" != yes; then + # Losing compiler, so override with the script. + # FIXME: It is wrong to rewrite CC. + # But if we don't then we get into trouble of one sort or another. + # A longer-term fix would be to have automake use am__CC in this case, + # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" + CC="$am_aux_dir/compile $CC" +fi +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + +DEPDIR="${am__leading_dot}deps" + +ac_config_commands="$ac_config_commands depfiles" + + +am_make=${MAKE-make} +cat > confinc << 'END' +am__doit: + @echo this is the am__doit target +.PHONY: am__doit +END +# If we don't find an include directive, just comment out the code. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for style of include used by $am_make" >&5 +$as_echo_n "checking for style of include used by $am_make... " >&6; } +am__include="#" +am__quote= +_am_result=none +# First try GNU make style include. +echo "include confinc" > confmf +# Ignore all kinds of additional output from 'make'. +case `$am_make -s -f confmf 2> /dev/null` in #( +*the\ am__doit\ target*) + am__include=include + am__quote= + _am_result=GNU + ;; +esac +# Now try BSD make style include. +if test "$am__include" = "#"; then + echo '.include "confinc"' > confmf + case `$am_make -s -f confmf 2> /dev/null` in #( + *the\ am__doit\ target*) + am__include=.include + am__quote="\"" + _am_result=BSD + ;; + esac +fi + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $_am_result" >&5 +$as_echo "$_am_result" >&6; } +rm -f confinc confmf + +# Check whether --enable-dependency-tracking was given. +if test "${enable_dependency_tracking+set}" = set; then : + enableval=$enable_dependency_tracking; +fi + +if test "x$enable_dependency_tracking" != xno; then + am_depcomp="$ac_aux_dir/depcomp" + AMDEPBACKSLASH='\' + am__nodep='_no' +fi + if test "x$enable_dependency_tracking" != xno; then + AMDEP_TRUE= + AMDEP_FALSE='#' +else + AMDEP_TRUE='#' + AMDEP_FALSE= +fi + + + +depcc="$CC" am_compiler_list= + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 +$as_echo_n "checking dependency style of $depcc... " >&6; } +if ${am_cv_CC_dependencies_compiler_type+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then + # We make a subdir and do the tests there. Otherwise we can end up + # making bogus files that we don't know about and never remove. For + # instance it was reported that on HP-UX the gcc test will end up + # making a dummy file named 'D' -- because '-MD' means "put the output + # in D". + rm -rf conftest.dir + mkdir conftest.dir + # Copy depcomp to subdir because otherwise we won't find it if we're + # using a relative directory. + cp "$am_depcomp" conftest.dir + cd conftest.dir + # We will build objects and dependencies in a subdirectory because + # it helps to detect inapplicable dependency modes. For instance + # both Tru64's cc and ICC support -MD to output dependencies as a + # side effect of compilation, but ICC will put the dependencies in + # the current directory while Tru64 will put them in the object + # directory. + mkdir sub + + am_cv_CC_dependencies_compiler_type=none + if test "$am_compiler_list" = ""; then + am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` + fi + am__universal=false + case " $depcc " in #( + *\ -arch\ *\ -arch\ *) am__universal=true ;; + esac + + for depmode in $am_compiler_list; do + # Setup a source with many dependencies, because some compilers + # like to wrap large dependency lists on column 80 (with \), and + # we should not choose a depcomp mode which is confused by this. + # + # We need to recreate these files for each test, as the compiler may + # overwrite some of them when testing with obscure command lines. + # This happens at least with the AIX C compiler. + : > sub/conftest.c + for i in 1 2 3 4 5 6; do + echo '#include "conftst'$i'.h"' >> sub/conftest.c + # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with + # Solaris 10 /bin/sh. + echo '/* dummy */' > sub/conftst$i.h + done + echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf + + # We check with '-c' and '-o' for the sake of the "dashmstdout" + # mode. It turns out that the SunPro C++ compiler does not properly + # handle '-M -o', and we need to detect this. Also, some Intel + # versions had trouble with output in subdirs. + am__obj=sub/conftest.${OBJEXT-o} + am__minus_obj="-o $am__obj" + case $depmode in + gcc) + # This depmode causes a compiler race in universal mode. + test "$am__universal" = false || continue + ;; + nosideeffect) + # After this tag, mechanisms are not by side-effect, so they'll + # only be used when explicitly requested. + if test "x$enable_dependency_tracking" = xyes; then + continue + else + break + fi + ;; + msvc7 | msvc7msys | msvisualcpp | msvcmsys) + # This compiler won't grok '-c -o', but also, the minuso test has + # not run yet. These depmodes are late enough in the game, and + # so weak that their functioning should not be impacted. + am__obj=conftest.${OBJEXT-o} + am__minus_obj= + ;; + none) break ;; + esac + if depmode=$depmode \ + source=sub/conftest.c object=$am__obj \ + depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ + $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ + >/dev/null 2>conftest.err && + grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && + grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && + grep $am__obj sub/conftest.Po > /dev/null 2>&1 && + ${MAKE-make} -s -f confmf > /dev/null 2>&1; then + # icc doesn't choke on unknown options, it will just issue warnings + # or remarks (even with -Werror). So we grep stderr for any message + # that says an option was ignored or not supported. + # When given -MP, icc 7.0 and 7.1 complain thusly: + # icc: Command line warning: ignoring option '-M'; no argument required + # The diagnosis changed in icc 8.0: + # icc: Command line remark: option '-MP' not supported + if (grep 'ignoring option' conftest.err || + grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else + am_cv_CC_dependencies_compiler_type=$depmode + break + fi + fi + done + + cd .. + rm -rf conftest.dir +else + am_cv_CC_dependencies_compiler_type=none +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5 +$as_echo "$am_cv_CC_dependencies_compiler_type" >&6; } +CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type + + if + test "x$enable_dependency_tracking" != xno \ + && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then + am__fastdepCC_TRUE= + am__fastdepCC_FALSE='#' +else + am__fastdepCC_TRUE='#' + am__fastdepCC_FALSE= +fi + + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 +$as_echo_n "checking how to run the C preprocessor... " >&6; } +# On Suns, sometimes $CPP names a directory. +if test -n "$CPP" && test -d "$CPP"; then + CPP= +fi +if test -z "$CPP"; then + if ${ac_cv_prog_CPP+:} false; then : + $as_echo_n "(cached) " >&6 +else + # Double quotes because CPP needs to be expanded + for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" + do + ac_preproc_ok=false +for ac_c_preproc_warn_flag in '' yes +do + # Use a header file that comes with gcc, so configuring glibc + # with a fresh cross-compiler works. + # Prefer to if __STDC__ is defined, since + # exists even on freestanding compilers. + # On the NeXT, cc -E runs the code through the compiler's parser, + # not just through cpp. "Syntax error" is here to catch this case. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifdef __STDC__ +# include +#else +# include +#endif + Syntax error +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + +else + # Broken: fails on valid input. +continue +fi +rm -f conftest.err conftest.i conftest.$ac_ext + + # OK, works on sane cases. Now check whether nonexistent headers + # can be detected and how. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + # Broken: success on invalid input. +continue +else + # Passes both tests. +ac_preproc_ok=: +break +fi +rm -f conftest.err conftest.i conftest.$ac_ext + +done +# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. +rm -f conftest.i conftest.err conftest.$ac_ext +if $ac_preproc_ok; then : + break +fi + + done + ac_cv_prog_CPP=$CPP + +fi + CPP=$ac_cv_prog_CPP +else + ac_cv_prog_CPP=$CPP +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 +$as_echo "$CPP" >&6; } +ac_preproc_ok=false +for ac_c_preproc_warn_flag in '' yes +do + # Use a header file that comes with gcc, so configuring glibc + # with a fresh cross-compiler works. + # Prefer to if __STDC__ is defined, since + # exists even on freestanding compilers. + # On the NeXT, cc -E runs the code through the compiler's parser, + # not just through cpp. "Syntax error" is here to catch this case. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifdef __STDC__ +# include +#else +# include +#endif + Syntax error +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + +else + # Broken: fails on valid input. +continue +fi +rm -f conftest.err conftest.i conftest.$ac_ext + + # OK, works on sane cases. Now check whether nonexistent headers + # can be detected and how. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + # Broken: success on invalid input. +continue +else + # Passes both tests. +ac_preproc_ok=: +break +fi +rm -f conftest.err conftest.i conftest.$ac_ext + +done +# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. +rm -f conftest.i conftest.err conftest.$ac_ext +if $ac_preproc_ok; then : + +else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "C preprocessor \"$CPP\" fails sanity check +See \`config.log' for more details" "$LINENO" 5; } +fi + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. +set dummy ${ac_tool_prefix}ranlib; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_RANLIB+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$RANLIB"; then + ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +RANLIB=$ac_cv_prog_RANLIB +if test -n "$RANLIB"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5 +$as_echo "$RANLIB" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_RANLIB"; then + ac_ct_RANLIB=$RANLIB + # Extract the first word of "ranlib", so it can be a program name with args. +set dummy ranlib; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_RANLIB+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_RANLIB"; then + ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_RANLIB="ranlib" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB +if test -n "$ac_ct_RANLIB"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5 +$as_echo "$ac_ct_RANLIB" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_RANLIB" = x; then + RANLIB=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + RANLIB=$ac_ct_RANLIB + fi +else + RANLIB="$ac_cv_prog_RANLIB" +fi + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 +$as_echo_n "checking for grep that handles long lines and -e... " >&6; } +if ${ac_cv_path_GREP+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -z "$GREP"; then + ac_path_GREP_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_prog in grep ggrep; do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" + as_fn_executable_p "$ac_path_GREP" || continue +# Check for GNU ac_path_GREP and select it if it is found. + # Check for GNU $ac_path_GREP +case `"$ac_path_GREP" --version 2>&1` in +*GNU*) + ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; +*) + ac_count=0 + $as_echo_n 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + $as_echo 'GREP' >> "conftest.nl" + "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_GREP_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_GREP="$ac_path_GREP" + ac_path_GREP_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac + + $ac_path_GREP_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_GREP"; then + as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi +else + ac_cv_path_GREP=$GREP +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5 +$as_echo "$ac_cv_path_GREP" >&6; } + GREP="$ac_cv_path_GREP" + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 +$as_echo_n "checking for egrep... " >&6; } +if ${ac_cv_path_EGREP+:} false; then : + $as_echo_n "(cached) " >&6 +else + if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 + then ac_cv_path_EGREP="$GREP -E" + else + if test -z "$EGREP"; then + ac_path_EGREP_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_prog in egrep; do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" + as_fn_executable_p "$ac_path_EGREP" || continue +# Check for GNU ac_path_EGREP and select it if it is found. + # Check for GNU $ac_path_EGREP +case `"$ac_path_EGREP" --version 2>&1` in +*GNU*) + ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; +*) + ac_count=0 + $as_echo_n 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + $as_echo 'EGREP' >> "conftest.nl" + "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_EGREP_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_EGREP="$ac_path_EGREP" + ac_path_EGREP_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac + + $ac_path_EGREP_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_EGREP"; then + as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi +else + ac_cv_path_EGREP=$EGREP +fi + + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5 +$as_echo "$ac_cv_path_EGREP" >&6; } + EGREP="$ac_cv_path_EGREP" + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 +$as_echo_n "checking for ANSI C header files... " >&6; } +if ${ac_cv_header_stdc+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +#include +#include + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_header_stdc=yes +else + ac_cv_header_stdc=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +if test $ac_cv_header_stdc = yes; then + # SunOS 4.x string.h does not declare mem*, contrary to ANSI. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "memchr" >/dev/null 2>&1; then : + +else + ac_cv_header_stdc=no +fi +rm -f conftest* + +fi + +if test $ac_cv_header_stdc = yes; then + # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "free" >/dev/null 2>&1; then : + +else + ac_cv_header_stdc=no +fi +rm -f conftest* + +fi + +if test $ac_cv_header_stdc = yes; then + # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. + if test "$cross_compiling" = yes; then : + : +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +#if ((' ' & 0x0FF) == 0x020) +# define ISLOWER(c) ('a' <= (c) && (c) <= 'z') +# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) +#else +# define ISLOWER(c) \ + (('a' <= (c) && (c) <= 'i') \ + || ('j' <= (c) && (c) <= 'r') \ + || ('s' <= (c) && (c) <= 'z')) +# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) +#endif + +#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) +int +main () +{ + int i; + for (i = 0; i < 256; i++) + if (XOR (islower (i), ISLOWER (i)) + || toupper (i) != TOUPPER (i)) + return 2; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + +else + ac_cv_header_stdc=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5 +$as_echo "$ac_cv_header_stdc" >&6; } +if test $ac_cv_header_stdc = yes; then + +$as_echo "#define STDC_HEADERS 1" >>confdefs.h + +fi + +# On IRIX 5.3, sys/types and inttypes.h are conflicting. +for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ + inttypes.h stdint.h unistd.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default +" +if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + + + + ac_fn_c_check_header_mongrel "$LINENO" "minix/config.h" "ac_cv_header_minix_config_h" "$ac_includes_default" +if test "x$ac_cv_header_minix_config_h" = xyes; then : + MINIX=yes +else + MINIX= +fi + + + if test "$MINIX" = yes; then + +$as_echo "#define _POSIX_SOURCE 1" >>confdefs.h + + +$as_echo "#define _POSIX_1_SOURCE 2" >>confdefs.h + + +$as_echo "#define _MINIX 1" >>confdefs.h + + fi + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether it is safe to define __EXTENSIONS__" >&5 +$as_echo_n "checking whether it is safe to define __EXTENSIONS__... " >&6; } +if ${ac_cv_safe_to_define___extensions__+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +# define __EXTENSIONS__ 1 + $ac_includes_default +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_safe_to_define___extensions__=yes +else + ac_cv_safe_to_define___extensions__=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_safe_to_define___extensions__" >&5 +$as_echo "$ac_cv_safe_to_define___extensions__" >&6; } + test $ac_cv_safe_to_define___extensions__ = yes && + $as_echo "#define __EXTENSIONS__ 1" >>confdefs.h + + $as_echo "#define _ALL_SOURCE 1" >>confdefs.h + + $as_echo "#define _GNU_SOURCE 1" >>confdefs.h + + $as_echo "#define _POSIX_PTHREAD_SEMANTICS 1" >>confdefs.h + + $as_echo "#define _TANDEM_SOURCE 1" >>confdefs.h + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ln -s works" >&5 +$as_echo_n "checking whether ln -s works... " >&6; } +LN_S=$as_ln_s +if test "$LN_S" = "ln -s"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no, using $LN_S" >&5 +$as_echo "no, using $LN_S" >&6; } +fi + +if test -n "$ac_tool_prefix"; then + for ac_prog in ar lib "link -lib" + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_AR+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$AR"; then + ac_cv_prog_AR="$AR" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_AR="$ac_tool_prefix$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +AR=$ac_cv_prog_AR +if test -n "$AR"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AR" >&5 +$as_echo "$AR" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$AR" && break + done +fi +if test -z "$AR"; then + ac_ct_AR=$AR + for ac_prog in ar lib "link -lib" +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_AR+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_AR"; then + ac_cv_prog_ac_ct_AR="$ac_ct_AR" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_AR="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_AR=$ac_cv_prog_ac_ct_AR +if test -n "$ac_ct_AR"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_AR" >&5 +$as_echo "$ac_ct_AR" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$ac_ct_AR" && break +done + + if test "x$ac_ct_AR" = x; then + AR="false" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + AR=$ac_ct_AR + fi +fi + +: ${AR=ar} + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking the archiver ($AR) interface" >&5 +$as_echo_n "checking the archiver ($AR) interface... " >&6; } +if ${am_cv_ar_interface+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + am_cv_ar_interface=ar + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int some_variable = 0; +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + am_ar_try='$AR cru libconftest.a conftest.$ac_objext >&5' + { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$am_ar_try\""; } >&5 + (eval $am_ar_try) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + if test "$ac_status" -eq 0; then + am_cv_ar_interface=ar + else + am_ar_try='$AR -NOLOGO -OUT:conftest.lib conftest.$ac_objext >&5' + { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$am_ar_try\""; } >&5 + (eval $am_ar_try) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + if test "$ac_status" -eq 0; then + am_cv_ar_interface=lib + else + am_cv_ar_interface=unknown + fi + fi + rm -f conftest.lib libconftest.a + +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_ar_interface" >&5 +$as_echo "$am_cv_ar_interface" >&6; } + +case $am_cv_ar_interface in +ar) + ;; +lib) + # Microsoft lib, so override with the ar-lib wrapper script. + # FIXME: It is wrong to rewrite AR. + # But if we don't then we get into trouble of one sort or another. + # A longer-term fix would be to have automake use am__AR in this case, + # and then we could set am__AR="$am_aux_dir/ar-lib \$(AR)" or something + # similar. + AR="$am_aux_dir/ar-lib $AR" + ;; +unknown) + as_fn_error $? "could not determine $AR interface" "$LINENO" 5 + ;; +esac + + +# checks for tool to convert docbook to man +genman="no" +for ac_prog in docbook2x-man +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_DOCBOOK2X_MAN+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $DOCBOOK2X_MAN in + [\\/]* | ?:[\\/]*) + ac_cv_path_DOCBOOK2X_MAN="$DOCBOOK2X_MAN" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_DOCBOOK2X_MAN="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +DOCBOOK2X_MAN=$ac_cv_path_DOCBOOK2X_MAN +if test -n "$DOCBOOK2X_MAN"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DOCBOOK2X_MAN" >&5 +$as_echo "$DOCBOOK2X_MAN" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$DOCBOOK2X_MAN" && break +done + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for tool to (re)generate man pages" >&5 +$as_echo_n "checking for tool to (re)generate man pages... " >&6; } +if test "x${DOCBOOK2X_MAN}" != x +then + genman="${DOCBOOK2X_MAN}" +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $genman" >&5 +$as_echo "$genman" >&6; } + if test "x${genman}" != "xno"; then + GENMAN_TRUE= + GENMAN_FALSE='#' +else + GENMAN_TRUE='#' + GENMAN_FALSE= +fi + +if test "x${genman}" = "xno" +then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: docbook2x-man not found: not (re)generating man pages" >&5 +$as_echo "$as_me: WARNING: docbook2x-man not found: not (re)generating man pages" >&2;} +fi + +# check whether to install manual pages +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to install man pages" >&5 +$as_echo_n "checking whether to install man pages... " >&6; } +instman="no" +if test "x${genman}" != "xno" || ls "${srcdir}/man/"*.? > /dev/null 2>&1 +then + instman="yes" +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $instman" >&5 +$as_echo "$instman" >&6; } + if test "x${instman}" != "xno"; then + INSTMAN_TRUE= + INSTMAN_FALSE='#' +else + INSTMAN_TRUE='#' + INSTMAN_FALSE= +fi + +if test "x${instman}" = "xno" +then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: not installing man pages (no generator and not pre-generated)" >&5 +$as_echo "$as_me: WARNING: not installing man pages (no generator and not pre-generated)" >&2;} +fi + +# check for Python and modules + + + + + + + if test -n "$PYTHON"; then + # If the user set $PYTHON, use it and don't search something else. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $PYTHON version is >= 2.5" >&5 +$as_echo_n "checking whether $PYTHON version is >= 2.5... " >&6; } + prog="import sys +# split strings by '.' and convert to numeric. Append some zeros +# because we need at least 4 digits for the hex conversion. +# map returns an iterator in Python 3.0 and a list in 2.x +minver = list(map(int, '2.5'.split('.'))) + [0, 0, 0] +minverhex = 0 +# xrange is not present in Python 3.0 and range returns an iterator +for i in list(range(0, 4)): minverhex = (minverhex << 8) + minver[i] +sys.exit(sys.hexversion < minverhex)" + if { echo "$as_me:$LINENO: $PYTHON -c "$prog"" >&5 + ($PYTHON -c "$prog") >&5 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + as_fn_error $? "Python interpreter is too old" "$LINENO" 5 +fi + am_display_PYTHON=$PYTHON + else + # Otherwise, try each interpreter until we find one that satisfies + # VERSION. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a Python interpreter with version >= 2.5" >&5 +$as_echo_n "checking for a Python interpreter with version >= 2.5... " >&6; } +if ${am_cv_pathless_PYTHON+:} false; then : + $as_echo_n "(cached) " >&6 +else + + for am_cv_pathless_PYTHON in python python2 python3 python3.8 python3.7 python3.6 python3.5 python3.4 python3.3 python3.2 python3.1 python3.0 python2.7 python2.6 python2.5 python2.4 python2.3 python2.2 python2.1 python2.0 none; do + test "$am_cv_pathless_PYTHON" = none && break + prog="import sys +# split strings by '.' and convert to numeric. Append some zeros +# because we need at least 4 digits for the hex conversion. +# map returns an iterator in Python 3.0 and a list in 2.x +minver = list(map(int, '2.5'.split('.'))) + [0, 0, 0] +minverhex = 0 +# xrange is not present in Python 3.0 and range returns an iterator +for i in list(range(0, 4)): minverhex = (minverhex << 8) + minver[i] +sys.exit(sys.hexversion < minverhex)" + if { echo "$as_me:$LINENO: $am_cv_pathless_PYTHON -c "$prog"" >&5 + ($am_cv_pathless_PYTHON -c "$prog") >&5 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; then : + break +fi + done +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_pathless_PYTHON" >&5 +$as_echo "$am_cv_pathless_PYTHON" >&6; } + # Set $PYTHON to the absolute path of $am_cv_pathless_PYTHON. + if test "$am_cv_pathless_PYTHON" = none; then + PYTHON=: + else + # Extract the first word of "$am_cv_pathless_PYTHON", so it can be a program name with args. +set dummy $am_cv_pathless_PYTHON; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_PYTHON+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $PYTHON in + [\\/]* | ?:[\\/]*) + ac_cv_path_PYTHON="$PYTHON" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PYTHON="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +PYTHON=$ac_cv_path_PYTHON +if test -n "$PYTHON"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PYTHON" >&5 +$as_echo "$PYTHON" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + fi + am_display_PYTHON=$am_cv_pathless_PYTHON + fi + + + if test "$PYTHON" = :; then + : + else + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $am_display_PYTHON version" >&5 +$as_echo_n "checking for $am_display_PYTHON version... " >&6; } +if ${am_cv_python_version+:} false; then : + $as_echo_n "(cached) " >&6 +else + am_cv_python_version=`$PYTHON -c "import sys; sys.stdout.write(sys.version[:3])"` +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_python_version" >&5 +$as_echo "$am_cv_python_version" >&6; } + PYTHON_VERSION=$am_cv_python_version + + + + PYTHON_PREFIX='${prefix}' + + PYTHON_EXEC_PREFIX='${exec_prefix}' + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $am_display_PYTHON platform" >&5 +$as_echo_n "checking for $am_display_PYTHON platform... " >&6; } +if ${am_cv_python_platform+:} false; then : + $as_echo_n "(cached) " >&6 +else + am_cv_python_platform=`$PYTHON -c "import sys; sys.stdout.write(sys.platform)"` +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_python_platform" >&5 +$as_echo "$am_cv_python_platform" >&6; } + PYTHON_PLATFORM=$am_cv_python_platform + + + # Just factor out some code duplication. + am_python_setup_sysconfig="\ +import sys +# Prefer sysconfig over distutils.sysconfig, for better compatibility +# with python 3.x. See automake bug#10227. +try: + import sysconfig +except ImportError: + can_use_sysconfig = 0 +else: + can_use_sysconfig = 1 +# Can't use sysconfig in CPython 2.7, since it's broken in virtualenvs: +# +try: + from platform import python_implementation + if python_implementation() == 'CPython' and sys.version[:3] == '2.7': + can_use_sysconfig = 0 +except ImportError: + pass" + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $am_display_PYTHON script directory" >&5 +$as_echo_n "checking for $am_display_PYTHON script directory... " >&6; } +if ${am_cv_python_pythondir+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "x$prefix" = xNONE + then + am_py_prefix=$ac_default_prefix + else + am_py_prefix=$prefix + fi + am_cv_python_pythondir=`$PYTHON -c " +$am_python_setup_sysconfig +if can_use_sysconfig: + sitedir = sysconfig.get_path('purelib', vars={'base':'$am_py_prefix'}) +else: + from distutils import sysconfig + sitedir = sysconfig.get_python_lib(0, 0, prefix='$am_py_prefix') +sys.stdout.write(sitedir)"` + case $am_cv_python_pythondir in + $am_py_prefix*) + am__strip_prefix=`echo "$am_py_prefix" | sed 's|.|.|g'` + am_cv_python_pythondir=`echo "$am_cv_python_pythondir" | sed "s,^$am__strip_prefix,$PYTHON_PREFIX,"` + ;; + *) + case $am_py_prefix in + /usr|/System*) ;; + *) + am_cv_python_pythondir=$PYTHON_PREFIX/lib/python$PYTHON_VERSION/site-packages + ;; + esac + ;; + esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_python_pythondir" >&5 +$as_echo "$am_cv_python_pythondir" >&6; } + pythondir=$am_cv_python_pythondir + + + + pkgpythondir=\${pythondir}/$PACKAGE + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $am_display_PYTHON extension module directory" >&5 +$as_echo_n "checking for $am_display_PYTHON extension module directory... " >&6; } +if ${am_cv_python_pyexecdir+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "x$exec_prefix" = xNONE + then + am_py_exec_prefix=$am_py_prefix + else + am_py_exec_prefix=$exec_prefix + fi + am_cv_python_pyexecdir=`$PYTHON -c " +$am_python_setup_sysconfig +if can_use_sysconfig: + sitedir = sysconfig.get_path('platlib', vars={'platbase':'$am_py_prefix'}) +else: + from distutils import sysconfig + sitedir = sysconfig.get_python_lib(1, 0, prefix='$am_py_prefix') +sys.stdout.write(sitedir)"` + case $am_cv_python_pyexecdir in + $am_py_exec_prefix*) + am__strip_prefix=`echo "$am_py_exec_prefix" | sed 's|.|.|g'` + am_cv_python_pyexecdir=`echo "$am_cv_python_pyexecdir" | sed "s,^$am__strip_prefix,$PYTHON_EXEC_PREFIX,"` + ;; + *) + case $am_py_exec_prefix in + /usr|/System*) ;; + *) + am_cv_python_pyexecdir=$PYTHON_EXEC_PREFIX/lib/python$PYTHON_VERSION/site-packages + ;; + esac + ;; + esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_python_pyexecdir" >&5 +$as_echo "$am_cv_python_pyexecdir" >&6; } + pyexecdir=$am_cv_python_pyexecdir + + + + pkgpyexecdir=\${pyexecdir}/$PACKAGE + + + + fi + + + if test "$PYTHON" != ":"; then + HAVE_PYTHON_TRUE= + HAVE_PYTHON_FALSE='#' +else + HAVE_PYTHON_TRUE='#' + HAVE_PYTHON_FALSE= +fi + +if test "x$PYTHON" != "x:" +then + + if test -z $PYTHON; + then + PYTHON="python" + fi + PYTHON_NAME=`basename $PYTHON` + { $as_echo "$as_me:${as_lineno-$LINENO}: checking $PYTHON_NAME module: argparse" >&5 +$as_echo_n "checking $PYTHON_NAME module: argparse... " >&6; } + $PYTHON -c "import argparse" 2>/dev/null + if test $? -eq 0; + then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + eval HAVE_PYMOD_ARGPARSE=yes + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + eval HAVE_PYMOD_ARGPARSE=no + # + if test -n "" + then + as_fn_error $? "failed to find required module argparse" "$LINENO" 5 + exit 1 + fi + fi + +fi + +# check for debugging options +# Check whether --enable-debug was given. +if test "${enable_debug+set}" = set; then : + enableval=$enable_debug; if test "x$enableval" != "xno" ; then CFLAGS="-g -DDEBUG $CFLAGS" ; fi +fi + + +# check for extra compiler warnings +DESIRED_CFLAGS="" +# Check whether --enable-warnings was given. +if test "${enable_warnings+set}" = set; then : + enableval=$enable_warnings; if test "x$enableval" != "no" + then + CFLAGS="$CFLAGS -pedantic -Wall -Wshadow -Wpointer-arith -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Waggregate-return -Wmissing-declarations -Wunused -Wformat=2 -Wswitch-default -Wswitch-enum -Wfloat-equal -Wbad-function-cast -Wredundant-decls" + DESIRED_CFLAGS="$DESIRED_CFLAGS -Wextra -Wdeclaration-after-statement -Werror-implicit-function-declaration -Werror=implicit" + fi +fi + +test_gcc_flag() { + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF + $CC -c conftest.c $CFLAGS $@ > /dev/null 2> /dev/null + ret=$? + rm -f conftest.o + return $ret +} +for flag in $DESIRED_CFLAGS +do + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts $flag" >&5 +$as_echo_n "checking whether $CC accepts $flag... " >&6; } + if test_gcc_flag $flag + then + CFLAGS="$CFLAGS $flag" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + fi +done + +# check for Position Independent Code compiler option +PIC_CFLAGS="" +if test "$ac_cv_c_compiler_gnu" = "yes" +then + PIC_CFLAGS="-fPIC" +else + case "$target_os" in + sysv5*) PIC_CFLAGS="-KPIC" ;; + esac +fi + + +# add --disable-maintainer-mode option + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable maintainer-specific portions of Makefiles" >&5 +$as_echo_n "checking whether to enable maintainer-specific portions of Makefiles... " >&6; } + # Check whether --enable-maintainer-mode was given. +if test "${enable_maintainer_mode+set}" = set; then : + enableval=$enable_maintainer_mode; USE_MAINTAINER_MODE=$enableval +else + USE_MAINTAINER_MODE=yes +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $USE_MAINTAINER_MODE" >&5 +$as_echo "$USE_MAINTAINER_MODE" >&6; } + if test $USE_MAINTAINER_MODE = yes; then + MAINTAINER_MODE_TRUE= + MAINTAINER_MODE_FALSE='#' +else + MAINTAINER_MODE_TRUE='#' + MAINTAINER_MODE_FALSE= +fi + + MAINT=$MAINTAINER_MODE_TRUE + + + +# check whether the NSS module should be built +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build the NSS module" >&5 +$as_echo_n "checking whether to build the NSS module... " >&6; } +# Check whether --enable-nss was given. +if test "${enable_nss+set}" = set; then : + enableval=$enable_nss; +else + enable_nss="yes" +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_nss" >&5 +$as_echo "$enable_nss" >&6; } + if test "x$enable_nss" = "xyes"; then + ENABLE_NSS_TRUE= + ENABLE_NSS_FALSE='#' +else + ENABLE_NSS_TRUE='#' + ENABLE_NSS_FALSE= +fi + + +# check whether the PAM module should be built +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build the PAM module" >&5 +$as_echo_n "checking whether to build the PAM module... " >&6; } +# Check whether --enable-pam was given. +if test "${enable_pam+set}" = set; then : + enableval=$enable_pam; +else + enable_pam="yes" +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_pam" >&5 +$as_echo "$enable_pam" >&6; } + if test "x$enable_pam" = "xyes"; then + ENABLE_PAM_TRUE= + ENABLE_PAM_FALSE='#' +else + ENABLE_PAM_TRUE='#' + ENABLE_PAM_FALSE= +fi + + +# check whether command-line utilities should be built +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build the command-line utilities" >&5 +$as_echo_n "checking whether to build the command-line utilities... " >&6; } +# Check whether --enable-utils was given. +if test "${enable_utils+set}" = set; then : + enableval=$enable_utils; +else + enable_utils="auto" +fi + +if test "x$enable_utils" = "xauto" +then + if test "x$PYTHON" != "x:" && test "$HAVE_PYMOD_ARGPARSE" = "yes" + then + enable_utils="yes" + else + enable_utils="no" + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_utils" >&5 +$as_echo "$enable_utils" >&6; } + if test "x$enable_utils" = "xyes"; then + ENABLE_UTILS_TRUE= + ENABLE_UTILS_FALSE='#' +else + ENABLE_UTILS_TRUE='#' + ENABLE_UTILS_FALSE= +fi + + +# check whether the nslcd daemon should be built +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build the nslcd daemon" >&5 +$as_echo_n "checking whether to build the nslcd daemon... " >&6; } +# Check whether --enable-nslcd was given. +if test "${enable_nslcd+set}" = set; then : + enableval=$enable_nslcd; +else + enable_nslcd="yes" +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_nslcd" >&5 +$as_echo "$enable_nslcd" >&6; } + if test "x$enable_nslcd" = "xyes"; then + ENABLE_NSLCD_TRUE= + ENABLE_NSLCD_FALSE='#' +else + ENABLE_NSLCD_TRUE='#' + ENABLE_NSLCD_FALSE= +fi + + +# check whether the Python version of the nslcd daemon should be built +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build the pynslcd daemon" >&5 +$as_echo_n "checking whether to build the pynslcd daemon... " >&6; } +# Check whether --enable-pynslcd was given. +if test "${enable_pynslcd+set}" = set; then : + enableval=$enable_pynslcd; +else + enable_pynslcd="no" +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_pynslcd" >&5 +$as_echo "$enable_pynslcd" >&6; } + if test "x$enable_pynslcd" = "xyes"; then + ENABLE_PYNSLCD_TRUE= + ENABLE_PYNSLCD_FALSE='#' +else + ENABLE_PYNSLCD_TRUE='#' + ENABLE_PYNSLCD_FALSE= +fi + +if test "x$enable_pynslcd" = "xyes" +then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: the pynslcd daemon is experimental" >&5 +$as_echo "$as_me: WARNING: the pynslcd daemon is experimental" >&2;} +fi + +# check whether SASL support should be enabled +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable SASL support" >&5 +$as_echo_n "checking whether to enable SASL support... " >&6; } +# Check whether --enable-sasl was given. +if test "${enable_sasl+set}" = set; then : + enableval=$enable_sasl; enable_sasl=$enableval +else + enable_sasl="yes" +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_sasl" >&5 +$as_echo "$enable_sasl" >&6; } + +# check whether Kerberos support should be enabled +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable Kerberos support" >&5 +$as_echo_n "checking whether to enable Kerberos support... " >&6; } +# Check whether --enable-kerberos was given. +if test "${enable_kerberos+set}" = set; then : + enableval=$enable_kerberos; enable_kerberos=$enableval +else + enable_kerberos="yes" +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_kerberos" >&5 +$as_echo "$enable_kerberos" >&6; } + +# check whether configfile options should be checked +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to check configfile options" >&5 +$as_echo_n "checking whether to check configfile options... " >&6; } +# Check whether --enable-configfile_checking was given. +if test "${enable_configfile_checking+set}" = set; then : + enableval=$enable_configfile_checking; configfile_checking=$enableval +else + configfile_checking="yes" +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $configfile_checking" >&5 +$as_echo "$configfile_checking" >&6; } +if test "x$configfile_checking" = "xyes" +then + +$as_echo "#define ENABLE_CONFIGFILE_CHECKING 1 " >>confdefs.h + +fi + +# check the name of the configuration file + +# Check whether --with-ldap-conf-file was given. +if test "${with_ldap_conf_file+set}" = set; then : + withval=$with_ldap_conf_file; NSLCD_CONF_PATH="$with_ldap_conf_file" +else + NSLCD_CONF_PATH="/etc/nslcd.conf" +fi + + +cat >>confdefs.h <<_ACEOF +#define NSLCD_CONF_PATH "$NSLCD_CONF_PATH" +_ACEOF + + + +# check the name of the file with a bindpw value + +# Check whether --with-bindpw-file was given. +if test "${with_bindpw_file+set}" = set; then : + withval=$with_bindpw_file; NSLCD_BINDPW_PATH="$with_bindpw_file" + +cat >>confdefs.h <<_ACEOF +#define NSLCD_BINDPW_PATH "$NSLCD_BINDPW_PATH" +_ACEOF + + + +fi + + +# where should the pidfile be written + +# Check whether --with-nslcd-pidfile was given. +if test "${with_nslcd_pidfile+set}" = set; then : + withval=$with_nslcd_pidfile; NSLCD_PIDFILE="$with_nslcd_pidfile" +else + NSLCD_PIDFILE="/var/run/nslcd/nslcd.pid" +fi + + +cat >>confdefs.h <<_ACEOF +#define NSLCD_PIDFILE "$NSLCD_PIDFILE" +_ACEOF + + + +# where is the socket used for communication + +# Check whether --with-nslcd-socket was given. +if test "${with_nslcd_socket+set}" = set; then : + withval=$with_nslcd_socket; NSLCD_SOCKET="$with_nslcd_socket" +else + NSLCD_SOCKET="/var/run/nslcd/socket" +fi + + +cat >>confdefs.h <<_ACEOF +#define NSLCD_SOCKET "$NSLCD_SOCKET" +_ACEOF + + + +# the directory PAM librabries are expected to be placed into +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking location for PAM module" >&5 +$as_echo_n "checking location for PAM module... " >&6; } + +# Check whether --with-pam-seclib-dir was given. +if test "${with_pam_seclib_dir+set}" = set; then : + withval=$with_pam_seclib_dir; PAM_SECLIB_DIR="$with_pam_seclib_dir" +else + PAM_SECLIB_DIR="auto" +fi + +if test "x$PAM_SECLIB_DIR" = "xauto" +then + case "$target_os" in + solaris*) PAM_SECLIB_DIR="/usr/lib/security" ;; + freebsd*|dragonfly*) PAM_SECLIB_DIR="/usr/lib" ;; + *) PAM_SECLIB_DIR="/lib/security" ;; + esac +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $PAM_SECLIB_DIR" >&5 +$as_echo "$PAM_SECLIB_DIR" >&6; } + +cat >>confdefs.h <<_ACEOF +#define PAM_SECLIB_DIR "$PAM_SECLIB_DIR" +_ACEOF + + + +# the name to use for the NSS module +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking name of NSS and PAM modules" >&5 +$as_echo_n "checking name of NSS and PAM modules... " >&6; } + +# Check whether --with-module-name was given. +if test "${with_module_name+set}" = set; then : + withval=$with_module_name; MODULE_NAME="$with_module_name" +else + MODULE_NAME="ldap" +fi + + # FIXME: this does not work +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $MODULE_NAME" >&5 +$as_echo "$MODULE_NAME" >&6; } + +cat >>confdefs.h <<_ACEOF +#define MODULE_NAME "$MODULE_NAME" +_ACEOF + + +cat >>confdefs.h <<_ACEOF +#define NSS_NAME(NAME) _nss_${MODULE_NAME}_##NAME +_ACEOF + + +cat >>confdefs.h <<_ACEOF +#define PAM_NAME(NAME) _pam_${MODULE_NAME}_##NAME +_ACEOF + + + +# the SONAME to use for the NSS module +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking soname of NSS module" >&5 +$as_echo_n "checking soname of NSS module... " >&6; } + +# Check whether --with-nss-ldap-soname was given. +if test "${with_nss_ldap_soname+set}" = set; then : + withval=$with_nss_ldap_soname; NSS_LDAP_SONAME="$with_nss_ldap_soname" +else + NSS_LDAP_SONAME="auto" +fi + +if test "x$NSS_LDAP_SONAME" = "xauto" +then + case "$target_os" in + solaris*) NSS_LDAP_SONAME="nss_$MODULE_NAME.so.1" ;; + freebsd*|dragonfly*) NSS_LDAP_SONAME="nss_$MODULE_NAME.so.1" ;; + *) NSS_LDAP_SONAME="libnss_$MODULE_NAME.so.2" ;; + esac +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $NSS_LDAP_SONAME" >&5 +$as_echo "$NSS_LDAP_SONAME" >&6; } + +cat >>confdefs.h <<_ACEOF +#define NSS_LDAP_SONAME "$NSS_LDAP_SONAME" +_ACEOF + + + +# the SONAME to use for the PAM module +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking soname of PAM module" >&5 +$as_echo_n "checking soname of PAM module... " >&6; } + +# Check whether --with-pam-ldap-soname was given. +if test "${with_pam_ldap_soname+set}" = set; then : + withval=$with_pam_ldap_soname; PAM_LDAP_SONAME="$with_pam_ldap_soname" +else + PAM_LDAP_SONAME="auto" +fi + +if test "x$PAM_LDAP_SONAME" = "xauto" +then + case "$target_os" in + solaris*) PAM_LDAP_SONAME="pam_$MODULE_NAME.so.1" ;; + *) PAM_LDAP_SONAME="pam_$MODULE_NAME.so" ;; + esac +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $PAM_LDAP_SONAME" >&5 +$as_echo "$PAM_LDAP_SONAME" >&6; } + + +# check which modules should be build + +# Check whether --with-nss-maps was given. +if test "${with_nss_maps+set}" = set; then : + withval=$with_nss_maps; +else + with_nss_maps="all" +fi + + +# checks for availability of header files +for ac_header in ctype.h strings.h pthread.h pthread_np.h fcntl.h limits.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + +for ac_header in nss.h nss_common.h grp.h shadow.h aliases.h netdb.h rpc/rpcent.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + +for ac_header in netinet/ether.h arpa/inet.h netinet/in.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + +for ac_header in nsswitch.h nss_dbdefs.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + +for ac_header in sys/socket.h sys/un.h sys/ucred.h ucred.h sys/param.h sys/time.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + +for ac_header in getopt.h syslog.h stddef.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + + +# other general checks +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for inline" >&5 +$as_echo_n "checking for inline... " >&6; } +if ${ac_cv_c_inline+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_cv_c_inline=no +for ac_kw in inline __inline__ __inline; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifndef __cplusplus +typedef int foo_t; +static $ac_kw foo_t static_foo () {return 0; } +$ac_kw foo_t foo () {return 0; } +#endif + +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_c_inline=$ac_kw +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + test "$ac_cv_c_inline" != no && break +done + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_inline" >&5 +$as_echo "$ac_cv_c_inline" >&6; } + +case $ac_cv_c_inline in + inline | yes) ;; + *) + case $ac_cv_c_inline in + no) ac_val=;; + *) ac_val=$ac_cv_c_inline;; + esac + cat >>confdefs.h <<_ACEOF +#ifndef __cplusplus +#define inline $ac_val +#endif +_ACEOF + ;; +esac + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for an ANSI C-conforming const" >&5 +$as_echo_n "checking for an ANSI C-conforming const... " >&6; } +if ${ac_cv_c_const+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + +#ifndef __cplusplus + /* Ultrix mips cc rejects this sort of thing. */ + typedef int charset[2]; + const charset cs = { 0, 0 }; + /* SunOS 4.1.1 cc rejects this. */ + char const *const *pcpcc; + char **ppc; + /* NEC SVR4.0.2 mips cc rejects this. */ + struct point {int x, y;}; + static struct point const zero = {0,0}; + /* AIX XL C 1.02.0.0 rejects this. + It does not let you subtract one const X* pointer from another in + an arm of an if-expression whose if-part is not a constant + expression */ + const char *g = "string"; + pcpcc = &g + (g ? g-g : 0); + /* HPUX 7.0 cc rejects these. */ + ++pcpcc; + ppc = (char**) pcpcc; + pcpcc = (char const *const *) ppc; + { /* SCO 3.2v4 cc rejects this sort of thing. */ + char tx; + char *t = &tx; + char const *s = 0 ? (char *) 0 : (char const *) 0; + + *t++ = 0; + if (s) return 0; + } + { /* Someone thinks the Sun supposedly-ANSI compiler will reject this. */ + int x[] = {25, 17}; + const int *foo = &x[0]; + ++foo; + } + { /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */ + typedef const int *iptr; + iptr p = 0; + ++p; + } + { /* AIX XL C 1.02.0.0 rejects this sort of thing, saying + "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ + struct s { int j; const int *ap[3]; } bx; + struct s *b = &bx; b->j = 5; + } + { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ + const int foo = 10; + if (!foo) return 0; + } + return !cs[0] && !zero.x; +#endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_c_const=yes +else + ac_cv_c_const=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_const" >&5 +$as_echo "$ac_cv_c_const" >&6; } +if test $ac_cv_c_const = no; then + +$as_echo "#define const /**/" >>confdefs.h + +fi + + +# checks for availability of common functions +for ac_func in sigaction snprintf +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing socket" >&5 +$as_echo_n "checking for library containing socket... " >&6; } +if ${ac_cv_search_socket+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char socket (); +int +main () +{ +return socket (); + ; + return 0; +} +_ACEOF +for ac_lib in '' socket; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_socket=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search_socket+:} false; then : + break +fi +done +if ${ac_cv_search_socket+:} false; then : + +else + ac_cv_search_socket=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_socket" >&5 +$as_echo "$ac_cv_search_socket" >&6; } +ac_res=$ac_cv_search_socket +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + +for ac_func in strcasecmp strncasecmp strchr strcspn strspn strtol strtoul strtoull strndup +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + +for ac_func in malloc realloc atexit +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + +ac_fn_c_check_type "$LINENO" "pid_t" "ac_cv_type_pid_t" "$ac_includes_default" +if test "x$ac_cv_type_pid_t" = xyes; then : + +else + +cat >>confdefs.h <<_ACEOF +#define pid_t int +_ACEOF + +fi + +for ac_header in vfork.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "vfork.h" "ac_cv_header_vfork_h" "$ac_includes_default" +if test "x$ac_cv_header_vfork_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_VFORK_H 1 +_ACEOF + +fi + +done + +for ac_func in fork vfork +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + +if test "x$ac_cv_func_fork" = xyes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working fork" >&5 +$as_echo_n "checking for working fork... " >&6; } +if ${ac_cv_func_fork_works+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + ac_cv_func_fork_works=cross +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_includes_default +int +main () +{ + + /* By Ruediger Kuhlmann. */ + return fork () < 0; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + ac_cv_func_fork_works=yes +else + ac_cv_func_fork_works=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_fork_works" >&5 +$as_echo "$ac_cv_func_fork_works" >&6; } + +else + ac_cv_func_fork_works=$ac_cv_func_fork +fi +if test "x$ac_cv_func_fork_works" = xcross; then + case $host in + *-*-amigaos* | *-*-msdosdjgpp*) + # Override, as these systems have only a dummy fork() stub + ac_cv_func_fork_works=no + ;; + *) + ac_cv_func_fork_works=yes + ;; + esac + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: result $ac_cv_func_fork_works guessed because of cross compilation" >&5 +$as_echo "$as_me: WARNING: result $ac_cv_func_fork_works guessed because of cross compilation" >&2;} +fi +ac_cv_func_vfork_works=$ac_cv_func_vfork +if test "x$ac_cv_func_vfork" = xyes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working vfork" >&5 +$as_echo_n "checking for working vfork... " >&6; } +if ${ac_cv_func_vfork_works+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + ac_cv_func_vfork_works=cross +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +/* Thanks to Paul Eggert for this test. */ +$ac_includes_default +#include +#ifdef HAVE_VFORK_H +# include +#endif +/* On some sparc systems, changes by the child to local and incoming + argument registers are propagated back to the parent. The compiler + is told about this with #include , but some compilers + (e.g. gcc -O) don't grok . Test for this by using a + static variable whose address is put into a register that is + clobbered by the vfork. */ +static void +#ifdef __cplusplus +sparc_address_test (int arg) +# else +sparc_address_test (arg) int arg; +#endif +{ + static pid_t child; + if (!child) { + child = vfork (); + if (child < 0) { + perror ("vfork"); + _exit(2); + } + if (!child) { + arg = getpid(); + write(-1, "", 0); + _exit (arg); + } + } +} + +int +main () +{ + pid_t parent = getpid (); + pid_t child; + + sparc_address_test (0); + + child = vfork (); + + if (child == 0) { + /* Here is another test for sparc vfork register problems. This + test uses lots of local variables, at least as many local + variables as main has allocated so far including compiler + temporaries. 4 locals are enough for gcc 1.40.3 on a Solaris + 4.1.3 sparc, but we use 8 to be safe. A buggy compiler should + reuse the register of parent for one of the local variables, + since it will think that parent can't possibly be used any more + in this routine. Assigning to the local variable will thus + munge parent in the parent process. */ + pid_t + p = getpid(), p1 = getpid(), p2 = getpid(), p3 = getpid(), + p4 = getpid(), p5 = getpid(), p6 = getpid(), p7 = getpid(); + /* Convince the compiler that p..p7 are live; otherwise, it might + use the same hardware register for all 8 local variables. */ + if (p != p1 || p != p2 || p != p3 || p != p4 + || p != p5 || p != p6 || p != p7) + _exit(1); + + /* On some systems (e.g. IRIX 3.3), vfork doesn't separate parent + from child file descriptors. If the child closes a descriptor + before it execs or exits, this munges the parent's descriptor + as well. Test for this by closing stdout in the child. */ + _exit(close(fileno(stdout)) != 0); + } else { + int status; + struct stat st; + + while (wait(&status) != child) + ; + return ( + /* Was there some problem with vforking? */ + child < 0 + + /* Did the child fail? (This shouldn't happen.) */ + || status + + /* Did the vfork/compiler bug occur? */ + || parent != getpid() + + /* Did the file descriptor bug occur? */ + || fstat(fileno(stdout), &st) != 0 + ); + } +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + ac_cv_func_vfork_works=yes +else + ac_cv_func_vfork_works=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_vfork_works" >&5 +$as_echo "$ac_cv_func_vfork_works" >&6; } + +fi; +if test "x$ac_cv_func_fork_works" = xcross; then + ac_cv_func_vfork_works=$ac_cv_func_vfork + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: result $ac_cv_func_vfork_works guessed because of cross compilation" >&5 +$as_echo "$as_me: WARNING: result $ac_cv_func_vfork_works guessed because of cross compilation" >&2;} +fi + +if test "x$ac_cv_func_vfork_works" = xyes; then + +$as_echo "#define HAVE_WORKING_VFORK 1" >>confdefs.h + +else + +$as_echo "#define vfork fork" >>confdefs.h + +fi +if test "x$ac_cv_func_fork_works" = xyes; then + +$as_echo "#define HAVE_WORKING_FORK 1" >>confdefs.h + +fi + +for ac_func in __assert_fail +do : + ac_fn_c_check_func "$LINENO" "__assert_fail" "ac_cv_func___assert_fail" +if test "x$ac_cv_func___assert_fail" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE___ASSERT_FAIL 1 +_ACEOF + +fi +done + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing clock_gettime" >&5 +$as_echo_n "checking for library containing clock_gettime... " >&6; } +if ${ac_cv_search_clock_gettime+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char clock_gettime (); +int +main () +{ +return clock_gettime (); + ; + return 0; +} +_ACEOF +for ac_lib in '' rt; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_clock_gettime=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search_clock_gettime+:} false; then : + break +fi +done +if ${ac_cv_search_clock_gettime+:} false; then : + +else + ac_cv_search_clock_gettime=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_clock_gettime" >&5 +$as_echo "$ac_cv_search_clock_gettime" >&6; } +ac_res=$ac_cv_search_clock_gettime +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + +for ac_func in setusershell getusershell endusershell getgrouplist +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + +ac_fn_c_check_decl "$LINENO" "setusershell" "ac_cv_have_decl_setusershell" "$ac_includes_default" +if test "x$ac_cv_have_decl_setusershell" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_SETUSERSHELL $ac_have_decl +_ACEOF +ac_fn_c_check_decl "$LINENO" "getusershell" "ac_cv_have_decl_getusershell" "$ac_includes_default" +if test "x$ac_cv_have_decl_getusershell" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_GETUSERSHELL $ac_have_decl +_ACEOF +ac_fn_c_check_decl "$LINENO" "endusershell" "ac_cv_have_decl_endusershell" "$ac_includes_default" +if test "x$ac_cv_have_decl_endusershell" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_ENDUSERSHELL $ac_have_decl +_ACEOF + + +# checks for types +ac_fn_c_check_type "$LINENO" "mode_t" "ac_cv_type_mode_t" "$ac_includes_default" +if test "x$ac_cv_type_mode_t" = xyes; then : + +else + +cat >>confdefs.h <<_ACEOF +#define mode_t int +_ACEOF + +fi + +ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default" +if test "x$ac_cv_type_size_t" = xyes; then : + +else + +cat >>confdefs.h <<_ACEOF +#define size_t unsigned int +_ACEOF + +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for uid_t in sys/types.h" >&5 +$as_echo_n "checking for uid_t in sys/types.h... " >&6; } +if ${ac_cv_type_uid_t+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "uid_t" >/dev/null 2>&1; then : + ac_cv_type_uid_t=yes +else + ac_cv_type_uid_t=no +fi +rm -f conftest* + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_uid_t" >&5 +$as_echo "$ac_cv_type_uid_t" >&6; } +if test $ac_cv_type_uid_t = no; then + +$as_echo "#define uid_t int" >>confdefs.h + + +$as_echo "#define gid_t int" >>confdefs.h + +fi + +ac_fn_c_check_type "$LINENO" "pid_t" "ac_cv_type_pid_t" "$ac_includes_default" +if test "x$ac_cv_type_pid_t" = xyes; then : + +else + +cat >>confdefs.h <<_ACEOF +#define pid_t int +_ACEOF + +fi + +ac_fn_c_find_intX_t "$LINENO" "32" "ac_cv_c_int32_t" +case $ac_cv_c_int32_t in #( + no|yes) ;; #( + *) + +cat >>confdefs.h <<_ACEOF +#define int32_t $ac_cv_c_int32_t +_ACEOF +;; +esac + +ac_fn_c_find_uintX_t "$LINENO" "8" "ac_cv_c_uint8_t" +case $ac_cv_c_uint8_t in #( + no|yes) ;; #( + *) + +$as_echo "#define _UINT8_T 1" >>confdefs.h + + +cat >>confdefs.h <<_ACEOF +#define uint8_t $ac_cv_c_uint8_t +_ACEOF +;; + esac + +ac_fn_c_find_uintX_t "$LINENO" "16" "ac_cv_c_uint16_t" +case $ac_cv_c_uint16_t in #( + no|yes) ;; #( + *) + + +cat >>confdefs.h <<_ACEOF +#define uint16_t $ac_cv_c_uint16_t +_ACEOF +;; + esac + +ac_fn_c_find_uintX_t "$LINENO" "32" "ac_cv_c_uint32_t" +case $ac_cv_c_uint32_t in #( + no|yes) ;; #( + *) + +$as_echo "#define _UINT32_T 1" >>confdefs.h + + +cat >>confdefs.h <<_ACEOF +#define uint32_t $ac_cv_c_uint32_t +_ACEOF +;; + esac + +# The cast to long int works around a bug in the HP C Compiler +# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects +# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. +# This bug is HP SR number 8606223364. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of unsigned int" >&5 +$as_echo_n "checking size of unsigned int... " >&6; } +if ${ac_cv_sizeof_unsigned_int+:} false; then : + $as_echo_n "(cached) " >&6 +else + if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (unsigned int))" "ac_cv_sizeof_unsigned_int" "$ac_includes_default"; then : + +else + if test "$ac_cv_type_unsigned_int" = yes; then + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot compute sizeof (unsigned int) +See \`config.log' for more details" "$LINENO" 5; } + else + ac_cv_sizeof_unsigned_int=0 + fi +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_unsigned_int" >&5 +$as_echo "$ac_cv_sizeof_unsigned_int" >&6; } + + + +cat >>confdefs.h <<_ACEOF +#define SIZEOF_UNSIGNED_INT $ac_cv_sizeof_unsigned_int +_ACEOF + + +# The cast to long int works around a bug in the HP C Compiler +# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects +# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. +# This bug is HP SR number 8606223364. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of unsigned long int" >&5 +$as_echo_n "checking size of unsigned long int... " >&6; } +if ${ac_cv_sizeof_unsigned_long_int+:} false; then : + $as_echo_n "(cached) " >&6 +else + if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (unsigned long int))" "ac_cv_sizeof_unsigned_long_int" "$ac_includes_default"; then : + +else + if test "$ac_cv_type_unsigned_long_int" = yes; then + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot compute sizeof (unsigned long int) +See \`config.log' for more details" "$LINENO" 5; } + else + ac_cv_sizeof_unsigned_long_int=0 + fi +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_unsigned_long_int" >&5 +$as_echo "$ac_cv_sizeof_unsigned_long_int" >&6; } + + + +cat >>confdefs.h <<_ACEOF +#define SIZEOF_UNSIGNED_LONG_INT $ac_cv_sizeof_unsigned_long_int +_ACEOF + + +# The cast to long int works around a bug in the HP C Compiler +# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects +# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. +# This bug is HP SR number 8606223364. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of unsigned long long int" >&5 +$as_echo_n "checking size of unsigned long long int... " >&6; } +if ${ac_cv_sizeof_unsigned_long_long_int+:} false; then : + $as_echo_n "(cached) " >&6 +else + if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (unsigned long long int))" "ac_cv_sizeof_unsigned_long_long_int" "$ac_includes_default"; then : + +else + if test "$ac_cv_type_unsigned_long_long_int" = yes; then + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot compute sizeof (unsigned long long int) +See \`config.log' for more details" "$LINENO" 5; } + else + ac_cv_sizeof_unsigned_long_long_int=0 + fi +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_unsigned_long_long_int" >&5 +$as_echo "$ac_cv_sizeof_unsigned_long_long_int" >&6; } + + + +cat >>confdefs.h <<_ACEOF +#define SIZEOF_UNSIGNED_LONG_LONG_INT $ac_cv_sizeof_unsigned_long_long_int +_ACEOF + + +# The cast to long int works around a bug in the HP C Compiler +# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects +# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. +# This bug is HP SR number 8606223364. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of uid_t" >&5 +$as_echo_n "checking size of uid_t... " >&6; } +if ${ac_cv_sizeof_uid_t+:} false; then : + $as_echo_n "(cached) " >&6 +else + if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (uid_t))" "ac_cv_sizeof_uid_t" "$ac_includes_default"; then : + +else + if test "$ac_cv_type_uid_t" = yes; then + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot compute sizeof (uid_t) +See \`config.log' for more details" "$LINENO" 5; } + else + ac_cv_sizeof_uid_t=0 + fi +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_uid_t" >&5 +$as_echo "$ac_cv_sizeof_uid_t" >&6; } + + + +cat >>confdefs.h <<_ACEOF +#define SIZEOF_UID_T $ac_cv_sizeof_uid_t +_ACEOF + + +# The cast to long int works around a bug in the HP C Compiler +# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects +# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. +# This bug is HP SR number 8606223364. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of gid_t" >&5 +$as_echo_n "checking size of gid_t... " >&6; } +if ${ac_cv_sizeof_gid_t+:} false; then : + $as_echo_n "(cached) " >&6 +else + if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (gid_t))" "ac_cv_sizeof_gid_t" "$ac_includes_default"; then : + +else + if test "$ac_cv_type_gid_t" = yes; then + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot compute sizeof (gid_t) +See \`config.log' for more details" "$LINENO" 5; } + else + ac_cv_sizeof_gid_t=0 + fi +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_gid_t" >&5 +$as_echo "$ac_cv_sizeof_gid_t" >&6; } + + + +cat >>confdefs.h <<_ACEOF +#define SIZEOF_GID_T $ac_cv_sizeof_gid_t +_ACEOF + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for thread local storage (TLS) class" >&5 +$as_echo_n "checking for thread local storage (TLS) class... " >&6; } + if ${ac_cv_tls+:} false; then : + $as_echo_n "(cached) " >&6 +else + for ax_tls_keyword in __thread '__declspec(thread)' none; do + case $ax_tls_keyword in #( + none) : + ac_cv_tls=none ; break ;; #( + *) : + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + static void + foo(void) { + static $ax_tls_keyword int bar; + exit(1); + } +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_tls=$ax_tls_keyword ; break +else + ac_cv_tls=none + +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ;; +esac + done + +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_tls" >&5 +$as_echo "$ac_cv_tls" >&6; } + + if test "$ac_cv_tls" != "none"; then : + +cat >>confdefs.h <<_ACEOF +#define TLS $ac_cv_tls +_ACEOF + + +fi + +ac_fn_c_check_type "$LINENO" "suseconds_t" "ac_cv_type_suseconds_t" "$ac_includes_default" +if test "x$ac_cv_type_suseconds_t" = xyes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_SUSECONDS_T 1 +_ACEOF + + +fi + + +# check for support for the struct ether_addr structure +ac_fn_c_check_type "$LINENO" "struct ether_addr" "ac_cv_type_struct_ether_addr" " + #include + #include + #include + #include + #include + #ifdef HAVE_NETINET_ETHER_H + #include + #endif +" +if test "x$ac_cv_type_struct_ether_addr" = xyes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_STRUCT_ETHER_ADDR 1 +_ACEOF + + +fi + + +# check for ether_aton and ether_ntoa functions +for ac_func in ether_aton ether_ntoa ether_aton_r ether_ntoa_r +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + +ac_fn_c_check_decl "$LINENO" "ether_aton" "ac_cv_have_decl_ether_aton" " + #include + #include + #include + #include + #include + #ifdef HAVE_NETINET_ETHER_H + #include + #endif +" +if test "x$ac_cv_have_decl_ether_aton" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_ETHER_ATON $ac_have_decl +_ACEOF +ac_fn_c_check_decl "$LINENO" "ether_ntoa" "ac_cv_have_decl_ether_ntoa" " + #include + #include + #include + #include + #include + #ifdef HAVE_NETINET_ETHER_H + #include + #endif +" +if test "x$ac_cv_have_decl_ether_ntoa" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_ETHER_NTOA $ac_have_decl +_ACEOF + + +# check to see if socklen_t is defined +ac_fn_c_check_type "$LINENO" "socklen_t" "ac_cv_type_socklen_t" " + #include + #include +" +if test "x$ac_cv_type_socklen_t" = xyes; then : + +else + +$as_echo "#define socklen_t size_t" >>confdefs.h + +fi + + +# check the return type of setnetgrent() +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking return type of setnetgrent" >&5 +$as_echo_n "checking return type of setnetgrent... " >&6; } +if ${nss_pam_ldapd_cv_setnetgrent_type+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + +int +main () +{ + + return setnetgrent(0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + nss_pam_ldapd_cv_setnetgrent_type=int +else + nss_pam_ldapd_cv_setnetgrent_type=void +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $nss_pam_ldapd_cv_setnetgrent_type" >&5 +$as_echo "$nss_pam_ldapd_cv_setnetgrent_type" >&6; } +if test "x$nss_pam_ldapd_cv_setnetgrent_type" = "xvoid" +then + +$as_echo "#define SETNETGRENT_RETURNS_VOID 1" >>confdefs.h + +fi + +# NSS module-specific tests +if test "x$enable_nss" = "xyes" +then + # save CFLAGS and LIBS to restore later + nss_save_CFLAGS="$CFLAGS" + nss_save_LIBS="$LIBS" + + # check for a definition of struct aliasent + ac_fn_c_check_type "$LINENO" "struct aliasent" "ac_cv_type_struct_aliasent" " + #ifdef HAVE_ALIASES_H + #include + #endif +" +if test "x$ac_cv_type_struct_aliasent" = xyes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_STRUCT_ALIASENT 1 +_ACEOF + + +fi + + + # check for a definition of struct etherent + ac_fn_c_check_type "$LINENO" "struct etherent" "ac_cv_type_struct_etherent" " + #include + #include + #include + #include + #ifdef HAVE_NETINET_ETHER_H + #include + #endif +" +if test "x$ac_cv_type_struct_etherent" = xyes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_STRUCT_ETHERENT 1 +_ACEOF + + +fi + + + # check if struct passwd has a pw_class member + ac_fn_c_check_member "$LINENO" "struct passwd" "pw_class" "ac_cv_member_struct_passwd_pw_class" " + #include +" +if test "x$ac_cv_member_struct_passwd_pw_class" = xyes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_STRUCT_PASSWD_PW_CLASS 1 +_ACEOF + + +fi + + + # check for a definition of struct rpcent + ac_fn_c_check_type "$LINENO" "struct rpcent" "ac_cv_type_struct_rpcent" " + #include + #ifdef HAVE_RPC_RPCENT_H + #include + #endif +" +if test "x$ac_cv_type_struct_rpcent" = xyes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_STRUCT_RPCENT 1 +_ACEOF + + +fi + + + # check for a definition of struct spwd + ac_fn_c_check_type "$LINENO" "struct spwd" "ac_cv_type_struct_spwd" " + #ifdef HAVE_NSS_H + #include + #endif + #ifdef HAVE_NSS_COMMON_H + #include + #endif + #include + #ifdef HAVE_SHADOW_H + #include + #endif +" +if test "x$ac_cv_type_struct_spwd" = xyes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_STRUCT_SPWD 1 +_ACEOF + + +fi + + + # check for a definition of enum nss_status and nss_backend_t + ac_fn_c_check_type "$LINENO" "enum nss_status" "ac_cv_type_enum_nss_status" " + #ifdef HAVE_NSS_H + #include + #endif + #ifdef HAVE_NSS_COMMON_H + #include + #endif + #ifdef HAVE_NSS_DBDEFS_H + #include + #endif + #ifdef HAVE_NSSWITCH_H + #include + #endif +" +if test "x$ac_cv_type_enum_nss_status" = xyes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_ENUM_NSS_STATUS 1 +_ACEOF + + +fi +ac_fn_c_check_type "$LINENO" "nss_backend_t" "ac_cv_type_nss_backend_t" " + #ifdef HAVE_NSS_H + #include + #endif + #ifdef HAVE_NSS_COMMON_H + #include + #endif + #ifdef HAVE_NSS_DBDEFS_H + #include + #endif + #ifdef HAVE_NSSWITCH_H + #include + #endif +" +if test "x$ac_cv_type_nss_backend_t" = xyes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_NSS_BACKEND_T 1 +_ACEOF + + +fi + + + # check if struct nss_XbyY_args has a returnlen attribute + ac_fn_c_check_member "$LINENO" "struct nss_XbyY_args" "returnlen" "ac_cv_member_struct_nss_XbyY_args_returnlen" " + #ifdef HAVE_NSS_H + #include + #endif + #ifdef HAVE_NSS_COMMON_H + #include + #endif + #ifdef HAVE_NSS_DBDEFS_H + #include + #endif + #ifdef HAVE_NSSWITCH_H + #include + #endif +" +if test "x$ac_cv_member_struct_nss_XbyY_args_returnlen" = xyes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN 1 +_ACEOF + + +fi + + + # check which NSS flavour to build + { $as_echo "$as_me:${as_lineno-$LINENO}: checking which NSS flavour to build" >&5 +$as_echo_n "checking which NSS flavour to build... " >&6; } + +# Check whether --with-nss-flavour was given. +if test "${with_nss_flavour+set}" = set; then : + withval=$with_nss_flavour; +else + with_nss_flavour=auto +fi + + if test "x$with_nss_flavour" = "xauto" + then + # do the guessing game + case "$target_os" in + solaris*) with_nss_flavour=solaris ;; + freebsd*|dragonfly*) with_nss_flavour=freebsd ;; + *) with_nss_flavour=glibc ;; + esac + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $with_nss_flavour" >&5 +$as_echo "$with_nss_flavour" >&6; } + case "$with_nss_flavour" in + glibc) +$as_echo "#define NSS_FLAVOUR_GLIBC 1" >>confdefs.h + ;; + solaris) +$as_echo "#define NSS_FLAVOUR_SOLARIS 1" >>confdefs.h + ;; + freebsd) +$as_echo "#define NSS_FLAVOUR_FREEBSD 1" >>confdefs.h + ;; + esac + NSS_FLAVOUR="$with_nss_flavour" + + + # check which module source files to use + { $as_echo "$as_me:${as_lineno-$LINENO}: checking which NSS maps to build" >&5 +$as_echo_n "checking which NSS maps to build... " >&6; } + if test "x$with_nss_maps" = "xall" + then + case "$with_nss_flavour" in + glibc) with_nss_maps="aliases,ethers,group,hosts,netgroup,networks,passwd,protocols,rpc,services,shadow" ;; + solaris) with_nss_maps="ethers,group,hosts,netgroup,networks,passwd,protocols,rpc,services,shadow" ;; + freebsd) with_nss_maps="group,hosts,passwd" ;; + esac + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $with_nss_maps" >&5 +$as_echo "$with_nss_maps" >&6; } + NSS_MODULE_OBJS="$(echo "$with_nss_maps " | sed 's/,/ /g;s/ */.$(OBJEXT) /g')" + + + # find out how to link the library + nss_ldap_so_LINK="\$(CCLD) \$(AM_CFLAGS) \$(CFLAGS) \$(nss_ldap_so_LDFLAGS) \$(LDFLAGS) -o \$@" + case "$target_os" in + solaris*) + if test "x$GCC" = xyes + then + nss_ldap_so_LINK="/usr/ccs/bin/ld -Bdirect -z nodelete -Bdynamic -M exports.map -G -o \$@" + else + nss_ldap_so_LDFLAGS="-Wl,-Bdirect -Wl,-z,nodelete -Wl,-Bdynamic -Wl,-M,exports.map -Wl,-G" + fi + ;; + *) + nss_ldap_so_LDFLAGS="-shared -Wl,-h,\$(NSS_LDAP_SONAME) -Wl,--version-script,exports.map" + ;; + esac + + + + # restore CFLAGS and LIBS + CFLAGS="$nss_save_CFLAGS" + LIBS="$nss_save_LIBS" +fi + +# PAM module-specific tests +if test "x$enable_pam" = "xyes" +then + # save CFLAGS and LIBS to restore later + pam_save_CFLAGS="$CFLAGS" + pam_save_LIBS="$LIBS" + + # check for headers + for ac_header in security/pam_appl.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "security/pam_appl.h" "ac_cv_header_security_pam_appl_h" "$ac_includes_default" +if test "x$ac_cv_header_security_pam_appl_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_SECURITY_PAM_APPL_H 1 +_ACEOF + +fi + +done + + for ac_header in security/pam_modules.h +do : + ac_fn_c_check_header_compile "$LINENO" "security/pam_modules.h" "ac_cv_header_security_pam_modules_h" " + #ifdef HAVE_SECURITY_PAM_APPL_H + #include + #endif + +" +if test "x$ac_cv_header_security_pam_modules_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_SECURITY_PAM_MODULES_H 1 +_ACEOF + +fi + +done + + for ac_header in pam/pam_modules.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "pam/pam_modules.h" "ac_cv_header_pam_pam_modules_h" "$ac_includes_default" +if test "x$ac_cv_header_pam_pam_modules_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_PAM_PAM_MODULES_H 1 +_ACEOF + +fi + +done + + for ac_header in security/pam_ext.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "security/pam_ext.h" "ac_cv_header_security_pam_ext_h" "$ac_includes_default" +if test "x$ac_cv_header_security_pam_ext_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_SECURITY_PAM_EXT_H 1 +_ACEOF + +fi + +done + + for ac_header in security/pam_modutil.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "security/pam_modutil.h" "ac_cv_header_security_pam_modutil_h" "$ac_includes_default" +if test "x$ac_cv_header_security_pam_modutil_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_SECURITY_PAM_MODUTIL_H 1 +_ACEOF + +fi + +done + + + # at least one of security/pam_modules.h or pam/pam_modules.h is required + if test "x$ac_cv_header_security_pam_modules_h" != "xyes" && \ + test "x$ac_cv_header_pam_pam_modules_h" != "xyes" + then + as_fn_error $? "PAM header files are missing" "$LINENO" 5 + fi + + # find pam library + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing pam_get_data" >&5 +$as_echo_n "checking for library containing pam_get_data... " >&6; } +if ${ac_cv_search_pam_get_data+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char pam_get_data (); +int +main () +{ +return pam_get_data (); + ; + return 0; +} +_ACEOF +for ac_lib in '' pam; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_pam_get_data=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search_pam_get_data+:} false; then : + break +fi +done +if ${ac_cv_search_pam_get_data+:} false; then : + +else + ac_cv_search_pam_get_data=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_pam_get_data" >&5 +$as_echo "$ac_cv_search_pam_get_data" >&6; } +ac_res=$ac_cv_search_pam_get_data +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +else + as_fn_error $? "no PAM library available" "$LINENO" 5 +fi + + + # replace some PAM functions if they are unavailable + ac_fn_c_check_func "$LINENO" "pam_get_authtok" "ac_cv_func_pam_get_authtok" +if test "x$ac_cv_func_pam_get_authtok" = xyes; then : + $as_echo "#define HAVE_PAM_GET_AUTHTOK 1" >>confdefs.h + +else + case " $LIBOBJS " in + *" pam_get_authtok.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS pam_get_authtok.$ac_objext" + ;; +esac + +fi + +ac_fn_c_check_func "$LINENO" "pam_prompt" "ac_cv_func_pam_prompt" +if test "x$ac_cv_func_pam_prompt" = xyes; then : + $as_echo "#define HAVE_PAM_PROMPT 1" >>confdefs.h + +else + case " $LIBOBJS " in + *" pam_prompt.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS pam_prompt.$ac_objext" + ;; +esac + +fi + + + for ac_func in pam_modutil_getpwnam pam_syslog +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + ac_fn_c_check_decl "$LINENO" "pam_info" "ac_cv_have_decl_pam_info" " + #ifdef HAVE_SECURITY_PAM_APPL_H + #include + #endif + #ifndef HAVE_PAM_PAM_MODULES_H + #include + #ifdef HAVE_SECURITY_PAM_EXT_H + #include + #endif + #else + #include + #endif + #ifdef HAVE_SECURITY_PAM_MODUTIL_H + #include + #endif +" +if test "x$ac_cv_have_decl_pam_info" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_PAM_INFO $ac_have_decl +_ACEOF +ac_fn_c_check_decl "$LINENO" "pam_error" "ac_cv_have_decl_pam_error" " + #ifdef HAVE_SECURITY_PAM_APPL_H + #include + #endif + #ifndef HAVE_PAM_PAM_MODULES_H + #include + #ifdef HAVE_SECURITY_PAM_EXT_H + #include + #endif + #else + #include + #endif + #ifdef HAVE_SECURITY_PAM_MODUTIL_H + #include + #endif +" +if test "x$ac_cv_have_decl_pam_error" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_PAM_ERROR $ac_have_decl +_ACEOF + + + # find out how to link the library + pam_ldap_so_LINK="\$(CCLD) \$(AM_CFLAGS) \$(CFLAGS) \$(pam_ldap_so_LDFLAGS) \$(LDFLAGS) -o \$@" + case "$target_os" in + solaris*) + if test "x$GCC" = xyes + then + pam_ldap_so_LINK="/usr/ccs/bin/ld -Bdirect -z nodelete -Bdynamic -M \$(srcdir)/pam_ldap.map -G -o \$@" + else + pam_ldap_so_LDFLAGS="-shared -Wl,-Bdirect -Wl,-z,nodelete -Wl,-Bdynamic -Wl,-M,\$(srcdir)/pam_ldap.map -Wl,-G" + fi + ;; + *) + pam_ldap_so_LDFLAGS="-shared -Wl,--version-script,\$(srcdir)/pam_ldap.map" + ;; + esac + + + + # check argument type of pam_get_item() + { $as_echo "$as_me:${as_lineno-$LINENO}: checking argument type of pam_get_item" >&5 +$as_echo_n "checking argument type of pam_get_item... " >&6; } +if ${nss_pam_ldapd_cv_pam_get_item_arg3_type+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #ifdef HAVE_SECURITY_PAM_APPL_H + #include + #endif + #ifndef HAVE_PAM_PAM_MODULES_H + #include + #ifdef HAVE_SECURITY_PAM_EXT_H + #include + #endif + #else + #include + #endif + #ifdef HAVE_SECURITY_PAM_MODUTIL_H + #include + #endif + extern int pam_get_item(const pam_handle_t *pamh, int item_type, const void **item); + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + nss_pam_ldapd_cv_pam_get_item_arg3_type="const void **" +else + nss_pam_ldapd_cv_pam_get_item_arg3_type="void **" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $nss_pam_ldapd_cv_pam_get_item_arg3_type" >&5 +$as_echo "$nss_pam_ldapd_cv_pam_get_item_arg3_type" >&6; } + PAM_ITEM_CONST="" + if test "$nss_pam_ldapd_cv_pam_get_item_arg3_type" = "const void **" + then + PAM_ITEM_CONST="const" + fi + +cat >>confdefs.h <<_ACEOF +#define PAM_ITEM_CONST $PAM_ITEM_CONST +_ACEOF + + + # restore CFLAGS and LIBS + CFLAGS="$pam_save_CFLAGS" + LIBS="$pam_save_LIBS" +fi + +# utils-specific tests +if test "x$enable_utils" = "xyes" +then + # check Python interpreter + + + + + + + if test -n "$PYTHON"; then + # If the user set $PYTHON, use it and don't search something else. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $PYTHON version is >= 2.5" >&5 +$as_echo_n "checking whether $PYTHON version is >= 2.5... " >&6; } + prog="import sys +# split strings by '.' and convert to numeric. Append some zeros +# because we need at least 4 digits for the hex conversion. +# map returns an iterator in Python 3.0 and a list in 2.x +minver = list(map(int, '2.5'.split('.'))) + [0, 0, 0] +minverhex = 0 +# xrange is not present in Python 3.0 and range returns an iterator +for i in list(range(0, 4)): minverhex = (minverhex << 8) + minver[i] +sys.exit(sys.hexversion < minverhex)" + if { echo "$as_me:$LINENO: $PYTHON -c "$prog"" >&5 + ($PYTHON -c "$prog") >&5 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + as_fn_error $? "Python interpreter is too old" "$LINENO" 5 +fi + am_display_PYTHON=$PYTHON + else + # Otherwise, try each interpreter until we find one that satisfies + # VERSION. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a Python interpreter with version >= 2.5" >&5 +$as_echo_n "checking for a Python interpreter with version >= 2.5... " >&6; } +if ${am_cv_pathless_PYTHON+:} false; then : + $as_echo_n "(cached) " >&6 +else + + for am_cv_pathless_PYTHON in python python2 python3 python3.8 python3.7 python3.6 python3.5 python3.4 python3.3 python3.2 python3.1 python3.0 python2.7 python2.6 python2.5 python2.4 python2.3 python2.2 python2.1 python2.0 none; do + test "$am_cv_pathless_PYTHON" = none && break + prog="import sys +# split strings by '.' and convert to numeric. Append some zeros +# because we need at least 4 digits for the hex conversion. +# map returns an iterator in Python 3.0 and a list in 2.x +minver = list(map(int, '2.5'.split('.'))) + [0, 0, 0] +minverhex = 0 +# xrange is not present in Python 3.0 and range returns an iterator +for i in list(range(0, 4)): minverhex = (minverhex << 8) + minver[i] +sys.exit(sys.hexversion < minverhex)" + if { echo "$as_me:$LINENO: $am_cv_pathless_PYTHON -c "$prog"" >&5 + ($am_cv_pathless_PYTHON -c "$prog") >&5 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; then : + break +fi + done +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_pathless_PYTHON" >&5 +$as_echo "$am_cv_pathless_PYTHON" >&6; } + # Set $PYTHON to the absolute path of $am_cv_pathless_PYTHON. + if test "$am_cv_pathless_PYTHON" = none; then + PYTHON=: + else + # Extract the first word of "$am_cv_pathless_PYTHON", so it can be a program name with args. +set dummy $am_cv_pathless_PYTHON; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_PYTHON+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $PYTHON in + [\\/]* | ?:[\\/]*) + ac_cv_path_PYTHON="$PYTHON" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PYTHON="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +PYTHON=$ac_cv_path_PYTHON +if test -n "$PYTHON"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PYTHON" >&5 +$as_echo "$PYTHON" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + fi + am_display_PYTHON=$am_cv_pathless_PYTHON + fi + + + if test "$PYTHON" = :; then + as_fn_error $? "Python is required" "$LINENO" 5 + else + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $am_display_PYTHON version" >&5 +$as_echo_n "checking for $am_display_PYTHON version... " >&6; } +if ${am_cv_python_version+:} false; then : + $as_echo_n "(cached) " >&6 +else + am_cv_python_version=`$PYTHON -c "import sys; sys.stdout.write(sys.version[:3])"` +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_python_version" >&5 +$as_echo "$am_cv_python_version" >&6; } + PYTHON_VERSION=$am_cv_python_version + + + + PYTHON_PREFIX='${prefix}' + + PYTHON_EXEC_PREFIX='${exec_prefix}' + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $am_display_PYTHON platform" >&5 +$as_echo_n "checking for $am_display_PYTHON platform... " >&6; } +if ${am_cv_python_platform+:} false; then : + $as_echo_n "(cached) " >&6 +else + am_cv_python_platform=`$PYTHON -c "import sys; sys.stdout.write(sys.platform)"` +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_python_platform" >&5 +$as_echo "$am_cv_python_platform" >&6; } + PYTHON_PLATFORM=$am_cv_python_platform + + + # Just factor out some code duplication. + am_python_setup_sysconfig="\ +import sys +# Prefer sysconfig over distutils.sysconfig, for better compatibility +# with python 3.x. See automake bug#10227. +try: + import sysconfig +except ImportError: + can_use_sysconfig = 0 +else: + can_use_sysconfig = 1 +# Can't use sysconfig in CPython 2.7, since it's broken in virtualenvs: +# +try: + from platform import python_implementation + if python_implementation() == 'CPython' and sys.version[:3] == '2.7': + can_use_sysconfig = 0 +except ImportError: + pass" + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $am_display_PYTHON script directory" >&5 +$as_echo_n "checking for $am_display_PYTHON script directory... " >&6; } +if ${am_cv_python_pythondir+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "x$prefix" = xNONE + then + am_py_prefix=$ac_default_prefix + else + am_py_prefix=$prefix + fi + am_cv_python_pythondir=`$PYTHON -c " +$am_python_setup_sysconfig +if can_use_sysconfig: + sitedir = sysconfig.get_path('purelib', vars={'base':'$am_py_prefix'}) +else: + from distutils import sysconfig + sitedir = sysconfig.get_python_lib(0, 0, prefix='$am_py_prefix') +sys.stdout.write(sitedir)"` + case $am_cv_python_pythondir in + $am_py_prefix*) + am__strip_prefix=`echo "$am_py_prefix" | sed 's|.|.|g'` + am_cv_python_pythondir=`echo "$am_cv_python_pythondir" | sed "s,^$am__strip_prefix,$PYTHON_PREFIX,"` + ;; + *) + case $am_py_prefix in + /usr|/System*) ;; + *) + am_cv_python_pythondir=$PYTHON_PREFIX/lib/python$PYTHON_VERSION/site-packages + ;; + esac + ;; + esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_python_pythondir" >&5 +$as_echo "$am_cv_python_pythondir" >&6; } + pythondir=$am_cv_python_pythondir + + + + pkgpythondir=\${pythondir}/$PACKAGE + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $am_display_PYTHON extension module directory" >&5 +$as_echo_n "checking for $am_display_PYTHON extension module directory... " >&6; } +if ${am_cv_python_pyexecdir+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "x$exec_prefix" = xNONE + then + am_py_exec_prefix=$am_py_prefix + else + am_py_exec_prefix=$exec_prefix + fi + am_cv_python_pyexecdir=`$PYTHON -c " +$am_python_setup_sysconfig +if can_use_sysconfig: + sitedir = sysconfig.get_path('platlib', vars={'platbase':'$am_py_prefix'}) +else: + from distutils import sysconfig + sitedir = sysconfig.get_python_lib(1, 0, prefix='$am_py_prefix') +sys.stdout.write(sitedir)"` + case $am_cv_python_pyexecdir in + $am_py_exec_prefix*) + am__strip_prefix=`echo "$am_py_exec_prefix" | sed 's|.|.|g'` + am_cv_python_pyexecdir=`echo "$am_cv_python_pyexecdir" | sed "s,^$am__strip_prefix,$PYTHON_EXEC_PREFIX,"` + ;; + *) + case $am_py_exec_prefix in + /usr|/System*) ;; + *) + am_cv_python_pyexecdir=$PYTHON_EXEC_PREFIX/lib/python$PYTHON_VERSION/site-packages + ;; + esac + ;; + esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_python_pyexecdir" >&5 +$as_echo "$am_cv_python_pyexecdir" >&6; } + pyexecdir=$am_cv_python_pyexecdir + + + + pkgpyexecdir=\${pyexecdir}/$PACKAGE + + + + fi + + + + if test -z $PYTHON; + then + PYTHON="python" + fi + PYTHON_NAME=`basename $PYTHON` + { $as_echo "$as_me:${as_lineno-$LINENO}: checking $PYTHON_NAME module: argparse" >&5 +$as_echo_n "checking $PYTHON_NAME module: argparse... " >&6; } + $PYTHON -c "import argparse" 2>/dev/null + if test $? -eq 0; + then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + eval HAVE_PYMOD_ARGPARSE=yes + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + eval HAVE_PYMOD_ARGPARSE=no + # + if test -n "" + then + as_fn_error $? "failed to find required module argparse" "$LINENO" 5 + exit 1 + fi + fi + + if test "x$HAVE_PYMOD_ARGPARSE" != "xyes" + then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Required Python modules missing" >&5 +$as_echo "$as_me: WARNING: Required Python modules missing" >&2;} + fi +fi + +# nslcd daemon-specific tests +if test "x$enable_nslcd" = "xyes" +then + # save CFLAGS and LIBS to restore later + nslcd_save_CFLAGS="$CFLAGS" + nslcd_save_LIBS="$LIBS" + + # check header files + for ac_header in lber.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "lber.h" "ac_cv_header_lber_h" "$ac_includes_default" +if test "x$ac_cv_header_lber_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_LBER_H 1 +_ACEOF + +fi + +done + + for ac_header in ldap.h +do : + ac_fn_c_check_header_compile "$LINENO" "ldap.h" "ac_cv_header_ldap_h" " + #if HAVE_LBER_H + #include + #endif + +" +if test "x$ac_cv_header_ldap_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_LDAP_H 1 +_ACEOF + +else + test "x$enable_nslcd" = "xyes" && as_fn_error $? "could not locate " "$LINENO" 5 +fi + +done + + for ac_header in ldap_ssl.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "ldap_ssl.h" "ac_cv_header_ldap_ssl_h" "$ac_includes_default" +if test "x$ac_cv_header_ldap_ssl_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_LDAP_SSL_H 1 +_ACEOF + +fi + +done + + for ac_header in gssldap.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "gssldap.h" "ac_cv_header_gssldap_h" "$ac_includes_default" +if test "x$ac_cv_header_gssldap_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_GSSLDAP_H 1 +_ACEOF + +fi + +done + + if test "x$enable_sasl" = "xyes" + then + for ac_header in sasl.h sasl/sasl.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + + for ac_header in gsssasl.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "gsssasl.h" "ac_cv_header_gsssasl_h" "$ac_includes_default" +if test "x$ac_cv_header_gsssasl_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_GSSSASL_H 1 +_ACEOF + +fi + +done + + fi + if test "x$enable_kerberos" = "xyes" + then + for ac_header in gssapi/gssapi.h gssapi/gssapi_generic.h gssapi/gssapi_krb5.h gssapi.h krb5.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + + fi + for ac_header in regex.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "regex.h" "ac_cv_header_regex_h" "$ac_includes_default" +if test "x$ac_cv_header_regex_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_REGEX_H 1 +_ACEOF + +fi + +done + + + # checks for availability of system libraries for nslcd + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing gethostbyname" >&5 +$as_echo_n "checking for library containing gethostbyname... " >&6; } +if ${ac_cv_search_gethostbyname+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char gethostbyname (); +int +main () +{ +return gethostbyname (); + ; + return 0; +} +_ACEOF +for ac_lib in '' nsl socket; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_gethostbyname=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search_gethostbyname+:} false; then : + break +fi +done +if ${ac_cv_search_gethostbyname+:} false; then : + +else + ac_cv_search_gethostbyname=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_gethostbyname" >&5 +$as_echo "$ac_cv_search_gethostbyname" >&6; } +ac_res=$ac_cv_search_gethostbyname +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing hstrerror" >&5 +$as_echo_n "checking for library containing hstrerror... " >&6; } +if ${ac_cv_search_hstrerror+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char hstrerror (); +int +main () +{ +return hstrerror (); + ; + return 0; +} +_ACEOF +for ac_lib in '' resolv; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_hstrerror=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search_hstrerror+:} false; then : + break +fi +done +if ${ac_cv_search_hstrerror+:} false; then : + +else + ac_cv_search_hstrerror=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_hstrerror" >&5 +$as_echo "$ac_cv_search_hstrerror" >&6; } +ac_res=$ac_cv_search_hstrerror +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing dlopen" >&5 +$as_echo_n "checking for library containing dlopen... " >&6; } +if ${ac_cv_search_dlopen+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char dlopen (); +int +main () +{ +return dlopen (); + ; + return 0; +} +_ACEOF +for ac_lib in '' dl; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_dlopen=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search_dlopen+:} false; then : + break +fi +done +if ${ac_cv_search_dlopen+:} false; then : + +else + ac_cv_search_dlopen=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_dlopen" >&5 +$as_echo "$ac_cv_search_dlopen" >&6; } +ac_res=$ac_cv_search_dlopen +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + + + # check for availability of functions + for ac_func in initgroups setgroups execvp execvpe +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in getpeereid +do : + ac_fn_c_check_func "$LINENO" "getpeereid" "ac_cv_func_getpeereid" +if test "x$ac_cv_func_getpeereid" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_GETPEEREID 1 +_ACEOF + +fi +done + + for ac_func in getpeerucred +do : + ac_fn_c_check_func "$LINENO" "getpeerucred" "ac_cv_func_getpeerucred" +if test "x$ac_cv_func_getpeerucred" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_GETPEERUCRED 1 +_ACEOF + +fi +done + + for ac_func in __nss_configure_lookup +do : + ac_fn_c_check_func "$LINENO" "__nss_configure_lookup" "ac_cv_func___nss_configure_lookup" +if test "x$ac_cv_func___nss_configure_lookup" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE___NSS_CONFIGURE_LOOKUP 1 +_ACEOF + +fi +done + + for ac_func in getenv putenv clearenv +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in dlopen dlsym dlerror +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in regcomp regexec regerror +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in hstrerror +do : + ac_fn_c_check_func "$LINENO" "hstrerror" "ac_cv_func_hstrerror" +if test "x$ac_cv_func_hstrerror" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_HSTRERROR 1 +_ACEOF + +fi +done + + + # replace some functions if they are not on the system + ac_fn_c_check_func "$LINENO" "getopt_long" "ac_cv_func_getopt_long" +if test "x$ac_cv_func_getopt_long" = xyes; then : + $as_echo "#define HAVE_GETOPT_LONG 1" >>confdefs.h + +else + case " $LIBOBJS " in + *" getopt_long.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS getopt_long.$ac_objext" + ;; +esac + +fi + + + ac_fn_c_check_func "$LINENO" "strndup" "ac_cv_func_strndup" +if test "x$ac_cv_func_strndup" = xyes; then : + $as_echo "#define HAVE_STRNDUP 1" >>confdefs.h + +else + case " $LIBOBJS " in + *" strndup.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS strndup.$ac_objext" + ;; +esac + +fi + + + + # replace ether_aton_r() if not found + for ac_func in ether_aton_r +do : + ac_fn_c_check_func "$LINENO" "ether_aton_r" "ac_cv_func_ether_aton_r" +if test "x$ac_cv_func_ether_aton_r" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_ETHER_ATON_R 1 +_ACEOF + +else + case " $LIBOBJS " in + *" ether.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS ether.$ac_objext" + ;; +esac + +fi +done + + + # check to see if struct sockaddr_storage is defined + ac_fn_c_check_type "$LINENO" "struct sockaddr_storage" "ac_cv_type_struct_sockaddr_storage" " + #include + #include +" +if test "x$ac_cv_type_struct_sockaddr_storage" = xyes; then : + +else + +$as_echo "#define sockaddr_storage sockaddr_in" >>confdefs.h + +fi + + + # check for support for the struct ucred structure + ac_fn_c_check_type "$LINENO" "struct ucred" "ac_cv_type_struct_ucred" " + #include + #include + #include +" +if test "x$ac_cv_type_struct_ucred" = xyes; then : + +$as_echo "#define HAVE_STRUCT_UCRED 1" >>confdefs.h + +fi + + + # check threading stuff + + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + +ax_pthread_ok=no + +# We used to check for pthread.h first, but this fails if pthread.h +# requires special compiler flags (e.g. on True64 or Sequent). +# It gets checked for in the link test anyway. + +# First of all, check if the user has set any of the PTHREAD_LIBS, +# etcetera environment variables, and if threads linking works using +# them: +if test x"$PTHREAD_LIBS$PTHREAD_CFLAGS" != x; then + save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $PTHREAD_CFLAGS" + save_LIBS="$LIBS" + LIBS="$PTHREAD_LIBS $LIBS" + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_join in LIBS=$PTHREAD_LIBS with CFLAGS=$PTHREAD_CFLAGS" >&5 +$as_echo_n "checking for pthread_join in LIBS=$PTHREAD_LIBS with CFLAGS=$PTHREAD_CFLAGS... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char pthread_join (); +int +main () +{ +return pthread_join (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ax_pthread_ok=yes +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_pthread_ok" >&5 +$as_echo "$ax_pthread_ok" >&6; } + if test x"$ax_pthread_ok" = xno; then + PTHREAD_LIBS="" + PTHREAD_CFLAGS="" + fi + LIBS="$save_LIBS" + CFLAGS="$save_CFLAGS" +fi + +# We must check for the threads library under a number of different +# names; the ordering is very important because some systems +# (e.g. DEC) have both -lpthread and -lpthreads, where one of the +# libraries is broken (non-POSIX). + +# Create a list of thread flags to try. Items starting with a "-" are +# C compiler flags, and other items are library names, except for "none" +# which indicates that we try without any flags at all, and "pthread-config" +# which is a program returning the flags for the Pth emulation library. + +ax_pthread_flags="pthreads none -Kthread -kthread lthread -pthread -pthreads -mthreads pthread --thread-safe -mt pthread-config" + +# The ordering *is* (sometimes) important. Some notes on the +# individual items follow: + +# pthreads: AIX (must check this before -lpthread) +# none: in case threads are in libc; should be tried before -Kthread and +# other compiler flags to prevent continual compiler warnings +# -Kthread: Sequent (threads in libc, but -Kthread needed for pthread.h) +# -kthread: FreeBSD kernel threads (preferred to -pthread since SMP-able) +# lthread: LinuxThreads port on FreeBSD (also preferred to -pthread) +# -pthread: Linux/gcc (kernel threads), BSD/gcc (userland threads) +# -pthreads: Solaris/gcc +# -mthreads: Mingw32/gcc, Lynx/gcc +# -mt: Sun Workshop C (may only link SunOS threads [-lthread], but it +# doesn't hurt to check since this sometimes defines pthreads too; +# also defines -D_REENTRANT) +# ... -mt is also the pthreads flag for HP/aCC +# pthread: Linux, etcetera +# --thread-safe: KAI C++ +# pthread-config: use pthread-config program (for GNU Pth library) + +case ${host_os} in + solaris*) + + # On Solaris (at least, for some versions), libc contains stubbed + # (non-functional) versions of the pthreads routines, so link-based + # tests will erroneously succeed. (We need to link with -pthreads/-mt/ + # -lpthread.) (The stubs are missing pthread_cleanup_push, or rather + # a function called by this macro, so we could check for that, but + # who knows whether they'll stub that too in a future libc.) So, + # we'll just look for -pthreads and -lpthread first: + + ax_pthread_flags="-pthreads pthread -mt -pthread $ax_pthread_flags" + ;; + + darwin*) + ax_pthread_flags="-pthread $ax_pthread_flags" + ;; +esac + +# Clang doesn't consider unrecognized options an error unless we specify +# -Werror. We throw in some extra Clang-specific options to ensure that +# this doesn't happen for GCC, which also accepts -Werror. + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if compiler needs -Werror to reject unknown flags" >&5 +$as_echo_n "checking if compiler needs -Werror to reject unknown flags... " >&6; } +save_CFLAGS="$CFLAGS" +ax_pthread_extra_flags="-Werror" +CFLAGS="$CFLAGS $ax_pthread_extra_flags -Wunknown-warning-option -Wsizeof-array-argument" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int foo(void); +int +main () +{ +foo() + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else + ax_pthread_extra_flags= + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +CFLAGS="$save_CFLAGS" + +if test x"$ax_pthread_ok" = xno; then +for flag in $ax_pthread_flags; do + + case $flag in + none) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether pthreads work without any flags" >&5 +$as_echo_n "checking whether pthreads work without any flags... " >&6; } + ;; + + -*) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether pthreads work with $flag" >&5 +$as_echo_n "checking whether pthreads work with $flag... " >&6; } + PTHREAD_CFLAGS="$flag" + ;; + + pthread-config) + # Extract the first word of "pthread-config", so it can be a program name with args. +set dummy pthread-config; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ax_pthread_config+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ax_pthread_config"; then + ac_cv_prog_ax_pthread_config="$ax_pthread_config" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ax_pthread_config="yes" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + test -z "$ac_cv_prog_ax_pthread_config" && ac_cv_prog_ax_pthread_config="no" +fi +fi +ax_pthread_config=$ac_cv_prog_ax_pthread_config +if test -n "$ax_pthread_config"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_pthread_config" >&5 +$as_echo "$ax_pthread_config" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + if test x"$ax_pthread_config" = xno; then continue; fi + PTHREAD_CFLAGS="`pthread-config --cflags`" + PTHREAD_LIBS="`pthread-config --ldflags` `pthread-config --libs`" + ;; + + *) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for the pthreads library -l$flag" >&5 +$as_echo_n "checking for the pthreads library -l$flag... " >&6; } + PTHREAD_LIBS="-l$flag" + ;; + esac + + save_LIBS="$LIBS" + save_CFLAGS="$CFLAGS" + LIBS="$PTHREAD_LIBS $LIBS" + CFLAGS="$CFLAGS $PTHREAD_CFLAGS $ax_pthread_extra_flags" + + # Check for various functions. We must include pthread.h, + # since some functions may be macros. (On the Sequent, we + # need a special flag -Kthread to make this header compile.) + # We check for pthread_join because it is in -lpthread on IRIX + # while pthread_create is in libc. We check for pthread_attr_init + # due to DEC craziness with -lpthreads. We check for + # pthread_cleanup_push because it is one of the few pthread + # functions on Solaris that doesn't have a non-functional libc stub. + # We try pthread_create on general principles. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + static void routine(void *a) { a = 0; } + static void *start_routine(void *a) { return a; } +int +main () +{ +pthread_t th; pthread_attr_t attr; + pthread_create(&th, 0, start_routine, 0); + pthread_join(th, 0); + pthread_attr_init(&attr); + pthread_cleanup_push(routine, 0); + pthread_cleanup_pop(0) /* ; */ + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ax_pthread_ok=yes +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + + LIBS="$save_LIBS" + CFLAGS="$save_CFLAGS" + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_pthread_ok" >&5 +$as_echo "$ax_pthread_ok" >&6; } + if test "x$ax_pthread_ok" = xyes; then + break; + fi + + PTHREAD_LIBS="" + PTHREAD_CFLAGS="" +done +fi + +# Various other checks: +if test "x$ax_pthread_ok" = xyes; then + save_LIBS="$LIBS" + LIBS="$PTHREAD_LIBS $LIBS" + save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $PTHREAD_CFLAGS" + + # Detect AIX lossage: JOINABLE attribute is called UNDETACHED. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for joinable pthread attribute" >&5 +$as_echo_n "checking for joinable pthread attribute... " >&6; } + attr_name=unknown + for attr in PTHREAD_CREATE_JOINABLE PTHREAD_CREATE_UNDETACHED; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +int attr = $attr; return attr /* ; */ + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + attr_name=$attr; break +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + done + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $attr_name" >&5 +$as_echo "$attr_name" >&6; } + if test "$attr_name" != PTHREAD_CREATE_JOINABLE; then + +cat >>confdefs.h <<_ACEOF +#define PTHREAD_CREATE_JOINABLE $attr_name +_ACEOF + + fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if more special flags are required for pthreads" >&5 +$as_echo_n "checking if more special flags are required for pthreads... " >&6; } + flag=no + case ${host_os} in + aix* | freebsd* | darwin*) flag="-D_THREAD_SAFE";; + osf* | hpux*) flag="-D_REENTRANT";; + solaris*) + if test "$GCC" = "yes"; then + flag="-D_REENTRANT" + else + # TODO: What about Clang on Solaris? + flag="-mt -D_REENTRANT" + fi + ;; + esac + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $flag" >&5 +$as_echo "$flag" >&6; } + if test "x$flag" != xno; then + PTHREAD_CFLAGS="$flag $PTHREAD_CFLAGS" + fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for PTHREAD_PRIO_INHERIT" >&5 +$as_echo_n "checking for PTHREAD_PRIO_INHERIT... " >&6; } +if ${ax_cv_PTHREAD_PRIO_INHERIT+:} false; then : + $as_echo_n "(cached) " >&6 +else + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +int i = PTHREAD_PRIO_INHERIT; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ax_cv_PTHREAD_PRIO_INHERIT=yes +else + ax_cv_PTHREAD_PRIO_INHERIT=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_PTHREAD_PRIO_INHERIT" >&5 +$as_echo "$ax_cv_PTHREAD_PRIO_INHERIT" >&6; } + if test "x$ax_cv_PTHREAD_PRIO_INHERIT" = "xyes"; then : + +$as_echo "#define HAVE_PTHREAD_PRIO_INHERIT 1" >>confdefs.h + +fi + + LIBS="$save_LIBS" + CFLAGS="$save_CFLAGS" + + # More AIX lossage: compile with *_r variant + if test "x$GCC" != xyes; then + case $host_os in + aix*) + case "x/$CC" in #( + x*/c89|x*/c89_128|x*/c99|x*/c99_128|x*/cc|x*/cc128|x*/xlc|x*/xlc_v6|x*/xlc128|x*/xlc128_v6) : + #handle absolute path differently from PATH based program lookup + case "x$CC" in #( + x/*) : + if as_fn_executable_p ${CC}_r; then : + PTHREAD_CC="${CC}_r" +fi ;; #( + *) : + for ac_prog in ${CC}_r +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_PTHREAD_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$PTHREAD_CC"; then + ac_cv_prog_PTHREAD_CC="$PTHREAD_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_PTHREAD_CC="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +PTHREAD_CC=$ac_cv_prog_PTHREAD_CC +if test -n "$PTHREAD_CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PTHREAD_CC" >&5 +$as_echo "$PTHREAD_CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$PTHREAD_CC" && break +done +test -n "$PTHREAD_CC" || PTHREAD_CC="$CC" + ;; +esac ;; #( + *) : + ;; +esac + ;; + esac + fi +fi + +test -n "$PTHREAD_CC" || PTHREAD_CC="$CC" + + + + + +# Finally, execute ACTION-IF-FOUND/ACTION-IF-NOT-FOUND: +if test x"$ax_pthread_ok" = xyes; then + +$as_echo "#define HAVE_PTHREAD 1" >>confdefs.h + + : +else + ax_pthread_ok=no + as_fn_error $? "no support for pthreads" "$LINENO" 5 +fi +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + + pthread_save_CFLAGS="$CFLAGS" + pthread_save_LIBS="$LIBS" + CFLAGS="$CFLAGS $PTHREAD_CFLAGS" + LIBS="$LIBS $PTHREAD_LIBS" + for ac_func in pthread_mutex_lock pthread_join pthread_timedjoin_np pthread_atfork +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + CFLAGS="$pthread_save_CFLAGS" + LIBS="$pthread_save_LIBS" + + # also use deprecated LDAP functions + +$as_echo "#define LDAP_DEPRECATED 1" >>confdefs.h + + # for compatibility on Solaris + +$as_echo "#define LDAP_REFERRALS 1" >>confdefs.h + + + # search for an LDAP library (only OpenLDAP is tested) + +# Check whether --with-ldap-lib was given. +if test "${with_ldap_lib+set}" = set; then : + withval=$with_ldap_lib; +fi + + if test -z "$with_ldap_lib" + then + with_ldap_lib=auto + fi + if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = umich -o $with_ldap_lib = openldap \) + then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing ldap_search_ext" >&5 +$as_echo_n "checking for library containing ldap_search_ext... " >&6; } +if ${ac_cv_search_ldap_search_ext+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char ldap_search_ext (); +int +main () +{ +return ldap_search_ext (); + ; + return 0; +} +_ACEOF +for ac_lib in '' ldap_r ldap; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_ldap_search_ext=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search_ldap_search_ext+:} false; then : + break +fi +done +if ${ac_cv_search_ldap_search_ext+:} false; then : + +else + ac_cv_search_ldap_search_ext=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_ldap_search_ext" >&5 +$as_echo "$ac_cv_search_ldap_search_ext" >&6; } +ac_res=$ac_cv_search_ldap_search_ext +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + found_ldap_lib=yes +fi + + fi + if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = netscape5 \) + then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for main in -lldap50" >&5 +$as_echo_n "checking for main in -lldap50... " >&6; } +if ${ac_cv_lib_ldap50_main+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lldap50 -lpthread $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + +int +main () +{ +return main (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_ldap50_main=yes +else + ac_cv_lib_ldap50_main=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ldap50_main" >&5 +$as_echo "$ac_cv_lib_ldap50_main" >&6; } +if test "x$ac_cv_lib_ldap50_main" = xyes; then : + LIBS="-lldap50 -lssldap50 -lssl3 -lnss3 -lnspr4 -lprldap50 -lplc4 -lplds4 $LIBS" found_ldap_lib=yes +fi + + fi + if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = netscape4 \) + then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for main in -lldapssl41" >&5 +$as_echo_n "checking for main in -lldapssl41... " >&6; } +if ${ac_cv_lib_ldapssl41_main+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lldapssl41 -lpthread $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + +int +main () +{ +return main (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_ldapssl41_main=yes +else + ac_cv_lib_ldapssl41_main=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ldapssl41_main" >&5 +$as_echo "$ac_cv_lib_ldapssl41_main" >&6; } +if test "x$ac_cv_lib_ldapssl41_main" = xyes; then : + LIBS="-lldapssl41 -lplc3 -lplds3 -lnspr3 $LIBS" found_ldap_lib=yes +fi + + if test -z "$found_ldap_lib" + then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for main in -lldapssl40" >&5 +$as_echo_n "checking for main in -lldapssl40... " >&6; } +if ${ac_cv_lib_ldapssl40_main+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lldapssl40 -lpthread $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + +int +main () +{ +return main (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_ldapssl40_main=yes +else + ac_cv_lib_ldapssl40_main=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ldapssl40_main" >&5 +$as_echo "$ac_cv_lib_ldapssl40_main" >&6; } +if test "x$ac_cv_lib_ldapssl40_main" = xyes; then : + LIBS="-lldapssl40 $LIBS" found_ldap_lib=yes +fi + + fi + if test -z "$found_ldap_lib" + then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for main in -lldap41" >&5 +$as_echo_n "checking for main in -lldap41... " >&6; } +if ${ac_cv_lib_ldap41_main+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lldap41 $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + +int +main () +{ +return main (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_ldap41_main=yes +else + ac_cv_lib_ldap41_main=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ldap41_main" >&5 +$as_echo "$ac_cv_lib_ldap41_main" >&6; } +if test "x$ac_cv_lib_ldap41_main" = xyes; then : + LIBS="-lldap41 $LIBS" found_ldap_lib=yes +fi + + fi + if test -z "$found_ldap_lib" + then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for main in -lldap40" >&5 +$as_echo_n "checking for main in -lldap40... " >&6; } +if ${ac_cv_lib_ldap40_main+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lldap40 $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + +int +main () +{ +return main (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_ldap40_main=yes +else + ac_cv_lib_ldap40_main=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ldap40_main" >&5 +$as_echo "$ac_cv_lib_ldap40_main" >&6; } +if test "x$ac_cv_lib_ldap40_main" = xyes; then : + LIBS="-lldap40 $LIBS" found_ldap_lib=yes +fi + + fi + fi + if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = netscape3 \) + then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for main in -lldapssl30" >&5 +$as_echo_n "checking for main in -lldapssl30... " >&6; } +if ${ac_cv_lib_ldapssl30_main+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lldapssl30 -lpthread $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + +int +main () +{ +return main (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_ldapssl30_main=yes +else + ac_cv_lib_ldapssl30_main=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ldapssl30_main" >&5 +$as_echo "$ac_cv_lib_ldapssl30_main" >&6; } +if test "x$ac_cv_lib_ldapssl30_main" = xyes; then : + LIBS="-lldapssl30 $LIBS" found_ldap_lib=yes +fi + + fi + for ac_func in ldap_search_ext +do : + ac_fn_c_check_func "$LINENO" "ldap_search_ext" "ac_cv_func_ldap_search_ext" +if test "x$ac_cv_func_ldap_search_ext" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_LDAP_SEARCH_EXT 1 +_ACEOF + +else + as_fn_error $? "could not locate a valid LDAP library" "$LINENO" 5 +fi +done + + + # see if we need a BER library + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing ber_bvfree" >&5 +$as_echo_n "checking for library containing ber_bvfree... " >&6; } +if ${ac_cv_search_ber_bvfree+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char ber_bvfree (); +int +main () +{ +return ber_bvfree (); + ; + return 0; +} +_ACEOF +for ac_lib in '' lber; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_ber_bvfree=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search_ber_bvfree+:} false; then : + break +fi +done +if ${ac_cv_search_ber_bvfree+:} false; then : + +else + ac_cv_search_ber_bvfree=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_ber_bvfree" >&5 +$as_echo "$ac_cv_search_ber_bvfree" >&6; } +ac_res=$ac_cv_search_ber_bvfree +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + + + # check for extra SASL libraries + if test "$enable_sasl" = "yes" + then + ac_fn_c_check_type "$LINENO" "sasl_interact_t" "ac_cv_type_sasl_interact_t" " + #ifdef HAVE_SASL_SASL_H + #include + #elif defined(HAVE_SASL_H) + #include + #endif +" +if test "x$ac_cv_type_sasl_interact_t" = xyes; then : + +$as_echo "#define HAVE_SASL_INTERACT_T 1" >>confdefs.h + +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing ldap_sasl_interactive_bind_s" >&5 +$as_echo_n "checking for library containing ldap_sasl_interactive_bind_s... " >&6; } +if ${ac_cv_search_ldap_sasl_interactive_bind_s+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char ldap_sasl_interactive_bind_s (); +int +main () +{ +return ldap_sasl_interactive_bind_s (); + ; + return 0; +} +_ACEOF +for ac_lib in '' sasl2; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_ldap_sasl_interactive_bind_s=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search_ldap_sasl_interactive_bind_s+:} false; then : + break +fi +done +if ${ac_cv_search_ldap_sasl_interactive_bind_s+:} false; then : + +else + ac_cv_search_ldap_sasl_interactive_bind_s=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_ldap_sasl_interactive_bind_s" >&5 +$as_echo "$ac_cv_search_ldap_sasl_interactive_bind_s" >&6; } +ac_res=$ac_cv_search_ldap_sasl_interactive_bind_s +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + + for ac_func in ldap_sasl_interactive_bind_s +do : + ac_fn_c_check_func "$LINENO" "ldap_sasl_interactive_bind_s" "ac_cv_func_ldap_sasl_interactive_bind_s" +if test "x$ac_cv_func_ldap_sasl_interactive_bind_s" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_LDAP_SASL_INTERACTIVE_BIND_S 1 +_ACEOF + +fi +done + + fi + + # check for extra Kerberos libraries + if test "$enable_kerberos" = "yes" + then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing gss_krb5_ccache_name" >&5 +$as_echo_n "checking for library containing gss_krb5_ccache_name... " >&6; } +if ${ac_cv_search_gss_krb5_ccache_name+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char gss_krb5_ccache_name (); +int +main () +{ +return gss_krb5_ccache_name (); + ; + return 0; +} +_ACEOF +for ac_lib in '' gssapi gssapi_krb5; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_gss_krb5_ccache_name=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search_gss_krb5_ccache_name+:} false; then : + break +fi +done +if ${ac_cv_search_gss_krb5_ccache_name+:} false; then : + +else + ac_cv_search_gss_krb5_ccache_name=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_gss_krb5_ccache_name" >&5 +$as_echo "$ac_cv_search_gss_krb5_ccache_name" >&6; } +ac_res=$ac_cv_search_gss_krb5_ccache_name +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + + for ac_func in gss_krb5_ccache_name +do : + ac_fn_c_check_func "$LINENO" "gss_krb5_ccache_name" "ac_cv_func_gss_krb5_ccache_name" +if test "x$ac_cv_func_gss_krb5_ccache_name" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_GSS_KRB5_CCACHE_NAME 1 +_ACEOF + +fi +done + + + # save CFLAGS and LIBS to restore later + krb5_save_CFLAGS="$CFLAGS" + krb5_save_LIBS="$LIBS" + + # find library that contains krb5_is_thread_safe + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing krb5_sendauth" >&5 +$as_echo_n "checking for library containing krb5_sendauth... " >&6; } +if ${ac_cv_search_krb5_sendauth+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char krb5_sendauth (); +int +main () +{ +return krb5_sendauth (); + ; + return 0; +} +_ACEOF +for ac_lib in '' krb5 'krb5 -lcrypto -ldes -lasn1 -lroken'; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_krb5_sendauth=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search_krb5_sendauth+:} false; then : + break +fi +done +if ${ac_cv_search_krb5_sendauth+:} false; then : + +else + ac_cv_search_krb5_sendauth=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_krb5_sendauth" >&5 +$as_echo "$ac_cv_search_krb5_sendauth" >&6; } +ac_res=$ac_cv_search_krb5_sendauth +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + + for ac_func in krb5_is_thread_safe +do : + ac_fn_c_check_func "$LINENO" "krb5_is_thread_safe" "ac_cv_func_krb5_is_thread_safe" +if test "x$ac_cv_func_krb5_is_thread_safe" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_KRB5_IS_THREAD_SAFE 1 +_ACEOF + +fi +done + + + # see if krb5 is thread safe + if test "x$ac_cv_func_krb5_is_thread_safe" == "xyes" + then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking krb5 thread safety" >&5 +$as_echo_n "checking krb5 thread safety... " >&6; } +if ${nslcd_cv_krb5_is_thread_safe+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + nslcd_cv_krb5_is_thread_safe=unknown +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + +int +main () +{ + + if (!krb5_is_thread_safe()) + return 1; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + nslcd_cv_krb5_is_thread_safe=yes +else + nslcd_cv_krb5_is_thread_safe=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $nslcd_cv_krb5_is_thread_safe" >&5 +$as_echo "$nslcd_cv_krb5_is_thread_safe" >&6; } + if test "x$nslcd_cv_krb5_is_thread_safe" == "xno" + then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: krb5 is NOT thread safe" >&5 +$as_echo "$as_me: WARNING: krb5 is NOT thread safe" >&2;} + fi + fi + + # restore CFLAGS and LIBS because we don't directly use krb5 + CFLAGS="$krb5_save_CFLAGS" + LIBS="$krb5_save_LIBS" + + fi + + # check for ldap function availability + for ac_func in ber_bvfree ber_free ber_set_option ber_get_enum +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in ldap_initialize ldap_start_tls_s +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in ldap_get_option ldap_set_option ldap_set_rebind_proc +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in ldap_simple_bind_s ldap_sasl_bind ldap_sasl_bind_s ldap_unbind +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in ldap_search_ext ldap_modify_ext_s ldap_extended_operation_s +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in ldap_explode_dn ldap_explode_rdn +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in ldap_domain2hostlist ldap_domain2dn +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in ldap_result ldap_parse_result ldap_msgfree ldap_memfree +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in ldap_get_dn ldap_first_attribute ldap_next_attribute +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in ldap_get_values ldap_value_free +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in ldap_get_values_len ldap_count_values_len ldap_value_free_len +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in ldap_err2string ldap_abandon +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in ldap_control_create ldap_create_control ldap_control_find +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in ldap_controls_free ldap_control_free ldap_get_entry_controls +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in ldap_parse_passwordpolicy_control ldap_passwordpolicy_err2txt +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in ldap_create_deref_control ldap_create_deref_control_value +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + for ac_func in ldap_parse_deref_control ldap_derefresponse_free +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + + # replace ldap_create_page_control() and ldap_parse_page_control() + for ac_func in ldap_create_page_control ldap_parse_page_control +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +else + case " $LIBOBJS " in + *" pagectrl.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS pagectrl.$ac_objext" + ;; +esac + +fi +done + + ac_fn_c_check_decl "$LINENO" "ldap_extended_operation_s" "ac_cv_have_decl_ldap_extended_operation_s" " + #if HAVE_LBER_H + #include + #endif + #include +" +if test "x$ac_cv_have_decl_ldap_extended_operation_s" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_LDAP_EXTENDED_OPERATION_S $ac_have_decl +_ACEOF + + + # replace other ldap functions + ac_fn_c_check_func "$LINENO" "ldap_passwd_s" "ac_cv_func_ldap_passwd_s" +if test "x$ac_cv_func_ldap_passwd_s" = xyes; then : + $as_echo "#define HAVE_LDAP_PASSWD_S 1" >>confdefs.h + +else + case " $LIBOBJS " in + *" ldap_passwd_s.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS ldap_passwd_s.$ac_objext" + ;; +esac + +fi + + + ac_fn_c_check_func "$LINENO" "ldap_initialize" "ac_cv_func_ldap_initialize" +if test "x$ac_cv_func_ldap_initialize" = xyes; then : + $as_echo "#define HAVE_LDAP_INITIALIZE 1" >>confdefs.h + +else + case " $LIBOBJS " in + *" ldap_initialize.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS ldap_initialize.$ac_objext" + ;; +esac + +fi + + + ac_fn_c_check_func "$LINENO" "ldap_parse_passwordpolicy_control" "ac_cv_func_ldap_parse_passwordpolicy_control" +if test "x$ac_cv_func_ldap_parse_passwordpolicy_control" = xyes; then : + $as_echo "#define HAVE_LDAP_PARSE_PASSWORDPOLICY_CONTROL 1" >>confdefs.h + +else + case " $LIBOBJS " in + *" ldap_parse_passwordpolicy_control.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS ldap_parse_passwordpolicy_control.$ac_objext" + ;; +esac + +fi + + + ac_fn_c_check_func "$LINENO" "ldap_passwordpolicy_err2txt" "ac_cv_func_ldap_passwordpolicy_err2txt" +if test "x$ac_cv_func_ldap_passwordpolicy_err2txt" = xyes; then : + $as_echo "#define HAVE_LDAP_PASSWORDPOLICY_ERR2TXT 1" >>confdefs.h + +else + case " $LIBOBJS " in + *" ldap_passwordpolicy_err2txt.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS ldap_passwordpolicy_err2txt.$ac_objext" + ;; +esac + +fi + + + + # check the number of arguments that ldap_set_rebind_proc() uses + { $as_echo "$as_me:${as_lineno-$LINENO}: checking number of arguments to ldap_set_rebind_proc" >&5 +$as_echo_n "checking number of arguments to ldap_set_rebind_proc... " >&6; } +if ${nss_ldapd_cv_ldap_set_rebind_proc_args+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #include + +int +main () +{ + + ldap_set_rebind_proc(0, 0, 0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + nss_ldapd_cv_ldap_set_rebind_proc_args=3 +else + nss_ldapd_cv_ldap_set_rebind_proc_args=2 +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $nss_ldapd_cv_ldap_set_rebind_proc_args" >&5 +$as_echo "$nss_ldapd_cv_ldap_set_rebind_proc_args" >&6; } + +cat >>confdefs.h <<_ACEOF +#define LDAP_SET_REBIND_PROC_ARGS $nss_ldapd_cv_ldap_set_rebind_proc_args +_ACEOF + + + # check the return type of ldap_set_rebind_proc() + { $as_echo "$as_me:${as_lineno-$LINENO}: checking return type of ldap_set_rebind_proc" >&5 +$as_echo_n "checking return type of ldap_set_rebind_proc... " >&6; } +if ${nss_ldapd_cv_ldap_set_rebind_proc_type+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #include + +int +main () +{ + + #if LDAP_SET_REBIND_PROC_ARGS == 3 + return ldap_set_rebind_proc(0, 0, 0); + #else + return ldap_set_rebind_proc(0, 0); + #endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + nss_ldapd_cv_ldap_set_rebind_proc_type=int +else + nss_ldapd_cv_ldap_set_rebind_proc_type=void +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $nss_ldapd_cv_ldap_set_rebind_proc_type" >&5 +$as_echo "$nss_ldapd_cv_ldap_set_rebind_proc_type" >&6; } + if test "x$nss_ldapd_cv_ldap_set_rebind_proc_type" = "xvoid" + then + +$as_echo "#define LDAP_SET_REBIND_PROC_RETURNS_VOID 1" >>confdefs.h + + fi + + # check for broken implementations of ldap_create_deref_control() + if test "x$ac_cv_func_ldap_create_deref_control" = "xyes" + then + # this bug cannot be determined on compile time so we run a + # small test program + { $as_echo "$as_me:${as_lineno-$LINENO}: checking ldap_create_deref_control() implementation" >&5 +$as_echo_n "checking ldap_create_deref_control() implementation... " >&6; } +if ${nslcd_cv_ldap_create_deref_control_working+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + nslcd_cv_ldap_create_deref_control_working=cross +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #include + #include + +int +main () +{ + + int rc; + LDAP *ld; + LDAPControl *ctrls[2] = {NULL, NULL}; + struct LDAPDerefSpec ds[2]; + char *attrs[2] = {"uid", NULL}; + ld = ldap_init("localhost", LDAP_PORT); + if (ld == NULL) + { + fprintf(stderr, "ldap_init() failed\n"); + return 2; + } + ds[0].derefAttr = "member"; + ds[0].attributes = attrs; + ds[1].derefAttr = NULL; + rc = ldap_create_deref_control(ld, ds, 0, &ctrls[0]); + if (rc != LDAP_SUCCESS) + { + fprintf(stderr, "ldap_create_deref_control() failed: %s\n", + ldap_err2string(rc)); + return 2; + } + if (ldap_control_find(LDAP_CONTROL_X_DEREF, ctrls, NULL) != NULL) + return 0; + if (ldap_control_find(LDAP_CONTROL_PAGEDRESULTS, ctrls, NULL) != NULL) + { + fprintf(stderr, "ldap_create_deref_control() created LDAP_CONTROL_PAGEDRESULTS control\n"); + return 3; + } + fprintf(stderr, "ldap_create_deref_control() created unknown control\n"); + return 2; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + nslcd_cv_ldap_create_deref_control_working=ok +else + if test "$?" -eq 3; then nslcd_cv_ldap_create_deref_control_working=broken + else nslcd_cv_ldap_create_deref_control_working=unknown; fi +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $nslcd_cv_ldap_create_deref_control_working" >&5 +$as_echo "$nslcd_cv_ldap_create_deref_control_working" >&6; } + if test "x$nslcd_cv_ldap_create_deref_control_working" != "xok" + then + { $as_echo "$as_me:${as_lineno-$LINENO}: using replacement ldap_create_deref_control()" >&5 +$as_echo "$as_me: using replacement ldap_create_deref_control()" >&6;} + case " $LIBOBJS " in + *" derefctrl.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS derefctrl.$ac_objext" + ;; +esac + + +$as_echo "#define REPLACE_LDAP_CREATE_DEREF_CONTROL 1" >>confdefs.h + + fi + fi + + # save nslcd LIBS and CFLAGS and restore originals + nslcd_CFLAGS="$CFLAGS" + nslcd_LIBS="$LIBS" + CFLAGS="$nslcd_save_CFLAGS" + LIBS="$nslcd_save_LIBS" + + +fi + +# pynslcd-specific tests +if test "x$enable_pynslcd" = "xyes" +then + # check Python interpreter + + + + + + + if test -n "$PYTHON"; then + # If the user set $PYTHON, use it and don't search something else. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $PYTHON version is >= 2.5" >&5 +$as_echo_n "checking whether $PYTHON version is >= 2.5... " >&6; } + prog="import sys +# split strings by '.' and convert to numeric. Append some zeros +# because we need at least 4 digits for the hex conversion. +# map returns an iterator in Python 3.0 and a list in 2.x +minver = list(map(int, '2.5'.split('.'))) + [0, 0, 0] +minverhex = 0 +# xrange is not present in Python 3.0 and range returns an iterator +for i in list(range(0, 4)): minverhex = (minverhex << 8) + minver[i] +sys.exit(sys.hexversion < minverhex)" + if { echo "$as_me:$LINENO: $PYTHON -c "$prog"" >&5 + ($PYTHON -c "$prog") >&5 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + as_fn_error $? "Python interpreter is too old" "$LINENO" 5 +fi + am_display_PYTHON=$PYTHON + else + # Otherwise, try each interpreter until we find one that satisfies + # VERSION. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a Python interpreter with version >= 2.5" >&5 +$as_echo_n "checking for a Python interpreter with version >= 2.5... " >&6; } +if ${am_cv_pathless_PYTHON+:} false; then : + $as_echo_n "(cached) " >&6 +else + + for am_cv_pathless_PYTHON in python python2 python3 python3.8 python3.7 python3.6 python3.5 python3.4 python3.3 python3.2 python3.1 python3.0 python2.7 python2.6 python2.5 python2.4 python2.3 python2.2 python2.1 python2.0 none; do + test "$am_cv_pathless_PYTHON" = none && break + prog="import sys +# split strings by '.' and convert to numeric. Append some zeros +# because we need at least 4 digits for the hex conversion. +# map returns an iterator in Python 3.0 and a list in 2.x +minver = list(map(int, '2.5'.split('.'))) + [0, 0, 0] +minverhex = 0 +# xrange is not present in Python 3.0 and range returns an iterator +for i in list(range(0, 4)): minverhex = (minverhex << 8) + minver[i] +sys.exit(sys.hexversion < minverhex)" + if { echo "$as_me:$LINENO: $am_cv_pathless_PYTHON -c "$prog"" >&5 + ($am_cv_pathless_PYTHON -c "$prog") >&5 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; then : + break +fi + done +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_pathless_PYTHON" >&5 +$as_echo "$am_cv_pathless_PYTHON" >&6; } + # Set $PYTHON to the absolute path of $am_cv_pathless_PYTHON. + if test "$am_cv_pathless_PYTHON" = none; then + PYTHON=: + else + # Extract the first word of "$am_cv_pathless_PYTHON", so it can be a program name with args. +set dummy $am_cv_pathless_PYTHON; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_PYTHON+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $PYTHON in + [\\/]* | ?:[\\/]*) + ac_cv_path_PYTHON="$PYTHON" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PYTHON="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +PYTHON=$ac_cv_path_PYTHON +if test -n "$PYTHON"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PYTHON" >&5 +$as_echo "$PYTHON" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + fi + am_display_PYTHON=$am_cv_pathless_PYTHON + fi + + + if test "$PYTHON" = :; then + as_fn_error $? "Python is required" "$LINENO" 5 + else + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $am_display_PYTHON version" >&5 +$as_echo_n "checking for $am_display_PYTHON version... " >&6; } +if ${am_cv_python_version+:} false; then : + $as_echo_n "(cached) " >&6 +else + am_cv_python_version=`$PYTHON -c "import sys; sys.stdout.write(sys.version[:3])"` +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_python_version" >&5 +$as_echo "$am_cv_python_version" >&6; } + PYTHON_VERSION=$am_cv_python_version + + + + PYTHON_PREFIX='${prefix}' + + PYTHON_EXEC_PREFIX='${exec_prefix}' + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $am_display_PYTHON platform" >&5 +$as_echo_n "checking for $am_display_PYTHON platform... " >&6; } +if ${am_cv_python_platform+:} false; then : + $as_echo_n "(cached) " >&6 +else + am_cv_python_platform=`$PYTHON -c "import sys; sys.stdout.write(sys.platform)"` +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_python_platform" >&5 +$as_echo "$am_cv_python_platform" >&6; } + PYTHON_PLATFORM=$am_cv_python_platform + + + # Just factor out some code duplication. + am_python_setup_sysconfig="\ +import sys +# Prefer sysconfig over distutils.sysconfig, for better compatibility +# with python 3.x. See automake bug#10227. +try: + import sysconfig +except ImportError: + can_use_sysconfig = 0 +else: + can_use_sysconfig = 1 +# Can't use sysconfig in CPython 2.7, since it's broken in virtualenvs: +# +try: + from platform import python_implementation + if python_implementation() == 'CPython' and sys.version[:3] == '2.7': + can_use_sysconfig = 0 +except ImportError: + pass" + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $am_display_PYTHON script directory" >&5 +$as_echo_n "checking for $am_display_PYTHON script directory... " >&6; } +if ${am_cv_python_pythondir+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "x$prefix" = xNONE + then + am_py_prefix=$ac_default_prefix + else + am_py_prefix=$prefix + fi + am_cv_python_pythondir=`$PYTHON -c " +$am_python_setup_sysconfig +if can_use_sysconfig: + sitedir = sysconfig.get_path('purelib', vars={'base':'$am_py_prefix'}) +else: + from distutils import sysconfig + sitedir = sysconfig.get_python_lib(0, 0, prefix='$am_py_prefix') +sys.stdout.write(sitedir)"` + case $am_cv_python_pythondir in + $am_py_prefix*) + am__strip_prefix=`echo "$am_py_prefix" | sed 's|.|.|g'` + am_cv_python_pythondir=`echo "$am_cv_python_pythondir" | sed "s,^$am__strip_prefix,$PYTHON_PREFIX,"` + ;; + *) + case $am_py_prefix in + /usr|/System*) ;; + *) + am_cv_python_pythondir=$PYTHON_PREFIX/lib/python$PYTHON_VERSION/site-packages + ;; + esac + ;; + esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_python_pythondir" >&5 +$as_echo "$am_cv_python_pythondir" >&6; } + pythondir=$am_cv_python_pythondir + + + + pkgpythondir=\${pythondir}/$PACKAGE + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $am_display_PYTHON extension module directory" >&5 +$as_echo_n "checking for $am_display_PYTHON extension module directory... " >&6; } +if ${am_cv_python_pyexecdir+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "x$exec_prefix" = xNONE + then + am_py_exec_prefix=$am_py_prefix + else + am_py_exec_prefix=$exec_prefix + fi + am_cv_python_pyexecdir=`$PYTHON -c " +$am_python_setup_sysconfig +if can_use_sysconfig: + sitedir = sysconfig.get_path('platlib', vars={'platbase':'$am_py_prefix'}) +else: + from distutils import sysconfig + sitedir = sysconfig.get_python_lib(1, 0, prefix='$am_py_prefix') +sys.stdout.write(sitedir)"` + case $am_cv_python_pyexecdir in + $am_py_exec_prefix*) + am__strip_prefix=`echo "$am_py_exec_prefix" | sed 's|.|.|g'` + am_cv_python_pyexecdir=`echo "$am_cv_python_pyexecdir" | sed "s,^$am__strip_prefix,$PYTHON_EXEC_PREFIX,"` + ;; + *) + case $am_py_exec_prefix in + /usr|/System*) ;; + *) + am_cv_python_pyexecdir=$PYTHON_EXEC_PREFIX/lib/python$PYTHON_VERSION/site-packages + ;; + esac + ;; + esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_python_pyexecdir" >&5 +$as_echo "$am_cv_python_pyexecdir" >&6; } + pyexecdir=$am_cv_python_pyexecdir + + + + pkgpyexecdir=\${pyexecdir}/$PACKAGE + + + + fi + + + + if test -z $PYTHON; + then + PYTHON="python" + fi + PYTHON_NAME=`basename $PYTHON` + { $as_echo "$as_me:${as_lineno-$LINENO}: checking $PYTHON_NAME module: daemon" >&5 +$as_echo_n "checking $PYTHON_NAME module: daemon... " >&6; } + $PYTHON -c "import daemon" 2>/dev/null + if test $? -eq 0; + then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + eval HAVE_PYMOD_DAEMON=yes + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + eval HAVE_PYMOD_DAEMON=no + # + if test -n "" + then + as_fn_error $? "failed to find required module daemon" "$LINENO" 5 + exit 1 + fi + fi + + + if test -z $PYTHON; + then + PYTHON="python" + fi + PYTHON_NAME=`basename $PYTHON` + { $as_echo "$as_me:${as_lineno-$LINENO}: checking $PYTHON_NAME module: fcntl" >&5 +$as_echo_n "checking $PYTHON_NAME module: fcntl... " >&6; } + $PYTHON -c "import fcntl" 2>/dev/null + if test $? -eq 0; + then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + eval HAVE_PYMOD_FCNTL=yes + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + eval HAVE_PYMOD_FCNTL=no + # + if test -n "" + then + as_fn_error $? "failed to find required module fcntl" "$LINENO" 5 + exit 1 + fi + fi + + + if test -z $PYTHON; + then + PYTHON="python" + fi + PYTHON_NAME=`basename $PYTHON` + { $as_echo "$as_me:${as_lineno-$LINENO}: checking $PYTHON_NAME module: fnmatch" >&5 +$as_echo_n "checking $PYTHON_NAME module: fnmatch... " >&6; } + $PYTHON -c "import fnmatch" 2>/dev/null + if test $? -eq 0; + then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + eval HAVE_PYMOD_FNMATCH=yes + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + eval HAVE_PYMOD_FNMATCH=no + # + if test -n "" + then + as_fn_error $? "failed to find required module fnmatch" "$LINENO" 5 + exit 1 + fi + fi + + + if test -z $PYTHON; + then + PYTHON="python" + fi + PYTHON_NAME=`basename $PYTHON` + { $as_echo "$as_me:${as_lineno-$LINENO}: checking $PYTHON_NAME module: ldap" >&5 +$as_echo_n "checking $PYTHON_NAME module: ldap... " >&6; } + $PYTHON -c "import ldap" 2>/dev/null + if test $? -eq 0; + then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + eval HAVE_PYMOD_LDAP=yes + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + eval HAVE_PYMOD_LDAP=no + # + if test -n "" + then + as_fn_error $? "failed to find required module ldap" "$LINENO" 5 + exit 1 + fi + fi + + + if test -z $PYTHON; + then + PYTHON="python" + fi + PYTHON_NAME=`basename $PYTHON` + { $as_echo "$as_me:${as_lineno-$LINENO}: checking $PYTHON_NAME module: sqlite3" >&5 +$as_echo_n "checking $PYTHON_NAME module: sqlite3... " >&6; } + $PYTHON -c "import sqlite3" 2>/dev/null + if test $? -eq 0; + then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + eval HAVE_PYMOD_SQLITE3=yes + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + eval HAVE_PYMOD_SQLITE3=no + # + if test -n "" + then + as_fn_error $? "failed to find required module sqlite3" "$LINENO" 5 + exit 1 + fi + fi + + # required by ldap.controls.ppolicy: + + if test -z $PYTHON; + then + PYTHON="python" + fi + PYTHON_NAME=`basename $PYTHON` + { $as_echo "$as_me:${as_lineno-$LINENO}: checking $PYTHON_NAME module: pyasn1" >&5 +$as_echo_n "checking $PYTHON_NAME module: pyasn1... " >&6; } + $PYTHON -c "import pyasn1" 2>/dev/null + if test $? -eq 0; + then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + eval HAVE_PYMOD_PYASN1=yes + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + eval HAVE_PYMOD_PYASN1=no + # + if test -n "" + then + as_fn_error $? "failed to find required module pyasn1" "$LINENO" 5 + exit 1 + fi + fi + + + if test -z $PYTHON; + then + PYTHON="python" + fi + PYTHON_NAME=`basename $PYTHON` + { $as_echo "$as_me:${as_lineno-$LINENO}: checking $PYTHON_NAME module: pyasn1_modules" >&5 +$as_echo_n "checking $PYTHON_NAME module: pyasn1_modules... " >&6; } + $PYTHON -c "import pyasn1_modules" 2>/dev/null + if test $? -eq 0; + then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + eval HAVE_PYMOD_PYASN1_MODULES=yes + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + eval HAVE_PYMOD_PYASN1_MODULES=no + # + if test -n "" + then + as_fn_error $? "failed to find required module pyasn1_modules" "$LINENO" 5 + exit 1 + fi + fi + + if test "x$HAVE_PYMOD_DAEMON" != "xyes" || \ + test "x$HAVE_PYMOD_FCNTL" != "xyes" || \ + test "x$HAVE_PYMOD_FNMATCH" != "xyes" || \ + test "x$HAVE_PYMOD_LDAP" != "xyes" || \ + test "x$HAVE_PYMOD_SQLITE3" != "xyes" || \ + test "x$HAVE_PYMOD_PYASN1" != "xyes" || \ + test "x$HAVE_PYMOD_PYASN1_MODULES" != "xyes" + then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Required Python modules missing" >&5 +$as_echo "$as_me: WARNING: Required Python modules missing" >&2;} + fi + # optional modules + + if test -z $PYTHON; + then + PYTHON="python" + fi + PYTHON_NAME=`basename $PYTHON` + { $as_echo "$as_me:${as_lineno-$LINENO}: checking $PYTHON_NAME module: setproctitle" >&5 +$as_echo_n "checking $PYTHON_NAME module: setproctitle... " >&6; } + $PYTHON -c "import setproctitle" 2>/dev/null + if test $? -eq 0; + then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + eval HAVE_PYMOD_SETPROCTITLE=yes + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + eval HAVE_PYMOD_SETPROCTITLE=no + # + if test -n "" + then + as_fn_error $? "failed to find required module setproctitle" "$LINENO" 5 + exit 1 + fi + fi + +fi + + if test "x${with_nss_flavour}" = xglibc; then + NSS_FLAVOUR_GLIBC_TRUE= + NSS_FLAVOUR_GLIBC_FALSE='#' +else + NSS_FLAVOUR_GLIBC_TRUE='#' + NSS_FLAVOUR_GLIBC_FALSE= +fi + + if test "x${with_nss_flavour}" = xsolaris; then + NSS_FLAVOUR_SOLARIS_TRUE= + NSS_FLAVOUR_SOLARIS_FALSE='#' +else + NSS_FLAVOUR_SOLARIS_TRUE='#' + NSS_FLAVOUR_SOLARIS_FALSE= +fi + + if test "x${with_nss_flavour}" = xfreebsd; then + NSS_FLAVOUR_FREEBSD_TRUE= + NSS_FLAVOUR_FREEBSD_FALSE='#' +else + NSS_FLAVOUR_FREEBSD_TRUE='#' + NSS_FLAVOUR_FREEBSD_FALSE= +fi + + +# generate files +ac_config_files="$ac_config_files Makefile compat/Makefile common/Makefile nss/Makefile pam/Makefile utils/Makefile nslcd/Makefile pynslcd/Makefile man/Makefile tests/Makefile" + +ac_config_files="$ac_config_files pynslcd/constants.py" + +cat >confcache <<\_ACEOF +# This file is a shell script that caches the results of configure +# tests run on this system so they can be shared between configure +# scripts and configure runs, see configure's option --config-cache. +# It is not useful on other systems. If it contains results you don't +# want to keep, you may remove or edit it. +# +# config.status only pays attention to the cache file if you give it +# the --recheck option to rerun configure. +# +# `ac_cv_env_foo' variables (set or unset) will be overridden when +# loading this file, other *unset* `ac_cv_foo' will be assigned the +# following values. + +_ACEOF + +# The following way of writing the cache mishandles newlines in values, +# but we know of no workaround that is simple, portable, and efficient. +# So, we kill variables containing newlines. +# Ultrix sh set writes to stderr and can't be redirected directly, +# and sets the high bit in the cache file unless we assign to the vars. +( + for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do + eval ac_val=\$$ac_var + case $ac_val in #( + *${as_nl}*) + case $ac_var in #( + *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; + esac + case $ac_var in #( + _ | IFS | as_nl) ;; #( + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; + esac ;; + esac + done + + (set) 2>&1 | + case $as_nl`(ac_space=' '; set) 2>&1` in #( + *${as_nl}ac_space=\ *) + # `set' does not quote correctly, so add quotes: double-quote + # substitution turns \\\\ into \\, and sed turns \\ into \. + sed -n \ + "s/'/'\\\\''/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" + ;; #( + *) + # `set' quotes correctly as required by POSIX, so do not add quotes. + sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" + ;; + esac | + sort +) | + sed ' + /^ac_cv_env_/b end + t clear + :clear + s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ + t end + s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ + :end' >>confcache +if diff "$cache_file" confcache >/dev/null 2>&1; then :; else + if test -w "$cache_file"; then + if test "x$cache_file" != "x/dev/null"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 +$as_echo "$as_me: updating cache $cache_file" >&6;} + if test ! -f "$cache_file" || test -h "$cache_file"; then + cat confcache >"$cache_file" + else + case $cache_file in #( + */* | ?:*) + mv -f confcache "$cache_file"$$ && + mv -f "$cache_file"$$ "$cache_file" ;; #( + *) + mv -f confcache "$cache_file" ;; + esac + fi + fi + else + { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 +$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} + fi +fi +rm -f confcache + +test "x$prefix" = xNONE && prefix=$ac_default_prefix +# Let make expand exec_prefix. +test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' + +DEFS=-DHAVE_CONFIG_H + +ac_libobjs= +ac_ltlibobjs= +U= +for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue + # 1. Remove the extension, and $U if already installed. + ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' + ac_i=`$as_echo "$ac_i" | sed "$ac_script"` + # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR + # will be set to the directory where LIBOBJS objects are built. + as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" + as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo' +done +LIBOBJS=$ac_libobjs + +LTLIBOBJS=$ac_ltlibobjs + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking that generated files are newer than configure" >&5 +$as_echo_n "checking that generated files are newer than configure... " >&6; } + if test -n "$am_sleep_pid"; then + # Hide warnings about reused PIDs. + wait $am_sleep_pid 2>/dev/null + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: result: done" >&5 +$as_echo "done" >&6; } + if test -n "$EXEEXT"; then + am__EXEEXT_TRUE= + am__EXEEXT_FALSE='#' +else + am__EXEEXT_TRUE='#' + am__EXEEXT_FALSE= +fi + +if test -z "${AMDEP_TRUE}" && test -z "${AMDEP_FALSE}"; then + as_fn_error $? "conditional \"AMDEP\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then + as_fn_error $? "conditional \"am__fastdepCC\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${GENMAN_TRUE}" && test -z "${GENMAN_FALSE}"; then + as_fn_error $? "conditional \"GENMAN\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${INSTMAN_TRUE}" && test -z "${INSTMAN_FALSE}"; then + as_fn_error $? "conditional \"INSTMAN\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${HAVE_PYTHON_TRUE}" && test -z "${HAVE_PYTHON_FALSE}"; then + as_fn_error $? "conditional \"HAVE_PYTHON\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${MAINTAINER_MODE_TRUE}" && test -z "${MAINTAINER_MODE_FALSE}"; then + as_fn_error $? "conditional \"MAINTAINER_MODE\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${ENABLE_NSS_TRUE}" && test -z "${ENABLE_NSS_FALSE}"; then + as_fn_error $? "conditional \"ENABLE_NSS\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${ENABLE_PAM_TRUE}" && test -z "${ENABLE_PAM_FALSE}"; then + as_fn_error $? "conditional \"ENABLE_PAM\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${ENABLE_UTILS_TRUE}" && test -z "${ENABLE_UTILS_FALSE}"; then + as_fn_error $? "conditional \"ENABLE_UTILS\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${ENABLE_NSLCD_TRUE}" && test -z "${ENABLE_NSLCD_FALSE}"; then + as_fn_error $? "conditional \"ENABLE_NSLCD\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${ENABLE_PYNSLCD_TRUE}" && test -z "${ENABLE_PYNSLCD_FALSE}"; then + as_fn_error $? "conditional \"ENABLE_PYNSLCD\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${NSS_FLAVOUR_GLIBC_TRUE}" && test -z "${NSS_FLAVOUR_GLIBC_FALSE}"; then + as_fn_error $? "conditional \"NSS_FLAVOUR_GLIBC\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${NSS_FLAVOUR_SOLARIS_TRUE}" && test -z "${NSS_FLAVOUR_SOLARIS_FALSE}"; then + as_fn_error $? "conditional \"NSS_FLAVOUR_SOLARIS\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${NSS_FLAVOUR_FREEBSD_TRUE}" && test -z "${NSS_FLAVOUR_FREEBSD_FALSE}"; then + as_fn_error $? "conditional \"NSS_FLAVOUR_FREEBSD\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi + +: "${CONFIG_STATUS=./config.status}" +ac_write_fail=0 +ac_clean_files_save=$ac_clean_files +ac_clean_files="$ac_clean_files $CONFIG_STATUS" +{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 +$as_echo "$as_me: creating $CONFIG_STATUS" >&6;} +as_write_fail=0 +cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 +#! $SHELL +# Generated by $as_me. +# Run this file to recreate the current configuration. +# Compiler output produced by configure, useful for debugging +# configure, is in config.log if it exists. + +debug=false +ac_cs_recheck=false +ac_cs_silent=false + +SHELL=\${CONFIG_SHELL-$SHELL} +export SHELL +_ASEOF +cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## + +# Be more Bourne compatible +DUALCASE=1; export DUALCASE # for MKS sh +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' + setopt NO_GLOB_SUBST +else + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi + + +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +# Prefer a ksh shell builtin over an external printf program on Solaris, +# but without wasting forks for bash or zsh. +if test -z "$BASH_VERSION$ZSH_VERSION" \ + && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='print -r --' + as_echo_n='print -rn --' +elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' + else + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in #( + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' + fi + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' +fi + +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } +fi + + +# IFS +# We need space, tab and new line, in precisely that order. Quoting is +# there to prevent editors from complaining about space-tab. +# (If _AS_PATH_WALK were called with IFS unset, it would disable word +# splitting by setting IFS to empty value.) +IFS=" "" $as_nl" + +# Find who we are. Look in the path if we contain no directory separator. +as_myself= +case $0 in #(( + *[\\/]* ) as_myself=$0 ;; + *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + done +IFS=$as_save_IFS + + ;; +esac +# We did not find ourselves, most probably we were run as `sh COMMAND' +# in which case we are not to be found in the path. +if test "x$as_myself" = x; then + as_myself=$0 +fi +if test ! -f "$as_myself"; then + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 +fi + +# Unset variables that we do not need and which cause bugs (e.g. in +# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" +# suppresses any "Segmentation fault" message there. '((' could +# trigger a bug in pdksh 5.2.14. +for as_var in BASH_ENV ENV MAIL MAILPATH +do eval test x\${$as_var+set} = xset \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : +done +PS1='$ ' +PS2='> ' +PS4='+ ' + +# NLS nuisances. +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + + +# as_fn_error STATUS ERROR [LINENO LOG_FD] +# ---------------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with STATUS, using 1 if that was 0. +as_fn_error () +{ + as_status=$1; test $as_status -eq 0 && as_status=1 + if test "$4"; then + as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 + fi + $as_echo "$as_me: error: $2" >&2 + as_fn_exit $as_status +} # as_fn_error + + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + + +if expr a : '\(a\)' >/dev/null 2>&1 && + test "X`expr 00001 : '.*\(...\)'`" = X001; then + as_expr=expr +else + as_expr=false +fi + +if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then + as_basename=basename +else + as_basename=false +fi + +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false +fi + +as_me=`$as_basename -- "$0" || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ + s//\1/ + q + } + /^X\/\(\/\/\)$/{ + s//\1/ + q + } + /^X\/\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits + +ECHO_C= ECHO_N= ECHO_T= +case `echo -n x` in #((((( +-n*) + case `echo 'xy\c'` in + *c*) ECHO_T=' ';; # ECHO_T is single tab character. + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; + esac;; +*) + ECHO_N='-n';; +esac + +rm -f conf$$ conf$$.exe conf$$.file +if test -d conf$$.dir; then + rm -f conf$$.dir/conf$$.file +else + rm -f conf$$.dir + mkdir conf$$.dir 2>/dev/null +fi +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -pR'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -pR' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else + as_ln_s='cp -pR' + fi +else + as_ln_s='cp -pR' +fi +rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file +rmdir conf$$.dir 2>/dev/null + + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" + + +} # as_fn_mkdir_p +if mkdir -p . 2>/dev/null; then + as_mkdir_p='mkdir -p "$as_dir"' +else + test -d ./-p && rmdir ./-p + as_mkdir_p=false +fi + + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p +as_test_x='test -x' +as_executable_p=as_fn_executable_p + +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" + +# Sed expression to map a string onto a valid variable name. +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" + + +exec 6>&1 +## ----------------------------------- ## +## Main body of $CONFIG_STATUS script. ## +## ----------------------------------- ## +_ASEOF +test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# Save the log message, to keep $0 and so on meaningful, and to +# report actual input values of CONFIG_FILES etc. instead of their +# values after options handling. +ac_log=" +This file was extended by nss-pam-ldapd $as_me 0.9.9, which was +generated by GNU Autoconf 2.69. Invocation command line was + + CONFIG_FILES = $CONFIG_FILES + CONFIG_HEADERS = $CONFIG_HEADERS + CONFIG_LINKS = $CONFIG_LINKS + CONFIG_COMMANDS = $CONFIG_COMMANDS + $ $0 $@ + +on `(hostname || uname -n) 2>/dev/null | sed 1q` +" + +_ACEOF + +case $ac_config_files in *" +"*) set x $ac_config_files; shift; ac_config_files=$*;; +esac + +case $ac_config_headers in *" +"*) set x $ac_config_headers; shift; ac_config_headers=$*;; +esac + + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +# Files that config.status was made for. +config_files="$ac_config_files" +config_headers="$ac_config_headers" +config_commands="$ac_config_commands" + +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +ac_cs_usage="\ +\`$as_me' instantiates files and other configuration actions +from templates according to the current configuration. Unless the files +and actions are specified as TAGs, all are instantiated by default. + +Usage: $0 [OPTION]... [TAG]... + + -h, --help print this help, then exit + -V, --version print version number and configuration settings, then exit + --config print configuration, then exit + -q, --quiet, --silent + do not print progress messages + -d, --debug don't remove temporary files + --recheck update $as_me by reconfiguring in the same conditions + --file=FILE[:TEMPLATE] + instantiate the configuration file FILE + --header=FILE[:TEMPLATE] + instantiate the configuration header FILE + +Configuration files: +$config_files + +Configuration headers: +$config_headers + +Configuration commands: +$config_commands + +Report bugs to . +nss-pam-ldapd home page: ." + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" +ac_cs_version="\\ +nss-pam-ldapd config.status 0.9.9 +configured by $0, generated by GNU Autoconf 2.69, + with options \\"\$ac_cs_config\\" + +Copyright (C) 2012 Free Software Foundation, Inc. +This config.status script is free software; the Free Software Foundation +gives unlimited permission to copy, distribute and modify it." + +ac_pwd='$ac_pwd' +srcdir='$srcdir' +INSTALL='$INSTALL' +MKDIR_P='$MKDIR_P' +AWK='$AWK' +test -n "\$AWK" || AWK=awk +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# The default lists apply if the user does not specify any file. +ac_need_defaults=: +while test $# != 0 +do + case $1 in + --*=?*) + ac_option=`expr "X$1" : 'X\([^=]*\)='` + ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` + ac_shift=: + ;; + --*=) + ac_option=`expr "X$1" : 'X\([^=]*\)='` + ac_optarg= + ac_shift=: + ;; + *) + ac_option=$1 + ac_optarg=$2 + ac_shift=shift + ;; + esac + + case $ac_option in + # Handling of the options. + -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) + ac_cs_recheck=: ;; + --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) + $as_echo "$ac_cs_version"; exit ;; + --config | --confi | --conf | --con | --co | --c ) + $as_echo "$ac_cs_config"; exit ;; + --debug | --debu | --deb | --de | --d | -d ) + debug=: ;; + --file | --fil | --fi | --f ) + $ac_shift + case $ac_optarg in + *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; + '') as_fn_error $? "missing file argument" ;; + esac + as_fn_append CONFIG_FILES " '$ac_optarg'" + ac_need_defaults=false;; + --header | --heade | --head | --hea ) + $ac_shift + case $ac_optarg in + *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + as_fn_append CONFIG_HEADERS " '$ac_optarg'" + ac_need_defaults=false;; + --he | --h) + # Conflict between --help and --header + as_fn_error $? "ambiguous option: \`$1' +Try \`$0 --help' for more information.";; + --help | --hel | -h ) + $as_echo "$ac_cs_usage"; exit ;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil | --si | --s) + ac_cs_silent=: ;; + + # This is an error. + -*) as_fn_error $? "unrecognized option: \`$1' +Try \`$0 --help' for more information." ;; + + *) as_fn_append ac_config_targets " $1" + ac_need_defaults=false ;; + + esac + shift +done + +ac_configure_extra_args= + +if $ac_cs_silent; then + exec 6>/dev/null + ac_configure_extra_args="$ac_configure_extra_args --silent" +fi + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +if \$ac_cs_recheck; then + set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + shift + \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 + CONFIG_SHELL='$SHELL' + export CONFIG_SHELL + exec "\$@" +fi + +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +exec 5>>config.log +{ + echo + sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX +## Running $as_me. ## +_ASBOX + $as_echo "$ac_log" +} >&5 + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +# +# INIT-COMMANDS +# +AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir" + +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 + +# Handling of arguments. +for ac_config_target in $ac_config_targets +do + case $ac_config_target in + "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; + "depfiles") CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;; + "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; + "compat/Makefile") CONFIG_FILES="$CONFIG_FILES compat/Makefile" ;; + "common/Makefile") CONFIG_FILES="$CONFIG_FILES common/Makefile" ;; + "nss/Makefile") CONFIG_FILES="$CONFIG_FILES nss/Makefile" ;; + "pam/Makefile") CONFIG_FILES="$CONFIG_FILES pam/Makefile" ;; + "utils/Makefile") CONFIG_FILES="$CONFIG_FILES utils/Makefile" ;; + "nslcd/Makefile") CONFIG_FILES="$CONFIG_FILES nslcd/Makefile" ;; + "pynslcd/Makefile") CONFIG_FILES="$CONFIG_FILES pynslcd/Makefile" ;; + "man/Makefile") CONFIG_FILES="$CONFIG_FILES man/Makefile" ;; + "tests/Makefile") CONFIG_FILES="$CONFIG_FILES tests/Makefile" ;; + "pynslcd/constants.py") CONFIG_FILES="$CONFIG_FILES pynslcd/constants.py" ;; + + *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; + esac +done + + +# If the user did not use the arguments to specify the items to instantiate, +# then the envvar interface is used. Set only those that are not. +# We use the long form for the default assignment because of an extremely +# bizarre bug on SunOS 4.1.3. +if $ac_need_defaults; then + test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files + test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers + test "${CONFIG_COMMANDS+set}" = set || CONFIG_COMMANDS=$config_commands +fi + +# Have a temporary directory for convenience. Make it in the build tree +# simply because there is no reason against having it here, and in addition, +# creating and moving files from /tmp can sometimes cause problems. +# Hook for its removal unless debugging. +# Note that there is a small window in which the directory will not be cleaned: +# after its creation but before its name has been assigned to `$tmp'. +$debug || +{ + tmp= ac_tmp= + trap 'exit_status=$? + : "${ac_tmp:=$tmp}" + { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status +' 0 + trap 'as_fn_exit 1' 1 2 13 15 +} +# Create a (secure) tmp directory for tmp files. + +{ + tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && + test -d "$tmp" +} || +{ + tmp=./conf$$-$RANDOM + (umask 077 && mkdir "$tmp") +} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 +ac_tmp=$tmp + +# Set up the scripts for CONFIG_FILES section. +# No need to generate them if there are no CONFIG_FILES. +# This happens for instance with `./config.status config.h'. +if test -n "$CONFIG_FILES"; then + + +ac_cr=`echo X | tr X '\015'` +# On cygwin, bash can eat \r inside `` if the user requested igncr. +# But we know of no other shell where ac_cr would be empty at this +# point, so we can use a bashism as a fallback. +if test "x$ac_cr" = x; then + eval ac_cr=\$\'\\r\' +fi +ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` +if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then + ac_cs_awk_cr='\\r' +else + ac_cs_awk_cr=$ac_cr +fi + +echo 'BEGIN {' >"$ac_tmp/subs1.awk" && +_ACEOF + + +{ + echo "cat >conf$$subs.awk <<_ACEOF" && + echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && + echo "_ACEOF" +} >conf$$subs.sh || + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 +ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'` +ac_delim='%!_!# ' +for ac_last_try in false false false false false :; do + . ./conf$$subs.sh || + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 + + ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` + if test $ac_delim_n = $ac_delim_num; then + break + elif $ac_last_try; then + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 + else + ac_delim="$ac_delim!$ac_delim _$ac_delim!! " + fi +done +rm -f conf$$subs.sh + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK && +_ACEOF +sed -n ' +h +s/^/S["/; s/!.*/"]=/ +p +g +s/^[^!]*!// +:repl +t repl +s/'"$ac_delim"'$// +t delim +:nl +h +s/\(.\{148\}\)..*/\1/ +t more1 +s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/ +p +n +b repl +:more1 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t nl +:delim +h +s/\(.\{148\}\)..*/\1/ +t more2 +s/["\\]/\\&/g; s/^/"/; s/$/"/ +p +b +:more2 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t delim +' >$CONFIG_STATUS || ac_write_fail=1 +rm -f conf$$subs.awk +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +_ACAWK +cat >>"\$ac_tmp/subs1.awk" <<_ACAWK && + for (key in S) S_is_set[key] = 1 + FS = "" + +} +{ + line = $ 0 + nfields = split(line, field, "@") + substed = 0 + len = length(field[1]) + for (i = 2; i < nfields; i++) { + key = field[i] + keylen = length(key) + if (S_is_set[key]) { + value = S[key] + line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3) + len += length(value) + length(field[++i]) + substed = 1 + } else + len += 1 + keylen + } + + print line +} + +_ACAWK +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then + sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" +else + cat +fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \ + || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 +_ACEOF + +# VPATH may cause trouble with some makes, so we remove sole $(srcdir), +# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and +# trailing colons and then remove the whole line if VPATH becomes empty +# (actually we leave an empty line to preserve line numbers). +if test "x$srcdir" = x.; then + ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{ +h +s/// +s/^/:/ +s/[ ]*$/:/ +s/:\$(srcdir):/:/g +s/:\${srcdir}:/:/g +s/:@srcdir@:/:/g +s/^:*// +s/:*$// +x +s/\(=[ ]*\).*/\1/ +G +s/\n// +s/^[^=]*=[ ]*$// +}' +fi + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +fi # test -n "$CONFIG_FILES" + +# Set up the scripts for CONFIG_HEADERS section. +# No need to generate them if there are no CONFIG_HEADERS. +# This happens for instance with `./config.status Makefile'. +if test -n "$CONFIG_HEADERS"; then +cat >"$ac_tmp/defines.awk" <<\_ACAWK || +BEGIN { +_ACEOF + +# Transform confdefs.h into an awk script `defines.awk', embedded as +# here-document in config.status, that substitutes the proper values into +# config.h.in to produce config.h. + +# Create a delimiter string that does not exist in confdefs.h, to ease +# handling of long lines. +ac_delim='%!_!# ' +for ac_last_try in false false :; do + ac_tt=`sed -n "/$ac_delim/p" confdefs.h` + if test -z "$ac_tt"; then + break + elif $ac_last_try; then + as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5 + else + ac_delim="$ac_delim!$ac_delim _$ac_delim!! " + fi +done + +# For the awk script, D is an array of macro values keyed by name, +# likewise P contains macro parameters if any. Preserve backslash +# newline sequences. + +ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]* +sed -n ' +s/.\{148\}/&'"$ac_delim"'/g +t rset +:rset +s/^[ ]*#[ ]*define[ ][ ]*/ / +t def +d +:def +s/\\$// +t bsnl +s/["\\]/\\&/g +s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ +D["\1"]=" \3"/p +s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2"/p +d +:bsnl +s/["\\]/\\&/g +s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ +D["\1"]=" \3\\\\\\n"\\/p +t cont +s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p +t cont +d +:cont +n +s/.\{148\}/&'"$ac_delim"'/g +t clear +:clear +s/\\$// +t bsnlc +s/["\\]/\\&/g; s/^/"/; s/$/"/p +d +:bsnlc +s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p +b cont +' >$CONFIG_STATUS || ac_write_fail=1 + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 + for (key in D) D_is_set[key] = 1 + FS = "" +} +/^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ { + line = \$ 0 + split(line, arg, " ") + if (arg[1] == "#") { + defundef = arg[2] + mac1 = arg[3] + } else { + defundef = substr(arg[1], 2) + mac1 = arg[2] + } + split(mac1, mac2, "(") #) + macro = mac2[1] + prefix = substr(line, 1, index(line, defundef) - 1) + if (D_is_set[macro]) { + # Preserve the white space surrounding the "#". + print prefix "define", macro P[macro] D[macro] + next + } else { + # Replace #undef with comments. This is necessary, for example, + # in the case of _POSIX_SOURCE, which is predefined and required + # on some systems where configure will not decide to define it. + if (defundef == "undef") { + print "/*", prefix defundef, macro, "*/" + next + } + } +} +{ print } +_ACAWK +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 + as_fn_error $? "could not setup config headers machinery" "$LINENO" 5 +fi # test -n "$CONFIG_HEADERS" + + +eval set X " :F $CONFIG_FILES :H $CONFIG_HEADERS :C $CONFIG_COMMANDS" +shift +for ac_tag +do + case $ac_tag in + :[FHLC]) ac_mode=$ac_tag; continue;; + esac + case $ac_mode$ac_tag in + :[FHL]*:*);; + :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;; + :[FH]-) ac_tag=-:-;; + :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; + esac + ac_save_IFS=$IFS + IFS=: + set x $ac_tag + IFS=$ac_save_IFS + shift + ac_file=$1 + shift + + case $ac_mode in + :L) ac_source=$1;; + :[FH]) + ac_file_inputs= + for ac_f + do + case $ac_f in + -) ac_f="$ac_tmp/stdin";; + *) # Look for the file first in the build tree, then in the source tree + # (if the path is not absolute). The absolute path cannot be DOS-style, + # because $ac_f cannot contain `:'. + test -f "$ac_f" || + case $ac_f in + [\\/$]*) false;; + *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; + esac || + as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;; + esac + case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac + as_fn_append ac_file_inputs " '$ac_f'" + done + + # Let's still pretend it is `configure' which instantiates (i.e., don't + # use $as_me), people would be surprised to read: + # /* config.h. Generated by config.status. */ + configure_input='Generated from '` + $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' + `' by configure.' + if test x"$ac_file" != x-; then + configure_input="$ac_file. $configure_input" + { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 +$as_echo "$as_me: creating $ac_file" >&6;} + fi + # Neutralize special characters interpreted by sed in replacement strings. + case $configure_input in #( + *\&* | *\|* | *\\* ) + ac_sed_conf_input=`$as_echo "$configure_input" | + sed 's/[\\\\&|]/\\\\&/g'`;; #( + *) ac_sed_conf_input=$configure_input;; + esac + + case $ac_tag in + *:-:* | *:-) cat >"$ac_tmp/stdin" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; + esac + ;; + esac + + ac_dir=`$as_dirname -- "$ac_file" || +$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$ac_file" : 'X\(//\)[^/]' \| \ + X"$ac_file" : 'X\(//\)$' \| \ + X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$ac_file" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + as_dir="$ac_dir"; as_fn_mkdir_p + ac_builddir=. + +case "$ac_dir" in +.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; +*) + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` + # A ".." for each directory in $ac_dir_suffix. + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` + case $ac_top_builddir_sub in + "") ac_top_builddir_sub=. ac_top_build_prefix= ;; + *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; + esac ;; +esac +ac_abs_top_builddir=$ac_pwd +ac_abs_builddir=$ac_pwd$ac_dir_suffix +# for backward compatibility: +ac_top_builddir=$ac_top_build_prefix + +case $srcdir in + .) # We are building in place. + ac_srcdir=. + ac_top_srcdir=$ac_top_builddir_sub + ac_abs_top_srcdir=$ac_pwd ;; + [\\/]* | ?:[\\/]* ) # Absolute name. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir + ac_abs_top_srcdir=$srcdir ;; + *) # Relative name. + ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_build_prefix$srcdir + ac_abs_top_srcdir=$ac_pwd/$srcdir ;; +esac +ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix + + + case $ac_mode in + :F) + # + # CONFIG_FILE + # + + case $INSTALL in + [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;; + *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;; + esac + ac_MKDIR_P=$MKDIR_P + case $MKDIR_P in + [\\/$]* | ?:[\\/]* ) ;; + */*) ac_MKDIR_P=$ac_top_build_prefix$MKDIR_P ;; + esac +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# If the template does not know about datarootdir, expand it. +# FIXME: This hack should be removed a few years after 2.60. +ac_datarootdir_hack=; ac_datarootdir_seen= +ac_sed_dataroot=' +/datarootdir/ { + p + q +} +/@datadir@/p +/@docdir@/p +/@infodir@/p +/@localedir@/p +/@mandir@/p' +case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in +*datarootdir*) ac_datarootdir_seen=yes;; +*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 +$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 + ac_datarootdir_hack=' + s&@datadir@&$datadir&g + s&@docdir@&$docdir&g + s&@infodir@&$infodir&g + s&@localedir@&$localedir&g + s&@mandir@&$mandir&g + s&\\\${datarootdir}&$datarootdir&g' ;; +esac +_ACEOF + +# Neutralize VPATH when `$srcdir' = `.'. +# Shell code in configure.ac might set extrasub. +# FIXME: do we really want to maintain this feature? +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_sed_extra="$ac_vpsub +$extrasub +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +:t +/@[a-zA-Z_][a-zA-Z_0-9]*@/!b +s|@configure_input@|$ac_sed_conf_input|;t t +s&@top_builddir@&$ac_top_builddir_sub&;t t +s&@top_build_prefix@&$ac_top_build_prefix&;t t +s&@srcdir@&$ac_srcdir&;t t +s&@abs_srcdir@&$ac_abs_srcdir&;t t +s&@top_srcdir@&$ac_top_srcdir&;t t +s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t +s&@builddir@&$ac_builddir&;t t +s&@abs_builddir@&$ac_abs_builddir&;t t +s&@abs_top_builddir@&$ac_abs_top_builddir&;t t +s&@INSTALL@&$ac_INSTALL&;t t +s&@MKDIR_P@&$ac_MKDIR_P&;t t +$ac_datarootdir_hack +" +eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \ + >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5 + +test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && + { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } && + { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \ + "$ac_tmp/out"`; test -z "$ac_out"; } && + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined" >&5 +$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined" >&2;} + + rm -f "$ac_tmp/stdin" + case $ac_file in + -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";; + *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";; + esac \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 + ;; + :H) + # + # CONFIG_HEADER + # + if test x"$ac_file" != x-; then + { + $as_echo "/* $configure_input */" \ + && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" + } >"$ac_tmp/config.h" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 + if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then + { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5 +$as_echo "$as_me: $ac_file is unchanged" >&6;} + else + rm -f "$ac_file" + mv "$ac_tmp/config.h" "$ac_file" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 + fi + else + $as_echo "/* $configure_input */" \ + && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \ + || as_fn_error $? "could not create -" "$LINENO" 5 + fi +# Compute "$ac_file"'s index in $config_headers. +_am_arg="$ac_file" +_am_stamp_count=1 +for _am_header in $config_headers :; do + case $_am_header in + $_am_arg | $_am_arg:* ) + break ;; + * ) + _am_stamp_count=`expr $_am_stamp_count + 1` ;; + esac +done +echo "timestamp for $_am_arg" >`$as_dirname -- "$_am_arg" || +$as_expr X"$_am_arg" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$_am_arg" : 'X\(//\)[^/]' \| \ + X"$_am_arg" : 'X\(//\)$' \| \ + X"$_am_arg" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$_am_arg" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'`/stamp-h$_am_stamp_count + ;; + + :C) { $as_echo "$as_me:${as_lineno-$LINENO}: executing $ac_file commands" >&5 +$as_echo "$as_me: executing $ac_file commands" >&6;} + ;; + esac + + + case $ac_file$ac_mode in + "depfiles":C) test x"$AMDEP_TRUE" != x"" || { + # Older Autoconf quotes --file arguments for eval, but not when files + # are listed without --file. Let's play safe and only enable the eval + # if we detect the quoting. + case $CONFIG_FILES in + *\'*) eval set x "$CONFIG_FILES" ;; + *) set x $CONFIG_FILES ;; + esac + shift + for mf + do + # Strip MF so we end up with the name of the file. + mf=`echo "$mf" | sed -e 's/:.*$//'` + # Check whether this is an Automake generated Makefile or not. + # We used to match only the files named 'Makefile.in', but + # some people rename them; so instead we look at the file content. + # Grep'ing the first line is not enough: some people post-process + # each Makefile.in and add a new line on top of each file to say so. + # Grep'ing the whole file is not good either: AIX grep has a line + # limit of 2048, but all sed's we know have understand at least 4000. + if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then + dirpart=`$as_dirname -- "$mf" || +$as_expr X"$mf" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$mf" : 'X\(//\)[^/]' \| \ + X"$mf" : 'X\(//\)$' \| \ + X"$mf" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$mf" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + else + continue + fi + # Extract the definition of DEPDIR, am__include, and am__quote + # from the Makefile without running 'make'. + DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` + test -z "$DEPDIR" && continue + am__include=`sed -n 's/^am__include = //p' < "$mf"` + test -z "$am__include" && continue + am__quote=`sed -n 's/^am__quote = //p' < "$mf"` + # Find all dependency output files, they are included files with + # $(DEPDIR) in their names. We invoke sed twice because it is the + # simplest approach to changing $(DEPDIR) to its actual value in the + # expansion. + for file in `sed -n " + s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ + sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g'`; do + # Make sure the directory exists. + test -f "$dirpart/$file" && continue + fdir=`$as_dirname -- "$file" || +$as_expr X"$file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$file" : 'X\(//\)[^/]' \| \ + X"$file" : 'X\(//\)$' \| \ + X"$file" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$file" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + as_dir=$dirpart/$fdir; as_fn_mkdir_p + # echo "creating $dirpart/$file" + echo '# dummy' > "$dirpart/$file" + done + done +} + ;; + "pynslcd/constants.py":F) +( + echo '' + echo '# The following is automatically generated from nslcd.h.' + echo '# See that file for details.' + echo '' + sed -n 's| */\*.*\*/ *||;s/^.define *\(NSLCD_[A-Z_]*\) */\1 = /p' "$srcdir"/nslcd.h +) >> pynslcd/constants.py ;; + + esac +done # for ac_tag + + +as_fn_exit 0 +_ACEOF +ac_clean_files=$ac_clean_files_save + +test $ac_write_fail = 0 || + as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5 + + +# configure is writing to config.log, and then calls config.status. +# config.status does its own redirection, appending to config.log. +# Unfortunately, on DOS this fails, as config.log is still kept open +# by configure, so config.status won't be able to write to it; its +# output is simply discarded. So we exec the FD to /dev/null, +# effectively closing config.log, so it can be properly (re)opened and +# appended to by config.status. When coming back to configure, we +# need to make the FD available again. +if test "$no_create" != yes; then + ac_cs_success=: + ac_config_status_args= + test "$silent" = yes && + ac_config_status_args="$ac_config_status_args --quiet" + exec 5>/dev/null + $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false + exec 5>>config.log + # Use ||, not &&, to avoid exiting from the if with $? = 1, which + # would make configure fail if this is the last instruction. + $ac_cs_success || as_fn_exit 1 +fi +if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 +$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} +fi + diff --git a/configure.ac b/configure.ac new file mode 100644 index 0000000..3fb18c0 --- /dev/null +++ b/configure.ac @@ -0,0 +1,1048 @@ +# configure.ac - process this file with autoconf to produce configure +# +# Copyright (C) 2006 Luke Howard +# Copyright (C) 2006 West Consulting +# Copyright (C) 2006-2018 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +AC_PREREQ(2.61) +AC_COPYRIGHT( +[Copyright (C) 2006 Luke Howard +Copyright (C) 2006 West Consulting +Copyright (C) 2006-2018 Arthur de Jong + +This configure script is derived from configure.ac which is free software; +you can redistribute it and/or modify it under the terms of the GNU Lesser +General Public License as published by the Free Software Foundation; either +version 2.1 of the License, or (at your option) any later version. See the +configure.ac file for more details.]) + +# initialize and set version and bugreport address +AC_INIT([nss-pam-ldapd], + [0.9.9], + [nss-pam-ldapd-users@lists.arthurdejong.org],, + [https://arthurdejong.org/nss-pam-ldapd/]) +RELEASE_MONTH="Feb 2018" +AC_SUBST(RELEASE_MONTH) +AC_CONFIG_SRCDIR([nslcd.h]) +AC_CONFIG_MACRO_DIR([m4]) + +# some initialisation +AC_CANONICAL_TARGET +AC_PREFIX_DEFAULT() +AC_CONFIG_LIBOBJ_DIR([compat]) + +# display notice and initialize automake +AC_MSG_NOTICE([configuring AC_PACKAGE_TARNAME AC_PACKAGE_VERSION]) +AM_INIT_AUTOMAKE([1.11.2 check-news gnu std-options color-tests --warnings=all]) + +# create a config.h file (Automake will add -DHAVE_CONFIG_H) +AC_CONFIG_HEADERS([config.h]) + +# check for programs +AC_PROG_CC +AC_PROG_CPP +AC_PROG_INSTALL +AC_PROG_RANLIB +AM_PROG_CC_C_O +AC_USE_SYSTEM_EXTENSIONS +AC_PROG_LN_S +AM_PROG_AR + +# checks for tool to convert docbook to man +genman="no" +AC_PATH_PROGS(DOCBOOK2X_MAN, docbook2x-man) +AC_MSG_CHECKING([for tool to (re)generate man pages]) +if test "x${DOCBOOK2X_MAN}" != x +then + genman="${DOCBOOK2X_MAN}" +fi +AC_MSG_RESULT($genman) +AM_CONDITIONAL([GENMAN], [test "x${genman}" != "xno"]) +if test "x${genman}" = "xno" +then + AC_MSG_WARN([docbook2x-man not found: not (re)generating man pages]) +fi + +# check whether to install manual pages +AC_MSG_CHECKING([whether to install man pages]) +instman="no" +if [test "x${genman}" != "xno" || ls "${srcdir}/man/"*.? > /dev/null 2>&1] +then + instman="yes" +fi +AC_MSG_RESULT($instman) +AM_CONDITIONAL([INSTMAN], [test "x${instman}" != "xno"]) +if test "x${instman}" = "xno" +then + AC_MSG_WARN([not installing man pages (no generator and not pre-generated)]) +fi + +# check for Python and modules +AM_PATH_PYTHON(2.5,, [:]) +AM_CONDITIONAL([HAVE_PYTHON], [test "$PYTHON" != ":"]) +if test "x$PYTHON" != "x:" +then + AX_PYTHON_MODULE(argparse) +fi + +# check for debugging options +AC_ARG_ENABLE(debug, + AS_HELP_STRING([--enable-debug], + [enable extensive debugging and logging]), + [if test "x$enableval" != "xno" ; then CFLAGS="-g -DDEBUG $CFLAGS" ; fi]) + +# check for extra compiler warnings +DESIRED_CFLAGS="" +AC_ARG_ENABLE(warnings, + AS_HELP_STRING([--enable-warnings], + [enable extra compiler warnings (gcc)]), + [if test "x$enableval" != "no" + then + CFLAGS="$CFLAGS -pedantic -Wall -Wshadow -Wpointer-arith -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Waggregate-return -Wmissing-declarations -Wunused -Wformat=2 -Wswitch-default -Wswitch-enum -Wfloat-equal -Wbad-function-cast -Wredundant-decls" + DESIRED_CFLAGS="$DESIRED_CFLAGS -Wextra -Wdeclaration-after-statement -Werror-implicit-function-declaration -Werror=implicit" + fi]) +test_gcc_flag() { + AC_LANG_CONFTEST([AC_LANG_PROGRAM()]) + $CC -c conftest.c $CFLAGS $@ > /dev/null 2> /dev/null + ret=$? + rm -f conftest.o + return $ret +} +for flag in $DESIRED_CFLAGS +do + AC_MSG_CHECKING([whether $CC accepts $flag]) + if test_gcc_flag $flag + then + CFLAGS="$CFLAGS $flag" + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + fi +done + +# check for Position Independent Code compiler option +PIC_CFLAGS="" +if test "$ac_cv_c_compiler_gnu" = "yes" +then + PIC_CFLAGS="-fPIC" +else + case "$target_os" in + sysv5*) PIC_CFLAGS="-KPIC" ;; + esac +fi +AC_SUBST(PIC_CFLAGS) + +# add --disable-maintainer-mode option +AM_MAINTAINER_MODE([enable]) + +# check whether the NSS module should be built +AC_MSG_CHECKING([whether to build the NSS module]) +AC_ARG_ENABLE(nss, + AS_HELP_STRING([--disable-nss], + [build the NSS module @<:@enabled@:>@]),, + [enable_nss="yes"]) +AC_MSG_RESULT($enable_nss) +AM_CONDITIONAL([ENABLE_NSS], [test "x$enable_nss" = "xyes"]) + +# check whether the PAM module should be built +AC_MSG_CHECKING([whether to build the PAM module]) +AC_ARG_ENABLE(pam, + AS_HELP_STRING([--disable-pam], + [build the PAM module @<:@enabled@:>@]),, + [enable_pam="yes"]) +AC_MSG_RESULT($enable_pam) +AM_CONDITIONAL([ENABLE_PAM], [test "x$enable_pam" = "xyes"]) + +# check whether command-line utilities should be built +AC_MSG_CHECKING([whether to build the command-line utilities]) +AC_ARG_ENABLE(utils, + AS_HELP_STRING([--disable-utils], + [build the the command-line utilities @<:@auto@:>@]),, + [enable_utils="auto"]) +if test "x$enable_utils" = "xauto" +then + if test "x$PYTHON" != "x:" && test "$HAVE_PYMOD_ARGPARSE" = "yes" + then + enable_utils="yes" + else + enable_utils="no" + fi +fi +AC_MSG_RESULT($enable_utils) +AM_CONDITIONAL([ENABLE_UTILS], [test "x$enable_utils" = "xyes"]) + +# check whether the nslcd daemon should be built +AC_MSG_CHECKING([whether to build the nslcd daemon]) +AC_ARG_ENABLE(nslcd, + AS_HELP_STRING([--disable-nslcd], + [build the nslcd daemon @<:@enabled@:>@]),, + [enable_nslcd="yes"]) +AC_MSG_RESULT($enable_nslcd) +AM_CONDITIONAL([ENABLE_NSLCD], [test "x$enable_nslcd" = "xyes"]) + +# check whether the Python version of the nslcd daemon should be built +AC_MSG_CHECKING([whether to build the pynslcd daemon]) +AC_ARG_ENABLE(pynslcd, + AS_HELP_STRING([--enable-pynslcd], + [build the pynslcd daemon @<:@disabled@:>@]),, + [enable_pynslcd="no"]) +AC_MSG_RESULT($enable_pynslcd) +AM_CONDITIONAL([ENABLE_PYNSLCD], [test "x$enable_pynslcd" = "xyes"]) +if test "x$enable_pynslcd" = "xyes" +then + AC_MSG_WARN([the pynslcd daemon is experimental]) +fi + +# check whether SASL support should be enabled +AC_MSG_CHECKING([whether to enable SASL support]) +AC_ARG_ENABLE(sasl, + AS_HELP_STRING([--disable-sasl], + [disable SASL support @<:@enabled@:>@]), + [enable_sasl=$enableval], + [enable_sasl="yes"]) +AC_MSG_RESULT($enable_sasl) + +# check whether Kerberos support should be enabled +AC_MSG_CHECKING([whether to enable Kerberos support]) +AC_ARG_ENABLE(kerberos, + AS_HELP_STRING([--disable-kerberos], + [disable Kerberos support @<:@enabled@:>@]), + [enable_kerberos=$enableval], + [enable_kerberos="yes"]) +AC_MSG_RESULT($enable_kerberos) + +# check whether configfile options should be checked +AC_MSG_CHECKING([whether to check configfile options]) +AC_ARG_ENABLE(configfile_checking, + AS_HELP_STRING([--disable-configfile-checking], + [check configfile options @<:@enabled@:>@]), + [configfile_checking=$enableval], + [configfile_checking="yes"]) +AC_MSG_RESULT($configfile_checking) +if test "x$configfile_checking" = "xyes" +then + AC_DEFINE(ENABLE_CONFIGFILE_CHECKING, 1 ,[Whether to check configfile options.]) +fi + +# check the name of the configuration file +AC_ARG_WITH(ldap-conf-file, + AS_HELP_STRING([--with-ldap-conf-file=PATH], + [path to nslcd configuration file @<:@/etc/nslcd.conf@:>@]), + [ NSLCD_CONF_PATH="$with_ldap_conf_file" ], + [ NSLCD_CONF_PATH="/etc/nslcd.conf" ]) +AC_DEFINE_UNQUOTED(NSLCD_CONF_PATH, "$NSLCD_CONF_PATH", [Path to nslcd configuration file.]) +AC_SUBST(NSLCD_CONF_PATH) + +# check the name of the file with a bindpw value +AC_ARG_WITH(bindpw-file, + AS_HELP_STRING([--with-bindpw-file=PATH], + [path to file with value for bindpw @<:@disabled@:>@]), + [ NSLCD_BINDPW_PATH="$with_bindpw_file" + AC_DEFINE_UNQUOTED(NSLCD_BINDPW_PATH, "$NSLCD_BINDPW_PATH", [Path to bindpw value.]) + AC_SUBST(NSLCD_BINDPW_PATH) + ]) + +# where should the pidfile be written +AC_ARG_WITH(nslcd-pidfile, + AS_HELP_STRING([--with-nslcd-pidfile=PATH], + [path to pidfile @<:@/var/run/nslcd/nslcd.pid@:>@]), + [ NSLCD_PIDFILE="$with_nslcd_pidfile" ], + [ NSLCD_PIDFILE="/var/run/nslcd/nslcd.pid" ]) +AC_DEFINE_UNQUOTED(NSLCD_PIDFILE, "$NSLCD_PIDFILE", [The location of the pidfile used for checking availability of the nslcd.]) +AC_SUBST(NSLCD_PIDFILE) + +# where is the socket used for communication +AC_ARG_WITH(nslcd-socket, + AS_HELP_STRING([--with-nslcd-socket=PATH], + [path to socket @<:@/var/run/nslcd/socket@:>@]), + [ NSLCD_SOCKET="$with_nslcd_socket" ], + [ NSLCD_SOCKET="/var/run/nslcd/socket" ]) +AC_DEFINE_UNQUOTED(NSLCD_SOCKET, "$NSLCD_SOCKET", [The location of the socket used for communicating.]) +AC_SUBST(NSLCD_SOCKET) + +# the directory PAM librabries are expected to be placed into +AC_MSG_CHECKING([location for PAM module]) +AC_ARG_WITH(pam-seclib-dir, + AS_HELP_STRING([--with-pam-seclib-dir=PAM_SECLIB_DIR], + [path to PAM security library @<:@auto@:>@]), + [ PAM_SECLIB_DIR="$with_pam_seclib_dir" ], + [ PAM_SECLIB_DIR="auto" ]) +if test "x$PAM_SECLIB_DIR" = "xauto" +then + case "$target_os" in + solaris*) PAM_SECLIB_DIR="/usr/lib/security" ;; + freebsd*|dragonfly*) PAM_SECLIB_DIR="/usr/lib" ;; + *) PAM_SECLIB_DIR="/lib/security" ;; + esac +fi +AC_MSG_RESULT($PAM_SECLIB_DIR) +AC_DEFINE_UNQUOTED(PAM_SECLIB_DIR, "$PAM_SECLIB_DIR", [path to PAM security library]) +AC_SUBST(PAM_SECLIB_DIR) + +# the name to use for the NSS module +AC_MSG_CHECKING([name of NSS and PAM modules]) +AC_ARG_WITH(module-name, + AS_HELP_STRING([--with-module-name=NAME], + [name of NSS and PAM modules @<:@ldap@:>@]), + [ MODULE_NAME="$with_module_name" ], + [ MODULE_NAME="ldap" ]) + # FIXME: this does not work +AC_MSG_RESULT($MODULE_NAME) +AC_DEFINE_UNQUOTED(MODULE_NAME, "$MODULE_NAME", [The name of the NSS and PAM modules.]) +AC_DEFINE_UNQUOTED(NSS_NAME(NAME), [_nss_${MODULE_NAME}_##NAME], [Expand to NSS symbol name.]) +AC_DEFINE_UNQUOTED(PAM_NAME(NAME), [_pam_${MODULE_NAME}_##NAME], [Expand to PAM symbol name.]) +AC_SUBST(MODULE_NAME) + +# the SONAME to use for the NSS module +AC_MSG_CHECKING([soname of NSS module]) +AC_ARG_WITH(nss-ldap-soname, + AS_HELP_STRING([--with-nss-ldap-soname=SONAME], + [name of NSS module @<:@auto@:>@]), + [ NSS_LDAP_SONAME="$with_nss_ldap_soname" ], + [ NSS_LDAP_SONAME="auto" ]) +if test "x$NSS_LDAP_SONAME" = "xauto" +then + case "$target_os" in + solaris*) NSS_LDAP_SONAME="nss_$MODULE_NAME.so.1" ;; + freebsd*|dragonfly*) NSS_LDAP_SONAME="nss_$MODULE_NAME.so.1" ;; + *) NSS_LDAP_SONAME="libnss_$MODULE_NAME.so.2" ;; + esac +fi +AC_MSG_RESULT($NSS_LDAP_SONAME) +AC_DEFINE_UNQUOTED(NSS_LDAP_SONAME, "$NSS_LDAP_SONAME", [The SONAME of the NSS library module.]) +AC_SUBST(NSS_LDAP_SONAME) + +# the SONAME to use for the PAM module +AC_MSG_CHECKING([soname of PAM module]) +AC_ARG_WITH(pam-ldap-soname, + AS_HELP_STRING([--with-pam-ldap-soname=SONAME], + [name of PAM module @<:@auto@:>@]), + [ PAM_LDAP_SONAME="$with_pam_ldap_soname" ], + [ PAM_LDAP_SONAME="auto" ]) +if test "x$PAM_LDAP_SONAME" = "xauto" +then + case "$target_os" in + solaris*) PAM_LDAP_SONAME="pam_$MODULE_NAME.so.1" ;; + *) PAM_LDAP_SONAME="pam_$MODULE_NAME.so" ;; + esac +fi +AC_MSG_RESULT($PAM_LDAP_SONAME) +AC_SUBST(PAM_LDAP_SONAME) + +# check which modules should be build +AC_ARG_WITH(nss-maps, + AS_HELP_STRING([--with-nss-maps=MAP LIST], + [comma separated list of NSS maps to build @<:@all@:>@]),, + [ with_nss_maps="all" ]) + +# checks for availability of header files +AC_CHECK_HEADERS([ctype.h strings.h pthread.h pthread_np.h fcntl.h limits.h]) +AC_CHECK_HEADERS([nss.h nss_common.h grp.h shadow.h aliases.h netdb.h rpc/rpcent.h]) +AC_CHECK_HEADERS([netinet/ether.h arpa/inet.h netinet/in.h]) +AC_CHECK_HEADERS([nsswitch.h nss_dbdefs.h]) +AC_CHECK_HEADERS([sys/socket.h sys/un.h sys/ucred.h ucred.h sys/param.h sys/time.h]) +AC_CHECK_HEADERS([getopt.h syslog.h stddef.h]) + +# other general checks +AC_C_INLINE +AC_C_CONST + +# checks for availability of common functions +AC_CHECK_FUNCS([sigaction snprintf]) +AC_SEARCH_LIBS(socket, socket) +AC_CHECK_FUNCS([strcasecmp strncasecmp strchr strcspn strspn strtol strtoul strtoull strndup]) +AC_CHECK_FUNCS([malloc realloc atexit]) +AC_FUNC_FORK +AC_CHECK_FUNCS(__assert_fail) +AC_SEARCH_LIBS(clock_gettime, rt) +AC_CHECK_FUNCS([setusershell getusershell endusershell getgrouplist]) +AC_CHECK_DECLS([setusershell, getusershell, endusershell]) + +# checks for types +AC_TYPE_MODE_T +AC_TYPE_SIZE_T +AC_TYPE_UID_T +AC_TYPE_PID_T +AC_TYPE_INT32_T +AC_TYPE_UINT8_T +AC_TYPE_UINT16_T +AC_TYPE_UINT32_T +AC_CHECK_SIZEOF(unsigned int) +AC_CHECK_SIZEOF(unsigned long int) +AC_CHECK_SIZEOF(unsigned long long int) +AC_CHECK_SIZEOF(uid_t) +AC_CHECK_SIZEOF(gid_t) +AX_TLS() +AC_CHECK_TYPES(suseconds_t) + +# check for support for the struct ether_addr structure +AC_CHECK_TYPES(struct ether_addr,,, [ + #include + #include + #include + #include + #include + #ifdef HAVE_NETINET_ETHER_H + #include + #endif]) + +# check for ether_aton and ether_ntoa functions +AC_CHECK_FUNCS(ether_aton ether_ntoa ether_aton_r ether_ntoa_r) +AC_CHECK_DECLS([ether_aton, ether_ntoa],,, [ + #include + #include + #include + #include + #include + #ifdef HAVE_NETINET_ETHER_H + #include + #endif]) + +# check to see if socklen_t is defined +AC_CHECK_TYPE(socklen_t,, + AC_DEFINE(socklen_t, size_t, [Define to `size_t' if not defined elswhere.]), [ + #include + #include ]) + +# check the return type of setnetgrent() +AC_CACHE_CHECK( + [return type of setnetgrent], + nss_pam_ldapd_cv_setnetgrent_type, + [AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM([[ + #include + ]], [[ + return setnetgrent(0); + ]])], + [nss_pam_ldapd_cv_setnetgrent_type=int], + [nss_pam_ldapd_cv_setnetgrent_type=void]) ]) +if test "x$nss_pam_ldapd_cv_setnetgrent_type" = "xvoid" +then + AC_DEFINE(SETNETGRENT_RETURNS_VOID, 1, + [Define to 1 if setnetgrent() returns void.]) +fi + +# NSS module-specific tests +if test "x$enable_nss" = "xyes" +then + # save CFLAGS and LIBS to restore later + nss_save_CFLAGS="$CFLAGS" + nss_save_LIBS="$LIBS" + + # check for a definition of struct aliasent + AC_CHECK_TYPES(struct aliasent,,, [ + #ifdef HAVE_ALIASES_H + #include + #endif]) + + # check for a definition of struct etherent + AC_CHECK_TYPES(struct etherent,,, [ + #include + #include + #include + #include + #ifdef HAVE_NETINET_ETHER_H + #include + #endif]) + + # check if struct passwd has a pw_class member + AC_CHECK_MEMBERS([struct passwd.pw_class],,, [ + #include ]) + + # check for a definition of struct rpcent + AC_CHECK_TYPES(struct rpcent,,, [ + #include + #ifdef HAVE_RPC_RPCENT_H + #include + #endif]) + + # check for a definition of struct spwd + AC_CHECK_TYPES(struct spwd,,, [ + #ifdef HAVE_NSS_H + #include + #endif + #ifdef HAVE_NSS_COMMON_H + #include + #endif + #include + #ifdef HAVE_SHADOW_H + #include + #endif]) + + # check for a definition of enum nss_status and nss_backend_t + AC_CHECK_TYPES([enum nss_status, nss_backend_t],,, [ + #ifdef HAVE_NSS_H + #include + #endif + #ifdef HAVE_NSS_COMMON_H + #include + #endif + #ifdef HAVE_NSS_DBDEFS_H + #include + #endif + #ifdef HAVE_NSSWITCH_H + #include + #endif]) + + # check if struct nss_XbyY_args has a returnlen attribute + AC_CHECK_MEMBERS([struct nss_XbyY_args.returnlen],,, [[ + #ifdef HAVE_NSS_H + #include + #endif + #ifdef HAVE_NSS_COMMON_H + #include + #endif + #ifdef HAVE_NSS_DBDEFS_H + #include + #endif + #ifdef HAVE_NSSWITCH_H + #include + #endif]]) + + # check which NSS flavour to build + AC_MSG_CHECKING([which NSS flavour to build]) + AC_ARG_WITH(nss-flavour, + AS_HELP_STRING([--with-nss-flavour=auto|glibc|solaris|freebsd], + [the libc flavour to build our NSS module for @<:@auto@:>@]),, + with_nss_flavour=auto) + if test "x$with_nss_flavour" = "xauto" + then + # do the guessing game + case "$target_os" in + solaris*) with_nss_flavour=solaris ;; + freebsd*|dragonfly*) with_nss_flavour=freebsd ;; + *) with_nss_flavour=glibc ;; + esac + fi + AC_MSG_RESULT($with_nss_flavour) + case "$with_nss_flavour" in + glibc) AC_DEFINE(NSS_FLAVOUR_GLIBC, 1, [Whether to use the Glibc NSS interface flavour.]) ;; + solaris) AC_DEFINE(NSS_FLAVOUR_SOLARIS, 1, [Whether to use the Solaris NSS interface flavour.]) ;; + freebsd) AC_DEFINE(NSS_FLAVOUR_FREEBSD, 1, [Whether to use the FreeBSD NSS interface flavour.]) ;; + esac + NSS_FLAVOUR="$with_nss_flavour" + AC_SUBST(NSS_FLAVOUR) + + # check which module source files to use + AC_MSG_CHECKING([which NSS maps to build]) + if test "x$with_nss_maps" = "xall" + then + case "$with_nss_flavour" in + glibc) with_nss_maps="aliases,ethers,group,hosts,netgroup,networks,passwd,protocols,rpc,services,shadow" ;; + solaris) with_nss_maps="ethers,group,hosts,netgroup,networks,passwd,protocols,rpc,services,shadow" ;; + freebsd) with_nss_maps="group,hosts,passwd" ;; + esac + fi + AC_MSG_RESULT($with_nss_maps) + NSS_MODULE_OBJS="$(echo "$with_nss_maps " | sed 's/,/ /g;s/ */.$(OBJEXT) /g')" + AC_SUBST(NSS_MODULE_OBJS) + + # find out how to link the library + nss_ldap_so_LINK="\$(CCLD) \$(AM_CFLAGS) \$(CFLAGS) \$(nss_ldap_so_LDFLAGS) \$(LDFLAGS) -o \$@" + case "$target_os" in + solaris*) + if test "x$GCC" = xyes + then + nss_ldap_so_LINK="/usr/ccs/bin/ld -Bdirect -z nodelete -Bdynamic -M exports.map -G -o \$@" + else + nss_ldap_so_LDFLAGS="-Wl,-Bdirect -Wl,-z,nodelete -Wl,-Bdynamic -Wl,-M,exports.map -Wl,-G" + fi + ;; + *) + nss_ldap_so_LDFLAGS="-shared -Wl,-h,\$(NSS_LDAP_SONAME) -Wl,--version-script,exports.map" + ;; + esac + AC_SUBST(nss_ldap_so_LDFLAGS) + AC_SUBST(nss_ldap_so_LINK) + + # restore CFLAGS and LIBS + CFLAGS="$nss_save_CFLAGS" + LIBS="$nss_save_LIBS" +fi + +# PAM module-specific tests +if test "x$enable_pam" = "xyes" +then + # save CFLAGS and LIBS to restore later + pam_save_CFLAGS="$CFLAGS" + pam_save_LIBS="$LIBS" + + # check for headers + AC_CHECK_HEADERS(security/pam_appl.h) + AC_CHECK_HEADERS(security/pam_modules.h,,, [ + #ifdef HAVE_SECURITY_PAM_APPL_H + #include + #endif + ]) + AC_CHECK_HEADERS(pam/pam_modules.h) + AC_CHECK_HEADERS(security/pam_ext.h) + AC_CHECK_HEADERS(security/pam_modutil.h) + + # at least one of security/pam_modules.h or pam/pam_modules.h is required + if test "x$ac_cv_header_security_pam_modules_h" != "xyes" && \ + test "x$ac_cv_header_pam_pam_modules_h" != "xyes" + then + AC_MSG_ERROR(PAM header files are missing) + fi + + # find pam library + AC_SEARCH_LIBS(pam_get_data, pam,, AC_MSG_ERROR(no PAM library available)) + + # replace some PAM functions if they are unavailable + AC_REPLACE_FUNCS(pam_get_authtok pam_prompt) + AC_CHECK_FUNCS(pam_modutil_getpwnam pam_syslog) + AC_CHECK_DECLS([pam_info, pam_error],,, [ + #ifdef HAVE_SECURITY_PAM_APPL_H + #include + #endif + #ifndef HAVE_PAM_PAM_MODULES_H + #include + #ifdef HAVE_SECURITY_PAM_EXT_H + #include + #endif + #else + #include + #endif + #ifdef HAVE_SECURITY_PAM_MODUTIL_H + #include + #endif]) + + # find out how to link the library + pam_ldap_so_LINK="\$(CCLD) \$(AM_CFLAGS) \$(CFLAGS) \$(pam_ldap_so_LDFLAGS) \$(LDFLAGS) -o \$@" + case "$target_os" in + solaris*) + if test "x$GCC" = xyes + then + pam_ldap_so_LINK="/usr/ccs/bin/ld -Bdirect -z nodelete -Bdynamic -M \$(srcdir)/pam_ldap.map -G -o \$@" + else + pam_ldap_so_LDFLAGS="-shared -Wl,-Bdirect -Wl,-z,nodelete -Wl,-Bdynamic -Wl,-M,\$(srcdir)/pam_ldap.map -Wl,-G" + fi + ;; + *) + pam_ldap_so_LDFLAGS="-shared -Wl,--version-script,\$(srcdir)/pam_ldap.map" + ;; + esac + AC_SUBST(pam_ldap_so_LDFLAGS) + AC_SUBST(pam_ldap_so_LINK) + + # check argument type of pam_get_item() + AC_CACHE_CHECK( + [argument type of pam_get_item], + nss_pam_ldapd_cv_pam_get_item_arg3_type, + [AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM([[ + #ifdef HAVE_SECURITY_PAM_APPL_H + #include + #endif + #ifndef HAVE_PAM_PAM_MODULES_H + #include + #ifdef HAVE_SECURITY_PAM_EXT_H + #include + #endif + #else + #include + #endif + #ifdef HAVE_SECURITY_PAM_MODUTIL_H + #include + #endif + extern int pam_get_item(const pam_handle_t *pamh, int item_type, const void **item); + ]], [])], + [nss_pam_ldapd_cv_pam_get_item_arg3_type="const void **"], + [nss_pam_ldapd_cv_pam_get_item_arg3_type="void **"]) ]) + PAM_ITEM_CONST="" + if test "$nss_pam_ldapd_cv_pam_get_item_arg3_type" = "const void **" + then + PAM_ITEM_CONST="const" + fi + AC_DEFINE_UNQUOTED(PAM_ITEM_CONST, [$PAM_ITEM_CONST], + [Define to empty if pam_get_item() doesn't take `const` parameter.]) + + # restore CFLAGS and LIBS + CFLAGS="$pam_save_CFLAGS" + LIBS="$pam_save_LIBS" +fi + +# utils-specific tests +if test "x$enable_utils" = "xyes" +then + # check Python interpreter + AM_PATH_PYTHON(2.5,, AC_MSG_ERROR([Python is required])) + AX_PYTHON_MODULE(argparse) + if test "x$HAVE_PYMOD_ARGPARSE" != "xyes" + then + AC_MSG_WARN(Required Python modules missing) + fi +fi + +# nslcd daemon-specific tests +if test "x$enable_nslcd" = "xyes" +then + # save CFLAGS and LIBS to restore later + nslcd_save_CFLAGS="$CFLAGS" + nslcd_save_LIBS="$LIBS" + + # check header files + AC_CHECK_HEADERS(lber.h) + AC_CHECK_HEADERS(ldap.h,, test "x$enable_nslcd" = "xyes" && AC_MSG_ERROR([could not locate ]), [ + #if HAVE_LBER_H + #include + #endif + ]) + AC_CHECK_HEADERS(ldap_ssl.h) + AC_CHECK_HEADERS(gssldap.h) + if test "x$enable_sasl" = "xyes" + then + AC_CHECK_HEADERS(sasl.h sasl/sasl.h) + AC_CHECK_HEADERS(gsssasl.h) + fi + if test "x$enable_kerberos" = "xyes" + then + AC_CHECK_HEADERS(gssapi/gssapi.h gssapi/gssapi_generic.h gssapi/gssapi_krb5.h gssapi.h krb5.h) + fi + AC_CHECK_HEADERS(regex.h) + + # checks for availability of system libraries for nslcd + AC_SEARCH_LIBS(gethostbyname, nsl socket) + AC_SEARCH_LIBS(hstrerror, resolv) + AC_SEARCH_LIBS(dlopen, dl) + + # check for availability of functions + AC_CHECK_FUNCS(initgroups setgroups execvp execvpe) + AC_CHECK_FUNCS(getpeereid) + AC_CHECK_FUNCS(getpeerucred) + AC_CHECK_FUNCS(__nss_configure_lookup) + AC_CHECK_FUNCS(getenv putenv clearenv) + AC_CHECK_FUNCS(dlopen dlsym dlerror) + AC_CHECK_FUNCS(regcomp regexec regerror) + AC_CHECK_FUNCS(hstrerror) + + # replace some functions if they are not on the system + AC_REPLACE_FUNCS(getopt_long) + AC_REPLACE_FUNCS(strndup) + + # replace ether_aton_r() if not found + AC_CHECK_FUNCS(ether_aton_r,, [AC_LIBOBJ(ether)]) + + # check to see if struct sockaddr_storage is defined + AC_CHECK_TYPE(struct sockaddr_storage,, + AC_DEFINE(sockaddr_storage, sockaddr_in, [Define to `sockaddr_in' if not defined elsewhere.]), [ + #include + #include ]) + + # check for support for the struct ucred structure + AC_CHECK_TYPE(struct ucred, + AC_DEFINE(HAVE_STRUCT_UCRED, 1, [Define to 1 if you have a `struct ucred' definition.]),, [ + #include + #include + #include ]) + + # check threading stuff + AX_PTHREAD(, AC_MSG_ERROR([no support for pthreads])) + pthread_save_CFLAGS="$CFLAGS" + pthread_save_LIBS="$LIBS" + CFLAGS="$CFLAGS $PTHREAD_CFLAGS" + LIBS="$LIBS $PTHREAD_LIBS" + AC_CHECK_FUNCS([pthread_mutex_lock pthread_join pthread_timedjoin_np pthread_atfork]) + CFLAGS="$pthread_save_CFLAGS" + LIBS="$pthread_save_LIBS" + + # also use deprecated LDAP functions + AC_DEFINE(LDAP_DEPRECATED, 1, Define to activate deprecated features in OpenLDAP) + # for compatibility on Solaris + AC_DEFINE(LDAP_REFERRALS, 1, Define to get some functions on Solaris) + + # search for an LDAP library (only OpenLDAP is tested) + AC_ARG_WITH(ldap-lib, + AS_HELP_STRING([--with-ldap-lib=TYPE], + [select ldap library (auto|netscape5|netscape4|netscape3|umich|openldap) @<:@auto@:>@])) + if test -z "$with_ldap_lib" + then + with_ldap_lib=auto + fi + if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = umich -o $with_ldap_lib = openldap \) + then + AC_SEARCH_LIBS(ldap_search_ext, [ldap_r ldap], found_ldap_lib=yes,, ) + fi + if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = netscape5 \) + then + AC_CHECK_LIB(ldap50, main, LIBS="-lldap50 -lssldap50 -lssl3 -lnss3 -lnspr4 -lprldap50 -lplc4 -lplds4 $LIBS" found_ldap_lib=yes,, -lpthread) + fi + if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = netscape4 \) + then + AC_CHECK_LIB(ldapssl41, main, LIBS="-lldapssl41 -lplc3 -lplds3 -lnspr3 $LIBS" found_ldap_lib=yes,, -lpthread) + if test -z "$found_ldap_lib" + then + AC_CHECK_LIB(ldapssl40, main, LIBS="-lldapssl40 $LIBS" found_ldap_lib=yes,, -lpthread) + fi + if test -z "$found_ldap_lib" + then + AC_CHECK_LIB(ldap41, main, LIBS="-lldap41 $LIBS" found_ldap_lib=yes,, ) + fi + if test -z "$found_ldap_lib" + then + AC_CHECK_LIB(ldap40, main, LIBS="-lldap40 $LIBS" found_ldap_lib=yes,, ) + fi + fi + if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = netscape3 \) + then + AC_CHECK_LIB(ldapssl30, main, LIBS="-lldapssl30 $LIBS" found_ldap_lib=yes,, -lpthread) + fi + AC_CHECK_FUNCS(ldap_search_ext,, AC_MSG_ERROR([could not locate a valid LDAP library])) + + # see if we need a BER library + AC_SEARCH_LIBS(ber_bvfree, lber) + + # check for extra SASL libraries + if test "$enable_sasl" = "yes" + then + AC_CHECK_TYPE(sasl_interact_t, + AC_DEFINE(HAVE_SASL_INTERACT_T, 1, [Define to 1 if you have a `sasl_interact_t' definition.]),, [ + #ifdef HAVE_SASL_SASL_H + #include + #elif defined(HAVE_SASL_H) + #include + #endif]) + AC_SEARCH_LIBS(ldap_sasl_interactive_bind_s, sasl2) + AC_CHECK_FUNCS(ldap_sasl_interactive_bind_s) + fi + + # check for extra Kerberos libraries + if test "$enable_kerberos" = "yes" + then + AC_SEARCH_LIBS(gss_krb5_ccache_name, gssapi gssapi_krb5) + AC_CHECK_FUNCS(gss_krb5_ccache_name) + + # save CFLAGS and LIBS to restore later + krb5_save_CFLAGS="$CFLAGS" + krb5_save_LIBS="$LIBS" + + # find library that contains krb5_is_thread_safe + AC_SEARCH_LIBS(krb5_sendauth, [krb5 'krb5 -lcrypto -ldes -lasn1 -lroken']) + AC_CHECK_FUNCS(krb5_is_thread_safe) + + # see if krb5 is thread safe + if test "x$ac_cv_func_krb5_is_thread_safe" == "xyes" + then + AC_CACHE_CHECK( + [krb5 thread safety], + nslcd_cv_krb5_is_thread_safe, + [AC_RUN_IFELSE( + [AC_LANG_PROGRAM([[ + #include + ]], [[ + if (!krb5_is_thread_safe()) + return 1; + ]])], + [nslcd_cv_krb5_is_thread_safe=yes], + [nslcd_cv_krb5_is_thread_safe=no], + [nslcd_cv_krb5_is_thread_safe=unknown])]) + if test "x$nslcd_cv_krb5_is_thread_safe" == "xno" + then + AC_MSG_WARN([krb5 is NOT thread safe]) + fi + fi + + # restore CFLAGS and LIBS because we don't directly use krb5 + CFLAGS="$krb5_save_CFLAGS" + LIBS="$krb5_save_LIBS" + + fi + + # check for ldap function availability + AC_CHECK_FUNCS(ber_bvfree ber_free ber_set_option ber_get_enum) + AC_CHECK_FUNCS(ldap_initialize ldap_start_tls_s) + AC_CHECK_FUNCS(ldap_get_option ldap_set_option ldap_set_rebind_proc) + AC_CHECK_FUNCS(ldap_simple_bind_s ldap_sasl_bind ldap_sasl_bind_s ldap_unbind) + AC_CHECK_FUNCS(ldap_search_ext ldap_modify_ext_s ldap_extended_operation_s) + AC_CHECK_FUNCS(ldap_explode_dn ldap_explode_rdn) + AC_CHECK_FUNCS(ldap_domain2hostlist ldap_domain2dn) + AC_CHECK_FUNCS(ldap_result ldap_parse_result ldap_msgfree ldap_memfree) + AC_CHECK_FUNCS(ldap_get_dn ldap_first_attribute ldap_next_attribute) + AC_CHECK_FUNCS(ldap_get_values ldap_value_free) + AC_CHECK_FUNCS(ldap_get_values_len ldap_count_values_len ldap_value_free_len) + AC_CHECK_FUNCS(ldap_err2string ldap_abandon) + AC_CHECK_FUNCS(ldap_control_create ldap_create_control ldap_control_find) + AC_CHECK_FUNCS(ldap_controls_free ldap_control_free ldap_get_entry_controls) + AC_CHECK_FUNCS(ldap_parse_passwordpolicy_control ldap_passwordpolicy_err2txt) + AC_CHECK_FUNCS(ldap_create_deref_control ldap_create_deref_control_value) + AC_CHECK_FUNCS(ldap_parse_deref_control ldap_derefresponse_free) + + # replace ldap_create_page_control() and ldap_parse_page_control() + AC_CHECK_FUNCS(ldap_create_page_control ldap_parse_page_control,, [AC_LIBOBJ(pagectrl)]) + AC_CHECK_DECLS(ldap_extended_operation_s,,, [ + #if HAVE_LBER_H + #include + #endif + #include ]) + + # replace other ldap functions + AC_REPLACE_FUNCS(ldap_passwd_s) + AC_REPLACE_FUNCS(ldap_initialize) + AC_REPLACE_FUNCS(ldap_parse_passwordpolicy_control) + AC_REPLACE_FUNCS(ldap_passwordpolicy_err2txt) + + # check the number of arguments that ldap_set_rebind_proc() uses + AC_CACHE_CHECK( + [number of arguments to ldap_set_rebind_proc], + nss_ldapd_cv_ldap_set_rebind_proc_args, + [AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM([[ + #include + #include + ]], [[ + ldap_set_rebind_proc(0, 0, 0); + ]])], + [nss_ldapd_cv_ldap_set_rebind_proc_args=3], + [nss_ldapd_cv_ldap_set_rebind_proc_args=2]) ]) + AC_DEFINE_UNQUOTED(LDAP_SET_REBIND_PROC_ARGS, $nss_ldapd_cv_ldap_set_rebind_proc_args, + [Define to the number of arguments to ldap_set_rebindproc.]) + + # check the return type of ldap_set_rebind_proc() + AC_CACHE_CHECK( + [return type of ldap_set_rebind_proc], + nss_ldapd_cv_ldap_set_rebind_proc_type, + [AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM([[ + #include + #include + ]], [[ + #if LDAP_SET_REBIND_PROC_ARGS == 3 + return ldap_set_rebind_proc(0, 0, 0); + #else + return ldap_set_rebind_proc(0, 0); + #endif + ]])], + [nss_ldapd_cv_ldap_set_rebind_proc_type=int], + [nss_ldapd_cv_ldap_set_rebind_proc_type=void]) ]) + if test "x$nss_ldapd_cv_ldap_set_rebind_proc_type" = "xvoid" + then + AC_DEFINE(LDAP_SET_REBIND_PROC_RETURNS_VOID, 1, + [Define to 1 if ldap_set_rebind_proc() returns void.]) + fi + + # check for broken implementations of ldap_create_deref_control() + if test "x$ac_cv_func_ldap_create_deref_control" = "xyes" + then + # this bug cannot be determined on compile time so we run a + # small test program + AC_CACHE_CHECK( + [ldap_create_deref_control() implementation], + nslcd_cv_ldap_create_deref_control_working, + [AC_RUN_IFELSE( + [AC_LANG_PROGRAM([[ + #include + #include + #include + ]], [[ + int rc; + LDAP *ld; + LDAPControl *ctrls[2] = {NULL, NULL}; + struct LDAPDerefSpec ds[2]; + char *attrs[2] = {"uid", NULL}; + ld = ldap_init("localhost", LDAP_PORT); + if (ld == NULL) + { + fprintf(stderr, "ldap_init() failed\n"); + return 2; + } + ds[0].derefAttr = "member"; + ds[0].attributes = attrs; + ds[1].derefAttr = NULL; + rc = ldap_create_deref_control(ld, ds, 0, &ctrls[0]); + if (rc != LDAP_SUCCESS) + { + fprintf(stderr, "ldap_create_deref_control() failed: %s\n", + ldap_err2string(rc)); + return 2; + } + if (ldap_control_find(LDAP_CONTROL_X_DEREF, ctrls, NULL) != NULL) + return 0; + if (ldap_control_find(LDAP_CONTROL_PAGEDRESULTS, ctrls, NULL) != NULL) + { + fprintf(stderr, "ldap_create_deref_control() created LDAP_CONTROL_PAGEDRESULTS control\n"); + return 3; + } + fprintf(stderr, "ldap_create_deref_control() created unknown control\n"); + return 2; + ]])], + [nslcd_cv_ldap_create_deref_control_working=ok], + [if test "$?" -eq 3; then nslcd_cv_ldap_create_deref_control_working=broken + else nslcd_cv_ldap_create_deref_control_working=unknown; fi], + [nslcd_cv_ldap_create_deref_control_working=cross])]) + if test "x$nslcd_cv_ldap_create_deref_control_working" != "xok" + then + AC_MSG_NOTICE([using replacement ldap_create_deref_control()]) + AC_LIBOBJ(derefctrl) + AC_DEFINE(REPLACE_LDAP_CREATE_DEREF_CONTROL, 1, + [Define to 1 if ldap_create_deref_control() is broken.]) + fi + fi + + # save nslcd LIBS and CFLAGS and restore originals + nslcd_CFLAGS="$CFLAGS" + nslcd_LIBS="$LIBS" + CFLAGS="$nslcd_save_CFLAGS" + LIBS="$nslcd_save_LIBS" + + AC_SUBST(nslcd_LIBS) +fi + +# pynslcd-specific tests +if test "x$enable_pynslcd" = "xyes" +then + # check Python interpreter + AM_PATH_PYTHON(2.5,, AC_MSG_ERROR([Python is required])) + AX_PYTHON_MODULE(daemon) + AX_PYTHON_MODULE(fcntl) + AX_PYTHON_MODULE(fnmatch) + AX_PYTHON_MODULE(ldap) + AX_PYTHON_MODULE(sqlite3) + # required by ldap.controls.ppolicy: + AX_PYTHON_MODULE(pyasn1) + AX_PYTHON_MODULE(pyasn1_modules) + if test "x$HAVE_PYMOD_DAEMON" != "xyes" || \ + test "x$HAVE_PYMOD_FCNTL" != "xyes" || \ + test "x$HAVE_PYMOD_FNMATCH" != "xyes" || \ + test "x$HAVE_PYMOD_LDAP" != "xyes" || \ + test "x$HAVE_PYMOD_SQLITE3" != "xyes" || \ + test "x$HAVE_PYMOD_PYASN1" != "xyes" || \ + test "x$HAVE_PYMOD_PYASN1_MODULES" != "xyes" + then + AC_MSG_WARN(Required Python modules missing) + fi + # optional modules + AX_PYTHON_MODULE(setproctitle) +fi + +AM_CONDITIONAL([NSS_FLAVOUR_GLIBC], [test "x${with_nss_flavour}" = xglibc]) +AM_CONDITIONAL([NSS_FLAVOUR_SOLARIS], [test "x${with_nss_flavour}" = xsolaris]) +AM_CONDITIONAL([NSS_FLAVOUR_FREEBSD], [test "x${with_nss_flavour}" = xfreebsd]) + +# generate files +AC_CONFIG_FILES([Makefile compat/Makefile common/Makefile nss/Makefile + pam/Makefile utils/Makefile nslcd/Makefile pynslcd/Makefile + man/Makefile tests/Makefile]) +AC_CONFIG_FILES([pynslcd/constants.py], [[ +( + echo '' + echo '# The following is automatically generated from nslcd.h.' + echo '# See that file for details.' + echo '' + sed -n 's| */\*.*\*/ *||;s/^.define *\(NSLCD_[A-Z_]*\) */\1 = /p' "$srcdir"/nslcd.h +) >> pynslcd/constants.py]]) +AC_OUTPUT diff --git a/depcomp b/depcomp new file mode 100755 index 0000000..b39f98f --- /dev/null +++ b/depcomp @@ -0,0 +1,791 @@ +#! /bin/sh +# depcomp - compile a program generating dependencies as side-effects + +scriptversion=2016-01-11.22; # UTC + +# Copyright (C) 1999-2017 Free Software Foundation, Inc. + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# Originally written by Alexandre Oliva . + +case $1 in + '') + echo "$0: No command. Try '$0 --help' for more information." 1>&2 + exit 1; + ;; + -h | --h*) + cat <<\EOF +Usage: depcomp [--help] [--version] PROGRAM [ARGS] + +Run PROGRAMS ARGS to compile a file, generating dependencies +as side-effects. + +Environment variables: + depmode Dependency tracking mode. + source Source file read by 'PROGRAMS ARGS'. + object Object file output by 'PROGRAMS ARGS'. + DEPDIR directory where to store dependencies. + depfile Dependency file to output. + tmpdepfile Temporary file to use when outputting dependencies. + libtool Whether libtool is used (yes/no). + +Report bugs to . +EOF + exit $? + ;; + -v | --v*) + echo "depcomp $scriptversion" + exit $? + ;; +esac + +# Get the directory component of the given path, and save it in the +# global variables '$dir'. Note that this directory component will +# be either empty or ending with a '/' character. This is deliberate. +set_dir_from () +{ + case $1 in + */*) dir=`echo "$1" | sed -e 's|/[^/]*$|/|'`;; + *) dir=;; + esac +} + +# Get the suffix-stripped basename of the given path, and save it the +# global variable '$base'. +set_base_from () +{ + base=`echo "$1" | sed -e 's|^.*/||' -e 's/\.[^.]*$//'` +} + +# If no dependency file was actually created by the compiler invocation, +# we still have to create a dummy depfile, to avoid errors with the +# Makefile "include basename.Plo" scheme. +make_dummy_depfile () +{ + echo "#dummy" > "$depfile" +} + +# Factor out some common post-processing of the generated depfile. +# Requires the auxiliary global variable '$tmpdepfile' to be set. +aix_post_process_depfile () +{ + # If the compiler actually managed to produce a dependency file, + # post-process it. + if test -f "$tmpdepfile"; then + # Each line is of the form 'foo.o: dependency.h'. + # Do two passes, one to just change these to + # $object: dependency.h + # and one to simply output + # dependency.h: + # which is needed to avoid the deleted-header problem. + { sed -e "s,^.*\.[$lower]*:,$object:," < "$tmpdepfile" + sed -e "s,^.*\.[$lower]*:[$tab ]*,," -e 's,$,:,' < "$tmpdepfile" + } > "$depfile" + rm -f "$tmpdepfile" + else + make_dummy_depfile + fi +} + +# A tabulation character. +tab=' ' +# A newline character. +nl=' +' +# Character ranges might be problematic outside the C locale. +# These definitions help. +upper=ABCDEFGHIJKLMNOPQRSTUVWXYZ +lower=abcdefghijklmnopqrstuvwxyz +digits=0123456789 +alpha=${upper}${lower} + +if test -z "$depmode" || test -z "$source" || test -z "$object"; then + echo "depcomp: Variables source, object and depmode must be set" 1>&2 + exit 1 +fi + +# Dependencies for sub/bar.o or sub/bar.obj go into sub/.deps/bar.Po. +depfile=${depfile-`echo "$object" | + sed 's|[^\\/]*$|'${DEPDIR-.deps}'/&|;s|\.\([^.]*\)$|.P\1|;s|Pobj$|Po|'`} +tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`} + +rm -f "$tmpdepfile" + +# Avoid interferences from the environment. +gccflag= dashmflag= + +# Some modes work just like other modes, but use different flags. We +# parameterize here, but still list the modes in the big case below, +# to make depend.m4 easier to write. Note that we *cannot* use a case +# here, because this file can only contain one case statement. +if test "$depmode" = hp; then + # HP compiler uses -M and no extra arg. + gccflag=-M + depmode=gcc +fi + +if test "$depmode" = dashXmstdout; then + # This is just like dashmstdout with a different argument. + dashmflag=-xM + depmode=dashmstdout +fi + +cygpath_u="cygpath -u -f -" +if test "$depmode" = msvcmsys; then + # This is just like msvisualcpp but w/o cygpath translation. + # Just convert the backslash-escaped backslashes to single forward + # slashes to satisfy depend.m4 + cygpath_u='sed s,\\\\,/,g' + depmode=msvisualcpp +fi + +if test "$depmode" = msvc7msys; then + # This is just like msvc7 but w/o cygpath translation. + # Just convert the backslash-escaped backslashes to single forward + # slashes to satisfy depend.m4 + cygpath_u='sed s,\\\\,/,g' + depmode=msvc7 +fi + +if test "$depmode" = xlc; then + # IBM C/C++ Compilers xlc/xlC can output gcc-like dependency information. + gccflag=-qmakedep=gcc,-MF + depmode=gcc +fi + +case "$depmode" in +gcc3) +## gcc 3 implements dependency tracking that does exactly what +## we want. Yay! Note: for some reason libtool 1.4 doesn't like +## it if -MD -MP comes after the -MF stuff. Hmm. +## Unfortunately, FreeBSD c89 acceptance of flags depends upon +## the command line argument order; so add the flags where they +## appear in depend2.am. Note that the slowdown incurred here +## affects only configure: in makefiles, %FASTDEP% shortcuts this. + for arg + do + case $arg in + -c) set fnord "$@" -MT "$object" -MD -MP -MF "$tmpdepfile" "$arg" ;; + *) set fnord "$@" "$arg" ;; + esac + shift # fnord + shift # $arg + done + "$@" + stat=$? + if test $stat -ne 0; then + rm -f "$tmpdepfile" + exit $stat + fi + mv "$tmpdepfile" "$depfile" + ;; + +gcc) +## Note that this doesn't just cater to obsosete pre-3.x GCC compilers. +## but also to in-use compilers like IMB xlc/xlC and the HP C compiler. +## (see the conditional assignment to $gccflag above). +## There are various ways to get dependency output from gcc. Here's +## why we pick this rather obscure method: +## - Don't want to use -MD because we'd like the dependencies to end +## up in a subdir. Having to rename by hand is ugly. +## (We might end up doing this anyway to support other compilers.) +## - The DEPENDENCIES_OUTPUT environment variable makes gcc act like +## -MM, not -M (despite what the docs say). Also, it might not be +## supported by the other compilers which use the 'gcc' depmode. +## - Using -M directly means running the compiler twice (even worse +## than renaming). + if test -z "$gccflag"; then + gccflag=-MD, + fi + "$@" -Wp,"$gccflag$tmpdepfile" + stat=$? + if test $stat -ne 0; then + rm -f "$tmpdepfile" + exit $stat + fi + rm -f "$depfile" + echo "$object : \\" > "$depfile" + # The second -e expression handles DOS-style file names with drive + # letters. + sed -e 's/^[^:]*: / /' \ + -e 's/^['$alpha']:\/[^:]*: / /' < "$tmpdepfile" >> "$depfile" +## This next piece of magic avoids the "deleted header file" problem. +## The problem is that when a header file which appears in a .P file +## is deleted, the dependency causes make to die (because there is +## typically no way to rebuild the header). We avoid this by adding +## dummy dependencies for each header file. Too bad gcc doesn't do +## this for us directly. +## Some versions of gcc put a space before the ':'. On the theory +## that the space means something, we add a space to the output as +## well. hp depmode also adds that space, but also prefixes the VPATH +## to the object. Take care to not repeat it in the output. +## Some versions of the HPUX 10.20 sed can't process this invocation +## correctly. Breaking it into two sed invocations is a workaround. + tr ' ' "$nl" < "$tmpdepfile" \ + | sed -e 's/^\\$//' -e '/^$/d' -e "s|.*$object$||" -e '/:$/d' \ + | sed -e 's/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +hp) + # This case exists only to let depend.m4 do its work. It works by + # looking at the text of this script. This case will never be run, + # since it is checked for above. + exit 1 + ;; + +sgi) + if test "$libtool" = yes; then + "$@" "-Wp,-MDupdate,$tmpdepfile" + else + "$@" -MDupdate "$tmpdepfile" + fi + stat=$? + if test $stat -ne 0; then + rm -f "$tmpdepfile" + exit $stat + fi + rm -f "$depfile" + + if test -f "$tmpdepfile"; then # yes, the sourcefile depend on other files + echo "$object : \\" > "$depfile" + # Clip off the initial element (the dependent). Don't try to be + # clever and replace this with sed code, as IRIX sed won't handle + # lines with more than a fixed number of characters (4096 in + # IRIX 6.2 sed, 8192 in IRIX 6.5). We also remove comment lines; + # the IRIX cc adds comments like '#:fec' to the end of the + # dependency line. + tr ' ' "$nl" < "$tmpdepfile" \ + | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' \ + | tr "$nl" ' ' >> "$depfile" + echo >> "$depfile" + # The second pass generates a dummy entry for each header file. + tr ' ' "$nl" < "$tmpdepfile" \ + | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \ + >> "$depfile" + else + make_dummy_depfile + fi + rm -f "$tmpdepfile" + ;; + +xlc) + # This case exists only to let depend.m4 do its work. It works by + # looking at the text of this script. This case will never be run, + # since it is checked for above. + exit 1 + ;; + +aix) + # The C for AIX Compiler uses -M and outputs the dependencies + # in a .u file. In older versions, this file always lives in the + # current directory. Also, the AIX compiler puts '$object:' at the + # start of each line; $object doesn't have directory information. + # Version 6 uses the directory in both cases. + set_dir_from "$object" + set_base_from "$object" + if test "$libtool" = yes; then + tmpdepfile1=$dir$base.u + tmpdepfile2=$base.u + tmpdepfile3=$dir.libs/$base.u + "$@" -Wc,-M + else + tmpdepfile1=$dir$base.u + tmpdepfile2=$dir$base.u + tmpdepfile3=$dir$base.u + "$@" -M + fi + stat=$? + if test $stat -ne 0; then + rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" + exit $stat + fi + + for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" + do + test -f "$tmpdepfile" && break + done + aix_post_process_depfile + ;; + +tcc) + # tcc (Tiny C Compiler) understand '-MD -MF file' since version 0.9.26 + # FIXME: That version still under development at the moment of writing. + # Make that this statement remains true also for stable, released + # versions. + # It will wrap lines (doesn't matter whether long or short) with a + # trailing '\', as in: + # + # foo.o : \ + # foo.c \ + # foo.h \ + # + # It will put a trailing '\' even on the last line, and will use leading + # spaces rather than leading tabs (at least since its commit 0394caf7 + # "Emit spaces for -MD"). + "$@" -MD -MF "$tmpdepfile" + stat=$? + if test $stat -ne 0; then + rm -f "$tmpdepfile" + exit $stat + fi + rm -f "$depfile" + # Each non-empty line is of the form 'foo.o : \' or ' dep.h \'. + # We have to change lines of the first kind to '$object: \'. + sed -e "s|.*:|$object :|" < "$tmpdepfile" > "$depfile" + # And for each line of the second kind, we have to emit a 'dep.h:' + # dummy dependency, to avoid the deleted-header problem. + sed -n -e 's|^ *\(.*\) *\\$|\1:|p' < "$tmpdepfile" >> "$depfile" + rm -f "$tmpdepfile" + ;; + +## The order of this option in the case statement is important, since the +## shell code in configure will try each of these formats in the order +## listed in this file. A plain '-MD' option would be understood by many +## compilers, so we must ensure this comes after the gcc and icc options. +pgcc) + # Portland's C compiler understands '-MD'. + # Will always output deps to 'file.d' where file is the root name of the + # source file under compilation, even if file resides in a subdirectory. + # The object file name does not affect the name of the '.d' file. + # pgcc 10.2 will output + # foo.o: sub/foo.c sub/foo.h + # and will wrap long lines using '\' : + # foo.o: sub/foo.c ... \ + # sub/foo.h ... \ + # ... + set_dir_from "$object" + # Use the source, not the object, to determine the base name, since + # that's sadly what pgcc will do too. + set_base_from "$source" + tmpdepfile=$base.d + + # For projects that build the same source file twice into different object + # files, the pgcc approach of using the *source* file root name can cause + # problems in parallel builds. Use a locking strategy to avoid stomping on + # the same $tmpdepfile. + lockdir=$base.d-lock + trap " + echo '$0: caught signal, cleaning up...' >&2 + rmdir '$lockdir' + exit 1 + " 1 2 13 15 + numtries=100 + i=$numtries + while test $i -gt 0; do + # mkdir is a portable test-and-set. + if mkdir "$lockdir" 2>/dev/null; then + # This process acquired the lock. + "$@" -MD + stat=$? + # Release the lock. + rmdir "$lockdir" + break + else + # If the lock is being held by a different process, wait + # until the winning process is done or we timeout. + while test -d "$lockdir" && test $i -gt 0; do + sleep 1 + i=`expr $i - 1` + done + fi + i=`expr $i - 1` + done + trap - 1 2 13 15 + if test $i -le 0; then + echo "$0: failed to acquire lock after $numtries attempts" >&2 + echo "$0: check lockdir '$lockdir'" >&2 + exit 1 + fi + + if test $stat -ne 0; then + rm -f "$tmpdepfile" + exit $stat + fi + rm -f "$depfile" + # Each line is of the form `foo.o: dependent.h', + # or `foo.o: dep1.h dep2.h \', or ` dep3.h dep4.h \'. + # Do two passes, one to just change these to + # `$object: dependent.h' and one to simply `dependent.h:'. + sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile" + # Some versions of the HPUX 10.20 sed can't process this invocation + # correctly. Breaking it into two sed invocations is a workaround. + sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" \ + | sed -e 's/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +hp2) + # The "hp" stanza above does not work with aCC (C++) and HP's ia64 + # compilers, which have integrated preprocessors. The correct option + # to use with these is +Maked; it writes dependencies to a file named + # 'foo.d', which lands next to the object file, wherever that + # happens to be. + # Much of this is similar to the tru64 case; see comments there. + set_dir_from "$object" + set_base_from "$object" + if test "$libtool" = yes; then + tmpdepfile1=$dir$base.d + tmpdepfile2=$dir.libs/$base.d + "$@" -Wc,+Maked + else + tmpdepfile1=$dir$base.d + tmpdepfile2=$dir$base.d + "$@" +Maked + fi + stat=$? + if test $stat -ne 0; then + rm -f "$tmpdepfile1" "$tmpdepfile2" + exit $stat + fi + + for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" + do + test -f "$tmpdepfile" && break + done + if test -f "$tmpdepfile"; then + sed -e "s,^.*\.[$lower]*:,$object:," "$tmpdepfile" > "$depfile" + # Add 'dependent.h:' lines. + sed -ne '2,${ + s/^ *// + s/ \\*$// + s/$/:/ + p + }' "$tmpdepfile" >> "$depfile" + else + make_dummy_depfile + fi + rm -f "$tmpdepfile" "$tmpdepfile2" + ;; + +tru64) + # The Tru64 compiler uses -MD to generate dependencies as a side + # effect. 'cc -MD -o foo.o ...' puts the dependencies into 'foo.o.d'. + # At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put + # dependencies in 'foo.d' instead, so we check for that too. + # Subdirectories are respected. + set_dir_from "$object" + set_base_from "$object" + + if test "$libtool" = yes; then + # Libtool generates 2 separate objects for the 2 libraries. These + # two compilations output dependencies in $dir.libs/$base.o.d and + # in $dir$base.o.d. We have to check for both files, because + # one of the two compilations can be disabled. We should prefer + # $dir$base.o.d over $dir.libs/$base.o.d because the latter is + # automatically cleaned when .libs/ is deleted, while ignoring + # the former would cause a distcleancheck panic. + tmpdepfile1=$dir$base.o.d # libtool 1.5 + tmpdepfile2=$dir.libs/$base.o.d # Likewise. + tmpdepfile3=$dir.libs/$base.d # Compaq CCC V6.2-504 + "$@" -Wc,-MD + else + tmpdepfile1=$dir$base.d + tmpdepfile2=$dir$base.d + tmpdepfile3=$dir$base.d + "$@" -MD + fi + + stat=$? + if test $stat -ne 0; then + rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" + exit $stat + fi + + for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" + do + test -f "$tmpdepfile" && break + done + # Same post-processing that is required for AIX mode. + aix_post_process_depfile + ;; + +msvc7) + if test "$libtool" = yes; then + showIncludes=-Wc,-showIncludes + else + showIncludes=-showIncludes + fi + "$@" $showIncludes > "$tmpdepfile" + stat=$? + grep -v '^Note: including file: ' "$tmpdepfile" + if test $stat -ne 0; then + rm -f "$tmpdepfile" + exit $stat + fi + rm -f "$depfile" + echo "$object : \\" > "$depfile" + # The first sed program below extracts the file names and escapes + # backslashes for cygpath. The second sed program outputs the file + # name when reading, but also accumulates all include files in the + # hold buffer in order to output them again at the end. This only + # works with sed implementations that can handle large buffers. + sed < "$tmpdepfile" -n ' +/^Note: including file: *\(.*\)/ { + s//\1/ + s/\\/\\\\/g + p +}' | $cygpath_u | sort -u | sed -n ' +s/ /\\ /g +s/\(.*\)/'"$tab"'\1 \\/p +s/.\(.*\) \\/\1:/ +H +$ { + s/.*/'"$tab"'/ + G + p +}' >> "$depfile" + echo >> "$depfile" # make sure the fragment doesn't end with a backslash + rm -f "$tmpdepfile" + ;; + +msvc7msys) + # This case exists only to let depend.m4 do its work. It works by + # looking at the text of this script. This case will never be run, + # since it is checked for above. + exit 1 + ;; + +#nosideeffect) + # This comment above is used by automake to tell side-effect + # dependency tracking mechanisms from slower ones. + +dashmstdout) + # Important note: in order to support this mode, a compiler *must* + # always write the preprocessed file to stdout, regardless of -o. + "$@" || exit $? + + # Remove the call to Libtool. + if test "$libtool" = yes; then + while test "X$1" != 'X--mode=compile'; do + shift + done + shift + fi + + # Remove '-o $object'. + IFS=" " + for arg + do + case $arg in + -o) + shift + ;; + $object) + shift + ;; + *) + set fnord "$@" "$arg" + shift # fnord + shift # $arg + ;; + esac + done + + test -z "$dashmflag" && dashmflag=-M + # Require at least two characters before searching for ':' + # in the target name. This is to cope with DOS-style filenames: + # a dependency such as 'c:/foo/bar' could be seen as target 'c' otherwise. + "$@" $dashmflag | + sed "s|^[$tab ]*[^:$tab ][^:][^:]*:[$tab ]*|$object: |" > "$tmpdepfile" + rm -f "$depfile" + cat < "$tmpdepfile" > "$depfile" + # Some versions of the HPUX 10.20 sed can't process this sed invocation + # correctly. Breaking it into two sed invocations is a workaround. + tr ' ' "$nl" < "$tmpdepfile" \ + | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \ + | sed -e 's/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +dashXmstdout) + # This case only exists to satisfy depend.m4. It is never actually + # run, as this mode is specially recognized in the preamble. + exit 1 + ;; + +makedepend) + "$@" || exit $? + # Remove any Libtool call + if test "$libtool" = yes; then + while test "X$1" != 'X--mode=compile'; do + shift + done + shift + fi + # X makedepend + shift + cleared=no eat=no + for arg + do + case $cleared in + no) + set ""; shift + cleared=yes ;; + esac + if test $eat = yes; then + eat=no + continue + fi + case "$arg" in + -D*|-I*) + set fnord "$@" "$arg"; shift ;; + # Strip any option that makedepend may not understand. Remove + # the object too, otherwise makedepend will parse it as a source file. + -arch) + eat=yes ;; + -*|$object) + ;; + *) + set fnord "$@" "$arg"; shift ;; + esac + done + obj_suffix=`echo "$object" | sed 's/^.*\././'` + touch "$tmpdepfile" + ${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@" + rm -f "$depfile" + # makedepend may prepend the VPATH from the source file name to the object. + # No need to regex-escape $object, excess matching of '.' is harmless. + sed "s|^.*\($object *:\)|\1|" "$tmpdepfile" > "$depfile" + # Some versions of the HPUX 10.20 sed can't process the last invocation + # correctly. Breaking it into two sed invocations is a workaround. + sed '1,2d' "$tmpdepfile" \ + | tr ' ' "$nl" \ + | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \ + | sed -e 's/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" "$tmpdepfile".bak + ;; + +cpp) + # Important note: in order to support this mode, a compiler *must* + # always write the preprocessed file to stdout. + "$@" || exit $? + + # Remove the call to Libtool. + if test "$libtool" = yes; then + while test "X$1" != 'X--mode=compile'; do + shift + done + shift + fi + + # Remove '-o $object'. + IFS=" " + for arg + do + case $arg in + -o) + shift + ;; + $object) + shift + ;; + *) + set fnord "$@" "$arg" + shift # fnord + shift # $arg + ;; + esac + done + + "$@" -E \ + | sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ + -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ + | sed '$ s: \\$::' > "$tmpdepfile" + rm -f "$depfile" + echo "$object : \\" > "$depfile" + cat < "$tmpdepfile" >> "$depfile" + sed < "$tmpdepfile" '/^$/d;s/^ //;s/ \\$//;s/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +msvisualcpp) + # Important note: in order to support this mode, a compiler *must* + # always write the preprocessed file to stdout. + "$@" || exit $? + + # Remove the call to Libtool. + if test "$libtool" = yes; then + while test "X$1" != 'X--mode=compile'; do + shift + done + shift + fi + + IFS=" " + for arg + do + case "$arg" in + -o) + shift + ;; + $object) + shift + ;; + "-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI") + set fnord "$@" + shift + shift + ;; + *) + set fnord "$@" "$arg" + shift + shift + ;; + esac + done + "$@" -E 2>/dev/null | + sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::\1:p' | $cygpath_u | sort -u > "$tmpdepfile" + rm -f "$depfile" + echo "$object : \\" > "$depfile" + sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::'"$tab"'\1 \\:p' >> "$depfile" + echo "$tab" >> "$depfile" + sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::\1\::p' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +msvcmsys) + # This case exists only to let depend.m4 do its work. It works by + # looking at the text of this script. This case will never be run, + # since it is checked for above. + exit 1 + ;; + +none) + exec "$@" + ;; + +*) + echo "Unknown depmode $depmode" 1>&2 + exit 1 + ;; +esac + +exit 0 + +# Local Variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC0" +# time-stamp-end: "; # UTC" +# End: diff --git a/install-sh b/install-sh new file mode 100755 index 0000000..59990a1 --- /dev/null +++ b/install-sh @@ -0,0 +1,508 @@ +#!/bin/sh +# install - install a program, script, or datafile + +scriptversion=2014-09-12.12; # UTC + +# This originates from X11R5 (mit/util/scripts/install.sh), which was +# later released in X11R6 (xc/config/util/install.sh) with the +# following copyright and license. +# +# Copyright (C) 1994 X Consortium +# +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to +# deal in the Software without restriction, including without limitation the +# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or +# sell copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +# AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC- +# TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +# +# Except as contained in this notice, the name of the X Consortium shall not +# be used in advertising or otherwise to promote the sale, use or other deal- +# ings in this Software without prior written authorization from the X Consor- +# tium. +# +# +# FSF changes to this file are in the public domain. +# +# Calling this script install-sh is preferred over install.sh, to prevent +# 'make' implicit rules from creating a file called install from it +# when there is no Makefile. +# +# This script is compatible with the BSD install script, but was written +# from scratch. + +tab=' ' +nl=' +' +IFS=" $tab$nl" + +# Set DOITPROG to "echo" to test this script. + +doit=${DOITPROG-} +doit_exec=${doit:-exec} + +# Put in absolute file names if you don't have them in your path; +# or use environment vars. + +chgrpprog=${CHGRPPROG-chgrp} +chmodprog=${CHMODPROG-chmod} +chownprog=${CHOWNPROG-chown} +cmpprog=${CMPPROG-cmp} +cpprog=${CPPROG-cp} +mkdirprog=${MKDIRPROG-mkdir} +mvprog=${MVPROG-mv} +rmprog=${RMPROG-rm} +stripprog=${STRIPPROG-strip} + +posix_mkdir= + +# Desired mode of installed file. +mode=0755 + +chgrpcmd= +chmodcmd=$chmodprog +chowncmd= +mvcmd=$mvprog +rmcmd="$rmprog -f" +stripcmd= + +src= +dst= +dir_arg= +dst_arg= + +copy_on_change=false +is_target_a_directory=possibly + +usage="\ +Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE + or: $0 [OPTION]... SRCFILES... DIRECTORY + or: $0 [OPTION]... -t DIRECTORY SRCFILES... + or: $0 [OPTION]... -d DIRECTORIES... + +In the 1st form, copy SRCFILE to DSTFILE. +In the 2nd and 3rd, copy all SRCFILES to DIRECTORY. +In the 4th, create DIRECTORIES. + +Options: + --help display this help and exit. + --version display version info and exit. + + -c (ignored) + -C install only if different (preserve the last data modification time) + -d create directories instead of installing files. + -g GROUP $chgrpprog installed files to GROUP. + -m MODE $chmodprog installed files to MODE. + -o USER $chownprog installed files to USER. + -s $stripprog installed files. + -t DIRECTORY install into DIRECTORY. + -T report an error if DSTFILE is a directory. + +Environment variables override the default commands: + CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG + RMPROG STRIPPROG +" + +while test $# -ne 0; do + case $1 in + -c) ;; + + -C) copy_on_change=true;; + + -d) dir_arg=true;; + + -g) chgrpcmd="$chgrpprog $2" + shift;; + + --help) echo "$usage"; exit $?;; + + -m) mode=$2 + case $mode in + *' '* | *"$tab"* | *"$nl"* | *'*'* | *'?'* | *'['*) + echo "$0: invalid mode: $mode" >&2 + exit 1;; + esac + shift;; + + -o) chowncmd="$chownprog $2" + shift;; + + -s) stripcmd=$stripprog;; + + -t) + is_target_a_directory=always + dst_arg=$2 + # Protect names problematic for 'test' and other utilities. + case $dst_arg in + -* | [=\(\)!]) dst_arg=./$dst_arg;; + esac + shift;; + + -T) is_target_a_directory=never;; + + --version) echo "$0 $scriptversion"; exit $?;; + + --) shift + break;; + + -*) echo "$0: invalid option: $1" >&2 + exit 1;; + + *) break;; + esac + shift +done + +# We allow the use of options -d and -T together, by making -d +# take the precedence; this is for compatibility with GNU install. + +if test -n "$dir_arg"; then + if test -n "$dst_arg"; then + echo "$0: target directory not allowed when installing a directory." >&2 + exit 1 + fi +fi + +if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then + # When -d is used, all remaining arguments are directories to create. + # When -t is used, the destination is already specified. + # Otherwise, the last argument is the destination. Remove it from $@. + for arg + do + if test -n "$dst_arg"; then + # $@ is not empty: it contains at least $arg. + set fnord "$@" "$dst_arg" + shift # fnord + fi + shift # arg + dst_arg=$arg + # Protect names problematic for 'test' and other utilities. + case $dst_arg in + -* | [=\(\)!]) dst_arg=./$dst_arg;; + esac + done +fi + +if test $# -eq 0; then + if test -z "$dir_arg"; then + echo "$0: no input file specified." >&2 + exit 1 + fi + # It's OK to call 'install-sh -d' without argument. + # This can happen when creating conditional directories. + exit 0 +fi + +if test -z "$dir_arg"; then + if test $# -gt 1 || test "$is_target_a_directory" = always; then + if test ! -d "$dst_arg"; then + echo "$0: $dst_arg: Is not a directory." >&2 + exit 1 + fi + fi +fi + +if test -z "$dir_arg"; then + do_exit='(exit $ret); exit $ret' + trap "ret=129; $do_exit" 1 + trap "ret=130; $do_exit" 2 + trap "ret=141; $do_exit" 13 + trap "ret=143; $do_exit" 15 + + # Set umask so as not to create temps with too-generous modes. + # However, 'strip' requires both read and write access to temps. + case $mode in + # Optimize common cases. + *644) cp_umask=133;; + *755) cp_umask=22;; + + *[0-7]) + if test -z "$stripcmd"; then + u_plus_rw= + else + u_plus_rw='% 200' + fi + cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;; + *) + if test -z "$stripcmd"; then + u_plus_rw= + else + u_plus_rw=,u+rw + fi + cp_umask=$mode$u_plus_rw;; + esac +fi + +for src +do + # Protect names problematic for 'test' and other utilities. + case $src in + -* | [=\(\)!]) src=./$src;; + esac + + if test -n "$dir_arg"; then + dst=$src + dstdir=$dst + test -d "$dstdir" + dstdir_status=$? + else + + # Waiting for this to be detected by the "$cpprog $src $dsttmp" command + # might cause directories to be created, which would be especially bad + # if $src (and thus $dsttmp) contains '*'. + if test ! -f "$src" && test ! -d "$src"; then + echo "$0: $src does not exist." >&2 + exit 1 + fi + + if test -z "$dst_arg"; then + echo "$0: no destination specified." >&2 + exit 1 + fi + dst=$dst_arg + + # If destination is a directory, append the input filename; won't work + # if double slashes aren't ignored. + if test -d "$dst"; then + if test "$is_target_a_directory" = never; then + echo "$0: $dst_arg: Is a directory" >&2 + exit 1 + fi + dstdir=$dst + dst=$dstdir/`basename "$src"` + dstdir_status=0 + else + dstdir=`dirname "$dst"` + test -d "$dstdir" + dstdir_status=$? + fi + fi + + obsolete_mkdir_used=false + + if test $dstdir_status != 0; then + case $posix_mkdir in + '') + # Create intermediate dirs using mode 755 as modified by the umask. + # This is like FreeBSD 'install' as of 1997-10-28. + umask=`umask` + case $stripcmd.$umask in + # Optimize common cases. + *[2367][2367]) mkdir_umask=$umask;; + .*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;; + + *[0-7]) + mkdir_umask=`expr $umask + 22 \ + - $umask % 100 % 40 + $umask % 20 \ + - $umask % 10 % 4 + $umask % 2 + `;; + *) mkdir_umask=$umask,go-w;; + esac + + # With -d, create the new directory with the user-specified mode. + # Otherwise, rely on $mkdir_umask. + if test -n "$dir_arg"; then + mkdir_mode=-m$mode + else + mkdir_mode= + fi + + posix_mkdir=false + case $umask in + *[123567][0-7][0-7]) + # POSIX mkdir -p sets u+wx bits regardless of umask, which + # is incompatible with FreeBSD 'install' when (umask & 300) != 0. + ;; + *) + # $RANDOM is not portable (e.g. dash); use it when possible to + # lower collision chance + tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$ + trap 'ret=$?; rmdir "$tmpdir/a/b" "$tmpdir/a" "$tmpdir" 2>/dev/null; exit $ret' 0 + + # As "mkdir -p" follows symlinks and we work in /tmp possibly; so + # create the $tmpdir first (and fail if unsuccessful) to make sure + # that nobody tries to guess the $tmpdir name. + if (umask $mkdir_umask && + $mkdirprog $mkdir_mode "$tmpdir" && + exec $mkdirprog $mkdir_mode -p -- "$tmpdir/a/b") >/dev/null 2>&1 + then + if test -z "$dir_arg" || { + # Check for POSIX incompatibilities with -m. + # HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or + # other-writable bit of parent directory when it shouldn't. + # FreeBSD 6.1 mkdir -m -p sets mode of existing directory. + test_tmpdir="$tmpdir/a" + ls_ld_tmpdir=`ls -ld "$test_tmpdir"` + case $ls_ld_tmpdir in + d????-?r-*) different_mode=700;; + d????-?--*) different_mode=755;; + *) false;; + esac && + $mkdirprog -m$different_mode -p -- "$test_tmpdir" && { + ls_ld_tmpdir_1=`ls -ld "$test_tmpdir"` + test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1" + } + } + then posix_mkdir=: + fi + rmdir "$tmpdir/a/b" "$tmpdir/a" "$tmpdir" + else + # Remove any dirs left behind by ancient mkdir implementations. + rmdir ./$mkdir_mode ./-p ./-- "$tmpdir" 2>/dev/null + fi + trap '' 0;; + esac;; + esac + + if + $posix_mkdir && ( + umask $mkdir_umask && + $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir" + ) + then : + else + + # The umask is ridiculous, or mkdir does not conform to POSIX, + # or it failed possibly due to a race condition. Create the + # directory the slow way, step by step, checking for races as we go. + + case $dstdir in + /*) prefix='/';; + [-=\(\)!]*) prefix='./';; + *) prefix='';; + esac + + oIFS=$IFS + IFS=/ + set -f + set fnord $dstdir + shift + set +f + IFS=$oIFS + + prefixes= + + for d + do + test X"$d" = X && continue + + prefix=$prefix$d + if test -d "$prefix"; then + prefixes= + else + if $posix_mkdir; then + (umask=$mkdir_umask && + $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break + # Don't fail if two instances are running concurrently. + test -d "$prefix" || exit 1 + else + case $prefix in + *\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;; + *) qprefix=$prefix;; + esac + prefixes="$prefixes '$qprefix'" + fi + fi + prefix=$prefix/ + done + + if test -n "$prefixes"; then + # Don't fail if two instances are running concurrently. + (umask $mkdir_umask && + eval "\$doit_exec \$mkdirprog $prefixes") || + test -d "$dstdir" || exit 1 + obsolete_mkdir_used=true + fi + fi + fi + + if test -n "$dir_arg"; then + { test -z "$chowncmd" || $doit $chowncmd "$dst"; } && + { test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } && + { test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false || + test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1 + else + + # Make a couple of temp file names in the proper directory. + dsttmp=$dstdir/_inst.$$_ + rmtmp=$dstdir/_rm.$$_ + + # Trap to clean up those temp files at exit. + trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0 + + # Copy the file name to the temp name. + (umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") && + + # and set any options; do chmod last to preserve setuid bits. + # + # If any of these fail, we abort the whole thing. If we want to + # ignore errors from any of these, just make sure not to ignore + # errors from the above "$doit $cpprog $src $dsttmp" command. + # + { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } && + { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } && + { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } && + { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } && + + # If -C, don't bother to copy if it wouldn't change the file. + if $copy_on_change && + old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` && + new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` && + set -f && + set X $old && old=:$2:$4:$5:$6 && + set X $new && new=:$2:$4:$5:$6 && + set +f && + test "$old" = "$new" && + $cmpprog "$dst" "$dsttmp" >/dev/null 2>&1 + then + rm -f "$dsttmp" + else + # Rename the file to the real destination. + $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null || + + # The rename failed, perhaps because mv can't rename something else + # to itself, or perhaps because mv is so ancient that it does not + # support -f. + { + # Now remove or move aside any old file at destination location. + # We try this two ways since rm can't unlink itself on some + # systems and the destination file might be busy for other + # reasons. In this case, the final cleanup might fail but the new + # file should still install successfully. + { + test ! -f "$dst" || + $doit $rmcmd -f "$dst" 2>/dev/null || + { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null && + { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; } + } || + { echo "$0: cannot unlink or rename $dst" >&2 + (exit 1); exit 1 + } + } && + + # Now rename the file to the real destination. + $doit $mvcmd "$dsttmp" "$dst" + } + fi || exit 1 + + trap '' 0 + fi +done + +# Local variables: +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: diff --git a/ldapns.ldif b/ldapns.ldif new file mode 100644 index 0000000..a86f8f5 --- /dev/null +++ b/ldapns.ldif @@ -0,0 +1,19 @@ +# LDAP Name Service Additional Schema +# Source: pam_ldap package by Luke Howard converted to LDIF +# Has not been published in Internet Draft or RFC. + +dn: cn=ldapns,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: ldapns +olcAttributeTypes: {0}( 1.3.6.1.4.1.5322.17.2.1 NAME 'authorizedService' + DESC 'IANA GSS-API authorized service name' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcObjectClasses: {0}( 1.3.6.1.4.1.5322.17.1.1 NAME 'authorizedServiceObject' + DESC 'Auxiliary object class for adding authorizedService attribute' + SUP top AUXILIARY + MAY authorizedService ) +olcObjectClasses: {1}( 1.3.6.1.4.1.5322.17.1.2 NAME 'hostObject' + DESC 'Auxiliary object class for adding host attribute' + SUP top AUXILIARY + MAY host ) diff --git a/ldapns.schema b/ldapns.schema new file mode 100644 index 0000000..542bcd0 --- /dev/null +++ b/ldapns.schema @@ -0,0 +1,20 @@ +# LDAP Name Service Additional Schema +# Source: pam_ldap package by Luke Howard +# Has not been published in Internet Draft or RFC. + +attributetype ( 1.3.6.1.4.1.5322.17.2.1 NAME 'authorizedService' + DESC 'IANA GSS-API authorized service name' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +objectclass ( 1.3.6.1.4.1.5322.17.1.1 NAME 'authorizedServiceObject' + DESC 'Auxiliary object class for adding authorizedService attribute' + SUP top + AUXILIARY + MAY authorizedService ) + +objectclass ( 1.3.6.1.4.1.5322.17.1.2 NAME 'hostObject' + DESC 'Auxiliary object class for adding host attribute' + SUP top + AUXILIARY + MAY host ) diff --git a/m4/ax_pthread.m4 b/m4/ax_pthread.m4 new file mode 100644 index 0000000..d383ad5 --- /dev/null +++ b/m4/ax_pthread.m4 @@ -0,0 +1,332 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_pthread.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_PTHREAD([ACTION-IF-FOUND[, ACTION-IF-NOT-FOUND]]) +# +# DESCRIPTION +# +# This macro figures out how to build C programs using POSIX threads. It +# sets the PTHREAD_LIBS output variable to the threads library and linker +# flags, and the PTHREAD_CFLAGS output variable to any special C compiler +# flags that are needed. (The user can also force certain compiler +# flags/libs to be tested by setting these environment variables.) +# +# Also sets PTHREAD_CC to any special C compiler that is needed for +# multi-threaded programs (defaults to the value of CC otherwise). (This +# is necessary on AIX to use the special cc_r compiler alias.) +# +# NOTE: You are assumed to not only compile your program with these flags, +# but also link it with them as well. e.g. you should link with +# $PTHREAD_CC $CFLAGS $PTHREAD_CFLAGS $LDFLAGS ... $PTHREAD_LIBS $LIBS +# +# If you are only building threads programs, you may wish to use these +# variables in your default LIBS, CFLAGS, and CC: +# +# LIBS="$PTHREAD_LIBS $LIBS" +# CFLAGS="$CFLAGS $PTHREAD_CFLAGS" +# CC="$PTHREAD_CC" +# +# In addition, if the PTHREAD_CREATE_JOINABLE thread-attribute constant +# has a nonstandard name, defines PTHREAD_CREATE_JOINABLE to that name +# (e.g. PTHREAD_CREATE_UNDETACHED on AIX). +# +# Also HAVE_PTHREAD_PRIO_INHERIT is defined if pthread is found and the +# PTHREAD_PRIO_INHERIT symbol is defined when compiling with +# PTHREAD_CFLAGS. +# +# ACTION-IF-FOUND is a list of shell commands to run if a threads library +# is found, and ACTION-IF-NOT-FOUND is a list of commands to run it if it +# is not found. If ACTION-IF-FOUND is not specified, the default action +# will define HAVE_PTHREAD. +# +# Please let the authors know if this macro fails on any platform, or if +# you have any other suggestions or comments. This macro was based on work +# by SGJ on autoconf scripts for FFTW (http://www.fftw.org/) (with help +# from M. Frigo), as well as ac_pthread and hb_pthread macros posted by +# Alejandro Forero Cuervo to the autoconf macro repository. We are also +# grateful for the helpful feedback of numerous users. +# +# Updated for Autoconf 2.68 by Daniel Richard G. +# +# LICENSE +# +# Copyright (c) 2008 Steven G. Johnson +# Copyright (c) 2011 Daniel Richard G. +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General +# Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . +# +# As a special exception, the respective Autoconf Macro's copyright owner +# gives unlimited permission to copy, distribute and modify the configure +# scripts that are the output of Autoconf when processing the Macro. You +# need not follow the terms of the GNU General Public License when using +# or distributing such scripts, even though portions of the text of the +# Macro appear in them. The GNU General Public License (GPL) does govern +# all other use of the material that constitutes the Autoconf Macro. +# +# This special exception to the GPL applies to versions of the Autoconf +# Macro released by the Autoconf Archive. When you make and distribute a +# modified version of the Autoconf Macro, you may extend this special +# exception to the GPL to apply to your modified version as well. + +#serial 21 + +AU_ALIAS([ACX_PTHREAD], [AX_PTHREAD]) +AC_DEFUN([AX_PTHREAD], [ +AC_REQUIRE([AC_CANONICAL_HOST]) +AC_LANG_PUSH([C]) +ax_pthread_ok=no + +# We used to check for pthread.h first, but this fails if pthread.h +# requires special compiler flags (e.g. on True64 or Sequent). +# It gets checked for in the link test anyway. + +# First of all, check if the user has set any of the PTHREAD_LIBS, +# etcetera environment variables, and if threads linking works using +# them: +if test x"$PTHREAD_LIBS$PTHREAD_CFLAGS" != x; then + save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $PTHREAD_CFLAGS" + save_LIBS="$LIBS" + LIBS="$PTHREAD_LIBS $LIBS" + AC_MSG_CHECKING([for pthread_join in LIBS=$PTHREAD_LIBS with CFLAGS=$PTHREAD_CFLAGS]) + AC_TRY_LINK_FUNC([pthread_join], [ax_pthread_ok=yes]) + AC_MSG_RESULT([$ax_pthread_ok]) + if test x"$ax_pthread_ok" = xno; then + PTHREAD_LIBS="" + PTHREAD_CFLAGS="" + fi + LIBS="$save_LIBS" + CFLAGS="$save_CFLAGS" +fi + +# We must check for the threads library under a number of different +# names; the ordering is very important because some systems +# (e.g. DEC) have both -lpthread and -lpthreads, where one of the +# libraries is broken (non-POSIX). + +# Create a list of thread flags to try. Items starting with a "-" are +# C compiler flags, and other items are library names, except for "none" +# which indicates that we try without any flags at all, and "pthread-config" +# which is a program returning the flags for the Pth emulation library. + +ax_pthread_flags="pthreads none -Kthread -kthread lthread -pthread -pthreads -mthreads pthread --thread-safe -mt pthread-config" + +# The ordering *is* (sometimes) important. Some notes on the +# individual items follow: + +# pthreads: AIX (must check this before -lpthread) +# none: in case threads are in libc; should be tried before -Kthread and +# other compiler flags to prevent continual compiler warnings +# -Kthread: Sequent (threads in libc, but -Kthread needed for pthread.h) +# -kthread: FreeBSD kernel threads (preferred to -pthread since SMP-able) +# lthread: LinuxThreads port on FreeBSD (also preferred to -pthread) +# -pthread: Linux/gcc (kernel threads), BSD/gcc (userland threads) +# -pthreads: Solaris/gcc +# -mthreads: Mingw32/gcc, Lynx/gcc +# -mt: Sun Workshop C (may only link SunOS threads [-lthread], but it +# doesn't hurt to check since this sometimes defines pthreads too; +# also defines -D_REENTRANT) +# ... -mt is also the pthreads flag for HP/aCC +# pthread: Linux, etcetera +# --thread-safe: KAI C++ +# pthread-config: use pthread-config program (for GNU Pth library) + +case ${host_os} in + solaris*) + + # On Solaris (at least, for some versions), libc contains stubbed + # (non-functional) versions of the pthreads routines, so link-based + # tests will erroneously succeed. (We need to link with -pthreads/-mt/ + # -lpthread.) (The stubs are missing pthread_cleanup_push, or rather + # a function called by this macro, so we could check for that, but + # who knows whether they'll stub that too in a future libc.) So, + # we'll just look for -pthreads and -lpthread first: + + ax_pthread_flags="-pthreads pthread -mt -pthread $ax_pthread_flags" + ;; + + darwin*) + ax_pthread_flags="-pthread $ax_pthread_flags" + ;; +esac + +# Clang doesn't consider unrecognized options an error unless we specify +# -Werror. We throw in some extra Clang-specific options to ensure that +# this doesn't happen for GCC, which also accepts -Werror. + +AC_MSG_CHECKING([if compiler needs -Werror to reject unknown flags]) +save_CFLAGS="$CFLAGS" +ax_pthread_extra_flags="-Werror" +CFLAGS="$CFLAGS $ax_pthread_extra_flags -Wunknown-warning-option -Wsizeof-array-argument" +AC_COMPILE_IFELSE([AC_LANG_PROGRAM([int foo(void);],[foo()])], + [AC_MSG_RESULT([yes])], + [ax_pthread_extra_flags= + AC_MSG_RESULT([no])]) +CFLAGS="$save_CFLAGS" + +if test x"$ax_pthread_ok" = xno; then +for flag in $ax_pthread_flags; do + + case $flag in + none) + AC_MSG_CHECKING([whether pthreads work without any flags]) + ;; + + -*) + AC_MSG_CHECKING([whether pthreads work with $flag]) + PTHREAD_CFLAGS="$flag" + ;; + + pthread-config) + AC_CHECK_PROG([ax_pthread_config], [pthread-config], [yes], [no]) + if test x"$ax_pthread_config" = xno; then continue; fi + PTHREAD_CFLAGS="`pthread-config --cflags`" + PTHREAD_LIBS="`pthread-config --ldflags` `pthread-config --libs`" + ;; + + *) + AC_MSG_CHECKING([for the pthreads library -l$flag]) + PTHREAD_LIBS="-l$flag" + ;; + esac + + save_LIBS="$LIBS" + save_CFLAGS="$CFLAGS" + LIBS="$PTHREAD_LIBS $LIBS" + CFLAGS="$CFLAGS $PTHREAD_CFLAGS $ax_pthread_extra_flags" + + # Check for various functions. We must include pthread.h, + # since some functions may be macros. (On the Sequent, we + # need a special flag -Kthread to make this header compile.) + # We check for pthread_join because it is in -lpthread on IRIX + # while pthread_create is in libc. We check for pthread_attr_init + # due to DEC craziness with -lpthreads. We check for + # pthread_cleanup_push because it is one of the few pthread + # functions on Solaris that doesn't have a non-functional libc stub. + # We try pthread_create on general principles. + AC_LINK_IFELSE([AC_LANG_PROGRAM([#include + static void routine(void *a) { a = 0; } + static void *start_routine(void *a) { return a; }], + [pthread_t th; pthread_attr_t attr; + pthread_create(&th, 0, start_routine, 0); + pthread_join(th, 0); + pthread_attr_init(&attr); + pthread_cleanup_push(routine, 0); + pthread_cleanup_pop(0) /* ; */])], + [ax_pthread_ok=yes], + []) + + LIBS="$save_LIBS" + CFLAGS="$save_CFLAGS" + + AC_MSG_RESULT([$ax_pthread_ok]) + if test "x$ax_pthread_ok" = xyes; then + break; + fi + + PTHREAD_LIBS="" + PTHREAD_CFLAGS="" +done +fi + +# Various other checks: +if test "x$ax_pthread_ok" = xyes; then + save_LIBS="$LIBS" + LIBS="$PTHREAD_LIBS $LIBS" + save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $PTHREAD_CFLAGS" + + # Detect AIX lossage: JOINABLE attribute is called UNDETACHED. + AC_MSG_CHECKING([for joinable pthread attribute]) + attr_name=unknown + for attr in PTHREAD_CREATE_JOINABLE PTHREAD_CREATE_UNDETACHED; do + AC_LINK_IFELSE([AC_LANG_PROGRAM([#include ], + [int attr = $attr; return attr /* ; */])], + [attr_name=$attr; break], + []) + done + AC_MSG_RESULT([$attr_name]) + if test "$attr_name" != PTHREAD_CREATE_JOINABLE; then + AC_DEFINE_UNQUOTED([PTHREAD_CREATE_JOINABLE], [$attr_name], + [Define to necessary symbol if this constant + uses a non-standard name on your system.]) + fi + + AC_MSG_CHECKING([if more special flags are required for pthreads]) + flag=no + case ${host_os} in + aix* | freebsd* | darwin*) flag="-D_THREAD_SAFE";; + osf* | hpux*) flag="-D_REENTRANT";; + solaris*) + if test "$GCC" = "yes"; then + flag="-D_REENTRANT" + else + # TODO: What about Clang on Solaris? + flag="-mt -D_REENTRANT" + fi + ;; + esac + AC_MSG_RESULT([$flag]) + if test "x$flag" != xno; then + PTHREAD_CFLAGS="$flag $PTHREAD_CFLAGS" + fi + + AC_CACHE_CHECK([for PTHREAD_PRIO_INHERIT], + [ax_cv_PTHREAD_PRIO_INHERIT], [ + AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]], + [[int i = PTHREAD_PRIO_INHERIT;]])], + [ax_cv_PTHREAD_PRIO_INHERIT=yes], + [ax_cv_PTHREAD_PRIO_INHERIT=no]) + ]) + AS_IF([test "x$ax_cv_PTHREAD_PRIO_INHERIT" = "xyes"], + [AC_DEFINE([HAVE_PTHREAD_PRIO_INHERIT], [1], [Have PTHREAD_PRIO_INHERIT.])]) + + LIBS="$save_LIBS" + CFLAGS="$save_CFLAGS" + + # More AIX lossage: compile with *_r variant + if test "x$GCC" != xyes; then + case $host_os in + aix*) + AS_CASE(["x/$CC"], + [x*/c89|x*/c89_128|x*/c99|x*/c99_128|x*/cc|x*/cc128|x*/xlc|x*/xlc_v6|x*/xlc128|x*/xlc128_v6], + [#handle absolute path differently from PATH based program lookup + AS_CASE(["x$CC"], + [x/*], + [AS_IF([AS_EXECUTABLE_P([${CC}_r])],[PTHREAD_CC="${CC}_r"])], + [AC_CHECK_PROGS([PTHREAD_CC],[${CC}_r],[$CC])])]) + ;; + esac + fi +fi + +test -n "$PTHREAD_CC" || PTHREAD_CC="$CC" + +AC_SUBST([PTHREAD_LIBS]) +AC_SUBST([PTHREAD_CFLAGS]) +AC_SUBST([PTHREAD_CC]) + +# Finally, execute ACTION-IF-FOUND/ACTION-IF-NOT-FOUND: +if test x"$ax_pthread_ok" = xyes; then + ifelse([$1],,[AC_DEFINE([HAVE_PTHREAD],[1],[Define if you have POSIX threads libraries and header files.])],[$1]) + : +else + ax_pthread_ok=no + $2 +fi +AC_LANG_POP +])dnl AX_PTHREAD diff --git a/m4/ax_python_module.m4 b/m4/ax_python_module.m4 new file mode 100644 index 0000000..3afc404 --- /dev/null +++ b/m4/ax_python_module.m4 @@ -0,0 +1,49 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_python_module.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_PYTHON_MODULE(modname[, fatal]) +# +# DESCRIPTION +# +# Checks for Python module. +# +# If fatal is non-empty then absence of a module will trigger an error. +# +# LICENSE +# +# Copyright (c) 2008 Andrew Collier +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +#serial 6 + +AU_ALIAS([AC_PYTHON_MODULE], [AX_PYTHON_MODULE]) +AC_DEFUN([AX_PYTHON_MODULE],[ + if test -z $PYTHON; + then + PYTHON="python" + fi + PYTHON_NAME=`basename $PYTHON` + AC_MSG_CHECKING($PYTHON_NAME module: $1) + $PYTHON -c "import $1" 2>/dev/null + if test $? -eq 0; + then + AC_MSG_RESULT(yes) + eval AS_TR_CPP(HAVE_PYMOD_$1)=yes + else + AC_MSG_RESULT(no) + eval AS_TR_CPP(HAVE_PYMOD_$1)=no + # + if test -n "$2" + then + AC_MSG_ERROR(failed to find required module $1) + exit 1 + fi + fi +]) diff --git a/m4/ax_tls.m4 b/m4/ax_tls.m4 new file mode 100644 index 0000000..3b7b4a5 --- /dev/null +++ b/m4/ax_tls.m4 @@ -0,0 +1,74 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_tls.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_TLS([action-if-found], [action-if-not-found]) +# +# DESCRIPTION +# +# Provides a test for the compiler support of thread local storage (TLS) +# extensions. Defines TLS if it is found. Currently knows about GCC/ICC +# and MSVC. I think SunPro uses the same as GCC, and Borland apparently +# supports either. +# +# LICENSE +# +# Copyright (c) 2008 Alan Woodland +# Copyright (c) 2010 Diego Elio Petteno` +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General +# Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . +# +# As a special exception, the respective Autoconf Macro's copyright owner +# gives unlimited permission to copy, distribute and modify the configure +# scripts that are the output of Autoconf when processing the Macro. You +# need not follow the terms of the GNU General Public License when using +# or distributing such scripts, even though portions of the text of the +# Macro appear in them. The GNU General Public License (GPL) does govern +# all other use of the material that constitutes the Autoconf Macro. +# +# This special exception to the GPL applies to versions of the Autoconf +# Macro released by the Autoconf Archive. When you make and distribute a +# modified version of the Autoconf Macro, you may extend this special +# exception to the GPL to apply to your modified version as well. + +#serial 11 + +AC_DEFUN([AX_TLS], [ + AC_MSG_CHECKING([for thread local storage (TLS) class]) + AC_CACHE_VAL([ac_cv_tls], + [for ax_tls_keyword in __thread '__declspec(thread)' none; do + AS_CASE([$ax_tls_keyword], + [none], [ac_cv_tls=none ; break], + [AC_TRY_COMPILE( + [#include + static void + foo(void) { + static ] $ax_tls_keyword [ int bar; + exit(1); + }], + [], + [ac_cv_tls=$ax_tls_keyword ; break], + ac_cv_tls=none + )]) + done + ]) + AC_MSG_RESULT([$ac_cv_tls]) + + AS_IF([test "$ac_cv_tls" != "none"], + [AC_DEFINE_UNQUOTED([TLS],[$ac_cv_tls],[If the compiler supports a TLS storage class define it to that here]) + m4_ifnblank([$1],[$1])], + m4_ifnblank([$2],[$2])) +]) diff --git a/man/Makefile.am b/man/Makefile.am new file mode 100644 index 0000000..418d580 --- /dev/null +++ b/man/Makefile.am @@ -0,0 +1,65 @@ +# Makefile.am - use automake to generate Makefile.in +# +# Copyright (C) 2007-2016 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +PAM_MANS = pam_ldap.8 +UTILS_MANS = getent.ldap.1 chsh.ldap.1 +NSLCD_MANS = nslcd.conf.5 nslcd.8 +PYNSLCD_MANS = pynslcd.8 +ALL_MANS = $(PAM_MANS) $(UTILS_MANS) $(NSLCD_MANS) $(PYNSLCD_MANS) + +program_transform_name = s&ldap&$(MODULE_NAME)& + +# figure out which manual pages to install +if INSTMAN +man_MANS = +if ENABLE_PAM + man_MANS += $(PAM_MANS) +endif +if ENABLE_UTILS + man_MANS += $(UTILS_MANS) +endif +if ENABLE_NSLCD + man_MANS += $(NSLCD_MANS) +endif +if ENABLE_PYNSLCD + man_MANS += $(PYNSLCD_MANS) +if !ENABLE_NSLCD + man_MANS += nslcd.conf.5 +endif +endif +noinst_DATA = $(ALL_MANS) +EXTRA_DIST = $(ALL_MANS) $(ALL_MANS:=.xml) +endif + +if GENMAN + +MAINTAINERCLEANFILES = $(ALL_MANS) $(ALL_MANS:=.html) + +SUFFIXES = .xml +.xml: + $(DOCBOOK2X_MAN) \ + --string-param header-3='$(RELEASE_MONTH)' \ + --string-param header-4='Version $(VERSION)' \ + --encoding=utf-8 \ + $< + +.xml.html: + xmlto xhtml-nochunks $< + +endif diff --git a/man/Makefile.in b/man/Makefile.in new file mode 100644 index 0000000..750ff7f --- /dev/null +++ b/man/Makefile.in @@ -0,0 +1,668 @@ +# Makefile.in generated by automake 1.15.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2017 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# Makefile.am - use automake to generate Makefile.in +# +# Copyright (C) 2007-2016 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +VPATH = @srcdir@ +am__is_gnu_make = { \ + if test -z '$(MAKELEVEL)'; then \ + false; \ + elif test -n '$(MAKE_HOST)'; then \ + true; \ + elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ + true; \ + else \ + false; \ + fi; \ +} +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +target_triplet = @target@ +@ENABLE_PAM_TRUE@@INSTMAN_TRUE@am__append_1 = $(PAM_MANS) +@ENABLE_UTILS_TRUE@@INSTMAN_TRUE@am__append_2 = $(UTILS_MANS) +@ENABLE_NSLCD_TRUE@@INSTMAN_TRUE@am__append_3 = $(NSLCD_MANS) +@ENABLE_PYNSLCD_TRUE@@INSTMAN_TRUE@am__append_4 = $(PYNSLCD_MANS) +@ENABLE_NSLCD_FALSE@@ENABLE_PYNSLCD_TRUE@@INSTMAN_TRUE@am__append_5 = nslcd.conf.5 +subdir = man +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_pthread.m4 \ + $(top_srcdir)/m4/ax_python_module.m4 \ + $(top_srcdir)/m4/ax_tls.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +SOURCES = +DIST_SOURCES = +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__uninstall_files_from_dir = { \ + test -z "$$files" \ + || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ + || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ + $(am__cd) "$$dir" && rm -f $$files; }; \ + } +man1dir = $(mandir)/man1 +am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)" \ + "$(DESTDIR)$(man8dir)" +man5dir = $(mandir)/man5 +man8dir = $(mandir)/man8 +NROFF = nroff +MANS = $(man_MANS) +DATA = $(noinst_DATA) +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/mkinstalldirs +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DOCBOOK2X_MAN = @DOCBOOK2X_MAN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ +MODULE_NAME = @MODULE_NAME@ +NSLCD_BINDPW_PATH = @NSLCD_BINDPW_PATH@ +NSLCD_CONF_PATH = @NSLCD_CONF_PATH@ +NSLCD_PIDFILE = @NSLCD_PIDFILE@ +NSLCD_SOCKET = @NSLCD_SOCKET@ +NSS_FLAVOUR = @NSS_FLAVOUR@ +NSS_LDAP_SONAME = @NSS_LDAP_SONAME@ +NSS_MODULE_OBJS = @NSS_MODULE_OBJS@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PAM_LDAP_SONAME = @PAM_LDAP_SONAME@ +PAM_SECLIB_DIR = @PAM_SECLIB_DIR@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PIC_CFLAGS = @PIC_CFLAGS@ +PTHREAD_CC = @PTHREAD_CC@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LIBS = @PTHREAD_LIBS@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ +RANLIB = @RANLIB@ +RELEASE_MONTH = @RELEASE_MONTH@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +ax_pthread_config = @ax_pthread_config@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +nslcd_LIBS = @nslcd_LIBS@ +nss_ldap_so_LDFLAGS = @nss_ldap_so_LDFLAGS@ +nss_ldap_so_LINK = @nss_ldap_so_LINK@ +oldincludedir = @oldincludedir@ +pam_ldap_so_LDFLAGS = @pam_ldap_so_LDFLAGS@ +pam_ldap_so_LINK = @pam_ldap_so_LINK@ +pdfdir = @pdfdir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ +prefix = @prefix@ +program_transform_name = s&ldap&$(MODULE_NAME)& +psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ +runstatedir = @runstatedir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target = @target@ +target_alias = @target_alias@ +target_cpu = @target_cpu@ +target_os = @target_os@ +target_vendor = @target_vendor@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +PAM_MANS = pam_ldap.8 +UTILS_MANS = getent.ldap.1 chsh.ldap.1 +NSLCD_MANS = nslcd.conf.5 nslcd.8 +PYNSLCD_MANS = pynslcd.8 +ALL_MANS = $(PAM_MANS) $(UTILS_MANS) $(NSLCD_MANS) $(PYNSLCD_MANS) + +# figure out which manual pages to install +@INSTMAN_TRUE@man_MANS = $(am__append_1) $(am__append_2) \ +@INSTMAN_TRUE@ $(am__append_3) $(am__append_4) $(am__append_5) +@INSTMAN_TRUE@noinst_DATA = $(ALL_MANS) +@INSTMAN_TRUE@EXTRA_DIST = $(ALL_MANS) $(ALL_MANS:=.xml) +@GENMAN_TRUE@MAINTAINERCLEANFILES = $(ALL_MANS) $(ALL_MANS:=.html) +@GENMAN_TRUE@SUFFIXES = .xml +all: all-am + +.SUFFIXES: +.SUFFIXES: .xml .html +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu man/Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): +install-man1: $(man_MANS) + @$(NORMAL_INSTALL) + @list1=''; \ + list2='$(man_MANS)'; \ + test -n "$(man1dir)" \ + && test -n "`echo $$list1$$list2`" \ + || exit 0; \ + echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ + { for i in $$list1; do echo "$$i"; done; \ + if test -n "$$list2"; then \ + for i in $$list2; do echo "$$i"; done \ + | sed -n '/\.1[a-z]*$$/p'; \ + fi; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ + fi; \ + done; \ + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ + done; } + +uninstall-man1: + @$(NORMAL_UNINSTALL) + @list=''; test -n "$(man1dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) +install-man5: $(man_MANS) + @$(NORMAL_INSTALL) + @list1=''; \ + list2='$(man_MANS)'; \ + test -n "$(man5dir)" \ + && test -n "`echo $$list1$$list2`" \ + || exit 0; \ + echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ + { for i in $$list1; do echo "$$i"; done; \ + if test -n "$$list2"; then \ + for i in $$list2; do echo "$$i"; done \ + | sed -n '/\.5[a-z]*$$/p'; \ + fi; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ + fi; \ + done; \ + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ + done; } + +uninstall-man5: + @$(NORMAL_UNINSTALL) + @list=''; test -n "$(man5dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.5[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) +install-man8: $(man_MANS) + @$(NORMAL_INSTALL) + @list1=''; \ + list2='$(man_MANS)'; \ + test -n "$(man8dir)" \ + && test -n "`echo $$list1$$list2`" \ + || exit 0; \ + echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ + { for i in $$list1; do echo "$$i"; done; \ + if test -n "$$list2"; then \ + for i in $$list2; do echo "$$i"; done \ + | sed -n '/\.8[a-z]*$$/p'; \ + fi; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ + fi; \ + done; \ + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ + done; } + +uninstall-man8: + @$(NORMAL_UNINSTALL) + @list=''; test -n "$(man8dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) +tags TAGS: + +ctags CTAGS: + +cscope cscopelist: + + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(MANS) $(DATA) +installdirs: + for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." + -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES) +clean: clean-am + +clean-am: clean-generic mostlyclean-am + +distclean: distclean-am + -rm -f Makefile +distclean-am: clean-am distclean-generic + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: install-man + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: install-man1 install-man5 install-man8 + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-generic + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-man + +uninstall-man: uninstall-man1 uninstall-man5 uninstall-man8 + +.MAKE: install-am install-strip + +.PHONY: all all-am check check-am clean clean-generic cscopelist-am \ + ctags-am distclean distclean-generic distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-man1 install-man5 \ + install-man8 install-pdf install-pdf-am install-ps \ + install-ps-am install-strip installcheck installcheck-am \ + installdirs maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-generic pdf pdf-am ps ps-am tags-am \ + uninstall uninstall-am uninstall-man uninstall-man1 \ + uninstall-man5 uninstall-man8 + +.PRECIOUS: Makefile + +@GENMAN_TRUE@.xml: +@GENMAN_TRUE@ $(DOCBOOK2X_MAN) \ +@GENMAN_TRUE@ --string-param header-3='$(RELEASE_MONTH)' \ +@GENMAN_TRUE@ --string-param header-4='Version $(VERSION)' \ +@GENMAN_TRUE@ --encoding=utf-8 \ +@GENMAN_TRUE@ $< + +@GENMAN_TRUE@.xml.html: +@GENMAN_TRUE@ xmlto xhtml-nochunks $< + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/man/chsh.ldap.1 b/man/chsh.ldap.1 new file mode 100644 index 0000000..11e0e65 --- /dev/null +++ b/man/chsh.ldap.1 @@ -0,0 +1,56 @@ +'\" -*- coding: utf-8 -*- +.if \n(.g .ds T< \\FC +.if \n(.g .ds T> \\F[\n[.fam]] +.de URL +\\$2 \(la\\$1\(ra\\$3 +.. +.if \n(.g .mso www.tmac +.TH chsh.ldap 1 "Feb 2018" "Version 0.9.9" "User Commands" +.SH NAME +chsh.ldap \- change login shell in LDAP +.SH SYNOPSIS +'nh +.fi +.ad l +\fBchsh.ldap\fR \kx +.if (\nx>(\n(.l/2)) .nr x (\n(.l/5) +'in \n(.iu+\nxu +[\fIoptions\fR] [\fILOGIN\fR] +'in \n(.iu-\nxu +.ad b +'hy +.SH DESCRIPTION +The \fBchsh.ldap\fR command can be used to change user's +login shell (command interpreter). +.PP +The actual change in LDAP is performed by the +\fBnslcd\fR daemon and is subject to the access controls +configured in the LDAP server. +.SH OPTIONS +The options that may be specified to the \fBchsh.ldap\fR +command are: +.TP +\*(T<\fB\-s\fR\*(T>, \*(T<\fB\-\-shell\fR\*(T> \fISHELL\fR +The name of the user's new login shell. +Setting this field to blank causes the system to select the default +login shell. +.TP +\*(T<\fB\-l\fR\*(T>, \*(T<\fB\-\-list\-shells\fR\*(T> +Print the list of shells found in \*(T<\fI/etc/shells\fR\*(T> and exit. +.TP +\*(T<\fB\-h\fR\*(T>, \*(T<\fB\-\-help\fR\*(T> +Display short help and exit. +.TP +\*(T<\fB\-V, \-\-version\fR\*(T> +Output version information and exit. +.PP +If no option is specified \fBchsh.ldap\fR will prompt the +user to enter a value for the shell. +.SH FILES +\*(T<\fI/etc/shells\fR\*(T> - list of valid login shells +.SH "SEE ALSO" +\fBchsh\fR(1), +\fBshells\fR(5), +\fBnslcd\fR(8) +.SH AUTHOR +This manual was written by Arthur de Jong . diff --git a/man/chsh.ldap.1.xml b/man/chsh.ldap.1.xml new file mode 100644 index 0000000..8b7de13 --- /dev/null +++ b/man/chsh.ldap.1.xml @@ -0,0 +1,148 @@ + + + + + + + + + + Arthur + de Jong + + + + + chsh.ldap + 1 + Version 0.9.9 + User Commands + Feb 2018 + + + + chsh.ldap + change login shell in LDAP + + + + + chsh.ldap + options + LOGIN + + + + + Description + + The chsh.ldap command can be used to change user's + login shell (command interpreter). + + + The actual change in LDAP is performed by the + nslcd daemon and is subject to the access controls + configured in the LDAP server. + + + + + Options + + The options that may be specified to the chsh.ldap + command are: + + + + + + , + SHELL + + + + The name of the user's new login shell. + Setting this field to blank causes the system to select the default + login shell. + + + + + + + , + + + + Print the list of shells found in /etc/shells and exit. + + + + + + + , + + + Display short help and exit. + + + + + + + + + Output version information and exit. + + + + + + If no option is specified chsh.ldap will prompt the + user to enter a value for the shell. + + + + + Files + + /etc/shells - list of valid login shells + + + + + See Also + + chsh1, + shells5, + nslcd8 + + + + + Author + This manual was written by Arthur de Jong <arthur@arthurdejong.org>. + + + diff --git a/man/getent.ldap.1 b/man/getent.ldap.1 new file mode 100644 index 0000000..d0b41a1 --- /dev/null +++ b/man/getent.ldap.1 @@ -0,0 +1,148 @@ +'\" -*- coding: utf-8 -*- +.if \n(.g .ds T< \\FC +.if \n(.g .ds T> \\F[\n[.fam]] +.de URL +\\$2 \(la\\$1\(ra\\$3 +.. +.if \n(.g .mso www.tmac +.TH getent.ldap 1 "Feb 2018" "Version 0.9.9" "User Commands" +.SH NAME +getent.ldap \- query information from LDAP +.SH SYNOPSIS +'nh +.fi +.ad l +\fBgetent.ldap\fR \kx +.if (\nx>(\n(.l/2)) .nr x (\n(.l/5) +'in \n(.iu+\nxu +[\fIoptions\fR] [\fIDATABASE\fR] [\fIKEY...\fR] +'in \n(.iu-\nxu +.ad b +'hy +.SH DESCRIPTION +The \fBgetent.ldap\fR command can be used to lookup or +enumerate information from LDAP. +Unlike the +\fBgetent\fR(1) +command, this command completely bypasses the lookups configured in +\*(T<\fI/etc/nsswitch.conf\fR\*(T> and queries the +\fBnslcd\fR(8) +daemon directly. +.PP +\fBgetent.ldap\fR tries to match the behaviour and output of +\fBgetent\fR and the format in the corresponding flat files +as much as possible, however there are a number of differences. +If multiple entries are found in LDAP that match a +specific query, multiple values are printed (e.g. ethernet addresses that +have multiple names, services that support multiple protocols, etc.). +Also, some databases have extra options as described below. +.SH OPTIONS +The options that may be specified to the \fBgetent.ldap\fR +command are: +.TP +\*(T<\fB\-h\fR\*(T>, \*(T<\fB\-\-help\fR\*(T> +Display short help and exit. +.TP +\*(T<\fB\-V, \-\-version\fR\*(T> +Output version information and exit. +.SH DATABASES +The \fIDATABASE\fR argument may be any of the +supported databases below: +.TP +\*(T<\fBaliases\fR\*(T> +Lists or queries email aliases. +If \fIKEY\fR is given it searches for the alias +by name, otherwise it returns all aliases from +LDAP. +.TP +\*(T<\fBethers\fR\*(T> +Lists or queries ethernet addresses. +If \fIKEY\fR matches the format of an ethernet +address a search by address is performed, otherwise a search by name +is performed or all entries are returned if +\fIKEY\fR is omitted. +Unlike \fBgetent\fR, \fBgetent.ldapd\fR +does support enumerating all ethernet addresses. +.TP +\*(T<\fBgroup\fR\*(T> +Lists or queries groups. +If \fIKEY\fR is numeric, it searches for the +group by group id. +.TP +\*(T<\fBgroup.bymember\fR\*(T> +The \fIKEY\fR is a user name and groups are +returned for which this user is a member. +The format is similar to the \*(T<\fBgroup\fR\*(T> output but the +group members are left out for performance reasons. +.TP +\*(T<\fBhosts\fR\*(T> +List or search host names and addresses by either host name, +IPv4 or IPv6 address. This returns both IPv4 and IPv6 addresses +(if available). +.TP +\*(T<\fBhostsv4\fR\*(T> +Similar to \*(T<\fBhosts\fR\*(T> but any supplied IPv6 addresses are +treated as host names and only IPv4 addresses are returned. +.TP +\*(T<\fBhostsv6\fR\*(T> +Similar to \*(T<\fBhosts\fR\*(T> but \fIKEY\fR +is treated as an IPv6 address or a host name and only IPv6 addresses +are returned. +.TP +\*(T<\fBnetgroup\fR\*(T> +List or query netgroups and netgroup triples (host, user, domain) that +are a member of the netgroup. +Unlike \fBgetent\fR, \fBgetent.ldapd\fR +does support enumerating all ethernet addresses. +.TP +\*(T<\fBnetgroup.norec\fR\*(T> +Similar to \*(T<\fBnetgroup\fR\*(T> except that no subsequent +lookups are done to expand netgroups which are member of the +supplied netgroup and the output may contain both other netgroup +names and netgroup triples. +.TP +\*(T<\fBnetworks\fR\*(T> +List or query network names and addresses. +\fIKEY\fR may be a network name or address. +This map can return both IPv4 and IPv6 network addresses. +.TP +\*(T<\fBnetworksv4\fR\*(T> +Only return IPv4 network addresses. +.TP +\*(T<\fBnetworksv6\fR\*(T> +Only return IPv6 network addresses. +.TP +\*(T<\fBpasswd\fR\*(T> +Enumerate or search the user account database. +\fIKEY\fR may be a user name or numeric user id +or be omitted to list all users. +.TP +\*(T<\fBprotocols\fR\*(T> +Enumerate the internet protocols database. +.TP +\*(T<\fBrpc\fR\*(T> +List or search user readable names that map to RPC program numbers. +Searching by \fIKEY\fR can be done on name or +rpc program number. +.TP +\*(T<\fBservices\fR\*(T> +List or search the mapping between names for internet services and +their corresponding port numbers and protocol types. +The \fIKEY\fR can be either a service name or +number, followed by an optional slash and protocol name to restrict +the search to only entries for the specified protocol. +.TP +\*(T<\fBshadow\fR\*(T> +Enumerate or search extended user account information. +Note that shadow information is likely only exposed to the root user +and by default \fBnslcd\fR does not expose password +hashes, even to root. +.SH "SEE ALSO" +\fBgetent\fR(1), +\fBnslcd\fR(8) +.SH AUTHOR +This manual was written by Arthur de Jong . +.SH BUGS +Currently, \fBgetent.ldapd\fR does not correctly set an +exit code. It should return the same kind of exit codes as +\fBgetent\fR does (e.g. for missing entries). diff --git a/man/getent.ldap.1.xml b/man/getent.ldap.1.xml new file mode 100644 index 0000000..018de1e --- /dev/null +++ b/man/getent.ldap.1.xml @@ -0,0 +1,334 @@ + + + + + + + + + + Arthur + de Jong + + + + + getent.ldap + 1 + Version 0.9.9 + User Commands + Feb 2018 + + + + getent.ldap + query information from LDAP + + + + + getent.ldap + options + DATABASE + KEY... + + + + + Description + + The getent.ldap command can be used to lookup or + enumerate information from LDAP. + Unlike the + getent1 + command, this command completely bypasses the lookups configured in + /etc/nsswitch.conf and queries the + nslcd8 + daemon directly. + + + getent.ldap tries to match the behaviour and output of + getent and the format in the corresponding flat files + as much as possible, however there are a number of differences. + If multiple entries are found in LDAP that match a + specific query, multiple values are printed (e.g. ethernet addresses that + have multiple names, services that support multiple protocols, etc.). + Also, some databases have extra options as described below. + + + + + Options + + The options that may be specified to the getent.ldap + command are: + + + + + + , + + + Display short help and exit. + + + + + + + + + Output version information and exit. + + + + + + + + Databases + + The DATABASE argument may be any of the + supported databases below: + + + + + + + + Lists or queries email aliases. + If KEY is given it searches for the alias + by name, otherwise it returns all aliases from + LDAP. + + + + + + + + + Lists or queries ethernet addresses. + If KEY matches the format of an ethernet + address a search by address is performed, otherwise a search by name + is performed or all entries are returned if + KEY is omitted. + Unlike getent, getent.ldapd + does support enumerating all ethernet addresses. + + + + + + + + + Lists or queries groups. + If KEY is numeric, it searches for the + group by group id. + + + + + + + + + The KEY is a user name and groups are + returned for which this user is a member. + The format is similar to the output but the + group members are left out for performance reasons. + + + + + + + + + List or search host names and addresses by either host name, + IPv4 or IPv6 address. This returns both IPv4 and IPv6 addresses + (if available). + + + + + + + + + Similar to but any supplied IPv6 addresses are + treated as host names and only IPv4 addresses are returned. + + + + + + + + + Similar to but KEY + is treated as an IPv6 address or a host name and only IPv6 addresses + are returned. + + + + + + + + + List or query netgroups and netgroup triples (host, user, domain) that + are a member of the netgroup. + Unlike getent, getent.ldapd + does support enumerating all ethernet addresses. + + + + + + + + + Similar to except that no subsequent + lookups are done to expand netgroups which are member of the + supplied netgroup and the output may contain both other netgroup + names and netgroup triples. + + + + + + + + + List or query network names and addresses. + KEY may be a network name or address. + This map can return both IPv4 and IPv6 network addresses. + + + + + + + + + Only return IPv4 network addresses. + + + + + + + + + Only return IPv6 network addresses. + + + + + + + + + Enumerate or search the user account database. + KEY may be a user name or numeric user id + or be omitted to list all users. + + + + + + + + + Enumerate the internet protocols database. + + + + + + + + + List or search user readable names that map to RPC program numbers. + Searching by KEY can be done on name or + rpc program number. + + + + + + + + + List or search the mapping between names for internet services and + their corresponding port numbers and protocol types. + The KEY can be either a service name or + number, followed by an optional slash and protocol name to restrict + the search to only entries for the specified protocol. + + + + + + + + + Enumerate or search extended user account information. + Note that shadow information is likely only exposed to the root user + and by default nslcd does not expose password + hashes, even to root. + + + + + + + + + + See Also + + getent1, + nslcd8 + + + + + Author + This manual was written by Arthur de Jong <arthur@arthurdejong.org>. + + + + Bugs + + Currently, getent.ldapd does not correctly set an + exit code. It should return the same kind of exit codes as + getent does (e.g. for missing entries). + + + + diff --git a/man/nslcd.8 b/man/nslcd.8 new file mode 100644 index 0000000..881b179 --- /dev/null +++ b/man/nslcd.8 @@ -0,0 +1,71 @@ +'\" -*- coding: utf-8 -*- +.if \n(.g .ds T< \\FC +.if \n(.g .ds T> \\F[\n[.fam]] +.de URL +\\$2 \(la\\$1\(ra\\$3 +.. +.if \n(.g .mso www.tmac +.TH nslcd 8 "Feb 2018" "Version 0.9.9" "System Manager's Manual" +.SH NAME +nslcd \- local LDAP name service daemon +.SH SYNOPSIS +'nh +.fi +.ad l +\fBnslcd\fR \kx +.if (\nx>(\n(.l/2)) .nr x (\n(.l/5) +'in \n(.iu+\nxu +[\fIoptions\fR] +'in \n(.iu-\nxu +.ad b +'hy +.SH DESCRIPTION +\fBnslcd\fR is a daemon that will do LDAP queries for local +processes that want to do user, group and other naming lookups (NSS) or do +user authentication, authorisation or password modification (PAM). +.PP +\fBnslcd\fR is configured through a configuration file +(see \fBnslcd.conf\fR(5)). +.PP +See the included README for information on configuring the LDAP server. +.SH OPTIONS +\fBnslcd\fR accepts the following options: +.TP +\*(T<\fB\-c\fR\*(T>, \*(T<\fB\-\-check\fR\*(T> +Check if the daemon is running. +This causes \fBnslcd\fR to return 0 if the daemon is already running and 1 if it is not. +.TP +\*(T<\fB\-d\fR\*(T>, \*(T<\fB\-\-debug\fR\*(T> +Enable debugging mode. +\fBnslcd\fR will not put itself in the background and sends +verbose debugging info to stderr. +\fBnslcd\fR will handle connections as usual. +This option is for debugging purposes only. +Specify this option multiple times to also include more detailed logging +from the LDAP library. +.TP +\*(T<\fB\-n\fR\*(T>, \*(T<\fB\-\-nofork\fR\*(T> +Do not fork or daemonise and run \fBnslcd\fR in the +foreground. +.TP +\*(T<\fB\-\-help\fR\*(T> +Display short help and exit. +.TP +\*(T<\fB\-V\fR\*(T>, \*(T<\fB\-\-version\fR\*(T> +Output version information and exit. +.SH SIGNALS +.TP +\*(T<\fBSIGTERM\fR\*(T>/\*(T<\fBSIGINT\fR\*(T> +Cancel any running queries and exit. +.TP +\*(T<\fBSIGUSR1\fR\*(T> +Cause \fBnslcd\fR to retry any failing connections +to the LDAP server, regardless of the \*(T<\fBreconnect_sleeptime\fR\*(T> +and \*(T<\fBreconnect_retrytime\fR\*(T> options. +.SH FILES +\*(T<\fI/etc/nslcd.conf\fR\*(T> - the configuration file +(see \fBnslcd.conf\fR(5)) +.SH "SEE ALSO" +\fBnslcd.conf\fR(5) +.SH AUTHOR +This manual was written by Arthur de Jong . diff --git a/man/nslcd.8.xml b/man/nslcd.8.xml new file mode 100644 index 0000000..8692a7b --- /dev/null +++ b/man/nslcd.8.xml @@ -0,0 +1,180 @@ + + + + + + + + + + Arthur + de Jong + + + + + nslcd + 8 + Version 0.9.9 + System Manager's Manual + Feb 2018 + + + + nslcd + local LDAP name service daemon + + + + + nslcd + options + + + + + Description + + nslcd is a daemon that will do LDAP queries for local + processes that want to do user, group and other naming lookups (NSS) or do + user authentication, authorisation or password modification (PAM). + + + nslcd is configured through a configuration file + (see nslcd.conf5). + + + See the included README for information on configuring the LDAP server. + + + + + Options + + nslcd accepts the following options: + + + + + , + + + + Check if the daemon is running. + This causes nslcd to return 0 if the daemon is already running and 1 if it is not. + + + + + + + , + + + + Enable debugging mode. + nslcd will not put itself in the background and sends + verbose debugging info to stderr. + nslcd will handle connections as usual. + This option is for debugging purposes only. + Specify this option multiple times to also include more detailed logging + from the LDAP library. + + + + + + + , + + + + Do not fork or daemonise and run nslcd in the + foreground. + + + + + + + + + + Display short help and exit. + + + + + + , + + + Output version information and exit. + + + + + + + + Signals + + + / + + Cancel any running queries and exit. + + + + + + Cause nslcd to retry any failing connections + to the LDAP server, regardless of the + and options. + + + + + + + Files + + /etc/nslcd.conf - the configuration file + (see nslcd.conf5) + + + + + See Also + + nslcd.conf5 + + + + + Author + This manual was written by Arthur de Jong <arthur@arthurdejong.org>. + + + diff --git a/man/nslcd.conf.5 b/man/nslcd.conf.5 new file mode 100644 index 0000000..93403ab --- /dev/null +++ b/man/nslcd.conf.5 @@ -0,0 +1,657 @@ +'\" -*- coding: utf-8 -*- +.if \n(.g .ds T< \\FC +.if \n(.g .ds T> \\F[\n[.fam]] +.de URL +\\$2 \(la\\$1\(ra\\$3 +.. +.if \n(.g .mso www.tmac +.TH nslcd.conf 5 "Feb 2018" "Version 0.9.9" "System Manager's Manual" +.SH NAME +nslcd.conf \- configuration file for LDAP nameservice daemon +.SH DESCRIPTION +The \fInss-pam-ldapd\fR package allows LDAP +directory servers to be used as a primary source of name service +information. (Name service information typically includes users, hosts, +groups, and other such data historically stored in flat files or +NIS.) +.PP +The file \*(T<\fInslcd.conf\fR\*(T> contains the +configuration information for running \fBnslcd\fR (see +\fBnslcd\fR(8)). +The file contains options, one on each line, defining the way +NSS lookups and PAM actions +are mapped to LDAP lookups. +.SH OPTIONS +.SS "RUNTIME OPTIONS" +.TP +\*(T<\fBthreads\fR\*(T> \fINUM\fR +Specifies the number of threads to start that can handle requests +and perform LDAP queries. +Each thread opens a separate connection to the LDAP +server. +The default is to start 5 threads. +.TP +\*(T<\fBuid\fR\*(T> \fIUID\fR +This specifies the user id with which the daemon should be run. +This can be a numerical id or a symbolic value. +If no uid is specified no attempt to change the user will be made. +Note that you should use values that don't need LDAP +to resolve. +.TP +\*(T<\fBgid\fR\*(T> \fIGID\fR +This specifies the group id with which the daemon should be run. +This can be a numerical id or a symbolic value. +If no gid is specified no attempt to change the group will be made. +Note that you should use values that don't need LDAP +to resolve. +.TP +\*(T<\fBlog\fR\*(T> \fISCHEME\fR [\fILEVEL\fR] +This option controls the way logging is done. +The \fISCHEME\fR argument may either be +\*(T, \*(T or an absolute +file name. +The \fILEVEL\fR argument is optional and specifies +the log level. +The log level may be one of: \*(T, +\*(T, \*(T, +\*(T, \*(T or +\*(T. The default log level is \*(T. +All messages with the specified loglevel or higher are logged. +This option can be supplied multiple times. +If this option is omitted \*(T is assumed. +.SS "GENERAL CONNECTION OPTIONS" +.TP +\*(T<\fBuri\fR\*(T> \fIURI\fR ... +Specifies the LDAP URI of the +server to connect to. +The URI scheme may be \*(T, +\*(T or \*(T, specifying +LDAP over TCP, +ICP or SSL respectively (if +supported by the LDAP library). + +Alternatively, the value \*(T may be +used to try to lookup the server using DNS +SRV records. +By default the current domain is used but another domain can +be queried by using the +\*(T\fIDOMAIN\fR syntax. + +When using the ldapi scheme, %2f should be used to escape slashes +(e.g. ldapi://%2fvar%2frun%2fslapd%2fldapi/), although most of the +time this should not be needed. + +This option may be specified multiple times and/or with more +URIs on the line, separated by space. Normally, only the first +server will be used with the following servers as fall-back (see +\*(T<\fBbind_timelimit\fR\*(T> below). + +If LDAP lookups are used for host name resolution, +any host names should be specified as an IP address or name that can be +resolved without using LDAP. +.TP +\*(T<\fBldap_version\fR\*(T> \fIVERSION\fR +Specifies the version of the LDAP protocol to use. +The default is to use the maximum version supported by the +LDAP library. +.TP +\*(T<\fBbinddn\fR\*(T> \fIDN\fR +Specifies the distinguished name with which to bind to the directory +server for lookups. +The default is to bind anonymously. +.TP +\*(T<\fBbindpw\fR\*(T> \fIPASSWORD\fR +Specifies the credentials with which to bind. +This option is only applicable when used with \*(T<\fBbinddn\fR\*(T> above. +If you set this option you should consider changing the permissions +of the \*(T<\fInslcd.conf\fR\*(T> file to only grant access to +the root user. +.TP +\*(T<\fBrootpwmoddn\fR\*(T> \fIDN\fR +Specifies the distinguished name to use when the root user tries to +modify a user's password using the PAM module. + +Note that currently this DN needs to exist as a real entry in the +LDAP directory. +.TP +\*(T<\fBrootpwmodpw\fR\*(T> \fIPASSWORD\fR +Specifies the credentials with which to bind if the root +user tries to change a user's password. +This option is only applicable when used with +\*(T<\fBrootpwmoddn\fR\*(T> above. +If this option is not specified the PAM module prompts the user for +this password. +If you set this option you should consider changing the permissions +of the \*(T<\fInslcd.conf\fR\*(T> file to only grant access to +the root user. +.SS "SASL AUTHENTICATION OPTIONS" +.TP +\*(T<\fBsasl_mech\fR\*(T> \fIMECHANISM\fR +Specifies the SASL mechanism to be used when +performing SASL authentication. +.TP +\*(T<\fBsasl_realm\fR\*(T> \fIREALM\fR +Specifies the SASL realm to be used when performing +SASL authentication. +.TP +\*(T<\fBsasl_authcid\fR\*(T> \fIAUTHCID\fR +Specifies the authentication identity to be used when performing +SASL authentication. +.TP +\*(T<\fBsasl_authzid\fR\*(T> \fIAUTHZID\fR +Specifies the authorization identity to be used when performing +SASL authentication. +Must be specified in one of the formats: dn: +or u:. +.TP +\*(T<\fBsasl_secprops\fR\*(T> \fIPROPERTIES\fR +Specifies Cyrus SASL security properties. +Allowed values are described in the +\fBldap.conf\fR(5) +manual page. +.TP +\*(T<\fBsasl_canonicalize\fR\*(T> yes|no +Determines whether the LDAP server host name should +be canonicalised. If this is set to yes the LDAP +library will do a reverse host name lookup. +By default, it is left up to the LDAP library +whether this check is performed or not. +.SS "KERBEROS AUTHENTICATION OPTIONS" +.TP +\*(T<\fBkrb5_ccname\fR\*(T> \fINAME\fR +Set the name for the GSS-API Kerberos credentials cache. +.SS "SEARCH/MAPPING OPTIONS" +.TP +\*(T<\fBbase\fR\*(T> [\fIMAP\fR] \fIDN\fR +Specifies the base distinguished name (DN) +to use as search base. +This option may be supplied multiple times and all specified bases +will be searched. + +A global search base may be specified or a MAP-specific one. +If no MAP-specific search bases are defined the global ones are used. + +If, instead of a DN, the value +\fIDOMAIN\fR is specified, the host's +DNS domain is used to construct a search base. + +If this value is not defined an attempt is made to look it up +in the configured LDAP server. Note that if the +LDAP server is unavailable during start-up +\fBnslcd\fR will not start. +.TP +\*(T<\fBscope\fR\*(T> [\fIMAP\fR] sub[tree]|one[level]|base|children +Specifies the search scope (subtree, onelevel, base or children). +The default scope is subtree; base scope is almost never useful for +name service lookups; children scope is not supported on all servers. +.TP +\*(T<\fBderef\fR\*(T> never|searching|finding|always +Specifies the policy for dereferencing aliases. +The default policy is to never dereference aliases. +.TP +\*(T<\fBreferrals\fR\*(T> yes|no +Specifies whether automatic referral chasing should be enabled. +The default behaviour is to chase referrals. +.TP +\*(T<\fBfilter\fR\*(T> \fIMAP\fR \fIFILTER\fR +The \fIFILTER\fR +is an LDAP search filter to use for a +specific map. +The default filter is a basic search on the +objectClass for the map (e.g. \*(T<(objectClass=posixAccount)\*(T>). +.TP +\*(T<\fBmap\fR\*(T> \fIMAP\fR \fIATTRIBUTE\fR \fINEWATTRIBUTE\fR +This option allows for custom attributes to be looked up instead of +the default RFC 2307 attributes. +The \fIMAP\fR may be one of +the supported maps below. +The \fIATTRIBUTE\fR is the one as +used in RFC 2307 (e.g. \*(T, +\*(T, \*(T, etc.). +The \fINEWATTRIBUTE\fR may be any attribute +as it is available in the directory. + +If the \fINEWATTRIBUTE\fR is presented in +quotes (") it is treated as an expression which will be evaluated +to build up the actual value used. +See the section on attribute mapping expressions below for more details. + +Only some attributes for group, passwd and shadow entries may be mapped +with an expression (because other attributes may be used in search +filters). +For group entries only the \*(T attribute +may be mapped with an expression. +For passwd entries the following attributes may be mapped with an +expression: \*(T, \*(T, +\*(T, \*(T and +\*(T. +For shadow entries the following attributes may be mapped with an +expression: \*(T, \*(T, +\*(T, \*(T, +\*(T, \*(T, +\*(T and \*(T. + +The \*(T and \*(T +attributes in the \*(T and \*(T +maps may be mapped to the \*(T followed by +the domain SID to derive numeric user and group ids from the SID +(e.g. \*(T). + +By default all \*(T attributes are mapped +to the unmatchable password ("*") to avoid accidentally leaking +password information. +.SS "TIMING/RECONNECT OPTIONS" +.TP +\*(T<\fBbind_timelimit\fR\*(T> \fISECONDS\fR +Specifies the time limit (in seconds) to use when connecting to the +directory server. +This is distinct from the time limit specified in +\*(T<\fBtimelimit\fR\*(T> and affects the set-up of the connection only. +Note that not all LDAP client libraries have support +for setting the connection time out. +The default \*(T<\fBbind_timelimit\fR\*(T> is 10 seconds. +.TP +\*(T<\fBtimelimit\fR\*(T> \fISECONDS\fR +Specifies the time limit (in seconds) to wait for a response from the +LDAP server. +A value of zero (0), which is the default, is to wait indefinitely for +searches to be completed. +.TP +\*(T<\fBidle_timelimit\fR\*(T> \fISECONDS\fR +Specifies the period if inactivity (in seconds) after which the +connection to the LDAP server will be closed. +The default is not to time out connections. +.TP +\*(T<\fBreconnect_sleeptime\fR\*(T> \fISECONDS\fR +Specifies the number of seconds to sleep when connecting to all +LDAP servers fails. +By default 1 second is waited between the first failure and the first +retry. +.TP +\*(T<\fBreconnect_retrytime\fR\*(T> \fISECONDS\fR +Specifies the time after which the LDAP server is +considered to be permanently unavailable. +Once this time is reached retries will be done only once per this time period. +The default value is 10 seconds. +.PP +Note that the reconnect logic as described above is the mechanism that +is used between \fBnslcd\fR and the LDAP +server. The mechanism between the NSS and +PAM client libraries on one end and +\fBnslcd\fR on the other is simpler with a fixed compiled-in +time out of a 10 seconds for writing to \fBnslcd\fR and +a time out of 60 seconds for reading answers. +\fBnslcd\fR itself has a read time out of 0.5 seconds +and a write time out of 60 seconds. +.SS "SSL/TLS OPTIONS" +.TP +\*(T<\fBssl\fR\*(T> on|off|start_tls +Specifies whether to use SSL/TLS or not (the default is not to). If +\fIstart_tls\fR +is specified then StartTLS is used rather than raw LDAP over SSL. +Not all LDAP client libraries support both SSL, +StartTLS and all related configuration options. +.TP +\*(T<\fBtls_reqcert\fR\*(T> never|allow|try|demand|hard +Specifies what checks to perform on a server-supplied certificate. +The meaning of the values is described in the +\fBldap.conf\fR(5) +manual page. +At least one of \*(T<\fBtls_cacertdir\fR\*(T> and +\*(T<\fBtls_cacertfile\fR\*(T> is required if peer verification is +enabled. +.TP +\*(T<\fBtls_cacertdir\fR\*(T> \fIPATH\fR +Specifies the directory containing X.509 certificates for peer +authentication. +This parameter is ignored when using GnuTLS. +On Debian OpenLDAP is linked against GnuTLS. +.TP +\*(T<\fBtls_cacertfile\fR\*(T> \fIPATH\fR +Specifies the path to the X.509 certificate for peer authentication. +.TP +\*(T<\fBtls_randfile\fR\*(T> \fIPATH\fR +Specifies the path to an entropy source. +This parameter is ignored when using GnuTLS. +On Debian OpenLDAP is linked against GnuTLS. +.TP +\*(T<\fBtls_ciphers\fR\*(T> \fICIPHERS\fR +Specifies the ciphers to use for TLS. +See your TLS implementation's +documentation for further information. +.TP +\*(T<\fBtls_cert\fR\*(T> \fIPATH\fR +Specifies the path to the file containing the local certificate for +client TLS authentication. +.TP +\*(T<\fBtls_key\fR\*(T> \fIPATH\fR +Specifies the path to the file containing the private key for client +TLS authentication. +.SS "OTHER OPTIONS" +.TP +\*(T<\fBpagesize\fR\*(T> \fINUMBER\fR +Set this to a number greater than 0 to request paged results from +the LDAP server in accordance with RFC2696. +The default (0) is to not request paged results. + +This is useful for LDAP servers that contain a +lot of entries (e.g. more than 500) and limit the number of entries +that are returned with one request. +For OpenLDAP servers you may need to set +\*(T<\fBsizelimit size.prtotal=unlimited\fR\*(T> +for allowing more entries to be returned over multiple pages. +.TP +\*(T<\fBnss_initgroups_ignoreusers\fR\*(T> user1,user2,... +This option prevents group membership lookups through +LDAP for the specified users. This can be useful +in case of unavailability of the LDAP server. +This option may be specified multiple times. + +Alternatively, the value \*(T may be +used. With that value nslcd builds a full list of +non-LDAP users on startup. +.TP +\*(T<\fBnss_min_uid\fR\*(T> \fIUID\fR +This option ensures that LDAP users with a numeric +user id lower than the specified value are ignored. Also requests for +users with a lower user id are ignored. +.TP +\*(T<\fBnss_uid_offset\fR\*(T> \fINUMBER\fR +This option specifies an offset that is added to all +LDAP numeric user ids. +This can be used to avoid user id collisions with local users or, +when using \*(T attributes, for compatibility +reasons. + +The value from the \*(T<\fBnss_min_uid\fR\*(T> option is evaluated +after applying the offset. +.TP +\*(T<\fBnss_gid_offset\fR\*(T> \fINUMBER\fR +This option specifies an offset that is added to all +LDAP numeric group ids. +This can be used to avoid user id collisions with local groups or, +when using \*(T attributes, for compatibility +reasons. +.TP +\*(T<\fBnss_nested_groups\fR\*(T> yes|no +If this option is set, the \*(T attribute of a +group may point to another group. +Members of nested groups are also returned in the higher level group +and parent groups are returned when finding groups for a specific user. +The default is not to perform extra searches for nested groups. +.TP +\*(T<\fBnss_getgrent_skipmembers\fR\*(T> yes|no +If this option is set, the group member list is not retrieved when +looking up groups. +Lookups for finding which groups a user belongs to will remain +functional so the user will likely still get the correct groups +assigned on login. + +This can offer a speed-up on systems that have very large groups. +It has the downside of returning inconsistent information about +group membership which may confuse some applications. +This option is not recommended for most configurations. +.TP +\*(T<\fBnss_disable_enumeration\fR\*(T> yes|no +If this option is set, functions which cause all user/group entries to +be loaded (getpwent(), getgrent(), setspent()) from the directory will +not succeed in doing so. +Applications that depend on being able to sequentially read all users +and/or groups may fail to operate correctly. + +This can dramatically reduce LDAP server load in +situations where there are a great number of users and/or groups. +This is typically used in situations where user/program access to +enumerate the entire directory is undesirable, and changing the +behavior of the user/program is not possible. +This option is not recommended for most configurations. +.TP +\*(T<\fBvalidnames\fR\*(T> \fIREGEX\fR +This option can be used to specify how user and group names are +verified within the system. This pattern is used to check all user and +group names that are requested and returned from LDAP. + +The regular expression should be specified as a POSIX extended regular +expression. The expression itself needs to be separated by slash (/) +characters and the 'i' flag may be appended at the end to indicate +that the match should be case-insensetive. +The default value is +\*(T +.TP +\*(T<\fBignorecase\fR\*(T> yes|no +This specifies whether or not to perform searches for group, +netgroup, passwd, protocols, rpc, services and shadow maps using +case-insensitive matching. +Setting this to \*(T could open up the system +to authorisation bypass vulnerabilities and introduce nscd cache poisoning +vulnerabilities which allow denial of service. +The default is to perform case-sensitve filtering of LDAP search +results for the above maps. +.TP +\*(T<\fBpam_authc_ppolicy\fR\*(T> yes|no +This option specifies whether password policy controls are requested +and handled from the LDAP server when performing +user authentication. +By default the controls are requested and handled if available. +.TP +\*(T<\fBpam_authc_search\fR\*(T> \fIFILTER\fR +By default \fBnslcd\fR performs an +LDAP search with the user's credentials after BIND +(authentication) to ensure that the BIND operation was successful. +The default search is a simple check to see if the user's DN exists. + +A search filter can be specified that will be used instead. +The same substitutions as with the \*(T<\fBpam_authz_search\fR\*(T> +option will be performed and the search should at least return one +entry. + +The value \*(T may be used to force the default +search for the user DN. + +The value \*(T may be used to indicate that no +search should be performed after BIND. +Note that some LDAP servers do not always return a +correct error code as a result of a failed BIND operation (e.g. when +an empty password is supplied). +.TP +\*(T<\fBpam_authz_search\fR\*(T> \fIFILTER\fR +This option allows flexible fine tuning of the authorisation check that +should be performed. The search filter specified is executed and +if any entries match, access is granted, otherwise access is denied. + +The search filter can contain the following variable references: +\*(T<$username\*(T>, \*(T<$service\*(T>, +\*(T<$ruser\*(T>, \*(T<$rhost\*(T>, +\*(T<$tty\*(T>, \*(T<$hostname\*(T>, +\*(T<$fqdn\*(T>, +\*(T<$dn\*(T>, and \*(T<$uid\*(T>. +These references are substituted in the search filter using the +same syntax as described in the section on attribute mapping +expressions below. + +For example, to check that the user has a proper \*(T +value if the attribute is present (this almost emulates the +\*(T<\fBpam_check_service_attr\fR\*(T> option in PADL's pam_ldap): + +.nf +\*(T<(&(objectClass=posixAccount)(uid=$username)(|(authorizedService=$service)(!(authorizedService=*))))\*(T> +.fi + +The \*(T<\fBpam_check_host_attr\fR\*(T> option can be emulated with: + +.nf +\*(T<(&(objectClass=posixAccount)(uid=$username)(|(host=$hostname)(host=$fqdn)(host=\e\e*)))\*(T> +.fi + +This option may be specified multiple times and all specified searches +should at least return one entry for access to be granted. +.TP +\*(T<\fBpam_password_prohibit_message\fR\*(T> "\fIMESSAGE\fR" +If this option is set password modification using pam_ldap will be +denied and the specified message will be presented to the user instead. +The message can be used to direct the user to an alternative means +of changing their password. +.TP +\*(T<\fBreconnect_invalidate\fR\*(T> \fIDB\fR,\fIDB\fR,... +If this option is set, \fBnslcd\fR will try to flush the +specified external caches on start-up and whenever a connection to the +LDAP server is re-established after an error. + +\fIDB\fR can refer to one of the nsswitch maps, +in which case \fBnscd\fR is contacted to flush its cache +for the specified database. +If \fIDB\fR is \*(T, +\fBnfsidmap\fR is contacted to clear its cache. + +Using this option ensures that external caches are cleared of +incorrect information (typically the absence of users) that may +be present due to unavailability of the LDAP server. +.TP +\*(T<\fBcache\fR\*(T> \fICACHE\fR \fITIME\fR [\fITIME\fR] +Configure the time entries are kept in the specified internal cache. + +The first \fITIME\fR value specifies the time +to keep found entries in the cache. +The second \fITIME\fR value specifies to the +time to remember that a particular entry was not found. +If the second parameter is absent, it is assumed to be the same as +the first. + +Time values are specified as a number followed by an +\*(T for seconds, \*(T for minutes, +\*(T for hours or \*(T for days. +Use \*(T<0\*(T> or \*(T to disable the +cache. + +Currently, only the \*(T cache is supported +that is used to remember DN to username lookups that are used when the +\*(T attribute is used. +The default time value for this cache is \*(T<15m\*(T>. +.SH "SUPPORTED MAPS" +The following maps are supported. They are referenced as +\fIMAP\fR in the options above. +.TP +alias[es] +Mail aliases. +Note that most mail servers do not use the NSS +interface for requesting mail aliases and parse +\*(T<\fI/etc/aliases\fR\*(T> on their own. +.TP +ether[s] +Ethernet numbers (mac addresses). +.TP +group +Posix groups. +.TP +host[s] +Host names. +.TP +netgroup +Host and user groups used for access control. +.TP +network[s] +Network numbers. +.TP +passwd +Posix users. +.TP +protocol[s] +Protocol definitions (like in \*(T<\fI/etc/protocols\fR\*(T>). +.TP +rpc +Remote procedure call names and numbers. +.TP +service[s] +Network service names and numbers. +.TP +shadow +Shadow user password information. +.SH "ATTRIBUTE MAPPING EXPRESSIONS" +For some attributes a mapping expression may be used to construct the +resulting value. +This is currently only possible for attributes that do +not need to be used in search filters. +The expressions are a subset of the double quoted string expressions in the +Bourne (POSIX) shell. +Instead of variable substitution, attribute lookups are done on the current +entry and the attribute value is substituted. +The following expressions are supported: +.TP +\*(T<${attr}\*(T> (or \*(T<$attr\*(T> for short) +will substitute the value of the attribute +.TP +\*(T<${attr:\-word}\*(T> +(use default) will substitbute the value of the attribute or, if the +attribute is not set or empty substitute the word +.TP +\*(T<${attr:+word}\*(T> +(use alternative) will substitute \*(T if attribute +is set, otherwise substitute the empty string +.TP +\*(T<${attr:offset:length}\*(T> +will substitute \*(T characters (actually +bytes) starting from position \*(T (which +is counted starting at zero); the substituted string is +truncated if it is too long; in particular, it can be of length +zero (if \*(T is zero or +\*(T falls out of the original string) +.TP +\*(T<${attr#word}\*(T> +remove the shortest possible match of \*(T from the +left of the attribute value +.TP +\*(T<${attr##word}\*(T> +remove the longest possible match of \*(T from the +left of the attribute value (\fBpynslcd\fR only) +.TP +\*(T<${attr%word}\*(T> +remove the shortest possible match of \*(T from the +right of the attribute value (\fBpynslcd\fR only) +.TP +\*(T<${attr%%word}\*(T> +remove the longest possible match of \*(T from the +right of the attribute value (\fBpynslcd\fR only) +.PP +Only the # matching expression is supported in \fBnslcd\fR +and only with the ? wildcard symbol. The \fBpynslcd\fR +implementation supports full matching. +.PP +Quote (\*(T<"\*(T>), dollar (\*(T<$\*(T>) and +backslash (\*(T<\e\*(T>) characters should be escaped with a +backslash (\*(T<\e\*(T>). +.PP +The expressions are inspected to automatically fetch the appropriate +attributes from LDAP. +Some examples to demonstrate how these expressions may be used in +attribute mapping: +.TP +\*(T<"${shadowFlag:\-0}"\*(T> +use the \*(T attribute, using the +value 0 as default +.TP +\*(T<"${homeDirectory:\-/home/$uid}"\*(T> +use the \*(T attribute to build a +\*(T value if that attribute is missing +.TP +\*(T<"${isDisabled:+100}"\*(T> +if the \*(T attribute is set, return 100, +otherwise leave value empty +.TP +\*(T<"${userPassword#{crypt\e}}"\*(T> +strip the {crypt} prefix from the userPassword attribute, returning +the raw hash value +.SH FILES +.TP +\*(T<\fI/etc/nslcd.conf\fR\*(T> +the main configuration file +.TP +\*(T<\fI/etc/nsswitch.conf\fR\*(T> +Name Service Switch configuration file +.SH "SEE ALSO" +\fBnslcd\fR(8), +\fBnsswitch.conf\fR(5) +.SH AUTHOR +This manual was written by Arthur de Jong +and is based on the +\fBnss_ldap\fR(5) +manual developed by PADL Software Pty Ltd. diff --git a/man/nslcd.conf.5.xml b/man/nslcd.conf.5.xml new file mode 100644 index 0000000..a83d04c --- /dev/null +++ b/man/nslcd.conf.5.xml @@ -0,0 +1,1212 @@ + + + + + + + + + + Arthur + de Jong + + + + + nslcd.conf + 5 + Version 0.9.9 + System Manager's Manual + Feb 2018 + + + + nslcd.conf + configuration file for LDAP nameservice daemon + + + + Description + + The nss-pam-ldapd package allows LDAP + directory servers to be used as a primary source of name service + information. (Name service information typically includes users, hosts, + groups, and other such data historically stored in flat files or + NIS.) + + + The file nslcd.conf contains the + configuration information for running nslcd (see + nslcd8). + The file contains options, one on each line, defining the way + NSS lookups and PAM actions + are mapped to LDAP lookups. + + + + + Options + + + Runtime options + + + + NUM + + + Specifies the number of threads to start that can handle requests + and perform LDAP queries. + Each thread opens a separate connection to the LDAP + server. + The default is to start 5 threads. + + + + + + UID + + + This specifies the user id with which the daemon should be run. + This can be a numerical id or a symbolic value. + If no uid is specified no attempt to change the user will be made. + Note that you should use values that don't need LDAP + to resolve. + + + + + + GID + + + This specifies the group id with which the daemon should be run. + This can be a numerical id or a symbolic value. + If no gid is specified no attempt to change the group will be made. + Note that you should use values that don't need LDAP + to resolve. + + + + + + SCHEME LEVEL + + + This option controls the way logging is done. + The SCHEME argument may either be + none, syslog or an absolute + file name. + The LEVEL argument is optional and specifies + the log level. + The log level may be one of: crit, + error, warning, + notice, info or + debug. The default log level is info. + All messages with the specified loglevel or higher are logged. + This option can be supplied multiple times. + If this option is omitted syslog info is assumed. + + + + + + + + + General connection options + + + + URI ... + + + Specifies the LDAP URI of the + server to connect to. + The URI scheme may be ldap, + ldapi or ldaps, specifying + LDAP over TCP, + ICP or SSL respectively (if + supported by the LDAP library). + + + Alternatively, the value DNS may be + used to try to lookup the server using DNS + SRV records. + By default the current domain is used but another domain can + be queried by using the + DNS:DOMAIN syntax. + + + + When using the ldapi scheme, %2f should be used to escape slashes + (e.g. ldapi://%2fvar%2frun%2fslapd%2fldapi/), although most of the + time this should not be needed. + + + This option may be specified multiple times and/or with more + URIs on the line, separated by space. Normally, only the first + server will be used with the following servers as fall-back (see + below). + + + If LDAP lookups are used for host name resolution, + any host names should be specified as an IP address or name that can be + resolved without using LDAP. + + + + + + VERSION + + + Specifies the version of the LDAP protocol to use. + The default is to use the maximum version supported by the + LDAP library. + + + + + DN + + + Specifies the distinguished name with which to bind to the directory + server for lookups. + The default is to bind anonymously. + + + + + + PASSWORD + + + Specifies the credentials with which to bind. + This option is only applicable when used with above. + If you set this option you should consider changing the permissions + of the nslcd.conf file to only grant access to + the root user. + + + + + + + DN + + + Specifies the distinguished name to use when the root user tries to + modify a user's password using the PAM module. + + + Note that currently this DN needs to exist as a real entry in the + LDAP directory. + + + + + + PASSWORD + + + Specifies the credentials with which to bind if the root + user tries to change a user's password. + This option is only applicable when used with + above. + If this option is not specified the PAM module prompts the user for + this password. + If you set this option you should consider changing the permissions + of the nslcd.conf file to only grant access to + the root user. + + + + + + + + + <acronym>SASL</acronym> authentication options + + + + MECHANISM + + + Specifies the SASL mechanism to be used when + performing SASL authentication. + + + + + + REALM + + + Specifies the SASL realm to be used when performing + SASL authentication. + + + + + + AUTHCID + + + Specifies the authentication identity to be used when performing + SASL authentication. + + + + + + AUTHZID + + + Specifies the authorization identity to be used when performing + SASL authentication. + Must be specified in one of the formats: dn:<distinguished name> + or u:<username>. + + + + + + PROPERTIES + + + Specifies Cyrus SASL security properties. + Allowed values are described in the + ldap.conf5 + manual page. + + + + + + yes|no + + + Determines whether the LDAP server host name should + be canonicalised. If this is set to yes the LDAP + library will do a reverse host name lookup. + By default, it is left up to the LDAP library + whether this check is performed or not. + + + + + + + + + Kerberos authentication options + + + + NAME + + + Set the name for the GSS-API Kerberos credentials cache. + + + + + + + + + Search/mapping options + + + + + MAP + DN + + + Specifies the base distinguished name (DN) + to use as search base. + This option may be supplied multiple times and all specified bases + will be searched. + + + A global search base may be specified or a MAP-specific one. + If no MAP-specific search bases are defined the global ones are used. + + + If, instead of a DN, the value + DOMAIN is specified, the host's + DNS domain is used to construct a search base. + + + If this value is not defined an attempt is made to look it up + in the configured LDAP server. Note that if the + LDAP server is unavailable during start-up + nslcd will not start. + + + + + + + MAP + subtree|onelevel|base|children + + + Specifies the search scope (subtree, onelevel, base or children). + The default scope is subtree; base scope is almost never useful for + name service lookups; children scope is not supported on all servers. + + + + + + never|searching|finding|always + + + Specifies the policy for dereferencing aliases. + The default policy is to never dereference aliases. + + + + + + yes|no + + + Specifies whether automatic referral chasing should be enabled. + The default behaviour is to chase referrals. + + + + + + + MAP + FILTER + + + The FILTER + is an LDAP search filter to use for a + specific map. + The default filter is a basic search on the + objectClass for the map (e.g. (objectClass=posixAccount)). + + + + + + + MAP + ATTRIBUTE + NEWATTRIBUTE + + + This option allows for custom attributes to be looked up instead of + the default RFC 2307 attributes. + The MAP may be one of + the supported maps below. + The ATTRIBUTE is the one as + used in RFC 2307 (e.g. userPassword, + ipProtocolNumber, macAddress, etc.). + The NEWATTRIBUTE may be any attribute + as it is available in the directory. + + + If the NEWATTRIBUTE is presented in + quotes (") it is treated as an expression which will be evaluated + to build up the actual value used. + See the section on attribute mapping expressions below for more details. + + + Only some attributes for group, passwd and shadow entries may be mapped + with an expression (because other attributes may be used in search + filters). + For group entries only the userPassword attribute + may be mapped with an expression. + For passwd entries the following attributes may be mapped with an + expression: userPassword, gidNumber, + gecos, homeDirectory and + loginShell. + For shadow entries the following attributes may be mapped with an + expression: userPassword, shadowLastChange, + shadowMin, shadowMax, + shadowWarning, shadowInactive, + shadowExpire and shadowFlag. + + + The uidNumber and gidNumber + attributes in the passwd and group + maps may be mapped to the objectSid followed by + the domain SID to derive numeric user and group ids from the SID + (e.g. objectSid:S-1-5-21-3623811015-3361044348-30300820). + + + By default all userPassword attributes are mapped + to the unmatchable password ("*") to avoid accidentally leaking + password information. + + + + + + + + + Timing/reconnect options + + + + SECONDS + + + Specifies the time limit (in seconds) to use when connecting to the + directory server. + This is distinct from the time limit specified in + and affects the set-up of the connection only. + Note that not all LDAP client libraries have support + for setting the connection time out. + The default is 10 seconds. + + + + + + SECONDS + + + Specifies the time limit (in seconds) to wait for a response from the + LDAP server. + A value of zero (0), which is the default, is to wait indefinitely for + searches to be completed. + + + + + + SECONDS + + + Specifies the period if inactivity (in seconds) after which the + connection to the LDAP server will be closed. + The default is not to time out connections. + + + + + + SECONDS + + + Specifies the number of seconds to sleep when connecting to all + LDAP servers fails. + By default 1 second is waited between the first failure and the first + retry. + + + + + + SECONDS + + + Specifies the time after which the LDAP server is + considered to be permanently unavailable. + Once this time is reached retries will be done only once per this time period. + The default value is 10 seconds. + + + + + + + + Note that the reconnect logic as described above is the mechanism that + is used between nslcd and the LDAP + server. The mechanism between the NSS and + PAM client libraries on one end and + nslcd on the other is simpler with a fixed compiled-in + time out of a 10 seconds for writing to nslcd and + a time out of 60 seconds for reading answers. + nslcd itself has a read time out of 0.5 seconds + and a write time out of 60 seconds. + + + + + + <acronym>SSL</acronym>/<acronym>TLS</acronym> options + + + + on|off|start_tls + + + Specifies whether to use SSL/TLS or not (the default is not to). If + start_tls + is specified then StartTLS is used rather than raw LDAP over SSL. + Not all LDAP client libraries support both SSL, + StartTLS and all related configuration options. + + + + + + never|allow|try|demand|hard + + + Specifies what checks to perform on a server-supplied certificate. + The meaning of the values is described in the + ldap.conf5 + manual page. + At least one of and + is required if peer verification is + enabled. + + + + + + PATH + + + Specifies the directory containing X.509 certificates for peer + authentication. + This parameter is ignored when using GnuTLS. + On Debian OpenLDAP is linked against GnuTLS. + + + + + + PATH + + + Specifies the path to the X.509 certificate for peer authentication. + + + + + + PATH + + + Specifies the path to an entropy source. + This parameter is ignored when using GnuTLS. + On Debian OpenLDAP is linked against GnuTLS. + + + + + + CIPHERS + + + Specifies the ciphers to use for TLS. + See your TLS implementation's + documentation for further information. + + + + + + PATH + + + Specifies the path to the file containing the local certificate for + client TLS authentication. + + + + + + PATH + + + Specifies the path to the file containing the private key for client + TLS authentication. + + + + + + + + + Other options + + + + + + NUMBER + + + Set this to a number greater than 0 to request paged results from + the LDAP server in accordance with RFC2696. + The default (0) is to not request paged results. + + + This is useful for LDAP servers that contain a + lot of entries (e.g. more than 500) and limit the number of entries + that are returned with one request. + For OpenLDAP servers you may need to set + + for allowing more entries to be returned over multiple pages. + + + + + + user1,user2,... + + + This option prevents group membership lookups through + LDAP for the specified users. This can be useful + in case of unavailability of the LDAP server. + This option may be specified multiple times. + + + Alternatively, the value ALLLOCAL may be + used. With that value nslcd builds a full list of + non-LDAP users on startup. + + + + + + UID + + + This option ensures that LDAP users with a numeric + user id lower than the specified value are ignored. Also requests for + users with a lower user id are ignored. + + + + + + NUMBER + + + This option specifies an offset that is added to all + LDAP numeric user ids. + This can be used to avoid user id collisions with local users or, + when using objectSid attributes, for compatibility + reasons. + + + The value from the option is evaluated + after applying the offset. + + + + + + NUMBER + + + This option specifies an offset that is added to all + LDAP numeric group ids. + This can be used to avoid user id collisions with local groups or, + when using objectSid attributes, for compatibility + reasons. + + + + + + yes|no + + + If this option is set, the member attribute of a + group may point to another group. + Members of nested groups are also returned in the higher level group + and parent groups are returned when finding groups for a specific user. + The default is not to perform extra searches for nested groups. + + + + + + yes|no + + + If this option is set, the group member list is not retrieved when + looking up groups. + Lookups for finding which groups a user belongs to will remain + functional so the user will likely still get the correct groups + assigned on login. + + + This can offer a speed-up on systems that have very large groups. + It has the downside of returning inconsistent information about + group membership which may confuse some applications. + This option is not recommended for most configurations. + + + + + + yes|no + + + If this option is set, functions which cause all user/group entries to + be loaded (getpwent(), getgrent(), setspent()) from the directory will + not succeed in doing so. + Applications that depend on being able to sequentially read all users + and/or groups may fail to operate correctly. + + + This can dramatically reduce LDAP server load in + situations where there are a great number of users and/or groups. + This is typically used in situations where user/program access to + enumerate the entire directory is undesirable, and changing the + behavior of the user/program is not possible. + This option is not recommended for most configurations. + + + + + + REGEX + + + This option can be used to specify how user and group names are + verified within the system. This pattern is used to check all user and + group names that are requested and returned from LDAP. + + + The regular expression should be specified as a POSIX extended regular + expression. The expression itself needs to be separated by slash (/) + characters and the 'i' flag may be appended at the end to indicate + that the match should be case-insensetive. + The default value is + /^[a-z0-9._@$()]([a-z0-9._@$() \\~-]*[a-z0-9._@$()~-])?$/i + + + + + + yes|no + + + This specifies whether or not to perform searches for group, + netgroup, passwd, protocols, rpc, services and shadow maps using + case-insensitive matching. + Setting this to yes could open up the system + to authorisation bypass vulnerabilities and introduce nscd cache poisoning + vulnerabilities which allow denial of service. + The default is to perform case-sensitve filtering of LDAP search + results for the above maps. + + + + + + yes|no + + + This option specifies whether password policy controls are requested + and handled from the LDAP server when performing + user authentication. + By default the controls are requested and handled if available. + + + + + + + FILTER + + + By default nslcd performs an + LDAP search with the user's credentials after BIND + (authentication) to ensure that the BIND operation was successful. + The default search is a simple check to see if the user's DN exists. + + + A search filter can be specified that will be used instead. + The same substitutions as with the + option will be performed and the search should at least return one + entry. + + + The value BASE may be used to force the default + search for the user DN. + + + The value NONE may be used to indicate that no + search should be performed after BIND. + Note that some LDAP servers do not always return a + correct error code as a result of a failed BIND operation (e.g. when + an empty password is supplied). + + + + + + + FILTER + + + This option allows flexible fine tuning of the authorisation check that + should be performed. The search filter specified is executed and + if any entries match, access is granted, otherwise access is denied. + + + The search filter can contain the following variable references: + $username, $service, + $ruser, $rhost, + $tty, $hostname, + $fqdn, + $dn, and $uid. + These references are substituted in the search filter using the + same syntax as described in the section on attribute mapping + expressions below. + + + For example, to check that the user has a proper authorizedService + value if the attribute is present (this almost emulates the + option in PADL's pam_ldap): + (&(objectClass=posixAccount)(uid=$username)(|(authorizedService=$service)(!(authorizedService=*)))) + + + The option can be emulated with: + (&(objectClass=posixAccount)(uid=$username)(|(host=$hostname)(host=$fqdn)(host=\\*))) + + + This option may be specified multiple times and all specified searches + should at least return one entry for access to be granted. + + + + + + + "MESSAGE" + + + If this option is set password modification using pam_ldap will be + denied and the specified message will be presented to the user instead. + The message can be used to direct the user to an alternative means + of changing their password. + + + + + + + DB,DB,... + + + If this option is set, nslcd will try to flush the + specified external caches on start-up and whenever a connection to the + LDAP server is re-established after an error. + + + DB can refer to one of the nsswitch maps, + in which case nscd is contacted to flush its cache + for the specified database. + + If DB is nfsidmap, + nfsidmap is contacted to clear its cache. + + + Using this option ensures that external caches are cleared of + incorrect information (typically the absence of users) that may + be present due to unavailability of the LDAP server. + + + + + + + CACHE + TIME + TIME + + + Configure the time entries are kept in the specified internal cache. + + + The first TIME value specifies the time + to keep found entries in the cache. + The second TIME value specifies to the + time to remember that a particular entry was not found. + If the second parameter is absent, it is assumed to be the same as + the first. + + + Time values are specified as a number followed by an + s for seconds, m for minutes, + h for hours or d for days. + Use 0 or off to disable the + cache. + + + Currently, only the dn2uid cache is supported + that is used to remember DN to username lookups that are used when the + member attribute is used. + The default time value for this cache is 15m. + + + + + + + + + + + Supported maps + + The following maps are supported. They are referenced as + MAP in the options above. + + + + aliases + + Mail aliases. + Note that most mail servers do not use the NSS + interface for requesting mail aliases and parse + /etc/aliases on their own. + + + + ethers + Ethernet numbers (mac addresses). + + + group + Posix groups. + + + hosts + Host names. + + + netgroup + Host and user groups used for access control. + + + networks + Network numbers. + + + passwd + Posix users. + + + protocols + Protocol definitions (like in /etc/protocols). + + + rpc + Remote procedure call names and numbers. + + + services + Network service names and numbers. + + + shadow + Shadow user password information. + + + + + + Attribute mapping expressions + + For some attributes a mapping expression may be used to construct the + resulting value. + This is currently only possible for attributes that do + not need to be used in search filters. + The expressions are a subset of the double quoted string expressions in the + Bourne (POSIX) shell. + Instead of variable substitution, attribute lookups are done on the current + entry and the attribute value is substituted. + The following expressions are supported: + + + + ${attr} (or $attr for short) + + will substitute the value of the attribute + + + + ${attr:-word} + + (use default) will substitbute the value of the attribute or, if the + attribute is not set or empty substitute the word + + + + ${attr:+word} + + (use alternative) will substitute word if attribute + is set, otherwise substitute the empty string + + + + ${attr:offset:length} + + will substitute length characters (actually + bytes) starting from position offset (which + is counted starting at zero); the substituted string is + truncated if it is too long; in particular, it can be of length + zero (if length is zero or + offset falls out of the original string) + + + + ${attr#word} + + remove the shortest possible match of word from the + left of the attribute value + + + + ${attr##word} + + remove the longest possible match of word from the + left of the attribute value (pynslcd only) + + + + ${attr%word} + + remove the shortest possible match of word from the + right of the attribute value (pynslcd only) + + + + ${attr%%word} + + remove the longest possible match of word from the + right of the attribute value (pynslcd only) + + + + + Only the # matching expression is supported in nslcd + and only with the ? wildcard symbol. The pynslcd + implementation supports full matching. + + + Quote ("), dollar ($) and + backslash (\) characters should be escaped with a + backslash (\). + + + The expressions are inspected to automatically fetch the appropriate + attributes from LDAP. + Some examples to demonstrate how these expressions may be used in + attribute mapping: + + + + "${shadowFlag:-0}" + + use the shadowFlag attribute, using the + value 0 as default + + + + "${homeDirectory:-/home/$uid}" + + use the uid attribute to build a + homeDirectory value if that attribute is missing + + + + "${isDisabled:+100}" + + if the isDisabled attribute is set, return 100, + otherwise leave value empty + + + + "${userPassword#{crypt\}}" + + strip the {crypt} prefix from the userPassword attribute, returning + the raw hash value + + + + + + + Files + + + /etc/nslcd.conf + the main configuration file + + + /etc/nsswitch.conf + Name Service Switch configuration file + + + + + + See Also + + nslcd8, + nsswitch.conf5 + + + + + Author + This manual was written by Arthur de Jong <arthur@arthurdejong.org> + and is based on the + nss_ldap5 + manual developed by PADL Software Pty Ltd. + + + diff --git a/man/pam_ldap.8 b/man/pam_ldap.8 new file mode 100644 index 0000000..4b0529a --- /dev/null +++ b/man/pam_ldap.8 @@ -0,0 +1,89 @@ +'\" -*- coding: utf-8 -*- +.if \n(.g .ds T< \\FC +.if \n(.g .ds T> \\F[\n[.fam]] +.de URL +\\$2 \(la\\$1\(ra\\$3 +.. +.if \n(.g .mso www.tmac +.TH pam_ldap 8 "Feb 2018" "Version 0.9.9" "System Manager's Manual" +.SH NAME +pam_ldap \- PAM module for LDAP-based authentication +.SH SYNOPSIS +'nh +.fi +.ad l +\fBpam_ldap.so\fR \kx +.if (\nx>(\n(.l/2)) .nr x (\n(.l/5) +'in \n(.iu+\nxu +[\fI...\fR] +'in \n(.iu-\nxu +.ad b +'hy +.SH DESCRIPTION +This is a PAM module that uses an +LDAP server to verify user access rights and +credentials. +.SH OPTIONS +.TP +\*(T<\fBuse_first_pass\fR\*(T> +Specifies that the PAM module should use the first +password provided in the authentication stack and not prompt the user +for a password. +.TP +\*(T<\fBtry_first_pass\fR\*(T> +Specifies that the PAM module should use the first +password provided in the authentication stack and if that fails prompt +the user for a password. +.TP +\*(T<\fBnullok\fR\*(T> +Specifying this option allows users to log in with a blank password. +Normally logins without a password are denied. +.TP +\*(T<\fBignore_unknown_user\fR\*(T> +Specifies that the PAM module should return +PAM_IGNORE for users that are not present in the LDAP +directory. +This causes the PAM framework to ignore this module. +.TP +\*(T<\fBignore_authinfo_unavail\fR\*(T> +Specifies that the PAM module should return +PAM_IGNORE if it cannot contact the LDAP server. +This causes the PAM framework to ignore this module. +.TP +\*(T<\fBno_warn\fR\*(T> +Specifies that warning messages should not be propagated to the +PAM application. +.TP +\*(T<\fBuse_authtok\fR\*(T> +This causes the PAM module to use the earlier +provided password when changing the password. The module will not +prompt the user for a new password (it is analogous to +\*(T<\fBuse_first_pass\fR\*(T>). +.TP +\*(T<\fBdebug\fR\*(T> +This option causes the PAM module to log debugging +information to +\fBsyslog\fR(3). +.TP +\*(T<\fBminimum_uid=\fR\*(T>\fIUID\fR +This option causes the PAM module to ignore the user +if the user id is lower than the specified value. This can be used to +bypass LDAP checks for system users +(e.g. by setting it to \*(T<1000\*(T>). +.SH "MODULE SERVICES PROVIDED" +All services are provided by this module but currently sessions changes +are not implemented in the nslcd daemon. +.SH FILES +.TP +\*(T<\fI/etc/pam.conf\fR\*(T> +the main PAM configuration file +.TP +\*(T<\fI/etc/nslcd.conf\fR\*(T> +The configuration file for the \fBnslcd\fR daemon +(see \fBnslcd.conf\fR(5)) +.SH "SEE ALSO" +\fBpam.conf\fR(5), +\fBnslcd\fR(8), +\fBnslcd.conf\fR(5) +.SH AUTHOR +This manual was written by Arthur de Jong . diff --git a/man/pam_ldap.8.xml b/man/pam_ldap.8.xml new file mode 100644 index 0000000..e7d51ee --- /dev/null +++ b/man/pam_ldap.8.xml @@ -0,0 +1,220 @@ + + + + + + + + + + Arthur + de Jong + + + + + pam_ldap + 8 + Version 0.9.9 + System Manager's Manual + Feb 2018 + + + + pam_ldap + PAM module for LDAP-based authentication + + + + + pam_ldap.so + ... + + + + + Description + + This is a PAM module that uses an + LDAP server to verify user access rights and + credentials. + + + + + Options + + + + + + + + Specifies that the PAM module should use the first + password provided in the authentication stack and not prompt the user + for a password. + + + + + + + + + + Specifies that the PAM module should use the first + password provided in the authentication stack and if that fails prompt + the user for a password. + + + + + + + + + + Specifying this option allows users to log in with a blank password. + Normally logins without a password are denied. + + + + + + + + + + Specifies that the PAM module should return + PAM_IGNORE for users that are not present in the LDAP + directory. + This causes the PAM framework to ignore this module. + + + + + + + + + + Specifies that the PAM module should return + PAM_IGNORE if it cannot contact the LDAP server. + This causes the PAM framework to ignore this module. + + + + + + + + + + Specifies that warning messages should not be propagated to the + PAM application. + + + + + + + + + + This causes the PAM module to use the earlier + provided password when changing the password. The module will not + prompt the user for a new password (it is analogous to + ). + + + + + + + + + + This option causes the PAM module to log debugging + information to + syslog3. + + + + + + + + + + This option causes the PAM module to ignore the user + if the user id is lower than the specified value. This can be used to + bypass LDAP checks for system users + (e.g. by setting it to 1000). + + + + + + + + Module Services Provided + + All services are provided by this module but currently sessions changes + are not implemented in the nslcd daemon. + + + + + Files + + + /etc/pam.conf + the main PAM configuration file + + + /etc/nslcd.conf + + The configuration file for the nslcd daemon + (see nslcd.conf5) + + + + + + + See Also + + pam.conf5, + nslcd8, + nslcd.conf5 + + + + + Author + + This manual was written by Arthur de Jong <arthur@arthurdejong.org>. + + + + diff --git a/man/pynslcd.8 b/man/pynslcd.8 new file mode 100644 index 0000000..53a15c0 --- /dev/null +++ b/man/pynslcd.8 @@ -0,0 +1,62 @@ +'\" -*- coding: utf-8 -*- +.if \n(.g .ds T< \\FC +.if \n(.g .ds T> \\F[\n[.fam]] +.de URL +\\$2 \(la\\$1\(ra\\$3 +.. +.if \n(.g .mso www.tmac +.TH pynslcd 8 "Feb 2018" "Version 0.9.9" "System Manager's Manual" +.SH NAME +pynslcd \- local LDAP name service daemon +.SH SYNOPSIS +'nh +.fi +.ad l +\fBpynslcd\fR \kx +.if (\nx>(\n(.l/2)) .nr x (\n(.l/5) +'in \n(.iu+\nxu +[\fIoptions\fR] +'in \n(.iu-\nxu +.ad b +'hy +.SH DESCRIPTION +\fBpynslcd\fR is a daemon that will do LDAP queries for local +processes that want to do user, group and other naming lookups (NSS) or do +user authentication, authorisation or password modification (PAM). +.PP +\fBpynslcd\fR is configured through a configuration file +(see \fBnslcd.conf\fR(5)). +.PP +See the included README for information on configuring the LDAP server. +.SH OPTIONS +\fBpynslcd\fR accepts the following options: +.TP +\*(T<\fB\-c\fR\*(T>, \*(T<\fB\-\-check\fR\*(T> +Check if the daemon is running. +This causes \fBpynslcd\fR to return 0 if the daemon is already running and 1 if it is not. +.TP +\*(T<\fB\-d\fR\*(T>, \*(T<\fB\-\-debug\fR\*(T> +Enable debugging mode. +\fBpynslcd\fR will not put itself in the background and sends +verbose debugging info to stderr. +\fBpynslcd\fR will handle connections as usual. +This option is for debugging purposes only. +Specify this option multiple times to also include more detailed logging +from the LDAP library. +.TP +\*(T<\fB\-n\fR\*(T>, \*(T<\fB\-\-nofork\fR\*(T> +Do not fork or daemonise and run \fBpynslcd\fR in the +foreground. +.TP +\*(T<\fB\-\-help\fR\*(T> +Display short help and exit. +.TP +\*(T<\fB\-V\fR\*(T>, \*(T<\fB\-\-version\fR\*(T> +Output version information and exit. +.SH FILES +\*(T<\fI/etc/nslcd.conf\fR\*(T> - the configuration file +(see \fBnslcd.conf\fR(5)) +.SH "SEE ALSO" +\fBnslcd.conf\fR(5) +.SH AUTHOR +This manual was written by Arthur de Jong . diff --git a/man/pynslcd.8.xml b/man/pynslcd.8.xml new file mode 100644 index 0000000..f1282e9 --- /dev/null +++ b/man/pynslcd.8.xml @@ -0,0 +1,159 @@ + + + + + + + + + + Arthur + de Jong + + + + + pynslcd + 8 + Version 0.9.9 + System Manager's Manual + Feb 2018 + + + + pynslcd + local LDAP name service daemon + + + + + pynslcd + options + + + + + Description + + pynslcd is a daemon that will do LDAP queries for local + processes that want to do user, group and other naming lookups (NSS) or do + user authentication, authorisation or password modification (PAM). + + + pynslcd is configured through a configuration file + (see nslcd.conf5). + + + See the included README for information on configuring the LDAP server. + + + + + Options + + pynslcd accepts the following options: + + + + + , + + + + Check if the daemon is running. + This causes pynslcd to return 0 if the daemon is already running and 1 if it is not. + + + + + + + , + + + + Enable debugging mode. + pynslcd will not put itself in the background and sends + verbose debugging info to stderr. + pynslcd will handle connections as usual. + This option is for debugging purposes only. + Specify this option multiple times to also include more detailed logging + from the LDAP library. + + + + + + + , + + + + Do not fork or daemonise and run pynslcd in the + foreground. + + + + + + + + + + Display short help and exit. + + + + + + , + + + Output version information and exit. + + + + + + + + Files + + /etc/nslcd.conf - the configuration file + (see nslcd.conf5) + + + + + See Also + + nslcd.conf5 + + + + + Author + This manual was written by Arthur de Jong <arthur@arthurdejong.org>. + + + diff --git a/missing b/missing new file mode 100755 index 0000000..f62bbae --- /dev/null +++ b/missing @@ -0,0 +1,215 @@ +#! /bin/sh +# Common wrapper for a few potentially missing GNU programs. + +scriptversion=2013-10-28.13; # UTC + +# Copyright (C) 1996-2014 Free Software Foundation, Inc. +# Originally written by Fran,cois Pinard , 1996. + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +if test $# -eq 0; then + echo 1>&2 "Try '$0 --help' for more information" + exit 1 +fi + +case $1 in + + --is-lightweight) + # Used by our autoconf macros to check whether the available missing + # script is modern enough. + exit 0 + ;; + + --run) + # Back-compat with the calling convention used by older automake. + shift + ;; + + -h|--h|--he|--hel|--help) + echo "\ +$0 [OPTION]... PROGRAM [ARGUMENT]... + +Run 'PROGRAM [ARGUMENT]...', returning a proper advice when this fails due +to PROGRAM being missing or too old. + +Options: + -h, --help display this help and exit + -v, --version output version information and exit + +Supported PROGRAM values: + aclocal autoconf autoheader autom4te automake makeinfo + bison yacc flex lex help2man + +Version suffixes to PROGRAM as well as the prefixes 'gnu-', 'gnu', and +'g' are ignored when checking the name. + +Send bug reports to ." + exit $? + ;; + + -v|--v|--ve|--ver|--vers|--versi|--versio|--version) + echo "missing $scriptversion (GNU Automake)" + exit $? + ;; + + -*) + echo 1>&2 "$0: unknown '$1' option" + echo 1>&2 "Try '$0 --help' for more information" + exit 1 + ;; + +esac + +# Run the given program, remember its exit status. +"$@"; st=$? + +# If it succeeded, we are done. +test $st -eq 0 && exit 0 + +# Also exit now if we it failed (or wasn't found), and '--version' was +# passed; such an option is passed most likely to detect whether the +# program is present and works. +case $2 in --version|--help) exit $st;; esac + +# Exit code 63 means version mismatch. This often happens when the user +# tries to use an ancient version of a tool on a file that requires a +# minimum version. +if test $st -eq 63; then + msg="probably too old" +elif test $st -eq 127; then + # Program was missing. + msg="missing on your system" +else + # Program was found and executed, but failed. Give up. + exit $st +fi + +perl_URL=http://www.perl.org/ +flex_URL=http://flex.sourceforge.net/ +gnu_software_URL=http://www.gnu.org/software + +program_details () +{ + case $1 in + aclocal|automake) + echo "The '$1' program is part of the GNU Automake package:" + echo "<$gnu_software_URL/automake>" + echo "It also requires GNU Autoconf, GNU m4 and Perl in order to run:" + echo "<$gnu_software_URL/autoconf>" + echo "<$gnu_software_URL/m4/>" + echo "<$perl_URL>" + ;; + autoconf|autom4te|autoheader) + echo "The '$1' program is part of the GNU Autoconf package:" + echo "<$gnu_software_URL/autoconf/>" + echo "It also requires GNU m4 and Perl in order to run:" + echo "<$gnu_software_URL/m4/>" + echo "<$perl_URL>" + ;; + esac +} + +give_advice () +{ + # Normalize program name to check for. + normalized_program=`echo "$1" | sed ' + s/^gnu-//; t + s/^gnu//; t + s/^g//; t'` + + printf '%s\n' "'$1' is $msg." + + configure_deps="'configure.ac' or m4 files included by 'configure.ac'" + case $normalized_program in + autoconf*) + echo "You should only need it if you modified 'configure.ac'," + echo "or m4 files included by it." + program_details 'autoconf' + ;; + autoheader*) + echo "You should only need it if you modified 'acconfig.h' or" + echo "$configure_deps." + program_details 'autoheader' + ;; + automake*) + echo "You should only need it if you modified 'Makefile.am' or" + echo "$configure_deps." + program_details 'automake' + ;; + aclocal*) + echo "You should only need it if you modified 'acinclude.m4' or" + echo "$configure_deps." + program_details 'aclocal' + ;; + autom4te*) + echo "You might have modified some maintainer files that require" + echo "the 'autom4te' program to be rebuilt." + program_details 'autom4te' + ;; + bison*|yacc*) + echo "You should only need it if you modified a '.y' file." + echo "You may want to install the GNU Bison package:" + echo "<$gnu_software_URL/bison/>" + ;; + lex*|flex*) + echo "You should only need it if you modified a '.l' file." + echo "You may want to install the Fast Lexical Analyzer package:" + echo "<$flex_URL>" + ;; + help2man*) + echo "You should only need it if you modified a dependency" \ + "of a man page." + echo "You may want to install the GNU Help2man package:" + echo "<$gnu_software_URL/help2man/>" + ;; + makeinfo*) + echo "You should only need it if you modified a '.texi' file, or" + echo "any other file indirectly affecting the aspect of the manual." + echo "You might want to install the Texinfo package:" + echo "<$gnu_software_URL/texinfo/>" + echo "The spurious makeinfo call might also be the consequence of" + echo "using a buggy 'make' (AIX, DU, IRIX), in which case you might" + echo "want to install GNU make:" + echo "<$gnu_software_URL/make/>" + ;; + *) + echo "You might have modified some files without having the proper" + echo "tools for further handling them. Check the 'README' file, it" + echo "often tells you about the needed prerequisites for installing" + echo "this package. You may also peek at any GNU archive site, in" + echo "case some other package contains this missing '$1' program." + ;; + esac +} + +give_advice "$1" | sed -e '1s/^/WARNING: /' \ + -e '2,$s/^/ /' >&2 + +# Propagate the correct exit status (expected to be 127 for a program +# not found, 63 for a program that failed due to version mismatch). +exit $st + +# Local variables: +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: diff --git a/mkinstalldirs b/mkinstalldirs new file mode 100755 index 0000000..55d537f --- /dev/null +++ b/mkinstalldirs @@ -0,0 +1,162 @@ +#! /bin/sh +# mkinstalldirs --- make directory hierarchy + +scriptversion=2009-04-28.21; # UTC + +# Original author: Noah Friedman +# Created: 1993-05-16 +# Public domain. +# +# This file is maintained in Automake, please report +# bugs to or send patches to +# . + +nl=' +' +IFS=" "" $nl" +errstatus=0 +dirmode= + +usage="\ +Usage: mkinstalldirs [-h] [--help] [--version] [-m MODE] DIR ... + +Create each directory DIR (with mode MODE, if specified), including all +leading file name components. + +Report bugs to ." + +# process command line arguments +while test $# -gt 0 ; do + case $1 in + -h | --help | --h*) # -h for help + echo "$usage" + exit $? + ;; + -m) # -m PERM arg + shift + test $# -eq 0 && { echo "$usage" 1>&2; exit 1; } + dirmode=$1 + shift + ;; + --version) + echo "$0 $scriptversion" + exit $? + ;; + --) # stop option processing + shift + break + ;; + -*) # unknown option + echo "$usage" 1>&2 + exit 1 + ;; + *) # first non-opt arg + break + ;; + esac +done + +for file +do + if test -d "$file"; then + shift + else + break + fi +done + +case $# in + 0) exit 0 ;; +esac + +# Solaris 8's mkdir -p isn't thread-safe. If you mkdir -p a/b and +# mkdir -p a/c at the same time, both will detect that a is missing, +# one will create a, then the other will try to create a and die with +# a "File exists" error. This is a problem when calling mkinstalldirs +# from a parallel make. We use --version in the probe to restrict +# ourselves to GNU mkdir, which is thread-safe. +case $dirmode in + '') + if mkdir -p --version . >/dev/null 2>&1 && test ! -d ./--version; then + echo "mkdir -p -- $*" + exec mkdir -p -- "$@" + else + # On NextStep and OpenStep, the 'mkdir' command does not + # recognize any option. It will interpret all options as + # directories to create, and then abort because '.' already + # exists. + test -d ./-p && rmdir ./-p + test -d ./--version && rmdir ./--version + fi + ;; + *) + if mkdir -m "$dirmode" -p --version . >/dev/null 2>&1 && + test ! -d ./--version; then + echo "mkdir -m $dirmode -p -- $*" + exec mkdir -m "$dirmode" -p -- "$@" + else + # Clean up after NextStep and OpenStep mkdir. + for d in ./-m ./-p ./--version "./$dirmode"; + do + test -d $d && rmdir $d + done + fi + ;; +esac + +for file +do + case $file in + /*) pathcomp=/ ;; + *) pathcomp= ;; + esac + oIFS=$IFS + IFS=/ + set fnord $file + shift + IFS=$oIFS + + for d + do + test "x$d" = x && continue + + pathcomp=$pathcomp$d + case $pathcomp in + -*) pathcomp=./$pathcomp ;; + esac + + if test ! -d "$pathcomp"; then + echo "mkdir $pathcomp" + + mkdir "$pathcomp" || lasterr=$? + + if test ! -d "$pathcomp"; then + errstatus=$lasterr + else + if test ! -z "$dirmode"; then + echo "chmod $dirmode $pathcomp" + lasterr= + chmod "$dirmode" "$pathcomp" || lasterr=$? + + if test ! -z "$lasterr"; then + errstatus=$lasterr + fi + fi + fi + fi + + pathcomp=$pathcomp/ + done +done + +exit $errstatus + +# Local Variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: diff --git a/nslcd.conf b/nslcd.conf new file mode 100644 index 0000000..7b1bcf3 --- /dev/null +++ b/nslcd.conf @@ -0,0 +1,142 @@ +# This is the configuration file for the LDAP nameservice +# switch library's nslcd daemon. It configures the mapping +# between NSS names (see /etc/nsswitch.conf) and LDAP +# information in the directory. +# See the manual page nslcd.conf(5) for more information. + +# The user and group nslcd should run as. +uid nslcd +gid nslcd + +# The uri pointing to the LDAP server to use for name lookups. +# Multiple entries may be specified. The address that is used +# here should be resolvable without using LDAP (obviously). +#uri ldap://127.0.0.1/ +#uri ldaps://127.0.0.1/ +#uri ldapi://%2fvar%2frun%2fldapi_sock/ +# Note: %2f encodes the '/' used as directory separator +uri ldap://127.0.0.1/ + +# The LDAP version to use (defaults to 3 +# if supported by client library) +#ldap_version 3 + +# The distinguished name of the search base. +base dc=example,dc=com + +# The distinguished name to bind to the server with. +# Optional: default is to bind anonymously. +#binddn cn=proxyuser,dc=example,dc=com + +# The credentials to bind with. +# Optional: default is no credentials. +# Note that if you set a bindpw you should check the permissions of this file. +#bindpw secret + +# The distinguished name to perform password modifications by root by. +#rootpwmoddn cn=admin,dc=example,dc=com + +# The default search scope. +#scope sub +#scope one +#scope base + +# Customize certain database lookups. +#base group ou=Groups,dc=example,dc=com +#base passwd ou=People,dc=example,dc=com +#base shadow ou=People,dc=example,dc=com +#scope group onelevel +#scope hosts sub + +# Bind/connect timelimit. +#bind_timelimit 30 + +# Search timelimit. +#timelimit 30 + +# Idle timelimit. nslcd will close connections if the +# server has not been contacted for the number of seconds. +#idle_timelimit 3600 + +# Use StartTLS without verifying the server certificate. +#ssl start_tls +#tls_reqcert never + +# CA certificates for server certificate verification +#tls_cacertdir /etc/ssl/certs +#tls_cacertfile /etc/ssl/ca.cert + +# Seed the PRNG if /dev/urandom is not provided +#tls_randfile /var/run/egd-pool + +# SSL cipher suite +# See man ciphers for syntax +#tls_ciphers TLSv1 + +# Client certificate and key +# Use these, if your server requires client authentication. +#tls_cert +#tls_key + +# Mappings for Services for UNIX 3.5 +#filter passwd (objectClass=User) +#map passwd uid msSFU30Name +#map passwd userPassword msSFU30Password +#map passwd homeDirectory msSFU30HomeDirectory +#map passwd homeDirectory msSFUHomeDirectory +#filter shadow (objectClass=User) +#map shadow uid msSFU30Name +#map shadow userPassword msSFU30Password +#filter group (objectClass=Group) +#map group member msSFU30PosixMember + +# Mappings for Services for UNIX 2.0 +#filter passwd (objectClass=User) +#map passwd uid msSFUName +#map passwd userPassword msSFUPassword +#map passwd homeDirectory msSFUHomeDirectory +#map passwd gecos msSFUName +#filter shadow (objectClass=User) +#map shadow uid msSFUName +#map shadow userPassword msSFUPassword +#map shadow shadowLastChange pwdLastSet +#filter group (objectClass=Group) +#map group member posixMember + +# Mappings for Active Directory +#pagesize 1000 +#referrals off +#idle_timelimit 800 +#filter passwd (&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*)) +#map passwd uid sAMAccountName +#map passwd homeDirectory unixHomeDirectory +#map passwd gecos displayName +#filter shadow (&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*)) +#map shadow uid sAMAccountName +#map shadow shadowLastChange pwdLastSet +#filter group (objectClass=group) + +# Alternative mappings for Active Directory +# (replace the SIDs in the objectSid mappings with the value for your domain) +#pagesize 1000 +#referrals off +#idle_timelimit 800 +#filter passwd (&(objectClass=user)(objectClass=person)(!(objectClass=computer))) +#map passwd uid cn +#map passwd uidNumber objectSid:S-1-5-21-3623811015-3361044348-30300820 +#map passwd gidNumber objectSid:S-1-5-21-3623811015-3361044348-30300820 +#map passwd homeDirectory "/home/$cn" +#map passwd gecos displayName +#map passwd loginShell "/bin/bash" +#filter group (|(objectClass=group)(objectClass=person)) +#map group gidNumber objectSid:S-1-5-21-3623811015-3361044348-30300820 + +# Mappings for AIX SecureWay +#filter passwd (objectClass=aixAccount) +#map passwd uid userName +#map passwd userPassword passwordChar +#map passwd uidNumber uid +#map passwd gidNumber gid +#filter group (objectClass=aixAccessGroup) +#map group cn groupName +#map group gidNumber gid diff --git a/nslcd.h b/nslcd.h new file mode 100644 index 0000000..c9857d6 --- /dev/null +++ b/nslcd.h @@ -0,0 +1,305 @@ +/* + nslcd.h - file describing client/server protocol + + Copyright (C) 2006 West Consulting + Copyright (C) 2006, 2007, 2009, 2010, 2011, 2012, 2013 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef _NSLCD_H +#define _NSLCD_H 1 + +/* + The protocol used between the nslcd client and server is a simple binary + protocol. It is request/response based where the client initiates a + connection, does a single request and closes the connection again. Any + mangled or not understood messages will be silently ignored by the server. + + A request looks like: + INT32 NSLCD_VERSION + INT32 NSLCD_ACTION_* + [request parameters if any] + A response looks like: + INT32 NSLCD_VERSION + INT32 NSLCD_ACTION_* (the original request type) + [result(s)] + INT32 NSLCD_RESULT_END + A single result entry looks like: + INT32 NSLCD_RESULT_BEGIN + [result value(s)] + If a response would return multiple values (e.g. for NSLCD_ACTION_*_ALL + functions) each return value will be preceded by a NSLCD_RESULT_BEGIN + value. After the last returned result the server sends + NSLCD_RESULT_END. If some error occurs (e.g. LDAP server unavailable, + error in the request, etc) the server terminates the connection to signal + an error condition (breaking the protocol). + + These are the available basic data types: + INT32 - 32-bit integer value + TYPE - a typed field that is transferred using sizeof() + STRING - a string length (32bit) followed by the string value (not + null-terminted) the string itself is assumed to be UTF-8 + STRINGLIST - a 32-bit number noting the number of strings followed by + the strings one at a time + + Furthermore the ADDRESS compound data type is defined as: + INT32 type of address: e.g. AF_INET or AF_INET6 + INT32 lenght of address + RAW the address itself + With the ADDRESSLIST using the same construct as with STRINGLIST. + + The protocol uses network byte order for all types. +*/ + +/* The current version of the protocol. This protocol should only be + updated with major backwards-incompatible changes. */ +#define NSLCD_VERSION 0x00000002 + +/* Get a NSLCD configuration option. There is one request parameter: + INT32 NSLCD_CONFIG_* + the result value is: + STRING value, interpretation depending on request */ +#define NSLCD_ACTION_CONFIG_GET 0x00010001 + +/* return the message, if any, that is presented to the user when password + modification through PAM is prohibited */ +#define NSLCD_CONFIG_PAM_PASSWORD_PROHIBIT_MESSAGE 1 + +/* Email alias (/etc/aliases) NSS requests. The result values for a + single entry are: + STRING alias name + STRINGLIST alias rcpts */ +#define NSLCD_ACTION_ALIAS_BYNAME 0x00020001 +#define NSLCD_ACTION_ALIAS_ALL 0x00020008 + +/* Ethernet address/name mapping NSS requests. The result values for a + single entry are: + STRING ether name + TYPE(uint8_t[6]) ether address */ +#define NSLCD_ACTION_ETHER_BYNAME 0x00030001 +#define NSLCD_ACTION_ETHER_BYETHER 0x00030002 +#define NSLCD_ACTION_ETHER_ALL 0x00030008 + +/* Group and group membership related NSS requests. The result values + for a single entry are: + STRING group name + STRING group password + INT32 group id + STRINGLIST members (usernames) of the group + (not that the BYMEMER call returns an emtpy members list) */ +#define NSLCD_ACTION_GROUP_BYNAME 0x00040001 +#define NSLCD_ACTION_GROUP_BYGID 0x00040002 +#define NSLCD_ACTION_GROUP_BYMEMBER 0x00040006 +#define NSLCD_ACTION_GROUP_ALL 0x00040008 + +/* Hostname (/etc/hosts) lookup NSS requests. The result values + for an entry are: + STRING host name + STRINGLIST host aliases + ADDRESSLIST host addresses */ +#define NSLCD_ACTION_HOST_BYNAME 0x00050001 +#define NSLCD_ACTION_HOST_BYADDR 0x00050002 +#define NSLCD_ACTION_HOST_ALL 0x00050008 + +/* Netgroup NSS result entries contain a number of parts. A result entry + starts with: + STRING netgroup name + followed by zero or more references to other netgroups or netgroup + triples. A reference to another netgroup looks like: + INT32 NSLCD_NETGROUP_TYPE_NETGROUP + STRING other netgroup name + A a netgroup triple looks like: + INT32 NSLCD_NETGROUP_TYPE_TRIPLE + STRING host + STRING user + STRING domain + A netgroup result entry is terminated by: + INT32 NSLCD_NETGROUP_TYPE_END + */ +#define NSLCD_ACTION_NETGROUP_BYNAME 0x00060001 +#define NSLCD_ACTION_NETGROUP_ALL 0x00060008 +#define NSLCD_NETGROUP_TYPE_NETGROUP 1 +#define NSLCD_NETGROUP_TYPE_TRIPLE 2 +#define NSLCD_NETGROUP_TYPE_END 3 + +/* Network name (/etc/networks) NSS requests. Result values for a single + entry are: + STRING network name + STRINGLIST network aliases + ADDRESSLIST network addresses */ +#define NSLCD_ACTION_NETWORK_BYNAME 0x00070001 +#define NSLCD_ACTION_NETWORK_BYADDR 0x00070002 +#define NSLCD_ACTION_NETWORK_ALL 0x00070008 + +/* User account (/etc/passwd) NSS requests. Result values are: + STRING user name + STRING user password + INT32 user id + INT32 group id + STRING gecos information + STRING home directory + STRING login shell */ +#define NSLCD_ACTION_PASSWD_BYNAME 0x00080001 +#define NSLCD_ACTION_PASSWD_BYUID 0x00080002 +#define NSLCD_ACTION_PASSWD_ALL 0x00080008 + +/* Protocol information requests. Result values are: + STRING protocol name + STRINGLIST protocol aliases + INT32 protocol number */ +#define NSLCD_ACTION_PROTOCOL_BYNAME 0x00090001 +#define NSLCD_ACTION_PROTOCOL_BYNUMBER 0x00090002 +#define NSLCD_ACTION_PROTOCOL_ALL 0x00090008 + +/* RPC information requests. Result values are: + STRING rpc name + STRINGLIST rpc aliases + INT32 rpc number */ +#define NSLCD_ACTION_RPC_BYNAME 0x000a0001 +#define NSLCD_ACTION_RPC_BYNUMBER 0x000a0002 +#define NSLCD_ACTION_RPC_ALL 0x000a0008 + +/* Service (/etc/services) information requests. The BYNAME and BYNUMBER + requests contain an extra protocol string in the request which, if not + blank, will filter the services by this protocol. Result values are: + STRING service name + STRINGLIST service aliases + INT32 service (port) number + STRING service protocol */ +#define NSLCD_ACTION_SERVICE_BYNAME 0x000b0001 +#define NSLCD_ACTION_SERVICE_BYNUMBER 0x000b0002 +#define NSLCD_ACTION_SERVICE_ALL 0x000b0008 + +/* Extended user account (/etc/shadow) information requests. Result + values for a single entry are: + STRING user name + STRING user password + INT32 last password change + INT32 mindays + INT32 maxdays + INT32 warn + INT32 inact + INT32 expire + INT32 flag */ +#define NSLCD_ACTION_SHADOW_BYNAME 0x000c0001 +#define NSLCD_ACTION_SHADOW_ALL 0x000c0008 + +/* PAM-related requests. The request parameters for all these requests + begin with: + STRING user name + STRING service name + STRING ruser + STRING rhost + STRING tty + If the user is not known in LDAP no result may be returned (immediately + return NSLCD_RESULT_END instead of a PAM error code). */ + +/* PAM authentication check request. The extra request values are: + STRING password + and the result value consists of: + INT32 authc NSLCD_PAM_* result code + STRING user name (the cannonical user name) + INT32 authz NSLCD_PAM_* result code + STRING authorisation error message + If the username is empty in this request an attempt is made to + authenticate as the administrator (set using rootpwmoddn). + Some authorisation checks are already done during authentication so the + response also includes authorisation information. */ +#define NSLCD_ACTION_PAM_AUTHC 0x000d0001 + +/* PAM authorisation check request. The result value consists of: + INT32 authz NSLCD_PAM_* result code + STRING authorisation error message + The authentication check may have already returned some authorisation + information. The authorisation error message, if supplied, will be used + by the PAM module instead of a message that is generated by the PAM + module itself. */ +#define NSLCD_ACTION_PAM_AUTHZ 0x000d0002 + +/* PAM session open request. The result value consists of: + STRING session id + This session id may be used to close this session with. */ +#define NSLCD_ACTION_PAM_SESS_O 0x000d0003 + +/* PAM session close request. This request has the following + extra request value: + STRING session id + and this calls only returns an empty response value. */ +#define NSLCD_ACTION_PAM_SESS_C 0x000d0004 + +/* PAM password modification request. This requests has the following extra + request values: + INT32 asroot: 0=oldpasswd is user passwd, 1=oldpasswd is root passwd + STRING old password + STRING new password + and returns there extra result values: + INT32 NSLCD_PAM_* result code + STRING error message */ +#define NSLCD_ACTION_PAM_PWMOD 0x000d0005 + +/* User information change request. This request allows one to change + their full name and other information. The request parameters for this + request are: + STRING user name + INT32 asroot: 0=passwd is user passwd, 1=passwd is root passwd + STRING password + followed by one or more of the below, terminated by NSLCD_USERMOD_END + INT32 NSLCD_USERMOD_* + STRING new value + the response consists of one or more of the entries below, terminated + by NSLCD_USERMOD_END: + INT32 NSLCD_USERMOD_* + STRING response + (if the response is blank, the change went OK, otherwise the string + contains an error message) + */ +#define NSLCD_ACTION_USERMOD 0x000e0001 + +/* These are the possible values for the NSLCD_ACTION_USERMOD operation + above. */ +#define NSLCD_USERMOD_END 0 /* end of change values */ +#define NSLCD_USERMOD_RESULT 1 /* global result value */ +#define NSLCD_USERMOD_FULLNAME 2 /* full name */ +#define NSLCD_USERMOD_ROOMNUMBER 3 /* room number */ +#define NSLCD_USERMOD_WORKPHONE 4 /* office phone number */ +#define NSLCD_USERMOD_HOMEPHONE 5 /* home phone number */ +#define NSLCD_USERMOD_OTHER 6 /* other info */ +#define NSLCD_USERMOD_HOMEDIR 7 /* home directory */ +#define NSLCD_USERMOD_SHELL 8 /* login shell */ + +/* Request result codes. */ +#define NSLCD_RESULT_BEGIN 1 +#define NSLCD_RESULT_END 2 + +/* Partial list of PAM result codes. */ +#define NSLCD_PAM_SUCCESS 0 /* everything ok */ +#define NSLCD_PAM_PERM_DENIED 6 /* Permission denied */ +#define NSLCD_PAM_AUTH_ERR 7 /* Authc failure */ +#define NSLCD_PAM_CRED_INSUFFICIENT 8 /* Cannot access authc data */ +#define NSLCD_PAM_AUTHINFO_UNAVAIL 9 /* Cannot retrieve authc info */ +#define NSLCD_PAM_USER_UNKNOWN 10 /* User not known */ +#define NSLCD_PAM_MAXTRIES 11 /* Retry limit reached */ +#define NSLCD_PAM_NEW_AUTHTOK_REQD 12 /* Password expired */ +#define NSLCD_PAM_ACCT_EXPIRED 13 /* Account expired */ +#define NSLCD_PAM_SESSION_ERR 14 /* Cannot make/remove session record */ +#define NSLCD_PAM_AUTHTOK_ERR 20 /* Authentication token manipulation error */ +#define NSLCD_PAM_AUTHTOK_DISABLE_AGING 23 /* Password aging disabled */ +#define NSLCD_PAM_IGNORE 25 /* Ignore module */ +#define NSLCD_PAM_ABORT 26 /* Fatal error */ +#define NSLCD_PAM_AUTHTOK_EXPIRED 27 /* authentication token has expired */ + +#endif /* not _NSLCD_H */ diff --git a/nslcd/Makefile.am b/nslcd/Makefile.am new file mode 100644 index 0000000..a17b4ce --- /dev/null +++ b/nslcd/Makefile.am @@ -0,0 +1,39 @@ +# Makefile.am - use automake to generate Makefile.in +# +# Copyright (C) 2006-2007 West Consulting +# Copyright (C) 2006-2014 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +sbin_PROGRAMS = nslcd + +AM_CPPFLAGS=-I$(top_srcdir) +AM_CFLAGS = $(PTHREAD_CFLAGS) + +nslcd_SOURCES = nslcd.c ../nslcd.h ../common/nslcd-prot.h \ + ../compat/attrs.h \ + log.c log.h \ + daemonize.c daemonize.h \ + common.c common.h \ + myldap.c myldap.h \ + cfg.c cfg.h \ + attmap.c attmap.h \ + nsswitch.c invalidator.c \ + config.c alias.c ether.c group.c host.c netgroup.c network.c \ + passwd.c protocol.c rpc.c service.c shadow.c pam.c usermod.c +nslcd_LDADD = ../common/libtio.a ../common/libdict.a \ + ../common/libexpr.a ../compat/libcompat.a \ + @nslcd_LIBS@ @PTHREAD_LIBS@ diff --git a/nslcd/Makefile.in b/nslcd/Makefile.in new file mode 100644 index 0000000..3a5601b --- /dev/null +++ b/nslcd/Makefile.in @@ -0,0 +1,698 @@ +# Makefile.in generated by automake 1.15.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2017 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# Makefile.am - use automake to generate Makefile.in +# +# Copyright (C) 2006-2007 West Consulting +# Copyright (C) 2006-2014 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +VPATH = @srcdir@ +am__is_gnu_make = { \ + if test -z '$(MAKELEVEL)'; then \ + false; \ + elif test -n '$(MAKE_HOST)'; then \ + true; \ + elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ + true; \ + else \ + false; \ + fi; \ +} +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +target_triplet = @target@ +sbin_PROGRAMS = nslcd$(EXEEXT) +subdir = nslcd +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_pthread.m4 \ + $(top_srcdir)/m4/ax_python_module.m4 \ + $(top_srcdir)/m4/ax_tls.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +am__installdirs = "$(DESTDIR)$(sbindir)" +PROGRAMS = $(sbin_PROGRAMS) +am_nslcd_OBJECTS = nslcd.$(OBJEXT) log.$(OBJEXT) daemonize.$(OBJEXT) \ + common.$(OBJEXT) myldap.$(OBJEXT) cfg.$(OBJEXT) \ + attmap.$(OBJEXT) nsswitch.$(OBJEXT) invalidator.$(OBJEXT) \ + config.$(OBJEXT) alias.$(OBJEXT) ether.$(OBJEXT) \ + group.$(OBJEXT) host.$(OBJEXT) netgroup.$(OBJEXT) \ + network.$(OBJEXT) passwd.$(OBJEXT) protocol.$(OBJEXT) \ + rpc.$(OBJEXT) service.$(OBJEXT) shadow.$(OBJEXT) pam.$(OBJEXT) \ + usermod.$(OBJEXT) +nslcd_OBJECTS = $(am_nslcd_OBJECTS) +nslcd_DEPENDENCIES = ../common/libtio.a ../common/libdict.a \ + ../common/libexpr.a ../compat/libcompat.a +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = +SOURCES = $(nslcd_SOURCES) +DIST_SOURCES = $(nslcd_SOURCES) +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp \ + $(top_srcdir)/mkinstalldirs +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DOCBOOK2X_MAN = @DOCBOOK2X_MAN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ +MODULE_NAME = @MODULE_NAME@ +NSLCD_BINDPW_PATH = @NSLCD_BINDPW_PATH@ +NSLCD_CONF_PATH = @NSLCD_CONF_PATH@ +NSLCD_PIDFILE = @NSLCD_PIDFILE@ +NSLCD_SOCKET = @NSLCD_SOCKET@ +NSS_FLAVOUR = @NSS_FLAVOUR@ +NSS_LDAP_SONAME = @NSS_LDAP_SONAME@ +NSS_MODULE_OBJS = @NSS_MODULE_OBJS@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PAM_LDAP_SONAME = @PAM_LDAP_SONAME@ +PAM_SECLIB_DIR = @PAM_SECLIB_DIR@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PIC_CFLAGS = @PIC_CFLAGS@ +PTHREAD_CC = @PTHREAD_CC@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LIBS = @PTHREAD_LIBS@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ +RANLIB = @RANLIB@ +RELEASE_MONTH = @RELEASE_MONTH@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +ax_pthread_config = @ax_pthread_config@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +nslcd_LIBS = @nslcd_LIBS@ +nss_ldap_so_LDFLAGS = @nss_ldap_so_LDFLAGS@ +nss_ldap_so_LINK = @nss_ldap_so_LINK@ +oldincludedir = @oldincludedir@ +pam_ldap_so_LDFLAGS = @pam_ldap_so_LDFLAGS@ +pam_ldap_so_LINK = @pam_ldap_so_LINK@ +pdfdir = @pdfdir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ +runstatedir = @runstatedir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target = @target@ +target_alias = @target_alias@ +target_cpu = @target_cpu@ +target_os = @target_os@ +target_vendor = @target_vendor@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +AM_CPPFLAGS = -I$(top_srcdir) +AM_CFLAGS = $(PTHREAD_CFLAGS) +nslcd_SOURCES = nslcd.c ../nslcd.h ../common/nslcd-prot.h \ + ../compat/attrs.h \ + log.c log.h \ + daemonize.c daemonize.h \ + common.c common.h \ + myldap.c myldap.h \ + cfg.c cfg.h \ + attmap.c attmap.h \ + nsswitch.c invalidator.c \ + config.c alias.c ether.c group.c host.c netgroup.c network.c \ + passwd.c protocol.c rpc.c service.c shadow.c pam.c usermod.c + +nslcd_LDADD = ../common/libtio.a ../common/libdict.a \ + ../common/libexpr.a ../compat/libcompat.a \ + @nslcd_LIBS@ @PTHREAD_LIBS@ + +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .o .obj +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu nslcd/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu nslcd/Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): +install-sbinPROGRAMS: $(sbin_PROGRAMS) + @$(NORMAL_INSTALL) + @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ + if test -n "$$list"; then \ + echo " $(MKDIR_P) '$(DESTDIR)$(sbindir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(sbindir)" || exit 1; \ + fi; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p \ + ; then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' \ + -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(sbindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(sbindir)$$dir" || exit $$?; \ + } \ + ; done + +uninstall-sbinPROGRAMS: + @$(NORMAL_UNINSTALL) + @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' \ + `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(sbindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(sbindir)" && rm -f $$files + +clean-sbinPROGRAMS: + -test -z "$(sbin_PROGRAMS)" || rm -f $(sbin_PROGRAMS) + +installcheck-sbinPROGRAMS: $(sbin_PROGRAMS) + bad=0; pid=$$$$; list="$(sbin_PROGRAMS)"; for p in $$list; do \ + case ' $(AM_INSTALLCHECK_STD_OPTIONS_EXEMPT) ' in \ + *" $$p "* | *" $(srcdir)/$$p "*) continue;; \ + esac; \ + f=`echo "$$p" | \ + sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ + for opt in --help --version; do \ + if "$(DESTDIR)$(sbindir)/$$f" $$opt >c$${pid}_.out \ + 2>c$${pid}_.err &2; bad=1; fi; \ + done; \ + done; rm -f c$${pid}_.???; exit $$bad + +nslcd$(EXEEXT): $(nslcd_OBJECTS) $(nslcd_DEPENDENCIES) $(EXTRA_nslcd_DEPENDENCIES) + @rm -f nslcd$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(nslcd_OBJECTS) $(nslcd_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alias.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/attmap.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cfg.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/common.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/config.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/daemonize.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ether.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/group.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/host.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/invalidator.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/log.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/myldap.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/netgroup.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/network.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/nslcd.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/nsswitch.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/passwd.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rpc.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/service.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/shadow.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/usermod.Po@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< + +.c.obj: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` + +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(PROGRAMS) +installdirs: + for dir in "$(DESTDIR)$(sbindir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-sbinPROGRAMS mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: install-sbinPROGRAMS + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: installcheck-sbinPROGRAMS + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-sbinPROGRAMS + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ + clean-sbinPROGRAMS cscopelist-am ctags ctags-am distclean \ + distclean-compile distclean-generic distclean-tags distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-dvi install-dvi-am \ + install-exec install-exec-am install-html install-html-am \ + install-info install-info-am install-man install-pdf \ + install-pdf-am install-ps install-ps-am install-sbinPROGRAMS \ + install-strip installcheck installcheck-am \ + installcheck-sbinPROGRAMS installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic pdf pdf-am ps ps-am tags tags-am uninstall \ + uninstall-am uninstall-sbinPROGRAMS + +.PRECIOUS: Makefile + + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/nslcd/alias.c b/nslcd/alias.c new file mode 100644 index 0000000..7d6b978 --- /dev/null +++ b/nslcd/alias.c @@ -0,0 +1,139 @@ +/* + alias.c - alias entry lookup routines + Parts of this file were part of the nss_ldap library (as ldap-alias.c) + which has been forked into the nss-pam-ldapd library. + + Copyright (C) 1997-2005 Luke Howard + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2014 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include + +#include "common.h" +#include "log.h" +#include "myldap.h" +#include "cfg.h" +#include "attmap.h" + +/* Vendor-specific attributes and object classes. + * (Mainly from Sun.) + * ( 1.3.6.1.4.1.42.2.27.1.2.5 NAME 'nisMailAlias' SUP top STRUCTURAL + * DESC 'NIS mail alias' + * MUST cn + * MAY rfc822MailMember ) + */ + +/* the search base for searches */ +const char *alias_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; + +/* the search scope for searches */ +int alias_scope = LDAP_SCOPE_DEFAULT; + +/* the basic search filter for searches */ +const char *alias_filter = "(objectClass=nisMailAlias)"; + +/* the attributes to request with searches */ +const char *attmap_alias_cn = "cn"; +const char *attmap_alias_rfc822MailMember = "rfc822MailMember"; + +/* the attribute list to request with searches */ +static const char *alias_attrs[3]; + +/* create a search filter for searching an alias by name, + return -1 on errors */ +static int mkfilter_alias_byname(const char *name, + char *buffer, size_t buflen) +{ + char safename[BUFLEN_SAFENAME]; + /* escape attribute */ + if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_alias_byname(): safename buffer too small"); + return -1; + } + /* build filter */ + return mysnprintf(buffer, buflen, "(&%s(%s=%s))", + alias_filter, attmap_alias_cn, safename); +} + +void alias_init(void) +{ + int i; + /* set up search bases */ + if (alias_bases[0] == NULL) + for (i = 0; i < NSS_LDAP_CONFIG_MAX_BASES; i++) + alias_bases[i] = nslcd_cfg->bases[i]; + /* set up scope */ + if (alias_scope == LDAP_SCOPE_DEFAULT) + alias_scope = nslcd_cfg->scope; + /* set up attribute list */ + alias_attrs[0] = attmap_alias_cn; + alias_attrs[1] = attmap_alias_rfc822MailMember; + alias_attrs[2] = NULL; +} + +static int write_alias(TFILE *fp, MYLDAP_ENTRY *entry, const char *reqalias) +{ + int32_t tmpint32, tmp2int32, tmp3int32; + const char **names, **members; + int i; + /* get the name of the alias */ + names = myldap_get_values(entry, attmap_alias_cn); + if ((names == NULL) || (names[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_alias_cn); + return 0; + } + /* get the members of the alias */ + members = myldap_get_values(entry, attmap_alias_rfc822MailMember); + /* for each name, write an entry */ + for (i = 0; names[i] != NULL; i++) + { + if ((reqalias == NULL) || (strcasecmp(reqalias, names[i]) == 0)) + { + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_STRING(fp, names[i]); + WRITE_STRINGLIST(fp, members); + } + } + return 0; +} + +NSLCD_HANDLE( + alias, byname, NSLCD_ACTION_ALIAS_BYNAME, + char name[BUFLEN_NAME]; + char filter[BUFLEN_FILTER]; + READ_STRING(fp, name); + log_setrequest("alias=\"%s\"", name);, + mkfilter_alias_byname(name, filter, sizeof(filter)), + write_alias(fp, entry, name) +) + +NSLCD_HANDLE( + alias, all, NSLCD_ACTION_ALIAS_ALL, + const char *filter; + log_setrequest("alias(all)");, + (filter = alias_filter, 0), + write_alias(fp, entry, NULL) +) diff --git a/nslcd/attmap.c b/nslcd/attmap.c new file mode 100644 index 0000000..5aad41f --- /dev/null +++ b/nslcd/attmap.c @@ -0,0 +1,309 @@ +/* + attmap.c - attribute mapping values and functions + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2007-2014 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include + +#include "attmap.h" +#include "log.h" +#include "common/expr.h" + +/* these are the bases that are defined per database */ +extern const char *alias_bases[]; +extern const char *ether_bases[]; +extern const char *group_bases[]; +extern const char *host_bases[]; +extern const char *netgroup_bases[]; +extern const char *network_bases[]; +extern const char *passwd_bases[]; +extern const char *protocol_bases[]; +extern const char *rpc_bases[]; +extern const char *service_bases[]; +extern const char *shadow_bases[]; + +const char **base_get_var(enum ldap_map_selector map) +{ + switch (map) + { + case LM_ALIASES: return alias_bases; + case LM_ETHERS: return ether_bases; + case LM_GROUP: return group_bases; + case LM_HOSTS: return host_bases; + case LM_NETGROUP: return netgroup_bases; + case LM_NETWORKS: return network_bases; + case LM_PASSWD: return passwd_bases; + case LM_PROTOCOLS: return protocol_bases; + case LM_RPC: return rpc_bases; + case LM_SERVICES: return service_bases; + case LM_SHADOW: return shadow_bases; + case LM_NFSIDMAP: + case LM_NONE: + default: return NULL; + } +} + +/* these are the scopes that are defined per database */ +extern int alias_scope; +extern int ether_scope; +extern int group_scope; +extern int host_scope; +extern int netgroup_scope; +extern int network_scope; +extern int passwd_scope; +extern int protocol_scope; +extern int rpc_scope; +extern int service_scope; +extern int shadow_scope; + +int *scope_get_var(enum ldap_map_selector map) +{ + switch (map) + { + case LM_ALIASES: return &alias_scope; + case LM_ETHERS: return ðer_scope; + case LM_GROUP: return &group_scope; + case LM_HOSTS: return &host_scope; + case LM_NETGROUP: return &netgroup_scope; + case LM_NETWORKS: return &network_scope; + case LM_PASSWD: return &passwd_scope; + case LM_PROTOCOLS: return &protocol_scope; + case LM_RPC: return &rpc_scope; + case LM_SERVICES: return &service_scope; + case LM_SHADOW: return &shadow_scope; + case LM_NFSIDMAP: + case LM_NONE: + default: return NULL; + } +} + +/* these are the filters that are defined per database */ +extern const char *alias_filter; +extern const char *ether_filter; +extern const char *group_filter; +extern const char *host_filter; +extern const char *netgroup_filter; +extern const char *network_filter; +extern const char *passwd_filter; +extern const char *protocol_filter; +extern const char *rpc_filter; +extern const char *service_filter; +extern const char *shadow_filter; + +const char **filter_get_var(enum ldap_map_selector map) +{ + switch (map) + { + case LM_ALIASES: return &alias_filter; + case LM_ETHERS: return ðer_filter; + case LM_GROUP: return &group_filter; + case LM_HOSTS: return &host_filter; + case LM_NETGROUP: return &netgroup_filter; + case LM_NETWORKS: return &network_filter; + case LM_PASSWD: return &passwd_filter; + case LM_PROTOCOLS: return &protocol_filter; + case LM_RPC: return &rpc_filter; + case LM_SERVICES: return &service_filter; + case LM_SHADOW: return &shadow_filter; + case LM_NFSIDMAP: + case LM_NONE: + default: return NULL; + } +} + +const char **attmap_get_var(enum ldap_map_selector map, const char *name) +{ + if (map == LM_ALIASES) + { + if (strcasecmp(name, "cn") == 0) return &attmap_alias_cn; + if (strcasecmp(name, "rfc822MailMember") == 0) return &attmap_alias_rfc822MailMember; + } + else if (map == LM_ETHERS) + { + if (strcasecmp(name, "cn") == 0) return &attmap_ether_cn; + if (strcasecmp(name, "macAddress") == 0) return &attmap_ether_macAddress; + } + else if (map == LM_GROUP) + { + if (strcasecmp(name, "cn") == 0) return &attmap_group_cn; + if (strcasecmp(name, "userPassword") == 0) return &attmap_group_userPassword; + if (strcasecmp(name, "gidNumber") == 0) return &attmap_group_gidNumber; + if (strcasecmp(name, "memberUid") == 0) return &attmap_group_memberUid; + if (strcasecmp(name, "member") == 0) return &attmap_group_member; + } + else if (map == LM_HOSTS) + { + if (strcasecmp(name, "cn") == 0) return &attmap_host_cn; + if (strcasecmp(name, "ipHostNumber") == 0) return &attmap_host_ipHostNumber; + } + else if (map == LM_NETGROUP) + { + if (strcasecmp(name, "cn") == 0) return &attmap_netgroup_cn; + if (strcasecmp(name, "nisNetgroupTriple") == 0) return &attmap_netgroup_nisNetgroupTriple; + if (strcasecmp(name, "memberNisNetgroup") == 0) return &attmap_netgroup_memberNisNetgroup; + } + else if (map == LM_NETWORKS) + { + if (strcasecmp(name, "cn") == 0) return &attmap_network_cn; + if (strcasecmp(name, "ipNetworkNumber") == 0) return &attmap_network_ipNetworkNumber; + } + else if (map == LM_PASSWD) + { + if (strcasecmp(name, "uid") == 0) return &attmap_passwd_uid; + if (strcasecmp(name, "userPassword") == 0) return &attmap_passwd_userPassword; + if (strcasecmp(name, "uidNumber") == 0) return &attmap_passwd_uidNumber; + if (strcasecmp(name, "gidNumber") == 0) return &attmap_passwd_gidNumber; + if (strcasecmp(name, "gecos") == 0) return &attmap_passwd_gecos; + if (strcasecmp(name, "homeDirectory") == 0) return &attmap_passwd_homeDirectory; + if (strcasecmp(name, "loginShell") == 0) return &attmap_passwd_loginShell; + } + else if (map == LM_PROTOCOLS) + { + if (strcasecmp(name, "cn") == 0) return &attmap_protocol_cn; + if (strcasecmp(name, "ipProtocolNumber") == 0) return &attmap_protocol_ipProtocolNumber; + } + else if (map == LM_RPC) + { + if (strcasecmp(name, "cn") == 0) return &attmap_rpc_cn; + if (strcasecmp(name, "oncRpcNumber") == 0) return &attmap_rpc_oncRpcNumber; + } + else if (map == LM_SERVICES) + { + if (strcasecmp(name, "cn") == 0) return &attmap_service_cn; + if (strcasecmp(name, "ipServicePort") == 0) return &attmap_service_ipServicePort; + if (strcasecmp(name, "ipServiceProtocol") == 0) return &attmap_service_ipServiceProtocol; + } + else if (map == LM_SHADOW) + { + if (strcasecmp(name, "uid") == 0) return &attmap_shadow_uid; + if (strcasecmp(name, "userPassword") == 0) return &attmap_shadow_userPassword; + if (strcasecmp(name, "shadowLastChange") == 0) return &attmap_shadow_shadowLastChange; + if (strcasecmp(name, "shadowMin") == 0) return &attmap_shadow_shadowMin; + if (strcasecmp(name, "shadowMax") == 0) return &attmap_shadow_shadowMax; + if (strcasecmp(name, "shadowWarning") == 0) return &attmap_shadow_shadowWarning; + if (strcasecmp(name, "shadowInactive") == 0) return &attmap_shadow_shadowInactive; + if (strcasecmp(name, "shadowExpire") == 0) return &attmap_shadow_shadowExpire; + if (strcasecmp(name, "shadowFlag") == 0) return &attmap_shadow_shadowFlag; + } + return NULL; +} + +const char *attmap_set_mapping(const char **var, const char *value) +{ + /* check if we are setting an expression */ + if (value[0] == '"') + { + /* these attributes may contain an expression + (note that this needs to match the functionality in the specific + lookup module) */ + if ((var != &attmap_group_userPassword) && + (var != &attmap_group_member) && + (var != &attmap_passwd_userPassword) && + (var != &attmap_passwd_gidNumber) && + (var != &attmap_passwd_gecos) && + (var != &attmap_passwd_homeDirectory) && + (var != &attmap_passwd_loginShell) && + (var != &attmap_shadow_userPassword) && + (var != &attmap_shadow_shadowLastChange) && + (var != &attmap_shadow_shadowMin) && + (var != &attmap_shadow_shadowMax) && + (var != &attmap_shadow_shadowWarning) && + (var != &attmap_shadow_shadowInactive) && + (var != &attmap_shadow_shadowExpire) && + (var != &attmap_shadow_shadowFlag)) + return NULL; + /* the member attribute may only be set to an empty string */ + if ((var == &attmap_group_member) && (strcmp(value, "\"\"") != 0)) + return NULL; + } + /* check if the value will be changed */ + if ((*var == NULL) || (strcmp(*var, value) != 0)) + *var = strdup(value); + return *var; +} + +static const char *entry_expand(const char *name, void *expander_attr) +{ + MYLDAP_ENTRY *entry = (MYLDAP_ENTRY *)expander_attr; + const char **values; + if (strcasecmp(name, "dn") == 0) + return myldap_get_dn(entry); + values = myldap_get_values(entry, name); + if (values == NULL) + return ""; + /* TODO: handle userPassword attribute specially */ + if ((values[0] != NULL) && (values[1] != NULL)) + { + log_log(LOG_WARNING, "%s: %s: multiple values", + myldap_get_dn(entry), name); + } + return values[0]; +} + +const char *attmap_get_value(MYLDAP_ENTRY *entry, const char *attr, + char *buffer, size_t buflen) +{ + const char **values; + /* check and clear buffer */ + if ((buffer == NULL) || (buflen <= 0)) + return NULL; + buffer[0] = '\0'; + /* for simple values just return the attribute */ + if (attr[0] != '"') + { + values = myldap_get_values(entry, attr); + if ((values == NULL) || (values[0] == NULL)) + return NULL; + if (strlen(values[0]) >= buflen) + { + log_log(LOG_ERR, "attmap_get_value(): buffer too small (%lu required)", + (unsigned long) strlen(values[0])); + return NULL; + } + strncpy(buffer, values[0], buflen); + buffer[buflen - 1] = '\0'; + return buffer; + /* TODO: maybe warn when multiple values are found */ + } + /* we have an expression, try to parse */ + if ((attr[strlen(attr) - 1] != '"') || + (expr_parse(attr + 1, buffer, buflen, entry_expand, (void *)entry) == NULL)) + { + log_log(LOG_ERR, "attribute mapping %s is invalid", attr); + buffer[0] = '\0'; + return NULL; + } + /* strip trailing " */ + if (buffer[strlen(buffer) - 1] == '"') + buffer[strlen(buffer) - 1] = '\0'; + return buffer; +} + +SET *attmap_add_attributes(SET *set, const char *attr) +{ + if (attr[0] != '\"') + set_add(set, attr); + else + expr_vars(attr, set); + return set; +} diff --git a/nslcd/attmap.h b/nslcd/attmap.h new file mode 100644 index 0000000..81859ab --- /dev/null +++ b/nslcd/attmap.h @@ -0,0 +1,99 @@ +/* + attmap.h - attribute mapping variables + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2007, 2008, 2009, 2010, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef NSLCD__ATTMAP_H +#define NSLCD__ATTMAP_H 1 + +#include "cfg.h" +#include "myldap.h" +#include "common/set.h" + +/* these are the attribute names per database */ +extern const char *attmap_alias_cn; +extern const char *attmap_alias_rfc822MailMember; +extern const char *attmap_ether_cn; +extern const char *attmap_ether_macAddress; +extern const char *attmap_group_cn; +extern const char *attmap_group_userPassword; +extern const char *attmap_group_gidNumber; +extern const char *attmap_group_memberUid; +extern const char *attmap_group_member; +extern const char *attmap_host_cn; +extern const char *attmap_host_ipHostNumber; +extern const char *attmap_netgroup_cn; +extern const char *attmap_netgroup_nisNetgroupTriple; +extern const char *attmap_netgroup_memberNisNetgroup; +extern const char *attmap_network_cn; +extern const char *attmap_network_ipNetworkNumber; +extern const char *attmap_passwd_uid; +extern const char *attmap_passwd_userPassword; +extern const char *attmap_passwd_uidNumber; +extern const char *attmap_passwd_gidNumber; +extern const char *attmap_passwd_gecos; +extern const char *attmap_passwd_homeDirectory; +extern const char *attmap_passwd_loginShell; +extern const char *attmap_protocol_cn; +extern const char *attmap_protocol_ipProtocolNumber; +extern const char *attmap_rpc_cn; +extern const char *attmap_rpc_oncRpcNumber; +extern const char *attmap_service_cn; +extern const char *attmap_service_ipServicePort; +extern const char *attmap_service_ipServiceProtocol; +extern const char *attmap_shadow_uid; +extern const char *attmap_shadow_userPassword; +extern const char *attmap_shadow_shadowLastChange; +extern const char *attmap_shadow_shadowMin; +extern const char *attmap_shadow_shadowMax; +extern const char *attmap_shadow_shadowWarning; +extern const char *attmap_shadow_shadowInactive; +extern const char *attmap_shadow_shadowExpire; +extern const char *attmap_shadow_shadowFlag; + +/* return a reference to the map specific base variable */ +const char **base_get_var(enum ldap_map_selector map); + +/* return a reference to the map specific scope variable */ +int *scope_get_var(enum ldap_map_selector map); + +/* return a reference to the map specific filter variable */ +const char **filter_get_var(enum ldap_map_selector map); + +/* return a reference to the attribute mapping variable for the specified name + the name is the name after the attmap_... variables above with the + underscode replaced by a dot (e.g passwd.homeDirectory) */ +const char **attmap_get_var(enum ldap_map_selector map, const char *name); + +/* Set the attribute mapping of the variable to the value specified. + Returns the new value on success. */ +MUST_USE const char *attmap_set_mapping(const char **var, const char *value); + +/* Return a value for the attribute, handling the case where attr + is an expression. On error (e.g. problem parsing expression, attribute + value not found) it returns NULL and the buffer is made empty. */ +const char *attmap_get_value(MYLDAP_ENTRY *entry, const char *attr, + char *buffer, size_t buflen); + +/* Add the attributes from attr to the set. The attr argumenent + can either be an attribute or an attribute expression. */ +SET *attmap_add_attributes(SET *set, const char *attr); + +#endif /* not NSLCD__ATTMAP_H */ diff --git a/nslcd/cfg.c b/nslcd/cfg.c new file mode 100644 index 0000000..348e800 --- /dev/null +++ b/nslcd/cfg.c @@ -0,0 +1,1975 @@ +/* + cfg.c - functions for configuration information + This file contains parts that were part of the nss_ldap + library which has been forked into the nss-pam-ldapd library. + + Copyright (C) 1997-2005 Luke Howard + Copyright (C) 2007 West Consulting + Copyright (C) 2007-2018 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#ifdef HAVE_GSSAPI_H +#include +#endif /* HAVE_GSSAPI_H */ +#ifdef HAVE_GSSAPI_GSSAPI_H +#include +#endif /* HAVE_GSSAPI_GSSAPI_H */ +#ifdef HAVE_GSSAPI_GSSAPI_KRB5_H +#include +#endif /* HAVE_GSSAPI_GSSAPI_KRB5_H */ +#ifdef HAVE_GSSAPI_GSSAPI_GENERIC_H +#include +#endif /* HAVE_GSSAPI_GSSAPI_GENERIC_H */ +#include +#include +#include + +#include "common.h" +#include "log.h" +#include "cfg.h" +#include "attmap.h" +#include "common/expr.h" + +struct ldap_config *nslcd_cfg = NULL; + +/* the maximum line length in the configuration file */ +#define MAX_LINE_LENGTH 4096 + +/* the delimiters of tokens */ +#define TOKEN_DELIM " \t\n\r" + +/* convenient wrapper macro for ldap_set_option() */ +#define LDAP_SET_OPTION(ld, option, invalue) \ + rc = ldap_set_option(ld, option, invalue); \ + if (rc != LDAP_SUCCESS) \ + { \ + log_log(LOG_ERR, "ldap_set_option(" #option ") failed: %s", \ + ldap_err2string(rc)); \ + exit(EXIT_FAILURE); \ + } + +/* simple strdup wrapper */ +static char *xstrdup(const char *s) +{ + char *tmp; + if (s == NULL) + { + log_log(LOG_CRIT, "xstrdup() called with NULL"); + exit(EXIT_FAILURE); + } + tmp = strdup(s); + if (tmp == NULL) + { + log_log(LOG_CRIT, "strdup() failed to allocate memory"); + exit(EXIT_FAILURE); + } + return tmp; +} + +/* check that the condition is true and otherwise log an error + and bail out */ +static inline void check_argumentcount(const char *filename, int lnr, + const char *keyword, int condition) +{ + if (!condition) + { + log_log(LOG_ERR, "%s:%d: %s: wrong number of arguments", + filename, lnr, keyword); + exit(EXIT_FAILURE); + } +} + +/* This function works like strtok() except that the original string is + not modified and a pointer within str to where the next token begins + is returned (this can be used to pass to the function on the next + iteration). If no more tokens are found or the token will not fit in + the buffer, NULL is returned. */ +static char *get_token(char **line, char *buf, size_t buflen) +{ + size_t len; + if ((line == NULL) || (*line == NULL) || (**line == '\0') || (buf == NULL)) + return NULL; + /* find the beginning and length of the token */ + *line += strspn(*line, TOKEN_DELIM); + len = strcspn(*line, TOKEN_DELIM); + /* check if there is a token */ + if (len == 0) + { + *line = NULL; + return NULL; + } + /* limit the token length */ + if (len >= buflen) + len = buflen - 1; + /* copy the token */ + strncpy(buf, *line, len); + buf[len] = '\0'; + /* skip to the next token */ + *line += len; + *line += strspn(*line, TOKEN_DELIM); + /* return the token */ + return buf; +} + +static char *get_strdup(const char *filename, int lnr, + const char *keyword, char **line) +{ + char token[MAX_LINE_LENGTH]; + check_argumentcount(filename, lnr, keyword, + get_token(line, token, sizeof(token)) != NULL); + return xstrdup(token); +} + +static char *get_linedup(const char *filename, int lnr, + const char *keyword, char **line) +{ + char *var; + check_argumentcount(filename, lnr, keyword, (*line != NULL) && (**line != '\0')); + var = xstrdup(*line); + /* mark that we are at the end of the line */ + *line = NULL; + return var; +} + +static void get_eol(const char *filename, int lnr, + const char *keyword, char **line) +{ + if ((line != NULL) && (*line != NULL) && (**line != '\0')) + { + log_log(LOG_ERR, "%s:%d: %s: too many arguments", filename, lnr, keyword); + exit(EXIT_FAILURE); + } +} + +static int get_int(const char *filename, int lnr, + const char *keyword, char **line) +{ + char token[32]; + check_argumentcount(filename, lnr, keyword, + get_token(line, token, sizeof(token)) != NULL); + /* TODO: replace with correct numeric parse */ + return atoi(token); +} + +static int parse_boolean(const char *filename, int lnr, const char *value) +{ + if ((strcasecmp(value, "on") == 0) || + (strcasecmp(value, "yes") == 0) || + (strcasecmp(value, "true") == 0) || (strcasecmp(value, "1") == 0)) + return 1; + else if ((strcasecmp(value, "off") == 0) || + (strcasecmp(value, "no") == 0) || + (strcasecmp(value, "false") == 0) || (strcasecmp(value, "0") == 0)) + return 0; + else + { + log_log(LOG_ERR, "%s:%d: not a boolean argument: '%s'", + filename, lnr, value); + exit(EXIT_FAILURE); + } +} + +static int get_boolean(const char *filename, int lnr, + const char *keyword, char **line) +{ + char token[32]; + check_argumentcount(filename, lnr, keyword, + get_token(line, token, sizeof(token)) != NULL); + return parse_boolean(filename, lnr, token); +} + +static const char *print_boolean(int bool) +{ + if (bool) return "yes"; + else return "no"; +} + +#define TIME_MINUTES 60 +#define TIME_HOURS (60 * 60) +#define TIME_DAYS (60 * 60 * 24) + +static time_t parse_time(const char *filename, int lnr, const char *value) +{ + time_t t; + char *tmp = NULL; + if (strcasecmp(value, "off") == 0) + return 0; + errno = 0; + t = strtol(value, &tmp, 10); + if (errno != 0) + { + log_log(LOG_ERR, "%s:%d: value out of range: '%s'", + filename, lnr, value); + exit(EXIT_FAILURE); + } + if ((strcasecmp(tmp, "") == 0) || (strcasecmp(tmp, "s") == 0)) + return t; + else if (strcasecmp(tmp, "m") == 0) + return t * TIME_MINUTES; + else if (strcasecmp(tmp, "h") == 0) + return t * TIME_HOURS; + else if (strcasecmp(tmp, "d") == 0) + return t * TIME_DAYS; + else + { + log_log(LOG_ERR, "%s:%d: invalid time value: '%s'", + filename, lnr, value); + exit(EXIT_FAILURE); + } +} + +static time_t get_time(const char *filename, int lnr, + const char *keyword, char **line) +{ + char token[32]; + check_argumentcount(filename, lnr, keyword, + get_token(line, token, sizeof(token)) != NULL); + return parse_time(filename, lnr, token); +} + +static void print_time(time_t t, char *buffer, size_t buflen) +{ + if (t == 0) + mysnprintf(buffer, buflen, "off"); + else if ((t % TIME_DAYS) == 0) + mysnprintf(buffer, buflen, "%ldd", (long)(t / TIME_DAYS)); + else if ((t % TIME_HOURS) == 0) + mysnprintf(buffer, buflen, "%ldh", (long)(t / TIME_HOURS)); + else if ((t % TIME_MINUTES) == 0) + mysnprintf(buffer, buflen, "%ldm", (long)(t / TIME_MINUTES)); + else + mysnprintf(buffer, buflen, "%lds", (long)t); +} + +static void handle_uid(const char *filename, int lnr, + const char *keyword, char *line, + struct ldap_config *cfg) +{ + char token[32]; + struct passwd *pwent; + char *tmp; + check_argumentcount(filename, lnr, keyword, + get_token(&line, token, sizeof(token)) != NULL); + get_eol(filename, lnr, keyword, &line); + /* check if it is a valid numerical uid */ + errno = 0; + cfg->uid = strtouid(token, &tmp, 10); + if ((*token != '\0') && (*tmp == '\0') && (errno == 0) && (strchr(token, '-') == NULL)) + { + /* get the name and gid from the passwd database */ + pwent = getpwuid(cfg->uid); + if (pwent != NULL) + { + if (cfg->gid == NOGID) + cfg->gid = pwent->pw_gid; + cfg->uidname = strdup(pwent->pw_name); + return; + } + } + /* find by name */ + pwent = getpwnam(token); + if (pwent != NULL) + { + cfg->uid = pwent->pw_uid; + if (cfg->gid == NOGID) + cfg->gid = pwent->pw_gid; + cfg->uidname = strdup(token); + return; + } + /* log an error */ + log_log(LOG_ERR, "%s:%d: %s: not a valid uid: '%s'", + filename, lnr, keyword, token); + exit(EXIT_FAILURE); +} + +static void handle_gid(const char *filename, int lnr, + const char *keyword, char *line, + gid_t *gid) +{ + char token[32]; + struct group *grent; + char *tmp; + check_argumentcount(filename, lnr, keyword, + get_token(&line, token, sizeof(token)) != NULL); + get_eol(filename, lnr, keyword, &line); + /* check if it is a valid numerical gid */ + errno = 0; + *gid = strtogid(token, &tmp, 10); + if ((*token != '\0') && (*tmp == '\0') && (errno == 0) && (strchr(token, '-') == NULL)) + return; + /* find by name */ + grent = getgrnam(token); + if (grent != NULL) + { + *gid = grent->gr_gid; + return; + } + /* log an error */ + log_log(LOG_ERR, "%s:%d: %s: not a valid gid: '%s'", + filename, lnr, keyword, token); + exit(EXIT_FAILURE); +} + +static int parse_loglevel(const char *filename, int lnr, const char *value) +{ + if (strcasecmp(value, "crit") == 0) + return LOG_CRIT; + else if ((strcasecmp(value, "error") == 0) || (strcasecmp(value, "err") == 0)) + return LOG_ERR; + else if (strcasecmp(value, "warning")==0) + return LOG_WARNING; + else if (strcasecmp(value, "notice")==0) + return LOG_NOTICE; + else if (strcasecmp(value, "info")==0) + return LOG_INFO; + else if (strcasecmp(value, "debug")==0) + return LOG_DEBUG; + else + { + log_log(LOG_ERR, "%s:%d: not a log level '%s'", + filename, lnr, value); + exit(EXIT_FAILURE); + } +} + +static void handle_log(const char *filename, int lnr, + const char *keyword, char *line) +{ + int level = LOG_INFO; + char scheme[64]; + char loglevel[32]; + check_argumentcount(filename, lnr, keyword, + get_token(&line, scheme, sizeof(scheme)) != NULL); + if (get_token(&line, loglevel, sizeof(loglevel)) != NULL) + level = parse_loglevel(filename, lnr, loglevel); + get_eol(filename, lnr, keyword, &line); + if (strcasecmp(scheme, "none") == 0) + log_addlogging_none(); + else if (strcasecmp(scheme, "syslog") == 0) + log_addlogging_syslog(level); + else if (scheme[0] == '/') + log_addlogging_file(level, scheme); + else + { + log_log(LOG_ERR, "%s:%d: %s: invalid argument '%s'", + filename, lnr, keyword, scheme); + exit(EXIT_FAILURE); + } +} + +/* add a single URI to the list of URIs in the configuration */ +static void add_uri(const char *filename, int lnr, + struct ldap_config *cfg, const char *uri) +{ + int i; + /* find the place where to insert the URI */ + for (i = 0; cfg->uris[i].uri != NULL; i++) + /* nothing */ ; + /* check for room */ + if (i >= NSS_LDAP_CONFIG_MAX_URIS) + { + log_log(LOG_ERR, "%s:%d: maximum number of URIs exceeded", + filename, lnr); + exit(EXIT_FAILURE); + } + /* append URI to list */ + cfg->uris[i].uri = xstrdup(uri); +} + +#ifdef HAVE_LDAP_DOMAIN2HOSTLIST +/* return the domain name of the current host + the returned string must be freed by caller */ +static const char *cfg_getdomainname(const char *filename, int lnr) +{ + const char *fqdn, *domain; + fqdn = getfqdn(); + if ((fqdn != NULL) && ((domain = strchr(fqdn, '.')) != NULL) && (domain[1] != '\0')) + return domain + 1; + log_log(LOG_ERR, "%s:%d: unable to determinate a domain name", + filename, lnr); + exit(EXIT_FAILURE); +} + +/* add URIs by doing DNS queries for SRV records */ +static void add_uris_from_dns(const char *filename, int lnr, + struct ldap_config *cfg, const char *domain) +{ + int rc; + char *hostlist = NULL, *nxt; + char buf[BUFLEN_HOSTNAME + sizeof("ldap://")]; + log_log(LOG_DEBUG, "query %s for SRV records", domain); + rc = ldap_domain2hostlist(domain, &hostlist); + if (rc != LDAP_SUCCESS) + { + log_log(LOG_ERR, "%s:%d: no servers found in DNS zone %s: %s", + filename, lnr, domain, ldap_err2string(rc)); + exit(EXIT_FAILURE); + } + if ((hostlist == NULL) || (*hostlist == '\0')) + { + log_log(LOG_ERR, "%s:%d: no servers found in DNS zone %s", + filename, lnr, domain); + exit(EXIT_FAILURE); + } + /* hostlist is a space-separated list of host names that we use to build + URIs */ + while (hostlist != NULL) + { + /* find the next space and split the string there */ + nxt = strchr(hostlist, ' '); + if (nxt != NULL) + { + *nxt = '\0'; + nxt++; + } + /* if port is 636, use ldaps:// URI */ + if ((strlen(hostlist) > 4) && (strcmp(hostlist + strlen(hostlist) - 4, ":636") == 0)) + { + hostlist[strlen(hostlist) - 4] = '\0'; + if (mysnprintf(buf, sizeof(buf), "ldaps://%s", hostlist)) + { + log_log(LOG_ERR, "add_uris_from_dns(): buf buffer too small (%lu required)", + (unsigned long) strlen(hostlist) + 8); + exit(EXIT_FAILURE); + } + } + else + { + /* strip default port number */ + if ((strlen(hostlist) > 4) && (strcmp(hostlist + strlen(hostlist) - 4, ":389") == 0)) + hostlist[strlen(hostlist) - 4] = '\0'; + if (mysnprintf(buf, sizeof(buf), "ldap://%s", hostlist)) + { + log_log(LOG_ERR, "add_uris_from_dns(): buf buffer too small (%lu required)", + (unsigned long) strlen(hostlist) + 7); + exit(EXIT_FAILURE); + } + } + log_log(LOG_DEBUG, "add_uris_from_dns(): found uri: %s", buf); + add_uri(filename, lnr, cfg, buf); + /* get next entry from list */ + hostlist = nxt; + } +} +#endif /* HAVE_LDAP_DOMAIN2HOSTLIST */ + +/* check that the file is not world readable */ +static void check_permissions(const char *filename, const char *keyword) +{ + struct stat sb; + /* get file status */ + if (stat(filename, &sb)) + { + log_log(LOG_ERR, "cannot stat() %s: %s", filename, strerror(errno)); + exit(EXIT_FAILURE); + } + /* check permissions */ + if ((sb.st_mode & 0007) != 0) + { + if (keyword != NULL) + log_log(LOG_ERR, "%s: file should not be world readable if %s is set", + filename, keyword); + else + log_log(LOG_ERR, "%s: file should not be world readable", filename); + exit(EXIT_FAILURE); + } +} + +/* check whether the specified path is readable */ +static void check_readable(const char *filename, int lnr, + const char *keyword, const char *path) +{ + if (access(path, R_OK) != 0) + { + log_log(LOG_ERR, "%s:%d: %s: error accessing %s: %s", + filename, lnr, keyword, path, strerror(errno)); + exit(EXIT_FAILURE); + } +} + +/* check whether the specified path is a directory */ +static void check_dir(const char *filename, int lnr, + const char *keyword, const char *path) +{ + struct stat sb; + if (stat(path, &sb)) + { + log_log(LOG_ERR, "%s:%d: %s: cannot stat() %s: %s", + filename, lnr, keyword, path, strerror(errno)); + exit(EXIT_FAILURE); + } + if (!S_ISDIR(sb.st_mode)) + { + log_log(LOG_ERR, "%s:%d: %s: %s is not a directory", + filename, lnr, keyword, path); + exit(EXIT_FAILURE); + } +} + +static void handle_krb5_ccname(const char *filename, int lnr, + const char *keyword, char *line) +{ + char token[80]; + const char *ccname; + const char *ccfile; + size_t ccenvlen; + char *ccenv; +#ifdef HAVE_GSS_KRB5_CCACHE_NAME + OM_uint32 minor_status; +#endif /* HAVE_GSS_KRB5_CCACHE_NAME */ + /* get token */ + check_argumentcount(filename, lnr, keyword, + (get_token(&line, token, sizeof(token)) != NULL)); + get_eol(filename, lnr, keyword, &line); + /* set default kerberos ticket cache for SASL-GSSAPI */ + ccname = token; + /* check that cache exists and is readable if it is a file */ + if ((strncasecmp(ccname, "FILE:", sizeof("FILE:") - 1) == 0) || + (strncasecmp(ccname, "WRFILE:", sizeof("WRFILE:") - 1) == 0)) + { + ccfile = strchr(ccname, ':') + 1; + check_readable(filename, lnr, keyword, ccfile); + } + /* set the environment variable (we have a memory leak if this option + is set multiple times) */ + ccenvlen = strlen(ccname) + sizeof("KRB5CCNAME="); + ccenv = (char *)malloc(ccenvlen); + if (ccenv == NULL) + { + log_log(LOG_CRIT, "malloc() failed to allocate memory"); + exit(EXIT_FAILURE); + } + mysnprintf(ccenv, ccenvlen, "KRB5CCNAME=%s", ccname); + putenv(ccenv); +#ifdef HAVE_GSS_KRB5_CCACHE_NAME + /* set the name with gss_krb5_ccache_name() */ + if (gss_krb5_ccache_name(&minor_status, ccname, NULL) != GSS_S_COMPLETE) + { + log_log(LOG_ERR, "%s:%d: unable to set default credential cache: %s", + filename, lnr, ccname); + exit(EXIT_FAILURE); + } +#endif /* HAVE_GSS_KRB5_CCACHE_NAME */ +} + +static enum ldap_map_selector parse_map(const char *value) +{ + if ((strcasecmp(value, "alias") == 0) || (strcasecmp(value, "aliases") == 0)) + return LM_ALIASES; + else if ((strcasecmp(value, "ether") == 0) || (strcasecmp(value, "ethers") == 0)) + return LM_ETHERS; + else if (strcasecmp(value, "group") == 0) + return LM_GROUP; + else if ((strcasecmp(value, "host") == 0) || (strcasecmp(value, "hosts") == 0)) + return LM_HOSTS; + else if (strcasecmp(value, "netgroup") == 0) + return LM_NETGROUP; + else if ((strcasecmp(value, "network") == 0) || (strcasecmp(value, "networks") == 0)) + return LM_NETWORKS; + else if (strcasecmp(value, "passwd") == 0) + return LM_PASSWD; + else if ((strcasecmp(value, "protocol") == 0) || (strcasecmp(value, "protocols") == 0)) + return LM_PROTOCOLS; + else if (strcasecmp(value, "rpc") == 0) + return LM_RPC; + else if ((strcasecmp(value, "service") == 0) || (strcasecmp(value, "services") == 0)) + return LM_SERVICES; + else if (strcasecmp(value, "shadow") == 0) + return LM_SHADOW; + else if (strcasecmp(value, "nfsidmap") == 0) + return LM_NFSIDMAP; + /* unknown map */ + return LM_NONE; +} + +/* check to see if the line begins with a named map */ +static enum ldap_map_selector get_map(char **line) +{ + char token[32]; + char *old; + enum ldap_map_selector map; + /* get the token */ + old = *line; + if (get_token(line, token, sizeof(token)) == NULL) + return LM_NONE; + /* see if we found a map */ + map = parse_map(token); + /* unknown map, return to the previous state */ + if (map == LM_NONE) + *line = old; + return map; +} + +static const char *print_map(enum ldap_map_selector map) +{ + switch (map) + { + case LM_ALIASES: return "aliases"; + case LM_ETHERS: return "ethers"; + case LM_GROUP: return "group"; + case LM_HOSTS: return "hosts"; + case LM_NETGROUP: return "netgroup"; + case LM_NETWORKS: return "networks"; + case LM_PASSWD: return "passwd"; + case LM_PROTOCOLS: return "protocols"; + case LM_RPC: return "rpc"; + case LM_SERVICES: return "services"; + case LM_SHADOW: return "shadow"; + case LM_NFSIDMAP: return "nfsidmap"; + case LM_NONE: + default: return "???"; + } +} + +static void handle_base(const char *filename, int lnr, + const char *keyword, char *line, + struct ldap_config *cfg) +{ + const char **bases; + int i; + char *value; +#ifdef HAVE_LDAP_DOMAIN2DN + const char *domain = NULL; + char *domaindn = NULL; +#endif /* HAVE_LDAP_DOMAIN2DN */ + /* get the list of bases to update */ + bases = base_get_var(get_map(&line)); + if (bases == NULL) + bases = cfg->bases; + /* rest of the line is the value */ + value = get_linedup(filename, lnr, keyword, &line); + /* if the base is "DOMAIN" use the domain name */ + if (strcasecmp(value, "domain") == 0) + { +#ifdef HAVE_LDAP_DOMAIN2DN + free(value); + domain = cfg_getdomainname(filename, lnr); + ldap_domain2dn(domain, &domaindn); + log_log(LOG_DEBUG, "set_base(): setting base to %s from domain", + domaindn); + value = xstrdup(domaindn); +#else /* not HAVE_LDAP_DOMAIN2DN */ + log_log(LOG_ERR, "%s:%d: value %s not supported on platform", + filename, lnr, value); + exit(EXIT_FAILURE); +#endif /* not HAVE_LDAP_DOMAIN2DN */ + } + /* find the spot in the list of bases */ + for (i = 0; i < NSS_LDAP_CONFIG_MAX_BASES; i++) + if (bases[i] == NULL) + { + bases[i] = value; + return; + } + /* no free spot found */ + log_log(LOG_ERR, "%s:%d: maximum number of base options per map (%d) exceeded", + filename, lnr, NSS_LDAP_CONFIG_MAX_BASES); + exit(EXIT_FAILURE); +} + +static void handle_scope(const char *filename, int lnr, + const char *keyword, char *line, + struct ldap_config *cfg) +{ + char token[32]; + int *var; + var = scope_get_var(get_map(&line)); + check_argumentcount(filename, lnr, keyword, + get_token(&line, token, sizeof(token)) != NULL); + get_eol(filename, lnr, keyword, &line); + if (var == NULL) + var = &cfg->scope; + if ((strcasecmp(token, "sub") == 0) || (strcasecmp(token, "subtree") == 0)) + *var = LDAP_SCOPE_SUBTREE; + else if ((strcasecmp(token, "one") == 0) || (strcasecmp(token, "onelevel") == 0)) + *var = LDAP_SCOPE_ONELEVEL; + else if (strcasecmp(token, "base") == 0) + *var = LDAP_SCOPE_BASE; +#ifdef LDAP_SCOPE_CHILDREN + else if (strcasecmp(token, "children") == 0) + *var = LDAP_SCOPE_CHILDREN; +#endif /* LDAP_SCOPE_CHILDREN */ + else + { + log_log(LOG_ERR, "%s:%d: not a scope argument: '%s'", + filename, lnr, token); + exit(EXIT_FAILURE); + } +} + +static const char *print_scope(int scope) +{ + switch (scope) + { + case LDAP_SCOPE_SUBTREE: return "sub"; + case LDAP_SCOPE_ONELEVEL: return "one"; + case LDAP_SCOPE_BASE: return "base"; +#ifdef LDAP_SCOPE_CHILDREN + case LDAP_SCOPE_CHILDREN: return "children"; +#endif /* LDAP_SCOPE_CHILDREN */ + default: return "???"; + } +} + +static void handle_deref(const char *filename, int lnr, + const char *keyword, char *line, + struct ldap_config *cfg) +{ + char token[32]; + check_argumentcount(filename, lnr, keyword, + get_token(&line, token, sizeof(token)) != NULL); + get_eol(filename, lnr, keyword, &line); + if (strcasecmp(token, "never") == 0) + cfg->deref = LDAP_DEREF_NEVER; + else if (strcasecmp(token, "searching") == 0) + cfg->deref = LDAP_DEREF_SEARCHING; + else if (strcasecmp(token, "finding") == 0) + cfg->deref = LDAP_DEREF_FINDING; + else if (strcasecmp(token, "always") == 0) + cfg->deref = LDAP_DEREF_ALWAYS; + else + { + log_log(LOG_ERR, "%s:%d: wrong argument: '%s'", filename, lnr, token); + exit(EXIT_FAILURE); + } +} + +static const char *print_deref(int deref) +{ + switch (deref) + { + case LDAP_DEREF_NEVER: return "never"; + case LDAP_DEREF_SEARCHING: return "searching"; + case LDAP_DEREF_FINDING: return "finding"; + case LDAP_DEREF_ALWAYS: return "always"; + default: return "???"; + } +} + +static void handle_filter(const char *filename, int lnr, + const char *keyword, char *line) +{ + const char **var; + const char *map = line; + var = filter_get_var(get_map(&line)); + if (var == NULL) + { + log_log(LOG_ERR, "%s:%d: unknown map: '%s'", filename, lnr, map); + exit(EXIT_FAILURE); + } + check_argumentcount(filename, lnr, keyword, (line != NULL) && (*line != '\0')); + /* check if the value will be changed */ + if (strcmp(*var, line) != 0) + { + /* Note: we have a memory leak here if a single mapping is changed + multiple times in one config (deemed not a problem) */ + *var = xstrdup(line); + } +} + +/* this function modifies the statement argument passed */ +static void handle_map(const char *filename, int lnr, + const char *keyword, char *line) +{ + enum ldap_map_selector map; + const char **var; + char oldatt[32], *newatt; + /* get the map */ + if ((map = get_map(&line)) == LM_NONE) + { + log_log(LOG_ERR, "%s:%d: unknown map: '%s'", filename, lnr, line); + exit(EXIT_FAILURE); + } + /* read the other tokens */ + check_argumentcount(filename, lnr, keyword, + (get_token(&line, oldatt, sizeof(oldatt)) != NULL)); + newatt = get_linedup(filename, lnr, keyword, &line); + /* change attribute mapping */ + var = attmap_get_var(map, oldatt); + if (var == NULL) + { + log_log(LOG_ERR, "%s:%d: unknown attribute to map: '%s'", + filename, lnr, oldatt); + exit(EXIT_FAILURE); + } + if (attmap_set_mapping(var, newatt) == NULL) + { + log_log(LOG_ERR, "%s:%d: attribute %s cannot be an expression", + filename, lnr, oldatt); + exit(EXIT_FAILURE); + } + free(newatt); +} + +#ifdef LDAP_OPT_X_TLS +static const char *print_ssl(int ssl) +{ + switch (ssl) + { + case SSL_OFF: return "off"; + case SSL_START_TLS: return "start_tls"; + case SSL_LDAPS: return "on"; + default: return "???"; + } +} + +static void handle_tls_reqcert(const char *filename, int lnr, + const char *keyword, char *line) +{ + char token[16]; + int value, rc; + /* get token */ + check_argumentcount(filename, lnr, keyword, + get_token(&line, token, sizeof(token)) != NULL); + get_eol(filename, lnr, keyword, &line); + /* check if it is a valid value for tls_reqcert option */ + if ((strcasecmp(token, "never") == 0) || (strcasecmp(token, "no") == 0)) + value = LDAP_OPT_X_TLS_NEVER; + else if (strcasecmp(token, "allow") == 0) + value = LDAP_OPT_X_TLS_ALLOW; + else if (strcasecmp(token, "try") == 0) + value = LDAP_OPT_X_TLS_TRY; + else if ((strcasecmp(token, "demand") == 0) || + (strcasecmp(token, "yes") == 0)) + value = LDAP_OPT_X_TLS_DEMAND; + else if (strcasecmp(token, "hard") == 0) + value = LDAP_OPT_X_TLS_HARD; + else + { + log_log(LOG_ERR, "%s:%d: %s: invalid argument: '%s'", + filename, lnr, keyword, token); + exit(EXIT_FAILURE); + } + log_log(LOG_DEBUG, "ldap_set_option(LDAP_OPT_X_TLS_REQUIRE_CERT,%s)", token); + LDAP_SET_OPTION(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &value); +} + +static const char *print_tls_reqcert(int value) +{ + switch (value) + { + case LDAP_OPT_X_TLS_NEVER: return "never"; + case LDAP_OPT_X_TLS_ALLOW: return "allow"; + case LDAP_OPT_X_TLS_TRY: return "try"; + case LDAP_OPT_X_TLS_DEMAND: return "demand"; + case LDAP_OPT_X_TLS_HARD: return "hard"; + default: return "???"; + } +} +#endif /* LDAP_OPT_X_TLS */ + +/* this function modifies the line argument passed */ +static void handle_nss_initgroups_ignoreusers( + const char *filename, int lnr, + const char *keyword, char *line, struct ldap_config *cfg) +{ + char token[MAX_LINE_LENGTH]; + char *username, *next; + struct passwd *pwent; + check_argumentcount(filename, lnr, keyword, (line != NULL) && (*line != '\0')); + if (cfg->nss_initgroups_ignoreusers == NULL) + cfg->nss_initgroups_ignoreusers = set_new(); + while (get_token(&line, token, sizeof(token)) != NULL) + { + if (strcasecmp(token, "alllocal") == 0) + { + /* go over all users (this will work because nslcd is not yet running) */ + setpwent(); + while ((pwent = getpwent()) != NULL) + set_add(cfg->nss_initgroups_ignoreusers, pwent->pw_name); + endpwent(); + } + else + { + next = token; + while (*next != '\0') + { + username = next; + /* find the end of the current username */ + while ((*next != '\0') && (*next != ',')) + next++; + if (*next == ',') + { + *next = '\0'; + next++; + } + /* check if user exists (but add anyway) */ + pwent = getpwnam(username); + if (pwent == NULL) + log_log(LOG_ERR, "%s:%d: user '%s' does not exist", + filename, lnr, username); + set_add(cfg->nss_initgroups_ignoreusers, username); + } + } + } +} + +static void handle_validnames(const char *filename, int lnr, + const char *keyword, char *line, + struct ldap_config *cfg) +{ + char *value; + int i, l; + int flags = REG_EXTENDED | REG_NOSUB; + /* the rest of the line should be a regular expression */ + value = get_linedup(filename, lnr, keyword, &line); + if (cfg->validnames_str != NULL) + { + free(cfg->validnames_str); + regfree(&cfg->validnames); + } + cfg->validnames_str = strdup(value); + /* check formatting and update flags */ + if (value[0] != '/') + { + log_log(LOG_ERR, "%s:%d: regular expression incorrectly delimited", + filename, lnr); + exit(EXIT_FAILURE); + } + l = strlen(value); + if (value[l - 1] == 'i') + { + value[l - 1] = '\0'; + l--; + flags |= REG_ICASE; + } + if (value[l - 1] != '/') + { + log_log(LOG_ERR, "%s:%d: regular expression incorrectly delimited", + filename, lnr); + exit(EXIT_FAILURE); + } + value[l - 1] = '\0'; + /* compile the regular expression */ + if ((i = regcomp(&cfg->validnames, value + 1, flags)) != 0) + { + /* get the error message */ + l = regerror(i, &cfg->validnames, NULL, 0); + value = malloc(l); + if (value == NULL) + log_log(LOG_ERR, "%s:%d: invalid regular expression", filename, lnr); + else + { + regerror(i, &cfg->validnames, value, l); + log_log(LOG_ERR, "%s:%d: invalid regular expression: %s", + filename, lnr, value); + } + exit(EXIT_FAILURE); + } + free(value); +} + +static void check_search_variables( + const char *filename, int lnr, + const char *expression) +{ + SET *set; + const char **list; + int i; + set = expr_vars(expression, NULL); + list = set_tolist(set); + if (list == NULL) + { + log_log(LOG_CRIT, + "check_search_variables(): malloc() failed to allocate memory"); + exit(EXIT_FAILURE); + } + for (i = 0; list[i] != NULL; i++) + { + if ((strcmp(list[i], "username") != 0) && + (strcmp(list[i], "service") != 0) && + (strcmp(list[i], "ruser") != 0) && + (strcmp(list[i], "rhost") != 0) && + (strcmp(list[i], "tty") != 0) && + (strcmp(list[i], "hostname") != 0) && + (strcmp(list[i], "fqdn") != 0) && + (strcmp(list[i], "dn") != 0) && + (strcmp(list[i], "uid") != 0)) + { + log_log(LOG_ERR, "%s:%d: unknown variable $%s", filename, lnr, list[i]); + exit(EXIT_FAILURE); + } + } + /* free memory */ + set_free(set); + free(list); +} + +static void handle_pam_authc_search( + const char *filename, int lnr, + const char *keyword, char *line, struct ldap_config *cfg) +{ + check_argumentcount(filename, lnr, keyword, (line != NULL) && (*line != '\0')); + cfg->pam_authc_search = xstrdup(line); + /* check the variables used in the expression */ + check_search_variables(filename, lnr, cfg->pam_authc_search); +} + +static void handle_pam_authz_search( + const char *filename, int lnr, + const char *keyword, char *line, struct ldap_config *cfg) +{ + int i; + check_argumentcount(filename, lnr, keyword, (line != NULL) && (*line != '\0')); + /* find free spot for search filter */ + for (i = 0; (i < NSS_LDAP_CONFIG_MAX_AUTHZ_SEARCHES) && (cfg->pam_authz_searches[i] != NULL); + i++) + /* nothing */ ; + if (i >= NSS_LDAP_CONFIG_MAX_AUTHZ_SEARCHES) + { + log_log(LOG_ERR, "%s:%d: maximum number of pam_authz_search options (%d) exceeded", + filename, lnr, NSS_LDAP_CONFIG_MAX_AUTHZ_SEARCHES); + exit(EXIT_FAILURE); + } + cfg->pam_authz_searches[i] = xstrdup(line); + /* check the variables used in the expression */ + check_search_variables(filename, lnr, cfg->pam_authz_searches[i]); +} + +static void handle_pam_password_prohibit_message( + const char *filename, int lnr, + const char *keyword, char *line, struct ldap_config *cfg) +{ + char *value; + int l; + /* the rest of the line should be a message */ + value = get_linedup(filename, lnr, keyword, &line); + /* strip quotes if they are present */ + l = strlen(value); + if ((value[0] == '\"') && (value[l - 1] == '\"')) + { + value[l - 1] = '\0'; + value++; + } + cfg->pam_password_prohibit_message = value; +} + +static void handle_reconnect_invalidate( + const char *filename, int lnr, + const char *keyword, char *line, struct ldap_config *cfg) +{ + char token[MAX_LINE_LENGTH]; + char *name, *next; + enum ldap_map_selector map; + check_argumentcount(filename, lnr, keyword, (line != NULL) && (*line != '\0')); + while (get_token(&line, token, sizeof(token)) != NULL) + { + next = token; + while (*next != '\0') + { + name = next; + /* find the end of the current map name */ + while ((*next != '\0') && (*next != ',')) + next++; + if (*next == ',') + { + *next = '\0'; + next++; + } + /* check if map name exists */ + map = parse_map(name); + if (map == LM_NONE) + { + log_log(LOG_ERR, "%s:%d: unknown map: '%s'", filename, lnr, name); + exit(EXIT_FAILURE); + } + cfg->reconnect_invalidate[map] = 1; + } + } +} + +static void handle_cache(const char *filename, int lnr, + const char *keyword, char *line, + struct ldap_config *cfg) +{ + char cache[16]; + time_t value1, value2; + /* get cache map and values */ + check_argumentcount(filename, lnr, keyword, + get_token(&line, cache, sizeof(cache)) != NULL); + value1 = get_time(filename, lnr, keyword, &line); + if ((line != NULL) && (*line != '\0')) + value2 = get_time(filename, lnr, keyword, &line); + else + value2 = value1; + get_eol(filename, lnr, keyword, &line); + /* check the cache */ + if (strcasecmp(cache, "dn2uid") == 0) + { + cfg->cache_dn2uid_positive = value1; + cfg->cache_dn2uid_negative = value2; + } + else + { + log_log(LOG_ERR, "%s:%d: unknown cache: '%s'", filename, lnr, cache); + exit(EXIT_FAILURE); + } +} + +/* This function tries to get the LDAP search base from the LDAP server. + Note that this returns a string that has been allocated with strdup(). + For this to work the myldap module needs enough configuration information + to make an LDAP connection. */ +static MUST_USE char *get_base_from_rootdse(void) +{ + MYLDAP_SESSION *session; + MYLDAP_SEARCH *search; + MYLDAP_ENTRY *entry; + const char *attrs[] = { "+", NULL }; + int i; + int rc; + const char **values; + char *base = NULL; + /* initialize session */ + session = myldap_create_session(); + assert(session != NULL); + /* perform search */ + search = myldap_search(session, "", LDAP_SCOPE_BASE, "(objectClass=*)", + attrs, NULL); + if (search == NULL) + { + myldap_session_close(session); + return NULL; + } + /* go over results */ + for (i = 0; (entry = myldap_get_entry(search, &rc)) != NULL; i++) + { + /* get defaultNamingContext */ + values = myldap_get_values(entry, "defaultNamingContext"); + if ((values != NULL) && (values[0] != NULL)) + { + base = xstrdup(values[0]); + log_log(LOG_DEBUG, "get_basedn_from_rootdse(): found attribute defaultNamingContext with value %s", + values[0]); + break; + } + /* get namingContexts */ + values = myldap_get_values(entry, "namingContexts"); + if ((values != NULL) && (values[0] != NULL)) + { + base = xstrdup(values[0]); + log_log(LOG_DEBUG, "get_basedn_from_rootdse(): found attribute namingContexts with value %s", + values[0]); + break; + } + } + /* clean up */ + myldap_session_close(session); + return base; +} + +/* set the configuration information to the defaults */ +static void cfg_defaults(struct ldap_config *cfg) +{ + int i; + memset(cfg, 0, sizeof(struct ldap_config)); + cfg->threads = 5; + cfg->uidname = NULL; + cfg->uid = NOUID; + cfg->gid = NOGID; + for (i = 0; i < (NSS_LDAP_CONFIG_MAX_URIS + 1); i++) + { + cfg->uris[i].uri = NULL; + cfg->uris[i].firstfail = 0; + cfg->uris[i].lastfail = 0; + } +#ifdef LDAP_VERSION3 + cfg->ldap_version = LDAP_VERSION3; +#else /* LDAP_VERSION3 */ + cfg->ldap_version = LDAP_VERSION2; +#endif /* not LDAP_VERSION3 */ + cfg->binddn = NULL; + cfg->bindpw = NULL; + cfg->rootpwmoddn = NULL; + cfg->rootpwmodpw = NULL; + cfg->sasl_mech = NULL; + cfg->sasl_realm = NULL; + cfg->sasl_authcid = NULL; + cfg->sasl_authzid = NULL; + cfg->sasl_secprops = NULL; +#ifdef LDAP_OPT_X_SASL_NOCANON + cfg->sasl_canonicalize = -1; +#endif /* LDAP_OPT_X_SASL_NOCANON */ + for (i = 0; i < NSS_LDAP_CONFIG_MAX_BASES; i++) + cfg->bases[i] = NULL; + cfg->scope = LDAP_SCOPE_SUBTREE; + cfg->deref = LDAP_DEREF_NEVER; + cfg->referrals = 1; +#if defined(HAVE_LDAP_SASL_BIND) && defined(LDAP_SASL_SIMPLE) + cfg->pam_authc_ppolicy = 1; +#endif + cfg->bind_timelimit = 10; + cfg->timelimit = LDAP_NO_LIMIT; + cfg->idle_timelimit = 0; + cfg->reconnect_sleeptime = 1; + cfg->reconnect_retrytime = 10; +#ifdef LDAP_OPT_X_TLS + cfg->ssl = SSL_OFF; +#endif /* LDAP_OPT_X_TLS */ + cfg->pagesize = 0; + cfg->nss_initgroups_ignoreusers = NULL; + cfg->nss_min_uid = 0; + cfg->nss_uid_offset = 0; + cfg->nss_gid_offset = 0; + cfg->nss_nested_groups = 0; + cfg->nss_getgrent_skipmembers = 0; + cfg->nss_disable_enumeration = 0; + cfg->validnames_str = NULL; + handle_validnames(__FILE__, __LINE__, "", + "/^[a-z0-9._@$()]([a-z0-9._@$() \\~-]*[a-z0-9._@$()~-])?$/i", + cfg); + cfg->ignorecase = 0; + cfg->pam_authc_search = "BASE"; + for (i = 0; i < NSS_LDAP_CONFIG_MAX_AUTHZ_SEARCHES; i++) + cfg->pam_authz_searches[i] = NULL; + cfg->pam_password_prohibit_message = NULL; + for (i = 0; i < LM_NONE; i++) + cfg->reconnect_invalidate[i] = 0; + cfg->cache_dn2uid_positive = 15 * TIME_MINUTES; + cfg->cache_dn2uid_negative = 15 * TIME_MINUTES; +} + +static void cfg_read(const char *filename, struct ldap_config *cfg) +{ + FILE *fp; + int lnr = 0; + char linebuf[MAX_LINE_LENGTH]; + char *line; + char keyword[32]; + char token[256]; + int i; +#ifdef LDAP_OPT_X_TLS + int rc; + char *value; +#endif + /* open config file */ + if ((fp = fopen(filename, "r")) == NULL) + { + log_log(LOG_ERR, "cannot open config file (%s): %s", + filename, strerror(errno)); + exit(EXIT_FAILURE); + } + /* read file and parse lines */ + while (fgets(linebuf, sizeof(linebuf), fp) != NULL) + { + lnr++; + line = linebuf; + /* strip newline */ + i = (int)strlen(line); + if ((i <= 0) || (line[i - 1] != '\n')) + { + log_log(LOG_ERR, "%s:%d: line too long or last line missing newline", + filename, lnr); + exit(EXIT_FAILURE); + } + line[i - 1] = '\0'; + /* ignore comment lines */ + if (line[0] == '#') + continue; + /* strip trailing spaces */ + for (i--; (i > 0) && isspace(line[i - 1]); i--) + line[i - 1] = '\0'; + /* get keyword from line and ignore empty lines */ + if (get_token(&line, keyword, sizeof(keyword)) == NULL) + continue; + /* runtime options */ + if (strcasecmp(keyword, "threads") == 0) + { + cfg->threads = get_int(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "uid") == 0) + { + handle_uid(filename, lnr, keyword, line, cfg); + } + else if (strcasecmp(keyword, "gid") == 0) + { + handle_gid(filename, lnr, keyword, line, &cfg->gid); + } + else if (strcasecmp(keyword, "log") == 0) + { + handle_log(filename, lnr, keyword, line); + } + /* general connection options */ + else if (strcasecmp(keyword, "uri") == 0) + { + check_argumentcount(filename, lnr, keyword, (line != NULL) && (*line != '\0')); + while (get_token(&line, token, sizeof(token)) != NULL) + { + if (strcasecmp(token, "dns") == 0) + { +#ifdef HAVE_LDAP_DOMAIN2HOSTLIST + add_uris_from_dns(filename, lnr, cfg, + cfg_getdomainname(filename, lnr)); +#else /* not HAVE_LDAP_DOMAIN2HOSTLIST */ + log_log(LOG_ERR, "%s:%d: value %s not supported on platform", + filename, lnr, token); + exit(EXIT_FAILURE); +#endif /* not HAVE_LDAP_DOMAIN2HOSTLIST */ + } + else if (strncasecmp(token, "dns:", 4) == 0) + { +#ifdef HAVE_LDAP_DOMAIN2HOSTLIST + add_uris_from_dns(filename, lnr, cfg, strdup(token + 4)); +#else /* not HAVE_LDAP_DOMAIN2HOSTLIST */ + log_log(LOG_ERR, "%s:%d: value %s not supported on platform", + filename, lnr, token); + exit(EXIT_FAILURE); +#endif /* not HAVE_LDAP_DOMAIN2HOSTLIST */ + } + else + add_uri(filename, lnr, cfg, token); + } + } + else if (strcasecmp(keyword, "ldap_version") == 0) + { + cfg->ldap_version = get_int(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "binddn") == 0) + { + cfg->binddn = get_linedup(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "bindpw") == 0) + { + check_permissions(filename, keyword); + cfg->bindpw = get_linedup(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "rootpwmoddn") == 0) + { + cfg->rootpwmoddn = get_linedup(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "rootpwmodpw") == 0) + { + check_permissions(filename, keyword); + cfg->rootpwmodpw = get_linedup(filename, lnr, keyword, &line); + } + /* SASL authentication options */ + else if (strcasecmp(keyword, "sasl_mech") == 0) + { + cfg->sasl_mech = get_strdup(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "sasl_realm") == 0) + { + cfg->sasl_realm = get_strdup(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "sasl_authcid") == 0) + { + cfg->sasl_authcid = get_strdup(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "sasl_authzid") == 0) + { + cfg->sasl_authzid = get_strdup(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "sasl_secprops") == 0) + { + cfg->sasl_secprops = get_strdup(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } +#ifdef LDAP_OPT_X_SASL_NOCANON + else if ((strcasecmp(keyword, "sasl_canonicalize") == 0) || + (strcasecmp(keyword, "sasl_canonicalise") == 0) || + (strcasecmp(keyword, "ldap_sasl_canonicalize") == 0) || + (strcasecmp(keyword, "sasl_canon") == 0)) + { + cfg->sasl_canonicalize = get_boolean(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "sasl_nocanon") == 0) + { + cfg->sasl_canonicalize = get_boolean(filename, lnr, keyword, &line); + cfg->sasl_canonicalize = !cfg->sasl_canonicalize; + get_eol(filename, lnr, keyword, &line); + } +#endif /* LDAP_OPT_X_SASL_NOCANON */ + /* Kerberos authentication options */ + else if (strcasecmp(keyword, "krb5_ccname") == 0) + { + handle_krb5_ccname(filename, lnr, keyword, line); + } + /* search/mapping options */ + else if (strcasecmp(keyword, "base") == 0) + { + handle_base(filename, lnr, keyword, line, cfg); + } + else if (strcasecmp(keyword, "scope") == 0) + { + handle_scope(filename, lnr, keyword, line, cfg); + } + else if (strcasecmp(keyword, "deref") == 0) + { + handle_deref(filename, lnr, keyword, line, cfg); + } + else if (strcasecmp(keyword, "referrals") == 0) + { + cfg->referrals = get_boolean(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "filter") == 0) + { + handle_filter(filename, lnr, keyword, line); + } + else if (strcasecmp(keyword, "map") == 0) + { + handle_map(filename, lnr, keyword, line); + } + else if (strcasecmp(keyword, "pam_authc_ppolicy") == 0) + { +#if defined(HAVE_LDAP_SASL_BIND) && defined(LDAP_SASL_SIMPLE) + cfg->pam_authc_ppolicy = get_boolean(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); +#else + log_log(LOG_ERR, "%s:%d: value %s not supported on platform", + filename, lnr, value); + exit(EXIT_FAILURE); +#endif + } + /* timing/reconnect options */ + else if (strcasecmp(keyword, "bind_timelimit") == 0) + { + cfg->bind_timelimit = get_int(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "timelimit") == 0) + { + cfg->timelimit = get_int(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "idle_timelimit") == 0) + { + cfg->idle_timelimit = get_int(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (!strcasecmp(keyword, "reconnect_sleeptime")) + { + cfg->reconnect_sleeptime = get_int(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "reconnect_retrytime") == 0) + { + cfg->reconnect_retrytime = get_int(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } +#ifdef LDAP_OPT_X_TLS + /* SSL/TLS options */ + else if (strcasecmp(keyword, "ssl") == 0) + { + check_argumentcount(filename, lnr, keyword, + (get_token(&line, token, sizeof(token)) != NULL)); + if ((strcasecmp(token, "start_tls") == 0) || + (strcasecmp(token, "starttls") == 0)) + cfg->ssl = SSL_START_TLS; + else if (parse_boolean(filename, lnr, token)) + cfg->ssl = SSL_LDAPS; + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "tls_reqcert") == 0) + { + handle_tls_reqcert(filename, lnr, keyword, line); + } + else if (strcasecmp(keyword, "tls_cacertdir") == 0) + { + value = get_strdup(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + check_dir(filename, lnr, token, value); + log_log(LOG_DEBUG, "ldap_set_option(LDAP_OPT_X_TLS_CACERTDIR,\"%s\")", + value); + LDAP_SET_OPTION(NULL, LDAP_OPT_X_TLS_CACERTDIR, value); + free(value); + } + else if ((strcasecmp(keyword, "tls_cacertfile") == 0) || + (strcasecmp(keyword, "tls_cacert") == 0)) + { + value = get_strdup(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + check_readable(filename, lnr, keyword, value); + log_log(LOG_DEBUG, "ldap_set_option(LDAP_OPT_X_TLS_CACERTFILE,\"%s\")", + value); + LDAP_SET_OPTION(NULL, LDAP_OPT_X_TLS_CACERTFILE, value); + free(value); + } + else if (strcasecmp(keyword, "tls_randfile") == 0) + { + value = get_strdup(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + check_readable(filename, lnr, keyword, value); + log_log(LOG_DEBUG, "ldap_set_option(LDAP_OPT_X_TLS_RANDOM_FILE,\"%s\")", + value); + LDAP_SET_OPTION(NULL, LDAP_OPT_X_TLS_RANDOM_FILE, value); + free(value); + } + else if (strcasecmp(keyword, "tls_ciphers") == 0) + { + value = get_linedup(filename, lnr, keyword, &line); + log_log(LOG_DEBUG, "ldap_set_option(LDAP_OPT_X_TLS_CIPHER_SUITE,\"%s\")", + value); + LDAP_SET_OPTION(NULL, LDAP_OPT_X_TLS_CIPHER_SUITE, value); + free(value); + } + else if (strcasecmp(keyword, "tls_cert") == 0) + { + value = get_strdup(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + check_readable(filename, lnr, keyword, value); + log_log(LOG_DEBUG, "ldap_set_option(LDAP_OPT_X_TLS_CERTFILE,\"%s\")", + value); + LDAP_SET_OPTION(NULL, LDAP_OPT_X_TLS_CERTFILE, value); + free(value); + } + else if (strcasecmp(keyword, "tls_key") == 0) + { + value = get_strdup(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + check_readable(filename, lnr, keyword, value); + log_log(LOG_DEBUG, "ldap_set_option(LDAP_OPT_X_TLS_KEYFILE,\"%s\")", + value); + LDAP_SET_OPTION(NULL, LDAP_OPT_X_TLS_KEYFILE, value); + free(value); + } +#endif /* LDAP_OPT_X_TLS */ + /* other options */ + else if (strcasecmp(keyword, "pagesize") == 0) + { + cfg->pagesize = get_int(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "nss_initgroups_ignoreusers") == 0) + { + handle_nss_initgroups_ignoreusers(filename, lnr, keyword, line, + cfg); + } + else if (strcasecmp(keyword, "nss_min_uid") == 0) + { + cfg->nss_min_uid = get_int(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "nss_uid_offset") == 0) + { + cfg->nss_uid_offset = get_int(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "nss_gid_offset") == 0) + { + cfg->nss_gid_offset = get_int(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "nss_nested_groups") == 0) + { + cfg->nss_nested_groups = get_boolean(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "nss_getgrent_skipmembers") == 0) + { + cfg->nss_getgrent_skipmembers = get_boolean(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "nss_disable_enumeration") == 0) + { + cfg->nss_disable_enumeration = get_boolean(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "validnames") == 0) + { + handle_validnames(filename, lnr, keyword, line, cfg); + } + else if (strcasecmp(keyword, "ignorecase") == 0) + { + cfg->ignorecase = get_boolean(filename, lnr, keyword, &line); + get_eol(filename, lnr, keyword, &line); + } + else if (strcasecmp(keyword, "pam_authc_search") == 0) + { + handle_pam_authc_search(filename, lnr, keyword, line, cfg); + } + else if (strcasecmp(keyword, "pam_authz_search") == 0) + { + handle_pam_authz_search(filename, lnr, keyword, line, cfg); + } + else if (strcasecmp(keyword, "pam_password_prohibit_message") == 0) + { + handle_pam_password_prohibit_message(filename, lnr, keyword, line, cfg); + } + else if (strcasecmp(keyword, "reconnect_invalidate") == 0) + { + handle_reconnect_invalidate(filename, lnr, keyword, line, cfg); + } + else if (strcasecmp(keyword, "cache") == 0) + { + handle_cache(filename, lnr, keyword, line, cfg); + } +#ifdef ENABLE_CONFIGFILE_CHECKING + /* fallthrough */ + else + { + log_log(LOG_ERR, "%s:%d: unknown keyword: '%s'", filename, lnr, keyword); + exit(EXIT_FAILURE); + } +#endif + } + /* we're done reading file, close */ + fclose(fp); +} + +#ifdef NSLCD_BINDPW_PATH +static void bindpw_read(const char *filename, struct ldap_config *cfg) +{ + FILE *fp; + char linebuf[MAX_LINE_LENGTH]; + int i; + /* open config file */ + errno = 0; + if ((fp = fopen(filename, "r")) == NULL) + { + if (errno == ENOENT) + { + log_log(LOG_DEBUG, "no bindpw file (%s)", filename); + return; /* ignore */ + } + else + { + log_log(LOG_ERR, "cannot open bindpw file (%s): %s", + filename, strerror(errno)); + exit(EXIT_FAILURE); + } + } + /* check permissions */ + check_permissions(filename, NULL); + /* read the first line */ + if (fgets(linebuf, sizeof(linebuf), fp) == NULL) + { + log_log(LOG_ERR, "%s: error reading first line", filename); + exit(EXIT_FAILURE); + } + /* chop the last char off and save the rest as bindpw */ + i = (int)strlen(linebuf); + if ((i <= 0) || (linebuf[i - 1] != '\n')) + { + log_log(LOG_ERR, "%s:1: line too long or missing newline", filename); + exit(EXIT_FAILURE); + } + linebuf[i - 1] = '\0'; + if (strlen(linebuf) == 0) + { + log_log(LOG_ERR, "%s:1: the password is empty", filename); + exit(EXIT_FAILURE); + } + cfg->bindpw = strdup(linebuf); + /* check if there is no more data in the file */ + if (fgets(linebuf, sizeof(linebuf), fp) != NULL) + { + log_log(LOG_ERR, "%s:2: there is more than one line in the bindpw file", + filename); + exit(EXIT_FAILURE); + } + fclose(fp); +} +#endif /* NSLCD_BINDPW_PATH */ + +/* dump configuration */ +static void cfg_dump(void) +{ + int i; +#ifdef LDAP_OPT_X_TLS + int rc; +#endif /* LDAP_OPT_X_TLS */ + enum ldap_map_selector map; + char *str; + const char **strp; + char buffer[1024]; + int *scopep; + log_log(LOG_DEBUG, "CFG: threads %d", nslcd_cfg->threads); + if (nslcd_cfg->uidname != NULL) + log_log(LOG_DEBUG, "CFG: uid %s", nslcd_cfg->uidname); + else if (nslcd_cfg->uid != NOUID) + log_log(LOG_DEBUG, "CFG: uid %lu", (unsigned long int)nslcd_cfg->uid); + else + log_log(LOG_DEBUG, "CFG: # uid not set"); + if (nslcd_cfg->gid != NOGID) + log_log(LOG_DEBUG, "CFG: gid %lu", (unsigned long int)nslcd_cfg->gid); + else + log_log(LOG_DEBUG, "CFG: # gid not set"); + log_log_config(); + for (i = 0; i < (NSS_LDAP_CONFIG_MAX_URIS + 1); i++) + if (nslcd_cfg->uris[i].uri != NULL) + log_log(LOG_DEBUG, "CFG: uri %s", nslcd_cfg->uris[i].uri); + log_log(LOG_DEBUG, "CFG: ldap_version %d", nslcd_cfg->ldap_version); + if (nslcd_cfg->binddn != NULL) + log_log(LOG_DEBUG, "CFG: binddn %s", nslcd_cfg->binddn); + if (nslcd_cfg->bindpw != NULL) + log_log(LOG_DEBUG, "CFG: bindpw ***"); + if (nslcd_cfg->rootpwmoddn != NULL) + log_log(LOG_DEBUG, "CFG: rootpwmoddn %s", nslcd_cfg->rootpwmoddn); + if (nslcd_cfg->rootpwmodpw != NULL) + log_log(LOG_DEBUG, "CFG: rootpwmodpw ***"); + if (nslcd_cfg->sasl_mech != NULL) + log_log(LOG_DEBUG, "CFG: sasl_mech %s", nslcd_cfg->sasl_mech); + if (nslcd_cfg->sasl_realm != NULL) + log_log(LOG_DEBUG, "CFG: sasl_realm %s", nslcd_cfg->sasl_realm); + if (nslcd_cfg->sasl_authcid != NULL) + log_log(LOG_DEBUG, "CFG: sasl_authcid %s", nslcd_cfg->sasl_authcid); + if (nslcd_cfg->sasl_authzid != NULL) + log_log(LOG_DEBUG, "CFG: sasl_authzid %s", nslcd_cfg->sasl_authzid); + if (nslcd_cfg->sasl_secprops != NULL) + log_log(LOG_DEBUG, "CFG: sasl_secprops %s", nslcd_cfg->sasl_secprops); +#ifdef LDAP_OPT_X_SASL_NOCANON + if (nslcd_cfg->sasl_canonicalize >= 0) + log_log(LOG_DEBUG, "CFG: sasl_canonicalize %s", print_boolean(nslcd_cfg->sasl_canonicalize)); +#endif /* LDAP_OPT_X_SASL_NOCANON */ + str = getenv("KRB5CCNAME"); + if (str != NULL) + log_log(LOG_DEBUG, "CFG: krb5_ccname %s", str); + for (i = 0; i < NSS_LDAP_CONFIG_MAX_BASES; i++) + if (nslcd_cfg->bases[i] != NULL) + log_log(LOG_DEBUG, "CFG: base %s", nslcd_cfg->bases[i]); + for (map = LM_ALIASES; map < LM_NONE; map++) + { + strp = base_get_var(map); + if (strp != NULL) + for (i = 0; i < NSS_LDAP_CONFIG_MAX_BASES; i++) + if (strp[i] != NULL) + log_log(LOG_DEBUG, "CFG: base %s %s", print_map(map), strp[i]); + } + log_log(LOG_DEBUG, "CFG: scope %s", print_scope(nslcd_cfg->scope)); + for (map = LM_ALIASES; map < LM_NONE; map++) + { + scopep = scope_get_var(map); + if ((scopep != NULL) && (*scopep != LDAP_SCOPE_DEFAULT)) + log_log(LOG_DEBUG, "CFG: scope %s %s", print_map(map), print_scope(*scopep)); + } + log_log(LOG_DEBUG, "CFG: deref %s", print_deref(nslcd_cfg->deref)); + log_log(LOG_DEBUG, "CFG: referrals %s", print_boolean(nslcd_cfg->referrals)); + for (map = LM_ALIASES; map < LM_NONE; map++) + { + strp = filter_get_var(map); + if ((strp != NULL) && (*strp != NULL)) + log_log(LOG_DEBUG, "CFG: filter %s %s", print_map(map), *strp); + } +#define LOG_ATTMAP(map, mapl, att) \ + if (strcmp(attmap_##mapl##_##att, __STRING(att)) != 0) \ + log_log(LOG_DEBUG, "CFG: map %s %s %s", \ + print_map(map), __STRING(att), attmap_##mapl##_##att); + LOG_ATTMAP(LM_ALIASES, alias, cn); + LOG_ATTMAP(LM_ALIASES, alias, rfc822MailMember); + LOG_ATTMAP(LM_ETHERS, ether, cn); + LOG_ATTMAP(LM_ETHERS, ether, macAddress); + LOG_ATTMAP(LM_GROUP, group, cn); + LOG_ATTMAP(LM_GROUP, group, userPassword); + LOG_ATTMAP(LM_GROUP, group, gidNumber); + LOG_ATTMAP(LM_GROUP, group, memberUid); + LOG_ATTMAP(LM_GROUP, group, member); + LOG_ATTMAP(LM_HOSTS, host, cn); + LOG_ATTMAP(LM_HOSTS, host, ipHostNumber); + LOG_ATTMAP(LM_NETGROUP, netgroup, cn); + LOG_ATTMAP(LM_NETGROUP, netgroup, nisNetgroupTriple); + LOG_ATTMAP(LM_NETGROUP, netgroup, memberNisNetgroup); + LOG_ATTMAP(LM_NETWORKS, network, cn); + LOG_ATTMAP(LM_NETWORKS, network, ipNetworkNumber); + LOG_ATTMAP(LM_PASSWD, passwd, uid); + LOG_ATTMAP(LM_PASSWD, passwd, userPassword); + LOG_ATTMAP(LM_PASSWD, passwd, uidNumber); + LOG_ATTMAP(LM_PASSWD, passwd, gidNumber); + LOG_ATTMAP(LM_PASSWD, passwd, gecos); + LOG_ATTMAP(LM_PASSWD, passwd, homeDirectory); + LOG_ATTMAP(LM_PASSWD, passwd, loginShell); + LOG_ATTMAP(LM_PROTOCOLS, protocol, cn); + LOG_ATTMAP(LM_PROTOCOLS, protocol, ipProtocolNumber); + LOG_ATTMAP(LM_RPC, rpc, cn); + LOG_ATTMAP(LM_RPC, rpc, oncRpcNumber); + LOG_ATTMAP(LM_SERVICES, service, cn); + LOG_ATTMAP(LM_SERVICES, service, ipServicePort); + LOG_ATTMAP(LM_SERVICES, service, ipServiceProtocol); + LOG_ATTMAP(LM_SHADOW, shadow, uid); + LOG_ATTMAP(LM_SHADOW, shadow, userPassword); + LOG_ATTMAP(LM_SHADOW, shadow, shadowLastChange); + LOG_ATTMAP(LM_SHADOW, shadow, shadowMin); + LOG_ATTMAP(LM_SHADOW, shadow, shadowMax); + LOG_ATTMAP(LM_SHADOW, shadow, shadowWarning); + LOG_ATTMAP(LM_SHADOW, shadow, shadowInactive); + LOG_ATTMAP(LM_SHADOW, shadow, shadowExpire); + LOG_ATTMAP(LM_SHADOW, shadow, shadowFlag); +#if defined(HAVE_LDAP_SASL_BIND) && defined(LDAP_SASL_SIMPLE) + log_log(LOG_DEBUG, "CFG: pam_authc_ppolicy %s", print_boolean(nslcd_cfg->pam_authc_ppolicy)); +#endif + log_log(LOG_DEBUG, "CFG: bind_timelimit %d", nslcd_cfg->bind_timelimit); + log_log(LOG_DEBUG, "CFG: timelimit %d", nslcd_cfg->timelimit); + log_log(LOG_DEBUG, "CFG: idle_timelimit %d", nslcd_cfg->idle_timelimit); + log_log(LOG_DEBUG, "CFG: reconnect_sleeptime %d", nslcd_cfg->reconnect_sleeptime); + log_log(LOG_DEBUG, "CFG: reconnect_retrytime %d", nslcd_cfg->reconnect_retrytime); +#ifdef LDAP_OPT_X_TLS + log_log(LOG_DEBUG, "CFG: ssl %s", print_ssl(nslcd_cfg->ssl)); + rc = ldap_get_option(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &i); + if (rc != LDAP_SUCCESS) + log_log(LOG_DEBUG, "CFG: # tls_reqcert ERROR: %s", ldap_err2string(rc)); + else + log_log(LOG_DEBUG, "CFG: tls_reqcert %s", print_tls_reqcert(i)); + #define LOG_LDAP_OPT_STRING(cfg, option) \ + str = NULL; \ + rc = ldap_get_option(NULL, option, &str); \ + if (rc != LDAP_SUCCESS) \ + log_log(LOG_DEBUG, "CFG: # %s ERROR: %s", cfg, ldap_err2string(rc)); \ + else if ((str != NULL) && (*str != '\0')) \ + log_log(LOG_DEBUG, "CFG: %s %s", cfg, str); \ + if (str != NULL) \ + ldap_memfree(str); + LOG_LDAP_OPT_STRING("tls_cacertdir", LDAP_OPT_X_TLS_CACERTDIR); + LOG_LDAP_OPT_STRING("tls_cacertfile", LDAP_OPT_X_TLS_CACERTFILE); + LOG_LDAP_OPT_STRING("tls_randfile", LDAP_OPT_X_TLS_RANDOM_FILE); + LOG_LDAP_OPT_STRING("tls_ciphers", LDAP_OPT_X_TLS_CIPHER_SUITE); + LOG_LDAP_OPT_STRING("tls_cert", LDAP_OPT_X_TLS_CERTFILE); + LOG_LDAP_OPT_STRING("tls_key", LDAP_OPT_X_TLS_KEYFILE); +#endif /* LDAP_OPT_X_TLS */ + log_log(LOG_DEBUG, "CFG: pagesize %d", nslcd_cfg->pagesize); + if (nslcd_cfg->nss_initgroups_ignoreusers != NULL) + { + /* allocate memory for a comma-separated list */ + strp = set_tolist(nslcd_cfg->nss_initgroups_ignoreusers); + if (strp == NULL) + { + log_log(LOG_CRIT, "malloc() failed to allocate memory"); + exit(EXIT_FAILURE); + } + /* turn the set into a comma-separated list */ + buffer[0] = '\0'; + for (i = 0; strp[i] != NULL; i++) + { + if (i > 0) + strncat(buffer, ",", sizeof(buffer) - 1 - strlen(buffer)); + strncat(buffer, strp[i], sizeof(buffer) - 1 - strlen(buffer)); + } + free(strp); + if (strlen(buffer) >= (sizeof(buffer) - 4)) + strcpy(buffer + sizeof(buffer) - 4, "..."); + log_log(LOG_DEBUG, "CFG: nss_initgroups_ignoreusers %s", buffer); + } + log_log(LOG_DEBUG, "CFG: nss_min_uid %lu", (unsigned long int)nslcd_cfg->nss_min_uid); + log_log(LOG_DEBUG, "CFG: nss_uid_offset %lu", (unsigned long int)nslcd_cfg->nss_uid_offset); + log_log(LOG_DEBUG, "CFG: nss_gid_offset %lu", (unsigned long int)nslcd_cfg->nss_gid_offset); + log_log(LOG_DEBUG, "CFG: nss_nested_groups %s", print_boolean(nslcd_cfg->nss_nested_groups)); + log_log(LOG_DEBUG, "CFG: nss_getgrent_skipmembers %s", print_boolean(nslcd_cfg->nss_getgrent_skipmembers)); + log_log(LOG_DEBUG, "CFG: nss_disable_enumeration %s", print_boolean(nslcd_cfg->nss_disable_enumeration)); + log_log(LOG_DEBUG, "CFG: validnames %s", nslcd_cfg->validnames_str); + log_log(LOG_DEBUG, "CFG: ignorecase %s", print_boolean(nslcd_cfg->ignorecase)); + log_log(LOG_DEBUG, "CFG: pam_authc_search %s", nslcd_cfg->pam_authc_search); + for (i = 0; i < NSS_LDAP_CONFIG_MAX_AUTHZ_SEARCHES; i++) + if (nslcd_cfg->pam_authz_searches[i] != NULL) + log_log(LOG_DEBUG, "CFG: pam_authz_search %s", nslcd_cfg->pam_authz_searches[i]); + if (nslcd_cfg->pam_password_prohibit_message != NULL) + log_log(LOG_DEBUG, "CFG: pam_password_prohibit_message \"%s\"", nslcd_cfg->pam_password_prohibit_message); + /* build a comma-separated list */ + buffer[0] = '\0'; + for (i = 0; i < LM_NONE ; i++) + if (nslcd_cfg->reconnect_invalidate[i]) + { + if (buffer[0] != '\0') + strncat(buffer, ",", sizeof(buffer) - 1 - strlen(buffer)); + strncat(buffer, print_map(i), sizeof(buffer) - 1 - strlen(buffer)); + } + if (buffer[0] != '\0') + log_log(LOG_DEBUG, "CFG: reconnect_invalidate %s", buffer); + print_time(nslcd_cfg->cache_dn2uid_positive, buffer, sizeof(buffer) / 2); + print_time(nslcd_cfg->cache_dn2uid_positive, buffer + (sizeof(buffer) / 2), sizeof(buffer) / 2); + log_log(LOG_DEBUG, "CFG: cache dn2uid %s %s", buffer, buffer + (sizeof(buffer) / 2)); +} + +void cfg_init(const char *fname) +{ +#ifdef LDAP_OPT_X_TLS + int i; +#endif /* LDAP_OPT_X_TLS */ + /* check if we were called before */ + if (nslcd_cfg != NULL) + { + log_log(LOG_CRIT, "cfg_init() may only be called once"); + exit(EXIT_FAILURE); + } + /* allocate the memory (this memory is not freed anywhere) */ + nslcd_cfg = (struct ldap_config *)malloc(sizeof(struct ldap_config)); + if (nslcd_cfg == NULL) + { + log_log(LOG_CRIT, "malloc() failed to allocate memory"); + exit(EXIT_FAILURE); + } + /* clear configuration */ + cfg_defaults(nslcd_cfg); + /* read configfile */ + cfg_read(fname, nslcd_cfg); +#ifdef NSLCD_BINDPW_PATH + bindpw_read(NSLCD_BINDPW_PATH, nslcd_cfg); +#endif /* NSLCD_BINDPW_PATH */ + /* do some sanity checks */ + if (nslcd_cfg->uris[0].uri == NULL) + { + log_log(LOG_ERR, "no URIs defined in config"); + exit(EXIT_FAILURE); + } + /* if ssl is on each URI should start with ldaps */ +#ifdef LDAP_OPT_X_TLS + if (nslcd_cfg->ssl == SSL_LDAPS) + { + for (i = 0; nslcd_cfg->uris[i].uri != NULL; i++) + { + if (strncasecmp(nslcd_cfg->uris[i].uri, "ldaps://", 8) != 0) + log_log(LOG_WARNING, "%s doesn't start with ldaps:// and \"ssl on\" is specified", + nslcd_cfg->uris[i].uri); + } + } + /* TODO: check that if some tls options are set the ssl option should be set to on (just warn) */ +#endif /* LDAP_OPT_X_TLS */ + /* if basedn is not yet set, get if from the rootDSE */ + if (nslcd_cfg->bases[0] == NULL) + nslcd_cfg->bases[0] = get_base_from_rootdse(); + /* TODO: handle the case gracefully when no LDAP server is available yet */ + /* see if we have a valid basedn */ + if ((nslcd_cfg->bases[0] == NULL) || (nslcd_cfg->bases[0][0] == '\0')) + { + log_log(LOG_ERR, "no base defined in config and couldn't get one from server"); + exit(EXIT_FAILURE); + } + /* dump configuration */ + cfg_dump(); + /* initialise all database modules */ + alias_init(); + ether_init(); + group_init(); + host_init(); + netgroup_init(); + network_init(); + passwd_init(); + protocol_init(); + rpc_init(); + service_init(); + shadow_init(); +} diff --git a/nslcd/cfg.h b/nslcd/cfg.h new file mode 100644 index 0000000..8f991c7 --- /dev/null +++ b/nslcd/cfg.h @@ -0,0 +1,152 @@ +/* + cfg.h - definition of configuration information + This file contains parts that were part of the nss_ldap + library which has been forked into the nss-pam-ldapd library. + + Copyright (C) 1997-2005 Luke Howard + Copyright (C) 2007 West Consulting + Copyright (C) 2007-2017 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef NSLCD__CFG_H +#define NSLCD__CFG_H + +#include +#include +#include +#include +#include +#include + +#include "compat/attrs.h" +#include "common/set.h" + +/* values for uid and gid */ +#define NOUID ((gid_t)-1) +#define NOGID ((gid_t)-1) + +/* maximum number of URIs */ +#define NSS_LDAP_CONFIG_MAX_URIS 31 + +/* maximum number of search bases */ +#define NSS_LDAP_CONFIG_MAX_BASES 31 + +/* maximum number of pam_authz_search options */ +#define NSS_LDAP_CONFIG_MAX_AUTHZ_SEARCHES 8 + +enum ldap_ssl_options { + SSL_OFF, + SSL_LDAPS, + SSL_START_TLS +}; + +/* selectors for different maps */ +enum ldap_map_selector { + LM_ALIASES, + LM_ETHERS, + LM_GROUP, + LM_HOSTS, + LM_NETGROUP, + LM_NETWORKS, + LM_PASSWD, + LM_PROTOCOLS, + LM_RPC, + LM_SERVICES, + LM_SHADOW, + LM_NFSIDMAP, /* only used for cache invalidation */ + LM_NONE +}; + +struct myldap_uri { + char *uri; + /* time of first failed operation */ + time_t firstfail; + /* time of last failed operation */ + time_t lastfail; +}; + +struct ldap_config { + int threads; /* the number of threads to start */ + char *uidname; /* the user name specified in the uid option */ + uid_t uid; /* the user id nslcd should be run as */ + gid_t gid; /* the group id nslcd should be run as */ + + struct myldap_uri uris[NSS_LDAP_CONFIG_MAX_URIS + 1]; /* NULL terminated list of URIs */ + int ldap_version; /* LDAP protocol version */ + char *binddn; /* bind DN */ + char *bindpw; /* bind cred */ + char *rootpwmoddn; /* bind DN for password modification by root */ + char *rootpwmodpw; /* bind password for password modification by root */ + + char *sasl_mech; /* SASL mechanism */ + char *sasl_realm; /* SASL realm */ + char *sasl_authcid; /* SASL authentication identity */ + char *sasl_authzid; /* SASL authorization identity */ + char *sasl_secprops; /* SASL security properties */ +#ifdef LDAP_OPT_X_SASL_NOCANON + int sasl_canonicalize; /* whether host name should be canonicalised */ +#endif /* LDAP_OPT_X_SASL_NOCANON */ + + const char *bases[NSS_LDAP_CONFIG_MAX_BASES]; /* search bases */ + int scope; /* scope for searches */ + int deref; /* dereference aliases/links */ + int referrals; /* chase referrals */ + +#if defined(HAVE_LDAP_SASL_BIND) && defined(LDAP_SASL_SIMPLE) + int pam_authc_ppolicy; /* whether to send password policy controls on bind */ +#endif + int bind_timelimit; /* bind timelimit */ + int timelimit; /* search timelimit */ + int idle_timelimit; /* idle timeout */ + int reconnect_sleeptime; /* seconds to sleep; doubled until max */ + int reconnect_retrytime; /* maximum seconds to sleep */ + +#ifdef LDAP_OPT_X_TLS + /* SSL enabled */ + enum ldap_ssl_options ssl; +#endif /* LDAP_OPT_X_TLS */ + + int pagesize; /* set to a greater than 0 to enable handling of paged results with the specified size */ + SET *nss_initgroups_ignoreusers; /* the users for which no initgroups() searches should be done */ + uid_t nss_min_uid; /* minimum uid for users retrieved from LDAP */ + uid_t nss_uid_offset; /* offset for uids retrieved from LDAP to avoid local uid clashes */ + gid_t nss_gid_offset; /* offset for gids retrieved from LDAP to avoid local gid clashes */ + int nss_nested_groups; /* whether to expand nested groups */ + int nss_getgrent_skipmembers; /* whether to skip member lookups */ + int nss_disable_enumeration; /* enumeration turned on or off */ + regex_t validnames; /* the regular expression to determine valid names */ + char *validnames_str; /* string version of validnames regexp */ + int ignorecase; /* whether or not case should be ignored in lookups */ + char *pam_authc_search; /* the search that should be performed post-authentication */ + char *pam_authz_searches[NSS_LDAP_CONFIG_MAX_AUTHZ_SEARCHES]; /* the searches that should be performed to do autorisation checks */ + char *pam_password_prohibit_message; /* whether password changing should be denied and user prompted with this message */ + char reconnect_invalidate[LM_NONE]; /* set to 1 if the corresponding map should be invalidated */ + + time_t cache_dn2uid_positive; + time_t cache_dn2uid_negative; +}; + +/* this is a pointer to the global configuration, it should be available + and populated after cfg_init() is called */ +extern struct ldap_config *nslcd_cfg; + +/* Initialize the configuration in nslcd_cfg. This method will read the + default configuration file and call exit() if an error occurs. */ +void cfg_init(const char *fname); + +#endif /* NSLCD__CFG_H */ diff --git a/nslcd/common.c b/nslcd/common.c new file mode 100644 index 0000000..60be777 --- /dev/null +++ b/nslcd/common.c @@ -0,0 +1,356 @@ +/* + common.c - common server code routines + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2006 West Consulting + Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "nslcd.h" +#include "common.h" +#include "log.h" +#include "attmap.h" +#include "cfg.h" + +/* simple wrapper around snptintf() to return non-zero in case + of any failure (but always keep string 0-terminated) */ +int mysnprintf(char *buffer, size_t buflen, const char *format, ...) +{ + int res; + va_list ap; + /* do snprintf */ + va_start(ap, format); + res = vsnprintf(buffer, buflen, format, ap); + va_end(ap); + /* NULL-terminate the string just to be on the safe side */ + buffer[buflen - 1] = '\0'; + /* check if the string was completely written */ + return ((res < 0) || (((size_t)res) >= buflen)); +} + +/* get a name of a signal with a given signal number */ +const char *signame(int signum) +{ + switch (signum) + { + case SIGHUP: return "SIGHUP"; /* Hangup detected */ + case SIGINT: return "SIGINT"; /* Interrupt from keyboard */ + case SIGQUIT: return "SIGQUIT"; /* Quit from keyboard */ + case SIGILL: return "SIGILL"; /* Illegal Instruction */ + case SIGABRT: return "SIGABRT"; /* Abort signal from abort(3) */ + case SIGFPE: return "SIGFPE"; /* Floating point exception */ + case SIGKILL: return "SIGKILL"; /* Kill signal */ + case SIGSEGV: return "SIGSEGV"; /* Invalid memory reference */ + case SIGPIPE: return "SIGPIPE"; /* Broken pipe */ + case SIGALRM: return "SIGALRM"; /* Timer signal from alarm(2) */ + case SIGTERM: return "SIGTERM"; /* Termination signal */ + case SIGUSR1: return "SIGUSR1"; /* User-defined signal 1 */ + case SIGUSR2: return "SIGUSR2"; /* User-defined signal 2 */ + case SIGCHLD: return "SIGCHLD"; /* Child stopped or terminated */ + case SIGCONT: return "SIGCONT"; /* Continue if stopped */ + case SIGSTOP: return "SIGSTOP"; /* Stop process */ + case SIGTSTP: return "SIGTSTP"; /* Stop typed at tty */ + case SIGTTIN: return "SIGTTIN"; /* tty input for background process */ + case SIGTTOU: return "SIGTTOU"; /* tty output for background process */ +#ifdef SIGBUS + case SIGBUS: return "SIGBUS"; /* Bus error */ +#endif +#ifdef SIGPOLL + case SIGPOLL: return "SIGPOLL"; /* Pollable event */ +#endif +#ifdef SIGPROF + case SIGPROF: return "SIGPROF"; /* Profiling timer expired */ +#endif +#ifdef SIGSYS + case SIGSYS: return "SIGSYS"; /* Bad argument to routine */ +#endif +#ifdef SIGTRAP + case SIGTRAP: return "SIGTRAP"; /* Trace/breakpoint trap */ +#endif +#ifdef SIGURG + case SIGURG: return "SIGURG"; /* Urgent condition on socket */ +#endif +#ifdef SIGVTALRM + case SIGVTALRM: return "SIGVTALRM"; /* Virtual alarm clock */ +#endif +#ifdef SIGXCPU + case SIGXCPU: return "SIGXCPU"; /* CPU time limit exceeded */ +#endif +#ifdef SIGXFSZ + case SIGXFSZ: return "SIGXFSZ"; /* File size limit exceeded */ +#endif + default: return "UNKNOWN"; + } +} + +/* return the fully qualified domain name of the current host */ +const char *getfqdn(void) +{ + static char *fqdn = NULL; + char hostname[BUFLEN_HOSTNAME]; + int hostnamelen; + int i; + struct hostent *host = NULL; + /* if we already have a fqdn return that */ + if (fqdn != NULL) + return fqdn; + /* get system hostname */ + if (gethostname(hostname, sizeof(hostname)) < 0) + { + log_log(LOG_ERR, "gethostname() failed: %s", strerror(errno)); + return NULL; + } + hostnamelen = strlen(hostname); + /* lookup hostent */ + host = gethostbyname(hostname); + if (host == NULL) + { + log_log(LOG_ERR, "gethostbyname(%s): %s", hostname, hstrerror(h_errno)); + /* fall back to hostname */ + fqdn = strdup(hostname); + return fqdn; + } + /* check h_name for fqdn starting with our hostname */ + if ((strncasecmp(hostname, host->h_name, hostnamelen) == 0) && + (host->h_name[hostnamelen] == '.') && + (host->h_name[hostnamelen + 1] != '\0')) + { + fqdn = strdup(host->h_name); + return fqdn; + } + /* also check h_aliases */ + for (i = 0; host->h_aliases[i] != NULL; i++) + { + if ((strncasecmp(hostname, host->h_aliases[i], hostnamelen) == 0) && + (host->h_aliases[i][hostnamelen] == '.') && + (host->h_aliases[i][hostnamelen + 1] != '\0')) + { + fqdn = strdup(host->h_aliases[i]); + return fqdn; + } + } + /* fall back to h_name if it has a dot in it */ + if (strchr(host->h_name, '.') != NULL) + { + fqdn = strdup(host->h_name); + return fqdn; + } + /* also check h_aliases */ + for (i = 0; host->h_aliases[i] != NULL; i++) + { + if (strchr(host->h_aliases[i], '.') != NULL) + { + fqdn = strdup(host->h_aliases[i]); + return fqdn; + } + } + /* nothing found, fall back to hostname */ + fqdn = strdup(hostname); + return fqdn; +} + +const char *get_userpassword(MYLDAP_ENTRY *entry, const char *attr, + char *buffer, size_t buflen) +{ + const char *tmpvalue; + /* get the value */ + tmpvalue = attmap_get_value(entry, attr, buffer, buflen); + if (tmpvalue == NULL) + return NULL; + /* go over the entries and return the remainder of the value if it + starts with {crypt} or crypt$ */ + if (strncasecmp(tmpvalue, "{crypt}", 7) == 0) + return tmpvalue + 7; + if (strncasecmp(tmpvalue, "crypt$", 6) == 0) + return tmpvalue + 6; + /* just return the first value completely */ + return tmpvalue; + /* TODO: support more password formats e.g. SMD5 + (which is $1$ but in a different format) + (any code for this is more than welcome) */ +} + +/* Checks if the specified name seems to be a valid user or group name. */ +int isvalidname(const char *name) +{ + return regexec(&nslcd_cfg->validnames, name, 0, NULL, 0) == 0; +} + +/* this writes a single address to the stream */ +int write_address(TFILE *fp, MYLDAP_ENTRY *entry, const char *attr, + const char *addr) +{ + int32_t tmpint32; + struct in_addr ipv4addr; + struct in6_addr ipv6addr; + /* try to parse the address as IPv4 first, fall back to IPv6 */ + if (inet_pton(AF_INET, addr, &ipv4addr) > 0) + { + /* write address type */ + WRITE_INT32(fp, AF_INET); + /* write the address length */ + WRITE_INT32(fp, sizeof(struct in_addr)); + /* write the address itself (in network byte order) */ + WRITE(fp, &ipv4addr, sizeof(struct in_addr)); + } + else if (inet_pton(AF_INET6, addr, &ipv6addr) > 0) + { + /* write address type */ + WRITE_INT32(fp, AF_INET6); + /* write the address length */ + WRITE_INT32(fp, sizeof(struct in6_addr)); + /* write the address itself (in network byte order) */ + WRITE(fp, &ipv6addr, sizeof(struct in6_addr)); + } + else + { + /* failure, log but write simple invalid address + (otherwise the address list is messed up) */ + /* TODO: have error message in correct format */ + log_log(LOG_WARNING, "%s: %s: \"%s\" unparsable", + myldap_get_dn(entry), attr, addr); + /* write an illegal address type */ + WRITE_INT32(fp, -1); + /* write an emtpy address */ + WRITE_INT32(fp, 0); + } + /* we're done */ + return 0; +} + +int read_address(TFILE *fp, char *addr, int *addrlen, int *af) +{ + int32_t tmpint32; + int len; + /* read address family */ + READ_INT32(fp, *af); + if ((*af != AF_INET) && (*af != AF_INET6)) + { + log_log(LOG_WARNING, "incorrect address family specified: %d", *af); + return -1; + } + /* read address length */ + READ_INT32(fp, len); + if ((len > *addrlen) || (len <= 0)) + { + log_log(LOG_WARNING, "address length incorrect: %d", len); + return -1; + } + *addrlen = len; + /* read address */ + READ(fp, addr, len); + /* we're done */ + return 0; +} + +/* convert the provided string representation of a sid + (e.g. S-1-5-21-1936905831-823966427-12391542-23578) + to a format that can be used to search the objectSid property with */ +char *sid2search(const char *sid) +{ + const char *tmpsid = sid; + char *res, *tmp; + int i = 0; + unsigned long int l; + /* check the beginning of the string */ + if (strncasecmp(sid, "S-", 2) != 0) + { + log_log(LOG_ERR, "error in SID %s", sid); + exit(EXIT_FAILURE); + } + /* count the number of dashes in the sid */ + while (tmpsid != NULL) + { + i++; + tmpsid = strchr(tmpsid + 1, '-'); + } + i -= 2; /* number of security ids plus one because we add the uid later */ + /* allocate memory */ + res = malloc(3 + 3 + 6 * 3 + i * 4 * 3 + 1); + if (res == NULL) + { + log_log(LOG_CRIT, "malloc() failed to allocate memory"); + exit(1); + } + /* build the first part */ + l = strtoul(sid + 2, &tmp, 10); + sprintf(res, "\\%02x\\%02x", (unsigned int)l & 0xff, (unsigned int)i); + /* build authority part (we only handle 32 of the 48 bits) */ + l = strtoul(tmp + 1, &tmp, 10); + sprintf(res + strlen(res), "\\00\\00\\%02x\\%02x\\%02x\\%02x", + (unsigned int)((l >> 24) & 0xff), + (unsigned int)((l >> 16) & 0xff), + (unsigned int)((l >> 8) & 0xff), + (unsigned int)(l & 0xff)); + /* go over the rest of the bits */ + while (*tmp != '\0') + { + l = strtoul(tmp + 1, &tmp, 10); + sprintf(res + strlen(res), "\\%02x\\%02x\\%02x\\%02x", + (unsigned int)(l & 0xff), + (unsigned int)((l >> 8) & 0xff), + (unsigned int)((l >> 16) & 0xff), + (unsigned int)((l >> 24) & 0xff)); + } + return res; +} + +/* return the last security identifier of the binary sid */ +unsigned long int binsid2id(const char *binsid) +{ + int i; + /* find the position of the last security id */ + i = 2 + 6 + ((((unsigned int)binsid[1]) & 0xff) - 1) * 4; + return (((unsigned long int)binsid[i]) & 0xff) | + ((((unsigned long int)binsid[i + 1]) & 0xff) << 8) | + ((((unsigned long int)binsid[i + 2]) & 0xff) << 16) | + ((((unsigned long int)binsid[i + 3]) & 0xff) << 24); +} + +#ifdef WANT_STRTOUI +/* provide a strtoui() implementation, similar to strtoul() but returning + an range-checked unsigned int instead */ +unsigned int strtoui(const char *nptr, char **endptr, int base) +{ + unsigned long val; + val = strtoul(nptr, endptr, base); + if (val > UINT_MAX) + { + errno = ERANGE; + return UINT_MAX; + } + /* If errno was set by strtoul, we'll pass it back as-is */ + return (unsigned int)val; +} +#endif /* WANT_STRTOUI */ diff --git a/nslcd/common.h b/nslcd/common.h new file mode 100644 index 0000000..26fcf48 --- /dev/null +++ b/nslcd/common.h @@ -0,0 +1,306 @@ +/* + common.h - common server code routines + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2018 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef NSLCD__COMMON_H +#define NSLCD__COMMON_H 1 + +#include +#include +#ifdef HAVE_STDINT_H +#include +#endif /* HAVE_STDINT_H */ +#include + +#include "nslcd.h" +#include "common/nslcd-prot.h" +#include "common/tio.h" +#include "compat/attrs.h" +#include "myldap.h" +#include "cfg.h" + +/* macros for basic read and write operations, the following + ERROR_OUT* marcos define the action taken on errors + the stream is not closed because the caller closes the + stream */ + +#define ERROR_OUT_WRITEERROR(fp) \ + if (errno == EPIPE) \ + log_log(LOG_DEBUG, "error writing to client: %s", strerror(errno)); \ + else \ + log_log(LOG_WARNING, "error writing to client: %s", strerror(errno)); \ + return -1; + +#define ERROR_OUT_READERROR(fp) \ + log_log(LOG_WARNING, "error reading from client: %s", strerror(errno)); \ + return -1; + +#define ERROR_OUT_BUFERROR(fp) \ + log_log(LOG_ERR, "client supplied argument %d bytes too large", \ + tmpint32); \ + return -1; + +/* a simple wrapper around snprintf, + returns 0 if ok, -1 on error */ +int mysnprintf(char *buffer, size_t buflen, const char *format, ...) + LIKE_PRINTF(3, 4); + +/* get a name of a signal with a given signal number */ +const char *signame(int signum); + +/* return the fully qualified domain name of the current host + the returned value does not need to be freed but is re-used for every + call */ +MUST_USE const char *getfqdn(void); + +/* This tries to get the user password attribute from the entry. + It will try to return an encrypted password as it is used in /etc/passwd, + /etc/group or /etc/shadow depending upon what is in the directory. + This function will return NULL if no passwd is found and will return the + literal value in the directory if conversion is not possible. */ +const char *get_userpassword(MYLDAP_ENTRY *entry, const char *attr, + char *buffer, size_t buflen); + +/* write out an address, parsing the addr value */ +int write_address(TFILE *fp, MYLDAP_ENTRY *entry, const char *attr, + const char *addr); + +/* a helper macro to write out addresses and bail out on errors */ +#define WRITE_ADDRESS(fp, entry, attr, addr) \ + if (write_address(fp, entry, attr, addr)) \ + return -1; + +/* read an address from the stream */ +int read_address(TFILE *fp, char *addr, int *addrlen, int *af); + +/* helper macro to read an address from the stream */ +#define READ_ADDRESS(fp, addr, len, af) \ + len = (int)sizeof(addr); \ + if (read_address(fp, addr, &(len), &(af))) \ + return -1; + +/* convert the provided string representation of a sid + (e.g. S-1-5-21-1936905831-823966427-12391542-23578) + to a format that can be used to search the objectSid property with */ +MUST_USE char *sid2search(const char *sid); + +/* return the last security identifier of the binary sid */ +MUST_USE unsigned long int binsid2id(const char *binsid); + +/* checks to see if the specified string is a valid user or group name */ +MUST_USE int isvalidname(const char *name); + +/* Perform an LDAP lookup to translate the DN into a uid. + This function either returns NULL or a strdup()ed string. */ +MUST_USE char *lookup_dn2uid(MYLDAP_SESSION *session, const char *dn, + int *rcp, char *buf, size_t buflen); + +/* transforms the DN info a uid doing an LDAP lookup if needed */ +MUST_USE char *dn2uid(MYLDAP_SESSION *session, const char *dn, char *buf, + size_t buflen); + +/* use the user id to lookup an LDAP entry */ +MYLDAP_ENTRY *uid2entry(MYLDAP_SESSION *session, const char *uid, int *rcp); + +/* transforms the uid into a DN by doing an LDAP lookup */ +MUST_USE char *uid2dn(MYLDAP_SESSION *session, const char *uid, char *buf, + size_t buflen); + +/* use the user id to lookup an LDAP entry with the shadow attributes + requested */ +MYLDAP_ENTRY *shadow_uid2entry(MYLDAP_SESSION *session, const char *username, + int *rcp); + +/* return shadow information */ +void get_shadow_properties(MYLDAP_ENTRY *entry, long *lastchangedate, + long *mindays, long *maxdays, long *warndays, + long *inactdays, long *expiredate, + unsigned long *flag); + + +/* check whether the nsswitch file should be reloaded */ +void nsswitch_check_reload(void); + +/* check whether the nsswitch.conf file has LDAP as a naming source for db */ +int nsswitch_shadow_uses_ldap(void); + +/* start a child process that holds onto the original privileges with the + purpose of running external cache invalidation commands */ +int invalidator_start(void); + +/* signal invalidator to invalidate the selected external cache */ +void invalidator_do(enum ldap_map_selector map); + +/* common buffer lengths */ +#define BUFLEN_NAME 256 /* user, group names and such */ +#define BUFLEN_SAFENAME 300 /* escaped name */ +#define BUFLEN_PASSWORD 128 /* passwords */ +#define BUFLEN_PASSWORDHASH 256 /* passwords hashes */ +#define BUFLEN_DN 512 /* distinguished names */ +#define BUFLEN_SAFEDN 600 /* escapedd dn */ +#define BUFLEN_FILTER 4096 /* search filters */ +#define BUFLEN_HOSTNAME 256 /* host names or FQDN (and safe version) */ +#define BUFLEN_MESSAGE 1024 /* message strings */ + +/* provide strtouid() function alias */ +#if SIZEOF_UID_T == SIZEOF_UNSIGNED_LONG_INT +#define strtouid (uid_t)strtoul +#elif SIZEOF_UID_T == SIZEOF_UNSIGNED_LONG_LONG_INT +#define strtouid (uid_t)strtoull +#elif SIZEOF_UID_T == SIZEOF_UNSIGNED_INT +#define WANT_STRTOUI 1 +#define strtouid (uid_t)strtoui +#else +#error unable to find implementation for strtouid() +#endif + +/* provide strtogid() function alias */ +#if SIZEOF_GID_T == SIZEOF_UNSIGNED_LONG_INT +#define strtogid (gid_t)strtoul +#elif SIZEOF_GID_T == SIZEOF_UNSIGNED_LONG_LONG_INT +#define strtogid (gid_t)strtoull +#elif SIZEOF_GID_T == SIZEOF_UNSIGNED_INT +#ifndef WANT_STRTOUI +#define WANT_STRTOUI 1 +#endif +#define strtogid (gid_t)strtoui +#else +#error unable to find implementation for strtogid() +#endif + +#ifdef WANT_STRTOUI +/* provide a strtoui() if it is needed */ +unsigned int strtoui(const char *nptr, char **endptr, int base); +#endif /* WANT_STRTOUI */ + +/* these are the functions for initialising the database specific + modules */ +void alias_init(void); +void ether_init(void); +void group_init(void); +void host_init(void); +void netgroup_init(void); +void network_init(void); +void passwd_init(void); +void protocol_init(void); +void rpc_init(void); +void service_init(void); +void shadow_init(void); + +/* these are the different functions that handle the database + specific actions, see nslcd.h for the action descriptions */ +int nslcd_config_get(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_alias_byname(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_alias_all(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_ether_byname(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_ether_byether(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_ether_all(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_group_byname(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_group_bygid(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_group_bymember(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_group_all(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_host_byname(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_host_byaddr(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_host_all(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_netgroup_byname(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_netgroup_all(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_network_byname(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_network_byaddr(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_network_all(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_passwd_byname(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid); +int nslcd_passwd_byuid(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid); +int nslcd_passwd_all(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid); +int nslcd_protocol_byname(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_protocol_bynumber(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_protocol_all(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_rpc_byname(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_rpc_bynumber(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_rpc_all(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_service_byname(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_service_bynumber(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_service_all(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_shadow_byname(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid); +int nslcd_shadow_all(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid); +int nslcd_pam_authc(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid); +int nslcd_pam_authz(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_pam_sess_o(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_pam_sess_c(TFILE *fp, MYLDAP_SESSION *session); +int nslcd_pam_pwmod(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid); +int nslcd_usermod(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid); + +/* macros for generating service handling code */ +#define NSLCD_HANDLE(db, fn, action, readfn, mkfilter, writefn) \ + int nslcd_##db##_##fn(TFILE *fp, MYLDAP_SESSION *session) \ + NSLCD_HANDLE_BODY(db, fn, action, readfn, mkfilter, writefn) +#define NSLCD_HANDLE_UID(db, fn, action, readfn, mkfilter, writefn) \ + int nslcd_##db##_##fn(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid) \ + NSLCD_HANDLE_BODY(db, fn, action, readfn, mkfilter, writefn) +#define NSLCD_HANDLE_BODY(db, fn, action, readfn, mkfilter, writefn) \ + { \ + /* define common variables */ \ + int32_t tmpint32; \ + MYLDAP_SEARCH *search; \ + MYLDAP_ENTRY *entry; \ + const char *base; \ + int rc, i; \ + /* read request parameters */ \ + readfn; \ + /* write the response header */ \ + WRITE_INT32(fp, NSLCD_VERSION); \ + WRITE_INT32(fp, action); \ + /* prepare the search filter */ \ + if (mkfilter) \ + { \ + log_log(LOG_ERR, "nslcd_" __STRING(db) "_" __STRING(fn) \ + "(): filter buffer too small"); \ + return -1; \ + } \ + /* perform a search for each search base */ \ + for (i = 0; (base = db##_bases[i]) != NULL; i++) \ + { \ + /* do the LDAP search */ \ + search = myldap_search(session, base, db##_scope, filter, \ + db##_attrs, NULL); \ + if (search == NULL) \ + return -1; \ + /* go over results */ \ + while ((entry = myldap_get_entry(search, &rc)) != NULL) \ + { \ + if (writefn) \ + return -1; \ + } \ + } \ + /* write the final result code */ \ + if (rc == LDAP_SUCCESS) \ + { \ + WRITE_INT32(fp, NSLCD_RESULT_END); \ + } \ + return 0; \ + } + +/* macro to compare strings which uses the ignorecase config option to + determine whether or not to do a case-sensitive match */ +#define STR_CMP(str1, str2) \ + (nslcd_cfg->ignorecase == 1 ? \ + strcasecmp(str1, str2) : strcmp(str1, str2)) + +#endif /* not NSLCD__COMMON_H */ diff --git a/nslcd/config.c b/nslcd/config.c new file mode 100644 index 0000000..75c9ec1 --- /dev/null +++ b/nslcd/config.c @@ -0,0 +1,61 @@ +/* + config.c - routines for getting configuration information + + Copyright (C) 2012, 2013 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#ifdef HAVE_STDINT_H +#include +#endif /* HAVE_STDINT_H */ +#include + +#include "common.h" +#include "log.h" +#include "cfg.h" + +int nslcd_config_get(TFILE *fp, MYLDAP_SESSION UNUSED(*session)) +{ + int32_t tmpint32; + int32_t cfgopt; + /* read request parameters */ + READ_INT32(fp, cfgopt); + /* log call */ + log_setrequest("config=%d", (int)cfgopt); + log_log(LOG_DEBUG, "nslcd_config_get(%d)", (int)cfgopt); + /* write the response header */ + WRITE_INT32(fp, NSLCD_VERSION); + WRITE_INT32(fp, NSLCD_ACTION_CONFIG_GET); + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + /* validate request */ + switch (cfgopt) + { + case NSLCD_CONFIG_PAM_PASSWORD_PROHIBIT_MESSAGE: + WRITE_STRING(fp, nslcd_cfg->pam_password_prohibit_message); + break; + default: + /* all other config options are ignored */ + break; + } + WRITE_INT32(fp, NSLCD_RESULT_END); + return 0; +} diff --git a/nslcd/daemonize.c b/nslcd/daemonize.c new file mode 100644 index 0000000..d11d358 --- /dev/null +++ b/nslcd/daemonize.c @@ -0,0 +1,235 @@ +/* + daemoninze.c - functions for properly daemonising an application + + Copyright (C) 2014-2015 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include +#include +#include +#ifdef HAVE_PTHREAD_H +#include +#endif /* HAVE_PTHREAD_H */ + +#include "daemonize.h" +#include "log.h" + +/* the write end of a pipe that is used to signal the fact that the child + process has finished initialising (see daemonize_daemon() and + daemonize_ready() for details) */ +static int daemonizefd = -1; + +void daemonize_closefds(void) +{ + int i; + /* close all file descriptors (except stdin/out/err) */ + i = sysconf(_SC_OPEN_MAX) - 1; + /* if the system does not have OPEN_MAX just close the first 32 and + hope we closed enough */ + if (i < 0) + i = 32; + for (; i > 3; i--) + close(i); +} + +void daemonize_redirect_stdio(void) +{ + /* close stdin, stdout and stderr */ + (void)close(0); /* stdin */ + (void)close(1); /* stdout */ + (void)close(2); /* stderr */ + /* reconnect to /dev/null */ + (void)open("/dev/null", O_RDWR); /* stdin, fd=0 */ + (void)dup(0); /* stdout, fd=1 */ + (void)dup(0); /* stderr, fd=2 */ +} + +/* try to fill the buffer until EOF or error */ +static int read_response(int fd, char *buffer, size_t bufsz) +{ + int rc; + size_t r = 0; + while (r < bufsz) + { + rc = read(fd, buffer + r, bufsz - r); + if (rc == 0) + break; + else if (rc > 0) + r += rc; + else if ((errno == EINTR) || (errno == EAGAIN)) + continue; /* ignore these errors and try again */ + else + { + log_log(LOG_ERR, "read_response(): read() failed: %s", strerror(errno)); + return -1; + } + } + return r; +} + +/* The parent process calling daemonize_daemon() will end up here on success */ +static int wait_for_response(int fd) +{ + int i, l, rc; + char buffer[1024]; + /* read return code */ + errno = 0; + i = read_response(fd, (void *)&rc, sizeof(int)); + log_log(LOG_DEBUG, "DEBUG: wait_for_response(): i=%d, rc=%d", i, rc); + if (i != sizeof(int)) + { + log_log(LOG_ERR, "wait_for_response(): read_response() returned %d (expected %d)", + i, (int)sizeof(int)); + if (errno == 0) +#ifdef ENODATA + errno = ENODATA; +#else + errno = ENOATTR; +#endif + return -1; + } + /* read string length */ + i = read_response(fd, (void *)&l, sizeof(int)); + log_log(LOG_DEBUG, "DEBUG: wait_for_response(): i=%d, l=%d", i, l); + if ((i != sizeof(int)) || (l <= 0)) + _exit(rc); + /* read string */ + if ((size_t)l > (sizeof(buffer) - 1)) + l = sizeof(buffer) - 1; + i = read_response(fd, buffer, l); + buffer[l] = '\0'; + if (i == l) + fprintf(stderr, "%s", buffer); + _exit(rc); +} + +static void closefd(void) +{ + if (daemonizefd >= 0) + { + close(daemonizefd); + daemonizefd = -1; + } +} + +int daemonize_daemon(void) +{ + int pipefds[2]; + int i; + /* set up a pipe for communication */ + if (pipe(pipefds) < 0) + { + log_log(LOG_ERR, "pipe() failed: %s", strerror(errno)); + return -1; + } + /* set O_NONBLOCK on the write end to ensure that a call to + daemonize_ready() will not lock the application */ + if ((i = fcntl(pipefds[1], F_GETFL, 0)) < 0) + { + log_log(LOG_ERR, "fcntl() failed: %s", strerror(errno)); + close(pipefds[0]); + close(pipefds[1]); + return -1; + } + if (fcntl(pipefds[1], F_SETFL, i | O_NONBLOCK) < 0) + { + log_log(LOG_ERR, "fcntl() failed: %s", strerror(errno)); + close(pipefds[0]); + close(pipefds[1]); + return -1; + } + /* fork() and exit() to detach from the parent process */ + switch (fork()) + { + case 0: + /* we are the child, close read end of pipe */ + close(pipefds[0]); + break; + case -1: + /* we are the parent, but have an error */ + log_log(LOG_ERR, "fork() failed: %s", strerror(errno)); + close(pipefds[0]); + close(pipefds[1]); + return -1; + default: + /* we are the parent, close write end and wait for information */ + close(pipefds[1]); + return wait_for_response(pipefds[0]); + } + /* become process leader */ + if (setsid() < 0) + { + log_log(LOG_ERR, "setsid() failed: %s", strerror(errno)); + close(pipefds[1]); + _exit(EXIT_FAILURE); + } + /* fork again so we cannot allocate a pty */ + switch (fork()) + { + case 0: + /* we are the child */ + break; + case -1: + /* we are the parent, but have an error */ + log_log(LOG_ERR, "fork() failed: %s", strerror(errno)); + close(pipefds[1]); + _exit(EXIT_FAILURE); + default: + /* we are the parent and we're done */ + close(pipefds[1]); + _exit(EXIT_SUCCESS); + } + daemonizefd = pipefds[1]; + /* close the file descriptor on exec (ignore errors) */ + fcntl(daemonizefd, F_SETFD, FD_CLOEXEC); +#ifdef HAVE_PTHREAD_ATFORK + /* handle any other forks by closing daemonizefd first */ + (void)pthread_atfork(NULL, NULL, closefd); +#endif /* HAVE_PTHREAD_ATFORK */ + return 0; +} + +void daemonize_ready(int status, const char *message) +{ + int l; + if (daemonizefd >= 0) + { + /* we ignore any errors writing */ + (void)write(daemonizefd, &status, sizeof(int)); + if ((message == NULL) || (message[0] == '\0')) + { + l = 0; + (void)write(daemonizefd, &l, sizeof(int)); + } + else + { + l = strlen(message); + (void)write(daemonizefd, &l, sizeof(int)); + (void)write(daemonizefd, message, l); + } + (void)close(daemonizefd); + daemonizefd = -1; + } +} diff --git a/nslcd/daemonize.h b/nslcd/daemonize.h new file mode 100644 index 0000000..8eb9885 --- /dev/null +++ b/nslcd/daemonize.h @@ -0,0 +1,67 @@ +/* + daemonize.h - definition of functions for daemonising an application + + Copyright (C) 2014 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef NSLCD__DAEMONINZE_H +#define NSLCD__DAEMONINZE_H 1 + +/* + To properly run as a daemon an application should: + + - close all open file descriptors (see daemonize_closefds() for that) + - (re)set proper signal handlers and signal mask + - sanitise the environment + - fork() / setsid() / fork() to detach from terminal, become process + leader and run in the background (see daemonize_demon() for that) + - reconnect stdin/stdout/stderr to /dev/null (see + daemonize_redirect_stdio() for that) + - set the umask to a reasonable value + - chdir(/) to avoid locking any mounts + - drop privileges as appropriate + - chroot() if appropriate + - create and lock a pidfile + - exit the starting process if initialisation is complete (see + daemonize_ready() for that) +*/ + +/* This closes all open file descriptors, except stdin, stdout and stderr. */ +void daemonize_closefds(void); + +/* Redirect stdio, stdin and stderr to /dev/null. */ +void daemonize_redirect_stdio(void); + +/* Detach from the controlling terminal and run in the background. This + function does: + - double fork and exit first child + - in the first child call setsid() to detach from any terminal and + create an independent session + - keep the parent process waiting until a call to daemonize_ready() is + done by the deamon process + This function returns either an error which indicates that the + daemonizing failed for some reason (usually sets errno), or returns + without error indicating that the process has been daemonized. */ +int daemonize_daemon(void); + +/* Signal that the original parent may exit because the service has been + initialised. The status indicates the exit code of the original process and + message, if not NULL or an empty string, is printed to stderr. */ +void daemonize_ready(int status, const char *message); + +#endif /* not NSLCD__DAEMONINZE_H */ diff --git a/nslcd/ether.c b/nslcd/ether.c new file mode 100644 index 0000000..16117a5 --- /dev/null +++ b/nslcd/ether.c @@ -0,0 +1,200 @@ +/* + ether.c - ethernet address entry lookup routines + Parts of this file were part of the nss_ldap library (as ldap-ethers.c) + which has been forked into the nss-pam-ldapd library. + + Copyright (C) 1997-2005 Luke Howard + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2017 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#ifdef HAVE_STDINT_H +#include +#endif /* HAVE_STDINT_H */ + +#include "common.h" +#include "log.h" +#include "myldap.h" +#include "cfg.h" +#include "attmap.h" +#include "compat/ether.h" + +/* ( nisSchema.2.11 NAME 'ieee802Device' SUP top AUXILIARY + * DESC 'A device with a MAC address; device SHOULD be + * used as a structural class' + * MAY macAddress ) + */ + +/* the search base for searches */ +const char *ether_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; + +/* the search scope for searches */ +int ether_scope = LDAP_SCOPE_DEFAULT; + +/* the basic search filter for searches */ +const char *ether_filter = "(objectClass=ieee802Device)"; + +/* the attributes to request with searches */ +const char *attmap_ether_cn = "cn"; +const char *attmap_ether_macAddress = "macAddress"; + +/* the attribute list to request with searches */ +static const char *ether_attrs[3]; + +/* create a search filter for searching an ethernet address + by name, return -1 on errors */ +static int mkfilter_ether_byname(const char *name, + char *buffer, size_t buflen) +{ + char safename[BUFLEN_HOSTNAME]; + /* escape attribute */ + if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_ether_byname(): safename buffer too small"); + return -1; + } + /* build filter */ + return mysnprintf(buffer, buflen, "(&%s(%s=%s))", + ether_filter, attmap_ether_cn, safename); +} + +static void my_ether_ntoa(const uint8_t *addr, char *buffer, int compact) +{ + int i; + for (i = 0; i < 6; i++) + { + if (i > 0) + *buffer++ = ':'; + buffer += sprintf(buffer, compact ? "%x" : "%02x", addr[i]); + } + *buffer++ = '\0'; +} + +static int mkfilter_ether_byether(const struct ether_addr *addr, + char *buffer, size_t buflen) +{ + char addrstr1[20], addrstr2[20]; + my_ether_ntoa((const uint8_t *)addr, addrstr1, 1); + my_ether_ntoa((const uint8_t *)addr, addrstr2, 0); + /* there should be no characters that need escaping */ + return mysnprintf(buffer, buflen, "(&%s(|(%s=%s)(%s=%s)))", ether_filter, + attmap_ether_macAddress, addrstr1, + attmap_ether_macAddress, addrstr2); +} + +void ether_init(void) +{ + int i; + /* set up search bases */ + if (ether_bases[0] == NULL) + for (i = 0; i < NSS_LDAP_CONFIG_MAX_BASES; i++) + ether_bases[i] = nslcd_cfg->bases[i]; + /* set up scope */ + if (ether_scope == LDAP_SCOPE_DEFAULT) + ether_scope = nslcd_cfg->scope; + /* set up attribute list */ + ether_attrs[0] = attmap_ether_cn; + ether_attrs[1] = attmap_ether_macAddress; + ether_attrs[2] = NULL; +} + +/* TODO: check for errors in aton() */ +#define WRITE_ETHER(fp, addr) \ + ether_aton_r(addr, &tmpaddr); \ + WRITE(fp, &tmpaddr, sizeof(uint8_t[6])); + +static int write_ether(TFILE *fp, MYLDAP_ENTRY *entry, + const char *reqname, const char *reqether) +{ + int32_t tmpint32; + struct ether_addr tmpaddr; + const char *tmparr[2]; + const char **names, **ethers; + int i, j; + /* get the name of the ether entry */ + names = myldap_get_values(entry, attmap_ether_cn); + if ((names == NULL) || (names[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_ether_cn); + return 0; + } + /* get the addresses */ + if (reqether != NULL) + { + ethers = tmparr; + ethers[0] = reqether; + ethers[1] = NULL; + } + else + { + ethers = myldap_get_values(entry, attmap_ether_macAddress); + if ((ethers == NULL) || (ethers[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_ether_macAddress); + return 0; + } + /* TODO: move parsing of addresses up here */ + } + /* write entries for all names and addresses */ + for (i = 0; names[i] != NULL; i++) + if ((reqname == NULL) || (strcasecmp(reqname, names[i]) == 0)) + for (j = 0; ethers[j] != NULL; j++) + { + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_STRING(fp, names[i]); + WRITE_ETHER(fp, ethers[j]); + } + return 0; +} + +NSLCD_HANDLE( + ether, byname, NSLCD_ACTION_ETHER_BYNAME, + char name[BUFLEN_HOSTNAME]; + char filter[BUFLEN_FILTER]; + READ_STRING(fp, name); + log_setrequest("ether=\"%s\"", name);, + mkfilter_ether_byname(name, filter, sizeof(filter)), + write_ether(fp, entry, name, NULL) +) + +NSLCD_HANDLE( + ether, byether, NSLCD_ACTION_ETHER_BYETHER, + struct ether_addr addr; + char addrstr[20]; + char filter[BUFLEN_FILTER]; + READ(fp, &addr, sizeof(uint8_t[6])); + my_ether_ntoa((uint8_t *)&addr, addrstr, 1); + log_setrequest("ether=%s", addrstr);, + mkfilter_ether_byether(&addr, filter, sizeof(filter)), + write_ether(fp, entry, NULL, addrstr) +) + +NSLCD_HANDLE( + ether, all, NSLCD_ACTION_ETHER_ALL, + const char *filter; + log_setrequest("ether(all)");, + (filter = ether_filter, 0), + write_ether(fp, entry, NULL, NULL) +) diff --git a/nslcd/group.c b/nslcd/group.c new file mode 100644 index 0000000..09dbb53 --- /dev/null +++ b/nslcd/group.c @@ -0,0 +1,604 @@ +/* + group.c - group entry lookup routines + Parts of this file were part of the nss_ldap library (as ldap-grp.c) + which has been forked into the nss-pam-ldapd library. + + Copyright (C) 1997-2006 Luke Howard + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2015 Arthur de Jong + Copyright (C) 2013 Steve Hill + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +/* for gid_t */ +#include + +#include "common/set.h" +#include "common.h" +#include "log.h" +#include "myldap.h" +#include "cfg.h" +#include "attmap.h" +#include "compat/strndup.h" + +/* ( nisSchema.2.2 NAME 'posixGroup' SUP top STRUCTURAL + * DESC 'Abstraction of a group of accounts' + * MUST ( cn $ gidNumber ) + * MAY ( userPassword $ memberUid $ description ) ) + * + * apart from the above a member attribute is also supported that + * may contains a DN of a user + * + * nested groups (groups that are member of a group) are currently + * not supported + */ + +/* the search base for searches */ +const char *group_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; + +/* the search scope for searches */ +int group_scope = LDAP_SCOPE_DEFAULT; + +/* the basic search filter for searches */ +const char *group_filter = "(objectClass=posixGroup)"; + +/* the attributes to request with searches */ +const char *attmap_group_cn = "cn"; +const char *attmap_group_userPassword = "\"*\""; +const char *attmap_group_gidNumber = "gidNumber"; +const char *attmap_group_memberUid = "memberUid"; +const char *attmap_group_member = "member"; + +/* special property for objectSid-based searches + (these are already LDAP-escaped strings) */ +static char *gidSid = NULL; + +/* BUILTIN SID definitions */ +static char *builtinSid = NULL; +const gid_t min_builtin_rid = 544; +const gid_t max_builtin_rid = 552; + +/* default values for attributes */ +static const char *default_group_userPassword = "*"; /* unmatchable */ + +/* the attribute list to request with searches */ +static const char **group_attrs = NULL; + +/* the attribute list for bymember searches (without member attributes) */ +static const char **group_bymember_attrs = NULL; + +/* create a search filter for searching a group entry + by name, return -1 on errors */ +static int mkfilter_group_byname(const char *name, + char *buffer, size_t buflen) +{ + char safename[BUFLEN_SAFENAME]; + /* escape attribute */ + if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_group_byname(): safename buffer too small"); + return -1; + } + /* build filter */ + return mysnprintf(buffer, buflen, "(&%s(%s=%s))", + group_filter, attmap_group_cn, safename); +} + +/* create a search filter for searching a group entry + by gid, return -1 on errors */ +static int mkfilter_group_bygid(gid_t gid, char *buffer, size_t buflen) +{ + gid -= nslcd_cfg->nss_gid_offset; + /* if searching for a Windows domain SID */ + if (gidSid != NULL) + { + /* the given gid is a BUILTIN gid, the SID prefix is not the domain SID */ + if ((gid >= min_builtin_rid) && (gid <= max_builtin_rid)) + return mysnprintf(buffer, buflen, "(&%s(%s=%s\\%02x\\%02x\\%02x\\%02x))", + group_filter, attmap_group_gidNumber, builtinSid, + (int)(gid & 0xff), (int)((gid >> 8) & 0xff), + (int)((gid >> 16) & 0xff), (int)((gid >> 24) & 0xff)); + return mysnprintf(buffer, buflen, "(&%s(%s=%s\\%02x\\%02x\\%02x\\%02x))", + group_filter, attmap_group_gidNumber, gidSid, + (int)(gid & 0xff), (int)((gid >> 8) & 0xff), + (int)((gid >> 16) & 0xff), (int)((gid >> 24) & 0xff)); + } + else + { + return mysnprintf(buffer, buflen, "(&%s(%s=%lu))", + group_filter, attmap_group_gidNumber, (unsigned long int)gid); + } +} + +/* create a search filter for searching a group entry + by member uid, return -1 on errors */ +static int mkfilter_group_bymember(MYLDAP_SESSION *session, + const char *uid, + char *buffer, size_t buflen) +{ + char dn[BUFLEN_DN]; + char safeuid[BUFLEN_SAFENAME]; + char safedn[BUFLEN_SAFEDN]; + /* escape attribute */ + if (myldap_escape(uid, safeuid, sizeof(safeuid))) + { + log_log(LOG_ERR, "mkfilter_group_bymember(): safeuid buffer too small"); + return -1; + } + /* try to translate uid to DN */ + if ((strcasecmp(attmap_group_member, "\"\"") == 0) || + (uid2dn(session, uid, dn, sizeof(dn)) == NULL)) + return mysnprintf(buffer, buflen, "(&%s(%s=%s))", + group_filter, attmap_group_memberUid, safeuid); + /* escape DN */ + if (myldap_escape(dn, safedn, sizeof(safedn))) + { + log_log(LOG_ERR, "mkfilter_group_bymember(): safedn buffer too small"); + return -1; + } + /* also lookup using user DN */ + return mysnprintf(buffer, buflen, "(&%s(|(%s=%s)(%s=%s)))", + group_filter, + attmap_group_memberUid, safeuid, + attmap_group_member, safedn); +} + +static int mkfilter_group_bymemberdn(const char *dn, + char *buffer, size_t buflen) +{ + char safedn[BUFLEN_SAFEDN]; + /* escape DN */ + if (myldap_escape(dn, safedn, sizeof(safedn))) + { + log_log(LOG_ERR, "mkfilter_group_bymemberdn(): safedn buffer too small"); + return -1; + } + return mysnprintf(buffer, buflen, + "(&%s(%s=%s))", + group_filter, + attmap_group_member, safedn); +} + +void group_init(void) +{ + int i; + SET *set; + /* set up search bases */ + if (group_bases[0] == NULL) + for (i = 0; i < NSS_LDAP_CONFIG_MAX_BASES; i++) + group_bases[i] = nslcd_cfg->bases[i]; + /* set up scope */ + if (group_scope == LDAP_SCOPE_DEFAULT) + group_scope = nslcd_cfg->scope; + /* special case when gidNumber references objectSid */ + if (strncasecmp(attmap_group_gidNumber, "objectSid:", 10) == 0) + { + gidSid = sid2search(attmap_group_gidNumber + 10); + builtinSid = sid2search("S-1-5-32"); + attmap_group_gidNumber = strndup(attmap_group_gidNumber, 9); + } + /* set up attribute list */ + set = set_new(); + attmap_add_attributes(set, attmap_group_cn); + attmap_add_attributes(set, attmap_group_userPassword); + attmap_add_attributes(set, attmap_group_gidNumber); + if (!nslcd_cfg->nss_getgrent_skipmembers) + { + attmap_add_attributes(set, attmap_group_memberUid); + attmap_add_attributes(set, attmap_group_member); + } + group_attrs = set_tolist(set); + if (group_attrs == NULL) + { + log_log(LOG_CRIT, "malloc() failed to allocate memory"); + exit(EXIT_FAILURE); + } + set_free(set); + /* set up bymember attribute list */ + set = set_new(); + attmap_add_attributes(set, attmap_group_cn); + attmap_add_attributes(set, attmap_group_userPassword); + attmap_add_attributes(set, attmap_group_gidNumber); + group_bymember_attrs = set_tolist(set); + if (group_bymember_attrs == NULL) + { + log_log(LOG_CRIT, "malloc() failed to allocate memory"); + exit(EXIT_FAILURE); + } + set_free(set); +} + +static int do_write_group(TFILE *fp, MYLDAP_ENTRY *entry, + const char **names, gid_t gids[], int numgids, + const char *passwd, const char **members, + const char *reqname) +{ + int32_t tmpint32, tmp2int32, tmp3int32; + int i, j; + /* write entries for all names and gids */ + for (i = 0; names[i] != NULL; i++) + { + if (!isvalidname(names[i])) + { + log_log(LOG_WARNING, "%s: %s: denied by validnames option", + myldap_get_dn(entry), attmap_group_cn); + } + else if ((reqname == NULL) || (STR_CMP(reqname, names[i]) == 0)) + { + for (j = 0; j < numgids; j++) + { + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_STRING(fp, names[i]); + WRITE_STRING(fp, passwd); + WRITE_INT32(fp, gids[j]); + WRITE_STRINGLIST(fp, members); + } + } + } + return 0; +} + +static void getmembers(MYLDAP_ENTRY *entry, MYLDAP_SESSION *session, + SET *members, SET *seen, SET *subgroups) +{ + char buf[BUFLEN_NAME]; + int i; + const char **values; + const char ***derefs; + /* add the memberUid values */ + values = myldap_get_values(entry, attmap_group_memberUid); + if (values != NULL) + for (i = 0; values[i] != NULL; i++) + { + /* only add valid usernames */ + if (isvalidname(values[i])) + set_add(members, values[i]); + } + /* skip rest if attmap_group_member is blank */ + if (strcasecmp(attmap_group_member, "\"\"") == 0) + return; + /* add deref'd entries if we have them*/ + derefs = myldap_get_deref_values(entry, attmap_group_member, attmap_passwd_uid); + if (derefs != NULL) + { + /* add deref'd uid attributes */ + for (i = 0; derefs[0][i] != NULL; i++) + set_add(members, derefs[0][i]); + /* add non-deref'd attribute values as subgroups */ + for (i = 0; derefs[1][i] != NULL; i++) + { + if ((seen == NULL) || (!set_contains(seen, derefs[1][i]))) + { + if (seen != NULL) + set_add(seen, derefs[1][i]); + if (subgroups != NULL) + set_add(subgroups, derefs[1][i]); + } + } + return; /* no need to parse the member attribute ourselves */ + } + /* add the member values */ + values = myldap_get_values(entry, attmap_group_member); + if (values != NULL) + for (i = 0; values[i] != NULL; i++) + { + if ((seen == NULL) || (!set_contains(seen, values[i]))) + { + if (seen != NULL) + set_add(seen, values[i]); + /* transform the DN into a uid (dn2uid() already checks validity) */ + if (dn2uid(session, values[i], buf, sizeof(buf)) != NULL) + set_add(members, buf); + /* wasn't a UID - try handling it as a nested group */ + else if (subgroups != NULL) + set_add(subgroups, values[i]); + } + } +} + +/* the maximum number of gidNumber attributes per entry */ +#define MAXGIDS_PER_ENTRY 5 + +static int write_group(TFILE *fp, MYLDAP_ENTRY *entry, const char *reqname, + const gid_t *reqgid, int wantmembers, + MYLDAP_SESSION *session) +{ + const char **names, **gidvalues; + const char *passwd; + const char **members = NULL; + SET *set, *seen=NULL, *subgroups=NULL; + gid_t gids[MAXGIDS_PER_ENTRY]; + int numgids; + char *tmp; + char passbuffer[BUFLEN_PASSWORDHASH]; + MYLDAP_SEARCH *search; + MYLDAP_ENTRY *entry2; + int rc; + /* get group name (cn) */ + names = myldap_get_values(entry, attmap_group_cn); + if ((names == NULL) || (names[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_group_cn); + return 0; + } + /* get the group id(s) */ + if (reqgid != NULL) + { + gids[0] = *reqgid; + numgids = 1; + } + else + { + gidvalues = myldap_get_values_len(entry, attmap_group_gidNumber); + if ((gidvalues == NULL) || (gidvalues[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_group_gidNumber); + return 0; + } + for (numgids = 0; (numgids < MAXGIDS_PER_ENTRY) && (gidvalues[numgids] != NULL); numgids++) + { + if (gidSid != NULL) + gids[numgids] = (gid_t)binsid2id(gidvalues[numgids]); + else + { + errno = 0; + gids[numgids] = strtogid(gidvalues[numgids], &tmp, 10); + if ((*(gidvalues[numgids]) == '\0') || (*tmp != '\0')) + { + log_log(LOG_WARNING, "%s: %s: non-numeric", + myldap_get_dn(entry), attmap_group_gidNumber); + return 0; + } + else if ((errno != 0) || (strchr(gidvalues[numgids], '-') != NULL)) + { + log_log(LOG_WARNING, "%s: %s: out of range", + myldap_get_dn(entry), attmap_group_gidNumber); + return 0; + } + } + gids[numgids] += nslcd_cfg->nss_gid_offset; + } + } + /* get group passwd (userPassword) (use only first entry) */ + passwd = get_userpassword(entry, attmap_group_userPassword, + passbuffer, sizeof(passbuffer)); + if (passwd == NULL) + passwd = default_group_userPassword; + /* get group members (memberUid&member) */ + if (wantmembers) + { + set = set_new(); + if (set != NULL) + { + if (nslcd_cfg->nss_nested_groups) + { + seen = set_new(); + subgroups = set_new(); + } + /* collect the members from this group */ + getmembers(entry, session, set, seen, subgroups); + /* add the members of any nested groups */ + if (subgroups != NULL) + { + while ((tmp = set_pop(subgroups)) != NULL) + { + search = myldap_search(session, tmp, LDAP_SCOPE_BASE, group_filter, group_attrs, NULL); + if (search != NULL) + while ((entry2 = myldap_get_entry(search, NULL)) != NULL) + getmembers(entry2, session, set, seen, subgroups); + free(tmp); + } + } + members = set_tolist(set); + set_free(set); + if (seen != NULL) + set_free(seen); + if (subgroups != NULL) + set_free(subgroups); + } + } + /* write entries (split to a separate function so we can ensure the call + to free() below in case a write fails) */ + rc = do_write_group(fp, entry, names, gids, numgids, passwd, members, + reqname); + /* free and return */ + if (members != NULL) + free(members); + return rc; +} + +NSLCD_HANDLE( + group, byname, NSLCD_ACTION_GROUP_BYNAME, + char name[BUFLEN_NAME]; + char filter[BUFLEN_FILTER]; + READ_STRING(fp, name); + log_setrequest("group=\"%s\"", name); + if (!isvalidname(name)) + { + log_log(LOG_WARNING, "request denied by validnames option"); + return -1; + }, + mkfilter_group_byname(name, filter, sizeof(filter)), + write_group(fp, entry, name, NULL, 1, session) +) + +NSLCD_HANDLE( + group, bygid, NSLCD_ACTION_GROUP_BYGID, + gid_t gid; + char filter[BUFLEN_FILTER]; + READ_INT32(fp, gid); + log_setrequest("group=%lu", (unsigned long int)gid);, + mkfilter_group_bygid(gid, filter, sizeof(filter)), + write_group(fp, entry, NULL, &gid, 1, session) +) + +int nslcd_group_bymember(TFILE *fp, MYLDAP_SESSION *session) +{ + /* define common variables */ + int32_t tmpint32; + MYLDAP_SEARCH *search; + MYLDAP_ENTRY *entry; + const char *dn; + const char *base; + int rc, i; + char name[BUFLEN_NAME]; + char filter[BUFLEN_FILTER]; + SET *seen=NULL, *tocheck=NULL; + /* read request parameters */ + READ_STRING(fp, name); + log_setrequest("group/member=\"%s\"", name); + /* validate request */ + if (!isvalidname(name)) + { + log_log(LOG_WARNING, "request denied by validnames option"); + return -1; + } + if ((nslcd_cfg->nss_initgroups_ignoreusers != NULL) && + set_contains(nslcd_cfg->nss_initgroups_ignoreusers, name)) + { + log_log(LOG_DEBUG, "ignored group member"); + /* just end the request, returning no results */ + WRITE_INT32(fp, NSLCD_VERSION); + WRITE_INT32(fp, NSLCD_ACTION_GROUP_BYMEMBER); + WRITE_INT32(fp, NSLCD_RESULT_END); + return 0; + } + /* write the response header */ + WRITE_INT32(fp, NSLCD_VERSION); + WRITE_INT32(fp, NSLCD_ACTION_GROUP_BYMEMBER); + /* prepare the search filter */ + if (mkfilter_group_bymember(session, name, filter, sizeof(filter))) + { + log_log(LOG_WARNING, "nslcd_group_bymember(): filter buffer too small"); + return -1; + } + if ((nslcd_cfg->nss_nested_groups) && (strcasecmp(attmap_group_member, "\"\"") != 0)) + { + seen = set_new(); + tocheck = set_new(); + if ((seen != NULL) && (tocheck == NULL)) + { + set_free(seen); + seen = NULL; + } + else if ((tocheck != NULL) && (seen == NULL)) + { + set_free(tocheck); + tocheck = NULL; + } + } + /* perform a search for each search base */ + for (i = 0; (base = group_bases[i]) != NULL; i++) + { + /* do the LDAP search */ + search = myldap_search(session, base, group_scope, filter, + group_bymember_attrs, NULL); + if (search == NULL) + { + if (seen != NULL) + { + set_free(seen); + set_free(tocheck); + } + return -1; + } + /* go over results */ + while ((entry = myldap_get_entry(search, &rc)) != NULL) + { + if ((seen == NULL) || (!set_contains(seen, dn = myldap_get_dn(entry)))) + { + if (seen != NULL) + { + set_add(seen, dn); + set_add(tocheck, dn); + } + if (write_group(fp, entry, NULL, NULL, 0, session)) + { + if (seen != NULL) + { + set_free(seen); + set_free(tocheck); + } + return -1; + } + } + } + } + /* write possible parent groups */ + if (tocheck != NULL) + { + while ((dn = set_pop(tocheck)) != NULL) + { + /* make filter for finding groups with our group as member */ + if (mkfilter_group_bymemberdn(dn, filter, sizeof(filter))) + { + log_log(LOG_WARNING, "nslcd_group_bymember(): filter buffer too small"); + free((void *)dn); + set_free(seen); + set_free(tocheck); + return -1; + } + free((void *)dn); + /* do the LDAP searches */ + for (i = 0; (base = group_bases[i]) != NULL; i++) + { + search = myldap_search(session, base, group_scope, filter, group_bymember_attrs, NULL); + if (search != NULL) + { + while ((entry = myldap_get_entry(search, NULL)) != NULL) + { + dn = myldap_get_dn(entry); + if (!set_contains(seen, dn)) + { + set_add(seen, dn); + set_add(tocheck, dn); + if (write_group(fp, entry, NULL, NULL, 0, session)) + { + set_free(seen); + set_free(tocheck); + return -1; + } + } + } + } + } + } + set_free(seen); + set_free(tocheck); + } + /* write the final result code */ + if (rc == LDAP_SUCCESS) + { + WRITE_INT32(fp, NSLCD_RESULT_END); + } + return 0; +} + +NSLCD_HANDLE( + group, all, NSLCD_ACTION_GROUP_ALL, + const char *filter; + log_setrequest("group(all)");, + (filter = group_filter, 0), + write_group(fp, entry, NULL, NULL, 1, session) +) diff --git a/nslcd/host.c b/nslcd/host.c new file mode 100644 index 0000000..7e5f6aa --- /dev/null +++ b/nslcd/host.c @@ -0,0 +1,191 @@ +/* + host.c - host name lookup routines + Parts of this file were part of the nss_ldap library (as ldap-hosts.c) + which has been forked into the nss-pam-ldapd library. + + Copyright (C) 1997-2005 Luke Howard + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2014 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include + +#include "common.h" +#include "log.h" +#include "myldap.h" +#include "cfg.h" +#include "attmap.h" + +/* ( nisSchema.2.6 NAME 'ipHost' SUP top AUXILIARY + * DESC 'Abstraction of a host, an IP device. The distinguished + * value of the cn attribute denotes the host's canonical + * name. Device SHOULD be used as a structural class' + * MUST ( cn $ ipHostNumber ) + * MAY ( l $ description $ manager ) ) + */ + +/* the search base for searches */ +const char *host_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; + +/* the search scope for searches */ +int host_scope = LDAP_SCOPE_DEFAULT; + +/* the basic search filter for searches */ +const char *host_filter = "(objectClass=ipHost)"; + +/* the attributes to request with searches */ +const char *attmap_host_cn = "cn"; +const char *attmap_host_ipHostNumber = "ipHostNumber"; + +/* the attribute list to request with searches */ +static const char *host_attrs[3]; + +/* create a search filter for searching a host entry + by name, return -1 on errors */ +static int mkfilter_host_byname(const char *name, char *buffer, size_t buflen) +{ + char safename[BUFLEN_HOSTNAME]; + /* escape attribute */ + if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_host_byname(): safename buffer too small"); + return -1; + } + /* build filter */ + return mysnprintf(buffer, buflen, "(&%s(%s=%s))", + host_filter, attmap_host_cn, safename); +} + +static int mkfilter_host_byaddr(const char *addrstr, + char *buffer, size_t buflen) +{ + char safeaddr[64]; + /* escape attribute */ + if (myldap_escape(addrstr, safeaddr, sizeof(safeaddr))) + { + log_log(LOG_ERR, "mkfilter_host_byaddr(): safeaddr buffer too small"); + return -1; + } + /* build filter */ + return mysnprintf(buffer, buflen, "(&%s(%s=%s))", + host_filter, attmap_host_ipHostNumber, safeaddr); +} + +void host_init(void) +{ + int i; + /* set up search bases */ + if (host_bases[0] == NULL) + for (i = 0; i < NSS_LDAP_CONFIG_MAX_BASES; i++) + host_bases[i] = nslcd_cfg->bases[i]; + /* set up scope */ + if (host_scope == LDAP_SCOPE_DEFAULT) + host_scope = nslcd_cfg->scope; + /* set up attribute list */ + host_attrs[0] = attmap_host_cn; + host_attrs[1] = attmap_host_ipHostNumber; + host_attrs[2] = NULL; +} + +/* write a single host entry to the stream */ +static int write_host(TFILE *fp, MYLDAP_ENTRY *entry) +{ + int32_t tmpint32, tmp2int32, tmp3int32; + int numaddr, i; + const char *hostname; + const char **hostnames; + const char **addresses; + /* get the most canonical name */ + hostname = myldap_get_rdn_value(entry, attmap_host_cn); + /* get the other names for the host */ + hostnames = myldap_get_values(entry, attmap_host_cn); + if ((hostnames == NULL) || (hostnames[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_host_cn); + return 0; + } + /* if the hostname is not yet found, get the first entry from hostnames */ + if (hostname == NULL) + hostname = hostnames[0]; + /* get the addresses */ + addresses = myldap_get_values(entry, attmap_host_ipHostNumber); + if ((addresses == NULL) || (addresses[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_host_ipHostNumber); + return 0; + } + /* write the entry */ + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_STRING(fp, hostname); + WRITE_STRINGLIST_EXCEPT(fp, hostnames, hostname); + for (numaddr = 0; addresses[numaddr] != NULL; numaddr++) + /* noting */ ; + WRITE_INT32(fp, numaddr); + for (i = 0; i < numaddr; i++) + { + WRITE_ADDRESS(fp, entry, attmap_host_ipHostNumber, addresses[i]); + } + return 0; +} + +NSLCD_HANDLE( + host, byname, NSLCD_ACTION_HOST_BYNAME, + char name[BUFLEN_HOSTNAME]; + char filter[BUFLEN_FILTER]; + READ_STRING(fp, name); + log_setrequest("host=\"%s\"", name);, + mkfilter_host_byname(name, filter, sizeof(filter)), + write_host(fp, entry) +) + +NSLCD_HANDLE( + host, byaddr, NSLCD_ACTION_HOST_BYADDR, + int af; + char addr[64]; + int len = sizeof(addr); + char addrstr[64]; + char filter[BUFLEN_FILTER]; + READ_ADDRESS(fp, addr, len, af); + /* translate the address to a string */ + if (inet_ntop(af, addr, addrstr, sizeof(addrstr)) == NULL) + { + log_log(LOG_WARNING, "unable to convert address to string"); + return -1; + } + log_setrequest("host=%s", addrstr);, + mkfilter_host_byaddr(addrstr, filter, sizeof(filter)), + write_host(fp, entry) +) + + +NSLCD_HANDLE( + host, all, NSLCD_ACTION_HOST_ALL, + const char *filter; + log_setrequest("host(all)");, + (filter = host_filter, 0), + write_host(fp, entry) +) diff --git a/nslcd/invalidator.c b/nslcd/invalidator.c new file mode 100644 index 0000000..7e8e415 --- /dev/null +++ b/nslcd/invalidator.c @@ -0,0 +1,269 @@ +/* + invalidator.c - functions for invalidating external caches + + Copyright (C) 2013-2014 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "common.h" +#include "log.h" + +/* the write end of a pipe that is used to signal the child process + to invalidate the cache */ +static int signalfd = -1; + +/* we have our own implementation because nscd could use different names */ +static const char *map2name(enum ldap_map_selector map) +{ + switch (map) + { + case LM_ALIASES: return "aliases"; + case LM_ETHERS: return "ethers"; + case LM_GROUP: return "group"; + case LM_HOSTS: return "hosts"; + case LM_NETGROUP: return "netgroup"; + case LM_NETWORKS: return "networks"; + case LM_PASSWD: return "passwd"; + case LM_PROTOCOLS: return "protocols"; + case LM_RPC: return "rpc"; + case LM_SERVICES: return "services"; + case LM_SHADOW: return "shadow"; + case LM_NFSIDMAP: return "nfsidmap"; + case LM_NONE: + default: return NULL; + } +} + +/* invalidate the specified database */ +static void exec_invalidate(const char *db) +{ + pid_t cpid; + int i, status; + char *argv[4]; + char cmdline[80]; +#ifdef HAVE_EXECVPE + char *newenviron[] = { NULL }; +#endif + /* build command line */ + if (strcmp(db, "nfsidmap") == 0) + { + argv[0] = "nfsidmap"; + argv[1] = "-c"; + argv[2] = NULL; + } + else + { + argv[0] = "nscd"; + argv[1] = "-i"; + argv[2] = (char *)db; + argv[3] = NULL; + } + if (mysnprintf(cmdline, 80, "%s %s%s%s", argv[0], argv[1], + argv[2] != NULL ? " " : "", argv[2] != NULL ? argv[2] : "")) + { + log_log(LOG_ERR, "exec_invalidate(): cmdline buffer too small"); + return; + } + log_log(LOG_DEBUG, "invalidator: %s", cmdline); + /* do fork/exec */ + switch (cpid=fork()) + { + case 0: /* we are the child */ + /* close all file descriptors */ + i = sysconf(_SC_OPEN_MAX) - 1; + /* if the system does not have OPEN_MAX just close the first 32 and + hope we have closed enough */ + if (i < 0) + i = 32; + for (; i >= 0; i--) + close(i); + /* execute command */ +#ifdef HAVE_EXECVPE + execvpe(argv[0], argv, newenviron); +#else + execvp(argv[0], argv); +#endif + /* if we are here there has been an error */ + /* we can't log since we don't have any useful file descriptors */ + _exit(EXIT_FAILURE); + break; + case -1: /* we are the parent, but have an error */ + log_log(LOG_ERR, "invalidator: fork() failed: %s", strerror(errno)); + break; + default: /* we are the parent */ + /* wait for child exit */ + do + { + errno = 0; + i = waitpid(cpid, &status, 0); + } + while ((i < 0) && (errno == EINTR)); + if (i < 0) + log_log(LOG_ERR, "invalidator: waitpid(%d) failed: %s", (int)cpid, strerror(errno)); + else if (WIFEXITED(status)) + { + i = WEXITSTATUS(status); + if (i == 0) + log_log(LOG_DEBUG, "invalidator: %s (pid %d) success", + cmdline, (int)cpid); + else + log_log(LOG_DEBUG, "invalidator: %s (pid %d) failed (%d)", + cmdline, (int)cpid, i); + } + else if (WIFSIGNALED(status)) + { + i = WTERMSIG(status); + log_log(LOG_ERR, "invalidator: %s (pid %d) killed by %s (%d)", + cmdline, (int)cpid, signame(i), i); + } + else + log_log(LOG_ERR, "invalidator: %s (pid %d) had unknown failure", + cmdline, (int)cpid); + break; + } +} + +/* main loop for the invalidator process */ +static void handle_requests(int fd) +{ + int i; + uint8_t c; + const char *db; + log_log(LOG_DEBUG, "invalidator: starting"); + /* set up environment */ + (void)chdir("/"); + putenv("PATH=/usr/sbin:/usr/bin:/sbin:/bin"); + /* handle incoming requests */ + while (1) + { + i = read(fd, &c, sizeof(uint8_t)); + if (i == 0) + { + log_log(LOG_ERR, "invalidator: EOF"); + _exit(EXIT_SUCCESS); + } + else if (i < 0) + { + if (errno == EINTR) + log_log(LOG_DEBUG, "invalidator: read failed (ignored): %s", + strerror(errno)); + else + { + log_log(LOG_ERR, "invalidator: read failed: %s", strerror(errno)); + _exit(EXIT_SUCCESS); + } + } + else + { + db = map2name((enum ldap_map_selector)c); + if (db == NULL) + log_log(LOG_ERR, "invalidator: invalid db received"); + else + exec_invalidate(db); + } + } +} + +/* start a child process that holds onto the original privileges with the + purpose of running external cache invalidation commands */ +int invalidator_start(void) +{ + int pipefds[2]; + pid_t cpid; + int i; + /* set up a pipe for communication */ + if (pipe(pipefds) < 0) + { + log_log(LOG_ERR, "pipe() failed: %s", strerror(errno)); + return -1; + } + /* set O_NONBLOCK on the write end to ensure that a hanging invalidator + process does not bring down the rest of the application */ + if ((i = fcntl(pipefds[1], F_GETFL, 0)) < 0) + { + log_log(LOG_ERR, "fctnl(F_GETFL) failed: %s", strerror(errno)); + close(pipefds[0]); + close(pipefds[1]); + return -1; + } + if (fcntl(pipefds[1], F_SETFL, i | O_NONBLOCK) < 0) + { + log_log(LOG_ERR, "fctnl(F_SETFL,O_NONBLOCK) failed: %s", strerror(errno)); + close(pipefds[0]); + close(pipefds[1]); + return -1; + } + /* fork a child to perfrom the invalidate commands */ + cpid = fork(); + if (cpid < 0) + { + log_log(LOG_ERR, "fork() failed: %s", strerror(errno)); + close(pipefds[0]); + close(pipefds[1]); + return -1; + } + if (cpid == 0) + { + /* we are the child: close the write end and handle requests */ + close(pipefds[1]); + handle_requests(pipefds[0]); + /* the handle function should't return */ + _exit(EXIT_FAILURE); + } + /* we are the parent: close the read end and save the write end */ + close(pipefds[0]); + signalfd = pipefds[1]; + return 0; +} + +/* signal invalidator to invalidate the selected external cache */ +void invalidator_do(enum ldap_map_selector map) +{ + uint8_t c; + int rc; + if (signalfd < 0) + return; + /* LM_NONE is used to signal all maps condigured in reconnect_invalidate */ + if (map == LM_NONE) + { + for (map = 0; map < LM_NONE ; map++) + if (nslcd_cfg->reconnect_invalidate[map]) + invalidator_do(map); + return; + } + /* write a single byte which should be atomic and not fill the PIPE + buffer too soon on most platforms + (nslcd should already ignore SIGPIPE) */ + c = (uint8_t)map; + rc = write(signalfd, &c, sizeof(uint8_t)); + if (rc <= 0) + log_log(LOG_WARNING, "error signalling invalidator: %s", + strerror(errno)); +} diff --git a/nslcd/log.c b/nslcd/log.c new file mode 100644 index 0000000..0676cf6 --- /dev/null +++ b/nslcd/log.c @@ -0,0 +1,332 @@ +/* + log.c - logging funtions + + Copyright (C) 2002, 2003, 2008, 2010, 2011, 2012, 2013 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "log.h" + +/* set the logname */ +#undef PACKAGE +#define PACKAGE "nslcd" + +/* storage for logging modes */ +static struct log_cfg { + int loglevel; + const char *scheme; + FILE *fp; /* NULL == syslog */ + struct log_cfg *next; +} *loglist = NULL; + +/* default loglevel when no logging is configured */ +static int prelogging_loglevel = LOG_INFO; + +#define MAX_REQUESTID_LENGTH 40 + +#ifdef TLS + +/* the session id that is set for this thread */ +static TLS char *sessionid = NULL; + +/* the request identifier that is set for this thread */ +static TLS char *requestid = NULL; + +#else /* no TLS, use pthreads */ + +static pthread_once_t tls_init_once = PTHREAD_ONCE_INIT; +static pthread_key_t sessionid_key; +static pthread_key_t requestid_key; + +static void tls_init_keys(void) +{ + pthread_key_create(&sessionid_key, NULL); + pthread_key_create(&requestid_key, NULL); +} + +#endif /* no TLS, use pthreads */ + +/* set loglevel when no logging is configured */ +void log_setdefaultloglevel(int loglevel) +{ + prelogging_loglevel = loglevel; +} + +/* add logging method to configuration list */ +static void addlogging(int loglevel, const char *scheme, FILE *fp) +{ + struct log_cfg *tmp, *lst; + /* create new logstruct */ + tmp = (struct log_cfg *)malloc(sizeof(struct log_cfg)); + if (tmp == NULL) + { + log_log(LOG_CRIT, "malloc() returned NULL"); + exit(EXIT_FAILURE); + } + tmp->loglevel = loglevel; + tmp->scheme = scheme; + tmp->fp = fp; + tmp->next = NULL; + /* save the struct in the list */ + if (loglist == NULL) + loglist = tmp; + else + { + for (lst = loglist; lst->next != NULL; lst = lst->next); + lst->next = tmp; + } +} + +/* configure logging to a file */ +void log_addlogging_file(int loglevel, const char *filename) +{ + FILE *fp; + filename = strdup(filename); + if (filename == NULL) + { + log_log(LOG_CRIT, "strdup() returned NULL"); + exit(EXIT_FAILURE); + } + fp = fopen(filename, "a"); + if (fp == NULL) + { + log_log(LOG_ERR, "cannot open logfile (%s) for appending: %s", + filename, strerror(errno)); + exit(1); + } + addlogging(loglevel, filename, fp); +} + +/* configure logging to syslog */ +void log_addlogging_syslog(int loglevel) +{ + openlog(PACKAGE, LOG_PID, LOG_DAEMON); + addlogging(loglevel, "syslog", NULL); +} + +/* configure a null logging mode (no logging) */ +void log_addlogging_none() +{ + /* this is a hack, but it's so easy */ + addlogging(LOG_EMERG, "none", NULL); +} + +/* start the logging with the configured logging methods + if no method is configured yet, logging is done to syslog */ +void log_startlogging(void) +{ + if (loglist == NULL) + log_addlogging_syslog(LOG_INFO); + prelogging_loglevel = -1; +} + +/* indicate that we should clear any session identifiers set by + log_newsession */ +void log_clearsession(void) +{ +#ifndef TLS + char *sessionid, *requestid; + pthread_once(&tls_init_once, tls_init_keys); + sessionid = pthread_getspecific(sessionid_key); + requestid = pthread_getspecific(requestid_key); +#endif /* no TLS */ + /* set the session id to empty */ + if (sessionid != NULL) + sessionid[0] = '\0'; + /* set the request id to empty */ + if (requestid != NULL) + requestid[0] = '\0'; +} + +/* indicate that a session id should be included in the output + and set it to a new value */ +void log_newsession(void) +{ +#ifndef TLS + char *sessionid, *requestid; + pthread_once(&tls_init_once, tls_init_keys); + sessionid = pthread_getspecific(sessionid_key); + requestid = pthread_getspecific(requestid_key); +#endif /* no TLS */ + /* ensure that sessionid can hold a string */ + if (sessionid == NULL) + { + sessionid = (char *)malloc(7); + if (sessionid == NULL) + { + fprintf(stderr, "malloc() failed: %s", strerror(errno)); + return; /* silently fail */ + } +#ifndef TLS + pthread_setspecific(sessionid_key, sessionid); +#endif /* no TLS */ + } + sprintf(sessionid, "%06x", (int)(rand() & 0xffffff)); + /* set the request id to empty */ + if (requestid != NULL) + requestid[0] = '\0'; +} + +/* indicate that a request identifier should be included in the output + from this point on, until log_newsession() is called */ +void log_setrequest(const char *format, ...) +{ + va_list ap; +#ifndef TLS + char *requestid; + pthread_once(&tls_init_once, tls_init_keys); + requestid = pthread_getspecific(requestid_key); +#endif /* no TLS */ + /* ensure that requestid can hold a string */ + if (requestid == NULL) + { + requestid = (char *)malloc(MAX_REQUESTID_LENGTH); + if (requestid == NULL) + { + fprintf(stderr, "malloc() failed: %s", strerror(errno)); + return; /* silently fail */ + } +#ifndef TLS + pthread_setspecific(requestid_key, requestid); +#endif /* no TLS */ + } + /* make the message */ + va_start(ap, format); + vsnprintf(requestid, MAX_REQUESTID_LENGTH, format, ap); + requestid[MAX_REQUESTID_LENGTH - 1] = '\0'; + va_end(ap); +} + +/* log the given message using the configured logging method */ +void log_log(int pri, const char *format, ...) +{ + int res; + struct log_cfg *lst; + char buffer[200]; + va_list ap; +#ifndef TLS + char *sessionid, *requestid; + pthread_once(&tls_init_once, tls_init_keys); + sessionid = pthread_getspecific(sessionid_key); + requestid = pthread_getspecific(requestid_key); +#endif /* no TLS */ + /* make the message */ + va_start(ap, format); + res = vsnprintf(buffer, sizeof(buffer), format, ap); + if ((res < 0) || (res >= (int)sizeof(buffer))) + { + /* truncate with "..." */ + buffer[sizeof(buffer) - 2] = '.'; + buffer[sizeof(buffer) - 3] = '.'; + buffer[sizeof(buffer) - 4] = '.'; + } + buffer[sizeof(buffer) - 1] = '\0'; + va_end(ap); + /* do the logging */ + if (prelogging_loglevel >= 0) + { + /* if logging is not yet defined, log to stderr */ + if (pri <= prelogging_loglevel) + { + if ((requestid != NULL) && (requestid[0] != '\0')) + fprintf(stderr, "%s: [%s] <%s> %s%s\n", PACKAGE, sessionid, requestid, + pri == LOG_DEBUG ? "DEBUG: " : "", buffer); + else if ((sessionid != NULL) && (sessionid[0] != '\0')) + fprintf(stderr, "%s: [%s] %s%s\n", PACKAGE, sessionid, + pri == LOG_DEBUG ? "DEBUG: " : "", buffer); + else + fprintf(stderr, "%s: %s%s\n", PACKAGE, + pri == LOG_DEBUG ? "DEBUG: " : "", buffer); + } + } + else + { + for (lst = loglist; lst != NULL; lst = lst->next) + { + if (pri <= lst->loglevel) + { + if (lst->fp == NULL) + { + if ((requestid != NULL) && (requestid[0] != '\0')) + syslog(pri, "[%s] <%s> %s%s", sessionid, requestid, + pri == LOG_DEBUG ? "DEBUG: " : "", buffer); + else if ((sessionid != NULL) && (sessionid[0] != '\0')) + syslog(pri, "[%s] %s%s", sessionid, + pri == LOG_DEBUG ? "DEBUG: " : "", buffer); + else + syslog(pri, "%s%s", + pri == LOG_DEBUG ? "DEBUG: " : "", buffer); + } + else + { + if ((requestid != NULL) && (requestid[0] != '\0')) + fprintf(lst->fp, "%s: [%s] <%s> %s%s\n", PACKAGE, sessionid, requestid, + pri == LOG_DEBUG ? "DEBUG: " : "", buffer); + else if ((sessionid != NULL) && (sessionid[0] != '\0')) + fprintf(lst->fp, "%s: [%s] %s%s\n", PACKAGE, sessionid, + pri == LOG_DEBUG ? "DEBUG: " : "", buffer); + else + fprintf(lst->fp, "%s: %s%s\n", PACKAGE, + pri == LOG_DEBUG ? "DEBUG: " : "", buffer); + fflush(lst->fp); + } + } + } + } +} + +static const char *loglevel2str(int loglevel) +{ + switch (loglevel) + { + case LOG_CRIT: return "crit"; + case LOG_ERR: return "error"; + case LOG_WARNING: return "warning"; + case LOG_NOTICE: return "notice"; + case LOG_INFO: return "info"; + case LOG_DEBUG: return "debug"; + default: return "???"; + } +} + +/* log the logging configuration on DEBUG loglevel */ +void log_log_config(void) +{ + struct log_cfg *lst; + for (lst = loglist; lst != NULL; lst = lst->next) + { + if (lst->loglevel == LOG_EMERG) + log_log(LOG_DEBUG, "CFG: log %s", lst->scheme); + else + log_log(LOG_DEBUG, "CFG: log %s %s", lst->scheme, + loglevel2str(lst->loglevel)); + } +} diff --git a/nslcd/log.h b/nslcd/log.h new file mode 100644 index 0000000..277daa7 --- /dev/null +++ b/nslcd/log.h @@ -0,0 +1,65 @@ +/* + log.h - definitions of logging funtions + + Copyright (C) 2002, 2003, 2007, 2008, 2010, 2011, 2012, 2013 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + + +#ifndef NSLCD__LOG_H +#define NSLCD__LOG_H 1 + +#include +#include "compat/attrs.h" + +/* set loglevel when no logging is configured */ +void log_setdefaultloglevel(int loglevel); + +/* configure logging to a file */ +void log_addlogging_file(int loglevel, const char *filename); + +/* configure logging to syslog */ +void log_addlogging_syslog(int loglevel); + +/* configure a null logging mode (no logging) */ +void log_addlogging_none(void); + +/* start the logging with the configured logging methods + if no method is configured yet, logging is done to syslog */ +void log_startlogging(void); + +/* indicate that a session id should be included in the output + and set it to a new value */ +void log_newsession(void); + +/* indicate that we should clear any session identifiers set by + log_newsession */ +void log_clearsession(void); + +/* indicate that a request identifier should be included in the output + from this point on, until log_newsession() is called */ +void log_setrequest(const char *format, ...) + LIKE_PRINTF(1, 2); + +/* log the given message using the configured logging method */ +void log_log(int pri, const char *format, ...) + LIKE_PRINTF(2, 3); + +/* log the logging configuration on DEBUG loglevel */ +void log_log_config(void); + +#endif /* not NSLCD__LOG_H */ diff --git a/nslcd/myldap.c b/nslcd/myldap.c new file mode 100644 index 0000000..6b98a21 --- /dev/null +++ b/nslcd/myldap.c @@ -0,0 +1,2530 @@ +/* + myldap.c - simple interface to do LDAP requests + Parts of this file were part of the nss_ldap library (as ldap-nss.c) + which has been forked into the nss-pam-ldapd library. + + Copyright (C) 1997-2006 Luke Howard + Copyright (C) 2006-2007 West Consulting + Copyright (C) 2006-2017 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +/* + This library expects to use an LDAP library to provide the real + functionality and only provides a convenient wrapper. + Some pointers for more information on the LDAP API: + http://tools.ietf.org/id/draft-ietf-ldapext-ldap-c-api-05.txt + http://www.mozilla.org/directory/csdk-docs/function.htm + http://publib.boulder.ibm.com/infocenter/iseries/v5r3/topic/apis/dirserv1.htm + http://www.openldap.org/software/man.cgi?query=ldap +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#ifdef HAVE_LDAP_SSL_H +#include +#endif +#ifdef HAVE_GSSLDAP_H +#include +#endif +#ifdef HAVE_GSSSASL_H +#include +#endif +#ifdef HAVE_SASL_SASL_H +#include +#endif +#ifdef HAVE_SASL_H +#include +#endif +#include +#include +#include + +#include "myldap.h" +#include "common.h" +#include "log.h" +#include "cfg.h" +#include "common/set.h" +#include "compat/ldap_compat.h" +#include "attmap.h" + +/* the maximum number of searches per session */ +#define MAX_SEARCHES_IN_SESSION 4 + +/* the maximum number of dn's to log to the debug log for each search */ +#define MAX_DEBUG_LOG_DNS 10 + +/* a fake scope that is used to not perform an actual search but only + simulate the handling of the search (used for authentication) */ +#define MYLDAP_SCOPE_BINDONLY 0x1972 /* magic number: should never be a real scope */ + +/* This refers to a current LDAP session that contains the connection + information. */ +struct ldap_session { + /* the connection */ + LDAP *ld; + /* timestamp of last activity */ + time_t lastactivity; + /* index into uris: currently connected LDAP uri */ + int current_uri; + /* a list of searches registered with this session */ + struct myldap_search *searches[MAX_SEARCHES_IN_SESSION]; + /* the username to bind with */ + char binddn[BUFLEN_DN]; + /* the password to bind with if any */ + char bindpw[BUFLEN_PASSWORD]; + /* the authentication result (NSLCD_PAM_* code) */ + int policy_response; + /* the authentication message */ + char policy_message[BUFLEN_MESSAGE]; +}; + +/* A search description set as returned by myldap_search(). */ +struct myldap_search { + /* reference to the session */ + MYLDAP_SESSION *session; + /* indicator that the search is still valid */ + int valid; + /* the parameters descibing the search */ + const char *base; + int scope; + const char *filter; + char **attrs; + /* a pointer to the current result entry, used for + freeing resource allocated with that entry */ + MYLDAP_ENTRY *entry; + /* LDAP message id for the search, -1 indicates absense of an active search */ + int msgid; + /* the last result that was returned by ldap_result() */ + LDAPMessage *msg; + /* cookie for paged searches */ + struct berval *cookie; + /* to indicate that we can retry the search from myldap_get_entry() */ + int may_retry_search; + /* the number of resutls returned so far */ + int count; +}; + +/* The maximum number of calls to myldap_get_values() that may be + done per returned entry. */ +#define MAX_ATTRIBUTES_PER_ENTRY 16 + +/* The maximum number of buffers (used for ranged attribute values and + values returned by bervalues_to_values()) that may be stored per entry. */ +#define MAX_BUFFERS_PER_ENTRY 8 + +/* A single entry from the LDAP database as returned by + myldap_get_entry(). */ +struct myldap_entry { + /* reference to the search to be used to get parameters + (e.g. LDAP connection) for other calls */ + MYLDAP_SEARCH *search; + /* the DN */ + const char *dn; + /* a cached version of the exploded rdn */ + char **exploded_rdn; + /* a cache of attribute to value list */ + char **attributevalues[MAX_ATTRIBUTES_PER_ENTRY]; + /* a reference to buffers so we can free() them later on */ + char **buffers[MAX_BUFFERS_PER_ENTRY]; +}; + +/* Flag to record first search operation */ +int first_search = 1; + +static void myldap_err(int pri, LDAP *ld, int rc, const char *format, ...) +{ + char message[BUFLEN_MESSAGE]; + char *msg_ldap = NULL; + char *msg_diag = NULL; + char *msg_errno = NULL; + va_list ap; + /* make the message */ + va_start(ap, format); + vsnprintf(message, sizeof(message), format, ap); + message[sizeof(message) - 1] = '\0'; + va_end(ap); + /* get the various error message */ + if (rc != LDAP_SUCCESS) + { + msg_ldap = ldap_err2string(rc); + /* get the diagnostic information */ +#ifdef LDAP_OPT_DIAGNOSTIC_MESSAGE + if (ld != NULL) + ldap_get_option(ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, &msg_diag); +#endif /* LDAP_OPT_DIAGNOSTIC_MESSAGE */ + } + if (errno != 0) + msg_errno = strerror(errno); + /* log the message */ + log_log(pri, "%s%s%s%s%s%s%s", message, + (msg_ldap == NULL) ? "" : ": ", (msg_ldap == NULL) ? "" : msg_ldap, + (msg_diag == NULL) ? "" : ": ", (msg_diag == NULL) ? "" : msg_diag, + (msg_errno == NULL) ? "" : ": ", (msg_errno == NULL) ? "" : msg_errno); + /* free diagnostic message */ + if (msg_diag != NULL) + ldap_memfree(msg_diag); +} + +static MYLDAP_ENTRY *myldap_entry_new(MYLDAP_SEARCH *search) +{ + MYLDAP_ENTRY *entry; + int i; + /* Note: as an alternative we could embed the myldap_entry into the + myldap_search struct to save on malloc() and free() calls. */ + /* allocate new entry */ + entry = (MYLDAP_ENTRY *)malloc(sizeof(struct myldap_entry)); + if (entry == NULL) + { + log_log(LOG_CRIT, "myldap_entry_new(): malloc() failed to allocate memory"); + exit(EXIT_FAILURE); + } + /* fill in fields */ + entry->search = search; + entry->dn = NULL; + entry->exploded_rdn = NULL; + for (i = 0; i < MAX_ATTRIBUTES_PER_ENTRY; i++) + entry->attributevalues[i] = NULL; + for (i = 0; i < MAX_BUFFERS_PER_ENTRY; i++) + entry->buffers[i] = NULL; + /* return the fresh entry */ + return entry; +} + +static void myldap_entry_free(MYLDAP_ENTRY *entry) +{ + int i; + /* free the DN */ + if (entry->dn != NULL) + ldap_memfree((char *)entry->dn); + /* free the exploded RDN */ + if (entry->exploded_rdn != NULL) + ldap_value_free(entry->exploded_rdn); + /* free all attribute values */ + for (i = 0; i < MAX_ATTRIBUTES_PER_ENTRY; i++) + if (entry->attributevalues[i] != NULL) + ldap_value_free(entry->attributevalues[i]); + /* free all buffers */ + for (i = 0; i < MAX_BUFFERS_PER_ENTRY; i++) + if (entry->buffers[i] != NULL) + free(entry->buffers[i]); + /* we don't need the result anymore, ditch it. */ + ldap_msgfree(entry->search->msg); + entry->search->msg = NULL; + /* free the actual memory for the struct */ + free(entry); +} + +static MYLDAP_SEARCH *myldap_search_new(MYLDAP_SESSION *session, + const char *base, int scope, + const char *filter, + const char **attrs) +{ + char *buffer; + MYLDAP_SEARCH *search; + int i; + size_t sz; + /* figure out size for new memory block to allocate + this has the advantage that we can free the whole lot with one call */ + sz = sizeof(struct myldap_search); + sz += strlen(base) + 1 + strlen(filter) + 1; + for (i = 0; attrs[i] != NULL; i++) + sz += strlen(attrs[i]) + 1; + sz += (i + 1) * sizeof(char *); + /* allocate new results memory region */ + buffer = (char *)malloc(sz); + if (buffer == NULL) + { + log_log(LOG_CRIT, "myldap_search_new(): malloc() failed to allocate memory"); + exit(EXIT_FAILURE); + } + /* initialize struct */ + search = (MYLDAP_SEARCH *)(void *)(buffer); + buffer += sizeof(struct myldap_search); + /* save pointer to session */ + search->session = session; + /* flag as valid search */ + search->valid = 1; + /* initialize array of attributes */ + search->attrs = (char **)(void *)buffer; + buffer += (i + 1) * sizeof(char *); + /* copy base */ + strcpy(buffer, base); + search->base = buffer; + buffer += strlen(base) + 1; + /* just plainly store scope */ + search->scope = scope; + /* copy filter */ + strcpy(buffer, filter); + search->filter = buffer; + buffer += strlen(filter) + 1; + /* copy attributes themselves */ + for (i = 0; attrs[i] != NULL; i++) + { + strcpy(buffer, attrs[i]); + search->attrs[i] = buffer; + buffer += strlen(attrs[i]) + 1; + } + search->attrs[i] = NULL; + /* initialize context */ + search->cookie = NULL; + search->msg = NULL; + search->msgid = -1; + search->may_retry_search = 1; + /* clear result entry */ + search->entry = NULL; + search->count = 0; + /* return the new search struct */ + return search; +} + +static MYLDAP_SESSION *myldap_session_new(void) +{ + MYLDAP_SESSION *session; + int i; + /* allocate memory for the session storage */ + session = (struct ldap_session *)malloc(sizeof(struct ldap_session)); + if (session == NULL) + { + log_log(LOG_CRIT, "myldap_session_new(): malloc() failed to allocate memory"); + exit(EXIT_FAILURE); + } + /* initialize the session */ + session->ld = NULL; + session->lastactivity = 0; + session->current_uri = 0; + for (i = 0; i < MAX_SEARCHES_IN_SESSION; i++) + session->searches[i] = NULL; + session->binddn[0] = '\0'; + memset(session->bindpw, 0, sizeof(session->bindpw)); + session->bindpw[0] = '\0'; + session->policy_response = NSLCD_PAM_SUCCESS; + session->policy_message[0] = '\0'; + /* return the new session */ + return session; +} + +PURE static inline int is_valid_entry(MYLDAP_ENTRY *entry) +{ + return (entry != NULL) && (entry->search != NULL) && + (entry->search->session != NULL) && (entry->search->session->ld != NULL) && + (entry->search->msg != NULL); +} + +#ifdef HAVE_SASL_INTERACT_T +/* this is registered with ldap_sasl_interactive_bind_s() in do_bind() */ +static int do_sasl_interact(LDAP UNUSED(*ld), unsigned UNUSED(flags), + void *defaults, void *_interact) +{ + struct ldap_config *cfg = defaults; + sasl_interact_t *interact = _interact; + while (interact->id != SASL_CB_LIST_END) + { + switch (interact->id) + { + case SASL_CB_GETREALM: + if (cfg->sasl_realm) + { + log_log(LOG_DEBUG, "do_sasl_interact(): returning sasl_realm \"%s\"", + cfg->sasl_realm); + interact->result = cfg->sasl_realm; + interact->len = strlen(cfg->sasl_realm); + } + else + log_log(LOG_DEBUG, "do_sasl_interact(): were asked for sasl_realm but we don't have any"); + break; + case SASL_CB_AUTHNAME: + if (cfg->sasl_authcid) + { + log_log(LOG_DEBUG, "do_sasl_interact(): returning sasl_authcid \"%s\"", + cfg->sasl_authcid); + interact->result = cfg->sasl_authcid; + interact->len = strlen(cfg->sasl_authcid); + } + else + log_log(LOG_DEBUG, "do_sasl_interact(): were asked for sasl_authcid but we don't have any"); + break; + case SASL_CB_USER: + if (cfg->sasl_authzid) + { + log_log(LOG_DEBUG, "do_sasl_interact(): returning sasl_authzid \"%s\"", + cfg->sasl_authzid); + interact->result = cfg->sasl_authzid; + interact->len = strlen(cfg->sasl_authzid); + } + else + log_log(LOG_DEBUG, "do_sasl_interact(): were asked for sasl_authzid but we don't have any"); + break; + case SASL_CB_PASS: + if (cfg->bindpw) + { + log_log(LOG_DEBUG, "do_sasl_interact(): returning bindpw \"***\""); + interact->result = cfg->bindpw; + interact->len = strlen(cfg->bindpw); + } + else + log_log(LOG_DEBUG, "do_sasl_interact(): were asked for bindpw but we don't have any"); + break; + default: + /* just ignore */ + break; + } + interact++; + } + return LDAP_SUCCESS; +} +#endif /* HAVE_SASL_INTERACT_T */ + +#define LDAP_SET_OPTION(ld, option, invalue) \ + rc = ldap_set_option(ld, option, invalue); \ + if (rc != LDAP_SUCCESS) \ + { \ + myldap_err(LOG_ERR, ld, rc, "ldap_set_option(" #option ") failed"); \ + return rc; \ + } + +#if defined(HAVE_LDAP_SASL_BIND) && defined(LDAP_SASL_SIMPLE) +static void print_ppolicy_expiry(MYLDAP_SESSION *session, unsigned int sec) +{ + unsigned int days = 0; + unsigned int hours = 0; + unsigned int minutes = 0; + /* return this warning so PAM can present it to the user */ + if (strlen(session->policy_message) != 0) + return; + if (sec > 24 * 3600) + { + days = sec / (24 * 3600); + sec -= days * 24 * 3600; + } + if (sec > 3600) + { + hours = sec / 3600; + sec -= (hours * 3600); + } + if (sec > 60) + { + minutes = sec / 60; + sec -= minutes * 60; + } + if (days > 1) + mysnprintf(session->policy_message, sizeof(session->policy_message), + "Password will expires in %u days", days); + else if (days > 0) + mysnprintf(session->policy_message, sizeof(session->policy_message), + "Password will expires in %u hours", hours + 24); + else if (hours > 1) + { + if (minutes > 1) + mysnprintf(session->policy_message, sizeof(session->policy_message), + "Password will expires in %u hours and %u minutes", + hours, minutes); + else + mysnprintf(session->policy_message, sizeof(session->policy_message), + "Password will expires in %u hours", hours); + } + else if (hours > 0) + mysnprintf(session->policy_message, sizeof(session->policy_message), + "Password will expires in %u minutes", minutes + 60); + else if (minutes > 1) + { + if (sec > 1) + mysnprintf(session->policy_message, sizeof(session->policy_message), + "Password will expires in %u minutes and %u seconds", + minutes, sec); + else + mysnprintf(session->policy_message, sizeof(session->policy_message), + "Password will expires in %u minutes", minutes); + } + else + mysnprintf(session->policy_message, sizeof(session->policy_message), + "Password will expires in %u seconds", sec); +} + +static void handle_ppolicy_controls(MYLDAP_SESSION *session, LDAP *ld, LDAPControl **ctrls) +{ + int i; + int rc; + /* clear policy response information in session */ + session->policy_response = NSLCD_PAM_SUCCESS; + strncpy(session->policy_message, "", sizeof(session->policy_message)); + for (i = 0; ctrls[i] != NULL; i++) + { + if (strcmp(ctrls[i]->ldctl_oid, LDAP_CONTROL_PWEXPIRED) == 0) + { + /* check for expired control: force the user to change their password */ + log_log(LOG_DEBUG, "got LDAP_CONTROL_PWEXPIRED (password expired, user should change)"); + if (session->policy_response == NSLCD_PAM_SUCCESS) + session->policy_response = NSLCD_PAM_NEW_AUTHTOK_REQD; + } + else if (strcmp(ctrls[i]->ldctl_oid, LDAP_CONTROL_PWEXPIRING) == 0) + { + /* check for password expiration warning control: the password is about + to expire (returns the number of seconds remaining until the password + expires) */ + char seconds[32]; + long int sec; + mysnprintf(seconds, sizeof(seconds), "%.*s", (int)ctrls[i]->ldctl_value.bv_len, + ctrls[i]->ldctl_value.bv_val); + sec = atol(seconds); + log_log(LOG_DEBUG, "got LDAP_CONTROL_PWEXPIRING (password will expire in %ld seconds)", + sec); + print_ppolicy_expiry(session, (unsigned int)sec); + } + else if (strcmp(ctrls[i]->ldctl_oid, LDAP_CONTROL_PASSWORDPOLICYRESPONSE) == 0) + { + /* check for password policy control */ + int expire = 0, grace = 0; + LDAPPasswordPolicyError error = -1; + rc = ldap_parse_passwordpolicy_control(ld, ctrls[i], &expire, &grace, &error); + if (rc != LDAP_SUCCESS) + myldap_err(LOG_WARNING, ld, rc, "ldap_parse_passwordpolicy_control() failed (ignored)"); + else + { + /* log returned control information */ + log_log(LOG_DEBUG, "got LDAP_CONTROL_PASSWORDPOLICYRESPONSE (%s)", + ldap_passwordpolicy_err2txt(error)); + if (expire >= 0) + log_log(LOG_DEBUG, "got LDAP_CONTROL_PASSWORDPOLICYRESPONSE (password will expire in %d seconds)", + expire); + if (grace >= 0) + log_log(LOG_DEBUG, "got LDAP_CONTROL_PASSWORDPOLICYRESPONSE (%d grace logins left)", + grace); + /* return this information to PAM */ + if ((error == PP_passwordExpired) && + ((session->policy_response == NSLCD_PAM_SUCCESS) || + (session->policy_response == NSLCD_PAM_NEW_AUTHTOK_REQD))) + { + /* this means that the password has expired and must be reset */ + session->policy_response = NSLCD_PAM_NEW_AUTHTOK_REQD; + mysnprintf(session->policy_message, sizeof(session->policy_message), + "%s", ldap_passwordpolicy_err2txt(error)); + } + else if ((error == PP_accountLocked) && + ((session->policy_response == NSLCD_PAM_SUCCESS) || + (session->policy_response == NSLCD_PAM_NEW_AUTHTOK_REQD))) + { + /* this means that the account is locked and the user cannot log + in (the bind probably failed already) */ + session->policy_response = NSLCD_PAM_ACCT_EXPIRED; + mysnprintf(session->policy_message, sizeof(session->policy_message), + "%s", ldap_passwordpolicy_err2txt(error)); + } + else if ((error == PP_changeAfterReset) && + (session->policy_response == NSLCD_PAM_SUCCESS)) + { + /* this indicates that the password must be changed before the + user is allowed to perform any other operation */ + session->policy_response = NSLCD_PAM_NEW_AUTHTOK_REQD; + mysnprintf(session->policy_message, sizeof(session->policy_message), + "%s", ldap_passwordpolicy_err2txt(error)); + } + else if ((error != PP_noError) && + ((session->policy_response == NSLCD_PAM_SUCCESS) || + (session->policy_response == NSLCD_PAM_NEW_AUTHTOK_REQD))) + { + /* any other error is assumed to mean that the operation failed */ + session->policy_response = NSLCD_PAM_PERM_DENIED; + mysnprintf(session->policy_message, sizeof(session->policy_message), + "%s", ldap_passwordpolicy_err2txt(error)); + } + /* both expire and grace should just be warnings to the user */ + if ((expire >= 0) && (strlen(session->policy_message) == 0)) + { + /* if no other error has happened, this indicates that the password + will soon expire (number of seconds) */ + print_ppolicy_expiry(session, (unsigned int)expire); + } + else if ((grace >= 0) && (strlen(session->policy_message) == 0)) + { + /* this indicates the number of grace logins that are left before + no further login attempts will be allowed */ + mysnprintf(session->policy_message, sizeof(session->policy_message), + "Password expired, %d grace logins left", grace); + } + } + } + /* ignore any other controls */ + } +} + +static int do_ppolicy_bind(MYLDAP_SESSION *session, LDAP *ld, const char *uri) +{ + int rc, parserc; + struct berval cred; + LDAPControl passwd_policy_req; + LDAPControl *requestctrls[2]; + LDAPControl **responsectrls; + int msgid; + struct timeval timeout; + LDAPMessage *result; + /* build policy request if pam_authc_ppolicy is set */ + if (nslcd_cfg->pam_authc_ppolicy) + { + passwd_policy_req.ldctl_oid = LDAP_CONTROL_PASSWORDPOLICYREQUEST; + passwd_policy_req.ldctl_value.bv_val = NULL; /* none */ + passwd_policy_req.ldctl_value.bv_len = 0; + passwd_policy_req.ldctl_iscritical = 0; /* not critical */ + requestctrls[0] = &passwd_policy_req; + } + else + requestctrls[0] = NULL; + requestctrls[1] = NULL; + /* build password berval */ + cred.bv_val = (char *)session->bindpw; + cred.bv_len = strlen(session->bindpw); + /* do a SASL simple bind with the binddn and bindpw */ + log_log(LOG_DEBUG, "ldap_sasl_bind(\"%s\",%s) (uri=\"%s\") (ppolicy=%s)", + session->binddn, (session->bindpw[0] != '\0') ? "\"***\"" : "\"\"", + uri, (requestctrls[0] == NULL) ? "no" : "yes"); + rc = ldap_sasl_bind(ld, session->binddn, LDAP_SASL_SIMPLE, &cred, requestctrls, NULL, &msgid); + if (rc != LDAP_SUCCESS) + return rc; + if (msgid == -1) + { + myldap_err(LOG_WARNING, ld, rc,"ldap_sasl_bind() failed (msgid=-1, uri=%s)", uri); + return LDAP_OPERATIONS_ERROR; + } + /* get the result from the bind operation */ + timeout.tv_sec = nslcd_cfg->bind_timelimit; + timeout.tv_usec = 0; + result = NULL; + rc = ldap_result(ld, msgid, LDAP_MSG_ALL, &timeout, &result); + if (rc == -1) /* some error */ + { + if (ldap_get_option(ld, LDAP_OPT_ERROR_NUMBER, &rc) != LDAP_SUCCESS) + rc = LDAP_UNAVAILABLE; + myldap_err(LOG_ERR, ld, rc, "ldap_result() failed"); + if (result != NULL) + ldap_msgfree(result); + return LDAP_LOCAL_ERROR; + } + if (rc == 0) /* the timeout expired */ + { + log_log(LOG_ERR, "ldap_result() timed out"); + if (result != NULL) + ldap_msgfree(result); + return LDAP_TIMEOUT; + } + responsectrls = NULL; + /* ignore any response controls unless we're interested in ppolicy */ + if (nslcd_cfg->pam_authc_ppolicy) + { + /* parse the result from the bind operation (frees result, gets controls) */ + parserc = ldap_parse_result(ld, result, &rc, NULL, NULL, NULL, &responsectrls, 1); + if (parserc != LDAP_SUCCESS) + { + myldap_err(LOG_ERR, ld, parserc, "ldap_parse_result() failed"); + if (responsectrls != NULL) + ldap_controls_free(responsectrls); + return parserc; + } + /* handle any returned controls */ + if (responsectrls != NULL) + { + handle_ppolicy_controls(session, ld, responsectrls); + ldap_controls_free(responsectrls); + } + } + /* return the result of the BIND operation */ + if (rc != LDAP_SUCCESS) + { + myldap_err(LOG_DEBUG, ld, rc, "ldap_parse_result() result"); + return rc; + } + /* check the returned controls */ + return LDAP_SUCCESS; +} +#endif /* no SASL, so no ppolicy */ + +/* This function performs the authentication phase of opening a connection. + The binddn and bindpw parameters may be used to override the authentication + mechanism defined in the configuration. This returns an LDAP result + code. */ +static int do_bind(MYLDAP_SESSION *session, LDAP *ld, const char *uri) +{ + int rc; +#ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S +#ifndef HAVE_SASL_INTERACT_T + struct berval cred; +#endif /* not HAVE_SASL_INTERACT_T */ +#endif /* HAVE_LDAP_SASL_INTERACTIVE_BIND_S */ +#ifdef LDAP_OPT_X_TLS + /* check if StartTLS is requested */ + if (nslcd_cfg->ssl == SSL_START_TLS) + { + log_log(LOG_DEBUG, "ldap_start_tls_s()"); + errno = 0; + rc = ldap_start_tls_s(ld, NULL, NULL); + if (rc != LDAP_SUCCESS) + { + myldap_err(LOG_WARNING, ld, rc, "ldap_start_tls_s() failed (uri=%s)", + uri); + return rc; + } + } +#endif /* LDAP_OPT_X_TLS */ + /* check if the binddn and bindpw are overwritten in the session */ + if (session->binddn[0] != '\0') + { +#if defined(HAVE_LDAP_SASL_BIND) && defined(LDAP_SASL_SIMPLE) + return do_ppolicy_bind(session, ld, uri); +#else /* no SASL, so no ppolicy */ + /* do a simple bind */ + log_log(LOG_DEBUG, "ldap_simple_bind_s(\"%s\",%s) (uri=\"%s\")", + session->binddn, + (session->bindpw[0] != '\0') ? "\"***\"" : "\"\"", + uri); + return ldap_simple_bind_s(ld, session->binddn, session->bindpw); +#endif + } + /* perform SASL bind if requested and available on platform */ +#ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S + /* TODO: store this information in the session */ + if (nslcd_cfg->sasl_mech != NULL) + { + /* do a SASL bind */ + if (nslcd_cfg->sasl_secprops != NULL) + { + log_log(LOG_DEBUG, "ldap_set_option(LDAP_OPT_X_SASL_SECPROPS,\"%s\")", + nslcd_cfg->sasl_secprops); + LDAP_SET_OPTION(ld, LDAP_OPT_X_SASL_SECPROPS, (void *)nslcd_cfg->sasl_secprops); + } +#ifdef HAVE_SASL_INTERACT_T + if (nslcd_cfg->binddn != NULL) + log_log(LOG_DEBUG, "ldap_sasl_interactive_bind_s(\"%s\",\"%s\") (uri=\"%s\")", + nslcd_cfg->binddn, nslcd_cfg->sasl_mech, uri); + else + log_log(LOG_DEBUG, "ldap_sasl_interactive_bind_s(NULL,\"%s\") (uri=\"%s\")", + nslcd_cfg->sasl_mech, uri); + return ldap_sasl_interactive_bind_s(ld, nslcd_cfg->binddn, + nslcd_cfg->sasl_mech, NULL, NULL, + LDAP_SASL_QUIET, do_sasl_interact, + (void *)nslcd_cfg); +#else /* HAVE_SASL_INTERACT_T */ + if (nslcd_cfg->bindpw != NULL) + { + cred.bv_val = nslcd_cfg->bindpw; + cred.bv_len = strlen(nslcd_cfg->bindpw); + } + else + { + cred.bv_val = ""; + cred.bv_len = 0; + } + if (nslcd_cfg->binddn != NULL) + log_log(LOG_DEBUG, "ldap_sasl_bind_s(\"%s\",\"%s\",%s) (uri=\"%s\")", + nslcd_cfg->binddn, nslcd_cfg->sasl_mech, + nslcd_cfg->bindpw ? "\"***\"" : "NULL", uri); + else + log_log(LOG_DEBUG, "ldap_sasl_bind_s(NULL,\"%s\",%s) (uri=\"%s\")", + nslcd_cfg->sasl_mech, + nslcd_cfg->bindpw ? "\"***\"" : "NULL", uri); + return ldap_sasl_bind_s(ld, nslcd_cfg->binddn, + nslcd_cfg->sasl_mech, &cred, NULL, NULL, NULL); +#endif /* not HAVE_SASL_INTERACT_T */ + } +#endif /* HAVE_LDAP_SASL_INTERACTIVE_BIND_S */ + /* do a simple bind */ + if (nslcd_cfg->binddn) + log_log(LOG_DEBUG, "ldap_simple_bind_s(\"%s\",%s) (uri=\"%s\")", + nslcd_cfg->binddn, nslcd_cfg->bindpw ? "\"***\"" : "NULL", + uri); + else + log_log(LOG_DEBUG, "ldap_simple_bind_s(NULL,%s) (uri=\"%s\")", + nslcd_cfg->bindpw ? "\"***\"" : "NULL", uri); + return ldap_simple_bind_s(ld, nslcd_cfg->binddn, nslcd_cfg->bindpw); +} + +#ifdef HAVE_LDAP_SET_REBIND_PROC +/* This function is called by the LDAP library when chasing referrals. + It is configured with the ldap_set_rebind_proc() below. */ +#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) +static int do_rebind(LDAP *ld, LDAP_CONST char *url, + ber_tag_t UNUSED(request), + ber_int_t UNUSED(msgid), void *arg) +{ + MYLDAP_SESSION *session = (MYLDAP_SESSION *)arg; + log_log(LOG_DEBUG, "rebinding to %s", url); + return do_bind(session, ld, url); +} +#else /* not recent OpenLDAP */ +static int do_rebind(LDAP *ld, char **dnp, char **passwdp, int *authmethodp, + int freeit, void *arg) +{ + MYLDAP_SESSION *session = (MYLDAP_SESSION *)arg; + if (freeit) + { + free(*dnp); + memset(*passwdp, 0, strlen(*passwdp)); + free(*passwdp); + } + else + { + log_log(LOG_DEBUG, "rebinding"); + *dnp = strdup(session->binddn); + *passwdp = strdup(session->bindpw); + *authmethodp = LDAP_AUTH_SIMPLE; + if ((*dnp == NULL) || (*passwdp == NULL)) + { + if (*dnp != NULL) + free(*dnp); + log_log(LOG_CRIT, "do_rebind(): strdup() failed to allocate memory"); + return LDAP_NO_MEMORY; + } + } + return LDAP_SUCCESS; +} +#endif /* not recent OpenLDAP */ +#endif /* HAVE_LDAP_SET_REBIND_PROC */ + +/* set a recieve and send timeout on a socket */ +static int set_socket_timeout(LDAP *ld, time_t sec, suseconds_t usec) +{ + struct timeval tv; + int rc = LDAP_SUCCESS; + int sd; + log_log(LOG_DEBUG, "set_socket_timeout(%lu,%lu)", + (unsigned long)sec, (unsigned long)usec); + /* get the socket */ + if ((rc = ldap_get_option(ld, LDAP_OPT_DESC, &sd)) != LDAP_SUCCESS) + { + myldap_err(LOG_ERR, ld, rc, "ldap_get_option(LDAP_OPT_DESC) failed"); + return rc; + } + /* ignore invalid (probably closed) file descriptors */ + if (sd <= 0) + return LDAP_SUCCESS; + /* set timeouts */ + memset(&tv, 0, sizeof(tv)); + tv.tv_sec = sec; + tv.tv_usec = usec; + if (setsockopt(sd, SOL_SOCKET, SO_RCVTIMEO, (void *)&tv, sizeof(tv))) + { + log_log(LOG_ERR, "setsockopt(%d,SO_RCVTIMEO) failed: %s", + sd, strerror(errno)); + rc = LDAP_LOCAL_ERROR; + } + if (setsockopt(sd, SOL_SOCKET, SO_SNDTIMEO, (void *)&tv, sizeof(tv))) + { + log_log(LOG_ERR, "setsockopt(%d,SO_RCVTIMEO) failed: %s", + sd, strerror(errno)); + rc = LDAP_LOCAL_ERROR; + } + return rc; +} + +#ifdef LDAP_OPT_CONNECT_CB +/* This function is called by the LDAP library once a connection was made to the server. We + set a timeout on the socket here, to catch network timeouts during the ssl + handshake phase. It is configured with LDAP_OPT_CONNECT_CB. */ +static int connect_cb(LDAP *ld, Sockbuf UNUSED(*sb), + LDAPURLDesc UNUSED(*srv), struct sockaddr UNUSED(*addr), + struct ldap_conncb UNUSED(*ctx)) +{ + /* set timeout options on socket to avoid hang in some cases (a little + more than the normal timeout so this should only be triggered in cases + where the library behaves incorrectly) */ + if (nslcd_cfg->timelimit) + set_socket_timeout(ld, nslcd_cfg->timelimit, 500000); + return LDAP_SUCCESS; +} + +/* We have an empty disconnect callback because LDAP_OPT_CONNECT_CB expects + both functions to be available. */ +static void disconnect_cb(LDAP UNUSED(*ld), Sockbuf UNUSED(*sb), + struct ldap_conncb UNUSED(*ctx)) +{ +} +#endif /* LDAP_OPT_CONNECT_CB */ + +/* This function sets a number of properties on the connection, based + what is configured in the configfile. This function returns an + LDAP status code. */ +static int do_set_options(MYLDAP_SESSION *session) +{ + int rc; + struct timeval tv; +#ifdef LDAP_OPT_CONNECT_CB + /* make this static because OpenLDAP doesn't make its own copy */ + static struct ldap_conncb cb; +#endif /* LDAP_OPT_CONNECT_CB */ +#ifdef LDAP_OPT_X_TLS + int i; +#endif /* LDAP_OPT_X_TLS */ +#ifdef HAVE_LDAP_SET_REBIND_PROC + /* the rebind function that is called when chasing referrals, see + http://publib.boulder.ibm.com/infocenter/iseries/v5r3/topic/apis/ldap_set_rebind_proc.htm + http://www.openldap.org/software/man.cgi?query=ldap_set_rebind_proc&manpath=OpenLDAP+2.4-Release */ + /* TODO: probably only set this if we should chase referrals */ + log_log(LOG_DEBUG, "ldap_set_rebind_proc()"); +#ifndef LDAP_SET_REBIND_PROC_RETURNS_VOID /* it returns int */ + rc = ldap_set_rebind_proc(session->ld, do_rebind, session); + if (rc != LDAP_SUCCESS) + { + myldap_err(LOG_ERR, session->ld, rc, "ldap_set_rebind_proc() failed"); + return rc; + } +#else /* ldap_set_rebind_proc() returns void */ + ldap_set_rebind_proc(session->ld, do_rebind, session); +#endif +#endif /* HAVE_LDAP_SET_REBIND_PROC */ + /* set the protocol version to use */ + log_log(LOG_DEBUG, "ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,%d)", + nslcd_cfg->ldap_version); + LDAP_SET_OPTION(session->ld, LDAP_OPT_PROTOCOL_VERSION, + &nslcd_cfg->ldap_version); + /* set some other options */ + log_log(LOG_DEBUG, "ldap_set_option(LDAP_OPT_DEREF,%d)", + nslcd_cfg->deref); + LDAP_SET_OPTION(session->ld, LDAP_OPT_DEREF, &nslcd_cfg->deref); + log_log(LOG_DEBUG, "ldap_set_option(LDAP_OPT_TIMELIMIT,%d)", + nslcd_cfg->timelimit); + LDAP_SET_OPTION(session->ld, LDAP_OPT_TIMELIMIT, &nslcd_cfg->timelimit); + tv.tv_sec = nslcd_cfg->bind_timelimit; + tv.tv_usec = 0; +#ifdef LDAP_OPT_TIMEOUT + log_log(LOG_DEBUG, "ldap_set_option(LDAP_OPT_TIMEOUT,%d)", + nslcd_cfg->timelimit); + LDAP_SET_OPTION(session->ld, LDAP_OPT_TIMEOUT, &tv); +#endif /* LDAP_OPT_TIMEOUT */ +#ifdef LDAP_OPT_NETWORK_TIMEOUT + log_log(LOG_DEBUG, "ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,%d)", + nslcd_cfg->timelimit); + LDAP_SET_OPTION(session->ld, LDAP_OPT_NETWORK_TIMEOUT, &tv); +#endif /* LDAP_OPT_NETWORK_TIMEOUT */ +#ifdef LDAP_X_OPT_CONNECT_TIMEOUT + log_log(LOG_DEBUG, "ldap_set_option(LDAP_X_OPT_CONNECT_TIMEOUT,%d)", + nslcd_cfg->timelimit); + LDAP_SET_OPTION(session->ld, LDAP_X_OPT_CONNECT_TIMEOUT, &tv); +#endif /* LDAP_X_OPT_CONNECT_TIMEOUT */ + log_log(LOG_DEBUG, "ldap_set_option(LDAP_OPT_REFERRALS,%s)", + nslcd_cfg->referrals ? "LDAP_OPT_ON" : "LDAP_OPT_OFF"); + LDAP_SET_OPTION(session->ld, LDAP_OPT_REFERRALS, + nslcd_cfg->referrals ? LDAP_OPT_ON : LDAP_OPT_OFF); + log_log(LOG_DEBUG, "ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)"); + LDAP_SET_OPTION(session->ld, LDAP_OPT_RESTART, LDAP_OPT_ON); +#ifdef LDAP_OPT_CONNECT_CB + /* register a connection callback */ + cb.lc_add = connect_cb; + cb.lc_del = disconnect_cb; + cb.lc_arg = NULL; + LDAP_SET_OPTION(session->ld, LDAP_OPT_CONNECT_CB, (void *)&cb); +#endif /* LDAP_OPT_CONNECT_CB */ +#ifdef LDAP_OPT_X_TLS + /* if SSL is desired, then enable it */ + if ((nslcd_cfg->ssl == SSL_LDAPS) || + (strncasecmp(nslcd_cfg->uris[session->current_uri].uri, "ldaps://", 8) == 0)) + { + /* use tls */ + i = LDAP_OPT_X_TLS_HARD; + log_log(LOG_DEBUG, "ldap_set_option(LDAP_OPT_X_TLS,LDAP_OPT_X_TLS_HARD)"); + LDAP_SET_OPTION(session->ld, LDAP_OPT_X_TLS, &i); + } +#endif /* LDAP_OPT_X_TLS */ +#ifdef LDAP_OPT_X_SASL_NOCANON + if (nslcd_cfg->sasl_canonicalize >= 0) + { + log_log(LOG_DEBUG, "ldap_set_option(LDAP_OPT_X_SASL_NOCANON,%s)", + nslcd_cfg->sasl_canonicalize ? "LDAP_OPT_OFF" : "LDAP_OPT_ON"); + LDAP_SET_OPTION(session->ld, LDAP_OPT_X_SASL_NOCANON, + nslcd_cfg->sasl_canonicalize ? LDAP_OPT_OFF : LDAP_OPT_ON); + } +#endif /* LDAP_OPT_X_SASL_NOCANON */ + /* if nothing above failed, everything should be fine */ + return LDAP_SUCCESS; +} + +/* close the connection to the server and invalidate any running searches */ +static void do_close(MYLDAP_SESSION *session) +{ + int i; + int rc; + time_t sec; + /* if we had reachability problems with the server close the connection */ + if (session->ld != NULL) + { + /* set timeout options on socket to avoid hang in some cases + (we set a short timeout because we don't care too much about properly + shutting down the connection) */ + if (nslcd_cfg->timelimit) + { + sec = nslcd_cfg->timelimit / 2; + if (!sec) + sec = 1; + set_socket_timeout(session->ld, sec, 0); + } + /* go over the other searches and partially close them */ + for (i = 0; i < MAX_SEARCHES_IN_SESSION; i++) + { + if (session->searches[i] != NULL) + { + /* free any messages (because later ld is no longer valid) */ + if (session->searches[i]->msg != NULL) + { + ldap_msgfree(session->searches[i]->msg); + session->searches[i]->msg = NULL; + } + /* abandon the search if there were more results to fetch */ + if (session->searches[i]->msgid != -1) + { + log_log(LOG_DEBUG, "ldap_abandon()"); + if (ldap_abandon(session->searches[i]->session->ld, session->searches[i]->msgid)) + { + if (ldap_get_option(session->ld, LDAP_OPT_ERROR_NUMBER, &rc) != LDAP_SUCCESS) + rc = LDAP_OTHER; + myldap_err(LOG_WARNING, session->ld, rc, + "ldap_abandon() failed to abandon search"); + } + session->searches[i]->msgid = -1; + } + /* flag the search as invalid */ + session->searches[i]->valid = 0; + } + } + /* close the connection to the server */ + log_log(LOG_DEBUG, "ldap_unbind()"); + rc = ldap_unbind(session->ld); + session->ld = NULL; + if (rc != LDAP_SUCCESS) + myldap_err(LOG_WARNING, session->ld, rc, "ldap_unbind() failed"); + } +} + +void myldap_session_check(MYLDAP_SESSION *session) +{ + int i; + time_t current_time; + int sd; + int rc; + struct sockaddr sa; + socklen_t salen = sizeof(sa); + /* check parameters */ + if (session == NULL) + { + log_log(LOG_ERR, "myldap_session_check(): invalid parameter passed"); + errno = EINVAL; + return; + } + if (session->ld != NULL) + { + rc = ldap_get_option(session->ld, LDAP_OPT_DESC, &sd); + if (rc != LDAP_SUCCESS) + { + myldap_err(LOG_WARNING, session->ld, rc, + "ldap_get_option(LDAP_OPT_DESC) failed (ignored)"); + } + else + { + /* check if the connection was closed by the peer */ + if (getpeername(sd, &sa, &salen) == -1) + { + if (errno == ENOTCONN) + { + log_log(LOG_DEBUG, "myldap_session_check(): connection reset by peer"); + do_close(session); + return; + } + } + } + /* check if we should time out the connection */ + if (nslcd_cfg->idle_timelimit > 0) + { + /* if we have any running searches, don't time out */ + for (i = 0; i < MAX_SEARCHES_IN_SESSION; i++) + if ((session->searches[i] != NULL) && (session->searches[i]->valid)) + return; + /* consider timeout (there are no running searches) */ + time(¤t_time); + if ((session->lastactivity + nslcd_cfg->idle_timelimit) < current_time) + { + log_log(LOG_DEBUG, "myldap_session_check(): idle_timelimit reached"); + do_close(session); + } + } + } +} + +/* This opens connection to an LDAP server, sets all connection options + and binds to the server. This returns an LDAP status code. */ +static int do_open(MYLDAP_SESSION *session) +{ + int rc; + /* if the connection is still there (ie. ldap_unbind() wasn't + called) then we can return the cached connection */ + if (session->ld != NULL) + return LDAP_SUCCESS; + /* we should build a new session now */ + session->ld = NULL; + session->lastactivity = 0; + /* open the connection */ + log_log(LOG_DEBUG, "ldap_initialize(%s)", + nslcd_cfg->uris[session->current_uri].uri); + errno = 0; + rc = ldap_initialize(&(session->ld), nslcd_cfg->uris[session->current_uri].uri); + if (rc != LDAP_SUCCESS) + { + myldap_err(LOG_WARNING, session->ld, rc, "ldap_initialize(%s) failed", + nslcd_cfg->uris[session->current_uri].uri); + if (session->ld != NULL) + do_close(session); + return rc; + } + else if (session->ld == NULL) + { + log_log(LOG_WARNING, "ldap_initialize() returned NULL"); + return LDAP_LOCAL_ERROR; + } + /* set the options for the connection */ + rc = do_set_options(session); + if (rc != LDAP_SUCCESS) + { + do_close(session); + return rc; + } + /* bind to the server */ + errno = 0; + rc = do_bind(session, session->ld, nslcd_cfg->uris[session->current_uri].uri); + if (rc != LDAP_SUCCESS) + { + /* log actual LDAP error code */ + myldap_err((session->binddn[0] == '\0') ? LOG_WARNING : LOG_DEBUG, + session->ld, rc, "failed to bind to LDAP server %s", + nslcd_cfg->uris[session->current_uri].uri); + do_close(session); + return rc; + } + /* update last activity and finish off state */ + time(&(session->lastactivity)); + return LDAP_SUCCESS; +} + +/* Perform a simple bind operation and return the ppolicy results. */ +int myldap_bind(MYLDAP_SESSION *session, const char *dn, const char *password, + int *response, const char **message) +{ + MYLDAP_SEARCH *search; + static const char *attrs[2]; + int rc; + /* error out when buffers are too small */ + if (strlen(dn) >= sizeof(session->binddn)) + { + log_log(LOG_ERR, "myldap_bind(): binddn buffer too small (%lu required)", + (unsigned long) strlen(dn)); + return LDAP_LOCAL_ERROR; + } + if (strlen(password) >= sizeof(session->bindpw)) + { + log_log(LOG_ERR, "myldap_bind(): bindpw buffer too small (%lu required)", + (unsigned long) strlen(password)); + return LDAP_LOCAL_ERROR; + } + /* copy dn and password into session */ + strncpy(session->binddn, dn, sizeof(session->binddn)); + session->binddn[sizeof(session->binddn) - 1] = '\0'; + strncpy(session->bindpw, password, sizeof(session->bindpw)); + session->bindpw[sizeof(session->bindpw) - 1] = '\0'; + /* construct a fake search to trigger the BIND operation */ + attrs[0] = "dn"; + attrs[1] = NULL; + search = myldap_search(session, session->binddn, MYLDAP_SCOPE_BINDONLY, + "(objectClass=*)", attrs, &rc); + if (search != NULL) + myldap_search_close(search); + /* return ppolicy results */ + if (response != NULL) + *response = session->policy_response; + if (message != NULL) + *message = session->policy_message; + return rc; +} + +/* perform a search operation, the connection is assumed to be open */ +static int do_try_search(MYLDAP_SEARCH *search) +{ + int ctrlidx = 0; + int rc; + LDAPControl *serverctrls[3]; +#ifdef HAVE_LDAP_CREATE_DEREF_CONTROL + int i; + struct LDAPDerefSpec ds[2]; + char *deref_attrs[2]; +#endif /* HAVE_LDAP_CREATE_DEREF_CONTROL */ + int msgid; + /* if we're using paging, build a page control */ + if ((nslcd_cfg->pagesize > 0) && (search->scope != LDAP_SCOPE_BASE)) + { + rc = ldap_create_page_control(search->session->ld, nslcd_cfg->pagesize, + search->cookie, 0, &serverctrls[ctrlidx]); + if (rc == LDAP_SUCCESS) + ctrlidx++; + else + { + myldap_err(LOG_WARNING, search->session->ld, rc, + "ldap_create_page_control() failed"); + serverctrls[ctrlidx] = NULL; + /* if we were paging, failure building the second control is fatal */ + if (search->cookie != NULL) + return rc; + } + } +#ifdef HAVE_LDAP_CREATE_DEREF_CONTROL + /* if doing group searches, add deref control to search request + (this is currently a bit of a hack and hard-coded for group searches + which are detected by requesting the attmap_group_member member + attribute) */ + for (i = 0; search->attrs[i] != NULL; i++) + if (strcasecmp(search->attrs[i], attmap_group_member) == 0) + { + /* attributes from dereff'd entries */ + deref_attrs[0] = (void *)attmap_passwd_uid; + deref_attrs[1] = NULL; + /* build deref control */ + ds[0].derefAttr = (void *)attmap_group_member; + ds[0].attributes = deref_attrs; + ds[1].derefAttr = NULL; + ds[1].attributes = NULL; + rc = ldap_create_deref_control(search->session->ld, ds, 0, &serverctrls[ctrlidx]); + if (rc == LDAP_SUCCESS) + ctrlidx++; + else + { + myldap_err(LOG_WARNING, search->session->ld, rc, + "ldap_create_deref_control() failed"); + serverctrls[ctrlidx] = NULL; + } + } +#endif /* HAVE_LDAP_CREATE_DEREF_CONTROL */ + /* NULL terminate control list */ + serverctrls[ctrlidx] = NULL; + /* clear error flag (perhaps control setting failed) */ + if (ctrlidx > 0) + { + rc = LDAP_SUCCESS; + if (ldap_set_option(search->session->ld, LDAP_OPT_ERROR_NUMBER, &rc) != LDAP_SUCCESS) + log_log(LOG_WARNING, "failed to clear the error flag"); + } + /* perform the search */ + rc = ldap_search_ext(search->session->ld, search->base, search->scope, + search->filter, (char **)(search->attrs), + 0, serverctrls[0] == NULL ? NULL : serverctrls, + NULL, NULL, LDAP_NO_LIMIT, &msgid); + /* free the controls if we had them */ + for (ctrlidx = 0; serverctrls[ctrlidx] != NULL; ctrlidx++) + ldap_control_free(serverctrls[ctrlidx]); + /* handle errors */ + if (rc != LDAP_SUCCESS) + { + myldap_err(LOG_WARNING, search->session->ld, rc, "ldap_search_ext() failed"); + return rc; + } + /* update the last activity on the connection */ + time(&(search->session->lastactivity)); + /* save msgid */ + search->msgid = msgid; + /* return the new search */ + return LDAP_SUCCESS; +} + +MYLDAP_SESSION *myldap_create_session(void) +{ + return myldap_session_new(); +} + +void myldap_session_cleanup(MYLDAP_SESSION *session) +{ + int i; + /* check parameter */ + if (session == NULL) + { + log_log(LOG_ERR, "myldap_session_cleanup(): invalid session passed"); + return; + } + /* go over all searches in the session and close them */ + for (i = 0; i < MAX_SEARCHES_IN_SESSION; i++) + { + if (session->searches[i] != NULL) + { + myldap_search_close(session->searches[i]); + session->searches[i] = NULL; + } + } +} + +void myldap_session_close(MYLDAP_SESSION *session) +{ + /* check parameter */ + if (session == NULL) + { + log_log(LOG_ERR, "myldap_session_cleanup(): invalid session passed"); + return; + } + /* close pending searches */ + myldap_session_cleanup(session); + /* close any open connections */ + do_close(session); + /* free allocated memory */ + memset(session->bindpw, 0, sizeof(session->bindpw)); + free(session); +} + +/* mutex for updating the times in the uri */ +pthread_mutex_t uris_mutex = PTHREAD_MUTEX_INITIALIZER; + +static int do_retry_search(MYLDAP_SEARCH *search) +{ + int sleeptime = 0; + int start_uri; + time_t endtime; + time_t nexttry; + time_t t; + int rc = LDAP_UNAVAILABLE; + struct myldap_uri *current_uri; + int dotry[NSS_LDAP_CONFIG_MAX_URIS]; + int do_invalidate = 0; + /* clear time stamps */ + for (start_uri = 0; start_uri < NSS_LDAP_CONFIG_MAX_URIS; start_uri++) + dotry[start_uri] = 1; + /* keep trying until we time out */ + endtime = time(NULL) + nslcd_cfg->reconnect_retrytime; + while (1) + { + nexttry = endtime; + /* try each configured URL once */ + pthread_mutex_lock(&uris_mutex); + start_uri = search->session->current_uri; + do + { + current_uri = &(nslcd_cfg->uris[search->session->current_uri]); + /* only try this URI if we should */ + if (!dotry[search->session->current_uri]) + { /* skip this URI */ } + else if ((current_uri->lastfail > (current_uri->firstfail + nslcd_cfg->reconnect_retrytime)) && + ((t = time(NULL)) < (current_uri->lastfail + nslcd_cfg->reconnect_retrytime))) + { + /* we are in a hard fail state and have retried not long ago */ + log_log(LOG_DEBUG, "not retrying server %s which failed just %d second(s) ago and has been failing for %d seconds", + current_uri->uri, (int)(t - current_uri->lastfail), + (int)(t - current_uri->firstfail)); + dotry[search->session->current_uri] = 0; + } + else + { + /* try to start the search */ + pthread_mutex_unlock(&uris_mutex); + /* ensure that we have an open connection and start a search */ + rc = do_open(search->session); + /* perform the actual search, unless we were only binding */ + if ((rc == LDAP_SUCCESS) && (search->scope != MYLDAP_SCOPE_BINDONLY)) + rc = do_try_search(search); + /* if we are authenticating a user and get an error regarding failed + password we should error out instead of trying all servers */ + if ((search->session->binddn[0] != '\0') && (rc == LDAP_INVALID_CREDENTIALS)) + { + do_close(search->session); + return rc; + } + if (rc == LDAP_SUCCESS) + { + pthread_mutex_lock(&uris_mutex); + /* check if we are coming back from an error */ + if ((current_uri->lastfail > 0) || (search->session->current_uri != start_uri)) + { + log_log(LOG_INFO, "connected to LDAP server %s", current_uri->uri); + do_invalidate = 1; + } + if (first_search) + { + do_invalidate = 1; + first_search = 0; + } + /* update ok time */ + current_uri->firstfail = 0; + current_uri->lastfail = 0; + pthread_mutex_unlock(&uris_mutex); + /* flag the search as valid */ + search->valid = 1; + /* signal external invalidation of configured caches */ + if (do_invalidate) + invalidator_do(LM_NONE); + return LDAP_SUCCESS; + } + /* close the current connection */ + do_close(search->session); + /* update time of failure and figure out when we should retry */ + pthread_mutex_lock(&uris_mutex); + t = time(NULL); + /* update timestaps unless we are doing an authentication search */ + if (search->session->binddn[0] == '\0') + { + if (current_uri->firstfail == 0) + current_uri->firstfail = t; + current_uri->lastfail = t; + } + /* if it is one of these, retrying this URI is not going to help */ + if ((rc == LDAP_INVALID_CREDENTIALS) || (rc == LDAP_INSUFFICIENT_ACCESS) || + (rc == LDAP_AUTH_METHOD_NOT_SUPPORTED)) + dotry[search->session->current_uri] = 0; + /* check when we should try this URI again */ + else if (t <= (current_uri->firstfail + nslcd_cfg->reconnect_retrytime)) + { + t += nslcd_cfg->reconnect_sleeptime; + if (t < nexttry) + nexttry = t; + } + } + /* try the next URI (with wrap-around) */ + search->session->current_uri++; + if (nslcd_cfg->uris[search->session->current_uri].uri == NULL) + search->session->current_uri = 0; + } + while (search->session->current_uri != start_uri); + pthread_mutex_unlock(&uris_mutex); + /* see if it is any use sleeping */ + if (nexttry >= endtime) + { + if (search->session->binddn[0] == '\0') + myldap_err(LOG_ERR, search->session->ld, rc, "no available LDAP server found"); + return rc; + } + /* sleep between tries */ + sleeptime = nexttry - time(NULL); + if (sleeptime > 0) + { + log_log(LOG_WARNING, "no available LDAP server found, sleeping %d seconds", + sleeptime); + (void)sleep(sleeptime); + } + } +} + +/* force quick retries of all failing LDAP servers */ +void myldap_immediate_reconnect(void) +{ + int i; + time_t t; + t = time(NULL) - nslcd_cfg->reconnect_retrytime; + pthread_mutex_lock(&uris_mutex); + for (i = 0; i < (NSS_LDAP_CONFIG_MAX_URIS + 1); i++) + { + /* only adjust failing connections that are in a hard fail state */ + if ((nslcd_cfg->uris[i].lastfail > t) && + (nslcd_cfg->uris[i].lastfail > (nslcd_cfg->uris[i].firstfail + nslcd_cfg->reconnect_retrytime))) + { + /* move lastfail back to ensure quick retry */ + log_log(LOG_DEBUG, "moving lastfail of %s %d second(s) back to force retry", + nslcd_cfg->uris[i].uri, (int)(nslcd_cfg->uris[i].lastfail - t)); + nslcd_cfg->uris[i].lastfail = t; + } + } + pthread_mutex_unlock(&uris_mutex); +} + +MYLDAP_SEARCH *myldap_search(MYLDAP_SESSION *session, + const char *base, int scope, const char *filter, + const char **attrs, int *rcp) +{ + MYLDAP_SEARCH *search; + int i; + int rc; + /* check parameters */ + if ((session == NULL) || (base == NULL) || (filter == NULL) || (attrs == NULL)) + { + log_log(LOG_ERR, "myldap_search(): invalid parameter passed"); + errno = EINVAL; + if (rcp != NULL) + *rcp = LDAP_OPERATIONS_ERROR; + return NULL; + } + /* log the call */ + log_log(LOG_DEBUG, "myldap_search(base=\"%s\", filter=\"%s\")", + base, filter); + /* check if the idle time for the connection has expired */ + myldap_session_check(session); + /* allocate a new search entry */ + search = myldap_search_new(session, base, scope, filter, attrs); + /* find a place in the session where we can register our search */ + for (i = 0; (i < MAX_SEARCHES_IN_SESSION) && (session->searches[i] != NULL); i++) + /* nothing */ ; + if (i >= MAX_SEARCHES_IN_SESSION) + { + log_log(LOG_ERR, "myldap_search(): too many searches registered with session (max %d)", + MAX_SEARCHES_IN_SESSION); + myldap_search_close(search); + if (rcp != NULL) + *rcp = LDAP_OPERATIONS_ERROR; + return NULL; + } + /* register search with the session so we can free it later on */ + session->searches[i] = search; + /* do the search with retries to all configured servers */ + rc = do_retry_search(search); + if (rc != LDAP_SUCCESS) + { + myldap_search_close(search); + if (rcp != NULL) + *rcp = rc; + return NULL; + } + if (rcp != NULL) + *rcp = LDAP_SUCCESS; + return search; +} + +void myldap_search_close(MYLDAP_SEARCH *search) +{ + int i; + if (search == NULL) + return; + /* free any messages */ + if (search->msg != NULL) + { + ldap_msgfree(search->msg); + search->msg = NULL; + } + /* abandon the search if there were more results to fetch */ + if ((search->session->ld != NULL) && (search->msgid != -1)) + { + ldap_abandon(search->session->ld, search->msgid); + search->msgid = -1; + } + /* find the reference to this search in the session */ + for (i = 0; i < MAX_SEARCHES_IN_SESSION; i++) + { + if (search->session->searches[i] == search) + search->session->searches[i] = NULL; + } + /* free any search entries */ + if (search->entry != NULL) + myldap_entry_free(search->entry); + /* clean up cookie */ + if (search->cookie != NULL) + ber_bvfree(search->cookie); + /* free read messages */ + if (search->msg != NULL) + ldap_msgfree(search->msg); + /* free the storage we allocated */ + free(search); +} + +MYLDAP_ENTRY *myldap_get_entry(MYLDAP_SEARCH *search, int *rcp) +{ + int rc; + int parserc; + struct timeval tv, *tvp; + LDAPControl **resultcontrols; + ber_int_t count; + /* check parameters */ + if ((search == NULL) || (search->session == NULL) || (search->session->ld == NULL)) + { + log_log(LOG_ERR, "myldap_get_entry(): invalid search passed"); + errno = EINVAL; + if (rcp != NULL) + *rcp = LDAP_OPERATIONS_ERROR; + return NULL; + } + /* check if the connection wasn't closed in another search */ + if (!search->valid) + { + log_log(LOG_WARNING, "myldap_get_entry(): connection was closed"); + /* retry the search */ + if (search->may_retry_search) + { + log_log(LOG_DEBUG, "myldap_get_entry(): retry search"); + search->may_retry_search = 0; + if (do_retry_search(search) == LDAP_SUCCESS) + return myldap_get_entry(search, rcp); + } + myldap_search_close(search); + if (rcp != NULL) + *rcp = LDAP_SERVER_DOWN; + return NULL; + } + /* set up a timelimit value for operations */ + if (nslcd_cfg->timelimit == LDAP_NO_LIMIT) + tvp = NULL; + else + { + tv.tv_sec = nslcd_cfg->timelimit; + tv.tv_usec = 0; + tvp = &tv; + } + /* if we have an existing result entry, free it */ + if (search->entry != NULL) + { + myldap_entry_free(search->entry); + search->entry = NULL; + } + /* try to parse results until we have a final error or ok */ + while (1) + { + /* free the previous message if there was any */ + if (search->msg != NULL) + { + ldap_msgfree(search->msg); + search->msg = NULL; + } + /* get the next result */ + rc = ldap_result(search->session->ld, search->msgid, LDAP_MSG_ONE, tvp, + &(search->msg)); + /* handle result */ + switch (rc) + { + case LDAP_RES_SEARCH_ENTRY: + /* we have a normal search entry, update timestamp and return result */ + time(&(search->session->lastactivity)); + search->entry = myldap_entry_new(search); + if (rcp != NULL) + *rcp = LDAP_SUCCESS; + /* log the first couple of dns in the result (but not all, to + prevent swamping the log) */ + if (search->count < MAX_DEBUG_LOG_DNS) + log_log(LOG_DEBUG, "ldap_result(): %s", myldap_get_dn(search->entry)); + search->count++; + search->may_retry_search = 0; + return search->entry; + case LDAP_RES_SEARCH_RESULT: + /* we have a search result, parse it */ + resultcontrols = NULL; + if (search->cookie != NULL) + { + ber_bvfree(search->cookie); + search->cookie = NULL; + } + /* NB: this frees search->msg */ + parserc = ldap_parse_result(search->session->ld, search->msg, &rc, + NULL, NULL, NULL, &resultcontrols, 1); + search->msg = NULL; + /* check for errors during parsing */ + if ((parserc != LDAP_SUCCESS) && (parserc != LDAP_MORE_RESULTS_TO_RETURN)) + { + if (resultcontrols != NULL) + ldap_controls_free(resultcontrols); + myldap_err(LOG_ERR, search->session->ld, parserc, "ldap_parse_result() failed"); + myldap_search_close(search); + if (rcp != NULL) + *rcp = parserc; + return NULL; + } + /* check for errors in message */ + if ((rc != LDAP_SUCCESS) && (rc != LDAP_MORE_RESULTS_TO_RETURN)) + { + if (resultcontrols != NULL) + ldap_controls_free(resultcontrols); + myldap_err(LOG_ERR, search->session->ld, rc, "ldap_result() failed"); + /* close connection on connection problems */ + if ((rc == LDAP_UNAVAILABLE) || (rc == LDAP_SERVER_DOWN)) + do_close(search->session); + myldap_search_close(search); + if (rcp != NULL) + *rcp = rc; + return NULL; + } + /* handle result controls */ + if (resultcontrols != NULL) + { + /* see if there are any more pages to come */ + rc = ldap_parse_page_control(search->session->ld, resultcontrols, + &count, &(search->cookie)); + if (rc != LDAP_SUCCESS) + { + if (rc != LDAP_CONTROL_NOT_FOUND) + myldap_err(LOG_WARNING, search->session->ld, rc, "ldap_parse_page_control() failed"); + /* clear error flag */ + rc = LDAP_SUCCESS; + if (ldap_set_option(search->session->ld, LDAP_OPT_ERROR_NUMBER, + &rc) != LDAP_SUCCESS) + log_log(LOG_WARNING, "failed to clear the error flag"); + } + /* TODO: handle the above return code?? */ + ldap_controls_free(resultcontrols); + } + search->msgid = -1; + /* check if there are more pages to come */ + if ((search->cookie == NULL) || (search->cookie->bv_len == 0)) + { + if (search->count > MAX_DEBUG_LOG_DNS) + log_log(LOG_DEBUG, "ldap_result(): ... %d more results", + search->count - MAX_DEBUG_LOG_DNS); + log_log(LOG_DEBUG, "ldap_result(): end of results (%d total)", + search->count); + /* we are at the end of the search, no more results */ + myldap_search_close(search); + if (rcp != NULL) + *rcp = LDAP_SUCCESS; + return NULL; + } + /* try the next page */ + rc = do_try_search(search); + if (rc != LDAP_SUCCESS) + { + /* close connection on connection problems */ + if ((rc == LDAP_UNAVAILABLE) || (rc == LDAP_SERVER_DOWN)) + do_close(search->session); + myldap_search_close(search); + if (rcp != NULL) + *rcp = rc; + return NULL; + } + /* we continue with another pass */ + break; + case LDAP_RES_SEARCH_REFERENCE: + break; /* just ignore search references */ + default: + /* we have some error condition, find out which */ + switch (rc) + { + case -1: + /* try to get error code */ + if (ldap_get_option(search->session->ld, LDAP_OPT_ERROR_NUMBER, + &rc) != LDAP_SUCCESS) + rc = LDAP_UNAVAILABLE; + myldap_err(LOG_ERR, search->session->ld, rc, "ldap_result() failed"); + break; + case 0: + /* the timeout expired */ + log_log(LOG_ERR, "ldap_result() timed out"); + rc = LDAP_TIMELIMIT_EXCEEDED; + break; + default: + /* unknown code */ + log_log(LOG_WARNING, "ldap_result() returned unexpected result type"); + rc = LDAP_PROTOCOL_ERROR; + } + /* close connection on some connection problems */ + if ((rc == LDAP_UNAVAILABLE) || (rc == LDAP_SERVER_DOWN) || + (rc == LDAP_SUCCESS) || (rc == LDAP_TIMELIMIT_EXCEEDED) || + (rc == LDAP_OPERATIONS_ERROR) || (rc == LDAP_PROTOCOL_ERROR) || + (rc == LDAP_BUSY) || (rc == LDAP_UNWILLING_TO_PERFORM) || + (rc == LDAP_TIMEOUT) || (rc == LDAP_CONNECT_ERROR) || + (rc == LDAP_NOT_SUPPORTED)) + { + do_close(search->session); + /* retry once if no data has been received yet */ + if (search->may_retry_search) + { + log_log(LOG_DEBUG, "myldap_get_entry(): retry search"); + search->may_retry_search = 0; + if (do_retry_search(search) == LDAP_SUCCESS) + return myldap_get_entry(search, rcp); + } + } + /* close search */ + myldap_search_close(search); + if (rcp != NULL) + *rcp = rc; + return NULL; + } + } +} + +/* Get the DN from the entry. This function only returns NULL (and sets + errno) if an incorrect entry is passed. If the DN value cannot be + retrieved "unknown" is returned instead. */ +const char *myldap_get_dn(MYLDAP_ENTRY *entry) +{ + int rc; + /* check parameters */ + if (!is_valid_entry(entry)) + { + log_log(LOG_ERR, "myldap_get_dn(): invalid result entry passed"); + errno = EINVAL; + return "unknown"; + } + /* if we don't have it yet, retreive it */ + if ((entry->dn == NULL) && (entry->search->valid)) + { + entry->dn = ldap_get_dn(entry->search->session->ld, entry->search->msg); + if (entry->dn == NULL) + { + if (ldap_get_option(entry->search->session->ld, LDAP_OPT_ERROR_NUMBER, + &rc) != LDAP_SUCCESS) + rc = LDAP_UNAVAILABLE; + myldap_err(LOG_WARNING, entry->search->session->ld, rc, "ldap_get_dn() returned NULL"); + /* close connection on connection problems */ + if ((rc == LDAP_UNAVAILABLE) || (rc == LDAP_SERVER_DOWN)) + do_close(entry->search->session); + } + } + /* if we still don't have it, return unknown */ + if (entry->dn == NULL) + return "unknown"; + /* return it */ + return entry->dn; +} + +char *myldap_cpy_dn(MYLDAP_ENTRY *entry, char *buf, size_t buflen) +{ + const char *dn; + /* get the dn */ + dn = myldap_get_dn(entry); + /* copy into buffer */ + if (strlen(dn) < buflen) + strcpy(buf, dn); + else + buf = NULL; + return buf; +} + +/* Perform ranged retreival of attributes. + http://msdn.microsoft.com/en-us/library/aa367017(vs.85).aspx + http://www.tkk.fi/cc/docs/kerberos/draft-kashi-incremental-00.txt */ +static char **myldap_get_ranged_values(MYLDAP_ENTRY *entry, const char *attr) +{ + char **values; + char *attn; + const char *attrs[2]; + BerElement *ber; + int i; + int startat = 0, nxt = 0; + char attbuf[80]; + const char *dn = myldap_get_dn(entry); + MYLDAP_SESSION *session = entry->search->session; + MYLDAP_SEARCH *search = NULL; + SET *set = NULL; + /* build the attribute name to find */ + if (mysnprintf(attbuf, sizeof(attbuf), "%s;range=0-*", attr)) + { + log_log(LOG_ERR, "myldap_get_ranged_values(): attbuf buffer too small (%lu required)", + (unsigned long) strlen(attr) + 10); + return NULL; + } + /* keep doing lookups untul we can't get any more results */ + while (1) + { + /* go over all attributes to find the ranged attribute */ + ber = NULL; + attn = ldap_first_attribute(entry->search->session->ld, entry->search->msg, &ber); + values = NULL; + while (attn != NULL) + { + if (strncasecmp(attn, attbuf, strlen(attbuf) - 1) == 0) + { + log_log(LOG_DEBUG, "found ranged results %s", attn); + nxt = atoi(attn + strlen(attbuf) - 1) + 1; + values = ldap_get_values(entry->search->session->ld, entry->search->msg, attn); + ldap_memfree(attn); + break; + } + /* free old attribute name and get next one */ + ldap_memfree(attn); + attn = ldap_next_attribute(entry->search->session->ld, entry->search->msg, ber); + } + ber_free(ber, 0); + /* see if we found any values */ + if ((values == NULL) || (*values == NULL)) + break; + /* allocate memory */ + if (set == NULL) + { + set = set_new(); + if (set == NULL) + { + ldap_value_free(values); + log_log(LOG_CRIT, "myldap_get_ranged_values(): set_new() failed to allocate memory"); + return NULL; + } + } + /* add to the set */ + for (i = 0; values[i] != NULL; i++) + set_add(set, values[i]); + /* free results */ + ldap_value_free(values); + /* check if we should start a new search */ + if (nxt <= startat) + break; + startat = nxt; + /* build attributes for a new search */ + if (mysnprintf(attbuf, sizeof(attbuf), "%s;range=%d-*", attr, startat)) + { + log_log(LOG_ERR, "myldap_get_ranged_values(): attbuf buffer too small"); + break; + } + attrs[0] = attbuf; + attrs[1] = NULL; + /* close the previous search, if any */ + if (search != NULL) + myldap_search_close(search); + /* start the new search */ + search = myldap_search(session, dn, LDAP_SCOPE_BASE, "(objectClass=*)", attrs, NULL); + if (search == NULL) + break; + entry = myldap_get_entry(search, NULL); + if (entry == NULL) + break; + } + /* close any started searches */ + if (search != NULL) + myldap_search_close(search); + /* return the contents of the set as a list */ + if (set == NULL) + return NULL; + values = (char **)set_tolist(set); + set_free(set); + if (values == NULL) + log_log(LOG_CRIT, "myldap_get_ranged_values(): malloc() failed to allocate memory"); + return values; +} + +/* Simple wrapper around ldap_get_values(). */ +const char **myldap_get_values(MYLDAP_ENTRY *entry, const char *attr) +{ + char **values; + int rc; + int i; + /* check parameters */ + if (!is_valid_entry(entry)) + { + log_log(LOG_ERR, "myldap_get_values(): invalid result entry passed"); + errno = EINVAL; + return NULL; + } + else if (attr == NULL) + { + log_log(LOG_ERR, "myldap_get_values(): invalid attribute name passed"); + errno = EINVAL; + return NULL; + } + if (!entry->search->valid) + return NULL; /* search has been stopped */ + /* get from LDAP */ + values = ldap_get_values(entry->search->session->ld, entry->search->msg, attr); + if (values == NULL) + { + if (ldap_get_option(entry->search->session->ld, LDAP_OPT_ERROR_NUMBER, &rc) != LDAP_SUCCESS) + rc = LDAP_UNAVAILABLE; + /* ignore decoding errors as they are just nonexisting attribute values */ + if (rc == LDAP_DECODING_ERROR) + { + rc = LDAP_SUCCESS; + if (ldap_set_option(entry->search->session->ld, LDAP_OPT_ERROR_NUMBER, &rc) != LDAP_SUCCESS) + log_log(LOG_WARNING, "failed to clear the error flag"); + } + else if (rc == LDAP_SUCCESS) + { + /* we have a success code but no values, let's try to get ranged + values */ + values = myldap_get_ranged_values(entry, attr); + if (values == NULL) + return NULL; + /* store values entry so we can free it later on */ + for (i = 0; i < MAX_BUFFERS_PER_ENTRY; i++) + if (entry->buffers[i] == NULL) + { + entry->buffers[i] = values; + return (const char **)entry->buffers[i]; + } + /* we found no room to store the values */ + log_log(LOG_ERR, "ldap_get_values() couldn't store results, increase MAX_BUFFERS_PER_ENTRY"); + free(values); + return NULL; + } + else + myldap_err(LOG_WARNING, entry->search->session->ld, rc, + "ldap_get_values() of attribute \"%s\" on entry \"%s\" returned NULL", + attr, myldap_get_dn(entry)); + return NULL; + } + /* store values entry so we can free it later on */ + for (i = 0; i < MAX_ATTRIBUTES_PER_ENTRY; i++) + if (entry->attributevalues[i] == NULL) + { + entry->attributevalues[i] = values; + return (const char **)values; + } + /* we found no room to store the entry */ + log_log(LOG_ERR, "ldap_get_values() couldn't store results, increase MAX_ATTRIBUTES_PER_ENTRY"); + ldap_value_free(values); + return NULL; +} + +/* Convert the bervalues to a simple list of strings that can be freed + with one call to free(). */ +static const char **bervalues_to_values(struct berval **bvalues) +{ + int num_values; + int i; + size_t sz; + char *buf; + char **values; + /* figure out how much memory to allocate */ + num_values = ldap_count_values_len(bvalues); + sz = (num_values + 1) * sizeof(char *); + for (i = 0; i < num_values; i++) + sz += bvalues[i]->bv_len + 1; + /* allocate the needed memory */ + values = (char **)malloc(sz); + if (values == NULL) + { + log_log(LOG_CRIT, "bervalues_to_values(): malloc() failed to allocate memory"); + return NULL; + } + buf = (char *)values; + buf += (num_values + 1) * sizeof(char *); + /* copy from bvalues */ + for (i = 0; i < num_values; i++) + { + values[i] = buf; + memcpy(values[i], bvalues[i]->bv_val, bvalues[i]->bv_len); + values[i][bvalues[i]->bv_len] = '\0'; + buf += bvalues[i]->bv_len + 1; + } + values[i] = NULL; + return (const char **)values; +} + +/* Simple wrapper around ldap_get_values(). */ +const char **myldap_get_values_len(MYLDAP_ENTRY *entry, const char *attr) +{ + const char **values; + struct berval **bvalues; + int rc; + int i; + /* check parameters */ + if (!is_valid_entry(entry)) + { + log_log(LOG_ERR, "myldap_get_values_len(): invalid result entry passed"); + errno = EINVAL; + return NULL; + } + else if (attr == NULL) + { + log_log(LOG_ERR, "myldap_get_values_len(): invalid attribute name passed"); + errno = EINVAL; + return NULL; + } + if (!entry->search->valid) + return NULL; /* search has been stopped */ + /* get from LDAP */ + bvalues = ldap_get_values_len(entry->search->session->ld, entry->search->msg, attr); + if (bvalues == NULL) + { + if (ldap_get_option(entry->search->session->ld, LDAP_OPT_ERROR_NUMBER, &rc) != LDAP_SUCCESS) + rc = LDAP_UNAVAILABLE; + /* ignore decoding errors as they are just nonexisting attribute values */ + if (rc == LDAP_DECODING_ERROR) + { + rc = LDAP_SUCCESS; + if (ldap_set_option(entry->search->session->ld, LDAP_OPT_ERROR_NUMBER, &rc) != LDAP_SUCCESS) + log_log(LOG_WARNING, "failed to clear the error flag"); + return NULL; + } + else if (rc == LDAP_SUCCESS) + { + /* we have a success code but no values, let's try to get ranged + values */ + values = (const char **)myldap_get_ranged_values(entry, attr); + } + else + { + myldap_err(LOG_WARNING, entry->search->session->ld, rc, + "myldap_get_values_len() of attribute \"%s\" on entry \"%s\" returned NULL", + attr, myldap_get_dn(entry)); + return NULL; + } + } + else + { + values = bervalues_to_values(bvalues); + ldap_value_free_len(bvalues); + } + /* check if we got allocated memory */ + if (values == NULL) + return NULL; + /* store values entry so we can free it later on */ + for (i = 0; i < MAX_BUFFERS_PER_ENTRY; i++) + if (entry->buffers[i] == NULL) + { + entry->buffers[i] = (char **)values; + return values; + } + /* we found no room to store the values */ + log_log(LOG_ERR, "myldap_get_values_len() couldn't store results, increase MAX_BUFFERS_PER_ENTRY"); + free(values); + return NULL; +} + +/* Go over the entries in exploded_rdn and see if any start with + the requested attribute. Return a reference to the value part of + the DN (does not modify exploded_rdn). */ +static const char *find_rdn_value(char **exploded_rdn, const char *attr) +{ + int i, j; + int l; + if (exploded_rdn == NULL) + return NULL; + /* go over all RDNs */ + l = strlen(attr); + for (i = 0; exploded_rdn[i] != NULL; i++) + { + /* check that RDN starts with attr */ + if (strncasecmp(exploded_rdn[i], attr, l) != 0) + continue; + j = l; + /* skip spaces */ + while (isspace(exploded_rdn[i][j])) + j++; + /* ensure that we found an equals sign now */ + if (exploded_rdn[i][j] != '=') + continue; + j++; + /* skip more spaces */ + while (isspace(exploded_rdn[i][j])) + j++; + /* ensure that we're not at the end of the string */ + if (exploded_rdn[i][j] == '\0') + continue; + /* we found our value */ + return exploded_rdn[i] + j; + } + /* fail */ + return NULL; +} + +/* explode the first part of DN into parts + (e.g. "cn=Test", "uid=test") + The returned value should be freed with ldap_value_free(). */ +static char **get_exploded_rdn(const char *dn) +{ + char **exploded_dn; + char **exploded_rdn; + /* check if we have a DN */ + if ((dn == NULL) || (strcasecmp(dn, "unknown") == 0)) + return NULL; + /* explode dn into { "uid=test", "ou=people", ..., NULL } */ + exploded_dn = ldap_explode_dn(dn, 0); + if ((exploded_dn == NULL) || (exploded_dn[0] == NULL)) + { + log_log(LOG_WARNING, "ldap_explode_dn(%s) returned NULL: %s", + dn, strerror(errno)); + return NULL; + } + /* explode rdn (first part of exploded_dn), + e.g. "cn=Test User+uid=testusr" into + { "cn=Test User", "uid=testusr", NULL } */ + errno = 0; + exploded_rdn = ldap_explode_rdn(exploded_dn[0], 0); + if ((exploded_rdn == NULL) || (exploded_rdn[0] == NULL)) + { + log_log(LOG_WARNING, "ldap_explode_rdn(%s) returned NULL: %s", + exploded_dn[0], strerror(errno)); + if (exploded_rdn != NULL) + ldap_value_free(exploded_rdn); + ldap_value_free(exploded_dn); + return NULL; + } + ldap_value_free(exploded_dn); + return exploded_rdn; +} + +const char *myldap_get_rdn_value(MYLDAP_ENTRY *entry, const char *attr) +{ + /* check parameters */ + if (!is_valid_entry(entry)) + { + log_log(LOG_ERR, "myldap_get_rdn_value(): invalid result entry passed"); + errno = EINVAL; + return NULL; + } + else if (attr == NULL) + { + log_log(LOG_ERR, "myldap_get_rdn_value(): invalid attribute name passed"); + errno = EINVAL; + return NULL; + } + /* check if entry contains exploded_rdn */ + if (entry->exploded_rdn == NULL) + { + entry->exploded_rdn = get_exploded_rdn(myldap_get_dn(entry)); + if (entry->exploded_rdn == NULL) + return NULL; + } + /* find rnd value */ + return find_rdn_value(entry->exploded_rdn, attr); +} + +const char *myldap_cpy_rdn_value(const char *dn, const char *attr, + char *buf, size_t buflen) +{ + char **exploded_rdn; + const char *value; + /* explode dn into { "cn=Test", "uid=test", NULL } */ + exploded_rdn = get_exploded_rdn(dn); + if (exploded_rdn == NULL) + return NULL; + /* see if we have a match */ + value = find_rdn_value(exploded_rdn, attr); + /* if we have something store it in the buffer */ + if ((value != NULL) && (strlen(value) < buflen)) + strcpy(buf, value); + else + value = NULL; + /* free allocated stuff */ + ldap_value_free(exploded_rdn); + /* check if we have something to return */ + return (value != NULL) ? buf : NULL; +} + +int myldap_has_objectclass(MYLDAP_ENTRY *entry, const char *objectclass) +{ + const char **values; + int i; + if ((!is_valid_entry(entry)) || (objectclass == NULL)) + { + log_log(LOG_ERR, "myldap_has_objectclass(): invalid argument passed"); + errno = EINVAL; + return 0; + } + values = myldap_get_values(entry, "objectClass"); + if (values == NULL) + return 0; + for (i = 0; values[i] != NULL; i++) + { + if (strcasecmp(values[i], objectclass) == 0) + return -1; + } + return 0; +} + +#ifdef HAVE_LDAP_PARSE_DEREF_CONTROL +const char ***myldap_get_deref_values(MYLDAP_ENTRY *entry, + const char *derefattr, const char *getattr) +{ + LDAPControl **entryctrls; + LDAPDerefRes *deref, *d; + LDAPDerefVal *a; + int i, pass; + int rc; + int found; + int counts[2]; + size_t sizes[2], size; + char *buffer = NULL; + char ***results = NULL; + rc = ldap_get_entry_controls(entry->search->session->ld, entry->search->msg, + &entryctrls); + if (rc != LDAP_SUCCESS) + { + myldap_err(LOG_WARNING, entry->search->session->ld, rc, + "ldap_get_entry_controls() failed"); + return NULL; + } + if (entryctrls == NULL) + return NULL; + /* see if we can find a deref control */ + rc = ldap_parse_deref_control(entry->search->session->ld, entryctrls, + &deref); + if ((rc != LDAP_SUCCESS) || (deref == NULL)) + { + if ((rc != LDAP_SUCCESS) && (rc != LDAP_CONTROL_NOT_FOUND)) + myldap_err(LOG_WARNING, entry->search->session->ld, rc, + "ldap_parse_deref_control() failed"); + /* clear error flag */ + rc = LDAP_SUCCESS; + if (ldap_set_option(entry->search->session->ld, LDAP_OPT_ERROR_NUMBER, + &rc) != LDAP_SUCCESS) + log_log(LOG_WARNING, "failed to clear the error flag"); + ldap_controls_free(entryctrls); + return NULL; + } + /* two passes: one to calculate size, one to store data */ + for (pass=0; pass < 2; pass++) + { + /* reset counters and size */ + for (i = 0; i < 2; i++) + { + counts[i] = 0; + sizes[i] = 0; + } + /* go over all deref'd attributes and find the one we're looking for */ + for (d = deref; d != NULL; d = d->next) + if ((d->derefAttr != NULL) && (d->derefVal.bv_val != NULL) && + (strcasecmp(derefattr, d->derefAttr) == 0)) + { + /* we should have one d per original attribute value */ + found = 0; + /* go over deref'd attribute values to find the ones we're looking for */ + for (a = d->attrVals; a != NULL; a = a->next) + if ((a->type != NULL) && (a->vals != NULL) && + (strcasecmp(getattr, a->type) == 0)) + for (i=0; a->vals[i].bv_val != NULL; i++) + { + found = 1; + if (results == NULL) + { + log_log(LOG_DEBUG, "deref %s %s=%s -> %s=%s", + myldap_get_dn(entry), d->derefAttr, d->derefVal.bv_val, + a->type, a->vals[i].bv_val); + counts[0]++; + sizes[0] += strlen(a->vals[i].bv_val) + 1; + } + else + { + strcpy(buffer, a->vals[i].bv_val); + results[0][counts[0]++] = buffer; + buffer += strlen(buffer) + 1; + } + } + if (!found) + { + if (results == NULL) + { + log_log(LOG_DEBUG, "no %s deref %s %s=%s", getattr, + myldap_get_dn(entry), d->derefAttr, d->derefVal.bv_val); + counts[1]++; + sizes[1] += strlen(d->derefVal.bv_val) + 1; + } + else + { + strcpy(buffer, d->derefVal.bv_val); + results[1][counts[1]++] = buffer; + buffer += strlen(buffer) + 1; + } + } + } + /* allocate memory after first pass */ + if (results == NULL) + { + size = sizeof(char **) * 3; + for (i = 0; i < 2; i++) + size += sizeof(char *) * (counts[i] + 1); + for (i = 0; i < 2; i++) + size += sizeof(char) * sizes[i]; + buffer = (char *)malloc(size); + if (buffer == NULL) + { + log_log(LOG_CRIT, "myldap_get_deref_values(): malloc() failed to allocate memory"); + return NULL; + } + /* allocate the list of lists */ + results = (void *)buffer; + buffer += sizeof(char **) * 3; + /* allocate the lists */ + for (i = 0; i < 2; i++) + { + results[i] = (char **)buffer; + buffer += sizeof(char *) * (counts[i] + 1); + } + results[i] = NULL; + } + } + /* NULL terminate the lists */ + results[0][counts[0]] = NULL; + results[1][counts[1]] = NULL; + /* free control data */ + ldap_derefresponse_free(deref); + ldap_controls_free(entryctrls); + /* store results so we can free it later on */ + for (i = 0; i < MAX_BUFFERS_PER_ENTRY; i++) + if (entry->buffers[i] == NULL) + { + entry->buffers[i] = (void *)results; + return (const char ***)results; + } + /* we found no room to store the values */ + log_log(LOG_ERR, "myldap_get_deref_values() couldn't store results, " + "increase MAX_BUFFERS_PER_ENTRY"); + free(results); + return NULL; +} +#else /* not HAVE_LDAP_PARSE_DEREF_CONTROL */ +const char ***myldap_get_deref_values(MYLDAP_ENTRY UNUSED(*entry), + const char UNUSED(*derefattr), const char UNUSED(*getattr)) +{ + return NULL; +} +#endif /* not HAVE_LDAP_PARSE_DEREF_CONTROL */ + +int myldap_escape(const char *src, char *buffer, size_t buflen) +{ + size_t pos = 0; + /* go over all characters in source string */ + for (; *src != '\0'; src++) + { + /* check if char will fit */ + if ((pos + 4) >= buflen) + return -1; + /* do escaping for some characters */ + switch (*src) + { + case '*': + strcpy(buffer + pos, "\\2a"); + pos += 3; + break; + case '(': + strcpy(buffer + pos, "\\28"); + pos += 3; + break; + case ')': + strcpy(buffer + pos, "\\29"); + pos += 3; + break; + case '\\': + strcpy(buffer + pos, "\\5c"); + pos += 3; + break; + default: + /* just copy character */ + buffer[pos++] = *src; + break; + } + } + /* terminate destination string */ + buffer[pos] = '\0'; + return 0; +} + +int myldap_set_debuglevel(int level) +{ + int i; + int rc; + /* turn on debugging */ + if (level > 1) + { +#ifdef LBER_OPT_LOG_PRINT_FILE + log_log(LOG_DEBUG, "ber_set_option(LBER_OPT_LOG_PRINT_FILE)"); + rc = ber_set_option(NULL, LBER_OPT_LOG_PRINT_FILE, stderr); + if (rc != LDAP_SUCCESS) + { + myldap_err(LOG_ERR, NULL, rc, "ber_set_option(LBER_OPT_LOG_PRINT_FILE) failed"); + return rc; + } +#endif /* LBER_OPT_LOG_PRINT_FILE */ +#ifdef LBER_OPT_DEBUG_LEVEL + if (level > 2) + { + i = -1; + log_log(LOG_DEBUG, "ber_set_option(LBER_OPT_DEBUG_LEVEL,-1)"); + rc = ber_set_option(NULL, LBER_OPT_DEBUG_LEVEL, &i); + if (rc != LDAP_SUCCESS) + { + myldap_err(LOG_ERR, NULL, rc, "ber_set_option(LBER_OPT_DEBUG_LEVEL) failed"); + return rc; + } + } +#endif /* LBER_OPT_DEBUG_LEVEL */ +#ifdef LDAP_OPT_DEBUG_LEVEL + i = -1; + log_log(LOG_DEBUG, "ldap_set_option(LDAP_OPT_DEBUG_LEVEL,-1)"); + rc = ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, &i); + if (rc != LDAP_SUCCESS) + { + myldap_err(LOG_ERR, NULL, rc, "ldap_set_option(LDAP_OPT_DEBUG_LEVEL) failed"); + return rc; + } +#endif /* LDAP_OPT_DEBUG_LEVEL */ + } + return LDAP_SUCCESS; +} + +int myldap_passwd(MYLDAP_SESSION *session, + const char *userdn, const char *oldpassword, + const char *newpasswd) +{ + int rc; + struct berval ber_userdn, ber_oldpassword, ber_newpassword, ber_retpassword; + /* check parameters */ + if ((session == NULL) || (userdn == NULL) || (newpasswd == NULL)) + { + log_log(LOG_ERR, "myldap_passwd(): invalid parameter passed"); + errno = EINVAL; + return LDAP_OTHER; + } + /* log the call */ + log_log(LOG_DEBUG, "myldap_passwd(userdn=\"%s\",oldpasswd=%s,newpasswd=\"***\")", + userdn, oldpassword ? "\"***\"" : "NULL"); + /* translate to ber stuff */ + ber_userdn.bv_val = (char *)userdn; + ber_userdn.bv_len = strlen(userdn); + ber_newpassword.bv_val = (char *)newpasswd; + ber_newpassword.bv_len = strlen(newpasswd); + ber_retpassword.bv_val = NULL; + ber_retpassword.bv_len = 0; + /* perform request */ + log_log(LOG_DEBUG, "myldap_passwd(): try ldap_passwd_s() without old password"); + rc = ldap_passwd_s(session->ld, &ber_userdn, NULL, &ber_newpassword, + &ber_retpassword, NULL, NULL); + if (rc != LDAP_SUCCESS) + myldap_err(LOG_ERR, session->ld, rc, "ldap_passwd_s() without old password failed"); + /* free returned data if needed */ + if (ber_retpassword.bv_val != NULL) + ldap_memfree(ber_retpassword.bv_val); + if ((rc != LDAP_SUCCESS) && (oldpassword != NULL)) + { + /* retry with old password */ + log_log(LOG_DEBUG, "myldap_passwd(): try ldap_passwd_s() with old password"); + ber_oldpassword.bv_val = (char *)oldpassword; + ber_oldpassword.bv_len = strlen(oldpassword); + /* perform request */ + rc = ldap_passwd_s(session->ld, &ber_userdn, &ber_oldpassword, + &ber_newpassword, &ber_retpassword, NULL, NULL); + if (rc != LDAP_SUCCESS) + myldap_err(LOG_ERR, session->ld, rc, "ldap_passwd_s() with old password failed"); + /* free returned data if needed */ + if (ber_retpassword.bv_val != NULL) + ldap_memfree(ber_retpassword.bv_val); + } + return rc; +} + +int myldap_modify(MYLDAP_SESSION *session, const char *dn, LDAPMod * mods[]) +{ + if ((session == NULL) || (dn == NULL)) + { + log_log(LOG_ERR, "myldap_passwd(): invalid parameter passed"); + errno = EINVAL; + return LDAP_OTHER; + } + return ldap_modify_ext_s(session->ld, dn, mods, NULL, NULL); +} + +int myldap_error_message(MYLDAP_SESSION *session, int rc, + char *buffer, size_t buflen) +{ + char *msg_diag = NULL; + if ((session == NULL) || (buffer == NULL) || (buflen <= 0)) + { + log_log(LOG_ERR, "myldap_error_message(): invalid parameter passed"); + errno = EINVAL; + return LDAP_OTHER; + } + /* clear buffer */ + buffer[0] = '\0'; +#ifdef LDAP_OPT_DIAGNOSTIC_MESSAGE + if (session->ld != NULL) + ldap_get_option(session->ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, &msg_diag); +#endif /* LDAP_OPT_DIAGNOSTIC_MESSAGE */ + /* return msg_diag or generic error message */ + mysnprintf(buffer, buflen - 1, "%s", + ((msg_diag != NULL) && (msg_diag[0]!='\0')) ? + msg_diag : ldap_err2string(rc)); + /* free diagnostic message */ + if (msg_diag != NULL) + ldap_memfree(msg_diag); + return LDAP_SUCCESS; +} diff --git a/nslcd/myldap.h b/nslcd/myldap.h new file mode 100644 index 0000000..62c9350 --- /dev/null +++ b/nslcd/myldap.h @@ -0,0 +1,173 @@ +/* + myldap.h - simple interface to do LDAP requests + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2007-2017 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +/* + This file describes the API of the myldap module which takes the complexity + out of using the OpenLDAP library. Memory management, paging, reconnect + logic, idle timeout of connections, etc is taken care of by the module. + + Use of this module is very straightforeward. You first have to create a + session (with myldap_create_session()), with this session you can start + searches (with myldap_search()), from a search you can get entries (with + myldap_get_entry()) from the LDAP database and from these entries you can + get attribute values (with myldap_get_values()). +*/ + +#ifndef NSLCD__MYLDAP_H +#define NSLCD__MYLDAP_H + +/* for size_t */ +#include +/* for LDAP_SCOPE_* */ +#include +#include + +#include "compat/attrs.h" + +#ifndef LDAP_SCOPE_DEFAULT +#define LDAP_SCOPE_DEFAULT LDAP_SCOPE_SUBTREE +#endif /* not LDAP_SCOPE_DEFAULT */ + +/* This a a generic session handle. */ +typedef struct ldap_session MYLDAP_SESSION; + +/* Note that this session handle may be used within one thread only. No + locking is performed to prevent concurrent modifications. Most LDAP + libraries also are not thread-safe in that a single connection may be + shared by multiple threads. It seems however that OpenLDAP at least does + not have any problems with an LDAP *ld per thread. + http://www.openldap.org/lists/openldap-software/200606/msg00252.html */ + +/* A result set as returned by myldap_search(). */ +typedef struct myldap_search MYLDAP_SEARCH; + +/* A single entry from the LDAP database as returned by myldap_get_entry(). */ +typedef struct myldap_entry MYLDAP_ENTRY; + +/* Create a new session, this does not yet connect to the LDAP server. The + connection to the server is made on-demand when a search is performed. This + uses the configuration to find the URLs to attempt connections to. */ +MUST_USE MYLDAP_SESSION *myldap_create_session(void); + +/* Perform a simple bind operation and return the ppolicy results. + This function returns an LDAP status code while response is an NSLCD_PAM_* + code with accompanying message. */ +MUST_USE int myldap_bind(MYLDAP_SESSION *session, const char *dn, + const char *password, + int *response, const char **message); + +/* Closes all pending searches and deallocates any memory that is allocated + with these searches. This does not close the session. */ +void myldap_session_cleanup(MYLDAP_SESSION *session); + +/* This checks the timeout value of the session and closes the connection + to the LDAP server if the timeout has expired and there are no pending + searches. */ +void myldap_session_check(MYLDAP_SESSION *session); + +/* Close the session and free all the resources allocated for the session. + After a call to this function the referenced handle is invalid. */ +void myldap_session_close(MYLDAP_SESSION *session); + +/* Mark all failing LDAP servers as needing quick retries. This ensures that the + reconnect_sleeptime and reconnect_retrytime sleeping period is cut short. */ +void myldap_immediate_reconnect(void); + +/* Do an LDAP search and return a reference to the results (returns NULL on + error). This function uses paging, and does reconnects to the configured + URLs transparently. The function returns an LDAP status code in the + location pointed to by rcp if it is non-NULL. */ +MUST_USE MYLDAP_SEARCH *myldap_search(MYLDAP_SESSION *session, + const char *base, int scope, + const char *filter, const char **attrs, + int *rcp); + +/* Close the specified search. This frees all the memory that was allocated + for the search and its results. */ +void myldap_search_close(MYLDAP_SEARCH *search); + +/* Get an entry from the result set, going over all results (returns NULL if + no more entries are available). Note that any memory allocated to return + information about the previous entry (e.g. with myldap_get_values()) is + freed with this call. The search is autoamtically closed when no more + results are available. The function returns an LDAP status code in the + location pointed to by rcp if it is non-NULL. */ +MUST_USE MYLDAP_ENTRY *myldap_get_entry(MYLDAP_SEARCH *search, int *rcp); + +/* Get the DN from the entry. This function does not return NULL (on error + "unknown" is returned). */ +MUST_USE const char *myldap_get_dn(MYLDAP_ENTRY *entry); + +/* Just like myldap_get_dn() but copies the result into the buffer. */ +char *myldap_cpy_dn(MYLDAP_ENTRY *entry, char *buf, size_t buflen); + +/* Get the attribute values from a certain entry as a NULL terminated list. + May return NULL or an empty array. */ +MUST_USE const char **myldap_get_values(MYLDAP_ENTRY *entry, const char *attr); + +/* Get the attribute values from a certain entry as a NULL terminated list. + May return NULL or an empty array. */ +MUST_USE const char **myldap_get_values_len(MYLDAP_ENTRY *entry, const char *attr); + +/* Checks to see if the entry has the specified object class. */ +MUST_USE int myldap_has_objectclass(MYLDAP_ENTRY *entry, const char *objectclass); + +/* See if the entry has any deref controls attached to it and deref attr + derefattr to get the getattr values. Will return two lists of attribute + values. One list of deref'ed attribute values and one list of original + attribute values that could not be deref'ed. */ +MUST_USE const char ***myldap_get_deref_values(MYLDAP_ENTRY *entry, + const char *derefattr, const char *getattr); + +/* Get the RDN's value: eg. if the DN was cn=lukeh, ou=People, dc=example, + dc=com getrdnvalue(entry, cn) would return lukeh. If the attribute was not + found in the DN or if some error occurs NULL is returned. This method may + be used to get the "most authorative" value for an attribute. */ +MUST_USE const char *myldap_get_rdn_value(MYLDAP_ENTRY *entry, const char *attr); + +/* Just like myldap_get_rdn_value() but use the supplied character sequence + and copies the result into the buffer. + Returns a pointer to the start of the string on success and NULL on + failure. */ +MUST_USE const char *myldap_cpy_rdn_value(const char *dn, const char *attr, + char *buf, size_t buflen); + +/* Escapes characters in a string for use in a search filter. */ +MUST_USE int myldap_escape(const char *src, char *buffer, size_t buflen); + +/* Set the debug level globally. Returns an LDAP status code. */ +int myldap_set_debuglevel(int level); + +/* Perform an EXOP password modification call. Returns an LDAP status code. */ +int myldap_passwd(MYLDAP_SESSION *session, + const char *userdn, const char *oldpassword, + const char *newpasswd); + +/* Perform an LDAP modification request. Returns an LDAP status code. */ +int myldap_modify(MYLDAP_SESSION *session, const char *dn, LDAPMod * mods[]); + +/* Get an LDAP error message from the supplied rc and optionally any extra + information in the connection. */ +int myldap_error_message(MYLDAP_SESSION *session, int rc, + char *buffer, size_t buflen); + +#endif /* not NSLCD__MYLDAP_H */ diff --git a/nslcd/netgroup.c b/nslcd/netgroup.c new file mode 100644 index 0000000..6dbf77a --- /dev/null +++ b/nslcd/netgroup.c @@ -0,0 +1,257 @@ +/* + netgroup.c - netgroup lookup routines + Parts of this file were part of the nss_ldap library (as ldap-netgrp.c) + which has been forked into the nss-pam-ldapd library. + + Copyright (C) 1997-2005 Luke Howard + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2014 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include +#include + +#include "common.h" +#include "log.h" +#include "myldap.h" +#include "cfg.h" +#include "attmap.h" + +/* ( nisSchema.2.8 NAME 'nisNetgroup' SUP top STRUCTURAL + * DESC 'Abstraction of a netgroup. May refer to other netgroups' + * MUST cn + * MAY ( nisNetgroupTriple $ memberNisNetgroup $ description ) ) + */ + +/* the search base for searches */ +const char *netgroup_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; + +/* the search scope for searches */ +int netgroup_scope = LDAP_SCOPE_DEFAULT; + +/* the basic search filter for searches */ +const char *netgroup_filter = "(objectClass=nisNetgroup)"; + +/* the attributes to request with searches */ +const char *attmap_netgroup_cn = "cn"; +const char *attmap_netgroup_nisNetgroupTriple = "nisNetgroupTriple"; +const char *attmap_netgroup_memberNisNetgroup = "memberNisNetgroup"; + +/* the attribute list to request with searches */ +static const char *netgroup_attrs[4]; + +static int mkfilter_netgroup_byname(const char *name, + char *buffer, size_t buflen) +{ + char safename[BUFLEN_SAFENAME]; + /* escape attribute */ + if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_netgroup_byname(): safename buffer too small"); + return -1; + } + /* build filter */ + return mysnprintf(buffer, buflen, "(&%s(%s=%s))", + netgroup_filter, attmap_netgroup_cn, safename); +} + +void netgroup_init(void) +{ + int i; + /* set up search bases */ + if (netgroup_bases[0] == NULL) + for (i = 0; i < NSS_LDAP_CONFIG_MAX_BASES; i++) + netgroup_bases[i] = nslcd_cfg->bases[i]; + /* set up scope */ + if (netgroup_scope == LDAP_SCOPE_DEFAULT) + netgroup_scope = nslcd_cfg->scope; + /* set up attribute list */ + netgroup_attrs[0] = attmap_netgroup_cn; + netgroup_attrs[1] = attmap_netgroup_nisNetgroupTriple; + netgroup_attrs[2] = attmap_netgroup_memberNisNetgroup; + netgroup_attrs[3] = NULL; +} + +static int write_string_stripspace_len(TFILE *fp, const char *str, int len) +{ + int32_t tmpint32; + int i, j; + DEBUG_PRINT("WRITE_STRING: var=" __STRING(str) " string=\"%s\"", str); + /* skip leading spaces */ + for (i = 0; (str[i] != '\0') && (isspace(str[i])); i++) + /* nothing */ ; + /* skip trailing spaces */ + for (j = len; (j > i) && (isspace(str[j - 1])); j--) + /* nothing */ ; + /* write length of string */ + WRITE_INT32(fp, j - i); + /* write string itself */ + if (j > i) + { + WRITE(fp, str + i, j - i); + } + /* we're done */ + return 0; +} + +#define WRITE_STRING_STRIPSPACE_LEN(fp, str, len) \ + if (write_string_stripspace_len(fp, str, len)) \ + return -1; + +#define WRITE_STRING_STRIPSPACE(fp, str) \ + WRITE_STRING_STRIPSPACE_LEN(fp, str, strlen(str)) + +static int write_netgroup_triple(TFILE *fp, MYLDAP_ENTRY *entry, + const char *triple) +{ + int32_t tmpint32; + int i; + int hostb, hoste, userb, usere, domainb, domaine; + /* skip leading spaces */ + for (i = 0; (triple[i] != '\0') && (isspace(triple[i])); i++) + /* nothing */ ; + /* we should have a bracket now */ + if (triple[i] != '(') + { + log_log(LOG_WARNING, "%s: %s: does not begin with '('", + myldap_get_dn(entry), attmap_netgroup_nisNetgroupTriple); + return 0; + } + i++; + hostb = i; + /* find comma (end of host string) */ + for (; (triple[i] != '\0') && (triple[i] != ','); i++) + /* nothing */ ; + hoste = i; + if (triple[i++] != ',') + { + log_log(LOG_WARNING, "%s: %s: missing ','", + myldap_get_dn(entry), attmap_netgroup_nisNetgroupTriple); + return 0; + } + userb = i; + /* find comma (end of user string) */ + for (; (triple[i] != '\0') && (triple[i] != ','); i++) + /* nothing */ ; + usere = i; + if (triple[i++] != ',') + { + log_log(LOG_WARNING, "%s: %s: missing ','", + myldap_get_dn(entry), attmap_netgroup_nisNetgroupTriple); + return 0; + } + domainb = i; + /* find closing bracket (end of domain string) */ + for (; (triple[i] != '\0') && (triple[i] != ')'); i++) + /* nothing */ ; + domaine=i; + if (triple[i++] != ')') + { + log_log(LOG_WARNING, "%s: %s: missing ')'", + myldap_get_dn(entry), attmap_netgroup_nisNetgroupTriple); + return 0; + } + /* skip trailing spaces */ + for (; (triple[i] != '\0') && (isspace(triple[i])); i++) + /* nothing */ ; + /* if anything is left in the string we have a problem */ + if (triple[i] != '\0') + { + log_log(LOG_WARNING, "%s: %s: contains trailing data", + myldap_get_dn(entry), attmap_netgroup_nisNetgroupTriple); + return 0; + } + /* write strings */ + WRITE_INT32(fp, NSLCD_NETGROUP_TYPE_TRIPLE); + WRITE_STRING_STRIPSPACE_LEN(fp, triple + hostb, hoste - hostb) + WRITE_STRING_STRIPSPACE_LEN(fp, triple + userb, usere - userb) + WRITE_STRING_STRIPSPACE_LEN(fp, triple + domainb, domaine - domainb) + /* we're done */ + return 0; +} + +static int write_netgroup(TFILE *fp, MYLDAP_ENTRY *entry, const char *reqname) +{ + int32_t tmpint32; + int i, j; + const char **names; + const char **triples; + const char **members; + /* get the netgroup name */ + names = myldap_get_values(entry, attmap_netgroup_cn); + if ((names == NULL) || (names[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_netgroup_cn); + return 0; + } + /* get the netgroup triples and member */ + triples = myldap_get_values(entry, attmap_netgroup_nisNetgroupTriple); + members = myldap_get_values(entry, attmap_netgroup_memberNisNetgroup); + /* write the entries */ + for (i = 0; names[i] != NULL; i++) + if ((reqname == NULL) || (STR_CMP(reqname, names[i]) == 0)) + { + /* write first part of result */ + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_STRING(fp, names[i]); + /* write the netgroup triples */ + if (triples != NULL) + for (j = 0; triples[j] != NULL; j++) + if (write_netgroup_triple(fp, entry, triples[j])) + return -1; + /* write netgroup members */ + if (members != NULL) + for (j = 0; members[j] != NULL; j++) + { + /* write triple indicator */ + WRITE_INT32(fp, NSLCD_NETGROUP_TYPE_NETGROUP); + /* write netgroup name */ + WRITE_STRING_STRIPSPACE(fp, members[j]); + } + /* write end of result marker */ + WRITE_INT32(fp, NSLCD_NETGROUP_TYPE_END); + } + /* we're done */ + return 0; +} + +NSLCD_HANDLE( + netgroup, byname, NSLCD_ACTION_NETGROUP_BYNAME, + char name[BUFLEN_NAME]; + char filter[BUFLEN_FILTER]; + READ_STRING(fp, name); + log_setrequest("netgroup=\"%s\"", name);, + mkfilter_netgroup_byname(name, filter, sizeof(filter)), + write_netgroup(fp, entry, name) +) + +NSLCD_HANDLE( + netgroup, all, NSLCD_ACTION_NETGROUP_ALL, + const char *filter; + log_setrequest("netgroup(all)");, + (filter = netgroup_filter, 0), + write_netgroup(fp, entry, NULL) +) diff --git a/nslcd/network.c b/nslcd/network.c new file mode 100644 index 0000000..26f68ad --- /dev/null +++ b/nslcd/network.c @@ -0,0 +1,189 @@ +/* + network.c - network address entry lookup routines + Parts of this file were part of the nss_ldap library (as ldap-network.c) + which has been forked into the nss-pam-ldapd library. + + Copyright (C) 1997-2005 Luke Howard + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2014 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include + +#include "common.h" +#include "log.h" +#include "myldap.h" +#include "cfg.h" +#include "attmap.h" + +/* ( nisSchema.2.7 NAME 'ipNetwork' SUP top STRUCTURAL + * DESC 'Abstraction of a network. The distinguished value of + * MUST ( cn $ ipNetworkNumber ) + * MAY ( ipNetmaskNumber $ l $ description $ manager ) ) + */ + +/* the search base for searches */ +const char *network_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; + +/* the search scope for searches */ +int network_scope = LDAP_SCOPE_DEFAULT; + +/* the basic search filter for searches */ +const char *network_filter = "(objectClass=ipNetwork)"; + +/* the attributes used in searches */ +const char *attmap_network_cn = "cn"; +const char *attmap_network_ipNetworkNumber = "ipNetworkNumber"; + +/* the attribute list to request with searches */ +static const char *network_attrs[3]; + +/* create a search filter for searching a network entry + by name, return -1 on errors */ +static int mkfilter_network_byname(const char *name, + char *buffer, size_t buflen) +{ + char safename[BUFLEN_HOSTNAME]; + /* escape attribute */ + if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_network_byname(): safename buffer too small"); + return -1; + } + /* build filter */ + return mysnprintf(buffer, buflen, "(&%s(%s=%s))", + network_filter, attmap_network_cn, safename); +} + +static int mkfilter_network_byaddr(const char *addrstr, + char *buffer, size_t buflen) +{ + char safeaddr[64]; + /* escape attribute */ + if (myldap_escape(addrstr, safeaddr, sizeof(safeaddr))) + { + log_log(LOG_ERR, "mkfilter_network_byaddr(): safeaddr buffer too small"); + return -1; + } + /* build filter */ + return mysnprintf(buffer, buflen, "(&%s(%s=%s))", + network_filter, attmap_network_ipNetworkNumber, safeaddr); +} + +void network_init(void) +{ + int i; + /* set up search bases */ + if (network_bases[0] == NULL) + for (i = 0; i < NSS_LDAP_CONFIG_MAX_BASES; i++) + network_bases[i] = nslcd_cfg->bases[i]; + /* set up scope */ + if (network_scope == LDAP_SCOPE_DEFAULT) + network_scope = nslcd_cfg->scope; + /* set up attribute list */ + network_attrs[0] = attmap_network_cn; + network_attrs[1] = attmap_network_ipNetworkNumber; + network_attrs[2] = NULL; +} + +/* write a single network entry to the stream */ +static int write_network(TFILE *fp, MYLDAP_ENTRY *entry) +{ + int32_t tmpint32, tmp2int32, tmp3int32; + int numaddr, i; + const char *networkname; + const char **networknames; + const char **addresses; + /* get the most canonical name */ + networkname = myldap_get_rdn_value(entry, attmap_network_cn); + /* get the other names for the network */ + networknames = myldap_get_values(entry, attmap_network_cn); + if ((networknames == NULL) || (networknames[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_network_cn); + return 0; + } + /* if the networkname is not yet found, get the first entry from networknames */ + if (networkname == NULL) + networkname = networknames[0]; + /* get the addresses */ + addresses = myldap_get_values(entry, attmap_network_ipNetworkNumber); + if ((addresses == NULL) || (addresses[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_network_ipNetworkNumber); + return 0; + } + /* write the entry */ + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_STRING(fp, networkname); + WRITE_STRINGLIST_EXCEPT(fp, networknames, networkname); + for (numaddr = 0; addresses[numaddr] != NULL; numaddr++) + /* noting */ ; + WRITE_INT32(fp, numaddr); + for (i = 0; i < numaddr; i++) + { + WRITE_ADDRESS(fp, entry, attmap_network_ipNetworkNumber, addresses[i]); + } + return 0; +} + +NSLCD_HANDLE( + network, byname, NSLCD_ACTION_NETWORK_BYNAME, + char name[BUFLEN_HOSTNAME]; + char filter[BUFLEN_FILTER]; + READ_STRING(fp, name); + log_setrequest("network=\"%s\"", name);, + mkfilter_network_byname(name, filter, sizeof(filter)), + write_network(fp, entry) +) + +NSLCD_HANDLE( + network, byaddr, NSLCD_ACTION_NETWORK_BYADDR, + int af; + char addr[64]; + int len = sizeof(addr); + char addrstr[64]; + char filter[BUFLEN_FILTER]; + READ_ADDRESS(fp, addr, len, af); + /* translate the address to a string */ + if (inet_ntop(af, addr, addrstr, sizeof(addrstr)) == NULL) + { + log_log(LOG_WARNING, "unable to convert address to string"); + return -1; + } + log_setrequest("network=%s", addrstr);, + mkfilter_network_byaddr(addrstr, filter, sizeof(filter)), + write_network(fp, entry) +) + +NSLCD_HANDLE( + network, all, NSLCD_ACTION_NETWORK_ALL, + const char *filter; + log_setrequest("network(all)");, + (filter = network_filter, 0), + write_network(fp, entry) +) diff --git a/nslcd/nslcd.c b/nslcd/nslcd.c new file mode 100644 index 0000000..82c09ab --- /dev/null +++ b/nslcd/nslcd.c @@ -0,0 +1,898 @@ +/* + nslcd.c - ldap local connection daemon + + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2017 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#ifdef HAVE_STDINT_H +#include +#endif /* HAVE_STDINT_H */ +#include +#include +#include +#ifdef HAVE_GETOPT_H +#include +#endif /* HAVE_GETOPT_H */ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#ifdef HAVE_NSS_H +#include +#endif /* HAVE_NSS_H */ +#include +#ifdef HAVE_PTHREAD_NP_H +#include +#endif /* HAVE_PTHREAD_NP_H */ +#ifndef HAVE_GETOPT_LONG +#include "compat/getopt_long.h" +#endif /* not HAVE_GETOPT_LONG */ +#include +#include +#include + +#include "nslcd.h" +#include "log.h" +#include "cfg.h" +#include "common.h" +#include "compat/attrs.h" +#include "compat/getpeercred.h" +#include "compat/socket.h" +#include "daemonize.h" + +/* read timeout is half a second because clients should send their request + quickly, write timeout is 60 seconds because clients could be taking some + time to process the results */ +#define READ_TIMEOUT 500 +#define WRITE_TIMEOUT 60 * 1000 + +/* buffer sizes for I/O */ +#define READBUFFER_MINSIZE 32 +#define READBUFFER_MAXSIZE 64 +#define WRITEBUFFER_MINSIZE 1024 +#define WRITEBUFFER_MAXSIZE 1 * 1024 * 1024 + +/* adjust the oom killer score */ +#define OOM_SCORE_ADJ_FILE "/proc/self/oom_score_adj" +#define OOM_SCORE_ADJ "-1000" + +/* flag to indicate if we are in debugging mode */ +static int nslcd_debugging = 0; + +/* flag to indicate we shouldn't daemonize */ +static int nslcd_nofork = 0; + +/* flag to indicate user requested the --check option */ +static int nslcd_checkonly = 0; + +/* the flag to indicate that a signal was received */ +static volatile int nslcd_receivedsignal = 0; + +/* the server socket used for communication */ +static int nslcd_serversocket = -1; + +/* thread ids of all running threads */ +static pthread_t *nslcd_threads; + +/* if we don't have clearenv() we have to do this the hard way */ +#ifndef HAVE_CLEARENV + +/* the definition of the environment */ +extern char **environ; + +/* the environment we want to use */ +static char *sane_environment[] = { + "HOME=/", + "TMPDIR=/tmp", + "LDAPNOINIT=1", + NULL +}; + +#endif /* not HAVE_CLEARENV */ + +/* display version information */ +static void display_version(FILE *fp) +{ + fprintf(fp, "%s\n", PACKAGE_STRING); + fprintf(fp, "Written by Luke Howard and Arthur de Jong.\n\n"); + fprintf(fp, "Copyright (C) 1997-2017 Luke Howard, Arthur de Jong and West Consulting\n" + "This is free software; see the source for copying conditions. There is NO\n" + "warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\n"); +} + +/* display usage information */ +static void display_usage(FILE *fp, const char *program_name) +{ + fprintf(fp, "Usage: %s [OPTION]...\n", program_name); + fprintf(fp, "Name Service LDAP connection daemon.\n"); + fprintf(fp, " -c, --check check if the daemon already is running\n"); + fprintf(fp, " -d, --debug don't fork and print debugging to stderr\n"); + fprintf(fp, " -n, --nofork don't fork\n"); + fprintf(fp, " --help display this help and exit\n"); + fprintf(fp, " --version output version information and exit\n"); + fprintf(fp, "\n" "Report bugs to <%s>.\n", PACKAGE_BUGREPORT); +} + +/* the definition of options for getopt(). see getopt(2) */ +static struct option const nslcd_options[] = { + {"check", no_argument, NULL, 'c'}, + {"debug", no_argument, NULL, 'd'}, + {"nofork", no_argument, NULL, 'n'}, + {"help", no_argument, NULL, 'h'}, + {"version", no_argument, NULL, 'V'}, + {NULL, 0, NULL, 0} +}; +#define NSLCD_OPTIONSTRING "cndhV" + +/* parse command line options and save settings in struct */ +static void parse_cmdline(int argc, char *argv[]) +{ + int optc; + while ((optc = getopt_long(argc, argv, NSLCD_OPTIONSTRING, nslcd_options, NULL)) != -1) + { + switch (optc) + { + case 'c': /* -c, --check check if the daemon already is running */ + nslcd_checkonly = 1; + break; + case 'd': /* -d, --debug don't fork and print debugging to stderr */ + nslcd_debugging++; + log_setdefaultloglevel(LOG_DEBUG); + break; + case 'n': /* -n, --nofork don't fork */ + nslcd_nofork++; + break; + case 'h': /* --help display this help and exit */ + display_usage(stdout, argv[0]); + exit(EXIT_SUCCESS); + case 'V': /* --version output version information and exit */ + display_version(stdout); + exit(EXIT_SUCCESS); + case ':': /* missing required parameter */ + case '?': /* unknown option character or extraneous parameter */ + default: + fprintf(stderr, "Try '%s --help' for more information.\n", argv[0]); + exit(EXIT_FAILURE); + } + } + /* check for remaining arguments */ + if (optind < argc) + { + fprintf(stderr, "%s: unrecognized option '%s'\n", argv[0], argv[optind]); + fprintf(stderr, "Try '%s --help' for more information.\n", argv[0]); + exit(EXIT_FAILURE); + } +} + +/* signal handler for storing information on received signals */ +static void sig_handler(int signum) +{ + /* just save the signal to indicate that we're stopping */ + nslcd_receivedsignal = signum; +} + +/* do some cleaning up before terminating */ +static void exithandler(void) +{ + /* close socket if it's still in use */ + if (nslcd_serversocket >= 0) + { + if (close(nslcd_serversocket)) + log_log(LOG_WARNING, "problem closing server socket (ignored): %s", + strerror(errno)); + } + /* remove existing named socket */ + if (unlink(NSLCD_SOCKET) < 0) + { + log_log(LOG_DEBUG, "unlink() of " NSLCD_SOCKET " failed (ignored): %s", + strerror(errno)); + } + /* remove pidfile */ + if (unlink(NSLCD_PIDFILE) < 0) + { + log_log(LOG_DEBUG, "unlink() of " NSLCD_PIDFILE " failed (ignored): %s", + strerror(errno)); + } + /* log exit */ + log_log(LOG_INFO, "version %s bailing out", VERSION); +} + +/* create the directory for the specified file to reside in */ +static void mkdirname(const char *filename) +{ + char *tmpname, *path; + tmpname = strdup(filename); + if (tmpname == NULL) + return; + path = dirname(tmpname); + if (mkdir(path, (mode_t)0755) == 0) + { + /* if directory was just created, set correct ownership */ + if (lchown(path, nslcd_cfg->uid, nslcd_cfg->gid) < 0) + log_log(LOG_WARNING, "problem setting permissions for %s: %s", + path, strerror(errno)); + } + free(tmpname); +} + +/* returns a socket ready to answer requests from the client, + exit()s on error */ +static int create_socket(const char *filename) +{ + int sock; + int i; + struct sockaddr_un addr; + /* create a socket */ + if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) + { + log_log(LOG_ERR, "cannot create socket: %s", strerror(errno)); + exit(EXIT_FAILURE); + } + if (sock >= (int)FD_SETSIZE) + { + log_log(LOG_ERR, "socket file descriptor number too high (%d)", sock); + exit(EXIT_FAILURE); + } + /* remove existing named socket */ + if (unlink(filename) < 0) + { + log_log(LOG_DEBUG, "unlink() of %s failed (ignored): %s", + filename, strerror(errno)); + } + /* do not block on accept() */ + if ((i = fcntl(sock, F_GETFL, 0)) < 0) + { + log_log(LOG_ERR, "fctnl(F_GETFL) failed: %s", strerror(errno)); + if (close(sock)) + log_log(LOG_WARNING, "problem closing socket: %s", strerror(errno)); + exit(EXIT_FAILURE); + } + if (fcntl(sock, F_SETFL, i | O_NONBLOCK) < 0) + { + log_log(LOG_ERR, "fctnl(F_SETFL,O_NONBLOCK) failed: %s", strerror(errno)); + if (close(sock)) + log_log(LOG_WARNING, "problem closing socket: %s", strerror(errno)); + exit(EXIT_FAILURE); + } + /* create the directory if needed */ + mkdirname(filename); + /* create socket address structure */ + memset(&addr, 0, sizeof(struct sockaddr_un)); + addr.sun_family = AF_UNIX; + strncpy(addr.sun_path, filename, sizeof(addr.sun_path)); + addr.sun_path[sizeof(addr.sun_path) - 1] = '\0'; + /* bind to the named socket */ + if (bind(sock, (struct sockaddr *)&addr, SUN_LEN(&addr))) + { + log_log(LOG_ERR, "bind() to %s failed: %s", filename, strerror(errno)); + if (close(sock)) + log_log(LOG_WARNING, "problem closing socket: %s", strerror(errno)); + exit(EXIT_FAILURE); + } + /* close the file descriptor on exec */ + if (fcntl(sock, F_SETFD, FD_CLOEXEC) < 0) + { + log_log(LOG_ERR, "fctnl(F_SETFL,FD_CLOEXEC) on %s failed: %s", + filename, strerror(errno)); + if (close(sock)) + log_log(LOG_WARNING, "problem closing socket: %s", strerror(errno)); + exit(EXIT_FAILURE); + } + /* set permissions of socket so anybody can do requests */ + /* Note: we use chmod() here instead of fchmod() because + fchmod does not work on sockets + http://www.opengroup.org/onlinepubs/009695399/functions/fchmod.html + http://lkml.org/lkml/2005/5/16/11 */ + if (chmod(filename, (mode_t)0666)) + { + log_log(LOG_ERR, "chmod(0666) of %s failed: %s", + filename, strerror(errno)); + if (close(sock)) + log_log(LOG_WARNING, "problem closing socket: %s", strerror(errno)); + exit(EXIT_FAILURE); + } + /* start listening for connections */ + if (listen(sock, SOMAXCONN) < 0) + { + log_log(LOG_ERR, "listen() failed: %s", strerror(errno)); + if (close(sock)) + log_log(LOG_WARNING, "problem closing socket: %s", strerror(errno)); + exit(EXIT_FAILURE); + } + /* we're done */ + return sock; +} + +/* read the version information and action from the stream + this function returns the read action in location pointer to by action */ +static int read_header(TFILE *fp, int32_t *action) +{ + int32_t tmpint32; + int32_t protocol; + /* read the protocol version */ + READ_INT32(fp, protocol); + if (protocol != (int32_t)NSLCD_VERSION) + { + log_log(LOG_DEBUG, "invalid nslcd version id: 0x%08x", (unsigned int)protocol); + return -1; + } + /* read the request type */ + READ_INT32(fp, *action); + return 0; +} + +/* read a request message, returns <0 in case of errors, + this function closes the socket */ +static void handleconnection(int sock, MYLDAP_SESSION *session) +{ + TFILE *fp; + int32_t action; + uid_t uid = (uid_t)-1; + gid_t gid = (gid_t)-1; + pid_t pid = (pid_t)-1; + /* log connection */ + if (getpeercred(sock, &uid, &gid, &pid)) + log_log(LOG_DEBUG, "connection from unknown client: %s", strerror(errno)); + else + log_log(LOG_DEBUG, "connection from pid=%lu uid=%lu gid=%lu", + (unsigned long int)pid, (unsigned long int)uid, (unsigned long int)gid); + /* create a stream object */ + if ((fp = tio_fdopen(sock, READ_TIMEOUT, WRITE_TIMEOUT, + READBUFFER_MINSIZE, READBUFFER_MAXSIZE, + WRITEBUFFER_MINSIZE, WRITEBUFFER_MAXSIZE)) == NULL) + { + log_log(LOG_WARNING, "cannot create stream for writing: %s", + strerror(errno)); + (void)close(sock); + return; + } + /* read request */ + if (read_header(fp, &action)) + { + (void)tio_close(fp); + return; + } + /* handle request */ + switch (action) + { + case NSLCD_ACTION_CONFIG_GET: (void)nslcd_config_get(fp, session); break; + case NSLCD_ACTION_ALIAS_BYNAME: (void)nslcd_alias_byname(fp, session); break; + case NSLCD_ACTION_ALIAS_ALL: (void)nslcd_alias_all(fp, session); break; + case NSLCD_ACTION_ETHER_BYNAME: (void)nslcd_ether_byname(fp, session); break; + case NSLCD_ACTION_ETHER_BYETHER: (void)nslcd_ether_byether(fp, session); break; + case NSLCD_ACTION_ETHER_ALL: (void)nslcd_ether_all(fp, session); break; + case NSLCD_ACTION_GROUP_BYNAME: (void)nslcd_group_byname(fp, session); break; + case NSLCD_ACTION_GROUP_BYGID: (void)nslcd_group_bygid(fp, session); break; + case NSLCD_ACTION_GROUP_BYMEMBER: (void)nslcd_group_bymember(fp, session); break; + case NSLCD_ACTION_GROUP_ALL: + if (!nslcd_cfg->nss_disable_enumeration) (void)nslcd_group_all(fp, session); + break; + case NSLCD_ACTION_HOST_BYNAME: (void)nslcd_host_byname(fp, session); break; + case NSLCD_ACTION_HOST_BYADDR: (void)nslcd_host_byaddr(fp, session); break; + case NSLCD_ACTION_HOST_ALL: (void)nslcd_host_all(fp, session); break; + case NSLCD_ACTION_NETGROUP_BYNAME: (void)nslcd_netgroup_byname(fp, session); break; + case NSLCD_ACTION_NETGROUP_ALL: (void)nslcd_netgroup_all(fp, session); break; + case NSLCD_ACTION_NETWORK_BYNAME: (void)nslcd_network_byname(fp, session); break; + case NSLCD_ACTION_NETWORK_BYADDR: (void)nslcd_network_byaddr(fp, session); break; + case NSLCD_ACTION_NETWORK_ALL: (void)nslcd_network_all(fp, session); break; + case NSLCD_ACTION_PASSWD_BYNAME: (void)nslcd_passwd_byname(fp, session, uid); break; + case NSLCD_ACTION_PASSWD_BYUID: (void)nslcd_passwd_byuid(fp, session, uid); break; + case NSLCD_ACTION_PASSWD_ALL: + if (!nslcd_cfg->nss_disable_enumeration) (void)nslcd_passwd_all(fp, session, uid); + break; + case NSLCD_ACTION_PROTOCOL_BYNAME: (void)nslcd_protocol_byname(fp, session); break; + case NSLCD_ACTION_PROTOCOL_BYNUMBER:(void)nslcd_protocol_bynumber(fp, session); break; + case NSLCD_ACTION_PROTOCOL_ALL: (void)nslcd_protocol_all(fp, session); break; + case NSLCD_ACTION_RPC_BYNAME: (void)nslcd_rpc_byname(fp, session); break; + case NSLCD_ACTION_RPC_BYNUMBER: (void)nslcd_rpc_bynumber(fp, session); break; + case NSLCD_ACTION_RPC_ALL: (void)nslcd_rpc_all(fp, session); break; + case NSLCD_ACTION_SERVICE_BYNAME: (void)nslcd_service_byname(fp, session); break; + case NSLCD_ACTION_SERVICE_BYNUMBER: (void)nslcd_service_bynumber(fp, session); break; + case NSLCD_ACTION_SERVICE_ALL: (void)nslcd_service_all(fp, session); break; + case NSLCD_ACTION_SHADOW_BYNAME: (void)nslcd_shadow_byname(fp, session, uid); break; + case NSLCD_ACTION_SHADOW_ALL: + if (!nslcd_cfg->nss_disable_enumeration) (void)nslcd_shadow_all(fp, session, uid); + break; + case NSLCD_ACTION_PAM_AUTHC: (void)nslcd_pam_authc(fp, session, uid); break; + case NSLCD_ACTION_PAM_AUTHZ: (void)nslcd_pam_authz(fp, session); break; + case NSLCD_ACTION_PAM_SESS_O: (void)nslcd_pam_sess_o(fp, session); break; + case NSLCD_ACTION_PAM_SESS_C: (void)nslcd_pam_sess_c(fp, session); break; + case NSLCD_ACTION_PAM_PWMOD: (void)nslcd_pam_pwmod(fp, session, uid); break; + case NSLCD_ACTION_USERMOD: (void)nslcd_usermod(fp, session, uid); break; + default: + log_log(LOG_WARNING, "invalid request id: 0x%08x", (unsigned int)action); + break; + } + /* we're done with the request */ + myldap_session_cleanup(session); + (void)tio_close(fp); + return; +} + +/* test to see if we can lock the specified file */ +static int is_locked(const char *filename) +{ + int fd; + if (filename != NULL) + { + errno = 0; + if ((fd = open(filename, O_RDWR, 0644)) < 0) + { + if (errno == ENOENT) + return 0; /* if file doesn't exist it cannot be locked */ + log_log(LOG_ERR, "cannot open lock file (%s): %s", filename, strerror(errno)); + exit(EXIT_FAILURE); + } + if (lockf(fd, F_TEST, 0) < 0) + { + if (close(fd)) + log_log(LOG_WARNING, "problem closing fd: %s", strerror(errno)); + return -1; + } + if (close(fd)) + log_log(LOG_WARNING, "problem closing fd: %s", strerror(errno)); + } + return 0; +} + +/* write the current process id to the specified file */ +static void create_pidfile(const char *filename) +{ + int fd; + char buffer[20]; + if (filename != NULL) + { + mkdirname(filename); + if ((fd = open(filename, O_RDWR | O_CREAT, 0644)) < 0) + { + log_log(LOG_ERR, "cannot create pid file (%s): %s", + filename, strerror(errno)); + exit(EXIT_FAILURE); + } + if (lockf(fd, F_TLOCK, 0) < 0) + { + log_log(LOG_ERR, "cannot lock pid file (%s): %s", + filename, strerror(errno)); + exit(EXIT_FAILURE); + } + if (ftruncate(fd, 0) < 0) + { + log_log(LOG_ERR, "cannot truncate pid file (%s): %s", + filename, strerror(errno)); + exit(EXIT_FAILURE); + } + mysnprintf(buffer, sizeof(buffer), "%lu\n", (unsigned long int)getpid()); + if (write(fd, buffer, strlen(buffer)) != (int)strlen(buffer)) + { + log_log(LOG_ERR, "error writing pid file (%s): %s", + filename, strerror(errno)); + exit(EXIT_FAILURE); + } + /* we keep the pidfile open so the lock remains valid */ + } +} + +/* try to install signal handler and check result */ +static void install_sighandler(int signum, void (*handler) (int)) +{ + struct sigaction act; + memset(&act, 0, sizeof(struct sigaction)); + act.sa_handler = handler; + sigemptyset(&act.sa_mask); + act.sa_flags = SA_RESTART | SA_NOCLDSTOP; + if (sigaction(signum, &act, NULL) != 0) + { + log_log(LOG_ERR, "error installing signal handler for '%s': %s", + signame(signum), strerror(errno)); + exit(EXIT_FAILURE); + } +} + +static void worker_cleanup(void *arg) +{ + MYLDAP_SESSION *session = (MYLDAP_SESSION *)arg; + myldap_session_close(session); +} + +static void *worker(void UNUSED(*arg)) +{ + MYLDAP_SESSION *session; + int csock; + int j; + struct sockaddr_storage addr; + socklen_t alen; + fd_set fds; + struct timeval tv; + /* create a new LDAP session */ + session = myldap_create_session(); + /* clean up the session if we're done */ + pthread_cleanup_push(worker_cleanup, session); + /* start waiting for incoming connections */ + while (1) + { + /* time out connection to LDAP server if needed */ + myldap_session_check(session); + /* set up the set of fds to wait on */ + FD_ZERO(&fds); + FD_SET(nslcd_serversocket, &fds); + /* set up our timeout value */ + tv.tv_sec = nslcd_cfg->idle_timelimit; + tv.tv_usec = 0; + /* wait for a new connection */ + j = select(nslcd_serversocket + 1, &fds, NULL, NULL, + nslcd_cfg->idle_timelimit > 0 ? &tv : NULL); + /* check result of select() */ + if (j < 0) + { + if (errno == EINTR) + log_log(LOG_DEBUG, "select() failed (ignored): %s", strerror(errno)); + else + log_log(LOG_ERR, "select() failed: %s", strerror(errno)); + continue; + } + /* see if our file descriptor is actually ready */ + if (!FD_ISSET(nslcd_serversocket, &fds)) + continue; + /* wait for a new connection */ + alen = (socklen_t)sizeof(struct sockaddr_storage); + csock = accept(nslcd_serversocket, (struct sockaddr *)&addr, &alen); + if (csock < 0) + { + if ((errno == EINTR) || (errno == EAGAIN) || (errno == EWOULDBLOCK)) + log_log(LOG_DEBUG, "accept() failed (ignored): %s", strerror(errno)); + else + log_log(LOG_ERR, "accept() failed: %s", strerror(errno)); + continue; + } + /* make sure O_NONBLOCK is not inherited */ + if ((j = fcntl(csock, F_GETFL, 0)) < 0) + { + log_log(LOG_ERR, "fctnl(F_GETFL) failed: %s", strerror(errno)); + if (close(csock)) + log_log(LOG_WARNING, "problem closing socket: %s", strerror(errno)); + continue; + } + if (fcntl(csock, F_SETFL, j & ~O_NONBLOCK) < 0) + { + log_log(LOG_ERR, "fctnl(F_SETFL,~O_NONBLOCK) failed: %s", strerror(errno)); + if (close(csock)) + log_log(LOG_WARNING, "problem closing socket: %s", strerror(errno)); + continue; + } + /* indicate new connection to logging module (generates unique id) */ + log_newsession(); + /* handle the connection */ + handleconnection(csock, session); + /* indicate end of session in log messages */ + log_clearsession(); + } + pthread_cleanup_pop(1); + return NULL; +} + +/* function to disable lookups through the nss_ldap module to avoid lookup + loops */ +static void disable_nss_ldap(void) +{ + void *handle; + char *error; + char **version_info; + int *enable_flag; + /* try to load the NSS module */ +#ifdef RTLD_NODELETE + handle = dlopen(NSS_LDAP_SONAME, RTLD_LAZY | RTLD_NODELETE); +#else /* not RTLD_NODELETE */ + handle = dlopen(NSS_LDAP_SONAME, RTLD_LAZY); +#endif /* RTLD_NODELETE */ + if (handle == NULL) + { + log_log(LOG_WARNING, "Warning: NSS_LDAP module not loaded: %s", dlerror()); + return; + } + /* clear any existing errors */ + dlerror(); + /* lookup the NSS version if possible */ + version_info = (char **)dlsym(handle, "_nss_" MODULE_NAME "_version"); + error = dlerror(); + if ((version_info != NULL) && (error == NULL)) + log_log(LOG_DEBUG, "NSS_LDAP %s %s", version_info[0], version_info[1]); + else + log_log(LOG_WARNING, "Warning: NSS_LDAP version missing: %s", error); + /* clear any existing errors */ + dlerror(); + /* try to look up the flag */ + enable_flag = (int *)dlsym(handle, "_nss_" MODULE_NAME "_enablelookups"); + error = dlerror(); + if ((enable_flag == NULL) || (error != NULL)) + { + log_log(LOG_WARNING, "Warning: %s (probably older NSS module loaded)", + error); + /* fall back to changing the way host lookup is done */ +#ifdef HAVE___NSS_CONFIGURE_LOOKUP + if (__nss_configure_lookup("hosts", "files dns")) + log_log(LOG_ERR, "unable to override hosts lookup method: %s", + strerror(errno)); +#endif /* HAVE___NSS_CONFIGURE_LOOKUP */ + dlclose(handle); + return; + } + /* disable nss_ldap */ + *enable_flag = 0; +#ifdef RTLD_NODELETE + /* only close the handle if RTLD_NODELETE was used */ + dlclose(handle); +#endif /* RTLD_NODELETE */ +} + +/* poke the OOM killer so nslcd will never get killed */ +static void adjust_oom_score(void) +{ + int oom_adj_fd; + if ((oom_adj_fd = open(OOM_SCORE_ADJ_FILE, O_WRONLY)) >= 0) + { + if (write(oom_adj_fd, OOM_SCORE_ADJ, strlen(OOM_SCORE_ADJ)) < 0) + log_log(LOG_WARNING, "writing oom score adjustment of %s failed: %s", + OOM_SCORE_ADJ, strerror(errno)); + close(oom_adj_fd); + } + else + { + log_log(LOG_DEBUG, "could not open %s to adjust the OOM score: %s", + OOM_SCORE_ADJ_FILE, strerror(errno)); + } +} + +/* the main program... */ +int main(int argc, char *argv[]) +{ + int i; + sigset_t signalmask, oldmask; +#ifdef HAVE_PTHREAD_TIMEDJOIN_NP + struct timespec ts; +#endif /* HAVE_PTHREAD_TIMEDJOIN_NP */ + /* block all these signals so our worker threads won't handle them */ + sigemptyset(&signalmask); + sigaddset(&signalmask, SIGHUP); + sigaddset(&signalmask, SIGINT); + sigaddset(&signalmask, SIGQUIT); + sigaddset(&signalmask, SIGABRT); + sigaddset(&signalmask, SIGPIPE); + sigaddset(&signalmask, SIGTERM); + sigaddset(&signalmask, SIGUSR1); + sigaddset(&signalmask, SIGUSR2); + pthread_sigmask(SIG_BLOCK, &signalmask, &oldmask); + /* close all file descriptors (except stdin/out/err) */ + daemonize_closefds(); + /* parse the command line */ + parse_cmdline(argc, argv); + /* clean the environment */ +#ifdef HAVE_CLEARENV + if (clearenv() || putenv("HOME=/") || putenv("TMPDIR=/tmp") || + putenv("LDAPNOINIT=1")) + { + log_log(LOG_ERR, "clearing environment failed"); + exit(EXIT_FAILURE); + } +#else /* not HAVE_CLEARENV */ + /* this is a bit ugly */ + environ = sane_environment; +#endif /* not HAVE_CLEARENV */ + /* disable the nss_ldap module for this process */ + disable_nss_ldap(); + /* set LDAP log level */ + if (myldap_set_debuglevel(nslcd_debugging) != LDAP_SUCCESS) + exit(EXIT_FAILURE); + /* read configuration file */ + cfg_init(NSLCD_CONF_PATH); + /* set default mode for pidfile and socket */ + (void)umask((mode_t)0022); + /* see if someone already locked the pidfile + if --check option was given exit TRUE if daemon runs + (pidfile locked), FALSE otherwise */ + if (nslcd_checkonly) + { + if (is_locked(NSLCD_PIDFILE)) + { + log_log(LOG_DEBUG, "pidfile (%s) is locked", NSLCD_PIDFILE); + exit(EXIT_SUCCESS); + } + else + { + log_log(LOG_DEBUG, "pidfile (%s) is not locked", NSLCD_PIDFILE); + exit(EXIT_FAILURE); + } + } + /* change directory */ + if (chdir("/") != 0) + { + log_log(LOG_ERR, "chdir failed: %s", strerror(errno)); + exit(EXIT_FAILURE); + } + /* normal check for pidfile locked */ + if (is_locked(NSLCD_PIDFILE)) + { + log_log(LOG_ERR, "nslcd may already be active, cannot acquire lock (%s): %s", + NSLCD_PIDFILE, strerror(errno)); + exit(EXIT_FAILURE); + } + /* daemonize */ + if ((!nslcd_debugging) && (!nslcd_nofork)) + { + errno = 0; + if (daemonize_daemon() != 0) + { + log_log(LOG_ERR, "unable to daemonize: %s", strerror(errno)); + exit(EXIT_FAILURE); + } + } + /* intilialize logging */ + if (!nslcd_debugging) + { + daemonize_redirect_stdio(); + log_startlogging(); + } + /* write pidfile */ + create_pidfile(NSLCD_PIDFILE); + /* log start */ + log_log(LOG_INFO, "version %s starting", VERSION); + /* install handler to close stuff off on exit and log notice */ + if (atexit(exithandler)) + { + log_log(LOG_ERR, "atexit() failed: %s", strerror(errno)); + daemonize_ready(EXIT_FAILURE, "atexit() failed\n"); + exit(EXIT_FAILURE); + } + adjust_oom_score(); + /* create socket */ + nslcd_serversocket = create_socket(NSLCD_SOCKET); + /* start subprocess to do invalidating if reconnect_invalidate is set */ + for (i = 0; i < LM_NONE; i++) + if (nslcd_cfg->reconnect_invalidate[i]) + break; + if (i < LM_NONE) + invalidator_start(); + /* change nslcd group and supplemental groups */ + if ((nslcd_cfg->gid != NOGID) && (nslcd_cfg->uidname != NULL)) + { +#ifdef HAVE_INITGROUPS + /* load supplementary groups */ + if (initgroups(nslcd_cfg->uidname, nslcd_cfg->gid) < 0) + log_log(LOG_WARNING, "cannot initgroups(\"%s\",%lu) (ignored): %s", + nslcd_cfg->uidname, (unsigned long int)nslcd_cfg->gid, strerror(errno)); + else + log_log(LOG_DEBUG, "initgroups(\"%s\",%lu) done", + nslcd_cfg->uidname, (unsigned long int)nslcd_cfg->gid); +#else /* not HAVE_INITGROUPS */ +#ifdef HAVE_SETGROUPS + /* just drop all supplemental groups */ + if (setgroups(0, NULL) < 0) + log_log(LOG_WARNING, "cannot setgroups(0,NULL) (ignored): %s", + strerror(errno)); + else + log_log(LOG_DEBUG, "setgroups(0,NULL) done"); +#else /* not HAVE_SETGROUPS */ + log_log(LOG_DEBUG, "neither initgroups() or setgroups() available"); +#endif /* not HAVE_SETGROUPS */ +#endif /* not HAVE_INITGROUPS */ + } + /* change to nslcd gid */ + if (nslcd_cfg->gid != NOGID) + { + if (setgid(nslcd_cfg->gid) != 0) + { + log_log(LOG_ERR, "cannot setgid(%lu): %s", + (unsigned long int)nslcd_cfg->gid, strerror(errno)); + daemonize_ready(EXIT_FAILURE, "cannot setgid()\n"); + exit(EXIT_FAILURE); + } + log_log(LOG_DEBUG, "setgid(%lu) done", (unsigned long int)nslcd_cfg->gid); + } + /* change to nslcd uid */ + if (nslcd_cfg->uid != NOUID) + { + if (setuid(nslcd_cfg->uid) != 0) + { + log_log(LOG_ERR, "cannot setuid(%lu): %s", + (unsigned long int)nslcd_cfg->uid, strerror(errno)); + daemonize_ready(EXIT_FAILURE, "cannot setuid()\n"); + exit(EXIT_FAILURE); + } + log_log(LOG_DEBUG, "setuid(%lu) done", (unsigned long int)nslcd_cfg->uid); + } + /* start worker threads */ + log_log(LOG_INFO, "accepting connections"); + nslcd_threads = (pthread_t *)malloc(nslcd_cfg->threads * sizeof(pthread_t)); + if (nslcd_threads == NULL) + { + log_log(LOG_CRIT, "main(): malloc() failed to allocate memory"); + daemonize_ready(EXIT_FAILURE, "malloc() failed to allocate memory\n"); + exit(EXIT_FAILURE); + } + for (i = 0; i < nslcd_cfg->threads; i++) + { + if (pthread_create(&nslcd_threads[i], NULL, worker, NULL)) + { + log_log(LOG_ERR, "unable to start worker thread %d: %s", + i, strerror(errno)); + daemonize_ready(EXIT_FAILURE, "unable to start worker thread\n"); + exit(EXIT_FAILURE); + } + } + /* install signal handlers for some signals */ + install_sighandler(SIGHUP, sig_handler); + install_sighandler(SIGINT, sig_handler); + install_sighandler(SIGQUIT, sig_handler); + install_sighandler(SIGABRT, sig_handler); + install_sighandler(SIGPIPE, SIG_IGN); + install_sighandler(SIGTERM, sig_handler); + install_sighandler(SIGUSR1, sig_handler); + install_sighandler(SIGUSR2, SIG_IGN); + /* signal the starting process to exit because we can provide services now */ + daemonize_ready(EXIT_SUCCESS, NULL); + /* enable receiving of signals */ + pthread_sigmask(SIG_SETMASK, &oldmask, NULL); + /* wait until we received a signal */ + while ((nslcd_receivedsignal == 0) || (nslcd_receivedsignal == SIGUSR1)) + { + sleep(INT_MAX); /* sleep as long as we can or until we receive a signal */ + if (nslcd_receivedsignal == SIGUSR1) + { + log_log(LOG_INFO, "caught signal %s (%d), refresh retries", + signame(nslcd_receivedsignal), nslcd_receivedsignal); + myldap_immediate_reconnect(); + nslcd_receivedsignal = 0; + } + } + /* print something about received signal */ + log_log(LOG_INFO, "caught signal %s (%d), shutting down", + signame(nslcd_receivedsignal), nslcd_receivedsignal); + /* cancel all running threads */ + for (i = 0; i < nslcd_cfg->threads; i++) + if (pthread_cancel(nslcd_threads[i])) + log_log(LOG_WARNING, "failed to stop thread %d (ignored): %s", + i, strerror(errno)); + /* close server socket to trigger failures in threads waiting on accept() */ + close(nslcd_serversocket); + nslcd_serversocket = -1; + /* if we can, wait a few seconds for the threads to finish */ +#ifdef HAVE_PTHREAD_TIMEDJOIN_NP + ts.tv_sec = time(NULL) + 3; + ts.tv_nsec = 0; +#endif /* HAVE_PTHREAD_TIMEDJOIN_NP */ + for (i = 0; i < nslcd_cfg->threads; i++) + { +#ifdef HAVE_PTHREAD_TIMEDJOIN_NP + pthread_timedjoin_np(nslcd_threads[i], NULL, &ts); +#endif /* HAVE_PTHREAD_TIMEDJOIN_NP */ + if (pthread_kill(nslcd_threads[i], 0) == 0) + log_log(LOG_ERR, "thread %d is still running, shutting down anyway", i); + } + /* we're done */ + return EXIT_SUCCESS; +} diff --git a/nslcd/nsswitch.c b/nslcd/nsswitch.c new file mode 100644 index 0000000..babf40e --- /dev/null +++ b/nslcd/nsswitch.c @@ -0,0 +1,181 @@ +/* + nsswitch.c - functions for parsing /etc/nsswitch.conf + + Copyright (C) 2011-2015 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include +#include + +#include "common.h" +#include "log.h" + +/* the cached value of whether shadow lookups use LDAP in nsswitch.conf */ +#define NSSWITCH_FILE "/etc/nsswitch.conf" +#define CACHED_UNKNOWN 22 +static int cached_shadow_uses_ldap = CACHED_UNKNOWN; +static time_t cached_shadow_lastcheck = 0; +#define CACHED_SHADOW_TIMEOUT (60) +static time_t nsswitch_mtime = 0; + +/* the maximum line length supported of nsswitch.conf */ +#define MAX_LINE_LENGTH 4096 + +/* check whether /etc/nsswitch.conf should be related to update + cached_shadow_uses_ldap */ +void nsswitch_check_reload(void) +{ + struct stat buf; + time_t t; + if ((cached_shadow_uses_ldap != CACHED_UNKNOWN) && + ((t = time(NULL)) > (cached_shadow_lastcheck + CACHED_SHADOW_TIMEOUT))) + { + cached_shadow_lastcheck = t; + if (stat(NSSWITCH_FILE, &buf)) + { + log_log(LOG_ERR, "stat(%s) failed: %s", NSSWITCH_FILE, strerror(errno)); + /* trigger a recheck anyway */ + cached_shadow_uses_ldap = CACHED_UNKNOWN; + return; + } + /* trigger a recheck if file changed */ + if (buf.st_mtime != nsswitch_mtime) + { + nsswitch_mtime = buf.st_mtime; + cached_shadow_uses_ldap = CACHED_UNKNOWN; + } + } +} + +/* see if the line is a service definition for db and return a pointer to + the beginning of the services list if it is */ +static const char *find_db(const char *line, const char *db) +{ + int i; + i = strlen(db); + /* the line should begin with the db we're looking for */ + if (strncmp(line, db, i) != 0) + return NULL; + /* followed by a : */ + while (isspace(line[i])) + i++; + if (line[i] != ':') + return NULL; + i++; + while (isspace(line[i])) + i++; + return line + i; +} + +/* check to see if the list of services contains the specified service */ +static int has_service(const char *services, const char *service, + const char *filename, int lnr) +{ + int i = 0, l; + if (services == NULL) + return 0; + l = strlen(service); + while (services[i] != '\0') + { + /* skip spaces */ + while (isspace(services[i])) + i++; + /* check if this is the service */ + if ((strncmp(services + i, service, l) == 0) && (!isalnum(services[i + l]))) + return 1; + /* skip service name and spaces */ + i++; + while (isalnum(services[i])) + i++; + while (isspace(services[i])) + i++; + /* skip action mappings */ + if (services[i] == '[') + { + i++; /* skip [ */ + while ((services[i] != ']') && (services[i] != '\0')) + i++; + if (services[i] != ']') + { + log_log(LOG_WARNING, "%s: error parsing line %d", filename, lnr); + return 0; /* parse error */ + } + i++; /* skip ] */ + } + } + return 0; +} + +static int shadow_uses_ldap(void) +{ + FILE *fp; + int lnr = 0; + char linebuf[MAX_LINE_LENGTH]; + const char *services; + int shadow_found = 0; + int passwd_has_ldap = 0; + /* open config file */ + if ((fp = fopen(NSSWITCH_FILE, "r")) == NULL) + { + log_log(LOG_ERR, "cannot open %s: %s", NSSWITCH_FILE, strerror(errno)); + return 0; + } + /* read file and parse lines */ + while (fgets(linebuf, sizeof(linebuf), fp) != NULL) + { + lnr++; + /* see if we have a shadow line */ + services = find_db(linebuf, "shadow"); + if (services != NULL) + { + shadow_found = 1; + if (has_service(services, MODULE_NAME, NSSWITCH_FILE, lnr)) + { + fclose(fp); + return 1; + } + } + /* see if we have a passwd line */ + services = find_db(linebuf, "passwd"); + if (services != NULL) + passwd_has_ldap = has_service(services, MODULE_NAME, NSSWITCH_FILE, lnr); + } + fclose(fp); + if (shadow_found) + return 0; + return passwd_has_ldap; +} + +/* check whether shadow lookups are configured to use ldap */ +int nsswitch_shadow_uses_ldap(void) +{ + if (cached_shadow_uses_ldap == CACHED_UNKNOWN) + { + log_log(LOG_INFO, "(re)loading %s", NSSWITCH_FILE); + cached_shadow_uses_ldap = shadow_uses_ldap(); + cached_shadow_lastcheck = time(NULL); + } + return cached_shadow_uses_ldap; +} diff --git a/nslcd/pam.c b/nslcd/pam.c new file mode 100644 index 0000000..7772959 --- /dev/null +++ b/nslcd/pam.c @@ -0,0 +1,883 @@ +/* + pam.c - pam processing routines + + Copyright (C) 2009 Howard Chu + Copyright (C) 2009-2017 Arthur de Jong + Copyright (C) 2015 Nokia Solutions and Networks + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#ifdef HAVE_STDINT_H +#include +#endif /* HAVE_STDINT_H */ +#include +#include + +#include "common.h" +#include "log.h" +#include "myldap.h" +#include "cfg.h" +#include "attmap.h" +#include "common/dict.h" +#include "common/expr.h" + +static void search_var_add(DICT *dict, const char *name, const char *value) +{ + size_t sz; + char *escaped_value; + /* allocate memory for escaped string */ + sz = ((strlen(value) + 8) * 120) / 100; + escaped_value = (char *)malloc(sz); + if (escaped_value == NULL) + { + log_log(LOG_CRIT, "search_var_add(): malloc() failed to allocate memory"); + return; + } + /* perform escaping of the value */ + if (myldap_escape(value, escaped_value, sz)) + { + log_log(LOG_ERR, "search_var_add(): escaped_value buffer too small"); + free(escaped_value); + return; + } + /* add to dict */ + dict_put(dict, name, escaped_value); +} + +/* build a dictionary with variables that can be used in searches */ +static DICT *search_vars_new(const char *dn, const char *username, + const char *service, const char *ruser, + const char *rhost, const char *tty) +{ + char hostname[BUFLEN_HOSTNAME]; + /* allocating this on the stack is OK because search_var_add() + will allocate new memory for the value */ + const char *fqdn; + DICT *dict; + dict = dict_new(); + if (dict == NULL) + { + log_log(LOG_CRIT, "search_vars_new(): dict_new() failed to allocate memory"); + return NULL; + } + /* NOTE: any variables added here also need to be added to + cfg.c:check_search_variables() */ + search_var_add(dict, "username", username); + search_var_add(dict, "service", service); + search_var_add(dict, "ruser", ruser); + search_var_add(dict, "rhost", rhost); + search_var_add(dict, "tty", tty); + if (gethostname(hostname, sizeof(hostname)) == 0) + search_var_add(dict, "hostname", hostname); + if ((fqdn = getfqdn()) != NULL) + search_var_add(dict, "fqdn", fqdn); + search_var_add(dict, "dn", dn); + search_var_add(dict, "uid", username); + return dict; +} + +static void search_vars_free(DICT *dict) +{ + int i; + const char **keys; + void *value; + /* go over all keys and free all the values + (they were allocated in search_var_add) */ + /* loop over dictionary contents */ + keys = dict_keys(dict); + for (i = 0; keys[i] != NULL; i++) + { + value = dict_get(dict, keys[i]); + if (value) + free(value); + } + free(keys); + /* after this values from the dict should obviously no longer be used */ + dict_free(dict); +} + +static const char *search_var_get(const char *name, void *expander_attr) +{ + DICT *dict = (DICT *)expander_attr; + return (const char *)dict_get(dict, name); + /* TODO: if not set use entry to get attribute name (entry can be an + element in the dict) */ +} + +/* search all search bases using the provided filter */ +static int do_searches(MYLDAP_SESSION *session, const char *option, + const char *filter) +{ + int i; + int rc; + const char *base; + static const char *attrs[2]; + MYLDAP_SEARCH *search; + MYLDAP_ENTRY *entry; + /* prepare the search */ + attrs[0] = "dn"; + attrs[1] = NULL; + /* perform a search for each search base */ + log_log(LOG_DEBUG, "trying %s \"%s\"", option, filter); + for (i = 0; (base = nslcd_cfg->bases[i]) != NULL; i++) + { + /* do the LDAP search */ + search = myldap_search(session, base, LDAP_SCOPE_SUBTREE, filter, attrs, &rc); + if (search == NULL) + { + log_log(LOG_ERR, "%s \"%s\" failed: %s", + option, filter, ldap_err2string(rc)); + return rc; + } + /* try to get an entry */ + entry = myldap_get_entry(search, &rc); + if (entry != NULL) + { + log_log(LOG_DEBUG, "%s found \"%s\"", option, myldap_get_dn(entry)); + return LDAP_SUCCESS; + } + } + log_log(LOG_ERR, "%s \"%s\" found no matches", option, filter); + if (rc == LDAP_SUCCESS) + rc = LDAP_NO_SUCH_OBJECT; + return rc; +} + +/* set up a connection and try to bind with the specified DN and password, + returns an LDAP result code */ +static int try_bind(const char *userdn, const char *password, + const char *username, const char *service, + const char *ruser, const char *rhost, const char *tty, + int *authzrc, char *authzmsg, size_t authzmsgsz) +{ + MYLDAP_SESSION *session; + MYLDAP_SEARCH *search; + MYLDAP_ENTRY *entry; + static const char *attrs[2]; + int rc; + const char *msg; + DICT *dict; + char filter[BUFLEN_FILTER]; + const char *res; + /* set up a new connection */ + session = myldap_create_session(); + if (session == NULL) + return LDAP_UNAVAILABLE; + /* perform a BIND operation with user credentials */ + rc = myldap_bind(session, userdn, password, authzrc, &msg); + if (rc == LDAP_SUCCESS) + { + /* perform a search to trigger the BIND operation */ + attrs[0] = "dn"; + attrs[1] = NULL; + if (strcasecmp(nslcd_cfg->pam_authc_search, "BASE") == 0) + { + /* do a simple search to check userdn existence */ + search = myldap_search(session, userdn, LDAP_SCOPE_BASE, + "(objectClass=*)", attrs, &rc); + if ((search == NULL) && (rc == LDAP_SUCCESS)) + rc = LDAP_LOCAL_ERROR; + if (rc == LDAP_SUCCESS) + { + entry = myldap_get_entry(search, &rc); + if ((entry == NULL) && (rc == LDAP_SUCCESS)) + rc = LDAP_NO_RESULTS_RETURNED; + } + } + else if (strcasecmp(nslcd_cfg->pam_authc_search, "NONE") != 0) + { + /* build the search filter */ + dict = search_vars_new(userdn, username, service, ruser, rhost, tty); + if (dict == NULL) + { + myldap_session_close(session); + return LDAP_LOCAL_ERROR; + } + res = expr_parse(nslcd_cfg->pam_authc_search, filter, sizeof(filter), + search_var_get, (void *)dict); + if (res == NULL) + { + search_vars_free(dict); + myldap_session_close(session); + log_log(LOG_ERR, "invalid pam_authc_search \"%s\"", + nslcd_cfg->pam_authc_search); + return LDAP_LOCAL_ERROR; + } + /* perform a search for each search base */ + rc = do_searches(session, "pam_authc_search", filter); + /* free search variables */ + search_vars_free(dict); + } + } + /* log any authentication, search or authorsiation messages */ + if (rc != LDAP_SUCCESS) + log_log(LOG_WARNING, "%s: %s", userdn, ldap_err2string(rc)); + if ((msg != NULL) && (msg[0] != '\0')) + { + mysnprintf(authzmsg, authzmsgsz - 1, "%s", msg); + log_log(LOG_WARNING, "%s: %s", userdn, authzmsg); + } + /* close the session */ + myldap_session_close(session); + /* return results */ + return rc; +} + +/* ensure that both userdn and username are filled in from the entry, + returns an LDAP result code */ +static MYLDAP_ENTRY *validate_user(MYLDAP_SESSION *session, + char *username, int *rcp) +{ + int rc; + MYLDAP_ENTRY *entry = NULL; + /* check username for validity */ + if (!isvalidname(username)) + { + log_log(LOG_WARNING, "request denied by validnames option"); + *rcp = LDAP_NO_SUCH_OBJECT; + return NULL; + } + /* get the user entry based on the username */ + entry = uid2entry(session, username, &rc); + if (entry == NULL) + { + if (rc == LDAP_SUCCESS) + rc = LDAP_NO_SUCH_OBJECT; + log_log(LOG_DEBUG, "\"%s\": user not found: %s", username, ldap_err2string(rc)); + *rcp = rc; + } + return entry; +} + +/* update the username value from the entry if needed */ +static void update_username(MYLDAP_ENTRY *entry, char *username, + size_t username_len) +{ + const char **values; + const char *value; + /* get the "real" username */ + value = myldap_get_rdn_value(entry, attmap_passwd_uid); + if (value == NULL) + { + /* get the username from the uid attribute */ + values = myldap_get_values(entry, attmap_passwd_uid); + if ((values == NULL) || (values[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_passwd_uid); + return; + } + value = values[0]; + } + /* check the username */ + if ((value == NULL) || !isvalidname(value) || strlen(value) >= username_len) + { + log_log(LOG_WARNING, "%s: %s: denied by validnames option", + myldap_get_dn(entry), attmap_passwd_uid); + return; + } + /* check if the username is different and update it if needed */ + if (STR_CMP(username, value) != 0) + { + log_log(LOG_INFO, "username changed from \"%s\" to \"%s\"", + username, value); + strcpy(username, value); + } +} + +static int check_shadow(MYLDAP_SESSION *session, const char *username, + char *authzmsg, size_t authzmsgsz, + int check_maxdays, int check_mindays) +{ + MYLDAP_ENTRY *entry = NULL; + long today, lastchangedate, mindays, maxdays, warndays, inactdays, expiredate; + unsigned long flag; + long daysleft, inactleft; + /* get the shadow entry */ + entry = shadow_uid2entry(session, username, NULL); + if (entry == NULL) + return NSLCD_PAM_SUCCESS; /* no shadow entry found, nothing to check */ + /* get today's date */ + today = (long)(time(NULL) / (60 * 60 * 24)); + /* get shadow information */ + get_shadow_properties(entry, &lastchangedate, &mindays, &maxdays, &warndays, + &inactdays, &expiredate, &flag); + /* check account expiry date */ + if ((expiredate != -1) && (today >= expiredate)) + { + daysleft = today - expiredate; + mysnprintf(authzmsg, authzmsgsz - 1, "account expired %ld days ago", + daysleft); + log_log(LOG_WARNING, "%s: %s: %s", + myldap_get_dn(entry), attmap_shadow_shadowExpire, authzmsg); + return NSLCD_PAM_ACCT_EXPIRED; + } + /* password expiration isn't interesting at this point because the user + may not have authenticated with a password and if he did that would be + checked in the authc phase */ + if (check_maxdays) + { + /* check lastchanged */ + if (lastchangedate == 0) + { + mysnprintf(authzmsg, authzmsgsz - 1, "need a new password"); + log_log(LOG_WARNING, "%s: %s: %s", + myldap_get_dn(entry), attmap_shadow_shadowLastChange, authzmsg); + return NSLCD_PAM_NEW_AUTHTOK_REQD; + } + else if (today < lastchangedate) + log_log(LOG_WARNING, "%s: %s: password changed in the future", + myldap_get_dn(entry), attmap_shadow_shadowLastChange); + else if (maxdays != -1) + { + /* check maxdays */ + daysleft = lastchangedate + maxdays - today; + if (daysleft == 0) + mysnprintf(authzmsg, authzmsgsz - 1, "password will expire today"); + else if (daysleft < 0) + mysnprintf(authzmsg, authzmsgsz - 1, "password expired %ld days ago", + -daysleft); + /* check inactdays */ + if ((daysleft <= 0) && (inactdays != -1)) + { + inactleft = lastchangedate + maxdays + inactdays - today; + if (inactleft == 0) + mysnprintf(authzmsg + strlen(authzmsg), authzmsgsz - strlen(authzmsg) - 1, + ", account will be locked today"); + else if (inactleft > 0) + mysnprintf(authzmsg + strlen(authzmsg), authzmsgsz - strlen(authzmsg) - 1, + ", account will be locked in %ld days", inactleft); + else + { + mysnprintf(authzmsg + strlen(authzmsg), authzmsgsz - strlen(authzmsg) - 1, + ", account locked %ld days ago", -inactleft); + log_log(LOG_WARNING, "%s: %s: %s", myldap_get_dn(entry), + attmap_shadow_shadowInactive, authzmsg); + return NSLCD_PAM_AUTHTOK_EXPIRED; + } + } + if (daysleft <= 0) + { + /* log previously built message */ + log_log(LOG_WARNING, "%s: %s: %s", + myldap_get_dn(entry), attmap_shadow_shadowMax, authzmsg); + return NSLCD_PAM_NEW_AUTHTOK_REQD; + } + /* check warndays */ + if ((warndays > 0) && (daysleft <= warndays)) + { + mysnprintf(authzmsg, authzmsgsz - 1, + "password will expire in %ld days", daysleft); + log_log(LOG_WARNING, "%s: %s: %s", + myldap_get_dn(entry), attmap_shadow_shadowWarning, authzmsg); + } + } + } + if (check_mindays) + { + daysleft = lastchangedate + mindays - today; + if ((mindays != -1) && (daysleft > 0)) + { + mysnprintf(authzmsg, authzmsgsz - 1, + "password cannot be changed for another %ld days", daysleft); + log_log(LOG_WARNING, "%s: %s: %s", + myldap_get_dn(entry), attmap_shadow_shadowMin, authzmsg); + return NSLCD_PAM_AUTHTOK_ERR; + } + } + return NSLCD_PAM_SUCCESS; +} + +/* check authentication credentials of the user */ +int nslcd_pam_authc(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid) +{ + int32_t tmpint32; + int rc; + char username[BUFLEN_NAME], service[BUFLEN_NAME], ruser[BUFLEN_NAME], rhost[BUFLEN_HOSTNAME], tty[64]; + char password[BUFLEN_PASSWORD]; + const char *userdn; + MYLDAP_ENTRY *entry; + int authzrc = NSLCD_PAM_SUCCESS; + char authzmsg[BUFLEN_MESSAGE]; + authzmsg[0] = '\0'; + /* read request parameters */ + READ_STRING(fp, username); + READ_STRING(fp, service); + READ_STRING(fp, ruser); + READ_STRING(fp, rhost); + READ_STRING(fp, tty); + READ_STRING(fp, password); + /* log call */ + log_setrequest("authc=\"%s\"", username); + log_log(LOG_DEBUG, "nslcd_pam_authc(\"%s\",\"%s\",\"%s\")", + username, service, *password ? "***" : ""); + /* write the response header */ + WRITE_INT32(fp, NSLCD_VERSION); + WRITE_INT32(fp, NSLCD_ACTION_PAM_AUTHC); + /* if the username is blank and rootpwmoddn is configured, try to + authenticate as administrator, otherwise validate request as usual */ + if (*username == '\0') + { + if (nslcd_cfg->rootpwmoddn == NULL) + { + log_log(LOG_NOTICE, "rootpwmoddn not configured"); + /* we break the protocol */ + memset(password, 0, sizeof(password)); + return -1; + } + userdn = nslcd_cfg->rootpwmoddn; + /* if the caller is root we will allow the use of the rootpwmodpw option */ + if ((*password == '\0') && (calleruid == 0) && (nslcd_cfg->rootpwmodpw != NULL)) + { + if (strlen(nslcd_cfg->rootpwmodpw) >= sizeof(password)) + { + log_log(LOG_ERR, "nslcd_pam_authc(): rootpwmodpw will not fit in password"); + memset(password, 0, sizeof(password)); + return -1; + } + strcpy(password, nslcd_cfg->rootpwmodpw); + } + } + else + { + /* try normal authentication, lookup the user entry */ + entry = validate_user(session, username, &rc); + if (entry == NULL) + { + /* for user not found we just say no result */ + if (rc == LDAP_NO_SUCH_OBJECT) + { + WRITE_INT32(fp, NSLCD_RESULT_END); + } + memset(password, 0, sizeof(password)); + return -1; + } + userdn = myldap_get_dn(entry); + update_username(entry, username, sizeof(username)); + } + /* try authentication */ + rc = try_bind(userdn, password, username, service, ruser, rhost, tty, + &authzrc, authzmsg, sizeof(authzmsg)); + if (rc == LDAP_SUCCESS) + log_log(LOG_DEBUG, "bind successful"); + /* map result code */ + switch (rc) + { + case LDAP_SUCCESS: rc = NSLCD_PAM_SUCCESS; break; + case LDAP_INVALID_CREDENTIALS: rc = NSLCD_PAM_AUTH_ERR; break; + default: rc = NSLCD_PAM_AUTH_ERR; + } + /* perform shadow attribute checks */ + if ((*username != '\0') && (authzrc == NSLCD_PAM_SUCCESS)) + authzrc = check_shadow(session, username, authzmsg, sizeof(authzmsg), 1, 0); + /* write response */ + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_INT32(fp, rc); + WRITE_STRING(fp, username); + WRITE_INT32(fp, authzrc); + WRITE_STRING(fp, authzmsg); + WRITE_INT32(fp, NSLCD_RESULT_END); + memset(password, 0, sizeof(password)); + return 0; +} + +/* perform an authorisation search, returns an LDAP status code */ +static int try_authz_search(MYLDAP_SESSION *session, const char *dn, + const char *username, const char *service, + const char *ruser, const char *rhost, + const char *tty) +{ + DICT *dict = NULL; + char filter[BUFLEN_FILTER]; + int rc = LDAP_SUCCESS; + const char *res; + int i; + /* go over all pam_authz_search options */ + for (i = 0; (i < NSS_LDAP_CONFIG_MAX_AUTHZ_SEARCHES) && (nslcd_cfg->pam_authz_searches[i] != NULL); i++) + { + if (dict == NULL) + { + dict = search_vars_new(dn, username, service, ruser, rhost, tty); + if (dict == NULL) + return LDAP_LOCAL_ERROR; + } + /* build the search filter */ + res = expr_parse(nslcd_cfg->pam_authz_searches[i], + filter, sizeof(filter), + search_var_get, (void *)dict); + if (res == NULL) + { + search_vars_free(dict); + log_log(LOG_ERR, "invalid pam_authz_search \"%s\"", + nslcd_cfg->pam_authz_searches[i]); + return LDAP_LOCAL_ERROR; + } + /* perform the actual searches on all bases */ + rc = do_searches(session, "pam_authz_search", filter); + if (rc != LDAP_SUCCESS) + break; + } + /* we went over all pam_authz_search entries */ + if (dict != NULL) + search_vars_free(dict); + return rc; +} + +/* check authorisation of the user */ +int nslcd_pam_authz(TFILE *fp, MYLDAP_SESSION *session) +{ + int32_t tmpint32; + int rc; + char username[BUFLEN_NAME], service[BUFLEN_NAME], ruser[BUFLEN_NAME], rhost[BUFLEN_HOSTNAME], tty[64]; + MYLDAP_ENTRY *entry; + char authzmsg[BUFLEN_MESSAGE]; + authzmsg[0] = '\0'; + /* read request parameters */ + READ_STRING(fp, username); + READ_STRING(fp, service); + READ_STRING(fp, ruser); + READ_STRING(fp, rhost); + READ_STRING(fp, tty); + /* log call */ + log_setrequest("authz=\"%s\"", username); + log_log(LOG_DEBUG, "nslcd_pam_authz(\"%s\",\"%s\",\"%s\",\"%s\",\"%s\")", + username, service, ruser, rhost, tty); + /* write the response header */ + WRITE_INT32(fp, NSLCD_VERSION); + WRITE_INT32(fp, NSLCD_ACTION_PAM_AUTHZ); + /* validate request */ + entry = validate_user(session, username, &rc); + if (entry == NULL) + { + /* for user not found we just say no result */ + if (rc == LDAP_NO_SUCH_OBJECT) + { + WRITE_INT32(fp, NSLCD_RESULT_END); + } + return -1; + } + /* check authorisation search */ + rc = try_authz_search(session, myldap_get_dn(entry), username, service, ruser, + rhost, tty); + if (rc != LDAP_SUCCESS) + { + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_INT32(fp, NSLCD_PAM_PERM_DENIED); + WRITE_STRING(fp, "LDAP authorisation check failed"); + WRITE_INT32(fp, NSLCD_RESULT_END); + return 0; + } + /* perform shadow attribute checks */ + rc = check_shadow(session, username, authzmsg, sizeof(authzmsg), 0, 0); + /* write response */ + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_INT32(fp, rc); + WRITE_STRING(fp, authzmsg); + WRITE_INT32(fp, NSLCD_RESULT_END); + return 0; +} + +int nslcd_pam_sess_o(TFILE *fp, MYLDAP_SESSION UNUSED(*session)) +{ + int32_t tmpint32; + char username[BUFLEN_NAME], service[BUFLEN_NAME], ruser[BUFLEN_NAME], rhost[BUFLEN_HOSTNAME], tty[64]; + char sessionid[25]; + static const char alphabet[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "abcdefghijklmnopqrstuvwxyz" + "01234567890"; + unsigned int i; + /* read request parameters */ + READ_STRING(fp, username); + READ_STRING(fp, service); + READ_STRING(fp, ruser); + READ_STRING(fp, rhost); + READ_STRING(fp, tty); + /* generate pseudo-random session id */ + for (i = 0; i < (sizeof(sessionid) - 1); i++) + sessionid[i] = alphabet[rand() % (sizeof(alphabet) - 1)]; + sessionid[i] = '\0'; + /* log call */ + log_setrequest("sess_o=\"%s\"", username); + log_log(LOG_DEBUG, "nslcd_pam_sess_o(\"%s\",\"%s\",\"%s\",\"%s\",\"%s\"): %s", + username, service, tty, rhost, ruser, sessionid); + /* write the response header */ + WRITE_INT32(fp, NSLCD_VERSION); + WRITE_INT32(fp, NSLCD_ACTION_PAM_SESS_O); + /* write response */ + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_STRING(fp, sessionid); + WRITE_INT32(fp, NSLCD_RESULT_END); + return 0; +} + +int nslcd_pam_sess_c(TFILE *fp, MYLDAP_SESSION UNUSED(*session)) +{ + int32_t tmpint32; + char username[BUFLEN_NAME], service[BUFLEN_NAME], ruser[BUFLEN_NAME], rhost[BUFLEN_HOSTNAME], tty[64]; + char sessionid[64]; + /* read request parameters */ + READ_STRING(fp, username); + READ_STRING(fp, service); + READ_STRING(fp, ruser); + READ_STRING(fp, rhost); + READ_STRING(fp, tty); + READ_STRING(fp, sessionid); + /* log call */ + log_setrequest("sess_c=\"%s\"", username); + log_log(LOG_DEBUG, "nslcd_pam_sess_c(\"%s\",\"%s\",%s)", + username, service, sessionid); + /* write the response header */ + WRITE_INT32(fp, NSLCD_VERSION); + WRITE_INT32(fp, NSLCD_ACTION_PAM_SESS_C); + /* write response */ + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_INT32(fp, NSLCD_RESULT_END); + return 0; +} + +extern const char *shadow_filter; + +/* try to update the shadowLastChange attribute of the entry if possible */ +static int update_lastchange(MYLDAP_SESSION *session, const char *userdn) +{ + MYLDAP_SEARCH *search; + MYLDAP_ENTRY *entry; + static const char *attrs[3]; + const char *attr; + int rc; + const char **values; + LDAPMod mod, *mods[2]; + char buffer[64], *strvals[2]; + /* find the name of the attribute to use */ + if ((attmap_shadow_shadowLastChange == NULL) || (attmap_shadow_shadowLastChange[0] == '\0')) + return LDAP_LOCAL_ERROR; /* attribute not mapped at all */ + else if (strcmp(attmap_shadow_shadowLastChange, "\"${shadowLastChange:--1}\"") == 0) + attr = "shadowLastChange"; + else if (attmap_shadow_shadowLastChange[0] == '\"') + return LDAP_LOCAL_ERROR; /* other expressions not supported for now */ + else + attr = attmap_shadow_shadowLastChange; + /* set up the attributes we need */ + attrs[0] = attmap_shadow_uid; + attrs[1] = attr; + attrs[2] = NULL; + /* find the entry to see if the attribute is present */ + search = myldap_search(session, userdn, LDAP_SCOPE_BASE, shadow_filter, attrs, &rc); + if (search == NULL) + return rc; + entry = myldap_get_entry(search, &rc); + if (entry == NULL) + return rc; + values = myldap_get_values(entry, attr); + if ((values == NULL) || (values[0] == NULL) || (values[0][0] == '\0')) + return LDAP_NO_SUCH_ATTRIBUTE; + /* build the value for the new attribute */ + if (strcasecmp(attr, "pwdLastSet") == 0) + { + /* for AD we use another timestamp */ + if (mysnprintf(buffer, sizeof(buffer), "%ld000000000", + ((long int)time(NULL) / 100L + (134774L * 864L)))) + return LDAP_LOCAL_ERROR; + } + else + { + /* time in days since Jan 1, 1970 */ + if (mysnprintf(buffer, sizeof(buffer), "%ld", + ((long int)(time(NULL) / (long int)(60 * 60 * 24))))) + return LDAP_LOCAL_ERROR; + } + /* update the shadowLastChange attribute */ + strvals[0] = buffer; + strvals[1] = NULL; + mod.mod_op = LDAP_MOD_REPLACE; + mod.mod_type = (char *)attr; + mod.mod_values = strvals; + mods[0] = &mod; + mods[1] = NULL; + rc = myldap_modify(session, userdn, mods); + if (rc != LDAP_SUCCESS) + log_log(LOG_WARNING, "%s: %s: modification failed: %s", + userdn, attr, ldap_err2string(rc)); + else + log_log(LOG_DEBUG, "%s: %s: modification succeeded", userdn, attr); + return rc; +} + +/* perform an LDAP password modification, returns an LDAP status code */ +static int try_pwmod(MYLDAP_SESSION *oldsession, + const char *binddn, const char *userdn, + const char *oldpassword, const char *newpassword, + char *authzmsg, size_t authzmsg_len) +{ + MYLDAP_SESSION *session; + char buffer[BUFLEN_MESSAGE]; + int rc; + /* set up a new connection */ + session = myldap_create_session(); + if (session == NULL) + return LDAP_UNAVAILABLE; + /* perform a BIND operation */ + rc = myldap_bind(session, binddn, oldpassword, NULL, NULL); + if (rc == LDAP_SUCCESS) + { + /* if doing password modification as admin, don't pass old password along */ + if ((nslcd_cfg->rootpwmoddn != NULL) && + (strcmp(binddn, nslcd_cfg->rootpwmoddn) == 0)) + oldpassword = NULL; + /* perform password modification */ + rc = myldap_passwd(session, userdn, oldpassword, newpassword); + if (rc == LDAP_SUCCESS) + { + /* try to update the shadowLastChange attribute */ + if (update_lastchange(session, userdn) != LDAP_SUCCESS) + /* retry with the normal session */ + (void)update_lastchange(oldsession, userdn); + } + else + { + /* get a diagnostic or error message */ + if ((myldap_error_message(session, rc, buffer, sizeof(buffer)) == LDAP_SUCCESS) && + (buffer[0] != '\0')) + mysnprintf(authzmsg, authzmsg_len - 1, "password change failed: %s", + buffer); + } + } + /* close the session */ + myldap_session_close(session); + /* return */ + return rc; +} + +int nslcd_pam_pwmod(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid) +{ + int32_t tmpint32; + int rc; + char username[BUFLEN_NAME], service[BUFLEN_NAME], ruser[BUFLEN_NAME], rhost[BUFLEN_HOSTNAME], tty[64]; + int asroot; + char oldpassword[BUFLEN_PASSWORD]; + char newpassword[BUFLEN_PASSWORD]; + const char *binddn = NULL; /* the user performing the modification */ + MYLDAP_ENTRY *entry; + char authzmsg[BUFLEN_MESSAGE]; + authzmsg[0] = '\0'; + /* read request parameters */ + READ_STRING(fp, username); + READ_STRING(fp, service); + READ_STRING(fp, ruser); + READ_STRING(fp, rhost); + READ_STRING(fp, tty); + READ_INT32(fp, asroot); + READ_STRING(fp, oldpassword); + READ_STRING(fp, newpassword); + /* log call */ + log_setrequest("pwmod=\"%s\"", username); + log_log(LOG_DEBUG, "nslcd_pam_pwmod(\"%s\",%s,\"%s\",\"%s\",\"%s\")", + username, asroot ? "asroot" : "asuser", service, + *oldpassword ? "***" : "", *newpassword ? "***" : ""); + /* write the response header */ + WRITE_INT32(fp, NSLCD_VERSION); + WRITE_INT32(fp, NSLCD_ACTION_PAM_PWMOD); + /* validate request */ + entry = validate_user(session, username, &rc); + if (entry == NULL) + { + /* for user not found we just say no result */ + if (rc == LDAP_NO_SUCH_OBJECT) + { + WRITE_INT32(fp, NSLCD_RESULT_END); + } + memset(oldpassword, 0, sizeof(oldpassword)); + memset(newpassword, 0, sizeof(newpassword)); + return -1; + } + /* check if pam_password_prohibit_message is set */ + if (nslcd_cfg->pam_password_prohibit_message != NULL) + { + log_log(LOG_NOTICE, "password change prohibited"); + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_INT32(fp, NSLCD_PAM_PERM_DENIED); + WRITE_STRING(fp, nslcd_cfg->pam_password_prohibit_message); + WRITE_INT32(fp, NSLCD_RESULT_END); + memset(oldpassword, 0, sizeof(oldpassword)); + memset(newpassword, 0, sizeof(newpassword)); + return 0; + } + /* check if the the user passed the rootpwmoddn */ + if (asroot) + { + binddn = nslcd_cfg->rootpwmoddn; + /* check if rootpwmodpw should be used */ + if ((*oldpassword == '\0') && (calleruid == 0) && + (nslcd_cfg->rootpwmodpw != NULL)) + { + if (strlen(nslcd_cfg->rootpwmodpw) >= sizeof(oldpassword)) + { + log_log(LOG_ERR, "nslcd_pam_pwmod(): rootpwmodpw will not fit in oldpassword"); + memset(oldpassword, 0, sizeof(oldpassword)); + memset(newpassword, 0, sizeof(newpassword)); + return -1; + } + strcpy(oldpassword, nslcd_cfg->rootpwmodpw); + } + } + else + { + binddn = myldap_get_dn(entry); + /* check whether shadow properties allow password change */ + rc = check_shadow(session, username, authzmsg, sizeof(authzmsg), 0, 1); + if (rc != NSLCD_PAM_SUCCESS) + { + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_INT32(fp, rc); + WRITE_STRING(fp, authzmsg); + WRITE_INT32(fp, NSLCD_RESULT_END); + memset(oldpassword, 0, sizeof(oldpassword)); + memset(newpassword, 0, sizeof(newpassword)); + return 0; + } + } + /* perform password modification */ + rc = try_pwmod(session, binddn, myldap_get_dn(entry), oldpassword, newpassword, + authzmsg, sizeof(authzmsg)); + if (rc != LDAP_SUCCESS) + { + if (authzmsg[0] == '\0') + mysnprintf(authzmsg, sizeof(authzmsg) - 1, "password change failed: %s", + ldap_err2string(rc)); + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_INT32(fp, NSLCD_PAM_PERM_DENIED); + WRITE_STRING(fp, authzmsg); + WRITE_INT32(fp, NSLCD_RESULT_END); + memset(oldpassword, 0, sizeof(oldpassword)); + memset(newpassword, 0, sizeof(newpassword)); + return 0; + } + /* write response */ + log_log(LOG_NOTICE, "password changed for %s", myldap_get_dn(entry)); + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_INT32(fp, NSLCD_PAM_SUCCESS); + WRITE_STRING(fp, ""); + WRITE_INT32(fp, NSLCD_RESULT_END); + memset(oldpassword, 0, sizeof(oldpassword)); + memset(newpassword, 0, sizeof(newpassword)); + return 0; +} diff --git a/nslcd/passwd.c b/nslcd/passwd.c new file mode 100644 index 0000000..016fb73 --- /dev/null +++ b/nslcd/passwd.c @@ -0,0 +1,619 @@ +/* + passwd.c - password entry lookup routines + Parts of this file were part of the nss_ldap library (as ldap-pwd.c) + which has been forked into the nss-pam-ldapd library. + + Copyright (C) 1997-2005 Luke Howard + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2017 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include + +#include "common.h" +#include "log.h" +#include "myldap.h" +#include "cfg.h" +#include "attmap.h" +#include "common/dict.h" +#include "compat/strndup.h" + +/* ( nisSchema.2.0 NAME 'posixAccount' SUP top AUXILIARY + * DESC 'Abstraction of an account with POSIX attributes' + * MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory ) + * MAY ( userPassword $ loginShell $ gecos $ description ) ) + */ + +/* the search base for searches */ +const char *passwd_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; + +/* the search scope for searches */ +int passwd_scope = LDAP_SCOPE_DEFAULT; + +/* the basic search filter for searches */ +const char *passwd_filter = "(objectClass=posixAccount)"; + +/* the attributes used in searches */ +const char *attmap_passwd_uid = "uid"; +const char *attmap_passwd_userPassword = "\"*\""; +const char *attmap_passwd_uidNumber = "uidNumber"; +const char *attmap_passwd_gidNumber = "gidNumber"; +const char *attmap_passwd_gecos = "\"${gecos:-$cn}\""; +const char *attmap_passwd_homeDirectory = "homeDirectory"; +const char *attmap_passwd_loginShell = "loginShell"; + +/* special properties for objectSid-based searches + (these are already LDAP-escaped strings) */ +static char *uidSid = NULL; +static char *gidSid = NULL; + +/* default values for attributes */ +static const char *default_passwd_userPassword = "*"; /* unmatchable */ + +/* Note that the resulting password value should be one of: + - no password set, allow login without password + * - often used to prevent logins + x - "valid" encrypted password that does not match any valid password + often used to indicate that the password is defined elsewhere + other - encrypted password, usually in crypt(3) format */ + +/* the attribute list to request with searches */ +static const char **passwd_attrs = NULL; + +/* create a search filter for searching a passwd entry + by name, return -1 on errors */ +static int mkfilter_passwd_byname(const char *name, + char *buffer, size_t buflen) +{ + char safename[BUFLEN_SAFENAME]; + /* escape attribute */ + if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_passwd_byname(): safename buffer too small"); + return -1; + } + /* build filter */ + return mysnprintf(buffer, buflen, "(&%s(%s=%s))", + passwd_filter, attmap_passwd_uid, safename); +} + +/* create a search filter for searching a passwd entry + by uid, return -1 on errors */ +static int mkfilter_passwd_byuid(uid_t uid, char *buffer, size_t buflen) +{ + uid -= nslcd_cfg->nss_uid_offset; + if (uidSid != NULL) + { + return mysnprintf(buffer, buflen, "(&%s(%s=%s\\%02x\\%02x\\%02x\\%02x))", + passwd_filter, attmap_passwd_uidNumber, uidSid, + (int)(uid & 0xff), (int)((uid >> 8) & 0xff), + (int)((uid >> 16) & 0xff), (int)((uid >> 24) & 0xff)); + } + else + { + return mysnprintf(buffer, buflen, "(&%s(%s=%lu))", + passwd_filter, attmap_passwd_uidNumber, (unsigned long int)uid); + } +} + +void passwd_init(void) +{ + int i; + SET *set; + /* set up search bases */ + if (passwd_bases[0] == NULL) + for (i = 0; i < NSS_LDAP_CONFIG_MAX_BASES; i++) + passwd_bases[i] = nslcd_cfg->bases[i]; + /* set up scope */ + if (passwd_scope == LDAP_SCOPE_DEFAULT) + passwd_scope = nslcd_cfg->scope; + /* special case when uidNumber or gidNumber reference objectSid */ + if (strncasecmp(attmap_passwd_uidNumber, "objectSid:", 10) == 0) + { + uidSid = sid2search(attmap_passwd_uidNumber + 10); + attmap_passwd_uidNumber = strndup(attmap_passwd_uidNumber, 9); + } + if (strncasecmp(attmap_passwd_gidNumber, "objectSid:", 10) == 0) + { + gidSid = sid2search(attmap_passwd_gidNumber + 10); + attmap_passwd_gidNumber = strndup(attmap_passwd_gidNumber, 9); + } + /* set up attribute list */ + set = set_new(); + attmap_add_attributes(set, "objectClass"); /* for testing shadowAccount */ + attmap_add_attributes(set, attmap_passwd_uid); + attmap_add_attributes(set, attmap_passwd_userPassword); + attmap_add_attributes(set, attmap_passwd_uidNumber); + attmap_add_attributes(set, attmap_passwd_gidNumber); + attmap_add_attributes(set, attmap_passwd_gecos); + attmap_add_attributes(set, attmap_passwd_homeDirectory); + attmap_add_attributes(set, attmap_passwd_loginShell); + passwd_attrs = set_tolist(set); + if (passwd_attrs == NULL) + { + log_log(LOG_CRIT, "malloc() failed to allocate memory"); + exit(EXIT_FAILURE); + } + set_free(set); +} + +/* the cache that is used in dn2uid() */ +static pthread_mutex_t dn2uid_cache_mutex = PTHREAD_MUTEX_INITIALIZER; +static DICT *dn2uid_cache = NULL; +struct dn2uid_cache_entry { + time_t timestamp; + char *uid; +}; + +/* checks whether the entry has a valid uidNumber attribute + (>= nss_min_uid) */ +static int entry_has_valid_uid(MYLDAP_ENTRY *entry) +{ + int i; + const char **values; + char *tmp; + uid_t uid; + /* if min_uid is not set any entry should do */ + if (nslcd_cfg->nss_min_uid == 0) + return 1; + /* get all uidNumber attributes */ + values = myldap_get_values_len(entry, attmap_passwd_uidNumber); + if ((values == NULL) || (values[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_passwd_uidNumber); + return 0; + } + /* check if there is a uidNumber attributes >= min_uid */ + for (i = 0; values[i] != NULL; i++) + { + if (uidSid != NULL) + uid = (uid_t)binsid2id(values[i]); + else + { + errno = 0; + uid = strtouid(values[i], &tmp, 10); + if ((*(values[i]) == '\0') || (*tmp != '\0')) + { + log_log(LOG_WARNING, "%s: %s: non-numeric", + myldap_get_dn(entry), attmap_passwd_uidNumber); + continue; + } + else if ((errno != 0) || (strchr(values[i], '-') != NULL)) + { + log_log(LOG_WARNING, "%s: %s: out of range", + myldap_get_dn(entry), attmap_passwd_uidNumber); + continue; + } + } + if (uid < nslcd_cfg->nss_min_uid) + { + log_log(LOG_DEBUG, "%s: %s: less than nss_min_uid", + myldap_get_dn(entry), attmap_passwd_uidNumber); + } + else + return 1; + } + /* nothing found */ + return 0; +} + +/* Perform an LDAP lookup to translate the DN into a uid. + This function either returns NULL or a strdup()ed string. */ +char *lookup_dn2uid(MYLDAP_SESSION *session, const char *dn, int *rcp, + char *buf, size_t buflen) +{ + MYLDAP_SEARCH *search; + MYLDAP_ENTRY *entry; + static const char *attrs[3]; + int rc = LDAP_SUCCESS; + const char **values; + char *uid = NULL; + if (rcp == NULL) + rcp = &rc; + /* we have to look up the entry */ + attrs[0] = attmap_passwd_uid; + attrs[1] = attmap_passwd_uidNumber; + attrs[2] = NULL; + search = myldap_search(session, dn, LDAP_SCOPE_BASE, passwd_filter, attrs, rcp); + if (search == NULL) + { + log_log(LOG_WARNING, "%s: lookup error: %s", dn, ldap_err2string(*rcp)); + return NULL; + } + entry = myldap_get_entry(search, rcp); + if (entry == NULL) + { + if (*rcp != LDAP_SUCCESS) + log_log(LOG_WARNING, "%s: lookup error: %s", dn, ldap_err2string(*rcp)); + return NULL; + } + /* check the uidNumber attribute if min_uid is set */ + if (entry_has_valid_uid(entry)) + { + /* get uid (just use first one) */ + values = myldap_get_values(entry, attmap_passwd_uid); + /* check the result for presence and validity */ + if ((values != NULL) && (values[0] != NULL) && + isvalidname(values[0]) && (strlen(values[0]) < buflen)) + { + strcpy(buf, values[0]); + uid = buf; + } + } + /* clean up and return */ + myldap_search_close(search); + return uid; +} + +/* Translate the DN into a user name. This function tries several aproaches + at getting the user name, including looking in the DN for a uid attribute, + looking in the cache and falling back to looking up a uid attribute in a + LDAP query. */ +char *dn2uid(MYLDAP_SESSION *session, const char *dn, char *buf, size_t buflen) +{ + struct dn2uid_cache_entry *cacheentry = NULL; + char *uid; + /* check for empty string */ + if ((dn == NULL) || (*dn == '\0')) + return NULL; + /* try to look up uid within DN string */ + if (myldap_cpy_rdn_value(dn, attmap_passwd_uid, buf, buflen) != NULL) + { + /* check if it is valid */ + if (!isvalidname(buf)) + return NULL; + return buf; + } + /* if we don't use the cache, just lookup and return */ + if ((nslcd_cfg->cache_dn2uid_positive == 0) && (nslcd_cfg->cache_dn2uid_negative == 0)) + return lookup_dn2uid(session, dn, NULL, buf, buflen); + /* see if we have a cached entry */ + pthread_mutex_lock(&dn2uid_cache_mutex); + if (dn2uid_cache == NULL) + dn2uid_cache = dict_new(); + if ((dn2uid_cache != NULL) && ((cacheentry = dict_get(dn2uid_cache, dn)) != NULL)) + { + if ((cacheentry->uid != NULL) && (strlen(cacheentry->uid) < buflen)) + { + /* positive hit: if the cached entry is still valid, return that */ + if ((nslcd_cfg->cache_dn2uid_positive > 0) && + (time(NULL) < (cacheentry->timestamp + nslcd_cfg->cache_dn2uid_positive))) + { + strcpy(buf, cacheentry->uid); + pthread_mutex_unlock(&dn2uid_cache_mutex); + return buf; + } + } + else + { + /* negative hit: if the cached entry is still valid, return that */ + if ((nslcd_cfg->cache_dn2uid_negative > 0) && + (time(NULL) < (cacheentry->timestamp + nslcd_cfg->cache_dn2uid_negative))) + { + pthread_mutex_unlock(&dn2uid_cache_mutex); + return NULL; + } + } + } + pthread_mutex_unlock(&dn2uid_cache_mutex); + /* look up the uid using an LDAP query */ + uid = lookup_dn2uid(session, dn, NULL, buf, buflen); + /* store the result in the cache */ + pthread_mutex_lock(&dn2uid_cache_mutex); + /* try to get the entry from the cache here again because it could have + changed in the meantime */ + cacheentry = dict_get(dn2uid_cache, dn); + if (cacheentry == NULL) + { + /* allocate a new entry in the cache */ + cacheentry = (struct dn2uid_cache_entry *)malloc(sizeof(struct dn2uid_cache_entry)); + if (cacheentry != NULL) + { + cacheentry->uid = NULL; + dict_put(dn2uid_cache, dn, cacheentry); + } + } + /* update the cache entry */ + if (cacheentry != NULL) + { + cacheentry->timestamp = time(NULL); + /* copy the uid if needed */ + if (cacheentry->uid == NULL) + cacheentry->uid = uid != NULL ? strdup(uid) : NULL; + else if ((uid == NULL) || (strcmp(cacheentry->uid, uid) != 0)) + { + free(cacheentry->uid); + cacheentry->uid = uid != NULL ? strdup(uid) : NULL; + } + } + pthread_mutex_unlock(&dn2uid_cache_mutex); + /* copy the result into the buffer */ + return uid; +} + +MYLDAP_ENTRY *uid2entry(MYLDAP_SESSION *session, const char *uid, int *rcp) +{ + MYLDAP_SEARCH *search = NULL; + MYLDAP_ENTRY *entry = NULL; + const char *base; + int i; + static const char *attrs[3]; + char filter[BUFLEN_FILTER]; + /* if it isn't a valid username, just bail out now */ + if (!isvalidname(uid)) + { + if (rcp != NULL) + *rcp = LDAP_INVALID_SYNTAX; + return NULL; + } + /* set up attributes (we don't need much) */ + attrs[0] = attmap_passwd_uid; + attrs[1] = attmap_passwd_uidNumber; + attrs[2] = NULL; + /* we have to look up the entry */ + mkfilter_passwd_byname(uid, filter, sizeof(filter)); + for (i = 0; (i < NSS_LDAP_CONFIG_MAX_BASES) && ((base = passwd_bases[i]) != NULL); i++) + { + search = myldap_search(session, base, passwd_scope, filter, attrs, rcp); + if (search == NULL) + { + if ((rcp != NULL) && (*rcp == LDAP_SUCCESS)) + *rcp = LDAP_NO_SUCH_OBJECT; + return NULL; + } + entry = myldap_get_entry(search, rcp); + if ((entry != NULL) && (entry_has_valid_uid(entry))) + return entry; + } + if ((rcp != NULL) && (*rcp == LDAP_SUCCESS)) + *rcp = LDAP_NO_SUCH_OBJECT; + return NULL; +} + +char *uid2dn(MYLDAP_SESSION *session, const char *uid, char *buf, size_t buflen) +{ + MYLDAP_ENTRY *entry; + /* look up the entry */ + entry = uid2entry(session, uid, NULL); + if (entry == NULL) + return NULL; + /* get DN */ + return myldap_cpy_dn(entry, buf, buflen); +} + +#ifndef NSS_FLAVOUR_GLIBC +/* only check nsswitch.conf for glibc */ +#define check_nsswitch_reload() +#define shadow_uses_ldap() (1) +#endif /* NSS_FLAVOUR_GLIBC */ + +/* the maximum number of uidNumber attributes per entry */ +#define MAXUIDS_PER_ENTRY 5 + +static int write_passwd(TFILE *fp, MYLDAP_ENTRY *entry, const char *requser, + const uid_t *requid, uid_t calleruid) +{ + int32_t tmpint32; + const char **tmpvalues; + char *tmp; + const char **usernames; + const char *passwd; + uid_t uids[MAXUIDS_PER_ENTRY]; + int numuids; + char gidbuf[32]; + gid_t gid; + char gecos[1024]; + char homedir[256]; + char shell[64]; + char passbuffer[BUFLEN_PASSWORDHASH]; + int i, j; + /* get the usernames for this entry */ + usernames = myldap_get_values(entry, attmap_passwd_uid); + if ((usernames == NULL) || (usernames[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_passwd_uid); + return 0; + } + /* if we are using shadow maps and this entry looks like it would return + shadow information, make the passwd entry indicate it */ + if (myldap_has_objectclass(entry, "shadowAccount") && nsswitch_shadow_uses_ldap()) + { + passwd = "x"; + } + else + { + passwd = get_userpassword(entry, attmap_passwd_userPassword, + passbuffer, sizeof(passbuffer)); + if ((passwd == NULL) || (calleruid != 0)) + passwd = default_passwd_userPassword; + } + /* get the uids for this entry */ + if (requid != NULL) + { + uids[0] = *requid; + numuids = 1; + } + else + { + tmpvalues = myldap_get_values_len(entry, attmap_passwd_uidNumber); + if ((tmpvalues == NULL) || (tmpvalues[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_passwd_uidNumber); + return 0; + } + for (numuids = 0; (numuids < MAXUIDS_PER_ENTRY) && (tmpvalues[numuids] != NULL); numuids++) + { + if (uidSid != NULL) + uids[numuids] = (uid_t)binsid2id(tmpvalues[numuids]); + else + { + errno = 0; + uids[numuids] = strtouid(tmpvalues[numuids], &tmp, 10); + if ((*(tmpvalues[numuids]) == '\0') || (*tmp != '\0')) + { + log_log(LOG_WARNING, "%s: %s: non-numeric", + myldap_get_dn(entry), attmap_passwd_uidNumber); + return 0; + } + else if ((errno != 0) || (strchr(tmpvalues[numuids], '-') != NULL)) + { + log_log(LOG_WARNING, "%s: %s: out of range", + myldap_get_dn(entry), attmap_passwd_uidNumber); + return 0; + } + } + uids[numuids] += nslcd_cfg->nss_uid_offset; + if (uids[numuids] < nslcd_cfg->nss_min_uid) + { + log_log(LOG_DEBUG, "%s: %s: less than nss_min_uid", + myldap_get_dn(entry), attmap_passwd_uidNumber); + } + } + } + /* get the gid for this entry */ + if (gidSid != NULL) + { + tmpvalues = myldap_get_values_len(entry, attmap_passwd_gidNumber); + if ((tmpvalues == NULL) || (tmpvalues[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_passwd_gidNumber); + return 0; + } + gid = (gid_t)binsid2id(tmpvalues[0]); + } + else + { + attmap_get_value(entry, attmap_passwd_gidNumber, gidbuf, sizeof(gidbuf)); + if (gidbuf[0] == '\0') + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_passwd_gidNumber); + return 0; + } + errno = 0; + gid = strtogid(gidbuf, &tmp, 10); + if ((gidbuf[0] == '\0') || (*tmp != '\0')) + { + log_log(LOG_WARNING, "%s: %s: non-numeric", + myldap_get_dn(entry), attmap_passwd_gidNumber); + return 0; + } + else if ((errno != 0) || (strchr(gidbuf, '-') != NULL)) + { + log_log(LOG_WARNING, "%s: %s: out of range", + myldap_get_dn(entry), attmap_passwd_gidNumber); + return 0; + } + } + gid += nslcd_cfg->nss_gid_offset; + /* get the gecos for this entry */ + attmap_get_value(entry, attmap_passwd_gecos, gecos, sizeof(gecos)); + /* get the home directory for this entry */ + attmap_get_value(entry, attmap_passwd_homeDirectory, homedir, sizeof(homedir)); + if (homedir[0] == '\0') + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_passwd_homeDirectory); + /* get the shell for this entry */ + attmap_get_value(entry, attmap_passwd_loginShell, shell, sizeof(shell)); + /* write the entries */ + for (i = 0; usernames[i] != NULL; i++) + { + if ((requser == NULL) || (STR_CMP(requser, usernames[i]) == 0)) + { + if (!isvalidname(usernames[i])) + { + log_log(LOG_WARNING, "%s: %s: denied by validnames option", + myldap_get_dn(entry), attmap_passwd_uid); + } + else + { + for (j = 0; j < numuids; j++) + { + if (uids[j] >= nslcd_cfg->nss_min_uid) + { + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_STRING(fp, usernames[i]); + WRITE_STRING(fp, passwd); + WRITE_INT32(fp, uids[j]); + WRITE_INT32(fp, gid); + WRITE_STRING(fp, gecos); + WRITE_STRING(fp, homedir); + WRITE_STRING(fp, shell); + } + } + } + } + } + return 0; +} + +NSLCD_HANDLE_UID( + passwd, byname, NSLCD_ACTION_PASSWD_BYNAME, + char name[BUFLEN_NAME]; + char filter[BUFLEN_FILTER]; + READ_STRING(fp, name); + log_setrequest("passwd=\"%s\"", name); + if (!isvalidname(name)) + { + log_log(LOG_WARNING, "request denied by validnames option"); + return -1; + } + nsswitch_check_reload();, + mkfilter_passwd_byname(name, filter, sizeof(filter)), + write_passwd(fp, entry, name, NULL, calleruid) +) + +NSLCD_HANDLE_UID( + passwd, byuid, NSLCD_ACTION_PASSWD_BYUID, + uid_t uid; + char filter[BUFLEN_FILTER]; + READ_INT32(fp, uid); + log_setrequest("passwd=%lu", (unsigned long int)uid); + if (uid < nslcd_cfg->nss_min_uid) + { + log_log(LOG_DEBUG, "request ignored by nss_min_uid option"); + /* return an empty result */ + WRITE_INT32(fp, NSLCD_VERSION); + WRITE_INT32(fp, NSLCD_ACTION_PASSWD_BYUID); + WRITE_INT32(fp, NSLCD_RESULT_END); + return 0; + } + nsswitch_check_reload();, + mkfilter_passwd_byuid(uid, filter, sizeof(filter)), + write_passwd(fp, entry, NULL, &uid, calleruid) +) + +NSLCD_HANDLE_UID( + passwd, all, NSLCD_ACTION_PASSWD_ALL, + const char *filter; + log_setrequest("passwd(all)"); + nsswitch_check_reload();, + (filter = passwd_filter, 0), + write_passwd(fp, entry, NULL, NULL, calleruid) +) diff --git a/nslcd/protocol.c b/nslcd/protocol.c new file mode 100644 index 0000000..0e2cc47 --- /dev/null +++ b/nslcd/protocol.c @@ -0,0 +1,197 @@ +/* + protocol.c - protocol name and number lookup routines + Parts of this file were part of the nss_ldap library (as ldap-proto.c) + which has been forked into the nss-pam-ldapd library. + + Copyright (C) 1997-2005 Luke Howard + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2014 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#ifdef HAVE_STDINT_H +#include +#endif /* HAVE_STDINT_H */ + +#include "common.h" +#include "log.h" +#include "myldap.h" +#include "cfg.h" +#include "attmap.h" + +/* ( nisSchema.2.4 NAME 'ipProtocol' SUP top STRUCTURAL + * DESC 'Abstraction of an IP protocol. Maps a protocol number + * to one or more names. The distinguished value of the cn + * attribute denotes the protocol's canonical name' + * MUST ( cn $ ipProtocolNumber ) + * MAY description ) + */ + +/* the search base for searches */ +const char *protocol_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; + +/* the search scope for searches */ +int protocol_scope = LDAP_SCOPE_DEFAULT; + +/* the basic search filter for searches */ +const char *protocol_filter = "(objectClass=ipProtocol)"; + +/* the attributes used in searches */ +const char *attmap_protocol_cn = "cn"; +const char *attmap_protocol_ipProtocolNumber = "ipProtocolNumber"; + +/* the attribute list to request with searches */ +static const char *protocol_attrs[3]; + +static int mkfilter_protocol_byname(const char *name, + char *buffer, size_t buflen) +{ + char safename[BUFLEN_SAFENAME]; + /* escape attribute */ + if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_protocol_byname(): safename buffer too small"); + return -1; + } + /* build filter */ + return mysnprintf(buffer, buflen, "(&%s(%s=%s))", + protocol_filter, attmap_protocol_cn, safename); +} + +/* create a search filter for searching a protocol entry + by uid, return -1 on errors */ +static int mkfilter_protocol_bynumber(int protocol, + char *buffer, size_t buflen) +{ + return mysnprintf(buffer, buflen, "(&%s(%s=%d))", + protocol_filter, attmap_protocol_ipProtocolNumber, protocol); +} + +void protocol_init(void) +{ + int i; + /* set up search bases */ + if (protocol_bases[0] == NULL) + for (i = 0; i < NSS_LDAP_CONFIG_MAX_BASES; i++) + protocol_bases[i] = nslcd_cfg->bases[i]; + /* set up scope */ + if (protocol_scope == LDAP_SCOPE_DEFAULT) + protocol_scope = nslcd_cfg->scope; + /* set up attribute list */ + protocol_attrs[0] = attmap_protocol_cn; + protocol_attrs[1] = attmap_protocol_ipProtocolNumber; + protocol_attrs[2] = NULL; +} + +static int write_protocol(TFILE *fp, MYLDAP_ENTRY *entry, const char *reqname) +{ + int32_t tmpint32, tmp2int32, tmp3int32; + const char *name; + const char **aliases; + const char **protos; + char *tmp; + long proto; + int i; + /* get the most canonical name */ + name = myldap_get_rdn_value(entry, attmap_protocol_cn); + /* get the other names for the protocol */ + aliases = myldap_get_values(entry, attmap_protocol_cn); + if ((aliases == NULL) || (aliases[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_protocol_cn); + return 0; + } + /* if the protocol name is not yet found, get the first entry */ + if (name == NULL) + name = aliases[0]; + /* check case of returned protocol entry */ + if ((reqname != NULL) && (STR_CMP(reqname, name) != 0)) + { + for (i = 0; (aliases[i] != NULL) && (STR_CMP(reqname, aliases[i]) != 0); i++) + /* nothing */ ; + if (aliases[i] == NULL) + return 0; /* neither the name nor any of the aliases matched */ + } + /* get the protocol number */ + protos = myldap_get_values(entry, attmap_protocol_ipProtocolNumber); + if ((protos == NULL) || (protos[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_protocol_ipProtocolNumber); + return 0; + } + else if (protos[1] != NULL) + { + log_log(LOG_WARNING, "%s: %s: multiple values", + myldap_get_dn(entry), attmap_protocol_ipProtocolNumber); + } + errno = 0; + proto = strtol(protos[0], &tmp, 10); + if ((*(protos[0]) == '\0') || (*tmp != '\0')) + { + log_log(LOG_WARNING, "%s: %s: non-numeric", + myldap_get_dn(entry), attmap_protocol_ipProtocolNumber); + return 0; + } + else if ((errno != 0) || (proto < 0) || (proto > (long)UINT8_MAX)) + { + log_log(LOG_WARNING, "%s: %s: out of range", + myldap_get_dn(entry), attmap_protocol_ipProtocolNumber); + return 0; + } + /* write entry */ + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_STRING(fp, name); + WRITE_STRINGLIST_EXCEPT(fp, aliases, name); + /* proto number is actually an 8-bit value but we write 32 bits anyway */ + WRITE_INT32(fp, proto); + return 0; +} + +NSLCD_HANDLE( + protocol, byname, NSLCD_ACTION_PROTOCOL_BYNAME, + char name[BUFLEN_NAME]; + char filter[BUFLEN_FILTER]; + READ_STRING(fp, name); + log_setrequest("protocol=\"%s\"", name);, + mkfilter_protocol_byname(name, filter, sizeof(filter)), + write_protocol(fp, entry, name) +) + +NSLCD_HANDLE( + protocol, bynumber, NSLCD_ACTION_PROTOCOL_BYNUMBER, + int protocol; + char filter[BUFLEN_FILTER]; + READ_INT32(fp, protocol); + log_setrequest("protocol=%lu", (unsigned long int)protocol);, + mkfilter_protocol_bynumber(protocol, filter, sizeof(filter)), + write_protocol(fp, entry, NULL) +) + +NSLCD_HANDLE( + protocol, all, NSLCD_ACTION_PROTOCOL_ALL, + const char *filter; + log_setrequest("protocol(all)");, + (filter = protocol_filter, 0), + write_protocol(fp, entry, NULL) +) diff --git a/nslcd/rpc.c b/nslcd/rpc.c new file mode 100644 index 0000000..4021978 --- /dev/null +++ b/nslcd/rpc.c @@ -0,0 +1,195 @@ +/* + rpc.c - rpc name lookup routines + Parts of this file were part of the nss_ldap library (as ldap-rpc.c) which + has been forked into the nss-pam-ldapd library. + + Copyright (C) 1997-2005 Luke Howard + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2014 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#ifdef HAVE_STDINT_H +#include +#endif /* HAVE_STDINT_H */ + +#include "common.h" +#include "log.h" +#include "myldap.h" +#include "cfg.h" +#include "attmap.h" + +/* ( nisSchema.2.5 NAME 'oncRpc' SUP top STRUCTURAL + * DESC 'Abstraction of an Open Network Computing (ONC) + * [RFC1057] Remote Procedure Call (RPC) binding. + * This class maps an ONC RPC number to a name. + * The distinguished value of the cn attribute denotes + * the RPC service's canonical name' + * MUST ( cn $ oncRpcNumber ) + * MAY description ) + */ + +/* the search base for searches */ +const char *rpc_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; + +/* the search scope for searches */ +int rpc_scope = LDAP_SCOPE_DEFAULT; + +/* the basic search filter for searches */ +const char *rpc_filter = "(objectClass=oncRpc)"; + +/* the attributes to request with searches */ +const char *attmap_rpc_cn = "cn"; +const char *attmap_rpc_oncRpcNumber = "oncRpcNumber"; + +/* the attribute list to request with searches */ +static const char *rpc_attrs[3]; + +static int mkfilter_rpc_byname(const char *name, char *buffer, size_t buflen) +{ + char safename[BUFLEN_SAFENAME]; + /* escape attribute */ + if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_rpc_byname(): safename buffer too small"); + return -1; + } + /* build filter */ + return mysnprintf(buffer, buflen, "(&%s(%s=%s))", + rpc_filter, attmap_rpc_cn, safename); +} + +static int mkfilter_rpc_bynumber(int number, char *buffer, size_t buflen) +{ + return mysnprintf(buffer, buflen, "(&%s(%s=%d))", + rpc_filter, attmap_rpc_oncRpcNumber, number); +} + +void rpc_init(void) +{ + int i; + /* set up search bases */ + if (rpc_bases[0] == NULL) + for (i = 0; i < NSS_LDAP_CONFIG_MAX_BASES; i++) + rpc_bases[i] = nslcd_cfg->bases[i]; + /* set up scope */ + if (rpc_scope == LDAP_SCOPE_DEFAULT) + rpc_scope = nslcd_cfg->scope; + /* set up attribute list */ + rpc_attrs[0] = attmap_rpc_cn; + rpc_attrs[1] = attmap_rpc_oncRpcNumber; + rpc_attrs[2] = NULL; +} + +/* write a single rpc entry to the stream */ +static int write_rpc(TFILE *fp, MYLDAP_ENTRY *entry, const char *reqname) +{ + int32_t tmpint32, tmp2int32, tmp3int32; + const char *name; + const char **aliases; + const char **numbers; + char *tmp; + unsigned long number; + int i; + /* get the most canonical name */ + name = myldap_get_rdn_value(entry, attmap_rpc_cn); + /* get the other names for the rpc entries */ + aliases = myldap_get_values(entry, attmap_rpc_cn); + if ((aliases == NULL) || (aliases[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_rpc_cn); + return 0; + } + /* if the rpc name is not yet found, get the first entry */ + if (name == NULL) + name = aliases[0]; + /* check case of returned rpc entry */ + if ((reqname != NULL) && (STR_CMP(reqname, name) != 0)) + { + for (i = 0; (aliases[i] != NULL) && (STR_CMP(reqname, aliases[i]) != 0); i++) + /* nothing */ ; + if (aliases[i] == NULL) + return 0; /* neither the name nor any of the aliases matched */ + } + /* get the rpc number */ + numbers = myldap_get_values(entry, attmap_rpc_oncRpcNumber); + if ((numbers == NULL) || (numbers[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_rpc_oncRpcNumber); + return 0; + } + else if (numbers[1] != NULL) + { + log_log(LOG_WARNING, "%s: %s: multiple values", + myldap_get_dn(entry), attmap_rpc_oncRpcNumber); + } + errno = 0; + number = strtol(numbers[0], &tmp, 10); + if ((*(numbers[0]) == '\0') || (*tmp != '\0')) + { + log_log(LOG_WARNING, "%s: %s: non-numeric", + myldap_get_dn(entry), attmap_rpc_oncRpcNumber); + return 0; + } + else if ((errno != 0) || (number > UINT32_MAX)) + { + log_log(LOG_WARNING, "%s: %s: out of range", + myldap_get_dn(entry), attmap_rpc_oncRpcNumber); + return 0; + } + /* write the entry */ + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_STRING(fp, name); + WRITE_STRINGLIST_EXCEPT(fp, aliases, name); + WRITE_INT32(fp, number); + return 0; +} + +NSLCD_HANDLE( + rpc, byname, NSLCD_ACTION_RPC_BYNAME, + char name[BUFLEN_NAME]; + char filter[BUFLEN_FILTER]; + READ_STRING(fp, name); + log_setrequest("rpc=\"%s\"", name);, + mkfilter_rpc_byname(name, filter, sizeof(filter)), + write_rpc(fp, entry, name) +) + +NSLCD_HANDLE( + rpc, bynumber, NSLCD_ACTION_RPC_BYNUMBER, + int number; + char filter[BUFLEN_FILTER]; + READ_INT32(fp, number); + log_setrequest("rpc=%lu", (unsigned long int)number);, + mkfilter_rpc_bynumber(number, filter, sizeof(filter)), + write_rpc(fp, entry, NULL) +) + +NSLCD_HANDLE( + rpc, all, NSLCD_ACTION_RPC_ALL, + const char *filter; + log_setrequest("rpc(all)");, + (filter = rpc_filter, 0), + write_rpc(fp, entry, NULL) +) diff --git a/nslcd/service.c b/nslcd/service.c new file mode 100644 index 0000000..1e5d615 --- /dev/null +++ b/nslcd/service.c @@ -0,0 +1,246 @@ +/* + service.c - service entry lookup routines + Parts of this file were part of the nss_ldap library (as ldap-service.c) + which has been forked into the nss-pam-ldapd library. + + Copyright (C) 1997-2005 Luke Howard + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2014 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#ifdef HAVE_STDINT_H +#include +#endif /* HAVE_STDINT_H */ + +#include "common.h" +#include "log.h" +#include "myldap.h" +#include "cfg.h" +#include "attmap.h" + +/* ( nisSchema.2.3 NAME 'ipService' SUP top STRUCTURAL + * DESC 'Abstraction an Internet Protocol service. + * Maps an IP port and protocol (such as tcp or udp) + * to one or more names; the distinguished value of + * the cn attribute denotes the service's canonical + * name' + * MUST ( cn $ ipServicePort $ ipServiceProtocol ) + * MAY ( description ) ) + */ + +/* the search base for searches */ +const char *service_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; + +/* the search scope for searches */ +int service_scope = LDAP_SCOPE_DEFAULT; + +/* the basic search filter for searches */ +const char *service_filter = "(objectClass=ipService)"; + +/* the attributes to request with searches */ +const char *attmap_service_cn = "cn"; +const char *attmap_service_ipServicePort = "ipServicePort"; +const char *attmap_service_ipServiceProtocol = "ipServiceProtocol"; + +/* the attribute list to request with searches */ +static const char *service_attrs[4]; + +static int mkfilter_service_byname(const char *name, const char *protocol, + char *buffer, size_t buflen) +{ + char safename[BUFLEN_SAFENAME], safeprotocol[BUFLEN_SAFENAME]; + /* escape attributes */ + if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_service_byname(): safename buffer too small"); + return -1; + } + /* build filter */ + if (*protocol != '\0') + { + if (myldap_escape(protocol, safeprotocol, sizeof(safeprotocol))) + { + log_log(LOG_ERR, "mkfilter_service_byname(): safeprotocol buffer too small"); + return -1; + } + return mysnprintf(buffer, buflen, "(&%s(%s=%s)(%s=%s))", + service_filter, attmap_service_cn, safename, + attmap_service_ipServiceProtocol, safeprotocol); + } + else + return mysnprintf(buffer, buflen, "(&%s(%s=%s))", + service_filter, attmap_service_cn, safename); +} + +static int mkfilter_service_bynumber(int number, const char *protocol, + char *buffer, size_t buflen) +{ + char safeprotocol[BUFLEN_SAFENAME]; + if (*protocol != '\0') + { + if (myldap_escape(protocol, safeprotocol, sizeof(safeprotocol))) + { + log_log(LOG_ERR, "mkfilter_service_bynumber(): safeprotocol buffer too small"); + return -1; + } + return mysnprintf(buffer, buflen, "(&%s(%s=%d)(%s=%s))", + service_filter, attmap_service_ipServicePort, number, + attmap_service_ipServiceProtocol, safeprotocol); + } + else + return mysnprintf(buffer, buflen, "(&%s(%s=%d))", + service_filter, attmap_service_ipServicePort, number); +} + +void service_init(void) +{ + int i; + /* set up search bases */ + if (service_bases[0] == NULL) + for (i = 0; i < NSS_LDAP_CONFIG_MAX_BASES; i++) + service_bases[i] = nslcd_cfg->bases[i]; + /* set up scope */ + if (service_scope == LDAP_SCOPE_DEFAULT) + service_scope = nslcd_cfg->scope; + /* set up attribute list */ + service_attrs[0] = attmap_service_cn; + service_attrs[1] = attmap_service_ipServicePort; + service_attrs[2] = attmap_service_ipServiceProtocol; + service_attrs[3] = NULL; +} + +static int write_service(TFILE *fp, MYLDAP_ENTRY *entry, + const char *reqname, const char *reqprotocol) +{ + int32_t tmpint32, tmp2int32, tmp3int32; + const char *name; + const char **aliases; + const char **ports; + const char **protocols; + char *tmp; + long port; + int i; + /* get the most canonical name */ + name = myldap_get_rdn_value(entry, attmap_service_cn); + /* get the other names for the service entries */ + aliases = myldap_get_values(entry, attmap_service_cn); + if ((aliases == NULL) || (aliases[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_service_cn); + return 0; + } + /* if the service name is not yet found, get the first entry */ + if (name == NULL) + name = aliases[0]; + /* check case of returned services entry */ + if ((reqname != NULL) && (STR_CMP(reqname, name) != 0)) + { + for (i = 0; (aliases[i] != NULL) && (STR_CMP(reqname, aliases[i]) != 0); i++) + /* nothing */ ; + if (aliases[i] == NULL) + return 0; /* neither the name nor any of the aliases matched */ + } + /* get the service number */ + ports = myldap_get_values(entry, attmap_service_ipServicePort); + if ((ports == NULL) || (ports[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_service_ipServicePort); + return 0; + } + else if (ports[1] != NULL) + { + log_log(LOG_WARNING, "%s: %s: multiple values", + myldap_get_dn(entry), attmap_service_ipServicePort); + } + errno = 0; + port = strtol(ports[0], &tmp, 10); + if ((*(ports[0]) == '\0') || (*tmp != '\0')) + { + log_log(LOG_WARNING, "%s: %s: non-numeric value", + myldap_get_dn(entry), attmap_service_ipServicePort); + return 0; + } + else if ((errno != 0) || (port <= 0) || (port > (long)UINT16_MAX)) + { + log_log(LOG_WARNING, "%s: %s: out of range", + myldap_get_dn(entry), attmap_service_ipServicePort); + return 0; + } + /* get protocols */ + protocols = myldap_get_values(entry, attmap_service_ipServiceProtocol); + if ((protocols == NULL) || (protocols[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_service_ipServiceProtocol); + return 0; + } + /* write the entries */ + for (i = 0; protocols[i] != NULL; i++) + if ((reqprotocol == NULL) || (*reqprotocol == '\0') || + (STR_CMP(reqprotocol, protocols[i]) == 0)) + { + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_STRING(fp, name); + WRITE_STRINGLIST_EXCEPT(fp, aliases, name); + /* port number is actually a 16-bit value but we write 32 bits anyway */ + WRITE_INT32(fp, port); + WRITE_STRING(fp, protocols[i]); + } + return 0; +} + +NSLCD_HANDLE( + service, byname, NSLCD_ACTION_SERVICE_BYNAME, + char name[BUFLEN_NAME]; + char protocol[BUFLEN_NAME]; + char filter[BUFLEN_FILTER]; + READ_STRING(fp, name); + READ_STRING(fp, protocol); + log_setrequest("service=\"%s\"%s%s", name, + *protocol != '\0' ? "/" : "", protocol);, + mkfilter_service_byname(name, protocol, filter, sizeof(filter)), + write_service(fp, entry, name, protocol) +) + +NSLCD_HANDLE( + service, bynumber, NSLCD_ACTION_SERVICE_BYNUMBER, + int number; + char protocol[BUFLEN_NAME]; + char filter[BUFLEN_FILTER]; + READ_INT32(fp, number); + READ_STRING(fp, protocol); + log_setrequest("service=%lu%s%s", (unsigned long int)number, + *protocol != '\0' ? "/" : "", protocol);, + mkfilter_service_bynumber(number, protocol, filter, sizeof(filter)), + write_service(fp, entry, NULL, protocol) +) + +NSLCD_HANDLE( + service, all, NSLCD_ACTION_SERVICE_ALL, + const char *filter; + log_setrequest("service(all)");, + (filter = service_filter, 0), + write_service(fp, entry, NULL, NULL) +) diff --git a/nslcd/shadow.c b/nslcd/shadow.c new file mode 100644 index 0000000..5fe5a94 --- /dev/null +++ b/nslcd/shadow.c @@ -0,0 +1,335 @@ +/* + shadow.c - shadow entry lookup routines + Parts of this file were part of the nss_ldap library (as ldap-spwd.c) + which has been forked into the nss-pam-ldapd library. + + Copyright (C) 1997-2005 Luke Howard + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2014 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include + +#include "common.h" +#include "log.h" +#include "myldap.h" +#include "cfg.h" +#include "attmap.h" + +/* ( nisSchema.2.1 NAME 'shadowAccount' SUP top AUXILIARY + * DESC 'Additional attributes for shadow passwords' + * MUST uid + * MAY ( userPassword $ shadowLastChange $ shadowMin + * shadowMax $ shadowWarning $ shadowInactive $ + * shadowExpire $ shadowFlag $ description ) ) + */ + +/* the search base for searches */ +const char *shadow_bases[NSS_LDAP_CONFIG_MAX_BASES] = { NULL }; + +/* the search scope for searches */ +int shadow_scope = LDAP_SCOPE_DEFAULT; + +/* the basic search filter for searches */ +const char *shadow_filter = "(objectClass=shadowAccount)"; + +/* the attributes to request with searches */ +const char *attmap_shadow_uid = "uid"; +const char *attmap_shadow_userPassword = "\"*\""; +const char *attmap_shadow_shadowLastChange = "\"${shadowLastChange:--1}\""; +const char *attmap_shadow_shadowMin = "\"${shadowMin:--1}\""; +const char *attmap_shadow_shadowMax = "\"${shadowMax:--1}\""; +const char *attmap_shadow_shadowWarning = "\"${shadowWarning:--1}\""; +const char *attmap_shadow_shadowInactive = "\"${shadowInactive:--1}\""; +const char *attmap_shadow_shadowExpire = "\"${shadowExpire:--1}\""; +const char *attmap_shadow_shadowFlag = "\"${shadowFlag:-0}\""; + +/* default values for attributes */ +static const char *default_shadow_userPassword = "*"; /* unmatchable */ + +/* the attribute list to request with searches */ +static const char **shadow_attrs = NULL; + +static int mkfilter_shadow_byname(const char *name, char *buffer, size_t buflen) +{ + char safename[BUFLEN_SAFENAME]; + /* escape attribute */ + if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_shadow_byname(): safename buffer too small"); + return -1; + } + /* build filter */ + return mysnprintf(buffer, buflen, "(&%s(%s=%s))", + shadow_filter, attmap_shadow_uid, safename); +} + +void shadow_init(void) +{ + int i; + SET *set; + /* set up search bases */ + if (shadow_bases[0] == NULL) + for (i = 0; i < NSS_LDAP_CONFIG_MAX_BASES; i++) + shadow_bases[i] = nslcd_cfg->bases[i]; + /* set up scope */ + if (shadow_scope == LDAP_SCOPE_DEFAULT) + shadow_scope = nslcd_cfg->scope; + /* set up attribute list */ + set = set_new(); + attmap_add_attributes(set, attmap_shadow_uid); + attmap_add_attributes(set, attmap_shadow_userPassword); + attmap_add_attributes(set, attmap_shadow_shadowLastChange); + attmap_add_attributes(set, attmap_shadow_shadowMax); + attmap_add_attributes(set, attmap_shadow_shadowMin); + attmap_add_attributes(set, attmap_shadow_shadowWarning); + attmap_add_attributes(set, attmap_shadow_shadowInactive); + attmap_add_attributes(set, attmap_shadow_shadowExpire); + attmap_add_attributes(set, attmap_shadow_shadowFlag); + shadow_attrs = set_tolist(set); + if (shadow_attrs == NULL) + { + log_log(LOG_CRIT, "malloc() failed to allocate memory"); + exit(EXIT_FAILURE); + } + set_free(set); +} + +static long to_date(const char *dn, const char *date, const char *attr) +{ + char buffer[32]; + long value; + char *tmp; + size_t l; + /* do some special handling for date values on AD */ + if (strcasecmp(attr, "pwdLastSet") == 0) + { + /* we expect an AD 64-bit datetime value; + we should do date=date/864000000000-134774 + but that causes problems on 32-bit platforms, + first we divide by 1000000000 by stripping the + last 9 digits from the string and going from there */ + l = strlen(date) - 9; + if (l > (sizeof(buffer) - 1)) + return -1; /* error */ + strncpy(buffer, date, l); + buffer[l] = '\0'; + errno = 0; + value = strtol(buffer, &tmp, 10); + if ((*date == '\0') || (*tmp != '\0')) + { + log_log(LOG_WARNING, "%s: %s: non-numeric", dn, attr); + return -1; + } + else if (errno != 0) + { + log_log(LOG_WARNING, "%s: %s: out of range", dn, attr); + return -1; + } + return value / 864 - 134774; + /* note that AD does not have expiry dates but a lastchangeddate + and some value that needs to be added */ + } + errno = 0; + value = strtol(date, &tmp, 10); + if ((*date == '\0') || (*tmp != '\0')) + { + log_log(LOG_WARNING, "%s: %s: non-numeric", dn, attr); + return -1; + } + else if (errno != 0) + { + log_log(LOG_WARNING, "%s: %s: out of range", dn, attr); + return -1; + } + return value; +} + +#ifndef UF_DONT_EXPIRE_PASSWD +#define UF_DONT_EXPIRE_PASSWD 0x10000 +#endif + +#define GET_OPTIONAL_LONG(var, att, fallback) \ + tmpvalue = attmap_get_value(entry, attmap_shadow_##att, \ + buffer, sizeof(buffer)); \ + if (tmpvalue == NULL) \ + tmpvalue = ""; \ + errno = 0; \ + var = strtol(tmpvalue, &tmp, 10); \ + if ((*(tmpvalue) == '\0') || (*tmp != '\0')) \ + { \ + log_log(LOG_WARNING, "%s: %s: non-numeric", \ + myldap_get_dn(entry), attmap_shadow_##att); \ + var = fallback; \ + } \ + else if (errno != 0) \ + { \ + log_log(LOG_WARNING, "%s: %s: out of range", \ + myldap_get_dn(entry), attmap_shadow_##att); \ + var = fallback; \ + } + +void get_shadow_properties(MYLDAP_ENTRY *entry, long *lastchangedate, + long *mindays, long *maxdays, long *warndays, + long *inactdays, long *expiredate, + unsigned long *flag) +{ + char buffer[64]; + const char *tmpvalue; + char *tmp; + /* get lastchange date */ + tmpvalue = attmap_get_value(entry, attmap_shadow_shadowLastChange, + buffer, sizeof(buffer)); + if (tmpvalue == NULL) + tmpvalue = ""; + *lastchangedate = to_date(myldap_get_dn(entry), tmpvalue, attmap_shadow_shadowLastChange); + /* get other shadow properties */ + GET_OPTIONAL_LONG(*mindays, shadowMin, -1); + GET_OPTIONAL_LONG(*maxdays, shadowMax, -1); + GET_OPTIONAL_LONG(*warndays, shadowWarning, -1); + GET_OPTIONAL_LONG(*inactdays, shadowInactive, -1); + GET_OPTIONAL_LONG(*expiredate, shadowExpire, -1); + GET_OPTIONAL_LONG(*flag, shadowFlag, 0); + /* if we're using AD handle the flag specially */ + if (strcasecmp(attmap_shadow_shadowLastChange, "pwdLastSet") == 0) + { + if (*flag & UF_DONT_EXPIRE_PASSWD) + *maxdays = -1; + *flag = 0; + } +} + +static int write_shadow(TFILE *fp, MYLDAP_ENTRY *entry, const char *requser, + uid_t calleruid) +{ + int32_t tmpint32; + const char **usernames; + const char *passwd; + long lastchangedate; + long mindays; + long maxdays; + long warndays; + long inactdays; + long expiredate; + unsigned long flag; + int i; + char passbuffer[BUFLEN_PASSWORDHASH]; + /* get username */ + usernames = myldap_get_values(entry, attmap_shadow_uid); + if ((usernames == NULL) || (usernames[0] == NULL)) + { + log_log(LOG_WARNING, "%s: %s: missing", + myldap_get_dn(entry), attmap_shadow_uid); + return 0; + } + /* get password */ + passwd = get_userpassword(entry, attmap_shadow_userPassword, + passbuffer, sizeof(passbuffer)); + if ((passwd == NULL) || (calleruid != 0)) + passwd = default_shadow_userPassword; + /* get expiry properties */ + get_shadow_properties(entry, &lastchangedate, &mindays, &maxdays, &warndays, + &inactdays, &expiredate, &flag); + /* write the entries */ + for (i = 0; usernames[i] != NULL; i++) + if ((requser == NULL) || (STR_CMP(requser, usernames[i]) == 0)) + { + if (!isvalidname(usernames[i])) + { + log_log(LOG_WARNING, "%s: %s: denied by validnames option", + myldap_get_dn(entry), attmap_passwd_uid); + } + else + { + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + WRITE_STRING(fp, usernames[i]); + WRITE_STRING(fp, passwd); + WRITE_INT32(fp, lastchangedate); + WRITE_INT32(fp, mindays); + WRITE_INT32(fp, maxdays); + WRITE_INT32(fp, warndays); + WRITE_INT32(fp, inactdays); + WRITE_INT32(fp, expiredate); + WRITE_INT32(fp, flag); + } + } + return 0; +} + +MYLDAP_ENTRY *shadow_uid2entry(MYLDAP_SESSION *session, const char *username, + int *rcp) +{ + MYLDAP_SEARCH *search = NULL; + MYLDAP_ENTRY *entry = NULL; + const char *base; + char filter[BUFLEN_FILTER]; + int i; + /* if it isn't a valid username, just bail out now */ + if (!isvalidname(username)) + { + if (rcp != NULL) + *rcp = LDAP_INVALID_SYNTAX; + return NULL; + } + /* we have to look up the entry */ + mkfilter_shadow_byname(username, filter, sizeof(filter)); + for (i = 0; (i < NSS_LDAP_CONFIG_MAX_BASES) && ((base = shadow_bases[i]) != NULL); i++) + { + search = myldap_search(session, base, shadow_scope, filter, shadow_attrs, rcp); + if (search == NULL) + { + if ((rcp != NULL) && (*rcp == LDAP_SUCCESS)) + *rcp = LDAP_NO_SUCH_OBJECT; + return NULL; + } + entry = myldap_get_entry(search, rcp); + if (entry != NULL) + return entry; + } + if ((rcp != NULL) && (*rcp == LDAP_SUCCESS)) + *rcp = LDAP_NO_SUCH_OBJECT; + return NULL; +} + +NSLCD_HANDLE_UID( + shadow, byname, NSLCD_ACTION_SHADOW_BYNAME, + char name[BUFLEN_NAME]; + char filter[BUFLEN_FILTER]; + READ_STRING(fp, name); + log_setrequest("shadow=\"%s\"", name); + if (!isvalidname(name)) + { + log_log(LOG_WARNING, "request denied by validnames option"); + return -1; + }, + mkfilter_shadow_byname(name, filter, sizeof(filter)), + write_shadow(fp, entry, name, calleruid) +) + +NSLCD_HANDLE_UID( + shadow, all, NSLCD_ACTION_SHADOW_ALL, + const char *filter; + log_setrequest("shadow(all)");, + (filter = shadow_filter, 0), + write_shadow(fp, entry, NULL, calleruid) +) diff --git a/nslcd/usermod.c b/nslcd/usermod.c new file mode 100644 index 0000000..ad82e7d --- /dev/null +++ b/nslcd/usermod.c @@ -0,0 +1,294 @@ +/* + usermod.c - routines for changing user information such as full name, + login shell, etc + + Copyright (C) 2013-2017 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#ifdef HAVE_STDINT_H +#include +#endif /* HAVE_STDINT_H */ +#include +#include + +#include "common.h" +#include "log.h" +#include "myldap.h" +#include "cfg.h" +#include "attmap.h" +#include "compat/shell.h" + +/* ensure that both userdn and username are filled in from the entry, + returns an LDAP result code */ +static MYLDAP_ENTRY *validate_user(MYLDAP_SESSION *session, + char *username, int *rcp) +{ + int rc; + MYLDAP_ENTRY *entry = NULL; + /* check username for validity */ + if (!isvalidname(username)) + { + log_log(LOG_WARNING, "request denied by validnames option"); + *rcp = LDAP_NO_SUCH_OBJECT; + return NULL; + } + /* get the user entry based on the username */ + entry = uid2entry(session, username, &rc); + if (entry == NULL) + { + if (rc == LDAP_SUCCESS) + rc = LDAP_NO_SUCH_OBJECT; + log_log(LOG_DEBUG, "\"%s\": user not found: %s", username, ldap_err2string(rc)); + *rcp = rc; + return NULL; + } + return entry; +} + +static int is_valid_homedir(const char *homedir) +{ + struct stat sb; + /* should be absolute path */ + if (homedir[0] != '/') + return 0; + /* get directory status */ + if (stat(homedir, &sb)) + { + log_log(LOG_DEBUG, "cannot stat() %s: %s", homedir, strerror(errno)); + return 0; + } + /* check if a directory */ + if (!S_ISDIR(sb.st_mode)) + { + log_log(LOG_DEBUG, "%s: not a directory", homedir); + return 0; + } + /* FIXME: check ownership */ + return 1; +} + +static int is_valid_shell(const char *shell) +{ + int valid = 0; + char *l; + setusershell(); + while ((l = getusershell()) != NULL) + { + if (strcmp(l, shell) == 0) + { + valid = 1; + break; + } + } + endusershell(); + return valid; +} + +static MYLDAP_SESSION *get_session(const char *binddn, const char *password, + int *rcp) +{ + MYLDAP_SESSION *session; + /* set up a new connection */ + session = myldap_create_session(); + if (session == NULL) + { + *rcp = LDAP_UNAVAILABLE; + return NULL; + } + /* check that we can bind */ + *rcp = myldap_bind(session, binddn, password, NULL, NULL); + if (*rcp != LDAP_SUCCESS) + { + myldap_session_close(session); + return NULL; + } + return session; +} + +#define ADD_MOD(attribute, value) \ + if ((value != NULL) && (attribute[0] != '"')) \ + { \ + strvals[i * 2] = (char *)value; \ + strvals[i * 2 + 1] = NULL; \ + mods[i].mod_op = LDAP_MOD_REPLACE; \ + mods[i].mod_type = (char *)attribute; \ + mods[i].mod_values = strvals + (i * 2); \ + modsp[i] = mods + i; \ + i++; \ + } + +static int change(MYLDAP_SESSION *session, const char *userdn, + const char *homedir, const char *shell) +{ + #define NUMARGS 2 + char *strvals[(NUMARGS + 1) * 2]; + LDAPMod mods[(NUMARGS + 1)], *modsp[(NUMARGS + 1)]; + int i = 0; + /* build the list of modifications */ + ADD_MOD(attmap_passwd_homeDirectory, homedir); + ADD_MOD(attmap_passwd_loginShell, shell); + /* terminate the list of modifications */ + modsp[i] = NULL; + /* execute the update */ + return myldap_modify(session, userdn, modsp); +} + +int nslcd_usermod(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid) +{ + int32_t tmpint32; + int rc = LDAP_SUCCESS; + char username[BUFLEN_NAME]; + int asroot, isroot; + char password[BUFLEN_PASSWORD]; + int32_t param; + char buffer[4096]; + size_t buflen = sizeof(buffer); + size_t bufptr = 0; + const char *value = NULL; + const char *fullname = NULL, *roomnumber = NULL, *workphone = NULL; + const char *homephone = NULL, *other = NULL, *homedir = NULL; + const char *shell = NULL; + const char *binddn = NULL; /* the user performing the modification */ + MYLDAP_ENTRY *entry; + MYLDAP_SESSION *newsession; + char errmsg[BUFLEN_MESSAGE]; + /* read request parameters */ + READ_STRING(fp, username); + READ_INT32(fp, asroot); + READ_STRING(fp, password); + /* read the usermod parameters */ + while (1) + { + READ_INT32(fp, param); + if (param == NSLCD_USERMOD_END) + break; + READ_BUF_STRING(fp, value); + switch (param) + { + case NSLCD_USERMOD_FULLNAME: fullname = value; break; + case NSLCD_USERMOD_ROOMNUMBER: roomnumber = value; break; + case NSLCD_USERMOD_WORKPHONE: workphone = value; break; + case NSLCD_USERMOD_HOMEPHONE: homephone = value; break; + case NSLCD_USERMOD_OTHER: other = value; break; + case NSLCD_USERMOD_HOMEDIR: homedir = value; break; + case NSLCD_USERMOD_SHELL: shell = value; break; + default: /* other parameters are silently ignored */ break; + } + } + /* log call */ + log_setrequest("usermod=\"%s\"", username); + log_log(LOG_DEBUG, "nslcd_usermod(\"%s\",%s,\"%s\")", + username, asroot ? "asroot" : "asuser", *password ? "***" : ""); + if (fullname != NULL) + log_log(LOG_DEBUG, "nslcd_usermod(fullname=\"%s\")", fullname); + if (roomnumber != NULL) + log_log(LOG_DEBUG, "nslcd_usermod(roomnumber=\"%s\")", roomnumber); + if (workphone != NULL) + log_log(LOG_DEBUG, "nslcd_usermod(workphone=\"%s\")", workphone); + if (homephone != NULL) + log_log(LOG_DEBUG, "nslcd_usermod(homephone=\"%s\")", homephone); + if (other != NULL) + log_log(LOG_DEBUG, "nslcd_usermod(other=\"%s\")", other); + if (homedir != NULL) + log_log(LOG_DEBUG, "nslcd_usermod(homedir=\"%s\")", homedir); + if (shell != NULL) + log_log(LOG_DEBUG, "nslcd_usermod(shell=\"%s\")", shell); + /* write the response header */ + WRITE_INT32(fp, NSLCD_VERSION); + WRITE_INT32(fp, NSLCD_ACTION_USERMOD); + /* validate request */ + entry = validate_user(session, username, &rc); + if (entry == NULL) + { + /* for user not found we just say no result, otherwise break the protocol */ + if (rc == LDAP_NO_SUCH_OBJECT) + { + WRITE_INT32(fp, NSLCD_RESULT_END); + } + return -1; + } + /* check if it is a modification as root */ + isroot = (calleruid == 0) && asroot; + if (asroot) + { + if (nslcd_cfg->rootpwmoddn == NULL) + { + log_log(LOG_NOTICE, "rootpwmoddn not configured"); + /* we break the protocol */ + return -1; + } + binddn = nslcd_cfg->rootpwmoddn; + /* check if rootpwmodpw should be used */ + if ((*password == '\0') && isroot && (nslcd_cfg->rootpwmodpw != NULL)) + { + if (strlen(nslcd_cfg->rootpwmodpw) >= sizeof(password)) + { + log_log(LOG_ERR, "nslcd_pam_pwmod(): rootpwmodpw will not fit in password"); + return -1; + } + strcpy(password, nslcd_cfg->rootpwmodpw); + } + } + else + binddn = myldap_get_dn(entry); + WRITE_INT32(fp, NSLCD_RESULT_BEGIN); + /* home directory change requires either root or valid directory */ + if ((homedir != NULL) && (!isroot) && !is_valid_homedir(homedir)) + { + log_log(LOG_NOTICE, "invalid directory: %s", homedir); + WRITE_INT32(fp, NSLCD_USERMOD_HOMEDIR); + WRITE_STRING(fp, "invalid directory"); + homedir = NULL; + } + /* shell change requires either root or a valid shell */ + if ((shell != NULL) && (!isroot) && !is_valid_shell(shell)) + { + log_log(LOG_NOTICE, "invalid shell: %s", shell); + WRITE_INT32(fp, NSLCD_USERMOD_SHELL); + WRITE_STRING(fp, "invalid shell"); + shell = NULL; + } + /* perform requested changes */ + newsession = get_session(binddn, password, &rc); + if (newsession != NULL) + { + rc = change(newsession, myldap_get_dn(entry), homedir, shell); + myldap_session_close(newsession); + } + /* return response to caller */ + if (rc != LDAP_SUCCESS) + { + log_log(LOG_WARNING, "%s: modification failed: %s", + myldap_get_dn(entry), ldap_err2string(rc)); + mysnprintf(errmsg, sizeof(errmsg) - 1, "change failed: %s", ldap_err2string(rc)); + WRITE_INT32(fp, NSLCD_USERMOD_RESULT); + WRITE_STRING(fp, errmsg); + WRITE_INT32(fp, NSLCD_USERMOD_END); + WRITE_INT32(fp, NSLCD_RESULT_END); + return 0; + } + log_log(LOG_NOTICE, "changed information for %s", myldap_get_dn(entry)); + WRITE_INT32(fp, NSLCD_USERMOD_END); + WRITE_INT32(fp, NSLCD_RESULT_END); + return 0; +} diff --git a/nss/Makefile.am b/nss/Makefile.am new file mode 100644 index 0000000..5a2967f --- /dev/null +++ b/nss/Makefile.am @@ -0,0 +1,59 @@ +# Makefile.am - use automake to generate Makefile.in +# +# Copyright (C) 2006 Luke Howard +# Copyright (C) 2006 West Consulting +# Copyright (C) 2006-2015 Arthur de Jong +# Copyright (C) 2010 Symas Corporation +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +noinst_PROGRAMS = nss_ldap.so + +AM_CPPFLAGS=-I$(top_srcdir) +AM_CFLAGS = $(PIC_CFLAGS) + +nss_ldap_so_SOURCES = common.c common.h prototypes.h solnss.h \ + ../nslcd.h ../common/nslcd-prot.h \ + ../compat/attrs.h +EXTRA_nss_ldap_so_SOURCES = aliases.c ethers.c group.c hosts.c netgroup.c \ + networks.c passwd.c protocols.c rpc.c services.c \ + shadow.c solnss.c bsdnss.c +nss_ldap_so_LDADD = $(NSS_MODULE_OBJS) +if NSS_FLAVOUR_SOLARIS +nss_ldap_so_LDADD += solnss.$(OBJEXT) ../common/libdict.a +endif +if NSS_FLAVOUR_FREEBSD +nss_ldap_so_LDADD += bsdnss.$(OBJEXT) +endif +nss_ldap_so_LDADD += ../common/libtio.a ../common/libprot.a +nss_ldap_so_DEPENDENCIES = $(nss_ldap_so_LDADD) exports.map + +EXTRA_DIST = exports.glibc exports.solaris exports.freebsd +CLEANFILES = exports.map + +exports.map: $(EXTRA_DIST) Makefile + sed 's/ldap/@MODULE_NAME@/' < $(srcdir)/exports.$(NSS_FLAVOUR) > exports.map + +install-exec-local: install-nss_ldap_so +uninstall-local: uninstall-nss_ldap_so + +install-nss_ldap_so: nss_ldap.so + -rm -f $(DESTDIR)$(libdir)/$(NSS_LDAP_SONAME) + $(mkinstalldirs) $(DESTDIR)$(libdir) + $(INSTALL_PROGRAM) nss_ldap.so $(DESTDIR)$(libdir)/$(NSS_LDAP_SONAME) + +uninstall-nss_ldap_so: + -rm -f $(DESTDIR)$(libdir)/$(NSS_LDAP_SONAME) diff --git a/nss/Makefile.in b/nss/Makefile.in new file mode 100644 index 0000000..e8dabc0 --- /dev/null +++ b/nss/Makefile.in @@ -0,0 +1,637 @@ +# Makefile.in generated by automake 1.15.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2017 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# Makefile.am - use automake to generate Makefile.in +# +# Copyright (C) 2006 Luke Howard +# Copyright (C) 2006 West Consulting +# Copyright (C) 2006-2015 Arthur de Jong +# Copyright (C) 2010 Symas Corporation +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +VPATH = @srcdir@ +am__is_gnu_make = { \ + if test -z '$(MAKELEVEL)'; then \ + false; \ + elif test -n '$(MAKE_HOST)'; then \ + true; \ + elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ + true; \ + else \ + false; \ + fi; \ +} +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +target_triplet = @target@ +noinst_PROGRAMS = nss_ldap.so$(EXEEXT) +@NSS_FLAVOUR_SOLARIS_TRUE@am__append_1 = solnss.$(OBJEXT) ../common/libdict.a +@NSS_FLAVOUR_FREEBSD_TRUE@am__append_2 = bsdnss.$(OBJEXT) +subdir = nss +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_pthread.m4 \ + $(top_srcdir)/m4/ax_python_module.m4 \ + $(top_srcdir)/m4/ax_tls.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +PROGRAMS = $(noinst_PROGRAMS) +am_nss_ldap_so_OBJECTS = common.$(OBJEXT) +nss_ldap_so_OBJECTS = $(am_nss_ldap_so_OBJECTS) +am__DEPENDENCIES_1 = +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = +SOURCES = $(nss_ldap_so_SOURCES) $(EXTRA_nss_ldap_so_SOURCES) +DIST_SOURCES = $(nss_ldap_so_SOURCES) $(EXTRA_nss_ldap_so_SOURCES) +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp \ + $(top_srcdir)/mkinstalldirs +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DOCBOOK2X_MAN = @DOCBOOK2X_MAN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ +MODULE_NAME = @MODULE_NAME@ +NSLCD_BINDPW_PATH = @NSLCD_BINDPW_PATH@ +NSLCD_CONF_PATH = @NSLCD_CONF_PATH@ +NSLCD_PIDFILE = @NSLCD_PIDFILE@ +NSLCD_SOCKET = @NSLCD_SOCKET@ +NSS_FLAVOUR = @NSS_FLAVOUR@ +NSS_LDAP_SONAME = @NSS_LDAP_SONAME@ +NSS_MODULE_OBJS = @NSS_MODULE_OBJS@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PAM_LDAP_SONAME = @PAM_LDAP_SONAME@ +PAM_SECLIB_DIR = @PAM_SECLIB_DIR@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PIC_CFLAGS = @PIC_CFLAGS@ +PTHREAD_CC = @PTHREAD_CC@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LIBS = @PTHREAD_LIBS@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ +RANLIB = @RANLIB@ +RELEASE_MONTH = @RELEASE_MONTH@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +ax_pthread_config = @ax_pthread_config@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +nslcd_LIBS = @nslcd_LIBS@ +nss_ldap_so_LDFLAGS = @nss_ldap_so_LDFLAGS@ +nss_ldap_so_LINK = @nss_ldap_so_LINK@ +oldincludedir = @oldincludedir@ +pam_ldap_so_LDFLAGS = @pam_ldap_so_LDFLAGS@ +pam_ldap_so_LINK = @pam_ldap_so_LINK@ +pdfdir = @pdfdir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ +runstatedir = @runstatedir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target = @target@ +target_alias = @target_alias@ +target_cpu = @target_cpu@ +target_os = @target_os@ +target_vendor = @target_vendor@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +AM_CPPFLAGS = -I$(top_srcdir) +AM_CFLAGS = $(PIC_CFLAGS) +nss_ldap_so_SOURCES = common.c common.h prototypes.h solnss.h \ + ../nslcd.h ../common/nslcd-prot.h \ + ../compat/attrs.h + +EXTRA_nss_ldap_so_SOURCES = aliases.c ethers.c group.c hosts.c netgroup.c \ + networks.c passwd.c protocols.c rpc.c services.c \ + shadow.c solnss.c bsdnss.c + +nss_ldap_so_LDADD = $(NSS_MODULE_OBJS) $(am__append_1) $(am__append_2) \ + ../common/libtio.a ../common/libprot.a +nss_ldap_so_DEPENDENCIES = $(nss_ldap_so_LDADD) exports.map +EXTRA_DIST = exports.glibc exports.solaris exports.freebsd +CLEANFILES = exports.map +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .o .obj +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu nss/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu nss/Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +clean-noinstPROGRAMS: + -test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS) + +nss_ldap.so$(EXEEXT): $(nss_ldap_so_OBJECTS) $(nss_ldap_so_DEPENDENCIES) $(EXTRA_nss_ldap_so_DEPENDENCIES) + @rm -f nss_ldap.so$(EXEEXT) + $(AM_V_GEN)$(nss_ldap_so_LINK) $(nss_ldap_so_OBJECTS) $(nss_ldap_so_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aliases.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsdnss.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/common.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ethers.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/group.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hosts.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/netgroup.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/networks.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/passwd.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocols.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rpc.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/services.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/shadow.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/solnss.Po@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< + +.c.obj: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` + +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(PROGRAMS) +installdirs: +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-noinstPROGRAMS mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: install-exec-local + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-local + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ + clean-noinstPROGRAMS cscopelist-am ctags ctags-am distclean \ + distclean-compile distclean-generic distclean-tags distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-dvi install-dvi-am \ + install-exec install-exec-am install-exec-local install-html \ + install-html-am install-info install-info-am install-man \ + install-pdf install-pdf-am install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic pdf pdf-am ps ps-am \ + tags tags-am uninstall uninstall-am uninstall-local + +.PRECIOUS: Makefile + + +exports.map: $(EXTRA_DIST) Makefile + sed 's/ldap/@MODULE_NAME@/' < $(srcdir)/exports.$(NSS_FLAVOUR) > exports.map + +install-exec-local: install-nss_ldap_so +uninstall-local: uninstall-nss_ldap_so + +install-nss_ldap_so: nss_ldap.so + -rm -f $(DESTDIR)$(libdir)/$(NSS_LDAP_SONAME) + $(mkinstalldirs) $(DESTDIR)$(libdir) + $(INSTALL_PROGRAM) nss_ldap.so $(DESTDIR)$(libdir)/$(NSS_LDAP_SONAME) + +uninstall-nss_ldap_so: + -rm -f $(DESTDIR)$(libdir)/$(NSS_LDAP_SONAME) + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/nss/aliases.c b/nss/aliases.c new file mode 100644 index 0000000..d832aec --- /dev/null +++ b/nss/aliases.c @@ -0,0 +1,82 @@ +/* + aliases.c - NSS lookup functions for aliases database + + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2015 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include + +#include "prototypes.h" +#include "common.h" + +/* read an alias entry from the stream */ +static nss_status_t read_aliasent(TFILE *fp, struct aliasent *result, + char *buffer, size_t buflen, int *errnop) +{ + int32_t tmpint32, tmp2int32, tmp3int32; + size_t bufptr = 0; + memset(result, 0, sizeof(struct aliasent)); + /* read the name of the alias */ + READ_BUF_STRING(fp, result->alias_name); + /* read the members */ + READ_BUF_STRINGLIST(fp, result->alias_members); + /* tmp3int32 holds the number of entries read */ + result->alias_members_len = tmp3int32; + /* fill in remaining gaps in struct */ + result->alias_local = 0; + /* we're done */ + return NSS_STATUS_SUCCESS; +} + +/* get an alias entry by name */ +nss_status_t NSS_NAME(getaliasbyname_r)(const char *name, + struct aliasent *result, + char *buffer, size_t buflen, + int *errnop) +{ + NSS_GETONE(NSLCD_ACTION_ALIAS_BYNAME, + WRITE_STRING(fp, name), + read_aliasent(fp, result, buffer, buflen, errnop)); +} + +/* thread-local file pointer to an ongoing request */ +static TLS TFILE *aliasentfp; + +/* start a request to read all aliases */ +nss_status_t NSS_NAME(setaliasent)(void) +{ + NSS_SETENT(aliasentfp); +} + +/* read a single alias entry from the stream */ +nss_status_t NSS_NAME(getaliasent_r)(struct aliasent *result, + char *buffer, size_t buflen, int *errnop) +{ + NSS_GETENT(aliasentfp, NSLCD_ACTION_ALIAS_ALL, + read_aliasent(aliasentfp, result, buffer, buflen, errnop)); +} + +/* close the stream opened with setaliasent() above */ +nss_status_t NSS_NAME(endaliasent)(void) +{ + NSS_ENDENT(aliasentfp); +} diff --git a/nss/bsdnss.c b/nss/bsdnss.c new file mode 100644 index 0000000..b1c8803 --- /dev/null +++ b/nss/bsdnss.c @@ -0,0 +1,212 @@ +/* + bsdnss.c - BSD NSS functions + This file was part of the nss-pam-ldapd FreeBSD port and part of the + nss_ldap FreeBSD port before that. + + Copyright (C) 2003 Jacques Vidrine + Copyright (C) 2006 Artem Kazakov + Copyright (C) 2009 Alexander V. Chernikov + Copyright (C) 2011-2016 Arthur de Jong + Copyright (C) 2011 Tom Judge + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include + +#include "prototypes.h" +#include "common.h" +#include "compat/attrs.h" + +#define BUFFER_SIZE 1024 + +NSS_METHOD_PROTOTYPE(__nss_compat_getgrnam_r); +NSS_METHOD_PROTOTYPE(__nss_compat_getgrgid_r); +NSS_METHOD_PROTOTYPE(__nss_compat_getgrent_r); +NSS_METHOD_PROTOTYPE(__nss_compat_setgrent); +NSS_METHOD_PROTOTYPE(__nss_compat_endgrent); +NSS_METHOD_PROTOTYPE(__freebsd_getgroupmembership); + +NSS_METHOD_PROTOTYPE(__nss_compat_getpwnam_r); +NSS_METHOD_PROTOTYPE(__nss_compat_getpwuid_r); +NSS_METHOD_PROTOTYPE(__nss_compat_getpwent_r); +NSS_METHOD_PROTOTYPE(__nss_compat_setpwent); +NSS_METHOD_PROTOTYPE(__nss_compat_endpwent); + +NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyname); +NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyname2); +NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyaddr); + +static ns_mtab methods[] = { + { NSDB_GROUP, "getgrnam_r", __nss_compat_getgrnam_r, (void *)NSS_NAME(getgrnam_r) }, + { NSDB_GROUP, "getgrgid_r", __nss_compat_getgrgid_r, (void *)NSS_NAME(getgrgid_r) }, + { NSDB_GROUP, "getgrent_r", __nss_compat_getgrent_r, (void *)NSS_NAME(getgrent_r) }, + { NSDB_GROUP, "setgrent", __nss_compat_setgrent, (void *)NSS_NAME(setgrent) }, + { NSDB_GROUP, "endgrent", __nss_compat_endgrent, (void *)NSS_NAME(endgrent) }, + { NSDB_GROUP, "getgroupmembership", __freebsd_getgroupmembership, NULL }, + + { NSDB_PASSWD, "getpwnam_r", __nss_compat_getpwnam_r, (void *)NSS_NAME(getpwnam_r) }, + { NSDB_PASSWD, "getpwuid_r", __nss_compat_getpwuid_r, (void *)NSS_NAME(getpwuid_r) }, + { NSDB_PASSWD, "getpwent_r", __nss_compat_getpwent_r, (void *)NSS_NAME(getpwent_r) }, + { NSDB_PASSWD, "setpwent", __nss_compat_setpwent, (void *)NSS_NAME(setpwent) }, + { NSDB_PASSWD, "endpwent", __nss_compat_endpwent, (void *)NSS_NAME(endpwent) }, + + { NSDB_HOSTS, "gethostbyname", __nss_compat_gethostbyname, (void *)NSS_NAME(gethostbyname_r) }, + { NSDB_HOSTS, "gethostbyaddr", __nss_compat_gethostbyaddr, (void *)NSS_NAME(gethostbyaddr_r) }, + { NSDB_HOSTS, "gethostbyname2", __nss_compat_gethostbyname2, (void *)NSS_NAME(gethostbyname2_r) }, + + { NSDB_GROUP_COMPAT, "getgrnam_r", __nss_compat_getgrnam_r, (void *)NSS_NAME(getgrnam_r) }, + { NSDB_GROUP_COMPAT, "getgrgid_r", __nss_compat_getgrgid_r, (void *)NSS_NAME(getgrgid_r) }, + { NSDB_GROUP_COMPAT, "getgrent_r", __nss_compat_getgrent_r, (void *)NSS_NAME(getgrent_r) }, + { NSDB_GROUP_COMPAT, "setgrent", __nss_compat_setgrent, (void *)NSS_NAME(setgrent) }, + { NSDB_GROUP_COMPAT, "endgrent", __nss_compat_endgrent, (void *)NSS_NAME(endgrent) }, + + { NSDB_PASSWD_COMPAT, "getpwnam_r", __nss_compat_getpwnam_r, (void *)NSS_NAME(getpwnam_r) }, + { NSDB_PASSWD_COMPAT, "getpwuid_r", __nss_compat_getpwuid_r, (void *)NSS_NAME(getpwuid_r) }, + { NSDB_PASSWD_COMPAT, "getpwent_r", __nss_compat_getpwent_r, (void *)NSS_NAME(getpwent_r) }, + { NSDB_PASSWD_COMPAT, "setpwent", __nss_compat_setpwent, (void *)NSS_NAME(setpwent) }, + { NSDB_PASSWD_COMPAT, "endpwent", __nss_compat_endpwent, (void *)NSS_NAME(endpwent) }, +}; + +typedef nss_status_t (*gethbn_t)(const char *, struct hostent *, char *, size_t, int *, int *); +typedef nss_status_t (*gethba_t)(struct in_addr *, int, int, struct hostent *, char *, size_t, int *, int *); + +int __nss_compat_gethostbyname(void UNUSED(*retval), void *mdata, va_list ap) +{ + gethbn_t fn; + const char *name; + struct hostent *result; + char buffer[BUFFER_SIZE]; + int errnop; + int h_errnop; + int af; + nss_status_t status; + fn = (gethbn_t)mdata; + name = va_arg(ap, const char *); + af = va_arg(ap, int); + result = va_arg(ap, struct hostent *); + status = fn(name, result, buffer, sizeof(buffer), &errnop, &h_errnop); + status = __nss_compat_result(status, errnop); + h_errno = h_errnop; + return status; +} + +int __nss_compat_gethostbyname2(void UNUSED(*retval), void *mdata, va_list ap) +{ + gethbn_t fn; + const char *name; + struct hostent *result; + char buffer[BUFFER_SIZE]; + int errnop; + int h_errnop; + int af; + nss_status_t status; + fn = (gethbn_t)mdata; + name = va_arg(ap, const char *); + af = va_arg(ap, int); + result = va_arg(ap, struct hostent *); + status = fn(name, result, buffer, sizeof(buffer), &errnop, &h_errnop); + status = __nss_compat_result(status, errnop); + h_errno = h_errnop; + return status; +} + +int __nss_compat_gethostbyaddr(void UNUSED(*retval), void *mdata, va_list ap) +{ + gethba_t fn; + struct in_addr *addr; + int len; + int type; + struct hostent *result; + char buffer[BUFFER_SIZE]; + int errnop; + int h_errnop; + nss_status_t status; + fn = (gethba_t)mdata; + addr = va_arg(ap, struct in_addr *); + len = va_arg(ap, int); + type = va_arg(ap, int); + result = va_arg(ap, struct hostent *); + status = fn(addr, len, type, result, buffer, sizeof(buffer), &errnop, &h_errnop); + status = __nss_compat_result(status, errnop); + h_errno = h_errnop; + return status; +} + +static int __gr_addgid(gid_t gid, gid_t *groups, int maxgrp, int *groupc) +{ + int ret, dupc; + /* skip duplicates */ + for (dupc = 0; dupc < MIN(maxgrp, *groupc); dupc++) + { + if (groups[dupc] == gid) + return 1; + } + ret = 1; + if (*groupc < maxgrp) /* add this gid */ + groups[*groupc] = gid; + else + ret = 0; + (*groupc)++; + return ret; +} + +int __freebsd_getgroupmembership(void UNUSED(*retval), void UNUSED(*mdata_), + va_list ap) +{ + int err; + nss_status_t s; + gid_t group; + gid_t *tmpgroups; + const char *user; + gid_t *groups; + int maxgrp, *grpcnt; + int i; + long int lstart, lsize; + user = va_arg(ap, const char *); + group = va_arg(ap, gid_t); + groups = va_arg(ap, gid_t *); + maxgrp = va_arg(ap, int); + grpcnt = va_arg(ap, int *); + tmpgroups = malloc(maxgrp * sizeof(gid_t)); + if (tmpgroups == NULL) + return NSS_STATUS_UNAVAIL; + /* insert primary membership */ + __gr_addgid(group, groups, maxgrp, grpcnt); + lstart = 0; + lsize = maxgrp; + s = NSS_NAME(initgroups_dyn)(user, group, &lstart, &lsize, &tmpgroups, 0, &err); + if (s == NSS_STATUS_SUCCESS) + { + for (i = 0; i < lstart; i++) + __gr_addgid(tmpgroups[i], groups, maxgrp, grpcnt); + s = NSS_STATUS_NOTFOUND; + } + free(tmpgroups); + return __nss_compat_result(s, 0); +} + +ns_mtab *nss_module_register(const char UNUSED(*source), unsigned int *mtabsize, + nss_module_unregister_fn *unreg) +{ + *mtabsize = sizeof(methods) / sizeof(methods[0]); + *unreg = NULL; + return methods; +} diff --git a/nss/common.c b/nss/common.c new file mode 100644 index 0000000..63ce992 --- /dev/null +++ b/nss/common.c @@ -0,0 +1,29 @@ +/* + common.c - common definitions + + Copyright (C) 2010-2015 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include + +int NSS_NAME(enablelookups) = 1; + +/* version information about the NSS module */ +char *NSS_NAME(version)[3] = { PACKAGE, VERSION, NULL }; diff --git a/nss/common.h b/nss/common.h new file mode 100644 index 0000000..82b3d49 --- /dev/null +++ b/nss/common.h @@ -0,0 +1,208 @@ +/* + common.h - common functions for NSS lookups + + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2015 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef NSS__COMMON_H +#define NSS__COMMON_H 1 + +#include +#include + +#include "nslcd.h" +#include "common/nslcd-prot.h" +#include "compat/attrs.h" +#include "compat/nss_compat.h" + +#ifdef NSS_FLAVOUR_SOLARIS +#include "solnss.h" +#endif /* NSS_FLAVOUR_SOLARIS */ + +/* If not TLS (thread local storage) is available on the platform + don't use it. This should not be a problem on most platforms because + get*ent() is not expected to be thread-safe (at least not on Glibc). */ +#ifndef TLS +#define TLS +#endif /* not TLS */ + +/* skip timeout determines the maximum time to wait when closing the + connection and reading whatever data that is available */ +#define SKIP_TIMEOUT 500 + +/* These are macros for handling read and write problems, they are + NSS specific due to the return code so are defined here. They + genrally close the open file, set an error code and return with + an error status. */ + +/* Macro is called to handle errors in opening a client connection. */ +#define ERROR_OUT_OPENERROR \ + *errnop = ENOENT; \ + return (errno == EAGAIN) ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL; + +/* Macro is called to handle errors on read operations. */ +#define ERROR_OUT_READERROR(fp) \ + (void)tio_close(fp); \ + fp = NULL; \ + *errnop = ENOENT; \ + return NSS_STATUS_UNAVAIL; + +/* Macro is called to handle problems with too small a buffer. + This triggers the caller to call the function with a larger + buffer (see NSS_GETENT below). */ +#define ERROR_OUT_BUFERROR(fp) \ + *errnop = ERANGE; \ + return NSS_STATUS_TRYAGAIN; + +/* This macro is called if there was a problem with a write + operation. */ +#define ERROR_OUT_WRITEERROR(fp) \ + ERROR_OUT_READERROR(fp) + +/* This macro is called if the read status code is not + NSLCD_RESULT_BEGIN. */ +#define ERROR_OUT_NOSUCCESS(fp) \ + (void)tio_close(fp); \ + fp = NULL; \ + return NSS_STATUS_NOTFOUND; + +/* These are some general macros that are used to build parts of the + genral macros below. */ + +/* check to see if we should answer NSS requests */ +#define NSS_AVAILCHECK \ + if (!NSS_NAME(enablelookups)) \ + return NSS_STATUS_UNAVAIL; + +#ifdef NSS_FLAVOUR_GLIBC + +/* extra definitions we need (nothing for Glibc) */ +#define NSS_EXTRA_DEFS ; + +/* check validity of passed buffer (Glibc flavour) */ +#define NSS_BUFCHECK \ + if (buffer == NULL) \ + { \ + *errnop = EINVAL; \ + return NSS_STATUS_UNAVAIL; \ + } \ + if (buflen == 0) \ + { \ + *errnop = ERANGE; \ + return NSS_STATUS_TRYAGAIN; \ + } + +#endif /* NSS_FLAVOUR_GLIBC */ + +/* The following macros to automatically generate get..byname(), + get..bynumber(), setent(), getent() and endent() function + bodies. These functions have very common code so this can + easily be reused. */ + +/* This is a generic get..by..() generation macro. The action + parameter is the NSLCD_ACTION_.. action, the writefn is the + operation for writing the parameters and readfn is the function + name for reading a single result entry. The function is assumed + to have result, buffer, buflen and errnop parameters that define + the result structure, the user buffer with length and the + errno to return. This macro should be called through some of + the customized ones below. */ +#define NSS_GETONE(action, writefn, readfn) \ + TFILE *fp; \ + int32_t tmpint32; \ + nss_status_t retv; \ + NSS_EXTRA_DEFS; \ + NSS_AVAILCHECK; \ + NSS_BUFCHECK; \ + /* open socket and write request */ \ + NSLCD_REQUEST(fp, action, writefn); \ + /* read response */ \ + READ_RESPONSE_CODE(fp); \ + retv = readfn; \ + /* close socket and we're done */ \ + if ((retv == NSS_STATUS_SUCCESS) || (retv == NSS_STATUS_TRYAGAIN)) \ + { \ + (void)tio_skipall(fp, SKIP_TIMEOUT); \ + (void)tio_close(fp); \ + } \ + return retv; + +/* This macro generates a simple setent() function body. This closes any + open streams so that NSS_GETENT() can open a new file. */ +#define NSS_SETENT(fp) \ + NSS_AVAILCHECK; \ + if (fp != NULL) \ + { \ + (void)tio_close(fp); \ + fp = NULL; \ + } \ + return NSS_STATUS_SUCCESS; + +/* This macro generates a getent() function body. If the stream is not yet + open, a new one is opened, a request is written and a check is done for + a response header. A single entry is read with the readfn() function. */ +#define NSS_GETENT(fp, action, readfn) \ + int32_t tmpint32; \ + nss_status_t retv; \ + NSS_EXTRA_DEFS; \ + NSS_AVAILCHECK; \ + NSS_BUFCHECK; \ + /* check that we have a valid file descriptor */ \ + if (fp == NULL) \ + { \ + /* open a new stream and write the request */ \ + NSLCD_REQUEST(fp, action, /* no writefn */ ;); \ + } \ + /* prepare for buffer errors */ \ + tio_mark(fp); \ + /* read a response */ \ + READ_RESPONSE_CODE(fp); \ + retv = readfn; \ + /* check read result */ \ + if (retv == NSS_STATUS_TRYAGAIN) \ + { \ + /* if we have a full buffer try to reset the stream */ \ + if (tio_reset(fp)) \ + { \ + /* reset failed, we close and give up with a permanent error \ + because we cannot retry just the getent() call because it \ + may not be only the first entry that failed */ \ + tio_close(fp); \ + fp = NULL; \ + *errnop = EINVAL; \ + return NSS_STATUS_UNAVAIL; \ + } \ + } \ + else if (retv != NSS_STATUS_SUCCESS) \ + fp = NULL; /* file should be closed by now */ \ + return retv; + +/* This macro generates an endent() function body. This just closes + the stream. */ +#define NSS_ENDENT(fp) \ + NSS_AVAILCHECK; \ + if (fp != NULL) \ + { \ + (void)tio_skipall(fp, SKIP_TIMEOUT); \ + (void)tio_close(fp); \ + fp = NULL; \ + } \ + return NSS_STATUS_SUCCESS; + +#endif /* not NSS__COMMON_H */ diff --git a/nss/ethers.c b/nss/ethers.c new file mode 100644 index 0000000..291c797 --- /dev/null +++ b/nss/ethers.c @@ -0,0 +1,184 @@ +/* + ethers.c - NSS lookup functions for ethers database + + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2015 Arthur de Jong + Copyright (C) 2010 Symas Corporation + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include + +#include "prototypes.h" +#include "common.h" +#include "compat/attrs.h" + +/* read an ethernet entry from the stream */ +static nss_status_t read_etherent(TFILE *fp, struct etherent *result, + char *buffer, size_t buflen, int *errnop) +{ + int32_t tmpint32; + size_t bufptr = 0; + memset(result, 0, sizeof(struct etherent)); + READ_BUF_STRING(fp, result->e_name); + READ(fp, &(result->e_addr), sizeof(uint8_t[6])); + return NSS_STATUS_SUCCESS; +} + +#ifdef NSS_FLAVOUR_GLIBC + +/* map a hostname to the corresponding ethernet address */ +nss_status_t NSS_NAME(gethostton_r)(const char *name, + struct etherent *result, char *buffer, + size_t buflen, int *errnop) +{ + NSS_GETONE(NSLCD_ACTION_ETHER_BYNAME, + WRITE_STRING(fp, name), + read_etherent(fp, result, buffer, buflen, errnop)); +} + +/* map an ethernet address to the corresponding hostname */ +nss_status_t NSS_NAME(getntohost_r)(const struct ether_addr *addr, + struct etherent *result, char *buffer, + size_t buflen, int *errnop) +{ + NSS_GETONE(NSLCD_ACTION_ETHER_BYETHER, + WRITE(fp, addr, sizeof(uint8_t[6])), + read_etherent(fp, result, buffer, buflen, errnop)); +} + +/* thread-local file pointer to an ongoing request */ +static TLS TFILE *etherentfp; + +/* open a connection to read all ether entries */ +nss_status_t NSS_NAME(setetherent)(int UNUSED(stayopen)) +{ + NSS_SETENT(etherentfp); +} + +/* read a single ethernet entry from the stream */ +nss_status_t NSS_NAME(getetherent_r)(struct etherent *result, + char *buffer, size_t buflen, int *errnop) +{ + NSS_GETENT(etherentfp, NSLCD_ACTION_ETHER_ALL, + read_etherent(etherentfp, result, buffer, buflen, errnop)); +} + +/* close the stream opened with setetherent() above */ +nss_status_t NSS_NAME(endetherent)(void) +{ + NSS_ENDENT(etherentfp); +} + +#endif /* NSS_FLAVOUR_GLIBC */ + +#ifdef NSS_FLAVOUR_SOLARIS + +/* we disable NSS_BUFCHECK because these functions do not use the buffer */ +#undef NSS_BUFCHECK +#define NSS_BUFCHECK ; + +/* provide a fallback definition */ +#ifndef NSS_BUFLEN_ETHERS +#define NSS_BUFLEN_ETHERS HOST_NAME_MAX +#endif /* NSS_BUFLEN_ETHERS */ + +#ifdef HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN +static char *etherent2str(struct etherent *result, char *buffer, + size_t buflen) +{ + int res; + res = snprintf(buffer, buflen, "%s %s", ether_ntoa(&result->e_addr), + result->e_name); + if ((res < 0) || (res >= (int)buflen)) + return NULL; + return buffer; +} +#endif /* HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN */ + +static nss_status_t read_result(TFILE *fp, nss_XbyY_args_t *args, int wantname) +{ + struct etherent result; + char buffer[NSS_BUFLEN_ETHERS]; + nss_status_t retv; + /* read the result entry from the stream */ + retv = read_etherent(fp, &result, buffer, sizeof(buffer), &args->erange); + if (retv != NSS_STATUS_SUCCESS) + return retv; +#ifdef HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN + /* try to return in string format if requested */ + if ((args->buf.buffer != NULL) && (args->buf.buflen > 0)) + { + if (etherent2str(&result, args->buf.buffer, args->buf.buflen) == NULL) + { + args->erange = 1; + return NSS_NOTFOUND; + } + args->returnval = args->buf.buffer; + args->returnlen = strlen(args->returnval); + return NSS_SUCCESS; + } +#endif /* HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN */ + /* return the result entry */ + if (wantname) + { + /* we expect the buffer to have enough room for the name (buflen == 0) */ + strcpy(args->buf.buffer, result.e_name); + args->returnval = args->buf.buffer; + } + else /* address */ + { + memcpy(args->buf.result, &result.e_addr, sizeof(result.e_addr)); + args->returnval = args->buf.result; + } + return NSS_SUCCESS; +} + +/* map a hostname to the corresponding ethernet address */ +static nss_status_t ethers_gethostton(nss_backend_t UNUSED(*be), void *args) +{ + NSS_GETONE(NSLCD_ACTION_ETHER_BYNAME, + WRITE_STRING(fp, NSS_ARGS(args)->key.name), + read_result(fp, args, 0)); +} + +/* map an ethernet address to the corresponding hostname */ +static nss_status_t ethers_getntohost(nss_backend_t UNUSED(*be), void *args) +{ + struct ether_addr *addr = (struct ether_addr *)(NSS_ARGS(args)->key.ether); + NSS_GETONE(NSLCD_ACTION_ETHER_BYETHER, + WRITE(fp, addr, sizeof(uint8_t[6])), + read_result(fp, args, 1)); +} + +static nss_backend_op_t ethers_ops[] = { + nss_ldap_destructor, + ethers_gethostton, + ethers_getntohost +}; + +nss_backend_t *NSS_NAME(ethers_constr)(const char UNUSED(*db_name), + const char UNUSED(*src_name), + const char UNUSED(*cfg_args)) +{ + return nss_ldap_constructor(ethers_ops, sizeof(ethers_ops)); +} + +#endif /* NSS_FLAVOUR_SOLARIS */ diff --git a/nss/exports.freebsd b/nss/exports.freebsd new file mode 100644 index 0000000..765b8fe --- /dev/null +++ b/nss/exports.freebsd @@ -0,0 +1,19 @@ +EXPORTED { + + # published NSS service functions + global: + + # flag to enable or disable lookups + _nss_ldap_enablelookups; + + # version information of NSS module + _nss_ldap_version; + + # module init + nss_module_register; + + # everything else should not be exported + local: + *; + +}; diff --git a/nss/exports.glibc b/nss/exports.glibc new file mode 100644 index 0000000..a22c256 --- /dev/null +++ b/nss/exports.glibc @@ -0,0 +1,91 @@ +EXPORTED { + + # published NSS service functions + global: + + # flag to enable or disable lookups + _nss_ldap_enablelookups; + + # version information of NSS module + _nss_ldap_version; + + # aliases - mail aliases + _nss_ldap_getaliasbyname_r; + _nss_ldap_setaliasent; + _nss_ldap_getaliasent_r; + _nss_ldap_endaliasent; + + # ethers - ethernet numbers + _nss_ldap_gethostton_r; + _nss_ldap_getntohost_r; + _nss_ldap_setetherent; + _nss_ldap_getetherent_r; + _nss_ldap_endetherent; + + # group - groups of users + _nss_ldap_getgrnam_r; + _nss_ldap_getgrgid_r; + _nss_ldap_initgroups_dyn; + _nss_ldap_setgrent; + _nss_ldap_getgrent_r; + _nss_ldap_endgrent; + + # hosts - host names and numbers + _nss_ldap_gethostbyname_r; + _nss_ldap_gethostbyname2_r; + _nss_ldap_gethostbyaddr_r; + _nss_ldap_sethostent; + _nss_ldap_gethostent_r; + _nss_ldap_endhostent; + + # netgroup - list of host and users + _nss_ldap_setnetgrent; + _nss_ldap_getnetgrent_r; + _nss_ldap_endnetgrent; + + # networks - network names and numbers + _nss_ldap_getnetbyname_r; + _nss_ldap_getnetbyaddr_r; + _nss_ldap_setnetent; + _nss_ldap_getnetent_r; + _nss_ldap_endnetent; + + # passwd - user database and passwords + _nss_ldap_getpwnam_r; + _nss_ldap_getpwuid_r; + _nss_ldap_setpwent; + _nss_ldap_getpwent_r; + _nss_ldap_endpwent; + + # protocols - network protocols + _nss_ldap_getprotobyname_r; + _nss_ldap_getprotobynumber_r; + _nss_ldap_setprotoent; + _nss_ldap_getprotoent_r; + _nss_ldap_endprotoent; + + # rpc - remote procedure call names and numbers + _nss_ldap_getrpcbyname_r; + _nss_ldap_getrpcbynumber_r; + _nss_ldap_setrpcent; + _nss_ldap_getrpcent_r; + _nss_ldap_endrpcent; + + # services - network services + _nss_ldap_getservbyname_r; + _nss_ldap_getservbyport_r; + _nss_ldap_setservent; + _nss_ldap_getservent_r; + _nss_ldap_endservent; + + # shadow - extended user information + _nss_ldap_getspnam_r; + _nss_ldap_setspent; + _nss_ldap_getspent_r; + _nss_ldap_endspent; + + # everything else should not be exported + local: + *; + +}; diff --git a/nss/exports.solaris b/nss/exports.solaris new file mode 100644 index 0000000..5874a45 --- /dev/null +++ b/nss/exports.solaris @@ -0,0 +1,28 @@ +nss_ldap.so.1 { + + # published NSS service functions + global: + + # flag to enable or disable lookups + _nss_ldap_enablelookups; + + # version information of NSS module + _nss_ldap_version; + + # published NSS service module constructors + _nss_ldap_ethers_constr; + _nss_ldap_group_constr; + _nss_ldap_hosts_constr; + _nss_ldap_networks_constr; + _nss_ldap_protocols_constr; + _nss_ldap_passwd_constr; + _nss_ldap_rpc_constr; + _nss_ldap_services_constr; + _nss_ldap_shadow_constr; + _nss_ldap_netgroup_constr; + + # everything else should not be exported + local: + *; + +}; diff --git a/nss/group.c b/nss/group.c new file mode 100644 index 0000000..69aa1fc --- /dev/null +++ b/nss/group.c @@ -0,0 +1,277 @@ +/* + group.c - NSS lookup functions for group database + + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2015 Arthur de Jong + Copyright (C) 2010 Symas Corporation + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include + +#include "prototypes.h" +#include "common.h" +#include "compat/attrs.h" + +/* read a single group entry from the stream */ +static nss_status_t read_group(TFILE *fp, struct group *result, + char *buffer, size_t buflen, int *errnop) +{ + int32_t tmpint32, tmp2int32, tmp3int32; + size_t bufptr = 0; + memset(result, 0, sizeof(struct group)); + READ_BUF_STRING(fp, result->gr_name); + READ_BUF_STRING(fp, result->gr_passwd); + READ_INT32(fp, result->gr_gid); + READ_BUF_STRINGLIST(fp, result->gr_mem); + return NSS_STATUS_SUCCESS; +} + +/* read all group entries from the stream and add + gids of these groups to the list */ +static nss_status_t read_gids(TFILE *fp, gid_t skipgroup, long int *start, + long int *size, gid_t **groupsp, + long int limit, int *errnop) +{ + int32_t res = (int32_t)NSLCD_RESULT_BEGIN; + int32_t tmpint32, tmp2int32, tmp3int32; + gid_t gid; +#ifdef NSS_FLAVOUR_GLIBC + gid_t *newgroups; + long int newsize; +#endif /* NSS_FLAVOUR_GLIBC */ + /* loop over results */ + while (res == (int32_t)NSLCD_RESULT_BEGIN) + { + /* skip group name */ + SKIP_STRING(fp); + /* skip passwd entry */ + SKIP_STRING(fp); + /* read gid */ + READ_INT32(fp, gid); + /* skip members */ + SKIP_STRINGLIST(fp); + /* only add the group to the list if it is not the specified group */ + if (gid != skipgroup) + { +#ifdef NSS_FLAVOUR_GLIBC + /* check if we reached the limit */ + if ((limit > 0) && (*start >= limit)) + return NSS_STATUS_TRYAGAIN; + /* check if our buffer is large enough */ + if ((*start) >= (*size)) + { + /* for some reason Glibc expects us to grow the array (completely + different from all other NSS functions) */ + /* calculate new size */ + newsize = 2 * (*size); + if ((limit > 0) && (*start >= limit)) + newsize = limit; + /* allocate new memory */ + newgroups = realloc(*groupsp, newsize * sizeof(gid_t)); + if (newgroups == NULL) + return NSS_STATUS_TRYAGAIN; + *groupsp = newgroups; + *size = newsize; + } +#endif /* NSS_FLAVOUR_GLIBC */ +#ifdef NSS_FLAVOUR_SOLARIS + /* check if we reached the limit */ + if ((limit > 0) && (*start >= limit)) + { + *errnop = 1; /* this is args->erange */ + return NSS_STATUS_NOTFOUND; + } +#endif /* NSS_FLAVOUR_SOLARIS */ + /* add gid to list */ + (*groupsp)[(*start)++] = gid; + } + /* read next response code (don't bail out on not success since we + just want to build up a list) */ + READ_INT32(fp, res); + } + /* return the proper status code */ + return NSS_STATUS_SUCCESS; +} + +#ifdef NSS_FLAVOUR_GLIBC + +/* get a group entry by name */ +nss_status_t NSS_NAME(getgrnam_r)(const char *name, struct group *result, + char *buffer, size_t buflen, int *errnop) +{ + NSS_GETONE(NSLCD_ACTION_GROUP_BYNAME, + WRITE_STRING(fp, name), + read_group(fp, result, buffer, buflen, errnop)); +} + +/* get a group entry by numeric gid */ +nss_status_t NSS_NAME(getgrgid_r)(gid_t gid, struct group *result, + char *buffer, size_t buflen, int *errnop) +{ + NSS_GETONE(NSLCD_ACTION_GROUP_BYGID, + WRITE_INT32(fp, gid), + read_group(fp, result, buffer, buflen, errnop)); +} + +/* thread-local file pointer to an ongoing request */ +static TLS TFILE *grentfp; + +/* start a request to read all groups */ +nss_status_t NSS_NAME(setgrent)(int UNUSED(stayopen)) +{ + NSS_SETENT(grentfp); +} + +/* read a single group from the stream */ +nss_status_t NSS_NAME(getgrent_r)(struct group *result, + char *buffer, size_t buflen, int *errnop) +{ + NSS_GETENT(grentfp, NSLCD_ACTION_GROUP_ALL, + read_group(grentfp, result, buffer, buflen, errnop)); +} + +/* close the stream opened with setgrent() above */ +nss_status_t NSS_NAME(endgrent)(void) +{ + NSS_ENDENT(grentfp); +} + +/* this function returns a list of groups, documentation for the + interface is scarce (any pointers are welcome) but this is + what is assumed the parameters mean: + + user IN - the user name to find groups for + skipgroup IN - a group to not include in the list + *start IN/OUT - where to write in the array, is incremented + *size IN/OUT - the size of the supplied array (gid_t entries, not bytes) + **groupsp IN/OUT - pointer to the array of returned groupids + limit IN - the maxium size of the array + *errnop OUT - for returning errno +*/ +nss_status_t NSS_NAME(initgroups_dyn)(const char *user, gid_t skipgroup, + long int *start, long int *size, + gid_t **groupsp, long int limit, + int *errnop) +{ +/* temporarily map the buffer and buflen names so the check in NSS_GETONE + for validity of the buffer works (renaming the parameters may cause + confusion) */ +#define buffer groupsp +#define buflen *size + NSS_GETONE(NSLCD_ACTION_GROUP_BYMEMBER, + WRITE_STRING(fp, user), + read_gids(fp, skipgroup, start, size, groupsp, limit, errnop)); +#undef buffer +#undef buflen +} + +#endif /* NSS_FLAVOUR_GLIBC */ + +#ifdef NSS_FLAVOUR_SOLARIS + +#ifdef HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN +static char *group2str(struct group *result, char *buffer, size_t buflen) +{ + int res, i; + res = snprintf(buffer, buflen, "%s:%s:%d:", result->gr_name, + result->gr_passwd, (int)result->gr_gid); + if ((res < 0) || (res >= (int)buflen)) + return NULL; + if (result->gr_mem) + for (i = 0; result->gr_mem[i]; i++) + { + if (i) + strlcat(buffer, ",", buflen); + strlcat(buffer, result->gr_mem[i], buflen); + } + /* check if buffer overflowed */ + if (strlen(buffer) >= buflen - 1) + return NULL; + return buffer; +} +#endif /* HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN */ + +static nss_status_t read_result(TFILE *fp, nss_XbyY_args_t *args) +{ + READ_RESULT(group, &args->erange); +} + +static nss_status_t group_getgrnam(nss_backend_t UNUSED(*be), void *args) +{ + NSS_GETONE(NSLCD_ACTION_GROUP_BYNAME, + WRITE_STRING(fp, NSS_ARGS(args)->key.name), + read_result(fp, args)); +} + +static nss_status_t group_getgrgid(nss_backend_t UNUSED(*be), void *args) +{ + NSS_GETONE(NSLCD_ACTION_GROUP_BYGID, + WRITE_INT32(fp, NSS_ARGS(args)->key.gid), + read_result(fp, args)); +} + +static nss_status_t group_setgrent(nss_backend_t *be, void UNUSED(*args)) +{ + NSS_SETENT(LDAP_BE(be)->fp); +} + +static nss_status_t group_getgrent(nss_backend_t *be, void *args) +{ + NSS_GETENT(LDAP_BE(be)->fp, NSLCD_ACTION_GROUP_ALL, + read_result(LDAP_BE(be)->fp, args)); +} + +static nss_status_t group_endgrent(nss_backend_t *be, void UNUSED(*args)) +{ + NSS_ENDENT(LDAP_BE(be)->fp); +} + +static nss_status_t group_getgroupsbymember(nss_backend_t UNUSED(*be), void *args) +{ + struct nss_groupsbymem *argp = (struct nss_groupsbymem *)args; + long int start = (long int)argp->numgids; + gid_t skipgroup = (start > 0) ? argp->gid_array[0] : (gid_t)-1; + NSS_GETONE(NSLCD_ACTION_GROUP_BYMEMBER, + WRITE_STRING(fp, argp->username), + read_gids(fp, skipgroup, &start, NULL, (gid_t **)&argp->gid_array, + argp->maxgids, &NSS_ARGS(args)->erange); + argp->numgids = (int)start); +} + +static nss_backend_op_t group_ops[] = { + nss_ldap_destructor, + group_endgrent, + group_setgrent, + group_getgrent, + group_getgrnam, + group_getgrgid, + group_getgroupsbymember +}; + +nss_backend_t *NSS_NAME(group_constr)(const char UNUSED(*db_name), + const char UNUSED(*src_name), + const char UNUSED(*cfg_args)) +{ + return nss_ldap_constructor(group_ops, sizeof(group_ops)); +} + +#endif /* NSS_FLAVOUR_SOLARIS */ diff --git a/nss/hosts.c b/nss/hosts.c new file mode 100644 index 0000000..5f12bc7 --- /dev/null +++ b/nss/hosts.c @@ -0,0 +1,312 @@ +/* + hosts.c - NSS lookup functions for hosts database + + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2015 Arthur de Jong + Copyright (C) 2010 Symas Corporation + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include + +#include "prototypes.h" +#include "common.h" +#include "compat/attrs.h" + +/* Redefine some ERROR_OUT macros as we also want to set h_errnop. */ + +#undef ERROR_OUT_OPENERROR +#define ERROR_OUT_OPENERROR \ + *errnop = ENOENT; \ + *h_errnop = HOST_NOT_FOUND; \ + return (errno == EAGAIN) ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL; + +#undef ERROR_OUT_READERROR +#define ERROR_OUT_READERROR(fp) \ + (void)tio_close(fp); \ + fp = NULL; \ + *errnop = ENOENT; \ + *h_errnop = NO_RECOVERY; \ + return NSS_STATUS_UNAVAIL; + +#undef ERROR_OUT_BUFERROR +#define ERROR_OUT_BUFERROR(fp) \ + *errnop = ERANGE; \ + *h_errnop = NETDB_INTERNAL; \ + return NSS_STATUS_TRYAGAIN; + +#undef ERROR_OUT_WRITEERROR +#define ERROR_OUT_WRITEERROR(fp) \ + ERROR_OUT_READERROR(fp) + +/* read a single host entry from the stream, filtering on the + specified address family, result is stored in result + it will an empty entry if no addresses in the address family + were available */ +static nss_status_t read_one_hostent(TFILE *fp, struct hostent *result, + char *buffer, size_t buflen, int *errnop, + int *h_errnop, int af) +{ + int32_t tmpint32, tmp2int32, tmp3int32; + int32_t numaddr; + int i; + int readaf; + size_t bufptr = 0; + memset(result, 0, sizeof(struct hostent)); + /* read the host entry */ + READ_BUF_STRING(fp, result->h_name); + READ_BUF_STRINGLIST(fp, result->h_aliases); + result->h_addrtype = af; + result->h_length = 0; + /* read number of addresses to follow */ + READ_INT32(fp, numaddr); + /* allocate memory for array */ + /* Note: this may allocate too much memory (e.g. also for address records + of other address families) but this is a simple way to do it */ + BUF_ALLOC(fp, result->h_addr_list, char *, numaddr + 1); + /* go through the address list and filter on af */ + i = 0; + while (--numaddr >= 0) + { + /* read address family and size */ + READ_INT32(fp, readaf); + READ_INT32(fp, tmp2int32); + if (readaf == af) + { + /* read the address */ + result->h_length = tmp2int32; + READ_BUF(fp, result->h_addr_list[i++], tmp2int32); + } + else + { + SKIP(fp, tmp2int32); + } + } + /* null-terminate address list */ + result->h_addr_list[i] = NULL; + return NSS_STATUS_SUCCESS; +} + +/* this is a wrapper around read_one_hostent() that checks whether the read + address list is empty and tries the next result if available if + retry is set */ +static nss_status_t read_hostent(TFILE *fp, struct hostent *result, + char *buffer, size_t buflen, int *errnop, + int *h_errnop, int af, int retry) +{ + int32_t tmpint32; + nss_status_t retv; + /* check until we read an non-empty entry, error or */ + while (1) + { + retv = read_one_hostent(fp, result, buffer, buflen, errnop, h_errnop, af); + /* check result */ + if ((retv != NSS_STATUS_SUCCESS) || (result->h_addr_list[0] != NULL)) + return retv; + /* error of if we are not retrying */ + if (!retry) + { + *errnop = ENOENT; + *h_errnop = NO_ADDRESS; + (void)tio_close(fp); + return NSS_STATUS_NOTFOUND; + } + /* skip to the next entry */ + READ_RESPONSE_CODE(fp); + } +} + +/* write an address value */ +#define WRITE_ADDRESS(fp, af, len, addr) \ + WRITE_INT32(fp, af); \ + WRITE_INT32(fp, len); \ + WRITE(fp, addr, len); + +#ifdef NSS_FLAVOUR_GLIBC + +/* this function looks up a single host entry and returns all the addresses + associated with the host in a single address familiy + name - IN - hostname to lookup + af - IN - address familty to present results for + result - OUT - entry found + buffer,buflen - OUT - buffer to store allocated stuff on + errnop,h_errnop - OUT - for reporting errors */ +nss_status_t NSS_NAME(gethostbyname2_r)(const char *name, int af, + struct hostent *result, char *buffer, + size_t buflen, int *errnop, + int *h_errnop) +{ + NSS_GETONE(NSLCD_ACTION_HOST_BYNAME, + WRITE_STRING(fp, name), + read_hostent(fp, result, buffer, buflen, errnop, h_errnop, af, 0)); +} + +/* this function just calls the gethostbyname2() variant with the address + familiy set */ +nss_status_t NSS_NAME(gethostbyname_r)(const char *name, + struct hostent *result, char *buffer, + size_t buflen, int *errnop, + int *h_errnop) +{ + return NSS_NAME(gethostbyname2_r)(name, AF_INET, result, buffer, buflen, + errnop, h_errnop); +} + +/* this function looks up a single host entry and returns all the addresses + associated with the host in a single address familiy + addr - IN - the address to look up + len - IN - the size of the addr struct + af - IN - address familty the address is specified as + result - OUT - entry found + buffer,buflen - OUT - buffer to store allocated stuff on + errnop,h_errnop - OUT - for reporting errors */ +nss_status_t NSS_NAME(gethostbyaddr_r)(const void *addr, socklen_t len, + int af, struct hostent *result, + char *buffer, size_t buflen, + int *errnop, int *h_errnop) +{ + NSS_GETONE(NSLCD_ACTION_HOST_BYADDR, + WRITE_ADDRESS(fp, af, len, addr), + read_hostent(fp, result, buffer, buflen, errnop, h_errnop, af, 0)); +} + +/* thread-local file pointer to an ongoing request */ +static TLS TFILE *hostentfp; + +nss_status_t NSS_NAME(sethostent)(int UNUSED(stayopen)) +{ + NSS_SETENT(hostentfp); +} + +/* this function only returns addresses of the AF_INET address family */ +nss_status_t NSS_NAME(gethostent_r)(struct hostent *result, + char *buffer, size_t buflen, int *errnop, + int *h_errnop) +{ + NSS_GETENT(hostentfp, NSLCD_ACTION_HOST_ALL, + read_hostent(hostentfp, result, buffer, buflen, errnop, h_errnop, + AF_INET, 1)); +} + +/* close the stream opened with sethostent() above */ +nss_status_t NSS_NAME(endhostent)(void) +{ + NSS_ENDENT(hostentfp); +} + +#endif /* NSS_FLAVOUR_GLIBC */ + +#ifdef NSS_FLAVOUR_SOLARIS + +#ifdef HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN +static char *hostent2str(struct hostent *result, char *buffer, size_t buflen) +{ + int i, j; + /* build the formatted string, one line per address */ + buffer[0] = '\0'; + if (result->h_addr_list != NULL) + { + for (i = 0; result->h_addr_list[i]; i++) + { + if (i > 0) + strlcat(buffer, "\n", buflen); + /* snprintf writes a terminating \0 on Solaris */ + snprintf(buffer, buflen - strlen(buffer) - 1, + "%s %s", + inet_ntoa(*((struct in_addr *)result->h_addr_list[i])), + result->h_name); + /* add aliases for first line only */ + if ((i == 0) && (result->h_aliases)) + { + for (j = 0; result->h_aliases[j]; j++) + { + strlcat(buffer, " ", buflen); + strlcat(buffer, result->h_aliases[j], buflen); + } + } + } + } + if (strlen(buffer) >= buflen - 1) + return NULL; + return buffer; +} +#endif /* HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN */ + +static nss_status_t read_result(TFILE *fp, int af, int retry, + nss_XbyY_args_t *args) +{ + READ_RESULT(hostent, &args->erange, &args->h_errno, af, retry); +} + +/* hack to set the correct h_errno */ +#define h_errnop &(NSS_ARGS(args)->h_errno) + +static nss_status_t hosts_gethostbyname(nss_backend_t UNUSED(*be), void *args) +{ + NSS_GETONE(NSLCD_ACTION_HOST_BYNAME, + WRITE_STRING(fp, NSS_ARGS(args)->key.name), + read_result(fp, AF_INET, 0, args)); +} + +static nss_status_t hosts_gethostbyaddr(nss_backend_t UNUSED(*be), void *args) +{ + NSS_GETONE(NSLCD_ACTION_HOST_BYADDR, + WRITE_ADDRESS(fp, NSS_ARGS(args)->key.hostaddr.type, + NSS_ARGS(args)->key.hostaddr.len, + NSS_ARGS(args)->key.hostaddr.addr), + read_result(fp, NSS_ARGS(args)->key.hostaddr.type, 0, args)); +} + +static nss_status_t hosts_sethostent(nss_backend_t *be, void UNUSED(*args)) +{ + NSS_SETENT(LDAP_BE(be)->fp); +} + +static nss_status_t hosts_gethostent(nss_backend_t *be, void *args) +{ + NSS_GETENT(LDAP_BE(be)->fp, NSLCD_ACTION_HOST_ALL, + read_result(LDAP_BE(be)->fp, AF_INET, 1, args)); +} + +static nss_status_t hosts_endhostent(nss_backend_t *be, void UNUSED(*args)) +{ + NSS_ENDENT(LDAP_BE(be)->fp); +} + +static nss_backend_op_t hosts_ops[] = { + nss_ldap_destructor, + hosts_endhostent, + hosts_sethostent, + hosts_gethostent, + hosts_gethostbyname, + hosts_gethostbyaddr +}; + +nss_backend_t *NSS_NAME(hosts_constr)(const char UNUSED(*db_name), + const char UNUSED(*src_name), + const char UNUSED(*cfg_args)) +{ + return nss_ldap_constructor(hosts_ops, sizeof(hosts_ops)); +} + +#endif /* NSS_FLAVOUR_SOLARIS */ diff --git a/nss/netgroup.c b/nss/netgroup.c new file mode 100644 index 0000000..aca0eba --- /dev/null +++ b/nss/netgroup.c @@ -0,0 +1,427 @@ +/* + netgroup.c - NSS lookup functions for netgroup entries + + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2015 Arthur de Jong + Copyright (C) 2010 Symas Corporation + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include + +#include "prototypes.h" +#include "common.h" +#include "compat/attrs.h" +#include "common/set.h" + +/* function for reading a single result entry */ +static nss_status_t read_netgrent_line(TFILE *fp, struct __netgrent *result, + char *buffer, size_t buflen, int *errnop) +{ + int32_t tmpint32; + int type; + size_t bufptr = 0; + /* read netgroup type */ + READ_INT32(fp, type); + if (type == NSLCD_NETGROUP_TYPE_NETGROUP) + { + /* the response is a reference to another netgroup */ + result->type = group_val; + READ_BUF_STRING(fp, result->val.group); + return NSS_STATUS_SUCCESS; + } + else if (type == NSLCD_NETGROUP_TYPE_TRIPLE) + { + /* the response is a host/user/domain triple */ + result->type = triple_val; + /* read host and revert to NULL on empty string */ + READ_BUF_STRING(fp, result->val.triple.host); +#ifdef NSS_FLAVOUR_GLIBC + if (result->val.triple.host[0] == '\0') + { + result->val.triple.host = NULL; + bufptr--; /* free unused space */ + } +#endif /* NSS_FLAVOUR_GLIBC */ + /* read user and revert to NULL on empty string */ + READ_BUF_STRING(fp, result->val.triple.user); +#ifdef NSS_FLAVOUR_GLIBC + if (result->val.triple.user[0] == '\0') + { + result->val.triple.user = NULL; + bufptr--; /* free unused space */ + } +#endif /* NSS_FLAVOUR_GLIBC */ + /* read domain and revert to NULL on empty string */ + READ_BUF_STRING(fp, result->val.triple.domain); +#ifdef NSS_FLAVOUR_GLIBC + if (result->val.triple.domain[0] == '\0') + { + result->val.triple.domain = NULL; + bufptr--; /* free unused space */ + } +#endif /* NSS_FLAVOUR_GLIBC */ + return NSS_STATUS_SUCCESS; + } + else if (type == NSLCD_NETGROUP_TYPE_END) + /* make NSS_NAME(getnetgrent_r)() indicate the end of the netgroup */ + return NSS_STATUS_RETURN; + /* we got something unexpected */ + ERROR_OUT_NOSUCCESS(fp); + return NSS_STATUS_UNAVAIL; +} + +#ifdef NSS_FLAVOUR_GLIBC + +/* thread-local file pointer to an ongoing request */ +static TLS TFILE *netgrentfp; + +/* start a request to get a netgroup by name */ +nss_status_t NSS_NAME(setnetgrent)(const char *group, + struct __netgrent UNUSED(*result)) +{ + /* we cannot use NSS_SETENT() here because we have a parameter that is only + available in this function */ + int32_t tmpint32; + int errnocp; + int *errnop = &errnocp; + NSS_EXTRA_DEFS + NSS_AVAILCHECK; + /* check parameter */ + if ((group == NULL) || (group[0] == '\0')) + return NSS_STATUS_UNAVAIL; + /* open a new stream and write the request */ + NSLCD_REQUEST(netgrentfp, NSLCD_ACTION_NETGROUP_BYNAME, + WRITE_STRING(netgrentfp, group)); + /* read response code */ + READ_RESPONSE_CODE(netgrentfp); + SKIP_STRING(netgrentfp); /* netgroup name */ + return NSS_STATUS_SUCCESS; +} + +/* get a single netgroup tuple from the stream */ +nss_status_t NSS_NAME(getnetgrent_r)(struct __netgrent *result, + char *buffer, size_t buflen, int *errnop) +{ + nss_status_t retv; + NSS_EXTRA_DEFS; + NSS_AVAILCHECK; + NSS_BUFCHECK; + /* check that we have a valid file descriptor */ + if (netgrentfp == NULL) + return NSS_STATUS_UNAVAIL; + /* prepare for buffer errors */ + tio_mark(netgrentfp); + /* read a response */ + retv = read_netgrent_line(netgrentfp, result, buffer, buflen, errnop); + /* check read result */ + if (retv == NSS_STATUS_TRYAGAIN) + { + /* if we have a full buffer try to reset the stream */ + if (tio_reset(netgrentfp)) + { + /* reset failed, we close and give up with a permanent error + because we cannot retry just the getent() call because it + may not be only the first entry that failed */ + tio_close(netgrentfp); + netgrentfp = NULL; + *errnop = EINVAL; + return NSS_STATUS_UNAVAIL; + } + } + else if ((retv != NSS_STATUS_SUCCESS) && (retv != NSS_STATUS_RETURN)) + netgrentfp = NULL; /* file should be closed by now */ + return retv; +} + +/* close the stream opened with setnetgrent() above */ +nss_status_t NSS_NAME(endnetgrent)(struct __netgrent UNUSED(*result)) +{ + NSS_ENDENT(netgrentfp); +} + +#endif /* NSS_FLAVOUR_GLIBC */ + +#ifdef NSS_FLAVOUR_SOLARIS + +/* this is the custom backend structure for the {set,get,end}ent() functions */ +struct setnetgrent_backend { + nss_backend_op_t *ops; /* function-pointer table */ + int n_ops; /* number of function pointers */ + TFILE *fp; /* the file pointer for {set,get,end}ent() functions */ + SET *seen_groups; /* netgroups seen, for loop detection */ + SET *unseen_groups; /* netgroups that need to be chased */ +}; + +/* easy way to get sets from back-end */ +#define NETGROUP_BE(be) ((struct setnetgrent_backend*)(be)) + +/* access arguments */ +#define SETNETGRENT_ARGS(args) ((struct nss_setnetgrent_args *)(args)) +#define GETNETGRENT_ARGS(args) ((struct nss_getnetgrent_args *)(args)) +#define INNETGR_ARGS(ARGS) ((struct nss_innetgr_args *)(args)) + +/* return a netgroup that has not been traversed (the caller should use + free() to free it) */ +static char *find_unseen_netgroup(struct setnetgrent_backend *be) +{ + char *group; + while (1) + { + group = set_pop(be->unseen_groups); + if (group == NULL) + return NULL; + if (!set_contains(be->seen_groups, group)) + return group; + free(group); + } +} + +static nss_status_t start_netgroup_request(struct setnetgrent_backend *be, + const char *group) +{ + /* we cannot use NSS_SETENT() here because we have a parameter that is only + available in this function */ + int32_t tmpint32; + int *errnop = &errno; + /* check parameter */ + if ((group == NULL) || (group[0] == '\0')) + return NSS_STATUS_UNAVAIL; + set_add(be->seen_groups, group); + /* open a new stream and write the request */ + NSLCD_REQUEST(NETGROUP_BE(be)->fp, NSLCD_ACTION_NETGROUP_BYNAME, + WRITE_STRING(NETGROUP_BE(be)->fp, group)); + /* read response code */ + READ_RESPONSE_CODE(NETGROUP_BE(be)->fp); + SKIP_STRING(NETGROUP_BE(be)->fp); /* netgroup name */ + return NSS_STATUS_SUCCESS; +} + +static nss_status_t netgroup_setnetgrent_setnetgrent(nss_backend_t UNUSED(*be), + void UNUSED(*args)) +{ + return NSS_STATUS_SUCCESS; +} + +static nss_status_t netgroup_setnetgrent_getnetgrent(nss_backend_t *be, + void *args) +{ + struct __netgrent result; + nss_status_t retv; + /* check that we have a valid file descriptor */ + if (NETGROUP_BE(be)->fp == NULL) + return NSS_STATUS_UNAVAIL; + /* go over the result lines */ + while (1) + { + /* prepare for buffer errors */ + tio_mark(NETGROUP_BE(be)->fp); + /* read single line from the netgroup information */ + retv = read_netgrent_line(NETGROUP_BE(be)->fp, &result, GETNETGRENT_ARGS(args)->buffer, + GETNETGRENT_ARGS(args)->buflen, &errno); + /* check read result */ + if ((retv == NSS_STATUS_SUCCESS) && (result.type == group_val)) + { + /* a netgroup nested within the current netgroup */ + set_add(NETGROUP_BE(be)->unseen_groups, result.val.group); + } + else if ((retv == NSS_STATUS_SUCCESS) && (result.type == triple_val)) + { + /* a netgroup line we can return */ + GETNETGRENT_ARGS(args)->status = NSS_NETGR_FOUND; + GETNETGRENT_ARGS(args)->retp[NSS_NETGR_MACHINE] = (char *)result.val.triple.host; + GETNETGRENT_ARGS(args)->retp[NSS_NETGR_USER] = (char *)result.val.triple.user; + GETNETGRENT_ARGS(args)->retp[NSS_NETGR_DOMAIN] = (char *)result.val.triple.domain; + return NSS_STATUS_SUCCESS; + } + else if (retv == NSS_STATUS_TRYAGAIN) + { + /* we have a full buffer, try to reset the stream */ + if (tio_reset(NETGROUP_BE(be)->fp)) + { + /* reset failed, we close and give up with a permanent error + because we cannot retry just the getent() call because it + may not be only the first entry that failed */ + tio_close(NETGROUP_BE(be)->fp); + NETGROUP_BE(be)->fp = NULL; + return NSS_STATUS_UNAVAIL; + } + GETNETGRENT_ARGS(args)->status = NSS_NETGR_NOMEM; + return NSS_STATUS_TRYAGAIN; + } + else if (retv == NSS_STATUS_RETURN) + { + /* done with the current netgroup */ + tio_close(NETGROUP_BE(be)->fp); + NETGROUP_BE(be)->fp = NULL; + /* explore nested netgroups, if any */ + while (retv != NSS_STATUS_SUCCESS) + { + /* find a nested netgroup to pursue further */ + char *group = find_unseen_netgroup(NETGROUP_BE(be)); + if (group == NULL) + { + /* no more netgroups to explore */ + GETNETGRENT_ARGS(args)->status = NSS_NETGR_NO; + return NSS_STATUS_SUCCESS; + } + /* start a new search with this netgroup */ + retv = start_netgroup_request(NETGROUP_BE(be), group); + free(group); + } + } + else + { + /* some error occurred when reading the line (stream should be closed by now) */ + NETGROUP_BE(be)->fp = NULL; + GETNETGRENT_ARGS(args)->status = NSS_NETGR_NO; + return retv; + } + } +} + +static nss_status_t netgroup_setnetgrent_endnetgrent(nss_backend_t *be, + void UNUSED(*args)) +{ + NSS_ENDENT(NETGROUP_BE(be)->fp); +} + +static nss_status_t netgroup_setnetgrent_destructor(nss_backend_t *be, + void *UNUSED(args)) +{ + struct setnetgrent_backend *ngbe = (struct setnetgrent_backend *)be; + if (ngbe->fp != NULL) + (void)tio_close(ngbe->fp); + set_free(ngbe->seen_groups); + set_free(ngbe->unseen_groups); + free(ngbe); + return NSS_STATUS_SUCCESS; +} + +static nss_backend_op_t netgroup_setnetgrent_ops[] = { + netgroup_setnetgrent_destructor, + netgroup_setnetgrent_endnetgrent, + netgroup_setnetgrent_setnetgrent, + netgroup_setnetgrent_getnetgrent, +}; + +static nss_status_t netgroup_setnetgrent_constructor(nss_backend_t UNUSED(*be), + void *args) +{ + struct setnetgrent_backend *ngbe; + nss_status_t retv; + NSS_AVAILCHECK; + SETNETGRENT_ARGS(args)->iterator = NULL; /* initialize */ + /* allocate a back-end specific to this request */ + ngbe = (struct setnetgrent_backend *)malloc(sizeof(struct setnetgrent_backend)); + if (ngbe == NULL) + return NSS_STATUS_UNAVAIL; + ngbe->ops = netgroup_setnetgrent_ops; + ngbe->n_ops = sizeof(netgroup_setnetgrent_ops) / sizeof(nss_backend_op_t); + ngbe->fp = NULL; + ngbe->seen_groups = set_new(); + ngbe->unseen_groups = set_new(); + /* start the first search */ + retv = start_netgroup_request(ngbe, SETNETGRENT_ARGS(args)->netgroup); + if (retv != NSS_STATUS_SUCCESS) + { + netgroup_setnetgrent_destructor((nss_backend_t *)ngbe, args); + return retv; + } + /* return the new back-end */ + SETNETGRENT_ARGS(args)->iterator = (nss_backend_t *)ngbe; + return NSS_STATUS_SUCCESS; +} + +static nss_status_t netgroup_innetgr(nss_backend_t UNUSED(*be), + void *args) +{ + unsigned int i; + nss_status_t res = NSS_SUCCESS; + struct nss_setnetgrent_args set_args; + struct nss_getnetgrent_args get_args; + const char *host = NULL, *user = NULL, *domain = NULL; + /* get the host, user and domain arguments */ + if ((args == NULL) || + (INNETGR_ARGS(args)->arg[NSS_NETGR_MACHINE].argc > 1) || + (INNETGR_ARGS(args)->arg[NSS_NETGR_USER].argc > 1) || + (INNETGR_ARGS(args)->arg[NSS_NETGR_DOMAIN].argc > 1)) + return NSS_STATUS_UNAVAIL; + if (INNETGR_ARGS(args)->arg[NSS_NETGR_MACHINE].argc == 1) + host = INNETGR_ARGS(args)->arg[NSS_NETGR_MACHINE].argv[0]; + if (INNETGR_ARGS(args)->arg[NSS_NETGR_USER].argc == 1) + user = INNETGR_ARGS(args)->arg[NSS_NETGR_USER].argv[0]; + if (INNETGR_ARGS(args)->arg[NSS_NETGR_DOMAIN].argc == 1) + domain = INNETGR_ARGS(args)->arg[NSS_NETGR_DOMAIN].argv[0]; + /* go over the list of provided groups */ + INNETGR_ARGS(args)->status = NSS_NETGR_NO; + for (i = 0; i < INNETGR_ARGS(args)->groups.argc; i++) + { + /* prepare calling {set,get,end}netgrent() */ + set_args.netgroup = INNETGR_ARGS(args)->groups.argv[i]; + res = netgroup_setnetgrent_constructor(NULL, &set_args); + if (res != NSS_SUCCESS) + break; + /* we skip setnetgrent because it does nothing in our case */ + /* call getnetgrent until we find an error, no more or a match */ + while (1) + { + res = netgroup_setnetgrent_getnetgrent(set_args.iterator, &get_args); + /* see if we have an error or are at the end of the results */ + if ((res != NSS_SUCCESS) || (get_args.status != NSS_NETGR_FOUND)) + break; + /* see if we have a match */ + if (((host == NULL) || (strcmp(host, get_args.retp[NSS_NETGR_MACHINE]) == 0)) && + ((user == NULL) || (strcmp(user, get_args.retp[NSS_NETGR_USER]) == 0)) && + ((domain == NULL) || (strcmp(domain, get_args.retp[NSS_NETGR_DOMAIN]) == 0))) + { + INNETGR_ARGS(args)->status = NSS_NETGR_FOUND; + break; + } + } + (void)netgroup_setnetgrent_endnetgrent(set_args.iterator, NULL); + (void)netgroup_setnetgrent_destructor(set_args.iterator, NULL); + if (res != NSS_SUCCESS) + break; + /* check if we have a match */ + if (INNETGR_ARGS(args)->status == NSS_NETGR_FOUND) + break; + } + return res; +} + +static nss_backend_op_t netgroup_ops[] = { + nss_ldap_destructor, + NULL, + NULL, + NULL, + netgroup_innetgr, + netgroup_setnetgrent_constructor +}; + +nss_backend_t *NSS_NAME(netgroup_constr)(const char UNUSED(*db_name), + const char UNUSED(*src_name), + const char UNUSED(*cfg_args)) +{ + return nss_ldap_constructor(netgroup_ops, sizeof(netgroup_ops)); +} + +#endif /* NSS_FLAVOUR_SOLARIS */ diff --git a/nss/networks.c b/nss/networks.c new file mode 100644 index 0000000..7f616e2 --- /dev/null +++ b/nss/networks.c @@ -0,0 +1,239 @@ +/* + networks.c - NSS lookup functions for networks database + + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2015 Arthur de Jong + Copyright (C) 2010 Symas Corporation + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include + +#include "prototypes.h" +#include "common.h" +#include "compat/attrs.h" + +/* Redefine some ERROR_OUT macros as we also want to set h_errnop. */ + +#undef ERROR_OUT_OPENERROR +#define ERROR_OUT_OPENERROR \ + *errnop = ENOENT; \ + *h_errnop = HOST_NOT_FOUND; \ + return (errno == EAGAIN) ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL; + +#undef ERROR_OUT_READERROR +#define ERROR_OUT_READERROR(fp) \ + (void)tio_close(fp); \ + fp = NULL; \ + *errnop = ENOENT; \ + *h_errnop = NO_RECOVERY; \ + return NSS_STATUS_UNAVAIL; + +#undef ERROR_OUT_BUFERROR +#define ERROR_OUT_BUFERROR(fp) \ + *errnop = ERANGE; \ + *h_errnop = NETDB_INTERNAL; \ + return NSS_STATUS_TRYAGAIN; + +#undef ERROR_OUT_WRITEERROR +#define ERROR_OUT_WRITEERROR(fp) \ + ERROR_OUT_READERROR(fp) + +/* read a single network entry from the stream, ignoring entries + that are not AF_INET (IPv4), result is stored in result */ +static nss_status_t read_netent(TFILE *fp, struct netent *result, + char *buffer, size_t buflen, int *errnop, + int *h_errnop) +{ + int32_t tmpint32, tmp2int32, tmp3int32; + int32_t numaddr; + int readaf; + size_t bufptr = 0; + nss_status_t retv = NSS_STATUS_NOTFOUND; + memset(result, 0, sizeof(struct netent)); + /* read the network entry */ + READ_BUF_STRING(fp, result->n_name); + READ_BUF_STRINGLIST(fp, result->n_aliases); + result->n_addrtype = AF_INET; + /* read number of addresses to follow */ + READ_INT32(fp, numaddr); + /* go through the address list and filter on af */ + while (--numaddr >= 0) + { + /* read address family and size */ + READ_INT32(fp, readaf); + READ_INT32(fp, tmp2int32); /* address length */ + if ((readaf == AF_INET) && (tmp2int32 == 4)) + { + /* read address and translate to host byte order */ + READ_INT32(fp, result->n_net); + /* signal that we've read a proper entry */ + retv = NSS_STATUS_SUCCESS; + /* don't return here to not upset the stream */ + } + else + { + /* skip unsupported address families */ + SKIP(fp, tmpint32); + } + } + return retv; +} + +/* write an address value */ +/* version 2.10 of glibc changed the address from network to host order + (changelog entry 2009-07-01) */ +#define WRITE_ADDRESS(fp, addr) \ + WRITE_INT32(fp, AF_INET); \ + WRITE_INT32(fp, 4); \ + WRITE_INT32(fp, addr); + +#ifdef NSS_FLAVOUR_GLIBC + +/* get a network entry by name */ +nss_status_t NSS_NAME(getnetbyname_r)(const char *name, + struct netent *result, char *buffer, + size_t buflen, int *errnop, + int *h_errnop) +{ + NSS_GETONE(NSLCD_ACTION_NETWORK_BYNAME, + WRITE_STRING(fp, name), + read_netent(fp, result, buffer, buflen, errnop, h_errnop)); +} + +/* Note: the af parameter is ignored and is assumed to be AF_INET */ +/* TODO: implement handling of af parameter */ +nss_status_t NSS_NAME(getnetbyaddr_r)(uint32_t addr, int UNUSED(af), + struct netent *result, char *buffer, + size_t buflen, int *errnop, + int *h_errnop) +{ + NSS_GETONE(NSLCD_ACTION_NETWORK_BYADDR, + WRITE_ADDRESS(fp, addr), + read_netent(fp, result, buffer, buflen, errnop, h_errnop)); +} + +/* thread-local file pointer to an ongoing request */ +static TLS TFILE *netentfp; + +/* start a request to read all networks */ +nss_status_t NSS_NAME(setnetent)(int UNUSED(stayopen)) +{ + NSS_SETENT(netentfp); +} + +/* get a single network entry from the stream */ +nss_status_t NSS_NAME(getnetent_r)(struct netent *result, + char *buffer, size_t buflen, int *errnop, + int *h_errnop) +{ + NSS_GETENT(netentfp, NSLCD_ACTION_NETWORK_ALL, + read_netent(netentfp, result, buffer, buflen, errnop, h_errnop)); +} + +/* close the stream opened by setnetent() above */ +nss_status_t NSS_NAME(endnetent)(void) +{ + NSS_ENDENT(netentfp); +} + +#endif /* NSS_FLAVOUR_GLIBC */ + +#ifdef NSS_FLAVOUR_SOLARIS + +#ifdef HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN +static char *netent2str(struct netent *result, char *buffer, size_t buflen) +{ + int i, res; + struct in_addr priv_in_addr; + priv_in_addr.s_addr = htonl(result->n_net); + res = snprintf(buffer, buflen, "%s %s", result->n_name, inet_ntoa(priv_in_addr)); + if ((res < 0) || (res >= (int)buflen)) + return NULL; + if (result->n_aliases) + for (i = 0; result->n_aliases[i]; i++) + { + strlcat(buffer, " ", buflen); + strlcat(buffer, result->n_aliases[i], buflen); + } + if (strlen(buffer) >= buflen - 1) + return NULL; + return buffer; +} +#endif /* HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN */ + +static nss_status_t read_result(TFILE *fp, nss_XbyY_args_t *args) +{ + READ_RESULT(netent, &args->erange, &args->h_errno); +} + +/* more of a dirty hack */ +#define h_errnop (&(NSS_ARGS(args)->h_errno)) + +static nss_status_t networks_getnetbyname(nss_backend_t UNUSED(*be), void *args) +{ + NSS_GETONE(NSLCD_ACTION_NETWORK_BYNAME, + WRITE_STRING(fp, NSS_ARGS(args)->key.name), + read_result(fp, args)); +} + +static nss_status_t networks_getnetbyaddr(nss_backend_t UNUSED(*be), void *args) +{ + NSS_GETONE(NSLCD_ACTION_NETWORK_BYADDR, + WRITE_ADDRESS(fp, NSS_ARGS(args)->key.netaddr.net), + read_result(fp, args)); +} + +static nss_status_t networks_setnetent(nss_backend_t *be, void UNUSED(*args)) +{ + NSS_SETENT(LDAP_BE(be)->fp); +} + +static nss_status_t networks_getnetent(nss_backend_t *be, void *args) +{ + NSS_GETENT(LDAP_BE(be)->fp, NSLCD_ACTION_NETWORK_ALL, + read_result(LDAP_BE(be)->fp, args)); +} + +static nss_status_t networks_endnetent(nss_backend_t *be, void UNUSED(*args)) +{ + NSS_ENDENT(LDAP_BE(be)->fp); +} + +static nss_backend_op_t networks_ops[] = { + nss_ldap_destructor, + networks_endnetent, + networks_setnetent, + networks_getnetent, + networks_getnetbyname, + networks_getnetbyaddr +}; + +nss_backend_t *NSS_NAME(networks_constr)(const char UNUSED(*db_name), + const char UNUSED(*src_name), + const char UNUSED(*cfg_args)) +{ + return nss_ldap_constructor(networks_ops, sizeof(networks_ops)); +} + +#endif /* NSS_FLAVOUR_SOLARIS */ diff --git a/nss/passwd.c b/nss/passwd.c new file mode 100644 index 0000000..313f957 --- /dev/null +++ b/nss/passwd.c @@ -0,0 +1,169 @@ +/* + passwd.c - NSS lookup functions for passwd database + + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2015 Arthur de Jong + Copyright (C) 2010 Symas Corporation + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include + +#include "prototypes.h" +#include "common.h" +#include "compat/attrs.h" + +/* read a passwd entry from the stream */ +static nss_status_t read_passwd(TFILE *fp, struct passwd *result, + char *buffer, size_t buflen, int *errnop) +{ + int32_t tmpint32; + size_t bufptr = 0; + memset(result, 0, sizeof(struct passwd)); + READ_BUF_STRING(fp, result->pw_name); + READ_BUF_STRING(fp, result->pw_passwd); + READ_INT32(fp, result->pw_uid); + READ_INT32(fp, result->pw_gid); + READ_BUF_STRING(fp, result->pw_gecos); + READ_BUF_STRING(fp, result->pw_dir); + READ_BUF_STRING(fp, result->pw_shell); +#ifdef HAVE_STRUCT_PASSWD_PW_CLASS + /* set the user access class to an empty string */ + result->pw_class = result->pw_name + strlen(result->pw_name); +#endif /* HAVE_STRUCT_PASSWD_PW_CLASS */ + return NSS_STATUS_SUCCESS; +} + +#ifdef NSS_FLAVOUR_GLIBC + +/* get a single passwd entry by name */ +nss_status_t NSS_NAME(getpwnam_r)(const char *name, struct passwd *result, + char *buffer, size_t buflen, int *errnop) +{ + NSS_GETONE(NSLCD_ACTION_PASSWD_BYNAME, + WRITE_STRING(fp, name), + read_passwd(fp, result, buffer, buflen, errnop)); +} + +/* get a single passwd entry by uid */ +nss_status_t NSS_NAME(getpwuid_r)(uid_t uid, struct passwd *result, + char *buffer, size_t buflen, int *errnop) +{ + NSS_GETONE(NSLCD_ACTION_PASSWD_BYUID, + WRITE_INT32(fp, uid), + read_passwd(fp, result, buffer, buflen, errnop)); +} + +/* thread-local file pointer to an ongoing request */ +static TLS TFILE *pwentfp; + +/* open a connection to read all passwd entries */ +nss_status_t NSS_NAME(setpwent)(int UNUSED(stayopen)) +{ + NSS_SETENT(pwentfp); +} + +/* read password data from an opened stream */ +nss_status_t NSS_NAME(getpwent_r)(struct passwd *result, + char *buffer, size_t buflen, int *errnop) +{ + NSS_GETENT(pwentfp, NSLCD_ACTION_PASSWD_ALL, + read_passwd(pwentfp, result, buffer, buflen, errnop)); +} + +/* close the stream opened with setpwent() above */ +nss_status_t NSS_NAME(endpwent)(void) +{ + NSS_ENDENT(pwentfp); +} + +#endif /* NSS_FLAVOUR_GLIBC */ + +#ifdef NSS_FLAVOUR_SOLARIS + +#ifdef HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN +static char *passwd2str(struct passwd *result, char *buffer, size_t buflen) +{ + int res; + res = snprintf(buffer, buflen, "%s:%s:%d:%d:%s:%s:%s", + result->pw_name, result->pw_passwd, (int)result->pw_uid, + (int)result->pw_gid, result->pw_gecos, result->pw_dir, + result->pw_shell); + if ((res < 0) || (res >= (int)buflen)) + return NULL; + return buffer; +} +#endif /* HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN */ + +static nss_status_t read_result(TFILE *fp, nss_XbyY_args_t *args) +{ + READ_RESULT(passwd, &args->erange); +} + +static nss_status_t passwd_getpwnam(nss_backend_t UNUSED(*be), void *args) +{ + NSS_GETONE(NSLCD_ACTION_PASSWD_BYNAME, + WRITE_STRING(fp, NSS_ARGS(args)->key.name), + read_result(fp, args)); +} + +static nss_status_t passwd_getpwuid(nss_backend_t UNUSED(*be), void *args) +{ + NSS_GETONE(NSLCD_ACTION_PASSWD_BYUID, + WRITE_INT32(fp, NSS_ARGS(args)->key.uid), + read_result(fp, args)); +} + +/* open a connection to the nslcd and write the request */ +static nss_status_t passwd_setpwent(nss_backend_t *be, void UNUSED(*args)) +{ + NSS_SETENT(LDAP_BE(be)->fp); +} + +/* read password data from an opened stream */ +static nss_status_t passwd_getpwent(nss_backend_t *be, void *args) +{ + NSS_GETENT(LDAP_BE(be)->fp, NSLCD_ACTION_PASSWD_ALL, + read_result(LDAP_BE(be)->fp, args)); +} + +/* close the stream opened with setpwent() above */ +static nss_status_t passwd_endpwent(nss_backend_t *be, void UNUSED(*args)) +{ + NSS_ENDENT(LDAP_BE(be)->fp); +} + +static nss_backend_op_t passwd_ops[] = { + nss_ldap_destructor, + passwd_endpwent, + passwd_setpwent, + passwd_getpwent, + passwd_getpwnam, + passwd_getpwuid +}; + +nss_backend_t *NSS_NAME(passwd_constr)(const char UNUSED(*db_name), + const char UNUSED(*src_name), + const char UNUSED(*cfg_args)) +{ + return nss_ldap_constructor(passwd_ops, sizeof(passwd_ops)); +} + +#endif /* NSS_FLAVOUR_SOLARIS */ diff --git a/nss/protocols.c b/nss/protocols.c new file mode 100644 index 0000000..3732ae5 --- /dev/null +++ b/nss/protocols.c @@ -0,0 +1,166 @@ +/* + protocols.c - NSS lookup functions for protocol database + + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2015 Arthur de Jong + Copyright (C) 2010 Symas Corporation + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include + +#include "prototypes.h" +#include "common.h" +#include "compat/attrs.h" + +/* read a single protocol entry from the stream */ +static nss_status_t read_protoent(TFILE *fp, struct protoent *result, + char *buffer, size_t buflen, int *errnop) +{ + int32_t tmpint32, tmp2int32, tmp3int32; + size_t bufptr = 0; + memset(result, 0, sizeof(struct protoent)); + READ_BUF_STRING(fp, result->p_name); + READ_BUF_STRINGLIST(fp, result->p_aliases); + READ_INT32(fp, result->p_proto); + return NSS_STATUS_SUCCESS; +} + +#ifdef NSS_FLAVOUR_GLIBC + +/* get a protocol entry by name */ +nss_status_t NSS_NAME(getprotobyname_r)(const char *name, + struct protoent *result, + char *buffer, size_t buflen, + int *errnop) +{ + NSS_GETONE(NSLCD_ACTION_PROTOCOL_BYNAME, + WRITE_STRING(fp, name), + read_protoent(fp, result, buffer, buflen, errnop)); +} + +/* get a protocol entry by number */ +nss_status_t NSS_NAME(getprotobynumber_r)(int number, struct protoent *result, + char *buffer, size_t buflen, + int *errnop) +{ + NSS_GETONE(NSLCD_ACTION_PROTOCOL_BYNUMBER, + WRITE_INT32(fp, number), + read_protoent(fp, result, buffer, buflen, errnop)); +} + +/* thread-local file pointer to an ongoing request */ +static TLS TFILE *protoentfp; + +/* start a request to read all protocol entries */ +nss_status_t NSS_NAME(setprotoent)(int UNUSED(stayopen)) +{ + NSS_SETENT(protoentfp); +} + +/* get a single protocol entry */ +nss_status_t NSS_NAME(getprotoent_r)(struct protoent *result, + char *buffer, size_t buflen, int *errnop) +{ + NSS_GETENT(protoentfp, NSLCD_ACTION_PROTOCOL_ALL, + read_protoent(protoentfp, result, buffer, buflen, errnop)); +} + +/* close the stream opened by setprotoent() above */ +nss_status_t NSS_NAME(endprotoent)(void) +{ + NSS_ENDENT(protoentfp); +} + +#endif /* NSS_FLAVOUR_GLIBC */ + +#ifdef NSS_FLAVOUR_SOLARIS + +#ifdef HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN +static char *protoent2str(struct protoent *result, char *buffer, size_t buflen) +{ + int res, i; + res = snprintf(buffer, buflen, "%s\t\t%d", result->p_name, result->p_proto); + if ((res < 0) || (res >= (int)buflen)) + return NULL; + if (result->p_aliases) + for (i = 0; result->p_aliases[i]; i++) + { + strlcat(buffer, " ", buflen); + strlcat(buffer, result->p_aliases[i], buflen); + } + if (strlen(buffer) >= buflen - 1) + return NULL; + return buffer; +} +#endif /* HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN */ + +static nss_status_t read_result(TFILE *fp, nss_XbyY_args_t *args) +{ + READ_RESULT(protoent, &args->erange); +} + +static nss_status_t protocols_getprotobyname(nss_backend_t UNUSED(*be), void *args) +{ + NSS_GETONE(NSLCD_ACTION_PROTOCOL_BYNAME, + WRITE_STRING(fp, NSS_ARGS(args)->key.name), + read_result(fp, args)); +} + +static nss_status_t protocols_getprotobynumber(nss_backend_t UNUSED(*be), void *args) +{ + NSS_GETONE(NSLCD_ACTION_PROTOCOL_BYNUMBER, + WRITE_INT32(fp, NSS_ARGS(args)->key.number), + read_result(fp, args)); +} + +static nss_status_t protocols_setprotoent(nss_backend_t *be, void UNUSED(*args)) +{ + NSS_SETENT(LDAP_BE(be)->fp); +} + +static nss_status_t protocols_getprotoent(nss_backend_t *be, void *args) +{ + NSS_GETENT(LDAP_BE(be)->fp, NSLCD_ACTION_PROTOCOL_ALL, + read_result(LDAP_BE(be)->fp, args)); +} + +static nss_status_t protocols_endprotoent(nss_backend_t *be, void UNUSED(*args)) +{ + NSS_ENDENT(LDAP_BE(be)->fp); +} + +static nss_backend_op_t protocols_ops[] = { + nss_ldap_destructor, + protocols_endprotoent, + protocols_setprotoent, + protocols_getprotoent, + protocols_getprotobyname, + protocols_getprotobynumber +}; + +nss_backend_t *NSS_NAME(protocols_constr)(const char UNUSED(*db_name), + const char UNUSED(*src_name), + const char UNUSED(*cfg_args)) +{ + return nss_ldap_constructor(protocols_ops, sizeof(protocols_ops)); +} + +#endif /* NSS_FLAVOUR_SOLARIS */ diff --git a/nss/prototypes.h b/nss/prototypes.h new file mode 100644 index 0000000..37a9824 --- /dev/null +++ b/nss/prototypes.h @@ -0,0 +1,156 @@ +/* + prototypes.h - all functions exported by the NSS library + + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2015 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef NSS__PROTOTYPES_H +#define NSS__PROTOTYPES_H 1 + +#include "compat/nss_compat.h" + +/* flag to gloabally disable lookups (all _nss_ldap_*() functions will return + NSS_STATUS_UNAVAIL */ +extern int NSS_NAME(enablelookups); + +#ifdef NSS_FLAVOUR_FREEBSD + +/* for FreeBSD we want the GlibC prototypes and functions to be built + (we provide some wrappers in bsdnss.c) */ +#define NSS_FLAVOUR_GLIBC 1 + +/* FreeBSD specific register function */ +ns_mtab *nss_module_register(const char *source, unsigned int *mtabsize, + nss_module_unregister_fn *unreg); + +#endif /* NSS_FLAVOUR_FREEBSD */ + +#ifdef NSS_FLAVOUR_GLIBC + +/* + These are prototypes for functions exported from the ldap NSS module. + For more complete definitions of these functions check the GLIBC + documentation. + + Other services than those mentioned here are currently not implemented. + + These definitions partially came from examining the GLIBC source code + as no complete documentation of the NSS interface is available. + This however is a useful pointer: + http://www.gnu.org/software/libc/manual/html_node/Name-Service-Switch.html +*/ + +/* aliases - mail aliases */ +nss_status_t NSS_NAME(getaliasbyname_r)(const char *name, struct aliasent *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(setaliasent)(void); +nss_status_t NSS_NAME(getaliasent_r)(struct aliasent *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(endaliasent)(void); + +/* ethers - ethernet numbers */ +nss_status_t NSS_NAME(gethostton_r)(const char *name, struct etherent *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(getntohost_r)(const struct ether_addr *addr, struct etherent *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(setetherent)(int stayopen); +nss_status_t NSS_NAME(getetherent_r)(struct etherent *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(endetherent)(void); + +/* group - groups of users */ +nss_status_t NSS_NAME(getgrnam_r)(const char *name, struct group *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(getgrgid_r)(gid_t gid, struct group *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(initgroups_dyn)(const char *user, gid_t skipgroup, long int *start, long int *size, gid_t **groupsp, long int limit, int *errnop); +nss_status_t NSS_NAME(setgrent)(int stayopen); +nss_status_t NSS_NAME(getgrent_r)(struct group *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(endgrent)(void); + +/* hosts - host names and numbers */ +nss_status_t NSS_NAME(gethostbyname_r)(const char *name, struct hostent *result, char *buffer, size_t buflen, int *errnop, int *h_errnop); +nss_status_t NSS_NAME(gethostbyname2_r)(const char *name, int af, struct hostent *result, char *buffer, size_t buflen, int *errnop, int *h_errnop); +nss_status_t NSS_NAME(gethostbyaddr_r)(const void *addr, socklen_t len, int af, struct hostent *result, char *buffer, size_t buflen, int *errnop, int *h_errnop); +nss_status_t NSS_NAME(sethostent)(int stayopen); +nss_status_t NSS_NAME(gethostent_r)(struct hostent *result, char *buffer, size_t buflen, int *errnop, int *h_errnop); +nss_status_t NSS_NAME(endhostent)(void); + +/* netgroup - list of host and users */ +nss_status_t NSS_NAME(setnetgrent)(const char *group, struct __netgrent *result); +nss_status_t NSS_NAME(getnetgrent_r)(struct __netgrent *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(endnetgrent)(struct __netgrent *result); + +/* networks - network names and numbers */ +nss_status_t NSS_NAME(getnetbyname_r)(const char *name, struct netent *result, char *buffer, size_t buflen, int *errnop, int *h_errnop); +nss_status_t NSS_NAME(getnetbyaddr_r)(uint32_t addr, int af, struct netent *result, char *buffer, size_t buflen, int *errnop, int *h_errnop); +nss_status_t NSS_NAME(setnetent)(int stayopen); +nss_status_t NSS_NAME(getnetent_r)(struct netent *result, char *buffer, size_t buflen, int *errnop, int *h_errnop); +nss_status_t NSS_NAME(endnetent)(void); + +/* passwd - user database and passwords */ +nss_status_t NSS_NAME(getpwnam_r)(const char *name, struct passwd *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(getpwuid_r)(uid_t uid, struct passwd *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(setpwent)(int stayopen); +nss_status_t NSS_NAME(getpwent_r)(struct passwd *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(endpwent)(void); + +/* protocols - network protocols */ +nss_status_t NSS_NAME(getprotobyname_r)(const char *name, struct protoent *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(getprotobynumber_r)(int number, struct protoent *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(setprotoent)(int stayopen); +nss_status_t NSS_NAME(getprotoent_r)(struct protoent *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(endprotoent)(void); + +/* rpc - remote procedure call names and numbers */ +nss_status_t NSS_NAME(getrpcbyname_r)(const char *name, struct rpcent *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(getrpcbynumber_r)(int number, struct rpcent *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(setrpcent)(int stayopen); +nss_status_t NSS_NAME(getrpcent_r)(struct rpcent *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(endrpcent)(void); + +/* services - network services */ +nss_status_t NSS_NAME(getservbyname_r)(const char *name, const char *protocol, struct servent *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(getservbyport_r)(int port, const char *protocol, struct servent *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(setservent)(int stayopen); +nss_status_t NSS_NAME(getservent_r)(struct servent *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(endservent)(void); + +/* shadow - extended user information */ +nss_status_t NSS_NAME(getspnam_r)(const char *name, struct spwd *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(setspent)(int stayopen); +nss_status_t NSS_NAME(getspent_r)(struct spwd *result, char *buffer, size_t buflen, int *errnop); +nss_status_t NSS_NAME(endspent)(void); + +#endif /* NSS_FLAVOUR_GLIBC */ + +#ifdef NSS_FLAVOUR_SOLARIS + +/* helper marcos to do casts */ +#define NSS_ARGS(args) ((nss_XbyY_args_t *)args) +#define LDAP_BE(be) ((struct nss_ldap_backend*)(be)) + +/* these are the constructors we provide */ +nss_backend_t *NSS_NAME(ethers_constr)(const char *db_name, const char *src_name, const char *cfg_args); +nss_backend_t *NSS_NAME(group_constr)(const char *db_name, const char *src_name, const char *cfg_args); +nss_backend_t *NSS_NAME(hosts_constr)(const char *db_name, const char *src_name, const char *cfg_args); +nss_backend_t *NSS_NAME(netgroup_constr)(const char *db_name, const char *src_name, const char *cfg_args); +nss_backend_t *NSS_NAME(networks_constr)(const char *db_name, const char *src_name, const char *cfg_args); +nss_backend_t *NSS_NAME(passwd_constr)(const char *db_name, const char *src_name, const char *cfg_args); +nss_backend_t *NSS_NAME(protocols_constr)(const char *db_name, const char *src_name, const char *cfg_args); +nss_backend_t *NSS_NAME(rpc_constr)(const char *db_name, const char *src_name, const char *cfg_args); +nss_backend_t *NSS_NAME(services_constr)(const char *db_name, const char *src_name, const char *cfg_args); +nss_backend_t *NSS_NAME(shadow_constr)(const char *db_name, const char *src_name, const char *cfg_args); + +#endif /* NSS_FLAVOUR_SOLARIS */ + +#endif /* not NSS__PROTOTYPES_H */ diff --git a/nss/rpc.c b/nss/rpc.c new file mode 100644 index 0000000..547b86b --- /dev/null +++ b/nss/rpc.c @@ -0,0 +1,165 @@ +/* + rpc.c - NSS lookup functions for rpc database + + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2015 Arthur de Jong + Copyright (C) 2010 Symas Corporation + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include + +#include "prototypes.h" +#include "common.h" +#include "compat/attrs.h" + +/* read a sinlge rpc entry from the stream */ +static nss_status_t read_rpcent(TFILE *fp, struct rpcent *result, + char *buffer, size_t buflen, int *errnop) +{ + int32_t tmpint32, tmp2int32, tmp3int32; + size_t bufptr = 0; + memset(result, 0, sizeof(struct rpcent)); + READ_BUF_STRING(fp, result->r_name); + READ_BUF_STRINGLIST(fp, result->r_aliases); + READ_INT32(fp, result->r_number); + return NSS_STATUS_SUCCESS; +} + +#ifdef NSS_FLAVOUR_GLIBC + +/* get a rpc entry by name */ +nss_status_t NSS_NAME(getrpcbyname_r)(const char *name, + struct rpcent *result, char *buffer, + size_t buflen, int *errnop) +{ + NSS_GETONE(NSLCD_ACTION_RPC_BYNAME, + WRITE_STRING(fp, name), + read_rpcent(fp, result, buffer, buflen, errnop)); +} + +/* get a rpc entry by number */ +nss_status_t NSS_NAME(getrpcbynumber_r)(int number, struct rpcent *result, + char *buffer, size_t buflen, + int *errnop) +{ + NSS_GETONE(NSLCD_ACTION_RPC_BYNUMBER, + WRITE_INT32(fp, number), + read_rpcent(fp, result, buffer, buflen, errnop)); +} + +/* thread-local file pointer to an ongoing request */ +static TLS TFILE *rpcentfp; + +/* request a stream to list all rpc entries */ +nss_status_t NSS_NAME(setrpcent)(int UNUSED(stayopen)) +{ + NSS_SETENT(rpcentfp); +} + +/* get an rpc entry from the list */ +nss_status_t NSS_NAME(getrpcent_r)(struct rpcent *result, + char *buffer, size_t buflen, int *errnop) +{ + NSS_GETENT(rpcentfp, NSLCD_ACTION_RPC_ALL, + read_rpcent(rpcentfp, result, buffer, buflen, errnop)); +} + +/* close the stream opened by setrpcent() above */ +nss_status_t NSS_NAME(endrpcent)(void) +{ + NSS_ENDENT(rpcentfp); +} + +#endif /* NSS_FLAVOUR_GLIBC */ + +#ifdef NSS_FLAVOUR_SOLARIS + +#ifdef HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN +static char *rpcent2str(struct rpcent *result, char *buffer, size_t buflen) +{ + int res, i; + res = snprintf(buffer, buflen, "%s %d", result->r_name, result->r_number); + if ((res < 0) || (res >= (int)buflen)) + return NULL; + if (result->r_aliases) + for (i = 0; result->r_aliases[i]; i++) + { + strlcat(buffer, " ", buflen); + strlcat(buffer, result->r_aliases[i], buflen); + } + if (strlen(buffer) >= buflen - 1) + return NULL; + return buffer; +} +#endif /* HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN */ + +static nss_status_t read_result(TFILE *fp, nss_XbyY_args_t *args) +{ + READ_RESULT(rpcent, &args->erange); +} + +static nss_status_t rpc_getrpcbyname(nss_backend_t UNUSED(*be), void *args) +{ + NSS_GETONE(NSLCD_ACTION_RPC_BYNAME, + WRITE_STRING(fp, NSS_ARGS(args)->key.name), + read_result(fp, args)); +} + +static nss_status_t rpc_getrpcbynumber(nss_backend_t UNUSED(*be), void *args) +{ + NSS_GETONE(NSLCD_ACTION_RPC_BYNUMBER, + WRITE_INT32(fp, NSS_ARGS(args)->key.number), + read_result(fp, args)); +} + +static nss_status_t rpc_setrpcent(nss_backend_t *be, void UNUSED(*args)) +{ + NSS_SETENT(LDAP_BE(be)->fp); +} + +static nss_status_t rpc_getrpcent(nss_backend_t *be, void *args) +{ + NSS_GETENT(LDAP_BE(be)->fp, NSLCD_ACTION_RPC_ALL, + read_result(LDAP_BE(be)->fp, args)); +} + +static nss_status_t rpc_endrpcent(nss_backend_t *be, void UNUSED(*args)) +{ + NSS_ENDENT(LDAP_BE(be)->fp); +} + +static nss_backend_op_t rpc_ops[] = { + nss_ldap_destructor, + rpc_endrpcent, + rpc_setrpcent, + rpc_getrpcent, + rpc_getrpcbyname, + rpc_getrpcbynumber +}; + +nss_backend_t *NSS_NAME(rpc_constr)(const char UNUSED(*db_name), + const char UNUSED(*src_name), + const char UNUSED(*cfg_args)) +{ + return nss_ldap_constructor(rpc_ops, sizeof(rpc_ops)); +} + +#endif /* NSS_FLAVOUR_SOLARIS */ diff --git a/nss/services.c b/nss/services.c new file mode 100644 index 0000000..260f828 --- /dev/null +++ b/nss/services.c @@ -0,0 +1,176 @@ +/* + service.c - NSS lookup functions for services database + + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2015 Arthur de Jong + Copyright (C) 2010 Symas Corporation + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include + +#include "prototypes.h" +#include "common.h" +#include "compat/attrs.h" + +/* read a single services result entry from the stream */ +static nss_status_t read_servent(TFILE *fp, struct servent *result, + char *buffer, size_t buflen, int *errnop) +{ + int32_t tmpint32, tmp2int32, tmp3int32; + size_t bufptr = 0; + memset(result, 0, sizeof(struct servent)); + READ_BUF_STRING(fp, result->s_name); + READ_BUF_STRINGLIST(fp, result->s_aliases); + /* store port number in network byte order */ + READ_INT32(fp, tmp2int32); + result->s_port = htons((uint16_t)tmp2int32); + READ_BUF_STRING(fp, result->s_proto); + /* we're done */ + return NSS_STATUS_SUCCESS; +} + +#ifdef NSS_FLAVOUR_GLIBC + +/* get a service entry by name and protocol */ +nss_status_t NSS_NAME(getservbyname_r)(const char *name, const char *protocol, + struct servent *result, char *buffer, + size_t buflen, int *errnop) +{ + NSS_GETONE(NSLCD_ACTION_SERVICE_BYNAME, + WRITE_STRING(fp, name); + WRITE_STRING(fp, protocol), + read_servent(fp, result, buffer, buflen, errnop)); +} + +/* get a service entry by port and protocol */ +nss_status_t NSS_NAME(getservbyport_r)(int port, const char *protocol, + struct servent *result, char *buffer, + size_t buflen, int *errnop) +{ + /* port is already in network byte order */ + NSS_GETONE(NSLCD_ACTION_SERVICE_BYNUMBER, + tmpint32 = ntohs(port); + WRITE_INT32(fp, tmpint32); + WRITE_STRING(fp, protocol), + read_servent(fp, result, buffer, buflen, errnop)); +} + +/* thread-local file pointer to an ongoing request */ +static TLS TFILE *serventfp; + +/* open request to get all services */ +nss_status_t NSS_NAME(setservent)(int UNUSED(stayopen)) +{ + NSS_SETENT(serventfp); +} + +/* read a single returned service definition */ +nss_status_t NSS_NAME(getservent_r)(struct servent *result, + char *buffer, size_t buflen, int *errnop) +{ + NSS_GETENT(serventfp, NSLCD_ACTION_SERVICE_ALL, + read_servent(serventfp, result, buffer, buflen, errnop)); +} + +/* close the stream opened by setservent() above */ +nss_status_t NSS_NAME(endservent)(void) +{ + NSS_ENDENT(serventfp); +} + +#endif /* NSS_FLAVOUR_GLIBC */ + +#ifdef NSS_FLAVOUR_SOLARIS + +#ifdef HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN +static char *servent2str(struct servent *result, char *buffer, size_t buflen) +{ + int res, i; + res = snprintf(buffer, buflen, "%s %d/%s", result->s_name, ntohs(result->s_port), + result->s_proto); + if ((res < 0) || (res >= (int)buflen)) + return NULL; + if (result->s_aliases) + for (i = 0; result->s_aliases[i]; i++) + { + strlcat(buffer, " ", buflen); + strlcat(buffer, result->s_aliases[i], buflen); + } + if (strlen(buffer) >= buflen - 1) + return NULL; + return buffer; +} +#endif /* HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN */ + +static nss_status_t read_result(TFILE *fp, nss_XbyY_args_t *args) +{ + READ_RESULT(servent, &args->erange); +} + +static nss_status_t services_getservbyname(nss_backend_t UNUSED(*be), void *args) +{ + NSS_GETONE(NSLCD_ACTION_SERVICE_BYNAME, + WRITE_STRING(fp, NSS_ARGS(args)->key.serv.serv.name); + WRITE_STRING(fp, NSS_ARGS(args)->key.serv.proto), + read_result(fp, args)); +} + +static nss_status_t services_getservbyport(nss_backend_t UNUSED(*be), void *args) +{ + NSS_GETONE(NSLCD_ACTION_SERVICE_BYNUMBER, + WRITE_INT32(fp, ntohs(NSS_ARGS(args)->key.serv.serv.port)); + WRITE_STRING(fp, NSS_ARGS(args)->key.serv.proto), + read_result(fp, args)); +} + +static nss_status_t services_setservent(nss_backend_t *be, void UNUSED(*args)) +{ + NSS_SETENT(LDAP_BE(be)->fp); +} + +static nss_status_t services_getservent(nss_backend_t *be, void *args) +{ + NSS_GETENT(LDAP_BE(be)->fp, NSLCD_ACTION_SERVICE_ALL, + read_result(LDAP_BE(be)->fp, args)); +} + +static nss_status_t services_endservent(nss_backend_t *be, void UNUSED(*args)) +{ + NSS_ENDENT(LDAP_BE(be)->fp); +} + +static nss_backend_op_t services_ops[] = { + nss_ldap_destructor, + services_endservent, + services_setservent, + services_getservent, + services_getservbyname, + services_getservbyport +}; + +nss_backend_t *NSS_NAME(services_constr)(const char UNUSED(*db_name), + const char UNUSED(*src_name), + const char UNUSED(*cfg_args)) +{ + return nss_ldap_constructor(services_ops, sizeof(services_ops)); +} + +#endif /* NSS_FLAVOUR_SOLARIS */ diff --git a/nss/shadow.c b/nss/shadow.c new file mode 100644 index 0000000..f1953d5 --- /dev/null +++ b/nss/shadow.c @@ -0,0 +1,164 @@ +/* + shadow.c - NSS lookup functions for shadow database + + Copyright (C) 2006 West Consulting + Copyright (C) 2006-2015 Arthur de Jong + Copyright (C) 2010 Symas Corporation + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include + +#include "prototypes.h" +#include "common.h" +#include "compat/attrs.h" + +/* read a single shadow entry from the stream */ +static nss_status_t read_spwd(TFILE *fp, struct spwd *result, + char *buffer, size_t buflen, int *errnop) +{ + int32_t tmpint32; + size_t bufptr = 0; + memset(result, 0, sizeof(struct spwd)); + READ_BUF_STRING(fp, result->sp_namp); + READ_BUF_STRING(fp, result->sp_pwdp); + READ_INT32(fp, result->sp_lstchg); + READ_INT32(fp, result->sp_min); + READ_INT32(fp, result->sp_max); + READ_INT32(fp, result->sp_warn); + READ_INT32(fp, result->sp_inact); + READ_INT32(fp, result->sp_expire); + READ_INT32(fp, result->sp_flag); + return NSS_STATUS_SUCCESS; +} + +#ifdef NSS_FLAVOUR_GLIBC + +/* get a shadow entry by name */ +nss_status_t NSS_NAME(getspnam_r)(const char *name, struct spwd *result, + char *buffer, size_t buflen, int *errnop) +{ + NSS_GETONE(NSLCD_ACTION_SHADOW_BYNAME, + WRITE_STRING(fp, name), + read_spwd(fp, result, buffer, buflen, errnop)); +} + +/* thread-local file pointer to an ongoing request */ +static TLS TFILE *spentfp; + +/* start listing all shadow users */ +nss_status_t NSS_NAME(setspent)(int UNUSED(stayopen)) +{ + NSS_SETENT(spentfp); +} + +/* return a single shadow entry read from the stream */ +nss_status_t NSS_NAME(getspent_r)(struct spwd *result, + char *buffer, size_t buflen, int *errnop) +{ + NSS_GETENT(spentfp, NSLCD_ACTION_SHADOW_ALL, + read_spwd(spentfp, result, buffer, buflen, errnop)); +} + +/* close the stream opened by setspent() above */ +nss_status_t NSS_NAME(endspent)(void) +{ + NSS_ENDENT(spentfp); +} + +#endif /* NSS_FLAVOUR_GLIBC */ + +#ifdef NSS_FLAVOUR_SOLARIS + +#ifdef HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN +static char *spwd2str(struct spwd *result, char *buffer, size_t buflen) +{ + /* snprintf writes a terminating \0 on Solaris */ + snprintf(buffer, buflen, "%s:%s:", result->sp_namp, result->sp_pwdp); + if (result->sp_lstchg >= 0) + snprintf(buffer, buflen - strlen(buffer) - 1, "%d", result->sp_lstchg); + strlcat(buffer, ":", buflen); + if (result->sp_min >= 0) + snprintf(buffer, buflen - strlen(buffer) - 1, "%d", result->sp_min); + strlcat(buffer, ":", buflen); + if (result->sp_max >= 0) + snprintf(buffer, buflen - strlen(buffer) - 1, "%d", result->sp_max); + strlcat(buffer, ":", buflen); + if (result->sp_warn >= 0) + snprintf(buffer, buflen - strlen(buffer) - 1, "%d", result->sp_warn); + strlcat(buffer, ":", buflen); + if (result->sp_inact >= 0) + snprintf(buffer, buflen - strlen(buffer) - 1, "%d", result->sp_inact); + strlcat(buffer, ":", buflen); + if (result->sp_expire >= 0) + snprintf(buffer, buflen - strlen(buffer) - 1, "%d", result->sp_expire); + strlcat(buffer, ":", buflen); + if (result->sp_flag > 0) + snprintf(buffer, buflen - strlen(buffer) - 1, "%x", result->sp_flag); + if (strlen(buffer) >= buflen - 1) + return NULL; + return buffer; +} +#endif /* HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN */ + +static nss_status_t read_result(TFILE *fp, nss_XbyY_args_t *args) +{ + READ_RESULT(spwd, &args->erange); +} + +static nss_status_t shadow_getspnam(nss_backend_t UNUSED(*be), void *args) +{ + NSS_GETONE(NSLCD_ACTION_SHADOW_BYNAME, + WRITE_STRING(fp, NSS_ARGS(args)->key. name), + read_result(fp, args)); +} + +static nss_status_t shadow_setspent(nss_backend_t *be, void UNUSED(*args)) +{ + NSS_SETENT(LDAP_BE(be)->fp); +} + +static nss_status_t shadow_getspent(nss_backend_t *be, void *args) +{ + NSS_GETENT(LDAP_BE(be)->fp, NSLCD_ACTION_SHADOW_ALL, + read_result(LDAP_BE(be)->fp, args)); +} + +static nss_status_t shadow_endspent(nss_backend_t *be, void UNUSED(*args)) +{ + NSS_ENDENT(LDAP_BE(be)->fp); +} + +static nss_backend_op_t shadow_ops[] = { + nss_ldap_destructor, + shadow_endspent, + shadow_setspent, + shadow_getspent, + shadow_getspnam +}; + +nss_backend_t *NSS_NAME(shadow_constr)(const char UNUSED(*db_name), + const char UNUSED(*src_name), + const char UNUSED(*cfg_args)) +{ + return nss_ldap_constructor(shadow_ops, sizeof(shadow_ops)); +} + +#endif /* NSS_FLAVOUR_SOLARIS */ diff --git a/nss/solnss.c b/nss/solnss.c new file mode 100644 index 0000000..bc00252 --- /dev/null +++ b/nss/solnss.c @@ -0,0 +1,49 @@ +/* + solnss.c - Solaris specific NSS interface functions + + Copyright (C) 2010, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include + +#include "prototypes.h" +#include "common.h" +#include "compat/attrs.h" + +nss_backend_t *nss_ldap_constructor(nss_backend_op_t *ops, size_t sizeofops) +{ + struct nss_ldap_backend *ldapbe; + ldapbe = (struct nss_ldap_backend *)malloc(sizeof(struct nss_ldap_backend)); + if (ldapbe == NULL) + return NULL; + ldapbe->ops = ops; + ldapbe->n_ops = sizeofops / sizeof(nss_backend_op_t); + ldapbe->fp = NULL; + return (nss_backend_t *)ldapbe; +} + +nss_status_t nss_ldap_destructor(nss_backend_t *be, void UNUSED(*args)) +{ + struct nss_ldap_backend *ldapbe = (struct nss_ldap_backend *)be; + if (ldapbe->fp != NULL) + (void)tio_close(ldapbe->fp); + free(ldapbe); + return NSS_STATUS_SUCCESS; +} diff --git a/nss/solnss.h b/nss/solnss.h new file mode 100644 index 0000000..a01d520 --- /dev/null +++ b/nss/solnss.h @@ -0,0 +1,113 @@ +/* + solnss.h - common functions for NSS lookups on Solaris + + Copyright (C) 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef NSS__SOLNSS_H +#define NSS__SOLNSS_H 1 +#ifdef NSS_FLAVOUR_SOLARIS + +/* extra definitions we need (Solaris NSS functions don't pass errno) + also clear the output values */ +#ifdef HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN +#define NSS_EXTRA_DEFS \ + int *errnop = &(errno); \ + NSS_ARGS(args)->returnval = NULL; \ + NSS_ARGS(args)->returnlen = 0; \ + NSS_ARGS(args)->erange = 0; \ + NSS_ARGS(args)->h_errno = 0; +#else /* not HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN */ +#define NSS_EXTRA_DEFS \ + int *errnop = &(errno); \ + NSS_ARGS(args)->returnval = NULL; \ + NSS_ARGS(args)->erange = 0; \ + NSS_ARGS(args)->h_errno = 0; +#endif /* not HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN */ + +/* check validity of passed buffer (Solaris flavour) */ +#define NSS_BUFCHECK \ + if ((NSS_ARGS(args)->buf.buffer == NULL) || \ + (NSS_ARGS(args)->buf.buflen <= 0)) \ + { \ + NSS_ARGS(args)->erange = 1; \ + return NSS_STATUS_TRYAGAIN; \ + } + +/* wrapper function body for read_xxxent that does the buffer handling, + return code handling and conversion to strings for nscd + (also see READ_RESULT_STRING below) */ +#define READ_RESULT(ent, extra...) \ + nss_status_t retv; \ + READ_RESULT_STRING(ent, ##extra) \ + /* read the entry */ \ + retv = read_##ent(fp, args->buf.result, args->buf.buffer, \ + args->buf.buflen, ##extra); \ + if (retv != NSS_STATUS_SUCCESS) \ + return retv; \ + args->returnval = args->buf.result; \ + return NSS_STATUS_SUCCESS; + +/* provide result handling for when libc (or nscd) expects the returned + values to be in string format */ +#ifdef HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN +#define READ_RESULT_STRING(ent, extra...) \ + struct ent result; \ + char *buffer; \ + /* try to return in string format if requested */ \ + if (args->buf.result == NULL) \ + { \ + /* read the entry into a temporary buffer */ \ + buffer = (char *)malloc(args->buf.buflen); \ + if (buffer == NULL) \ + return NSS_STATUS_UNAVAIL; \ + retv = read_##ent(fp, &result, buffer, args->buf.buflen, ##extra); \ + /* format to string */ \ + if (retv == NSS_STATUS_SUCCESS) \ + if (ent##2str(&result, args->buf.buffer, args->buf.buflen) == NULL) \ + { \ + args->erange = 1; \ + retv = NSS_NOTFOUND; \ + } \ + /* clean up and return result */ \ + free(buffer); \ + if (retv != NSS_STATUS_SUCCESS) \ + return retv; \ + args->returnval = args->buf.buffer; \ + args->returnlen = strlen(args->returnval); \ + return NSS_STATUS_SUCCESS; \ + } +#else /* not HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN */ +#define READ_RESULT_STRING(ent, extra...) ; +#endif /* not HAVE_STRUCT_NSS_XBYY_ARGS_RETURNLEN */ + +/* this is the backend structure for Solaris */ +struct nss_ldap_backend { + nss_backend_op_t *ops; /* function-pointer table */ + int n_ops; /* number of function pointers */ + TFILE *fp; /* file pointer for {set,get,end}ent() functions */ +}; + +/* constructor for LDAP backends */ +nss_backend_t *nss_ldap_constructor(nss_backend_op_t *ops, size_t sizeofops); + +/* destructor for LDAP backends */ +nss_status_t nss_ldap_destructor(nss_backend_t *be, void UNUSED(*args)); + +#endif /* NSS_FLAVOUR_SOLARIS */ +#endif /* not NSS__COMMON_H */ diff --git a/pam/Makefile.am b/pam/Makefile.am new file mode 100644 index 0000000..f054e04 --- /dev/null +++ b/pam/Makefile.am @@ -0,0 +1,43 @@ +# Makefile.am - use automake to generate Makefile.in +# +# Copyright (C) 2009, 2010, 2011 Arthur de Jong +# Copyright (C) 2010 Symas Corporation +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +noinst_PROGRAMS = pam_ldap.so + +AM_CPPFLAGS=-I$(top_srcdir) +AM_CFLAGS = $(PIC_CFLAGS) + +pam_ldap_so_SOURCES = ../nslcd.h ../common/nslcd-prot.h \ + ../compat/attrs.h pam.c common.h +pam_ldap_so_LDADD = ../common/libtio.a ../common/libprot.a \ + ../compat/libcompat.a \ + -lpam + +EXTRA_DIST = pam_ldap.map + +install-exec-local: install-pam_ldap_so +uninstall-local: uninstall-pam_ldap_so + +install-pam_ldap_so: pam_ldap.so + -rm -f $(DESTDIR)$(PAM_SECLIB_DIR)/$(PAM_LDAP_SONAME) + $(mkinstalldirs) $(DESTDIR)$(PAM_SECLIB_DIR) + $(INSTALL_PROGRAM) pam_ldap.so $(DESTDIR)$(PAM_SECLIB_DIR)/$(PAM_LDAP_SONAME) + +uninstall-pam_ldap_so: + -rm -f $(DESTDIR)$(PAM_SECLIB_DIR)/$(PAM_LDAP_SONAME) diff --git a/pam/Makefile.in b/pam/Makefile.in new file mode 100644 index 0000000..f1a55c8 --- /dev/null +++ b/pam/Makefile.in @@ -0,0 +1,612 @@ +# Makefile.in generated by automake 1.15.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2017 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# Makefile.am - use automake to generate Makefile.in +# +# Copyright (C) 2009, 2010, 2011 Arthur de Jong +# Copyright (C) 2010 Symas Corporation +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +VPATH = @srcdir@ +am__is_gnu_make = { \ + if test -z '$(MAKELEVEL)'; then \ + false; \ + elif test -n '$(MAKE_HOST)'; then \ + true; \ + elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ + true; \ + else \ + false; \ + fi; \ +} +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +target_triplet = @target@ +noinst_PROGRAMS = pam_ldap.so$(EXEEXT) +subdir = pam +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_pthread.m4 \ + $(top_srcdir)/m4/ax_python_module.m4 \ + $(top_srcdir)/m4/ax_tls.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +PROGRAMS = $(noinst_PROGRAMS) +am_pam_ldap_so_OBJECTS = pam.$(OBJEXT) +pam_ldap_so_OBJECTS = $(am_pam_ldap_so_OBJECTS) +pam_ldap_so_DEPENDENCIES = ../common/libtio.a ../common/libprot.a \ + ../compat/libcompat.a +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = +SOURCES = $(pam_ldap_so_SOURCES) +DIST_SOURCES = $(pam_ldap_so_SOURCES) +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp \ + $(top_srcdir)/mkinstalldirs +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DOCBOOK2X_MAN = @DOCBOOK2X_MAN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ +MODULE_NAME = @MODULE_NAME@ +NSLCD_BINDPW_PATH = @NSLCD_BINDPW_PATH@ +NSLCD_CONF_PATH = @NSLCD_CONF_PATH@ +NSLCD_PIDFILE = @NSLCD_PIDFILE@ +NSLCD_SOCKET = @NSLCD_SOCKET@ +NSS_FLAVOUR = @NSS_FLAVOUR@ +NSS_LDAP_SONAME = @NSS_LDAP_SONAME@ +NSS_MODULE_OBJS = @NSS_MODULE_OBJS@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PAM_LDAP_SONAME = @PAM_LDAP_SONAME@ +PAM_SECLIB_DIR = @PAM_SECLIB_DIR@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PIC_CFLAGS = @PIC_CFLAGS@ +PTHREAD_CC = @PTHREAD_CC@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LIBS = @PTHREAD_LIBS@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ +RANLIB = @RANLIB@ +RELEASE_MONTH = @RELEASE_MONTH@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +ax_pthread_config = @ax_pthread_config@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +nslcd_LIBS = @nslcd_LIBS@ +nss_ldap_so_LDFLAGS = @nss_ldap_so_LDFLAGS@ +nss_ldap_so_LINK = @nss_ldap_so_LINK@ +oldincludedir = @oldincludedir@ +pam_ldap_so_LDFLAGS = @pam_ldap_so_LDFLAGS@ +pam_ldap_so_LINK = @pam_ldap_so_LINK@ +pdfdir = @pdfdir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ +runstatedir = @runstatedir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target = @target@ +target_alias = @target_alias@ +target_cpu = @target_cpu@ +target_os = @target_os@ +target_vendor = @target_vendor@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +AM_CPPFLAGS = -I$(top_srcdir) +AM_CFLAGS = $(PIC_CFLAGS) +pam_ldap_so_SOURCES = ../nslcd.h ../common/nslcd-prot.h \ + ../compat/attrs.h pam.c common.h + +pam_ldap_so_LDADD = ../common/libtio.a ../common/libprot.a \ + ../compat/libcompat.a \ + -lpam + +EXTRA_DIST = pam_ldap.map +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .o .obj +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu pam/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu pam/Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +clean-noinstPROGRAMS: + -test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS) + +pam_ldap.so$(EXEEXT): $(pam_ldap_so_OBJECTS) $(pam_ldap_so_DEPENDENCIES) $(EXTRA_pam_ldap_so_DEPENDENCIES) + @rm -f pam_ldap.so$(EXEEXT) + $(AM_V_GEN)$(pam_ldap_so_LINK) $(pam_ldap_so_OBJECTS) $(pam_ldap_so_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam.Po@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< + +.c.obj: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` + +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(PROGRAMS) +installdirs: +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-noinstPROGRAMS mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: install-exec-local + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-local + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ + clean-noinstPROGRAMS cscopelist-am ctags ctags-am distclean \ + distclean-compile distclean-generic distclean-tags distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-dvi install-dvi-am \ + install-exec install-exec-am install-exec-local install-html \ + install-html-am install-info install-info-am install-man \ + install-pdf install-pdf-am install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic pdf pdf-am ps ps-am \ + tags tags-am uninstall uninstall-am uninstall-local + +.PRECIOUS: Makefile + + +install-exec-local: install-pam_ldap_so +uninstall-local: uninstall-pam_ldap_so + +install-pam_ldap_so: pam_ldap.so + -rm -f $(DESTDIR)$(PAM_SECLIB_DIR)/$(PAM_LDAP_SONAME) + $(mkinstalldirs) $(DESTDIR)$(PAM_SECLIB_DIR) + $(INSTALL_PROGRAM) pam_ldap.so $(DESTDIR)$(PAM_SECLIB_DIR)/$(PAM_LDAP_SONAME) + +uninstall-pam_ldap_so: + -rm -f $(DESTDIR)$(PAM_SECLIB_DIR)/$(PAM_LDAP_SONAME) + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/pam/common.h b/pam/common.h new file mode 100644 index 0000000..0cde6c7 --- /dev/null +++ b/pam/common.h @@ -0,0 +1,100 @@ +/* + common.h - common functions for PAM lookups + + Copyright (C) 2009, 2010, 2011, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef PAM__COMMON_H +#define PAM__COMMON_H 1 + +#include + +#include "nslcd.h" +#include "common/nslcd-prot.h" +#include "compat/attrs.h" + +/* These are macros for handling read and write problems, they are + PAM specific due to the return code so are defined here. They + genrally close the open file, set an error code and return with + an error status. */ + +/* Macro is called to handle errors in opening a client connection. */ +#define ERROR_OUT_OPENERROR \ + pam_syslog(pamh, LOG_ERR, "error opening connection to nslcd: %s", \ + strerror(errno)); \ + return PAM_AUTHINFO_UNAVAIL; + +/* Macro is called to handle errors on read operations. */ +#define ERROR_OUT_READERROR(fp) \ + pam_syslog(pamh, LOG_ERR, "error reading from nslcd: %s", \ + strerror(errno)); \ + (void)tio_close(fp); \ + return PAM_AUTHINFO_UNAVAIL; + +/* Macro is called to handle problems with too small a buffer. */ +#define ERROR_OUT_BUFERROR(fp) \ + pam_syslog(pamh, LOG_CRIT, "buffer %d bytes too small", tmpint32); \ + (void)tio_close(fp); \ + return PAM_SYSTEM_ERR; + +/* This macro is called if there was a problem with a write + operation. */ +#define ERROR_OUT_WRITEERROR(fp) \ + pam_syslog(pamh, LOG_ERR, "error writing to nslcd: %s", \ + strerror(errno)); \ + (void)tio_close(fp); \ + return PAM_AUTHINFO_UNAVAIL; + +/* This macro is called if the read status code is not + NSLCD_RESULT_BEGIN. */ +#define ERROR_OUT_NOSUCCESS(fp) \ + (void)tio_close(fp); \ + if (cfg->debug) \ + pam_syslog(pamh, LOG_DEBUG, "user not handled by nslcd"); \ + return PAM_USER_UNKNOWN; + +/* This is a generic PAM request generation macro. The action + parameter is the NSLCD_ACTION_.. action, the writefn is the + operation for writing the parameter and readfn is the function + name for reading a single result entry. The function is assumed + to have result, buffer, buflen and errnop parameters that define + the result structure, the user buffer with length and the + errno to return. This macro should be called through some of + the customized ones below. */ +#define PAM_REQUEST(action, debuglog, writefn, readfn) \ + TFILE *fp; \ + int32_t tmpint32; \ + if (cfg->debug) \ + debuglog; \ + /* open socket and write request */ \ + NSLCD_REQUEST(fp, action, writefn); \ + /* read response code */ \ + READ_RESPONSE_CODE(fp); \ + /* read the response */ \ + readfn; \ + /* close socket and we're done */ \ + (void)tio_close(fp); \ + return PAM_SUCCESS; + +/* helper macro to read PAM status code (auto-translated from NSLCD PAM + status code */ +#define READ_PAM_CODE(fp, i) \ + READ(fp, &tmpint32, sizeof(int32_t)); \ + (i) = nslcd2pam_rc(pamh, ntohl(tmpint32)); + +#endif /* not PAM__COMMON_H */ diff --git a/pam/pam.c b/pam/pam.c new file mode 100644 index 0000000..a3a18f8 --- /dev/null +++ b/pam/pam.c @@ -0,0 +1,799 @@ +/* + pam.c - pam module functions + + Copyright (C) 2009 Howard Chu + Copyright (C) 2009-2015 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include +#include + +/* these are defined (before including pam_modules.h) for staticly linking */ +#define PAM_SM_AUTH +#define PAM_SM_ACCOUNT +#define PAM_SM_SESSION +#define PAM_SM_PASSWORD + +#include "common.h" +#include "compat/attrs.h" +#include "compat/pam_compat.h" + +#ifdef HAVE_SECURITY_PAM_APPL_H +#include +#endif /* HAVE_SECURITY_PAM_APPL_H */ +#ifndef HAVE_PAM_PAM_MODULES_H +#include +#ifdef HAVE_SECURITY_PAM_EXT_H +#include +#endif /* HAVE_SECURITY_PAM_EXT_H */ +#else /* not HAVE_PAM_PAM_MODULES_H */ +#include +#endif /* not HAVE_PAM_PAM_MODULES_H */ + +/* the name we store our context under */ +#define PLD_CTX "PAM_LDAPD_CTX" + +/* structure that stores the results for an nslcd call */ +struct nslcd_resp { + int res; + char msg[1024]; +}; + +/* this struct represents the context that the PAM module keeps + between calls */ +struct pld_ctx { + char *username; + struct nslcd_resp saved_authz; + struct nslcd_resp saved_session; + int asroot; + char *oldpassword; +}; + +/* clear the context to all empty values */ +static void ctx_clear(struct pld_ctx *ctx) +{ + if (ctx->username) + { + free(ctx->username); + ctx->username = NULL; + } + ctx->saved_authz.res = PAM_SUCCESS; + memset(ctx->saved_authz.msg, 0, sizeof(ctx->saved_authz.msg)); + ctx->saved_session.res = PAM_SUCCESS; + memset(ctx->saved_session.msg, 0, sizeof(ctx->saved_session.msg)); + ctx->asroot = 0; + if (ctx->oldpassword) + { + memset(ctx->oldpassword, 0, strlen(ctx->oldpassword)); + free(ctx->oldpassword); + ctx->oldpassword = NULL; + } +} + +/* free the context (this is installed as handler into PAM) */ +static void ctx_free(pam_handle_t UNUSED(*pamh), void *data, int UNUSED(err)) +{ + struct pld_ctx *ctx = data; + ctx_clear(ctx); + free(ctx); +} + +/* try to get the module's context, returns a PAM status code */ +static int ctx_get(pam_handle_t *pamh, const char *username, struct pld_ctx **pctx) +{ + struct pld_ctx *ctx = NULL; + int rc; + /* try to get the context from PAM */ + rc = pam_get_data(pamh, PLD_CTX, (const void **)&ctx); + if ((rc == PAM_SUCCESS) && (ctx != NULL)) + { + /* if the user is different clear the context */ + if ((ctx->username != NULL) && (strcmp(ctx->username, username) != 0)) + ctx_clear(ctx); + } + else + { + /* allocate a new context */ + ctx = calloc(1, sizeof(struct pld_ctx)); + if (ctx == NULL) + { + pam_syslog(pamh, LOG_CRIT, "calloc(): failed to allocate memory: %s", + strerror(errno)); + return PAM_BUF_ERR; + } + ctx_clear(ctx); + /* store the new context with the handler to free it */ + rc = pam_set_data(pamh, PLD_CTX, ctx, ctx_free); + if (rc != PAM_SUCCESS) + { + ctx_free(pamh, ctx, 0); + pam_syslog(pamh, LOG_ERR, "failed to store context: %s", + pam_strerror(pamh, rc)); + return rc; + } + } + /* save the username in the context */ + if (ctx->username == NULL) + ctx->username = strdup(username); + /* return the context */ + *pctx = ctx; + return PAM_SUCCESS; +} + +/* our PAM module configuration */ +struct pld_cfg { + int nullok; + int no_warn; + int ignore_unknown_user; + int ignore_authinfo_unavail; + int debug; + uid_t minimum_uid; +}; + +static void cfg_init(pam_handle_t *pamh, int flags, + int argc, const char **argv, + struct pld_cfg *cfg) +{ + int i; + /* initialise config with defaults */ + cfg->nullok = 0; + cfg->no_warn = 0; + cfg->ignore_unknown_user = 0; + cfg->ignore_authinfo_unavail = 0; + cfg->debug = 0; + cfg->minimum_uid = 0; + /* go over arguments */ + for (i = 0; i < argc; i++) + { + if (strcmp(argv[i], "use_first_pass") == 0) + /* ignore, this option is used by pam_get_authtok() internally */ ; + else if (strcmp(argv[i], "try_first_pass") == 0) + /* ignore, this option is used by pam_get_authtok() internally */ ; + else if (strcmp(argv[i], "nullok") == 0) + cfg->nullok = 1; + else if (strcmp(argv[i], "use_authtok") == 0) + /* ignore, this option is used by pam_get_authtok() internally */ ; + else if (strcmp(argv[i], "no_warn") == 0) + cfg->no_warn = 1; + else if (strcmp(argv[i], "ignore_unknown_user") == 0) + cfg->ignore_unknown_user = 1; + else if (strcmp(argv[i], "ignore_authinfo_unavail") == 0) + cfg->ignore_authinfo_unavail = 1; + else if (strcmp(argv[i], "debug") == 0) + cfg->debug = 1; + else if (strncmp(argv[i], "minimum_uid=", 12) == 0) + cfg->minimum_uid = (uid_t)atoi(argv[i] + 12); + else + pam_syslog(pamh, LOG_ERR, "unknown option: %s", argv[i]); + } + /* check flags */ + if (flags & PAM_SILENT) + cfg->no_warn = 1; +} + +static int init(pam_handle_t *pamh, struct pld_cfg *cfg, struct pld_ctx **ctx, + const char **username, const char **service, const char **ruser, + const char **rhost, const char **tty) +{ + int rc; + struct passwd *pwent; + /* get user name */ + rc = pam_get_user(pamh, username, NULL); + if (rc != PAM_SUCCESS) + { + pam_syslog(pamh, LOG_ERR, "failed to get user name: %s", pam_strerror(pamh, rc)); + return rc; + } + if ((*username == NULL) || ((*username)[0] == '\0')) + { + pam_syslog(pamh, LOG_ERR, "got empty user name"); + return PAM_USER_UNKNOWN; + } + /* check uid */ + if (cfg->minimum_uid > 0) + { + pwent = pam_modutil_getpwnam(args->pamh, *username); + if ((pwent != NULL) && (pwent->pw_uid < cfg->minimum_uid)) + { + if (cfg->debug) + pam_syslog(pamh, LOG_DEBUG, "uid below minimum_uid; user=%s uid=%ld", + *username, (long)pwent->pw_uid); + return cfg->ignore_unknown_user ? PAM_IGNORE : PAM_USER_UNKNOWN; + } + } + /* get our context */ + rc = ctx_get(pamh, *username, ctx); + if (rc != PAM_SUCCESS) + return rc; + /* get service name */ + rc = pam_get_item(pamh, PAM_SERVICE, (PAM_ITEM_CONST void **)service); + if (rc != PAM_SUCCESS) + { + pam_syslog(pamh, LOG_ERR, "failed to get service name: %s", + pam_strerror(pamh, rc)); + return rc; + } + /* get more PAM information (ignore errors) */ + pam_get_item(pamh, PAM_RUSER, (PAM_ITEM_CONST void **)ruser); + pam_get_item(pamh, PAM_RHOST, (PAM_ITEM_CONST void **)rhost); + pam_get_item(pamh, PAM_TTY, (PAM_ITEM_CONST void **)tty); + return PAM_SUCCESS; +} + +/* map a NSLCD PAM status code to a PAM status code */ +static int nslcd2pam_rc(pam_handle_t *pamh, int rc) +{ +#define map(i) case NSLCD_##i: return i; + switch (rc) + { + map(PAM_SUCCESS); + map(PAM_PERM_DENIED); + map(PAM_AUTH_ERR); + map(PAM_CRED_INSUFFICIENT); + map(PAM_AUTHINFO_UNAVAIL); + map(PAM_USER_UNKNOWN); + map(PAM_MAXTRIES); + map(PAM_NEW_AUTHTOK_REQD); + map(PAM_ACCT_EXPIRED); + map(PAM_SESSION_ERR); + map(PAM_AUTHTOK_ERR); + map(PAM_AUTHTOK_DISABLE_AGING); + map(PAM_IGNORE); + map(PAM_ABORT); + map(PAM_AUTHTOK_EXPIRED); + default: + pam_syslog(pamh, LOG_ERR, "unknown NSLCD_PAM_* code returned: %d", rc); + return PAM_ABORT; + } +} + +/* check whether the specified user is handled by nslcd */ +static int nslcd_request_exists(pam_handle_t *pamh, struct pld_cfg *cfg, + const char *username) +{ + PAM_REQUEST( + NSLCD_ACTION_PASSWD_BYNAME, + /* log debug message */ + pam_syslog(pamh, LOG_DEBUG, "nslcd account check; user=%s", username), + /* write the request parameters */ + WRITE_STRING(fp, username), + /* read the result entry (skip it completely) */ + SKIP_STRING(fp); /* user name */ + SKIP_STRING(fp); /* passwd entry */ + SKIP(fp, sizeof(int32_t)); /* uid */ + SKIP(fp, sizeof(int32_t)); /* gid */ + SKIP_STRING(fp); /* gecos */ + SKIP_STRING(fp); /* home dir */ + SKIP_STRING(fp); /* shell */ + ) +} + +/* perform an authentication call over nslcd */ +static int nslcd_request_authc(pam_handle_t *pamh, struct pld_cfg *cfg, + const char *username, const char *service, + const char *ruser, const char *rhost, + const char *tty, const char *passwd, + struct nslcd_resp *authc_resp, + struct nslcd_resp *authz_resp) +{ + PAM_REQUEST( + NSLCD_ACTION_PAM_AUTHC, + /* log debug message */ + pam_syslog(pamh, LOG_DEBUG, "nslcd authentication; user=%s", username), + /* write the request parameters */ + WRITE_STRING(fp, username); + WRITE_STRING(fp, service); + WRITE_STRING(fp, ruser); + WRITE_STRING(fp, rhost); + WRITE_STRING(fp, tty); + WRITE_STRING(fp, passwd), + /* read the result entry */ + READ_PAM_CODE(fp, authc_resp->res); + READ_STRING(fp, authc_resp->msg); /* user name */ + /* if we want the authorisation response, save it, otherwise skip it */ + if (authz_resp != NULL) + { + READ_PAM_CODE(fp, authz_resp->res); + READ_STRING(fp, authz_resp->msg); + } + else + { + SKIP(fp, sizeof(int32_t)); + SKIP_STRING(fp); + } + ) +} + +/* perform an authorisation call over nslcd */ +static int nslcd_request_authz(pam_handle_t *pamh, struct pld_cfg *cfg, + const char *username, const char *service, + const char *ruser, const char *rhost, + const char *tty, struct nslcd_resp *resp) +{ + PAM_REQUEST( + NSLCD_ACTION_PAM_AUTHZ, + /* log debug message */ + pam_syslog(pamh, LOG_DEBUG, "nslcd authorisation; user=%s", username), + /* write the request parameters */ + WRITE_STRING(fp, username); + WRITE_STRING(fp, service); + WRITE_STRING(fp, ruser); + WRITE_STRING(fp, rhost); + WRITE_STRING(fp, tty), + /* read the result entry */ + READ_PAM_CODE(fp, resp->res); + READ_STRING(fp, resp->msg); + ) +} + +/* do a session open nslcd request */ +static int nslcd_request_sess_o(pam_handle_t *pamh, struct pld_cfg *cfg, + const char *username, const char *service, + const char *ruser, const char *rhost, + const char *tty, struct nslcd_resp *resp) +{ + PAM_REQUEST( + NSLCD_ACTION_PAM_SESS_O, + /* log debug message */ + pam_syslog(pamh, LOG_DEBUG, "nslcd session open; user=%s", username), + /* write the request parameters */ + WRITE_STRING(fp, username); + WRITE_STRING(fp, service); + WRITE_STRING(fp, ruser); + WRITE_STRING(fp, rhost); + WRITE_STRING(fp, tty), + /* read the result entry */ + READ_STRING(fp, resp->msg) + ) +} + +/* do a session close nslcd request */ +static int nslcd_request_sess_c(pam_handle_t *pamh, struct pld_cfg *cfg, + const char *username, const char *service, + const char *ruser, const char *rhost, + const char *tty, const char *sessid) +{ + PAM_REQUEST( + NSLCD_ACTION_PAM_SESS_C, + /* log debug message */ + pam_syslog(pamh, LOG_DEBUG, "nslcd session close; user=%s", username), + /* write the request parameters */ + WRITE_STRING(fp, username); + WRITE_STRING(fp, service); + WRITE_STRING(fp, ruser); + WRITE_STRING(fp, rhost); + WRITE_STRING(fp, tty); + WRITE_STRING(fp, sessid), + /* no result entry to read */ ; + ) +} + +/* do a password modification nslcd call */ +static int nslcd_request_pwmod(pam_handle_t *pamh, struct pld_cfg *cfg, + const char *username, const char *service, + const char *ruser, const char *rhost, + const char *tty, int asroot, + const char *oldpasswd, const char *newpasswd, + struct nslcd_resp *resp) +{ + PAM_REQUEST( + NSLCD_ACTION_PAM_PWMOD, + /* log debug message */ + pam_syslog(pamh, LOG_DEBUG, "nslcd password modify; user=%s", username), + /* write the request parameters */ + WRITE_STRING(fp, username); + WRITE_STRING(fp, service); + WRITE_STRING(fp, ruser); + WRITE_STRING(fp, rhost); + WRITE_STRING(fp, tty); + WRITE_INT32(fp, asroot); + WRITE_STRING(fp, oldpasswd); + WRITE_STRING(fp, newpasswd), + /* read the result entry */ + READ_PAM_CODE(fp, resp->res); + READ_STRING(fp, resp->msg); + ) +} + +static int nslcd_request_config_get(pam_handle_t *pamh, struct pld_cfg *cfg, + int cfgopt, struct nslcd_resp *resp) +{ + PAM_REQUEST( + NSLCD_ACTION_CONFIG_GET, + /* log debug message */ + pam_syslog(pamh, LOG_DEBUG, "nslcd request config (%d)", cfgopt), + /* write the request parameter */ + WRITE_INT32(fp, cfgopt), + /* read the result entry */ + READ_STRING(fp, resp->msg); + ) +} + +/* remap the return code based on the configuration */ +static int remap_pam_rc(int rc, struct pld_cfg *cfg) +{ + if ((rc == PAM_AUTHINFO_UNAVAIL) && cfg->ignore_authinfo_unavail) + return PAM_IGNORE; + if ((rc == PAM_USER_UNKNOWN) && cfg->ignore_unknown_user) + return PAM_IGNORE; + return rc; +} + +/* PAM authentication check */ +int pam_sm_authenticate(pam_handle_t *pamh, int flags, + int argc, const char **argv) +{ + int rc; + struct pld_cfg cfg; + struct pld_ctx *ctx; + const char *username, *service; + const char *ruser = NULL, *rhost = NULL, *tty = NULL; + char *passwd = NULL; + struct nslcd_resp resp; + /* set up configuration */ + cfg_init(pamh, flags, argc, argv, &cfg); + rc = init(pamh, &cfg, &ctx, &username, &service, &ruser, &rhost, &tty); + if (rc != PAM_SUCCESS) + return remap_pam_rc(rc, &cfg); + /* if service is "passwd" and pwdmod is not allowed alert user */ + if (!strcmp(service, "passwd")) + { + rc = nslcd_request_config_get(pamh, &cfg, NSLCD_CONFIG_PAM_PASSWORD_PROHIBIT_MESSAGE, + &resp); + if ((rc == PAM_SUCCESS) && (resp.msg[0] != '\0')) + { + /* we silently ignore errors to get the configuration option */ + pam_syslog(pamh, LOG_NOTICE, "password change prohibited: %s; user=%s", + resp.msg, username); + if (!cfg.no_warn) + pam_error(pamh, "%s", resp.msg); + return remap_pam_rc(PAM_PERM_DENIED, &cfg); + } + } + /* prompt the user for a password */ + rc = pam_get_authtok(pamh, PAM_AUTHTOK, (const char **)&passwd, NULL); + if (rc != PAM_SUCCESS) + { + pam_syslog(pamh, LOG_ERR, "failed to get password: %s", + pam_strerror(pamh, rc)); + return rc; + } + /* check password */ + if (!cfg.nullok && ((passwd == NULL) || (passwd[0] == '\0'))) + { + if (cfg.debug) + pam_syslog(pamh, LOG_DEBUG, "user has empty password, access denied"); + return PAM_AUTH_ERR; + } + /* do the nslcd request */ + rc = nslcd_request_authc(pamh, &cfg, username, service, ruser, rhost, tty, + passwd, &resp, &(ctx->saved_authz)); + if (rc != PAM_SUCCESS) + return remap_pam_rc(rc, &cfg); + /* check the authentication result */ + if (resp.res != PAM_SUCCESS) + { + pam_syslog(pamh, LOG_NOTICE, "%s; user=%s", + pam_strerror(pamh, resp.res), username); + return remap_pam_rc(resp.res, &cfg); + } + /* debug log */ + if (cfg.debug) + pam_syslog(pamh, LOG_DEBUG, "authentication succeeded"); + /* if password change is required, save old password in context */ + if ((ctx->saved_authz.res == PAM_NEW_AUTHTOK_REQD) && (ctx->oldpassword == NULL)) + ctx->oldpassword = strdup(passwd); + /* update caller's idea of the user name */ + if ((resp.msg[0] != '\0') && (strcmp(resp.msg, username) != 0)) + { + pam_syslog(pamh, LOG_INFO, "username changed from %s to %s", + username, resp.msg); + rc = pam_set_item(pamh, PAM_USER, resp.msg); + /* empty the username in the context to not loose our context */ + if (ctx->username != NULL) + { + free(ctx->username); + ctx->username = NULL; + } + } + return rc; +} + +/* called to update the authentication credentials */ +int pam_sm_setcred(pam_handle_t UNUSED(*pamh), int UNUSED(flags), + int UNUSED(argc), const char UNUSED(**argv)) +{ + /* we don't need to do anything here */ + return PAM_SUCCESS; +} + +/* PAM authorisation check */ +int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, + int argc, const char **argv) +{ + int rc; + struct pld_cfg cfg; + struct pld_ctx *ctx; + const char *username, *service; + const char *ruser = NULL, *rhost = NULL, *tty = NULL; + struct nslcd_resp authz_resp; + const char *msg = NULL; + /* set up configuration */ + cfg_init(pamh, flags, argc, argv, &cfg); + rc = init(pamh, &cfg, &ctx, &username, &service, &ruser, &rhost, &tty); + if (rc != PAM_SUCCESS) + return remap_pam_rc(rc, &cfg); + /* do the nslcd request */ + rc = nslcd_request_authz(pamh, &cfg, username, service, ruser, rhost, tty, + &authz_resp); + if (rc != PAM_SUCCESS) + return remap_pam_rc(rc, &cfg); + /* check the returned authorisation value and the value from authentication */ + if (authz_resp.res != PAM_SUCCESS) + { + rc = authz_resp.res; + msg = authz_resp.msg; + } + else if (ctx->saved_authz.res != PAM_SUCCESS) + { + rc = ctx->saved_authz.res; + msg = ctx->saved_authz.msg; + } + if (rc != PAM_SUCCESS) + { + /* turn in to generic PAM error message if message is empty */ + if ((msg == NULL) || (msg[0] == '\0')) + { + msg = pam_strerror(pamh, rc); + pam_syslog(pamh, LOG_NOTICE, "%s; user=%s", msg, username); + } + else + pam_syslog(pamh, LOG_NOTICE, "%s; user=%s; err=%s", + msg, username, pam_strerror(pamh, rc)); + rc = remap_pam_rc(rc, &cfg); + if ((rc != PAM_IGNORE) && (!cfg.no_warn)) + pam_error(pamh, "%s", msg); + return rc; + } + if (cfg.debug) + pam_syslog(pamh, LOG_DEBUG, "authorization succeeded"); + /* present any informational messages to the user */ + if ((authz_resp.msg[0] != '\0') && (!cfg.no_warn)) + { + pam_info(pamh, "%s", authz_resp.msg); + pam_syslog(pamh, LOG_INFO, "%s; user=%s", + authz_resp.msg, username); + } + if ((ctx->saved_authz.msg[0] != '\0') && (!cfg.no_warn)) + { + pam_info(pamh, "%s", ctx->saved_authz.msg); + pam_syslog(pamh, LOG_INFO, "%s; user=%s", + ctx->saved_authz.msg, username); + } + return PAM_SUCCESS; +} + +/* PAM session open call */ +int pam_sm_open_session(pam_handle_t *pamh, int flags, + int argc, const char **argv) +{ + int rc; + struct pld_cfg cfg; + struct pld_ctx *ctx; + const char *username, *service; + const char *ruser = NULL, *rhost = NULL, *tty = NULL; + /* set up configuration */ + cfg_init(pamh, flags, argc, argv, &cfg); + rc = init(pamh, &cfg, &ctx, &username, &service, &ruser, &rhost, &tty); + if (rc != PAM_SUCCESS) + return remap_pam_rc(rc, &cfg); + /* do the nslcd request */ + rc = nslcd_request_sess_o(pamh, &cfg, username, service, ruser, rhost, + tty, &(ctx->saved_session)); + if (rc != PAM_SUCCESS) + return remap_pam_rc(rc, &cfg); + /* debug log */ + if (cfg.debug) + pam_syslog(pamh, LOG_DEBUG, "session open succeeded; session_id=%s", + ctx->saved_session.msg); + return PAM_SUCCESS; +} + +/* PAM session close call */ +int pam_sm_close_session(pam_handle_t *pamh, int flags, + int argc, const char **argv) +{ + int rc; + struct pld_cfg cfg; + struct pld_ctx *ctx; + const char *username, *service; + const char *ruser = NULL, *rhost = NULL, *tty = NULL; + /* set up configuration */ + cfg_init(pamh, flags, argc, argv, &cfg); + rc = init(pamh, &cfg, &ctx, &username, &service, &ruser, &rhost, &tty); + if (rc != PAM_SUCCESS) + return remap_pam_rc(rc, &cfg); + /* do the nslcd request */ + rc = nslcd_request_sess_c(pamh, &cfg, username, service, ruser, rhost, + tty, ctx->saved_session.msg); + if (rc != PAM_SUCCESS) + return remap_pam_rc(rc, &cfg); + /* debug log */ + if (cfg.debug) + pam_syslog(pamh, LOG_DEBUG, "session close succeeded; session_id=%s", + ctx->saved_session.msg); + return PAM_SUCCESS; +} + +/* Change the password of the user. This function is first called with + PAM_PRELIM_CHECK set in the flags and then without the flag. In the first + pass it is determined whether we can contact the LDAP server and the + provided old password is valid. In the second pass we get the new + password and actually modify the password. */ +int pam_sm_chauthtok(pam_handle_t *pamh, int flags, + int argc, const char **argv) +{ + int rc; + struct pld_cfg cfg; + struct pld_ctx *ctx; + const char *username, *service; + const char *ruser = NULL, *rhost = NULL, *tty = NULL; + const char *oldpassword = NULL, *newpassword = NULL; + struct passwd *pwent; + uid_t myuid; + struct nslcd_resp resp; + const char *msg; + /* set up configuration */ + cfg_init(pamh, flags, argc, argv, &cfg); + rc = init(pamh, &cfg, &ctx, &username, &service, &ruser, &rhost, &tty); + if (rc != PAM_SUCCESS) + return remap_pam_rc(rc, &cfg); + /* check if password modification is allowed */ + rc = nslcd_request_config_get(pamh, &cfg, NSLCD_CONFIG_PAM_PASSWORD_PROHIBIT_MESSAGE, + &resp); + if ((rc == PAM_SUCCESS) && (resp.msg[0] != '\0')) + { + /* we silently ignore errors to get the configuration option */ + pam_syslog(pamh, LOG_NOTICE, "password change prohibited: %s; user=%s", + resp.msg, username); + if (!cfg.no_warn) + pam_error(pamh, "%s", resp.msg); + return remap_pam_rc(PAM_PERM_DENIED, &cfg); + } + /* see if we are dealing with an LDAP user first */ + rc = nslcd_request_exists(pamh, &cfg, username); + if (rc != PAM_SUCCESS) + return remap_pam_rc(rc, &cfg); + /* preliminary check, just see if we can authenticate with the current password */ + if (flags & PAM_PRELIM_CHECK) + { + ctx->asroot = 0; + /* see if the user is trying to modify another user's password */ + /* TODO: perhaps this can be combined with the nslcd_request_exists() call above */ + pwent = pam_modutil_getpwnam(args->pamh, username); + myuid = getuid(); + if ((pwent != NULL) && (pwent->pw_uid != myuid) && (!(flags & PAM_CHANGE_EXPIRED_AUTHTOK))) + { + /* we are root so we can test if nslcd will allow us to change the + user's password without the admin password */ + if (myuid == 0) + { + rc = nslcd_request_authc(pamh, &cfg, "", service, ruser, rhost, tty, + "", &resp, NULL); + if ((rc == PAM_SUCCESS) && (resp.res == PAM_SUCCESS)) + { + ctx->asroot = 1; + return pam_set_item(pamh, PAM_OLDAUTHTOK, ""); + } + } + /* try to authenticate with the LDAP administrator password by passing + an empty username to the authc request */ + rc = pam_get_authtok(pamh, PAM_OLDAUTHTOK, &oldpassword, + "LDAP administrator password: "); + if (rc != PAM_SUCCESS) + return rc; + ctx->asroot = 1; + username = ""; + } + else if ((ctx->oldpassword != NULL) && (*ctx->oldpassword != '\0')) + { + /* we already have an old password stored (from a previous + authentication phase) so we'll use that and don't re-check */ + rc = pam_set_item(pamh, PAM_OLDAUTHTOK, ctx->oldpassword); + return remap_pam_rc(rc, &cfg); + } + else + { + /* prompt the user for a password if needed */ + rc = pam_get_authtok(pamh, PAM_OLDAUTHTOK, (const char **)&oldpassword, + "(current) LDAP Password: "); + if (rc != PAM_SUCCESS) + return rc; + } + /* check for empty password */ + if (!cfg.nullok && ((oldpassword == NULL) || (oldpassword[0] == '\0'))) + { + if (cfg.debug) + pam_syslog(pamh, LOG_DEBUG, "user has empty password, access denied"); + return PAM_AUTH_ERR; + } + /* try authenticating */ + rc = nslcd_request_authc(pamh, &cfg, username, service, ruser, rhost, + tty, oldpassword, &resp, NULL); + if (rc != PAM_SUCCESS) + return remap_pam_rc(rc, &cfg); + /* handle authentication result */ + if (resp.res != PAM_SUCCESS) + pam_syslog(pamh, LOG_NOTICE, "%s; user=%s", + pam_strerror(pamh, resp.res), username); + else if (cfg.debug) + pam_syslog(pamh, LOG_DEBUG, "authentication succeeded"); + /* remap error code */ + return remap_pam_rc(resp.res, &cfg); + } + /* get the old password (from the previous call) */ + rc = pam_get_item(pamh, PAM_OLDAUTHTOK, (PAM_ITEM_CONST void **)&oldpassword); + if (rc != PAM_SUCCESS) + return rc; + /* prompt for new password */ + rc = pam_get_authtok(pamh, PAM_AUTHTOK, &newpassword, NULL); + if (rc != PAM_SUCCESS) + return rc; + /* perform the password modification */ + rc = nslcd_request_pwmod(pamh, &cfg, username, service, ruser, rhost, tty, + ctx->asroot, oldpassword, newpassword, &resp); + if (rc != PAM_SUCCESS) + msg = pam_strerror(pamh, rc); + else + { + rc = resp.res; + msg = resp.msg; + } + /* remap error code */ + rc = remap_pam_rc(rc, &cfg); + /* check the returned value */ + if (rc != PAM_SUCCESS) + { + pam_syslog(pamh, LOG_NOTICE, "password change failed: %s; user=%s", + msg, username); + if ((rc != PAM_IGNORE) && (!cfg.no_warn)) + pam_error(pamh, "%s", msg); + return rc; + } + pam_syslog(pamh, LOG_NOTICE, "password changed for %s", username); + return PAM_SUCCESS; +} + +#ifdef PAM_STATIC +struct pam_module PAM_NAME(modstruct) = { + "pam_" MODULE_NAME, + pam_sm_authenticate, + pam_sm_setcred, + pam_sm_acct_mgmt, + pam_sm_open_session, + pam_sm_close_session, + pam_sm_chauthtok +}; +#endif /* PAM_STATIC */ diff --git a/pam/pam_ldap.map b/pam/pam_ldap.map new file mode 100644 index 0000000..21c98f8 --- /dev/null +++ b/pam/pam_ldap.map @@ -0,0 +1,16 @@ +EXPORTED { + + # published PAM service functions + global: + pam_sm_acct_mgmt; + pam_sm_authenticate; + pam_sm_chauthtok; + pam_sm_close_session; + pam_sm_open_session; + pam_sm_setcred; + + # everything else should not be exported + local: + *; + +}; diff --git a/py-compile b/py-compile new file mode 100755 index 0000000..3693d96 --- /dev/null +++ b/py-compile @@ -0,0 +1,170 @@ +#!/bin/sh +# py-compile - Compile a Python program + +scriptversion=2016-01-11.22; # UTC + +# Copyright (C) 2000-2017 Free Software Foundation, Inc. + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# This file is maintained in Automake, please report +# bugs to or send patches to +# . + +if [ -z "$PYTHON" ]; then + PYTHON=python +fi + +me=py-compile + +usage_error () +{ + echo "$me: $*" >&2 + echo "Try '$me --help' for more information." >&2 + exit 1 +} + +basedir= +destdir= +while test $# -ne 0; do + case "$1" in + --basedir) + if test $# -lt 2; then + usage_error "option '--basedir' requires an argument" + else + basedir=$2 + fi + shift + ;; + --destdir) + if test $# -lt 2; then + usage_error "option '--destdir' requires an argument" + else + destdir=$2 + fi + shift + ;; + -h|--help) + cat <<\EOF +Usage: py-compile [--help] [--version] [--basedir DIR] [--destdir DIR] FILES..." + +Byte compile some python scripts FILES. Use --destdir to specify any +leading directory path to the FILES that you don't want to include in the +byte compiled file. Specify --basedir for any additional path information you +do want to be shown in the byte compiled file. + +Example: + py-compile --destdir /tmp/pkg-root --basedir /usr/share/test test.py test2.py + +Report bugs to . +EOF + exit $? + ;; + -v|--version) + echo "$me $scriptversion" + exit $? + ;; + --) + shift + break + ;; + -*) + usage_error "unrecognized option '$1'" + ;; + *) + break + ;; + esac + shift +done + +files=$* +if test -z "$files"; then + usage_error "no files given" +fi + +# if basedir was given, then it should be prepended to filenames before +# byte compilation. +if [ -z "$basedir" ]; then + pathtrans="path = file" +else + pathtrans="path = os.path.join('$basedir', file)" +fi + +# if destdir was given, then it needs to be prepended to the filename to +# byte compile but not go into the compiled file. +if [ -z "$destdir" ]; then + filetrans="filepath = path" +else + filetrans="filepath = os.path.normpath('$destdir' + os.sep + path)" +fi + +$PYTHON -c " +import sys, os, py_compile, imp + +files = '''$files''' + +sys.stdout.write('Byte-compiling python modules...\n') +for file in files.split(): + $pathtrans + $filetrans + if not os.path.exists(filepath) or not (len(filepath) >= 3 + and filepath[-3:] == '.py'): + continue + sys.stdout.write(file) + sys.stdout.flush() + if hasattr(imp, 'get_tag'): + py_compile.compile(filepath, imp.cache_from_source(filepath), path) + else: + py_compile.compile(filepath, filepath + 'c', path) +sys.stdout.write('\n')" || exit $? + +# this will fail for python < 1.5, but that doesn't matter ... +$PYTHON -O -c " +import sys, os, py_compile, imp + +# pypy does not use .pyo optimization +if hasattr(sys, 'pypy_translation_info'): + sys.exit(0) + +files = '''$files''' +sys.stdout.write('Byte-compiling python modules (optimized versions) ...\n') +for file in files.split(): + $pathtrans + $filetrans + if not os.path.exists(filepath) or not (len(filepath) >= 3 + and filepath[-3:] == '.py'): + continue + sys.stdout.write(file) + sys.stdout.flush() + if hasattr(imp, 'get_tag'): + py_compile.compile(filepath, imp.cache_from_source(filepath, False), path) + else: + py_compile.compile(filepath, filepath + 'o', path) +sys.stdout.write('\n')" 2>/dev/null || : + +# Local Variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC0" +# time-stamp-end: "; # UTC" +# End: diff --git a/pynslcd/Makefile.am b/pynslcd/Makefile.am new file mode 100644 index 0000000..a61ff65 --- /dev/null +++ b/pynslcd/Makefile.am @@ -0,0 +1,42 @@ +# Makefile.am - use automake to generate Makefile.in +# +# Copyright (C) 2010, 2011, 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +pynslcddir = $(datadir)/pynslcd + +pynslcd_PYTHON = pynslcd.py attmap.py cache.py cfg.py common.py expr.py \ + mypidfile.py invalidator.py search.py tio.py \ + config.py alias.py ether.py group.py host.py netgroup.py \ + network.py passwd.py protocol.py rpc.py service.py \ + shadow.py pam.py usermod.py +nodist_pynslcd_PYTHON = constants.py +CLEANFILES = $(nodist_pynslcd_PYTHON) + +all-local: $(nodist_pynslcd_PYTHON) + +# clean up locally created compiled Python files +clean-local: + rm -f *.pyc *.pyo + +constants.py: constants.py.in $(top_srcdir)/nslcd.h + +# create a symbolic link for the pynslcd daemon and fix permissions +install-data-hook: + chmod a+rx $(DESTDIR)$(pynslcddir)/pynslcd.py + $(MKDIR_P) $(DESTDIR)$(sbindir) + [ -L $(DESTDIR)$(sbindir)/pynslcd ] || $(LN_S) $(pynslcddir)/pynslcd.py $(DESTDIR)$(sbindir)/pynslcd diff --git a/pynslcd/Makefile.in b/pynslcd/Makefile.in new file mode 100644 index 0000000..ceaa911 --- /dev/null +++ b/pynslcd/Makefile.in @@ -0,0 +1,630 @@ +# Makefile.in generated by automake 1.15.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2017 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# Makefile.am - use automake to generate Makefile.in +# +# Copyright (C) 2010, 2011, 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA +VPATH = @srcdir@ +am__is_gnu_make = { \ + if test -z '$(MAKELEVEL)'; then \ + false; \ + elif test -n '$(MAKE_HOST)'; then \ + true; \ + elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ + true; \ + else \ + false; \ + fi; \ +} +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +target_triplet = @target@ +subdir = pynslcd +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_pthread.m4 \ + $(top_srcdir)/m4/ax_python_module.m4 \ + $(top_srcdir)/m4/ax_tls.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am $(pynslcd_PYTHON) \ + $(am__DIST_COMMON) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = constants.py +CONFIG_CLEAN_VPATH_FILES = +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +SOURCES = +DIST_SOURCES = +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__uninstall_files_from_dir = { \ + test -z "$$files" \ + || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ + || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ + $(am__cd) "$$dir" && rm -f $$files; }; \ + } +am__py_compile = PYTHON=$(PYTHON) $(SHELL) $(py_compile) +am__installdirs = "$(DESTDIR)$(pynslcddir)" "$(DESTDIR)$(pynslcddir)" +am__pep3147_tweak = \ + sed -e 's|\.py$$||' -e 's|[^/]*$$|__pycache__/&.*.py|' +py_compile = $(top_srcdir)/py-compile +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/constants.py.in \ + $(top_srcdir)/mkinstalldirs $(top_srcdir)/py-compile +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DOCBOOK2X_MAN = @DOCBOOK2X_MAN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ +MODULE_NAME = @MODULE_NAME@ +NSLCD_BINDPW_PATH = @NSLCD_BINDPW_PATH@ +NSLCD_CONF_PATH = @NSLCD_CONF_PATH@ +NSLCD_PIDFILE = @NSLCD_PIDFILE@ +NSLCD_SOCKET = @NSLCD_SOCKET@ +NSS_FLAVOUR = @NSS_FLAVOUR@ +NSS_LDAP_SONAME = @NSS_LDAP_SONAME@ +NSS_MODULE_OBJS = @NSS_MODULE_OBJS@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PAM_LDAP_SONAME = @PAM_LDAP_SONAME@ +PAM_SECLIB_DIR = @PAM_SECLIB_DIR@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PIC_CFLAGS = @PIC_CFLAGS@ +PTHREAD_CC = @PTHREAD_CC@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LIBS = @PTHREAD_LIBS@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ +RANLIB = @RANLIB@ +RELEASE_MONTH = @RELEASE_MONTH@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +ax_pthread_config = @ax_pthread_config@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +nslcd_LIBS = @nslcd_LIBS@ +nss_ldap_so_LDFLAGS = @nss_ldap_so_LDFLAGS@ +nss_ldap_so_LINK = @nss_ldap_so_LINK@ +oldincludedir = @oldincludedir@ +pam_ldap_so_LDFLAGS = @pam_ldap_so_LDFLAGS@ +pam_ldap_so_LINK = @pam_ldap_so_LINK@ +pdfdir = @pdfdir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ +runstatedir = @runstatedir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target = @target@ +target_alias = @target_alias@ +target_cpu = @target_cpu@ +target_os = @target_os@ +target_vendor = @target_vendor@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +pynslcddir = $(datadir)/pynslcd +pynslcd_PYTHON = pynslcd.py attmap.py cache.py cfg.py common.py expr.py \ + mypidfile.py invalidator.py search.py tio.py \ + config.py alias.py ether.py group.py host.py netgroup.py \ + network.py passwd.py protocol.py rpc.py service.py \ + shadow.py pam.py usermod.py + +nodist_pynslcd_PYTHON = constants.py +CLEANFILES = $(nodist_pynslcd_PYTHON) +all: all-am + +.SUFFIXES: +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu pynslcd/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu pynslcd/Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): +constants.py: $(top_builddir)/config.status $(srcdir)/constants.py.in + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ +install-nodist_pynslcdPYTHON: $(nodist_pynslcd_PYTHON) + @$(NORMAL_INSTALL) + @list='$(nodist_pynslcd_PYTHON)'; dlist=; list2=; test -n "$(pynslcddir)" || list=; \ + if test -n "$$list"; then \ + echo " $(MKDIR_P) '$(DESTDIR)$(pynslcddir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(pynslcddir)" || exit 1; \ + fi; \ + for p in $$list; do \ + if test -f "$$p"; then b=; else b="$(srcdir)/"; fi; \ + if test -f $$b$$p; then \ + $(am__strip_dir) \ + dlist="$$dlist $$f"; \ + list2="$$list2 $$b$$p"; \ + else :; fi; \ + done; \ + for file in $$list2; do echo $$file; done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(pynslcddir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(pynslcddir)" || exit $$?; \ + done || exit $$?; \ + if test -n "$$dlist"; then \ + $(am__py_compile) --destdir "$(DESTDIR)" \ + --basedir "$(pynslcddir)" $$dlist; \ + else :; fi + +uninstall-nodist_pynslcdPYTHON: + @$(NORMAL_UNINSTALL) + @list='$(nodist_pynslcd_PYTHON)'; test -n "$(pynslcddir)" || list=; \ + py_files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$py_files" || exit 0; \ + dir='$(DESTDIR)$(pynslcddir)'; \ + pyc_files=`echo "$$py_files" | sed 's|$$|c|'`; \ + pyo_files=`echo "$$py_files" | sed 's|$$|o|'`; \ + py_files_pep3147=`echo "$$py_files" | $(am__pep3147_tweak)`; \ + echo "$$py_files_pep3147";\ + pyc_files_pep3147=`echo "$$py_files_pep3147" | sed 's|$$|c|'`; \ + pyo_files_pep3147=`echo "$$py_files_pep3147" | sed 's|$$|o|'`; \ + st=0; \ + for files in \ + "$$py_files" \ + "$$pyc_files" \ + "$$pyo_files" \ + "$$pyc_files_pep3147" \ + "$$pyo_files_pep3147" \ + ; do \ + $(am__uninstall_files_from_dir) || st=$$?; \ + done; \ + exit $$st +install-pynslcdPYTHON: $(pynslcd_PYTHON) + @$(NORMAL_INSTALL) + @list='$(pynslcd_PYTHON)'; dlist=; list2=; test -n "$(pynslcddir)" || list=; \ + if test -n "$$list"; then \ + echo " $(MKDIR_P) '$(DESTDIR)$(pynslcddir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(pynslcddir)" || exit 1; \ + fi; \ + for p in $$list; do \ + if test -f "$$p"; then b=; else b="$(srcdir)/"; fi; \ + if test -f $$b$$p; then \ + $(am__strip_dir) \ + dlist="$$dlist $$f"; \ + list2="$$list2 $$b$$p"; \ + else :; fi; \ + done; \ + for file in $$list2; do echo $$file; done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(pynslcddir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(pynslcddir)" || exit $$?; \ + done || exit $$?; \ + if test -n "$$dlist"; then \ + $(am__py_compile) --destdir "$(DESTDIR)" \ + --basedir "$(pynslcddir)" $$dlist; \ + else :; fi + +uninstall-pynslcdPYTHON: + @$(NORMAL_UNINSTALL) + @list='$(pynslcd_PYTHON)'; test -n "$(pynslcddir)" || list=; \ + py_files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$py_files" || exit 0; \ + dir='$(DESTDIR)$(pynslcddir)'; \ + pyc_files=`echo "$$py_files" | sed 's|$$|c|'`; \ + pyo_files=`echo "$$py_files" | sed 's|$$|o|'`; \ + py_files_pep3147=`echo "$$py_files" | $(am__pep3147_tweak)`; \ + echo "$$py_files_pep3147";\ + pyc_files_pep3147=`echo "$$py_files_pep3147" | sed 's|$$|c|'`; \ + pyo_files_pep3147=`echo "$$py_files_pep3147" | sed 's|$$|o|'`; \ + st=0; \ + for files in \ + "$$py_files" \ + "$$pyc_files" \ + "$$pyo_files" \ + "$$pyc_files_pep3147" \ + "$$pyo_files_pep3147" \ + ; do \ + $(am__uninstall_files_from_dir) || st=$$?; \ + done; \ + exit $$st +tags TAGS: + +ctags CTAGS: + +cscope cscopelist: + + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile all-local +installdirs: + for dir in "$(DESTDIR)$(pynslcddir)" "$(DESTDIR)$(pynslcddir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-local mostlyclean-am + +distclean: distclean-am + -rm -f Makefile +distclean-am: clean-am distclean-generic + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: install-nodist_pynslcdPYTHON install-pynslcdPYTHON + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-data-hook +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-generic + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-nodist_pynslcdPYTHON uninstall-pynslcdPYTHON + +.MAKE: install-am install-data-am install-strip + +.PHONY: all all-am all-local check check-am clean clean-generic \ + clean-local cscopelist-am ctags-am distclean distclean-generic \ + distdir dvi dvi-am html html-am info info-am install \ + install-am install-data install-data-am install-data-hook \ + install-dvi install-dvi-am install-exec install-exec-am \ + install-html install-html-am install-info install-info-am \ + install-man install-nodist_pynslcdPYTHON install-pdf \ + install-pdf-am install-ps install-ps-am install-pynslcdPYTHON \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-generic pdf pdf-am ps ps-am tags-am uninstall \ + uninstall-am uninstall-nodist_pynslcdPYTHON \ + uninstall-pynslcdPYTHON + +.PRECIOUS: Makefile + + +all-local: $(nodist_pynslcd_PYTHON) + +# clean up locally created compiled Python files +clean-local: + rm -f *.pyc *.pyo + +constants.py: constants.py.in $(top_srcdir)/nslcd.h + +# create a symbolic link for the pynslcd daemon and fix permissions +install-data-hook: + chmod a+rx $(DESTDIR)$(pynslcddir)/pynslcd.py + $(MKDIR_P) $(DESTDIR)$(sbindir) + [ -L $(DESTDIR)$(sbindir)/pynslcd ] || $(LN_S) $(pynslcddir)/pynslcd.py $(DESTDIR)$(sbindir)/pynslcd + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/pynslcd/alias.py b/pynslcd/alias.py new file mode 100644 index 0000000..371ac2e --- /dev/null +++ b/pynslcd/alias.py @@ -0,0 +1,99 @@ + +# alias.py - lookup functions for email aliases +# +# Copyright (C) 2010, 2011, 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import cache +import common +import constants +import search + + +attmap = common.Attributes(cn='cn', rfc822MailMember='rfc822MailMember') +filter = '(objectClass=nisMailAlias)' + + +class Search(search.LDAPSearch): + + case_insensitive = ('cn', ) + limit_attributes = ('cn', ) + required = ('cn', 'rfc822MailMember') + + +class Cache(cache.Cache): + + tables = ('alias_cache', 'alias_member_cache') + + create_sql = ''' + CREATE TABLE IF NOT EXISTS `alias_cache` + ( `cn` TEXT PRIMARY KEY COLLATE NOCASE, + `mtime` TIMESTAMP NOT NULL ); + CREATE TABLE IF NOT EXISTS `alias_member_cache` + ( `alias` TEXT NOT NULL COLLATE NOCASE, + `rfc822MailMember` TEXT NOT NULL, + FOREIGN KEY(`alias`) REFERENCES `alias_cache`(`cn`) + ON DELETE CASCADE ON UPDATE CASCADE ); + CREATE INDEX IF NOT EXISTS `alias_member_idx` ON `alias_member_cache`(`alias`); + ''' + + retrieve_sql = ''' + SELECT `alias_cache`.`cn` AS `cn`, + `alias_member_cache`.`rfc822MailMember` AS `rfc822MailMember`, + `alias_cache`.`mtime` AS `mtime` + FROM `alias_cache` + LEFT JOIN `alias_member_cache` + ON `alias_member_cache`.`alias` = `alias_cache`.`cn` + ''' + + retrieve_by = dict( + rfc822MailMember=''' + `cn` IN ( + SELECT `a`.`alias` + FROM `alias_member_cache` `a` + WHERE `a`.`rfc822MailMember` = ?) + ''', + ) + + group_by = (0, ) # cn + group_columns = (1, ) # rfc822MailMember + + +class AliasRequest(common.Request): + + def write(self, name, members): + self.fp.write_string(name) + self.fp.write_stringlist(members) + + def convert(self, dn, attributes, parameters): + names = attributes['cn'] + members = attributes['rfc822MailMember'] + for name in names: + yield (name, members) + + +class AliasByNameRequest(AliasRequest): + + action = constants.NSLCD_ACTION_ALIAS_BYNAME + + def read_parameters(self, fp): + return dict(cn=fp.read_string()) + + +class AliasAllRequest(AliasRequest): + + action = constants.NSLCD_ACTION_ALIAS_ALL diff --git a/pynslcd/attmap.py b/pynslcd/attmap.py new file mode 100644 index 0000000..6012d39 --- /dev/null +++ b/pynslcd/attmap.py @@ -0,0 +1,174 @@ + +# attmap.py - attribute mapping class +# +# Copyright (C) 2011, 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +"""Module for handling attribute mappings used for LDAP searches. + +>>> attrs = Attributes(uid='uid', +... userPassword='userPassword', +... uidNumber='uidNumber', +... gidNumber='gidNumber', +... gecos='"${gecos:-$cn}"', +... homeDirectory='homeDirectory', +... loginShell='loginShell') +>>> 'cn' in attrs.attributes() +True +>>> attrs.translate({'uid': ['UIDVALUE', '2nduidvalue'], 'cn': ['COMMON NAME', ]}) +{'uid': ['UIDVALUE', '2nduidvalue'], 'loginShell': [], 'userPassword': [], 'uidNumber': [], 'gidNumber': [], 'gecos': ['COMMON NAME'], 'homeDirectory': []} +>>> attrs['uidNumber'] # a representation fit for logging and filters +'uidNumber' +>>> attrs['gecos'] +'"${gecos:-$cn}"' +""" + +import re + +from ldap.filter import escape_filter_chars +import ldap.dn + +from expr import Expression + + +# exported names +__all__ = ('Attributes', ) + + +# TODO: support objectSid attributes + + +# regular expression to match function attributes +attribute_func_re = re.compile('^(?P[a-z]+)\((?P.*)\)$') + + +class SimpleMapping(str): + """Simple mapping to another attribute name.""" + + def attributes(self): + return [self] + + def mk_filter(self, value): + return '(%s=%s)' % ( + self, escape_filter_chars(str(value)) + ) + + def values(self, variables): + """Expand the expression using the variables specified.""" + return variables.get(self, []) + + +class ExpressionMapping(str): + """Class for parsing and expanding an expression.""" + + def __init__(self, value): + """Parse the expression as a string.""" + self.expression = Expression(value[1:-1]) + super(ExpressionMapping, self).__init__(value) + + def values(self, variables): + """Expand the expression using the variables specified.""" + return [self.expression.value(variables)] + + def attributes(self): + """Return the attributes defined in the expression.""" + return self.expression.variables() + + +class FunctionMapping(str): + """Mapping to a function to another attribute.""" + + def __init__(self, mapping): + self.mapping = mapping + m = attribute_func_re.match(mapping) + self.attribute = m.group('attribute') + self.function = getattr(self, m.group('function')) + super(FunctionMapping, self).__init__(mapping) + + def upper(self, value): + return value.upper() + + def lower(self, value): + return value.lower() + + def attributes(self): + return [self.attribute] + + def mk_filter(self, value): + return '(%s=%s)' % ( + self.attribute, escape_filter_chars(value) + ) + + def values(self, variables): + return [self.function(value) + for value in variables.get(self.attribute, [])] + + +class Attributes(dict): + """Dictionary-like class for handling attribute mapping.""" + + def __init__(self, *args, **kwargs): + self.update(*args, **kwargs) + + def __setitem__(self, attribute, mapping): + # translate the mapping into a mapping object + if mapping[0] == '"' and mapping[-1] == '"': + mapping = ExpressionMapping(mapping) + elif '(' in mapping: + mapping = FunctionMapping(mapping) + else: + mapping = SimpleMapping(mapping) + super(Attributes, self).__setitem__(attribute, mapping) + + def update(self, *args, **kwargs): + for arg in args: + other = dict(arg) + for key in other: + self[key] = other[key] + for key in kwargs: + self[key] = kwargs[key] + + def attributes(self): + """Return the list of attributes that are referenced in this + attribute mapping. These are the attributes that should be + requested in the search.""" + attributes = set() + for mapping in self.itervalues(): + attributes.update(mapping.attributes()) + return list(attributes) + + def mk_filter(self, attribute, value): + """Construct a search filter for searching for the attribute value + combination.""" + mapping = self.get(attribute, SimpleMapping(attribute)) + return mapping.mk_filter(value) + + def translate(self, variables): + """Return a dictionary with every attribute mapped to their value from + the specified variables.""" + results = dict() + for attribute, mapping in self.iteritems(): + results[attribute] = mapping.values(variables) + return results + + def get_rdn_value(self, dn, attribute): + """Extract the attribute value from from DN if possible. Return None + otherwise.""" + return self.translate(dict( + (x, [y]) + for x, y, z in ldap.dn.str2dn(dn)[0] + ))[attribute][0] diff --git a/pynslcd/cache.py b/pynslcd/cache.py new file mode 100644 index 0000000..99b520d --- /dev/null +++ b/pynslcd/cache.py @@ -0,0 +1,194 @@ + +# cache.py - caching layer for pynslcd +# +# Copyright (C) 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import datetime +import os +import sys + +import sqlite3 + + +# TODO: probably create a config table +# FIXME: have some way to remove stale entries from the cache if all items from LDAP are queried (perhas use TTL from all request) + + +class regroup(object): + + def __init__(self, results, group_by=None, group_column=None): + """Regroup the results in the group column by the key columns.""" + self.group_by = tuple(group_by) + self.group_column = group_column + self.it = iter(results) + self.tgtkey = self.currkey = self.currvalue = object() + + def keyfunc(self, row): + return tuple(row[x] for x in self.group_by) + + def __iter__(self): + return self + + def next(self): + # find a start row + while self.currkey == self.tgtkey: + self.currvalue = next(self.it) # Exit on StopIteration + self.currkey = self.keyfunc(self.currvalue) + self.tgtkey = self.currkey + # turn the result row into a list of columns + row = list(self.currvalue) + # replace the group column + row[self.group_column] = list(self._grouper(self.tgtkey)) + return row + + def _grouper(self, tgtkey): + """Generate the group columns.""" + while self.currkey == tgtkey: + value = self.currvalue[self.group_column] + if value is not None: + yield value + self.currvalue = next(self.it) # Exit on StopIteration + self.currkey = self.keyfunc(self.currvalue) + + +class Query(object): + """Helper class to build an SQL query for the cache.""" + + def __init__(self, query): + self.query = query + self.wheres = [] + self.parameters = [] + + def add_where(self, where, parameters): + self.wheres.append(where) + self.parameters += parameters + + def execute(self, con): + query = self.query + if self.wheres: + query += ' WHERE ' + ' AND '.join(self.wheres) + cursor = con.cursor() + return cursor.execute(query, self.parameters) + + +class Cache(object): + """The description of the cache.""" + + retrieve_sql = None + retrieve_by = dict() + group_by = () + group_columns = () + + def __init__(self): + self.con = _get_connection() + self.db = sys.modules[self.__module__].__name__ + if not hasattr(self, 'tables'): + self.tables = ['%s_cache' % self.db] + self.create() + + def create(self): + """Create the needed tables if neccesary.""" + self.con.executescript(self.create_sql) + + def store(self, *values): + """Store the values in the cache for the specified table. + The order of the values is the order returned by the Reques.convert() + function.""" + # split the values into simple (flat) values and one-to-many values + simple_values = [] + multi_values = [] + for v in values: + if isinstance(v, (list, tuple, set)): + multi_values.append(v) + else: + simple_values.append(v) + # insert the simple values + simple_values.append(datetime.datetime.now()) + args = ', '.join(len(simple_values) * ('?', )) + self.con.execute(''' + INSERT OR REPLACE INTO %s + VALUES + (%s) + ''' % (self.tables[0], args), simple_values) + # insert the one-to-many values + for n, vlist in enumerate(multi_values): + self.con.execute(''' + DELETE FROM %s + WHERE `%s` = ? + ''' % (self.tables[n + 1], self.db), (values[0], )) + self.con.executemany(''' + INSERT INTO %s + VALUES + (?, ?) + ''' % (self.tables[n + 1]), ((values[0], x) for x in vlist)) + + def retrieve(self, parameters): + """Retrieve all items from the cache based on the parameters + supplied.""" + query = Query(self.retrieve_sql or ''' + SELECT * + FROM %s + ''' % self.tables[0]) + if parameters: + for k, v in parameters.items(): + where = self.retrieve_by.get(k, '`%s`.`%s` = ?' % (self.tables[0], k)) + query.add_where(where, where.count('?') * [v]) + # group by + # FIXME: find a nice way to turn group_by and group_columns into names + results = query.execute(self.con) + group_by = list(self.group_by + self.group_columns) + for column in self.group_columns[::-1]: + group_by.pop() + results = regroup(results, group_by, column) + # strip the mtime from the results + return (list(x)[:-1] for x in results) + + def __enter__(self): + return self.con.__enter__(); + + def __exit__(self, *args): + return self.con.__exit__(*args); + + +# the connection to the sqlite database +_connection = None + + +# FIXME: make tread safe (is this needed the way the caches are initialised?) +def _get_connection(): + global _connection + if _connection is None: + filename = '/tmp/pynslcd_cache.sqlite' + dirname = os.path.dirname(filename) + if not os.path.isdir(dirname): + os.mkdir(dirname) + connection = sqlite3.connect( + filename, detect_types=sqlite3.PARSE_DECLTYPES, + check_same_thread=False) + connection.row_factory = sqlite3.Row + # initialise connection properties + connection.executescript(''' + -- store temporary tables in memory + PRAGMA temp_store = MEMORY; + -- disable sync() on database (corruption on disk failure) + PRAGMA synchronous = OFF; + -- put journal in memory (corruption if crash during transaction) + PRAGMA journal_mode = MEMORY; + ''') + _connection = connection + return _connection diff --git a/pynslcd/cfg.py b/pynslcd/cfg.py new file mode 100644 index 0000000..dcbc8f7 --- /dev/null +++ b/pynslcd/cfg.py @@ -0,0 +1,348 @@ + +# cfg.py - module for accessing configuration information +# +# Copyright (C) 2010-2017 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import logging +import re + +import ldap + + +# the number of threads to start +threads = 5 +# the user id nslcd should be run as +uid = None +# the group id nslcd should be run as +gid = None +# the configured loggers +logs = [] + +# the LDAP server to use +uri = None # FIXME: support multiple servers and have a fail-over mechanism +# LDAP protocol version to use (perhaps fix at 3?) +ldap_version = ldap.VERSION3 +# the DN to use when binding +binddn = None # FIXME: add support +bindpw = None # FIXME: add support +# the DN to use to perform password modifications as root +rootpwmoddn = None +rootpwmodpw = None + +# SASL configuration +sasl_mech = None # FIXME: add support +sasl_realm = None # FIXME: add support +sasl_authcid = None # FIXME: add support +sasl_authzid = None # FIXME: add support +sasl_secprops = None # FIXME: add support +sasl_canonicalize = None # FIXME: add support + +# LDAP bases to search +bases = [] +# default search scope for searches +scope = ldap.SCOPE_SUBTREE + +deref = ldap.DEREF_NEVER +referrals = True + +# timing configuration +bind_timelimit = 10 # FIXME: add support +timelimit = ldap.NO_LIMIT +idle_timelimit = 0 # FIXME: add support +reconnect_sleeptime = 1 # FIXME: add support +reconnect_retrytime = 10 + +# SSL/TLS options +ssl = None +tls_reqcert = None +tls_cacertdir = None +tls_cacertfile = None +tls_randfile = None +tls_ciphers = None +tls_cert = None +tls_key = None + +# other options +pagesize = 0 # FIXME: add support +nss_initgroups_ignoreusers = set() +nss_min_uid = 0 +nss_uid_offset = 0 +nss_gid_offset = 0 +nss_nested_groups = False +nss_getgrent_skipmembers = False +nss_disable_enumeration = False +validnames = re.compile(r'^[a-z0-9._@$][a-z0-9._@$ \\~-]{0,98}[a-z0-9._@$~-]$', re.IGNORECASE) +pam_authz_searches = [] +pam_password_prohibit_message = None +reconnect_invalidate = set() + + +# allowed boolean values +_boolean_options = {'on': True, 'yes': True, 'true': True, '1': True, + 'off': False, 'no': False, 'false': False, '0': False} + +# allowed log levels (we log notice which is unsupported in Python to warning) +_log_levels = {'crit': logging.CRITICAL, 'error': logging.ERROR, + 'err': logging.ERROR, 'warning': logging.WARNING, + 'notice': logging.WARNING, 'info': logging.INFO, + 'debug': logging.DEBUG, 'none': logging.INFO} + +# allowed values for scope option +if not hasattr(ldap, 'SCOPE_CHILDREN') and ldap.VENDOR_VERSION >= 20400: + ldap.SCOPE_CHILDREN = 3 # OpenLDAP extension +_scope_options = dict(sub=ldap.SCOPE_SUBTREE, subtree=ldap.SCOPE_SUBTREE, + one=ldap.SCOPE_ONELEVEL, onelevel=ldap.SCOPE_ONELEVEL, + base=ldap.SCOPE_BASE) +if hasattr(ldap, 'SCOPE_CHILDREN'): + _scope_options['children'] = ldap.SCOPE_CHILDREN + +# allowed values for the deref option +_deref_options = dict(never=ldap.DEREF_NEVER, + searching=ldap.DEREF_SEARCHING, + finding=ldap.DEREF_FINDING, + always=ldap.DEREF_ALWAYS) + +# allowed values for the ssl option +_ssl_options = dict(start_tls='STARTTLS', starttls='STARTTLS', + on='LDAPS', off=None) + +# allowed values for the tls_reqcert option +_tls_reqcert_options = {'never': ldap.OPT_X_TLS_NEVER, + 'no': ldap.OPT_X_TLS_NEVER, + 'allow': ldap.OPT_X_TLS_ALLOW, + 'try': ldap.OPT_X_TLS_TRY, + 'demand': ldap.OPT_X_TLS_DEMAND, + 'yes': ldap.OPT_X_TLS_DEMAND, + 'hard': ldap.OPT_X_TLS_HARD} + + +def _get_maps(): + # separate function as not to pollute the namespace and avoid import loops + import alias, ether, group, host, netgroup, network, passwd + import protocol, rpc, service, shadow + import sys + return dict( + alias=alias, aliases=alias, + ether=ether, ethers=ether, + group=group, + host=host, hosts=host, + netgroup=netgroup, + network=network, networks=network, + passwd=passwd, + protocol=protocol, protocols=protocol, + rpc=rpc, + service=service, services=service, + shadow=shadow, + none=sys.modules[__name__] + ) + + +class ParseError(Exception): + + def __init__(self, filename, lineno, message): + self.message = '%s:%d: %s' % (filename, lineno, message) + + def __repr__(self): + return self.message + + __str__ = __repr__ + + +def read(filename): + maps = _get_maps() + lineno = 0 + for line in open(filename, 'r'): + lineno += 1 + line = line.strip() + # skip comments and blank lines + if re.match('(#.*)?$', line, re.IGNORECASE): + continue + # parse options with a single integer argument + m = re.match('(?Pthreads|ldap_version|bind_timelimit|timelimit|idle_timelimit|reconnect_sleeptime|reconnect_retrytime|pagesize|nss_min_uid|nss_uid_offset|nss_gid_offset)\s+(?P\d+)', + line, re.IGNORECASE) + if m: + globals()[m.group('keyword').lower()] = int(m.group('value')) + continue + # parse options with a single boolean argument + m = re.match('(?Preferrals|nss_nested_groups|nss_getgrent_skipmembers|nss_disable_enumeration)\s+(?P%s)' % + '|'.join(_boolean_options.keys()), + line, re.IGNORECASE) + if m: + globals()[m.group('keyword').lower()] = _boolean_options[m.group('value').lower()] + continue + # parse options with a single no-space value + m = re.match('(?Puid|gid|bindpw|rootpwmodpw|sasl_mech)\s+(?P\S+)', + line, re.IGNORECASE) + if m: + globals()[m.group('keyword').lower()] = m.group('value') + continue + # parse options with a single value that can contain spaces + m = re.match('(?Pbinddn|rootpwmoddn|sasl_realm|sasl_authcid|sasl_authzid|sasl_secprops|krb5_ccname|tls_cacertdir|tls_cacertfile|tls_randfile|tls_ciphers|tls_cert|tls_key|pam_password_prohibit_message)\s+(?P\S.*)', + line, re.IGNORECASE) + if m: + globals()[m.group('keyword').lower()] = m.group('value') + continue + # log [] + m = re.match('log\s+(?Psyslog|/\S*)(\s+(?P%s))?' % + '|'.join(_log_levels.keys()), + line, re.IGNORECASE) + if m: + logs.append((m.group('scheme'), _log_levels[str(m.group('level')).lower()])) + continue + # uri + m = re.match('uri\s+(?P\S+)', line, re.IGNORECASE) + if m: + # FIXME: support multiple URI values + # FIXME: support special DNS and DNS:domain values + global uri + uri = m.group('uri') + continue + # base ? + m = re.match('base\s+((?P%s)\s+)?(?P\S.*)' % + '|'.join(maps.keys()), + line, re.IGNORECASE) + if m: + mod = maps[str(m.group('map')).lower()] + if not hasattr(mod, 'bases'): + mod.bases = [] + mod.bases.append(m.group('value')) + continue + # filter + m = re.match('filter\s+(?P%s)\s+(?P\S.*)' % + '|'.join(maps.keys()), + line, re.IGNORECASE) + if m: + mod = maps[m.group('map').lower()] + mod.filter = m.group('value') + continue + # scope ? + m = re.match('scope\s+((?P%s)\s+)?(?P%s)' % ( + '|'.join(maps.keys()), + '|'.join(_scope_options.keys())), + line, re.IGNORECASE) + if m: + mod = maps[str(m.group('map')).lower()] + mod.scope = _scope_options[m.group('value').lower()] + continue + # map + m = re.match('map\s+(?P%s)\s+(?P\S+)\s+(?P\S.*)' % + '|'.join(maps.keys()), + line, re.IGNORECASE) + if m: + mod = maps[m.group('map').lower()] + attribute = m.group('attribute') + if attribute not in mod.attmap: + raise ParseError(filename, lineno, 'attribute %s unknown' % attribute) + mod.attmap[attribute] = m.group('value') + # TODO: filter out attributes that cannot be an expression + continue + # deref + m = re.match('deref\s+(?P%s)' % '|'.join(_deref_options.keys()), + line, re.IGNORECASE) + if m: + global deref + deref = _deref_options[m.group('value').lower()] + continue + # nss_initgroups_ignoreusers | + m = re.match('nss_initgroups_ignoreusers\s+(?P\S.*)', + line, re.IGNORECASE) + if m: + users = m.group('value') + if users.lower() == 'alllocal': + # get all users known to the system currently (since nslcd + # isn't yet running, this should work) + import pwd + users = (x.pw_name for x in pwd.getpwall()) + else: + users = users.split(',') + # TODO: warn about unknown users + nss_initgroups_ignoreusers.update(users) + continue + # pam_authz_search + m = re.match('pam_authz_search\s+(?P\S.*)', line, re.IGNORECASE) + if m: + from expr import Expression + pam_authz_searches.append(Expression(m.group('value'))) + # TODO: check pam_authz_search expression to only contain + # username, service, ruser, rhost, tty, hostname, fqdn, dn or + # uid variables + continue + # ssl + m = re.match('ssl\s+(?P%s)' % '|'.join(_ssl_options.keys()), + line, re.IGNORECASE) + if m: + global ssl + ssl = _ssl_options[m.group('value').lower()] + continue + # sasl_canonicalize yes|no + m = re.match('(ldap_?)?sasl_(?Pno)?canon(icali[sz]e)?\s+(?P%s)' % + '|'.join(_boolean_options.keys()), + line, re.IGNORECASE) + if m: + global sasl_canonicalize + sasl_canonicalize = _boolean_options[m.group('value').lower()] + if m.group('no'): + sasl_canonicalize = not sasl_canonicalize + continue + # tls_reqcert + m = re.match('tls_reqcert\s+(?P%s)' % + '|'.join(_tls_reqcert_options.keys()), + line, re.IGNORECASE) + if m: + global tls_reqcert + tls_reqcert = _tls_reqcert_options[m.group('value').lower()] + continue + # validnames /REGEX/i? + m = re.match('validnames\s+/(?P.*)/(?P[i]?)$', + line, re.IGNORECASE) + if m: + global validnames + flags = 0 | re.IGNORECASE if m.group('flags') == 'i' else 0 + validnames = re.compile(m.group('value'), flags=flags) + continue + # reconnect_invalidate ,,... + m = re.match('reconnect_invalidate\s+(?P\S.*)', + line, re.IGNORECASE) + if m: + dbs = re.split('[ ,]+', m.group('value').lower()) + for db in dbs: + if db not in maps.keys() + ['nfsidmap']: + raise ParseError(filename, lineno, 'map %s unknown' % db) + reconnect_invalidate.update(dbs) + continue + # unrecognised line + raise ParseError(filename, lineno, 'error parsing line %r' % line) + # if logging is not configured, default to syslog + if not logs: + logs.append(('syslog', logging.INFO)) + # dump config (debugging code) + for k, v in globals().items(): + if not k.startswith('_'): + logging.debug('%s=%r', k, v) + + +def get_usergid(): + """Return user info and group id.""" + import pwd + import grp + u = pwd.getpwnam(uid) + if gid is None: + g = u.pw_gid + else: + g = grp.getgrnam(gid).gr_gid + return u, g diff --git a/pynslcd/common.py b/pynslcd/common.py new file mode 100644 index 0000000..97899ad --- /dev/null +++ b/pynslcd/common.py @@ -0,0 +1,138 @@ + +# common.py - functions that are used by different modules +# +# Copyright (C) 2010, 2011, 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import logging +import sys + +import ldap + +from attmap import Attributes +#import cache +import cfg +import constants + + +def is_valid_name(name): + """Checks to see if the specified name seems to be a valid user or group + name. + + This test is based on the definition from POSIX (IEEE Std 1003.1, 2004, + 3.426 User Name, 3.189 Group Name and 3.276 Portable Filename Character Set): + http://www.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap03.html#tag_03_426 + http://www.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap03.html#tag_03_189 + http://www.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap03.html#tag_03_276 + + The standard defines user names valid if they contain characters from + the set [A-Za-z0-9._-] where the hyphen should not be used as first + character. As an extension this test allows some more characters.""" + return bool(cfg.validnames.search(name)) + + +def validate_name(name): + """Checks to see if the specified name seems to be a valid user or group + name. See is_valid_name().""" + if not cfg.validnames.search(name): + raise ValueError('%r: denied by validnames option' % name) + + +class Request(object): + """ + Request handler class. Subclasses are expected to handle actual requests + and should implement the following members: + + action - the NSLCD_ACTION_* action that should trigger this handler + + read_parameters() - a function that reads the request parameters of the + request stream + write() - function that writes a single LDAP entry to the result stream + + """ + + def __init__(self, fp, conn, calleruid): + self.fp = fp + self.conn = conn + self.calleruid = calleruid + module = sys.modules[self.__module__] + self.search = getattr(module, 'Search', None) + #if not hasattr(module, 'cache_obj'): + # cache_cls = getattr(module, 'Cache', None) + # module.cache_obj = cache_cls() if cache_cls else None + #self.cache = module.cache_obj + self.cache = None + + def read_parameters(self, fp): + """This method should read and return the parameters from the + stream.""" + pass + + def get_results(self, parameters): + """Provide the result entries by performing a search.""" + for dn, attributes in self.search(self.conn, parameters=parameters): + for values in self.convert(dn, attributes, parameters): + yield values + + def handle_request(self, parameters): + """This method handles the request based on the parameters read + with read_parameters().""" + try: + #with cache.con: + if True: + for values in self.get_results(parameters): + self.fp.write_int32(constants.NSLCD_RESULT_BEGIN) + self.write(*values) + if self.cache: + self.cache.store(*values) + except ldap.SERVER_DOWN: + if self.cache: + logging.debug('read from cache') + # we assume server went down before writing any entries + for values in self.cache.retrieve(parameters): + self.fp.write_int32(constants.NSLCD_RESULT_BEGIN) + self.write(*values) + else: + raise + # write the final result code + self.fp.write_int32(constants.NSLCD_RESULT_END) + + def log(self, parameters): + parameters = dict(parameters) + for param in ('password', 'oldpassword', 'newpassword'): + if parameters.get(param): + parameters[param] = '***' + logging.debug('%s(%r)', self.__class__.__name__, parameters) + + def __call__(self): + parameters = self.read_parameters(self.fp) or {} + self.log(parameters) + self.fp.write_int32(constants.NSLCD_VERSION) + self.fp.write_int32(self.action) + self.handle_request(parameters) + + +def get_handlers(module): + """Return a dictionary mapping actions to Request classes.""" + import inspect + res = {} + if isinstance(module, basestring): + module = __import__(module, globals()) + for name, cls in inspect.getmembers(module, inspect.isclass): + if issubclass(cls, Request) and hasattr(cls, 'action'): + res[cls.action] = cls + return res diff --git a/pynslcd/config.py b/pynslcd/config.py new file mode 100644 index 0000000..ee57db3 --- /dev/null +++ b/pynslcd/config.py @@ -0,0 +1,45 @@ + +# config.py - routines for getting configuration information +# +# Copyright (C) 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import cfg +import common +import constants + + +class ConfigGetRequest(common.Request): + + action = constants.NSLCD_ACTION_CONFIG_GET + + def read_parameters(self, fp): + return dict(cfgopt=fp.read_int32()) + # TODO: log call with parameters + + def write(self, value): + self.fp.write_int32(constants.NSLCD_RESULT_BEGIN) + self.fp.write_string(value) + self.fp.write_int32(constants.NSLCD_RESULT_END) + + def handle_request(self, parameters): + cfgopt = parameters['cfgopt'] + if cfgopt == constants.NSLCD_CONFIG_PAM_PASSWORD_PROHIBIT_MESSAGE: + self.write(cfg.pam_password_prohibit_message or '') + else: + # return empty response + self.fp.write_int32(constants.NSLCD_RESULT_END) diff --git a/pynslcd/constants.py.in b/pynslcd/constants.py.in new file mode 100644 index 0000000..e5972f8 --- /dev/null +++ b/pynslcd/constants.py.in @@ -0,0 +1,54 @@ + +# constants.py - configured information and constants, this file is processed +# and extended by the configure script +# +# Copyright (C) 2012-2015 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + + +# Name of package +PACKAGE = '''@PACKAGE@''' + +# Define to the address where bug reports for this package should be sent. +PACKAGE_BUGREPORT = '''@PACKAGE_BUGREPORT@''' + +# Define to the full name of this package. +PACKAGE_NAME = '''@PACKAGE_NAME@''' + +# Define to the full name and version of this package. +PACKAGE_STRING = '''@PACKAGE_STRING@''' + +# Define to the home page for this package. +PACKAGE_URL = '''@PACKAGE_URL@''' + +# Version number of package +VERSION = '''@VERSION@''' + +# Path to nslcd configuration file. +NSLCD_CONF_PATH = '''@NSLCD_CONF_PATH@''' + +# The location of the pidfile used for checking availability of the nslcd. +NSLCD_PIDFILE = '''@NSLCD_PIDFILE@''' + +# The location of the socket used for communicating. +NSLCD_SOCKET = '''@NSLCD_SOCKET@''' + +# The SONAME of the NSS library module. +NSS_LDAP_SONAME = '''@NSS_LDAP_SONAME@''' + +# The name of the NSS and PAM modules. +MODULE_NAME = '''@MODULE_NAME@''' diff --git a/pynslcd/ether.py b/pynslcd/ether.py new file mode 100644 index 0000000..1be7861 --- /dev/null +++ b/pynslcd/ether.py @@ -0,0 +1,103 @@ + +# ether.py - lookup functions for ethernet addresses +# +# Copyright (C) 2010-2017 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import struct + +import cache +import common +import constants +import search + + +def ether_aton(ether): + """Converst an ethernet address to binary form in network byte order.""" + return struct.pack('BBBBBB', *(int(x, 16) for x in ether.split(':'))) + + +def ether_ntoa(ether, compact=True): + """Conversts an ethernet address in network byte order to the string + representation.""" + fmt = '%x' if compact else '%02x' + return ':'.join(fmt % x for x in struct.unpack('6B', ether)) + + +attmap = common.Attributes(cn='cn', macAddress='macAddress') +filter = '(objectClass=ieee802Device)' + + +class Search(search.LDAPSearch): + + case_insensitive = ('cn', ) + limit_attributes = ('cn', 'macAddress') + required = ('cn', 'macAddress') + + def mk_filter(self): + # we need a custom mk_filter because this is an | query + if 'macAddress' in self.parameters: + ether = self.parameters['macAddress'] + alt_ether = ether_ntoa(ether_aton(ether), compact=False) + return '(&%s(|(%s=%s)(%s=%s)))' % (self.filter, + attmap['macAddress'], ether, + attmap['macAddress'], alt_ether) + return super(Search, self).mk_filter() + + +class Cache(cache.Cache): + + create_sql = ''' + CREATE TABLE IF NOT EXISTS `ether_cache` + ( `cn` TEXT NOT NULL COLLATE NOCASE, + `macAddress` TEXT NOT NULL COLLATE NOCASE, + `mtime` TIMESTAMP NOT NULL, + UNIQUE (`cn`, `macAddress`) ); + ''' + + +class EtherRequest(common.Request): + + def write(self, name, ether): + self.fp.write_string(name) + self.fp.write(ether_aton(ether)) + + def convert(self, dn, attributes, parameters): + for name in attributes['cn']: + for ether in attributes['macAddress']: + yield (name, ether) + + +class EtherByNameRequest(EtherRequest): + + action = constants.NSLCD_ACTION_ETHER_BYNAME + + def read_parameters(self, fp): + return dict(cn=fp.read_string()) + + +class EtherByEtherRequest(EtherRequest): + + action = constants.NSLCD_ACTION_ETHER_BYETHER + + def read_parameters(self, fp): + return dict(macAddress=ether_ntoa(fp.read(6))) + + +class EtherAllRequest(EtherRequest): + + action = constants.NSLCD_ACTION_ETHER_ALL diff --git a/pynslcd/expr.py b/pynslcd/expr.py new file mode 100644 index 0000000..eec505b --- /dev/null +++ b/pynslcd/expr.py @@ -0,0 +1,251 @@ + +# expr.py - expression handling functions +# +# Copyright (C) 2011, 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +"""Module for handling expressions used for LDAP searches. + +>>> expr = Expression('foo=$foo') +>>> expr.value(dict(foo='XX')) +'foo=XX' +>>> expr = Expression('foo=${foo:-$bar}') +>>> expr.value(dict(foo='', bar='YY')) +'foo=YY' +>>> expr.value(dict(bar=['YY', 'ZZ'])) +'foo=YY' +>>> Expression(r'${passwd#{crypt\}}').value(dict(passwd='{crypt}HASH')) +'HASH' +>>> Expression('${var#trim}').value(dict(var='notrimme')) +'notrimme' +>>> Expression('${var#?trim}').value(dict(var='xtrimme')) +'me' +>>> Expression('${var#*trim}').value(dict(var='xxxtrimme')) +'me' +>>> Expression('${var%.txt}').value(dict(var='foo.txt')) +'foo' +>>> Expression('${x#$y}').value(dict(x='a/b', y='a')) +'/b' +>>> Expression('${var#t*is}').value(dict(var='this is a test')) +' is a test' +>>> Expression('${var##t*is}').value(dict(var='this is a test')) +' a test' +>>> Expression('${var%t*st}').value(dict(var='this is a test')) +'this is a ' +>>> Expression('${var%%t*st}').value(dict(var='this is a test')) +'' + +>>> Expression('${test1:0:6}').value(dict(test1='foobar')) +'foobar' +>>> Expression('${test1:0:10}').value(dict(test1='foobar')) +'foobar' +>>> Expression('${test1:0:3}').value(dict(test1='foobar')) +'foo' +>>> Expression('${test1:3:0}').value(dict(test1='foobar')) +'' +>>> Expression('${test1:3:6}').value(dict(test1='foobar')) +'bar' +>>> Expression('${test1:7:0}').value(dict(test1='foobar')) +'' +>>> Expression('${test1:7:3}').value(dict(test1='foobar')) +'' + +""" + +import fnmatch +import re + + +# exported names +__all__ = ('Expression', ) + + +# TODO: do more expression validity checking + + +class MyIter(object): + """Custom iterator-like class with a back() method.""" + + def __init__(self, value): + self.value = value + self.pos = 0 + + def next(self): + self.pos += 1 + try: + return self.value[self.pos - 1] + except IndexError: + return None + + def startswith(self, value): + return self.value[self.pos].startswith(value) + + def back(self): + self.pos -= 1 + + def __iter__(self): + return self + + def get_name(self): + """Read a variable name from the value iterator.""" + name = '' + for c in self: + if not c or not c.isalnum(): + self.back() + return name + name += c + return name + + +class DollarExpression(object): + """Class for handling a variable $xxx ${xxx}, ${xxx:-yyy} or ${xxx:+yyy} + expression.""" + + def __init__(self, value): + """Parse the expression as the start of a $-expression.""" + self.op = None + self.expr = None + c = value.next() + if c == '{': + self.name = value.get_name() + c = value.next() + if c == '}': + return + elif c == ':': + if value.startswith('-') or value.startswith('+'): + # ${attr:-word} or ${attr:+word} + self.op = c + value.next() + else: + # ${attr:offset:length} + self.op = c + elif c in ('#', '%'): + c2 = value.next() + if c2 in ('#', '%'): + c += c2 + else: + value.back() + self.op = c + else: + raise ValueError('Expecting operator') + self.expr = Expression(value, endat='}') + elif c == '(': + self.name = None + self.op = value.get_name() + c = value.next() + if c != '(': + raise ValueError("Expecting '('") + self.expr = Expression(value, endat=')') + c = value.next() + if c != ')': + raise ValueError("Expecting ')'") + else: + value.back() + self.name = value.get_name() + + def value(self, variables): + """Expand the expression using the variables specified.""" + # lookup the value + value = variables.get(self.name, '') + if value in (None, [], ()): + value = '' + elif isinstance(value, (list, tuple)): + value = value[0] + # TODO: try to return multiple values, one for each value of the list + if self.op == ':-': + return value if value else self.expr.value(variables) + elif self.op == ':+': + return self.expr.value(variables) if value else '' + elif self.op == ':': + offset, length = self.expr.value(variables).split(':') + offset, length = int(offset), int(length) + return value[offset:offset + length] + elif self.op in ('#', '##', '%', '%%'): + match = fnmatch.translate(self.expr.value(variables)) + if self.op == '#': + match = match.replace('*', '*?').replace(r'\Z', r'(?P.*)\Z') + elif self.op == '##': + match = match.replace(r'\Z', r'(?P.*?)\Z') + elif self.op == '%': + match = r'(?P.*)' + match.replace('*', '*?') + elif self.op == '%%': + match = r'(?P.*?)' + match + match = re.match(match, value) + return match.group('replace') if match else value + elif self.op == 'lower': + return self.expr.value(variables).lower() + elif self.op == 'upper': + return self.expr.value(variables).upper() + return value + + def variables(self, results): + """Add the variables used in the expression to results.""" + if self.name: + results.add(self.name) + if self.expr: + self.expr.variables(results) + + +class Expression(object): + """Class for parsing and expanding an expression.""" + + def __init__(self, value, endat=None): + """Parse the expression as a string.""" + if not isinstance(value, MyIter): + self.expression = value + value = MyIter(value) + expr = [] + literal = '' + c = value.next() + while c != endat: + if c == '$': + if literal: + expr.append(literal) + expr.append(DollarExpression(value)) + literal = '' + elif c == '\\': + literal += value.next() + else: + literal += c + c = value.next() + if literal: + expr.append(literal) + self.expr = expr + + def value(self, variables): + """Expand the expression using the variables specified.""" + res = '' + for x in self.expr: + if hasattr(x, 'value'): + res += x.value(variables) + else: + res += x + return res + + def variables(self, results=None): + """Return the variables defined in the expression.""" + if not results: + results = set() + for x in self.expr: + if hasattr(x, 'variables'): + x.variables(results) + return results + + def __str__(self): + return self.expression + + def __repr__(self): + return repr(str(self)) diff --git a/pynslcd/group.py b/pynslcd/group.py new file mode 100644 index 0000000..2280eaf --- /dev/null +++ b/pynslcd/group.py @@ -0,0 +1,237 @@ + +# group.py - group entry lookup routines +# +# Copyright (C) 2010-2017 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import logging + +from ldap.filter import escape_filter_chars +import ldap + +import cache +import cfg +import common +import constants +import passwd +import search + + +def clean(lst): + if lst: + for i in lst: + yield i.replace('\0', '') + + +attmap = common.Attributes(cn='cn', + userPassword='"*"', + gidNumber='gidNumber', + memberUid='memberUid', + member='member') +filter = '(objectClass=posixGroup)' + + +class Search(search.LDAPSearch): + + case_sensitive = ('cn', ) + limit_attributes = ('cn', 'gidNumber') + + def __init__(self, *args, **kwargs): + super(Search, self).__init__(*args, **kwargs) + if (cfg.nss_getgrent_skipmembers or + 'memberUid' in self.parameters or + 'member' in self.parameters): + # set up our own attributes that leave out membership attributes + self.attributes = list(self.attributes) + if attmap['memberUid'] in self.attributes: + self.attributes.remove(attmap['memberUid']) + if attmap['member'] in self.attributes: + self.attributes.remove(attmap['member']) + + def mk_filter(self): + # we still need a custom mk_filter because this is an | query + if attmap['member'] and 'memberUid' in self.parameters: + memberuid = self.parameters['memberUid'] + entry = passwd.uid2entry(self.conn, memberuid) + if entry: + return '(&%s(|(%s=%s)(%s=%s)))' % ( + self.filter, + attmap['memberUid'], escape_filter_chars(memberuid), + attmap['member'], escape_filter_chars(entry[0]) + ) + if 'gidNumber' in self.parameters: + self.parameters['gidNumber'] -= cfg.nss_gid_offset + return super(Search, self).mk_filter() + + +class Cache(cache.Cache): + + tables = ('group_cache', 'group_member_cache') + + create_sql = ''' + CREATE TABLE IF NOT EXISTS `group_cache` + ( `cn` TEXT PRIMARY KEY, + `userPassword` TEXT, + `gidNumber` INTEGER NOT NULL UNIQUE, + `mtime` TIMESTAMP NOT NULL ); + CREATE TABLE IF NOT EXISTS `group_member_cache` + ( `group` TEXT NOT NULL, + `memberUid` TEXT NOT NULL, + FOREIGN KEY(`group`) REFERENCES `group_cache`(`cn`) + ON DELETE CASCADE ON UPDATE CASCADE ); + CREATE INDEX IF NOT EXISTS `group_member_idx` ON `group_member_cache`(`group`); + ''' + + retrieve_sql = ''' + SELECT `group_cache`.`cn` AS `cn`, `userPassword`, `gidNumber`, + `memberUid`, `mtime` + FROM `group_cache` + LEFT JOIN `group_member_cache` + ON `group_member_cache`.`group` = `group_cache`.`cn` + ''' + + retrieve_by = dict( + memberUid=''' + `cn` IN ( + SELECT `a`.`group` + FROM `group_member_cache` `a` + WHERE `a`.`memberUid` = ?) + ''', + ) + + group_by = (0, ) # cn + group_columns = (3, ) # memberUid + + +class GroupRequest(common.Request): + + def write(self, name, passwd, gid, members): + self.fp.write_string(name) + self.fp.write_string(passwd) + self.fp.write_int32(gid) + self.fp.write_stringlist(members) + + def get_members(self, attributes, members, subgroups, seen): + # add the memberUid values + for member in clean(attributes['memberUid']): + if common.is_valid_name(member): + members.add(member) + # translate and add the member values + if attmap['member']: + for memberdn in clean(attributes['member']): + if memberdn in seen: + continue + seen.add(memberdn) + member = passwd.dn2uid(self.conn, memberdn) + if member and common.is_valid_name(member): + members.add(member) + elif cfg.nss_nested_groups: + subgroups.append(memberdn) + + def convert(self, dn, attributes, parameters): + # get group names and check against requested group name + names = attributes['cn'] + # get group password + try: + passwd = attributes['userPassword'][0] + except IndexError: + passwd = None + if not passwd or self.calleruid != 0: + passwd = '*' + # get group id(s) + gids = [int(x) + cfg.nss_gid_offset for x in attributes['gidNumber']] + # build member list + members = set() + subgroups = [] + seen = set([dn]) + self.get_members(attributes, members, subgroups, seen) + # go over subgroups to find more members + while subgroups: + memberdn = subgroups.pop(0) + for dn2, attributes2 in self.search(self.conn, base=memberdn, scope=ldap.SCOPE_BASE): + self.get_members(attributes2, members, subgroups, seen) + # actually return the results + for name in names: + if not common.is_valid_name(name): + logging.warning('%s: %s: denied by validnames option', dn, + attmap['cn']) + else: + for gid in gids: + yield (name, passwd, gid, members) + + +class GroupByNameRequest(GroupRequest): + + action = constants.NSLCD_ACTION_GROUP_BYNAME + + def read_parameters(self, fp): + name = fp.read_string() + common.validate_name(name) + return dict(cn=name) + + +class GroupByGidRequest(GroupRequest): + + action = constants.NSLCD_ACTION_GROUP_BYGID + + def read_parameters(self, fp): + return dict(gidNumber=fp.read_int32()) + + +class GroupByMemberRequest(GroupRequest): + + action = constants.NSLCD_ACTION_GROUP_BYMEMBER + + def read_parameters(self, fp): + memberuid = fp.read_string() + common.validate_name(memberuid) + return dict(memberUid=memberuid) + + def get_results(self, parameters): + seen = set() + for dn, attributes in self.search(self.conn, parameters=parameters): + seen.add(dn) + for values in self.convert(dn, attributes, parameters): + yield values + if cfg.nss_nested_groups and attmap['member']: + tocheck = list(seen) + # find parent groups + while tocheck: + group = tocheck.pop(0) + for dn, attributes in self.search(self.conn, parameters=dict(member=group)): + if dn not in seen: + seen.add(dn) + tocheck.append(dn) + for result in self.convert(dn, attributes, parameters): + yield result + + def handle_request(self, parameters): + # check whether requested user is in nss_initgroups_ignoreusers + if parameters['memberUid'] in cfg.nss_initgroups_ignoreusers: + # write the final result code to signify empty results + self.fp.write_int32(constants.NSLCD_RESULT_END) + return + return super(GroupByMemberRequest, self).handle_request(parameters) + + +class GroupAllRequest(GroupRequest): + + action = constants.NSLCD_ACTION_GROUP_ALL + + def handle_request(self, parameters): + if not cfg.nss_disable_enumeration: + return super(GroupAllRequest, self).handle_request(parameters) diff --git a/pynslcd/host.py b/pynslcd/host.py new file mode 100644 index 0000000..04f5337 --- /dev/null +++ b/pynslcd/host.py @@ -0,0 +1,123 @@ + +# host.py - lookup functions for host names and addresses +# +# Copyright (C) 2011, 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import cache +import common +import constants +import search + + +attmap = common.Attributes(cn='cn', ipHostNumber='ipHostNumber') +filter = '(objectClass=ipHost)' + + +class Search(search.LDAPSearch): + + canonical_first = ('cn', ) + required = ('cn', ) + + +class Cache(cache.Cache): + + tables = ('host_cache', 'host_alias_cache', 'host_address_cache') + + create_sql = ''' + CREATE TABLE IF NOT EXISTS `host_cache` + ( `cn` TEXT PRIMARY KEY COLLATE NOCASE, + `mtime` TIMESTAMP NOT NULL ); + CREATE TABLE IF NOT EXISTS `host_alias_cache` + ( `host` TEXT NOT NULL COLLATE NOCASE, + `cn` TEXT NOT NULL COLLATE NOCASE, + FOREIGN KEY(`host`) REFERENCES `host_cache`(`cn`) + ON DELETE CASCADE ON UPDATE CASCADE ); + CREATE INDEX IF NOT EXISTS `host_alias_idx` ON `host_alias_cache`(`host`); + CREATE TABLE IF NOT EXISTS `host_address_cache` + ( `host` TEXT NOT NULL COLLATE NOCASE, + `ipHostNumber` TEXT NOT NULL, + FOREIGN KEY(`host`) REFERENCES `host_cache`(`cn`) + ON DELETE CASCADE ON UPDATE CASCADE ); + CREATE INDEX IF NOT EXISTS `host_address_idx` ON `host_address_cache`(`host`); + ''' + + retrieve_sql = ''' + SELECT `host_cache`.`cn` AS `cn`, + `host_alias_cache`.`cn` AS `alias`, + `host_address_cache`.`ipHostNumber` AS `ipHostNumber`, + `host_cache`.`mtime` AS `mtime` + FROM `host_cache` + LEFT JOIN `host_alias_cache` + ON `host_alias_cache`.`host` = `host_cache`.`cn` + LEFT JOIN `host_address_cache` + ON `host_address_cache`.`host` = `host_cache`.`cn` + ''' + + retrieve_by = dict( + cn=''' + ( `host_cache`.`cn` = ? OR + `host_cache`.`cn` IN ( + SELECT `by_alias`.`host` + FROM `host_alias_cache` `by_alias` + WHERE `by_alias`.`cn` = ?)) + ''', + ipHostNumber=''' + `host_cache`.`cn` IN ( + SELECT `by_ipHostNumber`.`host` + FROM `host_address_cache` `by_ipHostNumber` + WHERE `by_ipHostNumber`.`ipHostNumber` = ?) + ''', + ) + + group_by = (0, ) # cn + group_columns = (1, 2) # alias, ipHostNumber + + +class HostRequest(common.Request): + + def write(self, hostname, aliases, addresses): + self.fp.write_string(hostname) + self.fp.write_stringlist(aliases) + self.fp.write_int32(len(addresses)) + for address in addresses: + self.fp.write_address(address) + + def convert(self, dn, attributes, parameters): + hostnames = attributes['cn'] + yield (hostnames[0], hostnames[1:], attributes['ipHostNumber']) + + +class HostByNameRequest(HostRequest): + + action = constants.NSLCD_ACTION_HOST_BYNAME + + def read_parameters(self, fp): + return dict(cn=fp.read_string()) + + +class HostByAddressRequest(HostRequest): + + action = constants.NSLCD_ACTION_HOST_BYADDR + + def read_parameters(self, fp): + return dict(ipHostNumber=fp.read_address()) + + +class HostAllRequest(HostRequest): + + action = constants.NSLCD_ACTION_HOST_ALL diff --git a/pynslcd/invalidator.py b/pynslcd/invalidator.py new file mode 100644 index 0000000..4f260c3 --- /dev/null +++ b/pynslcd/invalidator.py @@ -0,0 +1,112 @@ + +# invalidator.py - functions for invalidating external caches +# +# Copyright (C) 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import fcntl +import logging +import os +import subprocess + +import cfg + + +# the file descriptor used for sending messages to the child process +signalfd = None + + +# mapping between map name and signal character +_db_to_char = dict( + aliases='A', ethers='E', group='G', hosts='H', netgroup='U', + networks='N', passwd='P', protocols='L', rpc='R', services='V', + shadow='S', nfsidmap='F', + ) +_char_to_db = dict((reversed(item) for item in _db_to_char.items())) + + +def exec_invalidate(*args): + cmd = ' '.join(args) + logging.debug('invalidator: %s', cmd) + try: + p = subprocess.Popen(args, bufsize=4096, close_fds=True, + stdout=subprocess.PIPE, stderr=subprocess.STDOUT) + output, ignored = p.communicate() + if output: + output = ': %s' % output[:1024].strip() + if p.returncode == 0: + logging.debug('invalidator: %s (pid %d) success%s', + cmd, p.pid, output) + elif p.returncode > 0: + logging.debug('invalidator: %s (pid %d) failed (%d)%s', + cmd, p.pid, p.returncode, output) + else: # p.returncode < 0 + logging.error('invalidator: %s (pid %d) killed by signal %d%s', + cmd, p.pid, -p.returncode, output) + except: + logging.warn('invalidator: %s failed', cmd, exc_info=True) + + +def loop(fd): + # set process title + try: + import setproctitle + setproctitle.setproctitle('(invalidator)') + except ImportError: + pass + # set up clean environment + os.chdir('/') + os.environ['PATH'] = '/usr/sbin:/usr/bin:/sbin:/bin' + while True: + db = os.read(fd, 1) + if db == '': + break # close process down + db = _char_to_db.get(db, None) + if db == 'nfsidmap': + exec_invalidate('nfsidmap', '-c') + elif db: + exec_invalidate('nscd', '-i', db) + + +def start_invalidator(): + r, w = os.pipe() + # mark write end as non-blocking + flags = fcntl.fcntl(w, fcntl.F_GETFL) + fcntl.fcntl(w, fcntl.F_SETFL, flags | os.O_NONBLOCK) + cpid = os.fork() + if cpid == 0: + # we are the child + os.close(w) + loop(r) + os._exit(1) + # we are the parent + global signalfd + signalfd = w + os.close(r) + + +def invalidate(db=None): + if signalfd is None: + return # nothing to do + if db: + db = _db_to_char.get(db, '') + else: + db = ''.join(_db_to_char[x] for x in cfg.reconnect_invalidate) + try: + os.write(signalfd, db) + except: + logging.warn('requesting invalidation (%s) failed', db, exc_info=True) diff --git a/pynslcd/mypidfile.py b/pynslcd/mypidfile.py new file mode 100644 index 0000000..2bf158f --- /dev/null +++ b/pynslcd/mypidfile.py @@ -0,0 +1,79 @@ + +# mypidfile.py - functions for properly locking a PIDFile +# +# Copyright (C) 2010-2017 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import errno +import fcntl +import os + +import cfg + + +class MyPIDLockFile(object): + """Implementation of a PIDFile fit for use with the daemon module + that locks the PIDFile with fcntl.lockf().""" + + def __init__(self, path): + self.path = path + + def __enter__(self): + """Lock the PID file and write the process ID to the file.""" + # create the directory for the pidfile if needed + piddir = os.path.dirname(self.path) + if not os.path.isdir(piddir): + os.mkdir(piddir) + u, gid = cfg.get_usergid() + os.chown(piddir, u.u.pw_uid, gid) + fd = os.open(self.path, os.O_RDWR | os.O_CREAT, 0644) + try: + fcntl.lockf(fd, fcntl.LOCK_EX | fcntl.LOCK_NB) + pidfile = os.fdopen(fd, 'w') + except: + os.close(fd) + raise + pidfile.write('%d\n' % os.getpid()) + pidfile.truncate() + pidfile.flush() + self.pidfile = pidfile + return self + + def __exit__(self, exc_type, exc_value, traceback): + """Release the lock (close the lockfile).""" + fcntl.lockf(self.pidfile.fileno(), fcntl.LOCK_UN) + self.pidfile.close() + del self.pidfile + + def is_locked(self): + """Check whether the file is already present and locked.""" + try: + fd = os.open(self.path, os.O_RDWR, 0644) + # Python doesn't seem to have F_TEST so we'll just try to lock + fcntl.lockf(fd, fcntl.LOCK_EX | fcntl.LOCK_NB) + # if we're here we must have aquired the lock + fcntl.lockf(fd, fcntl.LOCK_UN) + return False + except (IOError, OSError), e: + if e.errno == errno.ENOENT: + return False + if e.errno in (errno.EACCES, errno.EAGAIN): + return True + raise + finally: + if 'fd' in locals(): + os.close(fd) diff --git a/pynslcd/netgroup.py b/pynslcd/netgroup.py new file mode 100644 index 0000000..d86e38c --- /dev/null +++ b/pynslcd/netgroup.py @@ -0,0 +1,116 @@ + +# netgroup.py - lookup functions for netgroups +# +# Copyright (C) 2011, 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import re + +import cache +import common +import constants +import search + + +_netgroup_triple_re = re.compile(r'^\s*\(\s*(?P.*)\s*,\s*(?P.*)\s*,\s*(?P.*)\s*\)\s*$') + + +attmap = common.Attributes(cn='cn', + nisNetgroupTriple='nisNetgroupTriple', + memberNisNetgroup='memberNisNetgroup') +filter = '(objectClass=nisNetgroup)' + + +class Search(search.LDAPSearch): + + case_sensitive = ('cn', ) + required = ('cn', ) + + +class Cache(cache.Cache): + + tables = ('netgroup_cache', 'netgroup_triple_cache', 'netgroup_member_cache') + + create_sql = ''' + CREATE TABLE IF NOT EXISTS `netgroup_cache` + ( `cn` TEXT PRIMARY KEY COLLATE NOCASE, + `mtime` TIMESTAMP NOT NULL ); + CREATE TABLE IF NOT EXISTS `netgroup_triple_cache` + ( `netgroup` TEXT NOT NULL COLLATE NOCASE, + `nisNetgroupTriple` TEXT NOT NULL COLLATE NOCASE, + FOREIGN KEY(`netgroup`) REFERENCES `netgroup_cache`(`cn`) + ON DELETE CASCADE ON UPDATE CASCADE ); + CREATE INDEX IF NOT EXISTS `netgroup_triple_idx` ON `netgroup_triple_cache`(`netgroup`); + CREATE TABLE IF NOT EXISTS `netgroup_member_cache` + ( `netgroup` TEXT NOT NULL COLLATE NOCASE, + `memberNisNetgroup` TEXT NOT NULL, + FOREIGN KEY(`netgroup`) REFERENCES `netgroup_cache`(`cn`) + ON DELETE CASCADE ON UPDATE CASCADE ); + CREATE INDEX IF NOT EXISTS `netgroup_membe_idx` ON `netgroup_member_cache`(`netgroup`); + ''' + + retrieve_sql = ''' + SELECT `netgroup_cache`.`cn` AS `cn`, + `netgroup_triple_cache`.`nisNetgroupTriple` AS `nisNetgroupTriple`, + `netgroup_member_cache`.`memberNisNetgroup` AS `memberNisNetgroup`, + `netgroup_cache`.`mtime` AS `mtime` + FROM `netgroup_cache` + LEFT JOIN `netgroup_triple_cache` + ON `netgroup_triple_cache`.`netgroup` = `netgroup_cache`.`cn` + LEFT JOIN `netgroup_member_cache` + ON `netgroup_member_cache`.`netgroup` = `netgroup_cache`.`cn` + ''' + + group_by = (0, ) # cn + group_columns = (1, 2) # nisNetgroupTriple, memberNisNetgroup + + +class NetgroupRequest(common.Request): + + def write(self, name, triples, members): + self.fp.write_string(name) + for triple in triples: + m = _netgroup_triple_re.match(triple) + if m: + self.fp.write_int32(constants.NSLCD_NETGROUP_TYPE_TRIPLE) + self.fp.write_string(m.group('host')) + self.fp.write_string(m.group('user')) + self.fp.write_string(m.group('domain')) + for member in members: + self.fp.write_int32(constants.NSLCD_NETGROUP_TYPE_NETGROUP) + self.fp.write_string(member) + self.fp.write_int32(constants.NSLCD_NETGROUP_TYPE_END) + + def convert(self, dn, attributes, parameters): + names = attributes['cn'] + triples = attributes['nisNetgroupTriple'] + members = attributes['memberNisNetgroup'] + for name in names: + yield (name, triples, members) + + +class NetgroupByNameRequest(NetgroupRequest): + + action = constants.NSLCD_ACTION_NETGROUP_BYNAME + + def read_parameters(self, fp): + return dict(cn=fp.read_string()) + + +class NetgroupAllRequest(NetgroupRequest): + + action = constants.NSLCD_ACTION_NETGROUP_ALL diff --git a/pynslcd/network.py b/pynslcd/network.py new file mode 100644 index 0000000..01bf6c2 --- /dev/null +++ b/pynslcd/network.py @@ -0,0 +1,124 @@ + +# network.py - lookup functions for network names and addresses +# +# Copyright (C) 2011, 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import cache +import common +import constants +import search + + +attmap = common.Attributes(cn='cn', + ipNetworkNumber='ipNetworkNumber') +filter = '(objectClass=ipNetwork)' + + +class Search(search.LDAPSearch): + + canonical_first = ('cn', ) + required = ('cn', ) + + +class Cache(cache.Cache): + + tables = ('network_cache', 'network_alias_cache', 'network_address_cache') + + create_sql = ''' + CREATE TABLE IF NOT EXISTS `network_cache` + ( `cn` TEXT PRIMARY KEY COLLATE NOCASE, + `mtime` TIMESTAMP NOT NULL ); + CREATE TABLE IF NOT EXISTS `network_alias_cache` + ( `network` TEXT NOT NULL COLLATE NOCASE, + `cn` TEXT NOT NULL COLLATE NOCASE, + FOREIGN KEY(`network`) REFERENCES `network_cache`(`cn`) + ON DELETE CASCADE ON UPDATE CASCADE ); + CREATE INDEX IF NOT EXISTS `network_alias_idx` ON `network_alias_cache`(`network`); + CREATE TABLE IF NOT EXISTS `network_address_cache` + ( `network` TEXT NOT NULL COLLATE NOCASE, + `ipNetworkNumber` TEXT NOT NULL, + FOREIGN KEY(`network`) REFERENCES `network_cache`(`cn`) + ON DELETE CASCADE ON UPDATE CASCADE ); + CREATE INDEX IF NOT EXISTS `network_address_idx` ON `network_address_cache`(`network`); + ''' + + retrieve_sql = ''' + SELECT `network_cache`.`cn` AS `cn`, + `network_alias_cache`.`cn` AS `alias`, + `network_address_cache`.`ipNetworkNumber` AS `ipNetworkNumber`, + `network_cache`.`mtime` AS `mtime` + FROM `network_cache` + LEFT JOIN `network_alias_cache` + ON `network_alias_cache`.`network` = `network_cache`.`cn` + LEFT JOIN `network_address_cache` + ON `network_address_cache`.`network` = `network_cache`.`cn` + ''' + + retrieve_by = dict( + cn=''' + ( `network_cache`.`cn` = ? OR + `network_cache`.`cn` IN ( + SELECT `by_alias`.`network` + FROM `network_alias_cache` `by_alias` + WHERE `by_alias`.`cn` = ?)) + ''', + ipNetworkNumber=''' + `network_cache`.`cn` IN ( + SELECT `by_ipNetworkNumber`.`network` + FROM `network_address_cache` `by_ipNetworkNumber` + WHERE `by_ipNetworkNumber`.`ipNetworkNumber` = ?) + ''', + ) + + group_by = (0, ) # cn + group_columns = (1, 2) # alias, ipNetworkNumber + + +class NetworkRequest(common.Request): + + def write(self, networkname, aliases, addresses): + self.fp.write_string(networkname) + self.fp.write_stringlist(aliases) + self.fp.write_int32(len(addresses)) + for address in addresses: + self.fp.write_address(address) + + def convert(self, dn, attributes, parameters): + netnames = attributes['cn'] + yield (netnames[0], netnames[1:], attributes['ipNetworkNumber']) + + +class NetworkByNameRequest(NetworkRequest): + + action = constants.NSLCD_ACTION_NETWORK_BYNAME + + def read_parameters(self, fp): + return dict(cn=fp.read_string()) + + +class NetworkByAddressRequest(NetworkRequest): + + action = constants.NSLCD_ACTION_NETWORK_BYADDR + + def read_parameters(self, fp): + return dict(ipNetworkNumber=fp.read_address()) + + +class NetworkAllRequest(NetworkRequest): + + action = constants.NSLCD_ACTION_NETWORK_ALL diff --git a/pynslcd/pam.py b/pynslcd/pam.py new file mode 100644 index 0000000..76e90a4 --- /dev/null +++ b/pynslcd/pam.py @@ -0,0 +1,372 @@ + +# pam.py - functions authentication, authorisation and session handling +# +# Copyright (C) 2010, 2011, 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import logging +import random +import socket +import time + +from ldap.controls.ppolicy import PasswordPolicyControl, PasswordPolicyError +from ldap.filter import escape_filter_chars +import ldap + +import cfg +import common +import constants +import passwd +import search +import shadow + + +random = random.SystemRandom() + + +def authenticate(binddn, password): + # open a new connection + conn = search.Connection() + # bind using the specified credentials + pwctrl = PasswordPolicyControl() + res, data, msgid, ctrls = conn.simple_bind_s(binddn, password, serverctrls=[pwctrl]) + # go over bind result server controls + for ctrl in ctrls: + if ctrl.controlType == PasswordPolicyControl.controlType: + # found a password policy control + logging.debug('PasswordPolicyControl found: error=%s (%s), timeBeforeExpiration=%s, graceAuthNsRemaining=%s', + 'None' if ctrl.error is None else PasswordPolicyError(ctrl.error).prettyPrint(), + ctrl.error, ctrl.timeBeforeExpiration, ctrl.graceAuthNsRemaining) + if ctrl.error == 0: # passwordExpired + return conn, constants.NSLCD_PAM_AUTHTOK_EXPIRED, PasswordPolicyError(ctrl.error).prettyPrint() + elif ctrl.error == 1: # accountLocked + return conn, constants.NSLCD_PAM_ACCT_EXPIRED, PasswordPolicyError(ctrl.error).prettyPrint() + elif ctrl.error == 2: # changeAfterReset + return conn, constants.NSLCD_PAM_NEW_AUTHTOK_REQD, 'Password change is needed after reset' + elif ctrl.error: + return conn, constants.NSLCD_PAM_PERM_DENIED, PasswordPolicyError(ctrl.error).prettyPrint() + elif ctrl.timeBeforeExpiration is not None: + return conn, constants.NSLCD_PAM_NEW_AUTHTOK_REQD, 'Password will expire in %d seconds' % ctrl.timeBeforeExpiration + elif ctrl.graceAuthNsRemaining is not None: + return conn, constants.NSLCD_PAM_NEW_AUTHTOK_REQD, 'Password expired, %d grace logins left' % ctrl.graceAuthNsRemaining + # perform search for own object (just to do any kind of search) + results = search.LDAPSearch(conn, base=binddn, scope=ldap.SCOPE_BASE, + filter='(objectClass=*)', attributes=['dn', ]) + for entry in results: + if entry[0] == binddn: + return conn, constants.NSLCD_PAM_SUCCESS, '' + # if our DN wasn't found raise an error to signal bind failure + raise ldap.NO_SUCH_OBJECT() + + +def pwmod(conn, userdn, oldpassword, newpassword): + # perform request without old password + try: + conn.passwd_s(userdn, None, newpassword) + except ldap.LDAPError: + # retry with old password + if oldpassword: + conn.passwd_s(userdn, oldpassword, newpassword) + else: + raise + + +def update_lastchange(conns, userdn): + """Try to update the shadowLastChange attribute of the entry.""" + attribute = shadow.attmap['shadowLastChange'] + if attribute == '${shadowLastChange:--1}': + attribute = 'shadowLastChange' + if not attribute or '$' in attribute: + raise ValueError('shadowLastChange has unsupported mapping') + # build the value for the new attribute + if attribute.lower() == 'pwdlastset': + # for AD we use another timestamp */ + value = '%d000000000' % (time.time() / 100L + (134774L * 864L)) + else: + # time in days since Jan 1, 1970 + value = '%d' % (time.time() / (60 * 60 * 24)) + # perform the modification, return at first success + for conn in conns: + try: + conn.modify_s(userdn, [(ldap.MOD_REPLACE, attribute, [value])]) + return + except ldap.LDAPError: + pass # ignore error and try next connection + + +class PAMRequest(common.Request): + + def validate(self, parameters): + """This method checks the provided username for validity and fills + in the DN if needed.""" + # check username for validity + common.validate_name(parameters['username']) + # look up user DN + entry = passwd.uid2entry(self.conn, parameters['username']) + if not entry: + # FIXME: we should close the stream with an empty response here + raise ValueError('%r: user not found' % parameters['username']) + # save the DN + parameters['userdn'] = entry[0] + # get the "real" username + value = passwd.attmap.get_rdn_value(entry[0], 'uid') + if not value: + # get the username from the uid attribute + values = entry[1]['uid'] + if not values or not values[0]: + logging.warning('%s: is missing a %s attribute', entry[0], passwd.attmap['uid']) + value = values[0] + # check the username + if value and not common.is_valid_name(value): + raise ValueError('%s: has invalid %s attribute', entry[0], passwd.attmap['uid']) + # check if the username is different and update it if needed + if value != parameters['username']: + logging.info('username changed from %r to %r', parameters['username'], value) + parameters['username'] = value + + +class PAMAuthenticationRequest(PAMRequest): + + action = constants.NSLCD_ACTION_PAM_AUTHC + + def read_parameters(self, fp): + return dict(username=fp.read_string(), + service=fp.read_string(), + ruser=fp.read_string(), + rhost=fp.read_string(), + tty=fp.read_string(), + password=fp.read_string()) + # TODO: log call with parameters + + def write(self, username, authc=constants.NSLCD_PAM_SUCCESS, + authz=constants.NSLCD_PAM_SUCCESS, msg=''): + self.fp.write_int32(constants.NSLCD_RESULT_BEGIN) + self.fp.write_int32(authc) + self.fp.write_string(username) + self.fp.write_int32(authz) + self.fp.write_string(msg) + self.fp.write_int32(constants.NSLCD_RESULT_END) + + def handle_request(self, parameters): + # if the username is blank and rootpwmoddn is configured, try to + # authenticate as administrator, otherwise validate request as usual + if not parameters['username'] and cfg.rootpwmoddn: + # authenticate as rootpwmoddn + binddn = cfg.rootpwmoddn + # if the caller is root we will allow the use of rootpwmodpw + if not parameters['password'] and self.calleruid == 0 and cfg.rootpwmodpw: + password = cfg.rootpwmodpw + elif parameters['password']: + password = parameters['password'] + else: + raise ValueError('password missing') + else: + self.validate(parameters) + binddn = parameters['userdn'] + password = parameters['password'] + # try authentication + try: + conn, authz, msg = authenticate(binddn, password) + except ldap.INVALID_CREDENTIALS, e: + try: + msg = e[0]['desc'] + except: + msg = str(e) + logging.debug('bind failed: %s', msg) + self.write(parameters['username'], authc=constants.NSLCD_PAM_AUTH_ERR, msg=msg) + return + if authz != constants.NSLCD_PAM_SUCCESS: + logging.warning('%s: %s: %s', binddn, parameters['username'], msg) + else: + logging.debug('bind successful') + # FIXME: perform shadow attribute checks with check_shadow() + self.write(parameters['username'], authz=authz, msg=msg) + + +class PAMAuthorisationRequest(PAMRequest): + + action = constants.NSLCD_ACTION_PAM_AUTHZ + + def read_parameters(self, fp): + return dict(username=fp.read_string(), + service=fp.read_string(), + ruser=fp.read_string(), + rhost=fp.read_string(), + tty=fp.read_string()) + # TODO: log call with parameters + + def write(self, authz=constants.NSLCD_PAM_SUCCESS, msg=''): + self.fp.write_int32(constants.NSLCD_RESULT_BEGIN) + self.fp.write_int32(authz) + self.fp.write_string(msg) + self.fp.write_int32(constants.NSLCD_RESULT_END) + + def check_authz_search(self, parameters): + if not cfg.pam_authz_searches: + return + # escape all parameters + variables = dict((k, escape_filter_chars(v)) for k, v in parameters.items()) + variables.update( + hostname=escape_filter_chars(socket.gethostname()), + fqdn=escape_filter_chars(socket.getfqdn()), + dn=variables['userdn'], + uid=variables['username'], + ) + # go over all authz searches + for x in cfg.pam_authz_searches: + filter = x.value(variables) + logging.debug('trying pam_authz_search "%s"', filter) + srch = search.LDAPSearch(self.conn, filter=filter, attributes=('dn', )) + try: + dn, values = srch.items().next() + except StopIteration: + logging.error('pam_authz_search "%s" found no matches', filter) + raise + logging.debug('pam_authz_search found "%s"', dn) + + def handle_request(self, parameters): + # fill in any missing userdn, etc. + self.validate(parameters) + # check authorisation search + try: + self.check_authz_search(parameters) + except StopIteration: + self.write(constants.NSLCD_PAM_PERM_DENIED, + 'LDAP authorisation check failed') + return + # all tests passed, return OK response + self.write() + + +class PAMPasswordModificationRequest(PAMRequest): + + action = constants.NSLCD_ACTION_PAM_PWMOD + + def read_parameters(self, fp): + return dict(username=fp.read_string(), + service=fp.read_string(), + ruser=fp.read_string(), + rhost=fp.read_string(), + tty=fp.read_string(), + asroot=fp.read_int32(), + oldpassword=fp.read_string(), + newpassword=fp.read_string()) + # TODO: log call with parameters + + def write(self, rc=constants.NSLCD_PAM_SUCCESS, msg=''): + self.fp.write_int32(constants.NSLCD_RESULT_BEGIN) + self.fp.write_int32(rc) + self.fp.write_string(msg) + self.fp.write_int32(constants.NSLCD_RESULT_END) + + def handle_request(self, parameters): + # fill in any missing userdn, etc. + self.validate(parameters) + # check if pam_password_prohibit_message is set + if cfg.pam_password_prohibit_message: + self.write(constants.NSLCD_PAM_PERM_DENIED, + cfg.pam_password_prohibit_message) + return + # check if the the user passed the rootpwmoddn + if parameters['asroot']: + binddn = cfg.rootpwmoddn + # check if rootpwmodpw should be used + if not parameters['oldpassword'] and self.calleruid == 0 and cfg.rootpwmodpw: + password = cfg.rootpwmodpw + elif parameters['oldpassword']: + password = parameters['oldpassword'] + else: + raise ValueError('password missing') + else: + binddn = parameters['userdn'] + password = parameters['oldpassword'] + # TODO: check if shadow properties allow password change + # perform password modification + try: + conn, authz, msg = authenticate(binddn, password) + pwmod(conn, parameters['userdn'], parameters['oldpassword'], parameters['newpassword']) + # try to update lastchange with normal or user connection + update_lastchange((self.conn, conn), parameters['userdn']) + except ldap.INVALID_CREDENTIALS, e: + try: + msg = e[0]['desc'] + except: + msg = str(e) + logging.debug('pwmod failed: %s', msg) + self.write(constants.NSLCD_PAM_PERM_DENIED, msg) + return + logging.debug('pwmod successful') + self.write() + + +SESSION_ID_LENGTH = 25 +SESSION_ID_ALPHABET = ( + "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + + "abcdefghijklmnopqrstuvwxyz" + + "01234567890" +) + + +def generate_session_id(): + return ''.join( + random.choice(SESSION_ID_ALPHABET) + for i in range(SESSION_ID_LENGTH) + ) + + +class PAMSessionOpenRequest(PAMRequest): + + action = constants.NSLCD_ACTION_PAM_SESS_O + + def read_parameters(self, fp): + return dict(username=fp.read_string(), + service=fp.read_string(), + ruser=fp.read_string(), + rhost=fp.read_string(), + tty=fp.read_string()) + # TODO: log call with parameters + + def write(self, sessionid): + self.fp.write_int32(constants.NSLCD_RESULT_BEGIN) + self.fp.write_string(sessionid) + self.fp.write_int32(constants.NSLCD_RESULT_END) + + def handle_request(self, parameters): + # generate a session id + session_id = generate_session_id() + self.write(session_id) + + +class PAMSessionCloseRequest(PAMRequest): + + action = constants.NSLCD_ACTION_PAM_SESS_C + + def read_parameters(self, fp): + return dict(username=fp.read_string(), + service=fp.read_string(), + ruser=fp.read_string(), + rhost=fp.read_string(), + tty=fp.read_string(), + session_id=fp.read_string()) + # TODO: log call with parameters + + def write(self): + self.fp.write_int32(constants.NSLCD_RESULT_BEGIN) + self.fp.write_int32(constants.NSLCD_RESULT_END) + + def handle_request(self, parameters): + self.write() diff --git a/pynslcd/passwd.py b/pynslcd/passwd.py new file mode 100644 index 0000000..6c3f289 --- /dev/null +++ b/pynslcd/passwd.py @@ -0,0 +1,155 @@ + +# passwd.py - lookup functions for user account information +# +# Copyright (C) 2010-2017 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import logging + +import cache +import cfg +import common +import constants +import search + + +attmap = common.Attributes(uid='uid', + userPassword='"*"', + uidNumber='uidNumber', + gidNumber='gidNumber', + gecos='"${gecos:-$cn}"', + homeDirectory='homeDirectory', + loginShell='loginShell', + objectClass='objectClass') +filter = '(objectClass=posixAccount)' + + +class Search(search.LDAPSearch): + + case_sensitive = ('uid', 'uidNumber', ) + limit_attributes = ('uid', 'uidNumber', ) + required = ('uid', 'uidNumber', 'gidNumber', 'gecos', 'homeDirectory', + 'loginShell') + + def mk_filter(self): + if 'uidNumber' in self.parameters: + self.parameters['uidNumber'] -= cfg.nss_uid_offset + return super(Search, self).mk_filter() + + +class Cache(cache.Cache): + + create_sql = ''' + CREATE TABLE IF NOT EXISTS `passwd_cache` + ( `uid` TEXT PRIMARY KEY, + `userPassword` TEXT, + `uidNumber` INTEGER NOT NULL UNIQUE, + `gidNumber` INTEGER NOT NULL, + `gecos` TEXT, + `homeDirectory` TEXT, + `loginShell` TEXT, + `mtime` TIMESTAMP NOT NULL ); + ''' + + +class PasswdRequest(common.Request): + + def write(self, name, passwd, uid, gid, gecos, home, shell): + self.fp.write_string(name) + self.fp.write_string(passwd) + self.fp.write_int32(uid) + self.fp.write_int32(gid) + self.fp.write_string(gecos) + self.fp.write_string(home) + self.fp.write_string(shell) + + def convert(self, dn, attributes, parameters): + names = attributes['uid'] + if 'shadowAccount' in attributes['objectClass']: + passwd = 'x' + else: + try: + passwd = attributes['userPassword'][0] + except IndexError: + passwd = None + if not passwd or self.calleruid != 0: + passwd = '*' + uids = [int(x) + cfg.nss_uid_offset for x in attributes['uidNumber']] + gid = int(attributes['gidNumber'][0]) + cfg.nss_gid_offset + gecos = attributes['gecos'][0] + home = attributes['homeDirectory'][0] + shell = attributes['loginShell'][0] + for name in names: + if not common.is_valid_name(name): + logging.warning('%s: %s: denied by validnames option', dn, attmap['uid']) + else: + for uid in uids: + if uid >= cfg.nss_min_uid: + yield (name, passwd, uid, gid, gecos, home, shell) + + +class PasswdByNameRequest(PasswdRequest): + + action = constants.NSLCD_ACTION_PASSWD_BYNAME + + def read_parameters(self, fp): + name = fp.read_string() + common.validate_name(name) + return dict(uid=name) + + +class PasswdByUidRequest(PasswdRequest): + + action = constants.NSLCD_ACTION_PASSWD_BYUID + + def read_parameters(self, fp): + return dict(uidNumber=fp.read_int32()) + + def handle_request(self, parameters): + # check requested numeric id + if parameters['uidNumber'] >= cfg.nss_min_uid: + return super(PasswdByUidRequest, self).handle_request(parameters) + # write the final result code to signify empty results + self.fp.write_int32(constants.NSLCD_RESULT_END) + + +class PasswdAllRequest(PasswdRequest): + + action = constants.NSLCD_ACTION_PASSWD_ALL + + def handle_request(self, parameters): + if not cfg.nss_disable_enumeration: + return super(PasswdAllRequest, self).handle_request(parameters) + + +def uid2entry(conn, uid): + """Look up the user by uid and return the LDAP entry or None if the user + was not found.""" + for dn, attributes in Search(conn, parameters=dict(uid=uid)): + if any((int(x) + cfg.nss_uid_offset) >= cfg.nss_min_uid for x in attributes['uidNumber']): + return dn, attributes + + +# FIXME: use cache of dn2uid and try to use DN to get uid attribute + + +def dn2uid(conn, dn): + """Look up the user by dn and return a uid or None if the user was + not found.""" + for dn, attributes in Search(conn, base=dn): + if any((int(x) + cfg.nss_uid_offset) >= cfg.nss_min_uid for x in attributes['uidNumber']): + return attributes['uid'][0] diff --git a/pynslcd/protocol.py b/pynslcd/protocol.py new file mode 100644 index 0000000..1472c04 --- /dev/null +++ b/pynslcd/protocol.py @@ -0,0 +1,107 @@ + +# protocol.py - protocol name and number lookup routines +# +# Copyright (C) 2011, 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import cache +import common +import constants +import search + + +attmap = common.Attributes(cn='cn', ipProtocolNumber='ipProtocolNumber') +filter = '(objectClass=ipProtocol)' + + +class Search(search.LDAPSearch): + + case_sensitive = ('cn', ) + canonical_first = ('cn', ) + required = ('cn', 'ipProtocolNumber') + + +class Cache(cache.Cache): + + tables = ('protocol_cache', 'protocol_alias_cache') + + create_sql = ''' + CREATE TABLE IF NOT EXISTS `protocol_cache` + ( `cn` TEXT PRIMARY KEY, + `ipProtocolNumber` INTEGER NOT NULL, + `mtime` TIMESTAMP NOT NULL ); + CREATE TABLE IF NOT EXISTS `protocol_alias_cache` + ( `protocol` TEXT NOT NULL, + `cn` TEXT NOT NULL, + FOREIGN KEY(`protocol`) REFERENCES `protocol_cache`(`cn`) + ON DELETE CASCADE ON UPDATE CASCADE ); + CREATE INDEX IF NOT EXISTS `protocol_alias_idx` ON `protocol_alias_cache`(`protocol`); + ''' + + retrieve_sql = ''' + SELECT `protocol_cache`.`cn` AS `cn`, `protocol_alias_cache`.`cn` AS `alias`, + `ipProtocolNumber`, `mtime` + FROM `protocol_cache` + LEFT JOIN `protocol_alias_cache` + ON `protocol_alias_cache`.`protocol` = `protocol_cache`.`cn` + ''' + + retrieve_by = dict( + cn=''' + ( `protocol_cache`.`cn` = ? OR + `protocol_cache`.`cn` IN ( + SELECT `by_alias`.`protocol` + FROM `protocol_alias_cache` `by_alias` + WHERE `by_alias`.`cn` = ?)) + ''', + ) + + group_by = (0, ) # cn + group_columns = (1, ) # alias + + +class ProtocolRequest(common.Request): + + def write(self, name, names, number): + self.fp.write_string(name) + self.fp.write_stringlist(names) + self.fp.write_int32(number) + + def convert(self, dn, attributes, parameters): + names = attributes['cn'] + yield (names[0], names[1:], int(attributes['ipProtocolNumber'][0])) + + +class ProtocolByNameRequest(ProtocolRequest): + + action = constants.NSLCD_ACTION_PROTOCOL_BYNAME + + def read_parameters(self, fp): + return dict(cn=fp.read_string()) + + +class ProtocolByNumberRequest(ProtocolRequest): + + action = constants.NSLCD_ACTION_PROTOCOL_BYNUMBER + + def read_parameters(self, fp): + return dict(ipProtocolNumber=fp.read_int32()) + + +class ProtocolAllRequest(ProtocolRequest): + + action = constants.NSLCD_ACTION_PROTOCOL_ALL diff --git a/pynslcd/pynslcd.py b/pynslcd/pynslcd.py new file mode 100755 index 0000000..d367a8c --- /dev/null +++ b/pynslcd/pynslcd.py @@ -0,0 +1,377 @@ +#!/usr/bin/env python + +# pynslcd.py - main daemon module +# +# Copyright (C) 2010-2017 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import logging +import logging.handlers +import os +import signal +import sys +import syslog +import threading + +import daemon +import ldap + +from tio import TIOStream +import cfg +import common +import constants +import invalidator +import mypidfile +import search + + +# the name of the program +program_name = 'pynslcd' + +# flag to indicate whether we are in debugging mode +debugging = 0 + +# flag to indicate we shouldn't daemonize +nofork = False + +# flag to indicate user requested the --check option +checkonly = False + + +class MyFormatter(logging.Formatter): + + def format(self, record): + record.prefix = 'DEBUG: ' if record.levelno == logging.DEBUG else '' + return super(MyFormatter, self).format(record) + + +class MySysLogHandler(logging.Handler): + + mapping = { + logging.DEBUG: syslog.LOG_DEBUG, + logging.INFO: syslog.LOG_INFO, + logging.WARNING: syslog.LOG_WARNING, + logging.ERROR: syslog.LOG_ERR, + logging.CRITICAL: syslog.LOG_CRIT, + } + + def __init__(self): + super(MySysLogHandler, self).__init__() + syslog.openlog(program_name, syslog.LOG_PID, syslog.LOG_DAEMON) + + def emit(self, record): + priority = self.mapping.get(record.levelno, syslog.LOG_WARNING) + msg = self.format(record) + for line in msg.splitlines(): + syslog.syslog(priority, line) + + +# configure logging +stderrhandler = logging.StreamHandler(sys.stderr) +stderrhandler.setFormatter(MyFormatter('pynslcd: %(prefix)s%(message)s')) +logging.getLogger().addHandler(stderrhandler) +logging.getLogger().setLevel(logging.INFO) + + +def display_version(fp): + fp.write('%(PACKAGE_STRING)s\n' + 'Written by Arthur de Jong.\n' + '\n' + 'Copyright (C) 2010-2017 Arthur de Jong\n' + 'This is free software; see the source for copying conditions. There is NO\n' + 'warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\n' + % {'PACKAGE_STRING': constants.PACKAGE_STRING, }) + + +def display_usage(fp): + fp.write("Usage: %(program_name)s [OPTION]...\n" + "Name Service LDAP connection daemon.\n" + " -c, --check check if the daemon already is running\n" + " -d, --debug don't fork and print debugging to stderr\n" + " -n, --nofork don't fork\n" + " --help display this help and exit\n" + " --version output version information and exit\n" + "\n" + "Report bugs to <%(PACKAGE_BUGREPORT)s>.\n" + % {'program_name': program_name, + 'PACKAGE_BUGREPORT': constants.PACKAGE_BUGREPORT, }) + + +def parse_cmdline(): + """Parse command-line arguments.""" + import getopt + global program_name + program_name = sys.argv[0] or program_name + try: + optlist, args = getopt.gnu_getopt( + sys.argv[1:], 'cdnhV', + ('check', 'debug', 'nofork', 'help', 'version')) + for flag, arg in optlist: + if flag in ('-c', '--check'): + global checkonly + checkonly = True + elif flag in ('-d', '--debug'): + global debugging + debugging += 1 + elif flag in ('-n', '--nofork'): + global nofork + nofork = True + elif flag in ('-h', '--help'): + display_usage(sys.stdout) + sys.exit(0) + elif flag in ('-V', '--version'): + display_version(sys.stdout) + sys.exit(0) + if len(args): + raise getopt.GetoptError('unrecognized option \'%s\'' % args[0], args[0]) + except getopt.GetoptError, reason: + sys.stderr.write( + "%(program_name)s: %(reason)s\n" + "Try '%(program_name)s --help' for more information.\n" % { + 'program_name': program_name, + 'reason': reason, + }) + sys.exit(1) + + +def create_socket(): + """Returns a socket ready to answer requests from the client.""" + import socket + import fcntl + sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) + # remove existing named socket + try: + os.unlink(constants.NSLCD_SOCKET) + except OSError: + pass # ignore any problems + # bind to named socket + sock.bind(constants.NSLCD_SOCKET) + # close the file descriptor on exit + fcntl.fcntl(sock, fcntl.F_SETFD, fcntl.FD_CLOEXEC) + # set permissions of socket so anybody can do requests + os.chmod(constants.NSLCD_SOCKET, 0666) + # start listening for connections + sock.listen(socket.SOMAXCONN) + return sock + + +def log_newsession(): + pass + # FIXME: implement + + +def getpeercred(fd): + """Return uid, gid and pid of calling application.""" + import struct + import socket + try: + SO_PEERCRED = getattr(socket, 'SO_PEERCRED', 17) + creds = fd.getsockopt(socket.SOL_SOCKET, SO_PEERCRED, struct.calcsize('3i')) + pid, uid, gid = struct.unpack('3i', creds) + return uid, gid, pid + except socket.error: + return None, None, None + + +handlers = {} +handlers.update(common.get_handlers('config')) +handlers.update(common.get_handlers('alias')) +handlers.update(common.get_handlers('ether')) +handlers.update(common.get_handlers('group')) +handlers.update(common.get_handlers('host')) +handlers.update(common.get_handlers('netgroup')) +handlers.update(common.get_handlers('network')) +handlers.update(common.get_handlers('passwd')) +handlers.update(common.get_handlers('protocol')) +handlers.update(common.get_handlers('rpc')) +handlers.update(common.get_handlers('service')) +handlers.update(common.get_handlers('shadow')) +handlers.update(common.get_handlers('pam')) +handlers.update(common.get_handlers('usermod')) + + +def acceptconnection(session): + # accept a new connection + conn, addr = nslcd_serversocket.accept() + # See: http://docs.python.org/library/socket.html#socket.socket.settimeout + fp = None + try: + # indicate new connection to logging module (generates unique id) + log_newsession() + # log connection + uid, gid, pid = getpeercred(conn) + logging.debug('connection from pid=%r uid=%r gid=%r', pid, uid, gid) + # create a stream object + fp = TIOStream(conn) + # read request + version = fp.read_int32() + if version != constants.NSLCD_VERSION: + logging.debug('wrong nslcd version id (%r)', version) + return + action = fp.read_int32() + try: + handler = handlers[action] + except KeyError: + logging.warning('invalid action id: 0x%08x', action) + return + handler(fp, session, uid)() + finally: + if fp: + fp.close() + + +def disable_nss_ldap(): + """Disable the nss_ldap module to avoid lookup loops.""" + import ctypes + try: + lib = ctypes.CDLL(constants.NSS_LDAP_SONAME) + except OSError: + return # ignore errors in opening NSS module + try: + ctypes.c_int.in_dll( + lib, '_nss_%s_enablelookups' % constants.MODULE_NAME).value = 0 + except ValueError: + logging.warn('probably older NSS module loaded', exc_info=True) + try: + version_info = (ctypes.c_char_p * 2).in_dll(lib, '_nss_ldap_version') + logging.debug('NSS_LDAP %s %s', version_info[0], version_info[1]) + except ValueError: + logging.warn('probably older NSS module loaded', exc_info=True) + + +def worker(): + session = search.Connection() + while True: + try: + acceptconnection(session) + except: + logging.exception('exception in worker') + # ignore all exceptions, just keep going + + +if __name__ == '__main__': + # parse options + parse_cmdline() + # clean the environment + os.environ.clear() + os.environ['HOME'] = '/' + os.environ['TMPDIR'] = '/tmp' + os.environ['LDAPNOINIT'] = '1' + # set log level + if debugging: + logging.getLogger().setLevel(logging.DEBUG) + # disable ldap lookups of host names to avoid lookup loop + disable_nss_ldap() + # TODO: implement + #if myldap_set_debuglevel(cfg.debug) != LDAP_SUCCESS: + # sys.exit(1) + # read configuration file + cfg.read(constants.NSLCD_CONF_PATH) + # set process title + try: + import setproctitle + setproctitle.setproctitle('pynslcd') + except ImportError: + pass + # set a default umask for the pidfile and socket + os.umask(0022) + # see if someone already locked the pidfile + pidfile = mypidfile.MyPIDLockFile(constants.NSLCD_PIDFILE) + # see if --check option was given + if checkonly: + if pidfile.is_locked(): + logging.debug('pidfile (%s) is locked', constants.NSLCD_PIDFILE) + sys.exit(0) + else: + logging.debug('pidfile (%s) is not locked', constants.NSLCD_PIDFILE) + sys.exit(1) + # normal check for pidfile locked + if pidfile.is_locked(): + logging.error('daemon may already be active, cannot acquire lock (%s)', + constants.NSLCD_PIDFILE) + sys.exit(1) + # daemonize + if debugging or nofork: + ctx = pidfile + else: + ctx = daemon.DaemonContext( + pidfile=pidfile, + signal_map={ + signal.SIGTERM: u'terminate', + signal.SIGINT: u'terminate', + signal.SIGPIPE: None, + }) + # start daemon + with ctx: + try: + # start normal logging as configured + if not debugging: + for method, level in cfg.logs: + if method == 'syslog': + handler = MySysLogHandler() + handler.setFormatter(MyFormatter('%(prefix)s%(message)s')) + else: + handler = logging.FileHandler(method, encoding='utf-8') + handler.setFormatter(MyFormatter('%(asctime)s %(prefix)s%(message)s')) + handler.setLevel(level) + logging.getLogger().addHandler(handler) + logging.getLogger().setLevel(min(level for method, level in cfg.logs)) + logging.getLogger().removeHandler(stderrhandler) + logging.info('version %s starting', constants.VERSION) + # start invalidator sub-process if needed + if cfg.reconnect_invalidate: + invalidator.start_invalidator() + # create socket + nslcd_serversocket = create_socket() + # load supplementary groups + if cfg.uid is not None: + u, gid = cfg.get_usergid() + # set supplementary groups, gid and uid + os.initgroups(u.pw_name, gid) + os.setgid(gid) + os.setuid(u.pw_uid) + os.environ['HOME'] = u.pw_dir + logging.info('accepting connections') + # set global LDAP configuration + if cfg.tls_reqcert is not None: + ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, cfg.tls_reqcert) + if cfg.tls_cacertdir: + ldap.set_option(ldap.OPT_X_TLS_CACERTDIR, cfg.tls_cacertdir) + if cfg.tls_cacertfile: + ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, cfg.tls_cacertfile) + if cfg.tls_randfile: + ldap.set_option(ldap.OPT_X_TLS_RANDOM_FILE, cfg.tls_randfile) + if cfg.tls_ciphers: + ldap.set_option(ldap.OPT_X_TLS_CIPHER_SUITE, cfg.tls_ciphers) + if cfg.tls_cert: + ldap.set_option(ldap.OPT_X_TLS_CERTFILE, cfg.tls_cert) + if cfg.tls_key: + ldap.set_option(ldap.OPT_X_TLS_KEYFILE, cfg.tls_key) + # start worker threads + threads = [] + for i in range(cfg.threads): + thread = threading.Thread(target=worker, name='thread%d' % i) + thread.setDaemon(True) + thread.start() + logging.debug('started thread %s', thread.getName()) + threads.append(thread) + # wait for all threads to die + for thread in threads: + thread.join(10000) + except: + logging.exception('main loop exit') + # no need to re-raise since we are exiting anyway diff --git a/pynslcd/rpc.py b/pynslcd/rpc.py new file mode 100644 index 0000000..2a241fd --- /dev/null +++ b/pynslcd/rpc.py @@ -0,0 +1,107 @@ + +# rpc.py - rpc name lookup routines +# +# Copyright (C) 2011, 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import cache +import common +import constants +import search + + +attmap = common.Attributes(cn='cn', oncRpcNumber='oncRpcNumber') +filter = '(objectClass=oncRpc)' + + +class Search(search.LDAPSearch): + + case_sensitive = ('cn', ) + canonical_first = ('cn', ) + required = ('cn', 'oncRpcNumber') + + +class Cache(cache.Cache): + + tables = ('rpc_cache', 'rpc_alias_cache') + + create_sql = ''' + CREATE TABLE IF NOT EXISTS `rpc_cache` + ( `cn` TEXT PRIMARY KEY, + `oncRpcNumber` INTEGER NOT NULL, + `mtime` TIMESTAMP NOT NULL ); + CREATE TABLE IF NOT EXISTS `rpc_alias_cache` + ( `rpc` TEXT NOT NULL, + `cn` TEXT NOT NULL, + FOREIGN KEY(`rpc`) REFERENCES `rpc_cache`(`cn`) + ON DELETE CASCADE ON UPDATE CASCADE ); + CREATE INDEX IF NOT EXISTS `rpc_alias_idx` ON `rpc_alias_cache`(`rpc`); + ''' + + retrieve_sql = ''' + SELECT `rpc_cache`.`cn` AS `cn`, `rpc_alias_cache`.`cn` AS `alias`, + `oncRpcNumber`, `mtime` + FROM `rpc_cache` + LEFT JOIN `rpc_alias_cache` + ON `rpc_alias_cache`.`rpc` = `rpc_cache`.`cn` + ''' + + retrieve_by = dict( + cn=''' + ( `rpc_cache`.`cn` = ? OR + `rpc_cache`.`cn` IN ( + SELECT `by_alias`.`rpc` + FROM `rpc_alias_cache` `by_alias` + WHERE `by_alias`.`cn` = ?)) + ''', + ) + + group_by = (0, ) # cn + group_columns = (1, ) # alias + + +class RpcRequest(common.Request): + + def write(self, name, aliases, number): + self.fp.write_string(name) + self.fp.write_stringlist(aliases) + self.fp.write_int32(number) + + def convert(self, dn, attributes, parameters): + names = attributes['cn'] + yield (names[0], names[1:], int(attributes['oncRpcNumber'][0])) + + +class RpcByNameRequest(RpcRequest): + + action = constants.NSLCD_ACTION_RPC_BYNAME + + def read_parameters(self, fp): + return dict(cn=fp.read_string()) + + +class RpcByNumberRequest(RpcRequest): + + action = constants.NSLCD_ACTION_RPC_BYNUMBER + + def read_parameters(self, fp): + return dict(oncRpcNumber=fp.read_int32()) + + +class RpcAllRequest(RpcRequest): + + action = constants.NSLCD_ACTION_RPC_ALL diff --git a/pynslcd/search.py b/pynslcd/search.py new file mode 100644 index 0000000..4a57ab3 --- /dev/null +++ b/pynslcd/search.py @@ -0,0 +1,195 @@ + +# search.py - functions for searching the LDAP database +# +# Copyright (C) 2010, 2011, 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import logging +import sys + +import ldap +import ldap.ldapobject + +import cfg + + +# global indicator that there was some error connection to an LDAP server +server_error = False + +# global indicator of first search operation +first_search = True + + +class Connection(ldap.ldapobject.ReconnectLDAPObject): + + def __init__(self): + ldap.ldapobject.ReconnectLDAPObject.__init__(self, cfg.uri, + retry_max=1, retry_delay=cfg.reconnect_retrytime) + # set connection-specific LDAP options + if cfg.ldap_version: + self.set_option(ldap.OPT_PROTOCOL_VERSION, cfg.ldap_version) + if cfg.deref: + self.set_option(ldap.OPT_DEREF, cfg.deref) + if cfg.timelimit: + self.set_option(ldap.OPT_TIMELIMIT, cfg.timelimit) + self.set_option(ldap.OPT_TIMEOUT, cfg.timelimit) + self.set_option(ldap.OPT_NETWORK_TIMEOUT, cfg.timelimit) + if cfg.referrals: + self.set_option(ldap.OPT_REFERRALS, cfg.referrals) + if cfg.sasl_canonicalize is not None: + self.set_option(ldap.OPT_X_SASL_NOCANON, not cfg.sasl_canonicalize) + self.set_option(ldap.OPT_RESTART, True) + # TODO: register a connection callback (like dis?connect_cb() in myldap.c) + if cfg.ssl or cfg.uri.startswith('ldaps://'): + self.set_option(ldap.OPT_X_TLS, ldap.OPT_X_TLS_HARD) + # TODO: the following should probably be done on the first search + # together with binding, not when creating the connection object + if cfg.ssl == 'STARTTLS': + self.start_tls_s() + + def reconnect_after_fail(self): + import invalidator + logging.info('connected to LDAP server %s', cfg.uri) + invalidator.invalidate() + + def search_s(self, *args, **kwargs): + # wrapper function to keep the global server_error state + global server_error, first_search + try: + res = ldap.ldapobject.ReconnectLDAPObject.search_s(self, *args, **kwargs) + except ldap.SERVER_DOWN: + server_error = True + raise + if server_error or first_search: + self.reconnect_after_fail() + server_error = False + first_search = False + return res + + +class LDAPSearch(object): + """ + Class that performs an LDAP search. Subclasses are expected to define the + actual searches and should implement the following members: + + case_sensitive - check that these attributes are present in the response + if they were in the request + case_insensitive - check that these attributes are present in the + response if they were in the request + limit_attributes - override response attributes with request attributes + (ensure that only one copy of the value is returned) + required - attributes that are required + canonical_first - search the DN for these attributes and ensure that + they are listed first in the attribute values + mk_filter() (optional) - function that returns the LDAP search filter + + The module that contains the Search class can also contain the following + definitions: + + bases - list of search bases to be used, if absent or empty falls back + to cfg.bases + scope - search scope, falls back to cfg.scope if absent or empty + filter - an LDAP search filter + attmap - an attribute mapping definition (using he Attributes class) + + """ + + canonical_first = [] + required = [] + case_sensitive = [] + case_insensitive = [] + limit_attributes = [] + + def __init__(self, conn, base=None, scope=None, filter=None, + attributes=None, parameters=None): + self.conn = conn + # load information from module that defines the class + module = sys.modules[self.__module__] + if base: + self.bases = [base] + else: + self.bases = getattr(module, 'bases', cfg.bases) + self.scope = scope or getattr(module, 'scope', cfg.scope) + self.filter = filter or getattr(module, 'filter', None) + self.attmap = getattr(module, 'attmap', None) + self.attributes = attributes or self.attmap.attributes() + self.parameters = parameters or {} + + def __iter__(self): + return self.items() + + def items(self): + """Return the results from the search.""" + filter = self.mk_filter() + for base in self.bases: + logging.debug('LDAPSearch(base=%r, filter=%r)', base, filter) + try: + for entry in self.conn.search_s(base, self.scope, filter, self.attributes): + if entry[0]: + entry = self._transform(entry[0], entry[1]) + if entry: + yield entry + except ldap.NO_SUCH_OBJECT: + # FIXME: log message + pass + + def mk_filter(self): + """Return the active search filter (based on the read parameters).""" + if self.parameters: + return '(&%s%s)' % ( + self.filter, + ''.join(self.attmap.mk_filter(attribute, value) + for attribute, value in self.parameters.items())) + return self.filter + + def _transform(self, dn, attributes): + """Handle a single search result entry filtering it with the request + parameters, search options and attribute mapping.""" + # translate the attributes using the attribute mapping + if self.attmap: + attributes = self.attmap.translate(attributes) + # make sure value from DN is first value + for attr in self.canonical_first: + primary_value = self.attmap.get_rdn_value(dn, attr) + if primary_value: + values = attributes[attr] + if primary_value in values: + values.remove(primary_value) + attributes[attr] = [primary_value] + values + # check that these attributes have at least one value + for attr in self.required: + if not attributes.get(attr, None): + logging.warning('%s: %s: missing', dn, self.attmap[attr]) + return + # check that requested attribute is present (case sensitive) + for attr in self.case_sensitive: + value = self.parameters.get(attr, None) + if value and str(value) not in attributes[attr]: + logging.debug('%s: %s: does not contain %r value', dn, self.attmap[attr], value) + return # not found, skip entry + # check that requested attribute is present (case insensitive) + for attr in self.case_insensitive: + value = self.parameters.get(attr, None) + if value and str(value).lower() not in (x.lower() for x in attributes[attr]): + logging.debug('%s: %s: does not contain %r value', dn, self.attmap[attr], value) + return # not found, skip entry + # limit attribute values to requested value + for attr in self.limit_attributes: + if attr in self.parameters: + attributes[attr] = [self.parameters[attr]] + # return the entry + return dn, attributes diff --git a/pynslcd/service.py b/pynslcd/service.py new file mode 100644 index 0000000..c27f485 --- /dev/null +++ b/pynslcd/service.py @@ -0,0 +1,156 @@ + +# service.py - service entry lookup routines +# +# Copyright (C) 2011, 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import datetime + +import cache +import common +import constants +import search + + +attmap = common.Attributes(cn='cn', + ipServicePort='ipServicePort', + ipServiceProtocol='ipServiceProtocol') +filter = '(objectClass=ipService)' + + +class Search(search.LDAPSearch): + + case_sensitive = ('cn', 'ipServiceProtocol') + limit_attributes = ('ipServiceProtocol', ) + canonical_first = ('cn', ) + required = ('cn', 'ipServicePort', 'ipServiceProtocol') + + +class Cache(cache.Cache): + + tables = ('service_cache', 'service_alias_cache') + + create_sql = ''' + CREATE TABLE IF NOT EXISTS `service_cache` + ( `cn` TEXT NOT NULL, + `ipServicePort` INTEGER NOT NULL, + `ipServiceProtocol` TEXT NOT NULL, + `mtime` TIMESTAMP NOT NULL, + UNIQUE (`ipServicePort`, `ipServiceProtocol`) ); + CREATE TABLE IF NOT EXISTS `service_alias_cache` + ( `ipServicePort` INTEGER NOT NULL, + `ipServiceProtocol` TEXT NOT NULL, + `cn` TEXT NOT NULL, + FOREIGN KEY(`ipServicePort`) REFERENCES `service_cache`(`ipServicePort`) + ON DELETE CASCADE ON UPDATE CASCADE, + FOREIGN KEY(`ipServiceProtocol`) REFERENCES `service_cache`(`ipServiceProtocol`) + ON DELETE CASCADE ON UPDATE CASCADE ); + CREATE INDEX IF NOT EXISTS `service_alias_idx1` ON `service_alias_cache`(`ipServicePort`); + CREATE INDEX IF NOT EXISTS `service_alias_idx2` ON `service_alias_cache`(`ipServiceProtocol`); + ''' + + retrieve_sql = ''' + SELECT `service_cache`.`cn` AS `cn`, + `service_alias_cache`.`cn` AS `alias`, + `service_cache`.`ipServicePort`, + `service_cache`.`ipServiceProtocol`, + `mtime` + FROM `service_cache` + LEFT JOIN `service_alias_cache` + ON `service_alias_cache`.`ipServicePort` = `service_cache`.`ipServicePort` + AND `service_alias_cache`.`ipServiceProtocol` = `service_cache`.`ipServiceProtocol` + ''' + + retrieve_by = dict( + cn=''' + ( `service_cache`.`cn` = ? OR + 0 < ( + SELECT COUNT(*) + FROM `service_alias_cache` `by_alias` + WHERE `by_alias`.`cn` = ? + AND `by_alias`.`ipServicePort` = `service_cache`.`ipServicePort` + AND `by_alias`.`ipServiceProtocol` = `service_cache`.`ipServiceProtocol` + )) + ''', + ) + + group_by = (0, 2, 3) # cn, ipServicePort, ipServiceProtocol + group_columns = (1, ) # alias + + def store(self, name, aliases, port, protocol): + self.con.execute(''' + INSERT OR REPLACE INTO `service_cache` + VALUES + (?, ?, ?, ?) + ''', (name, port, protocol, datetime.datetime.now())) + self.con.execute(''' + DELETE FROM `service_alias_cache` + WHERE `ipServicePort` = ? + AND `ipServiceProtocol` = ? + ''', (port, protocol)) + self.con.executemany(''' + INSERT INTO `service_alias_cache` + VALUES + (?, ?, ?) + ''', ((port, protocol, alias) for alias in aliases)) + + +class ServiceRequest(common.Request): + + def write(self, name, aliases, port, protocol): + self.fp.write_string(name) + self.fp.write_stringlist(aliases) + self.fp.write_int32(port) + self.fp.write_string(protocol) + + def convert(self, dn, attributes, parameters): + names = attributes['cn'] + port = int(attributes['ipServicePort'][0]) + protocols = attributes['ipServiceProtocol'] + for protocol in protocols: + yield (names[0], names[1:], port, protocol) + + +class ServiceByNameRequest(ServiceRequest): + + action = constants.NSLCD_ACTION_SERVICE_BYNAME + + def read_parameters(self, fp): + name = fp.read_string() + protocol = fp.read_string() + if protocol: + return dict(cn=name, ipServiceProtocol=protocol) + else: + return dict(cn=name) + + +class ServiceByNumberRequest(ServiceRequest): + + action = constants.NSLCD_ACTION_SERVICE_BYNUMBER + + def read_parameters(self, fp): + number = fp.read_int32() + protocol = fp.read_string() + if protocol: + return dict(ipServicePort=number, ipServiceProtocol=protocol) + else: + return dict(ipServicePort=number) + + +class ServiceAllRequest(ServiceRequest): + + action = constants.NSLCD_ACTION_SERVICE_ALL diff --git a/pynslcd/shadow.py b/pynslcd/shadow.py new file mode 100644 index 0000000..7d0ebf9 --- /dev/null +++ b/pynslcd/shadow.py @@ -0,0 +1,132 @@ + +# shadow.py - lookup functions for shadow information +# +# Copyright (C) 2010, 2011, 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import cache +import cfg +import common +import constants +import search + + +attmap = common.Attributes(uid='uid', + userPassword='"*"', + shadowLastChange='"${shadowLastChange:--1}"', + shadowMin='"${shadowMin:--1}"', + shadowMax='"${shadowMax:--1}"', + shadowWarning='"${shadowWarning:--1}"', + shadowInactive='"${shadowInactive:--1}"', + shadowExpire='"${shadowExpire:--1}"', + shadowFlag='"${shadowFlag:-0}"') +filter = '(objectClass=shadowAccount)' + + +class Search(search.LDAPSearch): + + case_sensitive = ('uid', ) + limit_attributes = ('uid', ) + required = ('uid', ) + + +class Cache(cache.Cache): + + create_sql = ''' + CREATE TABLE IF NOT EXISTS `shadow_cache` + ( `uid` TEXT PRIMARY KEY, + `userPassword` TEXT, + `shadowLastChange` INTEGER, + `shadowMin` INTEGER, + `shadowMax` INTEGER, + `shadowWarning` INTEGER, + `shadowInactive` INTEGER, + `shadowExpire` INTEGER, + `shadowFlag` INTEGER, + `mtime` TIMESTAMP NOT NULL ); + ''' + + +class ShadowRequest(common.Request): + + def write(self, name, passwd, lastchangedate, mindays, maxdays, warndays, + inactdays, expiredate, flag): + self.fp.write_string(name) + self.fp.write_string(passwd) + self.fp.write_int32(lastchangedate) + self.fp.write_int32(mindays) + self.fp.write_int32(maxdays) + self.fp.write_int32(warndays) + self.fp.write_int32(inactdays) + self.fp.write_int32(expiredate) + self.fp.write_int32(flag) + + def convert(self, dn, attributes, parameters): + names = attributes['uid'] + try: + passwd = attributes['userPassword'][0] + except IndexError: + passwd = None + if not passwd or self.calleruid != 0: + passwd = '*' + # function for making an int + def mk_int(attr): + try: + return int(attr) + except TypeError: + return None + # get lastchange date + lastchangedate = mk_int(attributes.get('shadowLastChange', [0])[0]) + # we expect an AD 64-bit datetime value; + # we should do date=date/864000000000-134774 + # but that causes problems on 32-bit platforms, + # first we devide by 1000000000 by stripping the + # last 9 digits from the string and going from there */ + if attmap['shadowLastChange'] == 'pwdLastSet': + lastchangedate = (lastchangedate / 864000000000) - 134774 + # get longs + mindays = mk_int(attributes.get('shadowMin', [-1])[0]) + maxdays = mk_int(attributes.get('shadowMax', [-1])[0]) + warndays = mk_int(attributes.get('shadowWarning', [-1])[0]) + inactdays = mk_int(attributes.get('shadowInactive', [-1])[0]) + expiredate = mk_int(attributes.get('shadowExpire', [-1])[0]) + flag = mk_int(attributes.get('shadowFlag', [0])[0]) + if attmap['shadowFlag'] == 'pwdLastSet': + if flag & 0x10000: + maxdays = -1 + flag = 0 + # return results + for name in names: + yield (name, passwd, lastchangedate, mindays, maxdays, warndays, + inactdays, expiredate, flag) + + +class ShadowByNameRequest(ShadowRequest): + + action = constants.NSLCD_ACTION_SHADOW_BYNAME + + def read_parameters(self, fp): + return dict(uid=fp.read_string()) + + +class ShadowAllRequest(ShadowRequest): + + action = constants.NSLCD_ACTION_SHADOW_ALL + + def handle_request(self, parameters): + if not cfg.nss_disable_enumeration: + return super(ShadowAllRequest, self).handle_request(parameters) diff --git a/pynslcd/tio.py b/pynslcd/tio.py new file mode 100644 index 0000000..ef0fda7 --- /dev/null +++ b/pynslcd/tio.py @@ -0,0 +1,106 @@ + +# tio.py - I/O functions +# +# Copyright (C) 2010, 2011, 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import os +import socket +import struct + + +# definition for reading and writing INT32 values +_int32 = struct.Struct('!i') + +# FIXME: use something from constants.py to determine the correct size +_struct_timeval = struct.Struct('ll') + + +class TIOStreamError(Exception): + pass + + +class TIOStream(object): + """File-like object that allows reading and writing nslcd-protocol + entities.""" + + def __init__(self, conn): + conn.setblocking(1) + conn.setsockopt(socket.SOL_SOCKET, socket.SO_RCVTIMEO, _struct_timeval.pack(0, 500000)) + conn.setsockopt(socket.SOL_SOCKET, socket.SO_SNDTIMEO, _struct_timeval.pack(60, 0)) + self.fp = os.fdopen(conn.fileno(), 'w+b', 1024 * 1024) + + def read(self, size): + return self.fp.read(size) + + def read_int32(self): + return _int32.unpack(self.read(_int32.size))[0] + + def read_string(self, maxsize=None): + num = self.read_int32() + if maxsize and num >= maxsize: + raise TIOStreamError() + return self.read(num) + + def read_address(self): + """Read an address (usually IPv4 or IPv6) from the stream and return + the address as a string representation.""" + af = self.read_int32() + return socket.inet_ntop(af, self.read_string(maxsize=64)) + + def write(self, value): + self.fp.write(value) + + def write_int32(self, value): + self.write(_int32.pack(value)) + + def write_string(self, value): + self.write_int32(len(value)) + self.write(value) + + def write_stringlist(self, value): + lst = tuple(value) + self.write_int32(len(lst)) + for string in lst: + self.write_string(string) + + @staticmethod + def _to_address(value): + # try IPv4 first + try: + return socket.AF_INET, socket.inet_pton(socket.AF_INET, value) + except socket.error: + pass # try the next one + # fall back to IPv6 + return socket.AF_INET6, socket.inet_pton(socket.AF_INET6, value) + + def write_address(self, value): + """Write an address (usually IPv4 or IPv6) in a string representation + to the stream.""" + # first try to make it into an IPv6 address + af, address = TIOStream._to_address(value) + self.write_int32(af) + self.write_string(address) + + def close(self): + try: + self.fp.close() + except IOError: + pass + + def __del__(self): + self.close() diff --git a/pynslcd/usermod.py b/pynslcd/usermod.py new file mode 100644 index 0000000..9622fb2 --- /dev/null +++ b/pynslcd/usermod.py @@ -0,0 +1,129 @@ + +# usermod.py - functions for modifying user information +# +# Copyright (C) 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import ctypes +import ctypes.util +import logging +import os +import os.path + +import ldap + +import cfg +import constants +import pam +import passwd + + +def list_shells(): + """List the shells from /etc/shells.""" + libc = ctypes.CDLL(ctypes.util.find_library("c")) + libc.setusershell() + while True: + shell = ctypes.c_char_p(libc.getusershell()).value + if not shell: + break + yield shell + libc.endusershell() + + +class UserModRequest(pam.PAMRequest): + + action = constants.NSLCD_ACTION_USERMOD + + def read_parameters(self, fp): + username = fp.read_string() + asroot = fp.read_int32() + password = fp.read_string() + mods = {} + while True: + key = fp.read_int32() + if key == constants.NSLCD_USERMOD_END: + break + mods[key] = fp.read_string() + return dict(username=username, + asroot=asroot, + password=password, + mods=mods) + + def write_result(self, mod, message): + self.fp.write_int32(mod) + self.fp.write_string(message) + + def handle_request(self, parameters): + # fill in any missing userdn, etc. + self.validate(parameters) + is_root = (self.calleruid == 0) and parameters['asroot'] + mods = [] + # check if the the user passed the rootpwmoddn + if parameters['asroot']: + binddn = cfg.rootpwmoddn + # check if rootpwmodpw should be used + if not parameters['password'] and is_root and cfg.rootpwmodpw: + password = cfg.rootpwmodpw + else: + password = parameters['password'] + else: + binddn = parameters['userdn'] + password = parameters['password'] + # write response header + self.fp.write_int32(constants.NSLCD_RESULT_BEGIN) + # check home directory modification + homedir = parameters['mods'].get(constants.NSLCD_USERMOD_HOMEDIR) + if homedir: + if is_root: + mods.append((ldap.MOD_REPLACE, passwd.attmap['homeDirectory'], [homedir])) + elif not os.path.isabs(homedir): + self.write_result(constants.NSLCD_USERMOD_HOMEDIR, + 'should be an absolute path') + elif not os.path.isdir(homedir): + self.write_result(constants.NSLCD_USERMOD_HOMEDIR, + 'not a directory') + else: + mods.append((ldap.MOD_REPLACE, passwd.attmap['homeDirectory'], [homedir])) + # check login shell modification + shell = parameters['mods'].get(constants.NSLCD_USERMOD_SHELL) + if shell: + if is_root: + mods.append((ldap.MOD_REPLACE, passwd.attmap['loginShell'], [shell])) + elif shell not in list_shells(): + self.write_result(constants.NSLCD_USERMOD_SHELL, + 'unlisted shell') + elif not os.path.isfile(shell) or not os.access(shell, os.X_OK): + self.write_result(constants.NSLCD_USERMOD_SHELL, + 'not an executable') + else: + mods.append((ldap.MOD_REPLACE, passwd.attmap['loginShell'], [shell])) + # get a connection and perform the modification + if mods: + try: + conn, authz, msg = pam.authenticate(binddn, password) + conn.modify_s(parameters['userdn'], mods) + logging.info('changed information for %s', parameters['userdn']) + except (ldap.INVALID_CREDENTIALS, ldap.INSUFFICIENT_ACCESS), e: + try: + msg = e[0]['desc'] + except: + msg = str(e) + logging.debug('modification failed: %s', msg) + self.write_result(constants.NSLCD_USERMOD_RESULT, msg) + # write closing statement + self.fp.write_int32(constants.NSLCD_USERMOD_END) + self.fp.write_int32(constants.NSLCD_RESULT_END) diff --git a/test-driver b/test-driver new file mode 100755 index 0000000..8e575b0 --- /dev/null +++ b/test-driver @@ -0,0 +1,148 @@ +#! /bin/sh +# test-driver - basic testsuite driver script. + +scriptversion=2013-07-13.22; # UTC + +# Copyright (C) 2011-2014 Free Software Foundation, Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# This file is maintained in Automake, please report +# bugs to or send patches to +# . + +# Make unconditional expansion of undefined variables an error. This +# helps a lot in preventing typo-related bugs. +set -u + +usage_error () +{ + echo "$0: $*" >&2 + print_usage >&2 + exit 2 +} + +print_usage () +{ + cat <$log_file 2>&1 +estatus=$? + +if test $enable_hard_errors = no && test $estatus -eq 99; then + tweaked_estatus=1 +else + tweaked_estatus=$estatus +fi + +case $tweaked_estatus:$expect_failure in + 0:yes) col=$red res=XPASS recheck=yes gcopy=yes;; + 0:*) col=$grn res=PASS recheck=no gcopy=no;; + 77:*) col=$blu res=SKIP recheck=no gcopy=yes;; + 99:*) col=$mgn res=ERROR recheck=yes gcopy=yes;; + *:yes) col=$lgn res=XFAIL recheck=no gcopy=yes;; + *:*) col=$red res=FAIL recheck=yes gcopy=yes;; +esac + +# Report the test outcome and exit status in the logs, so that one can +# know whether the test passed or failed simply by looking at the '.log' +# file, without the need of also peaking into the corresponding '.trs' +# file (automake bug#11814). +echo "$res $test_name (exit status: $estatus)" >>$log_file + +# Report outcome to console. +echo "${col}${res}${std}: $test_name" + +# Register the test result, and other relevant metadata. +echo ":test-result: $res" > $trs_file +echo ":global-test-result: $res" >> $trs_file +echo ":recheck: $recheck" >> $trs_file +echo ":copy-in-global-log: $gcopy" >> $trs_file + +# Local Variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: diff --git a/tests/Makefile.am b/tests/Makefile.am new file mode 100644 index 0000000..0a7854e --- /dev/null +++ b/tests/Makefile.am @@ -0,0 +1,102 @@ +# Makefile.am - use automake to generate Makefile.in +# +# Copyright (C) 2006 West Consulting +# Copyright (C) 2006-2017 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +TESTS = test_dict test_set test_tio test_expr test_getpeercred test_cfg \ + test_attmap test_myldap.sh test_common test_nsscmds.sh \ + test_pamcmds.sh test_manpages.sh test_clock \ + test_tio_timeout +if HAVE_PYTHON + TESTS += test_pycompile.sh test_pylint.sh +endif +if ENABLE_PYNSLCD + TESTS += test_pynslcd_cache.py test_doctest.sh +endif +if ENABLE_UTILS + TESTS += test_ldapcmds.sh +endif + +AM_TESTS_ENVIRONMENT = PYTHON='@PYTHON@'; export PYTHON; \ + builddir=$(builddir); export builddir; + +check_PROGRAMS = test_dict test_set test_tio test_expr test_getpeercred \ + test_cfg test_attmap test_myldap test_common test_clock \ + test_tio_timeout lookup_netgroup lookup_shadow \ + lookup_groupbyuser + +EXTRA_DIST = README nslcd-test.conf usernames.txt testenv.sh test_myldap.sh \ + test_nsscmds.sh test_ldapcmds.sh test_pamcmds.sh \ + test_pamcmds.expect test_manpages.sh \ + test_pycompile.sh test_pylint.sh pylint.rc test_doctest.sh \ + test_pynslcd_cache.py \ + setup_slapd.sh config.ldif test.ldif + +CLEANFILES = $(EXTRA_PROGRAMS) test_pamcmds.log + +AM_CPPFLAGS = -I$(top_srcdir) +AM_CFLAGS = $(PTHREAD_CFLAGS) -g + +test_dict_SOURCES = test_dict.c ../common/dict.h +test_dict_LDADD = ../common/libdict.a + +test_set_SOURCES = test_set.c ../common/set.h +test_set_LDADD = ../common/libdict.a + +test_tio_SOURCES = test_tio.c common.h ../common/tio.h +test_tio_LDADD = ../common/tio.o +test_tio_LDFLAGS = $(PTHREAD_CFLAGS) $(PTHREAD_LIBS) + +test_expr_SOURCES = test_expr.c common.h +test_expr_LDADD = ../common/set.o ../common/dict.o + +test_getpeercred_SOURCES = test_getpeercred.c common.h +test_getpeercred_LDADD = ../compat/libcompat.a + +# common objects that are included for the tests of nslcd functionality +common_nslcd_LDADD = ../nslcd/log.o ../nslcd/common.o ../nslcd/invalidator.o \ + ../nslcd/myldap.o ../nslcd/attmap.o ../nslcd/nsswitch.o \ + ../nslcd/alias.o ../nslcd/ether.o ../nslcd/group.o \ + ../nslcd/host.o ../nslcd/netgroup.o ../nslcd/network.o \ + ../nslcd/passwd.o ../nslcd/protocol.o ../nslcd/rpc.o \ + ../nslcd/service.o ../nslcd/shadow.o ../nslcd/pam.o \ + ../common/libtio.a ../common/libdict.a \ + ../common/libexpr.a ../compat/libcompat.a \ + @nslcd_LIBS@ @PTHREAD_LIBS@ + +test_cfg_SOURCES = test_cfg.c common.h +test_cfg_LDADD = $(common_nslcd_LDADD) + +test_attmap_SOURCES = test_attmap.c common.h +test_attmap_LDADD = ../nslcd/cfg.o $(common_nslcd_LDADD) + +test_myldap_SOURCES = test_myldap.c common.h +test_myldap_LDADD = ../nslcd/cfg.o $(common_nslcd_LDADD) + +test_common_SOURCES = test_common.c ../nslcd/common.h +test_common_LDADD = ../nslcd/cfg.o $(common_nslcd_LDADD) + +test_clock_SOURCES = test_clock.c + +test_tio_timeout_SOURCES = test_tio_timeout.c ../common/tio.h + +lookup_netgroup_SOURCES = lookup_netgroup.c + +lookup_shadow_SOURCES = lookup_shadow.c + +lookup_groupbyuser_SOURCES = lookup_groupbyuser.c diff --git a/tests/Makefile.in b/tests/Makefile.in new file mode 100644 index 0000000..6392783 --- /dev/null +++ b/tests/Makefile.in @@ -0,0 +1,1277 @@ +# Makefile.in generated by automake 1.15.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2017 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# Makefile.am - use automake to generate Makefile.in +# +# Copyright (C) 2006 West Consulting +# Copyright (C) 2006-2017 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA +VPATH = @srcdir@ +am__is_gnu_make = { \ + if test -z '$(MAKELEVEL)'; then \ + false; \ + elif test -n '$(MAKE_HOST)'; then \ + true; \ + elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ + true; \ + else \ + false; \ + fi; \ +} +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +target_triplet = @target@ +TESTS = test_dict$(EXEEXT) test_set$(EXEEXT) test_tio$(EXEEXT) \ + test_expr$(EXEEXT) test_getpeercred$(EXEEXT) test_cfg$(EXEEXT) \ + test_attmap$(EXEEXT) test_myldap.sh test_common$(EXEEXT) \ + test_nsscmds.sh test_pamcmds.sh test_manpages.sh \ + test_clock$(EXEEXT) test_tio_timeout$(EXEEXT) $(am__append_1) \ + $(am__append_2) $(am__append_3) +@HAVE_PYTHON_TRUE@am__append_1 = test_pycompile.sh test_pylint.sh +@ENABLE_PYNSLCD_TRUE@am__append_2 = test_pynslcd_cache.py test_doctest.sh +@ENABLE_UTILS_TRUE@am__append_3 = test_ldapcmds.sh +check_PROGRAMS = test_dict$(EXEEXT) test_set$(EXEEXT) \ + test_tio$(EXEEXT) test_expr$(EXEEXT) test_getpeercred$(EXEEXT) \ + test_cfg$(EXEEXT) test_attmap$(EXEEXT) test_myldap$(EXEEXT) \ + test_common$(EXEEXT) test_clock$(EXEEXT) \ + test_tio_timeout$(EXEEXT) lookup_netgroup$(EXEEXT) \ + lookup_shadow$(EXEEXT) lookup_groupbyuser$(EXEEXT) +subdir = tests +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_pthread.m4 \ + $(top_srcdir)/m4/ax_python_module.m4 \ + $(top_srcdir)/m4/ax_tls.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +am_lookup_groupbyuser_OBJECTS = lookup_groupbyuser.$(OBJEXT) +lookup_groupbyuser_OBJECTS = $(am_lookup_groupbyuser_OBJECTS) +lookup_groupbyuser_LDADD = $(LDADD) +am_lookup_netgroup_OBJECTS = lookup_netgroup.$(OBJEXT) +lookup_netgroup_OBJECTS = $(am_lookup_netgroup_OBJECTS) +lookup_netgroup_LDADD = $(LDADD) +am_lookup_shadow_OBJECTS = lookup_shadow.$(OBJEXT) +lookup_shadow_OBJECTS = $(am_lookup_shadow_OBJECTS) +lookup_shadow_LDADD = $(LDADD) +am_test_attmap_OBJECTS = test_attmap.$(OBJEXT) +test_attmap_OBJECTS = $(am_test_attmap_OBJECTS) +am__DEPENDENCIES_1 = ../nslcd/log.o ../nslcd/common.o \ + ../nslcd/invalidator.o ../nslcd/myldap.o ../nslcd/attmap.o \ + ../nslcd/nsswitch.o ../nslcd/alias.o ../nslcd/ether.o \ + ../nslcd/group.o ../nslcd/host.o ../nslcd/netgroup.o \ + ../nslcd/network.o ../nslcd/passwd.o ../nslcd/protocol.o \ + ../nslcd/rpc.o ../nslcd/service.o ../nslcd/shadow.o \ + ../nslcd/pam.o ../common/libtio.a ../common/libdict.a \ + ../common/libexpr.a ../compat/libcompat.a +test_attmap_DEPENDENCIES = ../nslcd/cfg.o $(am__DEPENDENCIES_1) +am_test_cfg_OBJECTS = test_cfg.$(OBJEXT) +test_cfg_OBJECTS = $(am_test_cfg_OBJECTS) +test_cfg_DEPENDENCIES = $(am__DEPENDENCIES_1) +am_test_clock_OBJECTS = test_clock.$(OBJEXT) +test_clock_OBJECTS = $(am_test_clock_OBJECTS) +test_clock_LDADD = $(LDADD) +am_test_common_OBJECTS = test_common.$(OBJEXT) +test_common_OBJECTS = $(am_test_common_OBJECTS) +test_common_DEPENDENCIES = ../nslcd/cfg.o $(am__DEPENDENCIES_1) +am_test_dict_OBJECTS = test_dict.$(OBJEXT) +test_dict_OBJECTS = $(am_test_dict_OBJECTS) +test_dict_DEPENDENCIES = ../common/libdict.a +am_test_expr_OBJECTS = test_expr.$(OBJEXT) +test_expr_OBJECTS = $(am_test_expr_OBJECTS) +test_expr_DEPENDENCIES = ../common/set.o ../common/dict.o +am_test_getpeercred_OBJECTS = test_getpeercred.$(OBJEXT) +test_getpeercred_OBJECTS = $(am_test_getpeercred_OBJECTS) +test_getpeercred_DEPENDENCIES = ../compat/libcompat.a +am_test_myldap_OBJECTS = test_myldap.$(OBJEXT) +test_myldap_OBJECTS = $(am_test_myldap_OBJECTS) +test_myldap_DEPENDENCIES = ../nslcd/cfg.o $(am__DEPENDENCIES_1) +am_test_set_OBJECTS = test_set.$(OBJEXT) +test_set_OBJECTS = $(am_test_set_OBJECTS) +test_set_DEPENDENCIES = ../common/libdict.a +am_test_tio_OBJECTS = test_tio.$(OBJEXT) +test_tio_OBJECTS = $(am_test_tio_OBJECTS) +test_tio_DEPENDENCIES = ../common/tio.o +test_tio_LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(test_tio_LDFLAGS) \ + $(LDFLAGS) -o $@ +am_test_tio_timeout_OBJECTS = test_tio_timeout.$(OBJEXT) +test_tio_timeout_OBJECTS = $(am_test_tio_timeout_OBJECTS) +test_tio_timeout_LDADD = $(LDADD) +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = +SOURCES = $(lookup_groupbyuser_SOURCES) $(lookup_netgroup_SOURCES) \ + $(lookup_shadow_SOURCES) $(test_attmap_SOURCES) \ + $(test_cfg_SOURCES) $(test_clock_SOURCES) \ + $(test_common_SOURCES) $(test_dict_SOURCES) \ + $(test_expr_SOURCES) $(test_getpeercred_SOURCES) \ + $(test_myldap_SOURCES) $(test_set_SOURCES) $(test_tio_SOURCES) \ + $(test_tio_timeout_SOURCES) +DIST_SOURCES = $(lookup_groupbyuser_SOURCES) \ + $(lookup_netgroup_SOURCES) $(lookup_shadow_SOURCES) \ + $(test_attmap_SOURCES) $(test_cfg_SOURCES) \ + $(test_clock_SOURCES) $(test_common_SOURCES) \ + $(test_dict_SOURCES) $(test_expr_SOURCES) \ + $(test_getpeercred_SOURCES) $(test_myldap_SOURCES) \ + $(test_set_SOURCES) $(test_tio_SOURCES) \ + $(test_tio_timeout_SOURCES) +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +am__tty_colors_dummy = \ + mgn= red= grn= lgn= blu= brg= std=; \ + am__color_tests=no +am__tty_colors = { \ + $(am__tty_colors_dummy); \ + if test "X$(AM_COLOR_TESTS)" = Xno; then \ + am__color_tests=no; \ + elif test "X$(AM_COLOR_TESTS)" = Xalways; then \ + am__color_tests=yes; \ + elif test "X$$TERM" != Xdumb && { test -t 1; } 2>/dev/null; then \ + am__color_tests=yes; \ + fi; \ + if test $$am__color_tests = yes; then \ + red=''; \ + grn=''; \ + lgn=''; \ + blu=''; \ + mgn=''; \ + brg=''; \ + std=''; \ + fi; \ +} +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__uninstall_files_from_dir = { \ + test -z "$$files" \ + || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ + || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ + $(am__cd) "$$dir" && rm -f $$files; }; \ + } +am__recheck_rx = ^[ ]*:recheck:[ ]* +am__global_test_result_rx = ^[ ]*:global-test-result:[ ]* +am__copy_in_global_log_rx = ^[ ]*:copy-in-global-log:[ ]* +# A command that, given a newline-separated list of test names on the +# standard input, print the name of the tests that are to be re-run +# upon "make recheck". +am__list_recheck_tests = $(AWK) '{ \ + recheck = 1; \ + while ((rc = (getline line < ($$0 ".trs"))) != 0) \ + { \ + if (rc < 0) \ + { \ + if ((getline line2 < ($$0 ".log")) < 0) \ + recheck = 0; \ + break; \ + } \ + else if (line ~ /$(am__recheck_rx)[nN][Oo]/) \ + { \ + recheck = 0; \ + break; \ + } \ + else if (line ~ /$(am__recheck_rx)[yY][eE][sS]/) \ + { \ + break; \ + } \ + }; \ + if (recheck) \ + print $$0; \ + close ($$0 ".trs"); \ + close ($$0 ".log"); \ +}' +# A command that, given a newline-separated list of test names on the +# standard input, create the global log from their .trs and .log files. +am__create_global_log = $(AWK) ' \ +function fatal(msg) \ +{ \ + print "fatal: making $@: " msg | "cat >&2"; \ + exit 1; \ +} \ +function rst_section(header) \ +{ \ + print header; \ + len = length(header); \ + for (i = 1; i <= len; i = i + 1) \ + printf "="; \ + printf "\n\n"; \ +} \ +{ \ + copy_in_global_log = 1; \ + global_test_result = "RUN"; \ + while ((rc = (getline line < ($$0 ".trs"))) != 0) \ + { \ + if (rc < 0) \ + fatal("failed to read from " $$0 ".trs"); \ + if (line ~ /$(am__global_test_result_rx)/) \ + { \ + sub("$(am__global_test_result_rx)", "", line); \ + sub("[ ]*$$", "", line); \ + global_test_result = line; \ + } \ + else if (line ~ /$(am__copy_in_global_log_rx)[nN][oO]/) \ + copy_in_global_log = 0; \ + }; \ + if (copy_in_global_log) \ + { \ + rst_section(global_test_result ": " $$0); \ + while ((rc = (getline line < ($$0 ".log"))) != 0) \ + { \ + if (rc < 0) \ + fatal("failed to read from " $$0 ".log"); \ + print line; \ + }; \ + printf "\n"; \ + }; \ + close ($$0 ".trs"); \ + close ($$0 ".log"); \ +}' +# Restructured Text title. +am__rst_title = { sed 's/.*/ & /;h;s/./=/g;p;x;s/ *$$//;p;g' && echo; } +# Solaris 10 'make', and several other traditional 'make' implementations, +# pass "-e" to $(SHELL), and POSIX 2008 even requires this. Work around it +# by disabling -e (using the XSI extension "set +e") if it's set. +am__sh_e_setup = case $$- in *e*) set +e;; esac +# Default flags passed to test drivers. +am__common_driver_flags = \ + --color-tests "$$am__color_tests" \ + --enable-hard-errors "$$am__enable_hard_errors" \ + --expect-failure "$$am__expect_failure" +# To be inserted before the command running the test. Creates the +# directory for the log if needed. Stores in $dir the directory +# containing $f, in $tst the test, in $log the log. Executes the +# developer- defined test setup AM_TESTS_ENVIRONMENT (if any), and +# passes TESTS_ENVIRONMENT. Set up options for the wrapper that +# will run the test scripts (or their associated LOG_COMPILER, if +# thy have one). +am__check_pre = \ +$(am__sh_e_setup); \ +$(am__vpath_adj_setup) $(am__vpath_adj) \ +$(am__tty_colors); \ +srcdir=$(srcdir); export srcdir; \ +case "$@" in \ + */*) am__odir=`echo "./$@" | sed 's|/[^/]*$$||'`;; \ + *) am__odir=.;; \ +esac; \ +test "x$$am__odir" = x"." || test -d "$$am__odir" \ + || $(MKDIR_P) "$$am__odir" || exit $$?; \ +if test -f "./$$f"; then dir=./; \ +elif test -f "$$f"; then dir=; \ +else dir="$(srcdir)/"; fi; \ +tst=$$dir$$f; log='$@'; \ +if test -n '$(DISABLE_HARD_ERRORS)'; then \ + am__enable_hard_errors=no; \ +else \ + am__enable_hard_errors=yes; \ +fi; \ +case " $(XFAIL_TESTS) " in \ + *[\ \ ]$$f[\ \ ]* | *[\ \ ]$$dir$$f[\ \ ]*) \ + am__expect_failure=yes;; \ + *) \ + am__expect_failure=no;; \ +esac; \ +$(AM_TESTS_ENVIRONMENT) $(TESTS_ENVIRONMENT) +# A shell command to get the names of the tests scripts with any registered +# extension removed (i.e., equivalently, the names of the test logs, with +# the '.log' extension removed). The result is saved in the shell variable +# '$bases'. This honors runtime overriding of TESTS and TEST_LOGS. Sadly, +# we cannot use something simpler, involving e.g., "$(TEST_LOGS:.log=)", +# since that might cause problem with VPATH rewrites for suffix-less tests. +# See also 'test-harness-vpath-rewrite.sh' and 'test-trs-basic.sh'. +am__set_TESTS_bases = \ + bases='$(TEST_LOGS)'; \ + bases=`for i in $$bases; do echo $$i; done | sed 's/\.log$$//'`; \ + bases=`echo $$bases` +RECHECK_LOGS = $(TEST_LOGS) +AM_RECURSIVE_TARGETS = check recheck +TEST_SUITE_LOG = test-suite.log +TEST_EXTENSIONS = @EXEEXT@ .test +LOG_DRIVER = $(SHELL) $(top_srcdir)/test-driver +LOG_COMPILE = $(LOG_COMPILER) $(AM_LOG_FLAGS) $(LOG_FLAGS) +am__set_b = \ + case '$@' in \ + */*) \ + case '$*' in \ + */*) b='$*';; \ + *) b=`echo '$@' | sed 's/\.log$$//'`; \ + esac;; \ + *) \ + b='$*';; \ + esac +am__test_logs1 = $(TESTS:=.log) +am__test_logs2 = $(am__test_logs1:@EXEEXT@.log=.log) +TEST_LOGS = $(am__test_logs2:.test.log=.log) +TEST_LOG_DRIVER = $(SHELL) $(top_srcdir)/test-driver +TEST_LOG_COMPILE = $(TEST_LOG_COMPILER) $(AM_TEST_LOG_FLAGS) \ + $(TEST_LOG_FLAGS) +am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp \ + $(top_srcdir)/mkinstalldirs $(top_srcdir)/test-driver README +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DOCBOOK2X_MAN = @DOCBOOK2X_MAN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ +MODULE_NAME = @MODULE_NAME@ +NSLCD_BINDPW_PATH = @NSLCD_BINDPW_PATH@ +NSLCD_CONF_PATH = @NSLCD_CONF_PATH@ +NSLCD_PIDFILE = @NSLCD_PIDFILE@ +NSLCD_SOCKET = @NSLCD_SOCKET@ +NSS_FLAVOUR = @NSS_FLAVOUR@ +NSS_LDAP_SONAME = @NSS_LDAP_SONAME@ +NSS_MODULE_OBJS = @NSS_MODULE_OBJS@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PAM_LDAP_SONAME = @PAM_LDAP_SONAME@ +PAM_SECLIB_DIR = @PAM_SECLIB_DIR@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PIC_CFLAGS = @PIC_CFLAGS@ +PTHREAD_CC = @PTHREAD_CC@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LIBS = @PTHREAD_LIBS@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ +RANLIB = @RANLIB@ +RELEASE_MONTH = @RELEASE_MONTH@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +ax_pthread_config = @ax_pthread_config@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +nslcd_LIBS = @nslcd_LIBS@ +nss_ldap_so_LDFLAGS = @nss_ldap_so_LDFLAGS@ +nss_ldap_so_LINK = @nss_ldap_so_LINK@ +oldincludedir = @oldincludedir@ +pam_ldap_so_LDFLAGS = @pam_ldap_so_LDFLAGS@ +pam_ldap_so_LINK = @pam_ldap_so_LINK@ +pdfdir = @pdfdir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ +runstatedir = @runstatedir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target = @target@ +target_alias = @target_alias@ +target_cpu = @target_cpu@ +target_os = @target_os@ +target_vendor = @target_vendor@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +AM_TESTS_ENVIRONMENT = PYTHON='@PYTHON@'; export PYTHON; \ + builddir=$(builddir); export builddir; + +EXTRA_DIST = README nslcd-test.conf usernames.txt testenv.sh test_myldap.sh \ + test_nsscmds.sh test_ldapcmds.sh test_pamcmds.sh \ + test_pamcmds.expect test_manpages.sh \ + test_pycompile.sh test_pylint.sh pylint.rc test_doctest.sh \ + test_pynslcd_cache.py \ + setup_slapd.sh config.ldif test.ldif + +CLEANFILES = $(EXTRA_PROGRAMS) test_pamcmds.log +AM_CPPFLAGS = -I$(top_srcdir) +AM_CFLAGS = $(PTHREAD_CFLAGS) -g +test_dict_SOURCES = test_dict.c ../common/dict.h +test_dict_LDADD = ../common/libdict.a +test_set_SOURCES = test_set.c ../common/set.h +test_set_LDADD = ../common/libdict.a +test_tio_SOURCES = test_tio.c common.h ../common/tio.h +test_tio_LDADD = ../common/tio.o +test_tio_LDFLAGS = $(PTHREAD_CFLAGS) $(PTHREAD_LIBS) +test_expr_SOURCES = test_expr.c common.h +test_expr_LDADD = ../common/set.o ../common/dict.o +test_getpeercred_SOURCES = test_getpeercred.c common.h +test_getpeercred_LDADD = ../compat/libcompat.a + +# common objects that are included for the tests of nslcd functionality +common_nslcd_LDADD = ../nslcd/log.o ../nslcd/common.o ../nslcd/invalidator.o \ + ../nslcd/myldap.o ../nslcd/attmap.o ../nslcd/nsswitch.o \ + ../nslcd/alias.o ../nslcd/ether.o ../nslcd/group.o \ + ../nslcd/host.o ../nslcd/netgroup.o ../nslcd/network.o \ + ../nslcd/passwd.o ../nslcd/protocol.o ../nslcd/rpc.o \ + ../nslcd/service.o ../nslcd/shadow.o ../nslcd/pam.o \ + ../common/libtio.a ../common/libdict.a \ + ../common/libexpr.a ../compat/libcompat.a \ + @nslcd_LIBS@ @PTHREAD_LIBS@ + +test_cfg_SOURCES = test_cfg.c common.h +test_cfg_LDADD = $(common_nslcd_LDADD) +test_attmap_SOURCES = test_attmap.c common.h +test_attmap_LDADD = ../nslcd/cfg.o $(common_nslcd_LDADD) +test_myldap_SOURCES = test_myldap.c common.h +test_myldap_LDADD = ../nslcd/cfg.o $(common_nslcd_LDADD) +test_common_SOURCES = test_common.c ../nslcd/common.h +test_common_LDADD = ../nslcd/cfg.o $(common_nslcd_LDADD) +test_clock_SOURCES = test_clock.c +test_tio_timeout_SOURCES = test_tio_timeout.c ../common/tio.h +lookup_netgroup_SOURCES = lookup_netgroup.c +lookup_shadow_SOURCES = lookup_shadow.c +lookup_groupbyuser_SOURCES = lookup_groupbyuser.c +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .log .o .obj .test .test$(EXEEXT) .trs +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu tests/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu tests/Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +clean-checkPROGRAMS: + -test -z "$(check_PROGRAMS)" || rm -f $(check_PROGRAMS) + +lookup_groupbyuser$(EXEEXT): $(lookup_groupbyuser_OBJECTS) $(lookup_groupbyuser_DEPENDENCIES) $(EXTRA_lookup_groupbyuser_DEPENDENCIES) + @rm -f lookup_groupbyuser$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(lookup_groupbyuser_OBJECTS) $(lookup_groupbyuser_LDADD) $(LIBS) + +lookup_netgroup$(EXEEXT): $(lookup_netgroup_OBJECTS) $(lookup_netgroup_DEPENDENCIES) $(EXTRA_lookup_netgroup_DEPENDENCIES) + @rm -f lookup_netgroup$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(lookup_netgroup_OBJECTS) $(lookup_netgroup_LDADD) $(LIBS) + +lookup_shadow$(EXEEXT): $(lookup_shadow_OBJECTS) $(lookup_shadow_DEPENDENCIES) $(EXTRA_lookup_shadow_DEPENDENCIES) + @rm -f lookup_shadow$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(lookup_shadow_OBJECTS) $(lookup_shadow_LDADD) $(LIBS) + +test_attmap$(EXEEXT): $(test_attmap_OBJECTS) $(test_attmap_DEPENDENCIES) $(EXTRA_test_attmap_DEPENDENCIES) + @rm -f test_attmap$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(test_attmap_OBJECTS) $(test_attmap_LDADD) $(LIBS) + +test_cfg$(EXEEXT): $(test_cfg_OBJECTS) $(test_cfg_DEPENDENCIES) $(EXTRA_test_cfg_DEPENDENCIES) + @rm -f test_cfg$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(test_cfg_OBJECTS) $(test_cfg_LDADD) $(LIBS) + +test_clock$(EXEEXT): $(test_clock_OBJECTS) $(test_clock_DEPENDENCIES) $(EXTRA_test_clock_DEPENDENCIES) + @rm -f test_clock$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(test_clock_OBJECTS) $(test_clock_LDADD) $(LIBS) + +test_common$(EXEEXT): $(test_common_OBJECTS) $(test_common_DEPENDENCIES) $(EXTRA_test_common_DEPENDENCIES) + @rm -f test_common$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(test_common_OBJECTS) $(test_common_LDADD) $(LIBS) + +test_dict$(EXEEXT): $(test_dict_OBJECTS) $(test_dict_DEPENDENCIES) $(EXTRA_test_dict_DEPENDENCIES) + @rm -f test_dict$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(test_dict_OBJECTS) $(test_dict_LDADD) $(LIBS) + +test_expr$(EXEEXT): $(test_expr_OBJECTS) $(test_expr_DEPENDENCIES) $(EXTRA_test_expr_DEPENDENCIES) + @rm -f test_expr$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(test_expr_OBJECTS) $(test_expr_LDADD) $(LIBS) + +test_getpeercred$(EXEEXT): $(test_getpeercred_OBJECTS) $(test_getpeercred_DEPENDENCIES) $(EXTRA_test_getpeercred_DEPENDENCIES) + @rm -f test_getpeercred$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(test_getpeercred_OBJECTS) $(test_getpeercred_LDADD) $(LIBS) + +test_myldap$(EXEEXT): $(test_myldap_OBJECTS) $(test_myldap_DEPENDENCIES) $(EXTRA_test_myldap_DEPENDENCIES) + @rm -f test_myldap$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(test_myldap_OBJECTS) $(test_myldap_LDADD) $(LIBS) + +test_set$(EXEEXT): $(test_set_OBJECTS) $(test_set_DEPENDENCIES) $(EXTRA_test_set_DEPENDENCIES) + @rm -f test_set$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(test_set_OBJECTS) $(test_set_LDADD) $(LIBS) + +test_tio$(EXEEXT): $(test_tio_OBJECTS) $(test_tio_DEPENDENCIES) $(EXTRA_test_tio_DEPENDENCIES) + @rm -f test_tio$(EXEEXT) + $(AM_V_CCLD)$(test_tio_LINK) $(test_tio_OBJECTS) $(test_tio_LDADD) $(LIBS) + +test_tio_timeout$(EXEEXT): $(test_tio_timeout_OBJECTS) $(test_tio_timeout_DEPENDENCIES) $(EXTRA_test_tio_timeout_DEPENDENCIES) + @rm -f test_tio_timeout$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(test_tio_timeout_OBJECTS) $(test_tio_timeout_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lookup_groupbyuser.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lookup_netgroup.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lookup_shadow.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_attmap.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_cfg.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_clock.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_common.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_dict.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_expr.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_getpeercred.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_myldap.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_set.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_tio.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_tio_timeout.Po@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< + +.c.obj: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` + +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +# Recover from deleted '.trs' file; this should ensure that +# "rm -f foo.log; make foo.trs" re-run 'foo.test', and re-create +# both 'foo.log' and 'foo.trs'. Break the recipe in two subshells +# to avoid problems with "make -n". +.log.trs: + rm -f $< $@ + $(MAKE) $(AM_MAKEFLAGS) $< + +# Leading 'am--fnord' is there to ensure the list of targets does not +# expand to empty, as could happen e.g. with make check TESTS=''. +am--fnord $(TEST_LOGS) $(TEST_LOGS:.log=.trs): $(am__force_recheck) +am--force-recheck: + @: + +$(TEST_SUITE_LOG): $(TEST_LOGS) + @$(am__set_TESTS_bases); \ + am__f_ok () { test -f "$$1" && test -r "$$1"; }; \ + redo_bases=`for i in $$bases; do \ + am__f_ok $$i.trs && am__f_ok $$i.log || echo $$i; \ + done`; \ + if test -n "$$redo_bases"; then \ + redo_logs=`for i in $$redo_bases; do echo $$i.log; done`; \ + redo_results=`for i in $$redo_bases; do echo $$i.trs; done`; \ + if $(am__make_dryrun); then :; else \ + rm -f $$redo_logs && rm -f $$redo_results || exit 1; \ + fi; \ + fi; \ + if test -n "$$am__remaking_logs"; then \ + echo "fatal: making $(TEST_SUITE_LOG): possible infinite" \ + "recursion detected" >&2; \ + elif test -n "$$redo_logs"; then \ + am__remaking_logs=yes $(MAKE) $(AM_MAKEFLAGS) $$redo_logs; \ + fi; \ + if $(am__make_dryrun); then :; else \ + st=0; \ + errmsg="fatal: making $(TEST_SUITE_LOG): failed to create"; \ + for i in $$redo_bases; do \ + test -f $$i.trs && test -r $$i.trs \ + || { echo "$$errmsg $$i.trs" >&2; st=1; }; \ + test -f $$i.log && test -r $$i.log \ + || { echo "$$errmsg $$i.log" >&2; st=1; }; \ + done; \ + test $$st -eq 0 || exit 1; \ + fi + @$(am__sh_e_setup); $(am__tty_colors); $(am__set_TESTS_bases); \ + ws='[ ]'; \ + results=`for b in $$bases; do echo $$b.trs; done`; \ + test -n "$$results" || results=/dev/null; \ + all=` grep "^$$ws*:test-result:" $$results | wc -l`; \ + pass=` grep "^$$ws*:test-result:$$ws*PASS" $$results | wc -l`; \ + fail=` grep "^$$ws*:test-result:$$ws*FAIL" $$results | wc -l`; \ + skip=` grep "^$$ws*:test-result:$$ws*SKIP" $$results | wc -l`; \ + xfail=`grep "^$$ws*:test-result:$$ws*XFAIL" $$results | wc -l`; \ + xpass=`grep "^$$ws*:test-result:$$ws*XPASS" $$results | wc -l`; \ + error=`grep "^$$ws*:test-result:$$ws*ERROR" $$results | wc -l`; \ + if test `expr $$fail + $$xpass + $$error` -eq 0; then \ + success=true; \ + else \ + success=false; \ + fi; \ + br='==================='; br=$$br$$br$$br$$br; \ + result_count () \ + { \ + if test x"$$1" = x"--maybe-color"; then \ + maybe_colorize=yes; \ + elif test x"$$1" = x"--no-color"; then \ + maybe_colorize=no; \ + else \ + echo "$@: invalid 'result_count' usage" >&2; exit 4; \ + fi; \ + shift; \ + desc=$$1 count=$$2; \ + if test $$maybe_colorize = yes && test $$count -gt 0; then \ + color_start=$$3 color_end=$$std; \ + else \ + color_start= color_end=; \ + fi; \ + echo "$${color_start}# $$desc $$count$${color_end}"; \ + }; \ + create_testsuite_report () \ + { \ + result_count $$1 "TOTAL:" $$all "$$brg"; \ + result_count $$1 "PASS: " $$pass "$$grn"; \ + result_count $$1 "SKIP: " $$skip "$$blu"; \ + result_count $$1 "XFAIL:" $$xfail "$$lgn"; \ + result_count $$1 "FAIL: " $$fail "$$red"; \ + result_count $$1 "XPASS:" $$xpass "$$red"; \ + result_count $$1 "ERROR:" $$error "$$mgn"; \ + }; \ + { \ + echo "$(PACKAGE_STRING): $(subdir)/$(TEST_SUITE_LOG)" | \ + $(am__rst_title); \ + create_testsuite_report --no-color; \ + echo; \ + echo ".. contents:: :depth: 2"; \ + echo; \ + for b in $$bases; do echo $$b; done \ + | $(am__create_global_log); \ + } >$(TEST_SUITE_LOG).tmp || exit 1; \ + mv $(TEST_SUITE_LOG).tmp $(TEST_SUITE_LOG); \ + if $$success; then \ + col="$$grn"; \ + else \ + col="$$red"; \ + test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG); \ + fi; \ + echo "$${col}$$br$${std}"; \ + echo "$${col}Testsuite summary for $(PACKAGE_STRING)$${std}"; \ + echo "$${col}$$br$${std}"; \ + create_testsuite_report --maybe-color; \ + echo "$$col$$br$$std"; \ + if $$success; then :; else \ + echo "$${col}See $(subdir)/$(TEST_SUITE_LOG)$${std}"; \ + if test -n "$(PACKAGE_BUGREPORT)"; then \ + echo "$${col}Please report to $(PACKAGE_BUGREPORT)$${std}"; \ + fi; \ + echo "$$col$$br$$std"; \ + fi; \ + $$success || exit 1 + +check-TESTS: + @list='$(RECHECK_LOGS)'; test -z "$$list" || rm -f $$list + @list='$(RECHECK_LOGS:.log=.trs)'; test -z "$$list" || rm -f $$list + @test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG) + @set +e; $(am__set_TESTS_bases); \ + log_list=`for i in $$bases; do echo $$i.log; done`; \ + trs_list=`for i in $$bases; do echo $$i.trs; done`; \ + log_list=`echo $$log_list`; trs_list=`echo $$trs_list`; \ + $(MAKE) $(AM_MAKEFLAGS) $(TEST_SUITE_LOG) TEST_LOGS="$$log_list"; \ + exit $$?; +recheck: all $(check_PROGRAMS) + @test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG) + @set +e; $(am__set_TESTS_bases); \ + bases=`for i in $$bases; do echo $$i; done \ + | $(am__list_recheck_tests)` || exit 1; \ + log_list=`for i in $$bases; do echo $$i.log; done`; \ + log_list=`echo $$log_list`; \ + $(MAKE) $(AM_MAKEFLAGS) $(TEST_SUITE_LOG) \ + am__force_recheck=am--force-recheck \ + TEST_LOGS="$$log_list"; \ + exit $$? +test_dict.log: test_dict$(EXEEXT) + @p='test_dict$(EXEEXT)'; \ + b='test_dict'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +test_set.log: test_set$(EXEEXT) + @p='test_set$(EXEEXT)'; \ + b='test_set'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +test_tio.log: test_tio$(EXEEXT) + @p='test_tio$(EXEEXT)'; \ + b='test_tio'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +test_expr.log: test_expr$(EXEEXT) + @p='test_expr$(EXEEXT)'; \ + b='test_expr'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +test_getpeercred.log: test_getpeercred$(EXEEXT) + @p='test_getpeercred$(EXEEXT)'; \ + b='test_getpeercred'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +test_cfg.log: test_cfg$(EXEEXT) + @p='test_cfg$(EXEEXT)'; \ + b='test_cfg'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +test_attmap.log: test_attmap$(EXEEXT) + @p='test_attmap$(EXEEXT)'; \ + b='test_attmap'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +test_myldap.sh.log: test_myldap.sh + @p='test_myldap.sh'; \ + b='test_myldap.sh'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +test_common.log: test_common$(EXEEXT) + @p='test_common$(EXEEXT)'; \ + b='test_common'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +test_nsscmds.sh.log: test_nsscmds.sh + @p='test_nsscmds.sh'; \ + b='test_nsscmds.sh'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +test_pamcmds.sh.log: test_pamcmds.sh + @p='test_pamcmds.sh'; \ + b='test_pamcmds.sh'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +test_manpages.sh.log: test_manpages.sh + @p='test_manpages.sh'; \ + b='test_manpages.sh'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +test_clock.log: test_clock$(EXEEXT) + @p='test_clock$(EXEEXT)'; \ + b='test_clock'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +test_tio_timeout.log: test_tio_timeout$(EXEEXT) + @p='test_tio_timeout$(EXEEXT)'; \ + b='test_tio_timeout'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +test_pycompile.sh.log: test_pycompile.sh + @p='test_pycompile.sh'; \ + b='test_pycompile.sh'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +test_pylint.sh.log: test_pylint.sh + @p='test_pylint.sh'; \ + b='test_pylint.sh'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +test_pynslcd_cache.py.log: test_pynslcd_cache.py + @p='test_pynslcd_cache.py'; \ + b='test_pynslcd_cache.py'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +test_doctest.sh.log: test_doctest.sh + @p='test_doctest.sh'; \ + b='test_doctest.sh'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +test_ldapcmds.sh.log: test_ldapcmds.sh + @p='test_ldapcmds.sh'; \ + b='test_ldapcmds.sh'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +.test.log: + @p='$<'; \ + $(am__set_b); \ + $(am__check_pre) $(TEST_LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +@am__EXEEXT_TRUE@.test$(EXEEXT).log: +@am__EXEEXT_TRUE@ @p='$<'; \ +@am__EXEEXT_TRUE@ $(am__set_b); \ +@am__EXEEXT_TRUE@ $(am__check_pre) $(TEST_LOG_DRIVER) --test-name "$$f" \ +@am__EXEEXT_TRUE@ --log-file $$b.log --trs-file $$b.trs \ +@am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \ +@am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT) + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) + $(MAKE) $(AM_MAKEFLAGS) check-TESTS +check: check-am +all-am: Makefile +installdirs: +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + -test -z "$(TEST_LOGS)" || rm -f $(TEST_LOGS) + -test -z "$(TEST_LOGS:.log=.trs)" || rm -f $(TEST_LOGS:.log=.trs) + -test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG) + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-checkPROGRAMS clean-generic mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: + +.MAKE: check-am install-am install-strip + +.PHONY: CTAGS GTAGS TAGS all all-am check check-TESTS check-am clean \ + clean-checkPROGRAMS clean-generic cscopelist-am ctags ctags-am \ + distclean distclean-compile distclean-generic distclean-tags \ + distdir dvi dvi-am html html-am info info-am install \ + install-am install-data install-data-am install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am install-man \ + install-pdf install-pdf-am install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic pdf pdf-am ps ps-am \ + recheck tags tags-am uninstall uninstall-am + +.PRECIOUS: Makefile + + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/tests/README b/tests/README new file mode 100644 index 0000000..fc6b71e --- /dev/null +++ b/tests/README @@ -0,0 +1,72 @@ + +This document tries to descrive the test in this directory. Most of these +tests should be self-explanitory as they should be simple unit tests of the +shipped modules (more unit tests are welcome). + +Since nss-pam-ldapd is meant for providing data from an LDAP server for some +tests you should have an LDAP server running and for other tests you also need +to have nslcd (or pynslcd) running. + +For this a test environment should be set up (the tests are ignored if no such +environment was detected). In my development environment I use a chroot jail +with Debian. The instructions in this document assume a similar environment. + + +TEST ENVIRONMENT +================ + +LDAP server configuration +------------------------- + +An LDAP server listening on ldap://localhost and ldapi:// is assumed that +serves a particular test directory. For setting up an LDAP server for testing +a setup_slapd.sh script is provided. This uses the config.ldif and test.ldif +files to setup an LDAP server in a dedicated directory. + +If you have an LDAP server already set up on another machine with the test +database, you should configure nslcd.conf and nslcd-test.conf to point to that +server. + +Most of the names in the database have been randomly generated based on a +combination of name-lists that were found on the Internet. + + +nsswitch.conf +------------- + +The /etc/nsswitch.conf file is expected to contain something like the +following. All maps should be looked up through LDAP and some tests may expect +the LDAP lookup to come after the files lookup. + +passwd: files ldap +group: files ldap +shadow: files ldap +hosts: files ldap dns mdns +networks: files ldap +protocols: db files ldap +services: db files ldap +ethers: db files ldap +rpc: db files ldap +netgroup: files ldap +aliases: files ldap + +nslcd.conf +---------- + +The /etc/nslcd.conf file is expected to be configured like the following. + +uid nslcd +gid nslcd +uri ldapi:/// +base dc=test,dc=tld +#pagesize 100 # paging and referrals don't mix +timelimit 2 +bind_timelimit 4 +reconnect_sleeptime 4 +reconnect_retrytime 10 +filter group (|(objectClass=posixGroup)(objectClass=groupOfNames)) +base passwd ou=people,dc=test,dc=tld +base shadow ou=people,dc=test,dc=tld +base group ou=groups,dc=test,dc=tld +rootpwmoddn cn=admin,dc=test,dc=tld +rootpwmodpw test diff --git a/tests/common.h b/tests/common.h new file mode 100644 index 0000000..500f740 --- /dev/null +++ b/tests/common.h @@ -0,0 +1,78 @@ +/* + common.h - common test routines + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2011, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef TEST__COMMON_H +#define TEST__COMMON_H 1 + +#include + +#ifndef __ASSERT_FUNCTION +#define __ASSERT_FUNCTION "" +#endif /* not __ASSERT_FUNCTION */ + +/* try to find the actual assert function */ +#ifndef HAVE___ASSERT_FAIL +/* for Solaris: */ +#ifdef sun +#define __assert_fail(assertion, file, line, function) \ + __assert(assertion, file, line) +#endif +/* for FreeBSD: */ +#ifdef __FreeBSD__ +#define __assert_fail(assertion, file, line, function) \ + __assert(assertion, file, line, function) +#endif +#endif /* not HAVE___ASSERT_FAIL */ + +/* extra assertion function that epxects both strings to be the same + (special macro because strcmp() can be a macro that turns ugly in assert) */ +#define assertstreq(str1, str2) \ + (assertstreq_impl(str1, str2, \ + "strcmp(" __STRING(str1) ", " __STRING(str2) ") == 0", \ + __FILE__, __LINE__, __ASSERT_FUNCTION)) + +static inline void assertstreq_impl(const char *str1, const char *str2, + const char *assertion, const char *file, + int line, const char *function) +{ + if (strcmp(str1, str2) != 0) + __assert_fail(assertion, file, line, function); +} + +/* extra assertion function that expects expr to be valid and prints an + error message that include errno otherwise */ +#define assertok(expr) \ + ((expr) \ + ? (void) (0) \ + : __assertok_fail(__STRING(expr), __FILE__, __LINE__, __ASSERT_FUNCTION)) + + +static inline void __assertok_fail(const char *expr, const char *file, + int line, const char *function) +{ + char msg[120]; + snprintf(msg, sizeof(msg), "%s (errno=\"%s\")", expr, strerror(errno)); + __assert_fail(msg, file, line, function); +} + + +#endif /* not TEST__COMMON_H */ diff --git a/tests/config.ldif b/tests/config.ldif new file mode 100644 index 0000000..66ae428 --- /dev/null +++ b/tests/config.ldif @@ -0,0 +1,119 @@ +dn: cn=config +objectClass: olcGlobal +cn: config +olcArgsFile: @BASEDIR@/slapd.args +olcPidFile: @BASEDIR@/slapd.pid +olcToolThreads: 1 +olcSizeLimit: unlimited +olcTimeLimit: unlimited + +dn: cn=module{0},cn=config +objectClass: olcModuleList +cn: module{0} +olcModuleLoad: back_bdb +olcModuleLoad: ppolicy + +dn: cn=schema,cn=config +objectClass: olcSchemaConfig +cn: schema + +include: file:///etc/ldap/schema/core.ldif +include: file:///etc/ldap/schema/cosine.ldif +include: file:///etc/ldap/schema/nis.ldif +include: file:///etc/ldap/schema/inetorgperson.ldif +include: file:///etc/ldap/schema/misc.ldif +include: file:///etc/ldap/schema/ppolicy.ldif + +dn: cn=samba,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: samba +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' DESC 'LanManager Password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' DESC 'MD4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags' DESC 'Account Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet' DESC 'Timestamp of the last password update' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.28 NAME 'sambaPwdCanChange' DESC 'Timestamp of when the user is allowed to update the password' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.29 NAME 'sambaPwdMustChange' DESC 'Timestamp of when the password will expire' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime' DESC 'Timestamp of last logon' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime' DESC 'Timestamp of last logoff' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime' DESC 'Timestamp of when the user will be logged off automatically' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive' DESC 'Driver letter of home directory mapping' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.34 NAME 'sambaLogonScript' DESC 'Logon script path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.35 NAME 'sambaProfilePath' DESC 'Roaming profile path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.36 NAME 'sambaUserWorkstations' DESC 'List of user workstations the user is allowed to logon to' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath' DESC 'Home directory UNC path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName' DESC 'Windows NT domain to which the user belongs' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' DESC 'Security ID' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.23 NAME 'sambaPrimaryGroupSID' DESC 'Primary Group Security ID' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType' DESC 'NT Group Type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid' DESC 'Next NT rid to give our for users' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid' DESC 'Next NT rid to give out for groups' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid' DESC 'Next NT rid to give out for anything' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: ( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBase' DESC 'Base at which the samba RID generation algorithm should operate' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcObjectClasses: ( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' DESC 'Samba 3.0 Auxilary SAM Account' SUP top AUXILIARY MUST ( uid $ sambaSID ) MAY ( cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $ sambaLogonTime $ sambaLogoffTime $ sambaKickoffTime $ sambaPwdCanChange $ sambaPwdMustChange $ sambaAcctFlags $ displayName $ sambaHomePath $ sambaHomeDrive $ sambaLogonScript $ sambaProfilePath $ description $ sambaUserWorkstations $ sambaPrimaryGroupSID $ sambaDomainName ) ) +olcObjectClasses: ( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' DESC 'Samba Group Mapping' SUP top AUXILIARY MUST ( gidNumber $ sambaSID $ sambaGroupType ) MAY ( displayName $ description ) ) +olcObjectClasses: ( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' DESC 'Samba Domain Information' SUP top STRUCTURAL MUST ( sambaDomainName $ sambaSID ) MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ sambaAlgorithmicRidBase ) ) +olcObjectClasses: ( 1.3.6.1.4.1.7165.1.2.2.7 NAME 'sambaUnixIdPool' DESC 'Pool for allocating UNIX uids/gids' SUP top AUXILIARY MUST ( uidNumber $ gidNumber ) ) +olcObjectClasses: ( 1.3.6.1.4.1.7165.1.2.2.8 NAME 'sambaIdmapEntry' DESC 'Mapping from a SID to an ID' SUP top AUXILIARY MUST sambaSID MAY ( uidNumber $gidNumber ) ) +olcObjectClasses: ( 1.3.6.1.4.1.7165.1.2.2.9 NAME 'sambaSidEntry' DESC 'Structural Class for a SID' SUP top STRUCTURAL MUST sambaSID ) + +dn: cn=autofs,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: autofs +olcAttributeTypes: ( 1.3.6.1.1.1.1.25 NAME 'automountInformation' DESC 'Information used by the autofs automounter' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcObjectClasses: ( 1.3.6.1.1.1.1.13 NAME 'automount' DESC 'An entry in an automounter map' SUP top STRUCTURAL MUST ( cn $ automountInformation $ objectclass ) MAY description ) +olcObjectClasses: ( 1.3.6.1.4.1.2312.4.2.2 NAME 'automountMap' DESC 'An group of related automount objects' SUP top STRUCTURAL MUST ou ) + +dn: olcDatabase={-1}frontend,cn=config +objectClass: olcDatabaseConfig +objectClass: olcFrontendConfig +olcDatabase: {-1}frontend +olcAccess: to * + by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage + by * break +olcAccess: to dn.exact="" + by * read +olcAccess: to dn.base="cn=Subschema" + by * read + +dn: olcDatabase={0}config,cn=config +objectClass: olcDatabaseConfig +olcDatabase: {0}config +olcAccess: to * + by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage + by * break +olcRootDN: cn=admin,cn=config + +dn: olcDatabase={1}bdb,cn=config +objectClass: olcDatabaseConfig +objectClass: olcBdbConfig +olcDatabase: {1}bdb +olcDbDirectory: @BASEDIR@/ldapdb +olcSuffix: dc=test,dc=tld +olcAccess: to attrs=userPassword + by self write + by anonymous auth + by dn="cn=admin,dc=test,dc=tld" write + by * none +olcAccess: to attrs=shadowLastChange + by dn.base="cn=admin,dc=test,dc=tld" write + by * read +olcAccess: to dn.base="" + by * read +olcAccess: to * + by self write + by dn="cn=admin,dc=test,dc=tld" write + by * read +olcRootDN: cn=admin,dc=test,dc=tld +olcRootPW: test +olcDbCheckpoint: 512 30 +olcDbConfig: set_cachesize 0 2097152 0 +olcDbConfig: set_lk_max_objects 1500 +olcDbConfig: set_lk_max_locks 1500 +olcDbConfig: set_lk_max_lockers 1500 +olcDbIndex: objectClass eq + +dn: olcOverlay={0}ppolicy,olcDatabase={1}bdb,cn=config +objectClass: olcOverlayConfig +objectClass: olcPPolicyConfig +olcOverlay: {0}ppolicy +olcPPolicyDefault: cn=default,ou=policies,dc=test,dc=tld diff --git a/tests/lookup_groupbyuser.c b/tests/lookup_groupbyuser.c new file mode 100644 index 0000000..a9796ea --- /dev/null +++ b/tests/lookup_groupbyuser.c @@ -0,0 +1,74 @@ +/* + lookup_groupbyuser.c - simple lookup for groups by user + + Copyright (C) 2014 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include + +#ifndef HAVE_GETGROUPLIST +/* dummy implementation that for systems without getgrouplist() */ +int main(int argc,char *argv[]) +{ + fprintf(stderr, "%s: getgrouplist() not available\n", argv[0]); + return 1; +} +#else /* HAVE_GETGROUPLIST */ + +/* the main program... */ +int main(int argc,char *argv[]) +{ + gid_t groups[1024]; + int ngroups = sizeof(groups); + int i; + /* check arguments */ + if ((argc != 1) && (argc != 2)) + { + fprintf(stderr, "Usage: %s [USERNAME]\n", argv[0]); + exit(EXIT_FAILURE); + } + /* start lookup */ + if (getgrouplist(argv[1], (gid_t)-1, groups, &ngroups) < 0) + { + fprintf(stderr, "getgrouplist() failed (%d entries would be returned)\n", + ngroups); + exit(EXIT_FAILURE); + } + /* print results */ + printf("user=%s groups=", argv[1]); + for (i = 0; i < ngroups; i++) + { + if (groups[i] != (gid_t)-1) + { + if (i > 0) + printf(","); + printf("%d", groups[i]); + } + } + printf("\n"); + return 0; +} + +#endif /* HAVE_GETGROUPLIST */ diff --git a/tests/lookup_netgroup.c b/tests/lookup_netgroup.c new file mode 100644 index 0000000..07fbfbb --- /dev/null +++ b/tests/lookup_netgroup.c @@ -0,0 +1,58 @@ +/* + lookup_netgroup.c - simple lookup code for netgroups + + Copyright (C) 2012, 2013 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include + +/* the main program... */ +int main(int argc,char *argv[]) +{ + char *host, *user, *domain; + /* check arguments */ + if (argc != 2) + { + fprintf(stderr, "Usage: %s NETGROUP\n", argv[0]); + exit(EXIT_FAILURE); + } + /* start lookup */ +#ifdef SETNETGRENT_RETURNS_VOID + setnetgrent(argv[1]); +#else /* not SETNETGRENT_RETURNS_VOID */ + if (setnetgrent(argv[1]) != 0) + { + /* output nothing */ + exit(EXIT_FAILURE); + } +#endif /* not SETNETGRENT_RETURNS_VOID */ + fprintf(stdout, "%-20s", argv[1]); + while (getnetgrent(&host, &user, &domain) != 0) + { + fprintf(stdout, " (%s, %s, %s)", host, user, domain); + } + fprintf(stdout, "\n"); + endnetgrent(); + return 0; +} diff --git a/tests/lookup_shadow.c b/tests/lookup_shadow.c new file mode 100644 index 0000000..3655806 --- /dev/null +++ b/tests/lookup_shadow.c @@ -0,0 +1,97 @@ +/* + lookup_shadow.c - simple lookup code for shadow entries + + Copyright (C) 2013 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include + +#ifndef HAVE_SHADOW_H +/* dummy implementation that does nothing for FreeBSD */ +int main(int argc,char *argv[]) +{ + fprintf(stderr, "%s: shadow lookups unsupported\n", argv[0]); + return 1; +} +#else /* HAVE_SHADOW_H */ + +#include + +static void print_shadow(struct spwd *result) +{ + printf("%s:%s:", result->sp_namp, result->sp_pwdp); + if (result->sp_lstchg >= 0) + printf("%d", (int)result->sp_lstchg); + printf(":"); + if (result->sp_min >= 0) + printf("%d", (int)result->sp_min); + printf(":"); + if (result->sp_max >= 0) + printf("%d", (int)result->sp_max); + printf(":"); + if (result->sp_warn >= 0) + printf("%d", (int)result->sp_warn); + printf(":"); + if (result->sp_inact >= 0) + printf("%d", (int)result->sp_inact); + printf(":"); + if (result->sp_expire >= 0) + printf("%d", (int)result->sp_expire); + printf(":"); + if (result->sp_flag >= 0) + printf("%x", (int)result->sp_flag); + printf("\n"); +} + +/* the main program... */ +int main(int argc,char *argv[]) +{ + struct spwd *result; + /* check arguments */ + if ((argc != 1) && (argc != 2)) + { + fprintf(stderr, "Usage: %s [USERNAME]\n", argv[0]); + exit(EXIT_FAILURE); + } + /* start lookup */ + if (argc == 2) + { + /* get entry by name */ + errno = 0; + result = getspnam(argv[1]); + if (result == NULL) + exit(EXIT_FAILURE); + print_shadow(result); + } + else /* argc == 1 */ + { + /* get all entries */ + setspent(); + while ((result = getspent()) != NULL) + print_shadow(result); + endspent(); + } + return 0; +} + +#endif /* HAVE_SHADOW_H */ diff --git a/tests/nslcd-test.conf b/tests/nslcd-test.conf new file mode 100644 index 0000000..3a83bd0 --- /dev/null +++ b/tests/nslcd-test.conf @@ -0,0 +1,33 @@ +# nslcd-test.conf +# nslcd configuration file for test environment. +# See nslcd.conf(5) for details. + +# The location at which the LDAP server(s) should be reachable. +uri ldap://127.0.0.1/ + +# The DN to bind with for normal lookups. +#binddn cn=annonymous,dc=example,dc=net +#bindpw *removed* + +# credentials for modifications +rootpwmoddn cn=admin,dc=test,dc=tld +rootpwmodpw test + +# The timeout for network operations. +timelimit 2 +bind_timelimit 4 +reconnect_sleeptime 4 +reconnect_retrytime 10 + +# The search bases that will be used +base dc=test,dc=tld +base passwd ou=people,dc=test,dc=tld +base shadow ou=people,dc=test,dc=tld +base group ou=groups,dc=test,dc=tld + +# support nested groups and groupOfNames +filter group (|(objectClass=posixGroup)(objectClass=groupOfNames)) +nss_nested_groups on + +# invalidate caches on reconnect +reconnect_invalidate passwd,group,nfsidmap diff --git a/tests/pylint.rc b/tests/pylint.rc new file mode 100644 index 0000000..7f0bc13 --- /dev/null +++ b/tests/pylint.rc @@ -0,0 +1,235 @@ +[MASTER] + +# Profiled execution. +profile=no + +# Pickle collected data for later comparisons. +persistent=no + + + +[MESSAGES CONTROL] + +# Enable the message, report, category or checker with the given id(s). You can +# either give multiple identifier separated by comma (,) or put this option +# multiple time. +enable= + +# Disable the message, report, category or checker with the given id(s). You +# can either give multiple identifier separated by comma (,) or put this option +# multiple time (only on the command line, not in the configuration file where +# it should appear only once). +disable=E1101 + + +[REPORTS] + +# Set the output format. Available formats are text, parseable, colorized, msvs +# (visual studio) and html +output-format=colorized + +# Include message's id in output +include-ids=yes + +# Put messages in a separate file for each module / package specified on the +# command line instead of printing them on stdout. Reports (if any) will be +# written in a file name "pylint_global.[txt|html]". +files-output=no + +# Tells whether to display a full report or only the messages +reports=no + +# Python expression which should return a note less than 10 (10 is the highest +# note). You have access to the variables errors warning, statement which +# respectively contain the number of errors / warnings messages and the total +# number of statements analyzed. This is used by the global evaluation report +# (RP0004). +evaluation=0 + +# Add a comment according to your evaluation note. This is used by the global +# evaluation report (RP0004). +comment=no + + +[VARIABLES] + +# Tells whether we should check for unused import in __init__ files. +init-import=no + +# A regular expression matching the beginning of the name of dummy variables +# (i.e. not used). +dummy-variables-rgx=_|dummy + +# List of additional names supposed to be defined in builtins. Remember that +# you should avoid to define new builtins when possible. +additional-builtins= + + +[TYPECHECK] + +# Tells whether missing members accessed in mixin class should be ignored. A +# mixin class is detected if its name ends with "mixin" (case insensitive). +ignore-mixin-members=yes + +# List of classes names for which member attributes should not be checked +# (useful for classes with attributes dynamically set). +ignored-classes=SQLObject + +# When zope mode is activated, add a predefined set of Zope acquired attributes +# to generated-members. +zope=no + +# List of members which are set dynamically and missed by pylint inference +# system, and so shouldn't trigger E0201 when accessed. Python regular +# expressions are accepted. +generated-members=REQUEST,acl_users,aq_parent, + + +[SIMILARITIES] + +# Minimum lines number of a similarity. +min-similarity-lines=6 + +# Ignore comments when computing similarities. +ignore-comments=yes + +# Ignore docstrings when computing similarities. +ignore-docstrings=yes + + +[MISCELLANEOUS] + +# List of note tags to take in consideration, separated by a comma. +notes=FIXME,XXX,TODO + + +[FORMAT] + +# Maximum number of characters on a single line. +max-line-length=110 + +# Maximum number of lines in a module +max-module-lines=1000 + +# String used as indentation unit. This is usually " " (4 spaces) or "\t" (1 +# tab). +indent-string=' ' + + +[BASIC] + +# Required attributes for module, separated by a comma +required-attributes= + +# List of builtins function names that should not be used, separated by a comma +bad-functions=map,filter,apply,input + +# Regular expression which should only match correct module names +module-rgx=(([a-z_][a-z0-9_]*)|([A-Z][a-zA-Z0-9]+))$ + +# Regular expression which should only match correct module level names +const-rgx=(([A-Z_][A-Z0-9_]*)|(__.*__))$ + +# Regular expression which should only match correct class names +class-rgx=[A-Z_][a-zA-Z0-9]+$ + +# Regular expression which should only match correct function names +function-rgx=[a-z_][a-z0-9_]{2,30}$ + +# Regular expression which should only match correct method names +method-rgx=[a-z_][a-z0-9_]{1,30}$ + +# Regular expression which should only match correct instance attribute names +attr-rgx=[a-z_][a-z0-9_]{2,30}$ + +# Regular expression which should only match correct argument names +argument-rgx=[a-z_][a-z0-9_]{1,30}$ + +# Regular expression which should only match correct variable names +variable-rgx=[a-z_][a-z0-9_]{0,30}$ + +# Regular expression which should only match correct list comprehension / +# generator expression variable names +inlinevar-rgx=[A-Za-z_][A-Za-z0-9_]*$ + +# Good variable names which should always be accepted, separated by a comma +good-names=i,j,k,ex,Run,_ + +# Bad variable names which should always be refused, separated by a comma +bad-names=foo,bar,baz,toto,tutu,tata + +# Regular expression which should only match functions or classes name which do +# not require a docstring +no-docstring-rgx=__.*__ + + +[DESIGN] + +# Maximum number of arguments for function / method +max-args=5 + +# Argument names that match this expression will be ignored. Default to name +# with leading underscore +ignored-argument-names=_.* + +# Maximum number of locals for function / method body +max-locals=15 + +# Maximum number of return / yield for function / method body +max-returns=6 + +# Maximum number of branch for function / method body +max-branchs=12 + +# Maximum number of statements in function / method body +max-statements=50 + +# Maximum number of parents for a class (see R0901). +max-parents=7 + +# Maximum number of attributes for a class (see R0902). +max-attributes=7 + +# Minimum number of public methods for a class (see R0903). +min-public-methods=1 + +# Maximum number of public methods for a class (see R0904). +max-public-methods=20 + + +[IMPORTS] + +# Deprecated modules which should not be used, separated by a comma +deprecated-modules=regsub,string,TERMIOS,Bastion,rexec + +# Create a graph of every (i.e. internal and external) dependencies in the +# given file (report RP0402 must not be disabled) +import-graph= + +# Create a graph of external dependencies in the given file (report RP0402 must +# not be disabled) +ext-import-graph= + +# Create a graph of internal dependencies in the given file (report RP0402 must +# not be disabled) +int-import-graph= + + +[CLASSES] + +# List of interface methods to ignore, separated by a comma. This is used for +# instance to not check methods defines in Zope's Interface base class. +ignore-iface-methods=isImplementedBy,deferred,extends,names,namesAndDescriptions,queryDescriptionFor,getBases,getDescriptionFor,getDoc,getName,getTaggedValue,getTaggedValueTags,isEqualOrExtendedBy,setTaggedValue,isImplementedByInstancesOf,adaptWith,is_implemented_by + +# List of method names used to declare (i.e. assign) instance attributes. +defining-attr-methods=__init__,__new__,setUp + +# List of valid names for the first argument in a class method. +valid-classmethod-first-arg=cls + + +[EXCEPTIONS] + +# Exceptions that will emit a warning when being caught. Defaults to +# "Exception" +overgeneral-exceptions=Exception diff --git a/tests/setup_slapd.sh b/tests/setup_slapd.sh new file mode 100755 index 0000000..8f8874f --- /dev/null +++ b/tests/setup_slapd.sh @@ -0,0 +1,191 @@ +#!/bin/sh + +# run_slapd.sh - configure and run a slapd instance +# +# Copyright (C) 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +set -e + +# find source directory (used for finding LDIF files) +srcdir="${srcdir-`dirname "$0"`}" + +# present usage information +usage() { + echo "Usage: $0 PATH {setup|start|stop|clean|dump_config|dump_db}" >&2 +} + +# examine directory for usability +check_dir() { + if ! [ -e "$1" ] + then + echo "notfound" + elif ! [ -d "$1" ] + then + echo "unknown" + elif [ -z "$(find "$basedir" -mindepth 1 -maxdepth 1 2>/dev/null || true)" ] + then + echo "empty" + elif [ -d "$1/ldapdb" ] + then + if [ -f "$basedir/setup-complete" ] + then + echo "complete" + else + echo "incomplete" + fi + else + echo "unknown" + fi +} + +# check whether our slapd is running +our_slapd_is_running() { + if [ -f "$basedir/slapd.pid" ] && kill -s 0 `cat "$basedir/slapd.pid"` > /dev/null 2>&1 + then + return 0 # is running + fi + return 1 +} + +# the directory where to construct the environment +if test $# -ne 2 +then + usage + exit 1 +fi +basedir="$1" + +# gather configuration information +user="$( (getent passwd openldap || getent passwd ldap || getent passwd nobody) | sed 's/:.*//')" +group="$( (getent group openldap || getent group ldap || getent group nogroup) | sed 's/:.*//')" + +case "$2" in + setup) + if our_slapd_is_running + then + "$0" "$basedir" stop + fi + echo -n "Creating blank $basedir slapd environment..." + case `check_dir "$basedir"` in + notfound|empty|complete|incomplete) ;; + *) + echo "FAILED: already exists and is not empty or old environment" + exit 1 + ;; + esac + rm -rf "$basedir" + mkdir -p "$basedir/slapd.d" "$basedir/ldapdb" || (echo " FAILED"; exit 1) + echo " done." + echo "Loading cn=config..." + tmpldif=`mktemp -t slapadd.XXXXXX` + sed "s|@BASEDIR@|$basedir|g" < "$srcdir/config.ldif" > "$tmpldif" + slapadd -v -F "$basedir/slapd.d" -b "cn=config" -l "$tmpldif" || (echo " FAILED"; exit 1) + rm -f "$tmpldif" + echo "Loading dc=test,dc=tld..." + slapadd -F "$basedir/slapd.d" -b "dc=test,dc=tld" -l "$srcdir/test.ldif" || (echo " FAILED"; exit 1) + echo -n "Fixing permissions..." + chown -R "$user":"$group" "$basedir" || (echo " FAILED"; exit 1) + touch "$basedir/setup-complete" + echo " done." + exit 0 + ;; + start) + echo -n "Starting OpenLDAP: slapd" + case `check_dir "$basedir"` in + complete) ;; + *) + echo " FAILED: environment not ready" + exit 1 + ;; + esac + if our_slapd_is_running + then + echo " already running." + exit 0 + fi + slapd -F "$basedir/slapd.d" -u "$user" -g "$group" \ + -h "ldap:/// ldaps:/// ldapi:///" || (echo " FAILED"; exit 1) + echo "." + ;; + stop) + # (perhaps implement stop-any) + echo -n "Stopping OpenLDAP: slapd" + if ! our_slapd_is_running + then + echo " not running." + exit 0 + fi + for i in 1 2 3 4 5 + do + [ -f "$basedir/slapd.pid" ] && kill `cat "$basedir/slapd.pid"` > /dev/null 2>&1 || true + sleep 0.1 > /dev/null 2>&1 || true + if ! our_slapd_is_running + then + echo " done." + exit 0 + fi + echo -n " ." + sleep 1 + done + echo " FAILED" + exit 1 + ;; + clean) + if our_slapd_is_running + then + "$0" "$basedir" stop + fi + echo -n "Cleaning $basedir... " + case `check_dir "$basedir"` in + complete|incomplete) ;; + *) + echo "FAILED: does not contain environment" + exit 1 + ;; + esac + rm -rf "$basedir" + echo "done." + exit 0 + ;; + dump_config) + case `check_dir "$basedir"` in + complete) ;; + *) + echo "Dumping config FAILED: environment not ready" + exit 1 + ;; + esac + slapcat -F "$basedir/slapd.d" -b "cn=config" -o ldif-wrap=no \ + | sed '/^\(structuralObjectClass\|entryUUID\|creatorsName\|createTimestamp\|entryCSN\|modifiersName\|modifyTimestamp\):/d;$d' + ;; + dump_db) + case `check_dir "$basedir"` in + complete) ;; + *) + echo "Dumping database FAILED: environment not ready" + exit 1 + ;; + esac + slapcat -F "$basedir/slapd.d" -b "dc=test,dc=tld" -o ldif-wrap=no \ + | sed '/^\(structuralObjectClass\|entryUUID\|creatorsName\|createTimestamp\|entryCSN\|modifiersName\|modifyTimestamp\):/d;$d' + ;; + *) + usage + exit 1 + ;; +esac diff --git a/tests/test.ldif b/tests/test.ldif new file mode 100644 index 0000000..0c6c377 --- /dev/null +++ b/tests/test.ldif @@ -0,0 +1,41667 @@ +dn: dc=test,dc=tld +objectClass: top +objectClass: dcObject +objectClass: organization +o: Test domain for nss-ldapd +dc: test + +dn: cn=admin,dc=test,dc=tld +objectClass: simpleSecurityObject +objectClass: organizationalRole +cn: admin +description: LDAP administrator +userPassword:: e1NTSEF9YVY0NmREb0ZqNk1uaklvTnJXR2htYnVHamFaa2J3YUE= + +dn: ou=people,dc=test,dc=tld +objectClass: top +objectClass: organizationalUnit +ou: people + +dn: ou=netgroups,dc=test,dc=tld +objectClass: top +objectClass: organizationalUnit +ou: netgroups + +dn: cn=tstnetgroup,ou=netgroups,dc=test,dc=tld +objectClass: top +objectClass: nisNetgroup +description: desc +cn: tstnetgroup +memberNisNetgroup: tst3netgroup +memberNisNetgroup: tst2netgroup +nisNetgroupTriple: (,arthur,) + +dn: cn=tst3netgroup,ou=netgroups,dc=test,dc=tld +objectClass: top +objectClass: nisNetgroup +cn: tst3netgroup +nisNetgroupTriple: (noot,,) +description: desc2 + +dn: ou=groups,dc=test,dc=tld +objectClass: top +objectClass: organizationalUnit +ou: groups + +dn: cn=testgroup,ou=groups,dc=test,dc=tld +cn: testgroup +gidNumber: 6100 +objectClass: top +objectClass: posixGroup +memberUid: arthur +memberUid: test +memberUid: testuser4 + +dn: cn=Test User2,ou=people,dc=test,dc=tld +uid: testusr2 +uidNumber: 1002 +gidNumber: 100 +homeDirectory: /home/testusr2 +userPassword:: e01ENX1DWTlyelVZaDAzUEszazZESmllMDlnPT0= +loginShell: /bin/sh +description: x +sn: User +sambaSID: S-1-5-21-2656270644-2771678393-2525940785-3002 +cn: Test User2 +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson +objectClass: sambaSamAccount + +dn: ou=extra,ou=people,dc=test,dc=tld +objectClass: top +objectClass: organizationalUnit +userPassword:: e01ENX1DWTlyelVZaDAzUEszazZESmllMDlnPT0= +ou: extra + +dn: ou=aliases,dc=test,dc=tld +objectClass: top +objectClass: organizationalUnit +ou: aliases + +dn: cn=foo,ou=aliases,dc=test,dc=tld +objectClass: top +objectClass: nisMailAlias +cn: foo +rfc822MailMember: bar@example.com + +dn: ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: organizationalUnit +ou: lotsofpeople + +dn: uid=hzagami,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hzagami +uidNumber: 4000 +gidNumber: 1000 +givenName: Hubert +sn: Zagami +cn: Hubert Zagami +homeDirectory: /home/hzagami +gecos: Hubert Zagami +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cm9jaydz +loginShell: /bin/bash + +dn: cn=Keoni Lundsten,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: klundsten +uidNumber: 4001 +gidNumber: 1000 +givenName: Keoni +sn: Lundsten +cn: Keoni Lundsten +homeDirectory: /home/klundsten +gecos: Keoni Lundsten +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9K3V6WUNRdDRoaVpFL3Q4VmU0V1JRUWZrUnZTdUxISW0= +loginShell: /bin/bash + +dn: uid=gbrimmer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gbrimmer +uidNumber: 4002 +gidNumber: 1000 +givenName: Guchol +sn: Brimmer +cn: Guchol Brimmer +homeDirectory: /home/gbrimmer +gecos: Guchol Brimmer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1neU1aM3RzYWxUZEE2WDZvMDhwR3BRPT0= +loginShell: /bin/bash + +dn: uid=zpoirier,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zpoirier +uidNumber: 4003 +gidNumber: 1000 +givenName: Zoelle +sn: Poirier +cn: Zoelle Poirier +homeDirectory: /home/zpoirier +gecos: Zoelle Poirier +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWJkcllmUnc1YndPdjI= +loginShell: /bin/bash + +dn: uid=mmesidor,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mmesidor +uidNumber: 4004 +gidNumber: 1000 +givenName: Melanie +sn: Mesidor +cn: Melanie Mesidor +homeDirectory: /home/mmesidor +gecos: Melanie Mesidor +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Nml6TEN1ZTFjVWJnczZ2dUlFa2tzQlNHYTh1WDlMYzk= +loginShell: /bin/bash + +dn: cn=Zita Gitlewski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zgitlewski +uidNumber: 4005 +gidNumber: 1000 +givenName: Zita +sn: Gitlewski +cn: Zita Gitlewski +homeDirectory: /home/zgitlewski +gecos: Zita Gitlewski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +loginShell: /bin/bash +userPassword:: e1NNRDV9VGlJa1RZcWx4MURUU0pxd2p3bTJnREdVWE9nPQ== + +dn: uid=akilburn,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: akilburn +uidNumber: 4006 +gidNumber: 1000 +givenName: Adeline +sn: Kilburn +cn: Adeline Kilburn +homeDirectory: /home/akilburn +gecos: Adeline Kilburn +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YWZmYWJsZXN0 +loginShell: /bin/bash + +dn: uid=mcaram,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mcaram +uidNumber: 4007 +gidNumber: 1000 +givenName: Mona +sn: Caram +cn: Mona Caram +homeDirectory: /home/mcaram +gecos: Mona Caram +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTA2ZFhOUlNxUHVFTU0= +loginShell: /bin/bash + +dn: uid=bbertao,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bbertao +uidNumber: 4008 +gidNumber: 1000 +givenName: Banyan +sn: Bertao +cn: Banyan Bertao +homeDirectory: /home/bbertao +gecos: Banyan Bertao +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Ym12RkF3dm1TZnJ0eUlCYmQyK3h4c3hSWDlvczV5cVk= +loginShell: /bin/bash + +dn: uid=ithum,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ithum +uidNumber: 4009 +gidNumber: 1000 +givenName: Ira +sn: Thum +cn: Ira Thum +homeDirectory: /home/ithum +gecos: Ira Thum +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9SEkwRVpQZWlzUWduKzV3OERIR2RmQzBTRHFBRWp2a3E= +loginShell: /bin/bash + +dn: uid=kordahl,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kordahl +uidNumber: 4010 +gidNumber: 1000 +givenName: Kevin +sn: Ordahl +cn: Kevin Ordahl +homeDirectory: /home/kordahl +gecos: Kevin Ordahl +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9YTFQSThFUW82Wnd2SGt1U2VQcjUrbUZZZjdNYVAzQm8= +loginShell: /bin/bash + +dn: cn=Vamco Eisenhardt,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: veisenhardt +uidNumber: 4011 +gidNumber: 1000 +givenName: Vamco +sn: Eisenhardt +cn: Vamco Eisenhardt +homeDirectory: /home/veisenhardt +gecos: Vamco Eisenhardt +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1haG03dFMyREova1VtK0YrcjBJTUFRPT0= +loginShell: /bin/bash + +dn: cn=Tingting Lietzke+uid=tlietzke,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tlietzke +uidNumber: 4012 +gidNumber: 1000 +givenName: Tingting +sn: Lietzke +cn: Tingting Lietzke +homeDirectory: /home/tlietzke +gecos: Tingting Lietzke +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: b3ZlcnBhc3Nlcw== +loginShell: /bin/bash + +dn: cn=Timba Bagne,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tbagne +uidNumber: 4013 +gidNumber: 1000 +givenName: Timba +sn: Bagne +cn: Timba Bagne +homeDirectory: /home/tbagne +gecos: Timba Bagne +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX15dGlqNi8yejhxSDY1K1pqaSszNWdWczdnWVE9 +loginShell: /bin/bash + +dn: cn=Pete Murdoch+uid=pmurdoch,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pmurdoch +uidNumber: 4014 +gidNumber: 1000 +givenName: Pete +sn: Murdoch +cn: Pete Murdoch +homeDirectory: /home/pmurdoch +gecos: Pete Murdoch +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bnV0bWVn +loginShell: /bin/bash + +dn: cn=Dovi Largo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dlargo +uidNumber: 4015 +gidNumber: 1000 +givenName: Dovi +sn: Largo +cn: Dovi Largo +homeDirectory: /home/dlargo +gecos: Dovi Largo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1helRYQys1MGZuMWpRZitmQTdNWXJnPT0= +loginShell: /bin/bash + +dn: uid=jsegundo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jsegundo +uidNumber: 4016 +gidNumber: 1000 +givenName: Jasmine +sn: Segundo +cn: Jasmine Segundo +homeDirectory: /home/jsegundo +gecos: Jasmine Segundo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YXJjaHdheQ== +loginShell: /bin/bash + +dn: cn=Isidore Kaus,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ikaus +uidNumber: 4017 +gidNumber: 1000 +givenName: Isidore +sn: Kaus +cn: Isidore Kaus +homeDirectory: /home/ikaus +gecos: Isidore Kaus +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWFKRlF0Qk5KNlhOaTY= +loginShell: /bin/bash + +dn: uid=cordorica,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cordorica +uidNumber: 4018 +gidNumber: 1000 +givenName: Cimaron +sn: Ordorica +cn: Cimaron Ordorica +homeDirectory: /home/cordorica +gecos: Cimaron Ordorica +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfU9wc2M3b0JoMnVBQ2s= +loginShell: /bin/bash + +dn: cn=Sanvu Faure+uid=sfaure,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sfaure +uidNumber: 4019 +gidNumber: 1000 +givenName: Sanvu +sn: Faure +cn: Sanvu Faure +homeDirectory: /home/sfaure +gecos: Sanvu Faure +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWhld2p0MXpFWlJoL28= +loginShell: /bin/bash + +dn: uid=opeet,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: opeet +uidNumber: 4020 +gidNumber: 1000 +givenName: Oma +sn: Peet +cn: Oma Peet +homeDirectory: /home/opeet +gecos: Oma Peet +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1hR09aSENTZ3NERW1BTGkxSkVjVHZ3PT0= +loginShell: /bin/bash + +dn: cn=Jo Lebouf+uid=jlebouf,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jlebouf +uidNumber: 4021 +gidNumber: 1000 +givenName: Jo +sn: Lebouf +cn: Jo Lebouf +homeDirectory: /home/jlebouf +gecos: Jo Lebouf +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9TUZiZmJaQlcwa2ppYzFxRDVCajBYS0NhVWwwPQ== +loginShell: /bin/bash + +dn: cn=Yali Eike+uid=yeike,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: yeike +uidNumber: 4022 +gidNumber: 1000 +givenName: Yali +sn: Eike +cn: Yali Eike +homeDirectory: /home/yeike +gecos: Yali Eike +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9V0xCdFZzdTl0OVRDejI3anVxM24xZFFVWHZjPQ== +loginShell: /bin/bash + +dn: uid=nmastronardi,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nmastronardi +uidNumber: 4023 +gidNumber: 1000 +givenName: Norbert +sn: Mastronardi +cn: Norbert Mastronardi +homeDirectory: /home/nmastronardi +gecos: Norbert Mastronardi +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9YnIzYkVjVGJ2VEN1RVVNaWt0SFJjRGJqRFJ2VEtLNHo= +loginShell: /bin/bash + +dn: uid=jeuresti,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jeuresti +uidNumber: 4024 +gidNumber: 1000 +givenName: Jokwe +sn: Euresti +cn: Jokwe Euresti +homeDirectory: /home/jeuresti +gecos: Jokwe Euresti +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWJsSW5oUDRPVURGMG8= +loginShell: /bin/bash + +dn: cn=Alberto Mckinney+uid=amckinney,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: amckinney +uidNumber: 4025 +gidNumber: 1000 +givenName: Alberto +sn: Mckinney +cn: Alberto Mckinney +homeDirectory: /home/amckinney +gecos: Alberto Mckinney +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ZkZ0OTljRk9zMEFQd2l3c0Q5bGNvWHcyeHNrMUhnTzg= +loginShell: /bin/bash + +dn: uid=kolexa,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kolexa +uidNumber: 4026 +gidNumber: 1000 +givenName: Karen +sn: Olexa +cn: Karen Olexa +homeDirectory: /home/kolexa +gecos: Karen Olexa +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1KQyt5ZCtMbDY5WUFWQXJ3eVo3ZnRnPT0= +loginShell: /bin/bash + +dn: uid=ktuner,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ktuner +uidNumber: 4027 +gidNumber: 1000 +givenName: Kevin +sn: Tuner +cn: Kevin Tuner +homeDirectory: /home/ktuner +gecos: Kevin Tuner +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1ET2JXV1pFVWczamFQRGdFSUR2S25IWFYyNW89 +loginShell: /bin/bash + +dn: uid=dsherard,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dsherard +uidNumber: 4028 +gidNumber: 1000 +givenName: Damien +sn: Sherard +cn: Damien Sherard +homeDirectory: /home/dsherard +gecos: Damien Sherard +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9TjRrcXpEY3N3ME5rc2ZZdUliZEMwRnhvVzI2bGNtMng= +loginShell: /bin/bash + +dn: uid=yvdberg,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uidNumber: 4029 +gidNumber: 1000 +givenName: Yanyan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1ZQWhYWS9zUFlPMkFIdzlNUUZWdzAybXBQbE09 +loginShell: /bin/bash +cn: Yanyan van der Berg +uid: yvdberg +homeDirectory: /home/yvdberg +gecos: Yanyan van der Berg +sn: van der Berg + +dn: uid=mbaldyga,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mbaldyga +uidNumber: 4030 +gidNumber: 1000 +givenName: Mitag +sn: Baldyga +cn: Mitag Baldyga +homeDirectory: /home/mbaldyga +gecos: Mitag Baldyga +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cGFyYXNpdGlj +loginShell: /bin/bash + +dn: cn=Manuel Neubacher,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mneubacher +uidNumber: 4031 +gidNumber: 1000 +givenName: Manuel +sn: Neubacher +cn: Manuel Neubacher +homeDirectory: /home/mneubacher +gecos: Manuel Neubacher +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1vL0lMQVJ2ZTlnL2tyb3g2YnpmSVhRPT0= +loginShell: /bin/bash + +dn: uid=hmerle,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hmerle +uidNumber: 4032 +gidNumber: 1000 +givenName: Hortense +sn: Merle +cn: Hortense Merle +homeDirectory: /home/hmerle +gecos: Hortense Merle +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3dlYXRpbmc= +loginShell: /bin/bash + +dn: uid=zkurokawa,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zkurokawa +uidNumber: 4033 +gidNumber: 1000 +givenName: Zuman +sn: Kurokawa +cn: Zuman Kurokawa +homeDirectory: /home/zkurokawa +gecos: Zuman Kurokawa +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfS42MUxHVnpHZ0pJS28= +loginShell: /bin/bash + +dn: uid=sjarvi,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sjarvi +uidNumber: 4034 +gidNumber: 1000 +givenName: Sandra +sn: Jarvi +cn: Sandra Jarvi +homeDirectory: /home/sjarvi +gecos: Sandra Jarvi +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX00a0o4TGJaY25QMzRwSEpLZDVHbnQ4WXJPb2c9 +loginShell: /bin/bash + +dn: cn=Owen Pizzuti,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: opizzuti +uidNumber: 4035 +gidNumber: 1000 +givenName: Owen +sn: Pizzuti +cn: Owen Pizzuti +homeDirectory: /home/opizzuti +gecos: Owen Pizzuti +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWxlaDRxdUJEMXd4c0k= +loginShell: /bin/bash + +dn: uid=ddigerolamo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ddigerolamo +uidNumber: 4036 +gidNumber: 1000 +givenName: Danas +sn: Digerolamo +cn: Danas Digerolamo +homeDirectory: /home/ddigerolamo +gecos: Danas Digerolamo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVFVcHE3a243aERtVHM= +loginShell: /bin/bash + +dn: uid=cmcgoey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cmcgoey +uidNumber: 4037 +gidNumber: 1000 +givenName: Cleo +sn: Mcgoey +cn: Cleo Mcgoey +homeDirectory: /home/cmcgoey +gecos: Cleo Mcgoey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1TTFZGN3pIeDdFZWpoZzNJZXFPQ29nPT0= +loginShell: /bin/bash + +dn: uid=mwatt,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mwatt +uidNumber: 4038 +gidNumber: 1000 +givenName: Madeline +sn: Watt +cn: Madeline Watt +homeDirectory: /home/mwatt +gecos: Madeline Watt +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9NVFKV2RMQkU1Zk51ZDUreTFDVzRGK05obW40PQ== +loginShell: /bin/bash + +dn: uid=hkohlmeyer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hkohlmeyer +uidNumber: 4039 +gidNumber: 1000 +givenName: Humberto +sn: Kohlmeyer +cn: Humberto Kohlmeyer +homeDirectory: /home/hkohlmeyer +gecos: Humberto Kohlmeyer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cm9tYW4= +loginShell: /bin/bash + +dn: uid=tblackgoat,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tblackgoat +uidNumber: 4040 +gidNumber: 1000 +givenName: Todd +sn: Blackgoat +cn: Todd Blackgoat +homeDirectory: /home/tblackgoat +gecos: Todd Blackgoat +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX02aXQ1NzJHRzVPTVNFcTh4TjFlN0tRPT0= +loginShell: /bin/bash + +dn: uid=hstanczyk,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hstanczyk +uidNumber: 4041 +gidNumber: 1000 +givenName: Hilary +sn: Stanczyk +cn: Hilary Stanczyk +homeDirectory: /home/hstanczyk +gecos: Hilary Stanczyk +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aXJvbmVk +loginShell: /bin/bash + +dn: cn=Frederic Halon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fhalon +uidNumber: 4042 +gidNumber: 1000 +givenName: Frederic +sn: Halon +cn: Frederic Halon +homeDirectory: /home/fhalon +gecos: Frederic Halon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1za29jZnB6bTN3c2pSTnNpbHJ6NUZsZ1UzSGc9 +loginShell: /bin/bash + +dn: uid=jvillaire,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jvillaire +uidNumber: 4043 +gidNumber: 1000 +givenName: Joyce +sn: Villaire +cn: Joyce Villaire +homeDirectory: /home/jvillaire +gecos: Joyce Villaire +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1uSFJrRk05ekMwT1FZWWxJTUd5dlBtTXZQVnM9 +loginShell: /bin/bash + +dn: uid=cgaudette,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cgaudette +uidNumber: 4044 +gidNumber: 1000 +givenName: Cimaron +sn: Gaudette +cn: Cimaron Gaudette +homeDirectory: /home/cgaudette +gecos: Cimaron Gaudette +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cTY4VEFOZmFMY0lWVFZUc1YxOTI2QlhJeXhBPQ== +loginShell: /bin/bash + +dn: uid=khoffstetter,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: khoffstetter +uidNumber: 4045 +gidNumber: 1000 +givenName: Katse +sn: Hoffstetter +cn: Katse Hoffstetter +homeDirectory: /home/khoffstetter +gecos: Katse Hoffstetter +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9OFpmZ3ltQzd1dm1aTzgremRyMDYvUW5WUi9NPQ== +loginShell: /bin/bash + +dn: uid=zwinterbottom,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zwinterbottom +uidNumber: 4046 +gidNumber: 1000 +givenName: Zita +sn: Winterbottom +cn: Zita Winterbottom +homeDirectory: /home/zwinterbottom +gecos: Zita Winterbottom +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9N21EVzZrTlMvTWI4STNxeUM4OXhVVXhUWk04PQ== +loginShell: /bin/bash + +dn: cn=Erika Berkman+uid=eberkman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eberkman +uidNumber: 4047 +gidNumber: 1000 +givenName: Erika +sn: Berkman +cn: Erika Berkman +homeDirectory: /home/eberkman +gecos: Erika Berkman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cmVuZGVyaW5nJ3M= +loginShell: /bin/bash + +dn: uid=ideshon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ideshon +uidNumber: 4048 +gidNumber: 1000 +givenName: Ignacio +sn: Deshon +cn: Ignacio Deshon +homeDirectory: /home/ideshon +gecos: Ignacio Deshon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX02TGx5ei9RbjdEWEJRMmlQazNvaitnPT0= +loginShell: /bin/bash + +dn: uid=odarity,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: odarity +uidNumber: 4049 +gidNumber: 1000 +givenName: Oscar +sn: Darity +cn: Oscar Darity +homeDirectory: /home/odarity +gecos: Oscar Darity +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWszZXhLVkcyU2Vkai4= +loginShell: /bin/bash + +dn: uid=kwirght,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kwirght +uidNumber: 4050 +gidNumber: 1000 +givenName: Kodo +sn: Wirght +cn: Kodo Wirght +homeDirectory: /home/kwirght +gecos: Kodo Wirght +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1kbDB1eVVWVHQ4OU1seDU5L1BEb1VRPT0= +loginShell: /bin/bash + +dn: uid=vrapin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vrapin +uidNumber: 4051 +gidNumber: 1000 +givenName: Virginie +sn: Rapin +cn: Virginie Rapin +homeDirectory: /home/vrapin +gecos: Virginie Rapin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfW9BZVY3MlQzTVpjNm8= +loginShell: /bin/bash + +dn: uid=mmatise,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mmatise +uidNumber: 4052 +gidNumber: 1000 +givenName: Matt +sn: Matise +cn: Matt Matise +homeDirectory: /home/mmatise +gecos: Matt Matise +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9dHRHamRzM2FReVpCL29SUnNpRnc4cThiQ1R1T1gxRWs= +loginShell: /bin/bash + +dn: uid=iromie,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: iromie +uidNumber: 4053 +gidNumber: 1000 +givenName: Ileana +sn: Romie +cn: Ileana Romie +homeDirectory: /home/iromie +gecos: Ileana Romie +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1mUmFuam92bVNINWhhOUM1NkVqNS8xK1hzSW89 +loginShell: /bin/bash + +dn: uid=poakland,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: poakland +uidNumber: 4054 +gidNumber: 1000 +givenName: Percy +sn: Oakland +cn: Percy Oakland +homeDirectory: /home/poakland +gecos: Percy Oakland +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX04VXZDaS9Dc3RoQ2RHU1F3b3V2ZnlnPT0= +loginShell: /bin/bash + +dn: uid=sspagnuolo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sspagnuolo +uidNumber: 4055 +gidNumber: 1000 +givenName: Sadie +sn: Spagnuolo +cn: Sadie Spagnuolo +homeDirectory: /home/sspagnuolo +gecos: Sadie Spagnuolo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9N0R1dnVsUERIYzI5dHZyYlB0SXo2WHdvMUFJPQ== +loginShell: /bin/bash + +dn: uid=bnicoletti,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bnicoletti +uidNumber: 4056 +gidNumber: 1000 +givenName: Beulah +sn: Nicoletti +cn: Beulah Nicoletti +homeDirectory: /home/bnicoletti +gecos: Beulah Nicoletti +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1vMlZVc1RJY25QZzNPdC8rdVkzNStybk0rVVU9 +loginShell: /bin/bash + +dn: uid=eparham,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eparham +uidNumber: 4057 +gidNumber: 1000 +givenName: Eugene +sn: Parham +cn: Eugene Parham +homeDirectory: /home/eparham +gecos: Eugene Parham +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9UmtvTUJIZmFaSkxGZ3haYUxpYWswWkNMREtRPQ== +loginShell: /bin/bash + +dn: uid=nslaby,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nslaby +uidNumber: 4058 +gidNumber: 1000 +givenName: Nancy +sn: Slaby +cn: Nancy Slaby +homeDirectory: /home/nslaby +gecos: Nancy Slaby +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9TXY4Tld1QmhBNXhBYktWbm5hN1NQZkRDNC9FPQ== +loginShell: /bin/bash + +dn: uid=hyuscak,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hyuscak +uidNumber: 4059 +gidNumber: 1000 +givenName: Helene +sn: Yuscak +cn: Helene Yuscak +homeDirectory: /home/hyuscak +gecos: Helene Yuscak +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9VUhFZis5Snp1T2VENXl1RXQrNSt3eGtmSm50UWxoTXY= +loginShell: /bin/bash + +dn: cn=Usagi Vanmatre+uid=uvanmatre,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: uvanmatre +uidNumber: 4060 +gidNumber: 1000 +givenName: Usagi +sn: Vanmatre +cn: Usagi Vanmatre +homeDirectory: /home/uvanmatre +gecos: Usagi Vanmatre +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTIyYThqb1BzQ0pzQ2c= +loginShell: /bin/bash + +dn: cn=Lin Loukota,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lloukota +uidNumber: 4061 +gidNumber: 1000 +givenName: Lin +sn: Loukota +cn: Lin Loukota +homeDirectory: /home/lloukota +gecos: Lin Loukota +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9VlpZS0g1NEk0OFBZc2ZlWmQ5Wmd3czluREN4MDJzSlM= +loginShell: /bin/bash + +dn: uid=gchounlapane,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gchounlapane +uidNumber: 4062 +gidNumber: 1000 +givenName: Gert +sn: Chounlapane +cn: Gert Chounlapane +homeDirectory: /home/gchounlapane +gecos: Gert Chounlapane +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1TTlk2RlBPZ0YvRy8yN05aY3o1L29RPT0= +loginShell: /bin/bash + +dn: uid=cvote,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cvote +uidNumber: 4063 +gidNumber: 1000 +givenName: Carol +sn: Vote +cn: Carol Vote +homeDirectory: /home/cvote +gecos: Carol Vote +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ZFBERTBKazZnVEN1TzBna01Nd2tVOVlVQ2p3PQ== +loginShell: /bin/bash + +dn: cn=Ian Hudspeth+uid=ihudspeth,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ihudspeth +uidNumber: 4064 +gidNumber: 1000 +givenName: Ian +sn: Hudspeth +cn: Ian Hudspeth +homeDirectory: /home/ihudspeth +gecos: Ian Hudspeth +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cGFyaXNoaW9uZXIncw== +loginShell: /bin/bash + +dn: uid=sgirsh,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sgirsh +uidNumber: 4065 +gidNumber: 1000 +givenName: Saola +sn: Girsh +cn: Saola Girsh +homeDirectory: /home/sgirsh +gecos: Saola Girsh +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1wNVBuNU03S2g5N0NyUWZReXVlS0F6WUJubzQ9 +loginShell: /bin/bash + +dn: cn=Genevieve Cubbison+uid=gcubbison,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gcubbison +uidNumber: 4066 +gidNumber: 1000 +givenName: Genevieve +sn: Cubbison +cn: Genevieve Cubbison +homeDirectory: /home/gcubbison +gecos: Genevieve Cubbison +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Q0V4RHZMYWhKeU1zVHpzUUQvQTZXRms2Qmo0bisweUw= +loginShell: /bin/bash + +dn: uid=svongal,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: svongal +uidNumber: 4067 +gidNumber: 1000 +givenName: Selwyn +sn: Vongal +cn: Selwyn Vongal +homeDirectory: /home/svongal +gecos: Selwyn Vongal +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1Xc1RGRTV0aFdaNUZtN3d4eTAxWThFeDVndWs9 +loginShell: /bin/bash + +dn: cn=Jaone Biber+uid=jbiber,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jbiber +uidNumber: 4068 +gidNumber: 1000 +givenName: Jaone +sn: Biber +cn: Jaone Biber +homeDirectory: /home/jbiber +gecos: Jaone Biber +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: dGFwZXdvcm0= +loginShell: /bin/bash + +dn: uid=dfirpo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dfirpo +uidNumber: 4069 +gidNumber: 1000 +givenName: Debby +sn: Firpo +cn: Debby Firpo +homeDirectory: /home/dfirpo +gecos: Debby Firpo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bWFuZ2U= +loginShell: /bin/bash + +dn: uid=yhahne,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: yhahne +uidNumber: 4070 +gidNumber: 1000 +givenName: Yuri +sn: Hahne +cn: Yuri Hahne +homeDirectory: /home/yhahne +gecos: Yuri Hahne +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9UjZiZC9qR2FRTTMwd3Vta0txLzdRbGxGYWpjPQ== +loginShell: /bin/bash + +dn: cn=Frank Coak+uid=fcoak,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fcoak +uidNumber: 4071 +gidNumber: 1000 +givenName: Frank +sn: Coak +cn: Frank Coak +homeDirectory: /home/fcoak +gecos: Frank Coak +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0zd3l4UEZJNXYyYmZ0aEM0TTErcTYxRFRNd0E9 +loginShell: /bin/bash + +dn: uid=bmooe,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bmooe +uidNumber: 4072 +gidNumber: 1000 +givenName: Banyan +sn: Mooe +cn: Banyan Mooe +homeDirectory: /home/bmooe +gecos: Banyan Mooe +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9a0FQUndpQm9iaUtnMW8wTEJaT1VsaDErMXNSbTdJanI= +loginShell: /bin/bash + +dn: cn=Pami Corson+uid=pcorson,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pcorson +uidNumber: 4073 +gidNumber: 1000 +givenName: Pami +sn: Corson +cn: Pami Corson +homeDirectory: /home/pcorson +gecos: Pami Corson +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9TGZpRmlwN1NaQ29zWUkxNVNjRlc4RmoyWk9VQWcyTGI= +loginShell: /bin/bash + +dn: uid=obenallack,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: obenallack +uidNumber: 4074 +gidNumber: 1000 +givenName: Owen +sn: Benallack +cn: Owen Benallack +homeDirectory: /home/obenallack +gecos: Owen Benallack +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1ZQ1dtVlFlS2k0T3lDVnlXdkxVcEZBPT0= +loginShell: /bin/bash + +dn: uid=ncaver,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ncaver +uidNumber: 4075 +gidNumber: 1000 +givenName: Nicky +sn: Caver +cn: Nicky Caver +homeDirectory: /home/ncaver +gecos: Nicky Caver +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX11bnpXd0FJc3hOZEdpdFpzaDErSUJRPT0= +loginShell: /bin/bash + +dn: uid=mdickinson,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mdickinson +uidNumber: 4076 +gidNumber: 1000 +givenName: Maka +sn: Dickinson +cn: Maka Dickinson +homeDirectory: /home/mdickinson +gecos: Maka Dickinson +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9NWR4UnB6QlNwZXhid1pDZnVmWW9rcy9JcTZNPQ== +loginShell: /bin/bash + +dn: cn=Carlotta Cyganiewicz,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ccyganiewicz +uidNumber: 4077 +gidNumber: 1000 +givenName: Carlotta +sn: Cyganiewicz +cn: Carlotta Cyganiewicz +homeDirectory: /home/ccyganiewicz +gecos: Carlotta Cyganiewicz +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1DNjVIWS80czhBNHppMjhWeFpLRnB4aXgzR3M9 +loginShell: /bin/bash + +dn: cn=Gule Haworth,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ghaworth +uidNumber: 4078 +gidNumber: 1000 +givenName: Gule +sn: Haworth +cn: Gule Haworth +homeDirectory: /home/ghaworth +gecos: Gule Haworth +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9MjhsUVQwdjBjUnlCQWhtUjVCcDZQQWp1T2ZIaHVXS2E= +loginShell: /bin/bash + +dn: uid=obache,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: obache +uidNumber: 4079 +gidNumber: 1000 +givenName: Olinda +sn: Bache +cn: Olinda Bache +homeDirectory: /home/obache +gecos: Olinda Bache +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTFnTlFlVHpzNm45MW8= +loginShell: /bin/bash + +dn: cn=Victor Bon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vbon +uidNumber: 4080 +gidNumber: 1000 +givenName: Victor +sn: Bon +cn: Victor Bon +homeDirectory: /home/vbon +gecos: Victor Bon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aW52b2NhdGlvbg== +loginShell: /bin/bash + +dn: uid=omasone,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: omasone +uidNumber: 4081 +gidNumber: 1000 +givenName: Oliwa +sn: Masone +cn: Oliwa Masone +homeDirectory: /home/omasone +gecos: Oliwa Masone +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1xdEZVRkw1d0hKMjNKZGQxOVpYTHdmMmE0c0E9 +loginShell: /bin/bash + +dn: uid=vnazzal,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vnazzal +uidNumber: 4082 +gidNumber: 1000 +givenName: Verdun +sn: Nazzal +cn: Verdun Nazzal +homeDirectory: /home/vnazzal +gecos: Verdun Nazzal +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9WTZCNi9XVHhlUkhWSWQ3alpGN0dyRTdIS1FwS3NRK20= +loginShell: /bin/bash + +dn: cn=Opal Sarao,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: osarao +uidNumber: 4083 +gidNumber: 1000 +givenName: Opal +sn: Sarao +cn: Opal Sarao +homeDirectory: /home/osarao +gecos: Opal Sarao +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXBsMDhFNnd5Yk5aZnc= +loginShell: /bin/bash + +dn: cn=Solo Laningham,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: slaningham +uidNumber: 4084 +gidNumber: 1000 +givenName: Solo +sn: Laningham +cn: Solo Laningham +homeDirectory: /home/slaningham +gecos: Solo Laningham +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1RUWxRT1FtT3pHdUJYaWV0SklQd3B3PT0= +loginShell: /bin/bash + +dn: cn=Nungu Huckstadt+uid=nhuckstadt,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nhuckstadt +uidNumber: 4085 +gidNumber: 1000 +givenName: Nungu +sn: Huckstadt +cn: Nungu Huckstadt +homeDirectory: /home/nhuckstadt +gecos: Nungu Huckstadt +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWtTRzlJM3pwRlJIeXM= +loginShell: /bin/bash + +dn: uid=vweissmann,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vweissmann +uidNumber: 4086 +gidNumber: 1000 +givenName: Virgil +sn: Weissmann +cn: Virgil Weissmann +homeDirectory: /home/vweissmann +gecos: Virgil Weissmann +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RElqZGQ0dW4rcGZkZ0Q4dHk5cHl4VXVOR2ZZPQ== +loginShell: /bin/bash + +dn: uid=fplayfair,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fplayfair +uidNumber: 4087 +gidNumber: 1000 +givenName: Felix +sn: Playfair +cn: Felix Playfair +homeDirectory: /home/fplayfair +gecos: Felix Playfair +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9TUo3TThDcmU0VjdMMVp1ZnN5dlV5SzBOTk9weENFSzQ= +loginShell: /bin/bash + +dn: uid=gallanson,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gallanson +uidNumber: 4088 +gidNumber: 1000 +givenName: Guba +sn: Allanson +cn: Guba Allanson +homeDirectory: /home/gallanson +gecos: Guba Allanson +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUNsYWd1VEtOdUNEQzI= +loginShell: /bin/bash + +dn: uid=jguzzetta,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jguzzetta +uidNumber: 4089 +gidNumber: 1000 +givenName: Josephine +sn: Guzzetta +cn: Josephine Guzzetta +homeDirectory: /home/jguzzetta +gecos: Josephine Guzzetta +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1IU2RXbWsrWlhFbGhhVVZsdlJSUGhRPT0= +loginShell: /bin/bash + +dn: uid=wesguerra,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wesguerra +uidNumber: 4090 +gidNumber: 1000 +givenName: Wallace +sn: Esguerra +cn: Wallace Esguerra +homeDirectory: /home/wesguerra +gecos: Wallace Esguerra +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1WUHJzTm0wUjc5ckErZExhVmc0blA1SW9qQ289 +loginShell: /bin/bash + +dn: cn=Vance Lajoie+uid=vlajoie,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vlajoie +uidNumber: 4091 +gidNumber: 1000 +givenName: Vance +sn: Lajoie +cn: Vance Lajoie +homeDirectory: /home/vlajoie +gecos: Vance Lajoie +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1BZVlEWjBIMGNxMllTK2NxZDhSQmlnd3FHK0U9 +loginShell: /bin/bash + +dn: cn=Audrey Shuey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ashuey +uidNumber: 4092 +gidNumber: 1000 +givenName: Audrey +sn: Shuey +cn: Audrey Shuey +homeDirectory: /home/ashuey +gecos: Audrey Shuey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1SRWV5QTBmYy8vMjM2dkptZmhrVjVBPT0= +loginShell: /bin/bash + +dn: uid=nllewlyn,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nllewlyn +uidNumber: 4093 +gidNumber: 1000 +givenName: Nakri +sn: Llewlyn +cn: Nakri Llewlyn +homeDirectory: /home/nllewlyn +gecos: Nakri Llewlyn +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ZDM1REE3eUZlOWJ0eS9VV3dJeHR3QVVXM3NWOHlQQUo= +loginShell: /bin/bash + +dn: cn=Katse Faure,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kfaure +uidNumber: 4094 +gidNumber: 1000 +givenName: Katse +sn: Faure +cn: Katse Faure +homeDirectory: /home/kfaure +gecos: Katse Faure +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9MlZ0YlNtbFNVSkFaaXVmL0YrQjBtcXQra3NnMFZtelU= +loginShell: /bin/bash + +dn: cn=Patty Caposole,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pcaposole +uidNumber: 4095 +gidNumber: 1000 +givenName: Patty +sn: Caposole +cn: Patty Caposole +homeDirectory: /home/pcaposole +gecos: Patty Caposole +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9eUVBVHdDU1MzRnF5K3pCc2dqUlJTTzRyRjBETXNqcys= +loginShell: /bin/bash + +dn: uid=daubert,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: daubert +uidNumber: 4096 +gidNumber: 1000 +givenName: Dominic +sn: Aubert +cn: Dominic Aubert +homeDirectory: /home/daubert +gecos: Dominic Aubert +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RjVjSHU1a0xjbjd0aXdkczh1TGN2VUtSbVM0PQ== +loginShell: /bin/bash + +dn: uid=jsweezy,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jsweezy +uidNumber: 4097 +gidNumber: 1000 +givenName: Joni +sn: Sweezy +cn: Joni Sweezy +homeDirectory: /home/jsweezy +gecos: Joni Sweezy +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9T3pCbDhTdVg4WnM1V1JxU1U3MHUwbVdUUVNMUWR5Vjc= +loginShell: /bin/bash + +dn: uid=cweiss,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cweiss +uidNumber: 4098 +gidNumber: 1000 +givenName: Cecily +sn: Weiss +cn: Cecily Weiss +homeDirectory: /home/cweiss +gecos: Cecily Weiss +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9dlNHd3lpTms5ZEJjZ3BwZ05uamdHaVlaWFdvN04rYno= +loginShell: /bin/bash + +dn: uid=pgreviston,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pgreviston +uidNumber: 4099 +gidNumber: 1000 +givenName: Phoebe +sn: Greviston +cn: Phoebe Greviston +homeDirectory: /home/pgreviston +gecos: Phoebe Greviston +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y3JlYXRpdmU= +loginShell: /bin/bash + +dn: uid=joconor,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uidNumber: 4100 +gidNumber: 1000 +givenName: Julia +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9YithTDVoWVVZWElnQU5ibHZwTy9WZ1d0eVU2T3FHa2U= +loginShell: /bin/bash +cn: Julia O'Conor +uid: joconor +homeDirectory: /home/joconor +gecos: Julia O'Conor +sn: O'Conor + +dn: uid=afallert,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: afallert +uidNumber: 4101 +gidNumber: 1000 +givenName: Alvin +sn: Fallert +cn: Alvin Fallert +homeDirectory: /home/afallert +gecos: Alvin Fallert +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX01OXpBYnNaVkhQcXQxNWR0b1JwK1ZRPT0= +loginShell: /bin/bash + +dn: uid=kalguire,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kalguire +uidNumber: 4102 +gidNumber: 1000 +givenName: Keli +sn: Alguire +cn: Keli Alguire +homeDirectory: /home/kalguire +gecos: Keli Alguire +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9bXI4Y0RoTU02WmV1NjFCMnREUTJUcUIvRSs4PQ== +loginShell: /bin/bash + +dn: uid=rgramby,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rgramby +uidNumber: 4103 +gidNumber: 1000 +givenName: Rugare +sn: Gramby +cn: Rugare Gramby +homeDirectory: /home/rgramby +gecos: Rugare Gramby +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9S1dZczJHdmo4S0gveG03T3hTRStMeGdkdTRLZGlWakk= +loginShell: /bin/bash + +dn: uid=bkiang,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bkiang +uidNumber: 4104 +gidNumber: 1000 +givenName: Bertha +sn: Kiang +cn: Bertha Kiang +homeDirectory: /home/bkiang +gecos: Bertha Kiang +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9QldXOThTeVArQW1NK2NiRjI2TlF3Nm15WUNnOFdSK04= +loginShell: /bin/bash + +dn: cn=Rae Hujer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rhujer +uidNumber: 4105 +gidNumber: 1000 +givenName: Rae +sn: Hujer +cn: Rae Hujer +homeDirectory: /home/rhujer +gecos: Rae Hujer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y291bnRyeQ== +loginShell: /bin/bash + +dn: uid=emargulis,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: emargulis +uidNumber: 4106 +gidNumber: 1000 +givenName: Ele +sn: Margulis +cn: Ele Margulis +homeDirectory: /home/emargulis +gecos: Ele Margulis +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9NnNONVpJSGxTK3JaU1dreUt3TWJ5MnNmYnFzPQ== +loginShell: /bin/bash + +dn: cn=Aka Ashbach+uid=aashbach,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: aashbach +uidNumber: 4107 +gidNumber: 1000 +givenName: Aka +sn: Ashbach +cn: Aka Ashbach +homeDirectory: /home/aashbach +gecos: Aka Ashbach +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWFndlpqelN3THh5Mi4= +loginShell: /bin/bash + +dn: cn=Daniel Tuholski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dtuholski +uidNumber: 4108 +gidNumber: 1000 +givenName: Daniel +sn: Tuholski +cn: Daniel Tuholski +homeDirectory: /home/dtuholski +gecos: Daniel Tuholski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9RFByKzRSV1F4eGEyNkJvUHZxUEo1VXR6bTAwOTVJalQ= +loginShell: /bin/bash + +dn: uid=lcorbridge,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lcorbridge +uidNumber: 4109 +gidNumber: 1000 +givenName: Laura +sn: Corbridge +cn: Laura Corbridge +homeDirectory: /home/lcorbridge +gecos: Laura Corbridge +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9VXNuUkVrSk9YWFdtL081UjEwTEVsVjBNbFRNPQ== +loginShell: /bin/bash + +dn: uid=obeaufait,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: obeaufait +uidNumber: 4110 +gidNumber: 1000 +givenName: Ophelia +sn: Beaufait +cn: Ophelia Beaufait +homeDirectory: /home/obeaufait +gecos: Ophelia Beaufait +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1lMkUvSWFVcWI4UVRnN0pLYTNmQ1R3PT0= +loginShell: /bin/bash + +dn: uid=nlohmiller,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nlohmiller +uidNumber: 4111 +gidNumber: 1000 +givenName: Newton +sn: Lohmiller +cn: Newton Lohmiller +homeDirectory: /home/nlohmiller +gecos: Newton Lohmiller +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9aDZsN3Y4VXlQRjM1aTR5bFhySWtMckU1SC9BPQ== +loginShell: /bin/bash + +dn: uid=mfinigan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mfinigan +uidNumber: 4112 +gidNumber: 1000 +givenName: Magoma +sn: Finigan +cn: Magoma Finigan +homeDirectory: /home/mfinigan +gecos: Magoma Finigan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1Ldm1GZDhwMkluVUNWZjc3K1Q0NnpBPT0= +loginShell: /bin/bash + +dn: cn=Matsa Dyce+uid=mdyce,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mdyce +uidNumber: 4113 +gidNumber: 1000 +givenName: Matsa +sn: Dyce +cn: Matsa Dyce +homeDirectory: /home/mdyce +gecos: Matsa Dyce +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1vZWtZSjQwYVgxbG03bTJ3MTFEMk5RPT0= +loginShell: /bin/bash + +dn: uid=jrimando,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jrimando +uidNumber: 4114 +gidNumber: 1000 +givenName: Jimena +sn: Rimando +cn: Jimena Rimando +homeDirectory: /home/jrimando +gecos: Jimena Rimando +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1DUG54eWg5RDVFcElpdVhiRFdYTzdnPT0= +loginShell: /bin/bash + +dn: uid=clewicki,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: clewicki +uidNumber: 4115 +gidNumber: 1000 +givenName: Clovis +sn: Lewicki +cn: Clovis Lewicki +homeDirectory: /home/clewicki +gecos: Clovis Lewicki +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9Vk1zRHQ1eEwxalBpOFQzL0o0OXY1d0EySGs0PQ== +loginShell: /bin/bash + +dn: uid=jrees,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jrees +uidNumber: 4116 +gidNumber: 1000 +givenName: Jake +sn: Rees +cn: Jake Rees +homeDirectory: /home/jrees +gecos: Jake Rees +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9bUQwc2JXbTZzbGdJUEd4Qmt1ZjlOb0FuQkZjPQ== +loginShell: /bin/bash + +dn: cn=Chebi Reddrick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: creddrick +uidNumber: 4117 +gidNumber: 1000 +givenName: Chebi +sn: Reddrick +cn: Chebi Reddrick +homeDirectory: /home/creddrick +gecos: Chebi Reddrick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUdDM3RJWnNPLnQ3cVE= +loginShell: /bin/bash + +dn: uid=gpomerance,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gpomerance +uidNumber: 4118 +gidNumber: 1000 +givenName: Georgette +sn: Pomerance +cn: Georgette Pomerance +homeDirectory: /home/gpomerance +gecos: Georgette Pomerance +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1MYjlaRWJDYzc2Tm80N3VTZnNoNGthWWhHNUU9 +loginShell: /bin/bash + +dn: cn=Roslyn Tole+uid=rtole,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rtole +uidNumber: 4119 +gidNumber: 1000 +givenName: Roslyn +sn: Tole +cn: Roslyn Tole +homeDirectory: /home/rtole +gecos: Roslyn Tole +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1EWlQ3bGJmQ1IxUzhwVmZDU2xJR0pRPT0= +loginShell: /bin/bash + +dn: uid=isuro,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: isuro +uidNumber: 4120 +gidNumber: 1000 +givenName: Isis +sn: Suro +cn: Isis Suro +homeDirectory: /home/isuro +gecos: Isis Suro +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9NC9FZnJyWUNLWUU2YjRpTkVmajBBa2I1Q0ZvPQ== +loginShell: /bin/bash + +dn: uid=wvalcin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wvalcin +uidNumber: 4121 +gidNumber: 1000 +givenName: Wukong +sn: Valcin +cn: Wukong Valcin +homeDirectory: /home/wvalcin +gecos: Wukong Valcin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9bEhyNTRVdUhZV25nNXJEdTdrbEN1cjlYNHZVPQ== +loginShell: /bin/bash + +dn: uid=dmahapatra,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dmahapatra +uidNumber: 4122 +gidNumber: 1000 +givenName: Dovi +sn: Mahapatra +cn: Dovi Mahapatra +homeDirectory: /home/dmahapatra +gecos: Dovi Mahapatra +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1qeWtnSEM5RjdhTHRUakw0R0RhTmhRPT0= +loginShell: /bin/bash + +dn: cn=Zeke Gingrich,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zgingrich +uidNumber: 4123 +gidNumber: 1000 +givenName: Zeke +sn: Gingrich +cn: Zeke Gingrich +homeDirectory: /home/zgingrich +gecos: Zeke Gingrich +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9b25OeERWdm5PZnVFOFJ1SDYrQ3lPeFVPMHRRPQ== +loginShell: /bin/bash + +dn: uid=cstidstone,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cstidstone +uidNumber: 4124 +gidNumber: 1000 +givenName: Chanthu +sn: Stidstone +cn: Chanthu Stidstone +homeDirectory: /home/cstidstone +gecos: Chanthu Stidstone +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1WaTljVjFJc0xxT2UwN3R4UXpYdzgxRkg5NHc9 +loginShell: /bin/bash + +dn: uid=maustine,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: maustine +uidNumber: 4125 +gidNumber: 1000 +givenName: Muifa +sn: Austine +cn: Muifa Austine +homeDirectory: /home/maustine +gecos: Muifa Austine +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Y1dUb0s5aFdqcmFxcEpKM2diLzI3c0plWkVmT2wyZ00= +loginShell: /bin/bash + +dn: cn=Evan Wilund,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ewilund +uidNumber: 4126 +gidNumber: 1000 +givenName: Evan +sn: Wilund +cn: Evan Wilund +homeDirectory: /home/ewilund +gecos: Evan Wilund +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1BM25VS09vUENEYW5jNk15cGdsWTE1enlTMW89 +loginShell: /bin/bash + +dn: uid=dgiacomazzi,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dgiacomazzi +uidNumber: 4127 +gidNumber: 1000 +givenName: Daryl +sn: Giacomazzi +cn: Daryl Giacomazzi +homeDirectory: /home/dgiacomazzi +gecos: Daryl Giacomazzi +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9SHY5YnFOQ2VGZE1CL2VsWm5KSjIybnhPTEl2WnNTamE= +loginShell: /bin/bash + +dn: cn=Iris Pen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ipen +uidNumber: 4128 +gidNumber: 1000 +givenName: Iris +sn: Pen +cn: Iris Pen +homeDirectory: /home/ipen +gecos: Iris Pen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfW1YOHYxQUZ2SkVtMG8= +loginShell: /bin/bash + +dn: uid=mdoering,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mdoering +uidNumber: 4129 +gidNumber: 1000 +givenName: Marie +sn: Doering +cn: Marie Doering +homeDirectory: /home/mdoering +gecos: Marie Doering +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX15UjRSb2ZLaTl2S1EvbEE1OTQ4SDh4Z0VsRUk9 +loginShell: /bin/bash + +dn: uid=hdumpert,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hdumpert +uidNumber: 4130 +gidNumber: 1000 +givenName: Hugo +sn: Dumpert +cn: Hugo Dumpert +homeDirectory: /home/hdumpert +gecos: Hugo Dumpert +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3VzcGVuc2lvbnM= +loginShell: /bin/bash + +dn: uid=lmadruga,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lmadruga +uidNumber: 4131 +gidNumber: 1000 +givenName: Leslie +sn: Madruga +cn: Leslie Madruga +homeDirectory: /home/lmadruga +gecos: Leslie Madruga +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX05NE9XUkRmMTc1U3hpQWhhbDRwMmhBPT0= +loginShell: /bin/bash + +dn: uid=nedgin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nedgin +uidNumber: 4132 +gidNumber: 1000 +givenName: Noguri +sn: Edgin +cn: Noguri Edgin +homeDirectory: /home/nedgin +gecos: Noguri Edgin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9OWw1UzFRbU5adWR0R2ticzEzWjZ1MkJHMDVpTW4vZEQ= +loginShell: /bin/bash + +dn: uid=hbuttolph,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hbuttolph +uidNumber: 4133 +gidNumber: 1000 +givenName: Hubert +sn: Buttolph +cn: Hubert Buttolph +homeDirectory: /home/hbuttolph +gecos: Hubert Buttolph +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9MlNNS3UxYmxaMUU3cmRBSkdlYTNWczFjRndWZm1GUnk= +loginShell: /bin/bash + +dn: uid=dmellady,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dmellady +uidNumber: 4134 +gidNumber: 1000 +givenName: Dujuan +sn: Mellady +cn: Dujuan Mellady +homeDirectory: /home/dmellady +gecos: Dujuan Mellady +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUVMS1RqR0lYSG9pRFU= +loginShell: /bin/bash + +dn: uid=cnabzdyk,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cnabzdyk +uidNumber: 4135 +gidNumber: 1000 +givenName: Connie +sn: Nabzdyk +cn: Connie Nabzdyk +homeDirectory: /home/cnabzdyk +gecos: Connie Nabzdyk +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9d3NGNjQrNTdqZGcvOGhhR3RnRVBac3MvOE1zPQ== +loginShell: /bin/bash + +dn: uid=obailly,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: obailly +uidNumber: 4136 +gidNumber: 1000 +givenName: Odile +sn: Bailly +cn: Odile Bailly +homeDirectory: /home/obailly +gecos: Odile Bailly +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXI0bWpLcUVMcW5VMm8= +loginShell: /bin/bash + +dn: cn=Merbok Moskop,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mmoskop +uidNumber: 4137 +gidNumber: 1000 +givenName: Merbok +sn: Moskop +cn: Merbok Moskop +homeDirectory: /home/mmoskop +gecos: Merbok Moskop +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX05RjRhZFVGb2NIRzdWdDJPMi9uTE5VMU8zbXc9 +loginShell: /bin/bash + +dn: uid=vkouns,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vkouns +uidNumber: 4138 +gidNumber: 1000 +givenName: Veronica +sn: Kouns +cn: Veronica Kouns +homeDirectory: /home/vkouns +gecos: Veronica Kouns +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1ZK1FZZ2hSaGFoZVR5ZE9qQWEwSGNBPT0= +loginShell: /bin/bash + +dn: uid=zanderlik,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zanderlik +uidNumber: 4139 +gidNumber: 1000 +givenName: Zaka +sn: Anderlik +cn: Zaka Anderlik +homeDirectory: /home/zanderlik +gecos: Zaka Anderlik +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX05SVVxQ01sY0ZCeGx0c3RXUG1nQ212YWt4cm89 +loginShell: /bin/bash + +dn: cn=Betsy Devera,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bdevera +uidNumber: 4140 +gidNumber: 1000 +givenName: Betsy +sn: Devera +cn: Betsy Devera +homeDirectory: /home/bdevera +gecos: Betsy Devera +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1YQTc0Y1lIM3YxMVl4UDc0Yjh3TXNNWG9tcFk9 +loginShell: /bin/bash + +dn: uid=naquas,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: naquas +uidNumber: 4141 +gidNumber: 1000 +givenName: Noru +sn: Aquas +cn: Noru Aquas +homeDirectory: /home/naquas +gecos: Noru Aquas +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9N2V0RW1PNFFjMmJWcVlLbXRNbUdJcnlTQTc5NS9sWnY= +loginShell: /bin/bash + +dn: cn=Tako Paa,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tpaa +uidNumber: 4142 +gidNumber: 1000 +givenName: Tako +sn: Paa +cn: Tako Paa +homeDirectory: /home/tpaa +gecos: Tako Paa +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9S3RHM3B5dVFxbUZNMkxxOE1vZ1BRNmVpcWVRMU0wT3I= +loginShell: /bin/bash + +dn: uid=gspicer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gspicer +uidNumber: 4143 +gidNumber: 1000 +givenName: Gilbert +sn: Spicer +cn: Gilbert Spicer +homeDirectory: /home/gspicer +gecos: Gilbert Spicer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9TkVwZlZPMzVLcXd3bXYyenpsR2QydkdJRUw4PQ== +loginShell: /bin/bash + +dn: uid=cchriswell,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cchriswell +uidNumber: 4144 +gidNumber: 1000 +givenName: Coral +sn: Chriswell +cn: Coral Chriswell +homeDirectory: /home/cchriswell +gecos: Coral Chriswell +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9dmVSRFlVZjVtWXlkZ2svVUFHdFNVajVHT1RJPQ== +loginShell: /bin/bash + +dn: cn=Nock-ten Herschelman+uid=nherschelman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nherschelman +uidNumber: 4145 +gidNumber: 1000 +givenName: Nock-ten +sn: Herschelman +cn: Nock-ten Herschelman +homeDirectory: /home/nherschelman +gecos: Nock-ten Herschelman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWFoZkxoTWNnd3hVay4= +loginShell: /bin/bash + +dn: cn=Jaya Everton+uid=jeverton,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jeverton +uidNumber: 4146 +gidNumber: 1000 +givenName: Jaya +sn: Everton +cn: Jaya Everton +homeDirectory: /home/jeverton +gecos: Jaya Everton +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWo5RE4wUG9oU04waU0= +loginShell: /bin/bash + +dn: uid=kbartolet,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kbartolet +uidNumber: 4147 +gidNumber: 1000 +givenName: Kalmaegi +sn: Bartolet +cn: Kalmaegi Bartolet +homeDirectory: /home/kbartolet +gecos: Kalmaegi Bartolet +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9SjBpTThyRUZxTEhBZnF5aklIUmJNQ2JWd1ppQ2pLREQ= +loginShell: /bin/bash + +dn: uid=pwohlenhaus,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pwohlenhaus +uidNumber: 4148 +gidNumber: 1000 +givenName: Podul +sn: Wohlenhaus +cn: Podul Wohlenhaus +homeDirectory: /home/pwohlenhaus +gecos: Podul Wohlenhaus +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9QUkwOW9EM29SMDRYV29QMlNMOGlTTS9BM2lFPQ== +loginShell: /bin/bash + +dn: uid=ewall,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ewall +uidNumber: 4149 +gidNumber: 1000 +givenName: Etau +sn: Wall +cn: Etau Wall +homeDirectory: /home/ewall +gecos: Etau Wall +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ZjJOWGZNQlk1UXVDMVJNRVN5TGRaOHlIcGt3PQ== +loginShell: /bin/bash + +dn: cn=Amelia Mccolgan+uid=amccolgan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: amccolgan +uidNumber: 4150 +gidNumber: 1000 +givenName: Amelia +sn: Mccolgan +cn: Amelia Mccolgan +homeDirectory: /home/amccolgan +gecos: Amelia Mccolgan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1mRFQzN3ZXS1RqdWtyUlkydnptWFQ2NHRwd1E9 +loginShell: /bin/bash + +dn: cn=Lidia Kimel+uid=lkimel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lkimel +uidNumber: 4151 +gidNumber: 1000 +givenName: Lidia +sn: Kimel +cn: Lidia Kimel +homeDirectory: /home/lkimel +gecos: Lidia Kimel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTZUQm5VRnM5ZEhqMWM= +loginShell: /bin/bash + +dn: uid=igrimmer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: igrimmer +uidNumber: 4152 +gidNumber: 1000 +givenName: Imbudo +sn: Grimmer +cn: Imbudo Grimmer +homeDirectory: /home/igrimmer +gecos: Imbudo Grimmer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cHJvdHJ1ZGU= +loginShell: /bin/bash + +dn: uid=fpybus,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fpybus +uidNumber: 4153 +gidNumber: 1000 +givenName: Flora +sn: Pybus +cn: Flora Pybus +homeDirectory: /home/fpybus +gecos: Flora Pybus +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9Smw5N04rUUsyb0FsWlNlVmQ3RG56bEp2bmVZPQ== +loginShell: /bin/bash + +dn: cn=Wallace Ottesen+uid=wottesen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wottesen +uidNumber: 4154 +gidNumber: 1000 +givenName: Wallace +sn: Ottesen +cn: Wallace Ottesen +homeDirectory: /home/wottesen +gecos: Wallace Ottesen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX02a25Gd3FwTU4wYmJ6N1l2dGNpaHl3PT0= +loginShell: /bin/bash + +dn: uid=hrenart,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hrenart +uidNumber: 4155 +gidNumber: 1000 +givenName: Hanuman +sn: Renart +cn: Hanuman Renart +homeDirectory: /home/hrenart +gecos: Hanuman Renart +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9VFpuSWxQUm5tZnlsUFM5amsrMUd2U1Zhc0xVPQ== +loginShell: /bin/bash + +dn: uid=dsmykowski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dsmykowski +uidNumber: 4156 +gidNumber: 1000 +givenName: Dalila +sn: Smykowski +cn: Dalila Smykowski +homeDirectory: /home/dsmykowski +gecos: Dalila Smykowski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVZ6bTl5YzViV0ZhM1U= +loginShell: /bin/bash + +dn: cn=Ilsa Deveyra+uid=ideveyra,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ideveyra +uidNumber: 4157 +gidNumber: 1000 +givenName: Ilsa +sn: Deveyra +cn: Ilsa Deveyra +homeDirectory: /home/ideveyra +gecos: Ilsa Deveyra +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YmVuZGVyJ3M= +loginShell: /bin/bash + +dn: uid=nranck,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nranck +uidNumber: 4158 +gidNumber: 1000 +givenName: Nora +sn: Ranck +cn: Nora Ranck +homeDirectory: /home/nranck +gecos: Nora Ranck +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVduZ3Q5Y3c4TEE3blE= +loginShell: /bin/bash + +dn: uid=cpluid,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cpluid +uidNumber: 4159 +gidNumber: 1000 +givenName: Cindy +sn: Pluid +cn: Cindy Pluid +homeDirectory: /home/cpluid +gecos: Cindy Pluid +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9cld1SS9rWVZ0cWQyeDIvVFFBSG56YkU0YTNlcDM0dVI= +loginShell: /bin/bash + +dn: cn=Ele Diga,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ediga +uidNumber: 4160 +gidNumber: 1000 +givenName: Ele +sn: Diga +cn: Ele Diga +homeDirectory: /home/ediga +gecos: Ele Diga +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUM3dHB6TXEvVW5WOUk= +loginShell: /bin/bash + +dn: cn=Emilia Noguera,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: enoguera +uidNumber: 4161 +gidNumber: 1000 +givenName: Emilia +sn: Noguera +cn: Emilia Noguera +homeDirectory: /home/enoguera +gecos: Emilia Noguera +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0xeXZpRWxBWDFDQmQ0UzB3Z0J0SVA4TnlnT3c9 +loginShell: /bin/bash + +dn: uid=gwethern,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gwethern +uidNumber: 4162 +gidNumber: 1000 +givenName: Georges +sn: Wethern +cn: Georges Wethern +homeDirectory: /home/gwethern +gecos: Georges Wethern +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aW5mbGFtbWF0aW9uJ3M= +loginShell: /bin/bash + +dn: uid=mberson,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mberson +uidNumber: 4163 +gidNumber: 1000 +givenName: Merbok +sn: Berson +cn: Merbok Berson +homeDirectory: /home/mberson +gecos: Merbok Berson +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1Gem9GblozWm53ZTdSc2VoNzFvd2lBPT0= +loginShell: /bin/bash + +dn: uid=imariello,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: imariello +uidNumber: 4164 +gidNumber: 1000 +givenName: Ivy +sn: Mariello +cn: Ivy Mariello +homeDirectory: /home/imariello +gecos: Ivy Mariello +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9WnBKM2FhcHlVcW5URVdBSkp4M2FBOEtwTEJNPQ== +loginShell: /bin/bash + +dn: uid=wborenstein,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wborenstein +uidNumber: 4165 +gidNumber: 1000 +givenName: Willy +sn: Borenstein +cn: Willy Borenstein +homeDirectory: /home/wborenstein +gecos: Willy Borenstein +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cGVyaW1ldGVyJ3M= +loginShell: /bin/bash + +dn: uid=lmauracher,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lmauracher +uidNumber: 4166 +gidNumber: 1000 +givenName: Louise +sn: Mauracher +cn: Louise Mauracher +homeDirectory: /home/lmauracher +gecos: Louise Mauracher +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RGVLU0JUcTdmQVRxd3dpWmd1MS8zU0paUE1NPQ== +loginShell: /bin/bash + +dn: cn=Malia Kofoed+uid=mkofoed,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mkofoed +uidNumber: 4167 +gidNumber: 1000 +givenName: Malia +sn: Kofoed +cn: Malia Kofoed +homeDirectory: /home/mkofoed +gecos: Malia Kofoed +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX00MVB6Z3RaQk5JZHEyNUtmeHdiamVrR0F6OW89 +loginShell: /bin/bash + +dn: uid=tvrooman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tvrooman +uidNumber: 4168 +gidNumber: 1000 +givenName: Tokage +sn: Vrooman +cn: Tokage Vrooman +homeDirectory: /home/tvrooman +gecos: Tokage Vrooman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVNQbUFLaXhOVTBPOE0= +loginShell: /bin/bash + +dn:: Y249RmF4YWkgU2Now6RmZXIsb3U9bG90c29mcGVvcGxlLGRjPXRlc3QsZGM9dGxk +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uidNumber: 4169 +gidNumber: 1000 +givenName: Faxai +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aW5hbmU= +loginShell: /bin/bash +sn:: U2Now6RmZXI= +gecos: Faxai Schafer +uid: fschafer +homeDirectory: /home/fschafer +cn:: RmF4YWkgU2Now6RmZXI= + +dn: uid=hstoute,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hstoute +uidNumber: 4170 +gidNumber: 1000 +givenName: Hattie +sn: Stoute +cn: Hattie Stoute +homeDirectory: /home/hstoute +gecos: Hattie Stoute +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Zm9yc3dvcm4= +loginShell: /bin/bash + +dn: uid=fmcnaught,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fmcnaught +uidNumber: 4171 +gidNumber: 1000 +givenName: Funa +sn: Mcnaught +cn: Funa Mcnaught +homeDirectory: /home/fmcnaught +gecos: Funa Mcnaught +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX16bXlSbmpuMGp3WG15U05QL1NheHdZSjhycWM9 +loginShell: /bin/bash + +dn: uid=aantuna,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: aantuna +uidNumber: 4172 +gidNumber: 1000 +givenName: Ami +sn: Antuna +cn: Ami Antuna +homeDirectory: /home/aantuna +gecos: Ami Antuna +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9SC9wUnFNd2QyUjM1TStmNzE0OWMwNExBd2Racnp2SVE= +loginShell: /bin/bash + +dn: cn=Lin Oganyan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: loganyan +uidNumber: 4173 +gidNumber: 1000 +givenName: Lin +sn: Oganyan +cn: Lin Oganyan +homeDirectory: /home/loganyan +gecos: Lin Oganyan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWpTTnFHTE9vSHRUZy4= +loginShell: /bin/bash + +dn: uid=ecordts,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ecordts +uidNumber: 4174 +gidNumber: 1000 +givenName: Edouard +sn: Cordts +cn: Edouard Cordts +homeDirectory: /home/ecordts +gecos: Edouard Cordts +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1QZlJKSTF5dnU3UEZMS0pTZ2FoR2VBPT0= +loginShell: /bin/bash + +dn: cn=Isis Narain,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: inarain +uidNumber: 4175 +gidNumber: 1000 +givenName: Isis +sn: Narain +cn: Isis Narain +homeDirectory: /home/inarain +gecos: Isis Narain +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1kZ0dEVGxTVnN1ZkJKRkxvckhhL0JkQml4WGM9 +loginShell: /bin/bash + +dn: uid=scombass,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: scombass +uidNumber: 4176 +gidNumber: 1000 +givenName: Saomai +sn: Combass +cn: Saomai Combass +homeDirectory: /home/scombass +gecos: Saomai Combass +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0vK0VnY1pxNzcweVgvQWpQdWQ1Y0ZnPT0= +loginShell: /bin/bash + +dn: cn=Kalmaegi Brevitz+uid=kbrevitz,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kbrevitz +uidNumber: 4177 +gidNumber: 1000 +givenName: Kalmaegi +sn: Brevitz +cn: Kalmaegi Brevitz +homeDirectory: /home/kbrevitz +gecos: Kalmaegi Brevitz +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX14MEQ2NUNuUGU4RGRqa002UHAyRitnPT0= +loginShell: /bin/bash + +dn: uid=rgriffies,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rgriffies +uidNumber: 4178 +gidNumber: 1000 +givenName: Roxanne +sn: Griffies +cn: Roxanne Griffies +homeDirectory: /home/rgriffies +gecos: Roxanne Griffies +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9TG1Icnc4MWpPYlpFYkRlUE1pdVJHUEJNMFVFPQ== +loginShell: /bin/bash + +dn: uid=ugerpheide,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ugerpheide +uidNumber: 4179 +gidNumber: 1000 +givenName: Usagi +sn: Gerpheide +cn: Usagi Gerpheide +homeDirectory: /home/ugerpheide +gecos: Usagi Gerpheide +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX05cWI3WG5yQWwxSWoxQ0xtMkluTm9nPT0= +loginShell: /bin/bash + +dn: uid=imillin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: imillin +uidNumber: 4180 +gidNumber: 1000 +givenName: Iggy +sn: Millin +cn: Iggy Millin +homeDirectory: /home/imillin +gecos: Iggy Millin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWlIa3BxbGZqQi4wNi4= +loginShell: /bin/bash + +dn: uid=ameisinger,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ameisinger +uidNumber: 4181 +gidNumber: 1000 +givenName: Arlene +sn: Meisinger +cn: Arlene Meisinger +homeDirectory: /home/ameisinger +gecos: Arlene Meisinger +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUdFS2JJYzM0WmFyRXM= +loginShell: /bin/bash + +dn: uid=kdevincent,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kdevincent +uidNumber: 4182 +gidNumber: 1000 +givenName: Kyle +sn: Devincent +cn: Kyle Devincent +homeDirectory: /home/kdevincent +gecos: Kyle Devincent +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTNobmh4ci96RWh0UW8= +loginShell: /bin/bash + +dn: uid=bhelverson,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bhelverson +uidNumber: 4183 +gidNumber: 1000 +givenName: Barry +sn: Helverson +cn: Barry Helverson +homeDirectory: /home/bhelverson +gecos: Barry Helverson +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1MTEppSVZTZUlpRytDN3ZvVDJjSDVRPT0= +loginShell: /bin/bash + +dn: cn=Dominic Tryba,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dtryba +uidNumber: 4184 +gidNumber: 1000 +givenName: Dominic +sn: Tryba +cn: Dominic Tryba +homeDirectory: /home/dtryba +gecos: Dominic Tryba +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3Vic2NyaXB0aW9ucw== +loginShell: /bin/bash + +dn: uid=iiffert,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: iiffert +uidNumber: 4185 +gidNumber: 1000 +givenName: Ilsa +sn: Iffert +cn: Ilsa Iffert +homeDirectory: /home/iiffert +gecos: Ilsa Iffert +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Zitzdms0VWJEaC85Y3QvY3VIWU55L2JLMS9TaS9oQWc= +loginShell: /bin/bash + +dn: uid=pwhitmire,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pwhitmire +uidNumber: 4186 +gidNumber: 1000 +givenName: Phanfone +sn: Whitmire +cn: Phanfone Whitmire +homeDirectory: /home/pwhitmire +gecos: Phanfone Whitmire +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZGVjYWRlbmNlJ3M= +loginShell: /bin/bash + +dn: cn=Glenda Cervantez,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gcervantez +uidNumber: 4187 +gidNumber: 1000 +givenName: Glenda +sn: Cervantez +cn: Glenda Cervantez +homeDirectory: /home/gcervantez +gecos: Glenda Cervantez +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cHl4b1F0R2dhNVdEZ0w4R0dJTDZpZGtpK1FVPQ== +loginShell: /bin/bash + +dn: uid=sherzberg,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sherzberg +uidNumber: 4188 +gidNumber: 1000 +givenName: Sam +sn: Herzberg +cn: Sam Herzberg +homeDirectory: /home/sherzberg +gecos: Sam Herzberg +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9TnRVRW5VQ1hPdXBmS1dRZ3dONzhCQlNFb3B3PQ== +loginShell: /bin/bash + +dn: uid=wgorton,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wgorton +uidNumber: 4189 +gidNumber: 1000 +givenName: Winnie +sn: Gorton +cn: Winnie Gorton +homeDirectory: /home/wgorton +gecos: Winnie Gorton +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9aHpBdnNOQWdHNVhvaDl5WWVTNzFSTWpNUFNJPQ== +loginShell: /bin/bash + +dn: cn=Genevieve Hermie,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ghermie +uidNumber: 4190 +gidNumber: 1000 +givenName: Genevieve +sn: Hermie +cn: Genevieve Hermie +homeDirectory: /home/ghermie +gecos: Genevieve Hermie +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1oNGlNQ2hXUjVkc3dHclp1TXYvZ3ZBNUhKRlU9 +loginShell: /bin/bash + +dn: uid=eshurtliff,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eshurtliff +uidNumber: 4191 +gidNumber: 1000 +givenName: Ernesto +sn: Shurtliff +cn: Ernesto Shurtliff +homeDirectory: /home/eshurtliff +gecos: Ernesto Shurtliff +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9NHRNbFpjZFU4Y0UzVVN6Mm50UzZPSk5qT2pDb2lyVVA= +loginShell: /bin/bash + +dn: uid=cmafnas,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cmafnas +uidNumber: 4192 +gidNumber: 1000 +givenName: Cliff +sn: Mafnas +cn: Cliff Mafnas +homeDirectory: /home/cmafnas +gecos: Cliff Mafnas +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9dElkNG5nTUF4TkxSOHg5ZTRXVnNrRHZVTjZjPQ== +loginShell: /bin/bash + +dn: uid=jmartha,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jmartha +uidNumber: 4193 +gidNumber: 1000 +givenName: Javier +sn: Martha +cn: Javier Martha +homeDirectory: /home/jmartha +gecos: Javier Martha +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RU1xSDRpRFQxRkdEWWVpQ0JOQll6ckFoYXk4PQ== +loginShell: /bin/bash + +dn: cn=Guchol Reagey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: greagey +uidNumber: 4194 +gidNumber: 1000 +givenName: Guchol +sn: Reagey +cn: Guchol Reagey +homeDirectory: /home/greagey +gecos: Guchol Reagey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9Z2t5bUVrRFZrVDQrblFnVzJ6YnVmZDk4aG1NPQ== +loginShell: /bin/bash + +dn: cn=Khanun Cofrancesco+uid=kcofrancesco,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kcofrancesco +uidNumber: 4195 +gidNumber: 1000 +givenName: Khanun +sn: Cofrancesco +cn: Khanun Cofrancesco +homeDirectory: /home/kcofrancesco +gecos: Khanun Cofrancesco +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1sTmtDL1FLcFArL1F6SGNjMW1CM3ZBPT0= +loginShell: /bin/bash + +dn: uid=lcremer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lcremer +uidNumber: 4196 +gidNumber: 1000 +givenName: Leon +sn: Cremer +cn: Leon Cremer +homeDirectory: /home/lcremer +gecos: Leon Cremer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Z2xvd3dvcm0= +loginShell: /bin/bash + +dn: cn=Felicia Keef,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fkeef +uidNumber: 4197 +gidNumber: 1000 +givenName: Felicia +sn: Keef +cn: Felicia Keef +homeDirectory: /home/fkeef +gecos: Felicia Keef +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cHJvZmVzc2lvbmFsbHk= +loginShell: /bin/bash + +dn: cn=Niala Ousdahl+uid=nousdahl,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nousdahl +uidNumber: 4198 +gidNumber: 1000 +givenName: Niala +sn: Ousdahl +cn: Niala Ousdahl +homeDirectory: /home/nousdahl +gecos: Niala Ousdahl +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUZqZjZXdWhiTDhSNWc= +loginShell: /bin/bash + +dn: cn=Nathan Endicott,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nendicott +uidNumber: 4199 +gidNumber: 1000 +givenName: Nathan +sn: Endicott +cn: Nathan Endicott +homeDirectory: /home/nendicott +gecos: Nathan Endicott +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1ib2NLbkpHcUVYa0FXcEgwbENJc1VYTWpCbjg9 +loginShell: /bin/bash + +dn: uid=xdittrick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: xdittrick +uidNumber: 4200 +gidNumber: 1000 +givenName: Xylo +sn: Dittrick +cn: Xylo Dittrick +homeDirectory: /home/xdittrick +gecos: Xylo Dittrick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0wbHIyb3FCZDUyajM0YmpGdWc1N2FFbjAzSmM9 +loginShell: /bin/bash + +dn: uid=khartness,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: khartness +uidNumber: 4201 +gidNumber: 1000 +givenName: Keith +sn: Hartness +cn: Keith Hartness +homeDirectory: /home/khartness +gecos: Keith Hartness +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZmlzY2Fs +loginShell: /bin/bash + +dn: cn=Carmen Duffer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cduffer +uidNumber: 4202 +gidNumber: 1000 +givenName: Carmen +sn: Duffer +cn: Carmen Duffer +homeDirectory: /home/cduffer +gecos: Carmen Duffer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y3V0dGVyJ3M= +loginShell: /bin/bash + +dn: uid=nramones,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nramones +uidNumber: 4203 +gidNumber: 1000 +givenName: Neki +sn: Ramones +cn: Neki Ramones +homeDirectory: /home/nramones +gecos: Neki Ramones +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX05K3QxTUdVYmNOYjR2Z0FEa0J1b0EyeENCamM9 +loginShell: /bin/bash + +dn: uid=shaith,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: shaith +uidNumber: 4204 +gidNumber: 1000 +givenName: Soudelor +sn: Haith +cn: Soudelor Haith +homeDirectory: /home/shaith +gecos: Soudelor Haith +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9WTdIczBBTzVUaVBaWitlRDdKTjdUQXNUY2dzPQ== +loginShell: /bin/bash + +dn: cn=Marinda Storto+uid=mstorto,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mstorto +uidNumber: 4205 +gidNumber: 1000 +givenName: Marinda +sn: Storto +cn: Marinda Storto +homeDirectory: /home/mstorto +gecos: Marinda Storto +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9M0pTMVV0WlduUEhtOE04cWVham9qdjJuS0lzPQ== +loginShell: /bin/bash + +dn: uid=cfleurantin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cfleurantin +uidNumber: 4206 +gidNumber: 1000 +givenName: Cristina +sn: Fleurantin +cn: Cristina Fleurantin +homeDirectory: /home/cfleurantin +gecos: Cristina Fleurantin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9b1o4NTNwaTlTK29XOGhtbVdzNVpDZk5jMS9FSDd1dVk= +loginShell: /bin/bash + +dn: cn=Katse Kinnick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kkinnick +uidNumber: 4207 +gidNumber: 1000 +givenName: Katse +sn: Kinnick +cn: Katse Kinnick +homeDirectory: /home/kkinnick +gecos: Katse Kinnick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1hU3dML3FHT2RGRzljaGRnUlRodjVtelJSRVU9 +loginShell: /bin/bash + +dn: cn=Upana Vazzana,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: uvazzana +uidNumber: 4208 +gidNumber: 1000 +givenName: Upana +sn: Vazzana +cn: Upana Vazzana +homeDirectory: /home/uvazzana +gecos: Upana Vazzana +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1BdTRDR3o2TXFsa2tNYnlyT2d6M2lRPT0= +loginShell: /bin/bash + +dn: uid=cschimke,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cschimke +uidNumber: 4209 +gidNumber: 1000 +givenName: Chanchu +sn: Schimke +cn: Chanchu Schimke +homeDirectory: /home/cschimke +gecos: Chanchu Schimke +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9TzQ3N3dYekhGY2gxSERnNjI2b0ZVYzRKODVvPQ== +loginShell: /bin/bash + +dn: uid=isorhaindo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: isorhaindo +uidNumber: 4210 +gidNumber: 1000 +givenName: Iune +sn: Sorhaindo +cn: Iune Sorhaindo +homeDirectory: /home/isorhaindo +gecos: Iune Sorhaindo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTdtVUdtSGgyRy9JeS4= +loginShell: /bin/bash + +dn: cn=Octave Birkline,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: obirkline +uidNumber: 4211 +gidNumber: 1000 +givenName: Octave +sn: Birkline +cn: Octave Birkline +homeDirectory: /home/obirkline +gecos: Octave Birkline +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1EaFgxR2d1Q1RBVlRGbzZQT1FhOUFhTnRuS1U9 +loginShell: /bin/bash + +dn: uid=lhurtado,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lhurtado +uidNumber: 4212 +gidNumber: 1000 +givenName: Larry +sn: Hurtado +cn: Larry Hurtado +homeDirectory: /home/lhurtado +gecos: Larry Hurtado +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1FVVh5WXlWc2tqY1cwcmpxM2k5bWlRPT0= +loginShell: /bin/bash + +dn: uid=atopick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: atopick +uidNumber: 4213 +gidNumber: 1000 +givenName: Allison +sn: Topick +cn: Allison Topick +homeDirectory: /home/atopick +gecos: Allison Topick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3Bhd24= +loginShell: /bin/bash + +dn: uid=jchipp,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jchipp +uidNumber: 4214 +gidNumber: 1000 +givenName: Jaya +sn: Chipp +cn: Jaya Chipp +homeDirectory: /home/jchipp +gecos: Jaya Chipp +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX02elBRZTdyYVFwUkpUWE1lRW5ScjVhb1dRYzA9 +loginShell: /bin/bash + +dn: uid=bsolecki,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bsolecki +uidNumber: 4215 +gidNumber: 1000 +givenName: Bolaven +sn: Solecki +cn: Bolaven Solecki +homeDirectory: /home/bsolecki +gecos: Bolaven Solecki +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1Ta1J2U09vQTlQTWRDakFlZGllL1prRlZEams9 +loginShell: /bin/bash + +dn: cn=Winston Boroff+uid=wboroff,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wboroff +uidNumber: 4216 +gidNumber: 1000 +givenName: Winston +sn: Boroff +cn: Winston Boroff +homeDirectory: /home/wboroff +gecos: Winston Boroff +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9dWV1Nys0a3BUSDF4Ty9keFp2NDBGb1ZWd1ZJOCtkWGo= +loginShell: /bin/bash + +dn: cn=Cristina Steinbrecher+uid=csteinbrecher,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: csteinbrecher +uidNumber: 4217 +gidNumber: 1000 +givenName: Cristina +sn: Steinbrecher +cn: Cristina Steinbrecher +homeDirectory: /home/csteinbrecher +gecos: Cristina Steinbrecher +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bGV1a2FlbWlhJ3M= +loginShell: /bin/bash + +dn: uid=nridinger,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nridinger +uidNumber: 4218 +gidNumber: 1000 +givenName: Nate +sn: Ridinger +cn: Nate Ridinger +homeDirectory: /home/nridinger +gecos: Nate Ridinger +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1wNWlYSTFCTG5BUFNEN2kvL1N5NEg5Vjh2WWc9 +loginShell: /bin/bash + +dn: cn=Adeline Lienhard,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: alienhard +uidNumber: 4219 +gidNumber: 1000 +givenName: Adeline +sn: Lienhard +cn: Adeline Lienhard +homeDirectory: /home/alienhard +gecos: Adeline Lienhard +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: dHJlYWNoZXJ5 +loginShell: /bin/bash + +dn: uid=mautullo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mautullo +uidNumber: 4220 +gidNumber: 1000 +givenName: Manuel +sn: Autullo +cn: Manuel Autullo +homeDirectory: /home/mautullo +gecos: Manuel Autullo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9R2xBUG1URjAwM05SeFEydGRwdU5CaDNOSm1jPQ== +loginShell: /bin/bash + +dn: uid=vhussien,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vhussien +uidNumber: 4221 +gidNumber: 1000 +givenName: Vuyane +sn: Hussien +cn: Vuyane Hussien +homeDirectory: /home/vhussien +gecos: Vuyane Hussien +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9bWcrYmt0a3JzbCtMUUJ6ZkxBNlN4UkJDeWNzPQ== +loginShell: /bin/bash + +dn: cn=Winifred Mendell+uid=wmendell,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wmendell +uidNumber: 4222 +gidNumber: 1000 +givenName: Winifred +sn: Mendell +cn: Winifred Mendell +homeDirectory: /home/wmendell +gecos: Winifred Mendell +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1OQTMyN0VtZzFkbnZPV2szRXBobGFRPT0= +loginShell: /bin/bash + +dn: uid=hmaly,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hmaly +uidNumber: 4223 +gidNumber: 1000 +givenName: Halong +sn: Maly +cn: Halong Maly +homeDirectory: /home/hmaly +gecos: Halong Maly +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1ydUMvR0crOE9Oa3lnN2x6U1BtNlpiSy9ENGs9 +loginShell: /bin/bash + +dn: cn=Peke Schrayter,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pschrayter +uidNumber: 4224 +gidNumber: 1000 +givenName: Peke +sn: Schrayter +cn: Peke Schrayter +homeDirectory: /home/pschrayter +gecos: Peke Schrayter +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9U3ZYWDV1ZDhEOVlXNkxwNGFHK2JYbUM4aW96amQwcHA= +loginShell: /bin/bash + +dn: cn=Lupit Lasher,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: llasher +uidNumber: 4225 +gidNumber: 1000 +givenName: Lupit +sn: Lasher +cn: Lupit Lasher +homeDirectory: /home/llasher +gecos: Lupit Lasher +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1VQmV5YnplMytLMW4vbzdld25DWXl3UXE3RlU9 +loginShell: /bin/bash + +dn: uid=wzausch,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wzausch +uidNumber: 4226 +gidNumber: 1000 +givenName: Willa +sn: Zausch +cn: Willa Zausch +homeDirectory: /home/wzausch +gecos: Willa Zausch +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aW5zdHJ1bWVudA== +loginShell: /bin/bash + +dn: uid=rlambertus,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rlambertus +uidNumber: 4227 +gidNumber: 1000 +givenName: Roke +sn: Lambertus +cn: Roke Lambertus +homeDirectory: /home/rlambertus +gecos: Roke Lambertus +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cGFyc2Vj +loginShell: /bin/bash + +dn: cn=Winsome Delbalso+uid=wdelbalso,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wdelbalso +uidNumber: 4228 +gidNumber: 1000 +givenName: Winsome +sn: Delbalso +cn: Winsome Delbalso +homeDirectory: /home/wdelbalso +gecos: Winsome Delbalso +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Zm91bmQ= +loginShell: /bin/bash + +dn: cn=Nicky Mccolm,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nmccolm +uidNumber: 4229 +gidNumber: 1000 +givenName: Nicky +sn: Mccolm +cn: Nicky Mccolm +homeDirectory: /home/nmccolm +gecos: Nicky Mccolm +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y2Fwc2l6ZWQ= +loginShell: /bin/bash + +dn: cn=Tomas Ronald+uid=tronald,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tronald +uidNumber: 4230 +gidNumber: 1000 +givenName: Tomas +sn: Ronald +cn: Tomas Ronald +homeDirectory: /home/tronald +gecos: Tomas Ronald +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9amxMcWxSa2RBU3hsWUFiMUpCVmpkdWFTNGtNPQ== +loginShell: /bin/bash + +dn: uid=uhuysman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: uhuysman +uidNumber: 4231 +gidNumber: 1000 +givenName: Usha +sn: Huysman +cn: Usha Huysman +homeDirectory: /home/uhuysman +gecos: Usha Huysman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9eWYrRGVQTG9GcnlvNWQyRjJUNzJHK0Z5RzFNPQ== +loginShell: /bin/bash + +dn: uid=zculp,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zculp +uidNumber: 4232 +gidNumber: 1000 +givenName: Zuman +sn: Culp +cn: Zuman Culp +homeDirectory: /home/zculp +gecos: Zuman Culp +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9TnViVTJTSnkrd3owK3RPbHFFa3RaaUloMjJESmdCK0g= +loginShell: /bin/bash + +dn: uid=uweyand,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: uweyand +uidNumber: 4233 +gidNumber: 1000 +givenName: Upia +sn: Weyand +cn: Upia Weyand +homeDirectory: /home/uweyand +gecos: Upia Weyand +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Q05FQWJNUXk1YVgvQjhGdFcvMit3RDJkdUtjRTNaOFI= +loginShell: /bin/bash + +dn: uid=hboreland,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hboreland +uidNumber: 4234 +gidNumber: 1000 +givenName: Hector +sn: Boreland +cn: Hector Boreland +homeDirectory: /home/hboreland +gecos: Hector Boreland +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZGlrZXM= +loginShell: /bin/bash + +dn: cn=Eloise Grago+uid=egrago,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: egrago +uidNumber: 4235 +gidNumber: 1000 +givenName: Eloise +sn: Grago +cn: Eloise Grago +homeDirectory: /home/egrago +gecos: Eloise Grago +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1zYlY3aDlPd3JmaVFOUkw3TG5sRUNBPT0= +loginShell: /bin/bash + +dn: cn=Marinda Bravata,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mbravata +uidNumber: 4236 +gidNumber: 1000 +givenName: Marinda +sn: Bravata +cn: Marinda Bravata +homeDirectory: /home/mbravata +gecos: Marinda Bravata +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1HeW52Y0V5ZEhjL2t3a0w5MmNJMzZRPT0= +loginShell: /bin/bash + +dn: cn=Rebecca Chevrette+uid=rchevrette,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rchevrette +uidNumber: 4237 +gidNumber: 1000 +givenName: Rebecca +sn: Chevrette +cn: Rebecca Chevrette +homeDirectory: /home/rchevrette +gecos: Rebecca Chevrette +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1tN1duUGYxTkthcUJJYzBoWkxsYVhOSTh0eU09 +loginShell: /bin/bash + +dn: uid=ohoffert,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ohoffert +uidNumber: 4238 +gidNumber: 1000 +givenName: Oka +sn: Hoffert +cn: Oka Hoffert +homeDirectory: /home/ohoffert +gecos: Oka Hoffert +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Z3JhbmRmYXRoZXIncw== +loginShell: /bin/bash + +dn: uid=pphuaphes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pphuaphes +uidNumber: 4239 +gidNumber: 1000 +givenName: Panda +sn: Phuaphes +cn: Panda Phuaphes +homeDirectory: /home/pphuaphes +gecos: Panda Phuaphes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1aUWRSWGlEd2J0M0dwZE1hWm12MHV1Wmd0OEU9 +loginShell: /bin/bash + +dn: uid=olincicum,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: olincicum +uidNumber: 4240 +gidNumber: 1000 +givenName: Ofelia +sn: Lincicum +cn: Ofelia Lincicum +homeDirectory: /home/olincicum +gecos: Ofelia Lincicum +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTJMZmxqTDhpakFGN2M= +loginShell: /bin/bash + +dn: uid=rschkade,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rschkade +uidNumber: 4241 +gidNumber: 1000 +givenName: Rachel +sn: Schkade +cn: Rachel Schkade +homeDirectory: /home/rschkade +gecos: Rachel Schkade +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cGFyYW1vdW50 +loginShell: /bin/bash + +dn: uid=cswayze,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cswayze +uidNumber: 4242 +gidNumber: 1000 +givenName: Carina +sn: Swayze +cn: Carina Swayze +homeDirectory: /home/cswayze +gecos: Carina Swayze +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1vV1BweTdDdWRMUlo4RnU1SDZQc0xyL1lHNXM9 +loginShell: /bin/bash + +dn: uid=tethelbert,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tethelbert +uidNumber: 4243 +gidNumber: 1000 +givenName: Trudy +sn: Ethelbert +cn: Trudy Ethelbert +homeDirectory: /home/tethelbert +gecos: Trudy Ethelbert +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUtrUENQS0hId3ViQ1E= +loginShell: /bin/bash + +dn: uid=mpellew,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mpellew +uidNumber: 4244 +gidNumber: 1000 +givenName: Mitchell +sn: Pellew +cn: Mitchell Pellew +homeDirectory: /home/mpellew +gecos: Mitchell Pellew +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9aktVcnBkcE51WVVRMW52R2p3K0NycGMxVTFuV214UlA= +loginShell: /bin/bash + +dn: uid=pfertitta,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pfertitta +uidNumber: 4245 +gidNumber: 1000 +givenName: Paul +sn: Fertitta +cn: Paul Fertitta +homeDirectory: /home/pfertitta +gecos: Paul Fertitta +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9aXJRMkdZd0J5SGppTkZKZ2pSdzBReUhwYk5RbTdDSmk= +loginShell: /bin/bash + +dn: uid=jyslava,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jyslava +uidNumber: 4246 +gidNumber: 1000 +givenName: Jana +sn: Yslava +cn: Jana Yslava +homeDirectory: /home/jyslava +gecos: Jana Yslava +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9NU9MWXV6Y3ZmWXpmSTd3ajE1MHF1ekN3K09NPQ== +loginShell: /bin/bash + +dn: uid=gradish,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gradish +uidNumber: 4247 +gidNumber: 1000 +givenName: Gene +sn: Radish +cn: Gene Radish +homeDirectory: /home/gradish +gecos: Gene Radish +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1rc2lmb09PcmRlK3R2RkdUai9vUVdVSm9tRDg9 +loginShell: /bin/bash + +dn: uid=xrahaim,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: xrahaim +uidNumber: 4248 +gidNumber: 1000 +givenName: Xylo +sn: Rahaim +cn: Xylo Rahaim +homeDirectory: /home/xrahaim +gecos: Xylo Rahaim +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9WlFYSzliRkJNUm1ySWEzZ1gvSUxXSDRkNDBOQVRpMGk= +loginShell: /bin/bash + +dn: uid=rcianciolo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rcianciolo +uidNumber: 4249 +gidNumber: 1000 +givenName: Rose +sn: Cianciolo +cn: Rose Cianciolo +homeDirectory: /home/rcianciolo +gecos: Rose Cianciolo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9QU12V20xZmt2ZDlVWmF4aE8wRVZFVjN5ZlFMdkZVNk0= +loginShell: /bin/bash + +dn: uid=smosakowski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: smosakowski +uidNumber: 4250 +gidNumber: 1000 +givenName: Solo +sn: Mosakowski +cn: Solo Mosakowski +homeDirectory: /home/smosakowski +gecos: Solo Mosakowski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9eWlyeER4Vi9TVjFzYzJVdmFnUTA4S245Qy9ZPQ== +loginShell: /bin/bash + +dn: uid=sgropper,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sgropper +uidNumber: 4251 +gidNumber: 1000 +givenName: Sarah +sn: Gropper +cn: Sarah Gropper +homeDirectory: /home/sgropper +gecos: Sarah Gropper +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXAxaHRLRUQyVm1kUE0= +loginShell: /bin/bash + +dn: cn=Trevor Abelman+uid=tabelman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tabelman +uidNumber: 4252 +gidNumber: 1000 +givenName: Trevor +sn: Abelman +cn: Trevor Abelman +homeDirectory: /home/tabelman +gecos: Trevor Abelman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1oTW1Lc29WSWxHQVU1K3Y3THloRURSTTNlanM9 +loginShell: /bin/bash + +dn: cn=Guduza Nordmark+uid=gnordmark,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gnordmark +uidNumber: 4253 +gidNumber: 1000 +givenName: Guduza +sn: Nordmark +cn: Guduza Nordmark +homeDirectory: /home/gnordmark +gecos: Guduza Nordmark +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9VWZPclpTWTFPRDdwcjhwalczT0o5dDZZc3E4PQ== +loginShell: /bin/bash + +dn: uid=akrishna,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: akrishna +uidNumber: 4254 +gidNumber: 1000 +givenName: Audrey +sn: Krishna +cn: Audrey Krishna +homeDirectory: /home/akrishna +gecos: Audrey Krishna +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9WmlldFQ2Kzd6R2xjTVNMMDVCWjF6ZmJSRmpzPQ== +loginShell: /bin/bash + +dn: uid=pzieglen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pzieglen +uidNumber: 4255 +gidNumber: 1000 +givenName: Parma +sn: Zieglen +cn: Parma Zieglen +homeDirectory: /home/pzieglen +gecos: Parma Zieglen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9dDY2RHFCaU9HK2dnV2tBRDlkcysrV1c4QW84PQ== +loginShell: /bin/bash + +dn: cn=Gordon Damour,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gdamour +uidNumber: 4256 +gidNumber: 1000 +givenName: Gordon +sn: Damour +cn: Gordon Damour +homeDirectory: /home/gdamour +gecos: Gordon Damour +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZHJlYXJ5 +loginShell: /bin/bash + +dn: cn=Vania Wokwicz+uid=vwokwicz,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vwokwicz +uidNumber: 4257 +gidNumber: 1000 +givenName: Vania +sn: Wokwicz +cn: Vania Wokwicz +homeDirectory: /home/vwokwicz +gecos: Vania Wokwicz +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9bnlPd3JWOXNWZHZvREZ5R2hmR1FPR2JKVDFjPQ== +loginShell: /bin/bash + +dn: uid=rwinchell,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rwinchell +uidNumber: 4258 +gidNumber: 1000 +givenName: Rina +sn: Winchell +cn: Rina Winchell +homeDirectory: /home/rwinchell +gecos: Rina Winchell +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZGVjb3JhdGU= +loginShell: /bin/bash + +dn: uid=salexandria,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: salexandria +uidNumber: 4259 +gidNumber: 1000 +givenName: Shyra +sn: Alexandria +cn: Shyra Alexandria +homeDirectory: /home/salexandria +gecos: Shyra Alexandria +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: dW5kZXJzdHVkaWVz +loginShell: /bin/bash + +dn: uid=lringrose,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lringrose +uidNumber: 4260 +gidNumber: 1000 +givenName: Linfa +sn: Ringrose +cn: Linfa Ringrose +homeDirectory: /home/lringrose +gecos: Linfa Ringrose +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1meHY1YkVKaUxyOWhoWVR6RC93aXlRPT0= +loginShell: /bin/bash + +dn: uid=lgunnett,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lgunnett +uidNumber: 4261 +gidNumber: 1000 +givenName: Lorena +sn: Gunnett +cn: Lorena Gunnett +homeDirectory: /home/lgunnett +gecos: Lorena Gunnett +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1XdlZOU3dXKzJGSTk3TXpkenNINEdnPT0= +loginShell: /bin/bash + +dn: cn=Reuben Pastorin+uid=rpastorin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rpastorin +uidNumber: 4262 +gidNumber: 1000 +givenName: Reuben +sn: Pastorin +cn: Reuben Pastorin +homeDirectory: /home/rpastorin +gecos: Reuben Pastorin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1idldZUW5LanM0SW1PUlFMc1M4VnV3SnM1TW89 +loginShell: /bin/bash + +dn: cn=Adrian Arellano,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: aarellano +uidNumber: 4263 +gidNumber: 1000 +givenName: Adrian +sn: Arellano +cn: Adrian Arellano +homeDirectory: /home/aarellano +gecos: Adrian Arellano +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9Mm5na2lQK2FwWTBMZjNiSnhlei9teEhnenVNPQ== +loginShell: /bin/bash + +dn: cn=Ume Menlove+uid=umenlove,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: umenlove +uidNumber: 4264 +gidNumber: 1000 +givenName: Ume +sn: Menlove +cn: Ume Menlove +homeDirectory: /home/umenlove +gecos: Ume Menlove +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cDVraUhoTEtMUGNEcHBKRlRtZlM2MjFYc3Y0PQ== +loginShell: /bin/bash + +dn: cn=Elnus Engelman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eengelman +uidNumber: 4265 +gidNumber: 1000 +givenName: Elnus +sn: Engelman +cn: Elnus Engelman +homeDirectory: /home/eengelman +gecos: Elnus Engelman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ZVJIMmlOalpza3J3RHB3V25MODNNWjBKcFUwPQ== +loginShell: /bin/bash + +dn: uid=nglathar,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nglathar +uidNumber: 4266 +gidNumber: 1000 +givenName: Nungu +sn: Glathar +cn: Nungu Glathar +homeDirectory: /home/nglathar +gecos: Nungu Glathar +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1mckZMUVdtSFBKbElyRldSVDI0K3lkMnZsRm89 +loginShell: /bin/bash + +dn: cn=Lidia Hutsler+uid=lhutsler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lhutsler +uidNumber: 4267 +gidNumber: 1000 +givenName: Lidia +sn: Hutsler +cn: Lidia Hutsler +homeDirectory: /home/lhutsler +gecos: Lidia Hutsler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9d3FjUnc0K0YyaUF0dU1jRWZ2bU05akVvb2JjT0l5Y0E= +loginShell: /bin/bash + +dn: uid=egospatrick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: egospatrick +uidNumber: 4268 +gidNumber: 1000 +givenName: Ema +sn: Gospatrick +cn: Ema Gospatrick +homeDirectory: /home/egospatrick +gecos: Ema Gospatrick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9WEJ1NHl4NEE5RG52YlIvLy85TlpFRUF0L0NrPQ== +loginShell: /bin/bash + +dn: cn=Marian Wesberry,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mwesberry +uidNumber: 4269 +gidNumber: 1000 +givenName: Marian +sn: Wesberry +cn: Marian Wesberry +homeDirectory: /home/mwesberry +gecos: Marian Wesberry +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9OUZHalhVWFM2NkYwMmNxUEpaUlM3ekdXUFBVPQ== +loginShell: /bin/bash + +dn: uid=vhaverill,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vhaverill +uidNumber: 4270 +gidNumber: 1000 +givenName: Vincent +sn: Haverill +cn: Vincent Haverill +homeDirectory: /home/vhaverill +gecos: Vincent Haverill +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9NUluM1plNmJqd2pNRlZzNis0R1ArT2xYVlpnMko3RnY= +loginShell: /bin/bash + +dn: uid=dhomma,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dhomma +uidNumber: 4271 +gidNumber: 1000 +givenName: Diana +sn: Homma +cn: Diana Homma +homeDirectory: /home/dhomma +gecos: Diana Homma +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9SWdVMVMydkxzZy9kZUQ0MjNzbmFjQnNyMzljPQ== +loginShell: /bin/bash + +dn: uid=tdembinski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tdembinski +uidNumber: 4272 +gidNumber: 1000 +givenName: Tsholo +sn: Dembinski +cn: Tsholo Dembinski +homeDirectory: /home/tdembinski +gecos: Tsholo Dembinski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9SUNFRm1IZFhvTFlBZWc5UjV3eU5pclR6R2VNPQ== +loginShell: /bin/bash + +dn: uid=cflenner,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cflenner +uidNumber: 4273 +gidNumber: 1000 +givenName: Camille +sn: Flenner +cn: Camille Flenner +homeDirectory: /home/cflenner +gecos: Camille Flenner +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1KdXh3cGE4Y1RNS1UxSk01VVlXRnJRPT0= +loginShell: /bin/bash + +dn: uid=kmandolfo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kmandolfo +uidNumber: 4274 +gidNumber: 1000 +givenName: Keli +sn: Mandolfo +cn: Keli Mandolfo +homeDirectory: /home/kmandolfo +gecos: Keli Mandolfo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9L0ovY1lvZ3RrUkZUYkRHT1R3Qng4OVhrYWZJPQ== +loginShell: /bin/bash + +dn: uid=tfowlkes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tfowlkes +uidNumber: 4275 +gidNumber: 1000 +givenName: Tuni +sn: Fowlkes +cn: Tuni Fowlkes +homeDirectory: /home/tfowlkes +gecos: Tuni Fowlkes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9WFY2cUdZNXVUbUhnZ3g5RFBaV2p2V3VDdnVJPQ== +loginShell: /bin/bash + +dn: uid=vmaynard,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vmaynard +uidNumber: 4276 +gidNumber: 1000 +givenName: Velo +sn: Maynard +cn: Velo Maynard +homeDirectory: /home/vmaynard +gecos: Velo Maynard +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0ydUViLzcyYmtscElMR013WDY4UlcyKy9Id2s9 +loginShell: /bin/bash + +dn: uid=pshumski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pshumski +uidNumber: 4277 +gidNumber: 1000 +givenName: Phoebe +sn: Shumski +cn: Phoebe Shumski +homeDirectory: /home/pshumski +gecos: Phoebe Shumski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cXVpY2tseQ== +loginShell: /bin/bash + +dn: cn=Nisha Dipanfilo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ndipanfilo +uidNumber: 4278 +gidNumber: 1000 +givenName: Nisha +sn: Dipanfilo +cn: Nisha Dipanfilo +homeDirectory: /home/ndipanfilo +gecos: Nisha Dipanfilo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVJDalJzck1McVFWeEk= +loginShell: /bin/bash + +dn: uid=aagel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: aagel +uidNumber: 4279 +gidNumber: 1000 +givenName: Amos +sn: Agel +cn: Amos Agel +homeDirectory: /home/aagel +gecos: Amos Agel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9YUl6SUxnY1h4SkhSMXdycnFwNlY1WGU0TVY4ME14VE4= +loginShell: /bin/bash + +dn: cn=Inez Gurwell,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: igurwell +uidNumber: 4280 +gidNumber: 1000 +givenName: Inez +sn: Gurwell +cn: Inez Gurwell +homeDirectory: /home/igurwell +gecos: Inez Gurwell +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cmVlbGVjdHM= +loginShell: /bin/bash + +dn: cn=Humba Fiebig+uid=hfiebig,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hfiebig +uidNumber: 4281 +gidNumber: 1000 +givenName: Humba +sn: Fiebig +cn: Humba Fiebig +homeDirectory: /home/hfiebig +gecos: Humba Fiebig +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1FRTVEbE9aSVY2Y1VWWnVQK0VvSGZudlJNQ1k9 +loginShell: /bin/bash + +dn: cn=Dujuan Hammontree,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dhammontree +uidNumber: 4282 +gidNumber: 1000 +givenName: Dujuan +sn: Hammontree +cn: Dujuan Hammontree +homeDirectory: /home/dhammontree +gecos: Dujuan Hammontree +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1xeHV6eTBoNHA0Y3RzbWltbUxOYldBPT0= +loginShell: /bin/bash + +dn: uid=hsalvucci,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hsalvucci +uidNumber: 4283 +gidNumber: 1000 +givenName: Hanna +sn: Salvucci +cn: Hanna Salvucci +homeDirectory: /home/hsalvucci +gecos: Hanna Salvucci +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9aE5sK0l2V3lKcGJLbmQxMTV5ZlUyTlVCODJvPQ== +loginShell: /bin/bash + +dn: uid=glebold,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: glebold +uidNumber: 4284 +gidNumber: 1000 +givenName: Gamede +sn: Lebold +cn: Gamede Lebold +homeDirectory: /home/glebold +gecos: Gamede Lebold +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9UG5JU3BoaG95L3FSVVhCendVZ3Fkamo3OXFqNENSYmc= +loginShell: /bin/bash + +dn: uid=gconver,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gconver +uidNumber: 4285 +gidNumber: 1000 +givenName: Gretel +sn: Conver +cn: Gretel Conver +homeDirectory: /home/gconver +gecos: Gretel Conver +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUtkTTJ5ejlvVHVqVUE= +loginShell: /bin/bash + +dn: uid=cnagode,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cnagode +uidNumber: 4286 +gidNumber: 1000 +givenName: Chris +sn: Nagode +cn: Chris Nagode +homeDirectory: /home/cnagode +gecos: Chris Nagode +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9eEdGVTFEc25MZ2NLb1JYRExza1ZIdTVQVHQvOEpRZkw= +loginShell: /bin/bash + +dn: uid=wtumaneng,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wtumaneng +uidNumber: 4287 +gidNumber: 1000 +givenName: Wylva +sn: Tumaneng +cn: Wylva Tumaneng +homeDirectory: /home/wtumaneng +gecos: Wylva Tumaneng +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cExHNXB1NC8veHhrYkI0RjNrMVBRTVlNTGtzPQ== +loginShell: /bin/bash + +dn: cn=Wylva Ganther,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wganther +uidNumber: 4288 +gidNumber: 1000 +givenName: Wylva +sn: Ganther +cn: Wylva Ganther +homeDirectory: /home/wganther +gecos: Wylva Ganther +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1NalNRaDlnSG5OK0ZkRXRKWVFpTGdjcTFtMmc9 +loginShell: /bin/bash + +dn: uid=gclapham,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gclapham +uidNumber: 4289 +gidNumber: 1000 +givenName: Georges +sn: Clapham +cn: Georges Clapham +homeDirectory: /home/gclapham +gecos: Georges Clapham +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aGFsbHVjaW5vZ2VuaWM= +loginShell: /bin/bash + +dn: cn=Boloetse Mednick+uid=bmednick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bmednick +uidNumber: 4290 +gidNumber: 1000 +givenName: Boloetse +sn: Mednick +cn: Boloetse Mednick +homeDirectory: /home/bmednick +gecos: Boloetse Mednick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXNybC9md015VHBqYTY= +loginShell: /bin/bash + +dn: uid=zkampmann,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zkampmann +uidNumber: 4291 +gidNumber: 1000 +givenName: Zuman +sn: Kampmann +cn: Zuman Kampmann +homeDirectory: /home/zkampmann +gecos: Zuman Kampmann +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX13V25uTnVpbXkrcXFsMC9ZVDAyb0VBPT0= +loginShell: /bin/bash + +dn: cn=Ema Wicks+uid=ewicks,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ewicks +uidNumber: 4292 +gidNumber: 1000 +givenName: Ema +sn: Wicks +cn: Ema Wicks +homeDirectory: /home/ewicks +gecos: Ema Wicks +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0ySDBHeGx0cVA4TGVNQi81dFUxbEdBPT0= +loginShell: /bin/bash + +dn: uid=aminari,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: aminari +uidNumber: 4293 +gidNumber: 1000 +givenName: Alma +sn: Minari +cn: Alma Minari +homeDirectory: /home/aminari +gecos: Alma Minari +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Ymx1YmJlcg== +loginShell: /bin/bash + +dn: uid=tcampman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tcampman +uidNumber: 4294 +gidNumber: 1000 +givenName: Tako +sn: Campman +cn: Tako Campman +homeDirectory: /home/tcampman +gecos: Tako Campman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1wWDRiaUpIL2plSU1kTE9CeThjZHNVQ3lWSGc9 +loginShell: /bin/bash + +dn: uid=pwademan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pwademan +uidNumber: 4295 +gidNumber: 1000 +givenName: Pongsona +sn: Wademan +cn: Pongsona Wademan +homeDirectory: /home/pwademan +gecos: Pongsona Wademan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0zM25ZeU12QlEweWlhaWVqazRidXNBPT0= +loginShell: /bin/bash + +dn: uid=gshadle,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gshadle +uidNumber: 4296 +gidNumber: 1000 +givenName: Gita +sn: Shadle +cn: Gita Shadle +homeDirectory: /home/gshadle +gecos: Gita Shadle +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZGlzYXBwZWFyZWQ= +loginShell: /bin/bash + +dn: uid=lseehafer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lseehafer +uidNumber: 4297 +gidNumber: 1000 +givenName: Lester +sn: Seehafer +cn: Lester Seehafer +homeDirectory: /home/lseehafer +gecos: Lester Seehafer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1TWDV4U2xKMy9QdFROK096ZGQ2Z25ZVzYyejA9 +loginShell: /bin/bash + +dn: cn=Oscar Olivarez+uid=oolivarez,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: oolivarez +uidNumber: 4298 +gidNumber: 1000 +givenName: Oscar +sn: Olivarez +cn: Oscar Olivarez +homeDirectory: /home/oolivarez +gecos: Oscar Olivarez +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RCtmdnBnMUF4Q2tSaEh4bHQ2Z1l4aDVyQkNNPQ== +loginShell: /bin/bash + +dn: uid=cmcanulty,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cmcanulty +uidNumber: 4299 +gidNumber: 1000 +givenName: Carol +sn: Mcanulty +cn: Carol Mcanulty +homeDirectory: /home/cmcanulty +gecos: Carol Mcanulty +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Tk10OEdGcDU1U2JTeDZQUzVBZXd5U1RrQmlhbTV6ZFk= +loginShell: /bin/bash + +dn: uid=mpanahon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mpanahon +uidNumber: 4300 +gidNumber: 1000 +givenName: Marabe +sn: Panahon +cn: Marabe Panahon +homeDirectory: /home/mpanahon +gecos: Marabe Panahon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9aTdQVG5JOUZxOUo1ZlZ6cTl3MXNUSS9BWmdJN1hvVXE= +loginShell: /bin/bash + +dn: cn=Virgil Runyon+uid=vrunyon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vrunyon +uidNumber: 4301 +gidNumber: 1000 +givenName: Virgil +sn: Runyon +cn: Virgil Runyon +homeDirectory: /home/vrunyon +gecos: Virgil Runyon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9TTBQYnBjZ3I2dk54b0ZOMU10VWdVNHRRYnc0PQ== +loginShell: /bin/bash + +dn: cn=Usha Mcsparin+uid=umcsparin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: umcsparin +uidNumber: 4302 +gidNumber: 1000 +givenName: Usha +sn: Mcsparin +cn: Usha Mcsparin +homeDirectory: /home/umcsparin +gecos: Usha Mcsparin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXJVbWNuV3VIL2REa1E= +loginShell: /bin/bash + +dn: uid=gbueche,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gbueche +uidNumber: 4303 +gidNumber: 1000 +givenName: Garry +sn: Bueche +cn: Garry Bueche +homeDirectory: /home/gbueche +gecos: Garry Bueche +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXptbG54NENMUnFpdkU= +loginShell: /bin/bash + +dn: cn=Parma Sharits+uid=psharits,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: psharits +uidNumber: 4304 +gidNumber: 1000 +givenName: Parma +sn: Sharits +cn: Parma Sharits +homeDirectory: /home/psharits +gecos: Parma Sharits +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9c0FTeFlkWlFzOHE0bHo1a0FLL0RLam9OQUhDaFErVk8= +loginShell: /bin/bash + +dn: cn=Lester Digman+uid=ldigman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ldigman +uidNumber: 4305 +gidNumber: 1000 +givenName: Lester +sn: Digman +cn: Lester Digman +homeDirectory: /home/ldigman +gecos: Lester Digman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cGxhY2FyZCdz +loginShell: /bin/bash + +dn: uid=phaye,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: phaye +uidNumber: 4306 +gidNumber: 1000 +givenName: Patricia +sn: Haye +cn: Patricia Haye +homeDirectory: /home/phaye +gecos: Patricia Haye +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aW5mYXR1YXRlcw== +loginShell: /bin/bash + +dn: cn=Pam Dischinger+uid=pdischinger,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pdischinger +uidNumber: 4307 +gidNumber: 1000 +givenName: Pam +sn: Dischinger +cn: Pam Dischinger +homeDirectory: /home/pdischinger +gecos: Pam Dischinger +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTVWWG9zT2ZrcVdGdms= +loginShell: /bin/bash + +dn: uid=hderrig,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hderrig +uidNumber: 4308 +gidNumber: 1000 +givenName: Hubert +sn: Derrig +cn: Hubert Derrig +homeDirectory: /home/hderrig +gecos: Hubert Derrig +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX12Yyt2bmdpUkJKZ1ZrZ1NxZW9qVitRPT0= +loginShell: /bin/bash + +dn: uid=pdulac,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pdulac +uidNumber: 4309 +gidNumber: 1000 +givenName: Patty +sn: Dulac +cn: Patty Dulac +homeDirectory: /home/pdulac +gecos: Patty Dulac +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9LzR2UE9LV0VaV1FkMkFsS2RTNCtMbnlLc3J1aUI4aDY= +loginShell: /bin/bash + +dn: cn=Pilar Repasky,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: prepasky +uidNumber: 4310 +gidNumber: 1000 +givenName: Pilar +sn: Repasky +cn: Pilar Repasky +homeDirectory: /home/prepasky +gecos: Pilar Repasky +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YXN0cm9ub21lcg== +loginShell: /bin/bash + +dn: uid=owager,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: owager +uidNumber: 4311 +gidNumber: 1000 +givenName: Oleka +sn: Wager +cn: Oleka Wager +homeDirectory: /home/owager +gecos: Oleka Wager +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cG9zdGRvY3M= +loginShell: /bin/bash + +dn: uid=fdivers,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fdivers +uidNumber: 4312 +gidNumber: 1000 +givenName: Fitow +sn: Divers +cn: Fitow Divers +homeDirectory: /home/fdivers +gecos: Fitow Divers +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9TVNTMnlvSnc4SWlJeDhxSjZLWk9tVWN3Y0Z3PQ== +loginShell: /bin/bash + +dn: cn=Marco Telford+uid=mtelford,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mtelford +uidNumber: 4313 +gidNumber: 1000 +givenName: Marco +sn: Telford +cn: Marco Telford +homeDirectory: /home/mtelford +gecos: Marco Telford +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1HT2pkQWl3akt3dFdLZEp3bDVKOEdQSC9KRDg9 +loginShell: /bin/bash + +dn: cn=Gillian Malekan+uid=gmalekan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gmalekan +uidNumber: 4314 +gidNumber: 1000 +givenName: Gillian +sn: Malekan +cn: Gillian Malekan +homeDirectory: /home/gmalekan +gecos: Gillian Malekan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1FZVBhZ1hOb0EyNnZoUmtZbTdNRmJnPT0= +loginShell: /bin/bash + +dn: cn=Lupit Konicki+uid=lkonicki,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lkonicki +uidNumber: 4315 +gidNumber: 1000 +givenName: Lupit +sn: Konicki +cn: Lupit Konicki +homeDirectory: /home/lkonicki +gecos: Lupit Konicki +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cGhlYXNhbnRz +loginShell: /bin/bash + +dn: cn=Jim Deaville,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jdeaville +uidNumber: 4316 +gidNumber: 1000 +givenName: Jim +sn: Deaville +cn: Jim Deaville +homeDirectory: /home/jdeaville +gecos: Jim Deaville +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1xN1JmM0JLejVGMzVaQXJIYjZITStBPT0= +loginShell: /bin/bash + +dn: uid=omontross,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: omontross +uidNumber: 4317 +gidNumber: 1000 +givenName: Omais +sn: Montross +cn: Omais Montross +homeDirectory: /home/omontross +gecos: Omais Montross +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cmV2ZWFsaW5ncw== +loginShell: /bin/bash + +dn: uid=jwinterton,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jwinterton +uidNumber: 4318 +gidNumber: 1000 +givenName: Jerry +sn: Winterton +cn: Jerry Winterton +homeDirectory: /home/jwinterton +gecos: Jerry Winterton +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9MW1RMUEwNjBzVGRSNThkQmxUbmYxbVN5TVRNPQ== +loginShell: /bin/bash + +dn: uid=cspilis,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cspilis +uidNumber: 4319 +gidNumber: 1000 +givenName: Cliff +sn: Spilis +cn: Cliff Spilis +homeDirectory: /home/cspilis +gecos: Cliff Spilis +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9L0dGM2puNXVRQUludU9kOG1lVzVhWVM0aHdqcno0c2o= +loginShell: /bin/bash + +dn: cn=Gordon Parker-Smith+uid=gparkersmith,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uidNumber: 4320 +gidNumber: 1000 +givenName: Gordon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RXk3T1NlSnQ5a0NaN0pnZUlhTk1hVFkrOGZjPQ== +loginShell: /bin/bash +cn: Gordon Parker-Smith +uid: gparkersmith +homeDirectory: /home/gparkersmith +gecos: Gordon Parker-Smith +sn: Parker-Smith + +dn: cn=Florence Lehenbauer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: flehenbauer +uidNumber: 4321 +gidNumber: 1000 +givenName: Florence +sn: Lehenbauer +cn: Florence Lehenbauer +homeDirectory: /home/flehenbauer +gecos: Florence Lehenbauer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVV5ZkpXWHFxWVAuei4= +loginShell: /bin/bash + +dn: uid=vcrofton,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vcrofton +uidNumber: 4322 +gidNumber: 1000 +givenName: Vamei +sn: Crofton +cn: Vamei Crofton +homeDirectory: /home/vcrofton +gecos: Vamei Crofton +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZW1icmFjZXM= +loginShell: /bin/bash + +dn: cn=Rick Workowski+uid=rworkowski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rworkowski +uidNumber: 4323 +gidNumber: 1000 +givenName: Rick +sn: Workowski +cn: Rick Workowski +homeDirectory: /home/rworkowski +gecos: Rick Workowski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWkwa2NMU09lOU02UXc= +loginShell: /bin/bash + +dn: uid=wlucken,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wlucken +uidNumber: 4324 +gidNumber: 1000 +givenName: Warona +sn: Lucken +cn: Warona Lucken +homeDirectory: /home/wlucken +gecos: Warona Lucken +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9cEE2dU1FYmk2WnY4RW9XVkpaTkNrck56U3l0Z29HVG0= +loginShell: /bin/bash + +dn: cn=Emau Jeppesen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ejeppesen +uidNumber: 4325 +gidNumber: 1000 +givenName: Emau +sn: Jeppesen +cn: Emau Jeppesen +homeDirectory: /home/ejeppesen +gecos: Emau Jeppesen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9MTFQazk3UG12MWZucUhRczcvbFY4bGRHdGlub0R1RmM= +loginShell: /bin/bash + +dn: uid=lgodlove,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lgodlove +uidNumber: 4326 +gidNumber: 1000 +givenName: Les +sn: Godlove +cn: Les Godlove +homeDirectory: /home/lgodlove +gecos: Les Godlove +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9Sjdpb1krYlovS2pPYkEwQ2o4YWlDUDAzVUxVPQ== +loginShell: /bin/bash + +dn: uid=hschrank,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hschrank +uidNumber: 4327 +gidNumber: 1000 +givenName: Harold +sn: Schrank +cn: Harold Schrank +homeDirectory: /home/hschrank +gecos: Harold Schrank +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWFTczJ1NHJBTjNsRFU= +loginShell: /bin/bash + +dn: uid=kmanin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kmanin +uidNumber: 4328 +gidNumber: 1000 +givenName: Katia +sn: Manin +cn: Katia Manin +homeDirectory: /home/kmanin +gecos: Katia Manin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1tK2tOeGt3ZlcxeVpQL0VkY3lxTm9BPT0= +loginShell: /bin/bash + +dn: uid=fsplinter,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fsplinter +uidNumber: 4329 +gidNumber: 1000 +givenName: Floyd +sn: Splinter +cn: Floyd Splinter +homeDirectory: /home/fsplinter +gecos: Floyd Splinter +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1RQkNlcENxSWpHYm93WlJORlNXNndzY25DRWs9 +loginShell: /bin/bash + +dn: uid=redling,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: redling +uidNumber: 4330 +gidNumber: 1000 +givenName: Rossana +sn: Edling +cn: Rossana Edling +homeDirectory: /home/redling +gecos: Rossana Edling +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX00UkxaUVNYeGRDbXZxajFqQ1U2dEtnPT0= +loginShell: /bin/bash + +dn: uid=nhayer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nhayer +uidNumber: 4331 +gidNumber: 1000 +givenName: Nida +sn: Hayer +cn: Nida Hayer +homeDirectory: /home/nhayer +gecos: Nida Hayer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1NUzIybjF2MFJIMytQRmlZTUlPMVR3PT0= +loginShell: /bin/bash + +dn: uid=bgavagan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bgavagan +uidNumber: 4332 +gidNumber: 1000 +givenName: Bill +sn: Gavagan +cn: Bill Gavagan +homeDirectory: /home/bgavagan +gecos: Bill Gavagan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9SnNUSStXNCtzVmlJbTVycmNRTHhJbkJtMTdnPQ== +loginShell: /bin/bash + +dn: cn=Edouard Mele+uid=emele,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: emele +uidNumber: 4333 +gidNumber: 1000 +givenName: Edouard +sn: Mele +cn: Edouard Mele +homeDirectory: /home/emele +gecos: Edouard Mele +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX16R3BwTm5wMU84QUZ0WlZ5dTNKbXdnPT0= +loginShell: /bin/bash + +dn: uid=ktaus,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ktaus +uidNumber: 4334 +gidNumber: 1000 +givenName: Koppu +sn: Taus +cn: Koppu Taus +homeDirectory: /home/ktaus +gecos: Koppu Taus +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9a3JyQWl4RTUzRHlQc0h5eXZweTNDMmYvSVg0PQ== +loginShell: /bin/bash + +dn: uid=tgelen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tgelen +uidNumber: 4335 +gidNumber: 1000 +givenName: Trami +sn: Gelen +cn: Trami Gelen +homeDirectory: /home/tgelen +gecos: Trami Gelen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9dUQzY0tMRis4cUJiWFZ2Z1ZCdS9SQWpmcEllN0FlQzY= +loginShell: /bin/bash + +dn: uid=bmicklos,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bmicklos +uidNumber: 4336 +gidNumber: 1000 +givenName: Barbara +sn: Micklos +cn: Barbara Micklos +homeDirectory: /home/bmicklos +gecos: Barbara Micklos +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTI0UEpoV25DZVVSaWs= +loginShell: /bin/bash + +dn: uid=khinckson,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: khinckson +uidNumber: 4337 +gidNumber: 1000 +givenName: Kai-Tak +sn: Hinckson +cn: Kai-Tak Hinckson +homeDirectory: /home/khinckson +gecos: Kai-Tak Hinckson +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9Q0tCdElnbGtSUS90akgxUjE0ZktRMWV6QlhNPQ== +loginShell: /bin/bash + +dn: uid=fgeris,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fgeris +uidNumber: 4338 +gidNumber: 1000 +givenName: Felicia +sn: Geris +cn: Felicia Geris +homeDirectory: /home/fgeris +gecos: Felicia Geris +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZGV2aXNlZA== +loginShell: /bin/bash + +dn: uid=mcook,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mcook +uidNumber: 4339 +gidNumber: 1000 +givenName: Marie +sn: Cook +cn: Marie Cook +homeDirectory: /home/mcook +gecos: Marie Cook +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZGV0ZWN0aW5n +loginShell: /bin/bash + +dn: uid=oport,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: oport +uidNumber: 4340 +gidNumber: 1000 +givenName: Oleka +sn: Port +cn: Oleka Port +homeDirectory: /home/oport +gecos: Oleka Port +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9eWhOaFBzNXJBcXppZHNkZVpMeWlUREQ1YVN3PQ== +loginShell: /bin/bash + +dn: uid=gmeece,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gmeece +uidNumber: 4341 +gidNumber: 1000 +givenName: Gil +sn: Meece +cn: Gil Meece +homeDirectory: /home/gmeece +gecos: Gil Meece +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cXB5RVNELzhmSEJENDMwK25qVnpwT2s5eXlNPQ== +loginShell: /bin/bash + +dn: uid=edack,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: edack +uidNumber: 4342 +gidNumber: 1000 +givenName: Emau +sn: Dack +cn: Emau Dack +homeDirectory: /home/edack +gecos: Emau Dack +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9aDZUTnI1QU0yOWZBOXphT0tSTytZN0o2cTZVPQ== +loginShell: /bin/bash + +dn: uid=aspiess,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: aspiess +uidNumber: 4343 +gidNumber: 1000 +givenName: Alicia +sn: Spiess +cn: Alicia Spiess +homeDirectory: /home/aspiess +gecos: Alicia Spiess +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9MXEvUlVFZzlKUlQ2N1BwS0VCN2ZCbDNDUU40VWJNc2o= +loginShell: /bin/bash + +dn: uid=walbrecht,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: walbrecht +uidNumber: 4344 +gidNumber: 1000 +givenName: Walter +sn: Albrecht +cn: Walter Albrecht +homeDirectory: /home/walbrecht +gecos: Walter Albrecht +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1FSzQ1cGwrMHUyN2pOeU1pbnJDWVB3PT0= +loginShell: /bin/bash + +dn: uid=pcoburn,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pcoburn +uidNumber: 4345 +gidNumber: 1000 +givenName: Prapiroon +sn: Coburn +cn: Prapiroon Coburn +homeDirectory: /home/pcoburn +gecos: Prapiroon Coburn +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfU80OHRiWlFTQUFSWlE= +loginShell: /bin/bash + +dn: cn=Keith Sparling,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ksparling +uidNumber: 4346 +gidNumber: 1000 +givenName: Keith +sn: Sparling +cn: Keith Sparling +homeDirectory: /home/ksparling +gecos: Keith Sparling +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bHVtYmVyJ3M= +loginShell: /bin/bash + +dn: cn=Dean Noneman+uid=dnoneman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dnoneman +uidNumber: 4347 +gidNumber: 1000 +givenName: Dean +sn: Noneman +cn: Dean Noneman +homeDirectory: /home/dnoneman +gecos: Dean Noneman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9aHRpUWZCbnk1Qng5b2laSENjMGtZanJJdWxvVmlNd0Y= +loginShell: /bin/bash + +dn: uid=icoard,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: icoard +uidNumber: 4348 +gidNumber: 1000 +givenName: Irwin +sn: Coard +cn: Irwin Coard +homeDirectory: /home/icoard +gecos: Irwin Coard +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0zVGJ4QmJtSzhqMGJJSzRnWmR1U3V0VE1pVkk9 +loginShell: /bin/bash + +dn: uid=ksoberanes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ksoberanes +uidNumber: 4349 +gidNumber: 1000 +givenName: Khanun +sn: Soberanes +cn: Khanun Soberanes +homeDirectory: /home/ksoberanes +gecos: Khanun Soberanes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX04LzJmbURpMDdScldEN1g2eWc5N3hnPT0= +loginShell: /bin/bash + +dn: cn=Utor Gammell+uid=ugammell,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ugammell +uidNumber: 4350 +gidNumber: 1000 +givenName: Utor +sn: Gammell +cn: Utor Gammell +homeDirectory: /home/ugammell +gecos: Utor Gammell +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1KVUxPZmV5bHNJVWVuUVhVdHN2aGk0dVNmMlE9 +loginShell: /bin/bash + +dn: uid=ghann,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ghann +uidNumber: 4351 +gidNumber: 1000 +givenName: Gamede +sn: Hann +cn: Gamede Hann +homeDirectory: /home/ghann +gecos: Gamede Hann +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX05RVUzck5jOC93d0llYWl1WXhZcEI1K2hEVms9 +loginShell: /bin/bash + +dn: cn=Victor Feigel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vfeigel +uidNumber: 4352 +gidNumber: 1000 +givenName: Victor +sn: Feigel +cn: Victor Feigel +homeDirectory: /home/vfeigel +gecos: Victor Feigel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1uY01aTVdLL1ZxUkZqSG8ydzdKTWd3PT0= +loginShell: /bin/bash + +dn: uid=zvagt,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zvagt +uidNumber: 4353 +gidNumber: 1000 +givenName: Zoelle +sn: Vagt +cn: Zoelle Vagt +homeDirectory: /home/zvagt +gecos: Zoelle Vagt +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9dzZkUWtldU5CeEk3NW03dFNwbDR2RmdFd3lZPQ== +loginShell: /bin/bash + +dn: cn=Marcus Tintle,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mtintle +uidNumber: 4354 +gidNumber: 1000 +givenName: Marcus +sn: Tintle +cn: Marcus Tintle +homeDirectory: /home/mtintle +gecos: Marcus Tintle +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cGF0aWVudHM= +loginShell: /bin/bash + +dn: uid=ikuboushek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ikuboushek +uidNumber: 4355 +gidNumber: 1000 +givenName: Irwin +sn: Kuboushek +cn: Irwin Kuboushek +homeDirectory: /home/ikuboushek +gecos: Irwin Kuboushek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1HbmoxeXBqeWxwS28xUWNqRHNTRHNRPT0= +loginShell: /bin/bash + +dn: uid=istruzik,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: istruzik +uidNumber: 4356 +gidNumber: 1000 +givenName: Ivan +sn: Struzik +cn: Ivan Struzik +homeDirectory: /home/istruzik +gecos: Ivan Struzik +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Z29yZ2Vz +loginShell: /bin/bash + +dn: uid=lgandee,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lgandee +uidNumber: 4357 +gidNumber: 1000 +givenName: Leslie +sn: Gandee +cn: Leslie Gandee +homeDirectory: /home/lgandee +gecos: Leslie Gandee +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWV3QzBQT0hTLmo1SGs= +loginShell: /bin/bash + +dn: uid=seroh,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: seroh +uidNumber: 4358 +gidNumber: 1000 +givenName: Sonamu +sn: Eroh +cn: Sonamu Eroh +homeDirectory: /home/seroh +gecos: Sonamu Eroh +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVdqdWUyTFZoWnd3Vk0= +loginShell: /bin/bash + +dn: cn=Cesar Rieck+uid=crieck,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: crieck +uidNumber: 4359 +gidNumber: 1000 +givenName: Cesar +sn: Rieck +cn: Cesar Rieck +homeDirectory: /home/crieck +gecos: Cesar Rieck +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXVqU2tHWWFVTGtpY1k= +loginShell: /bin/bash + +dn: uid=ghelderman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ghelderman +uidNumber: 4360 +gidNumber: 1000 +givenName: Gretel +sn: Helderman +cn: Gretel Helderman +homeDirectory: /home/ghelderman +gecos: Gretel Helderman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1HRUVrVVc2UThheWsrb3J3a0UzUjdkVEtUTkE9 +loginShell: /bin/bash + +dn: uid=bdadds,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bdadds +uidNumber: 4361 +gidNumber: 1000 +givenName: Beulah +sn: Dadds +cn: Beulah Dadds +homeDirectory: /home/bdadds +gecos: Beulah Dadds +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9cm9GRWZ6cS9zYVdEOE1HQkdoSkJ4alZvdUdYVktMRHY= +loginShell: /bin/bash + +dn: uid=ysnock,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ysnock +uidNumber: 4362 +gidNumber: 1000 +givenName: Yali +sn: Snock +cn: Yali Snock +homeDirectory: /home/ysnock +gecos: Yali Snock +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9L1FpOENOK1I1ckFFQkhlR250UnNaeWNRbjVQSTEvRng= +loginShell: /bin/bash + +dn: uid=esheehan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: esheehan +uidNumber: 4363 +gidNumber: 1000 +givenName: Ewiniar +sn: Sheehan +cn: Ewiniar Sheehan +homeDirectory: /home/esheehan +gecos: Ewiniar Sheehan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUNESzE1UXAvWWhESUE= +loginShell: /bin/bash + +dn: uid=lparrish,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lparrish +uidNumber: 4364 +gidNumber: 1000 +givenName: Lenny +sn: Parrish +cn: Lenny Parrish +homeDirectory: /home/lparrish +gecos: Lenny Parrish +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9N3F6N3NWRlQzMUpWMVo0WThOaEJyNFRPb1ZBPQ== +loginShell: /bin/bash + +dn: cn=Jaya Yeater,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jyeater +uidNumber: 4365 +gidNumber: 1000 +givenName: Jaya +sn: Yeater +cn: Jaya Yeater +homeDirectory: /home/jyeater +gecos: Jaya Yeater +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Yi81T1NsUU9JQ1I2NXJucUlzZzVYVlZNenBHOTBjMjc= +loginShell: /bin/bash + +dn: uid=mbosten,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mbosten +uidNumber: 4366 +gidNumber: 1000 +givenName: Mindule +sn: Bosten +cn: Mindule Bosten +homeDirectory: /home/mbosten +gecos: Mindule Bosten +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Z292ZXJub3Incw== +loginShell: /bin/bash + +dn: cn=Arlene Pancoast+uid=apancoast,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: apancoast +uidNumber: 4367 +gidNumber: 1000 +givenName: Arlene +sn: Pancoast +cn: Arlene Pancoast +homeDirectory: /home/apancoast +gecos: Arlene Pancoast +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9V1hhMDNPbyszcnV5aUtqM1UyWmUvWFpvRUg1SFUvYXk= +loginShell: /bin/bash + +dn: uid=fmulac,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fmulac +uidNumber: 4368 +gidNumber: 1000 +givenName: Fitow +sn: Mulac +cn: Fitow Mulac +homeDirectory: /home/fmulac +gecos: Fitow Mulac +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9VXplNWhweDc3cmE5VHQyOVRVblRBaTBSUXRmRUZBZ3U= +loginShell: /bin/bash + +dn: uid=rdubuisson,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rdubuisson +uidNumber: 4369 +gidNumber: 1000 +givenName: Reuben +sn: Dubuisson +cn: Reuben Dubuisson +homeDirectory: /home/rdubuisson +gecos: Reuben Dubuisson +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX05LzNsbGkyY05WUEVQTE1FSnkwdUlRPT0= +loginShell: /bin/bash + +dn: uid=vduffel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vduffel +uidNumber: 4370 +gidNumber: 1000 +givenName: Vania +sn: Duffel +cn: Vania Duffel +homeDirectory: /home/vduffel +gecos: Vania Duffel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YnJhaXNpbmc= +loginShell: /bin/bash + +dn: uid=yversluis,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: yversluis +uidNumber: 4371 +gidNumber: 1000 +givenName: Yvette +sn: Versluis +cn: Yvette Versluis +homeDirectory: /home/yversluis +gecos: Yvette Versluis +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1WQklvVVZzUzdWZDYrdUJKeDg0d3FBPT0= +loginShell: /bin/bash + +dn: uid=vleyton,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vleyton +uidNumber: 4372 +gidNumber: 1000 +givenName: Vince +sn: Leyton +cn: Vince Leyton +homeDirectory: /home/vleyton +gecos: Vince Leyton +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1MU3UyRDkreS8xTTJLU2FRdXA1QXBFa2RwK2s9 +loginShell: /bin/bash + +dn: uid=jcourtwright,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jcourtwright +uidNumber: 4373 +gidNumber: 1000 +givenName: Jimena +sn: Courtwright +cn: Jimena Courtwright +homeDirectory: /home/jcourtwright +gecos: Jimena Courtwright +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX10U05hdmZlbEtQdVhJaG85alovRUZ3dVVKR2M9 +loginShell: /bin/bash + +dn: uid=dflore,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dflore +uidNumber: 4374 +gidNumber: 1000 +givenName: Dean +sn: Flore +cn: Dean Flore +homeDirectory: /home/dflore +gecos: Dean Flore +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX01a2RVTzBkYm9IMzM0SDdHV3VFTlVaU1BScmM9 +loginShell: /bin/bash + +dn: uid=rcheshier,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rcheshier +uidNumber: 4375 +gidNumber: 1000 +givenName: Rebekah +sn: Cheshier +cn: Rebekah Cheshier +homeDirectory: /home/rcheshier +gecos: Rebekah Cheshier +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9OW42ejl4anhMWGZpTjRMcVZaQXlTbW9Xb3RMU3AvL0k= +loginShell: /bin/bash + +dn: uid=wbrill,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wbrill +uidNumber: 4376 +gidNumber: 1000 +givenName: Wallis +sn: Brill +cn: Wallis Brill +homeDirectory: /home/wbrill +gecos: Wallis Brill +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXh0aVdIcS4zdFFtYU0= +loginShell: /bin/bash + +dn: uid=ekalil,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ekalil +uidNumber: 4377 +gidNumber: 1000 +givenName: Epi +sn: Kalil +cn: Epi Kalil +homeDirectory: /home/ekalil +gecos: Epi Kalil +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfW11UERJM216M2RyMGM= +loginShell: /bin/bash + +dn: cn=Eva Kalfas+uid=ekalfas,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ekalfas +uidNumber: 4378 +gidNumber: 1000 +givenName: Eva +sn: Kalfas +cn: Eva Kalfas +homeDirectory: /home/ekalfas +gecos: Eva Kalfas +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9dXo2UXlYT3M2TmptRFNxUGM4VkFCQXQvSEdVPQ== +loginShell: /bin/bash + +dn: uid=timbier,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: timbier +uidNumber: 4379 +gidNumber: 1000 +givenName: Tui +sn: Imbier +cn: Tui Imbier +homeDirectory: /home/timbier +gecos: Tui Imbier +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXhoUUY3eG5Ea2hLTi4= +loginShell: /bin/bash + +dn: uid=usoltes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: usoltes +uidNumber: 4380 +gidNumber: 1000 +givenName: Usha +sn: Soltes +cn: Usha Soltes +homeDirectory: /home/usoltes +gecos: Usha Soltes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1YNjd4MGNWT1oxakRWZnRoeCtMNlRRM1hVRE09 +loginShell: /bin/bash + +dn: uid=nobregon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nobregon +uidNumber: 4381 +gidNumber: 1000 +givenName: Noguri +sn: Obregon +cn: Noguri Obregon +homeDirectory: /home/nobregon +gecos: Noguri Obregon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX05WktXeENUcDRzcEdmOHZvenNITmd3PT0= +loginShell: /bin/bash + +dn: uid=ihoa,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ihoa +uidNumber: 4382 +gidNumber: 1000 +givenName: Isis +sn: Hoa +cn: Isis Hoa +homeDirectory: /home/ihoa +gecos: Isis Hoa +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1LYUVtUEoycFJiZWZoSUYwZEhnR2dRPT0= +loginShell: /bin/bash + +dn: uid=jreigh,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jreigh +uidNumber: 4383 +gidNumber: 1000 +givenName: Jake +sn: Reigh +cn: Jake Reigh +homeDirectory: /home/jreigh +gecos: Jake Reigh +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX12ckZZMlZ4aWk4OVNxaXFISDFmRjR6QmllTW89 +loginShell: /bin/bash + +dn: uid=hhardan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hhardan +uidNumber: 4384 +gidNumber: 1000 +givenName: Harvey +sn: Hardan +cn: Harvey Hardan +homeDirectory: /home/hhardan +gecos: Harvey Hardan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9bmlOemRvcXk2dHlFUTBmRHpFeWgxbjhleVQ0PQ== +loginShell: /bin/bash + +dn: cn=Marinda Koelle+uid=mkoelle,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mkoelle +uidNumber: 4385 +gidNumber: 1000 +givenName: Marinda +sn: Koelle +cn: Marinda Koelle +homeDirectory: /home/mkoelle +gecos: Marinda Koelle +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9d25tTHNFZFY0Q3FDYi9vUTFCSmUralJzN0xNN2l2aEk= +loginShell: /bin/bash + +dn: cn=Krosa Giacalone+uid=kgiacalone,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kgiacalone +uidNumber: 4386 +gidNumber: 1000 +givenName: Krosa +sn: Giacalone +cn: Krosa Giacalone +homeDirectory: /home/kgiacalone +gecos: Krosa Giacalone +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c2lkZXRyYWNraW5n +loginShell: /bin/bash + +dn: cn=Bilis Zieba,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bzieba +uidNumber: 4387 +gidNumber: 1000 +givenName: Bilis +sn: Zieba +cn: Bilis Zieba +homeDirectory: /home/bzieba +gecos: Bilis Zieba +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YmFuam9z +loginShell: /bin/bash + +dn: uid=ncermeno,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ncermeno +uidNumber: 4388 +gidNumber: 1000 +givenName: Nathan +sn: Cermeno +cn: Nathan Cermeno +homeDirectory: /home/ncermeno +gecos: Nathan Cermeno +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVlIcWc0VS42TzJIUzI= +loginShell: /bin/bash + +dn: uid=emottillo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: emottillo +uidNumber: 4389 +gidNumber: 1000 +givenName: Elida +sn: Mottillo +cn: Elida Mottillo +homeDirectory: /home/emottillo +gecos: Elida Mottillo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0vYjNOY3R3ekl2RTFsTERTd1VIUVNGbGJEN2M9 +loginShell: /bin/bash + +dn: uid=adesgroseillie,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: adesgroseillie +uidNumber: 4390 +gidNumber: 1000 +givenName: Aka +sn: Desgroseillie +cn: Aka Desgroseillie +homeDirectory: /home/adesgroseillie +gecos: Aka Desgroseillie +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9a1lNRnpUcE5BeWFZR1pPVGMyZGZIVzd2VTVFPQ== +loginShell: /bin/bash + +dn: cn=Vicente Baldasaro+uid=vbaldasaro,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vbaldasaro +uidNumber: 4391 +gidNumber: 1000 +givenName: Vicente +sn: Baldasaro +cn: Vicente Baldasaro +homeDirectory: /home/vbaldasaro +gecos: Vicente Baldasaro +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1say9wRkVEeC9WS3pIbm9YVG1Gci9RPT0= +loginShell: /bin/bash + +dn: cn=May Brannin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mbrannin +uidNumber: 4392 +gidNumber: 1000 +givenName: May +sn: Brannin +cn: May Brannin +homeDirectory: /home/mbrannin +gecos: May Brannin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1QMnJkUDk2c2F6VCt1dnpFbTMzVGpVOHM4R0U9 +loginShell: /bin/bash + +dn: cn=Rick Hollmann+uid=rhollmann,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rhollmann +uidNumber: 4393 +gidNumber: 1000 +givenName: Rick +sn: Hollmann +cn: Rick Hollmann +homeDirectory: /home/rhollmann +gecos: Rick Hollmann +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9b09zL2FRZzdQQWxJU0dqd2ZnNzFMYmgvaU1RPQ== +loginShell: /bin/bash + +dn: cn=Ila Askin+uid=iaskin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: iaskin +uidNumber: 4394 +gidNumber: 1000 +givenName: Ila +sn: Askin +cn: Ila Askin +homeDirectory: /home/iaskin +gecos: Ila Askin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1aaktrYXN3bC9SSVp2QWtFR05SQnhQa1diV1k9 +loginShell: /bin/bash + +dn: uid=bveeneman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bveeneman +uidNumber: 4395 +gidNumber: 1000 +givenName: Barbara +sn: Veeneman +cn: Barbara Veeneman +homeDirectory: /home/bveeneman +gecos: Barbara Veeneman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWoxbldqM01IcXhQYnc= +loginShell: /bin/bash + +dn: uid=swolfertz,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: swolfertz +uidNumber: 4396 +gidNumber: 1000 +givenName: Susan +sn: Wolfertz +cn: Susan Wolfertz +homeDirectory: /home/swolfertz +gecos: Susan Wolfertz +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9RmJXQ2NyaHQvUzkyRVdZbFBDZll2WjA1YjlLaWxWbG4= +loginShell: /bin/bash + +dn: uid=fgrashot,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fgrashot +uidNumber: 4397 +gidNumber: 1000 +givenName: Francisco +sn: Grashot +cn: Francisco Grashot +homeDirectory: /home/fgrashot +gecos: Francisco Grashot +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cHJlZ25hbnQ= +loginShell: /bin/bash + +dn: uid=werrick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: werrick +uidNumber: 4398 +gidNumber: 1000 +givenName: Winnie +sn: Errick +cn: Winnie Errick +homeDirectory: /home/werrick +gecos: Winnie Errick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1iOUpsSVNwWnlyTXlsaE1RcllvM25nPT0= +loginShell: /bin/bash + +dn: uid=gwachowiak,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gwachowiak +uidNumber: 4399 +gidNumber: 1000 +givenName: Greg +sn: Wachowiak +cn: Greg Wachowiak +homeDirectory: /home/gwachowiak +gecos: Greg Wachowiak +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9b3RIUk9jZkUxOUFFMUhNMTduQXIvRExjdyt0Vzhrb0g= +loginShell: /bin/bash + +dn: uid=kottomaniello,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kottomaniello +uidNumber: 4400 +gidNumber: 1000 +givenName: Kara +sn: Ottomaniello +cn: Kara Ottomaniello +homeDirectory: /home/kottomaniello +gecos: Kara Ottomaniello +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9dGhNNlZ1QnJmSFF5Uyt3TENtTjNqVDZxb1Z1bzY2cUk= +loginShell: /bin/bash + +dn: uid=iracey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: iracey +uidNumber: 4401 +gidNumber: 1000 +givenName: Ilsa +sn: Racey +cn: Ilsa Racey +homeDirectory: /home/iracey +gecos: Ilsa Racey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cmV1c2Vk +loginShell: /bin/bash + +dn: cn=Wukong Menucci+uid=wmenucci,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wmenucci +uidNumber: 4402 +gidNumber: 1000 +givenName: Wukong +sn: Menucci +cn: Wukong Menucci +homeDirectory: /home/wmenucci +gecos: Wukong Menucci +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1PUk9nejNhVDdCZzVTNnRXQWZkT2wxSWVsNTQ9 +loginShell: /bin/bash + +dn: cn=Cathy Donnick+uid=cdonnick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cdonnick +uidNumber: 4403 +gidNumber: 1000 +givenName: Cathy +sn: Donnick +cn: Cathy Donnick +homeDirectory: /home/cdonnick +gecos: Cathy Donnick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cHJldGV4dA== +loginShell: /bin/bash + +dn: uid=oclunes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: oclunes +uidNumber: 4404 +gidNumber: 1000 +givenName: Olwyn +sn: Clunes +cn: Olwyn Clunes +homeDirectory: /home/oclunes +gecos: Olwyn Clunes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1aQzRybkNvZzRmY3g5clhDWGVneHhrVzBQbmc9 +loginShell: /bin/bash + +dn: uid=fblow,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fblow +uidNumber: 4405 +gidNumber: 1000 +givenName: Frank +sn: Blow +cn: Frank Blow +homeDirectory: /home/fblow +gecos: Frank Blow +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWJZMHc4Mzc1TzdYOFk= +loginShell: /bin/bash + +dn: uid=rgrigorov,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rgrigorov +uidNumber: 4406 +gidNumber: 1000 +givenName: Rabeca +sn: Grigorov +cn: Rabeca Grigorov +homeDirectory: /home/rgrigorov +gecos: Rabeca Grigorov +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX03b0wrbXpsU1p4Zk00dVZCNW5XdE1sTHgvazg9 +loginShell: /bin/bash + +dn: uid=choeger,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: choeger +uidNumber: 4407 +gidNumber: 1000 +givenName: Chanchu +sn: Hoeger +cn: Chanchu Hoeger +homeDirectory: /home/choeger +gecos: Chanchu Hoeger +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVgxcGIuZjRKM3dncC4= +loginShell: /bin/bash + +dn: uid=nrufus,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nrufus +uidNumber: 4408 +gidNumber: 1000 +givenName: Nadety +sn: Rufus +cn: Nadety Rufus +homeDirectory: /home/nrufus +gecos: Nadety Rufus +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1iUHhMeGZlSkEzVkR2WXpGTi9ZSlV3PT0= +loginShell: /bin/bash + +dn: uid=cdeckard,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cdeckard +uidNumber: 4409 +gidNumber: 1000 +givenName: Chantal +sn: Deckard +cn: Chantal Deckard +homeDirectory: /home/cdeckard +gecos: Chantal Deckard +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfS9oV1lldURzcWZHNC4= +loginShell: /bin/bash + +dn: uid=hlindemann,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hlindemann +uidNumber: 4410 +gidNumber: 1000 +givenName: Haiyan +sn: Lindemann +cn: Haiyan Lindemann +homeDirectory: /home/hlindemann +gecos: Haiyan Lindemann +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cGFyYWdyYXBoJ3M= +loginShell: /bin/bash + +dn: uid=splumlee,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: splumlee +uidNumber: 4411 +gidNumber: 1000 +givenName: Sean +sn: Plumlee +cn: Sean Plumlee +homeDirectory: /home/splumlee +gecos: Sean Plumlee +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVZwNTAwOE9ydG1ySkU= +loginShell: /bin/bash + +dn: uid=xstrawbridge,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: xstrawbridge +uidNumber: 4412 +gidNumber: 1000 +givenName: Xanda +sn: Strawbridge +cn: Xanda Strawbridge +homeDirectory: /home/xstrawbridge +gecos: Xanda Strawbridge +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0rcHVpQmxzWUtZK2hlbU1SMnpKRy9BPT0= +loginShell: /bin/bash + +dn: uid=ihanneman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ihanneman +uidNumber: 4413 +gidNumber: 1000 +givenName: Inez +sn: Hanneman +cn: Inez Hanneman +homeDirectory: /home/ihanneman +gecos: Inez Hanneman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTJWLktxM0lnbGtseTI= +loginShell: /bin/bash + +dn: uid=mstoffey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mstoffey +uidNumber: 4414 +gidNumber: 1000 +givenName: Madeline +sn: Stoffey +cn: Madeline Stoffey +homeDirectory: /home/mstoffey +gecos: Madeline Stoffey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9cjlHM3ZKbkM2ZTNrZ1VIWno0bHhZbFJ5L28rMkc1ZGo= +loginShell: /bin/bash + +dn: cn=Maka Waltemath,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mwaltemath +uidNumber: 4415 +gidNumber: 1000 +givenName: Maka +sn: Waltemath +cn: Maka Waltemath +homeDirectory: /home/mwaltemath +gecos: Maka Waltemath +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9WE1ndmhaSDJkaStzRmVuUEt4NDJMTE50YjU4PQ== +loginShell: /bin/bash + +dn: uid=fwaychowsky,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fwaychowsky +uidNumber: 4416 +gidNumber: 1000 +givenName: Florence +sn: Waychowsky +cn: Florence Waychowsky +homeDirectory: /home/fwaychowsky +gecos: Florence Waychowsky +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9blZNS05ucmorZmRta0VmMTRiRGtIODNIN093PQ== +loginShell: /bin/bash + +dn: cn=Nathan Asmar+uid=nasmar,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nasmar +uidNumber: 4417 +gidNumber: 1000 +givenName: Nathan +sn: Asmar +cn: Nathan Asmar +homeDirectory: /home/nasmar +gecos: Nathan Asmar +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9bXc2SVBXYXk0WTRmODJhWTA4SDc5NFhNTDFRUzd1WGQ= +loginShell: /bin/bash + +dn: cn=Nida Moren,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nmoren +uidNumber: 4418 +gidNumber: 1000 +givenName: Nida +sn: Moren +cn: Nida Moren +homeDirectory: /home/nmoren +gecos: Nida Moren +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9b0J1b0VvbGZ4WkNrRVl6NEcvak1tbURMRm1rPQ== +loginShell: /bin/bash + +dn: cn=Garry Lablanc+uid=glablanc,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: glablanc +uidNumber: 4419 +gidNumber: 1000 +givenName: Garry +sn: Lablanc +cn: Garry Lablanc +homeDirectory: /home/glablanc +gecos: Garry Lablanc +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9NERCYVhjb2xSOVNhWHBrUkZMYXU4d2w2V1JjPQ== +loginShell: /bin/bash + +dn: cn=Hondo Fludd+uid=hfludd,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hfludd +uidNumber: 4420 +gidNumber: 1000 +givenName: Hondo +sn: Fludd +cn: Hondo Fludd +homeDirectory: /home/hfludd +gecos: Hondo Fludd +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX03Q1ZJQkE5V2U2dUd1OFFMcjlMcVVpVVA1QkU9 +loginShell: /bin/bash + +dn: uid=sdrawec,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sdrawec +uidNumber: 4421 +gidNumber: 1000 +givenName: Sarika +sn: Drawec +cn: Sarika Drawec +homeDirectory: /home/sdrawec +gecos: Sarika Drawec +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX12RkRCQ1NsYU1RTjF3ZG5EZGo0TjRIMUFvWVE9 +loginShell: /bin/bash + +dn: uid=ssorce,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ssorce +uidNumber: 4422 +gidNumber: 1000 +givenName: Seymour +sn: Sorce +cn: Seymour Sorce +homeDirectory: /home/ssorce +gecos: Seymour Sorce +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX10YWdmMGZ2Z0tEbll0NjdHSkNwdEFBPT0= +loginShell: /bin/bash + +dn: uid=hrapisura,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hrapisura +uidNumber: 4423 +gidNumber: 1000 +givenName: Hector +sn: Rapisura +cn: Hector Rapisura +homeDirectory: /home/hrapisura +gecos: Hector Rapisura +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1UQmpPeGFjK2xZWWpISVhuWHU0N1VRPT0= +loginShell: /bin/bash + +dn: uid=nwehnes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nwehnes +uidNumber: 4424 +gidNumber: 1000 +givenName: Nicky +sn: Wehnes +cn: Nicky Wehnes +homeDirectory: /home/nwehnes +gecos: Nicky Wehnes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXdZMUpyejJhbTJ2TzY= +loginShell: /bin/bash + +dn: uid=pgermershausen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pgermershausen +uidNumber: 4425 +gidNumber: 1000 +givenName: Paka +sn: Germershausen +cn: Paka Germershausen +homeDirectory: /home/pgermershausen +gecos: Paka Germershausen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: b3V0Y2FzdGluZw== +loginShell: /bin/bash + +dn: uid=ubuscombe,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ubuscombe +uidNumber: 4426 +gidNumber: 1000 +givenName: Ulika +sn: Buscombe +cn: Ulika Buscombe +homeDirectory: /home/ubuscombe +gecos: Ulika Buscombe +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1oRTQ1S2wxc1F4d3l3RktBd2dBazF1SWFRSDQ9 +loginShell: /bin/bash + +dn: uid=pwashuk,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pwashuk +uidNumber: 4427 +gidNumber: 1000 +givenName: Podul +sn: Washuk +cn: Podul Washuk +homeDirectory: /home/pwashuk +gecos: Podul Washuk +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RGtMRXFhNVhDYnRSaHdFMnZUOTBoQnNhWXp3PQ== +loginShell: /bin/bash + +dn: cn=Ana Poncedeleon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: aponcedeleon +uidNumber: 4428 +gidNumber: 1000 +givenName: Ana +sn: Poncedeleon +cn: Ana Poncedeleon +homeDirectory: /home/aponcedeleon +gecos: Ana Poncedeleon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9RlRFVDlrL2hlMW4wRUQ4c0VJTTgwYWR2US84d0xNU1c= +loginShell: /bin/bash + +dn: cn=Otis Duba+uid=oduba,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: oduba +uidNumber: 4429 +gidNumber: 1000 +givenName: Otis +sn: Duba +cn: Otis Duba +homeDirectory: /home/oduba +gecos: Otis Duba +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9MkorMlZ2UDgzSk1sRnRVZWx0WjdUZlp6REpKandHUFE= +loginShell: /bin/bash + +dn: uid=cbelardo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cbelardo +uidNumber: 4430 +gidNumber: 1000 +givenName: Camille +sn: Belardo +cn: Camille Belardo +homeDirectory: /home/cbelardo +gecos: Camille Belardo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1ucmNacTFWeHl1NWZOdlpoaVRmM0d3PT0= +loginShell: /bin/bash + +dn: uid=rgothro,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rgothro +uidNumber: 4431 +gidNumber: 1000 +givenName: Rick +sn: Gothro +cn: Rick Gothro +homeDirectory: /home/rgothro +gecos: Rick Gothro +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1PQzlIVzV2QUlibkVCYXdIeFNMSjBQbmYwb3M9 +loginShell: /bin/bash + +dn: uid=hmachesky,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hmachesky +uidNumber: 4432 +gidNumber: 1000 +givenName: Hilda +sn: Machesky +cn: Hilda Machesky +homeDirectory: /home/hmachesky +gecos: Hilda Machesky +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXJaSWZKNmpMdW5NLzI= +loginShell: /bin/bash + +dn: cn=Trevor Stalworth+uid=tstalworth,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tstalworth +uidNumber: 4433 +gidNumber: 1000 +givenName: Trevor +sn: Stalworth +cn: Trevor Stalworth +homeDirectory: /home/tstalworth +gecos: Trevor Stalworth +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX15YzdTL2FZWlNFSXdBQXgwZ0lzTlgyK3FVRmM9 +loginShell: /bin/bash + +dn: cn=Carlos Scullion,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cscullion +uidNumber: 4434 +gidNumber: 1000 +givenName: Carlos +sn: Scullion +cn: Carlos Scullion +homeDirectory: /home/cscullion +gecos: Carlos Scullion +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX13SGpFbzAwNk9EWnhvaDNjRDF3R3pnPT0= +loginShell: /bin/bash + +dn: cn=Dianne Asiedu+uid=dasiedu,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dasiedu +uidNumber: 4435 +gidNumber: 1000 +givenName: Dianne +sn: Asiedu +cn: Dianne Asiedu +homeDirectory: /home/dasiedu +gecos: Dianne Asiedu +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aW5oYWJpdGluZw== +loginShell: /bin/bash + +dn: uid=kswirsky,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kswirsky +uidNumber: 4436 +gidNumber: 1000 +givenName: Kyle +sn: Swirsky +cn: Kyle Swirsky +homeDirectory: /home/kswirsky +gecos: Kyle Swirsky +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1IUTVZNUhIVlRQSXZJUTB2Z1NIWTh2VXdISWs9 +loginShell: /bin/bash + +dn: cn=Hagar Karney,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hkarney +uidNumber: 4437 +gidNumber: 1000 +givenName: Hagar +sn: Karney +cn: Hagar Karney +homeDirectory: /home/hkarney +gecos: Hagar Karney +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ZkxNTmJDTmpMaDNUWHo5TmpqVEcvSkFkbUZnPQ== +loginShell: /bin/bash + +dn: uid=ibuzo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ibuzo +uidNumber: 4438 +gidNumber: 1000 +givenName: Irene +sn: Buzo +cn: Irene Buzo +homeDirectory: /home/ibuzo +gecos: Irene Buzo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Z3JleXM= +loginShell: /bin/bash + +dn: cn=Warwick Worf+uid=wworf,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wworf +uidNumber: 4439 +gidNumber: 1000 +givenName: Warwick +sn: Worf +cn: Warwick Worf +homeDirectory: /home/wworf +gecos: Warwick Worf +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1DZHJoeERzdm55QVpaK1BxS3lRL2RGMU9OQmM9 +loginShell: /bin/bash + +dn: uid=ukins,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ukins +uidNumber: 4440 +gidNumber: 1000 +givenName: Uka +sn: Kins +cn: Uka Kins +homeDirectory: /home/ukins +gecos: Uka Kins +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: b2Jlc2U= +loginShell: /bin/bash + +dn: uid=hdecristofaro,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hdecristofaro +uidNumber: 4441 +gidNumber: 1000 +givenName: Hernan +sn: Decristofaro +cn: Hernan Decristofaro +homeDirectory: /home/hdecristofaro +gecos: Hernan Decristofaro +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y2F0bmlwJ3M= +loginShell: /bin/bash + +dn: uid=hwoodert,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hwoodert +uidNumber: 4442 +gidNumber: 1000 +givenName: Henriette +sn: Woodert +cn: Henriette Woodert +homeDirectory: /home/hwoodert +gecos: Henriette Woodert +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWNCMzlIRXZRUjUvMFU= +loginShell: /bin/bash + +dn: cn=Mindule Pilon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mpilon +uidNumber: 4443 +gidNumber: 1000 +givenName: Mindule +sn: Pilon +cn: Mindule Pilon +homeDirectory: /home/mpilon +gecos: Mindule Pilon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9RUV2SGZrelRETU0yMGV0b1RHNjRIeFYvZ2hIdzVuSzE= +loginShell: /bin/bash + +dn: uid=pzutell,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pzutell +uidNumber: 4444 +gidNumber: 1000 +givenName: Priscilla +sn: Zutell +cn: Priscilla Zutell +homeDirectory: /home/pzutell +gecos: Priscilla Zutell +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXJlbDYxalVmTXN2UTY= +loginShell: /bin/bash + +dn: uid=hhagee,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hhagee +uidNumber: 4445 +gidNumber: 1000 +givenName: Hagar +sn: Hagee +cn: Hagar Hagee +homeDirectory: /home/hhagee +gecos: Hagar Hagee +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1YTUhHc3E5K0Q0d3FkSHhSdSsyempKR1BCajA9 +loginShell: /bin/bash + +dn: uid=pkillingworth,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pkillingworth +uidNumber: 4446 +gidNumber: 1000 +givenName: Phanfone +sn: Killingworth +cn: Phanfone Killingworth +homeDirectory: /home/pkillingworth +gecos: Phanfone Killingworth +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1nTTlVY2RteFR6NDZwcmVHK3VWNUMxelZtanM9 +loginShell: /bin/bash + +dn: uid=cjody,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cjody +uidNumber: 4447 +gidNumber: 1000 +givenName: Celina +sn: Jody +cn: Celina Jody +homeDirectory: /home/cjody +gecos: Celina Jody +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX00Yll2MXlDQ1dWWHJuUFE5NDBEbEVlREtMZ2s9 +loginShell: /bin/bash + +dn: uid=mcoch,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mcoch +uidNumber: 4448 +gidNumber: 1000 +givenName: May +sn: Coch +cn: May Coch +homeDirectory: /home/mcoch +gecos: May Coch +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9R0hpbXczQUdLUjcyRUVvUk14YXR5dXRoZkUyWTNIb28= +loginShell: /bin/bash + +dn: uid=dclardy,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dclardy +uidNumber: 4449 +gidNumber: 1000 +givenName: David +sn: Clardy +cn: David Clardy +homeDirectory: /home/dclardy +gecos: David Clardy +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9K21ieFRrRGU3NUhKb1ZBWE1MT1NmdXg5Q0trOFlZZlE= +loginShell: /bin/bash + +dn: uid=arosel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: arosel +uidNumber: 4450 +gidNumber: 1000 +givenName: Allen +sn: Rosel +cn: Allen Rosel +homeDirectory: /home/arosel +gecos: Allen Rosel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1yVnZJNFZOa2w3ZmpDUUFGTUtsbE1reW42UTA9 +loginShell: /bin/bash + +dn: uid=eorofino,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eorofino +uidNumber: 4451 +gidNumber: 1000 +givenName: Elida +sn: Orofino +cn: Elida Orofino +homeDirectory: /home/eorofino +gecos: Elida Orofino +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1Kamt6d0kxaWpqajlQWDJNYXcvWGEyOGZ3Mkk9 +loginShell: /bin/bash + +dn: uid=bromano,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bromano +uidNumber: 4452 +gidNumber: 1000 +givenName: Barbara +sn: Romano +cn: Barbara Romano +homeDirectory: /home/bromano +gecos: Barbara Romano +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX16N3RzUk55TEVUbW1lell2TWV0cDZRPT0= +loginShell: /bin/bash + +dn: cn=Dolores Dobrowski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ddobrowski +uidNumber: 4453 +gidNumber: 1000 +givenName: Dolores +sn: Dobrowski +cn: Dolores Dobrowski +homeDirectory: /home/ddobrowski +gecos: Dolores Dobrowski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: am9nZ2Vy +loginShell: /bin/bash + +dn: uid=ohove,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ohove +uidNumber: 4454 +gidNumber: 1000 +givenName: Odile +sn: Hove +cn: Odile Hove +homeDirectory: /home/ohove +gecos: Odile Hove +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RGt2ZlJRWDJrVzN5NE1sY3JJdWJJUGdabktZPQ== +loginShell: /bin/bash + +dn: uid=xcilva,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: xcilva +uidNumber: 4455 +gidNumber: 1000 +givenName: Xavier +sn: Cilva +cn: Xavier Cilva +homeDirectory: /home/xcilva +gecos: Xavier Cilva +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0xTTdIblRuVlhsYzZOTlBMWWs2QXFRPT0= +loginShell: /bin/bash + +dn: uid=nrysavy,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nrysavy +uidNumber: 4456 +gidNumber: 1000 +givenName: Nate +sn: Rysavy +cn: Nate Rysavy +homeDirectory: /home/nrysavy +gecos: Nate Rysavy +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1VZUVrcnZHeC9zNzg2bUJJdjRzTkxRPT0= +loginShell: /bin/bash + +dn: uid=kpenale,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kpenale +uidNumber: 4457 +gidNumber: 1000 +givenName: Kai-Tak +sn: Penale +cn: Kai-Tak Penale +homeDirectory: /home/kpenale +gecos: Kai-Tak Penale +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1JOThVNDJLcHFKUkphcmdKTWQxS0JnPT0= +loginShell: /bin/bash + +dn: cn=Reuben Silberman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rsilberman +uidNumber: 4458 +gidNumber: 1000 +givenName: Reuben +sn: Silberman +cn: Reuben Silberman +homeDirectory: /home/rsilberman +gecos: Reuben Silberman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWN3UlRYejJQWW45RWc= +loginShell: /bin/bash + +dn: uid=vballina,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vballina +uidNumber: 4459 +gidNumber: 1000 +givenName: Vivian +sn: Ballina +cn: Vivian Ballina +homeDirectory: /home/vballina +gecos: Vivian Ballina +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0xNlplTGp0ZEQzN2RpTy9ZNE8xNlhUbjM0V0U9 +loginShell: /bin/bash + +dn: uid=zhaulk,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zhaulk +uidNumber: 4460 +gidNumber: 1000 +givenName: Zelia +sn: Haulk +cn: Zelia Haulk +homeDirectory: /home/zhaulk +gecos: Zelia Haulk +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0zcFFIaFlqN3N4WVpyZUFJUk0waXRRPT0= +loginShell: /bin/bash + +dn: uid=leberhardt,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: leberhardt +uidNumber: 4461 +gidNumber: 1000 +givenName: Leon +sn: Eberhardt +cn: Leon Eberhardt +homeDirectory: /home/leberhardt +gecos: Leon Eberhardt +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9SzR4VjV2TnA5aDlEZHRpeGFFUjc3MVdnZXE3QlBOZnE= +loginShell: /bin/bash + +dn: uid=phyers,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: phyers +uidNumber: 4462 +gidNumber: 1000 +givenName: Paula +sn: Hyers +cn: Paula Hyers +homeDirectory: /home/phyers +gecos: Paula Hyers +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1uMk80c3kxNVROcFE1d00wTDdZdFBYcUFQaWc9 +loginShell: /bin/bash + +dn: uid=satkins,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: satkins +uidNumber: 4463 +gidNumber: 1000 +givenName: Sally +sn: Atkins +cn: Sally Atkins +homeDirectory: /home/satkins +gecos: Sally Atkins +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9M1hIU2tOZEJBQ295SHNGKzBDTjh1bHpycGdZPQ== +loginShell: /bin/bash + +dn: cn=Elia Mathwich,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: emathwich +uidNumber: 4464 +gidNumber: 1000 +givenName: Elia +sn: Mathwich +cn: Elia Mathwich +homeDirectory: /home/emathwich +gecos: Elia Mathwich +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfS9aN3hXc3dPWi9zazI= +loginShell: /bin/bash + +dn: uid=nnocella,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nnocella +uidNumber: 4465 +gidNumber: 1000 +givenName: Nangka +sn: Nocella +cn: Nangka Nocella +homeDirectory: /home/nnocella +gecos: Nangka Nocella +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1MMklhbkw4Nk5ldlVvTE8wY0JKTHFRPT0= +loginShell: /bin/bash + +dn: cn=Daniel Civiello+uid=dciviello,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dciviello +uidNumber: 4466 +gidNumber: 1000 +givenName: Daniel +sn: Civiello +cn: Daniel Civiello +homeDirectory: /home/dciviello +gecos: Daniel Civiello +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9M2Robm40ZXdaQTJvZ0VwRnMveFF2QmRFdjh5aFA1Ris= +loginShell: /bin/bash + +dn: uid=zneeb,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zneeb +uidNumber: 4467 +gidNumber: 1000 +givenName: Zuman +sn: Neeb +cn: Zuman Neeb +homeDirectory: /home/zneeb +gecos: Zuman Neeb +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZW51bWVyYXRpb24= +loginShell: /bin/bash + +dn: uid=mvas,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mvas +uidNumber: 4468 +gidNumber: 1000 +givenName: Maemi +sn: Vas +cn: Maemi Vas +homeDirectory: /home/mvas +gecos: Maemi Vas +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9R2RkaHJ0WVgxR1VJeExZNm8xM1Q0MWtFdDdjPQ== +loginShell: /bin/bash + +dn: uid=mcampagnone,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mcampagnone +uidNumber: 4469 +gidNumber: 1000 +givenName: Mele +sn: Campagnone +cn: Mele Campagnone +homeDirectory: /home/mcampagnone +gecos: Mele Campagnone +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y29udGVtcG9yYXJ5 +loginShell: /bin/bash + +dn: cn=Amos Mccroskey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: amccroskey +uidNumber: 4470 +gidNumber: 1000 +givenName: Amos +sn: Mccroskey +cn: Amos Mccroskey +homeDirectory: /home/amccroskey +gecos: Amos Mccroskey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: d3JlYWs= +loginShell: /bin/bash + +dn: uid=hmitchusson,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hmitchusson +uidNumber: 4471 +gidNumber: 1000 +givenName: Howard +sn: Mitchusson +cn: Howard Mitchusson +homeDirectory: /home/hmitchusson +gecos: Howard Mitchusson +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3BlY2sncw== +loginShell: /bin/bash + +dn: uid=gishii,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gishii +uidNumber: 4472 +gidNumber: 1000 +givenName: Grant +sn: Ishii +cn: Grant Ishii +homeDirectory: /home/gishii +gecos: Grant Ishii +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1yeHN0dmhzc09uV2p3eWM4WHlWZStNbzREdkE9 +loginShell: /bin/bash + +dn: cn=Choi-wan Ghianni,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cghianni +uidNumber: 4473 +gidNumber: 1000 +givenName: Choi-wan +sn: Ghianni +cn: Choi-wan Ghianni +homeDirectory: /home/cghianni +gecos: Choi-wan Ghianni +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1XSEEreDUvaW1yMUpPWG8xT2pvU05EVFVIM3c9 +loginShell: /bin/bash + +dn: uid=pvirelli,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pvirelli +uidNumber: 4474 +gidNumber: 1000 +givenName: Pami +sn: Virelli +cn: Pami Virelli +homeDirectory: /home/pvirelli +gecos: Pami Virelli +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9djM1Ni91UGl1T01ueFV4bFlwc24xcURubjlpcktRWUU= +loginShell: /bin/bash + +dn: cn=Errol Klein,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eklein +uidNumber: 4475 +gidNumber: 1000 +givenName: Errol +sn: Klein +cn: Errol Klein +homeDirectory: /home/eklein +gecos: Errol Klein +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1DNkFQdWE2d3NaZmx4UGFGUUlsc3d4QkUyUzQ9 +loginShell: /bin/bash + +dn: cn=Man-yi Viverette+uid=mviverette,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mviverette +uidNumber: 4476 +gidNumber: 1000 +givenName: Man-yi +sn: Viverette +cn: Man-yi Viverette +homeDirectory: /home/mviverette +gecos: Man-yi Viverette +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aG93ZHk= +loginShell: /bin/bash + +dn: uid=dgosser,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dgosser +uidNumber: 4477 +gidNumber: 1000 +givenName: Douglas +sn: Gosser +cn: Douglas Gosser +homeDirectory: /home/dgosser +gecos: Douglas Gosser +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1seFVpMWV1K2hmaURQK3FNM1U1NEFmMmpzbUU9 +loginShell: /bin/bash + +dn: uid=bfishbeck,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bfishbeck +uidNumber: 4478 +gidNumber: 1000 +givenName: Becky +sn: Fishbeck +cn: Becky Fishbeck +homeDirectory: /home/bfishbeck +gecos: Becky Fishbeck +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ZjdydVErM1ltcFhjOEJ5NWVxMVBUYzNKWHhBc0dZM0U= +loginShell: /bin/bash + +dn: uid=htomlinson,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: htomlinson +uidNumber: 4479 +gidNumber: 1000 +givenName: Hagar +sn: Tomlinson +cn: Hagar Tomlinson +homeDirectory: /home/htomlinson +gecos: Hagar Tomlinson +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9NmdWN25UeWNyR2YrcTlzZGZidDhBMHpHRStrWkM0RTQ= +loginShell: /bin/bash + +dn: uid=nmesser,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nmesser +uidNumber: 4480 +gidNumber: 1000 +givenName: Nat +sn: Messer +cn: Nat Messer +homeDirectory: /home/nmesser +gecos: Nat Messer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXJnR0N0QVlOWlBKLlE= +loginShell: /bin/bash + +dn: uid=rasrari,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rasrari +uidNumber: 4481 +gidNumber: 1000 +givenName: Rosie +sn: Asrari +cn: Rosie Asrari +homeDirectory: /home/rasrari +gecos: Rosie Asrari +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9WXVrSld5NHd0UWZxOXdXdHUvY3B4NjhQdlFDSkZBR3M= +loginShell: /bin/bash + +dn: cn=Betsy Scadden,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bscadden +uidNumber: 4482 +gidNumber: 1000 +givenName: Betsy +sn: Scadden +cn: Betsy Scadden +homeDirectory: /home/bscadden +gecos: Betsy Scadden +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1IaUZRUVl6b2tTUndiaEtPQzNLcGFRPT0= +loginShell: /bin/bash + +dn: uid=xmcnerney,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: xmcnerney +uidNumber: 4483 +gidNumber: 1000 +givenName: Xina +sn: Mcnerney +cn: Xina Mcnerney +homeDirectory: /home/xmcnerney +gecos: Xina Mcnerney +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: dHJhbnNpdHM= +loginShell: /bin/bash + +dn: uid=afuchs,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: afuchs +uidNumber: 4484 +gidNumber: 1000 +givenName: Alvin +sn: Fuchs +cn: Alvin Fuchs +homeDirectory: /home/afuchs +gecos: Alvin Fuchs +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1VWFdSeng3akV3YkJ0aEZkUCtkK2JnPT0= +loginShell: /bin/bash + +dn: cn=Humba Haffey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hhaffey +uidNumber: 4485 +gidNumber: 1000 +givenName: Humba +sn: Haffey +cn: Humba Haffey +homeDirectory: /home/hhaffey +gecos: Humba Haffey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0xN2hZQWJFRHk1cFNYRmpmSEpqRTBnPT0= +loginShell: /bin/bash + +dn: uid=hbarrale,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hbarrale +uidNumber: 4486 +gidNumber: 1000 +givenName: Hubert +sn: Barrale +cn: Hubert Barrale +homeDirectory: /home/hbarrale +gecos: Hubert Barrale +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9elB3RFYvbVZWUW1NdkhvUWhseWpIUEVFM3hrPQ== +loginShell: /bin/bash + +dn: cn=Opal Hedlund,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ohedlund +uidNumber: 4487 +gidNumber: 1000 +givenName: Opal +sn: Hedlund +cn: Opal Hedlund +homeDirectory: /home/ohedlund +gecos: Opal Hedlund +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9bXJKemRxV2d5YnpFWFRKT3hsaXdKbjBuWDRvPQ== +loginShell: /bin/bash + +dn: uid=imayette,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: imayette +uidNumber: 4488 +gidNumber: 1000 +givenName: Inez +sn: Mayette +cn: Inez Mayette +homeDirectory: /home/imayette +gecos: Inez Mayette +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9eGVtWGN6WlFjZ3VMNzZxZ1JEbytKNkdxbjNUc2ROcTA= +loginShell: /bin/bash + +dn: cn=Tembin Helfritz,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: thelfritz +uidNumber: 4489 +gidNumber: 1000 +givenName: Tembin +sn: Helfritz +cn: Tembin Helfritz +homeDirectory: /home/thelfritz +gecos: Tembin Helfritz +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9V3ZBemQvdTVCTUlwVFJ5QTladFhWYWk4bG9QQTJFTGY= +loginShell: /bin/bash + +dn: uid=ssarabando,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ssarabando +uidNumber: 4490 +gidNumber: 1000 +givenName: Sanvu +sn: Sarabando +cn: Sanvu Sarabando +homeDirectory: /home/ssarabando +gecos: Sanvu Sarabando +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9dVV4TlN6Nld2OXBNNWI2dHQ3UkVZR1pVUTEweW5GWEE= +loginShell: /bin/bash + +dn: uid=svandewalle,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: svandewalle +uidNumber: 4491 +gidNumber: 1000 +givenName: Sepat +sn: Vandewalle +cn: Sepat Vandewalle +homeDirectory: /home/svandewalle +gecos: Sepat Vandewalle +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cURidGRkTC9zaGlwQTlMeW1qNVh5S1NrcWZNPQ== +loginShell: /bin/bash + +dn: uid=ocornelison,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ocornelison +uidNumber: 4492 +gidNumber: 1000 +givenName: Olwyn +sn: Cornelison +cn: Olwyn Cornelison +homeDirectory: /home/ocornelison +gecos: Olwyn Cornelison +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1XMk5nQTJTdmRqWUhTb2QxTk56TW9lbWRzYUE9 +loginShell: /bin/bash + +dn: uid=vkrug,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vkrug +uidNumber: 4493 +gidNumber: 1000 +givenName: Van +sn: Krug +cn: Van Krug +homeDirectory: /home/vkrug +gecos: Van Krug +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1wc3hSWm5Oa1kyRVNkS2M3cHJzV1hIbnZjZTg9 +loginShell: /bin/bash + +dn: uid=lsingletary,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lsingletary +uidNumber: 4494 +gidNumber: 1000 +givenName: Lindsay +sn: Singletary +cn: Lindsay Singletary +homeDirectory: /home/lsingletary +gecos: Lindsay Singletary +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9V3ZVd0I0c29SeVZ1RHBCaTF6L2hYNGR4dW9qSGhYdXg= +loginShell: /bin/bash + +dn: uid=yautin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: yautin +uidNumber: 4495 +gidNumber: 1000 +givenName: Yone +sn: Autin +cn: Yone Autin +homeDirectory: /home/yautin +gecos: Yone Autin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX14WS9VTytrN21KQ1EyeWZTREFMMkVSSldWcHc9 +loginShell: /bin/bash + +dn: uid=skever,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: skever +uidNumber: 4496 +gidNumber: 1000 +givenName: Sepat +sn: Kever +cn: Sepat Kever +homeDirectory: /home/skever +gecos: Sepat Kever +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1ETExCZVFIOFRYRmNaaE0yWFFKejZBPT0= +loginShell: /bin/bash + +dn: uid=kpantoja,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kpantoja +uidNumber: 4497 +gidNumber: 1000 +givenName: Kevin +sn: Pantoja +cn: Kevin Pantoja +homeDirectory: /home/kpantoja +gecos: Kevin Pantoja +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1qb09adUdRbHk5REVrSTFhcHVuSU1KUTlKUzQ9 +loginShell: /bin/bash + +dn: cn=Eva Spyies+uid=espyies,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: espyies +uidNumber: 4498 +gidNumber: 1000 +givenName: Eva +sn: Spyies +cn: Eva Spyies +homeDirectory: /home/espyies +gecos: Eva Spyies +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1pb2VwYlFxSUlEZUpRYVR5WGZwRWh0aGRwMUU9 +loginShell: /bin/bash + +dn: uid=fburrough,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fburrough +uidNumber: 4499 +gidNumber: 1000 +givenName: Fletcher +sn: Burrough +cn: Fletcher Burrough +homeDirectory: /home/fburrough +gecos: Fletcher Burrough +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9eFFFdndlT3M2MG5hK0pqN09kYUIyYzFhQTJCVmpiRis= +loginShell: /bin/bash + +dn: uid=badair,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: badair +uidNumber: 4500 +gidNumber: 1000 +givenName: Bertie +sn: Adair +cn: Bertie Adair +homeDirectory: /home/badair +gecos: Bertie Adair +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUNBa01kd0IvQWgyeTI= +loginShell: /bin/bash + +dn: uid=vglidden,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vglidden +uidNumber: 4501 +gidNumber: 1000 +givenName: Victor +sn: Glidden +cn: Victor Glidden +homeDirectory: /home/vglidden +gecos: Victor Glidden +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Z3JhbmRzdGFuZGVk +loginShell: /bin/bash + +dn: cn=Ernesto Ziebert+uid=eziebert,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eziebert +uidNumber: 4502 +gidNumber: 1000 +givenName: Ernesto +sn: Ziebert +cn: Ernesto Ziebert +homeDirectory: /home/eziebert +gecos: Ernesto Ziebert +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9OXh2UGluSTU4RzIwRlF5cXZIN0hyOXRrUHdnPQ== +loginShell: /bin/bash + +dn: uid=gapkin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gapkin +uidNumber: 4503 +gidNumber: 1000 +givenName: Gaston +sn: Apkin +cn: Gaston Apkin +homeDirectory: /home/gapkin +gecos: Gaston Apkin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9UXBMMDFnYjdVQ2JSQUl3dE9PN2tzV1AySXVHb3lCR0Y= +loginShell: /bin/bash + +dn: uid=gthorson,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gthorson +uidNumber: 4504 +gidNumber: 1000 +givenName: Gert +sn: Thorson +cn: Gert Thorson +homeDirectory: /home/gthorson +gecos: Gert Thorson +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1FSVJXYnJGRDQ2V1JCYXo2N2xvVXVFekhGaGc9 +loginShell: /bin/bash + +dn: cn=Trudy Magel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tmagel +uidNumber: 4505 +gidNumber: 1000 +givenName: Trudy +sn: Magel +cn: Trudy Magel +homeDirectory: /home/tmagel +gecos: Trudy Magel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aGlwcGVk +loginShell: /bin/bash + +dn: uid=ccrape,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ccrape +uidNumber: 4506 +gidNumber: 1000 +givenName: Clare +sn: Crape +cn: Clare Crape +homeDirectory: /home/ccrape +gecos: Clare Crape +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXQ2VW56VEVYM29KOE0= +loginShell: /bin/bash + +dn: uid=zborgmeyer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zborgmeyer +uidNumber: 4507 +gidNumber: 1000 +givenName: Zoe +sn: Borgmeyer +cn: Zoe Borgmeyer +homeDirectory: /home/zborgmeyer +gecos: Zoe Borgmeyer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXczTzhyZTlhVG84UFk= +loginShell: /bin/bash + +dn: uid=bstrede,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bstrede +uidNumber: 4508 +gidNumber: 1000 +givenName: Bart +sn: Strede +cn: Bart Strede +homeDirectory: /home/bstrede +gecos: Bart Strede +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9OVJENmZhVTd2cm1meER1dmQzSXBmbS9JVjN3PQ== +loginShell: /bin/bash + +dn: uid=ubenken,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ubenken +uidNumber: 4509 +gidNumber: 1000 +givenName: Ume +sn: Benken +cn: Ume Benken +homeDirectory: /home/ubenken +gecos: Ume Benken +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ZFNLUnR0TUNxS3VaSVg5cWNCVFVBWkY2aFN4eEVUbTM= +loginShell: /bin/bash + +dn: uid=dscialpi,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dscialpi +uidNumber: 4510 +gidNumber: 1000 +givenName: Dama +sn: Scialpi +cn: Dama Scialpi +homeDirectory: /home/dscialpi +gecos: Dama Scialpi +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ejQwblZYN2U0SjcrU3p3aWgrUUtidm9GcG1NPQ== +loginShell: /bin/bash + +dn: uid=ejuedes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ejuedes +uidNumber: 4511 +gidNumber: 1000 +givenName: Eva +sn: Juedes +cn: Eva Juedes +homeDirectory: /home/ejuedes +gecos: Eva Juedes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9aTl5dkN0Mi9vZS9vOFIyOG5YWmw2WDc2cC9nPQ== +loginShell: /bin/bash + +dn: uid=nwiker,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nwiker +uidNumber: 4512 +gidNumber: 1000 +givenName: Noel +sn: Wiker +cn: Noel Wiker +homeDirectory: /home/nwiker +gecos: Noel Wiker +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1lcGR5azZweVMxZnZ3ZVZhcG5RQ21vOUZBRWs9 +loginShell: /bin/bash + +dn: uid=dwideman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dwideman +uidNumber: 4513 +gidNumber: 1000 +givenName: Daphne +sn: Wideman +cn: Daphne Wideman +homeDirectory: /home/dwideman +gecos: Daphne Wideman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUdrRlM2cW5UbEYuSW8= +loginShell: /bin/bash + +dn: cn=Grace Dreitzler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gdreitzler +uidNumber: 4514 +gidNumber: 1000 +givenName: Grace +sn: Dreitzler +cn: Grace Dreitzler +homeDirectory: /home/gdreitzler +gecos: Grace Dreitzler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9OHNreWVYMkMydkN6MDlmbWpnSElOWUQvZ2pBPQ== +loginShell: /bin/bash + +dn: cn=Mindy Dimaio+uid=mdimaio,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mdimaio +uidNumber: 4515 +gidNumber: 1000 +givenName: Mindy +sn: Dimaio +cn: Mindy Dimaio +homeDirectory: /home/mdimaio +gecos: Mindy Dimaio +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1xbHhXOHlDTFdLV296OFduNGw2KzRnPT0= +loginShell: /bin/bash + +dn: cn=Dujuan Marchizano+uid=dmarchizano,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dmarchizano +uidNumber: 4516 +gidNumber: 1000 +givenName: Dujuan +sn: Marchizano +cn: Dujuan Marchizano +homeDirectory: /home/dmarchizano +gecos: Dujuan Marchizano +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX02SWExNktubXFMR2pCcXdlK3hqc2hBPT0= +loginShell: /bin/bash + +dn: cn=Soulik Vogler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: svogler +uidNumber: 4517 +gidNumber: 1000 +givenName: Soulik +sn: Vogler +cn: Soulik Vogler +homeDirectory: /home/svogler +gecos: Soulik Vogler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX05Y0R0WVo1eEhWVVNtQVYyaWYxaXRxdGJuSGM9 +loginShell: /bin/bash + +dn: uid=dcaltabiano,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dcaltabiano +uidNumber: 4518 +gidNumber: 1000 +givenName: Dalila +sn: Caltabiano +cn: Dalila Caltabiano +homeDirectory: /home/dcaltabiano +gecos: Dalila Caltabiano +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0wTHBBR1l0ckdjY29MR0pRbGhueXVCSkJwQzA9 +loginShell: /bin/bash + +dn: cn=Fernanda Mahler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fmahler +uidNumber: 4519 +gidNumber: 1000 +givenName: Fernanda +sn: Mahler +cn: Fernanda Mahler +homeDirectory: /home/fmahler +gecos: Fernanda Mahler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWRtZzhoWnhwUW8yaW8= +loginShell: /bin/bash + +dn: uid=sduplechain,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sduplechain +uidNumber: 4520 +gidNumber: 1000 +givenName: Sinlaku +sn: Duplechain +cn: Sinlaku Duplechain +homeDirectory: /home/sduplechain +gecos: Sinlaku Duplechain +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9Q3VOVFdrMUJVOXRBS1dzV01xVEc2dkFIUkpnPQ== +loginShell: /bin/bash + +dn: cn=Rananin Goonez+uid=rgoonez,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rgoonez +uidNumber: 4521 +gidNumber: 1000 +givenName: Rananin +sn: Goonez +cn: Rananin Goonez +homeDirectory: /home/rgoonez +gecos: Rananin Goonez +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9dE9ZMENrMURmUEExVDlzVUZEdkl5andGMG1vPQ== +loginShell: /bin/bash + +dn: uid=kbarnthouse,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kbarnthouse +uidNumber: 4522 +gidNumber: 1000 +givenName: Khanun +sn: Barnthouse +cn: Khanun Barnthouse +homeDirectory: /home/kbarnthouse +gecos: Khanun Barnthouse +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1wUkxYMHlaaVVlbVZaZTRYVFpIbGFkOUdQVjg9 +loginShell: /bin/bash + +dn: uid=snotari,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: snotari +uidNumber: 4523 +gidNumber: 1000 +givenName: Sheryl +sn: Notari +cn: Sheryl Notari +homeDirectory: /home/snotari +gecos: Sheryl Notari +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c2l4dGhz +loginShell: /bin/bash + +dn: uid=pahles,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pahles +uidNumber: 4524 +gidNumber: 1000 +givenName: Pami +sn: Ahles +cn: Pami Ahles +homeDirectory: /home/pahles +gecos: Pami Ahles +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUZVMkRHQy9DNDdtT0k= +loginShell: /bin/bash + +dn: uid=clarusso,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: clarusso +uidNumber: 4525 +gidNumber: 1000 +givenName: Cilla +sn: Larusso +cn: Cilla Larusso +homeDirectory: /home/clarusso +gecos: Cilla Larusso +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1rRjFxQUY4V0pIVnY1b01mc0QvR2J3PT0= +loginShell: /bin/bash + +dn: cn=Marco Dellavalle,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mdellavalle +uidNumber: 4526 +gidNumber: 1000 +givenName: Marco +sn: Dellavalle +cn: Marco Dellavalle +homeDirectory: /home/mdellavalle +gecos: Marco Dellavalle +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1VSGFLUFBoWTVhK0hMMCtxdi9WOHBRPT0= +loginShell: /bin/bash + +dn: uid=ccuozzo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ccuozzo +uidNumber: 4527 +gidNumber: 1000 +givenName: Cyril +sn: Cuozzo +cn: Cyril Cuozzo +homeDirectory: /home/ccuozzo +gecos: Cyril Cuozzo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RjdLbjM2aG9qRHJrcVBIc2VNMGowdm5MWWw0PQ== +loginShell: /bin/bash + +dn: uid=hbinker,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hbinker +uidNumber: 4528 +gidNumber: 1000 +givenName: Humberto +sn: Binker +cn: Humberto Binker +homeDirectory: /home/hbinker +gecos: Humberto Binker +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1NR3pscTI3NG5OSkxZYmIvenJYQTRFYWJPQ2c9 +loginShell: /bin/bash + +dn: uid=hwestermark,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hwestermark +uidNumber: 4529 +gidNumber: 1000 +givenName: Higos +sn: Westermark +cn: Higos Westermark +homeDirectory: /home/hwestermark +gecos: Higos Westermark +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1NYnpQOEZMS3pHaDRvRDVmREJRZERlbnFMU1k9 +loginShell: /bin/bash + +dn: uid=jkopko,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jkopko +uidNumber: 4530 +gidNumber: 1000 +givenName: Jim +sn: Kopko +cn: Jim Kopko +homeDirectory: /home/jkopko +gecos: Jim Kopko +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1hazBsZXd3aGtaS3RnUnNvTk84SUd2Qk9TUzA9 +loginShell: /bin/bash + +dn: cn=Carla Fasone+uid=cfasone,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cfasone +uidNumber: 4531 +gidNumber: 1000 +givenName: Carla +sn: Fasone +cn: Carla Fasone +homeDirectory: /home/cfasone +gecos: Carla Fasone +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9QVh6Ynd5dTVaNXRTdndMR2hacFdaTFhDelprPQ== +loginShell: /bin/bash + +dn: cn=Atu Fredin+uid=afredin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: afredin +uidNumber: 4532 +gidNumber: 1000 +givenName: Atu +sn: Fredin +cn: Atu Fredin +homeDirectory: /home/afredin +gecos: Atu Fredin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ME9PODVydTNmckwzS2JWTW1uSnZiTm9BS09rPQ== +loginShell: /bin/bash + +dn: uid=imuehl,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: imuehl +uidNumber: 4533 +gidNumber: 1000 +givenName: Ivan +sn: Muehl +cn: Ivan Muehl +homeDirectory: /home/imuehl +gecos: Ivan Muehl +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1uR0FFTFRlK3hwMXNwQ0tQYUdsd0JsQlZ4TGs9 +loginShell: /bin/bash + +dn: uid=tmysinger,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tmysinger +uidNumber: 4534 +gidNumber: 1000 +givenName: Tammy +sn: Mysinger +cn: Tammy Mysinger +homeDirectory: /home/tmysinger +gecos: Tammy Mysinger +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9TWZ2bEN6dlU3YktQT2VtejIvcit5Zis1ZnR1MGJnekc= +loginShell: /bin/bash + +dn: uid=dcarsey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dcarsey +uidNumber: 4535 +gidNumber: 1000 +givenName: Durian +sn: Carsey +cn: Durian Carsey +homeDirectory: /home/dcarsey +gecos: Durian Carsey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9MzV4YWN1TDIvTEdrNHV0WklWSlp2RWxRUHdGMHg3bHQ= +loginShell: /bin/bash + +dn: uid=mpark,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mpark +uidNumber: 4536 +gidNumber: 1000 +givenName: May +sn: Park +cn: May Park +homeDirectory: /home/mpark +gecos: May Park +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZW50aHVzaWFzbXM= +loginShell: /bin/bash + +dn: uid=ndashem,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ndashem +uidNumber: 4537 +gidNumber: 1000 +givenName: Nangka +sn: Dashem +cn: Nangka Dashem +homeDirectory: /home/ndashem +gecos: Nangka Dashem +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1TY0szS1ZKS2NUOTQ0OGRLRFUyeXd3PT0= +loginShell: /bin/bash + +dn: uid=dsteever,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dsteever +uidNumber: 4538 +gidNumber: 1000 +givenName: Diane +sn: Steever +cn: Diane Steever +homeDirectory: /home/dsteever +gecos: Diane Steever +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXgxNjBlVnN4UVF6SHc= +loginShell: /bin/bash + +dn: uid=ilawbaugh,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ilawbaugh +uidNumber: 4539 +gidNumber: 1000 +givenName: Indlala +sn: Lawbaugh +cn: Indlala Lawbaugh +homeDirectory: /home/ilawbaugh +gecos: Indlala Lawbaugh +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1ndXZrUWpNdExIY0MvRTFXY3N0THpIekZadjg9 +loginShell: /bin/bash + +dn: uid=bmoling,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bmoling +uidNumber: 4540 +gidNumber: 1000 +givenName: Beryl +sn: Moling +cn: Beryl Moling +homeDirectory: /home/bmoling +gecos: Beryl Moling +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9bVgxK0lIenZIMzlUTXdHeWhmZ1YzcU1tR2VZOHB2bWE= +loginShell: /bin/bash + +dn: uid=ctetteh,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ctetteh +uidNumber: 4541 +gidNumber: 1000 +givenName: Cristobal +sn: Tetteh +cn: Cristobal Tetteh +homeDirectory: /home/ctetteh +gecos: Cristobal Tetteh +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9R3JiY3liU3lGajk5Nmg3RUEzSWJVcXhiL1VOd09OQ1I= +loginShell: /bin/bash + +dn: uid=lcoy,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lcoy +uidNumber: 4542 +gidNumber: 1000 +givenName: Laura +sn: Coy +cn: Laura Coy +homeDirectory: /home/lcoy +gecos: Laura Coy +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTBBRnZEbkNJd25scFk= +loginShell: /bin/bash + +dn: uid=mkrauser,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mkrauser +uidNumber: 4543 +gidNumber: 1000 +givenName: Melanie +sn: Krauser +cn: Melanie Krauser +homeDirectory: /home/mkrauser +gecos: Melanie Krauser +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9aUxBaUxBNUt0Nk1DSlk4M3NsYkxIamlydUdPSEU2THE= +loginShell: /bin/bash + +dn: cn=Warwick Peckler+uid=wpeckler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wpeckler +uidNumber: 4544 +gidNumber: 1000 +givenName: Warwick +sn: Peckler +cn: Warwick Peckler +homeDirectory: /home/wpeckler +gecos: Warwick Peckler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX10cUhXWm5GdE1yOFJ1NXIwYmdVY1NRPT0= +loginShell: /bin/bash + +dn: uid=kbordwine,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kbordwine +uidNumber: 4545 +gidNumber: 1000 +givenName: Kuzira +sn: Bordwine +cn: Kuzira Bordwine +homeDirectory: /home/kbordwine +gecos: Kuzira Bordwine +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTRHT3dzLkRIRy5IQUE= +loginShell: /bin/bash + +dn: cn=Barbara Latona,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: blatona +uidNumber: 4546 +gidNumber: 1000 +givenName: Barbara +sn: Latona +cn: Barbara Latona +homeDirectory: /home/blatona +gecos: Barbara Latona +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1CMGxuRGZvOWhIK1JWUG5mY0FaMWpBPT0= +loginShell: /bin/bash + +dn: uid=jquicksall,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jquicksall +uidNumber: 4547 +gidNumber: 1000 +givenName: Judy +sn: Quicksall +cn: Judy Quicksall +homeDirectory: /home/jquicksall +gecos: Judy Quicksall +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bmF0dXJhbG5lc3M= +loginShell: /bin/bash + +dn: uid=oellerbee,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: oellerbee +uidNumber: 4548 +gidNumber: 1000 +givenName: Oleka +sn: Ellerbee +cn: Oleka Ellerbee +homeDirectory: /home/oellerbee +gecos: Oleka Ellerbee +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y29ydGV4 +loginShell: /bin/bash + +dn: uid=kbramblett,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kbramblett +uidNumber: 4549 +gidNumber: 1000 +givenName: Kika +sn: Bramblett +cn: Kika Bramblett +homeDirectory: /home/kbramblett +gecos: Kika Bramblett +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1rbzZrQzYvVi9SdHJjYXN2cWpMblgxSzNtNUk9 +loginShell: /bin/bash + +dn: uid=eserrett,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eserrett +uidNumber: 4550 +gidNumber: 1000 +givenName: Eva +sn: Serrett +cn: Eva Serrett +homeDirectory: /home/eserrett +gecos: Eva Serrett +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1RazA3cVk3YlZmZWduTE8yM2xvMElBPT0= +loginShell: /bin/bash + +dn: cn=York Curtis+uid=ycurtis,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ycurtis +uidNumber: 4551 +gidNumber: 1000 +givenName: York +sn: Curtis +cn: York Curtis +homeDirectory: /home/ycurtis +gecos: York Curtis +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0xM0tOV1hBVnR6NmU2Nk8rdS9qZy9QbndmVU09 +loginShell: /bin/bash + +dn: uid=tsablea,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tsablea +uidNumber: 4552 +gidNumber: 1000 +givenName: Tuni +sn: Sablea +cn: Tuni Sablea +homeDirectory: /home/tsablea +gecos: Tuni Sablea +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX02dVMza1BmRFErdFk0eEgrTGZmQUNRPT0= +loginShell: /bin/bash + +dn: cn=Yolanda Cobetto,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ycobetto +uidNumber: 4553 +gidNumber: 1000 +givenName: Yolanda +sn: Cobetto +cn: Yolanda Cobetto +homeDirectory: /home/ycobetto +gecos: Yolanda Cobetto +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9SW5MOFVNb0dFRm1ZNEFML0ZJQmk4MjN6T2dVPQ== +loginShell: /bin/bash + +dn: uid=sgunder,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sgunder +uidNumber: 4554 +gidNumber: 1000 +givenName: Selma +sn: Gunder +cn: Selma Gunder +homeDirectory: /home/sgunder +gecos: Selma Gunder +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1lUENBWDZqL3JhdmFjaC9hK0ZzOHFRPT0= +loginShell: /bin/bash + +dn: uid=crile,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: crile +uidNumber: 4555 +gidNumber: 1000 +givenName: Changmi +sn: Rile +cn: Changmi Rile +homeDirectory: /home/crile +gecos: Changmi Rile +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVZXUnA5VWgvWlBsZlE= +loginShell: /bin/bash + +dn: cn=Phoebe Sabado,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: psabado +uidNumber: 4556 +gidNumber: 1000 +givenName: Phoebe +sn: Sabado +cn: Phoebe Sabado +homeDirectory: /home/psabado +gecos: Phoebe Sabado +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9R3Uzd2N3MEc2ekpMOFJyUTlxYVJLaG1UdytNPQ== +loginShell: /bin/bash + +dn: uid=ilevian,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ilevian +uidNumber: 4557 +gidNumber: 1000 +givenName: Isabella +sn: Levian +cn: Isabella Levian +homeDirectory: /home/ilevian +gecos: Isabella Levian +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX16bDgyS1U3UjVPMmZiU2YxMFltZUZBPT0= +loginShell: /bin/bash + +dn: uid=rginer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rginer +uidNumber: 4558 +gidNumber: 1000 +givenName: Reuben +sn: Giner +cn: Reuben Giner +homeDirectory: /home/rginer +gecos: Reuben Giner +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9dWU4emQzQTUydythQ0VYWnZlbWd3bWJvc0hZajFxK3k= +loginShell: /bin/bash + +dn: uid=nlainhart,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nlainhart +uidNumber: 4559 +gidNumber: 1000 +givenName: Nakri +sn: Lainhart +cn: Nakri Lainhart +homeDirectory: /home/nlainhart +gecos: Nakri Lainhart +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9SSs0SDluRGxaRlZEQjNGMzdRcllxTE9SbnV3PQ== +loginShell: /bin/bash + +dn: cn=Tui Vehrs+uid=tvehrs,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tvehrs +uidNumber: 4560 +gidNumber: 1000 +givenName: Tui +sn: Vehrs +cn: Tui Vehrs +homeDirectory: /home/tvehrs +gecos: Tui Vehrs +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Ny9YS1hYaFAxQ2NRUUkyYjVWODZHRDRTbSt2Mmhuc1k= +loginShell: /bin/bash + +dn: uid=frumbo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: frumbo +uidNumber: 4561 +gidNumber: 1000 +givenName: Flossie +sn: Rumbo +cn: Flossie Rumbo +homeDirectory: /home/frumbo +gecos: Flossie Rumbo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1LaStWT3F5ckR2TSttYXlyWWJVYy9nPT0= +loginShell: /bin/bash + +dn: uid=hpaek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hpaek +uidNumber: 4562 +gidNumber: 1000 +givenName: Hubert +sn: Paek +cn: Hubert Paek +homeDirectory: /home/hpaek +gecos: Hubert Paek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RU4xM3daMTJOamtrTmZaV1U4Q1BkaXNNN2drPQ== +loginShell: /bin/bash + +dn: uid=lmuehlberger,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lmuehlberger +uidNumber: 4563 +gidNumber: 1000 +givenName: Lekima +sn: Muehlberger +cn: Lekima Muehlberger +homeDirectory: /home/lmuehlberger +gecos: Lekima Muehlberger +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTlTNXNZSFVWMW5lMGc= +loginShell: /bin/bash + +dn: uid=mfaruolo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mfaruolo +uidNumber: 4564 +gidNumber: 1000 +givenName: Mindy +sn: Faruolo +cn: Mindy Faruolo +homeDirectory: /home/mfaruolo +gecos: Mindy Faruolo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTdKQXVPb0JHU0xadXc= +loginShell: /bin/bash + +dn: uid=dhindsman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dhindsman +uidNumber: 4565 +gidNumber: 1000 +givenName: Des +sn: Hindsman +cn: Des Hindsman +homeDirectory: /home/dhindsman +gecos: Des Hindsman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3RyYWlnaHRlbnM= +loginShell: /bin/bash + +dn: cn=Harvey Mogush,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hmogush +uidNumber: 4566 +gidNumber: 1000 +givenName: Harvey +sn: Mogush +cn: Harvey Mogush +homeDirectory: /home/hmogush +gecos: Harvey Mogush +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0wMU8wb0tEN3cyLzFGWm9XU0F2REN3PT0= +loginShell: /bin/bash + +dn: uid=olilyblade,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: olilyblade +uidNumber: 4567 +gidNumber: 1000 +givenName: Oko +sn: Lilyblade +cn: Oko Lilyblade +homeDirectory: /home/olilyblade +gecos: Oko Lilyblade +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZW5kYW5nZXJlZA== +loginShell: /bin/bash + +dn: uid=pgrybel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pgrybel +uidNumber: 4568 +gidNumber: 1000 +givenName: Priscilla +sn: Grybel +cn: Priscilla Grybel +homeDirectory: /home/pgrybel +gecos: Priscilla Grybel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX10SmtnYzg2M3pxMllRVDFsQ2JIYlNRPT0= +loginShell: /bin/bash + +dn: uid=rpinilla,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rpinilla +uidNumber: 4569 +gidNumber: 1000 +givenName: Rene +sn: Pinilla +cn: Rene Pinilla +homeDirectory: /home/rpinilla +gecos: Rene Pinilla +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXprRUpYZllwNnRHNkE= +loginShell: /bin/bash + +dn: uid=sczubia,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sczubia +uidNumber: 4570 +gidNumber: 1000 +givenName: Sonamu +sn: Czubia +cn: Sonamu Czubia +homeDirectory: /home/sczubia +gecos: Sonamu Czubia +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWRHTFRLNjNvbmJvT28= +loginShell: /bin/bash + +dn: uid=kbattershell,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kbattershell +uidNumber: 4571 +gidNumber: 1000 +givenName: Kirrily +sn: Battershell +cn: Kirrily Battershell +homeDirectory: /home/kbattershell +gecos: Kirrily Battershell +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3BvbnNvcnNoaXA= +loginShell: /bin/bash + +dn: uid=ademosthenes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ademosthenes +uidNumber: 4572 +gidNumber: 1000 +givenName: Ami +sn: Demosthenes +cn: Ami Demosthenes +homeDirectory: /home/ademosthenes +gecos: Ami Demosthenes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1qMDgra2pUakdNeHRONjYyUlUzSXRnPT0= +loginShell: /bin/bash + +dn: uid=upater,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: upater +uidNumber: 4573 +gidNumber: 1000 +givenName: Utor +sn: Pater +cn: Utor Pater +homeDirectory: /home/upater +gecos: Utor Pater +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cmVwZWF0cw== +loginShell: /bin/bash + +dn: cn=Oma Shough,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: oshough +uidNumber: 4574 +gidNumber: 1000 +givenName: Oma +sn: Shough +cn: Oma Shough +homeDirectory: /home/oshough +gecos: Oma Shough +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX03NUJmRCtGNGg3ZkRlMGZheFJpR2xkUk91ZTQ9 +loginShell: /bin/bash + +dn: uid=ndepina,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ndepina +uidNumber: 4575 +gidNumber: 1000 +givenName: Norbert +sn: Depina +cn: Norbert Depina +homeDirectory: /home/ndepina +gecos: Norbert Depina +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9OUNNdGlqK2ZHQjlERVVxa3krbWNxYUFTL20zZzg0U2M= +loginShell: /bin/bash + +dn: uid=uednilao,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: uednilao +uidNumber: 4576 +gidNumber: 1000 +givenName: Ulika +sn: Ednilao +cn: Ulika Ednilao +homeDirectory: /home/uednilao +gecos: Ulika Ednilao +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1uUUJ1TjloUlJnZjVnYlVYV2pmY3R3PT0= +loginShell: /bin/bash + +dn: uid=broher,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: broher +uidNumber: 4577 +gidNumber: 1000 +givenName: Bessi +sn: Roher +cn: Bessi Roher +homeDirectory: /home/broher +gecos: Bessi Roher +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWx0RDdRV1lselhNRjY= +loginShell: /bin/bash + +dn: uid=ihashbarger,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ihashbarger +uidNumber: 4578 +gidNumber: 1000 +givenName: Ileana +sn: Hashbarger +cn: Ileana Hashbarger +homeDirectory: /home/ihashbarger +gecos: Ileana Hashbarger +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX16bUlOWjBtSURYbkhBT3NLNHFWbVJ2T2xtOFU9 +loginShell: /bin/bash + +dn: cn=Chataan Bandel+uid=cbandel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cbandel +uidNumber: 4579 +gidNumber: 1000 +givenName: Chataan +sn: Bandel +cn: Chataan Bandel +homeDirectory: /home/cbandel +gecos: Chataan Bandel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1PQXIwcVZLNldxYUtxaCtBQ1dYSnBRPT0= +loginShell: /bin/bash + +dn: cn=Mick Leggio,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mleggio +uidNumber: 4580 +gidNumber: 1000 +givenName: Mick +sn: Leggio +cn: Mick Leggio +homeDirectory: /home/mleggio +gecos: Mick Leggio +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWIvMzVEcXAxaGFIRW8= +loginShell: /bin/bash + +dn: cn=Zeke Clendennen+uid=zclendennen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zclendennen +uidNumber: 4581 +gidNumber: 1000 +givenName: Zeke +sn: Clendennen +cn: Zeke Clendennen +homeDirectory: /home/zclendennen +gecos: Zeke Clendennen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RHduZTBuWDNZaWwwQWtWNTZKUTRSRTJZTXZRPQ== +loginShell: /bin/bash + +dn: uid=lswanton,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lswanton +uidNumber: 4582 +gidNumber: 1000 +givenName: Lola +sn: Swanton +cn: Lola Swanton +homeDirectory: /home/lswanton +gecos: Lola Swanton +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1hcngwTzcza29WWXJaVGp6NG05eHNqdGMwMFU9 +loginShell: /bin/bash + +dn: cn=Prapiroon Quanstrum,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pquanstrum +uidNumber: 4583 +gidNumber: 1000 +givenName: Prapiroon +sn: Quanstrum +cn: Prapiroon Quanstrum +homeDirectory: /home/pquanstrum +gecos: Prapiroon Quanstrum +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9eUdRVzljeGVtSHkvM1RqVjl5ZDQrYmlaWU1zPQ== +loginShell: /bin/bash + +dn: uid=bpinedo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bpinedo +uidNumber: 4584 +gidNumber: 1000 +givenName: Bebinca +sn: Pinedo +cn: Bebinca Pinedo +homeDirectory: /home/bpinedo +gecos: Bebinca Pinedo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1Gd3VlRys0SUtvZk9ud2JwaGxDdndnPT0= +loginShell: /bin/bash + +dn: uid=pslisz,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pslisz +uidNumber: 4585 +gidNumber: 1000 +givenName: Penny +sn: Slisz +cn: Penny Slisz +homeDirectory: /home/pslisz +gecos: Penny Slisz +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9K0hXbWpyUEdsUkZzSk5EUE42SlJjQWdiMm5WSXdMTUQ= +loginShell: /bin/bash + +dn: uid=emehta,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: emehta +uidNumber: 4586 +gidNumber: 1000 +givenName: Elida +sn: Mehta +cn: Elida Mehta +homeDirectory: /home/emehta +gecos: Elida Mehta +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1FQS96dUh1WE1UUzI4Y2tRMEl1MTQydFRXV0U9 +loginShell: /bin/bash + +dn: uid=bdominga,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bdominga +uidNumber: 4587 +gidNumber: 1000 +givenName: Bune +sn: Dominga +cn: Bune Dominga +homeDirectory: /home/bdominga +gecos: Bune Dominga +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cHJvc3BlY3RlZA== +loginShell: /bin/bash + +dn: cn=Sonamu Shilo+uid=sshilo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sshilo +uidNumber: 4588 +gidNumber: 1000 +givenName: Sonamu +sn: Shilo +cn: Sonamu Shilo +homeDirectory: /home/sshilo +gecos: Sonamu Shilo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c2Vuc3VhbA== +loginShell: /bin/bash + +dn: uid=brucky,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: brucky +uidNumber: 4589 +gidNumber: 1000 +givenName: Bebinca +sn: Rucky +cn: Bebinca Rucky +homeDirectory: /home/brucky +gecos: Bebinca Rucky +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1qdkUyd0d3S1VHUTZ4b2NCKzhReGlRPT0= +loginShell: /bin/bash + +dn: uid=bharnois,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bharnois +uidNumber: 4590 +gidNumber: 1000 +givenName: Bopha +sn: Harnois +cn: Bopha Harnois +homeDirectory: /home/bharnois +gecos: Bopha Harnois +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0veEtWUVRLNEIyUVhDUm9yODdJYno4dTU0Vjg9 +loginShell: /bin/bash + +dn: uid=wenglander,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wenglander +uidNumber: 4591 +gidNumber: 1000 +givenName: Wendy +sn: Englander +cn: Wendy Englander +homeDirectory: /home/wenglander +gecos: Wendy Englander +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9NGJFY3J6VUFQU2dsUlB0QkxCME0vTWZQNGxVdTF2ZEo= +loginShell: /bin/bash + +dn: uid=uazatyan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: uazatyan +uidNumber: 4592 +gidNumber: 1000 +givenName: Uzale +sn: Azatyan +cn: Uzale Azatyan +homeDirectory: /home/uazatyan +gecos: Uzale Azatyan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9YmU5U0s0UGlTWHJwVG5HcmJ2VHEvYk5yR3MyU2xMS2M= +loginShell: /bin/bash + +dn: uid=wtruman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wtruman +uidNumber: 4593 +gidNumber: 1000 +givenName: Winnie +sn: Truman +cn: Winnie Truman +homeDirectory: /home/wtruman +gecos: Winnie Truman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Qm4xdEZXT1p6ZkFzWFQ0MFo3WXM1YVFFTVY3eW5qbGQ= +loginShell: /bin/bash + +dn: uid=csalkeld,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: csalkeld +uidNumber: 4594 +gidNumber: 1000 +givenName: Coral +sn: Salkeld +cn: Coral Salkeld +homeDirectory: /home/csalkeld +gecos: Coral Salkeld +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1WKzQ0VnlZaTROUzc0U1d5dVRYWjJ3PT0= +loginShell: /bin/bash + +dn: uid=rmcghay,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rmcghay +uidNumber: 4595 +gidNumber: 1000 +givenName: Rina +sn: Mcghay +cn: Rina Mcghay +homeDirectory: /home/rmcghay +gecos: Rina Mcghay +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1YdlBoT3hsNm5WU1ZvRXNsRHJCbWt4YzM1a0k9 +loginShell: /bin/bash + +dn: uid=efobes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: efobes +uidNumber: 4596 +gidNumber: 1000 +givenName: Evan +sn: Fobes +cn: Evan Fobes +homeDirectory: /home/efobes +gecos: Evan Fobes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9aFRtU2xORW5oK0FVZGJVS1J5TTd3cE9Qak13PQ== +loginShell: /bin/bash + +dn: uid=ualway,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ualway +uidNumber: 4597 +gidNumber: 1000 +givenName: Ula +sn: Alway +cn: Ula Alway +homeDirectory: /home/ualway +gecos: Ula Alway +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1IY0N6RGJ4TUFkL3Npc3RZNmdMMWRkaThhZDA9 +loginShell: /bin/bash + +dn: uid=dscheurer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dscheurer +uidNumber: 4598 +gidNumber: 1000 +givenName: Diwa +sn: Scheurer +cn: Diwa Scheurer +homeDirectory: /home/dscheurer +gecos: Diwa Scheurer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9L2JWMEpVK2Q2UndPdWNnZ0FWKzRTUVEvQmRKYWFiaGw= +loginShell: /bin/bash + +dn: cn=Gita Deblasio,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gdeblasio +uidNumber: 4599 +gidNumber: 1000 +givenName: Gita +sn: Deblasio +cn: Gita Deblasio +homeDirectory: /home/gdeblasio +gecos: Gita Deblasio +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bm93aGVyZQ== +loginShell: /bin/bash + +dn: uid=kgleichweit,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kgleichweit +uidNumber: 4600 +gidNumber: 1000 +givenName: Ken +sn: Gleichweit +cn: Ken Gleichweit +homeDirectory: /home/kgleichweit +gecos: Ken Gleichweit +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9NjRGU21LNmZDNlNvNiswWi9oQm1qUE4zMzBZPQ== +loginShell: /bin/bash + +dn: uid=ptraweek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ptraweek +uidNumber: 4601 +gidNumber: 1000 +givenName: Podul +sn: Traweek +cn: Podul Traweek +homeDirectory: /home/ptraweek +gecos: Podul Traweek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0rTVdzeitFTWVzcHZ3RFoyR3QwdHNBPT0= +loginShell: /bin/bash + +dn: uid=zfarler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zfarler +uidNumber: 4602 +gidNumber: 1000 +givenName: Zena +sn: Farler +cn: Zena Farler +homeDirectory: /home/zfarler +gecos: Zena Farler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Y0xSbnBpVVpsaTR4cVZ5V0JZN2Z6eG1tY1JzR25CbGQ= +loginShell: /bin/bash + +dn: cn=Adrian Tilley+uid=atilley,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: atilley +uidNumber: 4603 +gidNumber: 1000 +givenName: Adrian +sn: Tilley +cn: Adrian Tilley +homeDirectory: /home/atilley +gecos: Adrian Tilley +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUxGRUdyUWljVExCZTY= +loginShell: /bin/bash + +dn: uid=hcianciolo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hcianciolo +uidNumber: 4604 +gidNumber: 1000 +givenName: Hamish +sn: Cianciolo +cn: Hamish Cianciolo +homeDirectory: /home/hcianciolo +gecos: Hamish Cianciolo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1TOGlvb1Q2bEp0QjRoQkc2UGdqV2pvaTVYd009 +loginShell: /bin/bash + +dn: uid=syurkovich,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: syurkovich +uidNumber: 4605 +gidNumber: 1000 +givenName: Sandra +sn: Yurkovich +cn: Sandra Yurkovich +homeDirectory: /home/syurkovich +gecos: Sandra Yurkovich +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Ny9xQ3hrMjFPUktEb3FMalUxd0tFb29xMkEyOFFYd2o= +loginShell: /bin/bash + +dn: uid=nsiemonsma,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nsiemonsma +uidNumber: 4606 +gidNumber: 1000 +givenName: Nepartak +sn: Siemonsma +cn: Nepartak Siemonsma +homeDirectory: /home/nsiemonsma +gecos: Nepartak Siemonsma +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1RcktPWkZDZ3J6NHF0WlM3aFVTODVtOXY1Nms9 +loginShell: /bin/bash + +dn: uid=wbillotte,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wbillotte +uidNumber: 4607 +gidNumber: 1000 +givenName: Warura +sn: Billotte +cn: Warura Billotte +homeDirectory: /home/wbillotte +gecos: Warura Billotte +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ekhNck1pSW52UFFVR2loa0VzTVV5OVpzRVhwYU5FTTY= +loginShell: /bin/bash + +dn: uid=adenicola,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: adenicola +uidNumber: 4608 +gidNumber: 1000 +givenName: Alika +sn: Denicola +cn: Alika Denicola +homeDirectory: /home/adenicola +gecos: Alika Denicola +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ZGh3S1pOSTczMitFNGN4KzlIWEl2b2R1NzYwPQ== +loginShell: /bin/bash + +dn: uid=purquilla,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: purquilla +uidNumber: 4609 +gidNumber: 1000 +givenName: Peke +sn: Urquilla +cn: Peke Urquilla +homeDirectory: /home/purquilla +gecos: Peke Urquilla +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZnVuZGFtZW50YWxz +loginShell: /bin/bash + +dn: uid=lfarraj,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lfarraj +uidNumber: 4610 +gidNumber: 1000 +givenName: Lester +sn: Farraj +cn: Lester Farraj +homeDirectory: /home/lfarraj +gecos: Lester Farraj +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfU1lSzBySHltRXJZQW8= +loginShell: /bin/bash + +dn: uid=nrybij,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nrybij +uidNumber: 4611 +gidNumber: 1000 +givenName: Noel +sn: Rybij +cn: Noel Rybij +homeDirectory: /home/nrybij +gecos: Noel Rybij +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTJrU1pnTWMzajg2ajI= +loginShell: /bin/bash + +dn: uid=esproull,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: esproull +uidNumber: 4612 +gidNumber: 1000 +givenName: Ela +sn: Sproull +cn: Ela Sproull +homeDirectory: /home/esproull +gecos: Ela Sproull +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9dno5Qk5tM1Z2UktJUnQyU3hpWSthT2xPRnQzeWsxa28= +loginShell: /bin/bash + +dn: uid=craddle,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: craddle +uidNumber: 4613 +gidNumber: 1000 +givenName: Cesar +sn: Raddle +cn: Cesar Raddle +homeDirectory: /home/craddle +gecos: Cesar Raddle +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9UWtXNjRVeXp4ZHljNEU5S2JLcjJvd2NBZEhVPQ== +loginShell: /bin/bash + +dn: uid=hlauchaire,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hlauchaire +uidNumber: 4614 +gidNumber: 1000 +givenName: Hilary +sn: Lauchaire +cn: Hilary Lauchaire +homeDirectory: /home/hlauchaire +gecos: Hilary Lauchaire +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9RUFyNlM4TlR1R3o3T0YwWW8zbWt4T0xnejJRMzFXbkQ= +loginShell: /bin/bash + +dn: uid=wconces,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wconces +uidNumber: 4615 +gidNumber: 1000 +givenName: Whitney +sn: Conces +cn: Whitney Conces +homeDirectory: /home/wconces +gecos: Whitney Conces +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: dW5zdHVjaw== +loginShell: /bin/bash + +dn: cn=Hamish Polich,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hpolich +uidNumber: 4616 +gidNumber: 1000 +givenName: Hamish +sn: Polich +cn: Hamish Polich +homeDirectory: /home/hpolich +gecos: Hamish Polich +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YXBwZW5kaWNlcw== +loginShell: /bin/bash + +dn: uid=psundeen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: psundeen +uidNumber: 4617 +gidNumber: 1000 +givenName: Pat +sn: Sundeen +cn: Pat Sundeen +homeDirectory: /home/psundeen +gecos: Pat Sundeen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9d0lQd3NJUXNqRnBObER4VXZxUDVMOXkwM2RCN3RmNzQ= +loginShell: /bin/bash + +dn: uid=ngoshen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ngoshen +uidNumber: 4618 +gidNumber: 1000 +givenName: Nesat +sn: Goshen +cn: Nesat Goshen +homeDirectory: /home/ngoshen +gecos: Nesat Goshen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1CMENjQVN1eVkwNW9XYUxrczhqZ1lBPT0= +loginShell: /bin/bash + +dn: uid=mkassabian,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mkassabian +uidNumber: 4619 +gidNumber: 1000 +givenName: Martin +sn: Kassabian +cn: Martin Kassabian +homeDirectory: /home/mkassabian +gecos: Martin Kassabian +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9N2gyNnlzWXh0cGRvOFBqeC80NzZTZlp2MUF2K2MraW0= +loginShell: /bin/bash + +dn: cn=Lusi Ringuette+uid=lringuette,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lringuette +uidNumber: 4620 +gidNumber: 1000 +givenName: Lusi +sn: Ringuette +cn: Lusi Ringuette +homeDirectory: /home/lringuette +gecos: Lusi Ringuette +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9b3BNTlM0QzBJUklnYnc0TXJGOXkrb3p1YkJ1eDhNZkw= +loginShell: /bin/bash + +dn: uid=ebascle,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ebascle +uidNumber: 4621 +gidNumber: 1000 +givenName: Elisa +sn: Bascle +cn: Elisa Bascle +homeDirectory: /home/ebascle +gecos: Elisa Bascle +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9Nm9IWHVOODVweTR2eEd3ZGFaWGp0VXZnaSs4PQ== +loginShell: /bin/bash + +dn: cn=Chantal Wank,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cwank +uidNumber: 4622 +gidNumber: 1000 +givenName: Chantal +sn: Wank +cn: Chantal Wank +homeDirectory: /home/cwank +gecos: Chantal Wank +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9eVNacSttMi91RHBQQnBuTHBKRjhLUnc2QVBRYjhEbS8= +loginShell: /bin/bash + +dn: uid=eklunder,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eklunder +uidNumber: 4623 +gidNumber: 1000 +givenName: Elena +sn: Klunder +cn: Elena Klunder +homeDirectory: /home/eklunder +gecos: Elena Klunder +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTltWTBkeXVEMzVEN3c= +loginShell: /bin/bash + +dn: uid=vpiraino,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vpiraino +uidNumber: 4624 +gidNumber: 1000 +givenName: Vaianu +sn: Piraino +cn: Vaianu Piraino +homeDirectory: /home/vpiraino +gecos: Vaianu Piraino +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWFETXgxZHdoLm5lL0k= +loginShell: /bin/bash + +dn: cn=Shanshan Howe+uid=showe,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: showe +uidNumber: 4625 +gidNumber: 1000 +givenName: Shanshan +sn: Howe +cn: Shanshan Howe +homeDirectory: /home/showe +gecos: Shanshan Howe +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Z0h3T2FobVV6STAvTzJydHRyYzQ0ck9RblZIQ3dOOXg= +loginShell: /bin/bash + +dn: cn=Kim Karmo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kkarmo +uidNumber: 4626 +gidNumber: 1000 +givenName: Kim +sn: Karmo +cn: Kim Karmo +homeDirectory: /home/kkarmo +gecos: Kim Karmo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9Yk43V3MzV1ErWWdURzhIYnhqcGlxb1VVb1VvPQ== +loginShell: /bin/bash + +dn: uid=achhor,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: achhor +uidNumber: 4627 +gidNumber: 1000 +givenName: Alvin +sn: Chhor +cn: Alvin Chhor +homeDirectory: /home/achhor +gecos: Alvin Chhor +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1DQ1FjR2xmK2JyOUQzNWJHdVlHaUxXU2JVajQ9 +loginShell: /bin/bash + +dn: cn=Matt Pilbin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mpilbin +uidNumber: 4628 +gidNumber: 1000 +givenName: Matt +sn: Pilbin +cn: Matt Pilbin +homeDirectory: /home/mpilbin +gecos: Matt Pilbin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y2x1dGNoZWQ= +loginShell: /bin/bash + +dn: cn=Humba Granelli+uid=hgranelli,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hgranelli +uidNumber: 4629 +gidNumber: 1000 +givenName: Humba +sn: Granelli +cn: Humba Granelli +homeDirectory: /home/hgranelli +gecos: Humba Granelli +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWNaak1Gb3FFVGFURXc= +loginShell: /bin/bash + +dn: uid=nciucci,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nciucci +uidNumber: 4630 +gidNumber: 1000 +givenName: Nele +sn: Ciucci +cn: Nele Ciucci +homeDirectory: /home/nciucci +gecos: Nele Ciucci +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YWxkZXJ3b21hbg== +loginShell: /bin/bash + +dn: uid=fmilsaps,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fmilsaps +uidNumber: 4631 +gidNumber: 1000 +givenName: Fame +sn: Milsaps +cn: Fame Milsaps +homeDirectory: /home/fmilsaps +gecos: Fame Milsaps +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVQ1S1pzMXlvcldsYlE= +loginShell: /bin/bash + +dn: uid=mpizzaro,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mpizzaro +uidNumber: 4632 +gidNumber: 1000 +givenName: Man-yi +sn: Pizzaro +cn: Man-yi Pizzaro +homeDirectory: /home/mpizzaro +gecos: Man-yi Pizzaro +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1SY3U1U044T3BCUlRjeVBndzJkdXR1eG1iRGc9 +loginShell: /bin/bash + +dn: uid=asabin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: asabin +uidNumber: 4633 +gidNumber: 1000 +givenName: Atu +sn: Sabin +cn: Atu Sabin +homeDirectory: /home/asabin +gecos: Atu Sabin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWRvSGpFTTlYd3Y2d28= +loginShell: /bin/bash + +dn: cn=Dujuan Ledenbach,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dledenbach +uidNumber: 4634 +gidNumber: 1000 +givenName: Dujuan +sn: Ledenbach +cn: Dujuan Ledenbach +homeDirectory: /home/dledenbach +gecos: Dujuan Ledenbach +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTExd3BoemZvdlJzZFE= +loginShell: /bin/bash + +dn: uid=nagerton,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nagerton +uidNumber: 4635 +gidNumber: 1000 +givenName: Nat +sn: Agerton +cn: Nat Agerton +homeDirectory: /home/nagerton +gecos: Nat Agerton +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9L2ZDSEI2QW9XUzJEMnBhVm9wbWVUMDd0UGwvaStJeFI= +loginShell: /bin/bash + +dn: uid=glemler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: glemler +uidNumber: 4636 +gidNumber: 1000 +givenName: Greg +sn: Lemler +cn: Greg Lemler +homeDirectory: /home/glemler +gecos: Greg Lemler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWF5MzhZUFNGQXowTXM= +loginShell: /bin/bash + +dn: cn=Dora Kopczyk+uid=dkopczyk,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dkopczyk +uidNumber: 4637 +gidNumber: 1000 +givenName: Dora +sn: Kopczyk +cn: Dora Kopczyk +homeDirectory: /home/dkopczyk +gecos: Dora Kopczyk +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9SnZhTmlMVGMwMXJiQVd2clcxMktKVlVsMitNPQ== +loginShell: /bin/bash + +dn: cn=Pat Benik,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pbenik +uidNumber: 4638 +gidNumber: 1000 +givenName: Pat +sn: Benik +cn: Pat Benik +homeDirectory: /home/pbenik +gecos: Pat Benik +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9d1hlaC9VMlRySEp3ZFlrYklHaFk5ZlhxRlgzblB3SHU= +loginShell: /bin/bash + +dn: uid=tplatko,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tplatko +uidNumber: 4639 +gidNumber: 1000 +givenName: Trevor +sn: Platko +cn: Trevor Platko +homeDirectory: /home/tplatko +gecos: Trevor Platko +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1DSzZiUmhiZTByNU1WWEU0NDkwQ2pRPT0= +loginShell: /bin/bash + +dn: cn=Clovis Juntunen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cjuntunen +uidNumber: 4640 +gidNumber: 1000 +givenName: Clovis +sn: Juntunen +cn: Clovis Juntunen +homeDirectory: /home/cjuntunen +gecos: Clovis Juntunen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9emZMTkdrVVV3MTZQNjFHemhLaUxmaG9OV3JrPQ== +loginShell: /bin/bash + +dn: uid=pirby,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pirby +uidNumber: 4641 +gidNumber: 1000 +givenName: Paloma +sn: Irby +cn: Paloma Irby +homeDirectory: /home/pirby +gecos: Paloma Irby +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1TN0RPWGJyQlFTd2VvbytPeVNlWkx4YTBZMHc9 +loginShell: /bin/bash + +dn: cn=Alex Halleck,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ahalleck +uidNumber: 4642 +gidNumber: 1000 +givenName: Alex +sn: Halleck +cn: Alex Halleck +homeDirectory: /home/ahalleck +gecos: Alex Halleck +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9VDExeDNPUmo3VnpkVlZTblJ4SVo5bUNLKzZBPQ== +loginShell: /bin/bash + +dn: uid=ieagon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ieagon +uidNumber: 4643 +gidNumber: 1000 +givenName: Ivan +sn: Eagon +cn: Ivan Eagon +homeDirectory: /home/ieagon +gecos: Ivan Eagon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVNERjlmcmtiVHR4ckU= +loginShell: /bin/bash + +dn: uid=zvanwagoner,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zvanwagoner +uidNumber: 4644 +gidNumber: 1000 +givenName: Zaka +sn: Vanwagoner +cn: Zaka Vanwagoner +homeDirectory: /home/zvanwagoner +gecos: Zaka Vanwagoner +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1WYUg3Zlc2NTc3Q1VvaXMycXlaNDFpcCtmWVE9 +loginShell: /bin/bash + +dn: cn=Kirogi Headlon+uid=kheadlon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kheadlon +uidNumber: 4645 +gidNumber: 1000 +givenName: Kirogi +sn: Headlon +cn: Kirogi Headlon +homeDirectory: /home/kheadlon +gecos: Kirogi Headlon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9djYzaVQ2NDVMR2VxNWZSbkVSZGdvcjkxRnJZbHc1RjU= +loginShell: /bin/bash + +dn: uid=gbumpaus,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gbumpaus +uidNumber: 4646 +gidNumber: 1000 +givenName: Gula +sn: Bumpaus +cn: Gula Bumpaus +homeDirectory: /home/gbumpaus +gecos: Gula Bumpaus +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfU1LQWFzU0ZKNExVLjY= +loginShell: /bin/bash + +dn: uid=kmayoras,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kmayoras +uidNumber: 4647 +gidNumber: 1000 +givenName: Koni +sn: Mayoras +cn: Koni Mayoras +homeDirectory: /home/kmayoras +gecos: Koni Mayoras +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1XU1ROWmpuL2ZoQllZVTYxaWFwam12WGRIYTQ9 +loginShell: /bin/bash + +dn: uid=ibeto,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ibeto +uidNumber: 4648 +gidNumber: 1000 +givenName: Ira +sn: Beto +cn: Ira Beto +homeDirectory: /home/ibeto +gecos: Ira Beto +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9djM2YmRmbENNeVFqSlBseVZmem5abzh4cldiM0U5UDk= +loginShell: /bin/bash + +dn: uid=peickhorst,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: peickhorst +uidNumber: 4649 +gidNumber: 1000 +givenName: Pierre +sn: Eickhorst +cn: Pierre Eickhorst +homeDirectory: /home/peickhorst +gecos: Pierre Eickhorst +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c2Vuc3VhbGl0eSdz +loginShell: /bin/bash + +dn: uid=esonia,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: esonia +uidNumber: 4650 +gidNumber: 1000 +givenName: Enrique +sn: Sonia +cn: Enrique Sonia +homeDirectory: /home/esonia +gecos: Enrique Sonia +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9K0lBRHlDUWdIY2RzL00zeFJWdHNxSlhMMEtBPQ== +loginShell: /bin/bash + +dn: uid=kklavetter,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kklavetter +uidNumber: 4651 +gidNumber: 1000 +givenName: Kelvin +sn: Klavetter +cn: Kelvin Klavetter +homeDirectory: /home/kklavetter +gecos: Kelvin Klavetter +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1sU1lTMEU0M0llb2RyQmNrOG84Nkc0R2lLYk09 +loginShell: /bin/bash + +dn: uid=dnegri,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dnegri +uidNumber: 4652 +gidNumber: 1000 +givenName: Des +sn: Negri +cn: Des Negri +homeDirectory: /home/dnegri +gecos: Des Negri +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfU9PRVNPNXFOR25EYkU= +loginShell: /bin/bash + +dn: cn=Melissa Decourcey+uid=mdecourcey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mdecourcey +uidNumber: 4653 +gidNumber: 1000 +givenName: Melissa +sn: Decourcey +cn: Melissa Decourcey +homeDirectory: /home/mdecourcey +gecos: Melissa Decourcey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9clBrZmU2eWRZTnIzY0hoSnhtYUloclpoNUpFPQ== +loginShell: /bin/bash + +dn: cn=Favio Beryman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fberyman +uidNumber: 4654 +gidNumber: 1000 +givenName: Favio +sn: Beryman +cn: Favio Beryman +homeDirectory: /home/fberyman +gecos: Favio Beryman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9U3hEdkp0TkhUaEQ5cDhDeXR5WjVGSTdmNkgwPQ== +loginShell: /bin/bash + +dn: cn=Norbert Capuchin+uid=ncapuchin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ncapuchin +uidNumber: 4655 +gidNumber: 1000 +givenName: Norbert +sn: Capuchin +cn: Norbert Capuchin +homeDirectory: /home/ncapuchin +gecos: Norbert Capuchin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1YRGp2WHBCOWNpMHBsVkIwY3dFVDZBZHM5YVU9 +loginShell: /bin/bash + +dn: cn=Heta Betterman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hbetterman +uidNumber: 4656 +gidNumber: 1000 +givenName: Heta +sn: Betterman +cn: Heta Betterman +homeDirectory: /home/hbetterman +gecos: Heta Betterman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9dW9EQTNtSmNIQ2s2UkRPbkJURmdnczBvL2VvPQ== +loginShell: /bin/bash + +dn: uid=ctenny,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ctenny +uidNumber: 4657 +gidNumber: 1000 +givenName: Cristina +sn: Tenny +cn: Cristina Tenny +homeDirectory: /home/ctenny +gecos: Cristina Tenny +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9dEowTWpaRG51cHhudGovL0FlZnpMMk82L1VJPQ== +loginShell: /bin/bash + +dn: uid=pfreiberger,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pfreiberger +uidNumber: 4658 +gidNumber: 1000 +givenName: Peni +sn: Freiberger +cn: Peni Freiberger +homeDirectory: /home/pfreiberger +gecos: Peni Freiberger +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Ymg1RlBxWGhhM3AzZnMvNkRSNVVNY1JPRW8vVzd5NUQ= +loginShell: /bin/bash + +dn: uid=ssilbert,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ssilbert +uidNumber: 4659 +gidNumber: 1000 +givenName: Sheila +sn: Silbert +cn: Sheila Silbert +homeDirectory: /home/ssilbert +gecos: Sheila Silbert +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX13dTZnQ2M4L0l2b1RiZjZ6bXMwYngxR25xVWs9 +loginShell: /bin/bash + +dn: cn=Hernan Palmquist+uid=hpalmquist,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hpalmquist +uidNumber: 4660 +gidNumber: 1000 +givenName: Hernan +sn: Palmquist +cn: Hernan Palmquist +homeDirectory: /home/hpalmquist +gecos: Hernan Palmquist +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1aeXhuS1ZVTzZkK3VzL29sZWMvRjFDRmtZK2s9 +loginShell: /bin/bash + +dn: uid=lbenito,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lbenito +uidNumber: 4661 +gidNumber: 1000 +givenName: Lenny +sn: Benito +cn: Lenny Benito +homeDirectory: /home/lbenito +gecos: Lenny Benito +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX12Y3VTek5Cckp4TllUaHhSMndBaGhnPT0= +loginShell: /bin/bash + +dn: uid=jschedler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jschedler +uidNumber: 4662 +gidNumber: 1000 +givenName: Jimena +sn: Schedler +cn: Jimena Schedler +homeDirectory: /home/jschedler +gecos: Jimena Schedler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1qeGpZb2ZxZHFiWU9hYXJJTyttRWFBPT0= +loginShell: /bin/bash + +dn: uid=jlunney,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jlunney +uidNumber: 4663 +gidNumber: 1000 +givenName: Jacob +sn: Lunney +cn: Jacob Lunney +homeDirectory: /home/jlunney +gecos: Jacob Lunney +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWVUY1ZFTTJydE9NaEU= +loginShell: /bin/bash + +dn: uid=hiddings,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hiddings +uidNumber: 4664 +gidNumber: 1000 +givenName: Helen +sn: Iddings +cn: Helen Iddings +homeDirectory: /home/hiddings +gecos: Helen Iddings +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1RUTJZazUxQkZxMjFZcmx3UnRLajZ3PT0= +loginShell: /bin/bash + +dn: cn=Douglas Facenda+uid=dfacenda,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dfacenda +uidNumber: 4665 +gidNumber: 1000 +givenName: Douglas +sn: Facenda +cn: Douglas Facenda +homeDirectory: /home/dfacenda +gecos: Douglas Facenda +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bG9iYnlpc3Q= +loginShell: /bin/bash + +dn: cn=Aletta Blackstock+uid=ablackstock,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ablackstock +uidNumber: 4666 +gidNumber: 1000 +givenName: Aletta +sn: Blackstock +cn: Aletta Blackstock +homeDirectory: /home/ablackstock +gecos: Aletta Blackstock +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9UU52L2ZMU2tVRG5lK2c3M1NZMTYzOHgyR0xxTnR0dXU= +loginShell: /bin/bash + +dn: uid=bguthary,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bguthary +uidNumber: 4667 +gidNumber: 1000 +givenName: Barry +sn: Guthary +cn: Barry Guthary +homeDirectory: /home/bguthary +gecos: Barry Guthary +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9aWFxaGNIaTR5ODF0UXZuaFVQMEsvZTc0TnJRPQ== +loginShell: /bin/bash + +dn: uid=tmccaffity,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tmccaffity +uidNumber: 4668 +gidNumber: 1000 +givenName: Tico +sn: Mccaffity +cn: Tico Mccaffity +homeDirectory: /home/tmccaffity +gecos: Tico Mccaffity +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9THlKWVpOc3lLYVcvbnhDekNadGx6ZlFweHlBPQ== +loginShell: /bin/bash + +dn: cn=Warwick Kappen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wkappen +uidNumber: 4669 +gidNumber: 1000 +givenName: Warwick +sn: Kappen +cn: Warwick Kappen +homeDirectory: /home/wkappen +gecos: Warwick Kappen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1ZQW1DejV3TVFlRXQ5aGJTcWFjdFoxTkZ6dGM9 +loginShell: /bin/bash + +dn: cn=Kimo Adamczyk+uid=kadamczyk,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kadamczyk +uidNumber: 4670 +gidNumber: 1000 +givenName: Kimo +sn: Adamczyk +cn: Kimo Adamczyk +homeDirectory: /home/kadamczyk +gecos: Kimo Adamczyk +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aG9yc2VzaG9lcw== +loginShell: /bin/bash + +dn: uid=upellam,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: upellam +uidNumber: 4671 +gidNumber: 1000 +givenName: Usha +sn: Pellam +cn: Usha Pellam +homeDirectory: /home/upellam +gecos: Usha Pellam +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1aYkFqV1h5MGxyYjRpRHNmd1g4eStXQzRBS2M9 +loginShell: /bin/bash + +dn: uid=tkelly,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tkelly +uidNumber: 4672 +gidNumber: 1000 +givenName: Tako +sn: Kelly +cn: Tako Kelly +homeDirectory: /home/tkelly +gecos: Tako Kelly +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y29heGluZw== +loginShell: /bin/bash + +dn: cn=Pabuk Lanzi+uid=planzi,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: planzi +uidNumber: 4673 +gidNumber: 1000 +givenName: Pabuk +sn: Lanzi +cn: Pabuk Lanzi +homeDirectory: /home/planzi +gecos: Pabuk Lanzi +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9QlJnT2p0dkpXTVNWUHZ4NmRVa29qaHBpWllFSDhuNHM= +loginShell: /bin/bash + +dn: cn=Faxai Vinal,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fvinal +uidNumber: 4674 +gidNumber: 1000 +givenName: Faxai +sn: Vinal +cn: Faxai Vinal +homeDirectory: /home/fvinal +gecos: Faxai Vinal +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9NytZaVZ0MUJxc0YvTEN4dWZueEgxZmpqSzNvPQ== +loginShell: /bin/bash + +dn: cn=Fabio Agro+uid=fagro,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fagro +uidNumber: 4675 +gidNumber: 1000 +givenName: Fabio +sn: Agro +cn: Fabio Agro +homeDirectory: /home/fagro +gecos: Fabio Agro +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTF1LnExcDdBd1drSjY= +loginShell: /bin/bash + +dn: uid=klitehiser,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: klitehiser +uidNumber: 4676 +gidNumber: 1000 +givenName: Krovanh +sn: Litehiser +cn: Krovanh Litehiser +homeDirectory: /home/klitehiser +gecos: Krovanh Litehiser +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWpUTXZaOWJ5SGpKdS4= +loginShell: /bin/bash + +dn: uid=ttorregrossa,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ttorregrossa +uidNumber: 4677 +gidNumber: 1000 +givenName: Talim +sn: Torregrossa +cn: Talim Torregrossa +homeDirectory: /home/ttorregrossa +gecos: Talim Torregrossa +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1wVUVWZDZiYUR2ZFNFZ1RDc09YSTNRPT0= +loginShell: /bin/bash + +dn: cn=Vania Lubic,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vlubic +uidNumber: 4678 +gidNumber: 1000 +givenName: Vania +sn: Lubic +cn: Vania Lubic +homeDirectory: /home/vlubic +gecos: Vania Lubic +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9TWhCc2hJTkovdlpzY0tiUk50R2VyT3l2b1ZvMkR4VDI= +loginShell: /bin/bash + +dn: uid=ksheeler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ksheeler +uidNumber: 4679 +gidNumber: 1000 +givenName: Klaus +sn: Sheeler +cn: Klaus Sheeler +homeDirectory: /home/ksheeler +gecos: Klaus Sheeler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9am90d01XNHZ2TzBzVTJTM1hYYmhtaEZMaUFDRTNSa2g= +loginShell: /bin/bash + +dn: uid=mtoves,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mtoves +uidNumber: 4680 +gidNumber: 1000 +givenName: Meari +sn: Toves +cn: Meari Toves +homeDirectory: /home/mtoves +gecos: Meari Toves +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTNWQ1hVbXl6cVZDdzY= +loginShell: /bin/bash + +dn: uid=rrodberg,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rrodberg +uidNumber: 4681 +gidNumber: 1000 +givenName: Ramon +sn: Rodberg +cn: Ramon Rodberg +homeDirectory: /home/rrodberg +gecos: Ramon Rodberg +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1qbTVHU1hGbHVTMmErM2p0T09oZllBPT0= +loginShell: /bin/bash + +dn: uid=ksiering,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ksiering +uidNumber: 4682 +gidNumber: 1000 +givenName: Kate +sn: Siering +cn: Kate Siering +homeDirectory: /home/ksiering +gecos: Kate Siering +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cGF5cm9sbHM= +loginShell: /bin/bash + +dn: uid=jmingo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jmingo +uidNumber: 4683 +gidNumber: 1000 +givenName: Jack +sn: Mingo +cn: Jack Mingo +homeDirectory: /home/jmingo +gecos: Jack Mingo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y2VudHJhbGx5 +loginShell: /bin/bash + +dn: uid=ichewning,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ichewning +uidNumber: 4684 +gidNumber: 1000 +givenName: Inez +sn: Chewning +cn: Inez Chewning +homeDirectory: /home/ichewning +gecos: Inez Chewning +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1ac2c2N1RxQ1RkTzN4cDZsVWJwNUFubTlMV2s9 +loginShell: /bin/bash + +dn: uid=opoch,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: opoch +uidNumber: 4685 +gidNumber: 1000 +givenName: Ofelia +sn: Poch +cn: Ofelia Poch +homeDirectory: /home/opoch +gecos: Ofelia Poch +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Z2VSNmFseUFrTFRJemdvOHk2cCtNWHRDMzJRNUZHUnE= +loginShell: /bin/bash + +dn: cn=Hettie Sadiq+uid=hsadiq,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hsadiq +uidNumber: 4686 +gidNumber: 1000 +givenName: Hettie +sn: Sadiq +cn: Hettie Sadiq +homeDirectory: /home/hsadiq +gecos: Hettie Sadiq +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1TZDJ2cVR0QVV1RmVCQnBEMURRLzJnPT0= +loginShell: /bin/bash + +dn: cn=Julia Gobble+uid=jgobble,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jgobble +uidNumber: 4687 +gidNumber: 1000 +givenName: Julia +sn: Gobble +cn: Julia Gobble +homeDirectory: /home/jgobble +gecos: Julia Gobble +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX15M0pTRnR5cXdnU2lmTTdic2NvTDBML0pFaHM9 +loginShell: /bin/bash + +dn: uid=vbigalow,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vbigalow +uidNumber: 4688 +gidNumber: 1000 +givenName: Veli +sn: Bigalow +cn: Veli Bigalow +homeDirectory: /home/vbigalow +gecos: Veli Bigalow +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9NXVGSG83YUdVYWoydGRCdlZnTEszVmUyVWxFPQ== +loginShell: /bin/bash + +dn: uid=bwaymon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bwaymon +uidNumber: 4689 +gidNumber: 1000 +givenName: Beni +sn: Waymon +cn: Beni Waymon +homeDirectory: /home/bwaymon +gecos: Beni Waymon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9SXBDVlVMcU1TTkR6bmxQMU9HM2lVNlVPT2NzPQ== +loginShell: /bin/bash + +dn: uid=lbove,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lbove +uidNumber: 4690 +gidNumber: 1000 +givenName: Lane +sn: Bove +cn: Lane Bove +homeDirectory: /home/lbove +gecos: Lane Bove +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9aFhaQ2RHanh1bmdNc2cyKy82N2kzVkY3ZFBXNkxVZ0c= +loginShell: /bin/bash + +dn: uid=hstreitnatter,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hstreitnatter +uidNumber: 4691 +gidNumber: 1000 +givenName: Harold +sn: Streitnatter +cn: Harold Streitnatter +homeDirectory: /home/hstreitnatter +gecos: Harold Streitnatter +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1yemZRaXVJb3FIM0dzbVg5RUJuSmZRPT0= +loginShell: /bin/bash + +dn: cn=Luis Batra,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lbatra +uidNumber: 4692 +gidNumber: 1000 +givenName: Luis +sn: Batra +cn: Luis Batra +homeDirectory: /home/lbatra +gecos: Luis Batra +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1rSWlBSUpwazZsT2E2TnhmMjM0S2tRPT0= +loginShell: /bin/bash + +dn: uid=bvanscooter,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bvanscooter +uidNumber: 4693 +gidNumber: 1000 +givenName: Blanch +sn: Vanscooter +cn: Blanch Vanscooter +homeDirectory: /home/bvanscooter +gecos: Blanch Vanscooter +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9TVZKcnFIQWlmNjBaNzF0YVhLUHA5Sjl1S0lBaEJFOUw= +loginShell: /bin/bash + +dn: cn=Podul Heisdorffer+uid=pheisdorffer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pheisdorffer +uidNumber: 4694 +gidNumber: 1000 +givenName: Podul +sn: Heisdorffer +cn: Podul Heisdorffer +homeDirectory: /home/pheisdorffer +gecos: Podul Heisdorffer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfS5tV2tmYllkOVYvMFE= +loginShell: /bin/bash + +dn: uid=mfitzherbert,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mfitzherbert +uidNumber: 4695 +gidNumber: 1000 +givenName: Ma-on +sn: Fitzherbert +cn: Ma-on Fitzherbert +homeDirectory: /home/mfitzherbert +gecos: Ma-on Fitzherbert +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ci8zOER6UlhPak9tRjRIYW1CN1gwakFLWVp3PQ== +loginShell: /bin/bash + +dn: uid=lbartimeus,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lbartimeus +uidNumber: 4696 +gidNumber: 1000 +givenName: Lisa +sn: Bartimeus +cn: Lisa Bartimeus +homeDirectory: /home/lbartimeus +gecos: Lisa Bartimeus +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9L3F2MnhuSzJPZ24wT004WEpYL2w1eW9iQ0F6K0lKcWk= +loginShell: /bin/bash + +dn: uid=ssandine,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ssandine +uidNumber: 4697 +gidNumber: 1000 +givenName: Shyra +sn: Sandine +cn: Shyra Sandine +homeDirectory: /home/ssandine +gecos: Shyra Sandine +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0vSlZhR2E1UGd1Rk5JOEplTlI2M0R3d0NjTjA9 +loginShell: /bin/bash + +dn: cn=Iselle Eckhardt,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ieckhardt +uidNumber: 4698 +gidNumber: 1000 +givenName: Iselle +sn: Eckhardt +cn: Iselle Eckhardt +homeDirectory: /home/ieckhardt +gecos: Iselle Eckhardt +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9K1NrWDNDNWE5UWVYaldwYzVXQTd1NExXV1NXam9lVFk= +loginShell: /bin/bash + +dn: uid=vwabasha,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vwabasha +uidNumber: 4699 +gidNumber: 1000 +givenName: Vaianu +sn: Wabasha +cn: Vaianu Wabasha +homeDirectory: /home/vwabasha +gecos: Vaianu Wabasha +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1RU2M2eXlQR1VxSDl5cVMwZVFIMmtRPT0= +loginShell: /bin/bash + +dn: cn=Alberto Musemeche,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: amusemeche +uidNumber: 4700 +gidNumber: 1000 +givenName: Alberto +sn: Musemeche +cn: Alberto Musemeche +homeDirectory: /home/amusemeche +gecos: Alberto Musemeche +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9dWhvYWRiQUxQY0hNelNFN2ZUbVdCdDU1RGVzPQ== +loginShell: /bin/bash + +dn: uid=afeinen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: afeinen +uidNumber: 4701 +gidNumber: 1000 +givenName: Agatha +sn: Feinen +cn: Agatha Feinen +homeDirectory: /home/afeinen +gecos: Agatha Feinen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9N2tQRnpEOFBWc0xUdXl0RXpPdm42cGwzY0lrPQ== +loginShell: /bin/bash + +dn: uid=rlagrone,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rlagrone +uidNumber: 4702 +gidNumber: 1000 +givenName: Rosa +sn: Lagrone +cn: Rosa Lagrone +homeDirectory: /home/rlagrone +gecos: Rosa Lagrone +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9VVdkWkRNZFJ6Tmt0RDZXVkFZUlNkM2dQRFVDU2ZkMUo= +loginShell: /bin/bash + +dn: cn=Charley Tewari+uid=ctewari,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ctewari +uidNumber: 4703 +gidNumber: 1000 +givenName: Charley +sn: Tewari +cn: Charley Tewari +homeDirectory: /home/ctewari +gecos: Charley Tewari +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1NSUx5T1M4QnVSellWTWhWdmx5TjJ3PT0= +loginShell: /bin/bash + +dn: uid=mcidre,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mcidre +uidNumber: 4704 +gidNumber: 1000 +givenName: Matthew +sn: Cidre +cn: Matthew Cidre +homeDirectory: /home/mcidre +gecos: Matthew Cidre +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ZUZMZFpHcDB6Z1VSeTRseFVSRHF2NTRNa0h4eHkyWEk= +loginShell: /bin/bash + +dn: cn=Iolana Piontek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ipiontek +uidNumber: 4705 +gidNumber: 1000 +givenName: Iolana +sn: Piontek +cn: Iolana Piontek +homeDirectory: /home/ipiontek +gecos: Iolana Piontek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9UVZZYytuRlg1dW5UV3pOdWIrL2ROcXNNT1hvPQ== +loginShell: /bin/bash + +dn: uid=bbuhoveckey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bbuhoveckey +uidNumber: 4706 +gidNumber: 1000 +givenName: Bolaven +sn: Buhoveckey +cn: Bolaven Buhoveckey +homeDirectory: /home/bbuhoveckey +gecos: Bolaven Buhoveckey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWVidzdac2cwWTdhVy4= +loginShell: /bin/bash + +dn: uid=kmisove,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kmisove +uidNumber: 4707 +gidNumber: 1000 +givenName: Keli +sn: Misove +cn: Keli Misove +homeDirectory: /home/kmisove +gecos: Keli Misove +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aXJyZWNvbmNpbGFibGU= +loginShell: /bin/bash + +dn: uid=gfaire,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gfaire +uidNumber: 4708 +gidNumber: 1000 +givenName: Guchol +sn: Faire +cn: Guchol Faire +homeDirectory: /home/gfaire +gecos: Guchol Faire +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1jazRaMGlGd1ZrdnJRYVl6S3RXWTdBRWhrRVE9 +loginShell: /bin/bash + +dn: uid=emori,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: emori +uidNumber: 4709 +gidNumber: 1000 +givenName: Ekeka +sn: Mori +cn: Ekeka Mori +homeDirectory: /home/emori +gecos: Ekeka Mori +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1sMklwYzU1QWVmaW9XZk1FYWJPTzVzN0xqZzQ9 +loginShell: /bin/bash + +dn: uid=wzappa,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wzappa +uidNumber: 4710 +gidNumber: 1000 +givenName: Whitney +sn: Zappa +cn: Whitney Zappa +homeDirectory: /home/wzappa +gecos: Whitney Zappa +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Z29uZXJz +loginShell: /bin/bash + +dn: uid=mespinel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mespinel +uidNumber: 4711 +gidNumber: 1000 +givenName: Michael +sn: Espinel +cn: Michael Espinel +homeDirectory: /home/mespinel +gecos: Michael Espinel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWNRS2hDYWZsMUNFNWc= +loginShell: /bin/bash + +dn: uid=edrinkwater,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: edrinkwater +uidNumber: 4712 +gidNumber: 1000 +givenName: Estelle +sn: Drinkwater +cn: Estelle Drinkwater +homeDirectory: /home/edrinkwater +gecos: Estelle Drinkwater +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aW5mbGV4aWJseQ== +loginShell: /bin/bash + +dn: uid=gstorrer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gstorrer +uidNumber: 4713 +gidNumber: 1000 +givenName: George +sn: Storrer +cn: George Storrer +homeDirectory: /home/gstorrer +gecos: George Storrer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9dCtMZFd2aWwyc0cyYmRlS3R0VUIrNnAwZWNrPQ== +loginShell: /bin/bash + +dn: uid=wdagrella,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wdagrella +uidNumber: 4714 +gidNumber: 1000 +givenName: Wiley +sn: Dagrella +cn: Wiley Dagrella +homeDirectory: /home/wdagrella +gecos: Wiley Dagrella +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWlkanFXU1ZNNjMwRFk= +loginShell: /bin/bash + +dn: uid=mgayden,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mgayden +uidNumber: 4715 +gidNumber: 1000 +givenName: Matsa +sn: Gayden +cn: Matsa Gayden +homeDirectory: /home/mgayden +gecos: Matsa Gayden +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1lNEtqR2p0cjdyRXFYZFEwdHEyWnFRPT0= +loginShell: /bin/bash + +dn: uid=aferge,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: aferge +uidNumber: 4716 +gidNumber: 1000 +givenName: Audrey +sn: Ferge +cn: Audrey Ferge +homeDirectory: /home/aferge +gecos: Audrey Ferge +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfW4wT0wwOUttMXNCNG8= +loginShell: /bin/bash + +dn: uid=stiry,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: stiry +uidNumber: 4717 +gidNumber: 1000 +givenName: Sama +sn: Tiry +cn: Sama Tiry +homeDirectory: /home/stiry +gecos: Sama Tiry +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9cVdVUExOQVlIcGk0V05QR3FHQWZ1d3MySWpJQWdGQVo= +loginShell: /bin/bash + +dn: uid=nrabsatt,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nrabsatt +uidNumber: 4718 +gidNumber: 1000 +givenName: Neville +sn: Rabsatt +cn: Neville Rabsatt +homeDirectory: /home/nrabsatt +gecos: Neville Rabsatt +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9WkExdWVpV3ViN2RYNERWcTZ5a1ZtRkR4cXowPQ== +loginShell: /bin/bash + +dn: uid=dherard,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dherard +uidNumber: 4719 +gidNumber: 1000 +givenName: Donna +sn: Herard +cn: Donna Herard +homeDirectory: /home/dherard +gecos: Donna Herard +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cFBZemlIRVErcHlCNm5HRVVVRExiNjRtajFZPQ== +loginShell: /bin/bash + +dn: uid=seastridge,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: seastridge +uidNumber: 4720 +gidNumber: 1000 +givenName: Shary +sn: Eastridge +cn: Shary Eastridge +homeDirectory: /home/seastridge +gecos: Shary Eastridge +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX10WVBERjcxMUFIREl6T1MyR1N1Ulp3ZUIrUWM9 +loginShell: /bin/bash + +dn: cn=Chaba Patrich+uid=cpatrich,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cpatrich +uidNumber: 4721 +gidNumber: 1000 +givenName: Chaba +sn: Patrich +cn: Chaba Patrich +homeDirectory: /home/cpatrich +gecos: Chaba Patrich +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1WS1RnK2k1d0RjTDE5cUpoN0lhTGhjU0x5dEk9 +loginShell: /bin/bash + +dn: cn=Sebastien Vincenzo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: svincenzo +uidNumber: 4722 +gidNumber: 1000 +givenName: Sebastien +sn: Vincenzo +cn: Sebastien Vincenzo +homeDirectory: /home/svincenzo +gecos: Sebastien Vincenzo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ZjJuS2tRTXN0KzkwOFhjMGhza01GM3FCM0dIem9nNXc= +loginShell: /bin/bash + +dn: cn=Miriam Medlar,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mmedlar +uidNumber: 4723 +gidNumber: 1000 +givenName: Miriam +sn: Medlar +cn: Miriam Medlar +homeDirectory: /home/mmedlar +gecos: Miriam Medlar +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9VFA0ck1SQTh5T3VGSStDOEFuSDg4YStPdmtRPQ== +loginShell: /bin/bash + +dn: uid=phardung,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: phardung +uidNumber: 4724 +gidNumber: 1000 +givenName: Peke +sn: Hardung +cn: Peke Hardung +homeDirectory: /home/phardung +gecos: Peke Hardung +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c2FtcGxlcw== +loginShell: /bin/bash + +dn: cn=Oka Osterhouse,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: oosterhouse +uidNumber: 4725 +gidNumber: 1000 +givenName: Oka +sn: Osterhouse +cn: Oka Osterhouse +homeDirectory: /home/oosterhouse +gecos: Oka Osterhouse +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfU9QeXYwaG9VTnNmeGc= +loginShell: /bin/bash + +dn: uid=gshrode,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gshrode +uidNumber: 4726 +gidNumber: 1000 +givenName: Gilbert +sn: Shrode +cn: Gilbert Shrode +homeDirectory: /home/gshrode +gecos: Gilbert Shrode +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZGlzdGlsbGVyeSdz +loginShell: /bin/bash + +dn: uid=rhoffschneider,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rhoffschneider +uidNumber: 4727 +gidNumber: 1000 +givenName: Roke +sn: Hoffschneider +cn: Roke Hoffschneider +homeDirectory: /home/rhoffschneider +gecos: Roke Hoffschneider +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1XRldBVHNReFFicFVqa3BmWFVpbGs0Q1hqV3M9 +loginShell: /bin/bash + +dn: uid=wschmuck,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wschmuck +uidNumber: 4728 +gidNumber: 1000 +givenName: Wutip +sn: Schmuck +cn: Wutip Schmuck +homeDirectory: /home/wschmuck +gecos: Wutip Schmuck +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTFyZTJuWU9NeWV1N0U= +loginShell: /bin/bash + +dn: uid=owero,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: owero +uidNumber: 4729 +gidNumber: 1000 +givenName: Omais +sn: Wero +cn: Omais Wero +homeDirectory: /home/owero +gecos: Omais Wero +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWxvSk5yOXZkTkhEdGM= +loginShell: /bin/bash + +dn: uid=rcolindres,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rcolindres +uidNumber: 4730 +gidNumber: 1000 +givenName: Raqual +sn: Colindres +cn: Raqual Colindres +homeDirectory: /home/rcolindres +gecos: Raqual Colindres +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0yZ2NwQTkrNW1CVlZxRndkeHp4c2F3PT0= +loginShell: /bin/bash + +dn: uid=ikulbida,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ikulbida +uidNumber: 4731 +gidNumber: 1000 +givenName: Ione +sn: Kulbida +cn: Ione Kulbida +homeDirectory: /home/ikulbida +gecos: Ione Kulbida +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXB2WGpBb2lkdklXTy4= +loginShell: /bin/bash + +dn: uid=sdenina,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sdenina +uidNumber: 4732 +gidNumber: 1000 +givenName: Sean +sn: Denina +cn: Sean Denina +homeDirectory: /home/sdenina +gecos: Sean Denina +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9WWVUTE81ODZrem5sSHd5YXJ1R3c5TkRyK1l4eHlhWGs= +loginShell: /bin/bash + +dn: uid=gettl,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gettl +uidNumber: 4733 +gidNumber: 1000 +givenName: Genevieve +sn: Ettl +cn: Genevieve Ettl +homeDirectory: /home/gettl +gecos: Genevieve Ettl +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUxBOXZucC5wMjBSZHM= +loginShell: /bin/bash + +dn: cn=Changmi Dewoody,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cdewoody +uidNumber: 4734 +gidNumber: 1000 +givenName: Changmi +sn: Dewoody +cn: Changmi Dewoody +homeDirectory: /home/cdewoody +gecos: Changmi Dewoody +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXpoVDY5Y2VCZUdoOGs= +loginShell: /bin/bash + +dn: uid=lversage,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lversage +uidNumber: 4735 +gidNumber: 1000 +givenName: Laura +sn: Versage +cn: Laura Versage +homeDirectory: /home/lversage +gecos: Laura Versage +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9dE1kVkJIT09ZR044N21NbGF4aW9YWC9QMktzPQ== +loginShell: /bin/bash + +dn: uid=yverbeke,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: yverbeke +uidNumber: 4736 +gidNumber: 1000 +givenName: Yolanda +sn: Verbeke +cn: Yolanda Verbeke +homeDirectory: /home/yverbeke +gecos: Yolanda Verbeke +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3Vycm9nYXRlJ3M= +loginShell: /bin/bash + +dn: uid=egivliani,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: egivliani +uidNumber: 4737 +gidNumber: 1000 +givenName: Emau +sn: Givliani +cn: Emau Givliani +homeDirectory: /home/egivliani +gecos: Emau Givliani +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9bFYzcnNYc3JONWVxYTgrcUh4SHlDc2lTNnhzPQ== +loginShell: /bin/bash + +dn: uid=joligee,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: joligee +uidNumber: 4738 +gidNumber: 1000 +givenName: Jasmine +sn: Oligee +cn: Jasmine Oligee +homeDirectory: /home/joligee +gecos: Jasmine Oligee +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWU1VHRDRVQuME1GZjY= +loginShell: /bin/bash + +dn: uid=hfenk,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hfenk +uidNumber: 4739 +gidNumber: 1000 +givenName: Henri +sn: Fenk +cn: Henri Fenk +homeDirectory: /home/hfenk +gecos: Henri Fenk +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1TcS9QV3F1OEVSZ3huRnBZMGV0aWJMZkhrUWs9 +loginShell: /bin/bash + +dn: uid=nlatchaw,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nlatchaw +uidNumber: 4740 +gidNumber: 1000 +givenName: Nathan +sn: Latchaw +cn: Nathan Latchaw +homeDirectory: /home/nlatchaw +gecos: Nathan Latchaw +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1PTTJ3SUFQTG9QbFJ5UUtTdUxDYVlRPT0= +loginShell: /bin/bash + +dn: uid=sestabillo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sestabillo +uidNumber: 4741 +gidNumber: 1000 +givenName: Simon +sn: Estabillo +cn: Simon Estabillo +homeDirectory: /home/sestabillo +gecos: Simon Estabillo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9YUU1UndKUktDK1QvL24xYnNnL1p6bUQ3dFV3blJvemE= +loginShell: /bin/bash + +dn: uid=oalthouse,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: oalthouse +uidNumber: 4742 +gidNumber: 1000 +givenName: Oliwa +sn: Althouse +cn: Oliwa Althouse +homeDirectory: /home/oalthouse +gecos: Oliwa Althouse +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9dHc4ZWkzRXV0Wm1hM0VNWkZxejM0elVkSlJvPQ== +loginShell: /bin/bash + +dn: uid=wpoudrier,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wpoudrier +uidNumber: 4743 +gidNumber: 1000 +givenName: Warwick +sn: Poudrier +cn: Warwick Poudrier +homeDirectory: /home/wpoudrier +gecos: Warwick Poudrier +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9M2tOa3ZMVGpWb3JHQUdxMHlqeURVS1JiSTFDcHZvUlc= +loginShell: /bin/bash + +dn: uid=nerbach,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nerbach +uidNumber: 4744 +gidNumber: 1000 +givenName: Nicky +sn: Erbach +cn: Nicky Erbach +homeDirectory: /home/nerbach +gecos: Nicky Erbach +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1oY1hDVlNJYmVaeDFTQ3hZRy96MWJnPT0= +loginShell: /bin/bash + +dn: uid=pcornn,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pcornn +uidNumber: 4745 +gidNumber: 1000 +givenName: Pulane +sn: Cornn +cn: Pulane Cornn +homeDirectory: /home/pcornn +gecos: Pulane Cornn +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZW50aXRsaW5n +loginShell: /bin/bash + +dn: uid=mkawai,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mkawai +uidNumber: 4746 +gidNumber: 1000 +givenName: Megkhla +sn: Kawai +cn: Megkhla Kawai +homeDirectory: /home/mkawai +gecos: Megkhla Kawai +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1pZktFa3V1dnJlZU00OXVhdTl3K296VnJ1VW89 +loginShell: /bin/bash + +dn: cn=Gula Divalerio,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gdivalerio +uidNumber: 4747 +gidNumber: 1000 +givenName: Gula +sn: Divalerio +cn: Gula Divalerio +homeDirectory: /home/gdivalerio +gecos: Gula Divalerio +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX11Y2xOUldHNW8wemlsQ3NKU1BOTVJBPT0= +loginShell: /bin/bash + +dn: uid=glafontaine,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: glafontaine +uidNumber: 4748 +gidNumber: 1000 +givenName: Garry +sn: Lafontaine +cn: Garry Lafontaine +homeDirectory: /home/glafontaine +gecos: Garry Lafontaine +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1pZFpHU3pKNzlYMWxDVktSZkNxUmV3PT0= +loginShell: /bin/bash + +dn: uid=cbourek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cbourek +uidNumber: 4749 +gidNumber: 1000 +givenName: Cliff +sn: Bourek +cn: Cliff Bourek +homeDirectory: /home/cbourek +gecos: Cliff Bourek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX00cXB6ZExreWVUSzgyQzYyUVhTdHNBPT0= +loginShell: /bin/bash + +dn: uid=lgradilla,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lgradilla +uidNumber: 4750 +gidNumber: 1000 +givenName: Li +sn: Gradilla +cn: Li Gradilla +homeDirectory: /home/lgradilla +gecos: Li Gradilla +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXhtUHFZSTZBSXd5VzI= +loginShell: /bin/bash + +dn: uid=wnunziata,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wnunziata +uidNumber: 4751 +gidNumber: 1000 +givenName: Wati +sn: Nunziata +cn: Wati Nunziata +homeDirectory: /home/wnunziata +gecos: Wati Nunziata +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWxkNFFFTTdYNDFEVlk= +loginShell: /bin/bash + +dn: cn=Ike Makofsky+uid=imakofsky,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: imakofsky +uidNumber: 4752 +gidNumber: 1000 +givenName: Ike +sn: Makofsky +cn: Ike Makofsky +homeDirectory: /home/imakofsky +gecos: Ike Makofsky +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUFUR2NCQVV4Y3o5d1U= +loginShell: /bin/bash + +dn: uid=nlaizure,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nlaizure +uidNumber: 4753 +gidNumber: 1000 +givenName: Nancy +sn: Laizure +cn: Nancy Laizure +homeDirectory: /home/nlaizure +gecos: Nancy Laizure +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9OFJ2SUc3NThOZlc5M1gyd2x6bmVEaG9YMWxFPQ== +loginShell: /bin/bash + +dn: uid=bamaker,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bamaker +uidNumber: 4754 +gidNumber: 1000 +givenName: Beryl +sn: Amaker +cn: Beryl Amaker +homeDirectory: /home/bamaker +gecos: Beryl Amaker +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUE1ZUxqNG93N1lFek0= +loginShell: /bin/bash + +dn: uid=tboock,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tboock +uidNumber: 4755 +gidNumber: 1000 +givenName: Tuma +sn: Boock +cn: Tuma Boock +homeDirectory: /home/tboock +gecos: Tuma Boock +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9VkxxQXVXM0JnY1dvanhRUEI3V0N2c3k0aXNFSXdyUjY= +loginShell: /bin/bash + +dn: uid=moser,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: moser +uidNumber: 4756 +gidNumber: 1000 +givenName: Mitchell +sn: Oser +cn: Mitchell Oser +homeDirectory: /home/moser +gecos: Mitchell Oser +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9b3lKaGViVGs1MTZSM3FoSjhpdkFxTkZsQ2xNPQ== +loginShell: /bin/bash + +dn: uid=cblumstein,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cblumstein +uidNumber: 4757 +gidNumber: 1000 +givenName: Chaba +sn: Blumstein +cn: Chaba Blumstein +homeDirectory: /home/cblumstein +gecos: Chaba Blumstein +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c2NhcmZlZA== +loginShell: /bin/bash + +dn: uid=ewismer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ewismer +uidNumber: 4758 +gidNumber: 1000 +givenName: Estelle +sn: Wismer +cn: Estelle Wismer +homeDirectory: /home/ewismer +gecos: Estelle Wismer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YWRkZW5kdW0ncw== +loginShell: /bin/bash + +dn: cn=Guduza Gase,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ggase +uidNumber: 4759 +gidNumber: 1000 +givenName: Guduza +sn: Gase +cn: Guduza Gase +homeDirectory: /home/ggase +gecos: Guduza Gase +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfW85VkpVU256azVNTVU= +loginShell: /bin/bash + +dn: uid=jskafec,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jskafec +uidNumber: 4760 +gidNumber: 1000 +givenName: Jokwe +sn: Skafec +cn: Jokwe Skafec +homeDirectory: /home/jskafec +gecos: Jokwe Skafec +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1xMmJHZnhzQ0J4SnJxL3JtRXBocVQwTTFnQzA9 +loginShell: /bin/bash + +dn: uid=gcrossfield,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gcrossfield +uidNumber: 4761 +gidNumber: 1000 +givenName: Guchol +sn: Crossfield +cn: Guchol Crossfield +homeDirectory: /home/gcrossfield +gecos: Guchol Crossfield +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9NTJ0Z2xvdmtUcUV3ZkRiSmZlYlJNa0tzUWE3YTZReHg= +loginShell: /bin/bash + +dn: cn=Frances Nollora+uid=fnollora,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fnollora +uidNumber: 4762 +gidNumber: 1000 +givenName: Frances +sn: Nollora +cn: Frances Nollora +homeDirectory: /home/fnollora +gecos: Frances Nollora +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTJzWlFoZ1JReld1cUU= +loginShell: /bin/bash + +dn: cn=Errol Prosper,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eprosper +uidNumber: 4763 +gidNumber: 1000 +givenName: Errol +sn: Prosper +cn: Errol Prosper +homeDirectory: /home/eprosper +gecos: Errol Prosper +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZWZmZWN0aXZlbmVzcydz +loginShell: /bin/bash + +dn: cn=Warura Kirkegaard,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wkirkegaard +uidNumber: 4764 +gidNumber: 1000 +givenName: Warura +sn: Kirkegaard +cn: Warura Kirkegaard +homeDirectory: /home/wkirkegaard +gecos: Warura Kirkegaard +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9MWRvSWJJS1B2ZVRLZGJPdm9zL0I3UkNWcmp3PQ== +loginShell: /bin/bash + +dn: uid=eyslava,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eyslava +uidNumber: 4765 +gidNumber: 1000 +givenName: Etau +sn: Yslava +cn: Etau Yslava +homeDirectory: /home/eyslava +gecos: Etau Yslava +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX14NXo5YXFaUGtrRTdZYjFhdEN4WmVtOXFzQVk9 +loginShell: /bin/bash + +dn: uid=bcatholic,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bcatholic +uidNumber: 4766 +gidNumber: 1000 +givenName: Barbara +sn: Catholic +cn: Barbara Catholic +homeDirectory: /home/bcatholic +gecos: Barbara Catholic +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aGFuZ2luZw== +loginShell: /bin/bash + +dn: uid=cbrunsting,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cbrunsting +uidNumber: 4767 +gidNumber: 1000 +givenName: Coral +sn: Brunsting +cn: Coral Brunsting +homeDirectory: /home/cbrunsting +gecos: Coral Brunsting +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZGlzdHJpYnV0ZWQ= +loginShell: /bin/bash + +dn: cn=Cora Dudziak,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cdudziak +uidNumber: 4768 +gidNumber: 1000 +givenName: Cora +sn: Dudziak +cn: Cora Dudziak +homeDirectory: /home/cdudziak +gecos: Cora Dudziak +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX13cDRXWmNTZDQ3RFZXRnYwWVVEQ3RDb2FLeVk9 +loginShell: /bin/bash + +dn: cn=Koni Leardi+uid=kleardi,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kleardi +uidNumber: 4769 +gidNumber: 1000 +givenName: Koni +sn: Leardi +cn: Koni Leardi +homeDirectory: /home/kleardi +gecos: Koni Leardi +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y29vcGVyYXRpb24= +loginShell: /bin/bash + +dn: uid=kconkey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kconkey +uidNumber: 4770 +gidNumber: 1000 +givenName: Khanun +sn: Conkey +cn: Khanun Conkey +homeDirectory: /home/kconkey +gecos: Khanun Conkey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9OStMbUJ2dGx5U255dEtPVWh6WlhMa25raEJUQnU5RlU= +loginShell: /bin/bash + +dn: cn=Cindy Boecker+uid=cboecker,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cboecker +uidNumber: 4771 +gidNumber: 1000 +givenName: Cindy +sn: Boecker +cn: Cindy Boecker +homeDirectory: /home/cboecker +gecos: Cindy Boecker +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1HVXduZWYyZ2lzQm9uZWFDY1NpRDRnPT0= +loginShell: /bin/bash + +dn: uid=mmcchristian,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mmcchristian +uidNumber: 4772 +gidNumber: 1000 +givenName: Matere +sn: Mcchristian +cn: Matere Mcchristian +homeDirectory: /home/mmcchristian +gecos: Matere Mcchristian +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWVFR1NtOHI2MENTY0E= +loginShell: /bin/bash + +dn: uid=krahman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: krahman +uidNumber: 4773 +gidNumber: 1000 +givenName: Kompasu +sn: Rahman +cn: Kompasu Rahman +homeDirectory: /home/krahman +gecos: Kompasu Rahman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9c0lCdkJpZnA1T0tUdmJ4ZVdqTTVzWXk5UTI3MlVhZmI= +loginShell: /bin/bash + +dn: uid=iyorks,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: iyorks +uidNumber: 4774 +gidNumber: 1000 +givenName: Io +sn: Yorks +cn: Io Yorks +homeDirectory: /home/iyorks +gecos: Io Yorks +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cTVxV1crZVZ1ZVcyUXhCcWZMa0k4ZEMzSTk0PQ== +loginShell: /bin/bash + +dn: uid=nradican,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nradican +uidNumber: 4775 +gidNumber: 1000 +givenName: Nida +sn: Radican +cn: Nida Radican +homeDirectory: /home/nradican +gecos: Nida Radican +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1UTy9LK2NYaVp4K1FDZzY1bWtqWERBPT0= +loginShell: /bin/bash + +dn: uid=dfollman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dfollman +uidNumber: 4776 +gidNumber: 1000 +givenName: Dianmu +sn: Follman +cn: Dianmu Follman +homeDirectory: /home/dfollman +gecos: Dianmu Follman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RGVycFhmVmxEbEVKM2lXWFdtZmFjSklNdWk4PQ== +loginShell: /bin/bash + +dn: cn=Khanun Stachurski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kstachurski +uidNumber: 4777 +gidNumber: 1000 +givenName: Khanun +sn: Stachurski +cn: Khanun Stachurski +homeDirectory: /home/kstachurski +gecos: Khanun Stachurski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cDM0V1RoT01RRVVTSW4vTy9CcUhPSXdVRjNBPQ== +loginShell: /bin/bash + +dn: uid=hpolintan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hpolintan +uidNumber: 4778 +gidNumber: 1000 +givenName: Hagar +sn: Polintan +cn: Hagar Polintan +homeDirectory: /home/hpolintan +gecos: Hagar Polintan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9a3l1YmNWWHdwd1I5OWlSR1hNRWFVMk5jcUlzPQ== +loginShell: /bin/bash + +dn: uid=ireeser,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ireeser +uidNumber: 4779 +gidNumber: 1000 +givenName: Isidore +sn: Reeser +cn: Isidore Reeser +homeDirectory: /home/ireeser +gecos: Isidore Reeser +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9bUU3YTdWM0dsMUxYemU2dGI5NkFlVm9Vd0l0dTlkdTE= +loginShell: /bin/bash + +dn: uid=chosteller,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: chosteller +uidNumber: 4780 +gidNumber: 1000 +givenName: Cilla +sn: Hosteller +cn: Cilla Hosteller +homeDirectory: /home/chosteller +gecos: Cilla Hosteller +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y29uY2VhbG1lbnQ= +loginShell: /bin/bash + +dn: uid=oscarpello,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: oscarpello +uidNumber: 4781 +gidNumber: 1000 +givenName: Odile +sn: Scarpello +cn: Odile Scarpello +homeDirectory: /home/oscarpello +gecos: Odile Scarpello +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX03NlhmYVRHWDJJSzIvUDRCQStmZUJBPT0= +loginShell: /bin/bash + +dn: uid=hhires,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hhires +uidNumber: 4782 +gidNumber: 1000 +givenName: Helene +sn: Hires +cn: Helene Hires +homeDirectory: /home/hhires +gecos: Helene Hires +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cG9sa2Fpbmc= +loginShell: /bin/bash + +dn: uid=lsous,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lsous +uidNumber: 4783 +gidNumber: 1000 +givenName: Lili +sn: Sous +cn: Lili Sous +homeDirectory: /home/lsous +gecos: Lili Sous +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX01SjBaZzA5djZIQkFlTVlHTTM4MDRBPT0= +loginShell: /bin/bash + +dn: cn=Peni Zaccaria+uid=pzaccaria,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pzaccaria +uidNumber: 4784 +gidNumber: 1000 +givenName: Peni +sn: Zaccaria +cn: Peni Zaccaria +homeDirectory: /home/pzaccaria +gecos: Peni Zaccaria +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWc3QldzNFo2amlMSW8= +loginShell: /bin/bash + +dn: uid=ksauler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ksauler +uidNumber: 4785 +gidNumber: 1000 +givenName: Kodo +sn: Sauler +cn: Kodo Sauler +homeDirectory: /home/ksauler +gecos: Kodo Sauler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YXBwbGljYWJsZQ== +loginShell: /bin/bash + +dn: uid=fkrasnow,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fkrasnow +uidNumber: 4786 +gidNumber: 1000 +givenName: Francisco +sn: Krasnow +cn: Francisco Krasnow +homeDirectory: /home/fkrasnow +gecos: Francisco Krasnow +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9Q1E4ODhvRDI3NXJpTFoxQUJid2wvOUhrT1ljPQ== +loginShell: /bin/bash + +dn: cn=Joyce Tetzlaff+uid=jtetzlaff,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jtetzlaff +uidNumber: 4787 +gidNumber: 1000 +givenName: Joyce +sn: Tetzlaff +cn: Joyce Tetzlaff +homeDirectory: /home/jtetzlaff +gecos: Joyce Tetzlaff +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9L1VxbTdJVVlNWHdLS0ZzT0V6WkNCckNHT1I4PQ== +loginShell: /bin/bash + +dn: uid=cfronduti,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cfronduti +uidNumber: 4788 +gidNumber: 1000 +givenName: Cimaron +sn: Fronduti +cn: Cimaron Fronduti +homeDirectory: /home/cfronduti +gecos: Cimaron Fronduti +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Mmd0eTdsSGxKM2Y1ZkcrVGYvaEtkSGc5c2NIV2VBaU0= +loginShell: /bin/bash + +dn: uid=mkeedah,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mkeedah +uidNumber: 4789 +gidNumber: 1000 +givenName: Marie +sn: Keedah +cn: Marie Keedah +homeDirectory: /home/mkeedah +gecos: Marie Keedah +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9SS9iQlpaRGRxcS9yRE05dUpaNkJ3cUdHdTlZPQ== +loginShell: /bin/bash + +dn: uid=vtresch,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vtresch +uidNumber: 4790 +gidNumber: 1000 +givenName: Verity +sn: Tresch +cn: Verity Tresch +homeDirectory: /home/vtresch +gecos: Verity Tresch +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0vckJnNTg4aGZtN3VQa1I3MzBJUGVpeERISVk9 +loginShell: /bin/bash + +dn: uid=hcusta,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hcusta +uidNumber: 4791 +gidNumber: 1000 +givenName: Hana +sn: Custa +cn: Hana Custa +homeDirectory: /home/hcusta +gecos: Hana Custa +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9YXVseVJqK0JXbHBwaTZJTnQ4M2J1S2Z3NUYvdGpIdnI= +loginShell: /bin/bash + +dn: uid=tlowers,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tlowers +uidNumber: 4792 +gidNumber: 1000 +givenName: Toraji +sn: Lowers +cn: Toraji Lowers +homeDirectory: /home/tlowers +gecos: Toraji Lowers +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1ETExCZVFIOFRYRmNaaE0yWFFKejZBPT0= +loginShell: /bin/bash + +dn: cn=Reuben Latessa,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rlatessa +uidNumber: 4793 +gidNumber: 1000 +givenName: Reuben +sn: Latessa +cn: Reuben Latessa +homeDirectory: /home/rlatessa +gecos: Reuben Latessa +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVFiM1NaU0duMms0d3c= +loginShell: /bin/bash + +dn: uid=pgreenier,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pgreenier +uidNumber: 4794 +gidNumber: 1000 +givenName: Pabuk +sn: Greenier +cn: Pabuk Greenier +homeDirectory: /home/pgreenier +gecos: Pabuk Greenier +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9UUJwMnJ1V2REN1gyTXpyS1dIN3NtTjJNeHdnRDNuYUM= +loginShell: /bin/bash + +dn: uid=ipaquette,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ipaquette +uidNumber: 4795 +gidNumber: 1000 +givenName: Igo +sn: Paquette +cn: Igo Paquette +homeDirectory: /home/ipaquette +gecos: Igo Paquette +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9OHVJWmpSQ1U0ZFZhaEtxUWM2NmpUQzAwNHRuZVFqYUs= +loginShell: /bin/bash + +dn: uid=mcattrell,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mcattrell +uidNumber: 4796 +gidNumber: 1000 +givenName: Mitchell +sn: Cattrell +cn: Mitchell Cattrell +homeDirectory: /home/mcattrell +gecos: Mitchell Cattrell +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9L3lXUXVONFZMcjM0S1hGcVNGNUhxK2U2Nk5yYWY1eDU= +loginShell: /bin/bash + +dn: cn=Chaba Anichini,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: canichini +uidNumber: 4797 +gidNumber: 1000 +givenName: Chaba +sn: Anichini +cn: Chaba Anichini +homeDirectory: /home/canichini +gecos: Chaba Anichini +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1NRDVGSHhiYVJ6ZWN6TTF0VnFta1ZBPT0= +loginShell: /bin/bash + +dn: uid=eyounglas,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eyounglas +uidNumber: 4798 +gidNumber: 1000 +givenName: Elia +sn: Younglas +cn: Elia Younglas +homeDirectory: /home/eyounglas +gecos: Elia Younglas +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1nT1BabjE0MHZmaWdyQVB5RW52NjZNWHFrZ009 +loginShell: /bin/bash + +dn: cn=Gule Massi,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gmassi +uidNumber: 4799 +gidNumber: 1000 +givenName: Gule +sn: Massi +cn: Gule Massi +homeDirectory: /home/gmassi +gecos: Gule Massi +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXN2dlZhd1hHN0FKLlU= +loginShell: /bin/bash + +dn: uid=carguellez,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: carguellez +uidNumber: 4800 +gidNumber: 1000 +givenName: Caleb +sn: Arguellez +cn: Caleb Arguellez +homeDirectory: /home/carguellez +gecos: Caleb Arguellez +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1pWnYvTVZoK0ZvWjFFaFFwR0dVMHlBPT0= +loginShell: /bin/bash + +dn: uid=pgiegerich,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pgiegerich +uidNumber: 4801 +gidNumber: 1000 +givenName: Percy +sn: Giegerich +cn: Percy Giegerich +homeDirectory: /home/pgiegerich +gecos: Percy Giegerich +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUQwWlI4VlEvMEtLMzI= +loginShell: /bin/bash + +dn: uid=nnamanworth,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nnamanworth +uidNumber: 4802 +gidNumber: 1000 +givenName: Neville +sn: Namanworth +cn: Neville Namanworth +homeDirectory: /home/nnamanworth +gecos: Neville Namanworth +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1wZFRramhhZWVYcFpHZW1jUWY1amRIeHRPVU09 +loginShell: /bin/bash + +dn: uid=ghumbles,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ghumbles +uidNumber: 4803 +gidNumber: 1000 +givenName: Guba +sn: Humbles +cn: Guba Humbles +homeDirectory: /home/ghumbles +gecos: Guba Humbles +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1ob1FVZEZHbXpEdVNGQ3h2UzNqbUhBPT0= +loginShell: /bin/bash + +dn: uid=ptomopoulos,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ptomopoulos +uidNumber: 4804 +gidNumber: 1000 +givenName: Phil +sn: Tomopoulos +cn: Phil Tomopoulos +homeDirectory: /home/ptomopoulos +gecos: Phil Tomopoulos +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9NEFYYmJRWFRSQWl6bnVoL2IzRWY5bGdySklPaVY3ajY= +loginShell: /bin/bash + +dn: cn=Merbok Redd,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mredd +uidNumber: 4805 +gidNumber: 1000 +givenName: Merbok +sn: Redd +cn: Merbok Redd +homeDirectory: /home/mredd +gecos: Merbok Redd +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9T2RGN3N5NU16bUxnK01MY2U0R01kWWxMNTlzPQ== +loginShell: /bin/bash + +dn: uid=ncrafford,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ncrafford +uidNumber: 4806 +gidNumber: 1000 +givenName: Nicole +sn: Crafford +cn: Nicole Crafford +homeDirectory: /home/ncrafford +gecos: Nicole Crafford +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1DcjRnTElDQTVucWZSZlI2aGZ3eFBtMWx6cDg9 +loginShell: /bin/bash + +dn: uid=kdomke,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kdomke +uidNumber: 4807 +gidNumber: 1000 +givenName: Kerry +sn: Domke +cn: Kerry Domke +homeDirectory: /home/kdomke +gecos: Kerry Domke +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1GMmd0TCtZakFUL1JnNThKSlIwZ3p3PT0= +loginShell: /bin/bash + +dn: cn=Peter Koblick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pkoblick +uidNumber: 4808 +gidNumber: 1000 +givenName: Peter +sn: Koblick +cn: Peter Koblick +homeDirectory: /home/pkoblick +gecos: Peter Koblick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZnJpbGwncw== +loginShell: /bin/bash + +dn: uid=sdehoyos,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sdehoyos +uidNumber: 4809 +gidNumber: 1000 +givenName: Sinlaku +sn: Dehoyos +cn: Sinlaku Dehoyos +homeDirectory: /home/sdehoyos +gecos: Sinlaku Dehoyos +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9T1BkVWQxL1duZDhDTytDa3FQY0RLci90S0RVPQ== +loginShell: /bin/bash + +dn: cn=Drena Hannam+uid=dhannam,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dhannam +uidNumber: 4810 +gidNumber: 1000 +givenName: Drena +sn: Hannam +cn: Drena Hannam +homeDirectory: /home/dhannam +gecos: Drena Hannam +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Zm9ldHVzJ3M= +loginShell: /bin/bash + +dn: uid=mluft,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mluft +uidNumber: 4811 +gidNumber: 1000 +givenName: Melissa +sn: Luft +cn: Melissa Luft +homeDirectory: /home/mluft +gecos: Melissa Luft +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9VHp4VCtEWk81alJsQUJLUDN4a0RSSUFaTEYwVFpSZTc= +loginShell: /bin/bash + +dn: cn=Trudy Melland,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tmelland +uidNumber: 4812 +gidNumber: 1000 +givenName: Trudy +sn: Melland +cn: Trudy Melland +homeDirectory: /home/tmelland +gecos: Trudy Melland +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1rb3RhczR5dmh2bG9laVpQckRmVUptMjhETWs9 +loginShell: /bin/bash + +dn: uid=jlathen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jlathen +uidNumber: 4813 +gidNumber: 1000 +givenName: Jake +sn: Lathen +cn: Jake Lathen +homeDirectory: /home/jlathen +gecos: Jake Lathen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9d2k2VXZ5Q1lPZVlRZ3QwWThzZHJSQ0IyV0xDQXRkdEo= +loginShell: /bin/bash + +dn: uid=fprado,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fprado +uidNumber: 4814 +gidNumber: 1000 +givenName: Freda +sn: Prado +cn: Freda Prado +homeDirectory: /home/fprado +gecos: Freda Prado +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ekpyMU54dnhjczArd0NnbUVucjBaYzgzWW5EeHF0UGQ= +loginShell: /bin/bash + +dn: uid=bflexer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bflexer +uidNumber: 4815 +gidNumber: 1000 +givenName: Blas +sn: Flexer +cn: Blas Flexer +homeDirectory: /home/bflexer +gecos: Blas Flexer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Z29hbGllcw== +loginShell: /bin/bash + +dn: uid=aduffie,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: aduffie +uidNumber: 4816 +gidNumber: 1000 +givenName: Alika +sn: Duffie +cn: Alika Duffie +homeDirectory: /home/aduffie +gecos: Alika Duffie +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Z3VhcmRpbmc= +loginShell: /bin/bash + +dn: uid=rtooker,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rtooker +uidNumber: 4817 +gidNumber: 1000 +givenName: Ramon +sn: Tooker +cn: Ramon Tooker +homeDirectory: /home/rtooker +gecos: Ramon Tooker +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9eDhEcGhtMXRiUldBVU9MQWFrT3lJUFk1RnlJPQ== +loginShell: /bin/bash + +dn: cn=Errol Rathert+uid=erathert,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: erathert +uidNumber: 4818 +gidNumber: 1000 +givenName: Errol +sn: Rathert +cn: Errol Rathert +homeDirectory: /home/erathert +gecos: Errol Rathert +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aGFsZmhlYXJ0ZWQ= +loginShell: /bin/bash + +dn: uid=vpeairs,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vpeairs +uidNumber: 4819 +gidNumber: 1000 +givenName: Verdun +sn: Peairs +cn: Verdun Peairs +homeDirectory: /home/vpeairs +gecos: Verdun Peairs +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWRKbTl4dWFzM0xsTVE= +loginShell: /bin/bash + +dn: cn=Nesat Popwell,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: npopwell +uidNumber: 4820 +gidNumber: 1000 +givenName: Nesat +sn: Popwell +cn: Nesat Popwell +homeDirectory: /home/npopwell +gecos: Nesat Popwell +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9WnlSeE9DUU5qdk4xdU4zZElCNFVWZjQxTktra1YxYW4= +loginShell: /bin/bash + +dn: uid=dholdaway,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dholdaway +uidNumber: 4821 +gidNumber: 1000 +givenName: Dolores +sn: Holdaway +cn: Dolores Holdaway +homeDirectory: /home/dholdaway +gecos: Dolores Holdaway +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Sis4WmRHU1FMdzVxS0F0QjZ4YlNNd1dCNllvZW1XMHQ= +loginShell: /bin/bash + +dn: uid=ischnitzer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ischnitzer +uidNumber: 4822 +gidNumber: 1000 +givenName: Ike +sn: Schnitzer +cn: Ike Schnitzer +homeDirectory: /home/ischnitzer +gecos: Ike Schnitzer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1Hb2VBTFBoQXRKTXBMc0k2UDhrUktnPT0= +loginShell: /bin/bash + +dn: uid=obelloso,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: obelloso +uidNumber: 4823 +gidNumber: 1000 +givenName: Odette +sn: Belloso +cn: Odette Belloso +homeDirectory: /home/obelloso +gecos: Odette Belloso +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0ra0ZtaUNZWUZwWnc3SjF5S2VJbFlRPT0= +loginShell: /bin/bash + +dn: uid=gmoen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gmoen +uidNumber: 4824 +gidNumber: 1000 +givenName: Gaemi +sn: Moen +cn: Gaemi Moen +homeDirectory: /home/gmoen +gecos: Gaemi Moen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: a251Y2tsZSdz +loginShell: /bin/bash + +dn: uid=tpownell,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tpownell +uidNumber: 4825 +gidNumber: 1000 +givenName: Terri +sn: Pownell +cn: Terri Pownell +homeDirectory: /home/tpownell +gecos: Terri Pownell +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUJJMnJTdi9LOXFwaUE= +loginShell: /bin/bash + +dn: uid=fsunderland,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fsunderland +uidNumber: 4826 +gidNumber: 1000 +givenName: Ferdinand +sn: Sunderland +cn: Ferdinand Sunderland +homeDirectory: /home/fsunderland +gecos: Ferdinand Sunderland +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1lK2xISDBPUmRDcFFWT3pkeEhNK2dBPT0= +loginShell: /bin/bash + +dn: uid=fbalagtas,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fbalagtas +uidNumber: 4827 +gidNumber: 1000 +givenName: Farrah +sn: Balagtas +cn: Farrah Balagtas +homeDirectory: /home/fbalagtas +gecos: Farrah Balagtas +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXR1ZjVZaE1vamN3RzY= +loginShell: /bin/bash + +dn: uid=jarango,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jarango +uidNumber: 4828 +gidNumber: 1000 +givenName: Jo +sn: Arango +cn: Jo Arango +homeDirectory: /home/jarango +gecos: Jo Arango +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RWExTjJZQ09zbWxsSHQxNXArNGZhT3pMUHgwPQ== +loginShell: /bin/bash + +dn: uid=mcolehour,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mcolehour +uidNumber: 4829 +gidNumber: 1000 +givenName: Mick +sn: Colehour +cn: Mick Colehour +homeDirectory: /home/mcolehour +gecos: Mick Colehour +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9a2U1cmxZSXZJRXdTTUxPcUNzZS9pUnVzQzVBPQ== +loginShell: /bin/bash + +dn: uid=ktapanes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ktapanes +uidNumber: 4830 +gidNumber: 1000 +givenName: Kama +sn: Tapanes +cn: Kama Tapanes +homeDirectory: /home/ktapanes +gecos: Kama Tapanes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1nT1JrSEtHekE1enJwUDhMWUhKWC9nPT0= +loginShell: /bin/bash + +dn: cn=Estelle Aguire,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eaguire +uidNumber: 4831 +gidNumber: 1000 +givenName: Estelle +sn: Aguire +cn: Estelle Aguire +homeDirectory: /home/eaguire +gecos: Estelle Aguire +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1lTXFDWXVBelhucVQzK0lTZE5vd004cjRpNFE9 +loginShell: /bin/bash + +dn: cn=Ami Garbett,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: agarbett +uidNumber: 4832 +gidNumber: 1000 +givenName: Ami +sn: Garbett +cn: Ami Garbett +homeDirectory: /home/agarbett +gecos: Ami Garbett +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1XSGEvNGw5MXFPOTFoK2ZnZ014TlBOOW1RaW89 +loginShell: /bin/bash + +dn: cn=Zouleha Keitsock,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zkeitsock +uidNumber: 4833 +gidNumber: 1000 +givenName: Zouleha +sn: Keitsock +cn: Zouleha Keitsock +homeDirectory: /home/zkeitsock +gecos: Zouleha Keitsock +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9bEVPZStSTHIzRURxM0RzWWtLUy9kRmI5U2xqR0VaQzQ= +loginShell: /bin/bash + +dn: uid=khovanesian,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: khovanesian +uidNumber: 4834 +gidNumber: 1000 +givenName: Kitty +sn: Hovanesian +cn: Kitty Hovanesian +homeDirectory: /home/khovanesian +gecos: Kitty Hovanesian +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1lTzRLK0EyQWVOaktESTVTNjN5am1pNVgrU3M9 +loginShell: /bin/bash + +dn: uid=nkubley,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nkubley +uidNumber: 4835 +gidNumber: 1000 +givenName: Niala +sn: Kubley +cn: Niala Kubley +homeDirectory: /home/nkubley +gecos: Niala Kubley +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1nVWFJdGFkZUxteis0K1k2Yjk2eml3PT0= +loginShell: /bin/bash + +dn: uid=mmuscarella,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mmuscarella +uidNumber: 4836 +gidNumber: 1000 +givenName: Marco +sn: Muscarella +cn: Marco Muscarella +homeDirectory: /home/mmuscarella +gecos: Marco Muscarella +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0rWHpLQ0ZycUhLaktFdGRadEw4K0ZsNm9GQmc9 +loginShell: /bin/bash + +dn: uid=tquilindrino,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tquilindrino +uidNumber: 4837 +gidNumber: 1000 +givenName: Tammie +sn: Quilindrino +cn: Tammie Quilindrino +homeDirectory: /home/tquilindrino +gecos: Tammie Quilindrino +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9YXk1RDZqL3ZhcFNwT3FVTEo1bWIyYSsyMFNnUkpuSlM= +loginShell: /bin/bash + +dn: uid=sestergard,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sestergard +uidNumber: 4838 +gidNumber: 1000 +givenName: Sarika +sn: Estergard +cn: Sarika Estergard +homeDirectory: /home/sestergard +gecos: Sarika Estergard +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1JU29HTDA2ajhpbm13Vlc0cmtwRUJBPT0= +loginShell: /bin/bash + +dn: uid=vwisinger,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vwisinger +uidNumber: 4839 +gidNumber: 1000 +givenName: Vicente +sn: Wisinger +cn: Vicente Wisinger +homeDirectory: /home/vwisinger +gecos: Vicente Wisinger +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9aWora2NUQlB5azdIWnlqdk1tMnVPS0JwRTRlcUUrdWk= +loginShell: /bin/bash + +dn: uid=mbrar,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mbrar +uidNumber: 4840 +gidNumber: 1000 +givenName: Marcia +sn: Brar +cn: Marcia Brar +homeDirectory: /home/mbrar +gecos: Marcia Brar +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bG9va2FsaWtl +loginShell: /bin/bash + +dn: uid=dphou,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dphou +uidNumber: 4841 +gidNumber: 1000 +givenName: Diane +sn: Phou +cn: Diane Phou +homeDirectory: /home/dphou +gecos: Diane Phou +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX10RVJ4Qk02RGNMY3FlMVhKVGZYNUR3PT0= +loginShell: /bin/bash + +dn: cn=Lingling Carratala,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lcarratala +uidNumber: 4842 +gidNumber: 1000 +givenName: Lingling +sn: Carratala +cn: Lingling Carratala +homeDirectory: /home/lcarratala +gecos: Lingling Carratala +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9d1VIZHZqTEZJK0pRQk0vRXVaNVZTOVlxa1BBPQ== +loginShell: /bin/bash + +dn: cn=Winsome Pander+uid=wpander,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wpander +uidNumber: 4843 +gidNumber: 1000 +givenName: Winsome +sn: Pander +cn: Winsome Pander +homeDirectory: /home/wpander +gecos: Winsome Pander +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bWFsZXM= +loginShell: /bin/bash + +dn: cn=Hamish Hysong,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hhysong +uidNumber: 4844 +gidNumber: 1000 +givenName: Hamish +sn: Hysong +cn: Hamish Hysong +homeDirectory: /home/hhysong +gecos: Hamish Hysong +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YmlrZSdz +loginShell: /bin/bash + +dn: uid=enuffer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: enuffer +uidNumber: 4845 +gidNumber: 1000 +givenName: Eugene +sn: Nuffer +cn: Eugene Nuffer +homeDirectory: /home/enuffer +gecos: Eugene Nuffer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1DU2V5UGFndllNODlQeWhrd2Z2QlJnPT0= +loginShell: /bin/bash + +dn: cn=Mawar Sweezer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: msweezer +uidNumber: 4846 +gidNumber: 1000 +givenName: Mawar +sn: Sweezer +cn: Mawar Sweezer +homeDirectory: /home/msweezer +gecos: Mawar Sweezer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9eWRTS0pzOFk0c3Z4cU1FRlIyeW45SzRNQ2xVPQ== +loginShell: /bin/bash + +dn: uid=kvidra,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kvidra +uidNumber: 4847 +gidNumber: 1000 +givenName: Kay +sn: Vidra +cn: Kay Vidra +homeDirectory: /home/kvidra +gecos: Kay Vidra +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: dGluZGVyYm94 +loginShell: /bin/bash + +dn: uid=lhoerr,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lhoerr +uidNumber: 4848 +gidNumber: 1000 +givenName: Laura +sn: Hoerr +cn: Laura Hoerr +homeDirectory: /home/lhoerr +gecos: Laura Hoerr +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Tzk3ekY3elgwcHkzZDdmOVViUDF3d3NCdlArY29zcUo= +loginShell: /bin/bash + +dn: uid=obercier,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: obercier +uidNumber: 4849 +gidNumber: 1000 +givenName: Opal +sn: Bercier +cn: Opal Bercier +homeDirectory: /home/obercier +gecos: Opal Bercier +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX00Mng2MzhUeFdFY3d5WWpJaHU2emJRPT0= +loginShell: /bin/bash + +dn: cn=David Tashjian,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dtashjian +uidNumber: 4850 +gidNumber: 1000 +givenName: David +sn: Tashjian +cn: David Tashjian +homeDirectory: /home/dtashjian +gecos: David Tashjian +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9MUJtNTYyWjhYMDZtNzg2VFNhaG9EamZnT053anBPNnY= +loginShell: /bin/bash + +dn: cn=Gaston Bareis,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gbareis +uidNumber: 4851 +gidNumber: 1000 +givenName: Gaston +sn: Bareis +cn: Gaston Bareis +homeDirectory: /home/gbareis +gecos: Gaston Bareis +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1GVFJIZXpGSGw2cmplTktTN0lObElRPT0= +loginShell: /bin/bash + +dn: cn=Drena Iller,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: diller +uidNumber: 4852 +gidNumber: 1000 +givenName: Drena +sn: Iller +cn: Drena Iller +homeDirectory: /home/diller +gecos: Drena Iller +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXgwL0hqWFlDNlVycUE= +loginShell: /bin/bash + +dn: uid=sgurski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sgurski +uidNumber: 4853 +gidNumber: 1000 +givenName: Sandy +sn: Gurski +cn: Sandy Gurski +homeDirectory: /home/sgurski +gecos: Sandy Gurski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1GL2lzYjR5Uk44SXBFeFIwNmNVTXltTlozaVE9 +loginShell: /bin/bash + +dn: uid=vdolan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vdolan +uidNumber: 4854 +gidNumber: 1000 +givenName: Vuyane +sn: Dolan +cn: Vuyane Dolan +homeDirectory: /home/vdolan +gecos: Vuyane Dolan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9bm10NUJJUHQ2OGdkWXFma2NQcHJKcldGVUpOTFBZcXk= +loginShell: /bin/bash + +dn: cn=Vongfong Hargers,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vhargers +uidNumber: 4855 +gidNumber: 1000 +givenName: Vongfong +sn: Hargers +cn: Vongfong Hargers +homeDirectory: /home/vhargers +gecos: Vongfong Hargers +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9TktFZWNBdTJhR2trWER2OGUrRXZwUTJQWXNNPQ== +loginShell: /bin/bash + +dn: uid=pwutzke,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pwutzke +uidNumber: 4856 +gidNumber: 1000 +givenName: Prapiroon +sn: Wutzke +cn: Prapiroon Wutzke +homeDirectory: /home/pwutzke +gecos: Prapiroon Wutzke +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9d2p5VmJTSkZhSTgvMHRCSWVKYmg1V0ExblJJPQ== +loginShell: /bin/bash + +dn: uid=blovig,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: blovig +uidNumber: 4857 +gidNumber: 1000 +givenName: Boris +sn: Lovig +cn: Boris Lovig +homeDirectory: /home/blovig +gecos: Boris Lovig +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUNaeDJrM053MUVkVVE= +loginShell: /bin/bash + +dn: cn=Fletcher Copley,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fcopley +uidNumber: 4858 +gidNumber: 1000 +givenName: Fletcher +sn: Copley +cn: Fletcher Copley +homeDirectory: /home/fcopley +gecos: Fletcher Copley +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1YbzdkaFIwdjM3MTBGU01zWnpaOHd3PT0= +loginShell: /bin/bash + +dn: cn=Ernesto Celestin+uid=ecelestin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ecelestin +uidNumber: 4859 +gidNumber: 1000 +givenName: Ernesto +sn: Celestin +cn: Ernesto Celestin +homeDirectory: /home/ecelestin +gecos: Ernesto Celestin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1oSjFycTR2R1FQUDUwT0RpNnQ3bTlnPT0= +loginShell: /bin/bash + +dn: uid=lkhubba,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lkhubba +uidNumber: 4860 +gidNumber: 1000 +givenName: Laura +sn: Khubba +cn: Laura Khubba +homeDirectory: /home/lkhubba +gecos: Laura Khubba +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9TEVEWmtpVnYvRUFXZFlQUE1mMEd0SVlzMlRoLzVmbnY= +loginShell: /bin/bash + +dn: uid=fsinkovich,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fsinkovich +uidNumber: 4861 +gidNumber: 1000 +givenName: Fred +sn: Sinkovich +cn: Fred Sinkovich +homeDirectory: /home/fsinkovich +gecos: Fred Sinkovich +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXBKT0liUzlBQnVybzI= +loginShell: /bin/bash + +dn: uid=bwinterton,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bwinterton +uidNumber: 4862 +gidNumber: 1000 +givenName: Beulah +sn: Winterton +cn: Beulah Winterton +homeDirectory: /home/bwinterton +gecos: Beulah Winterton +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWl1QnJIQW45SUtnVEE= +loginShell: /bin/bash + +dn: uid=otanon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: otanon +uidNumber: 4863 +gidNumber: 1000 +givenName: Owen +sn: Tanon +cn: Owen Tanon +homeDirectory: /home/otanon +gecos: Owen Tanon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1zQVFBZXVIYzhGMzhqQkM3Wnl1SnplMzNKaTQ9 +loginShell: /bin/bash + +dn: cn=Ita Roiger,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: iroiger +uidNumber: 4864 +gidNumber: 1000 +givenName: Ita +sn: Roiger +cn: Ita Roiger +homeDirectory: /home/iroiger +gecos: Ita Roiger +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX16UlRESTVBZ0pPY3NoUXFvS05ZMHB3PT0= +loginShell: /bin/bash + +dn: cn=Maria Danos,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mdanos +uidNumber: 4865 +gidNumber: 1000 +givenName: Maria +sn: Danos +cn: Maria Danos +homeDirectory: /home/mdanos +gecos: Maria Danos +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ZUZveUpKa2xwd0ROZlh0OFZkQnJlUytkUzFjPQ== +loginShell: /bin/bash + +dn: uid=kpuebla,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kpuebla +uidNumber: 4866 +gidNumber: 1000 +givenName: Kara +sn: Puebla +cn: Kara Puebla +homeDirectory: /home/kpuebla +gecos: Kara Puebla +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y29sYW5kZXJz +loginShell: /bin/bash + +dn: cn=Eva Galleta,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: egalleta +uidNumber: 4867 +gidNumber: 1000 +givenName: Eva +sn: Galleta +cn: Eva Galleta +homeDirectory: /home/egalleta +gecos: Eva Galleta +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1XcjUyUmtpL2x1dldEdTBiY3VFL2V3PT0= +loginShell: /bin/bash + +dn: uid=hliverman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hliverman +uidNumber: 4868 +gidNumber: 1000 +givenName: Hondo +sn: Liverman +cn: Hondo Liverman +homeDirectory: /home/hliverman +gecos: Hondo Liverman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTFBVHlUQUMuUVJNaGc= +loginShell: /bin/bash + +dn: uid=igizzi,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: igizzi +uidNumber: 4869 +gidNumber: 1000 +givenName: Imbudo +sn: Gizzi +cn: Imbudo Gizzi +homeDirectory: /home/igizzi +gecos: Imbudo Gizzi +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9MXl3eUdCSGo3YXcxek9uaDJqUW1yMTVOdEw4PQ== +loginShell: /bin/bash + +dn: uid=dciullo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dciullo +uidNumber: 4870 +gidNumber: 1000 +givenName: Danielle +sn: Ciullo +cn: Danielle Ciullo +homeDirectory: /home/dciullo +gecos: Danielle Ciullo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1iMExWRGtBMnR6ZXpvamxaWVNwcGFRPT0= +loginShell: /bin/bash + +dn: cn=Alan Shrigley+uid=ashrigley,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ashrigley +uidNumber: 4871 +gidNumber: 1000 +givenName: Alan +sn: Shrigley +cn: Alan Shrigley +homeDirectory: /home/ashrigley +gecos: Alan Shrigley +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZXhjb21tdW5pY2F0aW5n +loginShell: /bin/bash + +dn: uid=vglow,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vglow +uidNumber: 4872 +gidNumber: 1000 +givenName: Verdun +sn: Glow +cn: Verdun Glow +homeDirectory: /home/vglow +gecos: Verdun Glow +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTNSWmtzNHUvVVpQU0U= +loginShell: /bin/bash + +dn: uid=ckerska,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ckerska +uidNumber: 4873 +gidNumber: 1000 +givenName: Chris +sn: Kerska +cn: Chris Kerska +homeDirectory: /home/ckerska +gecos: Chris Kerska +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1mU0RrSkprYUJpcW55cXpiT2lJZTczR0E5b1E9 +loginShell: /bin/bash + +dn: cn=Rugare Mcdonnel+uid=rmcdonnel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rmcdonnel +uidNumber: 4874 +gidNumber: 1000 +givenName: Rugare +sn: Mcdonnel +cn: Rugare Mcdonnel +homeDirectory: /home/rmcdonnel +gecos: Rugare Mcdonnel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0xbm9vb2V4RzRtMWhwbElLUndJejlRPT0= +loginShell: /bin/bash + +dn: uid=lmohn,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lmohn +uidNumber: 4875 +gidNumber: 1000 +givenName: Les +sn: Mohn +cn: Les Mohn +homeDirectory: /home/lmohn +gecos: Les Mohn +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZGV2YWx1ZXM= +loginShell: /bin/bash + +dn: uid=vmalandrino,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vmalandrino +uidNumber: 4876 +gidNumber: 1000 +givenName: Verity +sn: Malandrino +cn: Verity Malandrino +homeDirectory: /home/vmalandrino +gecos: Verity Malandrino +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZGlzcXVhbGlmaWNhdGlvbnM= +loginShell: /bin/bash + +dn: cn=Javier Lianes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jlianes +uidNumber: 4877 +gidNumber: 1000 +givenName: Javier +sn: Lianes +cn: Javier Lianes +homeDirectory: /home/jlianes +gecos: Javier Lianes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1GNzUwS1BaaWZFSlVKdG9YS21uNm13PT0= +loginShell: /bin/bash + +dn: uid=nlemma,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nlemma +uidNumber: 4878 +gidNumber: 1000 +givenName: Nana +sn: Lemma +cn: Nana Lemma +homeDirectory: /home/nlemma +gecos: Nana Lemma +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX01TWVQdFJFRzZ0MlQvR0lqcE5iejF1ajMybms9 +loginShell: /bin/bash + +dn: uid=dloubier,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dloubier +uidNumber: 4879 +gidNumber: 1000 +givenName: Dovi +sn: Loubier +cn: Dovi Loubier +homeDirectory: /home/dloubier +gecos: Dovi Loubier +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9czNjUEk4OVRaZjJJUUc2N1g5R01HQUx4cUE0PQ== +loginShell: /bin/bash + +dn: uid=usevera,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: usevera +uidNumber: 4880 +gidNumber: 1000 +givenName: Upana +sn: Severa +cn: Upana Severa +homeDirectory: /home/usevera +gecos: Upana Severa +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTJEdHRuRkZrZnVWeWc= +loginShell: /bin/bash + +dn: uid=nrajewski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nrajewski +uidNumber: 4881 +gidNumber: 1000 +givenName: Nicholas +sn: Rajewski +cn: Nicholas Rajewski +homeDirectory: /home/nrajewski +gecos: Nicholas Rajewski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1WRHFVTXA3NDdnRWZjUlZCYS9DdXZ0UlpUZnc9 +loginShell: /bin/bash + +dn: uid=limbrogno,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: limbrogno +uidNumber: 4882 +gidNumber: 1000 +givenName: Lana +sn: Imbrogno +cn: Lana Imbrogno +homeDirectory: /home/limbrogno +gecos: Lana Imbrogno +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cHJvZ3Jlc3Npb24ncw== +loginShell: /bin/bash + +dn: cn=Roslyn Iler+uid=riler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: riler +uidNumber: 4883 +gidNumber: 1000 +givenName: Roslyn +sn: Iler +cn: Roslyn Iler +homeDirectory: /home/riler +gecos: Roslyn Iler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9WC9Ea1QxZFdvRVpCUVNaVEIramNQREwrYjBUQWR1cnY= +loginShell: /bin/bash + +dn: uid=sguenison,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sguenison +uidNumber: 4884 +gidNumber: 1000 +givenName: Sonca +sn: Guenison +cn: Sonca Guenison +homeDirectory: /home/sguenison +gecos: Sonca Guenison +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1jUDRnRGRaVG1IYnBqSUoxY2JHd2NnPT0= +loginShell: /bin/bash + +dn: uid=omounts,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: omounts +uidNumber: 4885 +gidNumber: 1000 +givenName: Oliwa +sn: Mounts +cn: Oliwa Mounts +homeDirectory: /home/omounts +gecos: Oliwa Mounts +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cHJvbm91bmNlcw== +loginShell: /bin/bash + +dn: cn=Maria Alleruzzo+uid=malleruzzo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: malleruzzo +uidNumber: 4886 +gidNumber: 1000 +givenName: Maria +sn: Alleruzzo +cn: Maria Alleruzzo +homeDirectory: /home/malleruzzo +gecos: Maria Alleruzzo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZGV2aWNl +loginShell: /bin/bash + +dn: cn=Lidia Cavez,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lcavez +uidNumber: 4887 +gidNumber: 1000 +givenName: Lidia +sn: Cavez +cn: Lidia Cavez +homeDirectory: /home/lcavez +gecos: Lidia Cavez +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXVJNGZQMjhmVkNvOGM= +loginShell: /bin/bash + +dn: uid=gsantella,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gsantella +uidNumber: 4888 +gidNumber: 1000 +givenName: Grace +sn: Santella +cn: Grace Santella +homeDirectory: /home/gsantella +gecos: Grace Santella +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWM5OFVNM09kQ3F2OGs= +loginShell: /bin/bash + +dn: uid=jappleyard,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jappleyard +uidNumber: 4889 +gidNumber: 1000 +givenName: Jova +sn: Appleyard +cn: Jova Appleyard +homeDirectory: /home/jappleyard +gecos: Jova Appleyard +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9S1ZmYmQ4M1EzcndxTTF0UVdNNmNwQ09KQTlNV21VQmQ= +loginShell: /bin/bash + +dn: uid=zboulding,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zboulding +uidNumber: 4890 +gidNumber: 1000 +givenName: Zita +sn: Boulding +cn: Zita Boulding +homeDirectory: /home/zboulding +gecos: Zita Boulding +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y2l0eSdz +loginShell: /bin/bash + +dn: uid=tkeala,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tkeala +uidNumber: 4891 +gidNumber: 1000 +givenName: Tomas +sn: Keala +cn: Tomas Keala +homeDirectory: /home/tkeala +gecos: Tomas Keala +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9dHp1Y3BEZ0NRQjZrVytJd3I0WW9JTkx6WlZHdEpzRDM= +loginShell: /bin/bash + +dn: uid=hspackman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hspackman +uidNumber: 4892 +gidNumber: 1000 +givenName: Hazel +sn: Spackman +cn: Hazel Spackman +homeDirectory: /home/hspackman +gecos: Hazel Spackman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1kUDdYaDM3Zmk3Skw4SzBXZUlmaW5WdDBZUzA9 +loginShell: /bin/bash + +dn: uid=ymichna,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ymichna +uidNumber: 4893 +gidNumber: 1000 +givenName: Yutu +sn: Michna +cn: Yutu Michna +homeDirectory: /home/ymichna +gecos: Yutu Michna +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9UG5DckJCUCtYRUFsSW96MVErdHNzcGZRL0thanlkNzQ= +loginShell: /bin/bash + +dn: uid=mxiong,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mxiong +uidNumber: 4894 +gidNumber: 1000 +givenName: Muifa +sn: Xiong +cn: Muifa Xiong +homeDirectory: /home/mxiong +gecos: Muifa Xiong +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1MY01KSDQvOG92MUFKdnhGaEhLbTRBPT0= +loginShell: /bin/bash + +dn: cn=Wilma Devenish+uid=wdevenish,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wdevenish +uidNumber: 4895 +gidNumber: 1000 +givenName: Wilma +sn: Devenish +cn: Wilma Devenish +homeDirectory: /home/wdevenish +gecos: Wilma Devenish +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cXVhbnRpZmllcnM= +loginShell: /bin/bash + +dn: uid=jseen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jseen +uidNumber: 4896 +gidNumber: 1000 +givenName: Javier +sn: Seen +cn: Javier Seen +homeDirectory: /home/jseen +gecos: Javier Seen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: b3ZlcmNvYXQ= +loginShell: /bin/bash + +dn: cn=Humba Tsuha+uid=htsuha,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: htsuha +uidNumber: 4897 +gidNumber: 1000 +givenName: Humba +sn: Tsuha +cn: Humba Tsuha +homeDirectory: /home/htsuha +gecos: Humba Tsuha +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1RYjJwY0dBdDQ1ZWI3U0ZTWGo1bkJRPT0= +loginShell: /bin/bash + +dn: uid=ohearl,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ohearl +uidNumber: 4898 +gidNumber: 1000 +givenName: Olinda +sn: Hearl +cn: Olinda Hearl +homeDirectory: /home/ohearl +gecos: Olinda Hearl +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1WK1EzcHJQcmNzOC91eFJudGV0YUlSSERKMG89 +loginShell: /bin/bash + +dn: uid=otrevor,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: otrevor +uidNumber: 4899 +gidNumber: 1000 +givenName: Oleka +sn: Trevor +cn: Oleka Trevor +homeDirectory: /home/otrevor +gecos: Oleka Trevor +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVB3bUJFcTZ4NEFVaHM= +loginShell: /bin/bash + +dn: uid=nkraker,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nkraker +uidNumber: 4900 +gidNumber: 1000 +givenName: Norman +sn: Kraker +cn: Norman Kraker +homeDirectory: /home/nkraker +gecos: Norman Kraker +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bWFydHlyZG9tJ3M= +loginShell: /bin/bash + +dn: uid=wborde,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wborde +uidNumber: 4901 +gidNumber: 1000 +givenName: William +sn: Borde +cn: William Borde +homeDirectory: /home/wborde +gecos: William Borde +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1GYktmL2M1bTRRVW5wbHZHMXhyWlRRPT0= +loginShell: /bin/bash + +dn: uid=hskowronek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hskowronek +uidNumber: 4902 +gidNumber: 1000 +givenName: Hanna +sn: Skowronek +cn: Hanna Skowronek +homeDirectory: /home/hskowronek +gecos: Hanna Skowronek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUJMYzZCTHNCNXZuaWs= +loginShell: /bin/bash + +dn: uid=ktopoian,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ktopoian +uidNumber: 4903 +gidNumber: 1000 +givenName: Kiko +sn: Topoian +cn: Kiko Topoian +homeDirectory: /home/ktopoian +gecos: Kiko Topoian +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1RSHFvUUQ1QlBFVjdDQnFkd0pXaWhRPT0= +loginShell: /bin/bash + +dn: uid=sgraney,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sgraney +uidNumber: 4904 +gidNumber: 1000 +givenName: Songda +sn: Graney +cn: Songda Graney +homeDirectory: /home/sgraney +gecos: Songda Graney +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfU9OclpxQXBkU1R0a28= +loginShell: /bin/bash + +dn: uid=iherrarte,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: iherrarte +uidNumber: 4905 +gidNumber: 1000 +givenName: Ilsa +sn: Herrarte +cn: Ilsa Herrarte +homeDirectory: /home/iherrarte +gecos: Ilsa Herrarte +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y2FtcGVycw== +loginShell: /bin/bash + +dn: cn=Longwang Schollmeier+uid=lschollmeier,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lschollmeier +uidNumber: 4906 +gidNumber: 1000 +givenName: Longwang +sn: Schollmeier +cn: Longwang Schollmeier +homeDirectory: /home/lschollmeier +gecos: Longwang Schollmeier +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1aYXBmcVdqQXZpb3EzQzFMNU1nYnV0WDRMRVk9 +loginShell: /bin/bash + +dn: uid=ekurter,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ekurter +uidNumber: 4907 +gidNumber: 1000 +givenName: Enok +sn: Kurter +cn: Enok Kurter +homeDirectory: /home/ekurter +gecos: Enok Kurter +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0wc3RkOHd1K1FZQk5ERE1FM0JmVUdzR3c4RjQ9 +loginShell: /bin/bash + +dn: uid=hpotucek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hpotucek +uidNumber: 4908 +gidNumber: 1000 +givenName: Hortense +sn: Potucek +cn: Hortense Potucek +homeDirectory: /home/hpotucek +gecos: Hortense Potucek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9NGZyQTdZbHBmcUNBaWFJckc2RGdudDlXSE13PQ== +loginShell: /bin/bash + +dn: uid=gtkach,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gtkach +uidNumber: 4909 +gidNumber: 1000 +givenName: Georges +sn: Tkach +cn: Georges Tkach +homeDirectory: /home/gtkach +gecos: Georges Tkach +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9U1BRUEd4bU1QVjVoaU9XZWlpUkppVDFsdlFXQ1BLVEM= +loginShell: /bin/bash + +dn: cn=Yasi Szumigala+uid=yszumigala,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: yszumigala +uidNumber: 4910 +gidNumber: 1000 +givenName: Yasi +sn: Szumigala +cn: Yasi Szumigala +homeDirectory: /home/yszumigala +gecos: Yasi Szumigala +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RVJyYlBIRFpZYUNEMk5TanVtVnZDYU1nR3hzPQ== +loginShell: /bin/bash + +dn: cn=Kara Shippy+uid=kshippy,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kshippy +uidNumber: 4911 +gidNumber: 1000 +givenName: Kara +sn: Shippy +cn: Kara Shippy +homeDirectory: /home/kshippy +gecos: Kara Shippy +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXFkRzc2cFl2QlF1bXM= +loginShell: /bin/bash + +dn: cn=Banyan Steinbrecher,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bsteinbrecher +uidNumber: 4912 +gidNumber: 1000 +givenName: Banyan +sn: Steinbrecher +cn: Banyan Steinbrecher +homeDirectory: /home/bsteinbrecher +gecos: Banyan Steinbrecher +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9MUNRVmFYMFYxSUtYRllvZTRqdnNTL0ZwZW1rPQ== +loginShell: /bin/bash + +dn: uid=apliska,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: apliska +uidNumber: 4913 +gidNumber: 1000 +givenName: Anita +sn: Pliska +cn: Anita Pliska +homeDirectory: /home/apliska +gecos: Anita Pliska +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bWFzdGVyaW5n +loginShell: /bin/bash + +dn: uid=iquero,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: iquero +uidNumber: 4914 +gidNumber: 1000 +givenName: Innis +sn: Quero +cn: Innis Quero +homeDirectory: /home/iquero +gecos: Innis Quero +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1FNStJckdRWkR2NkxqWE1IYjF4MW84Q25XZDQ9 +loginShell: /bin/bash + +dn: uid=uspittler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: uspittler +uidNumber: 4915 +gidNumber: 1000 +givenName: Ulia +sn: Spittler +cn: Ulia Spittler +homeDirectory: /home/uspittler +gecos: Ulia Spittler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cHJvd2xlcg== +loginShell: /bin/bash + +dn: uid=vpender,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vpender +uidNumber: 4916 +gidNumber: 1000 +givenName: Vivienne +sn: Pender +cn: Vivienne Pender +homeDirectory: /home/vpender +gecos: Vivienne Pender +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTZOLnJCRTdhM09oZHM= +loginShell: /bin/bash + +dn: cn=Shyra Ackles,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sackles +uidNumber: 4917 +gidNumber: 1000 +givenName: Shyra +sn: Ackles +cn: Shyra Ackles +homeDirectory: /home/sackles +gecos: Shyra Ackles +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ZEtjak96cVdkY2JhRXJ6YkI0WGJIQUtxZllVN1FGMFE= +loginShell: /bin/bash + +dn: uid=ajudkins,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ajudkins +uidNumber: 4918 +gidNumber: 1000 +givenName: Andres +sn: Judkins +cn: Andres Judkins +homeDirectory: /home/ajudkins +gecos: Andres Judkins +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9dzNzdTZ1c0EzSVJEcGJvNmI2bmtPSlVxMnkyQmxreXE= +loginShell: /bin/bash + +dn: cn=Bolaven Sibal,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bsibal +uidNumber: 4919 +gidNumber: 1000 +givenName: Bolaven +sn: Sibal +cn: Bolaven Sibal +homeDirectory: /home/bsibal +gecos: Bolaven Sibal +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ZXBmMUNCRTNkWS9qY3Y4OWxnUmpFeHgwOW1zPQ== +loginShell: /bin/bash + +dn: uid=hludeman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hludeman +uidNumber: 4920 +gidNumber: 1000 +givenName: Higos +sn: Ludeman +cn: Higos Ludeman +homeDirectory: /home/hludeman +gecos: Higos Ludeman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWV3dHZRZ3FLM1FkOUk= +loginShell: /bin/bash + +dn: uid=tmoskos,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tmoskos +uidNumber: 4921 +gidNumber: 1000 +givenName: Tembin +sn: Moskos +cn: Tembin Moskos +homeDirectory: /home/tmoskos +gecos: Tembin Moskos +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX04enpEZXJSRzhMdWFRdHpTKzJqYmpBPT0= +loginShell: /bin/bash + +dn: cn=Leo Callender,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lcallender +uidNumber: 4922 +gidNumber: 1000 +givenName: Leo +sn: Callender +cn: Leo Callender +homeDirectory: /home/lcallender +gecos: Leo Callender +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9WDhtOTY2cEJFdFp3REtIcUZianhnY3h5WTNnPQ== +loginShell: /bin/bash + +dn: uid=mswogger,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mswogger +uidNumber: 4923 +gidNumber: 1000 +givenName: Meena +sn: Swogger +cn: Meena Swogger +homeDirectory: /home/mswogger +gecos: Meena Swogger +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bmFyY3M= +loginShell: /bin/bash + +dn: uid=apurdon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: apurdon +uidNumber: 4924 +gidNumber: 1000 +givenName: Alma +sn: Purdon +cn: Alma Purdon +homeDirectory: /home/apurdon +gecos: Alma Purdon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1kVG1MZENUaTg1ZFJEcU5FR1BZKzJtNzJ3UlE9 +loginShell: /bin/bash + +dn: uid=mrizer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mrizer +uidNumber: 4925 +gidNumber: 1000 +givenName: Mick +sn: Rizer +cn: Mick Rizer +homeDirectory: /home/mrizer +gecos: Mick Rizer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1TUVVvODIzcjk4RmM2bDZhblI2Z0pNOXJLU0U9 +loginShell: /bin/bash + +dn: uid=lmcgeary,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lmcgeary +uidNumber: 4926 +gidNumber: 1000 +givenName: Lala +sn: Mcgeary +cn: Lala Mcgeary +homeDirectory: /home/lmcgeary +gecos: Lala Mcgeary +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfU5mUy43UVV5dXNrZ1U= +loginShell: /bin/bash + +dn: uid=waustad,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: waustad +uidNumber: 4927 +gidNumber: 1000 +givenName: Wutip +sn: Austad +cn: Wutip Austad +homeDirectory: /home/waustad +gecos: Wutip Austad +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aXJyaXRhYmxl +loginShell: /bin/bash + +dn: uid=ilacourse,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ilacourse +uidNumber: 4928 +gidNumber: 1000 +givenName: Indlala +sn: Lacourse +cn: Indlala Lacourse +homeDirectory: /home/ilacourse +gecos: Indlala Lacourse +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1ORHYrMmx6VlJVUDhzY053ZWdJbGFHNzZySnc9 +loginShell: /bin/bash + +dn: uid=vdesir,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vdesir +uidNumber: 4929 +gidNumber: 1000 +givenName: Vuyane +sn: Desir +cn: Vuyane Desir +homeDirectory: /home/vdesir +gecos: Vuyane Desir +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9S1o0ZWF0L1RzWURhZjBDU0kzdERkSVpoVW1ndkNrQVo= +loginShell: /bin/bash + +dn: cn=Gita Bolay,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gbolay +uidNumber: 4930 +gidNumber: 1000 +givenName: Gita +sn: Bolay +cn: Gita Bolay +homeDirectory: /home/gbolay +gecos: Gita Bolay +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ek5ZRmNTYkROS1MxVWVXdWhaMGVIUlQ4bWVjWHpsZUw= +loginShell: /bin/bash + +dn: uid=wmolin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wmolin +uidNumber: 4931 +gidNumber: 1000 +givenName: Walaka +sn: Molin +cn: Walaka Molin +homeDirectory: /home/wmolin +gecos: Walaka Molin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: dW5leHBlY3RlZA== +loginShell: /bin/bash + +dn: uid=fmeola,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fmeola +uidNumber: 4932 +gidNumber: 1000 +givenName: Frederic +sn: Meola +cn: Frederic Meola +homeDirectory: /home/fmeola +gecos: Frederic Meola +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX10bzNBbWZsSkhnWmFSWVFLRld3OVpBPT0= +loginShell: /bin/bash + +dn: cn=Teresa Khora+uid=tkhora,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tkhora +uidNumber: 4933 +gidNumber: 1000 +givenName: Teresa +sn: Khora +cn: Teresa Khora +homeDirectory: /home/tkhora +gecos: Teresa Khora +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1IZDhHbzNVT3hOdDdyTVdpR2pyUzRGY2RISFk9 +loginShell: /bin/bash + +dn: uid=nfrancesconi,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nfrancesconi +uidNumber: 4934 +gidNumber: 1000 +givenName: Nancy +sn: Francesconi +cn: Nancy Francesconi +homeDirectory: /home/nfrancesconi +gecos: Nancy Francesconi +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWoucDR4emZvTzlkVVE= +loginShell: /bin/bash + +dn: cn=Halong Goodin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hgoodin +uidNumber: 4935 +gidNumber: 1000 +givenName: Halong +sn: Goodin +cn: Halong Goodin +homeDirectory: /home/hgoodin +gecos: Halong Goodin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9eHRxMThNU3ZjTDExVEdZbzlHWFNEOW9iaWpVPQ== +loginShell: /bin/bash + +dn: uid=lbanco,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lbanco +uidNumber: 4936 +gidNumber: 1000 +givenName: Lidia +sn: Banco +cn: Lidia Banco +homeDirectory: /home/lbanco +gecos: Lidia Banco +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUpDazE1dHFHbk1xUGs= +loginShell: /bin/bash + +dn: uid=zbuscaglia,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zbuscaglia +uidNumber: 4937 +gidNumber: 1000 +givenName: Zoelle +sn: Buscaglia +cn: Zoelle Buscaglia +homeDirectory: /home/zbuscaglia +gecos: Zoelle Buscaglia +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1teW1oTEIreFRyeHBuNkdtSWNnWitnPT0= +loginShell: /bin/bash + +dn: uid=gcacatian,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gcacatian +uidNumber: 4938 +gidNumber: 1000 +givenName: Gula +sn: Cacatian +cn: Gula Cacatian +homeDirectory: /home/gcacatian +gecos: Gula Cacatian +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bW9ub3RvbmVk +loginShell: /bin/bash + +dn: uid=lhuggler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lhuggler +uidNumber: 4939 +gidNumber: 1000 +givenName: Leon +sn: Huggler +cn: Leon Huggler +homeDirectory: /home/lhuggler +gecos: Leon Huggler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX03NUJmRCtGNGg3ZkRlMGZheFJpR2xkUk91ZTQ9 +loginShell: /bin/bash + +dn: cn=Rossana Candy+uid=rcandy,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rcandy +uidNumber: 4940 +gidNumber: 1000 +givenName: Rossana +sn: Candy +cn: Rossana Candy +homeDirectory: /home/rcandy +gecos: Rossana Candy +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXdEUUVyUmFXWDdOci4= +loginShell: /bin/bash + +dn: uid=ktriblett,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ktriblett +uidNumber: 4941 +gidNumber: 1000 +givenName: Kevin +sn: Triblett +cn: Kevin Triblett +homeDirectory: /home/ktriblett +gecos: Kevin Triblett +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVB4UERjTi9ISlhiUjI= +loginShell: /bin/bash + +dn: uid=hcrowden,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hcrowden +uidNumber: 4942 +gidNumber: 1000 +givenName: Hilda +sn: Crowden +cn: Hilda Crowden +homeDirectory: /home/hcrowden +gecos: Hilda Crowden +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YXphbGVh +loginShell: /bin/bash + +dn: uid=dtornow,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dtornow +uidNumber: 4943 +gidNumber: 1000 +givenName: Dama +sn: Tornow +cn: Dama Tornow +homeDirectory: /home/dtornow +gecos: Dama Tornow +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cGFsdHJpZXI= +loginShell: /bin/bash + +dn: uid=phalter,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: phalter +uidNumber: 4944 +gidNumber: 1000 +givenName: Pierre +sn: Halter +cn: Pierre Halter +homeDirectory: /home/phalter +gecos: Pierre Halter +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9RzN1eTdxVm5hcmdLOGpLYjkxNXlvT2phNExscUh5WlM= +loginShell: /bin/bash + +dn: uid=lnormand,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lnormand +uidNumber: 4945 +gidNumber: 1000 +givenName: Lenny +sn: Normand +cn: Lenny Normand +homeDirectory: /home/lnormand +gecos: Lenny Normand +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9dlZlV3ZSeUg2VW1NTnp1RFlDZUlIZ21Ha1lnPQ== +loginShell: /bin/bash + +dn: cn=Vaughan Areias,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vareias +uidNumber: 4946 +gidNumber: 1000 +givenName: Vaughan +sn: Areias +cn: Vaughan Areias +homeDirectory: /home/vareias +gecos: Vaughan Areias +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cHJpdmF0aXNpbmc= +loginShell: /bin/bash + +dn: uid=mmylott,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mmylott +uidNumber: 4947 +gidNumber: 1000 +givenName: Maemi +sn: Mylott +cn: Maemi Mylott +homeDirectory: /home/mmylott +gecos: Maemi Mylott +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ZE5QUGJlRFFxaUhydGdGbmFoRmdaT2kzdmU0PQ== +loginShell: /bin/bash + +dn: uid=btempel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: btempel +uidNumber: 4948 +gidNumber: 1000 +givenName: Beulah +sn: Tempel +cn: Beulah Tempel +homeDirectory: /home/btempel +gecos: Beulah Tempel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXM1cHBnWFVZL1RleHM= +loginShell: /bin/bash + +dn: uid=dlanois,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dlanois +uidNumber: 4949 +gidNumber: 1000 +givenName: Danas +sn: Lanois +cn: Danas Lanois +homeDirectory: /home/dlanois +gecos: Danas Lanois +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0yaTIyODRZbGJMbVF5K2ZnSlN1cGhnPT0= +loginShell: /bin/bash + +dn: uid=fbielecki,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fbielecki +uidNumber: 4950 +gidNumber: 1000 +givenName: Frederic +sn: Bielecki +cn: Frederic Bielecki +homeDirectory: /home/fbielecki +gecos: Frederic Bielecki +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ZkJnUkZWclNNV0xGanVyNDNJNC9SWFp1bFlvPQ== +loginShell: /bin/bash + +dn: uid=mblanchet,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mblanchet +uidNumber: 4951 +gidNumber: 1000 +givenName: Malia +sn: Blanchet +cn: Malia Blanchet +homeDirectory: /home/mblanchet +gecos: Malia Blanchet +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: dW5kZXJub3VyaXNoZWQ= +loginShell: /bin/bash + +dn: cn=Marian Swed,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mswed +uidNumber: 4952 +gidNumber: 1000 +givenName: Marian +sn: Swed +cn: Marian Swed +homeDirectory: /home/mswed +gecos: Marian Swed +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX15aGYwaVpHNUlyQzBYUmlzUUxSSnBRPT0= +loginShell: /bin/bash + +dn: cn=Nalgae Forti,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nforti +uidNumber: 4953 +gidNumber: 1000 +givenName: Nalgae +sn: Forti +cn: Nalgae Forti +homeDirectory: /home/nforti +gecos: Nalgae Forti +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bGV2ZWU= +loginShell: /bin/bash + +dn: uid=ptoenjes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ptoenjes +uidNumber: 4954 +gidNumber: 1000 +givenName: Pindile +sn: Toenjes +cn: Pindile Toenjes +homeDirectory: /home/ptoenjes +gecos: Pindile Toenjes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YWR2b2NhY3kncw== +loginShell: /bin/bash + +dn: uid=hsnarr,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hsnarr +uidNumber: 4955 +gidNumber: 1000 +givenName: Halong +sn: Snarr +cn: Halong Snarr +homeDirectory: /home/hsnarr +gecos: Halong Snarr +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bGFyZ2Vy +loginShell: /bin/bash + +dn: cn=Yamba Gockel+uid=ygockel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ygockel +uidNumber: 4956 +gidNumber: 1000 +givenName: Yamba +sn: Gockel +cn: Yamba Gockel +homeDirectory: /home/ygockel +gecos: Yamba Gockel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9WDI5bXJvRW1CQ2RxZnppY3Y2VXBlS1lXMlhmQ1NIelo= +loginShell: /bin/bash + +dn: cn=Sepat Stough+uid=sstough,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sstough +uidNumber: 4957 +gidNumber: 1000 +givenName: Sepat +sn: Stough +cn: Sepat Stough +homeDirectory: /home/sstough +gecos: Sepat Stough +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXFCTmlzYi9INGphU0U= +loginShell: /bin/bash + +dn: cn=Dianmu Barretto+uid=dbarretto,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dbarretto +uidNumber: 4958 +gidNumber: 1000 +givenName: Dianmu +sn: Barretto +cn: Dianmu Barretto +homeDirectory: /home/dbarretto +gecos: Dianmu Barretto +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9VHY5YmZjTGlvenRlL1B5c1luR1p2S3RvRnBndjVhT1Y= +loginShell: /bin/bash + +dn: uid=cdouthett,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cdouthett +uidNumber: 4959 +gidNumber: 1000 +givenName: Carmen +sn: Douthett +cn: Carmen Douthett +homeDirectory: /home/cdouthett +gecos: Carmen Douthett +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX13YzJpeEs0dVFjY0xUZU5pU0lhVHdUb1dtZVE9 +loginShell: /bin/bash + +dn: uid=tcossa,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tcossa +uidNumber: 4960 +gidNumber: 1000 +givenName: Tina +sn: Cossa +cn: Tina Cossa +homeDirectory: /home/tcossa +gecos: Tina Cossa +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bG9uZXNvbWU= +loginShell: /bin/bash + +dn: uid=fsymmonds,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fsymmonds +uidNumber: 4961 +gidNumber: 1000 +givenName: Fernanda +sn: Symmonds +cn: Fernanda Symmonds +homeDirectory: /home/fsymmonds +gecos: Fernanda Symmonds +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3F1YWxvcidz +loginShell: /bin/bash + +dn: uid=nlinarez,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nlinarez +uidNumber: 4962 +gidNumber: 1000 +givenName: Nelson +sn: Linarez +cn: Nelson Linarez +homeDirectory: /home/nlinarez +gecos: Nelson Linarez +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1JNDFhU0VXRWdOQWNUbUJFdXNsQUlBPT0= +loginShell: /bin/bash + +dn: uid=vwaltmann,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vwaltmann +uidNumber: 4963 +gidNumber: 1000 +givenName: Vicete +sn: Waltmann +cn: Vicete Waltmann +homeDirectory: /home/vwaltmann +gecos: Vicete Waltmann +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1nc044Tnlkd0kxWllCWFh3TkVNM0lEdU9ON3M9 +loginShell: /bin/bash + +dn: cn=Pierre Wetherwax,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pwetherwax +uidNumber: 4964 +gidNumber: 1000 +givenName: Pierre +sn: Wetherwax +cn: Pierre Wetherwax +homeDirectory: /home/pwetherwax +gecos: Pierre Wetherwax +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWFsMkpoMUJkamJiVVU= +loginShell: /bin/bash + +dn: cn=Drena Stubby,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dstubby +uidNumber: 4965 +gidNumber: 1000 +givenName: Drena +sn: Stubby +cn: Drena Stubby +homeDirectory: /home/dstubby +gecos: Drena Stubby +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YmxhY2tlc3Q= +loginShell: /bin/bash + +dn: uid=dsumaran,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dsumaran +uidNumber: 4966 +gidNumber: 1000 +givenName: Daniel +sn: Sumaran +cn: Daniel Sumaran +homeDirectory: /home/dsumaran +gecos: Daniel Sumaran +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ZkErQmpTcEVNTFQ5cERhNE1TY0tEMTV2ZlNIU2VnVmU= +loginShell: /bin/bash + +dn: cn=Cecily Ereth,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cereth +uidNumber: 4967 +gidNumber: 1000 +givenName: Cecily +sn: Ereth +cn: Cecily Ereth +homeDirectory: /home/cereth +gecos: Cecily Ereth +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX03VGxyNUxzakJEbXFxQ1o2SjlaRUVnPT0= +loginShell: /bin/bash + +dn: uid=tmarkus,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tmarkus +uidNumber: 4968 +gidNumber: 1000 +givenName: Tara +sn: Markus +cn: Tara Markus +homeDirectory: /home/tmarkus +gecos: Tara Markus +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9Z1BIS1RUdllqdEdTbGhiaTZObU1odGw2aVpZPQ== +loginShell: /bin/bash + +dn: cn=Carlotta Winney,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cwinney +uidNumber: 4969 +gidNumber: 1000 +givenName: Carlotta +sn: Winney +cn: Carlotta Winney +homeDirectory: /home/cwinney +gecos: Carlotta Winney +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: b3B0cw== +loginShell: /bin/bash + +dn: uid=wbarcellos,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wbarcellos +uidNumber: 4970 +gidNumber: 1000 +givenName: Wutip +sn: Barcellos +cn: Wutip Barcellos +homeDirectory: /home/wbarcellos +gecos: Wutip Barcellos +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9dWo3Lzl2YUpXdk9XK01pdFRQQmJJV3paYkd5QnliQ0g= +loginShell: /bin/bash + +dn: uid=jwelliver,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jwelliver +uidNumber: 4971 +gidNumber: 1000 +givenName: Juliette +sn: Welliver +cn: Juliette Welliver +homeDirectory: /home/jwelliver +gecos: Juliette Welliver +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0rNXlvKzdwTzlTc0RUc1FDaDFrczVJOW5kdjg9 +loginShell: /bin/bash + +dn: uid=ymudie,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ymudie +uidNumber: 4972 +gidNumber: 1000 +givenName: Yanyan +sn: Mudie +cn: Yanyan Mudie +homeDirectory: /home/ymudie +gecos: Yanyan Mudie +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Qm10eWpkZzhOSm5iR1AzWVY4NmVYcnVtNFVjNndnSTA= +loginShell: /bin/bash + +dn: cn=Leslie Gab+uid=lgab,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lgab +uidNumber: 4973 +gidNumber: 1000 +givenName: Leslie +sn: Gab +cn: Leslie Gab +homeDirectory: /home/lgab +gecos: Leslie Gab +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1FU0puOHlIeGZOZHBERVJZMTV5TE1RPT0= +loginShell: /bin/bash + +dn: cn=Craig Kugler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ckugler +uidNumber: 4974 +gidNumber: 1000 +givenName: Craig +sn: Kugler +cn: Craig Kugler +homeDirectory: /home/ckugler +gecos: Craig Kugler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1uVXhXeWdyV0MvR1krOXV3NmNyK2pub2JKQlk9 +loginShell: /bin/bash + +dn: uid=hdoiel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hdoiel +uidNumber: 4975 +gidNumber: 1000 +givenName: Helio +sn: Doiel +cn: Helio Doiel +homeDirectory: /home/hdoiel +gecos: Helio Doiel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9N0JwUkNiRUZrVTVVbEd4VWZESXJGMGY0R1hRPQ== +loginShell: /bin/bash + +dn: uid=yhenriques,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: yhenriques +uidNumber: 4976 +gidNumber: 1000 +givenName: Yasi +sn: Henriques +cn: Yasi Henriques +homeDirectory: /home/yhenriques +gecos: Yasi Henriques +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1tSHVLajVpdmFyemV3cVVqcjlESTJRPT0= +loginShell: /bin/bash + +dn: uid=kbrancati,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kbrancati +uidNumber: 4977 +gidNumber: 1000 +givenName: Kim +sn: Brancati +cn: Kim Brancati +homeDirectory: /home/kbrancati +gecos: Kim Brancati +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RDlzOU44bCsvdkUzMHVtY2NLR2t1Uk1zSlY4PQ== +loginShell: /bin/bash + +dn: uid=bmatrejek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bmatrejek +uidNumber: 4978 +gidNumber: 1000 +givenName: Bud +sn: Matrejek +cn: Bud Matrejek +homeDirectory: /home/bmatrejek +gecos: Bud Matrejek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bW9ub3BvbHk= +loginShell: /bin/bash + +dn: uid=asellberg,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: asellberg +uidNumber: 4979 +gidNumber: 1000 +givenName: Alicia +sn: Sellberg +cn: Alicia Sellberg +homeDirectory: /home/asellberg +gecos: Alicia Sellberg +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0yNStEVGIxaWpTVXIwRytCcGxpNVZzWitaTTQ9 +loginShell: /bin/bash + +dn: uid=emanikowski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: emanikowski +uidNumber: 4980 +gidNumber: 1000 +givenName: Edouard +sn: Manikowski +cn: Edouard Manikowski +homeDirectory: /home/emanikowski +gecos: Edouard Manikowski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX14cWtSVzZFQ2xCZ1J3dW4wS3ZQOENnPT0= +loginShell: /bin/bash + +dn: cn=Jimena Bergseng,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jbergseng +uidNumber: 4981 +gidNumber: 1000 +givenName: Jimena +sn: Bergseng +cn: Jimena Bergseng +homeDirectory: /home/jbergseng +gecos: Jimena Bergseng +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1UVlpBb0wvbUowUGhTdGpOTDJTNGlwOEFxKzA9 +loginShell: /bin/bash + +dn: uid=tmontesi,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tmontesi +uidNumber: 4982 +gidNumber: 1000 +givenName: Tara +sn: Montesi +cn: Tara Montesi +homeDirectory: /home/tmontesi +gecos: Tara Montesi +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9UWQrQndhUHJlTER0S1B6d2hESEZUTk16c0cxY1lrazE= +loginShell: /bin/bash + +dn: uid=hchaviano,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hchaviano +uidNumber: 4983 +gidNumber: 1000 +givenName: Humba +sn: Chaviano +cn: Humba Chaviano +homeDirectory: /home/hchaviano +gecos: Humba Chaviano +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bG9vbmV5cw== +loginShell: /bin/bash + +dn: uid=kgelhar,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kgelhar +uidNumber: 4984 +gidNumber: 1000 +givenName: Kularb +sn: Gelhar +cn: Kularb Gelhar +homeDirectory: /home/kgelhar +gecos: Kularb Gelhar +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXZQYlAuRXdPbFZNNy4= +loginShell: /bin/bash + +dn: uid=amcgraw,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: amcgraw +uidNumber: 4985 +gidNumber: 1000 +givenName: Allison +sn: McGraw +cn: Allison McGraw +homeDirectory: /home/amcgraw +gecos: Allison McGraw +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXo3L1kuLmpWOWVGNGc= +loginShell: /bin/bash + +dn: uid=nscharler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nscharler +uidNumber: 4986 +gidNumber: 1000 +givenName: Nakri +sn: Scharler +cn: Nakri Scharler +homeDirectory: /home/nscharler +gecos: Nakri Scharler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9enJVZzhyWExMZEoySGthUmczWmhmd3hqaGl3PQ== +loginShell: /bin/bash + +dn: cn=Raymond Marsee+uid=rmarsee,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rmarsee +uidNumber: 4987 +gidNumber: 1000 +givenName: Raymond +sn: Marsee +cn: Raymond Marsee +homeDirectory: /home/rmarsee +gecos: Raymond Marsee +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: dGluZGVyYm94ZXM= +loginShell: /bin/bash + +dn: uid=khembrey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: khembrey +uidNumber: 4988 +gidNumber: 1000 +givenName: Kevin +sn: Hembrey +cn: Kevin Hembrey +homeDirectory: /home/khembrey +gecos: Kevin Hembrey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWR1bG1tOVBZc2IxQWc= +loginShell: /bin/bash + +dn: uid=wkahoun,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wkahoun +uidNumber: 4989 +gidNumber: 1000 +givenName: Wanda +sn: Kahoun +cn: Wanda Kahoun +homeDirectory: /home/wkahoun +gecos: Wanda Kahoun +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZGVudW5jaWF0aW9uJ3M= +loginShell: /bin/bash + +dn: uid=tvisitacion,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tvisitacion +uidNumber: 4990 +gidNumber: 1000 +givenName: Tam +sn: Visitacion +cn: Tam Visitacion +homeDirectory: /home/tvisitacion +gecos: Tam Visitacion +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9MlZBYmZneUlLbkFMTWZEcW80TTlEM2hsS0ZwbCtVcFE= +loginShell: /bin/bash + +dn: uid=fsaeli,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fsaeli +uidNumber: 4991 +gidNumber: 1000 +givenName: Flossie +sn: Saeli +cn: Flossie Saeli +homeDirectory: /home/fsaeli +gecos: Flossie Saeli +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0zRHFNeE9IMjlBQzNzWjdGZWxiNGNBPT0= +loginShell: /bin/bash + +dn: uid=lschenkelberg,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lschenkelberg +uidNumber: 4992 +gidNumber: 1000 +givenName: Lidia +sn: Schenkelberg +cn: Lidia Schenkelberg +homeDirectory: /home/lschenkelberg +gecos: Lidia Schenkelberg +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9TzdCcVYxaGs0ZHhHWUFqcGlzaEZuV3pQdUhzPQ== +loginShell: /bin/bash + +dn: uid=eselvig,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eselvig +uidNumber: 4993 +gidNumber: 1000 +givenName: Erika +sn: Selvig +cn: Erika Selvig +homeDirectory: /home/eselvig +gecos: Erika Selvig +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1SUDM5YTNja0tURzJnWkZ1Qm9SMDRnPT0= +loginShell: /bin/bash + +dn: uid=istoff,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: istoff +uidNumber: 4994 +gidNumber: 1000 +givenName: Isaac +sn: Stoff +cn: Isaac Stoff +homeDirectory: /home/istoff +gecos: Isaac Stoff +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWlEdnl0ZDguMUIvQUU= +loginShell: /bin/bash + +dn: cn=Malakas Yokoyama+uid=myokoyama,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: myokoyama +uidNumber: 4995 +gidNumber: 1000 +givenName: Malakas +sn: Yokoyama +cn: Malakas Yokoyama +homeDirectory: /home/myokoyama +gecos: Malakas Yokoyama +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cGx1dG9uaXVt +loginShell: /bin/bash + +dn: cn=Mindy Tuma+uid=mtuma,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mtuma +uidNumber: 4996 +gidNumber: 1000 +givenName: Mindy +sn: Tuma +cn: Mindy Tuma +homeDirectory: /home/mtuma +gecos: Mindy Tuma +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWFtMlN5NlBGTlZ5TC4= +loginShell: /bin/bash + +dn: cn=Tuni Senemounnarat,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tsenemounnarat +uidNumber: 4997 +gidNumber: 1000 +givenName: Tuni +sn: Senemounnarat +cn: Tuni Senemounnarat +homeDirectory: /home/tsenemounnarat +gecos: Tuni Senemounnarat +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX02SGMxZUgraDhGd2xHS3FvTFVNZDJmM0ZkbHc9 +loginShell: /bin/bash + +dn: uid=wharpel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wharpel +uidNumber: 4998 +gidNumber: 1000 +givenName: Wene +sn: Harpel +cn: Wene Harpel +homeDirectory: /home/wharpel +gecos: Wene Harpel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9K3BTRCtTcmJqSGduQlUveHdZVXhlWXNtRkd5enI3cGg= +loginShell: /bin/bash + +dn: uid=gfedewa,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gfedewa +uidNumber: 4999 +gidNumber: 1000 +givenName: Gilma +sn: Fedewa +cn: Gilma Fedewa +homeDirectory: /home/gfedewa +gecos: Gilma Fedewa +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bW90dG8ncw== +loginShell: /bin/bash + +dn: cn=Fengshen Dechellis+uid=fdechellis,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fdechellis +uidNumber: 5000 +gidNumber: 1000 +givenName: Fengshen +sn: Dechellis +cn: Fengshen Dechellis +homeDirectory: /home/fdechellis +gecos: Fengshen Dechellis +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX03REdVSXozZ29TcjNaWHozTDR5cE9JMDhXTm89 +loginShell: /bin/bash + +dn: cn=Utor Datu+uid=udatu,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: udatu +uidNumber: 5001 +gidNumber: 1000 +givenName: Utor +sn: Datu +cn: Utor Datu +homeDirectory: /home/udatu +gecos: Utor Datu +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1zcTVnM3c4eDZWQ2J6OWV5RStyYVZ1MWZQdHM9 +loginShell: /bin/bash + +dn: uid=pziesmer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pziesmer +uidNumber: 5002 +gidNumber: 1000 +givenName: Polo +sn: Ziesmer +cn: Polo Ziesmer +homeDirectory: /home/pziesmer +gecos: Polo Ziesmer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUVYTVFsb0NKNFB4djI= +loginShell: /bin/bash + +dn: cn=Gavin Jundt+uid=gjundt,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gjundt +uidNumber: 5003 +gidNumber: 1000 +givenName: Gavin +sn: Jundt +cn: Gavin Jundt +homeDirectory: /home/gjundt +gecos: Gavin Jundt +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1KNHhDeStLWGsxTXhsN1U3c0M3VlZqT1VVMFU9 +loginShell: /bin/bash + +dn: cn=Garry Krasner+uid=gkrasner,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gkrasner +uidNumber: 5004 +gidNumber: 1000 +givenName: Garry +sn: Krasner +cn: Garry Krasner +homeDirectory: /home/gkrasner +gecos: Garry Krasner +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cVZkenZaanZPWnU2QW56UDFuTk9pUmtoWHhBPQ== +loginShell: /bin/bash + +dn: uid=ycostaneda,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ycostaneda +uidNumber: 5005 +gidNumber: 1000 +givenName: Yuri +sn: Costaneda +cn: Yuri Costaneda +homeDirectory: /home/ycostaneda +gecos: Yuri Costaneda +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9OXpjMUpJTFo4WDBZTGlVb1RBbmdiWHQ1dVE4PQ== +loginShell: /bin/bash + +dn: cn=Leo Pitek+uid=lpitek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lpitek +uidNumber: 5006 +gidNumber: 1000 +givenName: Leo +sn: Pitek +cn: Leo Pitek +homeDirectory: /home/lpitek +gecos: Leo Pitek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXNwejhiRTU3YzNHR0k= +loginShell: /bin/bash + +dn: uid=ibowdle,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ibowdle +uidNumber: 5007 +gidNumber: 1000 +givenName: Isis +sn: Bowdle +cn: Isis Bowdle +homeDirectory: /home/ibowdle +gecos: Isis Bowdle +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YWJhY3VzJ3M= +loginShell: /bin/bash + +dn: uid=hbraim,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hbraim +uidNumber: 5008 +gidNumber: 1000 +givenName: Halola +sn: Braim +cn: Halola Braim +homeDirectory: /home/hbraim +gecos: Halola Braim +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c29sZWQ= +loginShell: /bin/bash + +dn: cn=Ian Voetmann,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ivoetmann +uidNumber: 5009 +gidNumber: 1000 +givenName: Ian +sn: Voetmann +cn: Ian Voetmann +homeDirectory: /home/ivoetmann +gecos: Ian Voetmann +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWxucnZmOE1jcUNLMVE= +loginShell: /bin/bash + +dn: uid=dlancey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dlancey +uidNumber: 5010 +gidNumber: 1000 +givenName: Diana +sn: Lancey +cn: Diana Lancey +homeDirectory: /home/dlancey +gecos: Diana Lancey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bmVydm91c25lc3Mncw== +loginShell: /bin/bash + +dn: cn=Norbert Bolon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nbolon +uidNumber: 5011 +gidNumber: 1000 +givenName: Norbert +sn: Bolon +cn: Norbert Bolon +homeDirectory: /home/nbolon +gecos: Norbert Bolon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1JSU4wRFlUOGJ0Zjh0WVBjQjR2Q3hnPT0= +loginShell: /bin/bash + +dn: cn=Gustav Cummer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gcummer +uidNumber: 5012 +gidNumber: 1000 +givenName: Gustav +sn: Cummer +cn: Gustav Cummer +homeDirectory: /home/gcummer +gecos: Gustav Cummer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1xMG5FL3B4aVdpNGUxUk1lSTlWQjFqSjJRcjg9 +loginShell: /bin/bash + +dn: uid=hlichota,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hlichota +uidNumber: 5013 +gidNumber: 1000 +givenName: Hazel +sn: Lichota +cn: Hazel Lichota +homeDirectory: /home/hlichota +gecos: Hazel Lichota +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTcwUHgueTRXc0liLzI= +loginShell: /bin/bash + +dn: uid=akraskouskas,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: akraskouskas +uidNumber: 5014 +gidNumber: 1000 +givenName: Ana +sn: Kraskouskas +cn: Ana Kraskouskas +homeDirectory: /home/akraskouskas +gecos: Ana Kraskouskas +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfW5jby5GdUtJcWhpQmM= +loginShell: /bin/bash + +dn: uid=hcalvaruso,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hcalvaruso +uidNumber: 5015 +gidNumber: 1000 +givenName: Hernan +sn: Calvaruso +cn: Hernan Calvaruso +homeDirectory: /home/hcalvaruso +gecos: Hernan Calvaruso +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9TEZIRlovL3BydS9PcStETHhySHVxRnAvUm14V2ozTGQ= +loginShell: /bin/bash + +dn: uid=tcuenca,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tcuenca +uidNumber: 5016 +gidNumber: 1000 +givenName: Todd +sn: Cuenca +cn: Todd Cuenca +homeDirectory: /home/tcuenca +gecos: Todd Cuenca +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bWlsa21hbg== +loginShell: /bin/bash + +dn: uid=tfalconeri,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tfalconeri +uidNumber: 5017 +gidNumber: 1000 +givenName: Tako +sn: Falconeri +cn: Tako Falconeri +homeDirectory: /home/tfalconeri +gecos: Tako Falconeri +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cmVsb2FkJ3M= +loginShell: /bin/bash + +dn: cn=Iris Mcbay,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: imcbay +uidNumber: 5018 +gidNumber: 1000 +givenName: Iris +sn: Mcbay +cn: Iris Mcbay +homeDirectory: /home/imcbay +gecos: Iris Mcbay +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9R1hPbGM3cGhPNnVibVdtc0xxYkJBaU9iRmlnPQ== +loginShell: /bin/bash + +dn: uid=vschaedler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vschaedler +uidNumber: 5019 +gidNumber: 1000 +givenName: Victor +sn: Schaedler +cn: Victor Schaedler +homeDirectory: /home/vschaedler +gecos: Victor Schaedler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXliaS5vRXdhWWxQQi4= +loginShell: /bin/bash + +dn: uid=cheinecke,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cheinecke +uidNumber: 5020 +gidNumber: 1000 +givenName: Cora +sn: Heinecke +cn: Cora Heinecke +homeDirectory: /home/cheinecke +gecos: Cora Heinecke +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cWUrcXNyVGlIVnJOWXJ1eUJlQkZyZk5JYjFvPQ== +loginShell: /bin/bash + +dn: cn=Dianne Bissen+uid=dbissen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dbissen +uidNumber: 5021 +gidNumber: 1000 +givenName: Dianne +sn: Bissen +cn: Dianne Bissen +homeDirectory: /home/dbissen +gecos: Dianne Bissen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWtURVJNTGNWTGxlelk= +loginShell: /bin/bash + +dn: uid=vnooman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vnooman +uidNumber: 5022 +gidNumber: 1000 +givenName: Veronica +sn: Nooman +cn: Veronica Nooman +homeDirectory: /home/vnooman +gecos: Veronica Nooman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9YTJUeC9PYm9PcERiakVSUEVWcHhuOG5hejUwPQ== +loginShell: /bin/bash + +dn: cn=Irwin Nobrega+uid=inobrega,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: inobrega +uidNumber: 5023 +gidNumber: 1000 +givenName: Irwin +sn: Nobrega +cn: Irwin Nobrega +homeDirectory: /home/inobrega +gecos: Irwin Nobrega +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cUdZQUFmdy9OMlFRMEszU1VKdzh0amJVNjk4PQ== +loginShell: /bin/bash + +dn: uid=vmigliori,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vmigliori +uidNumber: 5024 +gidNumber: 1000 +givenName: Velo +sn: Migliori +cn: Velo Migliori +homeDirectory: /home/vmigliori +gecos: Velo Migliori +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9WVBBS0pwUmRCUlYxNlh2ditmbGluVGg0RGFWVXZtYkc= +loginShell: /bin/bash + +dn: uid=gcarlini,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gcarlini +uidNumber: 5025 +gidNumber: 1000 +givenName: Gillian +sn: Carlini +cn: Gillian Carlini +homeDirectory: /home/gcarlini +gecos: Gillian Carlini +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTRJTzVkeUdjck51b00= +loginShell: /bin/bash + +dn: uid=ecathers,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ecathers +uidNumber: 5026 +gidNumber: 1000 +givenName: Emma +sn: Cathers +cn: Emma Cathers +homeDirectory: /home/ecathers +gecos: Emma Cathers +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9cWtmNnYwYTMvVlRnMnB0ekdreWV3R2V5bEs4NjBVdC8= +loginShell: /bin/bash + +dn: uid=yschmuff,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: yschmuff +uidNumber: 5027 +gidNumber: 1000 +givenName: Yali +sn: Schmuff +cn: Yali Schmuff +homeDirectory: /home/yschmuff +gecos: Yali Schmuff +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUZlRjB4QWR6MzRNWDY= +loginShell: /bin/bash + +dn: uid=ekeuper,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ekeuper +uidNumber: 5028 +gidNumber: 1000 +givenName: Enrique +sn: Keuper +cn: Enrique Keuper +homeDirectory: /home/ekeuper +gecos: Enrique Keuper +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1VV2F1WmNKcWVqczg1ZHhBMVJqMm1nPT0= +loginShell: /bin/bash + +dn: cn=Winifred Selim,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wselim +uidNumber: 5029 +gidNumber: 1000 +givenName: Winifred +sn: Selim +cn: Winifred Selim +homeDirectory: /home/wselim +gecos: Winifred Selim +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1LYUVtUEoycFJiZWZoSUYwZEhnR2dRPT0= +loginShell: /bin/bash + +dn: uid=nphan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nphan +uidNumber: 5030 +gidNumber: 1000 +givenName: Nat +sn: Phan +cn: Nat Phan +homeDirectory: /home/nphan +gecos: Nat Phan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9TUVzNFByT1l4NjVwNWdBSTIySkFnWjVHYWt3PQ== +loginShell: /bin/bash + +dn: uid=asemons,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: asemons +uidNumber: 5031 +gidNumber: 1000 +givenName: Anika +sn: Semons +cn: Anika Semons +homeDirectory: /home/asemons +gecos: Anika Semons +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVRqUmg5SGpONkdjRWM= +loginShell: /bin/bash + +dn: uid=cmiramon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cmiramon +uidNumber: 5032 +gidNumber: 1000 +givenName: Carlos +sn: Miramon +cn: Carlos Miramon +homeDirectory: /home/cmiramon +gecos: Carlos Miramon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9MkplWGdNa012bktQNDZIanRJdXJqSzhZbFNJPQ== +loginShell: /bin/bash + +dn: uid=ckehl,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ckehl +uidNumber: 5033 +gidNumber: 1000 +givenName: Cathy +sn: Kehl +cn: Cathy Kehl +homeDirectory: /home/ckehl +gecos: Cathy Kehl +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1XYm5xK2xGQnhnUmZzQ2tqU21EOXJnPT0= +loginShell: /bin/bash + +dn: cn=Nona Delmore+uid=ndelmore,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ndelmore +uidNumber: 5034 +gidNumber: 1000 +givenName: Nona +sn: Delmore +cn: Nona Delmore +homeDirectory: /home/ndelmore +gecos: Nona Delmore +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX04eFN0ZUFSeHVMRmY4MlZqNTVOVHJBPT0= +loginShell: /bin/bash + +dn: uid=mherlihy,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mherlihy +uidNumber: 5035 +gidNumber: 1000 +givenName: Megi +sn: Herlihy +cn: Megi Herlihy +homeDirectory: /home/mherlihy +gecos: Megi Herlihy +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aGFnZ2Vk +loginShell: /bin/bash + +dn: uid=ykriegel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ykriegel +uidNumber: 5036 +gidNumber: 1000 +givenName: Yolanda +sn: Kriegel +cn: Yolanda Kriegel +homeDirectory: /home/ykriegel +gecos: Yolanda Kriegel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1IVEtlVjc1NUVOWE9PRFVtM3JEaTNRPT0= +loginShell: /bin/bash + +dn: cn=Flossie Ratner+uid=fratner,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fratner +uidNumber: 5037 +gidNumber: 1000 +givenName: Flossie +sn: Ratner +cn: Flossie Ratner +homeDirectory: /home/fratner +gecos: Flossie Ratner +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9aUVLTHFsRU5SQzlXSjNaZ09SUXUrZjJwdjB1TXVvV3c= +loginShell: /bin/bash + +dn: uid=etunby,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: etunby +uidNumber: 5038 +gidNumber: 1000 +givenName: Emma +sn: Tunby +cn: Emma Tunby +homeDirectory: /home/etunby +gecos: Emma Tunby +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1VY0xsdjFZdWtxaVR3VmhXM2xOMnV0clhmY1U9 +loginShell: /bin/bash + +dn: uid=mmanozca,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mmanozca +uidNumber: 5039 +gidNumber: 1000 +givenName: Marty +sn: Manozca +cn: Marty Manozca +homeDirectory: /home/mmanozca +gecos: Marty Manozca +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0xbUtYNVRRNE4wZlZVZ2FURHQvU3UrRXhVb289 +loginShell: /bin/bash + +dn: uid=panello,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: panello +uidNumber: 5040 +gidNumber: 1000 +givenName: Pabuk +sn: Anello +cn: Pabuk Anello +homeDirectory: /home/panello +gecos: Pabuk Anello +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9YS9OTkcvd3hEL3B5RDVDVllJbExUSnFCN0h4am5xRnE= +loginShell: /bin/bash + +dn: uid=lmichaud,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lmichaud +uidNumber: 5041 +gidNumber: 1000 +givenName: Lingling +sn: Michaud +cn: Lingling Michaud +homeDirectory: /home/lmichaud +gecos: Lingling Michaud +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1NcFdpS2VIaEIzWUNPbzNpRGp6MjBRPT0= +loginShell: /bin/bash + +dn: uid=dpintor,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dpintor +uidNumber: 5042 +gidNumber: 1000 +givenName: Diwa +sn: Pintor +cn: Diwa Pintor +homeDirectory: /home/dpintor +gecos: Diwa Pintor +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX15cnQrY0hMeHNMNG9iaCtOK1g5MkNRPT0= +loginShell: /bin/bash + +dn: cn=Kiko Brugal,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kbrugal +uidNumber: 5043 +gidNumber: 1000 +givenName: Kiko +sn: Brugal +cn: Kiko Brugal +homeDirectory: /home/kbrugal +gecos: Kiko Brugal +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RStvZ1BNQktVcncwSVVYKzF4QjNLUXN2SXJnPQ== +loginShell: /bin/bash + +dn: uid=mmattu,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mmattu +uidNumber: 5044 +gidNumber: 1000 +givenName: Mitch +sn: Mattu +cn: Mitch Mattu +homeDirectory: /home/mmattu +gecos: Mitch Mattu +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9d28vVm5SOFVtUDl3L1dKOTlzdUl4QVkvSHc4RWlIQkE= +loginShell: /bin/bash + +dn: cn=Rebecca Pikes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rpikes +uidNumber: 5045 +gidNumber: 1000 +givenName: Rebecca +sn: Pikes +cn: Rebecca Pikes +homeDirectory: /home/rpikes +gecos: Rebecca Pikes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9YjBzTTZkSzYxcXJFMjBYdUJvM21rM3dkS3JqaTc0dUg= +loginShell: /bin/bash + +dn: uid=lnagata,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lnagata +uidNumber: 5046 +gidNumber: 1000 +givenName: Louise +sn: Nagata +cn: Louise Nagata +homeDirectory: /home/lnagata +gecos: Louise Nagata +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXE4bVUyenUvRlV0WC4= +loginShell: /bin/bash + +dn: uid=tmurata,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tmurata +uidNumber: 5047 +gidNumber: 1000 +givenName: Tam +sn: Murata +cn: Tam Murata +homeDirectory: /home/tmurata +gecos: Tam Murata +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: dmlueWwncw== +loginShell: /bin/bash + +dn: cn=Billy Walega,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bwalega +uidNumber: 5048 +gidNumber: 1000 +givenName: Billy +sn: Walega +cn: Billy Walega +homeDirectory: /home/bwalega +gecos: Billy Walega +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1iS3VKZTB5K2pXQzU2U2E0MWhndUhtVmd2dWM9 +loginShell: /bin/bash + +dn: uid=ivanschaack,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ivanschaack +uidNumber: 5049 +gidNumber: 1000 +givenName: Isobel +sn: VanSchaack +cn: Isobel VanSchaack +homeDirectory: /home/ivanschaack +gecos: Isobel VanSchaack +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9TEpoOVNsZC9nU051aUZEN29pUnJFRFpLbXJyU1NaMGg= +loginShell: /bin/bash + +dn: uid=hholyfield,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hholyfield +uidNumber: 5050 +gidNumber: 1000 +givenName: Haitang +sn: Holyfield +cn: Haitang Holyfield +homeDirectory: /home/hholyfield +gecos: Haitang Holyfield +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXM3Y08uTG5lWlBEUFk= +loginShell: /bin/bash + +dn: cn=Kodo Straughn+uid=kstraughn,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kstraughn +uidNumber: 5051 +gidNumber: 1000 +givenName: Kodo +sn: Straughn +cn: Kodo Straughn +homeDirectory: /home/kstraughn +gecos: Kodo Straughn +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: U2VuaW9y +loginShell: /bin/bash + +dn: uid=kmoesch,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kmoesch +uidNumber: 5052 +gidNumber: 1000 +givenName: Kim +sn: Moesch +cn: Kim Moesch +homeDirectory: /home/kmoesch +gecos: Kim Moesch +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUgyR0U0aGpWTTNpUEU= +loginShell: /bin/bash + +dn: cn=Emily Turpiano,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eturpiano +uidNumber: 5053 +gidNumber: 1000 +givenName: Emily +sn: Turpiano +cn: Emily Turpiano +homeDirectory: /home/eturpiano +gecos: Emily Turpiano +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTAxZjh3L3dOSlpiN0k= +loginShell: /bin/bash + +dn: uid=oahyou,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: oahyou +uidNumber: 5054 +gidNumber: 1000 +givenName: Otile +sn: Ahyou +cn: Otile Ahyou +homeDirectory: /home/oahyou +gecos: Otile Ahyou +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX05blRFU0FsTll4eDJBMVJoQ3ZXSzYrWkNHSmM9 +loginShell: /bin/bash + +dn: uid=hcintron,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hcintron +uidNumber: 5055 +gidNumber: 1000 +givenName: Higos +sn: Cintron +cn: Higos Cintron +homeDirectory: /home/hcintron +gecos: Higos Cintron +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aW1wYXRpZW5jZQ== +loginShell: /bin/bash + +dn: cn=Alvin Mozier,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: amozier +uidNumber: 5056 +gidNumber: 1000 +givenName: Alvin +sn: Mozier +cn: Alvin Mozier +homeDirectory: /home/amozier +gecos: Alvin Mozier +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXlvM0ZkNnhnaktzQUk= +loginShell: /bin/bash + +dn: cn=Trudy Marcom+uid=tmarcom,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tmarcom +uidNumber: 5057 +gidNumber: 1000 +givenName: Trudy +sn: Marcom +cn: Trudy Marcom +homeDirectory: /home/tmarcom +gecos: Trudy Marcom +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1IMFdGWGtDWHEra0wvVkdIc2owVUdnRFZLZXc9 +loginShell: /bin/bash + +dn: uid=fnottage,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fnottage +uidNumber: 5058 +gidNumber: 1000 +givenName: Ferdinand +sn: Nottage +cn: Ferdinand Nottage +homeDirectory: /home/fnottage +gecos: Ferdinand Nottage +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9NzFROGlaWjRjYWlHVnZGYmc1RmxzYnBPUW1VPQ== +loginShell: /bin/bash + +dn: cn=Rossana Koonz+uid=rkoonz,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rkoonz +uidNumber: 5059 +gidNumber: 1000 +givenName: Rossana +sn: Koonz +cn: Rossana Koonz +homeDirectory: /home/rkoonz +gecos: Rossana Koonz +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1GcXhkUExudVN6eWJSZVBvTmgzb05UYVhYSGc9 +loginShell: /bin/bash + +dn: cn=Lee Slavis,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lslavis +uidNumber: 5060 +gidNumber: 1000 +givenName: Lee +sn: Slavis +cn: Lee Slavis +homeDirectory: /home/lslavis +gecos: Lee Slavis +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1BdHp3Zm1FdStyU3VqWGZhOVFjdjNBPT0= +loginShell: /bin/bash + +dn: uid=ncradduck,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ncradduck +uidNumber: 5061 +gidNumber: 1000 +givenName: Nat +sn: Cradduck +cn: Nat Cradduck +homeDirectory: /home/ncradduck +gecos: Nat Cradduck +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1IK1FRS1d0eTZBbTdyb2QzZE8xTkh3PT0= +loginShell: /bin/bash + +dn: cn=Yali Mursko+uid=ymursko,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ymursko +uidNumber: 5062 +gidNumber: 1000 +givenName: Yali +sn: Mursko +cn: Yali Mursko +homeDirectory: /home/ymursko +gecos: Yali Mursko +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfW1sNW8vRC5BS0VFczI= +loginShell: /bin/bash + +dn: uid=kkennett,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kkennett +uidNumber: 5063 +gidNumber: 1000 +givenName: Keoni +sn: Kennett +cn: Keoni Kennett +homeDirectory: /home/kkennett +gecos: Keoni Kennett +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVBjaEpYS2hCZ1BCc1U= +loginShell: /bin/bash + +dn: uid=lsobrino,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lsobrino +uidNumber: 5064 +gidNumber: 1000 +givenName: Larry +sn: Sobrino +cn: Larry Sobrino +homeDirectory: /home/lsobrino +gecos: Larry Sobrino +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9eDdTb1lhRHBiWlpGb2JwR0VlU2p4UWJ0US9rPQ== +loginShell: /bin/bash + +dn: cn=June Freuden,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jfreuden +uidNumber: 5065 +gidNumber: 1000 +givenName: June +sn: Freuden +cn: June Freuden +homeDirectory: /home/jfreuden +gecos: June Freuden +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1Jc0grdkFybHR3MGJtU0FKdC84RjBnPT0= +loginShell: /bin/bash + +dn: uid=gbitar,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gbitar +uidNumber: 5066 +gidNumber: 1000 +givenName: Gilbert +sn: Bitar +cn: Gilbert Bitar +homeDirectory: /home/gbitar +gecos: Gilbert Bitar +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVVvbTQ1Lm9Wanh4ZWM= +loginShell: /bin/bash + +dn: cn=Carla Kondo+uid=ckondo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ckondo +uidNumber: 5067 +gidNumber: 1000 +givenName: Carla +sn: Kondo +cn: Carla Kondo +homeDirectory: /home/ckondo +gecos: Carla Kondo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1YeDJ4Rm9KNGZHNlREbjdHbi9aaEEzWXVGTW89 +loginShell: /bin/bash + +dn: cn=Sergio Debry,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sdebry +uidNumber: 5068 +gidNumber: 1000 +givenName: Sergio +sn: Debry +cn: Sergio Debry +homeDirectory: /home/sdebry +gecos: Sergio Debry +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9eDJZM1NMNTFXOGtGUkx4UjJlRVZhVEN1a1RVRW1nbHY= +loginShell: /bin/bash + +dn: cn=Wali Mailey+uid=wmailey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wmailey +uidNumber: 5069 +gidNumber: 1000 +givenName: Wali +sn: Mailey +cn: Wali Mailey +homeDirectory: /home/wmailey +gecos: Wali Mailey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YmxvdGNoaW5n +loginShell: /bin/bash + +dn: uid=gkerens,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gkerens +uidNumber: 5070 +gidNumber: 1000 +givenName: Gert +sn: Kerens +cn: Gert Kerens +homeDirectory: /home/gkerens +gecos: Gert Kerens +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1IZmtwQTVnTjJ4d1QxYWxFSlJ0Qit3PT0= +loginShell: /bin/bash + +dn: uid=tpin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tpin +uidNumber: 5071 +gidNumber: 1000 +givenName: Tico +sn: Pin +cn: Tico Pin +homeDirectory: /home/tpin +gecos: Tico Pin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1ETFI2NjI1Zmt5UHdscDVpakU1WjlRPT0= +loginShell: /bin/bash + +dn: uid=klover,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: klover +uidNumber: 5072 +gidNumber: 1000 +givenName: Katia +sn: Lover +cn: Katia Lover +homeDirectory: /home/klover +gecos: Katia Lover +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUpBYkdLTWJMLzVPby4= +loginShell: /bin/bash + +dn: cn=Alicia Woytowich,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: awoytowich +uidNumber: 5073 +gidNumber: 1000 +givenName: Alicia +sn: Woytowich +cn: Alicia Woytowich +homeDirectory: /home/awoytowich +gecos: Alicia Woytowich +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1hdmVjRFJNdkVvanVUSGFWY1NFK1VBPT0= +loginShell: /bin/bash + +dn: uid=kmosko,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kmosko +uidNumber: 5074 +gidNumber: 1000 +givenName: Katrina +sn: Mosko +cn: Katrina Mosko +homeDirectory: /home/kmosko +gecos: Katrina Mosko +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ZWkrRjR2WmxPRlRYMC84V01TdEdEUTBHWVJnPQ== +loginShell: /bin/bash + +dn: uid=puzzell,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: puzzell +uidNumber: 5075 +gidNumber: 1000 +givenName: Patty +sn: Uzzell +cn: Patty Uzzell +homeDirectory: /home/puzzell +gecos: Patty Uzzell +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YWZmbGljdHM= +loginShell: /bin/bash + +dn: uid=vfohl,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vfohl +uidNumber: 5076 +gidNumber: 1000 +givenName: Vivienne +sn: Fohl +cn: Vivienne Fohl +homeDirectory: /home/vfohl +gecos: Vivienne Fohl +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX05NWgzbTJMZ3dHcHc0QlBTOHVrWFJJc1dROXc9 +loginShell: /bin/bash + +dn: uid=cmundel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cmundel +uidNumber: 5077 +gidNumber: 1000 +givenName: Clancy +sn: Mundel +cn: Clancy Mundel +homeDirectory: /home/cmundel +gecos: Clancy Mundel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9YURTMlhKOS9RYjVnL2VVSmlHczNGdk04QnkzRWFmaDQ= +loginShell: /bin/bash + +dn: uid=wschemm,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wschemm +uidNumber: 5078 +gidNumber: 1000 +givenName: Warura +sn: Schemm +cn: Warura Schemm +homeDirectory: /home/wschemm +gecos: Warura Schemm +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0rUlJqdGw5cDQ1WGpVcXQzQWFLbC9BPT0= +loginShell: /bin/bash + +dn: uid=hschoepfer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hschoepfer +uidNumber: 5079 +gidNumber: 1000 +givenName: Hector +sn: Schoepfer +cn: Hector Schoepfer +homeDirectory: /home/hschoepfer +gecos: Hector Schoepfer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ajZBNVd4MUdXd042YjNBR1grWTVmZ3NtUElSUmxscno= +loginShell: /bin/bash + +dn: uid=ldettmann,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ldettmann +uidNumber: 5080 +gidNumber: 1000 +givenName: Lisebo +sn: Dettmann +cn: Lisebo Dettmann +homeDirectory: /home/ldettmann +gecos: Lisebo Dettmann +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1hNEl5K3Vxb3k4L1o3MWRzeG5FZG5nPT0= +loginShell: /bin/bash + +dn: uid=aramsdale,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: aramsdale +uidNumber: 5081 +gidNumber: 1000 +givenName: Andrea +sn: Ramsdale +cn: Andrea Ramsdale +homeDirectory: /home/aramsdale +gecos: Andrea Ramsdale +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9T09JbS9ER0lJcjVRVDQ4U29HTVRUcVg5ZkkwTkNpMHo= +loginShell: /bin/bash + +dn: cn=Wylva Deluccia+uid=wdeluccia,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wdeluccia +uidNumber: 5082 +gidNumber: 1000 +givenName: Wylva +sn: Deluccia +cn: Wylva Deluccia +homeDirectory: /home/wdeluccia +gecos: Wylva Deluccia +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0zOWJycWhzMWdYY2hzOFplY2NMWS9nPT0= +loginShell: /bin/bash + +dn: cn=Peter Cassaro,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pcassaro +uidNumber: 5083 +gidNumber: 1000 +givenName: Peter +sn: Cassaro +cn: Peter Cassaro +homeDirectory: /home/pcassaro +gecos: Peter Cassaro +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9eUo1dERITFUrMG1qdE00dEduZFEzR1VzMHBybGlFQVE= +loginShell: /bin/bash + +dn: uid=cbambace,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cbambace +uidNumber: 5084 +gidNumber: 1000 +givenName: Conson +sn: Bambace +cn: Conson Bambace +homeDirectory: /home/cbambace +gecos: Conson Bambace +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX02Rmw0aVF0RkRhczg5SnFCblBMa3RnPT0= +loginShell: /bin/bash + +dn: uid=ubrumett,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ubrumett +uidNumber: 5085 +gidNumber: 1000 +givenName: Upia +sn: Brumett +cn: Upia Brumett +homeDirectory: /home/ubrumett +gecos: Upia Brumett +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1hNHVVYmdIc1pZVHkrT0RxUzNTaDBLR2dscVU9 +loginShell: /bin/bash + +dn: uid=jchancy,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jchancy +uidNumber: 5086 +gidNumber: 1000 +givenName: Jaone +sn: Chancy +cn: Jaone Chancy +homeDirectory: /home/jchancy +gecos: Jaone Chancy +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXp0Vk9tM3M5L2Z6d28= +loginShell: /bin/bash + +dn: cn=Zaka Eddins+uid=zeddins,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zeddins +uidNumber: 5087 +gidNumber: 1000 +givenName: Zaka +sn: Eddins +cn: Zaka Eddins +homeDirectory: /home/zeddins +gecos: Zaka Eddins +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX16RU5ldlMvYlIvLzFLSGNWV2lDRWxxVThOV0k9 +loginShell: /bin/bash + +dn: uid=wvakil,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wvakil +uidNumber: 5088 +gidNumber: 1000 +givenName: Wilby +sn: Vakil +cn: Wilby Vakil +homeDirectory: /home/wvakil +gecos: Wilby Vakil +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUowUHVDYXNUWHJnS3M= +loginShell: /bin/bash + +dn: uid=zmeeker,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zmeeker +uidNumber: 5089 +gidNumber: 1000 +givenName: Zena +sn: Meeker +cn: Zena Meeker +homeDirectory: /home/zmeeker +gecos: Zena Meeker +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1DdUs3ZjMvMG9qci9hdHVEVGlKSXpBPT0= +loginShell: /bin/bash + +dn: uid=kwidrick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kwidrick +uidNumber: 5090 +gidNumber: 1000 +givenName: Keoni +sn: Widrick +cn: Keoni Widrick +homeDirectory: /home/kwidrick +gecos: Keoni Widrick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aW1hZ2luaW5n +loginShell: /bin/bash + +dn: uid=akomsthoeft,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: akomsthoeft +uidNumber: 5091 +gidNumber: 1000 +givenName: Allison +sn: Komsthoeft +cn: Allison Komsthoeft +homeDirectory: /home/akomsthoeft +gecos: Allison Komsthoeft +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9V00vbElXeWg0cy8vRzFycnZvZHRPbUlPcFJVPQ== +loginShell: /bin/bash + +dn: cn=Urmil Holecek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: uholecek +uidNumber: 5092 +gidNumber: 1000 +givenName: Urmil +sn: Holecek +cn: Urmil Holecek +homeDirectory: /home/uholecek +gecos: Urmil Holecek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Ym9zc2llcg== +loginShell: /bin/bash + +dn: uid=jherkenratt,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jherkenratt +uidNumber: 5093 +gidNumber: 1000 +givenName: Joan +sn: Herkenratt +cn: Joan Herkenratt +homeDirectory: /home/jherkenratt +gecos: Joan Herkenratt +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1McjdIYlcyd2trRm1nT0Nvdnh0RXBJWnBmeG89 +loginShell: /bin/bash + +dn: cn=Opal Whitelow,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: owhitelow +uidNumber: 5094 +gidNumber: 1000 +givenName: Opal +sn: Whitelow +cn: Opal Whitelow +homeDirectory: /home/owhitelow +gecos: Opal Whitelow +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9NUZBSXU5NWs4KzVRcEZZeWpMeUZhdDloSCtBRVIxOGQ= +loginShell: /bin/bash + +dn: cn=Larry Aksamit,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: laksamit +uidNumber: 5095 +gidNumber: 1000 +givenName: Larry +sn: Aksamit +cn: Larry Aksamit +homeDirectory: /home/laksamit +gecos: Larry Aksamit +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9V1NSd1dBT2VmdVN2SnhCbG9Za0xrV0RzL2ZkcHRyNDA= +loginShell: /bin/bash + +dn: uid=ohatto,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ohatto +uidNumber: 5096 +gidNumber: 1000 +givenName: Oma +sn: Hatto +cn: Oma Hatto +homeDirectory: /home/ohatto +gecos: Oma Hatto +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZGVtb25z +loginShell: /bin/bash + +dn: uid=kkozik,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kkozik +uidNumber: 5097 +gidNumber: 1000 +givenName: Krovanh +sn: Kozik +cn: Krovanh Kozik +homeDirectory: /home/kkozik +gecos: Krovanh Kozik +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9WGdmK1l2M2NMai9QWkNzY1ZKOU1GNmxYZVMzeE8zV2E= +loginShell: /bin/bash + +dn: uid=cdickes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cdickes +uidNumber: 5098 +gidNumber: 1000 +givenName: Calvin +sn: Dickes +cn: Calvin Dickes +homeDirectory: /home/cdickes +gecos: Calvin Dickes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1QZkRyYU5jVG5GdHdKNDZvQTRmajZnPT0= +loginShell: /bin/bash + +dn: cn=Carol Brom+uid=cbrom,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cbrom +uidNumber: 5099 +gidNumber: 1000 +givenName: Carol +sn: Brom +cn: Carol Brom +homeDirectory: /home/cbrom +gecos: Carol Brom +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3Bvb2sncw== +loginShell: /bin/bash + +dn: uid=dsantander,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dsantander +uidNumber: 5100 +gidNumber: 1000 +givenName: Daryl +sn: Santander +cn: Daryl Santander +homeDirectory: /home/dsantander +gecos: Daryl Santander +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9bnk5THpCMGcwNFMweWFaWHp5M01yY3htUTRJPQ== +loginShell: /bin/bash + +dn: uid=mcrise,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mcrise +uidNumber: 5101 +gidNumber: 1000 +givenName: Michael +sn: Crise +cn: Michael Crise +homeDirectory: /home/mcrise +gecos: Michael Crise +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1adk5qcHJVMU95emNLUEMzV3BSQkRBPT0= +loginShell: /bin/bash + +dn: uid=cbarlup,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cbarlup +uidNumber: 5102 +gidNumber: 1000 +givenName: Cyril +sn: Barlup +cn: Cyril Barlup +homeDirectory: /home/cbarlup +gecos: Cyril Barlup +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YXV0b21hdGVz +loginShell: /bin/bash + +dn: uid=jdodge,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jdodge +uidNumber: 5103 +gidNumber: 1000 +givenName: Joyce +sn: Dodge +cn: Joyce Dodge +homeDirectory: /home/jdodge +gecos: Joyce Dodge +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUlnRmNYenlUMWZtTm8= +loginShell: /bin/bash + +dn: cn=Agatha Scovel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ascovel +uidNumber: 5104 +gidNumber: 1000 +givenName: Agatha +sn: Scovel +cn: Agatha Scovel +homeDirectory: /home/ascovel +gecos: Agatha Scovel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9OU9mMEo1WDlydWZnTkNJT3lBTXUxUnk1eml6UkJiUms= +loginShell: /bin/bash + +dn: uid=bcuez,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bcuez +uidNumber: 5105 +gidNumber: 1000 +givenName: Bongwe +sn: Cuez +cn: Bongwe Cuez +homeDirectory: /home/bcuez +gecos: Bongwe Cuez +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9T2t5cCtueU14WjkzcHRPajBlRjhFRzREdTFDbDBvai8= +loginShell: /bin/bash + +dn: uid=twillets,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: twillets +uidNumber: 5106 +gidNumber: 1000 +givenName: Tammy +sn: Willets +cn: Tammy Willets +homeDirectory: /home/twillets +gecos: Tammy Willets +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9OUNoVFZQQVpoMzV4WTh4SEErUzd5ZjJZNXdrPQ== +loginShell: /bin/bash + +dn: uid=gwaldbauer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gwaldbauer +uidNumber: 5107 +gidNumber: 1000 +givenName: Gilbert +sn: Waldbauer +cn: Gilbert Waldbauer +homeDirectory: /home/gwaldbauer +gecos: Gilbert Waldbauer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1XMUZIanBmNHdEbmp0Qm9ENWlmY29OSDVtdGM9 +loginShell: /bin/bash + +dn: uid=mbumbalough,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mbumbalough +uidNumber: 5108 +gidNumber: 1000 +givenName: May +sn: Bumbalough +cn: May Bumbalough +homeDirectory: /home/mbumbalough +gecos: May Bumbalough +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1jSEFKL0lEV0ZPeHdKVU1RaC9KVExBPT0= +loginShell: /bin/bash + +dn: uid=kpannunzio,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kpannunzio +uidNumber: 5109 +gidNumber: 1000 +givenName: Khanun +sn: Pannunzio +cn: Khanun Pannunzio +homeDirectory: /home/kpannunzio +gecos: Khanun Pannunzio +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9OWZUTDQxVmZnbGw5ZDl3ZHcwZ09IZmI5Z09FPQ== +loginShell: /bin/bash + +dn: uid=imarungo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: imarungo +uidNumber: 5110 +gidNumber: 1000 +givenName: Io +sn: Marungo +cn: Io Marungo +homeDirectory: /home/imarungo +gecos: Io Marungo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1tMk55VjRObkhnMlJpUDVCaFVJOUZHbWV5ejQ9 +loginShell: /bin/bash + +dn: uid=zscammahorn,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zscammahorn +uidNumber: 5111 +gidNumber: 1000 +givenName: Zelda +sn: Scammahorn +cn: Zelda Scammahorn +homeDirectory: /home/zscammahorn +gecos: Zelda Scammahorn +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YXV0dW1uJ3M= +loginShell: /bin/bash + +dn: uid=lgadomski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lgadomski +uidNumber: 5112 +gidNumber: 1000 +givenName: Leslie +sn: Gadomski +cn: Leslie Gadomski +homeDirectory: /home/lgadomski +gecos: Leslie Gadomski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9OW9LcFExY01KckVpZDZYS044L0laeCs3UkpBRE16eGc= +loginShell: /bin/bash + +dn: cn=Aletta Sivley,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: asivley +uidNumber: 5113 +gidNumber: 1000 +givenName: Aletta +sn: Sivley +cn: Aletta Sivley +homeDirectory: /home/asivley +gecos: Aletta Sivley +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1vek9VdE4zWEY0Ry9LenFVT3dXRG5nPT0= +loginShell: /bin/bash + +dn: cn=Larry Buchtel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lbuchtel +uidNumber: 5114 +gidNumber: 1000 +givenName: Larry +sn: Buchtel +cn: Larry Buchtel +homeDirectory: /home/lbuchtel +gecos: Larry Buchtel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1sdW9oZElaYmsrWWZjUkpPeGJVQkVnPT0= +loginShell: /bin/bash + +dn: cn=Zoe Bracamonte+uid=zbracamonte,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zbracamonte +uidNumber: 5115 +gidNumber: 1000 +givenName: Zoe +sn: Bracamonte +cn: Zoe Bracamonte +homeDirectory: /home/zbracamonte +gecos: Zoe Bracamonte +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aGF0cmVk +loginShell: /bin/bash + +dn: uid=lleagjeld,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lleagjeld +uidNumber: 5116 +gidNumber: 1000 +givenName: Laura +sn: Leagjeld +cn: Laura Leagjeld +homeDirectory: /home/lleagjeld +gecos: Laura Leagjeld +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9YThBSmtZR1NyelY5Vk5sYkQvVU9XL3dRdFJqMVozN2U= +loginShell: /bin/bash + +dn: cn=Hortense Dyner,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hdyner +uidNumber: 5117 +gidNumber: 1000 +givenName: Hortense +sn: Dyner +cn: Hortense Dyner +homeDirectory: /home/hdyner +gecos: Hortense Dyner +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RUxHMThFbXN2OGVKZjhPNUpWYVVJck5IcVdjPQ== +loginShell: /bin/bash + +dn: cn=Orlene Mcdaid,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: omcdaid +uidNumber: 5118 +gidNumber: 1000 +givenName: Orlene +sn: Mcdaid +cn: Orlene Mcdaid +homeDirectory: /home/omcdaid +gecos: Orlene Mcdaid +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX11di9saDlzYTNGY1IxUndQeDhmVVBRPT0= +loginShell: /bin/bash + +dn: uid=dpebbles,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dpebbles +uidNumber: 5119 +gidNumber: 1000 +givenName: Dolly +sn: Pebbles +cn: Dolly Pebbles +homeDirectory: /home/dpebbles +gecos: Dolly Pebbles +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9YW5sWVRHZXRBakZPN254cVd6SnVDSUNjWXk0PQ== +loginShell: /bin/bash + +dn: uid=bwhang,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bwhang +uidNumber: 5120 +gidNumber: 1000 +givenName: Boloetse +sn: Whang +cn: Boloetse Whang +homeDirectory: /home/bwhang +gecos: Boloetse Whang +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1ITzBYVkVOb0RwbUdKcUFRTG41TDB3PT0= +loginShell: /bin/bash + +dn: cn=Oliwa Marples+uid=omarples,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: omarples +uidNumber: 5121 +gidNumber: 1000 +givenName: Oliwa +sn: Marples +cn: Oliwa Marples +homeDirectory: /home/omarples +gecos: Oliwa Marples +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1iVEFFNndJMk1oUE5DaEh5ckNLUnVRPT0= +loginShell: /bin/bash + +dn: cn=Winifred Cloke/Cloak,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wclokecloak +uidNumber: 5122 +gidNumber: 1000 +givenName: Winifred +sn: Cloke/Cloak +cn: Winifred Cloke/Cloak +homeDirectory: /home/wclokecloak +gecos: Winifred Cloke/Cloak +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: dHlwaHVzJ3M= +loginShell: /bin/bash + +dn: uid=uslavinski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: uslavinski +uidNumber: 5123 +gidNumber: 1000 +givenName: Ursula +sn: Slavinski +cn: Ursula Slavinski +homeDirectory: /home/uslavinski +gecos: Ursula Slavinski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9K2g2d3RIc1Jmay9NK2Roa2ZEREY0Ly9vLzdRV1NtQ0U= +loginShell: /bin/bash + +dn: uid=oebrani,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: oebrani +uidNumber: 5124 +gidNumber: 1000 +givenName: Ofelia +sn: Ebrani +cn: Ofelia Ebrani +homeDirectory: /home/oebrani +gecos: Ofelia Ebrani +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX12YW84SUtQamhSV1pVVTk4YStYMkx3PT0= +loginShell: /bin/bash + +dn: uid=pfloerke,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pfloerke +uidNumber: 5125 +gidNumber: 1000 +givenName: Pilar +sn: Floerke +cn: Pilar Floerke +homeDirectory: /home/pfloerke +gecos: Pilar Floerke +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1KQm1RZit0MWRUMXo3ejBMWUZKUGhBPT0= +loginShell: /bin/bash + +dn: uid=fcunard,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fcunard +uidNumber: 5126 +gidNumber: 1000 +givenName: Francisco +sn: Cunard +cn: Francisco Cunard +homeDirectory: /home/fcunard +gecos: Francisco Cunard +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cGhpbG9zb3BoeSdz +loginShell: /bin/bash + +dn: cn=Fritz Savela,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fsavela +uidNumber: 5127 +gidNumber: 1000 +givenName: Fritz +sn: Savela +cn: Fritz Savela +homeDirectory: /home/fsavela +gecos: Fritz Savela +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXkvTDdZVm5kY2l4YlE= +loginShell: /bin/bash + +dn: cn=Paine Biggart+uid=pbiggart,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pbiggart +uidNumber: 5128 +gidNumber: 1000 +givenName: Paine +sn: Biggart +cn: Paine Biggart +homeDirectory: /home/pbiggart +gecos: Paine Biggart +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfS5CVkFITEg3Z2JWaDY= +loginShell: /bin/bash + +dn: uid=sgefroh,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sgefroh +uidNumber: 5129 +gidNumber: 1000 +givenName: Samuel +sn: Gefroh +cn: Samuel Gefroh +homeDirectory: /home/sgefroh +gecos: Samuel Gefroh +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVMxbWpXdDlzSU9NU0k= +loginShell: /bin/bash + +dn: uid=dpolashek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dpolashek +uidNumber: 5130 +gidNumber: 1000 +givenName: Danny +sn: Polashek +cn: Danny Polashek +homeDirectory: /home/dpolashek +gecos: Danny Polashek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUM4ZEU4ZFBKem1jTTY= +loginShell: /bin/bash + +dn: cn=Blanch Helscher+uid=bhelscher,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bhelscher +uidNumber: 5131 +gidNumber: 1000 +givenName: Blanch +sn: Helscher +cn: Blanch Helscher +homeDirectory: /home/bhelscher +gecos: Blanch Helscher +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YWxsaWFuY2Vz +loginShell: /bin/bash + +dn: uid=ksollitto,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ksollitto +uidNumber: 5132 +gidNumber: 1000 +givenName: Kong-rey +sn: Sollitto +cn: Kong-rey Sollitto +homeDirectory: /home/ksollitto +gecos: Kong-rey Sollitto +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1HUy9HQ2x2cTBsRjlQVGFQQU5lSWNBPT0= +loginShell: /bin/bash + +dn: cn=Tony Crissinger+uid=tcrissinger,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tcrissinger +uidNumber: 5133 +gidNumber: 1000 +givenName: Tony +sn: Crissinger +cn: Tony Crissinger +homeDirectory: /home/tcrissinger +gecos: Tony Crissinger +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9emQyakd5QmVpZndFa3dCMHIzL0ZIK2ZIS2ZjPQ== +loginShell: /bin/bash + +dn: cn=Roslyn Penhale+uid=rpenhale,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rpenhale +uidNumber: 5134 +gidNumber: 1000 +givenName: Roslyn +sn: Penhale +cn: Roslyn Penhale +homeDirectory: /home/rpenhale +gecos: Roslyn Penhale +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWdRYzdubHk3UzBhS00= +loginShell: /bin/bash + +dn: uid=spolmer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: spolmer +uidNumber: 5135 +gidNumber: 1000 +givenName: Seymour +sn: Polmer +cn: Seymour Polmer +homeDirectory: /home/spolmer +gecos: Seymour Polmer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1jM2hKbEgrWk95c0VwUzdrRGV6WDg1eTNhYm89 +loginShell: /bin/bash + +dn: cn=Pali Bondroff,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pbondroff +uidNumber: 5136 +gidNumber: 1000 +givenName: Pali +sn: Bondroff +cn: Pali Bondroff +homeDirectory: /home/pbondroff +gecos: Pali Bondroff +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9R2hlQnMyYWdpamlqV1RlSVZEK3BTL3ZURnpJPQ== +loginShell: /bin/bash + +dn: cn=Seymour Garriss+uid=sgarriss,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sgarriss +uidNumber: 5137 +gidNumber: 1000 +givenName: Seymour +sn: Garriss +cn: Seymour Garriss +homeDirectory: /home/sgarriss +gecos: Seymour Garriss +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX00NWx6OGFFOEZDN2xnbjRPd2w5ZGZhRWd3VUU9 +loginShell: /bin/bash + +dn: cn=Yvette Kimbel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ykimbel +uidNumber: 5138 +gidNumber: 1000 +givenName: Yvette +sn: Kimbel +cn: Yvette Kimbel +homeDirectory: /home/ykimbel +gecos: Yvette Kimbel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1obEhlYkt4RGNaZGI5b1pnbEJkNTVYZ1I0Q0k9 +loginShell: /bin/bash + +dn: uid=jzych,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jzych +uidNumber: 5139 +gidNumber: 1000 +givenName: Joan +sn: Zych +cn: Joan Zych +homeDirectory: /home/jzych +gecos: Joan Zych +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YmlvbG9naXN0 +loginShell: /bin/bash + +dn: cn=Danas Prestia+uid=dprestia,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dprestia +uidNumber: 5140 +gidNumber: 1000 +givenName: Danas +sn: Prestia +cn: Danas Prestia +homeDirectory: /home/dprestia +gecos: Danas Prestia +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1YUytlUlpqd0FUSmFKVkdaVVZpUVJ3PT0= +loginShell: /bin/bash + +dn: uid=lpintor,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lpintor +uidNumber: 5141 +gidNumber: 1000 +givenName: Lester +sn: Pintor +cn: Lester Pintor +homeDirectory: /home/lpintor +gecos: Lester Pintor +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1ZMnhWZk9wbjZuME1qT3lvWldPM213PT0= +loginShell: /bin/bash + +dn: uid=tredfearn,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tredfearn +uidNumber: 5142 +gidNumber: 1000 +givenName: Talas +sn: Redfearn +cn: Talas Redfearn +homeDirectory: /home/tredfearn +gecos: Talas Redfearn +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXQ2TUVJa0cwT0luMy4= +loginShell: /bin/bash + +dn: cn=Khanun Palka+uid=kpalka,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kpalka +uidNumber: 5143 +gidNumber: 1000 +givenName: Khanun +sn: Palka +cn: Khanun Palka +homeDirectory: /home/kpalka +gecos: Khanun Palka +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1MdUF2cll0ZG1GUW1hbGkvWlhONzc2L0U3ZkU9 +loginShell: /bin/bash + +dn: uid=bcolorado,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bcolorado +uidNumber: 5144 +gidNumber: 1000 +givenName: Bruno +sn: Colorado +cn: Bruno Colorado +homeDirectory: /home/bcolorado +gecos: Bruno Colorado +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9VjdwY1FsWHlRMElKS29JVEZTS3c5aE1zSzdVPQ== +loginShell: /bin/bash + +dn: uid=fgarron,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fgarron +uidNumber: 5145 +gidNumber: 1000 +givenName: Fiona +sn: Garron +cn: Fiona Garron +homeDirectory: /home/fgarron +gecos: Fiona Garron +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1BSlhDVHIzQWdnekREN0R2VzQrZkt3PT0= +loginShell: /bin/bash + +dn: cn=Lana Vittum,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lvittum +uidNumber: 5146 +gidNumber: 1000 +givenName: Lana +sn: Vittum +cn: Lana Vittum +homeDirectory: /home/lvittum +gecos: Lana Vittum +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9dTdxR2xXN3lMdTkzd3FXVGVjaDE5RkZLUXBBPQ== +loginShell: /bin/bash + +dn: uid=dsahota,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dsahota +uidNumber: 5147 +gidNumber: 1000 +givenName: Daryl +sn: Sahota +cn: Daryl Sahota +homeDirectory: /home/dsahota +gecos: Daryl Sahota +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9NkVqRXlhNzdUeUEzN1QrNlZPSVZldTU1a2l2NmViOXM= +loginShell: /bin/bash + +dn: cn=Philippe Brohawn+uid=pbrohawn,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pbrohawn +uidNumber: 5148 +gidNumber: 1000 +givenName: Philippe +sn: Brohawn +cn: Philippe Brohawn +homeDirectory: /home/pbrohawn +gecos: Philippe Brohawn +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUFTYzlsb1hFLnVGdWs= +loginShell: /bin/bash + +dn: uid=dlablue,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dlablue +uidNumber: 5149 +gidNumber: 1000 +givenName: David +sn: Lablue +cn: David Lablue +homeDirectory: /home/dlablue +gecos: David Lablue +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1nK0hzd3YybWxhcUJmMHdLMWNiNWNnPT0= +loginShell: /bin/bash + +dn: uid=pcourneya,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pcourneya +uidNumber: 5150 +gidNumber: 1000 +givenName: Prapiroon +sn: Courneya +cn: Prapiroon Courneya +homeDirectory: /home/pcourneya +gecos: Prapiroon Courneya +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWxFdjV5ZGV4UHY4R28= +loginShell: /bin/bash + +dn: uid=plenix,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: plenix +uidNumber: 5151 +gidNumber: 1000 +givenName: Prapiroon +sn: Lenix +cn: Prapiroon Lenix +homeDirectory: /home/plenix +gecos: Prapiroon Lenix +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfU1RN09lR1VqNlFFS0k= +loginShell: /bin/bash + +dn: uid=dlongbotham,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dlongbotham +uidNumber: 5152 +gidNumber: 1000 +givenName: Dalila +sn: Longbotham +cn: Dalila Longbotham +homeDirectory: /home/dlongbotham +gecos: Dalila Longbotham +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX02ZkprbWNKcGplcUNJTndqelpqUXFBPT0= +loginShell: /bin/bash + +dn: uid=gschaumburg,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gschaumburg +uidNumber: 5153 +gidNumber: 1000 +givenName: Gina +sn: Schaumburg +cn: Gina Schaumburg +homeDirectory: /home/gschaumburg +gecos: Gina Schaumburg +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aHlwb2NyaXRpY2Fs +loginShell: /bin/bash + +dn: uid=ofelcher,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ofelcher +uidNumber: 5154 +gidNumber: 1000 +givenName: Olwyn +sn: Felcher +cn: Olwyn Felcher +homeDirectory: /home/ofelcher +gecos: Olwyn Felcher +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9QWlsd00vV2pNZ2pyallTY1B6V1Z3ZWUvY1g1RUpMMk0= +loginShell: /bin/bash + +dn: cn=Paloma Semple+uid=psemple,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: psemple +uidNumber: 5155 +gidNumber: 1000 +givenName: Paloma +sn: Semple +cn: Paloma Semple +homeDirectory: /home/psemple +gecos: Paloma Semple +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1yVHNGQTdUYU9rQ3RhZmhrVno3MXVnPT0= +loginShell: /bin/bash + +dn: uid=kfend,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kfend +uidNumber: 5156 +gidNumber: 1000 +givenName: Koni +sn: Fend +cn: Koni Fend +homeDirectory: /home/kfend +gecos: Koni Fend +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXR0RzNlMFNXOVBQTXM= +loginShell: /bin/bash + +dn: cn=Vivian Dains+uid=vdains,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vdains +uidNumber: 5157 +gidNumber: 1000 +givenName: Vivian +sn: Dains +cn: Vivian Dains +homeDirectory: /home/vdains +gecos: Vivian Dains +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUJSenNRZ3AxR3JvM0E= +loginShell: /bin/bash + +dn: uid=hsabol,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hsabol +uidNumber: 5158 +gidNumber: 1000 +givenName: Hubert +sn: Sabol +cn: Hubert Sabol +homeDirectory: /home/hsabol +gecos: Hubert Sabol +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9S3RFL1VQQUt2TlRPMkZCenEvR3Q0b1VWeXI0PQ== +loginShell: /bin/bash + +dn: uid=lrandall,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lrandall +uidNumber: 5159 +gidNumber: 1000 +givenName: Louise +sn: Randall +cn: Louise Randall +homeDirectory: /home/lrandall +gecos: Louise Randall +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aXRhbGljaXNlcw== +loginShell: /bin/bash + +dn: uid=gportolese,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gportolese +uidNumber: 5160 +gidNumber: 1000 +givenName: Gabrielle +sn: Portolese +cn: Gabrielle Portolese +homeDirectory: /home/gportolese +gecos: Gabrielle Portolese +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1kQnQ5Q0NmaDBIUmppMlJEbUJRTjVBPT0= +loginShell: /bin/bash + +dn: uid=blittman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: blittman +uidNumber: 5161 +gidNumber: 1000 +givenName: Betsy +sn: Littman +cn: Betsy Littman +homeDirectory: /home/blittman +gecos: Betsy Littman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9UFl3ZDJMUkZTQ1pMZGEvQlBJNFEyMDlOUjJFPQ== +loginShell: /bin/bash + +dn: uid=lbassin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lbassin +uidNumber: 5162 +gidNumber: 1000 +givenName: Leon +sn: Bassin +cn: Leon Bassin +homeDirectory: /home/lbassin +gecos: Leon Bassin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: amlncw== +loginShell: /bin/bash + +dn: cn=Usagi Marbury,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: umarbury +uidNumber: 5163 +gidNumber: 1000 +givenName: Usagi +sn: Marbury +cn: Usagi Marbury +homeDirectory: /home/umarbury +gecos: Usagi Marbury +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1OcTdQaGpVVmhpQkYycnRMTzd3TWI1SFJ2OG89 +loginShell: /bin/bash + +dn: uid=hhydrick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hhydrick +uidNumber: 5164 +gidNumber: 1000 +givenName: Halola +sn: Hydrick +cn: Halola Hydrick +homeDirectory: /home/hhydrick +gecos: Halola Hydrick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTF0U2k1Mi9uYTkzOVU= +loginShell: /bin/bash + +dn: uid=kgarced,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kgarced +uidNumber: 5165 +gidNumber: 1000 +givenName: Kyle +sn: Garced +cn: Kyle Garced +homeDirectory: /home/kgarced +gecos: Kyle Garced +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUJyUThpbFhjMXNhYm8= +loginShell: /bin/bash + +dn: uid=kfetters,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kfetters +uidNumber: 5166 +gidNumber: 1000 +givenName: Klaus +sn: Fetters +cn: Klaus Fetters +homeDirectory: /home/kfetters +gecos: Klaus Fetters +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9U0NTUlowM1lLVWsvWkdZZ002VmJzNjFWRDNFPQ== +loginShell: /bin/bash + +dn: uid=cmanno,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cmanno +uidNumber: 5167 +gidNumber: 1000 +givenName: Chanchu +sn: Manno +cn: Chanchu Manno +homeDirectory: /home/cmanno +gecos: Chanchu Manno +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTV2SFM3SVRYWEhGV0U= +loginShell: /bin/bash + +dn: cn=Carina Abare+uid=cabare,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cabare +uidNumber: 5168 +gidNumber: 1000 +givenName: Carina +sn: Abare +cn: Carina Abare +homeDirectory: /home/cabare +gecos: Carina Abare +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y2FkZW5jZSdz +loginShell: /bin/bash + +dn: uid=spolfer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: spolfer +uidNumber: 5169 +gidNumber: 1000 +givenName: Shanshan +sn: Polfer +cn: Shanshan Polfer +homeDirectory: /home/spolfer +gecos: Shanshan Polfer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9eVFzdVNNblNCSnk4TGEvNHg4My9IR0xncEFVPQ== +loginShell: /bin/bash + +dn: cn=Paine Spradling+uid=pspradling,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pspradling +uidNumber: 5170 +gidNumber: 1000 +givenName: Paine +sn: Spradling +cn: Paine Spradling +homeDirectory: /home/pspradling +gecos: Paine Spradling +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9QVRTZHRrSzcvSVhrSnZ0YVFFb3kra01jZW5yWUdNUFE= +loginShell: /bin/bash + +dn: cn=Odile Mullner,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: omullner +uidNumber: 5171 +gidNumber: 1000 +givenName: Odile +sn: Mullner +cn: Odile Mullner +homeDirectory: /home/omullner +gecos: Odile Mullner +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWo1M2M4ZEkuRGJ5L0k= +loginShell: /bin/bash + +dn: uid=pminnis,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pminnis +uidNumber: 5172 +gidNumber: 1000 +givenName: Paine +sn: Minnis +cn: Paine Minnis +homeDirectory: /home/pminnis +gecos: Paine Minnis +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9R2ZpaTMzVktPQXhJZHVORmlpK1F0cGtkWjRUT0hNMUM= +loginShell: /bin/bash + +dn: uid=rheinzmann,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rheinzmann +uidNumber: 5173 +gidNumber: 1000 +givenName: Rugare +sn: Heinzmann +cn: Rugare Heinzmann +homeDirectory: /home/rheinzmann +gecos: Rugare Heinzmann +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX00ZFArT2RITHY3VDJlZ3dXKzlaeWdsUEpiQjA9 +loginShell: /bin/bash + +dn: uid=imicthell,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: imicthell +uidNumber: 5174 +gidNumber: 1000 +givenName: Ivan +sn: Micthell +cn: Ivan Micthell +homeDirectory: /home/imicthell +gecos: Ivan Micthell +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Q0xhY3ZodXh0bml2UXJYemJSMmhzbTVKOC9CVVZ3WXA= +loginShell: /bin/bash + +dn: uid=ilamberth,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ilamberth +uidNumber: 5175 +gidNumber: 1000 +givenName: Isis +sn: Lamberth +cn: Isis Lamberth +homeDirectory: /home/ilamberth +gecos: Isis Lamberth +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9b2tlYUJnYXBFZUFXRjlUZjlsaGhBd1BwS05kOVNPMlY= +loginShell: /bin/bash + +dn: cn=Vongfong Emily,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vemily +uidNumber: 5176 +gidNumber: 1000 +givenName: Vongfong +sn: Emily +cn: Vongfong Emily +homeDirectory: /home/vemily +gecos: Vongfong Emily +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YmFrZXJpZXM= +loginShell: /bin/bash + +dn: uid=atollefsrud,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: atollefsrud +uidNumber: 5177 +gidNumber: 1000 +givenName: Alicia +sn: Tollefsrud +cn: Alicia Tollefsrud +homeDirectory: /home/atollefsrud +gecos: Alicia Tollefsrud +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cFFPQkxrZnlrVzF4Wm43UDR4MVlqWG01akprPQ== +loginShell: /bin/bash + +dn: cn=Bernie Arenales,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: barenales +uidNumber: 5178 +gidNumber: 1000 +givenName: Bernie +sn: Arenales +cn: Bernie Arenales +homeDirectory: /home/barenales +gecos: Bernie Arenales +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1zWEhoV2FBQSs1TjJ6NWE2aXMxenNnPT0= +loginShell: /bin/bash + +dn: uid=tmccannon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tmccannon +uidNumber: 5179 +gidNumber: 1000 +givenName: Talas +sn: Mccannon +cn: Talas Mccannon +homeDirectory: /home/tmccannon +gecos: Talas Mccannon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1NTHNwbkxrU3g0ZkptSFNLN0ZXYU1nPT0= +loginShell: /bin/bash + +dn: cn=Ramon Mandril,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rmandril +uidNumber: 5180 +gidNumber: 1000 +givenName: Ramon +sn: Mandril +cn: Ramon Mandril +homeDirectory: /home/rmandril +gecos: Ramon Mandril +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVhKMnovYlhnVWkyZlE= +loginShell: /bin/bash + +dn: cn=Gillian Mackinder,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gmackinder +uidNumber: 5181 +gidNumber: 1000 +givenName: Gillian +sn: Mackinder +cn: Gillian Mackinder +homeDirectory: /home/gmackinder +gecos: Gillian Mackinder +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9VDFEZ1lTWjJLakJPV1NhcVlHOXdLYUVVZ3NJPQ== +loginShell: /bin/bash + +dn: uid=opuglisi,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: opuglisi +uidNumber: 5182 +gidNumber: 1000 +givenName: Olga +sn: Puglisi +cn: Olga Puglisi +homeDirectory: /home/opuglisi +gecos: Olga Puglisi +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1pZnE3djd3aDRZd1QyaFZUZXFqZzhRPT0= +loginShell: /bin/bash + +dn: cn=Yali Goldson+uid=ygoldson,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ygoldson +uidNumber: 5183 +gidNumber: 1000 +givenName: Yali +sn: Goldson +cn: Yali Goldson +homeDirectory: /home/ygoldson +gecos: Yali Goldson +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1kY0I2eWVYaDNoWVFWTmQrczRDZDYzczdwN0k9 +loginShell: /bin/bash + +dn: cn=Olipa Malvaez+uid=omalvaez,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: omalvaez +uidNumber: 5184 +gidNumber: 1000 +givenName: Olipa +sn: Malvaez +cn: Olipa Malvaez +homeDirectory: /home/omalvaez +gecos: Olipa Malvaez +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9NCtUQzM2a09vYlFnc1o4cjFqaWMrUm9ZaUFBPQ== +loginShell: /bin/bash + +dn: cn=Daphne Greenlun,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dgreenlun +uidNumber: 5185 +gidNumber: 1000 +givenName: Daphne +sn: Greenlun +cn: Daphne Greenlun +homeDirectory: /home/dgreenlun +gecos: Daphne Greenlun +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1aZk9TYjVvcXlOM2ZsVTdKeEFBemQ1VjBkU1E9 +loginShell: /bin/bash + +dn: uid=npremer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: npremer +uidNumber: 5186 +gidNumber: 1000 +givenName: Nangka +sn: Premer +cn: Nangka Premer +homeDirectory: /home/npremer +gecos: Nangka Premer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YWxpZW5hdGlvbidz +loginShell: /bin/bash + +dn: uid=lautovino,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lautovino +uidNumber: 5187 +gidNumber: 1000 +givenName: Louise +sn: Autovino +cn: Louise Autovino +homeDirectory: /home/lautovino +gecos: Louise Autovino +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9NTlsZmJxSVJ5VVNTYU5oeTUzY0lOY3NxTlFlOWF5T0k= +loginShell: /bin/bash + +dn: uid=fwollner,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fwollner +uidNumber: 5188 +gidNumber: 1000 +givenName: Faxai +sn: Wollner +cn: Faxai Wollner +homeDirectory: /home/fwollner +gecos: Faxai Wollner +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfU5UTFVoV0pPVmFJcjY= +loginShell: /bin/bash + +dn: uid=mbroglie,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mbroglie +uidNumber: 5189 +gidNumber: 1000 +givenName: Maysak +sn: Broglie +cn: Maysak Broglie +homeDirectory: /home/mbroglie +gecos: Maysak Broglie +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YWNjZXB0YW5jZXM= +loginShell: /bin/bash + +dn: uid=tmorr,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tmorr +uidNumber: 5190 +gidNumber: 1000 +givenName: Theo +sn: Morr +cn: Theo Morr +homeDirectory: /home/tmorr +gecos: Theo Morr +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUZ6RzludVliUUg0aXM= +loginShell: /bin/bash + +dn: cn=Usta Greenberg+uid=ugreenberg,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ugreenberg +uidNumber: 5191 +gidNumber: 1000 +givenName: Usta +sn: Greenberg +cn: Usta Greenberg +homeDirectory: /home/ugreenberg +gecos: Usta Greenberg +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0vZ0lUT0I3ZU1oT2I2dW1QVW14Vy93PT0= +loginShell: /bin/bash + +dn: cn=Guillermo Earnshaw+uid=gearnshaw,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gearnshaw +uidNumber: 5192 +gidNumber: 1000 +givenName: Guillermo +sn: Earnshaw +cn: Guillermo Earnshaw +homeDirectory: /home/gearnshaw +gecos: Guillermo Earnshaw +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9b25aaHU0b05sWFJDR1Z1MDNncmdMZkF5NVRNbTJqQU4= +loginShell: /bin/bash + +dn: cn=Sadie Scheiern,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sscheiern +uidNumber: 5193 +gidNumber: 1000 +givenName: Sadie +sn: Scheiern +cn: Sadie Scheiern +homeDirectory: /home/sscheiern +gecos: Sadie Scheiern +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1raFFWU3Bzd2JROWhkaHg1bTdDY0hTU0lZYlk9 +loginShell: /bin/bash + +dn: uid=akertzman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: akertzman +uidNumber: 5194 +gidNumber: 1000 +givenName: Atu +sn: Kertzman +cn: Atu Kertzman +homeDirectory: /home/akertzman +gecos: Atu Kertzman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9MitMbWFVU0dWMVV3TEZsRC9WV2tyNmpXblR2enM3TW8= +loginShell: /bin/bash + +dn: uid=mfaeth,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mfaeth +uidNumber: 5195 +gidNumber: 1000 +givenName: Mawar +sn: Faeth +cn: Mawar Faeth +homeDirectory: /home/mfaeth +gecos: Mawar Faeth +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Z29zc2lwJ3M= +loginShell: /bin/bash + +dn: uid=rbrisby,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rbrisby +uidNumber: 5196 +gidNumber: 1000 +givenName: Rose +sn: Brisby +cn: Rose Brisby +homeDirectory: /home/rbrisby +gecos: Rose Brisby +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1EbWVPQ0JweGdmbjZ2Ri9JNjVHdHBnPT0= +loginShell: /bin/bash + +dn: uid=mprim,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mprim +uidNumber: 5197 +gidNumber: 1000 +givenName: Madeline +sn: Prim +cn: Madeline Prim +homeDirectory: /home/mprim +gecos: Madeline Prim +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX16QzZ2NDhZYitRUEVkZHZvektkM3F3PT0= +loginShell: /bin/bash + +dn: cn=Kundai Thornes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kthornes +uidNumber: 5198 +gidNumber: 1000 +givenName: Kundai +sn: Thornes +cn: Kundai Thornes +homeDirectory: /home/kthornes +gecos: Kundai Thornes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX12OUpjM21GRkJlZ0hWT1dOQk5VV3BBPT0= +loginShell: /bin/bash + +dn: uid=imensah,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: imensah +uidNumber: 5199 +gidNumber: 1000 +givenName: Iolana +sn: Mensah +cn: Iolana Mensah +homeDirectory: /home/imensah +gecos: Iolana Mensah +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZW5jb3JlZA== +loginShell: /bin/bash + +dn: cn=Martin Patty,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mpatty +uidNumber: 5200 +gidNumber: 1000 +givenName: Martin +sn: Patty +cn: Martin Patty +homeDirectory: /home/mpatty +gecos: Martin Patty +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTh0ZFhwMEwxbGJmZU0= +loginShell: /bin/bash + +dn: uid=lshilling,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lshilling +uidNumber: 5201 +gidNumber: 1000 +givenName: Liz +sn: Shilling +cn: Liz Shilling +homeDirectory: /home/lshilling +gecos: Liz Shilling +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9d0xmTEpyRU1WZEx3T0FSTkhjbWNRVVVvTUhFdmxJREU= +loginShell: /bin/bash + +dn: uid=lsivic,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lsivic +uidNumber: 5202 +gidNumber: 1000 +givenName: Lane +sn: Sivic +cn: Lane Sivic +homeDirectory: /home/lsivic +gecos: Lane Sivic +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0vQ001S1lid1QxZlFZLzlZRWtXU09RPT0= +loginShell: /bin/bash + +dn: uid=fsapien,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fsapien +uidNumber: 5203 +gidNumber: 1000 +givenName: Fritz +sn: Sapien +cn: Fritz Sapien +homeDirectory: /home/fsapien +gecos: Fritz Sapien +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cG90aG9sZXM= +loginShell: /bin/bash + +dn: uid=senrico,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: senrico +uidNumber: 5204 +gidNumber: 1000 +givenName: Selwyn +sn: Enrico +cn: Selwyn Enrico +homeDirectory: /home/senrico +gecos: Selwyn Enrico +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9OXVQdHcyTU5mMExCRVFIN2Q1M05KWTVzelNjPQ== +loginShell: /bin/bash + +dn: uid=sarndt,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sarndt +uidNumber: 5205 +gidNumber: 1000 +givenName: Sadie +sn: Arndt +cn: Sadie Arndt +homeDirectory: /home/sarndt +gecos: Sadie Arndt +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTl0WlNQUDA2aS5HTHc= +loginShell: /bin/bash + +dn: uid=pviviani,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pviviani +uidNumber: 5206 +gidNumber: 1000 +givenName: Pam +sn: Viviani +cn: Pam Viviani +homeDirectory: /home/pviviani +gecos: Pam Viviani +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfU1QR1QyQjlaV0dvY00= +loginShell: /bin/bash + +dn: cn=Lee Youla,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lyoula +uidNumber: 5207 +gidNumber: 1000 +givenName: Lee +sn: Youla +cn: Lee Youla +homeDirectory: /home/lyoula +gecos: Lee Youla +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YmFsYW5jaW5n +loginShell: /bin/bash + +dn: uid=bconour,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bconour +uidNumber: 5208 +gidNumber: 1000 +givenName: Bruno +sn: Conour +cn: Bruno Conour +homeDirectory: /home/bconour +gecos: Bruno Conour +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfW1BMkxMQTZPSzd3M0E= +loginShell: /bin/bash + +dn: uid=ikadar,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ikadar +uidNumber: 5209 +gidNumber: 1000 +givenName: Ike +sn: Kadar +cn: Ike Kadar +homeDirectory: /home/ikadar +gecos: Ike Kadar +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTVlcTczWFhUTU16ZGc= +loginShell: /bin/bash + +dn: cn=Jaya Spohn,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jspohn +uidNumber: 5210 +gidNumber: 1000 +givenName: Jaya +sn: Spohn +cn: Jaya Spohn +homeDirectory: /home/jspohn +gecos: Jaya Spohn +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bWlsaXRhdGU= +loginShell: /bin/bash + +dn: cn=Dolores Josselyn+uid=djosselyn,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: djosselyn +uidNumber: 5211 +gidNumber: 1000 +givenName: Dolores +sn: Josselyn +cn: Dolores Josselyn +homeDirectory: /home/djosselyn +gecos: Dolores Josselyn +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZW1jZWU= +loginShell: /bin/bash + +dn: uid=hbraskey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hbraskey +uidNumber: 5212 +gidNumber: 1000 +givenName: Hortense +sn: Braskey +cn: Hortense Braskey +homeDirectory: /home/hbraskey +gecos: Hortense Braskey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9Z0lYdVlxOHo4NHJNVm1UaUo1Q0Y3bDdHZEdFPQ== +loginShell: /bin/bash + +dn: uid=gdusen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gdusen +uidNumber: 5213 +gidNumber: 1000 +givenName: Gert +sn: Dusen +cn: Gert Dusen +homeDirectory: /home/gdusen +gecos: Gert Dusen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVl2dFlpa09qc3NVQlE= +loginShell: /bin/bash + +dn: cn=Roxanne Zilahi,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rzilahi +uidNumber: 5214 +gidNumber: 1000 +givenName: Roxanne +sn: Zilahi +cn: Roxanne Zilahi +homeDirectory: /home/rzilahi +gecos: Roxanne Zilahi +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1hY3lFRXBsNzQwMGI3YXVTb0F4NHpUNlI1U289 +loginShell: /bin/bash + +dn: uid=wdovey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wdovey +uidNumber: 5215 +gidNumber: 1000 +givenName: Whitney +sn: Dovey +cn: Whitney Dovey +homeDirectory: /home/wdovey +gecos: Whitney Dovey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfS5tbm1BYUd6M1p5bm8= +loginShell: /bin/bash + +dn: uid=lvanconant,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lvanconant +uidNumber: 5216 +gidNumber: 1000 +givenName: Leslie +sn: Vanconant +cn: Leslie Vanconant +homeDirectory: /home/lvanconant +gecos: Leslie Vanconant +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX15SFpiaGtLS3FtVFFYOElybmZoM21mV3VTWlU9 +loginShell: /bin/bash + +dn: cn=Frances Beatrice+uid=fbeatrice,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fbeatrice +uidNumber: 5217 +gidNumber: 1000 +givenName: Frances +sn: Beatrice +cn: Frances Beatrice +homeDirectory: /home/fbeatrice +gecos: Frances Beatrice +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1CNDdSU3U5Z1lrbjhmTUpMU2p1WStnPT0= +loginShell: /bin/bash + +dn: uid=lpaglialunga,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lpaglialunga +uidNumber: 5218 +gidNumber: 1000 +givenName: Lana +sn: Paglialunga +cn: Lana Paglialunga +homeDirectory: /home/lpaglialunga +gecos: Lana Paglialunga +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3RyZXRjaGluZw== +loginShell: /bin/bash + +dn: uid=ecordas,ou=lotsofpeople,dc=test,dc=tld +uid: ecordas +uidNumber: 5219 +gidNumber: 1000 +givenName: Elida +sn: Cordas +cn: Elida Cordas +homeDirectory: /home/ecordas +gecos: Elida Cordas +shadowWarning: 7 +shadowInactive: 2 +userPassword:: e1NIQX1JYWwrVHB4dU0vNlArcTB1dHc2SW04bDB4TDA9 +loginShell: /bin/bash +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson + +dn: cn=Alison Dishaw,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: adishaw +uidNumber: 5220 +gidNumber: 1000 +givenName: Alison +sn: Dishaw +cn: Alison Dishaw +homeDirectory: /home/adishaw +gecos: Alison Dishaw +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1yYXVRYTR0MkZMSVJnM0NNWjlKOEwwUjFuQW89 +loginShell: /bin/bash + +dn: uid=wcreggett,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wcreggett +uidNumber: 5221 +gidNumber: 1000 +givenName: Winsome +sn: Creggett +cn: Winsome Creggett +homeDirectory: /home/wcreggett +gecos: Winsome Creggett +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZGV0ZWN0b3Jz +loginShell: /bin/bash + +dn: uid=jsenavanh,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jsenavanh +uidNumber: 5222 +gidNumber: 1000 +givenName: Julia +sn: Senavanh +cn: Julia Senavanh +homeDirectory: /home/jsenavanh +gecos: Julia Senavanh +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWJuLmpuR2Iubk50Vk0= +loginShell: /bin/bash + +dn: uid=jkimpton,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jkimpton +uidNumber: 5223 +gidNumber: 1000 +givenName: Jimena +sn: Kimpton +cn: Jimena Kimpton +homeDirectory: /home/jkimpton +gecos: Jimena Kimpton +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWFMVXB2ZDVHMS9NZk0= +loginShell: /bin/bash + +dn: uid=hharian,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hharian +uidNumber: 5224 +gidNumber: 1000 +givenName: Hector +sn: Harian +cn: Hector Harian +homeDirectory: /home/hharian +gecos: Hector Harian +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9eEFJUWsrUlhIcEp1Vi8xUlFGQWpXMCtVcEc0PQ== +loginShell: /bin/bash + +dn: uid=rpitter,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rpitter +uidNumber: 5225 +gidNumber: 1000 +givenName: Rosa +sn: Pitter +cn: Rosa Pitter +homeDirectory: /home/rpitter +gecos: Rosa Pitter +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ZHFhQm0xamdNa051Mmh6VUVuWFVzUDBXNDBnPQ== +loginShell: /bin/bash + +dn: cn=Ramon Bernhagen+uid=rbernhagen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rbernhagen +uidNumber: 5226 +gidNumber: 1000 +givenName: Ramon +sn: Bernhagen +cn: Ramon Bernhagen +homeDirectory: /home/rbernhagen +gecos: Ramon Bernhagen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bWFsbGV0 +loginShell: /bin/bash + +dn: uid=klurie,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: klurie +uidNumber: 5227 +gidNumber: 1000 +givenName: Kanmuri +sn: Lurie +cn: Kanmuri Lurie +homeDirectory: /home/klurie +gecos: Kanmuri Lurie +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bWFzcXVlcmFkZSdz +loginShell: /bin/bash + +dn: uid=rboelk,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rboelk +uidNumber: 5228 +gidNumber: 1000 +givenName: Rose +sn: Boelk +cn: Rose Boelk +homeDirectory: /home/rboelk +gecos: Rose Boelk +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1GcnR6dlZLYzhRbVdPaS9Gak8yM0JvWUhmbG89 +loginShell: /bin/bash + +dn: uid=esthill,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: esthill +uidNumber: 5229 +gidNumber: 1000 +givenName: Evan +sn: Sthill +cn: Evan Sthill +homeDirectory: /home/esthill +gecos: Evan Sthill +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aG9saW5lc3M= +loginShell: /bin/bash + +dn: cn=Tammie Sepulueda+uid=tsepulueda,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tsepulueda +uidNumber: 5230 +gidNumber: 1000 +givenName: Tammie +sn: Sepulueda +cn: Tammie Sepulueda +homeDirectory: /home/tsepulueda +gecos: Tammie Sepulueda +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aW5hcnRpY3VsYXRl +loginShell: /bin/bash + +dn: cn=Philippe Brentano,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pbrentano +uidNumber: 5231 +gidNumber: 1000 +givenName: Philippe +sn: Brentano +cn: Philippe Brentano +homeDirectory: /home/pbrentano +gecos: Philippe Brentano +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9aWlJRkJvdHlxZEFVU1AzWDJwQ1NDOVJUd0Q1ZzhlUno= +loginShell: /bin/bash + +dn: uid=swilken,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: swilken +uidNumber: 5232 +gidNumber: 1000 +givenName: Sonca +sn: Wilken +cn: Sonca Wilken +homeDirectory: /home/swilken +gecos: Sonca Wilken +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1JM29IU0gzakF1RE03UXFtMDVDQ2ZqNlhHNGc9 +loginShell: /bin/bash + +dn: cn=Katse Tolontino+uid=ktolontino,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ktolontino +uidNumber: 5233 +gidNumber: 1000 +givenName: Katse +sn: Tolontino +cn: Katse Tolontino +homeDirectory: /home/ktolontino +gecos: Katse Tolontino +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bnVkaXR5 +loginShell: /bin/bash + +dn: uid=emongelli,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: emongelli +uidNumber: 5234 +gidNumber: 1000 +givenName: Etau +sn: Mongelli +cn: Etau Mongelli +homeDirectory: /home/emongelli +gecos: Etau Mongelli +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1hb3ZQUFVHU3Mrbmd2NElVRXdhRGZRPT0= +loginShell: /bin/bash + +dn: cn=Nadety Glaspy+uid=nglaspy,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nglaspy +uidNumber: 5235 +gidNumber: 1000 +givenName: Nadety +sn: Glaspy +cn: Nadety Glaspy +homeDirectory: /home/nglaspy +gecos: Nadety Glaspy +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9aTRaelYrV0NZK0JORjJHbTYzVHAwNlhPVm5vPQ== +loginShell: /bin/bash + +dn: uid=fparness,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fparness +uidNumber: 5236 +gidNumber: 1000 +givenName: Franklin +sn: Parness +cn: Franklin Parness +homeDirectory: /home/fparness +gecos: Franklin Parness +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1zdi80QUhTa0JUam9leEFsSHlBQ2p3PT0= +loginShell: /bin/bash + +dn: cn=Upia Rosentrance+uid=urosentrance,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: urosentrance +uidNumber: 5237 +gidNumber: 1000 +givenName: Upia +sn: Rosentrance +cn: Upia Rosentrance +homeDirectory: /home/urosentrance +gecos: Upia Rosentrance +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1NVnBITXcxS2o5WG42V29hZmFLcFpITDM5REE9 +loginShell: /bin/bash + +dn: uid=astrunk,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: astrunk +uidNumber: 5238 +gidNumber: 1000 +givenName: Atu +sn: Strunk +cn: Atu Strunk +homeDirectory: /home/astrunk +gecos: Atu Strunk +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1OZ0FTWkdqcFJieTA4RnA5eTk4b0xvM3lLTXM9 +loginShell: /bin/bash + +dn: uid=gmilian,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gmilian +uidNumber: 5239 +gidNumber: 1000 +givenName: Gaston +sn: Milian +cn: Gaston Milian +homeDirectory: /home/gmilian +gecos: Gaston Milian +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUYwemNoUkJIbEpPUjY= +loginShell: /bin/bash + +dn: uid=lburmester,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lburmester +uidNumber: 5240 +gidNumber: 1000 +givenName: Lorena +sn: Burmester +cn: Lorena Burmester +homeDirectory: /home/lburmester +gecos: Lorena Burmester +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1QMHVSWnRFZS9acHIzc3N5N0t5UzdxQzFRS0E9 +loginShell: /bin/bash + +dn: uid=ggillim,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ggillim +uidNumber: 5241 +gidNumber: 1000 +givenName: Gaemi +sn: Gillim +cn: Gaemi Gillim +homeDirectory: /home/ggillim +gecos: Gaemi Gillim +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0zVCt6VTdVUy9wbjVWSEVDVGE3Z2xab2lrRjA9 +loginShell: /bin/bash + +dn: uid=puniacke,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: puniacke +uidNumber: 5242 +gidNumber: 1000 +givenName: Patty +sn: Uniacke +cn: Patty Uniacke +homeDirectory: /home/puniacke +gecos: Patty Uniacke +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX14d0tSeTh6SUpOVjdJa05KNWtQelhBPT0= +loginShell: /bin/bash + +dn: uid=okave,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: okave +uidNumber: 5243 +gidNumber: 1000 +givenName: Owen +sn: Kave +cn: Owen Kave +homeDirectory: /home/okave +gecos: Owen Kave +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXBLNGRkUGpXRGdNZTI= +loginShell: /bin/bash + +dn: uid=enastasi,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: enastasi +uidNumber: 5244 +gidNumber: 1000 +givenName: Elisa +sn: Nastasi +cn: Elisa Nastasi +homeDirectory: /home/enastasi +gecos: Elisa Nastasi +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX03b2tqRGpHUCs4MGd5QmpuL2VYMk5BPT0= +loginShell: /bin/bash + +dn: uid=bzaeske,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bzaeske +uidNumber: 5245 +gidNumber: 1000 +givenName: Bernie +sn: Zaeske +cn: Bernie Zaeske +homeDirectory: /home/bzaeske +gecos: Bernie Zaeske +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9WU9ScXNxQ2w1SkxpcS83WjdOWld0TEhlMEZBPQ== +loginShell: /bin/bash + +dn: uid=garchambeault,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: garchambeault +uidNumber: 5246 +gidNumber: 1000 +givenName: Gaston +sn: Archambeault +cn: Gaston Archambeault +homeDirectory: /home/garchambeault +gecos: Gaston Archambeault +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1wTExTRDBWb003emF4QzV6N2Exa3dBPT0= +loginShell: /bin/bash + +dn: uid=hmagsby,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hmagsby +uidNumber: 5247 +gidNumber: 1000 +givenName: Hilda +sn: Magsby +cn: Hilda Magsby +homeDirectory: /home/hmagsby +gecos: Hilda Magsby +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9OE9DSVhqanlxdTBGU3E0MTVJODNUMk1wbGhMcGdUQW0= +loginShell: /bin/bash + +dn: uid=tsearle,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tsearle +uidNumber: 5248 +gidNumber: 1000 +givenName: Tim +sn: Searle +cn: Tim Searle +homeDirectory: /home/tsearle +gecos: Tim Searle +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: VGh1cnNkYXkncw== +loginShell: /bin/bash + +dn: uid=prigney,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: prigney +uidNumber: 5249 +gidNumber: 1000 +givenName: Patty +sn: Rigney +cn: Patty Rigney +homeDirectory: /home/prigney +gecos: Patty Rigney +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y2FiYmVk +loginShell: /bin/bash + +dn: uid=kmedcaf,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kmedcaf +uidNumber: 5250 +gidNumber: 1000 +givenName: Koko +sn: Medcaf +cn: Koko Medcaf +homeDirectory: /home/kmedcaf +gecos: Koko Medcaf +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVZyenNDc2VMNmgwVm8= +loginShell: /bin/bash + +dn: uid=ckreidler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ckreidler +uidNumber: 5251 +gidNumber: 1000 +givenName: Calvin +sn: Kreidler +cn: Calvin Kreidler +homeDirectory: /home/ckreidler +gecos: Calvin Kreidler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTZOdHZ4Mmk3NjhXLy4= +loginShell: /bin/bash + +dn: cn=Niala Giesler+uid=ngiesler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ngiesler +uidNumber: 5252 +gidNumber: 1000 +givenName: Niala +sn: Giesler +cn: Niala Giesler +homeDirectory: /home/ngiesler +gecos: Niala Giesler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1jbFhoRTdHMUNnbFJhTWpZNkwxOUsxMVJiRGs9 +loginShell: /bin/bash + +dn: uid=wmellott,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wmellott +uidNumber: 5253 +gidNumber: 1000 +givenName: Washi +sn: Mellott +cn: Washi Mellott +homeDirectory: /home/wmellott +gecos: Washi Mellott +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVd0SnBhcGZLQm1TZFE= +loginShell: /bin/bash + +dn: uid=ndesautels,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ndesautels +uidNumber: 5254 +gidNumber: 1000 +givenName: Nock-ten +sn: Desautels +cn: Nock-ten Desautels +homeDirectory: /home/ndesautels +gecos: Nock-ten Desautels +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: anVkaWNpb3Vz +loginShell: /bin/bash + +dn: cn=Ione Renick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: irenick +uidNumber: 5255 +gidNumber: 1000 +givenName: Ione +sn: Renick +cn: Ione Renick +homeDirectory: /home/irenick +gecos: Ione Renick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9c3JZN2JYaE5ZTDJQcHB0M0RlZHRIWFArc1Rvem5FSjk= +loginShell: /bin/bash + +dn: uid=vdelnegro,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vdelnegro +uidNumber: 5256 +gidNumber: 1000 +givenName: Vamco +sn: Delnegro +cn: Vamco Delnegro +homeDirectory: /home/vdelnegro +gecos: Vamco Delnegro +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfW81R2RmSHVHcGRwMEk= +loginShell: /bin/bash + +dn: cn=Max Weiss,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mweiss +uidNumber: 5257 +gidNumber: 1000 +givenName: Max +sn: Weiss +cn: Max Weiss +homeDirectory: /home/mweiss +gecos: Max Weiss +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1rVzlPc3hLc2RVRnVoVWtTY1l0NVZ1R2dzZnM9 +loginShell: /bin/bash + +dn: cn=Rafael Krallis+uid=rkrallis,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rkrallis +uidNumber: 5258 +gidNumber: 1000 +givenName: Rafael +sn: Krallis +cn: Rafael Krallis +homeDirectory: /home/rkrallis +gecos: Rafael Krallis +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9cDdRQ0gya2FXSW83TUxWbEw1b002UkRjR3BYczltYTY= +loginShell: /bin/bash + +dn: uid=slaforge,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: slaforge +uidNumber: 5259 +gidNumber: 1000 +givenName: Sebastien +sn: Laforge +cn: Sebastien Laforge +homeDirectory: /home/slaforge +gecos: Sebastien Laforge +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfThDdFQxaVI3bWZmVmM= +loginShell: /bin/bash + +dn: uid=isteinlicht,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: isteinlicht +uidNumber: 5260 +gidNumber: 1000 +givenName: Ila +sn: Steinlicht +cn: Ila Steinlicht +homeDirectory: /home/isteinlicht +gecos: Ila Steinlicht +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9UWtuMFdLSVg4TGQ2SU5tb3g2ZHJxQzlTdFY0PQ== +loginShell: /bin/bash + +dn: uid=sshearon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sshearon +uidNumber: 5261 +gidNumber: 1000 +givenName: Soulik +sn: Shearon +cn: Soulik Shearon +homeDirectory: /home/sshearon +gecos: Soulik Shearon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX15UEJYMVpXTGpCMGxZSFQvVWVZNUhRPT0= +loginShell: /bin/bash + +dn: uid=rguinane,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rguinane +uidNumber: 5262 +gidNumber: 1000 +givenName: Rusa +sn: Guinane +cn: Rusa Guinane +homeDirectory: /home/rguinane +gecos: Rusa Guinane +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1WT1N5aHU5NFQrOGYrMGZYY2wrMGV0NVZ4YUU9 +loginShell: /bin/bash + +dn: cn=Iggy Wininger,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: iwininger +uidNumber: 5263 +gidNumber: 1000 +givenName: Iggy +sn: Wininger +cn: Iggy Wininger +homeDirectory: /home/iwininger +gecos: Iggy Wininger +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1UZDV2dGNVL2lMRm1lb1l0OWRwYitBPT0= +loginShell: /bin/bash + +dn: uid=osaines,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: osaines +uidNumber: 5264 +gidNumber: 1000 +givenName: Otile +sn: Saines +cn: Otile Saines +homeDirectory: /home/osaines +gecos: Otile Saines +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9MHNVZ05kejNKVXhreG1pd3pWK2FwTG4vcURFUzhnREg= +loginShell: /bin/bash + +dn: cn=Igo Ogasawara+uid=iogasawara,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: iogasawara +uidNumber: 5265 +gidNumber: 1000 +givenName: Igo +sn: Ogasawara +cn: Igo Ogasawara +homeDirectory: /home/iogasawara +gecos: Igo Ogasawara +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX02bVJjZTBwemJnajZnazZXNjNSQ0I0dFB0dE09 +loginShell: /bin/bash + +dn: uid=gcurnutt,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gcurnutt +uidNumber: 5266 +gidNumber: 1000 +givenName: Guchol +sn: Curnutt +cn: Guchol Curnutt +homeDirectory: /home/gcurnutt +gecos: Guchol Curnutt +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9UkVlWWgzZmRSUnpyU2JFOVhBOG9qTXcwTFZjPQ== +loginShell: /bin/bash + +dn: cn=Tim Singeltary,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tsingeltary +uidNumber: 5267 +gidNumber: 1000 +givenName: Tim +sn: Singeltary +cn: Tim Singeltary +homeDirectory: /home/tsingeltary +gecos: Tim Singeltary +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9YTJsYW9pclpHdWJjN3dnMm40cVNnTVcvUnpBPQ== +loginShell: /bin/bash + +dn: uid=alamour,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: alamour +uidNumber: 5268 +gidNumber: 1000 +givenName: Arlene +sn: Lamour +cn: Arlene Lamour +homeDirectory: /home/alamour +gecos: Arlene Lamour +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1XQU1TWUxRRHlhQ0JzMVB6U0FxN0ZBPT0= +loginShell: /bin/bash + +dn: uid=ncrissler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ncrissler +uidNumber: 5269 +gidNumber: 1000 +givenName: Nancy +sn: Crissler +cn: Nancy Crissler +homeDirectory: /home/ncrissler +gecos: Nancy Crissler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXl0U1VraDkvTDhxZ2s= +loginShell: /bin/bash + +dn: uid=trofkahr,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: trofkahr +uidNumber: 5270 +gidNumber: 1000 +givenName: Terri +sn: Rofkahr +cn: Terri Rofkahr +homeDirectory: /home/trofkahr +gecos: Terri Rofkahr +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX00Z2MveGlqYjRHOGl5UytEeU5NMHNRPT0= +loginShell: /bin/bash + +dn: uid=lcoller,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lcoller +uidNumber: 5271 +gidNumber: 1000 +givenName: Leo +sn: Coller +cn: Leo Coller +homeDirectory: /home/lcoller +gecos: Leo Coller +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfU9pUW9MUkpBNWpMS2s= +loginShell: /bin/bash + +dn: uid=jjumalon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jjumalon +uidNumber: 5272 +gidNumber: 1000 +givenName: Juliette +sn: Jumalon +cn: Juliette Jumalon +homeDirectory: /home/jjumalon +gecos: Juliette Jumalon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0vSHA0YjFWWFF4cnozeDlHN0tyeSt0aTNIZnM9 +loginShell: /bin/bash + +dn: uid=hpascarella,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hpascarella +uidNumber: 5273 +gidNumber: 1000 +givenName: Hamish +sn: Pascarella +cn: Hamish Pascarella +homeDirectory: /home/hpascarella +gecos: Hamish Pascarella +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1UZENxdjBoVFlLNWNlY3Q2QzdVMHRWT016c1E9 +loginShell: /bin/bash + +dn: uid=vstirman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vstirman +uidNumber: 5274 +gidNumber: 1000 +givenName: Vaianu +sn: Stirman +cn: Vaianu Stirman +homeDirectory: /home/vstirman +gecos: Vaianu Stirman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZGVkdWN0 +loginShell: /bin/bash + +dn: uid=tlana,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tlana +uidNumber: 5275 +gidNumber: 1000 +givenName: Trevor +sn: Lana +cn: Trevor Lana +homeDirectory: /home/tlana +gecos: Trevor Lana +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9OStoYzdkenFHeHY0ZTUxOWhrWWREcHRuejZVS1hMdy8= +loginShell: /bin/bash + +dn: uid=gwaud,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gwaud +uidNumber: 5276 +gidNumber: 1000 +givenName: Grant +sn: Waud +cn: Grant Waud +homeDirectory: /home/gwaud +gecos: Grant Waud +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9b29BMFRvUUpvb0lVWitUYVlnc05qeXNqTmNaMWJDYTk= +loginShell: /bin/bash + +dn: uid=hhartranft,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hhartranft +uidNumber: 5277 +gidNumber: 1000 +givenName: Harvey +sn: Hartranft +cn: Harvey Hartranft +homeDirectory: /home/hhartranft +gecos: Harvey Hartranft +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1DTWhUWjBJRnVGbFBMdE8vMkM3MW53PT0= +loginShell: /bin/bash + +dn: cn=Ernie Peterson+uid=epeterson,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: epeterson +uidNumber: 5278 +gidNumber: 1000 +givenName: Ernie +sn: Peterson +cn: Ernie Peterson +homeDirectory: /home/epeterson +gecos: Ernie Peterson +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1kQ3I1cW5qR2RSM0lzM05xNFhjTjhRPT0= +loginShell: /bin/bash + +dn: cn=Karl Sharma,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ksharma +uidNumber: 5279 +gidNumber: 1000 +givenName: Karl +sn: Sharma +cn: Karl Sharma +homeDirectory: /home/ksharma +gecos: Karl Sharma +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1vWjZtSWhnc1k5M0JtN0lzM3BncmdnPT0= +loginShell: /bin/bash + +dn: uid=ahalcom,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ahalcom +uidNumber: 5280 +gidNumber: 1000 +givenName: Amelia +sn: Halcom +cn: Amelia Halcom +homeDirectory: /home/ahalcom +gecos: Amelia Halcom +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVFSWU40aXVXS0RrSEE= +loginShell: /bin/bash + +dn: uid=bnibbs,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bnibbs +uidNumber: 5281 +gidNumber: 1000 +givenName: Blas +sn: Nibbs +cn: Blas Nibbs +homeDirectory: /home/bnibbs +gecos: Blas Nibbs +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1FS2FxSG9tOE5jY3NHcVVpbGxsVjZNUCsyY1k9 +loginShell: /bin/bash + +dn: uid=gshelhorse,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gshelhorse +uidNumber: 5282 +gidNumber: 1000 +givenName: Gilbert +sn: Shelhorse +cn: Gilbert Shelhorse +homeDirectory: /home/gshelhorse +gecos: Gilbert Shelhorse +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1GakVMRGxMMVplTWp0cXdodllXa0JBPT0= +loginShell: /bin/bash + +dn: uid=mkumar,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mkumar +uidNumber: 5283 +gidNumber: 1000 +givenName: Moke +sn: Kumar +cn: Moke Kumar +homeDirectory: /home/mkumar +gecos: Moke Kumar +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfU9GRnBSeDZqdHY5NGM= +loginShell: /bin/bash + +dn: cn=Alfred Lichtenwalter,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: alichtenwalter +uidNumber: 5284 +gidNumber: 1000 +givenName: Alfred +sn: Lichtenwalter +cn: Alfred Lichtenwalter +homeDirectory: /home/alichtenwalter +gecos: Alfred Lichtenwalter +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cHJvcw== +loginShell: /bin/bash + +dn: uid=lnooman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lnooman +uidNumber: 5285 +gidNumber: 1000 +givenName: Leo +sn: Nooman +cn: Leo Nooman +homeDirectory: /home/lnooman +gecos: Leo Nooman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y3VycmFudHM= +loginShell: /bin/bash + +dn: uid=vmedici,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vmedici +uidNumber: 5286 +gidNumber: 1000 +givenName: Vania +sn: Medici +cn: Vania Medici +homeDirectory: /home/vmedici +gecos: Vania Medici +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9NzNPMDRPdFRRM01uRm5MWFZRa0xmOXZrdE1MVjVMYm8= +loginShell: /bin/bash + +dn: cn=Octave Reynero+uid=oreynero,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: oreynero +uidNumber: 5287 +gidNumber: 1000 +givenName: Octave +sn: Reynero +cn: Octave Reynero +homeDirectory: /home/oreynero +gecos: Octave Reynero +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9cUVrTEV3TitXSklTc0JKT2s0MVR2dzl2NmxrS1hkWnQ= +loginShell: /bin/bash + +dn: uid=tlorona,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tlorona +uidNumber: 5288 +gidNumber: 1000 +givenName: Trina +sn: Lorona +cn: Trina Lorona +homeDirectory: /home/tlorona +gecos: Trina Lorona +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0yQ29zeHlRMWRJSkNqeGorb3dDMXlBPT0= +loginShell: /bin/bash + +dn: uid=tnitzel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tnitzel +uidNumber: 5289 +gidNumber: 1000 +givenName: Tasha +sn: Nitzel +cn: Tasha Nitzel +homeDirectory: /home/tnitzel +gecos: Tasha Nitzel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1ZN1k2YnE0SlFDNUpNOVVXUkJHa3YvQUZkdHM9 +loginShell: /bin/bash + +dn: uid=bbabst,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bbabst +uidNumber: 5290 +gidNumber: 1000 +givenName: Bopha +sn: Babst +cn: Bopha Babst +homeDirectory: /home/bbabst +gecos: Bopha Babst +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1NTWhWeXdMdDdLR3RwaUtUb2VGUWtUcENTN1k9 +loginShell: /bin/bash + +dn: cn=Beulah Wiggins+uid=bwiggins,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bwiggins +uidNumber: 5291 +gidNumber: 1000 +givenName: Beulah +sn: Wiggins +cn: Beulah Wiggins +homeDirectory: /home/bwiggins +gecos: Beulah Wiggins +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0vMnBSeUxpYmZOUUM3c01adjlJU0R3KzNQM0U9 +loginShell: /bin/bash + +dn: cn=Parma Dziuban+uid=pdziuban,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pdziuban +uidNumber: 5292 +gidNumber: 1000 +givenName: Parma +sn: Dziuban +cn: Parma Dziuban +homeDirectory: /home/pdziuban +gecos: Parma Dziuban +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1yOFlHWHdRWlpiRVV2eDBBV2F0ZnBBPT0= +loginShell: /bin/bash + +dn: uid=smarksberry,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: smarksberry +uidNumber: 5293 +gidNumber: 1000 +givenName: Sheryl +sn: Marksberry +cn: Sheryl Marksberry +homeDirectory: /home/smarksberry +gecos: Sheryl Marksberry +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cXVvdGVk +loginShell: /bin/bash + +dn: uid=gzuhlke,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gzuhlke +uidNumber: 5294 +gidNumber: 1000 +givenName: Guduza +sn: Zuhlke +cn: Guduza Zuhlke +homeDirectory: /home/gzuhlke +gecos: Guduza Zuhlke +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9SlllV2k4Nk9odTA1eHkwRUF0djFOTThSM21jPQ== +loginShell: /bin/bash + +dn: uid=mjeon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mjeon +uidNumber: 5295 +gidNumber: 1000 +givenName: Marinda +sn: Jeon +cn: Marinda Jeon +homeDirectory: /home/mjeon +gecos: Marinda Jeon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9OU9KOTRQSWYyNktLaHJYWk9oTkZvc1RuZ0xBPQ== +loginShell: /bin/bash + +dn: uid=lpavick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lpavick +uidNumber: 5296 +gidNumber: 1000 +givenName: Louise +sn: Pavick +cn: Louise Pavick +homeDirectory: /home/lpavick +gecos: Louise Pavick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9RDE2STRPdjE5WnlpcFZFRFVNa1VBRzlCalRUQ3Y4SXA= +loginShell: /bin/bash + +dn: uid=zweide,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zweide +uidNumber: 5297 +gidNumber: 1000 +givenName: Zoe +sn: Weide +cn: Zoe Weide +homeDirectory: /home/zweide +gecos: Zoe Weide +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZmxlZXQ= +loginShell: /bin/bash + +dn: cn=Ignacio Sowder,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: isowder +uidNumber: 5298 +gidNumber: 1000 +givenName: Ignacio +sn: Sowder +cn: Ignacio Sowder +homeDirectory: /home/isowder +gecos: Ignacio Sowder +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1TK0VqQmlURGg1cTlLdUIvOFNMOTh2UU90Mkk9 +loginShell: /bin/bash + +dn: uid=aziernicki,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: aziernicki +uidNumber: 5299 +gidNumber: 1000 +givenName: Arlene +sn: Ziernicki +cn: Arlene Ziernicki +homeDirectory: /home/aziernicki +gecos: Arlene Ziernicki +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1taDlGUnYwMkppYmF0V2E1UEh3SnViellnazA9 +loginShell: /bin/bash + +dn: cn=Verdun Poitevin+uid=vpoitevin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vpoitevin +uidNumber: 5300 +gidNumber: 1000 +givenName: Verdun +sn: Poitevin +cn: Verdun Poitevin +homeDirectory: /home/vpoitevin +gecos: Verdun Poitevin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9d2JnVG5NQ0NwSWRZbFZjUTd1QjA0SG44eHNrSzlwS2Q= +loginShell: /bin/bash + +dn: uid=tcacal,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tcacal +uidNumber: 5301 +gidNumber: 1000 +givenName: Timba +sn: Cacal +cn: Timba Cacal +homeDirectory: /home/tcacal +gecos: Timba Cacal +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9SHpiMWg4U1RiUTRMVno0aEpqcUtzUi8vWHdzPQ== +loginShell: /bin/bash + +dn: uid=mgavet,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mgavet +uidNumber: 5302 +gidNumber: 1000 +givenName: Melissa +sn: Gavet +cn: Melissa Gavet +homeDirectory: /home/mgavet +gecos: Melissa Gavet +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX04TWkwdm1hWmJzVEpBczJxS3ZFSEpxTXk1YWs9 +loginShell: /bin/bash + +dn: uid=mskeele,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mskeele +uidNumber: 5303 +gidNumber: 1000 +givenName: Malakas +sn: Skeele +cn: Malakas Skeele +homeDirectory: /home/mskeele +gecos: Malakas Skeele +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cXVhaW50ZXN0 +loginShell: /bin/bash + +dn: uid=rsimonton,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rsimonton +uidNumber: 5304 +gidNumber: 1000 +givenName: Rowe +sn: Simonton +cn: Rowe Simonton +homeDirectory: /home/rsimonton +gecos: Rowe Simonton +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9bS9wa0dOcW1aUDVWV0JYbStWS0hRTmxvUTczb0xpK3E= +loginShell: /bin/bash + +dn: uid=lpeagler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lpeagler +uidNumber: 5305 +gidNumber: 1000 +givenName: Linfa +sn: Peagler +cn: Linfa Peagler +homeDirectory: /home/lpeagler +gecos: Linfa Peagler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Zi9aaUYxMmJSOSt3aWM5TDI1ZDVxbEN3TVd6RzZCbVU= +loginShell: /bin/bash + +dn: cn=Pilar Sowa+uid=psowa,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: psowa +uidNumber: 5306 +gidNumber: 1000 +givenName: Pilar +sn: Sowa +cn: Pilar Sowa +homeDirectory: /home/psowa +gecos: Pilar Sowa +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1MUU90VlVFdElsd2wvMjZrRlJiSkN3PT0= +loginShell: /bin/bash + +dn: uid=ilambino,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ilambino +uidNumber: 5307 +gidNumber: 1000 +givenName: Isabel +sn: Lambino +cn: Isabel Lambino +homeDirectory: /home/ilambino +gecos: Isabel Lambino +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9R1ltQk0vT3hVUm0wb3RJOUxyU3VqcENUOVlzPQ== +loginShell: /bin/bash + +dn: cn=Tim Mcmickle+uid=tmcmickle,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tmcmickle +uidNumber: 5308 +gidNumber: 1000 +givenName: Tim +sn: Mcmickle +cn: Tim Mcmickle +homeDirectory: /home/tmcmickle +gecos: Tim Mcmickle +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1aNFphSHU0RnRRb1dEMGRpZmtFcE9BPT0= +loginShell: /bin/bash + +dn: cn=Joan Matty+uid=jmatty,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jmatty +uidNumber: 5309 +gidNumber: 1000 +givenName: Joan +sn: Matty +cn: Joan Matty +homeDirectory: /home/jmatty +gecos: Joan Matty +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1haURaR2U5aUEvakF6SFhSbEdkR0JhUzNhUEE9 +loginShell: /bin/bash + +dn: uid=nschmig,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nschmig +uidNumber: 5310 +gidNumber: 1000 +givenName: Niala +sn: Schmig +cn: Niala Schmig +homeDirectory: /home/nschmig +gecos: Niala Schmig +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ektYdVYvVEUzSk8vb2l0Y0RFT29jY2o5TmtibjU2MHE= +loginShell: /bin/bash + +dn: uid=cbartnick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cbartnick +uidNumber: 5311 +gidNumber: 1000 +givenName: Colin +sn: Bartnick +cn: Colin Bartnick +homeDirectory: /home/cbartnick +gecos: Colin Bartnick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9NHVWenRmOGNhQk1HanBMbVErSG1TNEdVYWhRPQ== +loginShell: /bin/bash + +dn: uid=udelashmit,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: udelashmit +uidNumber: 5312 +gidNumber: 1000 +givenName: Usagi +sn: Delashmit +cn: Usagi Delashmit +homeDirectory: /home/udelashmit +gecos: Usagi Delashmit +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cmln +loginShell: /bin/bash + +dn: cn=Harold Uber+uid=huber,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: huber +uidNumber: 5313 +gidNumber: 1000 +givenName: Harold +sn: Uber +cn: Harold Uber +homeDirectory: /home/huber +gecos: Harold Uber +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1IL09VRU9mWG9RSEdLc1FzRitEZkpBPT0= +loginShell: /bin/bash + +dn: cn=Terry Schnepel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tschnepel +uidNumber: 5314 +gidNumber: 1000 +givenName: Terry +sn: Schnepel +cn: Terry Schnepel +homeDirectory: /home/tschnepel +gecos: Terry Schnepel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cHJvY2xhbWF0aW9ucw== +loginShell: /bin/bash + +dn: uid=rbillingsly,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rbillingsly +uidNumber: 5315 +gidNumber: 1000 +givenName: Rugare +sn: Billingsly +cn: Rugare Billingsly +homeDirectory: /home/rbillingsly +gecos: Rugare Billingsly +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c291cGluZw== +loginShell: /bin/bash + +dn: cn=Vicete Mcilwraith,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vmcilwraith +uidNumber: 5316 +gidNumber: 1000 +givenName: Vicete +sn: Mcilwraith +cn: Vicete Mcilwraith +homeDirectory: /home/vmcilwraith +gecos: Vicete Mcilwraith +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1TcmFHVDhXT3pZdFpqdUVOL2lyREVRPT0= +loginShell: /bin/bash + +dn: uid=jnehls,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jnehls +uidNumber: 5317 +gidNumber: 1000 +givenName: Jo +sn: Nehls +cn: Jo Nehls +homeDirectory: /home/jnehls +gecos: Jo Nehls +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: d3JpbmdlcnM= +loginShell: /bin/bash + +dn: uid=dbertels,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dbertels +uidNumber: 5318 +gidNumber: 1000 +givenName: Debbie +sn: Bertels +cn: Debbie Bertels +homeDirectory: /home/dbertels +gecos: Debbie Bertels +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUFPZnFuQnJ5alZPRGM= +loginShell: /bin/bash + +dn: uid=ktorrent,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ktorrent +uidNumber: 5319 +gidNumber: 1000 +givenName: Kirk +sn: Torrent +cn: Kirk Torrent +homeDirectory: /home/ktorrent +gecos: Kirk Torrent +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RjAya0lPNFhFaFdieTErQ1cwc20wRERmMW93PQ== +loginShell: /bin/bash + +dn: uid=ffigert,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ffigert +uidNumber: 5320 +gidNumber: 1000 +givenName: Fengshen +sn: Figert +cn: Fengshen Figert +homeDirectory: /home/ffigert +gecos: Fengshen Figert +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUVSUDBxbG94UWdKVWM= +loginShell: /bin/bash + +dn: uid=zkutchera,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zkutchera +uidNumber: 5321 +gidNumber: 1000 +givenName: Zuman +sn: Kutchera +cn: Zuman Kutchera +homeDirectory: /home/zkutchera +gecos: Zuman Kutchera +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bnVrZWQ= +loginShell: /bin/bash + +dn: uid=ldreckman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ldreckman +uidNumber: 5322 +gidNumber: 1000 +givenName: Lowell +sn: Dreckman +cn: Lowell Dreckman +homeDirectory: /home/ldreckman +gecos: Lowell Dreckman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: dml0YWw= +loginShell: /bin/bash + +dn: cn=Pete Gaudet,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pgaudet +uidNumber: 5323 +gidNumber: 1000 +givenName: Pete +sn: Gaudet +cn: Pete Gaudet +homeDirectory: /home/pgaudet +gecos: Pete Gaudet +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUh5QjAxZ2Rudy5TMUU= +loginShell: /bin/bash + +dn: uid=mlenning,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mlenning +uidNumber: 5324 +gidNumber: 1000 +givenName: Maemi +sn: Lenning +cn: Maemi Lenning +homeDirectory: /home/mlenning +gecos: Maemi Lenning +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9YWpwVXkvY0JWb3N5VVhnRUh1akpyd2h4TkJWOWYzWm4= +loginShell: /bin/bash + +dn: cn=Leslie Nibler+uid=lnibler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lnibler +uidNumber: 5325 +gidNumber: 1000 +givenName: Leslie +sn: Nibler +cn: Leslie Nibler +homeDirectory: /home/lnibler +gecos: Leslie Nibler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1ScHpEMUh0WGJ5bEppSFVqa0d1QkNRPT0= +loginShell: /bin/bash + +dn: uid=cgalinol,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cgalinol +uidNumber: 5326 +gidNumber: 1000 +givenName: Carol +sn: Galinol +cn: Carol Galinol +homeDirectory: /home/cgalinol +gecos: Carol Galinol +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9eCtUMVZ1bHoyeGMxVnlOMk5razFYQ0Vnd2FRPQ== +loginShell: /bin/bash + +dn: cn=Fran Buzzi,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fbuzzi +uidNumber: 5327 +gidNumber: 1000 +givenName: Fran +sn: Buzzi +cn: Fran Buzzi +homeDirectory: /home/fbuzzi +gecos: Fran Buzzi +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ZXdNTEh0QzlaclBYcFR4d25yVG01aFVOampFPQ== +loginShell: /bin/bash + +dn: uid=kaanerud,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kaanerud +uidNumber: 5328 +gidNumber: 1000 +givenName: Kamba +sn: Aanerud +cn: Kamba Aanerud +homeDirectory: /home/kaanerud +gecos: Kamba Aanerud +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bXVsZSdz +loginShell: /bin/bash + +dn: uid=lvaleriano,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lvaleriano +uidNumber: 5329 +gidNumber: 1000 +givenName: Lenny +sn: Valeriano +cn: Lenny Valeriano +homeDirectory: /home/lvaleriano +gecos: Lenny Valeriano +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUgzZmZUS2lGTUoya0E= +loginShell: /bin/bash + +dn: cn=Kate Tuccio,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ktuccio +uidNumber: 5330 +gidNumber: 1000 +givenName: Kate +sn: Tuccio +cn: Kate Tuccio +homeDirectory: /home/ktuccio +gecos: Kate Tuccio +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1WTlZDbC83dWxSUm1vTkZ6WXBrMlowdGxXYlE9 +loginShell: /bin/bash + +dn: uid=bswantak,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bswantak +uidNumber: 5331 +gidNumber: 1000 +givenName: Bongwe +sn: Swantak +cn: Bongwe Swantak +homeDirectory: /home/bswantak +gecos: Bongwe Swantak +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWZxR1VUNXJXSlJQVDI= +loginShell: /bin/bash + +dn: uid=btheim,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: btheim +uidNumber: 5332 +gidNumber: 1000 +givenName: Bondo +sn: Theim +cn: Bondo Theim +homeDirectory: /home/btheim +gecos: Bondo Theim +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bWlsaXRhdGU= +loginShell: /bin/bash + +dn: cn=Ulika Walpole,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: uwalpole +uidNumber: 5333 +gidNumber: 1000 +givenName: Ulika +sn: Walpole +cn: Ulika Walpole +homeDirectory: /home/uwalpole +gecos: Ulika Walpole +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9cTdSZDZPby9lcHV0WWFRVEVGZWQvWGhIK3BXMnNFcSs= +loginShell: /bin/bash + +dn: cn=Songda Mccaie,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: smccaie +uidNumber: 5334 +gidNumber: 1000 +givenName: Songda +sn: Mccaie +cn: Songda Mccaie +homeDirectory: /home/smccaie +gecos: Songda Mccaie +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9czJNZ0g4elNWN1NPU3VqR2pSQTN5Q1l0bnRvPQ== +loginShell: /bin/bash + +dn: uid=tarre,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tarre +uidNumber: 5335 +gidNumber: 1000 +givenName: Tina +sn: Arre +cn: Tina Arre +homeDirectory: /home/tarre +gecos: Tina Arre +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9Znk5Nk0rTzFRN2hMTGJQZzU1TXJxMkNqbXQ4PQ== +loginShell: /bin/bash + +dn: uid=jglotzbecker,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jglotzbecker +uidNumber: 5336 +gidNumber: 1000 +givenName: Jack +sn: Glotzbecker +cn: Jack Glotzbecker +homeDirectory: /home/jglotzbecker +gecos: Jack Glotzbecker +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c291bmRlZA== +loginShell: /bin/bash + +dn: cn=Yali Kisak,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ykisak +uidNumber: 5337 +gidNumber: 1000 +givenName: Yali +sn: Kisak +cn: Yali Kisak +homeDirectory: /home/ykisak +gecos: Yali Kisak +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0vTGhMMGhxYVg0cHc1Qm4wbS9JdnN3PT0= +loginShell: /bin/bash + +dn: uid=kbradbury,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kbradbury +uidNumber: 5338 +gidNumber: 1000 +givenName: Keoni +sn: Bradbury +cn: Keoni Bradbury +homeDirectory: /home/kbradbury +gecos: Keoni Bradbury +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9T1NFb0VJcGkvL3drTEZlSkhrV0JpKzJjOXJEM01pajE= +loginShell: /bin/bash + +dn: uid=fmarchi,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fmarchi +uidNumber: 5339 +gidNumber: 1000 +givenName: Faxai +sn: Marchi +cn: Faxai Marchi +homeDirectory: /home/fmarchi +gecos: Faxai Marchi +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9TDYyd2NZQzE3d3M2RTZ2bkkvd3lqc3RnZUx4RkRtbDY= +loginShell: /bin/bash + +dn: uid=phalkett,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: phalkett +uidNumber: 5340 +gidNumber: 1000 +givenName: Paula +sn: Halkett +cn: Paula Halkett +homeDirectory: /home/phalkett +gecos: Paula Halkett +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Qnc5dlRKOUFlcU1EZ1pqb0tvZ0QweXVMR0dIT3g5MUU= +loginShell: /bin/bash + +dn: uid=llarmore,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: llarmore +uidNumber: 5341 +gidNumber: 1000 +givenName: Lenny +sn: Larmore +cn: Lenny Larmore +homeDirectory: /home/llarmore +gecos: Lenny Larmore +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9elNMeVZYVVhNcWtlV2FDWFN0ZlJ5ci81OHpFPQ== +loginShell: /bin/bash + +dn: uid=tharr,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tharr +uidNumber: 5342 +gidNumber: 1000 +givenName: Tammy +sn: Harr +cn: Tammy Harr +homeDirectory: /home/tharr +gecos: Tammy Harr +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1SVUw3S3FoTCtleFlzbU1mZVF2T0xnPT0= +loginShell: /bin/bash + +dn: uid=pmineo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pmineo +uidNumber: 5343 +gidNumber: 1000 +givenName: Priscilla +sn: Mineo +cn: Priscilla Mineo +homeDirectory: /home/pmineo +gecos: Priscilla Mineo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3VjY2Vzc2lvbg== +loginShell: /bin/bash + +dn: cn=Tam Hoch,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: thoch +uidNumber: 5344 +gidNumber: 1000 +givenName: Tam +sn: Hoch +cn: Tam Hoch +homeDirectory: /home/thoch +gecos: Tam Hoch +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX16TTdnNXpsY0ZJQzJyamVhN2UyZkpLeEdPTFE9 +loginShell: /bin/bash + +dn: cn=Nana Majera+uid=nmajera,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nmajera +uidNumber: 5345 +gidNumber: 1000 +givenName: Nana +sn: Majera +cn: Nana Majera +homeDirectory: /home/nmajera +gecos: Nana Majera +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9aHY3ZGNWWmgrTmJsdVEvOXM5SnhWWGxQekJzPQ== +loginShell: /bin/bash + +dn: cn=Io Woldt+uid=iwoldt,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: iwoldt +uidNumber: 5346 +gidNumber: 1000 +givenName: Io +sn: Woldt +cn: Io Woldt +homeDirectory: /home/iwoldt +gecos: Io Woldt +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1ObHczMHFpUE4weDh0eVJhRE4waUl3PT0= +loginShell: /bin/bash + +dn: uid=ninnella,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ninnella +uidNumber: 5347 +gidNumber: 1000 +givenName: Newton +sn: Innella +cn: Newton Innella +homeDirectory: /home/ninnella +gecos: Newton Innella +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1QQ2pVcUdEZ3V2M3phQk9oanROS3hHeGVMZUU9 +loginShell: /bin/bash + +dn: uid=omatula,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: omatula +uidNumber: 5348 +gidNumber: 1000 +givenName: Omais +sn: Matula +cn: Omais Matula +homeDirectory: /home/omatula +gecos: Omais Matula +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfS9sRjc2LmZFaVllRUk= +loginShell: /bin/bash + +dn: cn=Dennis Deguire,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ddeguire +uidNumber: 5349 +gidNumber: 1000 +givenName: Dennis +sn: Deguire +cn: Dennis Deguire +homeDirectory: /home/ddeguire +gecos: Dennis Deguire +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX03amsvWUIzbTdmczhJcUFlbngxckFnPT0= +loginShell: /bin/bash + +dn: uid=gdeadwyler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gdeadwyler +uidNumber: 5350 +gidNumber: 1000 +givenName: Gina +sn: Deadwyler +cn: Gina Deadwyler +homeDirectory: /home/gdeadwyler +gecos: Gina Deadwyler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1KcEN2b0kwd2FKWHdqR1B3T3ZFcUpRPT0= +loginShell: /bin/bash + +dn: uid=nsilveria,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nsilveria +uidNumber: 5351 +gidNumber: 1000 +givenName: Nock-ten +sn: Silveria +cn: Nock-ten Silveria +homeDirectory: /home/nsilveria +gecos: Nock-ten Silveria +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9N3IxcW9NbFZKajIyb1R4STVyV3VneDFaTjlBPQ== +loginShell: /bin/bash + +dn: uid=vexler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vexler +uidNumber: 5352 +gidNumber: 1000 +givenName: Vamco +sn: Exler +cn: Vamco Exler +homeDirectory: /home/vexler +gecos: Vamco Exler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9OVBlaW80UXBkTURRNjl4Y2ZrYzViNTlDRTg0PQ== +loginShell: /bin/bash + +dn: uid=ebartylla,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ebartylla +uidNumber: 5353 +gidNumber: 1000 +givenName: Ema +sn: Bartylla +cn: Ema Bartylla +homeDirectory: /home/ebartylla +gecos: Ema Bartylla +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1QY3JWTzN2TjNTMTNxY2lyOWdFQmEzcmIyL289 +loginShell: /bin/bash + +dn: cn=Hugo Tilzer+uid=htilzer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: htilzer +uidNumber: 5354 +gidNumber: 1000 +givenName: Hugo +sn: Tilzer +cn: Hugo Tilzer +homeDirectory: /home/htilzer +gecos: Hugo Tilzer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c2lsaydz +loginShell: /bin/bash + +dn: uid=mdedon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mdedon +uidNumber: 5355 +gidNumber: 1000 +givenName: Muifa +sn: Dedon +cn: Muifa Dedon +homeDirectory: /home/mdedon +gecos: Muifa Dedon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: anVtcA== +loginShell: /bin/bash + +dn: uid=mlinak,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mlinak +uidNumber: 5356 +gidNumber: 1000 +givenName: Melissa +sn: Linak +cn: Melissa Linak +homeDirectory: /home/mlinak +gecos: Melissa Linak +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX15bk9yWlZhTTBTWEMwbm9pdTlub1k4RUxaMTA9 +loginShell: /bin/bash + +dn: cn=Trina Steve+uid=tsteve,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tsteve +uidNumber: 5357 +gidNumber: 1000 +givenName: Trina +sn: Steve +cn: Trina Steve +homeDirectory: /home/tsteve +gecos: Trina Steve +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1QN0JVVHluYVBNYVhpcHVuN1BxOGdIbndSNmM9 +loginShell: /bin/bash + +dn: uid=awhitt,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: awhitt +uidNumber: 5358 +gidNumber: 1000 +givenName: Amelia +sn: Whitt +cn: Amelia Whitt +homeDirectory: /home/awhitt +gecos: Amelia Whitt +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0zRHN1cEd4dkpSbS9FZUVlVDREcDVBPT0= +loginShell: /bin/bash + +dn: uid=fculleton,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fculleton +uidNumber: 5359 +gidNumber: 1000 +givenName: Fritz +sn: Culleton +cn: Fritz Culleton +homeDirectory: /home/fculleton +gecos: Fritz Culleton +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1jUG04MHM5dFN0QjRPRittTGpKTGRnPT0= +loginShell: /bin/bash + +dn: cn=Neil Drumgole,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ndrumgole +uidNumber: 5360 +gidNumber: 1000 +givenName: Neil +sn: Drumgole +cn: Neil Drumgole +homeDirectory: /home/ndrumgole +gecos: Neil Drumgole +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YWNjb3VudGFudHM= +loginShell: /bin/bash + +dn: cn=Uka Flander+uid=uflander,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: uflander +uidNumber: 5361 +gidNumber: 1000 +givenName: Uka +sn: Flander +cn: Uka Flander +homeDirectory: /home/uflander +gecos: Uka Flander +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Sjh2OXcyN0p5YnUzZmUzZUhhTnhkUkpjdis4STJ1WHM= +loginShell: /bin/bash + +dn: uid=ltegtmeier,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ltegtmeier +uidNumber: 5362 +gidNumber: 1000 +givenName: Leo +sn: Tegtmeier +cn: Leo Tegtmeier +homeDirectory: /home/ltegtmeier +gecos: Leo Tegtmeier +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aGlkaW5nJ3M= +loginShell: /bin/bash + +dn: cn=Joyce Roden+uid=jroden,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jroden +uidNumber: 5363 +gidNumber: 1000 +givenName: Joyce +sn: Roden +cn: Joyce Roden +homeDirectory: /home/jroden +gecos: Joyce Roden +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9TVBRMUhYWVc5OVc4NmJXQ1l5QWtvR0RleUI0PQ== +loginShell: /bin/bash + +dn: uid=cbarrigan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cbarrigan +uidNumber: 5364 +gidNumber: 1000 +givenName: Cora +sn: Barrigan +cn: Cora Barrigan +homeDirectory: /home/cbarrigan +gecos: Cora Barrigan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1la0lDMXNsLzhmdTRwM3R2S2VnVEl6aTZtTzg9 +loginShell: /bin/bash + +dn: uid=hbastidos,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hbastidos +uidNumber: 5365 +gidNumber: 1000 +givenName: Heta +sn: Bastidos +cn: Heta Bastidos +homeDirectory: /home/hbastidos +gecos: Heta Bastidos +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUh6cjFmMHdkWnVnZWs= +loginShell: /bin/bash + +dn: cn=Sarah Aycock,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: saycock +uidNumber: 5366 +gidNumber: 1000 +givenName: Sarah +sn: Aycock +cn: Sarah Aycock +homeDirectory: /home/saycock +gecos: Sarah Aycock +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aGFyZWxpcA== +loginShell: /bin/bash + +dn: uid=ppiccillo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ppiccillo +uidNumber: 5367 +gidNumber: 1000 +givenName: Paka +sn: Piccillo +cn: Paka Piccillo +homeDirectory: /home/ppiccillo +gecos: Paka Piccillo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1GK2RXTE80NFdVSHNvblpFNEVXMU9kenF4cXM9 +loginShell: /bin/bash + +dn: uid=yolivier,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: yolivier +uidNumber: 5368 +gidNumber: 1000 +givenName: Yalo +sn: Olivier +cn: Yalo Olivier +homeDirectory: /home/yolivier +gecos: Yalo Olivier +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUp1bGl4aENpLnFIbTY= +loginShell: /bin/bash + +dn: uid=jscheitlin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jscheitlin +uidNumber: 5369 +gidNumber: 1000 +givenName: Jack +sn: Scheitlin +cn: Jack Scheitlin +homeDirectory: /home/jscheitlin +gecos: Jack Scheitlin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWVpTGJMOE90WmdzYWc= +loginShell: /bin/bash + +dn: cn=Solo Skone+uid=sskone,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sskone +uidNumber: 5370 +gidNumber: 1000 +givenName: Solo +sn: Skone +cn: Solo Skone +homeDirectory: /home/sskone +gecos: Solo Skone +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1lVFVBbzRuMlp0TGFRRnYyc0djUDd0MS9VbEE9 +loginShell: /bin/bash + +dn: cn=Isabella Haub,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ihaub +uidNumber: 5371 +gidNumber: 1000 +givenName: Isabella +sn: Haub +cn: Isabella Haub +homeDirectory: /home/ihaub +gecos: Isabella Haub +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTl5R0RObDE3QVBqRUk= +loginShell: /bin/bash + +dn: uid=atimenez,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: atimenez +uidNumber: 5372 +gidNumber: 1000 +givenName: Atu +sn: Timenez +cn: Atu Timenez +homeDirectory: /home/atimenez +gecos: Atu Timenez +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9TkVZSWFRakU5bDVpN2tCUDlyVVR4WDErQWMwcTNxM3c= +loginShell: /bin/bash + +dn: uid=pdauterman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pdauterman +uidNumber: 5373 +gidNumber: 1000 +givenName: Podul +sn: Dauterman +cn: Podul Dauterman +homeDirectory: /home/pdauterman +gecos: Podul Dauterman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: dW5kb25l +loginShell: /bin/bash + +dn: uid=skoegler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: skoegler +uidNumber: 5374 +gidNumber: 1000 +givenName: Soudelor +sn: Koegler +cn: Soudelor Koegler +homeDirectory: /home/skoegler +gecos: Soudelor Koegler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1CeG9INFBKMmdLZ285UGdmNGV6RnV3ZGhXOUk9 +loginShell: /bin/bash + +dn: uid=ggehrke,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ggehrke +uidNumber: 5375 +gidNumber: 1000 +givenName: Gil +sn: Gehrke +cn: Gil Gehrke +homeDirectory: /home/ggehrke +gecos: Gil Gehrke +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0xQ2h5VVVLQ0h5YzZiWGNUbTlYM1pRPT0= +loginShell: /bin/bash + +dn: uid=hcouillard,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hcouillard +uidNumber: 5376 +gidNumber: 1000 +givenName: Hagupit +sn: Couillard +cn: Hagupit Couillard +homeDirectory: /home/hcouillard +gecos: Hagupit Couillard +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1TRDFwTFZnbTc4U29jNzNFLzA3cnFDTWl3ZDg9 +loginShell: /bin/bash + +dn: uid=cpinela,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cpinela +uidNumber: 5377 +gidNumber: 1000 +givenName: Colin +sn: Pinela +cn: Colin Pinela +homeDirectory: /home/cpinela +gecos: Colin Pinela +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUZ6UHFnTGU3ajhJS2c= +loginShell: /bin/bash + +dn: uid=ywhittingham,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ywhittingham +uidNumber: 5378 +gidNumber: 1000 +givenName: Yolanda +sn: Whittingham +cn: Yolanda Whittingham +homeDirectory: /home/ywhittingham +gecos: Yolanda Whittingham +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1RaTdNQ0U4a1dONzhZZzdPdnlwa1NBPT0= +loginShell: /bin/bash + +dn: uid=jknight,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jknight +uidNumber: 5379 +gidNumber: 1000 +givenName: Julie +sn: Knight +cn: Julie Knight +homeDirectory: /home/jknight +gecos: Julie Knight +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9R2hmZ044Z2FwSWVaeGp6NFhHMzBiOHdJdlU0PQ== +loginShell: /bin/bash + +dn: uid=nreistetter,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nreistetter +uidNumber: 5380 +gidNumber: 1000 +givenName: Nelson +sn: Reistetter +cn: Nelson Reistetter +homeDirectory: /home/nreistetter +gecos: Nelson Reistetter +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1rODlrRnBaWXJabDF6ZUNCYWxPVlVBSzJPRnc9 +loginShell: /bin/bash + +dn: uid=agimm,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: agimm +uidNumber: 5381 +gidNumber: 1000 +givenName: Akoni +sn: Gimm +cn: Akoni Gimm +homeDirectory: /home/agimm +gecos: Akoni Gimm +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9UWpScEJWMGJBeVdzUER4NjdkcUFYNm1QenQ3bnQzVnI= +loginShell: /bin/bash + +dn: uid=tsann,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tsann +uidNumber: 5382 +gidNumber: 1000 +givenName: Tammy +sn: Sann +cn: Tammy Sann +homeDirectory: /home/tsann +gecos: Tammy Sann +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWpvRmdGTUdEUnJoVmM= +loginShell: /bin/bash + +dn: uid=rhickok,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rhickok +uidNumber: 5383 +gidNumber: 1000 +givenName: Rebekah +sn: Hickok +cn: Rebekah Hickok +homeDirectory: /home/rhickok +gecos: Rebekah Hickok +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Ymxvb2RpZXN0 +loginShell: /bin/bash + +dn: cn=Flora Goben+uid=fgoben,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fgoben +uidNumber: 5384 +gidNumber: 1000 +givenName: Flora +sn: Goben +cn: Flora Goben +homeDirectory: /home/fgoben +gecos: Flora Goben +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1qTXhOZXhVZElPelVXSDlsYy81T2JxVUpEd0k9 +loginShell: /bin/bash + +dn: uid=mbixby,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mbixby +uidNumber: 5385 +gidNumber: 1000 +givenName: Matt +sn: Bixby +cn: Matt Bixby +homeDirectory: /home/mbixby +gecos: Matt Bixby +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUxUcDVaMmMuM1hNYnM= +loginShell: /bin/bash + +dn: uid=jcurson,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jcurson +uidNumber: 5386 +gidNumber: 1000 +givenName: Jana +sn: Curson +cn: Jana Curson +homeDirectory: /home/jcurson +gecos: Jana Curson +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9UEp0UDdXMnNHcEdtSE1XcFJEOUpoR25kcWQ2S0sxMTI= +loginShell: /bin/bash + +dn: uid=areid,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: areid +uidNumber: 5387 +gidNumber: 1000 +givenName: Amos +sn: Reid +cn: Amos Reid +homeDirectory: /home/areid +gecos: Amos Reid +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWpPSlF3TTRDSnBaclU= +loginShell: /bin/bash + +dn: uid=usherraden,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: usherraden +uidNumber: 5388 +gidNumber: 1000 +givenName: Usagi +sn: Sherraden +cn: Usagi Sherraden +homeDirectory: /home/usherraden +gecos: Usagi Sherraden +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9L095UUVDK1FMZUxxVTl1ZE9mUmFHa3ErMDhJPQ== +loginShell: /bin/bash + +dn: cn=Usta Trezize,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: utrezize +uidNumber: 5389 +gidNumber: 1000 +givenName: Usta +sn: Trezize +cn: Usta Trezize +homeDirectory: /home/utrezize +gecos: Usta Trezize +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfU1EeURuWEZTUFoxb1E= +loginShell: /bin/bash + +dn: uid=lwedner,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lwedner +uidNumber: 5390 +gidNumber: 1000 +givenName: Lidia +sn: Wedner +cn: Lidia Wedner +homeDirectory: /home/lwedner +gecos: Lidia Wedner +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1iL0pkcUtuZW1aVnRPRmRIeGpHT0tLdHBOUms9 +loginShell: /bin/bash + +dn: cn=Debbie Gorka,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dgorka +uidNumber: 5391 +gidNumber: 1000 +givenName: Debbie +sn: Gorka +cn: Debbie Gorka +homeDirectory: /home/dgorka +gecos: Debbie Gorka +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9bG9Kb29aY3N2cUhtcDZRb3VDMUJ5dE1KVGxrPQ== +loginShell: /bin/bash + +dn: uid=wgidaro,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wgidaro +uidNumber: 5392 +gidNumber: 1000 +givenName: Wukong +sn: Gidaro +cn: Wukong Gidaro +homeDirectory: /home/wgidaro +gecos: Wukong Gidaro +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1COFZJZmdzMGw2MVp2cDQrcUh3aXlBPT0= +loginShell: /bin/bash + +dn: cn=Daryl Blazejewski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dblazejewski +uidNumber: 5393 +gidNumber: 1000 +givenName: Daryl +sn: Blazejewski +cn: Daryl Blazejewski +homeDirectory: /home/dblazejewski +gecos: Daryl Blazejewski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWM2M1V4emU3RllHTUk= +loginShell: /bin/bash + +dn: cn=Haishen Veader,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hveader +uidNumber: 5394 +gidNumber: 1000 +givenName: Haishen +sn: Veader +cn: Haishen Veader +homeDirectory: /home/hveader +gecos: Haishen Veader +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YXJiaXRyYXRpb24ncw== +loginShell: /bin/bash + +dn: cn=Khanun Meester+uid=kmeester,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kmeester +uidNumber: 5395 +gidNumber: 1000 +givenName: Khanun +sn: Meester +cn: Khanun Meester +homeDirectory: /home/kmeester +gecos: Khanun Meester +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXNMQVE4VmgyYXdUOFk= +loginShell: /bin/bash + +dn: uid=nvantassel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nvantassel +uidNumber: 5396 +gidNumber: 1000 +givenName: Noru +sn: VanTassel +cn: Noru VanTassel +homeDirectory: /home/nvantassel +gecos: Noru VanTassel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1nSUVHMHhsOGI3dHBFNGd2bk9ocDZ2cE5ubzg9 +loginShell: /bin/bash + +dn: uid=jamber,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jamber +uidNumber: 5397 +gidNumber: 1000 +givenName: Jerry +sn: Amber +cn: Jerry Amber +homeDirectory: /home/jamber +gecos: Jerry Amber +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9aFZqZ2FndU1kdDBHVE9zWHRmWkpmUlZzK3lvPQ== +loginShell: /bin/bash + +dn: uid=osanthuff,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: osanthuff +uidNumber: 5398 +gidNumber: 1000 +givenName: Oko +sn: Santhuff +cn: Oko Santhuff +homeDirectory: /home/osanthuff +gecos: Oko Santhuff +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1RWnZDTXBuREM2QVFtdURvTlg0UjVqaGRwbEk9 +loginShell: /bin/bash + +dn: uid=ysantoscoy,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ysantoscoy +uidNumber: 5399 +gidNumber: 1000 +givenName: Yagi +sn: Santoscoy +cn: Yagi Santoscoy +homeDirectory: /home/ysantoscoy +gecos: Yagi Santoscoy +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1aUHNwWjRMcitsWGsyUEZoU3haYWZOZk5FRUE9 +loginShell: /bin/bash + +dn: uid=kjhonson,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kjhonson +uidNumber: 5400 +gidNumber: 1000 +givenName: Keoni +sn: Jhonson +cn: Keoni Jhonson +homeDirectory: /home/kjhonson +gecos: Keoni Jhonson +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX01bHZ3a1JkS2NWMjhSaTNVK3MzZXd3PT0= +loginShell: /bin/bash + +dn: cn=Susan Stuemke,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sstuemke +uidNumber: 5401 +gidNumber: 1000 +givenName: Susan +sn: Stuemke +cn: Susan Stuemke +homeDirectory: /home/sstuemke +gecos: Susan Stuemke +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX14dnFaSlB3ZlVDUGdYYmlSR0hUV1prNEhvbFU9 +loginShell: /bin/bash + +dn: uid=gsusoev,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gsusoev +uidNumber: 5402 +gidNumber: 1000 +givenName: Gula +sn: Susoev +cn: Gula Susoev +homeDirectory: /home/gsusoev +gecos: Gula Susoev +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y2hvcHN0aWNr +loginShell: /bin/bash + +dn: uid=fdarakjian,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fdarakjian +uidNumber: 5403 +gidNumber: 1000 +givenName: Fletcher +sn: Darakjian +cn: Fletcher Darakjian +homeDirectory: /home/fdarakjian +gecos: Fletcher Darakjian +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXBtaUQwYmpCeHNySnc= +loginShell: /bin/bash + +dn: uid=nblum,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nblum +uidNumber: 5404 +gidNumber: 1000 +givenName: Nisha +sn: Blum +cn: Nisha Blum +homeDirectory: /home/nblum +gecos: Nisha Blum +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9UkVwZGREUmE1SUZtcVZPb0RiaW9DRDVKdVRRPQ== +loginShell: /bin/bash + +dn: cn=Vipa Olejarski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: volejarski +uidNumber: 5405 +gidNumber: 1000 +givenName: Vipa +sn: Olejarski +cn: Vipa Olejarski +homeDirectory: /home/volejarski +gecos: Vipa Olejarski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXNnQnFzYjhDVzhkOW8= +loginShell: /bin/bash + +dn: uid=tabdelal,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tabdelal +uidNumber: 5406 +gidNumber: 1000 +givenName: Trina +sn: Abdelal +cn: Trina Abdelal +homeDirectory: /home/tabdelal +gecos: Trina Abdelal +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX16WjRKd2kxZWtaVzJrcmRoMTR4VnJ3PT0= +loginShell: /bin/bash + +dn: uid=oconerly,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: oconerly +uidNumber: 5407 +gidNumber: 1000 +givenName: Otto +sn: Conerly +cn: Otto Conerly +homeDirectory: /home/oconerly +gecos: Otto Conerly +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9OEJVNk9iUmVQU00yMGEvMytJeFBXUHhaN3RVPQ== +loginShell: /bin/bash + +dn: uid=cdegravelle,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cdegravelle +uidNumber: 5408 +gidNumber: 1000 +givenName: Camille +sn: Degravelle +cn: Camille Degravelle +homeDirectory: /home/cdegravelle +gecos: Camille Degravelle +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YWZmYWJsZQ== +loginShell: /bin/bash + +dn: uid=creins,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: creins +uidNumber: 5409 +gidNumber: 1000 +givenName: Claudia +sn: Reins +cn: Claudia Reins +homeDirectory: /home/creins +gecos: Claudia Reins +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9YWFiMmhTRzUwV1Rtd3J5Rlk0cENIcDNwS2VVdDF5MFk= +loginShell: /bin/bash + +dn: uid=fvallian,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fvallian +uidNumber: 5410 +gidNumber: 1000 +givenName: Francisco +sn: Vallian +cn: Francisco Vallian +homeDirectory: /home/fvallian +gecos: Francisco Vallian +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1aQ1RYSEJ5Ry9wNmd6N3I5emEvRDM5REczS0U9 +loginShell: /bin/bash + +dn: cn=Hamish Pimpare,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hpimpare +uidNumber: 5411 +gidNumber: 1000 +givenName: Hamish +sn: Pimpare +cn: Hamish Pimpare +homeDirectory: /home/hpimpare +gecos: Hamish Pimpare +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ZDA5S1JPczRrcVlIanp3Q3Y5OUxuZk1jbGNVSmE3RHM= +loginShell: /bin/bash + +dn: uid=mgoodenough,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mgoodenough +uidNumber: 5412 +gidNumber: 1000 +givenName: Madeline +sn: Goodenough +cn: Madeline Goodenough +homeDirectory: /home/mgoodenough +gecos: Madeline Goodenough +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1qREt4OTJ4MGJYaFBEQi9RQmVLaUlBPT0= +loginShell: /bin/bash + +dn: cn=Alicia Manganelli+uid=amanganelli,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: amanganelli +uidNumber: 5413 +gidNumber: 1000 +givenName: Alicia +sn: Manganelli +cn: Alicia Manganelli +homeDirectory: /home/amanganelli +gecos: Alicia Manganelli +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aWNreQ== +loginShell: /bin/bash + +dn: cn=Bopha Haislett,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bhaislett +uidNumber: 5414 +gidNumber: 1000 +givenName: Bopha +sn: Haislett +cn: Bopha Haislett +homeDirectory: /home/bhaislett +gecos: Bopha Haislett +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c2xvdHRlZA== +loginShell: /bin/bash + +dn: cn=Simon Woodie,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: swoodie +uidNumber: 5415 +gidNumber: 1000 +givenName: Simon +sn: Woodie +cn: Simon Woodie +homeDirectory: /home/swoodie +gecos: Simon Woodie +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVF2NjhJTTYvcG5oU1k= +loginShell: /bin/bash + +dn: uid=bmadamba,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bmadamba +uidNumber: 5416 +gidNumber: 1000 +givenName: Bilis +sn: Madamba +cn: Bilis Madamba +homeDirectory: /home/bmadamba +gecos: Bilis Madamba +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bW90aXZl +loginShell: /bin/bash + +dn: uid=fbakaler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fbakaler +uidNumber: 5417 +gidNumber: 1000 +givenName: Felicia +sn: Bakaler +cn: Felicia Bakaler +homeDirectory: /home/fbakaler +gecos: Felicia Bakaler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX16bFdOeWFDMU9DejBTTG1mbXZtV2JEMmgwdVk9 +loginShell: /bin/bash + +dn: cn=Alvin Been,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: abeen +uidNumber: 5418 +gidNumber: 1000 +givenName: Alvin +sn: Been +cn: Alvin Been +homeDirectory: /home/abeen +gecos: Alvin Been +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9UXQxOEVMR0g1Z0ZYcnZWRUl1K2FnTDByZmtjcGJJeDc= +loginShell: /bin/bash + +dn: cn=Joaquin Speh,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jspeh +uidNumber: 5419 +gidNumber: 1000 +givenName: Joaquin +sn: Speh +cn: Joaquin Speh +homeDirectory: /home/jspeh +gecos: Joaquin Speh +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9bmMxNjdZajhnclBWYmV4UW9XYnc3NlNHcW9ZPQ== +loginShell: /bin/bash + +dn: uid=agordner,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: agordner +uidNumber: 5420 +gidNumber: 1000 +givenName: Alan +sn: Gordner +cn: Alan Gordner +homeDirectory: /home/agordner +gecos: Alan Gordner +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9aDJNL2ZvSmxaZ2ZNaHQxUFQrdERNeUR0ay9vPQ== +loginShell: /bin/bash + +dn: uid=lschnorbus,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lschnorbus +uidNumber: 5421 +gidNumber: 1000 +givenName: Leslie +sn: Schnorbus +cn: Leslie Schnorbus +homeDirectory: /home/lschnorbus +gecos: Leslie Schnorbus +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c2hlZXJpbmc= +loginShell: /bin/bash + +dn: uid=aarietta,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: aarietta +uidNumber: 5422 +gidNumber: 1000 +givenName: Amelia +sn: Arietta +cn: Amelia Arietta +homeDirectory: /home/aarietta +gecos: Amelia Arietta +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUFHWER2M1VMQVJFT1k= +loginShell: /bin/bash + +dn: cn=Gordon Hiland,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ghiland +uidNumber: 5423 +gidNumber: 1000 +givenName: Gordon +sn: Hiland +cn: Gordon Hiland +homeDirectory: /home/ghiland +gecos: Gordon Hiland +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1VM3pld1E4RkVRWFN6WTRGeFU4cnpaZGFUUU09 +loginShell: /bin/bash + +dn: uid=edurick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: edurick +uidNumber: 5424 +gidNumber: 1000 +givenName: Erika +sn: Durick +cn: Erika Durick +homeDirectory: /home/edurick +gecos: Erika Durick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX12MGtrUVAvRVZVNVdDQ21ZMWo1VUIzQXNqQnM9 +loginShell: /bin/bash + +dn: cn=Toraji Mohmed+uid=tmohmed,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tmohmed +uidNumber: 5425 +gidNumber: 1000 +givenName: Toraji +sn: Mohmed +cn: Toraji Mohmed +homeDirectory: /home/tmohmed +gecos: Toraji Mohmed +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ZWxVTUpsczlhaXRYUGd0MWZwWFN0U1hhcGRZWlVyWm8= +loginShell: /bin/bash + +dn: uid=bbeckfield,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bbeckfield +uidNumber: 5426 +gidNumber: 1000 +givenName: Barry +sn: Beckfield +cn: Barry Beckfield +homeDirectory: /home/bbeckfield +gecos: Barry Beckfield +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3BhcmtsZXM= +loginShell: /bin/bash + +dn: cn=Soudelor Jankauskas,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sjankauskas +uidNumber: 5427 +gidNumber: 1000 +givenName: Soudelor +sn: Jankauskas +cn: Soudelor Jankauskas +homeDirectory: /home/sjankauskas +gecos: Soudelor Jankauskas +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUFOMXBKbXB6RXJmWWs= +loginShell: /bin/bash + +dn: cn=Clancy Duba+uid=cduba,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cduba +uidNumber: 5428 +gidNumber: 1000 +givenName: Clancy +sn: Duba +cn: Clancy Duba +homeDirectory: /home/cduba +gecos: Clancy Duba +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1MV1libGVoUjBxRUpuZTRTRi8rZ3B5anZQTEU9 +loginShell: /bin/bash + +dn: uid=rcabler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rcabler +uidNumber: 5429 +gidNumber: 1000 +givenName: Rosie +sn: Cabler +cn: Rosie Cabler +homeDirectory: /home/rcabler +gecos: Rosie Cabler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YW5hcmNoeQ== +loginShell: /bin/bash + +dn: cn=Epi Orsten,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eorsten +uidNumber: 5430 +gidNumber: 1000 +givenName: Epi +sn: Orsten +cn: Epi Orsten +homeDirectory: /home/eorsten +gecos: Epi Orsten +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1WdmlJKzFVVnkyNjJyamhTcHpGQmdnPT0= +loginShell: /bin/bash + +dn: uid=nquann,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nquann +uidNumber: 5431 +gidNumber: 1000 +givenName: Narelle +sn: Quann +cn: Narelle Quann +homeDirectory: /home/nquann +gecos: Narelle Quann +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1nek9lNGNycjAwWXJIR3RaK0NMUnVsYytYWlU9 +loginShell: /bin/bash + +dn: cn=Terri Xayavong,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: txayavong +uidNumber: 5432 +gidNumber: 1000 +givenName: Terri +sn: Xayavong +cn: Terri Xayavong +homeDirectory: /home/txayavong +gecos: Terri Xayavong +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVVDT0ZyY29JUUd2Sk0= +loginShell: /bin/bash + +dn: uid=ahandy,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ahandy +uidNumber: 5433 +gidNumber: 1000 +givenName: Ana +sn: Handy +cn: Ana Handy +homeDirectory: /home/ahandy +gecos: Ana Handy +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RUtTVDVJa1NYamJ4WHhBMnVvZUFjRmRrbHRjPQ== +loginShell: /bin/bash + +dn: uid=srees,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: srees +uidNumber: 5434 +gidNumber: 1000 +givenName: Soulik +sn: Rees +cn: Soulik Rees +homeDirectory: /home/srees +gecos: Soulik Rees +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9VE9vT3FpdmFPK2UxY0t3Z2hqeEQramZVNEI1QVNLVDk= +loginShell: /bin/bash + +dn: uid=nkempon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nkempon +uidNumber: 5435 +gidNumber: 1000 +givenName: Nangka +sn: Kempon +cn: Nangka Kempon +homeDirectory: /home/nkempon +gecos: Nangka Kempon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cTFaNURyb1EwR2FiVlFJckQ0dmtDbjd5eFpBPQ== +loginShell: /bin/bash + +dn: uid=fthein,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fthein +uidNumber: 5436 +gidNumber: 1000 +givenName: Fiona +sn: Thein +cn: Fiona Thein +homeDirectory: /home/fthein +gecos: Fiona Thein +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9a25Na2tvZWxsT3FxQTJISVFHK2lMZkVjak0wPQ== +loginShell: /bin/bash + +dn: uid=fnader,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fnader +uidNumber: 5437 +gidNumber: 1000 +givenName: Freda +sn: Nader +cn: Freda Nader +homeDirectory: /home/fnader +gecos: Freda Nader +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cm91dGluZXM= +loginShell: /bin/bash + +dn: cn=Kompasu Gumbs,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kgumbs +uidNumber: 5438 +gidNumber: 1000 +givenName: Kompasu +sn: Gumbs +cn: Kompasu Gumbs +homeDirectory: /home/kgumbs +gecos: Kompasu Gumbs +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1mMGQwbTRlQ3lOTFVibmFNWmF0QnRRPT0= +loginShell: /bin/bash + +dn: uid=kmallach,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kmallach +uidNumber: 5439 +gidNumber: 1000 +givenName: Kamba +sn: Mallach +cn: Kamba Mallach +homeDirectory: /home/kmallach +gecos: Kamba Mallach +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWVxZGxDY2V5WWEwYlU= +loginShell: /bin/bash + +dn: uid=farquette,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: farquette +uidNumber: 5440 +gidNumber: 1000 +givenName: Farrah +sn: Arquette +cn: Farrah Arquette +homeDirectory: /home/farquette +gecos: Farrah Arquette +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTdGd0c2Vi9HdVQ4TmM= +loginShell: /bin/bash + +dn: uid=mground,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mground +uidNumber: 5441 +gidNumber: 1000 +givenName: Marco +sn: Ground +cn: Marco Ground +homeDirectory: /home/mground +gecos: Marco Ground +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX11RDZTVXhpWEJ0YnpNWWN3cU9yRjRnPT0= +loginShell: /bin/bash + +dn: uid=askimehorn,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: askimehorn +uidNumber: 5442 +gidNumber: 1000 +givenName: Ami +sn: Skimehorn +cn: Ami Skimehorn +homeDirectory: /home/askimehorn +gecos: Ami Skimehorn +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1SWUxOQXU2ZjJid3NsUGdDVjEvUnJVTHlSYUE9 +loginShell: /bin/bash + +dn: uid=ibyles,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ibyles +uidNumber: 5443 +gidNumber: 1000 +givenName: Irma +sn: Byles +cn: Irma Byles +homeDirectory: /home/ibyles +gecos: Irma Byles +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9am9TQ2Z2Njkyc2p1dzBVTFVBaFZheWZTVTRvPQ== +loginShell: /bin/bash + +dn: uid=bouten,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bouten +uidNumber: 5444 +gidNumber: 1000 +givenName: Bart +sn: Outen +cn: Bart Outen +homeDirectory: /home/bouten +gecos: Bart Outen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9blpYelVaM3lZSnpPdDBPUkR3bVVJbnQ1WmtrPQ== +loginShell: /bin/bash + +dn: uid=nbugtong,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nbugtong +uidNumber: 5445 +gidNumber: 1000 +givenName: Nock-ten +sn: Bugtong +cn: Nock-ten Bugtong +homeDirectory: /home/nbugtong +gecos: Nock-ten Bugtong +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aGVscGluZydz +loginShell: /bin/bash + +dn: uid=mhollings,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mhollings +uidNumber: 5446 +gidNumber: 1000 +givenName: Matsa +sn: Hollings +cn: Matsa Hollings +homeDirectory: /home/mhollings +gecos: Matsa Hollings +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX10MUlONXovRG82SkpPWDA0WjYzMUxBPT0= +loginShell: /bin/bash + +dn: uid=charriman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: charriman +uidNumber: 5447 +gidNumber: 1000 +givenName: Carol +sn: Harriman +cn: Carol Harriman +homeDirectory: /home/charriman +gecos: Carol Harriman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX00REk1c240MHBmZnp2ZWM1UlozVk53PT0= +loginShell: /bin/bash + +dn: cn=Terry Chemin+uid=tchemin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tchemin +uidNumber: 5448 +gidNumber: 1000 +givenName: Terry +sn: Chemin +cn: Terry Chemin +homeDirectory: /home/tchemin +gecos: Terry Chemin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1PTnFteWJCUDQ1VzFVS2pGQkN6akUrRnJGYTA9 +loginShell: /bin/bash + +dn: cn=Bertie Luellen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bluellen +uidNumber: 5449 +gidNumber: 1000 +givenName: Bertie +sn: Luellen +cn: Bertie Luellen +homeDirectory: /home/bluellen +gecos: Bertie Luellen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVAyb0xrSFcxQU43QS4= +loginShell: /bin/bash + +dn: uid=mgolder,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mgolder +uidNumber: 5450 +gidNumber: 1000 +givenName: Mitchell +sn: Golder +cn: Mitchell Golder +homeDirectory: /home/mgolder +gecos: Mitchell Golder +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aW5oZXJpdGluZw== +loginShell: /bin/bash + +dn: uid=ihernan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ihernan +uidNumber: 5451 +gidNumber: 1000 +givenName: Ida +sn: Hernan +cn: Ida Hernan +homeDirectory: /home/ihernan +gecos: Ida Hernan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9bU94aVlzOHM1dlphcHZPYXpwYld4U1BBei8rOFhoelk= +loginShell: /bin/bash + +dn: cn=Cilla Galer+uid=cgaler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cgaler +uidNumber: 5452 +gidNumber: 1000 +givenName: Cilla +sn: Galer +cn: Cilla Galer +homeDirectory: /home/cgaler +gecos: Cilla Galer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9VWhmcDhaZEIxU2RNRDJuWTJBVnFSVUVqWE16MnJCM3Y= +loginShell: /bin/bash + +dn: cn=Philippe Durando+uid=pdurando,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pdurando +uidNumber: 5453 +gidNumber: 1000 +givenName: Philippe +sn: Durando +cn: Philippe Durando +homeDirectory: /home/pdurando +gecos: Philippe Durando +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9NWhGSEtyTGs1YkMxYk5LNmZxc250THgyYllzPQ== +loginShell: /bin/bash + +dn: cn=Xanda Horvitz,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: xhorvitz +uidNumber: 5454 +gidNumber: 1000 +givenName: Xanda +sn: Horvitz +cn: Xanda Horvitz +homeDirectory: /home/xhorvitz +gecos: Xanda Horvitz +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3dhcm0ncw== +loginShell: /bin/bash + +dn: uid=mcashett,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mcashett +uidNumber: 5455 +gidNumber: 1000 +givenName: Meena +sn: Cashett +cn: Meena Cashett +homeDirectory: /home/mcashett +gecos: Meena Cashett +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX14T2M2dzJlbGpEZ1hsZXlTODljZzBObkRqaWM9 +loginShell: /bin/bash + +dn: uid=hlynema,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hlynema +uidNumber: 5456 +gidNumber: 1000 +givenName: Hortense +sn: Lynema +cn: Hortense Lynema +homeDirectory: /home/hlynema +gecos: Hortense Lynema +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWh3cEgzbzNjUlZuWDY= +loginShell: /bin/bash + +dn: uid=guresti,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: guresti +uidNumber: 5457 +gidNumber: 1000 +givenName: Georges +sn: Uresti +cn: Georges Uresti +homeDirectory: /home/guresti +gecos: Georges Uresti +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1sdGJONjVrNmZ3TS9JanBiNkZtS2RRPT0= +loginShell: /bin/bash + +dn: uid=ikacher,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ikacher +uidNumber: 5458 +gidNumber: 1000 +givenName: Ivy +sn: Kacher +cn: Ivy Kacher +homeDirectory: /home/ikacher +gecos: Ivy Kacher +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9MHlZSjBQeGFYWk9JUmQxVXBCS1E0VXFKUnc0PQ== +loginShell: /bin/bash + +dn: cn=Hattie Boyette+uid=hboyette,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hboyette +uidNumber: 5459 +gidNumber: 1000 +givenName: Hattie +sn: Boyette +cn: Hattie Boyette +homeDirectory: /home/hboyette +gecos: Hattie Boyette +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZnVybG91Z2hlZA== +loginShell: /bin/bash + +dn: uid=chuxman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: chuxman +uidNumber: 5460 +gidNumber: 1000 +givenName: Carlotta +sn: Huxman +cn: Carlotta Huxman +homeDirectory: /home/chuxman +gecos: Carlotta Huxman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1HYk9MVEY0bzl5LzVJeEUyc3k4OVR3PT0= +loginShell: /bin/bash + +dn: cn=Harvey Vannette,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hvannette +uidNumber: 5461 +gidNumber: 1000 +givenName: Harvey +sn: Vannette +cn: Harvey Vannette +homeDirectory: /home/hvannette +gecos: Harvey Vannette +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVZuSDVWejdGeG5tVGc= +loginShell: /bin/bash + +dn: cn=Polly Dech+uid=pdech,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pdech +uidNumber: 5462 +gidNumber: 1000 +givenName: Polly +sn: Dech +cn: Polly Dech +homeDirectory: /home/pdech +gecos: Polly Dech +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ZWQvT2FqSm52MGJiazhNQW9nbGtxQnFDS3NOWUJjS3o= +loginShell: /bin/bash + +dn: uid=mbodley,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mbodley +uidNumber: 5463 +gidNumber: 1000 +givenName: Marcia +sn: Bodley +cn: Marcia Bodley +homeDirectory: /home/mbodley +gecos: Marcia Bodley +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1UdVBXTUNWL0RJQVNicDhUbU9JUmZnPT0= +loginShell: /bin/bash + +dn: uid=smullowney,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: smullowney +uidNumber: 5464 +gidNumber: 1000 +givenName: Shyra +sn: Mullowney +cn: Shyra Mullowney +homeDirectory: /home/smullowney +gecos: Shyra Mullowney +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXFKYjllU3JaUy5sbHM= +loginShell: /bin/bash + +dn: uid=ipeick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ipeick +uidNumber: 5465 +gidNumber: 1000 +givenName: Ida +sn: Peick +cn: Ida Peick +homeDirectory: /home/ipeick +gecos: Ida Peick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTFQNlA3M1Z6c1dRZXc= +loginShell: /bin/bash + +dn: uid=bkoopmann,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bkoopmann +uidNumber: 5466 +gidNumber: 1000 +givenName: Bart +sn: Koopmann +cn: Bart Koopmann +homeDirectory: /home/bkoopmann +gecos: Bart Koopmann +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTVIUGVxcXRySy8yc0k= +loginShell: /bin/bash + +dn: uid=mfeil,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mfeil +uidNumber: 5467 +gidNumber: 1000 +givenName: Matt +sn: Feil +cn: Matt Feil +homeDirectory: /home/mfeil +gecos: Matt Feil +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXNNNTMzNTA2SDNvTms= +loginShell: /bin/bash + +dn: uid=jkressin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jkressin +uidNumber: 5468 +gidNumber: 1000 +givenName: Juliette +sn: Kressin +cn: Juliette Kressin +homeDirectory: /home/jkressin +gecos: Juliette Kressin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVBVejBYcGlFeW9sQ0E= +loginShell: /bin/bash + +dn: uid=nbuford,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nbuford +uidNumber: 5469 +gidNumber: 1000 +givenName: Norman +sn: Buford +cn: Norman Buford +homeDirectory: /home/nbuford +gecos: Norman Buford +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUZuM2swdkpySUhQNHc= +loginShell: /bin/bash + +dn: uid=ucarlino,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ucarlino +uidNumber: 5470 +gidNumber: 1000 +givenName: Ursula +sn: Carlino +cn: Ursula Carlino +homeDirectory: /home/ucarlino +gecos: Ursula Carlino +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c2FsdHk= +loginShell: /bin/bash + +dn: uid=wbrettschneide,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wbrettschneide +uidNumber: 5471 +gidNumber: 1000 +givenName: Wati +sn: Brettschneide +cn: Wati Brettschneide +homeDirectory: /home/wbrettschneide +gecos: Wati Brettschneide +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVJJWWdNY3ZESm9PLkE= +loginShell: /bin/bash + +dn: uid=skuang,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: skuang +uidNumber: 5472 +gidNumber: 1000 +givenName: Sama +sn: Kuang +cn: Sama Kuang +homeDirectory: /home/skuang +gecos: Sama Kuang +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YnJpZGFs +loginShell: /bin/bash + +dn: uid=gvollrath,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gvollrath +uidNumber: 5473 +gidNumber: 1000 +givenName: Guduza +sn: Vollrath +cn: Guduza Vollrath +homeDirectory: /home/gvollrath +gecos: Guduza Vollrath +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9TEdVNHU0WU5WT3J6UUVwOHE0Y1l1MWRSUmQydG9ycWw= +loginShell: /bin/bash + +dn: uid=rlosinger,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rlosinger +uidNumber: 5474 +gidNumber: 1000 +givenName: Rafael +sn: Losinger +cn: Rafael Losinger +homeDirectory: /home/rlosinger +gecos: Rafael Losinger +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9YlBRQjZkZjkzbGhqYzlubjMrM1pqU21YUHZvPQ== +loginShell: /bin/bash + +dn: uid=hloftis,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hloftis +uidNumber: 5475 +gidNumber: 1000 +givenName: Haiyan +sn: Loftis +cn: Haiyan Loftis +homeDirectory: /home/hloftis +gecos: Haiyan Loftis +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9MXV5ZGJWQ0dISm1YbWl4NnU0NXF6Y05EUGNrNWVSa1M= +loginShell: /bin/bash + +dn: uid=sbemo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sbemo +uidNumber: 5476 +gidNumber: 1000 +givenName: Sheryl +sn: Bemo +cn: Sheryl Bemo +homeDirectory: /home/sbemo +gecos: Sheryl Bemo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9d0JJUTNseHg1OEpST3BRTUpBTmlwVUUvMG5NaldncXA= +loginShell: /bin/bash + +dn: uid=isudweeks,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: isudweeks +uidNumber: 5477 +gidNumber: 1000 +givenName: Iselle +sn: Sudweeks +cn: Iselle Sudweeks +homeDirectory: /home/isudweeks +gecos: Iselle Sudweeks +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y2FwYWJsZXN0 +loginShell: /bin/bash + +dn: uid=nfunchess,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nfunchess +uidNumber: 5478 +gidNumber: 1000 +givenName: Nungu +sn: Funchess +cn: Nungu Funchess +homeDirectory: /home/nfunchess +gecos: Nungu Funchess +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTBlRkhadXJwVlJraS4= +loginShell: /bin/bash + +dn: uid=hpolk,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hpolk +uidNumber: 5479 +gidNumber: 1000 +givenName: Howard +sn: Polk +cn: Howard Polk +homeDirectory: /home/hpolk +gecos: Howard Polk +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1rdWo5bUxqd3dQSGNBbHJoa09ZMHZHbXlqWUE9 +loginShell: /bin/bash + +dn: cn=Kanmuri Gillim+uid=kgillim,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kgillim +uidNumber: 5480 +gidNumber: 1000 +givenName: Kanmuri +sn: Gillim +cn: Kanmuri Gillim +homeDirectory: /home/kgillim +gecos: Kanmuri Gillim +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1TNUZTTnBzM3ZFSEVlTXY5UVR1VTBnPT0= +loginShell: /bin/bash + +dn: uid=wschmeisser,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wschmeisser +uidNumber: 5481 +gidNumber: 1000 +givenName: Washi +sn: Schmeisser +cn: Washi Schmeisser +homeDirectory: /home/wschmeisser +gecos: Washi Schmeisser +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0rK1FBdUh1andIMW5CZGVRVHlmQ2pUYXRUUDg9 +loginShell: /bin/bash + +dn: cn=Ruby Mcstay,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rmcstay +uidNumber: 5482 +gidNumber: 1000 +givenName: Ruby +sn: Mcstay +cn: Ruby Mcstay +homeDirectory: /home/rmcstay +gecos: Ruby Mcstay +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1IYzVuODBxVTFJYzBPWC8rcHVmSlErTDUrWFU9 +loginShell: /bin/bash + +dn: uid=ueriks,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ueriks +uidNumber: 5483 +gidNumber: 1000 +givenName: Ulia +sn: Eriks +cn: Ulia Eriks +homeDirectory: /home/ueriks +gecos: Ulia Eriks +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9QVJRWHd5a3RaZ2ROTXBaL2xQRUtDaStNWVcyQlJabXM= +loginShell: /bin/bash + +dn: uid=jmcgartland,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jmcgartland +uidNumber: 5484 +gidNumber: 1000 +givenName: Jokwe +sn: Mcgartland +cn: Jokwe Mcgartland +homeDirectory: /home/jmcgartland +gecos: Jokwe Mcgartland +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1PcmVhQ1ZJS3c5VUdsbDg5QXFOSXFHSDNKY1U9 +loginShell: /bin/bash + +dn: uid=ofugere,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ofugere +uidNumber: 5485 +gidNumber: 1000 +givenName: Omar +sn: Fugere +cn: Omar Fugere +homeDirectory: /home/ofugere +gecos: Omar Fugere +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YmV3aXRjaGVk +loginShell: /bin/bash + +dn: cn=Opal Crabbs+uid=ocrabbs,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ocrabbs +uidNumber: 5486 +gidNumber: 1000 +givenName: Opal +sn: Crabbs +cn: Opal Crabbs +homeDirectory: /home/ocrabbs +gecos: Opal Crabbs +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aHlwaW5n +loginShell: /bin/bash + +dn: cn=Warwick Steinkuehler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wsteinkuehler +uidNumber: 5487 +gidNumber: 1000 +givenName: Warwick +sn: Steinkuehler +cn: Warwick Steinkuehler +homeDirectory: /home/wsteinkuehler +gecos: Warwick Steinkuehler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9eHBhQ2ZkOVdoYUxIQXQyUEFaOUFLdUxtZjNZYXdLd3Y= +loginShell: /bin/bash + +dn: uid=pdossous,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pdossous +uidNumber: 5488 +gidNumber: 1000 +givenName: Peter +sn: Dossous +cn: Peter Dossous +homeDirectory: /home/pdossous +gecos: Peter Dossous +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9cHljZVZjVzY5aW82YmZ3WFpvdnBLWVZJNHZzdGJ0SDc= +loginShell: /bin/bash + +dn: uid=psherfy,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: psherfy +uidNumber: 5489 +gidNumber: 1000 +givenName: Paula +sn: Sherfy +cn: Paula Sherfy +homeDirectory: /home/psherfy +gecos: Paula Sherfy +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWFLR3hZOGlHeUZpLkE= +loginShell: /bin/bash + +dn: uid=dliehr,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dliehr +uidNumber: 5490 +gidNumber: 1000 +givenName: Denise +sn: Liehr +cn: Denise Liehr +homeDirectory: /home/dliehr +gecos: Denise Liehr +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: b21pdHRpbmc= +loginShell: /bin/bash + +dn: uid=thynson,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: thynson +uidNumber: 5491 +gidNumber: 1000 +givenName: Tammy +sn: Hynson +cn: Tammy Hynson +homeDirectory: /home/thynson +gecos: Tammy Hynson +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWxoMjlRZ3FsaGpoVkk= +loginShell: /bin/bash + +dn: cn=Philippe Malachi,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pmalachi +uidNumber: 5492 +gidNumber: 1000 +givenName: Philippe +sn: Malachi +cn: Philippe Malachi +homeDirectory: /home/pmalachi +gecos: Philippe Malachi +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9eUNzcWs4bDRQdFVaWXdlNWVPUWpGcUhHU0x4T3JSZkg= +loginShell: /bin/bash + +dn: uid=cmellberg,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cmellberg +uidNumber: 5493 +gidNumber: 1000 +givenName: Colin +sn: Mellberg +cn: Colin Mellberg +homeDirectory: /home/cmellberg +gecos: Colin Mellberg +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1wb1l4S1d5djFHNndHM05TVU41eG5BPT0= +loginShell: /bin/bash + +dn: cn=Audrey Sundholm,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: asundholm +uidNumber: 5494 +gidNumber: 1000 +givenName: Audrey +sn: Sundholm +cn: Audrey Sundholm +homeDirectory: /home/asundholm +gecos: Audrey Sundholm +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ZGZJZUpUNXhqSDJCbk44WmRNRExWQXRzUHBvPQ== +loginShell: /bin/bash + +dn: uid=mheilbrun,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mheilbrun +uidNumber: 5495 +gidNumber: 1000 +givenName: Mindy +sn: Heilbrun +cn: Mindy Heilbrun +homeDirectory: /home/mheilbrun +gecos: Mindy Heilbrun +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0yWXVPUjVoQTlVT1grdTBTZXF3UGpyUEtWek09 +loginShell: /bin/bash + +dn: cn=Clare Paree+uid=cparee,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cparee +uidNumber: 5496 +gidNumber: 1000 +givenName: Clare +sn: Paree +cn: Clare Paree +homeDirectory: /home/cparee +gecos: Clare Paree +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1tS2N1S3huUXM4eGp5U3BKTGUxZ3N3PT0= +loginShell: /bin/bash + +dn: cn=Merbok Merriwether+uid=mmerriwether,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mmerriwether +uidNumber: 5497 +gidNumber: 1000 +givenName: Merbok +sn: Merriwether +cn: Merbok Merriwether +homeDirectory: /home/mmerriwether +gecos: Merbok Merriwether +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1WNlJHSHQyT3hyYU1MWWFNWFl3ZG1nPT0= +loginShell: /bin/bash + +dn: uid=pheathcock,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pheathcock +uidNumber: 5498 +gidNumber: 1000 +givenName: Pindile +sn: Heathcock +cn: Pindile Heathcock +homeDirectory: /home/pheathcock +gecos: Pindile Heathcock +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUtlT3NkNEdFcUxpc1k= +loginShell: /bin/bash + +dn: uid=kschlicker,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kschlicker +uidNumber: 5499 +gidNumber: 1000 +givenName: Koppu +sn: Schlicker +cn: Koppu Schlicker +homeDirectory: /home/kschlicker +gecos: Koppu Schlicker +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXViTFZoVk5jaWxOZS4= +loginShell: /bin/bash + +dn: uid=bdurkins,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bdurkins +uidNumber: 5500 +gidNumber: 1000 +givenName: Becky +sn: Durkins +cn: Becky Durkins +homeDirectory: /home/bdurkins +gecos: Becky Durkins +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1obVpUM0t2OWdFRks3Z3N2a3Q4aUl0a3o0UHc9 +loginShell: /bin/bash + +dn: uid=cdarensbourg,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cdarensbourg +uidNumber: 5501 +gidNumber: 1000 +givenName: Carol +sn: Darensbourg +cn: Carol Darensbourg +homeDirectory: /home/cdarensbourg +gecos: Carol Darensbourg +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1LTVNVMm9mL21aYVpKNncwdWpDdHZnPT0= +loginShell: /bin/bash + +dn: cn=Kyle Seisler+uid=kseisler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kseisler +uidNumber: 5502 +gidNumber: 1000 +givenName: Kyle +sn: Seisler +cn: Kyle Seisler +homeDirectory: /home/kseisler +gecos: Kyle Seisler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YnJlYXRoZXI= +loginShell: /bin/bash + +dn: cn=Priscilla Vlcek+uid=pvlcek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pvlcek +uidNumber: 5503 +gidNumber: 1000 +givenName: Priscilla +sn: Vlcek +cn: Priscilla Vlcek +homeDirectory: /home/pvlcek +gecos: Priscilla Vlcek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9eHdPNE1EaVZtZXI5WVlRTUgvT245aUthYjg4PQ== +loginShell: /bin/bash + +dn: uid=emcquiddy,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: emcquiddy +uidNumber: 5504 +gidNumber: 1000 +givenName: Elnus +sn: Mcquiddy +cn: Elnus Mcquiddy +homeDirectory: /home/emcquiddy +gecos: Elnus Mcquiddy +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTYudC5QOWJ6TjU3eU0= +loginShell: /bin/bash + +dn: cn=Elisa Nicoles+uid=enicoles,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: enicoles +uidNumber: 5505 +gidNumber: 1000 +givenName: Elisa +sn: Nicoles +cn: Elisa Nicoles +homeDirectory: /home/enicoles +gecos: Elisa Nicoles +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9MllPS3ZLL3drcy9RSXY2TlpUazV3bFZuM0lFPQ== +loginShell: /bin/bash + +dn: uid=wknipe,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wknipe +uidNumber: 5506 +gidNumber: 1000 +givenName: Wila +sn: Knipe +cn: Wila Knipe +homeDirectory: /home/wknipe +gecos: Wila Knipe +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9aFdlVGx2VmhxaHRSWWpqdlpleVlpMURqNFZZa1cySm8= +loginShell: /bin/bash + +dn: cn=Howard Abby+uid=habby,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: habby +uidNumber: 5507 +gidNumber: 1000 +givenName: Howard +sn: Abby +cn: Howard Abby +homeDirectory: /home/habby +gecos: Howard Abby +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1GeHc5dHhleEorZ1FhUlNWUWZRaHpRPT0= +loginShell: /bin/bash + +dn: uid=mruppel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mruppel +uidNumber: 5508 +gidNumber: 1000 +givenName: Melanie +sn: Ruppel +cn: Melanie Ruppel +homeDirectory: /home/mruppel +gecos: Melanie Ruppel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: dW5jb3ZlcmVk +loginShell: /bin/bash + +dn: uid=rnordby,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rnordby +uidNumber: 5509 +gidNumber: 1000 +givenName: Rebekah +sn: Nordby +cn: Rebekah Nordby +homeDirectory: /home/rnordby +gecos: Rebekah Nordby +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9OTErZFBDdDgralQ2ZXFDVHFmQVI3TUtjVXZmNXlJOXU= +loginShell: /bin/bash + +dn: cn=Yutu Even,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: yeven +uidNumber: 5510 +gidNumber: 1000 +givenName: Yutu +sn: Even +cn: Yutu Even +homeDirectory: /home/yeven +gecos: Yutu Even +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Yi9oN0xnck5SUmtKRk9jM3h6TGlRTm1ydjUvT1RUR24= +loginShell: /bin/bash + +dn: uid=ctuzzo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ctuzzo +uidNumber: 5511 +gidNumber: 1000 +givenName: Cristina +sn: Tuzzo +cn: Cristina Tuzzo +homeDirectory: /home/ctuzzo +gecos: Cristina Tuzzo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3RvcmluZw== +loginShell: /bin/bash + +dn: uid=hschlesser,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hschlesser +uidNumber: 5512 +gidNumber: 1000 +givenName: Hamish +sn: Schlesser +cn: Hamish Schlesser +homeDirectory: /home/hschlesser +gecos: Hamish Schlesser +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y2FsbG91cw== +loginShell: /bin/bash + +dn: uid=wcagney,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wcagney +uidNumber: 5513 +gidNumber: 1000 +givenName: Wila +sn: Cagney +cn: Wila Cagney +homeDirectory: /home/wcagney +gecos: Wila Cagney +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZXhoaWJpdG9y +loginShell: /bin/bash + +dn: cn=Hubert Dula+uid=hdula,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hdula +uidNumber: 5514 +gidNumber: 1000 +givenName: Hubert +sn: Dula +cn: Hubert Dula +homeDirectory: /home/hdula +gecos: Hubert Dula +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1JY0JBUGJvZHZoalZMMm9rbGRGNDdCQURPcU09 +loginShell: /bin/bash + +dn: cn=Teresa Donathan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tdonathan +uidNumber: 5515 +gidNumber: 1000 +givenName: Teresa +sn: Donathan +cn: Teresa Donathan +homeDirectory: /home/tdonathan +gecos: Teresa Donathan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9QXB6NE1nS0RqODRFcGw0WkZGeDBvckR1cFhhWW95MUE= +loginShell: /bin/bash + +dn: uid=gcobane,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gcobane +uidNumber: 5516 +gidNumber: 1000 +givenName: Gloria +sn: Cobane +cn: Gloria Cobane +homeDirectory: /home/gcobane +gecos: Gloria Cobane +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1UZDV2dGNVL2lMRm1lb1l0OWRwYitBPT0= +loginShell: /bin/bash + +dn: uid=rborjas,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rborjas +uidNumber: 5517 +gidNumber: 1000 +givenName: Rananin +sn: Borjas +cn: Rananin Borjas +homeDirectory: /home/rborjas +gecos: Rananin Borjas +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9eklMT0hyR2VDNFB2dEQvZGlQZ3huWDd3ekpvPQ== +loginShell: /bin/bash + +dn: uid=nnickel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nnickel +uidNumber: 5518 +gidNumber: 1000 +givenName: Neville +sn: Nickel +cn: Neville Nickel +homeDirectory: /home/nnickel +gecos: Neville Nickel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aW1wb3ZlcmlzaGVz +loginShell: /bin/bash + +dn: uid=hmateer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hmateer +uidNumber: 5519 +gidNumber: 1000 +givenName: Helene +sn: Mateer +cn: Helene Mateer +homeDirectory: /home/hmateer +gecos: Helene Mateer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXZLYnRNOW1qNTJSVEU= +loginShell: /bin/bash + +dn: uid=smccastle,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: smccastle +uidNumber: 5520 +gidNumber: 1000 +givenName: Seymour +sn: Mccastle +cn: Seymour Mccastle +homeDirectory: /home/smccastle +gecos: Seymour Mccastle +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ZnpiNDFvd3RIV3g5VjBmdXVkTjZ5d0hKUXRzPQ== +loginShell: /bin/bash + +dn: uid=ebeachem,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ebeachem +uidNumber: 5521 +gidNumber: 1000 +givenName: Erika +sn: Beachem +cn: Erika Beachem +homeDirectory: /home/ebeachem +gecos: Erika Beachem +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c2Vuc3VvdXM= +loginShell: /bin/bash + +dn: uid=rramirez,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rramirez +uidNumber: 5522 +gidNumber: 1000 +givenName: Richard +sn: Ramirez +cn: Richard Ramirez +homeDirectory: /home/rramirez +gecos: Richard Ramirez +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXA5QU9lMC5HRzM2djY= +loginShell: /bin/bash + +dn: uid=hbrehmer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hbrehmer +uidNumber: 5523 +gidNumber: 1000 +givenName: Humberto +sn: Brehmer +cn: Humberto Brehmer +homeDirectory: /home/hbrehmer +gecos: Humberto Brehmer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9M3pmay9hc25oL2xHSE14eXRvYTlIYmlzcDJVPQ== +loginShell: /bin/bash + +dn: uid=eshanon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eshanon +uidNumber: 5524 +gidNumber: 1000 +givenName: Earl +sn: Shanon +cn: Earl Shanon +homeDirectory: /home/eshanon +gecos: Earl Shanon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfU45NTRmdjdJakpCYkU= +loginShell: /bin/bash + +dn: uid=brepka,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: brepka +uidNumber: 5525 +gidNumber: 1000 +givenName: Barry +sn: Repka +cn: Barry Repka +homeDirectory: /home/brepka +gecos: Barry Repka +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWZKZ2hiU3ZRNTJldVU= +loginShell: /bin/bash + +dn: cn=Hattie Hamburg+uid=hhamburg,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hhamburg +uidNumber: 5526 +gidNumber: 1000 +givenName: Hattie +sn: Hamburg +cn: Hattie Hamburg +homeDirectory: /home/hhamburg +gecos: Hattie Hamburg +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9OEdNckcxdjE1VlV6dVNEbVRXMzNPZDVWYWx3PQ== +loginShell: /bin/bash + +dn: uid=fhovermale,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fhovermale +uidNumber: 5527 +gidNumber: 1000 +givenName: Fili +sn: Hovermale +cn: Fili Hovermale +homeDirectory: /home/fhovermale +gecos: Fili Hovermale +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1Fbk9MYWJHZmV6cy9FT2pneUVCQkd3PT0= +loginShell: /bin/bash + +dn: uid=hseidt,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hseidt +uidNumber: 5528 +gidNumber: 1000 +givenName: Hilda +sn: Seidt +cn: Hilda Seidt +homeDirectory: /home/hseidt +gecos: Hilda Seidt +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9SUdFOGZsNjNwa0NxSngySFhFNldTdXlPaCtjPQ== +loginShell: /bin/bash + +dn: uid=skanjirathinga,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: skanjirathinga +uidNumber: 5529 +gidNumber: 1000 +givenName: Sandy +sn: Kanjirathinga +cn: Sandy Kanjirathinga +homeDirectory: /home/skanjirathinga +gecos: Sandy Kanjirathinga +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YW1vaydz +loginShell: /bin/bash + +dn: uid=kmcardle,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kmcardle +uidNumber: 5530 +gidNumber: 1000 +givenName: Kularb +sn: Mcardle +cn: Kularb Mcardle +homeDirectory: /home/kmcardle +gecos: Kularb Mcardle +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1Ua2U0VXJlM3U3VkVQbFJwN2xCb2Y1dTliVWM9 +loginShell: /bin/bash + +dn: cn=Xina Lantey+uid=xlantey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: xlantey +uidNumber: 5531 +gidNumber: 1000 +givenName: Xina +sn: Lantey +cn: Xina Lantey +homeDirectory: /home/xlantey +gecos: Xina Lantey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1KRkhZSHBtV3pPeWZORFIvNkRQdnl3PT0= +loginShell: /bin/bash + +dn: uid=ikrise,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ikrise +uidNumber: 5532 +gidNumber: 1000 +givenName: Ila +sn: Krise +cn: Ila Krise +homeDirectory: /home/ikrise +gecos: Ila Krise +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXEvZzhHb0R1ZDMyN3M= +loginShell: /bin/bash + +dn: uid=gguardia,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gguardia +uidNumber: 5533 +gidNumber: 1000 +givenName: Guba +sn: Guardia +cn: Guba Guardia +homeDirectory: /home/gguardia +gecos: Guba Guardia +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YWx0ZXJuYXRl +loginShell: /bin/bash + +dn: uid=mfritsche,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mfritsche +uidNumber: 5534 +gidNumber: 1000 +givenName: Malia +sn: Fritsche +cn: Malia Fritsche +homeDirectory: /home/mfritsche +gecos: Malia Fritsche +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0xckVrYkpuWk5NVkl6enJ3em4yZlhYcCsrRFU9 +loginShell: /bin/bash + +dn: cn=Vincent Pridgeon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vpridgeon +uidNumber: 5535 +gidNumber: 1000 +givenName: Vincent +sn: Pridgeon +cn: Vincent Pridgeon +homeDirectory: /home/vpridgeon +gecos: Vincent Pridgeon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVFYSDBoNTEvVFNBUnM= +loginShell: /bin/bash + +dn: uid=adurol,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: adurol +uidNumber: 5536 +gidNumber: 1000 +givenName: Ariel +sn: Durol +cn: Ariel Durol +homeDirectory: /home/adurol +gecos: Ariel Durol +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWJEaXh5d1VwdmgxM00= +loginShell: /bin/bash + +dn: cn=Yutu Duft+uid=yduft,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: yduft +uidNumber: 5537 +gidNumber: 1000 +givenName: Yutu +sn: Duft +cn: Yutu Duft +homeDirectory: /home/yduft +gecos: Yutu Duft +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWZxN1BOWkw1L0kxVEE= +loginShell: /bin/bash + +dn: cn=Gretel Piatt,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gpiatt +uidNumber: 5538 +gidNumber: 1000 +givenName: Gretel +sn: Piatt +cn: Gretel Piatt +homeDirectory: /home/gpiatt +gecos: Gretel Piatt +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX16SXhpaDUwMDBXWjRmc0IwNlk5enFBPT0= +loginShell: /bin/bash + +dn: uid=ngrowney,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ngrowney +uidNumber: 5539 +gidNumber: 1000 +givenName: Nele +sn: Growney +cn: Nele Growney +homeDirectory: /home/ngrowney +gecos: Nele Growney +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVBQLy5iUWJlcGlUMW8= +loginShell: /bin/bash + +dn: uid=ibreitbart,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ibreitbart +uidNumber: 5540 +gidNumber: 1000 +givenName: Ike +sn: Breitbart +cn: Ike Breitbart +homeDirectory: /home/ibreitbart +gecos: Ike Breitbart +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Zm9LT2VzbGliRW9JTFZRT0F4OVdGUXVhSE1QQTh5R0Q= +loginShell: /bin/bash + +dn: uid=uoblinski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: uoblinski +uidNumber: 5541 +gidNumber: 1000 +givenName: Usha +sn: Oblinski +cn: Usha Oblinski +homeDirectory: /home/uoblinski +gecos: Usha Oblinski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cGVkZXN0cmlhbg== +loginShell: /bin/bash + +dn: cn=Elnus Flury,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eflury +uidNumber: 5542 +gidNumber: 1000 +givenName: Elnus +sn: Flury +cn: Elnus Flury +homeDirectory: /home/eflury +gecos: Elnus Flury +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ODRoMnUzWCswclRYYmVCelNMZXNvMlFTMTZNPQ== +loginShell: /bin/bash + +dn: uid=brodgerson,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: brodgerson +uidNumber: 5543 +gidNumber: 1000 +givenName: Billy +sn: Rodgerson +cn: Billy Rodgerson +homeDirectory: /home/brodgerson +gecos: Billy Rodgerson +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZW1pbmVuY2Uncw== +loginShell: /bin/bash + +dn: uid=wboylston,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wboylston +uidNumber: 5544 +gidNumber: 1000 +givenName: Warwick +sn: Boylston +cn: Warwick Boylston +homeDirectory: /home/wboylston +gecos: Warwick Boylston +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3BhY2VzaGlw +loginShell: /bin/bash + +dn: cn=Hamish Lemon+uid=hlemon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hlemon +uidNumber: 5545 +gidNumber: 1000 +givenName: Hamish +sn: Lemon +cn: Hamish Lemon +homeDirectory: /home/hlemon +gecos: Hamish Lemon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c2xvdmVubGllcg== +loginShell: /bin/bash + +dn: cn=Boloetse Eon+uid=beon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: beon +uidNumber: 5546 +gidNumber: 1000 +givenName: Boloetse +sn: Eon +cn: Boloetse Eon +homeDirectory: /home/beon +gecos: Boloetse Eon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YmFkZ2VyaW5n +loginShell: /bin/bash + +dn: uid=emcindoe,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: emcindoe +uidNumber: 5547 +gidNumber: 1000 +givenName: Elena +sn: Mcindoe +cn: Elena Mcindoe +homeDirectory: /home/emcindoe +gecos: Elena Mcindoe +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9NC9jV2Z4ajVzRTNkUlRlSGJ3TTRxMExrVWEwPQ== +loginShell: /bin/bash + +dn: cn=Podul Pedraja,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ppedraja +uidNumber: 5548 +gidNumber: 1000 +givenName: Podul +sn: Pedraja +cn: Podul Pedraja +homeDirectory: /home/ppedraja +gecos: Podul Pedraja +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YWN1cHVuY3R1cmUncw== +loginShell: /bin/bash + +dn: uid=mzoulek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mzoulek +uidNumber: 5549 +gidNumber: 1000 +givenName: Mona +sn: Zoulek +cn: Mona Zoulek +homeDirectory: /home/mzoulek +gecos: Mona Zoulek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: dmVydGljYWxseQ== +loginShell: /bin/bash + +dn: uid=clapenta,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: clapenta +uidNumber: 5550 +gidNumber: 1000 +givenName: Cliff +sn: Lapenta +cn: Cliff Lapenta +homeDirectory: /home/clapenta +gecos: Cliff Lapenta +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX00bkZBMGp4K05hK3V6bnVEMWcvR093PT0= +loginShell: /bin/bash + +dn: uid=ienglert,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ienglert +uidNumber: 5551 +gidNumber: 1000 +givenName: Indlala +sn: Englert +cn: Indlala Englert +homeDirectory: /home/ienglert +gecos: Indlala Englert +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1KN3M4Z3pzYkc4MVY1Q2RtQVlXNWd5Zk5GbXc9 +loginShell: /bin/bash + +dn: uid=kgremminger,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kgremminger +uidNumber: 5552 +gidNumber: 1000 +givenName: Karina +sn: Gremminger +cn: Karina Gremminger +homeDirectory: /home/kgremminger +gecos: Karina Gremminger +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZnJlc2htZW4= +loginShell: /bin/bash + +dn: cn=Alika Esbensen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: aesbensen +uidNumber: 5553 +gidNumber: 1000 +givenName: Alika +sn: Esbensen +cn: Alika Esbensen +homeDirectory: /home/aesbensen +gecos: Alika Esbensen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1KVEZZLzdBemk4c2V2T1J1MlFtZjlBPT0= +loginShell: /bin/bash + +dn: uid=sschoeman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sschoeman +uidNumber: 5554 +gidNumber: 1000 +givenName: Songda +sn: Schoeman +cn: Songda Schoeman +homeDirectory: /home/sschoeman +gecos: Songda Schoeman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWhydFRxakxJOTRGQzI= +loginShell: /bin/bash + +dn: uid=ubieniek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ubieniek +uidNumber: 5555 +gidNumber: 1000 +givenName: Ulia +sn: Bieniek +cn: Ulia Bieniek +homeDirectory: /home/ubieniek +gecos: Ulia Bieniek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Tzd0RjVldGFKTUNIQkZQaGU4S2g2eVB4UlAxSGNOclI= +loginShell: /bin/bash + +dn: cn=Otile Chasten+uid=ochasten,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ochasten +uidNumber: 5556 +gidNumber: 1000 +givenName: Otile +sn: Chasten +cn: Otile Chasten +homeDirectory: /home/ochasten +gecos: Otile Chasten +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVVuV2FFVGNtMlNJNVU= +loginShell: /bin/bash + +dn: cn=Norman Schiele,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nschiele +uidNumber: 5557 +gidNumber: 1000 +givenName: Norman +sn: Schiele +cn: Norman Schiele +homeDirectory: /home/nschiele +gecos: Norman Schiele +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX12NFJ6bERYOWZuVURNNCtUNGpqZUpINEhHdWM9 +loginShell: /bin/bash + +dn: uid=ckodish,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ckodish +uidNumber: 5558 +gidNumber: 1000 +givenName: Cindy +sn: Kodish +cn: Cindy Kodish +homeDirectory: /home/ckodish +gecos: Cindy Kodish +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9eVc1Z2t3N1ordXQ3Wi9jWkt6bHA2L0lNbFdnOWRPQjk= +loginShell: /bin/bash + +dn: uid=sskyers,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sskyers +uidNumber: 5559 +gidNumber: 1000 +givenName: Shyra +sn: Skyers +cn: Shyra Skyers +homeDirectory: /home/sskyers +gecos: Shyra Skyers +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1pMnZlQ2cyK0VyZUFXMlFXeVVMbW16bFd1TWc9 +loginShell: /bin/bash + +dn: cn=Rafael Dubs+uid=rdubs,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rdubs +uidNumber: 5560 +gidNumber: 1000 +givenName: Rafael +sn: Dubs +cn: Rafael Dubs +homeDirectory: /home/rdubs +gecos: Rafael Dubs +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUVYUzNRR2w0Ry8uOW8= +loginShell: /bin/bash + +dn: uid=wconstantino,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wconstantino +uidNumber: 5561 +gidNumber: 1000 +givenName: Wallace +sn: Constantino +cn: Wallace Constantino +homeDirectory: /home/wconstantino +gecos: Wallace Constantino +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX04RGc5YlRLUytQRzdZTU1MVCtxMXBnPT0= +loginShell: /bin/bash + +dn: uid=gvachula,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gvachula +uidNumber: 5562 +gidNumber: 1000 +givenName: Guchol +sn: Vachula +cn: Guchol Vachula +homeDirectory: /home/gvachula +gecos: Guchol Vachula +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1jdWhOZmNhUzdqUlU0aGRMZXFtcFlBPT0= +loginShell: /bin/bash + +dn: uid=rrasual,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rrasual +uidNumber: 5563 +gidNumber: 1000 +givenName: Russell +sn: Rasual +cn: Russell Rasual +homeDirectory: /home/rrasual +gecos: Russell Rasual +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUpxR3loOXFVYU1jdGs= +loginShell: /bin/bash + +dn: uid=ngaler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ngaler +uidNumber: 5564 +gidNumber: 1000 +givenName: Nora +sn: Galer +cn: Nora Galer +homeDirectory: /home/ngaler +gecos: Nora Galer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9UW5vcnZ4WExqQ0ZNdm16UDcvNmcwL1pNcG9ObXJEQjI= +loginShell: /bin/bash + +dn: cn=Ernie Flanner,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eflanner +uidNumber: 5565 +gidNumber: 1000 +givenName: Ernie +sn: Flanner +cn: Ernie Flanner +homeDirectory: /home/eflanner +gecos: Ernie Flanner +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9TE1QVUlmclJkNjEzQTBSQjdpQ282Mkt2cUF3PQ== +loginShell: /bin/bash + +dn: uid=vkilburn,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vkilburn +uidNumber: 5566 +gidNumber: 1000 +givenName: Vania +sn: Kilburn +cn: Vania Kilburn +homeDirectory: /home/vkilburn +gecos: Vania Kilburn +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1hT2lhTjhxalJjWW56djdjaGxhaFFBPT0= +loginShell: /bin/bash + +dn: uid=msturrup,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: msturrup +uidNumber: 5567 +gidNumber: 1000 +givenName: Marinda +sn: Sturrup +cn: Marinda Sturrup +homeDirectory: /home/msturrup +gecos: Marinda Sturrup +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9dlU1VWM5U01BQ3FVQnZQbUtiWm1oRXg3YnJVMWFGeDE= +loginShell: /bin/bash + +dn: uid=ljomes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ljomes +uidNumber: 5568 +gidNumber: 1000 +givenName: Lusi +sn: Jomes +cn: Lusi Jomes +homeDirectory: /home/ljomes +gecos: Lusi Jomes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX16dXRIWUUwL3FXVnNoUUhTVXMyL3RDbzI4Tkk9 +loginShell: /bin/bash + +dn: cn=Martin Rydelek+uid=mrydelek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mrydelek +uidNumber: 5569 +gidNumber: 1000 +givenName: Martin +sn: Rydelek +cn: Martin Rydelek +homeDirectory: /home/mrydelek +gecos: Martin Rydelek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1GN244R3BHS2JxVEhrbjB5UjRiWS93PT0= +loginShell: /bin/bash + +dn: uid=cklem,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cklem +uidNumber: 5570 +gidNumber: 1000 +givenName: Clovis +sn: Klem +cn: Clovis Klem +homeDirectory: /home/cklem +gecos: Clovis Klem +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXVqQkprREUxN1V4ZUE= +loginShell: /bin/bash + +dn: uid=hbukovsky,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hbukovsky +uidNumber: 5571 +gidNumber: 1000 +givenName: Hali +sn: Bukovsky +cn: Hali Bukovsky +homeDirectory: /home/hbukovsky +gecos: Hali Bukovsky +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1XQUZkT24yZzMzT1h4bHNKbHRLbDBRPT0= +loginShell: /bin/bash + +dn: cn=Rina Alspach+uid=ralspach,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ralspach +uidNumber: 5572 +gidNumber: 1000 +givenName: Rina +sn: Alspach +cn: Rina Alspach +homeDirectory: /home/ralspach +gecos: Rina Alspach +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1iZ0xHREcvamkrZ3R3OEhHU2d6REFBPT0= +loginShell: /bin/bash + +dn: cn=Max Pester+uid=mpester,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mpester +uidNumber: 5573 +gidNumber: 1000 +givenName: Max +sn: Pester +cn: Max Pester +homeDirectory: /home/mpester +gecos: Max Pester +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9TG42RHlIM3hwYS9MRW9pOU1PLy9HZFk2RktXcGZaTkk= +loginShell: /bin/bash + +dn: cn=Wutip Aristizabal+uid=waristizabal,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: waristizabal +uidNumber: 5574 +gidNumber: 1000 +givenName: Wutip +sn: Aristizabal +cn: Wutip Aristizabal +homeDirectory: /home/waristizabal +gecos: Wutip Aristizabal +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9N1d1dVg5elZLMjRPWVBjMzZrWDZENC9nYTVvTUlLOTM= +loginShell: /bin/bash + +dn: uid=zcervenak,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zcervenak +uidNumber: 5575 +gidNumber: 1000 +givenName: Zita +sn: Cervenak +cn: Zita Cervenak +homeDirectory: /home/zcervenak +gecos: Zita Cervenak +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9aEFKc012Vmlpa0JLTkcvSmZzNHZtNStibWlzPQ== +loginShell: /bin/bash + +dn: cn=Emily Kenady+uid=ekenady,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ekenady +uidNumber: 5576 +gidNumber: 1000 +givenName: Emily +sn: Kenady +cn: Emily Kenady +homeDirectory: /home/ekenady +gecos: Emily Kenady +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTVqZDFCcVNMby5sRXc= +loginShell: /bin/bash + +dn: uid=mallmand,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mallmand +uidNumber: 5577 +gidNumber: 1000 +givenName: Mele +sn: Allmand +cn: Mele Allmand +homeDirectory: /home/mallmand +gecos: Mele Allmand +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9bkxHZEY4MGFsQlY1eUU5STZLZzlnY2ZEa2lKUGdKU3M= +loginShell: /bin/bash + +dn: cn=Joan Bielicki+uid=jbielicki,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jbielicki +uidNumber: 5578 +gidNumber: 1000 +givenName: Joan +sn: Bielicki +cn: Joan Bielicki +homeDirectory: /home/jbielicki +gecos: Joan Bielicki +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9WnVWRUdhNXEwQVgwM2lVR0YwaHFndHBTZEJnPQ== +loginShell: /bin/bash + +dn: uid=hbrandow,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hbrandow +uidNumber: 5579 +gidNumber: 1000 +givenName: Hanna +sn: Brandow +cn: Hanna Brandow +homeDirectory: /home/hbrandow +gecos: Hanna Brandow +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1qZ0F2bkFiRGVwZXorYk1wYW05NW0reHZ2MTg9 +loginShell: /bin/bash + +dn: uid=kkottenstette,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kkottenstette +uidNumber: 5580 +gidNumber: 1000 +givenName: Kalmaegi +sn: Kottenstette +cn: Kalmaegi Kottenstette +homeDirectory: /home/kkottenstette +gecos: Kalmaegi Kottenstette +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9bkdwRUxuQ3oyTjdHdzRXVUpXdDBkOGx2dW93PQ== +loginShell: /bin/bash + +dn: uid=svielle,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: svielle +uidNumber: 5581 +gidNumber: 1000 +givenName: Simon +sn: Vielle +cn: Simon Vielle +homeDirectory: /home/svielle +gecos: Simon Vielle +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1iazdVWDZtdGhkUzZSc29XTW5yYW5iSVBMdms9 +loginShell: /bin/bash + +dn: uid=ngata,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ngata +uidNumber: 5582 +gidNumber: 1000 +givenName: Nancy +sn: Gata +cn: Nancy Gata +homeDirectory: /home/ngata +gecos: Nancy Gata +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX01dmJVN1ptTHZ5WklnY0RxNTRiRHFyYUp2VjQ9 +loginShell: /bin/bash + +dn: cn=Hazel Kippes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hkippes +uidNumber: 5583 +gidNumber: 1000 +givenName: Hazel +sn: Kippes +cn: Hazel Kippes +homeDirectory: /home/hkippes +gecos: Hazel Kippes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfU10WlJER2RBckguOG8= +loginShell: /bin/bash + +dn: uid=lbarban,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lbarban +uidNumber: 5584 +gidNumber: 1000 +givenName: Lupit +sn: Barban +cn: Lupit Barban +homeDirectory: /home/lbarban +gecos: Lupit Barban +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX10Z1hxWUp1ZC9QS1Z6OVduZ0QzTk53PT0= +loginShell: /bin/bash + +dn: uid=adevenney,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: adevenney +uidNumber: 5585 +gidNumber: 1000 +givenName: Adeline +sn: Devenney +cn: Adeline Devenney +homeDirectory: /home/adevenney +gecos: Adeline Devenney +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ZTN4VlNNQmxaeENCNFNSMkV3NnpIVTFvaTZrPQ== +loginShell: /bin/bash + +dn: cn=Io Salm+uid=isalm,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: isalm +uidNumber: 5586 +gidNumber: 1000 +givenName: Io +sn: Salm +cn: Io Salm +homeDirectory: /home/isalm +gecos: Io Salm +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Wk1pbkMwV2xYaWVCK250N3g5Rzhnd1ljcXU1NE51OCs= +loginShell: /bin/bash + +dn: uid=wleiva,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wleiva +uidNumber: 5587 +gidNumber: 1000 +givenName: Wallace +sn: Leiva +cn: Wallace Leiva +homeDirectory: /home/wleiva +gecos: Wallace Leiva +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9blFEdllVU3FQMmNjV3FZb2d2Znp1d3MwMmNVPQ== +loginShell: /bin/bash + +dn: cn=Georges Loebs,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gloebs +uidNumber: 5588 +gidNumber: 1000 +givenName: Georges +sn: Loebs +cn: Georges Loebs +homeDirectory: /home/gloebs +gecos: Georges Loebs +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9SFBjOXUzTzdTZXhyMnJNaWszelF0UHBnd0FrPQ== +loginShell: /bin/bash + +dn: uid=dzurek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dzurek +uidNumber: 5589 +gidNumber: 1000 +givenName: Dalila +sn: Zurek +cn: Dalila Zurek +homeDirectory: /home/dzurek +gecos: Dalila Zurek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1HNTIwNkpIZVZOYU8rRU5kTkxZYUd3PT0= +loginShell: /bin/bash + +dn: cn=Samuel Zachariades+uid=szachariades,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: szachariades +uidNumber: 5590 +gidNumber: 1000 +givenName: Samuel +sn: Zachariades +cn: Samuel Zachariades +homeDirectory: /home/szachariades +gecos: Samuel Zachariades +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cXBZTzJwd0s1Vy9LUThsQWxMdjVLYUtvbzQ0PQ== +loginShell: /bin/bash + +dn: uid=hzinda,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hzinda +uidNumber: 5591 +gidNumber: 1000 +givenName: Hana +sn: Zinda +cn: Hana Zinda +homeDirectory: /home/hzinda +gecos: Hana Zinda +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YnJhZw== +loginShell: /bin/bash + +dn: cn=Sepat Cocuzza,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: scocuzza +uidNumber: 5592 +gidNumber: 1000 +givenName: Sepat +sn: Cocuzza +cn: Sepat Cocuzza +homeDirectory: /home/scocuzza +gecos: Sepat Cocuzza +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1jMTIvYms1MDZkSGxqTEc5T1Rta2V2cXJlbFU9 +loginShell: /bin/bash + +dn: uid=ewuitschick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ewuitschick +uidNumber: 5593 +gidNumber: 1000 +givenName: Elida +sn: Wuitschick +cn: Elida Wuitschick +homeDirectory: /home/ewuitschick +gecos: Elida Wuitschick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX00SWNaZWdsZjhYeXFXb1BiREtzNitnPT0= +loginShell: /bin/bash + +dn: cn=Ela Rostad+uid=erostad,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: erostad +uidNumber: 5594 +gidNumber: 1000 +givenName: Ela +sn: Rostad +cn: Ela Rostad +homeDirectory: /home/erostad +gecos: Ela Rostad +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVlqMVRnV3RZZzIvWTY= +loginShell: /bin/bash + +dn: uid=dsharr,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dsharr +uidNumber: 5595 +gidNumber: 1000 +givenName: Dama +sn: Sharr +cn: Dama Sharr +homeDirectory: /home/dsharr +gecos: Dama Sharr +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVRic3R3U1pxY1BtVzY= +loginShell: /bin/bash + +dn: uid=nsnaders,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nsnaders +uidNumber: 5596 +gidNumber: 1000 +givenName: Nungu +sn: Snaders +cn: Nungu Snaders +homeDirectory: /home/nsnaders +gecos: Nungu Snaders +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1aTG12VzZrejNNaDhjOGJuL2tKOXp3PT0= +loginShell: /bin/bash + +dn: uid=gtinnel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gtinnel +uidNumber: 5597 +gidNumber: 1000 +givenName: Gaemi +sn: Tinnel +cn: Gaemi Tinnel +homeDirectory: /home/gtinnel +gecos: Gaemi Tinnel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9dUNNeWE4VG90LzFyb0FQSkNtV2NkVVAxQW5nPQ== +loginShell: /bin/bash + +dn: uid=dmcgillen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dmcgillen +uidNumber: 5598 +gidNumber: 1000 +givenName: Denise +sn: Mcgillen +cn: Denise Mcgillen +homeDirectory: /home/dmcgillen +gecos: Denise Mcgillen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUgwU0d4R3MxWU8vbFk= +loginShell: /bin/bash + +dn: uid=ekonick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ekonick +uidNumber: 5599 +gidNumber: 1000 +givenName: Earl +sn: Konick +cn: Earl Konick +homeDirectory: /home/ekonick +gecos: Earl Konick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9d2Z5QmZwM05IR2JjbnhyK0h5eHVPaUlJYnhBPQ== +loginShell: /bin/bash + +dn: uid=gcukaj,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gcukaj +uidNumber: 5600 +gidNumber: 1000 +givenName: Gule +sn: Cukaj +cn: Gule Cukaj +homeDirectory: /home/gcukaj +gecos: Gule Cukaj +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YnV0dGVyc2NvdGNo +loginShell: /bin/bash + +dn: uid=psiroky,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: psiroky +uidNumber: 5601 +gidNumber: 1000 +givenName: Penny +sn: Siroky +cn: Penny Siroky +homeDirectory: /home/psiroky +gecos: Penny Siroky +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9dEp5ejZySUdjazN1OUNTeEU4Z0l4dlN0cUdjPQ== +loginShell: /bin/bash + +dn: uid=kmalas,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kmalas +uidNumber: 5602 +gidNumber: 1000 +givenName: Kirk +sn: Malas +cn: Kirk Malas +homeDirectory: /home/kmalas +gecos: Kirk Malas +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9UGhTYVd0UlhvTzhaZmZSbmR4d0s3Wk5QV2NNPQ== +loginShell: /bin/bash + +dn: uid=ovasiliou,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ovasiliou +uidNumber: 5603 +gidNumber: 1000 +givenName: Otis +sn: Vasiliou +cn: Otis Vasiliou +homeDirectory: /home/ovasiliou +gecos: Otis Vasiliou +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9NjlnUENjQ2JNNExmRkk1eGlWYzR5Vkp3eFhBPQ== +loginShell: /bin/bash + +dn: uid=nhattman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nhattman +uidNumber: 5604 +gidNumber: 1000 +givenName: Nute +sn: Hattman +cn: Nute Hattman +homeDirectory: /home/nhattman +gecos: Nute Hattman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9b1FweEFkVG5wZjFlMzgxQVZNRzBmd2pabTZMME4vQXY= +loginShell: /bin/bash + +dn: cn=Nele Chrisman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nchrisman +uidNumber: 5605 +gidNumber: 1000 +givenName: Nele +sn: Chrisman +cn: Nele Chrisman +homeDirectory: /home/nchrisman +gecos: Nele Chrisman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bW9ub2xpbmd1YWw= +loginShell: /bin/bash + +dn: uid=wtio,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wtio +uidNumber: 5606 +gidNumber: 1000 +givenName: Wene +sn: Tio +cn: Wene Tio +homeDirectory: /home/wtio +gecos: Wene Tio +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9UWZQOTJhUkhKUE5RZFNHcXh0RUQwd1JiWEVzPQ== +loginShell: /bin/bash + +dn: cn=Kodo Comparoni,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kcomparoni +uidNumber: 5607 +gidNumber: 1000 +givenName: Kodo +sn: Comparoni +cn: Kodo Comparoni +homeDirectory: /home/kcomparoni +gecos: Kodo Comparoni +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfU1ZTUdXL0xHbHdKWGs= +loginShell: /bin/bash + +dn: uid=imcconkey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: imcconkey +uidNumber: 5608 +gidNumber: 1000 +givenName: Isis +sn: Mcconkey +cn: Isis Mcconkey +homeDirectory: /home/imcconkey +gecos: Isis Mcconkey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1kRk9mOGprc2JwbWR2QlplcmlURGVRPT0= +loginShell: /bin/bash + +dn: uid=rkraszewski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rkraszewski +uidNumber: 5609 +gidNumber: 1000 +givenName: Roslyn +sn: Kraszewski +cn: Roslyn Kraszewski +homeDirectory: /home/rkraszewski +gecos: Roslyn Kraszewski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWdOWG95NEp5L2VZazI= +loginShell: /bin/bash + +dn: uid=zratti,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zratti +uidNumber: 5610 +gidNumber: 1000 +givenName: Zaka +sn: Ratti +cn: Zaka Ratti +homeDirectory: /home/zratti +gecos: Zaka Ratti +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9aVJaZitSMkFVQ3BmRTlPR3EzL3F5c01SR1VUNllJUjE= +loginShell: /bin/bash + +dn: cn=Arlene Sticher,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: asticher +uidNumber: 5611 +gidNumber: 1000 +givenName: Arlene +sn: Sticher +cn: Arlene Sticher +homeDirectory: /home/asticher +gecos: Arlene Sticher +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9dlFSSW93dnRETWNvUndhcnZ2dUFmbERXM240PQ== +loginShell: /bin/bash + +dn: uid=smayorca,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: smayorca +uidNumber: 5612 +gidNumber: 1000 +givenName: Sarah +sn: Mayorca +cn: Sarah Mayorca +homeDirectory: /home/smayorca +gecos: Sarah Mayorca +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1yRkJ3cExTWDF4N3FtTys3WlVjUitBZGRnVEE9 +loginShell: /bin/bash + +dn: cn=Ileana Puccio,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ipuccio +uidNumber: 5613 +gidNumber: 1000 +givenName: Ileana +sn: Puccio +cn: Ileana Puccio +homeDirectory: /home/ipuccio +gecos: Ileana Puccio +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9bCtYMWNzbWFFNUpDdzVPdDNmZk1wUUR2Yk13PQ== +loginShell: /bin/bash + +dn: uid=ubynum,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ubynum +uidNumber: 5614 +gidNumber: 1000 +givenName: Uleki +sn: Bynum +cn: Uleki Bynum +homeDirectory: /home/ubynum +gecos: Uleki Bynum +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bWFzdGVyaW5n +loginShell: /bin/bash + +dn: uid=nspolar,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nspolar +uidNumber: 5615 +gidNumber: 1000 +givenName: Nida +sn: Spolar +cn: Nida Spolar +homeDirectory: /home/nspolar +gecos: Nida Spolar +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9a3ZDdFEyY2dxak9kaVhhWmltd1hLZXYwSVpPckN1cko= +loginShell: /bin/bash + +dn: uid=lkahre,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lkahre +uidNumber: 5616 +gidNumber: 1000 +givenName: Lenny +sn: Kahre +cn: Lenny Kahre +homeDirectory: /home/lkahre +gecos: Lenny Kahre +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9V1RSYUo4aE82a2p0Um8ybU4yR1lHOXoyRTU0PQ== +loginShell: /bin/bash + +dn: uid=gstallion,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gstallion +uidNumber: 5617 +gidNumber: 1000 +givenName: George +sn: Stallion +cn: George Stallion +homeDirectory: /home/gstallion +gecos: George Stallion +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTZqYi5XTUUzTWNrWDI= +loginShell: /bin/bash + +dn: uid=znightingale,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: znightingale +uidNumber: 5618 +gidNumber: 1000 +givenName: Zefa +sn: Nightingale +cn: Zefa Nightingale +homeDirectory: /home/znightingale +gecos: Zefa Nightingale +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1lTVBkLzlFL0dYL0k4ck5mWVpyRlNjd21CLzQ9 +loginShell: /bin/bash + +dn: uid=lhenrey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lhenrey +uidNumber: 5619 +gidNumber: 1000 +givenName: Loke +sn: Henrey +cn: Loke Henrey +homeDirectory: /home/lhenrey +gecos: Loke Henrey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1sSy9MeUQrTFQrV2RLZ0poenR5THJZbWN5cVE9 +loginShell: /bin/bash + +dn: uid=fwidhalm,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fwidhalm +uidNumber: 5620 +gidNumber: 1000 +givenName: Favio +sn: Widhalm +cn: Favio Widhalm +homeDirectory: /home/fwidhalm +gecos: Favio Widhalm +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1DOXBTZG5EVEhnOEQvOVkwMkJtb3NRPT0= +loginShell: /bin/bash + +dn: uid=dgivliani,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dgivliani +uidNumber: 5621 +gidNumber: 1000 +givenName: Danny +sn: Givliani +cn: Danny Givliani +homeDirectory: /home/dgivliani +gecos: Danny Givliani +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1ldi9Nam9kcERNdmsyOTZwUW5OSnh4dExmazA9 +loginShell: /bin/bash + +dn: cn=Bobby Woolever+uid=bwoolever,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bwoolever +uidNumber: 5622 +gidNumber: 1000 +givenName: Bobby +sn: Woolever +cn: Bobby Woolever +homeDirectory: /home/bwoolever +gecos: Bobby Woolever +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9R1F0K3ZQbDk4Wm5mQTNMOGpveVovYUFOQjIwPQ== +loginShell: /bin/bash + +dn: uid=sansari,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sansari +uidNumber: 5623 +gidNumber: 1000 +givenName: Sanvu +sn: Ansari +cn: Sanvu Ansari +homeDirectory: /home/sansari +gecos: Sanvu Ansari +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXZiYlhSdEp5M2xpTnM= +loginShell: /bin/bash + +dn: uid=moller,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: moller +uidNumber: 5624 +gidNumber: 1000 +givenName: Mindy +sn: Oller +cn: Mindy Oller +homeDirectory: /home/moller +gecos: Mindy Oller +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVoyZnlxL2FMU0g1YnM= +loginShell: /bin/bash + +dn: uid=srubenfield,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: srubenfield +uidNumber: 5625 +gidNumber: 1000 +givenName: Sepat +sn: Rubenfield +cn: Sepat Rubenfield +homeDirectory: /home/srubenfield +gecos: Sepat Rubenfield +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1RYk1DZk93MUc0bncxRnd5MzN6eVJuU2NxUWs9 +loginShell: /bin/bash + +dn: uid=teliades,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: teliades +uidNumber: 5626 +gidNumber: 1000 +givenName: Tokage +sn: Eliades +cn: Tokage Eliades +homeDirectory: /home/teliades +gecos: Tokage Eliades +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9aml6UGdYZ3A1MkZTUFRJUTJWRlVRci94aUg4d2Y0MnU= +loginShell: /bin/bash + +dn: uid=dcoffer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dcoffer +uidNumber: 5627 +gidNumber: 1000 +givenName: Dora +sn: Coffer +cn: Dora Coffer +homeDirectory: /home/dcoffer +gecos: Dora Coffer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVY1eDVrN0QwVmNFdVE= +loginShell: /bin/bash + +dn: uid=vtrumpp,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vtrumpp +uidNumber: 5628 +gidNumber: 1000 +givenName: Vance +sn: Trumpp +cn: Vance Trumpp +homeDirectory: /home/vtrumpp +gecos: Vance Trumpp +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0yU2dFcEVYTUJCRXRneHdTcCtBeWZnPT0= +loginShell: /bin/bash + +dn: uid=iweibe,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: iweibe +uidNumber: 5629 +gidNumber: 1000 +givenName: Ita +sn: Weibe +cn: Ita Weibe +homeDirectory: /home/iweibe +gecos: Ita Weibe +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9eG54NlpDbGNEaW11MEtuYnRHQ0JsT0hhbm1KQ2xuNTc= +loginShell: /bin/bash + +dn: uid=csoomaroo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: csoomaroo +uidNumber: 5630 +gidNumber: 1000 +givenName: Colin +sn: Soomaroo +cn: Colin Soomaroo +homeDirectory: /home/csoomaroo +gecos: Colin Soomaroo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9b1hEdkM3dE1yeTB6anE1VXY0RmltemZtaGV1UERYYkE= +loginShell: /bin/bash + +dn: uid=thoofard,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: thoofard +uidNumber: 5631 +gidNumber: 1000 +givenName: Tapah +sn: Hoofard +cn: Tapah Hoofard +homeDirectory: /home/thoofard +gecos: Tapah Hoofard +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1rZkozVGxHRmR1UDFKVDRLbkRaS3h3PT0= +loginShell: /bin/bash + +dn: uid=igeltz,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: igeltz +uidNumber: 5632 +gidNumber: 1000 +givenName: Io +sn: Geltz +cn: Io Geltz +homeDirectory: /home/igeltz +gecos: Io Geltz +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9U25abHpITUlLUkhzL0JXbEVhdzA3MXBzZXM0PQ== +loginShell: /bin/bash + +dn: cn=Sheila Laudeman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: slaudeman +uidNumber: 5633 +gidNumber: 1000 +givenName: Sheila +sn: Laudeman +cn: Sheila Laudeman +homeDirectory: /home/slaudeman +gecos: Sheila Laudeman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX16RWs3R2lib2oraXQzVHphSndERlRBPT0= +loginShell: /bin/bash + +dn: uid=fminecci,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fminecci +uidNumber: 5634 +gidNumber: 1000 +givenName: Fung-wong +sn: Minecci +cn: Fung-wong Minecci +homeDirectory: /home/fminecci +gecos: Fung-wong Minecci +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9OHAwNVdDcHQ0b1Zjd0JFV2Z0VkREY1hwcnBRPQ== +loginShell: /bin/bash + +dn: uid=mkarels,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mkarels +uidNumber: 5635 +gidNumber: 1000 +givenName: Ma-on +sn: Karels +cn: Ma-on Karels +homeDirectory: /home/mkarels +gecos: Ma-on Karels +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9TUtneGs1UTg4eFJMZVBwdXQ4TXozRzhUN0t4a1ptWWM= +loginShell: /bin/bash + +dn: uid=mbeagley,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mbeagley +uidNumber: 5636 +gidNumber: 1000 +givenName: Mawar +sn: Beagley +cn: Mawar Beagley +homeDirectory: /home/mbeagley +gecos: Mawar Beagley +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1WUmNyU2tWU0R5YlEzOEFHaVJwQU53PT0= +loginShell: /bin/bash + +dn: uid=hmuscaro,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hmuscaro +uidNumber: 5637 +gidNumber: 1000 +givenName: Haitang +sn: Muscaro +cn: Haitang Muscaro +homeDirectory: /home/hmuscaro +gecos: Haitang Muscaro +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1FaFNIczlJRzVZRHdHQkhnL2tyZ0tHUWZER2s9 +loginShell: /bin/bash + +dn: cn=Guba Locascio+uid=glocascio,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: glocascio +uidNumber: 5638 +gidNumber: 1000 +givenName: Guba +sn: Locascio +cn: Guba Locascio +homeDirectory: /home/glocascio +gecos: Guba Locascio +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9NXUzUFgrUUxqUVhjZ1NBUFoyRncrdGFaYXd0YWNUdUM= +loginShell: /bin/bash + +dn: cn=Erika Hindbaugh+uid=ehindbaugh,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ehindbaugh +uidNumber: 5639 +gidNumber: 1000 +givenName: Erika +sn: Hindbaugh +cn: Erika Hindbaugh +homeDirectory: /home/ehindbaugh +gecos: Erika Hindbaugh +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWJPN1hYZ2FiRjBHVWc= +loginShell: /bin/bash + +dn: cn=Claudia Swigert,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cswigert +uidNumber: 5640 +gidNumber: 1000 +givenName: Claudia +sn: Swigert +cn: Claudia Swigert +homeDirectory: /home/cswigert +gecos: Claudia Swigert +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9TE1Fc0VJWnkwNFZBMlB2SldiWW5QTHQ0T1hNQ05iRWw= +loginShell: /bin/bash + +dn: cn=Pongsona Zorens+uid=pzorens,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pzorens +uidNumber: 5641 +gidNumber: 1000 +givenName: Pongsona +sn: Zorens +cn: Pongsona Zorens +homeDirectory: /home/pzorens +gecos: Pongsona Zorens +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXIuVFdkYnVPZUsyYVE= +loginShell: /bin/bash + +dn: uid=omatice,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: omatice +uidNumber: 5642 +gidNumber: 1000 +givenName: Olipa +sn: Matice +cn: Olipa Matice +homeDirectory: /home/omatice +gecos: Olipa Matice +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bXV0ZXM= +loginShell: /bin/bash + +dn: uid=kcheyney,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kcheyney +uidNumber: 5643 +gidNumber: 1000 +givenName: Koppu +sn: Cheyney +cn: Koppu Cheyney +homeDirectory: /home/kcheyney +gecos: Koppu Cheyney +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cVFSYi9abFE2T09ySDVpY3h4VTZ5ZHZUMVJjPQ== +loginShell: /bin/bash + +dn: cn=Matthew Pytko,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mpytko +uidNumber: 5644 +gidNumber: 1000 +givenName: Matthew +sn: Pytko +cn: Matthew Pytko +homeDirectory: /home/mpytko +gecos: Matthew Pytko +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9TXpvRGZRVjZQVFJOUjY3SENWS21hNkhhclhzPQ== +loginShell: /bin/bash + +dn: cn=Michael Contreras+uid=mcontreras,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mcontreras +uidNumber: 5645 +gidNumber: 1000 +givenName: Michael +sn: Contreras +cn: Michael Contreras +homeDirectory: /home/mcontreras +gecos: Michael Contreras +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YXBwbGUncw== +loginShell: /bin/bash + +dn: cn=Usta Mosser+uid=umosser,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: umosser +uidNumber: 5646 +gidNumber: 1000 +givenName: Usta +sn: Mosser +cn: Usta Mosser +homeDirectory: /home/umosser +gecos: Usta Mosser +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9TWdxSVNJdUErcFBSc1NsNnFCVzNna1FvNGxJNXFSQ3E= +loginShell: /bin/bash + +dn: uid=mvashaw,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mvashaw +uidNumber: 5647 +gidNumber: 1000 +givenName: Meranti +sn: Vashaw +cn: Meranti Vashaw +homeDirectory: /home/mvashaw +gecos: Meranti Vashaw +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1NMVBWYmdrU1UwNUtaR012aDBFcnFab29Cb009 +loginShell: /bin/bash + +dn: cn=Rose Fangman+uid=rfangman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rfangman +uidNumber: 5648 +gidNumber: 1000 +givenName: Rose +sn: Fangman +cn: Rose Fangman +homeDirectory: /home/rfangman +gecos: Rose Fangman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWJuODc3MlVYMGdvNC4= +loginShell: /bin/bash + +dn: uid=hgreuel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hgreuel +uidNumber: 5649 +gidNumber: 1000 +givenName: Hali +sn: Greuel +cn: Hali Greuel +homeDirectory: /home/hgreuel +gecos: Hali Greuel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1DSjlPTmdlZThuUXRYdng5NzFwYjlYYVBiRzQ9 +loginShell: /bin/bash + +dn: uid=tkuchem,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tkuchem +uidNumber: 5650 +gidNumber: 1000 +givenName: Trami +sn: Kuchem +cn: Trami Kuchem +homeDirectory: /home/tkuchem +gecos: Trami Kuchem +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1IMjlDTTA0WENhVGcrWklxMTRtUkt3PT0= +loginShell: /bin/bash + +dn: uid=nvyhnal,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nvyhnal +uidNumber: 5651 +gidNumber: 1000 +givenName: Nele +sn: Vyhnal +cn: Nele Vyhnal +homeDirectory: /home/nvyhnal +gecos: Nele Vyhnal +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9VnVocnM2ako5SlFpMFFrTEZYcmVxWjJKaXBZPQ== +loginShell: /bin/bash + +dn: uid=nwrobbel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nwrobbel +uidNumber: 5652 +gidNumber: 1000 +givenName: Nate +sn: Wrobbel +cn: Nate Wrobbel +homeDirectory: /home/nwrobbel +gecos: Nate Wrobbel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0yb0tETjJzelZQVVI5Z1RTMEJTSlpBPT0= +loginShell: /bin/bash + +dn: uid=speppin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: speppin +uidNumber: 5653 +gidNumber: 1000 +givenName: Sam +sn: Peppin +cn: Sam Peppin +homeDirectory: /home/speppin +gecos: Sam Peppin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RWh1bXBaMkxWSDZoMy95RTFxWW9kVWlaT3hNPQ== +loginShell: /bin/bash + +dn: uid=hbickford,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hbickford +uidNumber: 5654 +gidNumber: 1000 +givenName: Helen +sn: Bickford +cn: Helen Bickford +homeDirectory: /home/hbickford +gecos: Helen Bickford +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YWZmYWJsZQ== +loginShell: /bin/bash + +dn: uid=lnorseworthy,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lnorseworthy +uidNumber: 5655 +gidNumber: 1000 +givenName: Lisebo +sn: Norseworthy +cn: Lisebo Norseworthy +homeDirectory: /home/lnorseworthy +gecos: Lisebo Norseworthy +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1jNVpJbm1oWkx5YWhMRWpMbFdmaFZnPT0= +loginShell: /bin/bash + +dn: cn=Allen Tonkin+uid=atonkin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: atonkin +uidNumber: 5656 +gidNumber: 1000 +givenName: Allen +sn: Tonkin +cn: Allen Tonkin +homeDirectory: /home/atonkin +gecos: Allen Tonkin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVJxelhrOTZQaFBZSGM= +loginShell: /bin/bash + +dn: cn=Sinlaku Aben,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: saben +uidNumber: 5657 +gidNumber: 1000 +givenName: Sinlaku +sn: Aben +cn: Sinlaku Aben +homeDirectory: /home/saben +gecos: Sinlaku Aben +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX10OWRaUjN2V1R6VDE1SDFtdDNxT3VmVWVDd1U9 +loginShell: /bin/bash + +dn: uid=sstazenski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sstazenski +uidNumber: 5658 +gidNumber: 1000 +givenName: Sadie +sn: Stazenski +cn: Sadie Stazenski +homeDirectory: /home/sstazenski +gecos: Sadie Stazenski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cmVwdWRpYXRpbmc= +loginShell: /bin/bash + +dn: uid=hkinderknecht,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hkinderknecht +uidNumber: 5659 +gidNumber: 1000 +givenName: Haiyan +sn: Kinderknecht +cn: Haiyan Kinderknecht +homeDirectory: /home/hkinderknecht +gecos: Haiyan Kinderknecht +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9Ymxpa1BldDFnc2dGOFVKa01iaGdqTk1XbzlNPQ== +loginShell: /bin/bash + +dn: cn=Wes Khazaleh+uid=wkhazaleh,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wkhazaleh +uidNumber: 5660 +gidNumber: 1000 +givenName: Wes +sn: Khazaleh +cn: Wes Khazaleh +homeDirectory: /home/wkhazaleh +gecos: Wes Khazaleh +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUZoeWRFWUdYWEZNNFk= +loginShell: /bin/bash + +dn: cn=Sandy Lerew+uid=slerew,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: slerew +uidNumber: 5661 +gidNumber: 1000 +givenName: Sandy +sn: Lerew +cn: Sandy Lerew +homeDirectory: /home/slerew +gecos: Sandy Lerew +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9My9NVGdwZ1FRRUpocTZKd08zTWJPZG9nU1JoWitXM0U= +loginShell: /bin/bash + +dn: uid=floparco,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: floparco +uidNumber: 5662 +gidNumber: 1000 +givenName: Fiona +sn: Loparco +cn: Fiona Loparco +homeDirectory: /home/floparco +gecos: Fiona Loparco +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1iSGExMmJaUklOblFsSnc3YnJUU0pxdFJpK0k9 +loginShell: /bin/bash + +dn: uid=mhack,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mhack +uidNumber: 5663 +gidNumber: 1000 +givenName: Mitch +sn: Hack +cn: Mitch Hack +homeDirectory: /home/mhack +gecos: Mitch Hack +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: dW5zaWduZWQ= +loginShell: /bin/bash + +dn: uid=denriquez,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: denriquez +uidNumber: 5664 +gidNumber: 1000 +givenName: Dovi +sn: Enriquez +cn: Dovi Enriquez +homeDirectory: /home/denriquez +gecos: Dovi Enriquez +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1rZ2RQVndmb3QwUVhnQUE2SDQrZkRBPT0= +loginShell: /bin/bash + +dn: uid=lfichtner,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lfichtner +uidNumber: 5665 +gidNumber: 1000 +givenName: Les +sn: Fichtner +cn: Les Fichtner +homeDirectory: /home/lfichtner +gecos: Les Fichtner +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9UzdiSDF5Mno1WkpxQ2RyY3FOSjAyTm5pbVNodURRem0= +loginShell: /bin/bash + +dn: uid=tnaillon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tnaillon +uidNumber: 5666 +gidNumber: 1000 +givenName: Tomas +sn: Naillon +cn: Tomas Naillon +homeDirectory: /home/tnaillon +gecos: Tomas Naillon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cGZIL1lLTjJaKzdEVEYybjJlVTBad2cwL09vPQ== +loginShell: /bin/bash + +dn: uid=xeppley,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: xeppley +uidNumber: 5667 +gidNumber: 1000 +givenName: Xina +sn: Eppley +cn: Xina Eppley +homeDirectory: /home/xeppley +gecos: Xina Eppley +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1FWTJnMTM4UVliTEpjb1owRERyM2srTGZrNGs9 +loginShell: /bin/bash + +dn: cn=Gabrielle Malave,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gmalave +uidNumber: 5668 +gidNumber: 1000 +givenName: Gabrielle +sn: Malave +cn: Gabrielle Malave +homeDirectory: /home/gmalave +gecos: Gabrielle Malave +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9cDdCdHA2Wld1RUM5aDYxbytWai9Nd3dmZmF0SVpyaDI= +loginShell: /bin/bash + +dn: uid=kgourd,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kgourd +uidNumber: 5669 +gidNumber: 1000 +givenName: Kundai +sn: Gourd +cn: Kundai Gourd +homeDirectory: /home/kgourd +gecos: Kundai Gourd +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1PYWhHb2ZjbXZBS1BwbmsvOFdKWStQbE5DR1E9 +loginShell: /bin/bash + +dn: uid=ycerasoli,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ycerasoli +uidNumber: 5670 +gidNumber: 1000 +givenName: Yasi +sn: Cerasoli +cn: Yasi Cerasoli +homeDirectory: /home/ycerasoli +gecos: Yasi Cerasoli +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX14ZTJnVFZXdFFJR3phV0YvREkxZkpLSU9qWWc9 +loginShell: /bin/bash + +dn: cn=Roxanne Trichell,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rtrichell +uidNumber: 5671 +gidNumber: 1000 +givenName: Roxanne +sn: Trichell +cn: Roxanne Trichell +homeDirectory: /home/rtrichell +gecos: Roxanne Trichell +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: amF1bmRpY2Uncw== +loginShell: /bin/bash + +dn: uid=faquilar,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: faquilar +uidNumber: 5672 +gidNumber: 1000 +givenName: Fifi +sn: Aquilar +cn: Fifi Aquilar +homeDirectory: /home/faquilar +gecos: Fifi Aquilar +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YWNjdW11bGF0ZXM= +loginShell: /bin/bash + +dn: uid=kmcguire,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kmcguire +uidNumber: 5673 +gidNumber: 1000 +givenName: Kompasu +sn: McGuire +cn: Kompasu McGuire +homeDirectory: /home/kmcguire +gecos: Kompasu McGuire +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX15SE1abythUDFoeXI4TzRZcWRsM3lnPT0= +loginShell: /bin/bash + +dn: cn=Eugene Stockwin+uid=estockwin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: estockwin +uidNumber: 5674 +gidNumber: 1000 +givenName: Eugene +sn: Stockwin +cn: Eugene Stockwin +homeDirectory: /home/estockwin +gecos: Eugene Stockwin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX03WndqNnNaQndWS0pBb1dTUEt4TDZYMWpBK0U9 +loginShell: /bin/bash + +dn: uid=ncaballero,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ncaballero +uidNumber: 5675 +gidNumber: 1000 +givenName: Nungu +sn: Caballero +cn: Nungu Caballero +homeDirectory: /home/ncaballero +gecos: Nungu Caballero +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVY4MlBpMDc1cE9sMms= +loginShell: /bin/bash + +dn: uid=ulanigan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ulanigan +uidNumber: 5676 +gidNumber: 1000 +givenName: Unokubi +sn: Lanigan +cn: Unokubi Lanigan +homeDirectory: /home/ulanigan +gecos: Unokubi Lanigan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9TFBFZHhxL2FzVFFFKythWDRSc2N1dzNIaHlnPQ== +loginShell: /bin/bash + +dn: cn=Keith Epps+uid=kepps,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kepps +uidNumber: 5677 +gidNumber: 1000 +givenName: Keith +sn: Epps +cn: Keith Epps +homeDirectory: /home/kepps +gecos: Keith Epps +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZGlzYWZmZWN0 +loginShell: /bin/bash + +dn: cn=Jeanne Henkensiefken,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jhenkensiefken +uidNumber: 5678 +gidNumber: 1000 +givenName: Jeanne +sn: Henkensiefken +cn: Jeanne Henkensiefken +homeDirectory: /home/jhenkensiefken +gecos: Jeanne Henkensiefken +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1DYjNaUS9GemMvTDdoRUpaRC9rV1hRPT0= +loginShell: /bin/bash + +dn: uid=obenton,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: obenton +uidNumber: 5679 +gidNumber: 1000 +givenName: Olipa +sn: Benton +cn: Olipa Benton +homeDirectory: /home/obenton +gecos: Olipa Benton +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWI5TS5vMC5ZQTBiR3M= +loginShell: /bin/bash + +dn: uid=greiff,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: greiff +uidNumber: 5680 +gidNumber: 1000 +givenName: Gavin +sn: Reiff +cn: Gavin Reiff +homeDirectory: /home/greiff +gecos: Gavin Reiff +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: d2FzaGFibGU= +loginShell: /bin/bash + +dn: uid=tstokey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tstokey +uidNumber: 5681 +gidNumber: 1000 +givenName: Tiogo +sn: Stokey +cn: Tiogo Stokey +homeDirectory: /home/tstokey +gecos: Tiogo Stokey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9aDEvREF3Z3VHQTlqWHREc1BOY3UrY0RBSlVSYXVaRzE= +loginShell: /bin/bash + +dn: uid=edufford,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: edufford +uidNumber: 5682 +gidNumber: 1000 +givenName: Estelle +sn: Dufford +cn: Estelle Dufford +homeDirectory: /home/edufford +gecos: Estelle Dufford +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1UU3JnYWM1am8vOUxaVmFzNlF3cXYrTFJXaXM9 +loginShell: /bin/bash + +dn: cn=Josephine Asplund+uid=jasplund,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jasplund +uidNumber: 5683 +gidNumber: 1000 +givenName: Josephine +sn: Asplund +cn: Josephine Asplund +homeDirectory: /home/jasplund +gecos: Josephine Asplund +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cmV3YXJkaW5n +loginShell: /bin/bash + +dn: cn=Carina Drumm+uid=cdrumm,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cdrumm +uidNumber: 5684 +gidNumber: 1000 +givenName: Carina +sn: Drumm +cn: Carina Drumm +homeDirectory: /home/cdrumm +gecos: Carina Drumm +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXk3MkVhTW5tWm5TalU= +loginShell: /bin/bash + +dn: uid=dminozzi,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dminozzi +uidNumber: 5685 +gidNumber: 1000 +givenName: Daryl +sn: Minozzi +cn: Daryl Minozzi +homeDirectory: /home/dminozzi +gecos: Daryl Minozzi +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9SU9WNUxtQS9uZjU4dTdIOXBiazQ2RDRMTTIwPQ== +loginShell: /bin/bash + +dn: uid=abortignon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: abortignon +uidNumber: 5686 +gidNumber: 1000 +givenName: Alberto +sn: Bortignon +cn: Alberto Bortignon +homeDirectory: /home/abortignon +gecos: Alberto Bortignon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9enA5ZEhaY3dlTWZTNmFiOCttN3F5SkR5RlJNPQ== +loginShell: /bin/bash + +dn: uid=wstjean,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wstjean +uidNumber: 5687 +gidNumber: 1000 +givenName: Winifred +sn: Stjean +cn: Winifred Stjean +homeDirectory: /home/wstjean +gecos: Winifred Stjean +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1QSUd2RjJHYmpJaUdTaWQ3YXRaNFJRPT0= +loginShell: /bin/bash + +dn: cn=Sebina Millian+uid=smillian,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: smillian +uidNumber: 5688 +gidNumber: 1000 +givenName: Sebina +sn: Millian +cn: Sebina Millian +homeDirectory: /home/smillian +gecos: Sebina Millian +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUhCdEwwV2hNUzJJUi4= +loginShell: /bin/bash + +dn: uid=aborycz,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: aborycz +uidNumber: 5689 +gidNumber: 1000 +givenName: Alex +sn: Borycz +cn: Alex Borycz +homeDirectory: /home/aborycz +gecos: Alex Borycz +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1TcVgyRi9WYlZNT0liMy9tK3Nka1lwWjJLU1E9 +loginShell: /bin/bash + +dn: uid=kganesvoort,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kganesvoort +uidNumber: 5690 +gidNumber: 1000 +givenName: Kularb +sn: Ganesvoort +cn: Kularb Ganesvoort +homeDirectory: /home/kganesvoort +gecos: Kularb Ganesvoort +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXlNcHh5L1hrY0dQRVU= +loginShell: /bin/bash + +dn: cn=Todd Mill+uid=tmill,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tmill +uidNumber: 5691 +gidNumber: 1000 +givenName: Todd +sn: Mill +cn: Todd Mill +homeDirectory: /home/tmill +gecos: Todd Mill +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cGFwZXJ3ZWlnaHRz +loginShell: /bin/bash + +dn: uid=cfredericksen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cfredericksen +uidNumber: 5692 +gidNumber: 1000 +givenName: Chataan +sn: Fredericksen +cn: Chataan Fredericksen +homeDirectory: /home/cfredericksen +gecos: Chataan Fredericksen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9QXdVNk1lczVhUXRTL1pWMmJsai90UFVHb2wxaEFZU2w= +loginShell: /bin/bash + +dn: uid=istarring,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: istarring +uidNumber: 5693 +gidNumber: 1000 +givenName: Isobel +sn: Starring +cn: Isobel Starring +homeDirectory: /home/istarring +gecos: Isobel Starring +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUdLNy8ubS9BY1B1Rms= +loginShell: /bin/bash + +dn: uid=gkirchberg,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gkirchberg +uidNumber: 5694 +gidNumber: 1000 +givenName: Gula +sn: Kirchberg +cn: Gula Kirchberg +homeDirectory: /home/gkirchberg +gecos: Gula Kirchberg +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1OM29QQVkxOGVLRG83a1FrRGt3SUlBPT0= +loginShell: /bin/bash + +dn: uid=zinsko,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zinsko +uidNumber: 5695 +gidNumber: 1000 +givenName: Zelia +sn: Insko +cn: Zelia Insko +homeDirectory: /home/zinsko +gecos: Zelia Insko +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX12NWVmY1ZXNlBJa1dNanRoWnFwMnVRPT0= +loginShell: /bin/bash + +dn: uid=nwatkinson,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nwatkinson +uidNumber: 5696 +gidNumber: 1000 +givenName: Nute +sn: Watkinson +cn: Nute Watkinson +homeDirectory: /home/nwatkinson +gecos: Nute Watkinson +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTB4SGI3OFk5QTY0cVU= +loginShell: /bin/bash + +dn: uid=nbouras,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nbouras +uidNumber: 5697 +gidNumber: 1000 +givenName: Nora +sn: Bouras +cn: Nora Bouras +homeDirectory: /home/nbouras +gecos: Nora Bouras +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9bDYreE1pSHlPaU1kbGNSTjBVY3ZVQTdmV0xkWVFaSWc= +loginShell: /bin/bash + +dn: uid=vrodick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vrodick +uidNumber: 5698 +gidNumber: 1000 +givenName: Vicete +sn: Rodick +cn: Vicete Rodick +homeDirectory: /home/vrodick +gecos: Vicete Rodick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9YjVMbzdqQ3NURnpuZTFPcjVvSXB1VjhqdytnPQ== +loginShell: /bin/bash + +dn: cn=Claudia Ritchie+uid=critchie,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: critchie +uidNumber: 5699 +gidNumber: 1000 +givenName: Claudia +sn: Ritchie +cn: Claudia Ritchie +homeDirectory: /home/critchie +gecos: Claudia Ritchie +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YmFyYmFyaWFucw== +loginShell: /bin/bash + +dn: uid=ishuckhart,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ishuckhart +uidNumber: 5700 +gidNumber: 1000 +givenName: Iune +sn: Shuckhart +cn: Iune Shuckhart +homeDirectory: /home/ishuckhart +gecos: Iune Shuckhart +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTlENDRIejVZZk5MVGc= +loginShell: /bin/bash + +dn: cn=Mick Konow,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mkonow +uidNumber: 5701 +gidNumber: 1000 +givenName: Mick +sn: Konow +cn: Mick Konow +homeDirectory: /home/mkonow +gecos: Mick Konow +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1KV3dyMUt5SGVNRmdRRW40UUJLMkdBPT0= +loginShell: /bin/bash + +dn: uid=mconsolini,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mconsolini +uidNumber: 5702 +gidNumber: 1000 +givenName: Max +sn: Consolini +cn: Max Consolini +homeDirectory: /home/mconsolini +gecos: Max Consolini +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9Q21LNmlMVUVyRnJ6ZG5FeGE2V2FiSlAxbmhjPQ== +loginShell: /bin/bash + +dn: cn=Tuni Battista,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tbattista +uidNumber: 5703 +gidNumber: 1000 +givenName: Tuni +sn: Battista +cn: Tuni Battista +homeDirectory: /home/tbattista +gecos: Tuni Battista +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1ESTJCakdSei9meGM0SUtYTGw3Sit3PT0= +loginShell: /bin/bash + +dn: uid=vtowell,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vtowell +uidNumber: 5704 +gidNumber: 1000 +givenName: Virgil +sn: Towell +cn: Virgil Towell +homeDirectory: /home/vtowell +gecos: Virgil Towell +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9RHNOTHRRNGo0cWxGMUVadlB0Nk1ERnZ0SThjPQ== +loginShell: /bin/bash + +dn: uid=tyounglas,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tyounglas +uidNumber: 5705 +gidNumber: 1000 +givenName: Teddy +sn: Younglas +cn: Teddy Younglas +homeDirectory: /home/tyounglas +gecos: Teddy Younglas +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9aGd2M1QyNmtXV2o2OXE1VWdHUEpoYXRiQlVLazcyK3g= +loginShell: /bin/bash + +dn: uid=zosollo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zosollo +uidNumber: 5706 +gidNumber: 1000 +givenName: Zuman +sn: Osollo +cn: Zuman Osollo +homeDirectory: /home/zosollo +gecos: Zuman Osollo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ZHdSWmdaV05FQTE5QjFoWUMvYmxGYitacG51UnV5bEg= +loginShell: /bin/bash + +dn: uid=ihalford,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ihalford +uidNumber: 5707 +gidNumber: 1000 +givenName: Isabel +sn: Halford +cn: Isabel Halford +homeDirectory: /home/ihalford +gecos: Isabel Halford +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUhURm9CbWtJMVB3Wi4= +loginShell: /bin/bash + +dn: uid=gjankowiak,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gjankowiak +uidNumber: 5708 +gidNumber: 1000 +givenName: Gabrielle +sn: Jankowiak +cn: Gabrielle Jankowiak +homeDirectory: /home/gjankowiak +gecos: Gabrielle Jankowiak +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1PU3V3VmpwcitUbHdSMWlTV0NnQlU2ZmcreWM9 +loginShell: /bin/bash + +dn: uid=swede,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: swede +uidNumber: 5709 +gidNumber: 1000 +givenName: Sandra +sn: Wede +cn: Sandra Wede +homeDirectory: /home/swede +gecos: Sandra Wede +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTV4TEpyTjR3UlVsRWM= +loginShell: /bin/bash + +dn: uid=bleaks,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bleaks +uidNumber: 5710 +gidNumber: 1000 +givenName: Bonnie +sn: Leaks +cn: Bonnie Leaks +homeDirectory: /home/bleaks +gecos: Bonnie Leaks +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9L0NDUjFQaXNLV1NiN25DcHVVcE1QNERTVG9VPQ== +loginShell: /bin/bash + +dn: uid=vnery,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vnery +uidNumber: 5711 +gidNumber: 1000 +givenName: Vance +sn: Nery +cn: Vance Nery +homeDirectory: /home/vnery +gecos: Vance Nery +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cmVpdGVyYXRlcw== +loginShell: /bin/bash + +dn: cn=Debbie Streich,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dstreich +uidNumber: 5712 +gidNumber: 1000 +givenName: Debbie +sn: Streich +cn: Debbie Streich +homeDirectory: /home/dstreich +gecos: Debbie Streich +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVJQd1lBaHYuSmxSQm8= +loginShell: /bin/bash + +dn: uid=mfornes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mfornes +uidNumber: 5713 +gidNumber: 1000 +givenName: Man-yi +sn: Fornes +cn: Man-yi Fornes +homeDirectory: /home/mfornes +gecos: Man-yi Fornes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTBPUDA4SlE0eElVSlk= +loginShell: /bin/bash + +dn: uid=hcarrizal,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hcarrizal +uidNumber: 5714 +gidNumber: 1000 +givenName: Hettie +sn: Carrizal +cn: Hettie Carrizal +homeDirectory: /home/hcarrizal +gecos: Hettie Carrizal +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9Z29nVVB4QlRKUllBTUtoZEEzVGJXSWRKMFA4PQ== +loginShell: /bin/bash + +dn: uid=ewilles,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ewilles +uidNumber: 5715 +gidNumber: 1000 +givenName: Eseta +sn: Willes +cn: Eseta Willes +homeDirectory: /home/ewilles +gecos: Eseta Willes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cmVhc3N1cmFuY2Uncw== +loginShell: /bin/bash + +dn: uid=ajaquess,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ajaquess +uidNumber: 5716 +gidNumber: 1000 +givenName: Andrea +sn: Jaquess +cn: Andrea Jaquess +homeDirectory: /home/ajaquess +gecos: Andrea Jaquess +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1wNld3ZXR6REppZnNlL25MR3RYMHVsalpEbDA9 +loginShell: /bin/bash + +dn: cn=Ramasoon Fidel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rfidel +uidNumber: 5717 +gidNumber: 1000 +givenName: Ramasoon +sn: Fidel +cn: Ramasoon Fidel +homeDirectory: /home/rfidel +gecos: Ramasoon Fidel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9SVRxSzRmb1dHRlNFSUM3SUs3MW9TQU8rWHV3PQ== +loginShell: /bin/bash + +dn: uid=nroh,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nroh +uidNumber: 5718 +gidNumber: 1000 +givenName: Niala +sn: Roh +cn: Niala Roh +homeDirectory: /home/nroh +gecos: Niala Roh +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9V1h5a0pyRDlRQmxDMjBKM2tkTmJmSmNzYXA0d2VFTWM= +loginShell: /bin/bash + +dn: uid=isplonskowski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: isplonskowski +uidNumber: 5719 +gidNumber: 1000 +givenName: Isidore +sn: Splonskowski +cn: Isidore Splonskowski +homeDirectory: /home/isplonskowski +gecos: Isidore Splonskowski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX04WnZRaEU1VE5wTnpPRllKNG8yL2hBPT0= +loginShell: /bin/bash + +dn: uid=cpaccione,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cpaccione +uidNumber: 5720 +gidNumber: 1000 +givenName: Cilla +sn: Paccione +cn: Cilla Paccione +homeDirectory: /home/cpaccione +gecos: Cilla Paccione +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9dFNrTzhZblh1bDdKaU5sOXp6SXpwVmpBT0Eyc1h1RzU= +loginShell: /bin/bash + +dn: uid=dpallesen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dpallesen +uidNumber: 5721 +gidNumber: 1000 +givenName: Don +sn: Pallesen +cn: Don Pallesen +homeDirectory: /home/dpallesen +gecos: Don Pallesen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9aU1kMUdyd0N5akxtdWp2d3RsL1pMUVMvY0Q2ZkIzTnE= +loginShell: /bin/bash + +dn: uid=bbrenton,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bbrenton +uidNumber: 5722 +gidNumber: 1000 +givenName: Bill +sn: Brenton +cn: Bill Brenton +homeDirectory: /home/bbrenton +gecos: Bill Brenton +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX04bDh1WkpBRThsR2pJQWFVWDFXRGp3PT0= +loginShell: /bin/bash + +dn: uid=ihegener,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ihegener +uidNumber: 5723 +gidNumber: 1000 +givenName: Iselle +sn: Hegener +cn: Iselle Hegener +homeDirectory: /home/ihegener +gecos: Iselle Hegener +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXAzdGNVTC5zTjB2V2c= +loginShell: /bin/bash + +dn: uid=ktoni,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ktoni +uidNumber: 5724 +gidNumber: 1000 +givenName: Kamba +sn: Toni +cn: Kamba Toni +homeDirectory: /home/ktoni +gecos: Kamba Toni +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9OWdGdUhucmlkcTI5R00wRGpRNm1aanVld0JyenpLM2E= +loginShell: /bin/bash + +dn: uid=zrenderos,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zrenderos +uidNumber: 5725 +gidNumber: 1000 +givenName: Zuman +sn: Renderos +cn: Zuman Renderos +homeDirectory: /home/zrenderos +gecos: Zuman Renderos +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Zmp2YklaSUlVL1Fka0xKcVVRNVB2VzQvamdzU0Rxczg= +loginShell: /bin/bash + +dn: cn=Gabrielle Deyarmond+uid=gdeyarmond,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gdeyarmond +uidNumber: 5726 +gidNumber: 1000 +givenName: Gabrielle +sn: Deyarmond +cn: Gabrielle Deyarmond +homeDirectory: /home/gdeyarmond +gecos: Gabrielle Deyarmond +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9c0ZFV2lWQmduaHFhOE82Z2dQTUQ1Q3NwZjFETDBIZVA= +loginShell: /bin/bash + +dn: cn=Marilyn Mangiamele,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mmangiamele +uidNumber: 5727 +gidNumber: 1000 +givenName: Marilyn +sn: Mangiamele +cn: Marilyn Mangiamele +homeDirectory: /home/mmangiamele +gecos: Marilyn Mangiamele +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfU41bWYxTzZuT2thbUU= +loginShell: /bin/bash + +dn: uid=fverfaille,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fverfaille +uidNumber: 5728 +gidNumber: 1000 +givenName: Ferdinand +sn: Verfaille +cn: Ferdinand Verfaille +homeDirectory: /home/fverfaille +gecos: Ferdinand Verfaille +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9aXhsQ1RvSlZsSUZ4U0JzVmxtaEFXMHowUGx2ci83OW8= +loginShell: /bin/bash + +dn: uid=ysturino,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ysturino +uidNumber: 5729 +gidNumber: 1000 +givenName: Yasi +sn: Sturino +cn: Yasi Sturino +homeDirectory: /home/ysturino +gecos: Yasi Sturino +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9SFFtaVhZTlpGbm5KSG81MmIyc1dRNXN1VWprPQ== +loginShell: /bin/bash + +dn: cn=Lisa Bruscino+uid=lbruscino,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lbruscino +uidNumber: 5730 +gidNumber: 1000 +givenName: Lisa +sn: Bruscino +cn: Lisa Bruscino +homeDirectory: /home/lbruscino +gecos: Lisa Bruscino +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YnJha2Vk +loginShell: /bin/bash + +dn: uid=pfavolise,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pfavolise +uidNumber: 5731 +gidNumber: 1000 +givenName: Philippe +sn: Favolise +cn: Philippe Favolise +homeDirectory: /home/pfavolise +gecos: Philippe Favolise +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bW91c3k= +loginShell: /bin/bash + +dn: uid=faleo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: faleo +uidNumber: 5732 +gidNumber: 1000 +givenName: Fay +sn: Aleo +cn: Fay Aleo +homeDirectory: /home/faleo +gecos: Fay Aleo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXV5RUdhaEM4NFExZVE= +loginShell: /bin/bash + +dn: uid=pduitscher,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pduitscher +uidNumber: 5733 +gidNumber: 1000 +givenName: Pali +sn: Duitscher +cn: Pali Duitscher +homeDirectory: /home/pduitscher +gecos: Pali Duitscher +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1Mb2Jnam5XNExaM3ZNSTczMlN6SlNPc3pUc2s9 +loginShell: /bin/bash + +dn: uid=tguinnip,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tguinnip +uidNumber: 5734 +gidNumber: 1000 +givenName: Tiogo +sn: Guinnip +cn: Tiogo Guinnip +homeDirectory: /home/tguinnip +gecos: Tiogo Guinnip +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y29tbWVtb3JhdGluZw== +loginShell: /bin/bash + +dn: uid=dbarriball,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dbarriball +uidNumber: 5735 +gidNumber: 1000 +givenName: David +sn: Barriball +cn: David Barriball +homeDirectory: /home/dbarriball +gecos: David Barriball +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y2hpdGNoYXQ= +loginShell: /bin/bash + +dn: uid=dmccoyle,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dmccoyle +uidNumber: 5736 +gidNumber: 1000 +givenName: Dalila +sn: Mccoyle +cn: Dalila Mccoyle +homeDirectory: /home/dmccoyle +gecos: Dalila Mccoyle +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9L1FkYUduMUtreWE4Z2thTklaSzBZUlFzY3FFTi9tZms= +loginShell: /bin/bash + +dn: cn=Wukong Gwaltney+uid=wgwaltney,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wgwaltney +uidNumber: 5737 +gidNumber: 1000 +givenName: Wukong +sn: Gwaltney +cn: Wukong Gwaltney +homeDirectory: /home/wgwaltney +gecos: Wukong Gwaltney +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9SFdRSEFrNUJEQy9LR3p0cG1xbWhNTis4dnFpS1NYM2I= +loginShell: /bin/bash + +dn: uid=hpenick,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hpenick +uidNumber: 5738 +gidNumber: 1000 +givenName: Henriette +sn: Penick +cn: Henriette Penick +homeDirectory: /home/hpenick +gecos: Henriette Penick +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9VHM3cHh4ZEVPd1pjRDNISDU5eEJwTU4vV3hrPQ== +loginShell: /bin/bash + +dn: cn=Ewiniar Moradian,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: emoradian +uidNumber: 5739 +gidNumber: 1000 +givenName: Ewiniar +sn: Moradian +cn: Ewiniar Moradian +homeDirectory: /home/emoradian +gecos: Ewiniar Moradian +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cDlMcVNxeXBlelZVZkJjMkZMOXVsdVdUbUJvPQ== +loginShell: /bin/bash + +dn: cn=Tammie Boxx,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tboxx +uidNumber: 5740 +gidNumber: 1000 +givenName: Tammie +sn: Boxx +cn: Tammie Boxx +homeDirectory: /home/tboxx +gecos: Tammie Boxx +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0yVlVCRjFnRWsybW54TnFmMFk1akFVR0Nidk09 +loginShell: /bin/bash + +dn: cn=Adeline Lat,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: alat +uidNumber: 5741 +gidNumber: 1000 +givenName: Adeline +sn: Lat +cn: Adeline Lat +homeDirectory: /home/alat +gecos: Adeline Lat +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9dHFBOWJYeWc2cnUvMUtyT0Fmb3NJazRDR25zPQ== +loginShell: /bin/bash + +dn: uid=owhelchel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: owhelchel +uidNumber: 5742 +gidNumber: 1000 +givenName: Otto +sn: Whelchel +cn: Otto Whelchel +homeDirectory: /home/owhelchel +gecos: Otto Whelchel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXdLY1QvSVovZFFXTzY= +loginShell: /bin/bash + +dn: uid=vbonder,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vbonder +uidNumber: 5743 +gidNumber: 1000 +givenName: Victor +sn: Bonder +cn: Victor Bonder +homeDirectory: /home/vbonder +gecos: Victor Bonder +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0rTWQ4Tys0TDFkSjduS0RpRENGdEdnPT0= +loginShell: /bin/bash + +dn: uid=vburton,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vburton +uidNumber: 5744 +gidNumber: 1000 +givenName: Vamco +sn: Burton +cn: Vamco Burton +homeDirectory: /home/vburton +gecos: Vamco Burton +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9M1hxYXlMVDVSb3JWUkZtOFFLenV4dGpaU3NVPQ== +loginShell: /bin/bash + +dn: cn=Diana Bissett+uid=dbissett,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dbissett +uidNumber: 5745 +gidNumber: 1000 +givenName: Diana +sn: Bissett +cn: Diana Bissett +homeDirectory: /home/dbissett +gecos: Diana Bissett +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cnVtYmxlcw== +loginShell: /bin/bash + +dn: uid=daveado,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: daveado +uidNumber: 5746 +gidNumber: 1000 +givenName: Dolly +sn: Aveado +cn: Dolly Aveado +homeDirectory: /home/daveado +gecos: Dolly Aveado +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: b3V0bGF5 +loginShell: /bin/bash + +dn: uid=rbloomstrand,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rbloomstrand +uidNumber: 5747 +gidNumber: 1000 +givenName: Robyn +sn: Bloomstrand +cn: Robyn Bloomstrand +homeDirectory: /home/rbloomstrand +gecos: Robyn Bloomstrand +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXlIamJwWDJERkJKaDY= +loginShell: /bin/bash + +dn: uid=umanske,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: umanske +uidNumber: 5748 +gidNumber: 1000 +givenName: Ume +sn: Manske +cn: Ume Manske +homeDirectory: /home/umanske +gecos: Ume Manske +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9c2locjF1MkNwYWZDTHdJMVlFdlg5ZE9DM3c4PQ== +loginShell: /bin/bash + +dn: cn=Lala Chaudoin+uid=lchaudoin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lchaudoin +uidNumber: 5749 +gidNumber: 1000 +givenName: Lala +sn: Chaudoin +cn: Lala Chaudoin +homeDirectory: /home/lchaudoin +gecos: Lala Chaudoin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1URjBwa3JzTDlnTERncUtoUlNMd0ZRPT0= +loginShell: /bin/bash + +dn: uid=amayorga,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: amayorga +uidNumber: 5750 +gidNumber: 1000 +givenName: Alicia +sn: Mayorga +cn: Alicia Mayorga +homeDirectory: /home/amayorga +gecos: Alicia Mayorga +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9dmd0b0RxYXExQ2tIQjVqS0ZNZlNTeGVabHB3PQ== +loginShell: /bin/bash + +dn: uid=phyer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: phyer +uidNumber: 5751 +gidNumber: 1000 +givenName: Pat +sn: Hyer +cn: Pat Hyer +homeDirectory: /home/phyer +gecos: Pat Hyer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9czFnaGtWMUV1dmdDUGFjb3dlL0lIWUdubGhNYWd6T3A= +loginShell: /bin/bash + +dn: uid=ojerabek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ojerabek +uidNumber: 5752 +gidNumber: 1000 +givenName: Olinda +sn: Jerabek +cn: Olinda Jerabek +homeDirectory: /home/ojerabek +gecos: Olinda Jerabek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0ramp6eGxGYmppUEJRSUNBYlo2VXNnPT0= +loginShell: /bin/bash + +dn: cn=Hana Matonak,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hmatonak +uidNumber: 5753 +gidNumber: 1000 +givenName: Hana +sn: Matonak +cn: Hana Matonak +homeDirectory: /home/hmatonak +gecos: Hana Matonak +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1UaDVNU2ZsVHV6MHBhQzRNajJOaFJRPT0= +loginShell: /bin/bash + +dn: uid=tmalecki,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tmalecki +uidNumber: 5754 +gidNumber: 1000 +givenName: Tuni +sn: Malecki +cn: Tuni Malecki +homeDirectory: /home/tmalecki +gecos: Tuni Malecki +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTBmY0gwdVBQblpUT3M= +loginShell: /bin/bash + +dn: uid=pquiller,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pquiller +uidNumber: 5755 +gidNumber: 1000 +givenName: Pali +sn: Quiller +cn: Pali Quiller +homeDirectory: /home/pquiller +gecos: Pali Quiller +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1tYjRlNW5vQk53a3RQUkVzQmlERlVnPT0= +loginShell: /bin/bash + +dn: uid=nevan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nevan +uidNumber: 5756 +gidNumber: 1000 +givenName: Nida +sn: Evan +cn: Nida Evan +homeDirectory: /home/nevan +gecos: Nida Evan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9S3puNGJuMkNVQ1dBTW1KRkxjT2lPcytnYWZCaFRMemk= +loginShell: /bin/bash + +dn: uid=hmaresco,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hmaresco +uidNumber: 5757 +gidNumber: 1000 +givenName: Hilda +sn: Maresco +cn: Hilda Maresco +homeDirectory: /home/hmaresco +gecos: Hilda Maresco +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1DQW4rRzRpbEpJYWpiek5Oam1xZ0J3PT0= +loginShell: /bin/bash + +dn: cn=Chan-hom Noriego+uid=cnoriego,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cnoriego +uidNumber: 5758 +gidNumber: 1000 +givenName: Chan-hom +sn: Noriego +cn: Chan-hom Noriego +homeDirectory: /home/cnoriego +gecos: Chan-hom Noriego +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTlWckVwM0VuRDE3Nk0= +loginShell: /bin/bash + +dn: cn=Trevor Wedel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: twedel +uidNumber: 5759 +gidNumber: 1000 +givenName: Trevor +sn: Wedel +cn: Trevor Wedel +homeDirectory: /home/twedel +gecos: Trevor Wedel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWg2WnVWT0ZhM2lvSWc= +loginShell: /bin/bash + +dn: uid=mvanpelt,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mvanpelt +uidNumber: 5760 +gidNumber: 1000 +givenName: Miriam +sn: Vanpelt +cn: Miriam Vanpelt +homeDirectory: /home/mvanpelt +gecos: Miriam Vanpelt +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVdDVkl1ZS5MY0x6b1E= +loginShell: /bin/bash + +dn: uid=cfilippello,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cfilippello +uidNumber: 5761 +gidNumber: 1000 +givenName: Cora +sn: Filippello +cn: Cora Filippello +homeDirectory: /home/cfilippello +gecos: Cora Filippello +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1pWVFRT2J5M3NGOW8yTHI4UEtjVGI0M0ZHZ1k9 +loginShell: /bin/bash + +dn: uid=nsytsma,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nsytsma +uidNumber: 5762 +gidNumber: 1000 +givenName: Nicole +sn: Sytsma +cn: Nicole Sytsma +homeDirectory: /home/nsytsma +gecos: Nicole Sytsma +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1XZGhwUFlTRUJjRWpXUFQ3OG9GeWU4SFVhYmM9 +loginShell: /bin/bash + +dn: uid=kmuros,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kmuros +uidNumber: 5763 +gidNumber: 1000 +givenName: Kodo +sn: Muros +cn: Kodo Muros +homeDirectory: /home/kmuros +gecos: Kodo Muros +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX03SlV6ZmxJTUxIeURvM1NsQUZ4Y2V3PT0= +loginShell: /bin/bash + +dn: uid=skuntz,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: skuntz +uidNumber: 5764 +gidNumber: 1000 +givenName: Sanvu +sn: Kuntz +cn: Sanvu Kuntz +homeDirectory: /home/skuntz +gecos: Sanvu Kuntz +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3VubmluZw== +loginShell: /bin/bash + +dn: uid=hspiry,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hspiry +uidNumber: 5765 +gidNumber: 1000 +givenName: Helen +sn: Spiry +cn: Helen Spiry +homeDirectory: /home/hspiry +gecos: Helen Spiry +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9SVA2cER1WWIwUm8reHY3TnRGeWpwSUN2emp3PQ== +loginShell: /bin/bash + +dn: cn=Otto Calleo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ocalleo +uidNumber: 5766 +gidNumber: 1000 +givenName: Otto +sn: Calleo +cn: Otto Calleo +homeDirectory: /home/ocalleo +gecos: Otto Calleo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Z3VuZmlyZQ== +loginShell: /bin/bash + +dn: uid=kwinterling,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kwinterling +uidNumber: 5767 +gidNumber: 1000 +givenName: Kika +sn: Winterling +cn: Kika Winterling +homeDirectory: /home/kwinterling +gecos: Kika Winterling +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVYwUTVtV3kzczc5U3c= +loginShell: /bin/bash + +dn: cn=Usta Neice+uid=uneice,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: uneice +uidNumber: 5768 +gidNumber: 1000 +givenName: Usta +sn: Neice +cn: Usta Neice +homeDirectory: /home/uneice +gecos: Usta Neice +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9c3Q2YnR6UzlmUURqUERNQWdLOHluRlU4WG9aakV1bmQ= +loginShell: /bin/bash + +dn: uid=tsowells,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tsowells +uidNumber: 5769 +gidNumber: 1000 +givenName: Talim +sn: Sowells +cn: Talim Sowells +homeDirectory: /home/tsowells +gecos: Talim Sowells +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZGVtb25zdHJhdGlvbg== +loginShell: /bin/bash + +dn: uid=ghanauer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ghanauer +uidNumber: 5770 +gidNumber: 1000 +givenName: Gavin +sn: Hanauer +cn: Gavin Hanauer +homeDirectory: /home/ghanauer +gecos: Gavin Hanauer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9c1V3bGxGbzgzcjloeWo5aDBqcnR2UHpyL2NnPQ== +loginShell: /bin/bash + +dn: uid=wvermeulen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wvermeulen +uidNumber: 5771 +gidNumber: 1000 +givenName: Wiley +sn: Vermeulen +cn: Wiley Vermeulen +homeDirectory: /home/wvermeulen +gecos: Wiley Vermeulen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX01ZlVPQzZYZDBzVEZpc1QxbThSRStOVDg3Znc9 +loginShell: /bin/bash + +dn: cn=Uzale Tircuit+uid=utircuit,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: utircuit +uidNumber: 5772 +gidNumber: 1000 +givenName: Uzale +sn: Tircuit +cn: Uzale Tircuit +homeDirectory: /home/utircuit +gecos: Uzale Tircuit +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1HR2NTUVFMVFhZQUExbDNkTE55azJXenp5Z0U9 +loginShell: /bin/bash + +dn: uid=mjacox,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mjacox +uidNumber: 5773 +gidNumber: 1000 +givenName: Maria +sn: Jacox +cn: Maria Jacox +homeDirectory: /home/mjacox +gecos: Maria Jacox +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZmxhbWVz +loginShell: /bin/bash + +dn: uid=jfay,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jfay +uidNumber: 5774 +gidNumber: 1000 +givenName: Jack +sn: Fay +cn: Jack Fay +homeDirectory: /home/jfay +gecos: Jack Fay +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1nbHMzRUMxNWdselFpSmhPZDJBa1E0b0ZhRU09 +loginShell: /bin/bash + +dn: uid=ugowans,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ugowans +uidNumber: 5775 +gidNumber: 1000 +givenName: Ulia +sn: Gowans +cn: Ulia Gowans +homeDirectory: /home/ugowans +gecos: Ulia Gowans +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0rMVR6eFprcmx0QUJ1eGJvNlMyV2pRPT0= +loginShell: /bin/bash + +dn: uid=prowena,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: prowena +uidNumber: 5776 +gidNumber: 1000 +givenName: Patty +sn: Rowena +cn: Patty Rowena +homeDirectory: /home/prowena +gecos: Patty Rowena +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9Q2N5eEtKUG5oR2JTQ2pzeWl0WHFuZERTUktRPQ== +loginShell: /bin/bash + +dn: cn=Koppu Joslyn,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kjoslyn +uidNumber: 5777 +gidNumber: 1000 +givenName: Koppu +sn: Joslyn +cn: Koppu Joslyn +homeDirectory: /home/kjoslyn +gecos: Koppu Joslyn +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bWV0aGFuZQ== +loginShell: /bin/bash + +dn: uid=jpidcock,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jpidcock +uidNumber: 5778 +gidNumber: 1000 +givenName: Jasmine +sn: Pidcock +cn: Jasmine Pidcock +homeDirectory: /home/jpidcock +gecos: Jasmine Pidcock +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1IZDB5ejh6OTI3a1d1RmN5YWtWaW1RPT0= +loginShell: /bin/bash + +dn: cn=Frederic Spiess,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fspiess +uidNumber: 5779 +gidNumber: 1000 +givenName: Frederic +sn: Spiess +cn: Frederic Spiess +homeDirectory: /home/fspiess +gecos: Frederic Spiess +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YXR0YWNrZWQ= +loginShell: /bin/bash + +dn: uid=llaneaux,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: llaneaux +uidNumber: 5780 +gidNumber: 1000 +givenName: Laura +sn: Laneaux +cn: Laura Laneaux +homeDirectory: /home/llaneaux +gecos: Laura Laneaux +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bm9ydGhlYXN0ZXJu +loginShell: /bin/bash + +dn: uid=epoinelli,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: epoinelli +uidNumber: 5781 +gidNumber: 1000 +givenName: Ekeka +sn: Poinelli +cn: Ekeka Poinelli +homeDirectory: /home/epoinelli +gecos: Ekeka Poinelli +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cHViJ3M= +loginShell: /bin/bash + +dn: uid=efudala,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: efudala +uidNumber: 5782 +gidNumber: 1000 +givenName: Evan +sn: Fudala +cn: Evan Fudala +homeDirectory: /home/efudala +gecos: Evan Fudala +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9akVjRlFUMk90L2h5UzV1R0xrTExNdmQ3eUpBPQ== +loginShell: /bin/bash + +dn: uid=pthornberry,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pthornberry +uidNumber: 5783 +gidNumber: 1000 +givenName: Pindile +sn: Thornberry +cn: Pindile Thornberry +homeDirectory: /home/pthornberry +gecos: Pindile Thornberry +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0yUWdRYitwNzVvYmVNVUNSeGxxZXBvTUtaVVk9 +loginShell: /bin/bash + +dn: uid=dslade,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dslade +uidNumber: 5784 +gidNumber: 1000 +givenName: Dominic +sn: Slade +cn: Dominic Slade +homeDirectory: /home/dslade +gecos: Dominic Slade +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1zRXd1MFd3UUdjb2RLTFVwNkU0Ri9nPT0= +loginShell: /bin/bash + +dn: cn=Farrah Carvosso,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fcarvosso +uidNumber: 5785 +gidNumber: 1000 +givenName: Farrah +sn: Carvosso +cn: Farrah Carvosso +homeDirectory: /home/fcarvosso +gecos: Farrah Carvosso +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9MzhJRkdmL3pEUExJNHVYbHhGcVdkdFBTQ1lFPQ== +loginShell: /bin/bash + +dn: uid=rfassinger,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rfassinger +uidNumber: 5786 +gidNumber: 1000 +givenName: Rina +sn: Fassinger +cn: Rina Fassinger +homeDirectory: /home/rfassinger +gecos: Rina Fassinger +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: dGVtcGxhdGVz +loginShell: /bin/bash + +dn: uid=tmccamish,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tmccamish +uidNumber: 5787 +gidNumber: 1000 +givenName: Terry +sn: Mccamish +cn: Terry Mccamish +homeDirectory: /home/tmccamish +gecos: Terry Mccamish +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9V3FnRjRpUnBVMklCZDBHaU5ucTdrb2pPQVVnQkRKcjI= +loginShell: /bin/bash + +dn: uid=cpentreath,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cpentreath +uidNumber: 5788 +gidNumber: 1000 +givenName: Conson +sn: Pentreath +cn: Conson Pentreath +homeDirectory: /home/cpentreath +gecos: Conson Pentreath +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0rRnpJaXFiNGt6c21TZGwxU1kvZGdwamVjbmM9 +loginShell: /bin/bash + +dn: uid=jroman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jroman +uidNumber: 5789 +gidNumber: 1000 +givenName: Jasmine +sn: Roman +cn: Jasmine Roman +homeDirectory: /home/jroman +gecos: Jasmine Roman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTFROHhqaVFmREdSc0U= +loginShell: /bin/bash + +dn: cn=Norman Bethany,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nbethany +uidNumber: 5790 +gidNumber: 1000 +givenName: Norman +sn: Bethany +cn: Norman Bethany +homeDirectory: /home/nbethany +gecos: Norman Bethany +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVNOLnlqUVRZeWlEYmc= +loginShell: /bin/bash + +dn: uid=clouder,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: clouder +uidNumber: 5791 +gidNumber: 1000 +givenName: Claudia +sn: Louder +cn: Claudia Louder +homeDirectory: /home/clouder +gecos: Claudia Louder +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1TSklSdGlva2k2SUlvUFhGNk9Ca2J3PT0= +loginShell: /bin/bash + +dn: cn=Lidia Bramel+uid=lbramel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lbramel +uidNumber: 5792 +gidNumber: 1000 +givenName: Lidia +sn: Bramel +cn: Lidia Bramel +homeDirectory: /home/lbramel +gecos: Lidia Bramel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3RlYWx0aGlseQ== +loginShell: /bin/bash + +dn: uid=nspanbauer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nspanbauer +uidNumber: 5793 +gidNumber: 1000 +givenName: Nisha +sn: Spanbauer +cn: Nisha Spanbauer +homeDirectory: /home/nspanbauer +gecos: Nisha Spanbauer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9R2ZqZUtNdUFlNFVRQytIZzEveFFnUW92RVVRPQ== +loginShell: /bin/bash + +dn: cn=Lester Felan+uid=lfelan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lfelan +uidNumber: 5794 +gidNumber: 1000 +givenName: Lester +sn: Felan +cn: Lester Felan +homeDirectory: /home/lfelan +gecos: Lester Felan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Ym9iYmVk +loginShell: /bin/bash + +dn: cn=Isabel Yorgey+uid=iyorgey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: iyorgey +uidNumber: 5795 +gidNumber: 1000 +givenName: Isabel +sn: Yorgey +cn: Isabel Yorgey +homeDirectory: /home/iyorgey +gecos: Isabel Yorgey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9L3Q4NHlVNTZHNVE4ODhBODIvaVEwcnd5N1lkWHhIS2E= +loginShell: /bin/bash + +dn: uid=mcasida,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mcasida +uidNumber: 5796 +gidNumber: 1000 +givenName: Marcus +sn: Casida +cn: Marcus Casida +homeDirectory: /home/mcasida +gecos: Marcus Casida +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9YjlKR3BXSU1zcGJ5R1V1SHkvNWdQRkZmSThhQmJTYnQ= +loginShell: /bin/bash + +dn: uid=mlantieri,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mlantieri +uidNumber: 5797 +gidNumber: 1000 +givenName: Maria +sn: Lantieri +cn: Maria Lantieri +homeDirectory: /home/mlantieri +gecos: Maria Lantieri +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: dml0cmlvbGlj +loginShell: /bin/bash + +dn: cn=Wutip Prosienski,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wprosienski +uidNumber: 5798 +gidNumber: 1000 +givenName: Wutip +sn: Prosienski +cn: Wutip Prosienski +homeDirectory: /home/wprosienski +gecos: Wutip Prosienski +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1qL3dBM1BFWGFmdjNaRXRieEZsWmR5OGtJbGM9 +loginShell: /bin/bash + +dn: uid=dhendon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dhendon +uidNumber: 5799 +gidNumber: 1000 +givenName: Durian +sn: Hendon +cn: Durian Hendon +homeDirectory: /home/dhendon +gecos: Durian Hendon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUtMTDhwN00veHd0SVE= +loginShell: /bin/bash + +dn: cn=Debby Castillion+uid=dcastillion,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dcastillion +uidNumber: 5800 +gidNumber: 1000 +givenName: Debby +sn: Castillion +cn: Debby Castillion +homeDirectory: /home/dcastillion +gecos: Debby Castillion +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9OGpTcmw0Uy85NitFZkdrT1kvV1hXWTBXLytNPQ== +loginShell: /bin/bash + +dn: uid=mlinardi,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mlinardi +uidNumber: 5801 +gidNumber: 1000 +givenName: May +sn: Linardi +cn: May Linardi +homeDirectory: /home/mlinardi +gecos: May Linardi +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3dvcmQ= +loginShell: /bin/bash + +dn: uid=rmagnone,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rmagnone +uidNumber: 5802 +gidNumber: 1000 +givenName: Rose +sn: Magnone +cn: Rose Magnone +homeDirectory: /home/rmagnone +gecos: Rose Magnone +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9bW9CWDhIdXY2N2Nwa29xeDhuYkI4czd0WTJPRVV3bzA= +loginShell: /bin/bash + +dn: cn=Leslie Mccosh,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lmccosh +uidNumber: 5803 +gidNumber: 1000 +givenName: Leslie +sn: Mccosh +cn: Leslie Mccosh +homeDirectory: /home/lmccosh +gecos: Leslie Mccosh +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1JM0xpVUkyUnFXTjltVXo5YkFwRTdBPT0= +loginShell: /bin/bash + +dn: uid=fberra,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fberra +uidNumber: 5804 +gidNumber: 1000 +givenName: Fausto +sn: Berra +cn: Fausto Berra +homeDirectory: /home/fberra +gecos: Fausto Berra +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9TGRsUUtRVnZrWUtQTzE5dDhMVTNBbnpsdlFFWTlrYkM= +loginShell: /bin/bash + +dn: cn=Tui Liekhus,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tliekhus +uidNumber: 5805 +gidNumber: 1000 +givenName: Tui +sn: Liekhus +cn: Tui Liekhus +homeDirectory: /home/tliekhus +gecos: Tui Liekhus +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9WmJHMGhZRnZvRGVmQXcvSFR3WTAvRkszU01BPQ== +loginShell: /bin/bash + +dn: uid=fhain,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fhain +uidNumber: 5806 +gidNumber: 1000 +givenName: Frederic +sn: Hain +cn: Frederic Hain +homeDirectory: /home/fhain +gecos: Frederic Hain +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1qRlJkNm51RFJkNlhJd2RFZEF3WDV2QlZTdjQ9 +loginShell: /bin/bash + +dn: uid=thomme,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: thomme +uidNumber: 5807 +gidNumber: 1000 +givenName: Tam +sn: Homme +cn: Tam Homme +homeDirectory: /home/thomme +gecos: Tam Homme +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXBZd0lHdWlJOWpjcEE= +loginShell: /bin/bash + +dn: uid=uhayakawa,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: uhayakawa +uidNumber: 5808 +gidNumber: 1000 +givenName: Upia +sn: Hayakawa +cn: Upia Hayakawa +homeDirectory: /home/uhayakawa +gecos: Upia Hayakawa +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUVMQy80OS9aWEdiVTI= +loginShell: /bin/bash + +dn: uid=llampier,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: llampier +uidNumber: 5809 +gidNumber: 1000 +givenName: Linfa +sn: Lampier +cn: Linfa Lampier +homeDirectory: /home/llampier +gecos: Linfa Lampier +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWZjTllOeU83dVBBM00= +loginShell: /bin/bash + +dn: cn=Juan Eidem,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jeidem +uidNumber: 5810 +gidNumber: 1000 +givenName: Juan +sn: Eidem +cn: Juan Eidem +homeDirectory: /home/jeidem +gecos: Juan Eidem +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9dTAvdEtBR21NejVKaFJyWXVVQ3ZaOE5HMU5GQ1M2RFA= +loginShell: /bin/bash + +dn: uid=sdefrain,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sdefrain +uidNumber: 5811 +gidNumber: 1000 +givenName: Sarah +sn: Defrain +cn: Sarah Defrain +homeDirectory: /home/sdefrain +gecos: Sarah Defrain +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXFYR3IzbTBMVGY4bEU= +loginShell: /bin/bash + +dn: uid=dsgambati,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dsgambati +uidNumber: 5812 +gidNumber: 1000 +givenName: Dennis +sn: Sgambati +cn: Dennis Sgambati +homeDirectory: /home/dsgambati +gecos: Dennis Sgambati +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUZ3ZGdGcFhmYkRmdWc= +loginShell: /bin/bash + +dn: uid=iseipel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: iseipel +uidNumber: 5813 +gidNumber: 1000 +givenName: Ilsa +sn: Seipel +cn: Ilsa Seipel +homeDirectory: /home/iseipel +gecos: Ilsa Seipel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0vQTJaMjZLSVRUN3o4Vno2MDlIOWFHM2owWEE9 +loginShell: /bin/bash + +dn: cn=Nicky Hija+uid=nhija,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nhija +uidNumber: 5814 +gidNumber: 1000 +givenName: Nicky +sn: Hija +cn: Nicky Hija +homeDirectory: /home/nhija +gecos: Nicky Hija +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1mYjVJZVFGVFYxYTk0NnBzQVRRdGhFeUJOeHc9 +loginShell: /bin/bash + +dn: uid=iambrosino,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: iambrosino +uidNumber: 5815 +gidNumber: 1000 +givenName: Ingrid +sn: Ambrosino +cn: Ingrid Ambrosino +homeDirectory: /home/iambrosino +gecos: Ingrid Ambrosino +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX14c2ZzOU95OGpGYlhtN3Yrb0FDUEdRPT0= +loginShell: /bin/bash + +dn: uid=sbonnie,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sbonnie +uidNumber: 5816 +gidNumber: 1000 +givenName: Sergio +sn: Bonnie +cn: Sergio Bonnie +homeDirectory: /home/sbonnie +gecos: Sergio Bonnie +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX15cmdSSDlDM0VLTTJ5SmpsT1FrT05BPT0= +loginShell: /bin/bash + +dn: uid=njordon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: njordon +uidNumber: 5817 +gidNumber: 1000 +givenName: Nathan +sn: Jordon +cn: Nathan Jordon +homeDirectory: /home/njordon +gecos: Nathan Jordon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9SmhRZTJvNzJwWVN1YS83anFCTjNoMXVFbnFoN2Y4aFE= +loginShell: /bin/bash + +dn: cn=Wilfred Bryar+uid=wbryar,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wbryar +uidNumber: 5818 +gidNumber: 1000 +givenName: Wilfred +sn: Bryar +cn: Wilfred Bryar +homeDirectory: /home/wbryar +gecos: Wilfred Bryar +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9MUQ3eFgvUU5kaGZCR3RvK1ZuVjNXd1krenNVUnVJSGE= +loginShell: /bin/bash + +dn: uid=csever,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: csever +uidNumber: 5819 +gidNumber: 1000 +givenName: Camille +sn: Sever +cn: Camille Sever +homeDirectory: /home/csever +gecos: Camille Sever +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1salI4MFBYaDVYUytXRnczVDUvWWFkSHhNOE09 +loginShell: /bin/bash + +dn: uid=lelsaesser,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lelsaesser +uidNumber: 5820 +gidNumber: 1000 +givenName: Lingling +sn: Elsaesser +cn: Lingling Elsaesser +homeDirectory: /home/lelsaesser +gecos: Lingling Elsaesser +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1hM1IyVTVaUllBNEk1SDNFcTNPMkRIeXhoY009 +loginShell: /bin/bash + +dn: uid=rfauerbach,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rfauerbach +uidNumber: 5821 +gidNumber: 1000 +givenName: Roslyn +sn: Fauerbach +cn: Roslyn Fauerbach +homeDirectory: /home/rfauerbach +gecos: Roslyn Fauerbach +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YXBwcm9wcmlhdGluZw== +loginShell: /bin/bash + +dn: cn=Narda Filipek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nfilipek +uidNumber: 5822 +gidNumber: 1000 +givenName: Narda +sn: Filipek +cn: Narda Filipek +homeDirectory: /home/nfilipek +gecos: Narda Filipek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1sUC9aUit1R3k2VHZmTVpHSVRXamlBPT0= +loginShell: /bin/bash + +dn: uid=sanderegg,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sanderegg +uidNumber: 5823 +gidNumber: 1000 +givenName: Solo +sn: Anderegg +cn: Solo Anderegg +homeDirectory: /home/sanderegg +gecos: Solo Anderegg +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZmVuY2Vk +loginShell: /bin/bash + +dn: cn=Harriet Sumrell+uid=hsumrell,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hsumrell +uidNumber: 5824 +gidNumber: 1000 +givenName: Harriet +sn: Sumrell +cn: Harriet Sumrell +homeDirectory: /home/hsumrell +gecos: Harriet Sumrell +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9QVhNK2E5YWdZNmp2UWFPcW92TVp5SzlXOGhBPQ== +loginShell: /bin/bash + +dn: cn=Glenda Mings+uid=gmings,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gmings +uidNumber: 5825 +gidNumber: 1000 +givenName: Glenda +sn: Mings +cn: Glenda Mings +homeDirectory: /home/gmings +gecos: Glenda Mings +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9YjkxaDNNMnFtY21rY2lzMjAvcURpT3BuMFBZdnV3QTg= +loginShell: /bin/bash + +dn: cn=Bessi Wynes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bwynes +uidNumber: 5826 +gidNumber: 1000 +givenName: Bessi +sn: Wynes +cn: Bessi Wynes +homeDirectory: /home/bwynes +gecos: Bessi Wynes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1oWnpTak12cEt3ODRZNGw3RDUydnVBPT0= +loginShell: /bin/bash + +dn: cn=Marcia Jennings,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mjennings +uidNumber: 5827 +gidNumber: 1000 +givenName: Marcia +sn: Jennings +cn: Marcia Jennings +homeDirectory: /home/mjennings +gecos: Marcia Jennings +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1NOVJMV01jQno4ZXpJT0FQRUVEZlgxc2JGVlk9 +loginShell: /bin/bash + +dn: uid=dwittlinger,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dwittlinger +uidNumber: 5828 +gidNumber: 1000 +givenName: Danny +sn: Wittlinger +cn: Danny Wittlinger +homeDirectory: /home/dwittlinger +gecos: Danny Wittlinger +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1DUmM1TjJaWXRnQXZ6bTdxcFJjeUZ3PT0= +loginShell: /bin/bash + +dn: uid=sbettridge,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sbettridge +uidNumber: 5829 +gidNumber: 1000 +givenName: Susan +sn: Bettridge +cn: Susan Bettridge +homeDirectory: /home/sbettridge +gecos: Susan Bettridge +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1FdlNCQy9MQ0VFUFphR0hBeGgrWU5nPT0= +loginShell: /bin/bash + +dn: cn=Zita Bains+uid=zbains,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zbains +uidNumber: 5830 +gidNumber: 1000 +givenName: Zita +sn: Bains +cn: Zita Bains +homeDirectory: /home/zbains +gecos: Zita Bains +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1rRGVnbUxpNE5jM293K0lBWDg1dFBBPT0= +loginShell: /bin/bash + +dn: cn=Virginie Enfort,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: venfort +uidNumber: 5831 +gidNumber: 1000 +givenName: Virginie +sn: Enfort +cn: Virginie Enfort +homeDirectory: /home/venfort +gecos: Virginie Enfort +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1xTUVJQ3NUK0F2SmNqVGZWTFFrOENrVHpnaDA9 +loginShell: /bin/bash + +dn: cn=Ela Hathcock,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ehathcock +uidNumber: 5832 +gidNumber: 1000 +givenName: Ela +sn: Hathcock +cn: Ela Hathcock +homeDirectory: /home/ehathcock +gecos: Ela Hathcock +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1mTExLRVJxT3RPakQ2U0JrYVdNcE95ZWxRUmM9 +loginShell: /bin/bash + +dn: cn=Willa Colbenson,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wcolbenson +uidNumber: 5833 +gidNumber: 1000 +givenName: Willa +sn: Colbenson +cn: Willa Colbenson +homeDirectory: /home/wcolbenson +gecos: Willa Colbenson +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1ZenFjdXkvclVCZ203VFBWYmp1ZlJ3PT0= +loginShell: /bin/bash + +dn: uid=jmarugg,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jmarugg +uidNumber: 5834 +gidNumber: 1000 +givenName: Jo +sn: Marugg +cn: Jo Marugg +homeDirectory: /home/jmarugg +gecos: Jo Marugg +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9bE52bEZpaVQxWXpleW5IUitVdVFQUzVMWm9nPQ== +loginShell: /bin/bash + +dn: uid=fluthe,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fluthe +uidNumber: 5835 +gidNumber: 1000 +givenName: Favio +sn: Luthe +cn: Favio Luthe +homeDirectory: /home/fluthe +gecos: Favio Luthe +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9VkUxK28vK0RhWlp6RGdRSmEzVGNJYXVHd1o4PQ== +loginShell: /bin/bash + +dn: uid=fsirianni,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fsirianni +uidNumber: 5836 +gidNumber: 1000 +givenName: Floyd +sn: Sirianni +cn: Floyd Sirianni +homeDirectory: /home/fsirianni +gecos: Floyd Sirianni +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9OVdjWGlOL0V5NzJSOTdMQ3BiblJmZG1iRndnPQ== +loginShell: /bin/bash + +dn: uid=wrott,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wrott +uidNumber: 5837 +gidNumber: 1000 +givenName: Whitney +sn: Rott +cn: Whitney Rott +homeDirectory: /home/wrott +gecos: Whitney Rott +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1XaGozcm5pVUkyckNhWmtjbnltVkZNSU1OcWs9 +loginShell: /bin/bash + +dn: cn=Soudelor Mazzara,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: smazzara +uidNumber: 5838 +gidNumber: 1000 +givenName: Soudelor +sn: Mazzara +cn: Soudelor Mazzara +homeDirectory: /home/smazzara +gecos: Soudelor Mazzara +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9YUg0VFU1MVQ1Ky91bXN2YVlWczBFeVBQNGdVLzlWbWg= +loginShell: /bin/bash + +dn: uid=bjolly,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bjolly +uidNumber: 5839 +gidNumber: 1000 +givenName: Bart +sn: Jolly +cn: Bart Jolly +homeDirectory: /home/bjolly +gecos: Bart Jolly +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9YnBMWGNWRWVwR0QvekZ2cVpWVk5BOUJ0WkRicHhFbTU= +loginShell: /bin/bash + +dn: cn=Panda Bascom,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pbascom +uidNumber: 5840 +gidNumber: 1000 +givenName: Panda +sn: Bascom +cn: Panda Bascom +homeDirectory: /home/pbascom +gecos: Panda Bascom +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9UXJxUVZSUnNVRXFXekhabHJyMEhIS1Z1cHNNPQ== +loginShell: /bin/bash + +dn: uid=mvedder,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mvedder +uidNumber: 5841 +gidNumber: 1000 +givenName: Meranti +sn: Vedder +cn: Meranti Vedder +homeDirectory: /home/mvedder +gecos: Meranti Vedder +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9M2VuN2FHV2hnZUNqYTRmZ0hLOERBV0NSMExnPQ== +loginShell: /bin/bash + +dn: uid=vbracey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vbracey +uidNumber: 5842 +gidNumber: 1000 +givenName: Verdun +sn: Bracey +cn: Verdun Bracey +homeDirectory: /home/vbracey +gecos: Verdun Bracey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1IWER0YUxzWlJJNWZORndHVkJ1TUE3WjZjZ289 +loginShell: /bin/bash + +dn: cn=Clancy Bleimehl+uid=cbleimehl,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cbleimehl +uidNumber: 5843 +gidNumber: 1000 +givenName: Clancy +sn: Bleimehl +cn: Clancy Bleimehl +homeDirectory: /home/cbleimehl +gecos: Clancy Bleimehl +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1VeDcrbWhUY1IyQ1dDTXc5V29rT1ZRPT0= +loginShell: /bin/bash + +dn: uid=nhelfinstine,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nhelfinstine +uidNumber: 5844 +gidNumber: 1000 +givenName: Nesat +sn: Helfinstine +cn: Nesat Helfinstine +homeDirectory: /home/nhelfinstine +gecos: Nesat Helfinstine +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9Tm1YeG9QU1g4bUJ1YlR0bjZNZEUvQldLY3Z6UUdCNVM= +loginShell: /bin/bash + +dn: uid=cpencil,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cpencil +uidNumber: 5845 +gidNumber: 1000 +givenName: Chan-hom +sn: Pencil +cn: Chan-hom Pencil +homeDirectory: /home/cpencil +gecos: Chan-hom Pencil +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX12eTA0OGtnM2FUcDROa2RGV1FMRjdub0NQME09 +loginShell: /bin/bash + +dn: uid=gdaub,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gdaub +uidNumber: 5846 +gidNumber: 1000 +givenName: Grace +sn: Daub +cn: Grace Daub +homeDirectory: /home/gdaub +gecos: Grace Daub +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWEudU9hdXBXMXpCRE0= +loginShell: /bin/bash + +dn: cn=Qoli Hanly,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: qhanly +uidNumber: 5847 +gidNumber: 1000 +givenName: Qoli +sn: Hanly +cn: Qoli Hanly +homeDirectory: /home/qhanly +gecos: Qoli Hanly +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZW50YW5nbGVk +loginShell: /bin/bash + +dn: uid=shoitt,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: shoitt +uidNumber: 5848 +gidNumber: 1000 +givenName: Songda +sn: Hoitt +cn: Songda Hoitt +homeDirectory: /home/shoitt +gecos: Songda Hoitt +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: dW5kZXJ3YXRlcg== +loginShell: /bin/bash + +dn: cn=Marabe Kibler+uid=mkibler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mkibler +uidNumber: 5849 +gidNumber: 1000 +givenName: Marabe +sn: Kibler +cn: Marabe Kibler +homeDirectory: /home/mkibler +gecos: Marabe Kibler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXBnenJ0cm1yUkptcVU= +loginShell: /bin/bash + +dn: cn=Sarah Wallberg,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: swallberg +uidNumber: 5850 +gidNumber: 1000 +givenName: Sarah +sn: Wallberg +cn: Sarah Wallberg +homeDirectory: /home/swallberg +gecos: Sarah Wallberg +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: RWFydGg= +loginShell: /bin/bash + +dn: cn=Yvette Frymoyer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: yfrymoyer +uidNumber: 5851 +gidNumber: 1000 +givenName: Yvette +sn: Frymoyer +cn: Yvette Frymoyer +homeDirectory: /home/yfrymoyer +gecos: Yvette Frymoyer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWFXVVl3YU1HWVNOMm8= +loginShell: /bin/bash + +dn: cn=Bebinca Luppino+uid=bluppino,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bluppino +uidNumber: 5852 +gidNumber: 1000 +givenName: Bebinca +sn: Luppino +cn: Bebinca Luppino +homeDirectory: /home/bluppino +gecos: Bebinca Luppino +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YXJtb3VyaWVz +loginShell: /bin/bash + +dn: uid=eneighbor,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eneighbor +uidNumber: 5853 +gidNumber: 1000 +givenName: Elnus +sn: Neighbor +cn: Elnus Neighbor +homeDirectory: /home/eneighbor +gecos: Elnus Neighbor +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Z2VybXM= +loginShell: /bin/bash + +dn: uid=jwatah,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jwatah +uidNumber: 5854 +gidNumber: 1000 +givenName: June +sn: Watah +cn: June Watah +homeDirectory: /home/jwatah +gecos: June Watah +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1lQmlRRHdqOW9qNEdlU0ZTcS9pZnlRPT0= +loginShell: /bin/bash + +dn: uid=mferandez,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mferandez +uidNumber: 5855 +gidNumber: 1000 +givenName: Maemi +sn: Ferandez +cn: Maemi Ferandez +homeDirectory: /home/mferandez +gecos: Maemi Ferandez +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9OE9McVJxTjByR2gxV2oxVU9jUDFmWk5rWG45WEpXOGg= +loginShell: /bin/bash + +dn: uid=vchevalier,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vchevalier +uidNumber: 5856 +gidNumber: 1000 +givenName: Valerie +sn: Chevalier +cn: Valerie Chevalier +homeDirectory: /home/vchevalier +gecos: Valerie Chevalier +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVdNLzBocE1MYVhlS0k= +loginShell: /bin/bash + +dn: uid=tvallow,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tvallow +uidNumber: 5857 +gidNumber: 1000 +givenName: Tania +sn: Vallow +cn: Tania Vallow +homeDirectory: /home/tvallow +gecos: Tania Vallow +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWFYUm1PMHpSM1Vnb2M= +loginShell: /bin/bash + +dn: uid=sratledge,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sratledge +uidNumber: 5858 +gidNumber: 1000 +givenName: Sudal +sn: Ratledge +cn: Sudal Ratledge +homeDirectory: /home/sratledge +gecos: Sudal Ratledge +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c2xlZXBpbmc= +loginShell: /bin/bash + +dn: uid=ganes,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ganes +uidNumber: 5859 +gidNumber: 1000 +givenName: Gamede +sn: Anes +cn: Gamede Anes +homeDirectory: /home/ganes +gecos: Gamede Anes +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX05eHdMdUMzcmpuMWMxRS9HUVpHTDgvZEJMR009 +loginShell: /bin/bash + +dn: cn=Upia Ransford,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: uransford +uidNumber: 5860 +gidNumber: 1000 +givenName: Upia +sn: Ransford +cn: Upia Ransford +homeDirectory: /home/uransford +gecos: Upia Ransford +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1tTTVTYXRVc1FKZGpRRmhIR0YyY2JBPT0= +loginShell: /bin/bash + +dn: uid=ascheno,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ascheno +uidNumber: 5861 +gidNumber: 1000 +givenName: Adrian +sn: Scheno +cn: Adrian Scheno +homeDirectory: /home/ascheno +gecos: Adrian Scheno +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9WkpHNXQzNjcwRlkyd1Z4cFprSTd1QXRrQ3A3bFM4bFk= +loginShell: /bin/bash + +dn: uid=sdaignault,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sdaignault +uidNumber: 5862 +gidNumber: 1000 +givenName: Songda +sn: Daignault +cn: Songda Daignault +homeDirectory: /home/sdaignault +gecos: Songda Daignault +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1RUVg5Z1BkOXA3NWs5Skdnb1lodUZRPT0= +loginShell: /bin/bash + +dn: uid=cbrechbill,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cbrechbill +uidNumber: 5863 +gidNumber: 1000 +givenName: Carlos +sn: Brechbill +cn: Carlos Brechbill +homeDirectory: /home/cbrechbill +gecos: Carlos Brechbill +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c29sdmVudHM= +loginShell: /bin/bash + +dn: uid=dpfeiffer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dpfeiffer +uidNumber: 5864 +gidNumber: 1000 +givenName: Dovi +sn: Pfeiffer +cn: Dovi Pfeiffer +homeDirectory: /home/dpfeiffer +gecos: Dovi Pfeiffer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Ymlhc2luZw== +loginShell: /bin/bash + +dn: uid=ppeper,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ppeper +uidNumber: 5865 +gidNumber: 1000 +givenName: Peke +sn: Peper +cn: Peke Peper +homeDirectory: /home/ppeper +gecos: Peke Peper +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWFoUE9PQjZ4VmdueU0= +loginShell: /bin/bash + +dn: uid=osaber,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: osaber +uidNumber: 5866 +gidNumber: 1000 +givenName: Oscar +sn: Saber +cn: Oscar Saber +homeDirectory: /home/osaber +gecos: Oscar Saber +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1FUGFEREtrWkNXMVd5RGhqL0ladmc2VWtXQ1E9 +loginShell: /bin/bash + +dn: uid=wlynch,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wlynch +uidNumber: 5867 +gidNumber: 1000 +givenName: Wukong +sn: Lynch +cn: Wukong Lynch +homeDirectory: /home/wlynch +gecos: Wukong Lynch +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cjh6ZGVOclNmSERaYlZ4aTVyT0s5ZW1LRUtNPQ== +loginShell: /bin/bash + +dn: uid=esodachanh,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: esodachanh +uidNumber: 5868 +gidNumber: 1000 +givenName: Elisa +sn: Sodachanh +cn: Elisa Sodachanh +homeDirectory: /home/esodachanh +gecos: Elisa Sodachanh +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Zmx5b3ZlcnM= +loginShell: /bin/bash + +dn: uid=kthede,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kthede +uidNumber: 5869 +gidNumber: 1000 +givenName: Kalmaegi +sn: Thede +cn: Kalmaegi Thede +homeDirectory: /home/kthede +gecos: Kalmaegi Thede +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YnVzdGxl +loginShell: /bin/bash + +dn: uid=hcafourek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hcafourek +uidNumber: 5870 +gidNumber: 1000 +givenName: Haiyan +sn: Cafourek +cn: Haiyan Cafourek +homeDirectory: /home/hcafourek +gecos: Haiyan Cafourek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9R1NQV0xUWEZmYXkwMWc0WGFrYmVLa3FlSXBMVkJUTGQ= +loginShell: /bin/bash + +dn: uid=hcowles,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hcowles +uidNumber: 5871 +gidNumber: 1000 +givenName: Huko +sn: Cowles +cn: Huko Cowles +homeDirectory: /home/hcowles +gecos: Huko Cowles +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9M3VIeWFHSTF6ZmpoQkUyYWwxTkNYVzh4ZExzPQ== +loginShell: /bin/bash + +dn: uid=csarjeant,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: csarjeant +uidNumber: 5872 +gidNumber: 1000 +givenName: Celina +sn: Sarjeant +cn: Celina Sarjeant +homeDirectory: /home/csarjeant +gecos: Celina Sarjeant +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y29uY2VpdmU= +loginShell: /bin/bash + +dn: cn=Pindile Loegering+uid=ploegering,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ploegering +uidNumber: 5873 +gidNumber: 1000 +givenName: Pindile +sn: Loegering +cn: Pindile Loegering +homeDirectory: /home/ploegering +gecos: Pindile Loegering +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9WGRCTUFYVEc0K2VkYTZqVndJT1g0MW44Ly9NVmdmNDE= +loginShell: /bin/bash + +dn: uid=ebattee,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ebattee +uidNumber: 5874 +gidNumber: 1000 +givenName: Etau +sn: Battee +cn: Etau Battee +homeDirectory: /home/ebattee +gecos: Etau Battee +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ZXpCR05kS255ZDNiQVFaVDVWekc1VWl0K0lVenVkWW4= +loginShell: /bin/bash + +dn: uid=jscavotto,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jscavotto +uidNumber: 5875 +gidNumber: 1000 +givenName: Julia +sn: Scavotto +cn: Julia Scavotto +homeDirectory: /home/jscavotto +gecos: Julia Scavotto +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXVKTzRwcnNsbnlnOWM= +loginShell: /bin/bash + +dn: cn=Qoli Aloan+uid=qaloan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: qaloan +uidNumber: 5876 +gidNumber: 1000 +givenName: Qoli +sn: Aloan +cn: Qoli Aloan +homeDirectory: /home/qaloan +gecos: Qoli Aloan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9cUlaUmlma3RDaHVTYmR4Smc2clFQTW9OL0NqdFIwdDk= +loginShell: /bin/bash + +dn: uid=mhowat,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mhowat +uidNumber: 5877 +gidNumber: 1000 +givenName: Meena +sn: Howat +cn: Meena Howat +homeDirectory: /home/mhowat +gecos: Meena Howat +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cDVtNUxtYnE0UFJpbzZaY2FZVEl3MElWT0YwPQ== +loginShell: /bin/bash + +dn: uid=ykello,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ykello +uidNumber: 5878 +gidNumber: 1000 +givenName: Yuri +sn: Kello +cn: Yuri Kello +homeDirectory: /home/ykello +gecos: Yuri Kello +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUluV0M4RmdUWVpKY28= +loginShell: /bin/bash + +dn: uid=ebusk,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ebusk +uidNumber: 5879 +gidNumber: 1000 +givenName: Ellie +sn: Busk +cn: Ellie Busk +homeDirectory: /home/ebusk +gecos: Ellie Busk +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX15cG43QVJGWm4vSW9Ra1NFaEsvM3hkUXY0eEk9 +loginShell: /bin/bash + +dn: uid=miglesia,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: miglesia +uidNumber: 5880 +gidNumber: 1000 +givenName: Mawar +sn: Iglesia +cn: Mawar Iglesia +homeDirectory: /home/miglesia +gecos: Mawar Iglesia +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXBLbzFwTFYuZkVvYlU= +loginShell: /bin/bash + +dn: uid=hdohring,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hdohring +uidNumber: 5881 +gidNumber: 1000 +givenName: Hilary +sn: Dohring +cn: Hilary Dohring +homeDirectory: /home/hdohring +gecos: Hilary Dohring +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1MSmdhbC9Ga0h6QTByZVFlM3ZOWmN6ZTRYQVE9 +loginShell: /bin/bash + +dn: cn=Max Juris+uid=mjuris,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mjuris +uidNumber: 5882 +gidNumber: 1000 +givenName: Max +sn: Juris +cn: Max Juris +homeDirectory: /home/mjuris +gecos: Max Juris +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWkwLmtzYURmVWFIUEE= +loginShell: /bin/bash + +dn: uid=ckurkjian,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ckurkjian +uidNumber: 5883 +gidNumber: 1000 +givenName: Cosme +sn: Kurkjian +cn: Cosme Kurkjian +homeDirectory: /home/ckurkjian +gecos: Cosme Kurkjian +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX03Sm00RS9vR1QzOTgraDAxdkh6RDEwUEdIOUU9 +loginShell: /bin/bash + +dn: cn=Sheryl Mosses,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: smosses +uidNumber: 5884 +gidNumber: 1000 +givenName: Sheryl +sn: Mosses +cn: Sheryl Mosses +homeDirectory: /home/smosses +gecos: Sheryl Mosses +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: aGFsbHM= +loginShell: /bin/bash + +dn: uid=psantorella,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: psantorella +uidNumber: 5885 +gidNumber: 1000 +givenName: Panda +sn: Santorella +cn: Panda Santorella +homeDirectory: /home/psantorella +gecos: Panda Santorella +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YXJl +loginShell: /bin/bash + +dn: uid=ecann,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ecann +uidNumber: 5886 +gidNumber: 1000 +givenName: Earl +sn: Cann +cn: Earl Cann +homeDirectory: /home/ecann +gecos: Earl Cann +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9WWpublFZKzZNSG9wV0dnM1J3RFA1aXRtaHJRPQ== +loginShell: /bin/bash + +dn: cn=Peter Labrum+uid=plabrum,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: plabrum +uidNumber: 5887 +gidNumber: 1000 +givenName: Peter +sn: Labrum +cn: Peter Labrum +homeDirectory: /home/plabrum +gecos: Peter Labrum +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX10SUpUWUNtbE56VDlGUTNLNUJWaW5RPT0= +loginShell: /bin/bash + +dn: uid=rainsley,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: rainsley +uidNumber: 5888 +gidNumber: 1000 +givenName: Rosie +sn: Ainsley +cn: Rosie Ainsley +homeDirectory: /home/rainsley +gecos: Rosie Ainsley +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1BRS83WlNZZGxkdjBUWlBXblJkNTE4Ums0RU09 +loginShell: /bin/bash + +dn: cn=Merbok Ferrier,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mferrier +uidNumber: 5889 +gidNumber: 1000 +givenName: Merbok +sn: Ferrier +cn: Merbok Ferrier +homeDirectory: /home/mferrier +gecos: Merbok Ferrier +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1yMU9Wc3pqYnZMcmNhaXhzRVZXcG8rd2NOZ2M9 +loginShell: /bin/bash + +dn: uid=gdrilling,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gdrilling +uidNumber: 5890 +gidNumber: 1000 +givenName: Georges +sn: Drilling +cn: Georges Drilling +homeDirectory: /home/gdrilling +gecos: Georges Drilling +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: eGVub3Bob2JpYQ== +loginShell: /bin/bash + +dn: cn=Bud Marszalek,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bmarszalek +uidNumber: 5891 +gidNumber: 1000 +givenName: Bud +sn: Marszalek +cn: Bud Marszalek +homeDirectory: /home/bmarszalek +gecos: Bud Marszalek +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWJJZW5xUmtsMHRqaEk= +loginShell: /bin/bash + +dn: cn=Vuyane Gaseoma,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vgaseoma +uidNumber: 5892 +gidNumber: 1000 +givenName: Vuyane +sn: Gaseoma +cn: Vuyane Gaseoma +homeDirectory: /home/vgaseoma +gecos: Vuyane Gaseoma +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1zaXVXTzNRVDJsemNvNU8rTFJYeEFnPT0= +loginShell: /bin/bash + +dn: uid=ztukuafa,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ztukuafa +uidNumber: 5893 +gidNumber: 1000 +givenName: Zuman +sn: Tukuafa +cn: Zuman Tukuafa +homeDirectory: /home/ztukuafa +gecos: Zuman Tukuafa +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9OUVoL1NXcXF6K1dPbnE4NjAvVDR4NlgzUllSbzBPUzQ= +loginShell: /bin/bash + +dn: cn=Boloetse Aigner,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: baigner +uidNumber: 5894 +gidNumber: 1000 +givenName: Boloetse +sn: Aigner +cn: Boloetse Aigner +homeDirectory: /home/baigner +gecos: Boloetse Aigner +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1keGxFZWJLbndtbUtWS0VLdis3YWhRPT0= +loginShell: /bin/bash + +dn: uid=lcocherell,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lcocherell +uidNumber: 5895 +gidNumber: 1000 +givenName: Leslie +sn: Cocherell +cn: Leslie Cocherell +homeDirectory: /home/lcocherell +gecos: Leslie Cocherell +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1ZQlZaVFFDejl3ZjJMR0JObXNxZ1pRZTZLZE09 +loginShell: /bin/bash + +dn: uid=lcanestrini,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lcanestrini +uidNumber: 5896 +gidNumber: 1000 +givenName: Leo +sn: Canestrini +cn: Leo Canestrini +homeDirectory: /home/lcanestrini +gecos: Leo Canestrini +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1SYldlQWlsbERrMVc1UllENXBtNi9BPT0= +loginShell: /bin/bash + +dn: uid=mquigg,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mquigg +uidNumber: 5897 +gidNumber: 1000 +givenName: Marcia +sn: Quigg +cn: Marcia Quigg +homeDirectory: /home/mquigg +gecos: Marcia Quigg +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUh1dHU4UTRhQTJ1ckU= +loginShell: /bin/bash + +dn: cn=Ana Kravetz+uid=akravetz,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: akravetz +uidNumber: 5898 +gidNumber: 1000 +givenName: Ana +sn: Kravetz +cn: Ana Kravetz +homeDirectory: /home/akravetz +gecos: Ana Kravetz +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9N2RNSWVBS2FadFFUVngxUFozVkRST1grL0w4PQ== +loginShell: /bin/bash + +dn: cn=Marian Goldhahn+uid=mgoldhahn,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mgoldhahn +uidNumber: 5899 +gidNumber: 1000 +givenName: Marian +sn: Goldhahn +cn: Marian Goldhahn +homeDirectory: /home/mgoldhahn +gecos: Marian Goldhahn +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUYuN1htVjRnZHUwdTI= +loginShell: /bin/bash + +dn: uid=thaycraft,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: thaycraft +uidNumber: 5900 +gidNumber: 1000 +givenName: Tim +sn: Haycraft +cn: Tim Haycraft +homeDirectory: /home/thaycraft +gecos: Tim Haycraft +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YWJkb21lbnM= +loginShell: /bin/bash + +dn: cn=Osea Bihl,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: obihl +uidNumber: 5901 +gidNumber: 1000 +givenName: Osea +sn: Bihl +cn: Osea Bihl +homeDirectory: /home/obihl +gecos: Osea Bihl +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1pUTJCT0tMblZtZTBQRUZzcmdoeHN3PT0= +loginShell: /bin/bash + +dn: uid=ihimmelwright,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ihimmelwright +uidNumber: 5902 +gidNumber: 1000 +givenName: Ivan +sn: Himmelwright +cn: Ivan Himmelwright +homeDirectory: /home/ihimmelwright +gecos: Ivan Himmelwright +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cGlsZQ== +loginShell: /bin/bash + +dn: cn=Darby Auer+uid=dauer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dauer +uidNumber: 5903 +gidNumber: 1000 +givenName: Darby +sn: Auer +cn: Darby Auer +homeDirectory: /home/dauer +gecos: Darby Auer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ZmovSEVGUkRUM2JtRDc3dHdSMzNkVXd5akhnPQ== +loginShell: /bin/bash + +dn: uid=jenfort,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jenfort +uidNumber: 5904 +gidNumber: 1000 +givenName: Jim +sn: Enfort +cn: Jim Enfort +homeDirectory: /home/jenfort +gecos: Jim Enfort +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX00dFJlb1p3dS9UR0JRbmN6RGMyMVZnPT0= +loginShell: /bin/bash + +dn: uid=gpelyo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gpelyo +uidNumber: 5905 +gidNumber: 1000 +givenName: Gil +sn: Pelyo +cn: Gil Pelyo +homeDirectory: /home/gpelyo +gecos: Gil Pelyo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9YmVpc3ZHaWNXRFRpKzVLN1A1aGU2TTFDZEU4PQ== +loginShell: /bin/bash + +dn: uid=eleyton,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eleyton +uidNumber: 5906 +gidNumber: 1000 +givenName: Erika +sn: Leyton +cn: Erika Leyton +homeDirectory: /home/eleyton +gecos: Erika Leyton +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9NGF3UG5ES2pDOGcwOGJoc0hpMStQMldXZ1lrPQ== +loginShell: /bin/bash + +dn: uid=deshmon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: deshmon +uidNumber: 5907 +gidNumber: 1000 +givenName: Dovi +sn: Eshmon +cn: Dovi Eshmon +homeDirectory: /home/deshmon +gecos: Dovi Eshmon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1uMm9XMEhIbWZFUFY0L2FRMDd2T3J3PT0= +loginShell: /bin/bash + +dn: uid=eathey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: eathey +uidNumber: 5908 +gidNumber: 1000 +givenName: Eugene +sn: Athey +cn: Eugene Athey +homeDirectory: /home/eathey +gecos: Eugene Athey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTRYVFd6Q3FTQTQ4c00= +loginShell: /bin/bash + +dn: cn=Evan Miss+uid=emiss,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: emiss +uidNumber: 5909 +gidNumber: 1000 +givenName: Evan +sn: Miss +cn: Evan Miss +homeDirectory: /home/emiss +gecos: Evan Miss +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9TjAxR2RmZktpYnpjNHVwQ1RtT0V0eGc5ZGhnPQ== +loginShell: /bin/bash + +dn: uid=bphou,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bphou +uidNumber: 5910 +gidNumber: 1000 +givenName: Beatriz +sn: Phou +cn: Beatriz Phou +homeDirectory: /home/bphou +gecos: Beatriz Phou +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1vUURWTnZZMDJSaFhiWDZMRGlNRmN5a213Qzg9 +loginShell: /bin/bash + +dn: cn=Trami Fetherston,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tfetherston +uidNumber: 5911 +gidNumber: 1000 +givenName: Trami +sn: Fetherston +cn: Trami Fetherston +homeDirectory: /home/tfetherston +gecos: Trami Fetherston +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1yQUNwMy9wclVERWJBeStPZW4yM1ZZdU1mS1E9 +loginShell: /bin/bash + +dn: cn=Iune Calamari,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: icalamari +uidNumber: 5912 +gidNumber: 1000 +givenName: Iune +sn: Calamari +cn: Iune Calamari +homeDirectory: /home/icalamari +gecos: Iune Calamari +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9NmNzeklXdlZhb3h4RWZzTFNYRmhJbjlsbWVYak00bVE= +loginShell: /bin/bash + +dn: uid=ileaman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ileaman +uidNumber: 5913 +gidNumber: 1000 +givenName: Ioke +sn: Leaman +cn: Ioke Leaman +homeDirectory: /home/ileaman +gecos: Ioke Leaman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVN5bkUuYnRjQzEyTjI= +loginShell: /bin/bash + +dn: uid=lcaudell,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lcaudell +uidNumber: 5914 +gidNumber: 1000 +givenName: Lorena +sn: Caudell +cn: Lorena Caudell +homeDirectory: /home/lcaudell +gecos: Lorena Caudell +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9M3FjVUpqT2Z0Q21ZamtZVmtXNzlWdXhlbkh1dmFSS1M= +loginShell: /bin/bash + +dn: cn=Bavi Daughenbaugh,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bdaughenbaugh +uidNumber: 5915 +gidNumber: 1000 +givenName: Bavi +sn: Daughenbaugh +cn: Bavi Daughenbaugh +homeDirectory: /home/bdaughenbaugh +gecos: Bavi Daughenbaugh +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1VSUlQd3Rxelk2WjEwU1Z6QzhXQ1lBPT0= +loginShell: /bin/bash + +dn: uid=ovibbert,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ovibbert +uidNumber: 5916 +gidNumber: 1000 +givenName: Oswald +sn: Vibbert +cn: Oswald Vibbert +homeDirectory: /home/ovibbert +gecos: Oswald Vibbert +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9SXZISnFJQXJndTlQVllQcWh1V0o0cnovVlF3PQ== +loginShell: /bin/bash + +dn: uid=behrke,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: behrke +uidNumber: 5917 +gidNumber: 1000 +givenName: Beatriz +sn: Ehrke +cn: Beatriz Ehrke +homeDirectory: /home/behrke +gecos: Beatriz Ehrke +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXVuUlVkU1pQUldHenc= +loginShell: /bin/bash + +dn: uid=lemling,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lemling +uidNumber: 5918 +gidNumber: 1000 +givenName: Lisa +sn: Emling +cn: Lisa Emling +homeDirectory: /home/lemling +gecos: Lisa Emling +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9MGVJbjNIOU1LSkdnblIyeXlQQkdhSnlib3hNPQ== +loginShell: /bin/bash + +dn: uid=fcha,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fcha +uidNumber: 5919 +gidNumber: 1000 +givenName: Fifi +sn: Cha +cn: Fifi Cha +homeDirectory: /home/fcha +gecos: Fifi Cha +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1GbUZMWGZqYlR0TnlhRGZYR0VvVUNKYTZZczQ9 +loginShell: /bin/bash + +dn: uid=espangenberg,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: espangenberg +uidNumber: 5920 +gidNumber: 1000 +givenName: Enok +sn: Spangenberg +cn: Enok Spangenberg +homeDirectory: /home/espangenberg +gecos: Enok Spangenberg +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y2hhZmZz +loginShell: /bin/bash + +dn: uid=fvascones,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fvascones +uidNumber: 5921 +gidNumber: 1000 +givenName: Flossie +sn: Vascones +cn: Flossie Vascones +homeDirectory: /home/fvascones +gecos: Flossie Vascones +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1YWFZ1cGlOaGtmb2t6VTVZL05wa2VQSFdhVlE9 +loginShell: /bin/bash + +dn: uid=elozier,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: elozier +uidNumber: 5922 +gidNumber: 1000 +givenName: Elnus +sn: Lozier +cn: Elnus Lozier +homeDirectory: /home/elozier +gecos: Elnus Lozier +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX0waVk4K0hmeU1raWRZY1Q2bmZxNStwblMwcVk9 +loginShell: /bin/bash + +dn: cn=Tanya Airth,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tairth +uidNumber: 5923 +gidNumber: 1000 +givenName: Tanya +sn: Airth +cn: Tanya Airth +homeDirectory: /home/tairth +gecos: Tanya Airth +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUdKTFZ0blBSV1dMQWc= +loginShell: /bin/bash + +dn: cn=Moke Laverde+uid=mlaverde,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mlaverde +uidNumber: 5924 +gidNumber: 1000 +givenName: Moke +sn: Laverde +cn: Moke Laverde +homeDirectory: /home/mlaverde +gecos: Moke Laverde +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9TU5rdHpPWWMrbkkxejcwbnl1cHp5cUFSeGwwPQ== +loginShell: /bin/bash + +dn: uid=apastor,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: apastor +uidNumber: 5925 +gidNumber: 1000 +givenName: Ann +sn: Pastor +cn: Ann Pastor +homeDirectory: /home/apastor +gecos: Ann Pastor +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c2VuaW9yaXR5 +loginShell: /bin/bash + +dn: uid=khathway,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: khathway +uidNumber: 5926 +gidNumber: 1000 +givenName: Kamit +sn: Hathway +cn: Kamit Hathway +homeDirectory: /home/khathway +gecos: Kamit Hathway +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfS5JaWdmaGYzdTJuNU0= +loginShell: /bin/bash + +dn: uid=hriech,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hriech +uidNumber: 5927 +gidNumber: 1000 +givenName: Hagupit +sn: Riech +cn: Hagupit Riech +homeDirectory: /home/hriech +gecos: Hagupit Riech +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTh1ZHMvLkl1TGk0OWM= +loginShell: /bin/bash + +dn: cn=Leslie Seabold,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lseabold +uidNumber: 5928 +gidNumber: 1000 +givenName: Leslie +sn: Seabold +cn: Leslie Seabold +homeDirectory: /home/lseabold +gecos: Leslie Seabold +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1EdG5BbWdFd0oyOWVDUHdrNEpIeXFOVlZBS0k9 +loginShell: /bin/bash + +dn: uid=meconomides,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: meconomides +uidNumber: 5929 +gidNumber: 1000 +givenName: Mitag +sn: Economides +cn: Mitag Economides +homeDirectory: /home/meconomides +gecos: Mitag Economides +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1jeEhNeVNQS2Nka3dhQTdLQUdmK3lBPT0= +loginShell: /bin/bash + +dn: uid=zpero,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zpero +uidNumber: 5930 +gidNumber: 1000 +givenName: Zoelle +sn: Pero +cn: Zoelle Pero +homeDirectory: /home/zpero +gecos: Zoelle Pero +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: ZGlzdHJpYnV0aW9uJ3M= +loginShell: /bin/bash + +dn: cn=Zefa Woolfrey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: zwoolfrey +uidNumber: 5931 +gidNumber: 1000 +givenName: Zefa +sn: Woolfrey +cn: Zefa Woolfrey +homeDirectory: /home/zwoolfrey +gecos: Zefa Woolfrey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfUVncHBzeWguM1hLTWs= +loginShell: /bin/bash + +dn: uid=mwalkington,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mwalkington +uidNumber: 5932 +gidNumber: 1000 +givenName: Marty +sn: Walkington +cn: Marty Walkington +homeDirectory: /home/mwalkington +gecos: Marty Walkington +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfURQR3dNbXlVRkc4MW8= +loginShell: /bin/bash + +dn: uid=nwescott,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nwescott +uidNumber: 5933 +gidNumber: 1000 +givenName: Nathan +sn: Wescott +cn: Nathan Wescott +homeDirectory: /home/nwescott +gecos: Nathan Wescott +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVgxTDRsZ0JjSWFCMGM= +loginShell: /bin/bash + +dn: uid=jholzmiller,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jholzmiller +uidNumber: 5934 +gidNumber: 1000 +givenName: John +sn: Holzmiller +cn: John Holzmiller +homeDirectory: /home/jholzmiller +gecos: John Holzmiller +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9QUlTMWRGelp6VW1WY3VjOXkzRmVJR3pnTzlJPQ== +loginShell: /bin/bash + +dn: uid=oreiss,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: oreiss +uidNumber: 5935 +gidNumber: 1000 +givenName: Olinda +sn: Reiss +cn: Olinda Reiss +homeDirectory: /home/oreiss +gecos: Olinda Reiss +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1vcWJVV01Yc1BmVW9OREY0b3p3VWYwZ1d0Q3c9 +loginShell: /bin/bash + +dn: uid=cbotdorf,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cbotdorf +uidNumber: 5936 +gidNumber: 1000 +givenName: Claudette +sn: Botdorf +cn: Claudette Botdorf +homeDirectory: /home/cbotdorf +gecos: Claudette Botdorf +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfW0xUUxGeXBZYmc1cC4= +loginShell: /bin/bash + +dn: cn=Unokubi Schweyen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: uschweyen +uidNumber: 5937 +gidNumber: 1000 +givenName: Unokubi +sn: Schweyen +cn: Unokubi Schweyen +homeDirectory: /home/uschweyen +gecos: Unokubi Schweyen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfXY3LjBNaXJoN280V0E= +loginShell: /bin/bash + +dn: cn=Chan-hom Kleis+uid=ckleis,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ckleis +uidNumber: 5938 +gidNumber: 1000 +givenName: Chan-hom +sn: Kleis +cn: Chan-hom Kleis +homeDirectory: /home/ckleis +gecos: Chan-hom Kleis +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1odjc0NlIxdHpLcndFdElmRTBnc2lRPT0= +loginShell: /bin/bash + +dn: cn=Kularb Vanderbie+uid=kvanderbie,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kvanderbie +uidNumber: 5939 +gidNumber: 1000 +givenName: Kularb +sn: Vanderbie +cn: Kularb Vanderbie +homeDirectory: /home/kvanderbie +gecos: Kularb Vanderbie +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y29tcGx5aW5n +loginShell: /bin/bash + +dn: uid=pmailhiot,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pmailhiot +uidNumber: 5940 +gidNumber: 1000 +givenName: Polly +sn: Mailhiot +cn: Polly Mailhiot +homeDirectory: /home/pmailhiot +gecos: Polly Mailhiot +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9eEVUbjR4b3pJQU04dmN1M2k5M2ZobWZKSjQ4PQ== +loginShell: /bin/bash + +dn: cn=Bopha Marlin+uid=bmarlin,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bmarlin +uidNumber: 5941 +gidNumber: 1000 +givenName: Bopha +sn: Marlin +cn: Bopha Marlin +homeDirectory: /home/bmarlin +gecos: Bopha Marlin +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bGluZ2VyaWUncw== +loginShell: /bin/bash + +dn: uid=mtanzi,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mtanzi +uidNumber: 5942 +gidNumber: 1000 +givenName: Maka +sn: Tanzi +cn: Maka Tanzi +homeDirectory: /home/mtanzi +gecos: Maka Tanzi +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfW0xTjBUVWEyZUpLaFk= +loginShell: /bin/bash + +dn: uid=yureta,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: yureta +uidNumber: 5943 +gidNumber: 1000 +givenName: Yolanda +sn: Ureta +cn: Yolanda Ureta +homeDirectory: /home/yureta +gecos: Yolanda Ureta +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9MzNPZmd2ZXpoNy9nQXhra1U4ZjZLcDNiWmdRPQ== +loginShell: /bin/bash + +dn: uid=lspielvogel,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lspielvogel +uidNumber: 5944 +gidNumber: 1000 +givenName: Louise +sn: Spielvogel +cn: Louise Spielvogel +homeDirectory: /home/lspielvogel +gecos: Louise Spielvogel +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX02K1oxN1VoRCs5SXM0SlFJY0J6NFpnPT0= +loginShell: /bin/bash + +dn: uid=bcoletta,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bcoletta +uidNumber: 5945 +gidNumber: 1000 +givenName: Bopha +sn: Coletta +cn: Bopha Coletta +homeDirectory: /home/bcoletta +gecos: Bopha Coletta +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YXNwaGFsdGVk +loginShell: /bin/bash + +dn: cn=Simon Brabyn+uid=sbrabyn,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sbrabyn +uidNumber: 5946 +gidNumber: 1000 +givenName: Simon +sn: Brabyn +cn: Simon Brabyn +homeDirectory: /home/sbrabyn +gecos: Simon Brabyn +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ZDREQndDSE5lY25LbGN2d0V1ZUNQQmEwL0s4ZitEVFc= +loginShell: /bin/bash + +dn: uid=hschelb,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hschelb +uidNumber: 5947 +gidNumber: 1000 +givenName: Hagibis +sn: Schelb +cn: Hagibis Schelb +homeDirectory: /home/hschelb +gecos: Hagibis Schelb +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1KZmJ3VXlIS3JRS2sveXlwc2tOelZPY2VHVG89 +loginShell: /bin/bash + +dn: uid=jbjorkman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jbjorkman +uidNumber: 5948 +gidNumber: 1000 +givenName: Javier +sn: Bjorkman +cn: Javier Bjorkman +homeDirectory: /home/jbjorkman +gecos: Javier Bjorkman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1UZ2RDTXBQU0Y1djhJK29sSWNEVXJnPT0= +loginShell: /bin/bash + +dn: uid=imatherly,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: imatherly +uidNumber: 5949 +gidNumber: 1000 +givenName: Inez +sn: Matherly +cn: Inez Matherly +homeDirectory: /home/imatherly +gecos: Inez Matherly +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c3R1bnQ= +loginShell: /bin/bash + +dn: uid=nroepke,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nroepke +uidNumber: 5950 +gidNumber: 1000 +givenName: Norbert +sn: Roepke +cn: Norbert Roepke +homeDirectory: /home/nroepke +gecos: Norbert Roepke +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9OGxlWmMzeEs0d0R4a1crUjE2bUhNMmlJc1U0PQ== +loginShell: /bin/bash + +dn: cn=Ella Bumbrey,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ebumbrey +uidNumber: 5951 +gidNumber: 1000 +givenName: Ella +sn: Bumbrey +cn: Ella Bumbrey +homeDirectory: /home/ebumbrey +gecos: Ella Bumbrey +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cGFk +loginShell: /bin/bash + +dn: uid=istallcup,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: istallcup +uidNumber: 5952 +gidNumber: 1000 +givenName: Isis +sn: Stallcup +cn: Isis Stallcup +homeDirectory: /home/istallcup +gecos: Isis Stallcup +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9SHF6VXpvUWtQOElPbHR3WDVQWnhwcFlkRGJrPQ== +loginShell: /bin/bash + +dn: uid=sbloise,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: sbloise +uidNumber: 5953 +gidNumber: 1000 +givenName: Sepat +sn: Bloise +cn: Sepat Bloise +homeDirectory: /home/sbloise +gecos: Sepat Bloise +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1Ub25MRVBlOUlSSjc5akpDTlZ0cThDVXVaVTg9 +loginShell: /bin/bash + +dn: uid=tgraen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tgraen +uidNumber: 5954 +gidNumber: 1000 +givenName: Talas +sn: Graen +cn: Talas Graen +homeDirectory: /home/tgraen +gecos: Talas Graen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ajR4YzQ4NW1XWkdCZlBSSGZMTWF6TC9neUNmODlnT3g= +loginShell: /bin/bash + +dn: uid=bmoldan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bmoldan +uidNumber: 5955 +gidNumber: 1000 +givenName: Bob +sn: Moldan +cn: Bob Moldan +homeDirectory: /home/bmoldan +gecos: Bob Moldan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1WanlEVU1Scy9LeVY0a2huLzZMd1EwK2RsWlU9 +loginShell: /bin/bash + +dn: uid=ogoldthwaite,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ogoldthwaite +uidNumber: 5956 +gidNumber: 1000 +givenName: Olaf +sn: Goldthwaite +cn: Olaf Goldthwaite +homeDirectory: /home/ogoldthwaite +gecos: Olaf Goldthwaite +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTV6NlhjTXZjQWtNRS4= +loginShell: /bin/bash + +dn: uid=mvanbergen,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mvanbergen +uidNumber: 5957 +gidNumber: 1000 +givenName: Marinda +sn: Vanbergen +cn: Marinda Vanbergen +homeDirectory: /home/mvanbergen +gecos: Marinda Vanbergen +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YWRoZXJlbnRz +loginShell: /bin/bash + +dn: uid=wcarthon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: wcarthon +uidNumber: 5958 +gidNumber: 1000 +givenName: Wendy +sn: Carthon +cn: Wendy Carthon +homeDirectory: /home/wcarthon +gecos: Wendy Carthon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfTdWdTl2N1h1T3gzY28= +loginShell: /bin/bash + +dn: cn=Hanna Miazga+uid=hmiazga,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hmiazga +uidNumber: 5959 +gidNumber: 1000 +givenName: Hanna +sn: Miazga +cn: Hanna Miazga +homeDirectory: /home/hmiazga +gecos: Hanna Miazga +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfU1JTVJIYlY5U2RlRC4= +loginShell: /bin/bash + +dn: cn=Percy Vierthaler+uid=pvierthaler,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pvierthaler +uidNumber: 5960 +gidNumber: 1000 +givenName: Percy +sn: Vierthaler +cn: Percy Vierthaler +homeDirectory: /home/pvierthaler +gecos: Percy Vierthaler +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX13TnBZYkgvNkloVVZtRkgyODhGNGFnPT0= +loginShell: /bin/bash + +dn: uid=lcoulon,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lcoulon +uidNumber: 5961 +gidNumber: 1000 +givenName: Lenny +sn: Coulon +cn: Lenny Coulon +homeDirectory: /home/lcoulon +gecos: Lenny Coulon +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1lRkpRamV0QjdvWVFZU3lJaXVvdkVnPT0= +loginShell: /bin/bash + +dn: cn=Melor Stirn,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mstirn +uidNumber: 5962 +gidNumber: 1000 +givenName: Melor +sn: Stirn +cn: Melor Stirn +homeDirectory: /home/mstirn +gecos: Melor Stirn +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1XdDkwR2l3eDZwUzRWVnhkTkRhRE9XZ1Jib0U9 +loginShell: /bin/bash + +dn: uid=kdecock,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kdecock +uidNumber: 5963 +gidNumber: 1000 +givenName: Krovanh +sn: Decock +cn: Krovanh Decock +homeDirectory: /home/kdecock +gecos: Krovanh Decock +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9SFNyd0s1ZStPejhZRVFaMWFzUzBTZVNjMWU5ZFY4TGU= +loginShell: /bin/bash + +dn: uid=tmusemeche,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tmusemeche +uidNumber: 5964 +gidNumber: 1000 +givenName: Toraji +sn: Musemeche +cn: Toraji Musemeche +homeDirectory: /home/tmusemeche +gecos: Toraji Musemeche +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9ZWFoaEI5U3FNQjVUWmZDWTVhSjUxLzN3WVFnPQ== +loginShell: /bin/bash + +dn: uid=vgieringer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vgieringer +uidNumber: 5965 +gidNumber: 1000 +givenName: Vince +sn: Gieringer +cn: Vince Gieringer +homeDirectory: /home/vgieringer +gecos: Vince Gieringer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1MVFNxUkttRVpUTUc2aFowem90M2tnPT0= +loginShell: /bin/bash + +dn: cn=Hubert Noblitt,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hnoblitt +uidNumber: 5966 +gidNumber: 1000 +givenName: Hubert +sn: Noblitt +cn: Hubert Noblitt +homeDirectory: /home/hnoblitt +gecos: Hubert Noblitt +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YW1lbGlvcmF0aW5n +loginShell: /bin/bash + +dn: uid=lpondexter,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: lpondexter +uidNumber: 5967 +gidNumber: 1000 +givenName: Lisebo +sn: Pondexter +cn: Lisebo Pondexter +homeDirectory: /home/lpondexter +gecos: Lisebo Pondexter +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVBoY1pELzJrczNuYnM= +loginShell: /bin/bash + +dn: uid=nchafins,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nchafins +uidNumber: 5968 +gidNumber: 1000 +givenName: Norma +sn: Chafins +cn: Norma Chafins +homeDirectory: /home/nchafins +gecos: Norma Chafins +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1naHhBN2lLQlNLdXltbTNaRjVJUXpkbW1IcDg9 +loginShell: /bin/bash + +dn: uid=jcaroll,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: jcaroll +uidNumber: 5969 +gidNumber: 1000 +givenName: Jack +sn: Caroll +cn: Jack Caroll +homeDirectory: /home/jcaroll +gecos: Jack Caroll +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bGl2ZXI= +loginShell: /bin/bash + +dn: uid=nmajette,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nmajette +uidNumber: 5970 +gidNumber: 1000 +givenName: Niala +sn: Majette +cn: Niala Majette +homeDirectory: /home/nmajette +gecos: Niala Majette +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: bWFzdHVyYmF0ZQ== +loginShell: /bin/bash + +dn: uid=amaslyn,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: amaslyn +uidNumber: 5971 +gidNumber: 1000 +givenName: Alistair +sn: Maslyn +cn: Alistair Maslyn +homeDirectory: /home/amaslyn +gecos: Alistair Maslyn +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9Zy9Vb1lFL3FBeW04QjVkZVRrSmhPQlZNY05VPQ== +loginShell: /bin/bash + +dn: uid=ecolden,ou=lotsofpeople,dc=test,dc=tld +uid: ecolden +uidNumber: 5972 +gidNumber: 1000 +givenName: Estelle +sn: Colden +cn: Estelle Colden +homeDirectory: /home/ecolden +gecos: Estelle Colden +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +loginShell: /bin/bash +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +userPassword:: e0NSWVBUfWt2aG8xRXlxR25CZEU= + +dn: cn=Veronica Sefcovic+uid=vsefcovic,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: vsefcovic +uidNumber: 5973 +gidNumber: 1000 +givenName: Veronica +sn: Sefcovic +cn: Veronica Sefcovic +homeDirectory: /home/vsefcovic +gecos: Veronica Sefcovic +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX0yb3FadTdOQ3ZGRkNlV1ViMitjeHpBPT0= +loginShell: /bin/bash + +dn: uid=hgalavis,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hgalavis +uidNumber: 5974 +gidNumber: 1000 +givenName: Haitang +sn: Galavis +cn: Haitang Galavis +homeDirectory: /home/hgalavis +gecos: Haitang Galavis +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9U2gzY3VwSXlJRDRsMmEyMU9nOVJzSEdZdDc4OWdPV1Y= +loginShell: /bin/bash + +dn: cn=Carmen Kistenmacher,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ckistenmacher +uidNumber: 5975 +gidNumber: 1000 +givenName: Carmen +sn: Kistenmacher +cn: Carmen Kistenmacher +homeDirectory: /home/ckistenmacher +gecos: Carmen Kistenmacher +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9VllFR3RCSUh4T1hIK2JtNGZUMlUrZ3QzNG9zRER6cWk= +loginShell: /bin/bash + +dn: uid=hsweezer,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: hsweezer +uidNumber: 5976 +gidNumber: 1000 +givenName: Howard +sn: Sweezer +cn: Howard Sweezer +homeDirectory: /home/hsweezer +gecos: Howard Sweezer +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9T09uR1plbmJycGRwendieDBnSjNnUzlGVkt5Y2xYM1E= +loginShell: /bin/bash + +dn: cn=Tony Gindhart,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: tgindhart +uidNumber: 5977 +gidNumber: 1000 +givenName: Tony +sn: Gindhart +cn: Tony Gindhart +homeDirectory: /home/tgindhart +gecos: Tony Gindhart +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9VlRWYUxUcGNSWTNBdVhsTW84QWVsV3RjQkRVPQ== +loginShell: /bin/bash + +dn: uid=bgjelaj,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: bgjelaj +uidNumber: 5978 +gidNumber: 1000 +givenName: Bessi +sn: Gjelaj +cn: Bessi Gjelaj +homeDirectory: /home/bgjelaj +gecos: Bessi Gjelaj +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Z2FnZ2Vk +loginShell: /bin/bash + +dn: cn=Nanmadol Gullett+uid=ngullett,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ngullett +uidNumber: 5979 +gidNumber: 1000 +givenName: Nanmadol +sn: Gullett +cn: Nanmadol Gullett +homeDirectory: /home/ngullett +gecos: Nanmadol Gullett +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Y2F3cw== +loginShell: /bin/bash + +dn: cn=Tim Elman+uid=telman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: telman +uidNumber: 5980 +gidNumber: 1000 +givenName: Tim +sn: Elman +cn: Tim Elman +homeDirectory: /home/telman +gecos: Tim Elman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfWM3S3IvZ01VWGxCOU0= +loginShell: /bin/bash + +dn: uid=dborneman,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dborneman +uidNumber: 5981 +gidNumber: 1000 +givenName: Dovi +sn: Borneman +cn: Dovi Borneman +homeDirectory: /home/dborneman +gecos: Dovi Borneman +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9REQxRFpsYmJaK0lYam1hTXBJMis3ZDBCYkN5YmQ2YTk= +loginShell: /bin/bash + +dn: uid=psalesky,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: psalesky +uidNumber: 5982 +gidNumber: 1000 +givenName: Phanfone +sn: Salesky +cn: Phanfone Salesky +homeDirectory: /home/psalesky +gecos: Phanfone Salesky +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cG90dGllcw== +loginShell: /bin/bash + +dn: cn=Alan Schmider+uid=aschmider,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: aschmider +uidNumber: 5983 +gidNumber: 1000 +givenName: Alan +sn: Schmider +cn: Alan Schmider +homeDirectory: /home/aschmider +gecos: Alan Schmider +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1sUU9QaTBQbWc0YWpHYm9ONC9IdGRHV3IzV0E9 +loginShell: /bin/bash + +dn: uid=fkosiba,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fkosiba +uidNumber: 5984 +gidNumber: 1000 +givenName: Fritz +sn: Kosiba +cn: Fritz Kosiba +homeDirectory: /home/fkosiba +gecos: Fritz Kosiba +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: c2Nob2xhcnNoaXAncw== +loginShell: /bin/bash + +dn: uid=kmarzili,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: kmarzili +uidNumber: 5985 +gidNumber: 1000 +givenName: Klaus +sn: Marzili +cn: Klaus Marzili +homeDirectory: /home/kmarzili +gecos: Klaus Marzili +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e01ENX1UVUUrQWUrOEtLc0RFdlFBclZ6aGlnPT0= +loginShell: /bin/bash + +dn: uid=gbrihm,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: gbrihm +uidNumber: 5986 +gidNumber: 1000 +givenName: Gaemi +sn: Brihm +cn: Gaemi Brihm +homeDirectory: /home/gbrihm +gecos: Gaemi Brihm +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1UQWdsSG16MFVYcEFxdjRlWk95eDllWnB3K3c9 +loginShell: /bin/bash + +dn: uid=dbye,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: dbye +uidNumber: 5987 +gidNumber: 1000 +givenName: Debby +sn: Bye +cn: Debby Bye +homeDirectory: /home/dbye +gecos: Debby Bye +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: YWRtaXJlcidz +loginShell: /bin/bash + +dn: uid=cpalmios,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: cpalmios +uidNumber: 5988 +gidNumber: 1000 +givenName: Choi-wan +sn: Palmios +cn: Choi-wan Palmios +homeDirectory: /home/cpalmios +gecos: Choi-wan Palmios +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1yQTJ1YnJwVUlvdGpOM20waWROaTIxRXF2aGs9 +loginShell: /bin/bash + +dn: uid=uchalender,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: uchalender +uidNumber: 5989 +gidNumber: 1000 +givenName: Urmil +sn: Chalender +cn: Urmil Chalender +homeDirectory: /home/uchalender +gecos: Urmil Chalender +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: Zm91bmRhdGlvbidz +loginShell: /bin/bash + +dn: uid=mciaccia,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: mciaccia +uidNumber: 5990 +gidNumber: 1000 +givenName: Michael +sn: Ciaccia +cn: Michael Ciaccia +homeDirectory: /home/mciaccia +gecos: Michael Ciaccia +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9OVpSMzIyVlZSNGEyNmVvZEMvVUhBSGo0VHM0L1gyWk8= +loginShell: /bin/bash + +dn: cn=Donna Raymundo,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: draymundo +uidNumber: 5991 +gidNumber: 1000 +givenName: Donna +sn: Raymundo +cn: Donna Raymundo +homeDirectory: /home/draymundo +gecos: Donna Raymundo +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX1jRmZsQ2pkcytkSGMrMi91R2UwYUczRG1qdzQ9 +loginShell: /bin/bash + +dn: cn=Paine Beckerdite,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pbeckerdite +uidNumber: 5992 +gidNumber: 1000 +givenName: Paine +sn: Beckerdite +cn: Paine Beckerdite +homeDirectory: /home/pbeckerdite +gecos: Paine Beckerdite +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9ait1bEx3S0hQNDBkSDBrbEM1QlhOMDhxdlNEVlppWDk= +loginShell: /bin/bash + +dn: uid=lgutenberg,ou=lotsofpeople,dc=test,dc=tld +uid: lgutenberg +uidNumber: 5993 +gidNumber: 1000 +givenName: Loke +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9MWdISTJBNVdCSmIwZ0xMV1dSbVh3Uy84V0V3PQ== +loginShell: /bin/bash +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +cn: Loke GutenberC +homeDirectory: /home/lgutenberH +gecos: Loke GutenberG +sn: GutenberG + +dn: uid=fsumrall,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: fsumrall +uidNumber: 5994 +gidNumber: 1000 +givenName: Fran +sn: Sumrall +cn: Fran Sumrall +homeDirectory: /home/fsumrall +gecos: Fran Sumrall +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9cnd3TXo2Um1UY0RYMitTRHgzbVlvWEtaczJBPQ== +loginShell: /bin/bash + +dn: uid=ggaytan,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: ggaytan +uidNumber: 5995 +gidNumber: 1000 +givenName: Gule +sn: Gaytan +cn: Gule Gaytan +homeDirectory: /home/ggaytan +gecos: Gule Gaytan +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: cGFydGFrZQ== +loginShell: /bin/bash + +dn: uid=pshina,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: pshina +uidNumber: 5996 +gidNumber: 1000 +givenName: Pierre +sn: Shina +cn: Pierre Shina +homeDirectory: /home/pshina +gecos: Pierre Shina +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NTSEF9SmFzQWtscnphOTdXWi9yVjdGUUUzOVhkV3V6QUdqbkw= +loginShell: /bin/bash + +dn: uid=okveton,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: okveton +uidNumber: 5997 +gidNumber: 1000 +givenName: Odile +sn: Kveton +cn: Odile Kveton +homeDirectory: /home/okveton +gecos: Odile Kveton +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NNRDV9NmRKdC84d25OSGdrZForVUFUcnJwWkc5NFZVPQ== +loginShell: /bin/bash + +dn: uid=klape,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: klape +uidNumber: 5998 +gidNumber: 1000 +givenName: Kong-rey +sn: Lape +cn: Kong-rey Lape +homeDirectory: /home/klape +gecos: Kong-rey Lape +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e0NSWVBUfVFtQ1l3bTMyODZGcG8= +loginShell: /bin/bash + +dn: uid=nriofrio,ou=lotsofpeople,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: inetOrgPerson +uid: nriofrio +uidNumber: 5999 +gidNumber: 1000 +givenName: Nora +sn: Riofrio +cn: Nora Riofrio +homeDirectory: /home/nriofrio +gecos: Nora Riofrio +shadowWarning: 7 +shadowInactive: 2 +shadowLastChange: 12302 +userPassword:: e1NIQX13bWJpVm14ajJiVVYrT1FGbXNHWkozcnF4UUk9 +loginShell: /bin/bash + +dn: uid=arthur,ou=people,dc=test,dc=tld +uid: arthur +gidNumber: 100 +givenName: Arthur +homeDirectory: /home/arthur +sambaLMPassword: 25ABFCD2391656AFEDCB213712461263 +sambaNTPassword: 7213BCD02736ABC64564ABCDFF766DE3 +sambaHomeDrive: H +sambaSID: S-1-5-21-2656270644-2771678393-2525940785-3000 +sambaPwdLastSet: 2043613290 +sambaPwdMustChange: 3043613290 +sambaAcctFlags: [UX ] +sn: de Jong +description: rarthur +shadowWarning: 7 +shadowInactive: 2 +uidNumber: 1000 +title:: c3V4AAA= +title: su +labeledURI: https://arthurdejong.org/ Arthur's homepage +mail: arthur@arthurdejong.org +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson +objectClass: sambaSamAccount +cn: Arthur de Jong +gecos: Arthur de Jong +loginShell: /bin/bash +userPassword:: e1NTSEF9RWJ0Qm1vWWhtcXM1RExuYTlpa29TWmRBcWNCbG1NNXc= +shadowLastChange: 15935 + +dn: cn=Test User3,ou=extra,ou=people,dc=test,dc=tld +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson +cn: Test User3 +uid: testusr3 +uidNumber: 1003 +gidNumber: 100 +homeDirectory: /home/testusr3 +userPassword:: e01ENX1DWTlyelVZaDAzUEszazZESmllMDlnPT0= +loginShell: /bin/sh +description: x +sn: User + +dn: ou=services,dc=test,dc=tld +objectClass: top +objectClass: organizationalUnit +ou: services + +dn: cn=foosrv,ou=services,dc=test,dc=tld +objectClass: top +objectClass: ipService +cn: foosrv +ipServicePort: 15349 +ipServiceProtocol: tcp + +dn: cn=bar,ou=aliases,dc=test,dc=tld +objectClass: top +objectClass: nisMailAlias +cn: bar +cn: bar2 +rfc822MailMember: foobar@example.com + +dn: ou=hosts,dc=test,dc=tld +objectClass: top +objectClass: organizationalUnit +ou: hosts + +dn: cn=testhost,ou=hosts,dc=test,dc=tld +objectClass: top +objectClass: ipHost +objectClass: ieee802Device +objectClass: device +cn: testhost +cn: testhostalias +ipHostNumber: 192.0.2.123 +macAddress: 0:18:8a:54:1a:8e + +dn: cn=testhost2,ou=hosts,dc=test,dc=tld +objectClass: top +objectClass: ieee802Device +objectClass: device +objectClass: ipHost +cn: testhost2 +macAddress: 0:18:8a:54:1a:8b +ipHostNumber: 192.0.2.124 +ipHostNumber: 2001:db8::dead:beef + +dn: cn=testhost3,ou=hosts,dc=test,dc=tld +objectClass: top +objectClass: device +objectClass: ipHost +cn: testhost3 +ipHostNumber: 2001:db8::feed:c0de + +dn: cn=testhost4,ou=hosts,dc=test,dc=tld +objectClass: top +objectClass: device +objectClass: ipHost +cn: testhost4 +ipHostNumber: 2001:db8::7e27:ac1d +ipHostNumber: 192.0.2.126 + +dn: ou=networks,dc=test,dc=tld +objectClass: top +objectClass: organizationalUnit +ou: networks + +dn: cn=testnet,ou=networks,dc=test,dc=tld +objectClass: top +objectClass: ipNetwork +cn: testnet +ipNetworkNumber: 192.0.2.0 + +dn: ou=protocols,dc=test,dc=tld +objectClass: top +objectClass: organizationalUnit +ou: protocols + +dn: cn=protfoo,ou=protocols,dc=test,dc=tld +description: test protocol +cn: protfoo +cn: protfooalias +objectClass: top +objectClass: ipProtocol +ipProtocolNumber: 253 + +dn: ou=rpcs,dc=test,dc=tld +objectClass: top +objectClass: organizationalUnit +ou: rpcs + +dn: cn=rpcfoo,ou=rpcs,dc=test,dc=tld +objectClass: top +objectClass: oncRpc +description: desc +cn: rpcfoo +cn: rpcfooalias +oncRpcNumber: 160002 + +dn: cn=barsrv,ou=services,dc=test,dc=tld +objectClass: top +objectClass: ipService +ipServicePort: 15350 +ipServiceProtocol: tcp +ipServiceProtocol: udp +cn: barsrv + +dn: cn=largegroup,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: posixGroup +cn: largegroup +gidNumber: 1005 +memberUid: akraskouskas +memberUid: alat +memberUid: ameisinger +memberUid: bdevera +memberUid: behrke +memberUid: bmoldan +memberUid: btempel +memberUid: cjody +memberUid: clouder +memberUid: cmanno +memberUid: dbye +memberUid: dciviello +memberUid: dfirpo +memberUid: dgivliani +memberUid: dgosser +memberUid: emcquiddy +memberUid: enastasi +memberUid: fcunard +memberUid: gcubbison +memberUid: gdaub +memberUid: gdreitzler +memberUid: ghanauer +memberUid: gpomerance +memberUid: gsusoev +memberUid: gtinnel +memberUid: gvollrath +memberUid: gzuhlke +memberUid: hgalavis +memberUid: hhaffey +memberUid: hhydrick +memberUid: hmachesky +memberUid: hpaek +memberUid: hpolk +memberUid: hsweezer +memberUid: htomlinson +memberUid: hzagami +memberUid: igurwell +memberUid: ihashbarger +memberUid: jyeater +memberUid: kbradbury +memberUid: khathway +memberUid: kklavetter +memberUid: lbuchtel +memberUid: lgandee +memberUid: lkhubba +memberUid: lmauracher +memberUid: lseehafer +memberUid: lvittum +memberUid: mblanchet +memberUid: mbodley +memberUid: mciaccia +memberUid: mjuris +memberUid: ndipanfilo +memberUid: nfilipek +memberUid: nfunchess +memberUid: ngata +memberUid: ngullett +memberUid: nkraker +memberUid: nriofrio +memberUid: nroepke +memberUid: nrybij +memberUid: oclunes +memberUid: oebrani +memberUid: okveton +memberUid: osaines +memberUid: otrevor +memberUid: pdossous +memberUid: phaye +memberUid: psowa +memberUid: purquilla +memberUid: rkoonz +memberUid: rlatessa +memberUid: rworkowski +memberUid: sdebry +memberUid: sgurski +memberUid: showe +memberUid: slaforge +memberUid: tabdelal +memberUid: testusr2 +memberUid: testusr3 +memberUid: tfalconeri +memberUid: tpaa +memberUid: uschweyen +memberUid: utrezize +memberUid: vchevalier +memberUid: vdelnegro +memberUid: vleyton +memberUid: vmedici +memberUid: vmigliori +memberUid: vpender +memberUid: vwaltmann +memberUid: wbrettschneide +memberUid: wselim +memberUid: wvalcin +memberUid: wworf +memberUid: yautin +memberUid: ykisak +memberUid: zgingrich +memberUid: znightingale +memberUid: zwinterbottom + +dn: cn=hugegroup,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: posixGroup +cn: hugegroup +gidNumber: 1006 +memberUid: pbondroff +memberUid: pwhitmire +memberUid: ygockel +memberUid: dloubier +memberUid: uwalpole +memberUid: vmaynard +memberUid: pdech +memberUid: iweibe +memberUid: ffigert +memberUid: bsibal +memberUid: oahyou +memberUid: rpitter +memberUid: clouder +memberUid: isplonskowski +memberUid: critchie +memberUid: akertzman +memberUid: ilawbaugh +memberUid: omasone +memberUid: nkempon +memberUid: hhagee +memberUid: cnoriego +memberUid: nagerton +memberUid: jappleyard +memberUid: apurdon +memberUid: ptraweek +memberUid: hdyner +memberUid: ohearl +memberUid: rnordby +memberUid: tfalconeri +memberUid: ideveyra +memberUid: rguinane +memberUid: ameisinger +memberUid: nramones +memberUid: cgaudette +memberUid: cmellberg +memberUid: ppedraja +memberUid: dfollman +memberUid: mlinardi +memberUid: hfludd +memberUid: broher +memberUid: scocuzza +memberUid: fnottage +memberUid: wtruman +memberUid: ofelcher +memberUid: sstuemke +memberUid: ddeguire +memberUid: jmatty +memberUid: cpalmios +memberUid: ocrabbs +memberUid: gschaumburg +memberUid: lbuchtel +memberUid: thelfritz +memberUid: klitehiser +memberUid: hkinderknecht +memberUid: psundeen +memberUid: lringuette +memberUid: cspilis +memberUid: gwaud +memberUid: mferandez +memberUid: bouten +memberUid: hpolintan +memberUid: zculp +memberUid: cpinela +memberUid: atollefsrud +memberUid: lcremer +memberUid: hmuscaro +memberUid: rgramby +memberUid: lschenkelberg +memberUid: lgradilla +memberUid: kfaure +memberUid: fhain +memberUid: nasmar +memberUid: sgropper +memberUid: zscammahorn +memberUid: isteinlicht +memberUid: kdevincent +memberUid: jherkenratt +memberUid: prowena +memberUid: thynson +memberUid: brodgerson +memberUid: ekenady +memberUid: ecelestin +memberUid: bbeckfield +memberUid: bhelverson +memberUid: vtowell +memberUid: obihl +memberUid: kwinterling +memberUid: ahandy +memberUid: hschoepfer +memberUid: hgalavis +memberUid: tkhora +memberUid: mcoch +memberUid: sskone +memberUid: pminnis +memberUid: kmoesch +memberUid: tschnepel +memberUid: ekeuper +memberUid: pbascom +memberUid: tmcmickle +memberUid: kcomparoni +memberUid: showe +memberUid: bpinedo +memberUid: nwiker +memberUid: slerew +memberUid: tbattista +memberUid: mjeon +memberUid: tmurata +memberUid: saycock +memberUid: aesbensen +memberUid: tsearle +memberUid: gpomerance +memberUid: hkippes +memberUid: oshough +memberUid: iogasawara +memberUid: srees +memberUid: gdaub +memberUid: mvedder +memberUid: igizzi +memberUid: pvierthaler +memberUid: tsowells +memberUid: arosel +memberUid: hbukovsky +memberUid: nhija +memberUid: ivanschaack +memberUid: mground +memberUid: zbuscaglia +memberUid: lcocherell +memberUid: aziernicki +memberUid: nglathar +memberUid: ccyganiewicz +memberUid: hsabol +memberUid: fhalon +memberUid: hmateer +memberUid: okveton +memberUid: pfavolise +memberUid: denriquez +memberUid: leberhardt +memberUid: kgarced +memberUid: gparkersmith +memberUid: lyoula +memberUid: ewicks +memberUid: wdagrella +memberUid: dhammontree +memberUid: nriofrio +memberUid: pwetherwax +memberUid: rbernhagen +memberUid: tsablea +memberUid: cbrechbill +memberUid: opuglisi +memberUid: svielle +memberUid: zborgmeyer +memberUid: redling +memberUid: ncermeno +memberUid: mcasida +memberUid: lschollmeier +memberUid: tfetherston +memberUid: hcarrizal +memberUid: ggillim +memberUid: nmoren +memberUid: fsapien +memberUid: amckinney +memberUid: isowder +memberUid: gmackinder +memberUid: wconces +memberUid: mpilon +memberUid: lspielvogel +memberUid: pwashuk +memberUid: nkubley +memberUid: hschelb +memberUid: ebeachem +memberUid: ksollitto +memberUid: guresti +memberUid: sarndt +memberUid: mhollings +memberUid: mneubacher +memberUid: jdodge +memberUid: phalkett +memberUid: wmailey +memberUid: mmcchristian +memberUid: pcornn +memberUid: nvyhnal +memberUid: ebusk +memberUid: cpentreath +memberUid: gfaire +memberUid: ediga +memberUid: mquigg +memberUid: rlatessa +memberUid: hsweezer +memberUid: mfaeth +memberUid: tmccaffity +memberUid: rdubuisson +memberUid: bbrenton +memberUid: rramirez +memberUid: gclapham +memberUid: ckistenmacher +memberUid: rlambertus +memberUid: htilzer +memberUid: wcreggett +memberUid: mkibler +memberUid: jroman +memberUid: gearnshaw +memberUid: nrybij +memberUid: kmandolfo +memberUid: draymundo +memberUid: rfidel +memberUid: tmarkus +memberUid: iseipel +memberUid: vwokwicz +memberUid: kmisove +memberUid: ppeper +memberUid: mbravata +memberUid: ikulbida +memberUid: hrenart +memberUid: ienglert +memberUid: vbigalow +memberUid: vpeairs +memberUid: bjolly +memberUid: owhitelow +memberUid: ysnock +memberUid: kottomaniello +memberUid: ghelderman +memberUid: ihoa +memberUid: nhayer +memberUid: dcaltabiano +memberUid: wkhazaleh +memberUid: mruppel +memberUid: jskafec +memberUid: jkimpton +memberUid: ugreenberg +memberUid: dsherard +memberUid: lsobrino +memberUid: kwidrick +memberUid: tlana +memberUid: oosterhouse +memberUid: swoodie +memberUid: eserrett +memberUid: cnabzdyk +memberUid: akraskouskas +memberUid: jseen +memberUid: umosser +memberUid: afuchs +memberUid: sherzberg +memberUid: cmiramon +memberUid: oscarpello +memberUid: tlowers +memberUid: tairth +memberUid: cpluid +memberUid: cmcanulty +memberUid: ascovel +memberUid: cfasone +memberUid: pvirelli +memberUid: cflenner +memberUid: htomlinson +memberUid: pahles +memberUid: fsavela +memberUid: bdaughenbaugh +memberUid: dtornow +memberUid: ptoenjes +memberUid: tmysinger +memberUid: ndesautels +memberUid: ekalfas +memberUid: clewicki +memberUid: hzagami +memberUid: fsymmonds +memberUid: kshippy +memberUid: gallanson +memberUid: kalguire +memberUid: dmahapatra +memberUid: eathey +memberUid: xlantey +memberUid: cklem +memberUid: smillian +memberUid: llasher +memberUid: hbetterman +memberUid: kseisler +memberUid: badair +memberUid: eziebert +memberUid: mdickinson +memberUid: psabado +memberUid: slaningham +memberUid: estockwin +memberUid: kmcardle +memberUid: opeet +memberUid: cdickes +memberUid: lgadomski +memberUid: btempel +memberUid: veisenhardt +memberUid: vnazzal +memberUid: kmallach +memberUid: ksparling +memberUid: zneeb +memberUid: kthede +memberUid: cwank +memberUid: psiroky +memberUid: bmarlin +memberUid: opizzuti +memberUid: vpender +memberUid: yduft +memberUid: htsuha +memberUid: bphou +memberUid: opoch +memberUid: bmoling +memberUid: ilevian +memberUid: okave +memberUid: thoch +memberUid: ihegener +memberUid: cdegravelle +memberUid: ktriblett +memberUid: ggehrke +memberUid: tsepulueda +memberUid: kheadlon +memberUid: dfirpo +memberUid: wnunziata +memberUid: ualway +memberUid: fsunderland +memberUid: osaber +memberUid: mpizzaro +memberUid: jwinterton +memberUid: wconstantino +memberUid: werrick +memberUid: emcquiddy +memberUid: spolmer +memberUid: uflander +memberUid: hliverman +memberUid: mcontreras +memberUid: cdrumm +memberUid: egrago +memberUid: fgoben +memberUid: zanderlik +memberUid: jeverton +memberUid: mtanzi +memberUid: psharits +memberUid: adishaw +memberUid: iherrarte +memberUid: uvanmatre +memberUid: rtole +memberUid: dhindsman +memberUid: tstalworth +memberUid: hlichota +memberUid: pwademan +memberUid: rginer +memberUid: mredd +memberUid: rmcstay +memberUid: vcrofton +memberUid: ileaman +memberUid: fwidhalm +memberUid: tbagne +memberUid: xeppley +memberUid: hcafourek +memberUid: svongal +memberUid: mtintle +memberUid: njordon +memberUid: jsweezy +memberUid: sjankauskas +memberUid: rmandril +memberUid: ueriks +memberUid: fkeef +memberUid: fburrough +memberUid: istarring +memberUid: mlinak +memberUid: lnormand +memberUid: cpaccione +memberUid: tkelly +memberUid: hwestermark +memberUid: sestergard +memberUid: ihanneman +memberUid: vkrug +memberUid: sdebry +memberUid: tdonathan +memberUid: nridinger +memberUid: fthein +memberUid: prepasky +memberUid: kwirght +memberUid: ehindbaugh +memberUid: mcolehour +memberUid: vbonder +memberUid: pwutzke +memberUid: bguthary +memberUid: ewuitschick +memberUid: rpinilla +memberUid: tkeala +memberUid: dscheurer +memberUid: ycobetto +memberUid: uslavinski +memberUid: ihalford +memberUid: kmarzili +memberUid: fbielecki +memberUid: kmcguire +memberUid: ycostaneda +memberUid: gapkin +memberUid: dtuholski +memberUid: dlanois +memberUid: bswantak +memberUid: lrandall +memberUid: wottesen +memberUid: kbrugal +memberUid: carguellez +memberUid: awhitt +memberUid: ubenken +memberUid: gcukaj +memberUid: lkimel +memberUid: fbeatrice +memberUid: myokoyama +memberUid: mfitzherbert +memberUid: nbugtong +memberUid: uazatyan +memberUid: kcofrancesco +memberUid: fagro +memberUid: sscheiern +memberUid: vemily +memberUid: cweiss +memberUid: nchrisman +memberUid: yhenriques +memberUid: gbitar +memberUid: pdurando +memberUid: csoomaroo +memberUid: lseehafer +memberUid: pgrybel +memberUid: ngrowney +memberUid: fvinal +memberUid: ecolden +memberUid: ascheno +memberUid: kpenale +memberUid: eaguire +memberUid: teliades +memberUid: charriman +memberUid: mcampagnone +memberUid: lhuggler +memberUid: bwynes +memberUid: nslaby +memberUid: gportolese +memberUid: hlemon +memberUid: tguinnip +memberUid: mgavet +memberUid: cparee +memberUid: cghianni +memberUid: sgurski +memberUid: kbattershell +memberUid: vchevalier +memberUid: tplatko +memberUid: baigner +memberUid: fcunard +memberUid: rschkade +memberUid: nlohmiller +memberUid: rkraszewski +memberUid: fcha +memberUid: cmafnas +memberUid: vrunyon +memberUid: gkerens +memberUid: cgaler +memberUid: esproull +memberUid: hmogush +memberUid: tgindhart +memberUid: lgandee +memberUid: nforti +memberUid: tabdelal +memberUid: blovig +memberUid: vpiraino +memberUid: hhaffey +memberUid: bmicklos +memberUid: eklunder +memberUid: kconkey +memberUid: pbrentano +memberUid: ewilles +memberUid: areid +memberUid: mlenning +memberUid: pgreenier +memberUid: hzinda +memberUid: upater +memberUid: svandewalle +memberUid: kmedcaf +memberUid: vnery +memberUid: nphan +memberUid: pbiggart +memberUid: rdubs +memberUid: sskyers +memberUid: cswigert +memberUid: rbrisby +memberUid: mskeele +memberUid: moser +memberUid: mcashett +memberUid: egospatrick +memberUid: hmatonak +memberUid: fparness +memberUid: fsplinter +memberUid: habby +memberUid: fplayfair +memberUid: gmings +memberUid: snotari +memberUid: sspagnuolo +memberUid: kpannunzio +memberUid: cjuntunen +memberUid: svogler +memberUid: mrydelek +memberUid: moller +memberUid: deshmon +memberUid: skanjirathinga +memberUid: imillin +memberUid: ksiering +memberUid: uholecek +memberUid: kbarnthouse +memberUid: vwisinger +memberUid: vglidden +memberUid: pheathcock +memberUid: agarbett +memberUid: jsegundo +memberUid: uednilao +memberUid: ibeto +memberUid: lautovino +memberUid: ejeppesen +memberUid: ekurter +memberUid: ilamberth +memberUid: icoard +memberUid: cbarlup +memberUid: mbodley +memberUid: hpimpare +memberUid: cabare +memberUid: mpark +memberUid: tvehrs +memberUid: psalesky +memberUid: jlebouf +memberUid: imuehl +memberUid: dholdaway +memberUid: mdecourcey +memberUid: gconver +memberUid: cbotdorf +memberUid: lsous +memberUid: hbickford +memberUid: aferge +memberUid: ajaquess +memberUid: hpalmquist +memberUid: rpastorin +memberUid: wvalcin +memberUid: iiffert +memberUid: mcaram +memberUid: lschnorbus +memberUid: vsefcovic +memberUid: ablackstock +memberUid: mkofoed +memberUid: fvascones +memberUid: dmcgillen +memberUid: agordner +memberUid: rlosinger +memberUid: ohatto +memberUid: hrapisura +memberUid: lmichaud +memberUid: lcaudell +memberUid: lpeagler +memberUid: gchounlapane +memberUid: tmorr +memberUid: abortignon +memberUid: esheehan +memberUid: lcoulon +memberUid: alienhard +memberUid: dbarriball +memberUid: dlablue +memberUid: cbelardo +memberUid: nousdahl +memberUid: yvdberg +memberUid: nerbach +memberUid: vwaltmann +memberUid: cmanno +memberUid: iyorks +memberUid: zmeeker +memberUid: rgriffies +memberUid: hbastidos +memberUid: jquicksall +memberUid: obeaufait +memberUid: mstirn +memberUid: ibuzo +memberUid: ngullett +memberUid: dblazejewski +memberUid: lwedner +memberUid: dlargo +memberUid: nfunchess +memberUid: bcolorado +memberUid: gjankowiak +memberUid: gdeblasio +memberUid: uspittler +memberUid: bmarszalek +memberUid: astrunk +memberUid: gcurnutt +memberUid: fberra +memberUid: zkutchera +memberUid: pgiegerich +memberUid: jscheitlin +memberUid: ilacourse +memberUid: cjody +memberUid: hkohlmeyer +memberUid: nlemma +memberUid: ykimbel +memberUid: adenicola +memberUid: imicthell +memberUid: ovibbert +memberUid: cpencil +memberUid: amccroskey +memberUid: daubert +memberUid: senrico +memberUid: vfeigel +memberUid: ibreitbart +memberUid: nedgin +memberUid: dgivliani +memberUid: csever +memberUid: bveeneman +memberUid: jspohn +memberUid: fsirianni +memberUid: nevan +memberUid: zwinterbottom +memberUid: beon +memberUid: imcbay +memberUid: sgirsh +memberUid: bharnois +memberUid: amaslyn +memberUid: achhor +memberUid: oreiss +memberUid: yolivier +memberUid: iyorgey +memberUid: ubynum +memberUid: ngiesler +memberUid: tvrooman +memberUid: sstough +memberUid: kfend +memberUid: bwinterton +memberUid: nlatchaw +memberUid: gmassi +memberUid: inarain +memberUid: hcusta +memberUid: ehathcock +memberUid: pcaposole +memberUid: wclokecloak +memberUid: jholzmiller +memberUid: ecordas +memberUid: amcgraw +memberUid: hloftis +memberUid: rheinzmann +memberUid: vtresch +memberUid: vdolan +memberUid: emanikowski +memberUid: wdevenish +memberUid: kbrevitz +memberUid: umarbury +memberUid: esonia +memberUid: lpondexter +memberUid: clapenta +memberUid: lshilling +memberUid: zvagt +memberUid: garchambeault +memberUid: lpitek +memberUid: dbertels +memberUid: rpikes +memberUid: emehta +memberUid: lmuehlberger +memberUid: mdedon +memberUid: obercier +memberUid: kstachurski +memberUid: glafontaine +memberUid: dmarchizano +memberUid: gtinnel +memberUid: ubieniek +memberUid: lseabold +memberUid: pduitscher +memberUid: kaanerud +memberUid: kgremminger +memberUid: ktuccio +memberUid: epeterson +memberUid: ljomes +memberUid: rgoonez +memberUid: rbloomstrand +memberUid: lvaleriano +memberUid: tharr +memberUid: wstjean +memberUid: hspiry +memberUid: oport +memberUid: kjoslyn +memberUid: pphuaphes +memberUid: cbourek +memberUid: esthill +memberUid: dsharr +memberUid: lbove +memberUid: sackles +memberUid: dminozzi +memberUid: klundsten +memberUid: bfishbeck +memberUid: nranck +memberUid: udatu +memberUid: jmartha +memberUid: mmerriwether +memberUid: dzurek +memberUid: mmangiamele +memberUid: mdyce +memberUid: atonkin +memberUid: tmalecki +memberUid: rfauerbach +memberUid: ojerabek +memberUid: behrke +memberUid: fberyman +memberUid: istallcup +memberUid: ktoni +memberUid: owhelchel +memberUid: jamber +memberUid: lfarraj +memberUid: wesguerra +memberUid: uransford +memberUid: mpellew +memberUid: zhaulk +memberUid: kpalka +memberUid: ddigerolamo +memberUid: tnaillon +memberUid: wdovey +memberUid: gmoen +memberUid: nlinarez +memberUid: rbillingsly +memberUid: akomsthoeft +memberUid: kmeester +memberUid: skoegler +memberUid: vlubic +memberUid: nbuford +memberUid: fgrashot +memberUid: dpebbles +memberUid: alat +memberUid: saben +memberUid: mpytko +memberUid: nrysavy +memberUid: hkarney +memberUid: sbemo +memberUid: gcummer +memberUid: cbleimehl +memberUid: dgosser +memberUid: bscadden +memberUid: emargulis +memberUid: khovanesian +memberUid: ckodish +memberUid: meconomides +memberUid: lcanestrini +memberUid: hmiazga +memberUid: tnitzel +memberUid: ewismer +memberUid: dnegri +memberUid: dflore +memberUid: mvanpelt +memberUid: gdeyarmond +memberUid: hchaviano +memberUid: cfleurantin +memberUid: pbeckerdite +memberUid: jcaroll +memberUid: nhelfinstine +memberUid: ibyles +memberUid: kpuebla +memberUid: ycerasoli +memberUid: smccaie +memberUid: dtashjian +memberUid: hbraim +memberUid: ulanigan +memberUid: jrees +memberUid: ndrumgole +memberUid: wmendell +memberUid: mbeagley +memberUid: jlunney +memberUid: lpintor +memberUid: mheilbrun +memberUid: lparrish +memberUid: uweyand +memberUid: eorsten +memberUid: gshrode +memberUid: urosentrance +memberUid: kmayoras +memberUid: pdischinger +memberUid: tgelen +memberUid: bdadds +memberUid: mallmand +memberUid: fvallian +memberUid: mfeil +memberUid: ktuner +memberUid: maustine +memberUid: eyounglas +memberUid: sbloise +memberUid: usevera +memberUid: qhanly +memberUid: pdulac +memberUid: ocalleo +memberUid: lmauracher +memberUid: vdesir +memberUid: tsann +memberUid: vtrumpp +memberUid: ihimmelwright +memberUid: dsteever +memberUid: ochasten +memberUid: ghann +memberUid: mespinel +memberUid: shaith +memberUid: nnickel +memberUid: gloebs +memberUid: iroiger +memberUid: edurick +memberUid: bromano +memberUid: upellam +memberUid: hcowles +memberUid: sbonnie +memberUid: etunby +memberUid: imensah +memberUid: jsenavanh +memberUid: slaudeman +memberUid: ckerska +memberUid: tcossa +memberUid: jeuresti +memberUid: sgunder +memberUid: lfichtner +memberUid: gdrilling +memberUid: jmarugg +memberUid: oalthouse +memberUid: rtooker +memberUid: mviverette +memberUid: gbolay +memberUid: wvermeulen +memberUid: mvas +memberUid: pthornberry +memberUid: uschweyen +memberUid: ikadar +memberUid: faleo +memberUid: cgalinol +memberUid: yeven +memberUid: afredin +memberUid: amayorga +memberUid: llarmore +memberUid: tcrissinger +memberUid: sgefroh +memberUid: yfrymoyer +memberUid: mdanos +memberUid: nwescott +memberUid: gmilian +memberUid: bcoletta +memberUid: bluellen +memberUid: ghumbles +memberUid: ugerpheide +memberUid: oolivarez +memberUid: mlaverde +memberUid: bstrede +memberUid: dlongbotham +memberUid: farquette +memberUid: mpanahon +memberUid: phyer +memberUid: cbartnick +memberUid: mmattu +memberUid: hriech +memberUid: hstreitnatter +memberUid: omalvaez +memberUid: ithum +memberUid: tmccamish +memberUid: jjumalon +memberUid: bdominga +memberUid: yschmuff +memberUid: venfort +memberUid: mdoering +memberUid: sbettridge +memberUid: epoinelli +memberUid: nspolar +memberUid: xrahaim +memberUid: lcavez +memberUid: tpaa +memberUid: srubenfield +memberUid: lbassin +memberUid: eparham +memberUid: bdevera +memberUid: ohoffert +memberUid: tyounglas +memberUid: dciullo +memberUid: wlynch +memberUid: hveader +memberUid: hlynema +memberUid: yautin +memberUid: kmosko +memberUid: eklein +memberUid: pschrayter +memberUid: nsiemonsma +memberUid: wganther +memberUid: dledenbach +memberUid: imarungo +memberUid: khartness +memberUid: mmesidor +memberUid: gsantella +memberUid: vmedici +memberUid: ashuey +memberUid: nendicott +memberUid: klurie +memberUid: wleiva +memberUid: fmilsaps +memberUid: ohove +memberUid: nciucci +memberUid: pmineo +memberUid: hvannette +memberUid: zratti +memberUid: lmcgeary +memberUid: wbrill +memberUid: eberkman +memberUid: ctenny +memberUid: ichewning +memberUid: dgiacomazzi +memberUid: mdimaio +memberUid: lvanconant +memberUid: gishii +memberUid: nmccolm +memberUid: hhysong +memberUid: iambrosino +memberUid: aponcedeleon +memberUid: jbielicki +memberUid: laksamit +memberUid: agimm +memberUid: limbrogno +memberUid: ralspach +memberUid: kbartolet +memberUid: tcacal +memberUid: erostad +memberUid: hhartranft +memberUid: mswogger +memberUid: edrinkwater +memberUid: tredfearn +memberUid: cscullion +memberUid: uhayakawa +memberUid: bmadamba +memberUid: hholyfield +memberUid: pdauterman +memberUid: gcervantez +memberUid: lbanco +memberUid: greiff +memberUid: gvollrath +memberUid: ctuzzo +memberUid: rrasual +memberUid: lsivic +memberUid: ademosthenes +memberUid: asemons +memberUid: jglotzbecker +memberUid: hbrehmer +memberUid: jzych +memberUid: jbjorkman +memberUid: oconerly +memberUid: erathert +memberUid: mrizer +memberUid: vrodick +memberUid: btheim +memberUid: dwittlinger +memberUid: omcdaid +memberUid: kepps +memberUid: nlainhart +memberUid: gfedewa +memberUid: bgavagan +memberUid: ihernan +memberUid: mgayden +memberUid: kolexa +memberUid: gcobane +memberUid: smullowney +memberUid: ohedlund +memberUid: pviviani +memberUid: zfarler +memberUid: cbrom +memberUid: vstirman +memberUid: pwohlenhaus +memberUid: hwoodert +memberUid: alamour +memberUid: sbrabyn +memberUid: joligee +memberUid: hdoiel +memberUid: kmuros +memberUid: wenglander +memberUid: asivley +memberUid: ctetteh +memberUid: tboxx +memberUid: hlauchaire +memberUid: fmarchi +memberUid: rcheshier +memberUid: oclunes +memberUid: lmadruga +memberUid: omatula +memberUid: vbaldasaro +memberUid: gcarlini +memberUid: dhendon +memberUid: krahman +memberUid: amanganelli +memberUid: rchevrette +memberUid: jreigh +memberUid: hbrandow +memberUid: mvanbergen +memberUid: nnamanworth +memberUid: fverfaille +memberUid: tmelland +memberUid: purquilla +memberUid: jvillaire +memberUid: jknight +memberUid: dasiedu +memberUid: oebrani +memberUid: nschmig +memberUid: vwabasha +memberUid: vburton +memberUid: cdeckard +memberUid: rfassinger +memberUid: ninnella +memberUid: hcintron +memberUid: ebattee +memberUid: wselim +memberUid: obenallack +memberUid: akravetz + +dn: cn=users,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: posixGroup +cn: users +gidNumber: 100 +memberUid: arthur +memberUid: test +description: cn=Test User2,ou=people,dc=test,dc=tld + +dn: cn=testgroup2,ou=groups,dc=test,dc=tld +sambaSID: 2 +sambaGroupType: 2 +gidNumber: 6200 +cn: testgroup2 +objectClass: top +objectClass: groupOfNames +objectClass: sambaGroupMapping +member: cn=Test User2,ou=people,dc=test,dc=tld +member: cn=Test\2C User4,ou=people,dc=test,dc=tld +member: cn=bar,dc=foo,dc=com +member: cn=testhost,ou=hosts,dc=test,dc=tld +member:: Y2490JDQkdCSINCT0pDQlNCC0IPQldCBLG91PXBlb3BsZSxkYz10ZXN0LGRjPXRsZA== +member:: Y2495Y+v5piv5b2T6L+Z5LiqVeebmOWcqCxvdT1wZW9wbGUsZGM9dGVzdCxkYz10bGQ= +member: uid=arthur,ou=people,dc=test,dc=tld + +dn: cn=tst2netgroup,ou=netgroups,dc=test,dc=tld +objectClass: top +objectClass: nisNetgroup +cn: tst2netgroup +description: an empty netgroup entry + +dn: cn=sssin,ou=services,dc=test,dc=tld +objectClass: top +objectClass: ipService +ipServicePort: 5000 +ipServiceProtocol: tcp +description: SSSIN description +cn: SSSIN + +dn: cn=Test\2C User4,ou=people,dc=test,dc=tld +uidNumber: 1004 +gidNumber: 100 +userPassword:: e01ENX1DWTlyelVZaDA0UEs0azZESmllMDlnPT0= +loginShell: /bin/sh +description: x +sn: User +cn: Test, User4 +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson +uid: testuser4 +homeDirectory: /home/testuser4 + +dn: ou=ref,ou=people,dc=test,dc=tld +ou: ref +objectClass: referral +objectClass: extensibleObject +ref: ldap://localhost/ou=lotsofpeople,dc=test,dc=tld + +dn: cn=grp4,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: posixGroup +cn: grp4 +gidNumber: 704 +memberUid: arthur + +dn: cn=grp5,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: posixGroup +cn: grp5 +gidNumber: 705 +memberUid: arthur + +dn: cn=grp6,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: posixGroup +cn: grp6 +gidNumber: 706 +memberUid: arthur + +dn: cn=grp7,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: posixGroup +cn: grp7 +gidNumber: 707 +memberUid: arthur + +dn: cn=grp8,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: posixGroup +cn: grp8 +gidNumber: 708 +memberUid: arthur + +dn: cn=grp9,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: posixGroup +cn: grp9 +gidNumber: 709 +memberUid: arthur + +dn: cn=grp10,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: posixGroup +cn: grp10 +gidNumber: 710 +memberUid: arthur + +dn: cn=grp11,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: posixGroup +cn: grp11 +gidNumber: 711 +memberUid: arthur + +dn: cn=grp12,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: posixGroup +cn: grp12 +gidNumber: 712 +memberUid: arthur + +dn: cn=grp13,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: posixGroup +cn: grp13 +gidNumber: 713 +memberUid: arthur + +dn: cn=grp14,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: posixGroup +cn: grp14 +gidNumber: 714 +memberUid: arthur + +dn: cn=grp15,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: posixGroup +cn: grp15 +gidNumber: 715 +memberUid: arthur + +dn: cn=grp16,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: posixGroup +cn: grp16 +gidNumber: 716 +memberUid: arthur + +dn: cn=grp17,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: posixGroup +cn: grp17 +gidNumber: 717 +memberUid: arthur + +dn: cn=grp18,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: posixGroup +cn: grp18 +gidNumber: 718 +memberUid: arthur + +dn: ou=policies,dc=test,dc=tld +objectClass: organizationalUnit +objectClass: top +ou: policies + +dn: cn=default,ou=policies,dc=test,dc=tld +cn: default +objectClass: pwdPolicyChecker +objectClass: pwdPolicy +objectClass: person +objectClass: top +pwdAllowUserChange: TRUE +pwdAttribute: 2.5.4.35 +pwdCheckModule: crackcheck.so +pwdFailureCountInterval: 30 +pwdLockout: TRUE +pwdMinLength: 12 +pwdSafeModify: FALSE +sn: dummy value +pwdMaxFailure: 3 +pwdCheckQuality: 0 +pwdMinAge: 1 +pwdGraceAuthNLimit: 10 +pwdLockoutDuration: 30 +pwdMustChange: TRUE +pwdInHistory: 0 +pwdExpireWarning: 600000 +pwdMaxAge: 660000 + +dn:: Y2495Y+v5piv5b2T6L+Z5LiqVeebmOWcqCxvdT1wZW9wbGUsZGM9dGVzdCxkYz10bGQ= +uid: tstchinese +uidNumber: 1005 +gidNumber: 100 +homeDirectory: /home/tstchinese +userPassword:: e01ENX1DWTlyelVZaDAzUEszazZESmllMDlnPT0= +loginShell: /bin/sh +sn: User +cn:: 5Y+v5piv5b2T6L+Z5LiqVeebmOWcqA== +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson + +dn:: Y2490JDQkdCSINCT0pDQlNCC0IPQldCBLG91PXBlb3BsZSxkYz10ZXN0LGRjPXRsZA== +uid: tstcyrillic +uidNumber: 1006 +gidNumber: 100 +homeDirectory: /home/tstcyrillic +userPassword:: e01ENX1DWTlyelVZaDAzUEszazZESmllMDlnPT0= +loginShell: /bin/sh +sn: User +cn:: 0JDQkdCSINCT0pDQlNCC0IPQldCB +objectClass: top +objectClass: posixAccount +objectClass: shadowAccount +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson + +dn: ou=autofs,dc=test,dc=tld +objectClass: top +objectClass: organizationalUnit +ou: autofs + +dn: ou=auto.master,ou=autofs,dc=test,dc=tld +objectClass: top +objectClass: automountMap +ou: auto.master + +dn: cn=/ldap,ou=auto.master,ou=autofs,dc=test,dc=tld +objectClass: automount +cn: /ldap +automountInformation: ldap://192.168.12.4/ou=auto.indirect,ou=autofs, dc=test, dc=tld + +dn: cn=/-,ou=auto.master,ou=autofs,dc=test,dc=tld +objectClass: automount +cn: /- +automountInformation: ldap://192.168.12.4/ou=auto.direct,ou=autofs, dc=test, dc=tld + +dn: ou=auto.indirect,ou=autofs,dc=test,dc=tld +objectClass: top +objectClass: automountMap +ou: auto.indirect + +dn: cn=bin,ou=auto.indirect,ou=autofs,dc=test,dc=tld +objectClass: automount +cn: bin +automountInformation:: ICBzdGlwcGVyOi9zaGFyZQ== + +dn: ou=auto.direct,ou=autofs,dc=test,dc=tld +objectClass: top +objectClass: automountMap +ou: auto.direct + +dn: cn=/nfs/budgie/man,ou=auto.direct,ou=autofs,dc=test,dc=tld +objectClass: automount +cn: /nfs/budgie/man +automountInformation:: ICBidWRnaWU6L3Vzci9sb2NhbC9tYW4= + +dn: cn=/nfs/budgie/bin,ou=auto.direct,ou=autofs,dc=test,dc=tld +objectClass: automount +cn: /nfs/budgie/bin +automountInformation:: ICBidWRnaWU6L2xvY2FsL2RhdGEvYmlu + +dn: cn=nstgrp1,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: groupOfNames +objectClass: sambaGroupMapping +cn: nstgrp1 +sambaSID: 3 +sambaGroupType: 2 +gidNumber: 800 +member: cn=Test User2,ou=people,dc=test,dc=tld + +dn: cn=nstgrp2,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: groupOfNames +objectClass: sambaGroupMapping +cn: nstgrp2 +sambaSID: 4 +sambaGroupType: 2 +gidNumber: 801 +member: cn=Test User2,ou=people,dc=test,dc=tld +member: cn=Test User3,ou=extra,ou=people,dc=test,dc=tld +member: cn=nstgrp1,ou=groups,dc=test,dc=tld + +dn: cn=nstgrp3,ou=groups,dc=test,dc=tld +objectClass: top +objectClass: groupOfNames +objectClass: sambaGroupMapping +cn: nstgrp3 +sambaSID: 5 +sambaGroupType: 2 +gidNumber: 802 +member: cn=nstgrp1,ou=groups,dc=test,dc=tld +member: cn=nstgrp2,ou=groups,dc=test,dc=tld +member: cn=nstgrp3,ou=groups,dc=test,dc=tld diff --git a/tests/test_attmap.c b/tests/test_attmap.c new file mode 100644 index 0000000..112d5fa --- /dev/null +++ b/tests/test_attmap.c @@ -0,0 +1,56 @@ +/* + test_cfg.c - simple test for the cfg module + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2014 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include + +#include "common.h" + +#include "nslcd/attmap.h" + +static void test_member_map(void) +{ + const char **var; + const char *res; + var = attmap_get_var(LM_GROUP, "member"); + assert(var != NULL); + /* expected mapping */ + res = attmap_set_mapping(var, "uniqueMember"); + assert(res != NULL); + assertstreq(res, "uniqueMember"); + /* no support for expressions */ + res = attmap_set_mapping(var, "\"$fred\""); + assert(res == NULL); + /* but support empty string */ + res = attmap_set_mapping(var, "\"\""); + assert(res != NULL); + assertstreq(res, "\"\""); +} + +int main(int UNUSED(argc), char UNUSED(*argv[])) +{ + test_member_map(); + return EXIT_SUCCESS; +} diff --git a/tests/test_cfg.c b/tests/test_cfg.c new file mode 100644 index 0000000..2ae24bc --- /dev/null +++ b/tests/test_cfg.c @@ -0,0 +1,249 @@ +/* + test_cfg.c - simple test for the cfg module + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2007, 2009, 2011, 2012, 2013 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include + +#include "common.h" + +/* we include cfg.c because we want to test the static methods */ +#include "nslcd/cfg.c" + +static void test_xstrdup(void) +{ + static const char *foo = "testString123"; + char *bar; + bar = xstrdup(foo); + /* we should have a new value */ + assert(bar != NULL); + /* the contents should be the same */ + assertstreq(foo, bar); + /* but the pointer should be different */ + assert(foo != bar); + /* free memory */ + free(bar); +} + +static void test_add_uris(void) +{ + static struct ldap_config cfg; + int i; + /* set up config */ + cfg_defaults(&cfg); + assert(cfg.uris[0].uri == NULL); + /* add a uri */ + add_uri(__FILE__, __LINE__, &cfg, "ldap://localhost"); + assert(cfg.uris[0].uri != NULL); + assert(cfg.uris[1].uri == NULL); + /* add some more uris */ + for (i = 1; i < NSS_LDAP_CONFIG_MAX_URIS; i++) + { + add_uri(__FILE__, __LINE__, &cfg, "ldap://localhost"); + assert(cfg.uris[i].uri != NULL); + assert(cfg.uris[i + 1].uri == NULL); + } + /* inserting one more entry should call exit(): + add_uri(__FILE__, __LINE__, &cfg, "ldap://localhost"); + assert(cfg.uris[i] != NULL); + assert(cfg.uris[i + 1] == NULL); */ + /* there is no cfg_free() so we have a memory leak here */ +} + +static void test_parse_boolean(void) +{ + assert(parse_boolean(__FILE__, __LINE__, "True") == 1); + assert(parse_boolean(__FILE__, __LINE__, "faLSe") == 0); + assert(parse_boolean(__FILE__, __LINE__, "1") == 1); + assert(parse_boolean(__FILE__, __LINE__, "oFF") == 0); + assert(parse_boolean(__FILE__, __LINE__, "Yes") == 1); + assert(parse_boolean(__FILE__, __LINE__, "No") == 0); + /* most other values should call exit(): + assert(parse_boolean(__FILE__, __LINE__, "Foo") == 0); */ +} + +static void test_parse_scope(void) +{ + struct ldap_config cfg; + handle_scope(__FILE__, __LINE__, "scope", "sUb", &cfg); + assert(cfg.scope == LDAP_SCOPE_SUBTREE); + handle_scope(__FILE__, __LINE__, "scope", "subtree", &cfg); + assert(cfg.scope == LDAP_SCOPE_SUBTREE); + handle_scope(__FILE__, __LINE__, "scope", "ONE", &cfg); + assert(cfg.scope == LDAP_SCOPE_ONELEVEL); + handle_scope(__FILE__, __LINE__, "scope", "oneLevel", &cfg); + assert(cfg.scope == LDAP_SCOPE_ONELEVEL); + handle_scope(__FILE__, __LINE__, "scope", "base", &cfg); + assert(cfg.scope == LDAP_SCOPE_BASE); + handle_scope(__FILE__, __LINE__, "scope", "bASe", &cfg); + assert(cfg.scope == LDAP_SCOPE_BASE); +#ifdef LDAP_SCOPE_CHILDREN + handle_scope(__FILE__, __LINE__, "scope", "children", &cfg); + assert(cfg.scope == LDAP_SCOPE_CHILDREN); +#endif /* LDAP_SCOPE_CHILDREN */ + /* most other values should call exit(): + handle_scope(__FILE__, __LINE__, "scope", "BSAE", &cfg); */ +} + +static void test_parse_map(void) +{ + char *line; + /* some general assertions */ + assert((LM_ALIASES != LM_ETHERS) && (LM_ALIASES != LM_GROUP) && + (LM_ALIASES != LM_HOSTS) && (LM_ALIASES != LM_NETGROUP) && + (LM_ALIASES != LM_NETWORKS) && (LM_ALIASES != LM_PASSWD) && + (LM_ALIASES != LM_PROTOCOLS) && (LM_ALIASES != LM_RPC) && + (LM_ALIASES != LM_SERVICES) && (LM_ALIASES != LM_SHADOW)); + assert((LM_ETHERS != LM_GROUP) && (LM_ETHERS != LM_HOSTS) && + (LM_ETHERS != LM_NETGROUP) && (LM_ETHERS != LM_NETWORKS) && + (LM_ETHERS != LM_PASSWD) && (LM_ETHERS != LM_PROTOCOLS) && + (LM_ETHERS != LM_RPC) && (LM_ETHERS != LM_SERVICES) && + (LM_ETHERS != LM_SHADOW)); + assert((LM_GROUP != LM_HOSTS) && (LM_GROUP != LM_NETGROUP) && + (LM_GROUP != LM_NETWORKS) && (LM_GROUP != LM_PASSWD) && + (LM_GROUP != LM_PROTOCOLS) && (LM_GROUP != LM_RPC) && + (LM_GROUP != LM_SERVICES) && (LM_GROUP != LM_SHADOW)); + assert((LM_HOSTS != LM_NETGROUP) && (LM_HOSTS != LM_NETWORKS) && + (LM_HOSTS != LM_PASSWD) && (LM_HOSTS != LM_PROTOCOLS) && + (LM_HOSTS != LM_RPC) && (LM_HOSTS != LM_SERVICES) && + (LM_HOSTS != LM_SHADOW)); + assert((LM_NETGROUP != LM_NETWORKS) && (LM_NETGROUP != LM_PASSWD) && + (LM_NETGROUP != LM_PROTOCOLS) && (LM_NETGROUP != LM_RPC) && + (LM_NETGROUP != LM_SERVICES) && (LM_NETGROUP != LM_SHADOW)); + assert((LM_NETWORKS != LM_PASSWD) && (LM_NETWORKS != LM_PROTOCOLS) && + (LM_NETWORKS != LM_RPC) && (LM_NETWORKS != LM_SERVICES) && + (LM_NETWORKS != LM_SHADOW)); + assert((LM_PASSWD != LM_PROTOCOLS) && (LM_PASSWD != LM_RPC) && + (LM_PASSWD != LM_SERVICES) && (LM_PASSWD != LM_SHADOW)); + assert((LM_PROTOCOLS != LM_RPC) && (LM_PROTOCOLS != LM_SERVICES) && + (LM_PROTOCOLS != LM_SHADOW)); + assert((LM_RPC != LM_SERVICES) && (LM_RPC != LM_SHADOW)); + assert((LM_SERVICES != LM_SHADOW)); + /* test supported names */ + line = "alIas"; assert(get_map(&line) == LM_ALIASES); + line = "AliasES"; assert(get_map(&line) == LM_ALIASES); + line = "ether"; assert(get_map(&line) == LM_ETHERS); + line = "ethers"; assert(get_map(&line) == LM_ETHERS); + line = "group"; assert(get_map(&line) == LM_GROUP); + line = "host"; assert(get_map(&line) == LM_HOSTS); + line = "hosts"; assert(get_map(&line) == LM_HOSTS); + line = "netgroup"; assert(get_map(&line) == LM_NETGROUP); + line = "network"; assert(get_map(&line) == LM_NETWORKS); + line = "networks"; assert(get_map(&line) == LM_NETWORKS); + line = "passwd"; assert(get_map(&line) == LM_PASSWD); + line = "protocol"; assert(get_map(&line) == LM_PROTOCOLS); + line = "protocols"; assert(get_map(&line) == LM_PROTOCOLS); + line = "rpc"; assert(get_map(&line) == LM_RPC); + line = "service"; assert(get_map(&line) == LM_SERVICES); + line = "services"; assert(get_map(&line) == LM_SERVICES); + line = "shadow"; assert(get_map(&line) == LM_SHADOW); + line = "unknown"; assert(get_map(&line) == LM_NONE); + line = "x"; assert(get_map(&line) == LM_NONE); +} + +static void test_parse_map_statement(void) +{ + /* TODO: implement */ +} + +static void test_tokenize(void) +{ + /* this leaks memory all over the place */ + char *line = strdup("yes this is 1 simple line"); + char *str; + int i; + i = get_boolean(__FILE__, __LINE__, __PRETTY_FUNCTION__, &line); + assert(i == 1); + str = get_strdup(__FILE__, __LINE__, __PRETTY_FUNCTION__, &line); + assertstreq(str, "this"); + str = get_strdup(__FILE__, __LINE__, __PRETTY_FUNCTION__, &line); + assertstreq(str, "is"); + i = get_int(__FILE__, __LINE__, __PRETTY_FUNCTION__, &line); + assert(i == 1); + str = get_linedup(__FILE__, __LINE__, __PRETTY_FUNCTION__, &line); + assertstreq(str, "simple line"); + get_eol(__FILE__, __LINE__, __PRETTY_FUNCTION__, &line); +} + +extern const char *passwd_bases[]; +extern const char *group_filter; +extern int passwd_scope; + +static void test_read(void) +{ + FILE *fp; + struct ldap_config cfg; + /* write some stuff to a temporary file */ + fp = fopen("temp.cfg", "w"); + assert(fp != NULL); + fprintf(fp, "# a line of comments\n" + "uri ldap://127.0.0.1/\n" + "uri ldap:/// ldaps://127.0.0.1/\n" + "base dc=test, dc=tld\n" + "base passwd ou=Some People,dc=test,dc=tld\n" + "map\tpasswd uid\t\tsAMAccountName\n" + "map passwd homeDirectory \"${homeDirectory:-/home/$uid}\" \n" + "map passwd gecos \"${givenName}. ${sn}\"\n" + "filter group (&(objeclClass=posixGroup)(gid=1*))\n" + "\n" + "scope passwd one\n" + "cache dn2uid 10m 1s\n"); + fclose(fp); + /* parse the file */ + cfg_defaults(&cfg); + cfg_read("temp.cfg", &cfg); + /* check results */ + assert(cfg.uris[0].uri != NULL); + assert(cfg.uris[1].uri != NULL); + assert(cfg.uris[2].uri != NULL); + assertstreq(cfg.uris[0].uri, "ldap://127.0.0.1/"); + assertstreq(cfg.uris[1].uri, "ldap:///"); + assertstreq(cfg.uris[2].uri, "ldaps://127.0.0.1/"); + assert(cfg.uris[3].uri == NULL); + assertstreq(cfg.bases[0], "dc=test, dc=tld"); + assertstreq(passwd_bases[0], "ou=Some People,dc=test,dc=tld"); + assertstreq(attmap_passwd_uid, "sAMAccountName"); + assertstreq(attmap_passwd_homeDirectory, "\"${homeDirectory:-/home/$uid}\""); + assertstreq(attmap_passwd_gecos, "\"${givenName}. ${sn}\""); + assertstreq(group_filter, "(&(objeclClass=posixGroup)(gid=1*))"); + assert(passwd_scope == LDAP_SCOPE_ONELEVEL); + assert(cfg.cache_dn2uid_positive == 10 * 60); + assert(cfg.cache_dn2uid_negative == 1); + /* remove temporary file */ + remove("temp.cfg"); +} + +/* the main program... */ +int main(int UNUSED(argc), char UNUSED(*argv[])) +{ + test_xstrdup(); + test_add_uris(); + test_parse_boolean(); + test_parse_scope(); + test_parse_map(); + test_parse_map_statement(); + test_tokenize(); + test_read(); + return EXIT_SUCCESS; +} diff --git a/tests/test_clock.c b/tests/test_clock.c new file mode 100644 index 0000000..e1ed740 --- /dev/null +++ b/tests/test_clock.c @@ -0,0 +1,158 @@ +/* + test_clock.c - tests for finding usable system clocks + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2013-2015 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include + +#include "compat/attrs.h" + +/* use clock_gettime() to see if the specified clock is supported */ +static int test_clock_gettime(clockid_t c, const char *cname) +{ + struct timespec t1 = {0, 0}; + struct timespec t2 = {0, 0}; + struct timespec t3 = {0, 50 * 1000 * 1000}; /* 50 msec */ + struct timespec t4 = {0, 0}; + long diff; + int result = 0; + /* see if we can get resolution (not important so ignore any failures) */ + errno = 0; + if (clock_getres(c, &t1)) + printf(" clock %s resolution not supported: %s\n", cname, strerror(errno)); + if ((t1.tv_sec != 0) || (t1.tv_nsec != 0)) + printf(" clock %s resolution: %ld.%09ld\n", cname, (long)t1.tv_sec, (long)t1.tv_nsec); + /* see if we can get the time */ + errno = 0; + if (clock_gettime(c, &t2)) + { + printf("FAIL clock %s get time not supported: %s\n", + cname, strerror(errno)); + if ((t2.tv_sec != 0) || (t2.tv_nsec != 0)) + printf(" clock %s time: %ld.%09ld\n", cname, (long)t2.tv_sec, (long)t2.tv_nsec); + return -1; + } + else + printf("OK clock %s time: %ld.%09ld\n", cname, (long)t2.tv_sec, (long)t2.tv_nsec); + /* quick sleep (assume we're not interrupted) */ + (void)nanosleep(&t3, NULL); + /* see if we can get the time again */ + errno = 0; + if (clock_gettime(c, &t4)) + { + printf("FAIL clock %s get time twice not supported: %s\n", + cname, strerror(errno)); + if ((t4.tv_sec != 0) || (t4.tv_nsec != 0)) + printf(" clock %s time: %ld.%09ld\n", cname, (long)t4.tv_sec, (long)t4.tv_nsec); + return -1; + } + else + printf("OK clock %s time: %ld.%09ld\n", cname, (long)t4.tv_sec, (long)t4.tv_nsec); + /* calculate difference */ + diff = ((long)t4.tv_sec - (long)t2.tv_sec - (long)t3.tv_sec) * 1000000000L + + ((long)t4.tv_nsec - (long)t2.tv_nsec - (long)t3.tv_nsec); + if ((diff < (-10 * 1000 * 1000)) || (diff > (20 * 1000 * 1000))) + { + result = -1; + printf("FAIL "); + } + else + printf("OK "); + printf("clock %s time diff: %s%ld.%09ld %.1f%%\n", cname, (diff < 0) ? "-" : "", + (labs(diff) / 1000000000L), (labs(diff) % 1000000000L), + (float)labs(diff) / (float)((long)t3.tv_sec * 10000000L + (long)t3.tv_nsec / 100)); + return result; +} + +/* wrapper for test_clock_gettime() that passes the clock name */ +#define TEST_CLOCK_GETTIME(clock) test_clock_gettime(clock, #clock) + +int main(int UNUSED(argc), char UNUSED(*argv[])) +{ + int found_clocks = 0; +#ifdef CLOCK_MONOTONIC_RAW + if (!TEST_CLOCK_GETTIME(CLOCK_MONOTONIC_RAW)) + found_clocks++; +#endif +#ifdef CLOCK_MONOTONIC_FAST + if (!TEST_CLOCK_GETTIME(CLOCK_MONOTONIC_FAST)) + found_clocks++; +#endif +#ifdef CLOCK_MONOTONIC_COARSE + if (!TEST_CLOCK_GETTIME(CLOCK_MONOTONIC_COARSE)) + found_clocks++; +#endif +#ifdef CLOCK_MONOTONIC + if (!TEST_CLOCK_GETTIME(CLOCK_MONOTONIC)) + found_clocks++; +#endif +#ifdef CLOCK_UPTIME_FAST + if (!TEST_CLOCK_GETTIME(CLOCK_UPTIME_FAST)) + found_clocks++; +#endif +#ifdef CLOCK_UPTIME + if (!TEST_CLOCK_GETTIME(CLOCK_UPTIME)) + found_clocks++; +#endif +#ifdef CLOCK_BOOTTIME + if (!TEST_CLOCK_GETTIME(CLOCK_BOOTTIME)) + found_clocks++; +#endif +#ifdef CLOCK_MONOTONIC_PRECISE + if (!TEST_CLOCK_GETTIME(CLOCK_MONOTONIC_PRECISE)) + found_clocks++; +#endif +#ifdef CLOCK_UPTIME_PRECISE + if (!TEST_CLOCK_GETTIME(CLOCK_UPTIME_PRECISE)) + found_clocks++; +#endif +#ifdef CLOCK_HIGHRES +#if CLOCK_HIGHRES == CLOCK_MONOTONIC + printf(" CLOCK_HIGHRES == CLOCK_MONOTONIC\n"); +#else + /* for Solaris, should be similar to CLOCK_MONOTONIC (it may be an alias) */ + if (!TEST_CLOCK_GETTIME(CLOCK_HIGHRES)) + found_clocks++; +#endif +#endif +#ifdef CLOCK_REALTIME_FAST + if (!TEST_CLOCK_GETTIME(CLOCK_REALTIME_FAST)) + found_clocks++; +#endif +#ifdef CLOCK_REALTIME_COARSE + if (!TEST_CLOCK_GETTIME(CLOCK_REALTIME_COARSE)) + found_clocks++; +#endif + if (!TEST_CLOCK_GETTIME(CLOCK_REALTIME)) + found_clocks++; +#ifdef CLOCK_REALTIME_PRECISE + if (!TEST_CLOCK_GETTIME(CLOCK_REALTIME_PRECISE)) + found_clocks++; +#endif + printf("%d usable clocks found\n", found_clocks); + return !(found_clocks > 0); +} diff --git a/tests/test_common.c b/tests/test_common.c new file mode 100644 index 0000000..054a7a9 --- /dev/null +++ b/tests/test_common.c @@ -0,0 +1,68 @@ +/* + test_common.c - simple test for the common module + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2008, 2009, 2011, 2012, 2013 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include + +#include "nslcd/common.h" +#include "nslcd/cfg.h" +#include "nslcd/log.h" + +static void test_isvalidname(void) +{ + assert(isvalidname("arthur")); + assert(!isvalidname("-arthur")); + assert(isvalidname("arthur-is-nice")); + assert(isvalidname("sambamachine$")); + assert(isvalidname("foo\\bar")); + assert(!isvalidname("\\foo\\bar")); + assert(!isvalidname("foo\\bar\\")); + assert(isvalidname("me")); /* try short name */ + assert(isvalidname("f")); + assert(isvalidname("(foo bar)")); +} + +/* the main program... */ +int main(int UNUSED(argc), char UNUSED(*argv[])) +{ + char *srcdir; + char fname[100]; + /* build the name of the file */ + srcdir = getenv("srcdir"); + if (srcdir == NULL) + srcdir = "."; + snprintf(fname, sizeof(fname), "%s/nslcd-test.conf", srcdir); + fname[sizeof(fname) - 1] = '\0'; + /* ensure that file is not world readable for configuration parsing to + succeed */ + (void)chmod(fname, (mode_t)0660); + /* initialize configuration */ + cfg_init(fname); + /* partially initialize logging */ + log_setdefaultloglevel(LOG_DEBUG); + /* run the tests */ + test_isvalidname(); + return 0; +} diff --git a/tests/test_dict.c b/tests/test_dict.c new file mode 100644 index 0000000..09ebbe6 --- /dev/null +++ b/tests/test_dict.c @@ -0,0 +1,204 @@ +/* + test_dict.c - simple test for the dict module + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2007, 2008, 2009, 2010, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include + +#include "common/dict.h" +#include "compat/attrs.h" + +/* Simple test that adds a few key/value pairs to the dict and the does + most operations. */ +static void test_simple(void) +{ + DICT *dict; + void *val; + static char *value1 = "value1"; + static char *value2 = "value2"; + static char *replace2 = "replace2"; + const char **keys; + int i; + /* initialize */ + dict = dict_new(); + /* store some entries */ + dict_put(dict, "key1", value1); + dict_put(dict, "key2", value2); + dict_put(dict, "key3", dict); + dict_put(dict, "key2", replace2); + /* check dictionary contents */ + val = dict_get(dict, "key1"); + assert(val == value1); + val = dict_get(dict, "key2"); + assert(val == replace2); + val = dict_get(dict, "key3"); + assert(val == dict); + val = dict_get(dict, "key4"); + assert(val == NULL); + val = dict_get(dict, "KEY1"); + assert(val == NULL); + /* remove a key */ + dict_put(dict, "key3", NULL); + val = dict_get(dict, "key3"); + assert(val == NULL); + /* loop over dictionary contents */ + keys = dict_keys(dict); + for (i = 0; keys[i] != NULL; i++) + { + val = dict_get(dict, keys[i]); + assert(((val == value1) || (val == replace2))); + } + /* free stuff */ + dict_free(dict); + free(keys); +} + +/* Test to insert a large number of elements in the dict. */ +static void test_lotsofelements(void) +{ + DICT *dict; + char buf[80]; + int i, r; + void *val; + const char **keys; + /* initialize */ + dict = dict_new(); + /* insert a number of entries */ + for (i = 0; i < 1024; i++) + { + r = 1 + (int)(10000.0 * (rand() / (RAND_MAX + 1.0))); + sprintf(buf, "test%04d", r); + dict_put(dict, buf, &buf); + } + /* remove a number of entries */ + for (i = 0; i < 100; i++) + { + r = 1 + (int)(10000.0 * (rand() / (RAND_MAX + 1.0))); + sprintf(buf, "test%04d", r); + dict_put(dict, buf, NULL); + } + /* add some more entries */ + for (i = 0; i < 1024; i++) + { + r = 1 + (int)(10000.0 * (rand() / (RAND_MAX + 1.0))); + sprintf(buf, "test%04d", r); + dict_put(dict, buf, &buf); + } + /* loop over dictionary contents */ + keys = dict_keys(dict); + for (i = 0; keys[i] != NULL; i++) + { + val = dict_get(dict, keys[i]); + assert(val == buf); + } + /* free stuff */ + dict_free(dict); + free(keys); +} + +/* Test to insert a large number of elements in the dict. */ +static void test_readelements(const char *fname) +{ + DICT *dict; + char buf[80]; + FILE *fp; + void *val; + const char **keys; + int i; + /* initialize */ + dict = dict_new(); + /* read file and insert all entries */ + fp = fopen(fname, "r"); + assert(fp != NULL); + while (fgets(buf, sizeof(buf), fp) != NULL) + { + /* strip newline */ + buf[strlen(buf) - 1] = '\0'; + dict_put(dict, buf, &buf); + } + fclose(fp); + /* loop over dictionary contents */ + keys = dict_keys(dict); + for (i = 0; keys[i] != NULL; i++) + { + val = dict_get(dict, keys[i]); + assert(val == buf); + } + /* free stuff */ + dict_free(dict); + free(keys); +} + +static void test_countelements(int num) +{ + DICT *dict; + char buf[80]; + int i, r; + const char **keys; + /* initialize */ + dict = dict_new(); + /* insert a number of entries */ + for (i = 0; i < num; i++) + { + r = 1 + (int)(10000.0 * (rand() / (RAND_MAX + 1.0))); + sprintf(buf, "%04dx%04d", i, r); + dict_put(dict, buf, &buf); + } + /* loop over dictionary contents */ + keys = dict_keys(dict); + for (i = 0; keys[i] != NULL; i++) + /* nothing */ ; + /* we should have num elements */ + assert(i == num); + /* free stuff */ + dict_free(dict); + free(keys); +} + +/* the main program... */ +int main(int UNUSED(argc), char UNUSED(*argv[])) +{ + char *srcdir; + char fname[100]; + /* build the name of the file */ + srcdir = getenv("srcdir"); + if (srcdir == NULL) + strcpy(fname, "usernames.txt"); + else + snprintf(fname, sizeof(fname), "%s/usernames.txt", srcdir); + fname[sizeof(fname) - 1] = '\0'; + /* run the tests */ + test_simple(); + test_lotsofelements(); + test_readelements(fname); + test_countelements(0); + test_countelements(1); + test_countelements(2); + test_countelements(3); + test_countelements(4); + test_countelements(10); + test_countelements(20); + return 0; +} diff --git a/tests/test_doctest.sh b/tests/test_doctest.sh new file mode 100755 index 0000000..ed51141 --- /dev/null +++ b/tests/test_doctest.sh @@ -0,0 +1,43 @@ +#!/bin/sh + +# test_doctest.sh - run Python doctests +# +# Copyright (C) 2016 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +set -e + +# find source directory +srcdir="${srcdir-`dirname "$0"`}" +builddir="${builddir-`dirname "$0"`}" +top_srcdir="${top_srcdir-${srcdir}/..}" +top_builddir="${top_builddir-${builddir}/..}" +python="${PYTHON-python}" + +# if Python is missing, ignore +if ! ${python} --version > /dev/null 2> /dev/null +then + echo "Python (${python}) not found" + exit 77 +fi + +# run doctests +for dir in pynslcd utils +do + echo "Running doctests in $dir..." + PYTHONPATH="${top_builddir}/${dir}" ${python} -m doctest -v "${top_srcdir}/${dir}"/*.py +done diff --git a/tests/test_expr.c b/tests/test_expr.c new file mode 100644 index 0000000..536341a --- /dev/null +++ b/tests/test_expr.c @@ -0,0 +1,173 @@ +/* + test_expr.c - simple tests for the expr module + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2009, 2011, 2012, 2013 Arthur de Jong + Copyright (c) 2016 Giovanni Mascellani + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include + +#include "common.h" + +/* we include expr.c because we want to test the static methods */ +#include "common/expr.c" + +static void test_parse_name(void) +{ + char buffer[20]; + int i; + i = 0; + assert(parse_name("fooBar", &i, buffer, sizeof(buffer)) != NULL); + assert(i == 6); + i = 0; + assert(parse_name("nameThatWillNotFitInBuffer", &i, buffer, sizeof(buffer)) == NULL); + i = 0; + assert(parse_name("foo Bar", &i, buffer, sizeof(buffer)) != NULL); + assert(i == 3); + assertstreq(buffer, "foo"); +} + +static const char *expanderfn(const char *name, void UNUSED(*expander_attr)) +{ + if (strcmp(name, "empty") == 0) + return ""; + if (strcmp(name, "null") == 0) + return NULL; + if (strcmp(name, "userPassword") == 0) + return "{crypt}HASH"; + else + return "foobar"; +} + +static void test_expr_parse(void) +{ + char buffer[1024]; + assert(expr_parse("$test1", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "foobar"); + assert(expr_parse("\\$test1", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "$test1"); + assert(expr_parse("$empty", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, ""); + assert(expr_parse("$foo1$empty-$foo2", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "foobar-foobar"); + assert(expr_parse("$foo1+$null+$foo2", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "foobar++foobar"); + assert(expr_parse("${test1}\\$", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "foobar$"); + assert(expr_parse("${test1:-default}", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "foobar"); + assert(expr_parse("${empty:-default}", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "default"); + assert(expr_parse("${test1:+setset}", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "setset"); + assert(expr_parse("${empty:+setset}", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, ""); + assert(expr_parse("${empty:-$test1}", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "foobar"); + assert(expr_parse("a/$test1/b", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "a/foobar/b"); + assert(expr_parse("a/$empty/b", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "a//b"); + assert(expr_parse("a${test1}b", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "afoobarb"); + assert(expr_parse("a${test1}b${test2:+${test3:-d$test4}e}c", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "afoobarbfoobarec"); + assert(expr_parse("a${test1}b${test2:+${empty:-d$test4}e}c", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "afoobarbdfoobarec"); + /* test ${var#trim} functions */ + assert(expr_parse("${test1#foo}", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "bar"); + assert(expr_parse("${test1#zoo}", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "foobar"); + assert(expr_parse("${test1#?oo}", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "bar"); + assert(expr_parse("${test1#f\\?o}", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "foobar"); + assert(expr_parse("${userPassword#{crypt\\}}", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "HASH"); + /* test ${var:offset:length} */ + assert(expr_parse("${test1:0:6}", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "foobar"); + assert(expr_parse("${test1:0:10}", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "foobar"); + assert(expr_parse("${test1:0:3}", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "foo"); + assert(expr_parse("${test1:3:0}", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, ""); + assert(expr_parse("${test1:3:6}", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, "bar"); + assert(expr_parse("${test1:7:0}", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, ""); + assert(expr_parse("${test1:7:3}", buffer, sizeof(buffer), expanderfn, NULL) != NULL); + assertstreq(buffer, ""); + /* these are errors */ + assert(expr_parse("$&", buffer, sizeof(buffer), expanderfn, NULL) == NULL); + assert(expr_parse("${a", buffer, sizeof(buffer), expanderfn, NULL) == NULL); +} + +static void test_buffer_overflow(void) +{ + char buffer[10]; + assert(expr_parse("$test1$empty$test1", buffer, sizeof(buffer), expanderfn, NULL) == NULL); + assert(expr_parse("long test value", buffer, sizeof(buffer), expanderfn, NULL) == NULL); + assert(expr_parse("${test1:-long test value}", buffer, sizeof(buffer), expanderfn, NULL) == NULL); +} + +static void test_expr_vars(void) +{ + SET *set; + /* simple test */ + set = set_new(); + assert(expr_vars("$a", set) != NULL); + assert(set_contains(set, "a")); + assert(!set_contains(set, "$a")); + set_free(set); + /* more elaborate test */ + set = set_new(); + assert(expr_vars("\"${gecos:-$cn}\"", set) != NULL); + assert(set_contains(set, "gecos")); + assert(set_contains(set, "cn")); + set_free(set); + /* more elaborate test */ + set = set_new(); + assert(expr_vars("\"${homeDirectory:-/home/$uidNumber/$uid}\"", set) != NULL); + assert(set_contains(set, "homeDirectory")); + assert(set_contains(set, "uidNumber")); + assert(set_contains(set, "uid")); + set_free(set); + /* a test with attribute options */ + set = set_new(); + assert(expr_vars("\"${homeDirectory;foo:-/home/something}\"", set) != NULL); + assert(set_contains(set, "homeDirectory;foo")); + set_free(set); +} + +/* the main program... */ +int main(int UNUSED(argc), char UNUSED(*argv[])) +{ + test_parse_name(); + test_expr_parse(); + test_buffer_overflow(); + test_expr_vars(); + return EXIT_SUCCESS; +} diff --git a/tests/test_getpeercred.c b/tests/test_getpeercred.c new file mode 100644 index 0000000..926bb1d --- /dev/null +++ b/tests/test_getpeercred.c @@ -0,0 +1,132 @@ +/* + test_getpeercred.c - simple test for the peercred module + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2008, 2011, 2012 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include +#include +#include +#ifdef HAVE_GRP_H +#include +#endif /* HAVE_GRP_H */ +#include + +#include "common.h" + +#include "compat/attrs.h" +#include "compat/getpeercred.h" + +/* create a named socket */ +static int create_socket(const char *name) +{ + int sock; + struct sockaddr_un addr; + /* create a socket */ + assertok((sock = socket(PF_UNIX, SOCK_STREAM, 0)) >= 0); + /* remove existing named socket */ + unlink(name); + /* create socket address structure */ + memset(&addr, 0, sizeof(struct sockaddr_un)); + addr.sun_family = AF_UNIX; + strncpy(addr.sun_path, name, sizeof(addr.sun_path)); + addr.sun_path[sizeof(addr.sun_path) - 1] = '\0'; + /* bind to the named socket */ + assertok(bind(sock, (struct sockaddr *)&addr, sizeof(struct sockaddr_un)) == 0); + /* close the file descriptor on exit */ + assertok(fcntl(sock, F_SETFD, FD_CLOEXEC) >= 0); + /* start listening for connections */ + assertok(listen(sock, SOMAXCONN) >= 0); + /* we're done */ + return sock; +} + +/* accept a connection on the socket */ +static int acceptconnection(int sock) +{ + int csock; + int j; + struct sockaddr_storage addr; + socklen_t alen; + /* accept a new connection */ + alen = (socklen_t)sizeof(struct sockaddr_storage); + assertok((csock = accept(sock, (struct sockaddr *)&addr, &alen)) >= 0); + /* make sure O_NONBLOCK is not inherited */ + assertok((j = fcntl(csock, F_GETFL, 0)) >= 0); + assertok(fcntl(csock, F_SETFL, j & ~O_NONBLOCK) >= 0); + /* return socket */ + return csock; +} + +/* open a connection to the named socket */ +static int open_socket(const char *name) +{ + int sock; + struct sockaddr_un addr; + /* create a socket */ + assertok((sock = socket(PF_UNIX, SOCK_STREAM, 0)) >= 0); + /* create socket address structure */ + memset(&addr, 0, sizeof(struct sockaddr_un)); + addr.sun_family = AF_UNIX; + strncpy(addr.sun_path, name, sizeof(addr.sun_path)); + addr.sun_path[sizeof(addr.sun_path) - 1] = '\0'; + /* connect to the socket */ + assertok(connect(sock, (struct sockaddr *)&addr, (socklen_t)sizeof(struct sockaddr_un)) >= 0); + /* return the socket */ + return sock; +} + +#define SOCKETNAME "/tmp/test_getpeercred.sock" + +#define assertwarn(assertion) \ + if (!(assertion)) \ + fprintf(stderr, "test_getpeercred: %s:%d: %s: Assertion `%s' failed\n", \ + __FILE__, __LINE__, __ASSERT_FUNCTION, __STRING(assertion)); + +/* the main program... */ +int main(int UNUSED(argc), char UNUSED(*argv[])) +{ + int ssock; + int csock; + int fsock; + uid_t uid; + gid_t gid; + pid_t pid; + /* create a socket to listen on */ + ssock = create_socket(SOCKETNAME); + /* open a connection to the socket */ + csock = open_socket(SOCKETNAME); + /* get a connection from the server socket */ + fsock = acceptconnection(ssock); + /* look up client information */ + assert(getpeercred(fsock, &uid, &gid, &pid) == 0); + assert(uid == geteuid()); + assertwarn(gid == getegid()); + assertwarn(pid == getpid()); + /* remove the socket */ + unlink(SOCKETNAME); + return 0; +} diff --git a/tests/test_ldapcmds.sh b/tests/test_ldapcmds.sh new file mode 100755 index 0000000..a9c2efb --- /dev/null +++ b/tests/test_ldapcmds.sh @@ -0,0 +1,506 @@ +#!/bin/sh + +# test_ldapcmds.sh - simple test script to test lookups +# +# Copyright (C) 2017 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +# This script expects to be run in an environment where nss-pam-ldapd +# is deployed with an LDAP server with the proper content (and nslcd running). + +set -e + +# find source directory +srcdir="${srcdir-`dirname "$0"`}" +top_srcdir="${top_srcdir-${srcdir}/..}" +builddir="${builddir-`dirname "$0"`}" +top_builddir="${top_builddir-${builddir}/..}" +python="${PYTHON-python}" +PYTHONPATH="${top_srcdir}/utils:${top_builddir}/utils" +export PYTHONPATH + +# ensure that we are running in the test environment +"$srcdir/testenv.sh" check_nslcd || exit 77 + +# if Python is missing, ignore +if [ -z "${python}" ] || ! ${python} --version > /dev/null 2> /dev/null +then + echo "Python (${python}) not found" + exit 77 +fi + +# the total number of errors +FAIL=0 + +getent_ldap() { + ${python} -m getent ${1:+"$@"} +} + +check() { + # the command to execute + cmd="$1" + # save the expected output + expectfile=`mktemp -t expected.XXXXXX 2> /dev/null || tempfile -s .expected 2> /dev/null` + cat > "$expectfile" + # run the command + echo 'test_nsscmds.sh: checking "'"$cmd"'"' + actualfile=`mktemp -t actual.XXXXXX 2> /dev/null || tempfile -s .actual 2> /dev/null` + eval "$(echo $cmd | sed 's/getent.ldap/getent_ldap/g')" > "$actualfile" 2>&1 || true + # check for differences + diff -Nauwi "$expectfile" "$actualfile" || FAIL=`expr $FAIL + 1` + # remove temporary files + rm "$expectfile" "$actualfile" +} + +########################################################################### + +echo "test_ldapcmds.sh: testing aliases..." + +# check all aliases +check "getent.ldap aliases|sort" << EOM +bar2: foobar@example.com +bar: foobar@example.com +foo: bar@example.com +EOM + +# get alias by name +check "getent.ldap aliases foo" << EOM +foo: bar@example.com +EOM + +# get alias by second name +check "getent.ldap aliases bar2" << EOM +bar2: foobar@example.com +EOM + +# get alias by different case +check "getent.ldap aliases FOO" << EOM +foo: bar@example.com +EOM + +########################################################################### + +echo "test_ldapcmds.sh: testing ether..." + +# get an entry by hostname +check "getent.ldap ethers testhost" << EOM +0:18:8a:54:1a:8e testhost +EOM + +# get an entry by alias name +check "getent.ldap ethers testhostalias" << EOM +0:18:8a:54:1a:8e testhostalias +EOM + +# get an entry by hostname with different case +check "getent.ldap ethers TESTHOST" << EOM +0:18:8a:54:1a:8e testhost +EOM + +# get an entry by ethernet address +check "getent.ldap ethers 0:18:8a:54:1a:8b" << EOM +0:18:8a:54:1a:8b testhost2 +EOM + +# get all ethers (unsupported) +check "getent.ldap ethers|sort" << EOM +0:18:8a:54:1a:8b testhost2 +0:18:8a:54:1a:8e testhost +0:18:8a:54:1a:8e testhostalias +EOM + +########################################################################### + +echo "test_ldapcmds.sh: testing group..." + +# function to sort group members of a group +sortgroup() { + while read line + do + group="`echo "$line" | sed 's/^\([^:]*:[^:]*:[^:]*\).*$/\1:/'`" + members="`echo "$line" | sed -n 's/^[^:]*:[^:]*:[^:]*:\(.*\)$/\1/p' | tr ',' '\n' | sort | tr '\n' ','`" + members="`echo "$members" | sed 's/,$//'`" + echo "${group}${members}" + done +} + +check "getent.ldap group testgroup | sortgroup" << EOM +testgroup:*:6100:arthur,test,testuser4 +EOM + +check "getent.ldap group users" << EOM +users:*:100:arthur,test +EOM + +# group with different case should not be found +check "getent.ldap group TESTGROUP" << EOM +EOM + +check "getent.ldap group 6100 | sortgroup" << EOM +testgroup:*:6100:arthur,test,testuser4 +EOM + +check "getent.ldap group.bymember arthur | sed 's/:.*//' | sort" << EOM +grp10 +grp11 +grp12 +grp13 +grp14 +grp15 +grp16 +grp17 +grp18 +grp4 +grp5 +grp6 +grp7 +grp8 +grp9 +testgroup +testgroup2 +users +EOM + +check "getent.ldap group.bymember testuser4 | sed 's/:.*//' | sort" << EOM +testgroup +testgroup2 +EOM + +check "getent.ldap group | egrep '^(testgroup|users):' | sortgroup" << EOM +testgroup:*:6100:arthur,test,testuser4 +users:*:100:arthur,test +EOM + +check "getent.ldap group | wc -l" << EOM +23 +EOM + +check "getent.ldap group | grep ^largegroup | sortgroup" << EOM +largegroup:*:1005:akraskouskas,alat,ameisinger,bdevera,behrke,bmoldan,btempel,cjody,clouder,cmanno,dbye,dciviello,dfirpo,dgivliani,dgosser,emcquiddy,enastasi,fcunard,gcubbison,gdaub,gdreitzler,ghanauer,gpomerance,gsusoev,gtinnel,gvollrath,gzuhlke,hgalavis,hhaffey,hhydrick,hmachesky,hpaek,hpolk,hsweezer,htomlinson,hzagami,igurwell,ihashbarger,jyeater,kbradbury,khathway,kklavetter,lbuchtel,lgandee,lkhubba,lmauracher,lseehafer,lvittum,mblanchet,mbodley,mciaccia,mjuris,ndipanfilo,nfilipek,nfunchess,ngata,ngullett,nkraker,nriofrio,nroepke,nrybij,oclunes,oebrani,okveton,osaines,otrevor,pdossous,phaye,psowa,purquilla,rkoonz,rlatessa,rworkowski,sdebry,sgurski,showe,slaforge,tabdelal,testusr2,testusr3,tfalconeri,tpaa,uschweyen,utrezize,vchevalier,vdelnegro,vleyton,vmedici,vmigliori,vpender,vwaltmann,wbrettschneide,wselim,wvalcin,wworf,yautin,ykisak,zgingrich,znightingale,zwinterbottom +EOM + +check "getent.ldap group largegroup | sortgroup" << EOM +largegroup:*:1005:akraskouskas,alat,ameisinger,bdevera,behrke,bmoldan,btempel,cjody,clouder,cmanno,dbye,dciviello,dfirpo,dgivliani,dgosser,emcquiddy,enastasi,fcunard,gcubbison,gdaub,gdreitzler,ghanauer,gpomerance,gsusoev,gtinnel,gvollrath,gzuhlke,hgalavis,hhaffey,hhydrick,hmachesky,hpaek,hpolk,hsweezer,htomlinson,hzagami,igurwell,ihashbarger,jyeater,kbradbury,khathway,kklavetter,lbuchtel,lgandee,lkhubba,lmauracher,lseehafer,lvittum,mblanchet,mbodley,mciaccia,mjuris,ndipanfilo,nfilipek,nfunchess,ngata,ngullett,nkraker,nriofrio,nroepke,nrybij,oclunes,oebrani,okveton,osaines,otrevor,pdossous,phaye,psowa,purquilla,rkoonz,rlatessa,rworkowski,sdebry,sgurski,showe,slaforge,tabdelal,testusr2,testusr3,tfalconeri,tpaa,uschweyen,utrezize,vchevalier,vdelnegro,vleyton,vmedici,vmigliori,vpender,vwaltmann,wbrettschneide,wselim,wvalcin,wworf,yautin,ykisak,zgingrich,znightingale,zwinterbottom +EOM + +check "getent.ldap group | grep ^hugegroup | sortgroup" << EOM +hugegroup:*:1006:ablackstock,abortignon,achhor,ademosthenes,adenicola,adishaw,aesbensen,aferge,afredin,afuchs,agarbett,agimm,agordner,ahandy,ajaquess,akertzman,akomsthoeft,akraskouskas,akravetz,alamour,alat,alienhard,amanganelli,amaslyn,amayorga,amccroskey,amcgraw,amckinney,ameisinger,aponcedeleon,apurdon,areid,arosel,ascheno,ascovel,asemons,ashuey,asivley,astrunk,atollefsrud,atonkin,awhitt,aziernicki,badair,baigner,bbeckfield,bbrenton,bcoletta,bcolorado,bdadds,bdaughenbaugh,bdevera,bdominga,behrke,beon,bfishbeck,bgavagan,bguthary,bharnois,bhelverson,bjolly,blovig,bluellen,bmadamba,bmarlin,bmarszalek,bmicklos,bmoling,bouten,bphou,bpinedo,brodgerson,broher,bromano,bscadden,bsibal,bstrede,bswantak,btempel,btheim,bveeneman,bwinterton,bwynes,cabare,carguellez,cbarlup,cbartnick,cbelardo,cbleimehl,cbotdorf,cbourek,cbrechbill,cbrom,ccyganiewicz,cdeckard,cdegravelle,cdickes,cdrumm,cfasone,cflenner,cfleurantin,cgaler,cgalinol,cgaudette,cghianni,charriman,cjody,cjuntunen,ckerska,ckistenmacher,cklem,ckodish,clapenta,clewicki,clouder,cmafnas,cmanno,cmcanulty,cmellberg,cmiramon,cnabzdyk,cnoriego,cpaccione,cpalmios,cparee,cpencil,cpentreath,cpinela,cpluid,critchie,cscullion,csever,csoomaroo,cspilis,cswigert,ctenny,ctetteh,ctuzzo,cwank,cweiss,dasiedu,daubert,dbarriball,dbertels,dblazejewski,dcaltabiano,dciullo,ddeguire,ddigerolamo,denriquez,deshmon,dfirpo,dflore,dfollman,dgiacomazzi,dgivliani,dgosser,dhammontree,dhendon,dhindsman,dholdaway,dlablue,dlanois,dlargo,dledenbach,dlongbotham,dloubier,dmahapatra,dmarchizano,dmcgillen,dminozzi,dnegri,dpebbles,draymundo,dscheurer,dsharr,dsherard,dsteever,dtashjian,dtornow,dtuholski,dwittlinger,dzurek,eaguire,eathey,ebattee,ebeachem,eberkman,ebusk,ecelestin,ecolden,ecordas,ediga,edrinkwater,edurick,egospatrick,egrago,ehathcock,ehindbaugh,ejeppesen,ekalfas,ekenady,ekeuper,eklein,eklunder,ekurter,emanikowski,emargulis,emcquiddy,emehta,eorsten,eparham,epeterson,epoinelli,erathert,erostad,eserrett,esheehan,esonia,esproull,esthill,estockwin,etunby,ewicks,ewilles,ewismer,ewuitschick,eyounglas,eziebert,fagro,faleo,farquette,fbeatrice,fberra,fberyman,fbielecki,fburrough,fcha,fcunard,ffigert,fgoben,fgrashot,fhain,fhalon,fkeef,fmarchi,fmilsaps,fnottage,fparness,fplayfair,fsapien,fsavela,fsirianni,fsplinter,fsunderland,fsymmonds,fthein,fvallian,fvascones,fverfaille,fvinal,fwidhalm,gallanson,gapkin,garchambeault,gbitar,gbolay,gcarlini,gcervantez,gchounlapane,gclapham,gcobane,gconver,gcukaj,gcummer,gcurnutt,gdaub,gdeblasio,gdeyarmond,gdrilling,gearnshaw,gfaire,gfedewa,ggehrke,ggillim,ghann,ghelderman,ghumbles,gishii,gjankowiak,gkerens,glafontaine,gloebs,gmackinder,gmassi,gmilian,gmings,gmoen,gparkersmith,gpomerance,gportolese,greiff,gsantella,gschaumburg,gshrode,gtinnel,guresti,gvollrath,gwaud,habby,hbastidos,hbetterman,hbickford,hbraim,hbrandow,hbrehmer,hbukovsky,hcafourek,hcarrizal,hchaviano,hcintron,hcowles,hcusta,hdoiel,hdyner,hfludd,hgalavis,hhaffey,hhagee,hhartranft,hholyfield,hhysong,hkarney,hkinderknecht,hkippes,hkohlmeyer,hlauchaire,hlemon,hlichota,hliverman,hloftis,hlynema,hmateer,hmatonak,hmiazga,hmogush,hmuscaro,hpalmquist,hpimpare,hpolintan,hrapisura,hrenart,hriech,hsabol,hschelb,hschoepfer,hspiry,hstreitnatter,hsweezer,htilzer,htomlinson,htsuha,hvannette,hveader,hwestermark,hwoodert,hzagami,hzinda,iambrosino,ibeto,ibreitbart,ibuzo,ibyles,ichewning,icoard,ideveyra,ienglert,igizzi,ihalford,ihanneman,ihegener,ihernan,iherrarte,ihimmelwright,ihoa,iiffert,ikadar,ikulbida,ilacourse,ilamberth,ilawbaugh,ileaman,ilevian,imarungo,imcbay,imensah,imicthell,imillin,imuehl,inarain,iogasawara,iroiger,iseipel,isowder,isplonskowski,istallcup,istarring,isteinlicht,ithum,ivanschaack,iweibe,iyorgey,iyorks,jamber,jappleyard,jbielicki,jbjorkman,jcaroll,jdodge,jeuresti,jeverton,jglotzbecker,jherkenratt,jholzmiller,jjumalon,jkimpton,jknight,jlebouf,jlunney,jmartha,jmarugg,jmatty,joligee,jquicksall,jrees,jreigh,jroman,jscheitlin,jseen,jsegundo,jsenavanh,jskafec,jspohn,jsweezy,jvillaire,jwinterton,jzych,kaanerud,kalguire,kbarnthouse,kbartolet,kbattershell,kbrevitz,kbrugal,kcofrancesco,kcomparoni,kconkey,kdevincent,kepps,kfaure,kfend,kgarced,kgremminger,khartness,kheadlon,khovanesian,kjoslyn,klitehiser,klundsten,klurie,kmallach,kmandolfo,kmarzili,kmayoras,kmcardle,kmcguire,kmedcaf,kmeester,kmisove,kmoesch,kmosko,kmuros,kolexa,kottomaniello,kpalka,kpannunzio,kpenale,kpuebla,krahman,kseisler,kshippy,ksiering,ksollitto,ksparling,kstachurski,kthede,ktoni,ktriblett,ktuccio,ktuner,kwidrick,kwinterling,kwirght,laksamit,lautovino,lbanco,lbassin,lbove,lbuchtel,lcanestrini,lcaudell,lcavez,lcocherell,lcoulon,lcremer,leberhardt,lfarraj,lfichtner,lgadomski,lgandee,lgradilla,lhuggler,limbrogno,ljomes,lkimel,llarmore,llasher,lmadruga,lmauracher,lmcgeary,lmichaud,lmuehlberger,lnormand,lparrish,lpeagler,lpintor,lpitek,lpondexter,lrandall,lringuette,lschenkelberg,lschnorbus,lschollmeier,lseabold,lseehafer,lshilling,lsivic,lsobrino,lsous,lspielvogel,lvaleriano,lvanconant,lwedner,lyoula,mallmand,maustine,mbeagley,mbodley,mbravata,mcampagnone,mcaram,mcashett,mcasida,mcoch,mcolehour,mcontreras,mdanos,mdecourcey,mdedon,mdickinson,mdimaio,mdoering,mdyce,meconomides,mespinel,mfaeth,mfeil,mferandez,mfitzherbert,mgavet,mgayden,mground,mheilbrun,mhollings,mjeon,mkibler,mkofoed,mlaverde,mlenning,mlinak,mlinardi,mmangiamele,mmattu,mmcchristian,mmerriwether,mmesidor,mneubacher,moller,moser,mpanahon,mpark,mpellew,mpilon,mpizzaro,mpytko,mquigg,mredd,mrizer,mruppel,mrydelek,mskeele,mstirn,mswogger,mtanzi,mtintle,mvanbergen,mvanpelt,mvas,mvedder,mviverette,myokoyama,nagerton,nasmar,nbuford,nbugtong,ncermeno,nchrisman,nciucci,ndesautels,ndrumgole,nedgin,nendicott,nerbach,nevan,nforti,nfunchess,ngiesler,nglathar,ngrowney,ngullett,nhayer,nhelfinstine,nhija,ninnella,njordon,nkempon,nkubley,nlainhart,nlatchaw,nlemma,nlinarez,nlohmiller,nmccolm,nmoren,nnamanworth,nnickel,nousdahl,nphan,nramones,nranck,nridinger,nriofrio,nrybij,nrysavy,nschmig,nsiemonsma,nslaby,nspolar,nvyhnal,nwescott,nwiker,oahyou,oalthouse,obeaufait,obenallack,obercier,obihl,ocalleo,ochasten,oclunes,oconerly,ocrabbs,oebrani,ofelcher,ohatto,ohearl,ohedlund,ohoffert,ohove,ojerabek,okave,okveton,omalvaez,omasone,omatula,omcdaid,oolivarez,oosterhouse,opeet,opizzuti,opoch,oport,opuglisi,oreiss,osaber,oscarpello,oshough,ovibbert,owhelchel,owhitelow,pahles,pbascom,pbeckerdite,pbiggart,pbondroff,pbrentano,pcaposole,pcornn,pdauterman,pdech,pdischinger,pduitscher,pdulac,pdurando,pfavolise,pgiegerich,pgreenier,pgrybel,phalkett,pheathcock,phyer,pmineo,pminnis,ppedraja,ppeper,pphuaphes,prepasky,prowena,psabado,psalesky,pschrayter,psharits,psiroky,psundeen,pthornberry,ptoenjes,ptraweek,purquilla,pvierthaler,pvirelli,pviviani,pwademan,pwashuk,pwetherwax,pwhitmire,pwohlenhaus,pwutzke,qhanly,ralspach,rbernhagen,rbillingsly,rbloomstrand,rbrisby,rcheshier,rchevrette,rdubs,rdubuisson,redling,rfassinger,rfauerbach,rfidel,rginer,rgoonez,rgramby,rgriffies,rguinane,rheinzmann,rkraszewski,rlambertus,rlatessa,rlosinger,rmandril,rmcstay,rnordby,rpastorin,rpikes,rpinilla,rpitter,rramirez,rrasual,rschkade,rtole,rtooker,saben,sackles,sarndt,saycock,sbemo,sbettridge,sbloise,sbonnie,sbrabyn,scocuzza,sdebry,senrico,sestergard,sgefroh,sgirsh,sgropper,sgunder,sgurski,shaith,sherzberg,showe,sjankauskas,skanjirathinga,skoegler,slaningham,slaudeman,slerew,smccaie,smillian,smullowney,snotari,spolmer,srees,srubenfield,sscheiern,sskone,sskyers,sspagnuolo,sstough,sstuemke,svandewalle,svielle,svogler,svongal,swoodie,tabdelal,tairth,tbagne,tbattista,tboxx,tcacal,tcossa,tcrissinger,tdonathan,teliades,tfalconeri,tfetherston,tgelen,tgindhart,tguinnip,tharr,thelfritz,thoch,thynson,tkeala,tkelly,tkhora,tlana,tlowers,tmalecki,tmarkus,tmccaffity,tmccamish,tmcmickle,tmelland,tmorr,tmurata,tmysinger,tnaillon,tnitzel,tpaa,tplatko,tredfearn,tsablea,tsann,tschnepel,tsearle,tsepulueda,tsowells,tstalworth,tvehrs,tvrooman,tyounglas,ualway,uazatyan,ubenken,ubieniek,ubynum,udatu,uednilao,ueriks,uflander,ugerpheide,ugreenberg,uhayakawa,uholecek,ulanigan,umarbury,umosser,upater,upellam,uransford,urosentrance,uschweyen,usevera,uslavinski,uspittler,uvanmatre,uwalpole,uweyand,vbaldasaro,vbigalow,vbonder,vburton,vchevalier,vcrofton,vdesir,vdolan,veisenhardt,vemily,venfort,vfeigel,vglidden,vkrug,vlubic,vmaynard,vmedici,vnazzal,vnery,vpeairs,vpender,vpiraino,vrodick,vrunyon,vsefcovic,vstirman,vtowell,vtresch,vtrumpp,vwabasha,vwaltmann,vwisinger,vwokwicz,wbrill,wclokecloak,wconces,wconstantino,wcreggett,wdagrella,wdevenish,wdovey,wenglander,werrick,wesguerra,wganther,wkhazaleh,wleiva,wlynch,wmailey,wmendell,wnunziata,wottesen,wselim,wstjean,wtruman,wvalcin,wvermeulen,xeppley,xlantey,xrahaim,yautin,ycerasoli,ycobetto,ycostaneda,yduft,yeven,yfrymoyer,ygockel,yhenriques,ykimbel,yolivier,yschmuff,ysnock,yvdberg,zanderlik,zborgmeyer,zbuscaglia,zculp,zfarler,zhaulk,zkutchera,zmeeker,zneeb,zratti,zscammahorn,zvagt,zwinterbottom +EOM + +check "getent.ldap group hugegroup | sortgroup" << EOM +hugegroup:*:1006:ablackstock,abortignon,achhor,ademosthenes,adenicola,adishaw,aesbensen,aferge,afredin,afuchs,agarbett,agimm,agordner,ahandy,ajaquess,akertzman,akomsthoeft,akraskouskas,akravetz,alamour,alat,alienhard,amanganelli,amaslyn,amayorga,amccroskey,amcgraw,amckinney,ameisinger,aponcedeleon,apurdon,areid,arosel,ascheno,ascovel,asemons,ashuey,asivley,astrunk,atollefsrud,atonkin,awhitt,aziernicki,badair,baigner,bbeckfield,bbrenton,bcoletta,bcolorado,bdadds,bdaughenbaugh,bdevera,bdominga,behrke,beon,bfishbeck,bgavagan,bguthary,bharnois,bhelverson,bjolly,blovig,bluellen,bmadamba,bmarlin,bmarszalek,bmicklos,bmoling,bouten,bphou,bpinedo,brodgerson,broher,bromano,bscadden,bsibal,bstrede,bswantak,btempel,btheim,bveeneman,bwinterton,bwynes,cabare,carguellez,cbarlup,cbartnick,cbelardo,cbleimehl,cbotdorf,cbourek,cbrechbill,cbrom,ccyganiewicz,cdeckard,cdegravelle,cdickes,cdrumm,cfasone,cflenner,cfleurantin,cgaler,cgalinol,cgaudette,cghianni,charriman,cjody,cjuntunen,ckerska,ckistenmacher,cklem,ckodish,clapenta,clewicki,clouder,cmafnas,cmanno,cmcanulty,cmellberg,cmiramon,cnabzdyk,cnoriego,cpaccione,cpalmios,cparee,cpencil,cpentreath,cpinela,cpluid,critchie,cscullion,csever,csoomaroo,cspilis,cswigert,ctenny,ctetteh,ctuzzo,cwank,cweiss,dasiedu,daubert,dbarriball,dbertels,dblazejewski,dcaltabiano,dciullo,ddeguire,ddigerolamo,denriquez,deshmon,dfirpo,dflore,dfollman,dgiacomazzi,dgivliani,dgosser,dhammontree,dhendon,dhindsman,dholdaway,dlablue,dlanois,dlargo,dledenbach,dlongbotham,dloubier,dmahapatra,dmarchizano,dmcgillen,dminozzi,dnegri,dpebbles,draymundo,dscheurer,dsharr,dsherard,dsteever,dtashjian,dtornow,dtuholski,dwittlinger,dzurek,eaguire,eathey,ebattee,ebeachem,eberkman,ebusk,ecelestin,ecolden,ecordas,ediga,edrinkwater,edurick,egospatrick,egrago,ehathcock,ehindbaugh,ejeppesen,ekalfas,ekenady,ekeuper,eklein,eklunder,ekurter,emanikowski,emargulis,emcquiddy,emehta,eorsten,eparham,epeterson,epoinelli,erathert,erostad,eserrett,esheehan,esonia,esproull,esthill,estockwin,etunby,ewicks,ewilles,ewismer,ewuitschick,eyounglas,eziebert,fagro,faleo,farquette,fbeatrice,fberra,fberyman,fbielecki,fburrough,fcha,fcunard,ffigert,fgoben,fgrashot,fhain,fhalon,fkeef,fmarchi,fmilsaps,fnottage,fparness,fplayfair,fsapien,fsavela,fsirianni,fsplinter,fsunderland,fsymmonds,fthein,fvallian,fvascones,fverfaille,fvinal,fwidhalm,gallanson,gapkin,garchambeault,gbitar,gbolay,gcarlini,gcervantez,gchounlapane,gclapham,gcobane,gconver,gcukaj,gcummer,gcurnutt,gdaub,gdeblasio,gdeyarmond,gdrilling,gearnshaw,gfaire,gfedewa,ggehrke,ggillim,ghann,ghelderman,ghumbles,gishii,gjankowiak,gkerens,glafontaine,gloebs,gmackinder,gmassi,gmilian,gmings,gmoen,gparkersmith,gpomerance,gportolese,greiff,gsantella,gschaumburg,gshrode,gtinnel,guresti,gvollrath,gwaud,habby,hbastidos,hbetterman,hbickford,hbraim,hbrandow,hbrehmer,hbukovsky,hcafourek,hcarrizal,hchaviano,hcintron,hcowles,hcusta,hdoiel,hdyner,hfludd,hgalavis,hhaffey,hhagee,hhartranft,hholyfield,hhysong,hkarney,hkinderknecht,hkippes,hkohlmeyer,hlauchaire,hlemon,hlichota,hliverman,hloftis,hlynema,hmateer,hmatonak,hmiazga,hmogush,hmuscaro,hpalmquist,hpimpare,hpolintan,hrapisura,hrenart,hriech,hsabol,hschelb,hschoepfer,hspiry,hstreitnatter,hsweezer,htilzer,htomlinson,htsuha,hvannette,hveader,hwestermark,hwoodert,hzagami,hzinda,iambrosino,ibeto,ibreitbart,ibuzo,ibyles,ichewning,icoard,ideveyra,ienglert,igizzi,ihalford,ihanneman,ihegener,ihernan,iherrarte,ihimmelwright,ihoa,iiffert,ikadar,ikulbida,ilacourse,ilamberth,ilawbaugh,ileaman,ilevian,imarungo,imcbay,imensah,imicthell,imillin,imuehl,inarain,iogasawara,iroiger,iseipel,isowder,isplonskowski,istallcup,istarring,isteinlicht,ithum,ivanschaack,iweibe,iyorgey,iyorks,jamber,jappleyard,jbielicki,jbjorkman,jcaroll,jdodge,jeuresti,jeverton,jglotzbecker,jherkenratt,jholzmiller,jjumalon,jkimpton,jknight,jlebouf,jlunney,jmartha,jmarugg,jmatty,joligee,jquicksall,jrees,jreigh,jroman,jscheitlin,jseen,jsegundo,jsenavanh,jskafec,jspohn,jsweezy,jvillaire,jwinterton,jzych,kaanerud,kalguire,kbarnthouse,kbartolet,kbattershell,kbrevitz,kbrugal,kcofrancesco,kcomparoni,kconkey,kdevincent,kepps,kfaure,kfend,kgarced,kgremminger,khartness,kheadlon,khovanesian,kjoslyn,klitehiser,klundsten,klurie,kmallach,kmandolfo,kmarzili,kmayoras,kmcardle,kmcguire,kmedcaf,kmeester,kmisove,kmoesch,kmosko,kmuros,kolexa,kottomaniello,kpalka,kpannunzio,kpenale,kpuebla,krahman,kseisler,kshippy,ksiering,ksollitto,ksparling,kstachurski,kthede,ktoni,ktriblett,ktuccio,ktuner,kwidrick,kwinterling,kwirght,laksamit,lautovino,lbanco,lbassin,lbove,lbuchtel,lcanestrini,lcaudell,lcavez,lcocherell,lcoulon,lcremer,leberhardt,lfarraj,lfichtner,lgadomski,lgandee,lgradilla,lhuggler,limbrogno,ljomes,lkimel,llarmore,llasher,lmadruga,lmauracher,lmcgeary,lmichaud,lmuehlberger,lnormand,lparrish,lpeagler,lpintor,lpitek,lpondexter,lrandall,lringuette,lschenkelberg,lschnorbus,lschollmeier,lseabold,lseehafer,lshilling,lsivic,lsobrino,lsous,lspielvogel,lvaleriano,lvanconant,lwedner,lyoula,mallmand,maustine,mbeagley,mbodley,mbravata,mcampagnone,mcaram,mcashett,mcasida,mcoch,mcolehour,mcontreras,mdanos,mdecourcey,mdedon,mdickinson,mdimaio,mdoering,mdyce,meconomides,mespinel,mfaeth,mfeil,mferandez,mfitzherbert,mgavet,mgayden,mground,mheilbrun,mhollings,mjeon,mkibler,mkofoed,mlaverde,mlenning,mlinak,mlinardi,mmangiamele,mmattu,mmcchristian,mmerriwether,mmesidor,mneubacher,moller,moser,mpanahon,mpark,mpellew,mpilon,mpizzaro,mpytko,mquigg,mredd,mrizer,mruppel,mrydelek,mskeele,mstirn,mswogger,mtanzi,mtintle,mvanbergen,mvanpelt,mvas,mvedder,mviverette,myokoyama,nagerton,nasmar,nbuford,nbugtong,ncermeno,nchrisman,nciucci,ndesautels,ndrumgole,nedgin,nendicott,nerbach,nevan,nforti,nfunchess,ngiesler,nglathar,ngrowney,ngullett,nhayer,nhelfinstine,nhija,ninnella,njordon,nkempon,nkubley,nlainhart,nlatchaw,nlemma,nlinarez,nlohmiller,nmccolm,nmoren,nnamanworth,nnickel,nousdahl,nphan,nramones,nranck,nridinger,nriofrio,nrybij,nrysavy,nschmig,nsiemonsma,nslaby,nspolar,nvyhnal,nwescott,nwiker,oahyou,oalthouse,obeaufait,obenallack,obercier,obihl,ocalleo,ochasten,oclunes,oconerly,ocrabbs,oebrani,ofelcher,ohatto,ohearl,ohedlund,ohoffert,ohove,ojerabek,okave,okveton,omalvaez,omasone,omatula,omcdaid,oolivarez,oosterhouse,opeet,opizzuti,opoch,oport,opuglisi,oreiss,osaber,oscarpello,oshough,ovibbert,owhelchel,owhitelow,pahles,pbascom,pbeckerdite,pbiggart,pbondroff,pbrentano,pcaposole,pcornn,pdauterman,pdech,pdischinger,pduitscher,pdulac,pdurando,pfavolise,pgiegerich,pgreenier,pgrybel,phalkett,pheathcock,phyer,pmineo,pminnis,ppedraja,ppeper,pphuaphes,prepasky,prowena,psabado,psalesky,pschrayter,psharits,psiroky,psundeen,pthornberry,ptoenjes,ptraweek,purquilla,pvierthaler,pvirelli,pviviani,pwademan,pwashuk,pwetherwax,pwhitmire,pwohlenhaus,pwutzke,qhanly,ralspach,rbernhagen,rbillingsly,rbloomstrand,rbrisby,rcheshier,rchevrette,rdubs,rdubuisson,redling,rfassinger,rfauerbach,rfidel,rginer,rgoonez,rgramby,rgriffies,rguinane,rheinzmann,rkraszewski,rlambertus,rlatessa,rlosinger,rmandril,rmcstay,rnordby,rpastorin,rpikes,rpinilla,rpitter,rramirez,rrasual,rschkade,rtole,rtooker,saben,sackles,sarndt,saycock,sbemo,sbettridge,sbloise,sbonnie,sbrabyn,scocuzza,sdebry,senrico,sestergard,sgefroh,sgirsh,sgropper,sgunder,sgurski,shaith,sherzberg,showe,sjankauskas,skanjirathinga,skoegler,slaningham,slaudeman,slerew,smccaie,smillian,smullowney,snotari,spolmer,srees,srubenfield,sscheiern,sskone,sskyers,sspagnuolo,sstough,sstuemke,svandewalle,svielle,svogler,svongal,swoodie,tabdelal,tairth,tbagne,tbattista,tboxx,tcacal,tcossa,tcrissinger,tdonathan,teliades,tfalconeri,tfetherston,tgelen,tgindhart,tguinnip,tharr,thelfritz,thoch,thynson,tkeala,tkelly,tkhora,tlana,tlowers,tmalecki,tmarkus,tmccaffity,tmccamish,tmcmickle,tmelland,tmorr,tmurata,tmysinger,tnaillon,tnitzel,tpaa,tplatko,tredfearn,tsablea,tsann,tschnepel,tsearle,tsepulueda,tsowells,tstalworth,tvehrs,tvrooman,tyounglas,ualway,uazatyan,ubenken,ubieniek,ubynum,udatu,uednilao,ueriks,uflander,ugerpheide,ugreenberg,uhayakawa,uholecek,ulanigan,umarbury,umosser,upater,upellam,uransford,urosentrance,uschweyen,usevera,uslavinski,uspittler,uvanmatre,uwalpole,uweyand,vbaldasaro,vbigalow,vbonder,vburton,vchevalier,vcrofton,vdesir,vdolan,veisenhardt,vemily,venfort,vfeigel,vglidden,vkrug,vlubic,vmaynard,vmedici,vnazzal,vnery,vpeairs,vpender,vpiraino,vrodick,vrunyon,vsefcovic,vstirman,vtowell,vtresch,vtrumpp,vwabasha,vwaltmann,vwisinger,vwokwicz,wbrill,wclokecloak,wconces,wconstantino,wcreggett,wdagrella,wdevenish,wdovey,wenglander,werrick,wesguerra,wganther,wkhazaleh,wleiva,wlynch,wmailey,wmendell,wnunziata,wottesen,wselim,wstjean,wtruman,wvalcin,wvermeulen,xeppley,xlantey,xrahaim,yautin,ycerasoli,ycobetto,ycostaneda,yduft,yeven,yfrymoyer,ygockel,yhenriques,ykimbel,yolivier,yschmuff,ysnock,yvdberg,zanderlik,zborgmeyer,zbuscaglia,zculp,zfarler,zhaulk,zkutchera,zmeeker,zneeb,zratti,zscammahorn,zvagt,zwinterbottom +EOM + +check "getent.ldap group nstgrp1 | sortgroup" << EOM +nstgrp1:*:800:testusr2 +EOM + +check "getent.ldap group nstgrp2 | sortgroup" << EOM +nstgrp2:*:801:testusr2,testusr3 +EOM + +check "getent.ldap group nstgrp3 | sortgroup" << EOM +nstgrp3:*:802:testusr2,testusr3 +EOM + +check "getent.ldap group.bymember testusr2 | sed 's/:.*//' | sort" << EOM +largegroup +nstgrp1 +nstgrp2 +nstgrp3 +testgroup2 +EOM + +check "getent.ldap group.bymember testusr3 | sed 's/:.*//' | sort" << EOM +largegroup +nstgrp2 +nstgrp3 +EOM + +########################################################################### + +echo "test_ldapcmds.sh: testing hosts..." + +check "getent.ldap hosts testhost" << EOM +192.0.2.123 testhost testhostalias +EOM + +check "getent.ldap hosts testhostalias" << EOM +192.0.2.123 testhost testhostalias +EOM + +# check hostname with different case +check "getent.ldap hosts TESTHOST" << EOM +192.0.2.123 testhost testhostalias +EOM + +check "getent.ldap hosts 192.0.2.123" << EOM +192.0.2.123 testhost testhostalias +EOM + +check "getent.ldap hosts | grep testhost | sort" << EOM +192.0.2.123 testhost testhostalias +192.0.2.124 testhost2 +192.0.2.126 testhost4 +2001:db8::7e27:ac1d testhost4 +2001:db8::dead:beef testhost2 +2001:db8::feed:c0de testhost3 +EOM + +check "getent.ldap hosts 2001:db8::dead:beef | sort" << EOM +192.0.2.124 testhost2 +2001:db8::dead:beef testhost2 +EOM + +check "getent.ldap hostsv4 testhost2" << EOM +192.0.2.124 testhost2 +EOM + +check "getent.ldap hostsv6 testhost2" << EOM +2001:db8::dead:beef testhost2 +EOM + +check "getent.ldap hostsv4 192.0.2.124" << EOM +192.0.2.124 testhost2 +EOM + +check "getent.ldap hostsv6 2001:db8::dead:beef" << EOM +2001:db8::dead:beef testhost2 +EOM + +check "getent.ldap hostsv4 2001:db8::dead:beef" << EOM +EOM + +check "getent.ldap hostsv6 192.0.2.124" << EOM +EOM + +########################################################################### + +echo "test_ldapcmds.sh: testing netgroup..." + +# check netgroup lookup of test netgroup +check "getent.ldap netgroup tstnetgroup" << EOM +tstnetgroup ( , arthur, ) (noot, , ) +EOM + +# check netgroup lookup with different case +check "getent.ldap netgroup TSTNETGROUP" << EOM +EOM + +# check netgroup lookup of test netgroup without recursion +check "getent.ldap netgroup.norec tstnetgroup" << EOM +tstnetgroup tst3netgroup tst2netgroup (, arthur, ) +EOM + +########################################################################### + +echo "test_ldapcmds.sh: testing networks..." + +check "getent.ldap networks testnet" << EOM +testnet 192.0.2.0 +EOM + +# check network name with different case +check "getent.ldap networks TESTNET" << EOM +testnet 192.0.2.0 +EOM + +check "getent.ldap networks 192.0.2.0" << EOM +testnet 192.0.2.0 +EOM + +check "getent.ldap networks | grep testnet" << EOM +testnet 192.0.2.0 +EOM + +########################################################################### + +echo "test_ldapcmds.sh: testing passwd..." + +check "getent.ldap passwd ecolden | sed 's/:[x*]:/:x:/'" << EOM +ecolden:x:5972:1000:Estelle Colden:/home/ecolden:/bin/bash +EOM + +check "getent.ldap passwd arthur | sed 's/:[x*]:/:x:/'" << EOM +arthur:x:1000:100:Arthur de Jong:/home/arthur:/bin/bash +EOM + +# check username with different case +check "getent.ldap passwd ARTHUR" << EOM +EOM + +check "getent.ldap passwd 4089 | sed 's/:[x*]:/:x:/'" << EOM +jguzzetta:x:4089:1000:Josephine Guzzetta:/home/jguzzetta:/bin/bash +EOM + +# count the number of passwd entries in the 4000-5999 range +check "getent.ldap passwd | grep -c ':[x*]:[45][0-9][0-9][0-9]:'" << EOM +2000 +EOM + +########################################################################### + +echo "test_ldapcmds.sh: testing protocols..." + +check "getent.ldap protocols protfoo" << EOM +protfoo 253 protfooalias +EOM + +check "getent.ldap protocols protfooalias" << EOM +protfoo 253 protfooalias +EOM + +# check protocol with different case +check "getent.ldap protocols PROTFOO" << EOM +EOM + +# test protocol alias with different case +check "getent.ldap protocols PROTFOOALIAS" << EOM +EOM + +check "getent.ldap protocols 253" << EOM +protfoo 253 protfooalias +EOM + +check "getent.ldap protocols | grep protfoo" << EOM +protfoo 253 protfooalias +EOM + +########################################################################### + +echo "test_ldapcmds.sh: testing rpc..." + +check "getent.ldap rpc rpcfoo" << EOM +rpcfoo 160002 rpcfooalias +EOM + +check "getent.ldap rpc rpcfooalias" << EOM +rpcfoo 160002 rpcfooalias +EOM + +# test rpc name with different case +check "getent.ldap rpc RPCFOO" << EOM +EOM + +check "getent.ldap rpc 160002" << EOM +rpcfoo 160002 rpcfooalias +EOM + +check "getent.ldap rpc | grep rpcfoo" << EOM +rpcfoo 160002 rpcfooalias +EOM + +########################################################################### + +echo "test_ldapcmds.sh: testing services..." + +check "getent.ldap services foosrv" << EOM +foosrv 15349/tcp +EOM + +check "getent.ldap services foosrv/tcp" << EOM +foosrv 15349/tcp +EOM + +check "getent.ldap services foosrv/udp" << EOM +EOM + +# check with different case +check "getent.ldap services FOOSRV" << EOM +EOM + +# check protocol name case sensitivity (TCP is commonly an alias) +check "getent.ldap services foosrv/tCp" << EOM +EOM + +check "getent.ldap services 15349/tcp" << EOM +foosrv 15349/tcp +EOM + +check "getent.ldap services 15349/udp" << EOM +EOM + +check "getent.ldap services barsrv | sort" << EOM +barsrv 15350/tcp +barsrv 15350/udp +EOM + +check "getent.ldap services barsrv/tcp" << EOM +barsrv 15350/tcp +EOM + +check "getent.ldap services barsrv/udp" << EOM +barsrv 15350/udp +EOM + +check "getent.ldap services | egrep '(foo|bar)srv' | sort" << EOM +barsrv 15350/tcp +barsrv 15350/udp +foosrv 15349/tcp +EOM + +check "getent.ldap services sssin" << EOM +sssin 5000/tcp SSSIN +EOM + +check "getent.ldap services SSSIN" << EOM +sssin 5000/tcp SSSIN +EOM + +check "getent.ldap services | sort" << EOM +barsrv 15350/tcp +barsrv 15350/udp +foosrv 15349/tcp +sssin 5000/tcp SSSIN +EOM + +########################################################################### + +echo "test_ldapcmds.sh: testing shadow..." + +# function to remove the password field from output +rmpasswd() { + sed 's/^\([^:]*\):[^:]*:/\1:*:/' +} + +check "getent.ldap shadow ecordas | rmpasswd" << EOM +ecordas:*::::7:2::0 +EOM + +check "getent.ldap shadow adishaw | rmpasswd" << EOM +adishaw:*:12302:::7:2::0 +EOM + +# check case-sensitivity +check "getent.ldap shadow ADISHAW" << EOM +EOM + +# check if the names of users match between passwd and shadow +getent_ldap passwd | sed 's/:.*//' | sort | \ + check "getent.ldap shadow | sed 's/:.*//' | sort" + +########################################################################### +# determine the result + +if [ $FAIL -eq 0 ] +then + echo "test_ldapcmds.sh: all tests passed" + exit 0 +else + echo "test_ldapcmds.sh: $FAIL TESTS FAILED" + exit 1 +fi diff --git a/tests/test_manpages.sh b/tests/test_manpages.sh new file mode 100755 index 0000000..8400aae --- /dev/null +++ b/tests/test_manpages.sh @@ -0,0 +1,50 @@ +#!/bin/sh + +# test_manpages.sh - run some validity checks on the manual pages +# +# Copyright (C) 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +set -e + +# find manual page directory +srcdir="${srcdir-`dirname "$0"`}" +top_srcdir="${top_srcdir-${srcdir}/..}" + +# if xmlto is missing, ignore +if (xmlto --version) > /dev/null 2> /dev/null +then + : +else + echo "xmlto not found" + exit 77 +fi + +# set up a temporary directory +tmpdir="test_manpages.tmp" +rm -rf "$tmpdir" +mkdir "$tmpdir" + +# generate HTML for all manual pages +for man in $top_srcdir/man/*.xml +do + echo "xmlto $man" + xmlto xhtml-nochunks -o "$tmpdir" "$man" +done + +# clean up +rm -rf "$tmpdir" diff --git a/tests/test_myldap.c b/tests/test_myldap.c new file mode 100644 index 0000000..a8cab6b --- /dev/null +++ b/tests/test_myldap.c @@ -0,0 +1,446 @@ +/* + test_myldap.c - simple test for the myldap module + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2007-2014 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include + +#include "common.h" + +#include "nslcd/log.h" +#include "nslcd/cfg.h" +#include "nslcd/myldap.h" + +struct worker_args { + int id; +}; + +/* the maxium number of results to print (all results are retrieved) */ +#define MAXRESULTS 10 + +/* This is a very basic search test, it performs a test to get certain + entries from the database. It currently just prints out the DNs for + the entries. */ +static void test_search(void) +{ + MYLDAP_SESSION *session; + MYLDAP_SEARCH *search; + MYLDAP_ENTRY *entry; + const char *attrs[] = { "uid", "cn", "gid", NULL }; + int i; + int rc; + /* initialize session */ + printf("test_myldap: test_search(): getting session...\n"); + session = myldap_create_session(); + assert(session != NULL); + /* perform search */ + printf("test_myldap: test_search(): doing search...\n"); + search = myldap_search(session, nslcd_cfg->bases[0], LDAP_SCOPE_SUBTREE, + "(objectclass=posixAccount)", attrs, NULL); + assert(search != NULL); + /* go over results */ + printf("test_myldap: test_search(): get results...\n"); + for (i = 0; (entry = myldap_get_entry(search, &rc)) != NULL; i++) + { + if (i < MAXRESULTS) + printf("test_myldap: test_search(): [%d] DN %s\n", + i, myldap_get_dn(entry)); + else if (i == MAXRESULTS) + printf("test_myldap: test_search(): ...\n"); + } + printf("test_myldap: test_search(): %d entries returned: %s\n", + i, ldap_err2string(rc)); + assert(rc == LDAP_SUCCESS); + /* perform another search */ + printf("test_myldap: test_search(): doing search...\n"); + search = myldap_search(session, nslcd_cfg->bases[0], LDAP_SCOPE_SUBTREE, + "(objectclass=posixGroup)", attrs, NULL); + assert(search != NULL); + /* go over results */ + printf("test_myldap: test_search(): get results...\n"); + for (i = 0; (entry = myldap_get_entry(search, &rc)) != NULL; i++) + { + if (i < MAXRESULTS) + printf("test_myldap: test_search(): [%d] DN %s\n", + i, myldap_get_dn(entry)); + else if (i == MAXRESULTS) + printf("test_myldap: test_search(): ...\n"); + } + printf("test_myldap: test_search(): %d entries returned: %s\n", + i, ldap_err2string(rc)); + assert(rc == LDAP_SUCCESS); + /* clean up */ + myldap_session_close(session); +} + +static void test_get(void) +{ + MYLDAP_SESSION *session; + MYLDAP_SEARCH *search1, *search2; + MYLDAP_ENTRY *entry; + const char *attrs1[] = { "cn", "userPassword", "memberUid", "gidNumber", "member", NULL }; + const char *attrs2[] = { "uid", NULL }; + int rc; + /* initialize session */ + printf("test_myldap: test_get(): getting session...\n"); + session = myldap_create_session(); + assert(session != NULL); + /* perform search */ + printf("test_myldap: test_get(): doing search...\n"); + search1 = myldap_search(session, nslcd_cfg->bases[0], LDAP_SCOPE_SUBTREE, + "(&(|(objectClass=posixGroup)(objectClass=groupOfNames))(cn=testgroup2))", + attrs1, NULL); + assert(search1 != NULL); + /* get one entry */ + entry = myldap_get_entry(search1, &rc); + assert(entry != NULL); + printf("test_myldap: test_get(): got DN %s\n", myldap_get_dn(entry)); + /* get some attribute values */ + assert(myldap_get_values(entry, "gidNumber") != NULL); + assert(myldap_get_values(entry, "memberUid") == NULL); + assert(myldap_get_values(entry, "member") != NULL); + /* perform another search */ + printf("test_myldap: test_get(): doing get...\n"); + search2 = myldap_search(session, "cn=Test User2,ou=people,dc=test,dc=tld", + LDAP_SCOPE_BASE, + "(objectclass=posixAccount)", attrs2, NULL); + assert(search2 != NULL); + /* get one entry */ + entry = myldap_get_entry(search2, &rc); + assert(entry != NULL); + printf("test_myldap: test_get(): got DN %s\n", myldap_get_dn(entry)); + /* test if searches are ok */ + assert(myldap_get_entry(search1, &rc) == NULL); + assert(myldap_get_entry(search2, &rc) == NULL); + /* clean up */ + myldap_session_close(session); +} + +/* This search prints a number of attributes from a search */ +static void test_get_values(void) +{ + MYLDAP_SESSION *session; + MYLDAP_SEARCH *search; + MYLDAP_ENTRY *entry; + const char *attrs[] = { "uidNumber", "cn", "gidNumber", "uid", "objectClass", NULL }; + const char **vals; + const char *rdnval; + int i; + /* initialize session */ + printf("test_myldap: test_get_values(): getting session...\n"); + session = myldap_create_session(); + assert(session != NULL); + /* perform search */ + search = myldap_search(session, nslcd_cfg->bases[0], LDAP_SCOPE_SUBTREE, + "(&(objectClass=posixAccount)(uid=*))", attrs, NULL); + assert(search != NULL); + /* go over results */ + for (i = 0; (entry = myldap_get_entry(search, NULL)) != NULL; i++) + { + if (i < MAXRESULTS) + printf("test_myldap: test_get_values(): [%d] DN %s\n", + i, myldap_get_dn(entry)); + else if (i == MAXRESULTS) + printf("test_myldap: test_get_values(): ...\n"); + /* try to get uid from attribute */ + vals = myldap_get_values(entry, "uidNumber"); + assert((vals != NULL) && (vals[0] != NULL)); + if (i < MAXRESULTS) + printf("test_myldap: test_get_values(): [%d] uidNumber=%s\n", + i, vals[0]); + /* try to get gid from attribute */ + vals = myldap_get_values(entry, "gidNumber"); + assert((vals != NULL) && (vals[0] != NULL)); + if (i < MAXRESULTS) + printf("test_myldap: test_get_values(): [%d] gidNumber=%s\n", + i, vals[0]); + /* write LDF_STRING(PASSWD_NAME) */ + vals = myldap_get_values(entry, "uid"); + assert((vals != NULL) && (vals[0] != NULL)); + if (i < MAXRESULTS) + printf("test_myldap: test_get_values(): [%d] uid=%s\n", i, vals[0]); + /* get rdn values */ + rdnval = myldap_get_rdn_value(entry, "cn"); + if (i < MAXRESULTS) + printf("test_myldap: test_get_values(): [%d] cdrdn=%s\n", + i, rdnval == NULL ? "NULL" : rdnval); + rdnval = myldap_get_rdn_value(entry, "uid"); + if (i < MAXRESULTS) + printf("test_myldap: test_get_values(): [%d] uidrdn=%s\n", + i, rdnval == NULL ? "NULL" : rdnval); + /* check objectclass */ + assert(myldap_has_objectclass(entry, "posixAccount")); + } + /* clean up */ + myldap_session_close(session); +} + +static void test_get_rdnvalues(void) +{ + MYLDAP_SESSION *session; + MYLDAP_SEARCH *search; + MYLDAP_ENTRY *entry; + const char *attrs[] = { "cn", "uid", NULL }; + int rc; + char buf[80]; + const char *rdnval; + /* initialize session */ + printf("test_myldap: test_get_rdnvalues(): getting session...\n"); + session = myldap_create_session(); + assert(session != NULL); + /* perform search */ + printf("test_myldap: test_get_rdnvalues(): doing search...\n"); + search = myldap_search(session, "cn=Aka Ashbach+uid=aashbach,ou=lotsofpeople,dc=test,dc=tld", + LDAP_SCOPE_BASE, "(objectClass=*)", attrs, NULL); + assert(search != NULL); + /* get one entry */ + entry = myldap_get_entry(search, &rc); + assert(entry != NULL); + printf("test_myldap: test_get_rdnvalues(): got DN %s\n", + myldap_get_dn(entry)); + /* get some values from DN */ + rdnval = myldap_get_rdn_value(entry, "uid"); + printf("test_myldap: test_get_rdnvalues(): DN.uid=%s\n", + rdnval == NULL ? "NULL" : rdnval); + rdnval = myldap_get_rdn_value(entry, "cn"); + printf("test_myldap: test_get_rdnvalues(): DN.cn=%s\n", + rdnval == NULL ? "NULL" : rdnval); + rdnval = myldap_get_rdn_value(entry, "uidNumber"); + printf("test_myldap: test_get_rdnvalues(): DN.uidNumber=%s\n", + rdnval == NULL ? "NULL" : rdnval); + /* clean up */ + myldap_session_close(session); + /* some tests */ + rdnval = myldap_cpy_rdn_value("cn=Aka Ashbach+uid=aashbach,ou=lotsofpeople,dc=test,dc=tld", + "uid", buf, sizeof(buf)); + printf("test_myldap: test_get_rdnvalues(): DN.uid=%s\n", + rdnval == NULL ? "NULL" : rdnval); + rdnval = myldap_cpy_rdn_value("cn=Aka Ashbach+uid=aashbach,ou=lotsofpeople,dc=test,dc=tld", + "cn", buf, sizeof(buf)); + printf("test_myldap: test_get_rdnvalues(): DN.cn=%s\n", + rdnval == NULL ? "NULL" : rdnval); + rdnval = myldap_cpy_rdn_value("cn=Aka Ashbach+uid=aashbach,ou=lotsofpeople,dc=test,dc=tld", + "uidNumber", buf, sizeof(buf)); + printf("test_myldap: test_get_rdnvalues(): DN.uidNumber=%s\n", + rdnval == NULL ? "NULL" : rdnval); +} + +/* this method tests to see if we can perform two searches within + one session */ +static void test_two_searches(void) +{ + MYLDAP_SESSION *session; + MYLDAP_SEARCH *search1, *search2; + MYLDAP_ENTRY *entry; + const char *attrs[] = { "uidNumber", "cn", "gidNumber", "uid", "objectClass", NULL }; + const char **vals; + /* initialize session */ + printf("test_myldap: test_two_searches(): getting session...\n"); + session = myldap_create_session(); + assert(session != NULL); + /* perform search1 */ + search1 = myldap_search(session, nslcd_cfg->bases[0], LDAP_SCOPE_SUBTREE, + "(&(objectClass=posixAccount)(uid=*))", + attrs, NULL); + assert(search1 != NULL); + /* get a result from search1 */ + entry = myldap_get_entry(search1, NULL); + assert(entry != NULL); + printf("test_myldap: test_two_searches(): [search1] DN %s\n", + myldap_get_dn(entry)); + vals = myldap_get_values(entry, "cn"); + assert((vals != NULL) && (vals[0] != NULL)); + printf("test_myldap: test_two_searches(): [search1] cn=%s\n", vals[0]); + /* start a second search */ + search2 = myldap_search(session, nslcd_cfg->bases[0], LDAP_SCOPE_SUBTREE, + "(&(objectclass=posixGroup)(gidNumber=*))", + attrs, NULL); + assert(search2 != NULL); + /* get a result from search2 */ + entry = myldap_get_entry(search2, NULL); + assert(entry != NULL); + printf("test_myldap: test_two_searches(): [search2] DN %s\n", + myldap_get_dn(entry)); + vals = myldap_get_values(entry, "cn"); + assert((vals != NULL) && (vals[0] != NULL)); + printf("test_myldap: test_two_searches(): [search2] cn=%s\n", vals[0]); + /* get another result from search1 */ + entry = myldap_get_entry(search1, NULL); + assert(entry != NULL); + printf("test_myldap: test_two_searches(): [search1] DN %s\n", + myldap_get_dn(entry)); + vals = myldap_get_values(entry, "cn"); + assert((vals != NULL) && (vals[0] != NULL)); + printf("test_myldap: test_two_searches(): [search1] cn=%s\n", vals[0]); + /* stop search1 */ + myldap_search_close(search1); + /* get another result from search2 */ + entry = myldap_get_entry(search2, NULL); + assert(entry != NULL); + printf("test_myldap: test_two_searches(): [search2] DN %s\n", + myldap_get_dn(entry)); + vals = myldap_get_values(entry, "cn"); + assert((vals != NULL) && (vals[0] != NULL)); + printf("test_myldap: test_two_searches(): [search2] cn=%s\n", vals[0]); + /* clean up */ + myldap_session_close(session); +} + +/* perform a simple search */ +static void *worker(void *arg) +{ + MYLDAP_SESSION *session; + MYLDAP_SEARCH *search; + MYLDAP_ENTRY *entry; + const char *attrs[] = { "uid", "cn", "gid", NULL }; + struct worker_args *args = (struct worker_args *)arg; + int i; + int rc; + /* initialize session */ + session = myldap_create_session(); + assert(session != NULL); + /* perform search */ + search = myldap_search(session, nslcd_cfg->bases[0], LDAP_SCOPE_SUBTREE, + "(objectclass=posixAccount)", attrs, NULL); + assert(search != NULL); + /* go over results */ + for (i = 0; (entry = myldap_get_entry(search, &rc)) != NULL; i++) + { + if (i < MAXRESULTS) + printf("test_myldap: test_threads(): [worker %d] [%d] DN %s\n", + args->id, i, myldap_get_dn(entry)); + else if (i == MAXRESULTS) + printf("test_myldap: test_threads(): [worker %d] ...\n", args->id); + } + printf("test_myldap: test_threads(): [worker %d] DONE: %s\n", + args->id, ldap_err2string(rc)); + assert(rc == LDAP_SUCCESS); + /* clean up */ + myldap_session_close(session); + return 0; +} + +/* thread ids of all running threads */ +#define NUM_THREADS 5 +pthread_t my_threads[NUM_THREADS]; + +static void test_threads(void) +{ + int i; + struct worker_args args[NUM_THREADS]; + /* start worker threads */ + for (i = 0; i < NUM_THREADS; i++) + { + args[i].id = i; + assert(pthread_create(&my_threads[i], NULL, worker, &(args[i])) == 0); + } + /* wait for all threads to die */ + for (i = 0; i < NUM_THREADS; i++) + { + assert(pthread_join(my_threads[i], NULL) == 0); + } +} + +static void test_connections(void) +{ + MYLDAP_SESSION *session; + MYLDAP_SEARCH *search; + const char *attrs[] = { "uid", "cn", "gid", NULL }; + char *old_uris[NSS_LDAP_CONFIG_MAX_URIS + 1]; + int i; + /* save the old URIs */ + for (i = 0; i < (NSS_LDAP_CONFIG_MAX_URIS + 1); i++) + { + old_uris[i] = nslcd_cfg->uris[i].uri; + nslcd_cfg->uris[i].uri = NULL; + } + /* set new URIs */ + i = 0; + nslcd_cfg->uris[i++].uri = "ldapi://%2fdev%2fnull/"; + nslcd_cfg->uris[i++].uri = "ldap://10.10.10.10/"; + nslcd_cfg->uris[i++].uri = "ldapi://%2fdev%2fnonexistent/"; + nslcd_cfg->uris[i++].uri = "ldap://nosuchhost/"; + nslcd_cfg->uris[i++].uri = NULL; + /* initialize session */ + printf("test_myldap: test_connections(): getting session...\n"); + session = myldap_create_session(); + assert(session != NULL); + /* perform search */ + printf("test_myldap: test_connections(): doing search...\n"); + search = myldap_search(session, nslcd_cfg->bases[0], LDAP_SCOPE_SUBTREE, + "(objectclass=posixAccount)", attrs, NULL); + assert(search == NULL); + /* clean up */ + myldap_session_close(session); + /* restore the old URIs */ + for (i = 0; i < (NSS_LDAP_CONFIG_MAX_URIS + 1); i++) + nslcd_cfg->uris[i].uri = old_uris[i]; +} + +/* test whether myldap_escape() handles buffer overlows correctly */ +static void test_escape(void) +{ + char buffer[1024]; + assert(myldap_escape("test", buffer, 4) != 0); + assert(myldap_escape("t*st", buffer, 5) != 0); + assert(myldap_escape("t*st", buffer, 20) == 0); + assertstreq(buffer, "t\\2ast"); +} + +/* the main program... */ +int main(int UNUSED(argc), char UNUSED(*argv[])) +{ + char *srcdir; + char fname[100]; + struct sigaction act; + /* build the name of the file */ + srcdir = getenv("srcdir"); + if (srcdir == NULL) + srcdir = "."; + snprintf(fname, sizeof(fname), "%s/nslcd-test.conf", srcdir); + fname[sizeof(fname) - 1] = '\0'; + /* initialize configuration */ + cfg_init(fname); + /* partially initialize logging */ + log_setdefaultloglevel(LOG_DEBUG); + /* ignore SIGPIPE */ + memset(&act, 0, sizeof(struct sigaction)); + act.sa_handler = SIG_IGN; + sigemptyset(&act.sa_mask); + act.sa_flags = SA_RESTART | SA_NOCLDSTOP; + assert(sigaction(SIGPIPE, &act, NULL) == 0); + /* do tests */ + test_search(); + test_get(); + test_get_values(); + test_get_rdnvalues(); + test_two_searches(); + test_threads(); + test_connections(); + test_escape(); + return 0; +} diff --git a/tests/test_myldap.sh b/tests/test_myldap.sh new file mode 100755 index 0000000..58820ce --- /dev/null +++ b/tests/test_myldap.sh @@ -0,0 +1,43 @@ +#!/bin/sh + +# test_myldap.sh - simple wrapper test script for test_myldap +# +# Copyright (C) 2007-2014 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +# This script expects to be run in an environment where an LDAP server +# is available at the location specified in nslcd-test.conf in +# this directory. + +set -e + +# get LDAP config +srcdir="${srcdir-`dirname "$0"`}" +builddir="${builddir-`dirname "$0"`}" +cfgfile="$srcdir/nslcd-test.conf" +uri=`sed -n 's/^uri *//p' "$cfgfile" | head -n 1` +base="dc=test,dc=tld" + +# try to fetch the base DN (fail with exit 77 to indicate problem) +"$srcdir/testenv.sh" check_ldap "$uri" "$base" || exit 77 + +# fix configuration file permissions for test to pass +chmod o-rwx "$cfgfile" + +# just execute test_myldap +export srcdir +exec "$builddir/test_myldap" diff --git a/tests/test_nsscmds.sh b/tests/test_nsscmds.sh new file mode 100755 index 0000000..ef489e2 --- /dev/null +++ b/tests/test_nsscmds.sh @@ -0,0 +1,531 @@ +#!/bin/sh + +# test_nsscmds.sh - simple test script to check output of name lookup commands +# +# Copyright (C) 2007-2017 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +# This script expects to be run in an environment where nss-pam-ldapd +# is deployed with an LDAP server with the proper content (and nslcd running). +# It's probably best to run this in an environment without nscd (this breaks +# the services tests). + +set -e + +# find source directory +srcdir="${srcdir-`dirname "$0"`}" +builddir="${builddir-`dirname "$0"`}" +top_builddir="${top_builddir-${builddir}/..}" + +# ensure that we are running in the test environment +"$srcdir/testenv.sh" check || exit 77 + +# preload our own NSS module +if [ -e "$top_builddir/nss/nss_ldap.so" ] +then + LD_PRELOAD="$top_builddir/nss/nss_ldap.so" + export LD_PRELOAD +fi + +# the total number of errors +FAIL=0 + +check() { + # the command to execute + cmd="$1" + # save the expected output + expectfile=`mktemp -t expected.XXXXXX 2> /dev/null || tempfile -s .expected 2> /dev/null` + cat > "$expectfile" + # run the command + echo 'test_nsscmds.sh: checking "'"$cmd"'"' + actualfile=`mktemp -t actual.XXXXXX 2> /dev/null || tempfile -s .actual 2> /dev/null` + eval "$cmd" > "$actualfile" 2>&1 || true + # check for differences + diff -Nauwi "$expectfile" "$actualfile" || FAIL=`expr $FAIL + 1` + # remove temporary files + rm "$expectfile" "$actualfile" +} + +########################################################################### + +if grep '^aliases.*ldap' /etc/nsswitch.conf > /dev/null 2>&1 +then +echo "test_nsscmds.sh: testing aliases..." + +# note that this doesn't work if /etc/aliases contains anything + +# check all aliases +check "getent aliases|sort" << EOM +bar2: foobar@example.com +bar: foobar@example.com +foo: bar@example.com +EOM + +# get alias by name +check "getent aliases foo" << EOM +foo: bar@example.com +EOM + +# get alias by second name +check "getent aliases bar2" << EOM +bar2: foobar@example.com +EOM + +# get alias by different case +check "getent aliases FOO" << EOM +foo: bar@example.com +EOM + +fi # end of aliases tests + +########################################################################### + +if grep '^ethers.*ldap' /etc/nsswitch.conf > /dev/null 2>&1 +then +echo "test_nsscmds.sh: testing ether..." + +# get an entry by hostname +check "getent ethers testhost" << EOM +0:18:8a:54:1a:8e testhost +EOM + +# get an entry by alias name +check "getent ethers testhostalias" << EOM +0:18:8a:54:1a:8e testhostalias +EOM + +# get an entry by hostname with different case +check "getent ethers TESTHOST" << EOM +0:18:8a:54:1a:8e testhost +EOM + +# get an entry by ethernet address +check "getent ethers 0:18:8a:54:1a:8b" << EOM +0:18:8a:54:1a:8b testhost2 +EOM + +# get entry by ip address +# this does not currently work, but maybe it should +#check "getent ethers 192.0.2.123" << EOM +#0:18:8a:54:1a:8e testhost +#EOM + +# get all ethers (unsupported) +check "getent ethers" << EOM +Enumeration not supported on ethers +EOM + +fi # end of ethers tests + +########################################################################### + +if grep '^group.*ldap' /etc/nsswitch.conf > /dev/null 2>&1 +then +echo "test_nsscmds.sh: testing group..." + +# function to sort group members of a group +sortgroup() { + while read line + do + group="`echo "$line" | sed 's/^\([^:]*:[^:]*:[^:]*\).*$/\1:/'`" + members="`echo "$line" | sed -n 's/^[^:]*:[^:]*:[^:]*:\(.*\)$/\1/p' | tr ',' '\n' | sort | tr '\n' ','`" + members="`echo "$members" | sed 's/,$//'`" + echo "${group}${members}" + done +} + +check "getent group testgroup | sortgroup" << EOM +testgroup:*:6100:arthur,test,testuser4 +EOM + +# this does not work because users is in /etc/group but it would +# be nice if libc supported this +#check "getent group users" << EOM +#users:*:100:arthur,test +#EOM + +# group with different case should not be found +check "getent group TESTGROUP" << EOM +EOM + +check "getent group 6100 | sortgroup" << EOM +testgroup:*:6100:arthur,test,testuser4 +EOM + +check "groups arthur | sed 's/^.*://'" << EOM +users testgroup testgroup2 grp4 grp5 grp6 grp7 grp8 grp9 grp10 grp11 grp12 grp13 grp14 grp15 grp16 grp17 grp18 +EOM + +check "groups testuser4 | sed 's/^.* *: *//'" << EOM +users testgroup testgroup2 +EOM + +check "getent group | egrep '^(testgroup|users|root):' | sortgroup" << EOM +$(egrep '^(testgroup|users|root):' /etc/group) +testgroup:*:6100:arthur,test,testuser4 +users:*:100:arthur,test +EOM + +check "getent group | wc -l" << EOM +`grep -c '^[^#].*:' /etc/group | awk '{print $1 + 23}'` +EOM + +check "getent group | grep ^largegroup | sortgroup" << EOM +largegroup:*:1005:akraskouskas,alat,ameisinger,bdevera,behrke,bmoldan,btempel,cjody,clouder,cmanno,dbye,dciviello,dfirpo,dgivliani,dgosser,emcquiddy,enastasi,fcunard,gcubbison,gdaub,gdreitzler,ghanauer,gpomerance,gsusoev,gtinnel,gvollrath,gzuhlke,hgalavis,hhaffey,hhydrick,hmachesky,hpaek,hpolk,hsweezer,htomlinson,hzagami,igurwell,ihashbarger,jyeater,kbradbury,khathway,kklavetter,lbuchtel,lgandee,lkhubba,lmauracher,lseehafer,lvittum,mblanchet,mbodley,mciaccia,mjuris,ndipanfilo,nfilipek,nfunchess,ngata,ngullett,nkraker,nriofrio,nroepke,nrybij,oclunes,oebrani,okveton,osaines,otrevor,pdossous,phaye,psowa,purquilla,rkoonz,rlatessa,rworkowski,sdebry,sgurski,showe,slaforge,tabdelal,testusr2,testusr3,tfalconeri,tpaa,uschweyen,utrezize,vchevalier,vdelnegro,vleyton,vmedici,vmigliori,vpender,vwaltmann,wbrettschneide,wselim,wvalcin,wworf,yautin,ykisak,zgingrich,znightingale,zwinterbottom +EOM + +check "getent group largegroup | sortgroup" << EOM +largegroup:*:1005:akraskouskas,alat,ameisinger,bdevera,behrke,bmoldan,btempel,cjody,clouder,cmanno,dbye,dciviello,dfirpo,dgivliani,dgosser,emcquiddy,enastasi,fcunard,gcubbison,gdaub,gdreitzler,ghanauer,gpomerance,gsusoev,gtinnel,gvollrath,gzuhlke,hgalavis,hhaffey,hhydrick,hmachesky,hpaek,hpolk,hsweezer,htomlinson,hzagami,igurwell,ihashbarger,jyeater,kbradbury,khathway,kklavetter,lbuchtel,lgandee,lkhubba,lmauracher,lseehafer,lvittum,mblanchet,mbodley,mciaccia,mjuris,ndipanfilo,nfilipek,nfunchess,ngata,ngullett,nkraker,nriofrio,nroepke,nrybij,oclunes,oebrani,okveton,osaines,otrevor,pdossous,phaye,psowa,purquilla,rkoonz,rlatessa,rworkowski,sdebry,sgurski,showe,slaforge,tabdelal,testusr2,testusr3,tfalconeri,tpaa,uschweyen,utrezize,vchevalier,vdelnegro,vleyton,vmedici,vmigliori,vpender,vwaltmann,wbrettschneide,wselim,wvalcin,wworf,yautin,ykisak,zgingrich,znightingale,zwinterbottom +EOM + +check "getent group | grep ^hugegroup | sortgroup" << EOM +hugegroup:*:1006:ablackstock,abortignon,achhor,ademosthenes,adenicola,adishaw,aesbensen,aferge,afredin,afuchs,agarbett,agimm,agordner,ahandy,ajaquess,akertzman,akomsthoeft,akraskouskas,akravetz,alamour,alat,alienhard,amanganelli,amaslyn,amayorga,amccroskey,amcgraw,amckinney,ameisinger,aponcedeleon,apurdon,areid,arosel,ascheno,ascovel,asemons,ashuey,asivley,astrunk,atollefsrud,atonkin,awhitt,aziernicki,badair,baigner,bbeckfield,bbrenton,bcoletta,bcolorado,bdadds,bdaughenbaugh,bdevera,bdominga,behrke,beon,bfishbeck,bgavagan,bguthary,bharnois,bhelverson,bjolly,blovig,bluellen,bmadamba,bmarlin,bmarszalek,bmicklos,bmoling,bouten,bphou,bpinedo,brodgerson,broher,bromano,bscadden,bsibal,bstrede,bswantak,btempel,btheim,bveeneman,bwinterton,bwynes,cabare,carguellez,cbarlup,cbartnick,cbelardo,cbleimehl,cbotdorf,cbourek,cbrechbill,cbrom,ccyganiewicz,cdeckard,cdegravelle,cdickes,cdrumm,cfasone,cflenner,cfleurantin,cgaler,cgalinol,cgaudette,cghianni,charriman,cjody,cjuntunen,ckerska,ckistenmacher,cklem,ckodish,clapenta,clewicki,clouder,cmafnas,cmanno,cmcanulty,cmellberg,cmiramon,cnabzdyk,cnoriego,cpaccione,cpalmios,cparee,cpencil,cpentreath,cpinela,cpluid,critchie,cscullion,csever,csoomaroo,cspilis,cswigert,ctenny,ctetteh,ctuzzo,cwank,cweiss,dasiedu,daubert,dbarriball,dbertels,dblazejewski,dcaltabiano,dciullo,ddeguire,ddigerolamo,denriquez,deshmon,dfirpo,dflore,dfollman,dgiacomazzi,dgivliani,dgosser,dhammontree,dhendon,dhindsman,dholdaway,dlablue,dlanois,dlargo,dledenbach,dlongbotham,dloubier,dmahapatra,dmarchizano,dmcgillen,dminozzi,dnegri,dpebbles,draymundo,dscheurer,dsharr,dsherard,dsteever,dtashjian,dtornow,dtuholski,dwittlinger,dzurek,eaguire,eathey,ebattee,ebeachem,eberkman,ebusk,ecelestin,ecolden,ecordas,ediga,edrinkwater,edurick,egospatrick,egrago,ehathcock,ehindbaugh,ejeppesen,ekalfas,ekenady,ekeuper,eklein,eklunder,ekurter,emanikowski,emargulis,emcquiddy,emehta,eorsten,eparham,epeterson,epoinelli,erathert,erostad,eserrett,esheehan,esonia,esproull,esthill,estockwin,etunby,ewicks,ewilles,ewismer,ewuitschick,eyounglas,eziebert,fagro,faleo,farquette,fbeatrice,fberra,fberyman,fbielecki,fburrough,fcha,fcunard,ffigert,fgoben,fgrashot,fhain,fhalon,fkeef,fmarchi,fmilsaps,fnottage,fparness,fplayfair,fsapien,fsavela,fsirianni,fsplinter,fsunderland,fsymmonds,fthein,fvallian,fvascones,fverfaille,fvinal,fwidhalm,gallanson,gapkin,garchambeault,gbitar,gbolay,gcarlini,gcervantez,gchounlapane,gclapham,gcobane,gconver,gcukaj,gcummer,gcurnutt,gdaub,gdeblasio,gdeyarmond,gdrilling,gearnshaw,gfaire,gfedewa,ggehrke,ggillim,ghann,ghelderman,ghumbles,gishii,gjankowiak,gkerens,glafontaine,gloebs,gmackinder,gmassi,gmilian,gmings,gmoen,gparkersmith,gpomerance,gportolese,greiff,gsantella,gschaumburg,gshrode,gtinnel,guresti,gvollrath,gwaud,habby,hbastidos,hbetterman,hbickford,hbraim,hbrandow,hbrehmer,hbukovsky,hcafourek,hcarrizal,hchaviano,hcintron,hcowles,hcusta,hdoiel,hdyner,hfludd,hgalavis,hhaffey,hhagee,hhartranft,hholyfield,hhysong,hkarney,hkinderknecht,hkippes,hkohlmeyer,hlauchaire,hlemon,hlichota,hliverman,hloftis,hlynema,hmateer,hmatonak,hmiazga,hmogush,hmuscaro,hpalmquist,hpimpare,hpolintan,hrapisura,hrenart,hriech,hsabol,hschelb,hschoepfer,hspiry,hstreitnatter,hsweezer,htilzer,htomlinson,htsuha,hvannette,hveader,hwestermark,hwoodert,hzagami,hzinda,iambrosino,ibeto,ibreitbart,ibuzo,ibyles,ichewning,icoard,ideveyra,ienglert,igizzi,ihalford,ihanneman,ihegener,ihernan,iherrarte,ihimmelwright,ihoa,iiffert,ikadar,ikulbida,ilacourse,ilamberth,ilawbaugh,ileaman,ilevian,imarungo,imcbay,imensah,imicthell,imillin,imuehl,inarain,iogasawara,iroiger,iseipel,isowder,isplonskowski,istallcup,istarring,isteinlicht,ithum,ivanschaack,iweibe,iyorgey,iyorks,jamber,jappleyard,jbielicki,jbjorkman,jcaroll,jdodge,jeuresti,jeverton,jglotzbecker,jherkenratt,jholzmiller,jjumalon,jkimpton,jknight,jlebouf,jlunney,jmartha,jmarugg,jmatty,joligee,jquicksall,jrees,jreigh,jroman,jscheitlin,jseen,jsegundo,jsenavanh,jskafec,jspohn,jsweezy,jvillaire,jwinterton,jzych,kaanerud,kalguire,kbarnthouse,kbartolet,kbattershell,kbrevitz,kbrugal,kcofrancesco,kcomparoni,kconkey,kdevincent,kepps,kfaure,kfend,kgarced,kgremminger,khartness,kheadlon,khovanesian,kjoslyn,klitehiser,klundsten,klurie,kmallach,kmandolfo,kmarzili,kmayoras,kmcardle,kmcguire,kmedcaf,kmeester,kmisove,kmoesch,kmosko,kmuros,kolexa,kottomaniello,kpalka,kpannunzio,kpenale,kpuebla,krahman,kseisler,kshippy,ksiering,ksollitto,ksparling,kstachurski,kthede,ktoni,ktriblett,ktuccio,ktuner,kwidrick,kwinterling,kwirght,laksamit,lautovino,lbanco,lbassin,lbove,lbuchtel,lcanestrini,lcaudell,lcavez,lcocherell,lcoulon,lcremer,leberhardt,lfarraj,lfichtner,lgadomski,lgandee,lgradilla,lhuggler,limbrogno,ljomes,lkimel,llarmore,llasher,lmadruga,lmauracher,lmcgeary,lmichaud,lmuehlberger,lnormand,lparrish,lpeagler,lpintor,lpitek,lpondexter,lrandall,lringuette,lschenkelberg,lschnorbus,lschollmeier,lseabold,lseehafer,lshilling,lsivic,lsobrino,lsous,lspielvogel,lvaleriano,lvanconant,lwedner,lyoula,mallmand,maustine,mbeagley,mbodley,mbravata,mcampagnone,mcaram,mcashett,mcasida,mcoch,mcolehour,mcontreras,mdanos,mdecourcey,mdedon,mdickinson,mdimaio,mdoering,mdyce,meconomides,mespinel,mfaeth,mfeil,mferandez,mfitzherbert,mgavet,mgayden,mground,mheilbrun,mhollings,mjeon,mkibler,mkofoed,mlaverde,mlenning,mlinak,mlinardi,mmangiamele,mmattu,mmcchristian,mmerriwether,mmesidor,mneubacher,moller,moser,mpanahon,mpark,mpellew,mpilon,mpizzaro,mpytko,mquigg,mredd,mrizer,mruppel,mrydelek,mskeele,mstirn,mswogger,mtanzi,mtintle,mvanbergen,mvanpelt,mvas,mvedder,mviverette,myokoyama,nagerton,nasmar,nbuford,nbugtong,ncermeno,nchrisman,nciucci,ndesautels,ndrumgole,nedgin,nendicott,nerbach,nevan,nforti,nfunchess,ngiesler,nglathar,ngrowney,ngullett,nhayer,nhelfinstine,nhija,ninnella,njordon,nkempon,nkubley,nlainhart,nlatchaw,nlemma,nlinarez,nlohmiller,nmccolm,nmoren,nnamanworth,nnickel,nousdahl,nphan,nramones,nranck,nridinger,nriofrio,nrybij,nrysavy,nschmig,nsiemonsma,nslaby,nspolar,nvyhnal,nwescott,nwiker,oahyou,oalthouse,obeaufait,obenallack,obercier,obihl,ocalleo,ochasten,oclunes,oconerly,ocrabbs,oebrani,ofelcher,ohatto,ohearl,ohedlund,ohoffert,ohove,ojerabek,okave,okveton,omalvaez,omasone,omatula,omcdaid,oolivarez,oosterhouse,opeet,opizzuti,opoch,oport,opuglisi,oreiss,osaber,oscarpello,oshough,ovibbert,owhelchel,owhitelow,pahles,pbascom,pbeckerdite,pbiggart,pbondroff,pbrentano,pcaposole,pcornn,pdauterman,pdech,pdischinger,pduitscher,pdulac,pdurando,pfavolise,pgiegerich,pgreenier,pgrybel,phalkett,pheathcock,phyer,pmineo,pminnis,ppedraja,ppeper,pphuaphes,prepasky,prowena,psabado,psalesky,pschrayter,psharits,psiroky,psundeen,pthornberry,ptoenjes,ptraweek,purquilla,pvierthaler,pvirelli,pviviani,pwademan,pwashuk,pwetherwax,pwhitmire,pwohlenhaus,pwutzke,qhanly,ralspach,rbernhagen,rbillingsly,rbloomstrand,rbrisby,rcheshier,rchevrette,rdubs,rdubuisson,redling,rfassinger,rfauerbach,rfidel,rginer,rgoonez,rgramby,rgriffies,rguinane,rheinzmann,rkraszewski,rlambertus,rlatessa,rlosinger,rmandril,rmcstay,rnordby,rpastorin,rpikes,rpinilla,rpitter,rramirez,rrasual,rschkade,rtole,rtooker,saben,sackles,sarndt,saycock,sbemo,sbettridge,sbloise,sbonnie,sbrabyn,scocuzza,sdebry,senrico,sestergard,sgefroh,sgirsh,sgropper,sgunder,sgurski,shaith,sherzberg,showe,sjankauskas,skanjirathinga,skoegler,slaningham,slaudeman,slerew,smccaie,smillian,smullowney,snotari,spolmer,srees,srubenfield,sscheiern,sskone,sskyers,sspagnuolo,sstough,sstuemke,svandewalle,svielle,svogler,svongal,swoodie,tabdelal,tairth,tbagne,tbattista,tboxx,tcacal,tcossa,tcrissinger,tdonathan,teliades,tfalconeri,tfetherston,tgelen,tgindhart,tguinnip,tharr,thelfritz,thoch,thynson,tkeala,tkelly,tkhora,tlana,tlowers,tmalecki,tmarkus,tmccaffity,tmccamish,tmcmickle,tmelland,tmorr,tmurata,tmysinger,tnaillon,tnitzel,tpaa,tplatko,tredfearn,tsablea,tsann,tschnepel,tsearle,tsepulueda,tsowells,tstalworth,tvehrs,tvrooman,tyounglas,ualway,uazatyan,ubenken,ubieniek,ubynum,udatu,uednilao,ueriks,uflander,ugerpheide,ugreenberg,uhayakawa,uholecek,ulanigan,umarbury,umosser,upater,upellam,uransford,urosentrance,uschweyen,usevera,uslavinski,uspittler,uvanmatre,uwalpole,uweyand,vbaldasaro,vbigalow,vbonder,vburton,vchevalier,vcrofton,vdesir,vdolan,veisenhardt,vemily,venfort,vfeigel,vglidden,vkrug,vlubic,vmaynard,vmedici,vnazzal,vnery,vpeairs,vpender,vpiraino,vrodick,vrunyon,vsefcovic,vstirman,vtowell,vtresch,vtrumpp,vwabasha,vwaltmann,vwisinger,vwokwicz,wbrill,wclokecloak,wconces,wconstantino,wcreggett,wdagrella,wdevenish,wdovey,wenglander,werrick,wesguerra,wganther,wkhazaleh,wleiva,wlynch,wmailey,wmendell,wnunziata,wottesen,wselim,wstjean,wtruman,wvalcin,wvermeulen,xeppley,xlantey,xrahaim,yautin,ycerasoli,ycobetto,ycostaneda,yduft,yeven,yfrymoyer,ygockel,yhenriques,ykimbel,yolivier,yschmuff,ysnock,yvdberg,zanderlik,zborgmeyer,zbuscaglia,zculp,zfarler,zhaulk,zkutchera,zmeeker,zneeb,zratti,zscammahorn,zvagt,zwinterbottom +EOM + +check "getent group hugegroup | sortgroup" << EOM +hugegroup:*:1006:ablackstock,abortignon,achhor,ademosthenes,adenicola,adishaw,aesbensen,aferge,afredin,afuchs,agarbett,agimm,agordner,ahandy,ajaquess,akertzman,akomsthoeft,akraskouskas,akravetz,alamour,alat,alienhard,amanganelli,amaslyn,amayorga,amccroskey,amcgraw,amckinney,ameisinger,aponcedeleon,apurdon,areid,arosel,ascheno,ascovel,asemons,ashuey,asivley,astrunk,atollefsrud,atonkin,awhitt,aziernicki,badair,baigner,bbeckfield,bbrenton,bcoletta,bcolorado,bdadds,bdaughenbaugh,bdevera,bdominga,behrke,beon,bfishbeck,bgavagan,bguthary,bharnois,bhelverson,bjolly,blovig,bluellen,bmadamba,bmarlin,bmarszalek,bmicklos,bmoling,bouten,bphou,bpinedo,brodgerson,broher,bromano,bscadden,bsibal,bstrede,bswantak,btempel,btheim,bveeneman,bwinterton,bwynes,cabare,carguellez,cbarlup,cbartnick,cbelardo,cbleimehl,cbotdorf,cbourek,cbrechbill,cbrom,ccyganiewicz,cdeckard,cdegravelle,cdickes,cdrumm,cfasone,cflenner,cfleurantin,cgaler,cgalinol,cgaudette,cghianni,charriman,cjody,cjuntunen,ckerska,ckistenmacher,cklem,ckodish,clapenta,clewicki,clouder,cmafnas,cmanno,cmcanulty,cmellberg,cmiramon,cnabzdyk,cnoriego,cpaccione,cpalmios,cparee,cpencil,cpentreath,cpinela,cpluid,critchie,cscullion,csever,csoomaroo,cspilis,cswigert,ctenny,ctetteh,ctuzzo,cwank,cweiss,dasiedu,daubert,dbarriball,dbertels,dblazejewski,dcaltabiano,dciullo,ddeguire,ddigerolamo,denriquez,deshmon,dfirpo,dflore,dfollman,dgiacomazzi,dgivliani,dgosser,dhammontree,dhendon,dhindsman,dholdaway,dlablue,dlanois,dlargo,dledenbach,dlongbotham,dloubier,dmahapatra,dmarchizano,dmcgillen,dminozzi,dnegri,dpebbles,draymundo,dscheurer,dsharr,dsherard,dsteever,dtashjian,dtornow,dtuholski,dwittlinger,dzurek,eaguire,eathey,ebattee,ebeachem,eberkman,ebusk,ecelestin,ecolden,ecordas,ediga,edrinkwater,edurick,egospatrick,egrago,ehathcock,ehindbaugh,ejeppesen,ekalfas,ekenady,ekeuper,eklein,eklunder,ekurter,emanikowski,emargulis,emcquiddy,emehta,eorsten,eparham,epeterson,epoinelli,erathert,erostad,eserrett,esheehan,esonia,esproull,esthill,estockwin,etunby,ewicks,ewilles,ewismer,ewuitschick,eyounglas,eziebert,fagro,faleo,farquette,fbeatrice,fberra,fberyman,fbielecki,fburrough,fcha,fcunard,ffigert,fgoben,fgrashot,fhain,fhalon,fkeef,fmarchi,fmilsaps,fnottage,fparness,fplayfair,fsapien,fsavela,fsirianni,fsplinter,fsunderland,fsymmonds,fthein,fvallian,fvascones,fverfaille,fvinal,fwidhalm,gallanson,gapkin,garchambeault,gbitar,gbolay,gcarlini,gcervantez,gchounlapane,gclapham,gcobane,gconver,gcukaj,gcummer,gcurnutt,gdaub,gdeblasio,gdeyarmond,gdrilling,gearnshaw,gfaire,gfedewa,ggehrke,ggillim,ghann,ghelderman,ghumbles,gishii,gjankowiak,gkerens,glafontaine,gloebs,gmackinder,gmassi,gmilian,gmings,gmoen,gparkersmith,gpomerance,gportolese,greiff,gsantella,gschaumburg,gshrode,gtinnel,guresti,gvollrath,gwaud,habby,hbastidos,hbetterman,hbickford,hbraim,hbrandow,hbrehmer,hbukovsky,hcafourek,hcarrizal,hchaviano,hcintron,hcowles,hcusta,hdoiel,hdyner,hfludd,hgalavis,hhaffey,hhagee,hhartranft,hholyfield,hhysong,hkarney,hkinderknecht,hkippes,hkohlmeyer,hlauchaire,hlemon,hlichota,hliverman,hloftis,hlynema,hmateer,hmatonak,hmiazga,hmogush,hmuscaro,hpalmquist,hpimpare,hpolintan,hrapisura,hrenart,hriech,hsabol,hschelb,hschoepfer,hspiry,hstreitnatter,hsweezer,htilzer,htomlinson,htsuha,hvannette,hveader,hwestermark,hwoodert,hzagami,hzinda,iambrosino,ibeto,ibreitbart,ibuzo,ibyles,ichewning,icoard,ideveyra,ienglert,igizzi,ihalford,ihanneman,ihegener,ihernan,iherrarte,ihimmelwright,ihoa,iiffert,ikadar,ikulbida,ilacourse,ilamberth,ilawbaugh,ileaman,ilevian,imarungo,imcbay,imensah,imicthell,imillin,imuehl,inarain,iogasawara,iroiger,iseipel,isowder,isplonskowski,istallcup,istarring,isteinlicht,ithum,ivanschaack,iweibe,iyorgey,iyorks,jamber,jappleyard,jbielicki,jbjorkman,jcaroll,jdodge,jeuresti,jeverton,jglotzbecker,jherkenratt,jholzmiller,jjumalon,jkimpton,jknight,jlebouf,jlunney,jmartha,jmarugg,jmatty,joligee,jquicksall,jrees,jreigh,jroman,jscheitlin,jseen,jsegundo,jsenavanh,jskafec,jspohn,jsweezy,jvillaire,jwinterton,jzych,kaanerud,kalguire,kbarnthouse,kbartolet,kbattershell,kbrevitz,kbrugal,kcofrancesco,kcomparoni,kconkey,kdevincent,kepps,kfaure,kfend,kgarced,kgremminger,khartness,kheadlon,khovanesian,kjoslyn,klitehiser,klundsten,klurie,kmallach,kmandolfo,kmarzili,kmayoras,kmcardle,kmcguire,kmedcaf,kmeester,kmisove,kmoesch,kmosko,kmuros,kolexa,kottomaniello,kpalka,kpannunzio,kpenale,kpuebla,krahman,kseisler,kshippy,ksiering,ksollitto,ksparling,kstachurski,kthede,ktoni,ktriblett,ktuccio,ktuner,kwidrick,kwinterling,kwirght,laksamit,lautovino,lbanco,lbassin,lbove,lbuchtel,lcanestrini,lcaudell,lcavez,lcocherell,lcoulon,lcremer,leberhardt,lfarraj,lfichtner,lgadomski,lgandee,lgradilla,lhuggler,limbrogno,ljomes,lkimel,llarmore,llasher,lmadruga,lmauracher,lmcgeary,lmichaud,lmuehlberger,lnormand,lparrish,lpeagler,lpintor,lpitek,lpondexter,lrandall,lringuette,lschenkelberg,lschnorbus,lschollmeier,lseabold,lseehafer,lshilling,lsivic,lsobrino,lsous,lspielvogel,lvaleriano,lvanconant,lwedner,lyoula,mallmand,maustine,mbeagley,mbodley,mbravata,mcampagnone,mcaram,mcashett,mcasida,mcoch,mcolehour,mcontreras,mdanos,mdecourcey,mdedon,mdickinson,mdimaio,mdoering,mdyce,meconomides,mespinel,mfaeth,mfeil,mferandez,mfitzherbert,mgavet,mgayden,mground,mheilbrun,mhollings,mjeon,mkibler,mkofoed,mlaverde,mlenning,mlinak,mlinardi,mmangiamele,mmattu,mmcchristian,mmerriwether,mmesidor,mneubacher,moller,moser,mpanahon,mpark,mpellew,mpilon,mpizzaro,mpytko,mquigg,mredd,mrizer,mruppel,mrydelek,mskeele,mstirn,mswogger,mtanzi,mtintle,mvanbergen,mvanpelt,mvas,mvedder,mviverette,myokoyama,nagerton,nasmar,nbuford,nbugtong,ncermeno,nchrisman,nciucci,ndesautels,ndrumgole,nedgin,nendicott,nerbach,nevan,nforti,nfunchess,ngiesler,nglathar,ngrowney,ngullett,nhayer,nhelfinstine,nhija,ninnella,njordon,nkempon,nkubley,nlainhart,nlatchaw,nlemma,nlinarez,nlohmiller,nmccolm,nmoren,nnamanworth,nnickel,nousdahl,nphan,nramones,nranck,nridinger,nriofrio,nrybij,nrysavy,nschmig,nsiemonsma,nslaby,nspolar,nvyhnal,nwescott,nwiker,oahyou,oalthouse,obeaufait,obenallack,obercier,obihl,ocalleo,ochasten,oclunes,oconerly,ocrabbs,oebrani,ofelcher,ohatto,ohearl,ohedlund,ohoffert,ohove,ojerabek,okave,okveton,omalvaez,omasone,omatula,omcdaid,oolivarez,oosterhouse,opeet,opizzuti,opoch,oport,opuglisi,oreiss,osaber,oscarpello,oshough,ovibbert,owhelchel,owhitelow,pahles,pbascom,pbeckerdite,pbiggart,pbondroff,pbrentano,pcaposole,pcornn,pdauterman,pdech,pdischinger,pduitscher,pdulac,pdurando,pfavolise,pgiegerich,pgreenier,pgrybel,phalkett,pheathcock,phyer,pmineo,pminnis,ppedraja,ppeper,pphuaphes,prepasky,prowena,psabado,psalesky,pschrayter,psharits,psiroky,psundeen,pthornberry,ptoenjes,ptraweek,purquilla,pvierthaler,pvirelli,pviviani,pwademan,pwashuk,pwetherwax,pwhitmire,pwohlenhaus,pwutzke,qhanly,ralspach,rbernhagen,rbillingsly,rbloomstrand,rbrisby,rcheshier,rchevrette,rdubs,rdubuisson,redling,rfassinger,rfauerbach,rfidel,rginer,rgoonez,rgramby,rgriffies,rguinane,rheinzmann,rkraszewski,rlambertus,rlatessa,rlosinger,rmandril,rmcstay,rnordby,rpastorin,rpikes,rpinilla,rpitter,rramirez,rrasual,rschkade,rtole,rtooker,saben,sackles,sarndt,saycock,sbemo,sbettridge,sbloise,sbonnie,sbrabyn,scocuzza,sdebry,senrico,sestergard,sgefroh,sgirsh,sgropper,sgunder,sgurski,shaith,sherzberg,showe,sjankauskas,skanjirathinga,skoegler,slaningham,slaudeman,slerew,smccaie,smillian,smullowney,snotari,spolmer,srees,srubenfield,sscheiern,sskone,sskyers,sspagnuolo,sstough,sstuemke,svandewalle,svielle,svogler,svongal,swoodie,tabdelal,tairth,tbagne,tbattista,tboxx,tcacal,tcossa,tcrissinger,tdonathan,teliades,tfalconeri,tfetherston,tgelen,tgindhart,tguinnip,tharr,thelfritz,thoch,thynson,tkeala,tkelly,tkhora,tlana,tlowers,tmalecki,tmarkus,tmccaffity,tmccamish,tmcmickle,tmelland,tmorr,tmurata,tmysinger,tnaillon,tnitzel,tpaa,tplatko,tredfearn,tsablea,tsann,tschnepel,tsearle,tsepulueda,tsowells,tstalworth,tvehrs,tvrooman,tyounglas,ualway,uazatyan,ubenken,ubieniek,ubynum,udatu,uednilao,ueriks,uflander,ugerpheide,ugreenberg,uhayakawa,uholecek,ulanigan,umarbury,umosser,upater,upellam,uransford,urosentrance,uschweyen,usevera,uslavinski,uspittler,uvanmatre,uwalpole,uweyand,vbaldasaro,vbigalow,vbonder,vburton,vchevalier,vcrofton,vdesir,vdolan,veisenhardt,vemily,venfort,vfeigel,vglidden,vkrug,vlubic,vmaynard,vmedici,vnazzal,vnery,vpeairs,vpender,vpiraino,vrodick,vrunyon,vsefcovic,vstirman,vtowell,vtresch,vtrumpp,vwabasha,vwaltmann,vwisinger,vwokwicz,wbrill,wclokecloak,wconces,wconstantino,wcreggett,wdagrella,wdevenish,wdovey,wenglander,werrick,wesguerra,wganther,wkhazaleh,wleiva,wlynch,wmailey,wmendell,wnunziata,wottesen,wselim,wstjean,wtruman,wvalcin,wvermeulen,xeppley,xlantey,xrahaim,yautin,ycerasoli,ycobetto,ycostaneda,yduft,yeven,yfrymoyer,ygockel,yhenriques,ykimbel,yolivier,yschmuff,ysnock,yvdberg,zanderlik,zborgmeyer,zbuscaglia,zculp,zfarler,zhaulk,zkutchera,zmeeker,zneeb,zratti,zscammahorn,zvagt,zwinterbottom +EOM + +check "getent group nstgrp1 | sortgroup" << EOM +nstgrp1:*:800:testusr2 +EOM + +check "getent group nstgrp2 | sortgroup" << EOM +nstgrp2:*:801:testusr2,testusr3 +EOM + +check "getent group nstgrp3 | sortgroup" << EOM +nstgrp3:*:802:testusr2,testusr3 +EOM + +check "groups testusr2 | sed 's/^.* *: *//'" << EOM +users largegroup testgroup2 nstgrp1 nstgrp2 nstgrp3 +EOM + +check "groups testusr3 | sed 's/^.* *: *//'" << EOM +users largegroup nstgrp2 nstgrp3 +EOM + +fi # end of group tests + +########################################################################### + +if grep '^hosts.*ldap' /etc/nsswitch.conf > /dev/null 2>&1 +then +echo "test_nsscmds.sh: testing hosts..." + +check "getent hosts testhost" << EOM +192.0.2.123 testhost testhostalias +EOM + +check "getent hosts testhostalias" << EOM +192.0.2.123 testhost testhostalias +EOM + +# check hostname with different case +check "getent hosts TESTHOST" << EOM +192.0.2.123 testhost testhostalias +EOM + +check "getent hosts 192.0.2.123" << EOM +192.0.2.123 testhost testhostalias +EOM + +check "getent hosts | grep testhost | sort" << EOM +192.0.2.123 testhost testhostalias +192.0.2.124 testhost2 +192.0.2.126 testhost4 +EOM + +check "getent hosts 2001:db8::dead:beef" << EOM +2001:db8::dead:beef testhost2 +EOM + +check "getent ahosts testhost2" << EOM +2001:db8::dead:beef STREAM testhost2 +2001:db8::dead:beef DGRAM +2001:db8::dead:beef RAW +192.0.2.124 STREAM +192.0.2.124 DGRAM +192.0.2.124 RAW +EOM + +check "getent hosts testhost3" << EOM +2001:db8::feed:c0de testhost3 +EOM + +check "getent ahosts testhost3" << EOM +2001:db8::feed:c0de STREAM testhost3 +2001:db8::feed:c0de DGRAM +2001:db8::feed:c0de RAW +EOM + +check "getent ahosts testhost4" << EOM +2001:db8::7e27:ac1d STREAM testhost4 +2001:db8::7e27:ac1d DGRAM +2001:db8::7e27:ac1d RAW +192.0.2.126 STREAM +192.0.2.126 DGRAM +192.0.2.126 RAW +EOM + +fi # end of hosts tests + +########################################################################### + +if grep '^netgroup.*ldap' /etc/nsswitch.conf > /dev/null 2>&1 +then +echo "test_nsscmds.sh: testing netgroup..." + +# check netgroup lookup of test netgroup +check "getent netgroup tstnetgroup" << EOM +tstnetgroup ( , arthur, ) (noot, , ) +EOM + +# check netgroup lookup with different case +check "getent netgroup TSTNETGROUP" << EOM +EOM + +fi # end of netgroup tests + +########################################################################### + +if grep '^networks.*ldap' /etc/nsswitch.conf > /dev/null 2>&1 +then +echo "test_nsscmds.sh: testing networks..." + +check "getent networks testnet" << EOM +testnet 192.0.2.0 +EOM + +# check network name with different case +check "getent networks TESTNET" << EOM +testnet 192.0.2.0 +EOM + +check "getent networks 192.0.2.0" << EOM +testnet 192.0.2.0 +EOM + +check "getent networks | grep testnet" << EOM +testnet 192.0.2.0 +EOM + +fi # end of networks tests + +########################################################################### + +if grep '^passwd.*ldap' /etc/nsswitch.conf > /dev/null 2>&1 +then +echo "test_nsscmds.sh: testing passwd..." + +check "getent passwd ecolden | sed 's/:[x*]:/:x:/'" << EOM +ecolden:x:5972:1000:Estelle Colden:/home/ecolden:/bin/bash +EOM + +check "getent passwd arthur | sed 's/:[x*]:/:x:/'" << EOM +arthur:x:1000:100:Arthur de Jong:/home/arthur:/bin/bash +EOM + +# check username with different case +check "getent passwd ARTHUR" << EOM +EOM + +check "getent passwd 4089 | sed 's/:[x*]:/:x:/'" << EOM +jguzzetta:x:4089:1000:Josephine Guzzetta:/home/jguzzetta:/bin/bash +EOM + +# count the number of passwd entries in the 4000-5999 range +check "getent passwd | grep -c ':[x*]:[45][0-9][0-9][0-9]:'" << EOM +2000 +EOM + +fi # end of passwd tests + +########################################################################### + +if grep '^protocols.*ldap' /etc/nsswitch.conf > /dev/null 2>&1 +then +echo "test_nsscmds.sh: testing protocols..." + +check "getent protocols protfoo" << EOM +protfoo 253 protfooalias +EOM + +check "getent protocols protfooalias" << EOM +protfoo 253 protfooalias +EOM + +# check protocol with different case +check "getent protocols PROTFOO" << EOM +EOM + +# test protocol alias with different case +check "getent protocols PROTFOOALIAS" << EOM +EOM + +check "getent protocols 253" << EOM +protfoo 253 protfooalias +EOM + +check "getent protocols icmp" << EOM +icmp 1 ICMP +EOM + +check "getent protocols | grep protfoo" << EOM +protfoo 253 protfooalias +EOM + +fi # end of protocols tests + +########################################################################### + +if grep '^rpc.*ldap' /etc/nsswitch.conf > /dev/null 2>&1 +then +echo "test_nsscmds.sh: testing rpc..." + +check "getent rpc rpcfoo" << EOM +rpcfoo 160002 rpcfooalias +EOM + +check "getent rpc rpcfooalias" << EOM +rpcfoo 160002 rpcfooalias +EOM + +# test rpc name with different case +check "getent rpc RPCFOO" << EOM +EOM + +check "getent rpc 160002" << EOM +rpcfoo 160002 rpcfooalias +EOM + +check "getent rpc | grep rpcfoo" << EOM +rpcfoo 160002 rpcfooalias +EOM + +fi # end of rpc tests + +########################################################################### + +if grep '^services.*ldap' /etc/nsswitch.conf > /dev/null 2>&1 +then +echo "test_nsscmds.sh: testing services..." + +check "getent services foosrv" << EOM +foosrv 15349/tcp +EOM + +check "getent services foosrv/tcp" << EOM +foosrv 15349/tcp +EOM + +check "getent services foosrv/udp" << EOM +EOM + +# check with different case +check "getent services FOOSRV" << EOM +EOM + +# check protocol name case sensitivity (TCP is commonly an alias) +check "getent services foosrv/tCp" << EOM +EOM + +check "getent services 15349/tcp" << EOM +foosrv 15349/tcp +EOM + +check "getent services 15349/udp" << EOM +EOM + +check "getent services barsrv" << EOM +barsrv 15350/tcp +EOM + +check "getent services barsrv/tcp" << EOM +barsrv 15350/tcp +EOM + +check "getent services barsrv/udp" << EOM +barsrv 15350/udp +EOM + +check "getent services | egrep '(foo|bar)srv' | sort" << EOM +barsrv 15350/tcp +barsrv 15350/udp +foosrv 15349/tcp +EOM + +check "getent services sssin" << EOM +sssin 5000/tcp SSSIN +EOM + +check "getent services SSSIN" << EOM +sssin 5000/tcp SSSIN +EOM + +check "getent services | wc -l" << EOM +`grep -c '^[^#].' /etc/services | awk '{print $1 + 4}'` +EOM + +fi # end of services tests + +########################################################################### + +if grep '^shadow.*ldap' /etc/nsswitch.conf > /dev/null 2>&1 +then +echo "test_nsscmds.sh: testing shadow..." + +# function to remove the password field from output +rmpasswd() { + sed 's/^\([^:]*\):[^:]*:/\1:*:/' +} + +check "getent shadow ecordas | rmpasswd" << EOM +ecordas:*::::7:2::0 +EOM + +check "getent shadow adishaw | rmpasswd" << EOM +adishaw:*:12302:::7:2::0 +EOM + +# check case-sensitivity +check "getent shadow ADISHAW" << EOM +EOM + +# check if the number of passwd entries matches the number of shadow entries +check "getent shadow | wc -l" << EOM +`getent passwd | wc -l` +EOM + +# check if the names of users match between passwd and shadow +getent passwd | sed 's/:.*//' | sort | \ + check "getent shadow | sed 's/:.*//' | sort" + +fi # end of shadow tests + +########################################################################### +# determine the result + +if [ $FAIL -eq 0 ] +then + echo "test_nsscmds.sh: all tests passed" + exit 0 +else + echo "test_nsscmds.sh: $FAIL TESTS FAILED" + exit 1 +fi diff --git a/tests/test_pamcmds.expect b/tests/test_pamcmds.expect new file mode 100644 index 0000000..2379090 --- /dev/null +++ b/tests/test_pamcmds.expect @@ -0,0 +1,214 @@ +#!/usr/bin/expect -- + +# test_pamcmds.expect - test script to check output of PAM commands +# +# Copyright (C) 2011, 2012, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +# basic configuration +set timeout 5 +log_file -a -noappend test_pamcmds.log +log_user 0 + +# basic error handling +proc abort {} { + global expect_out + send_user "\n\ntest_pamcmds.expect: ERROR found:\n" + send_user "$expect_out(buffer)\n" + exit 1 +} + +# function for resetting the password +proc reset_password {} { + global expect_out + send_user "test_pamcmds.expect: resetting passwd...\n" + spawn passwd vsefcovic + expect { + "LDAP administrator password" { send "test\r"; exp_continue } + -regexp "(New|Retype new)( UNIX)? password:" { send "test\r"; exp_continue } + "password updated successfully" {} + "passwd: all authentication tokens updated successfully." {} + "Invalid credentials" abort + "Authentication token manipulation error" abort + "passwd: Sorry, `passwd' can only change passwords for local or NIS users." { + send_user "test_pamcmds.expect: passwd not using PAM\n" + exit 77 + } + default abort + } + #close +} + +# find source directory +if { ! [info exists ::env(srcdir) ] } { + set env(srcdir) "." +} +# ensure that we are running as root +if { [exec id -u] != "0" } { + send_user "test_pamcmds.expect: not running as root\n" + exit 77 +} +# ensure that we are running in the test environment +spawn $env(srcdir)/testenv.sh check +expect eof +catch wait result +if { [lindex $result 3] } { + send_user "test_pamcmds.expect: not running in test environment\n" + exit 77 +} + +# ensure that a correct password is set +reset_password + +# start a shell as nobody +send_user "test_pamcmds.expect: start shell...\n" +spawn su - nobody -s /bin/sh +expect "\$ " + +# function to do login, expecting OK result +proc test_login_ok {uid passwd} { + send "su - $uid -s /bin/sh\r" + expect "Password:" + send "$passwd\r" + expect { + "su: warning: cannot change directory" { exp_continue } + "\$ " {} + "su: incorrect password" abort + default abort + } + # test whether we are really logged in + send "id\r" + expect { + -regexp "uid=\[0-9\]*\\($uid\\)" {} + "\$ " abort + default abort + } + expect "\$ " +} + +# function to do login, expecting FAIL result +proc test_login_authfail {uid passwd} { + send "su - $uid -s /bin/sh\r" + expect "Password:" + send "$passwd\r" + expect { + "su: Authentication failure" {} + "su: incorrect password" {} + "\$ " abort + default abort + } + expect "\$ " +} + +# function to do login, expecting FAIL result +proc test_login_unknown {uid passwd} { + send "su - $uid -s /bin/sh\r" + expect { + "Password:" { send "$passwd\r"; exp_continue } + "Unknown id" {} + "No passwd entry for user" {} + "user $uid does not exist" {} + "\$ " abort + default abort + } + expect "\$ " +} + +# test incorrect password +send_user "test_pamcmds.expect: testing incorrect password...\n" +test_login_authfail vsefcovic wrongpassword + +# test correct password +send_user "test_pamcmds.expect: testing correct password...\n" +test_login_ok vsefcovic test + +# change password using incorrect old password +send_user "test_pamcmds.expect: testing password change with incorrect password...\n" +send "passwd\r" +expect { + -nocase "password:" { send "wrongpassword\r" } + "\$ " abort + default abort +} +expect { + -regexp "(New|Retype new)( UNIX)? password:" { send "DuhevOlNoz5\r"; exp_continue } + "password changed" abort + "all authentication tokens updated successfully." abort + "Invalid credentials" {} + "Authentication token manipulation error" {} + "\$ " abort +} +expect "\$ " + +# change the password using the correct old password +send_user "test_pamcmds.expect: testing password change with correct password...\n" +send "passwd\r" +expect { + -nocase "password:" { send "test\r" } + "\$ " abort + default abort +} +expect { + -regexp "(New|Retype new)( UNIX)? password:" { send "DuhevOlNoz5\r"; exp_continue } + "password updated successfully" {} + "all authentication tokens updated successfully." {} + "Invalid credentials" abort + "Authentication token manipulation error" abort + "\$ " abort +} +expect "\$ " + +# exist shell (back to nobody) +send "exit\r" +expect "\$ " + +# logging in with the old password should fail now +send_user "test_pamcmds.expect: testing old password...\n" +test_login_authfail vsefcovic test + +# test correct password +send_user "test_pamcmds.expect: testing new password...\n" +test_login_ok vsefcovic DuhevOlNoz5 + +# test invalid username +send_user "test_pamcmds.expect: testing with unknown username...\n" +test_login_unknown foo anypassword + +# test login as root with incorrect password +send_user "test_pamcmds.expect: testing with root...\n" +test_login_authfail root anypassword + +# test login as nobody with incorrect password +send_user "test_pamcmds.expect: testing with nobody...\n" +test_login_authfail nobody anypassword + +# close the shell (first log off vsefcovic) +send "exit\r" +expect "\$ " +send "exit\r" +expect { + eof {} + "\$ " abort + timeout abort +} + +# ensure that a correct password is set +reset_password + +send_user "test_pamcmds.expect: everyting OK\n" + +exit 0 diff --git a/tests/test_pamcmds.sh b/tests/test_pamcmds.sh new file mode 100755 index 0000000..76d825f --- /dev/null +++ b/tests/test_pamcmds.sh @@ -0,0 +1,41 @@ +#!/bin/sh + +# test_pamcmds.sh - test script to start test_pamcmds.expect +# +# Copyright (C) 2011, 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +set -e + +# find source directory +srcdir="${srcdir-`dirname "$0"`}" + +# ensure that we are running in the test environment +"$srcdir/testenv.sh" check || exit 77 + +# check if we have expect installed +EXPECT="$(which expect 2> /dev/null || true)" +if [ -x "$EXPECT" ] +then + : +else + echo "$0: expect not found, not running tests" + exit 77 +fi + +export srcdir +"$EXPECT" "$srcdir/test_pamcmds.expect" diff --git a/tests/test_pycompile.sh b/tests/test_pycompile.sh new file mode 100755 index 0000000..c429b1f --- /dev/null +++ b/tests/test_pycompile.sh @@ -0,0 +1,63 @@ +#!/bin/sh + +# test_pycompile.sh - see if all Python files compile +# +# Copyright (C) 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +set -e + +# find source directory +srcdir="${srcdir-`dirname "$0"`}" +top_srcdir="${top_srcdir-${srcdir}/..}" +python="${PYTHON-python}" + +# if Python is missing, ignore +if ! ${python} --version > /dev/null 2> /dev/null +then + echo "Python (${python}) not found" + exit 77 +fi + +# compile all Python files (without writing pyc files) +${python} -c " +import os +import py_compile +import sys +import traceback + +top_srcdir = '$top_srcdir' +errors_found = 0 +tmpfile = 'tmpfile.pyc' + +for root, dirs, files in os.walk(top_srcdir): + for f in files: + if f.endswith('.py'): + filename = os.path.join(root, f) + try: + py_compile.compile(filename, tmpfile, doraise=True) + except py_compile.PyCompileError, e: + print 'Compiling %s ...' % os.path.abspath(filename) + print e + errors_found += 1 + +os.unlink(tmpfile) + +if errors_found: + print '%d errors found' % errors_found + sys.exit(1) +" diff --git a/tests/test_pylint.sh b/tests/test_pylint.sh new file mode 100755 index 0000000..b97600a --- /dev/null +++ b/tests/test_pylint.sh @@ -0,0 +1,62 @@ +#!/bin/sh + +# test_pylint.sh - run pylint on the source to find errors +# +# Copyright (C) 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +set -e + +# find source directory +srcdir="${srcdir-`dirname "$0"`}" +top_srcdir="${top_srcdir-${srcdir}/..}" +builddir="${builddir-`dirname "$0"`}" +top_builddir="${top_builddir-${builddir}/..}" + +# if Pylint is missing, ignore +if ! pylint --version > /dev/null 2> /dev/null +then + echo "Pylint not found" + exit 77 +fi + +# get rcfile absolute path +absdir="$( (cd "$srcdir"; pwd) )" +rcfile="$absdir/pylint.rc" + +# get the disable option from the configuration file +# (this somehow doesn't work in pylint) +disable=$(sed -n 's/^disable=\(.*\)$/\1/p' "$rcfile") + +# run Pylint in both pynslcd and utils directories +for dir in pynslcd utils +do + echo "Running pylint in $dir..." + dir_builddir="$(cd "${top_builddir}/${dir}" && pwd)" + ( cd "${top_srcdir}/${dir}" ; + PYTHONPATH="${dir_builddir}" pylint --errors-only --rcfile "$rcfile" --disable "$disable" *.py) +done + +# Pylint has the following exit codes: +# 0 if everything went fine +# 1 if a fatal message was issued +# 2 if an error message was issued +# 4 if a warning message was issued +# 8 if a refactor message was issued +# 16 if a convention message was issued +# 32 on usage error +# (exit codes are ORed) diff --git a/tests/test_pynslcd_cache.py b/tests/test_pynslcd_cache.py new file mode 100755 index 0000000..5c15b01 --- /dev/null +++ b/tests/test_pynslcd_cache.py @@ -0,0 +1,459 @@ +#!/usr/bin/env python + +# test_pynslcd_cache.py - tests for the pynslcd caching functionality +# +# Copyright (C) 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import os +import os.path +import sys +import unittest + +# fix the Python path +sys.path.insert(1, os.path.abspath(os.path.join(sys.path[0], '..', 'pynslcd'))) +sys.path.insert(2, os.path.abspath(os.path.join('..', 'pynslcd'))) + + +# TODO: think about case-sesitivity of cache searches (have tests for that) + + +class TestAlias(unittest.TestCase): + + def setUp(self): + import alias + cache = alias.Cache() + cache.store('alias1', ['member1', 'member2']) + cache.store('alias2', ['member1', 'member3']) + cache.store('alias3', []) + self.cache = cache + + def test_by_name(self): + self.assertItemsEqual(self.cache.retrieve(dict(cn='alias1')), [ + ['alias1', ['member1', 'member2']], + ]) + + def test_by_member(self): + self.assertItemsEqual(self.cache.retrieve(dict(rfc822MailMember='member1')), [ + ['alias1', ['member1', 'member2']], + ['alias2', ['member1', 'member3']], + ]) + + def test_all(self): + self.assertItemsEqual(self.cache.retrieve({}), [ + ['alias1', ['member1', 'member2']], + ['alias2', ['member1', 'member3']], + ['alias3', []], + ]) + + +class TestEther(unittest.TestCase): + + def setUp(self): + import ether + cache = ether.Cache() + cache.store('name1', '0:18:8a:54:1a:11') + cache.store('name2', '0:18:8a:54:1a:22') + self.cache = cache + + def test_by_name(self): + self.assertItemsEqual(self.cache.retrieve(dict(cn='name1')), [ + ['name1', '0:18:8a:54:1a:11'], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(cn='name2')), [ + ['name2', '0:18:8a:54:1a:22'], + ]) + + def test_by_ether(self): + # ideally we should also support alternate representations + self.assertItemsEqual(self.cache.retrieve(dict(macAddress='0:18:8a:54:1a:22')), [ + ['name2', '0:18:8a:54:1a:22'], + ]) + + def test_all(self): + self.assertItemsEqual(self.cache.retrieve({}), [ + ['name1', '0:18:8a:54:1a:11'], + ['name2', '0:18:8a:54:1a:22'], + ]) + + +class TestGroup(unittest.TestCase): + + def setUp(self): + import group + cache = group.Cache() + cache.store('group1', 'pass1', 10, ['user1', 'user2']) + cache.store('group2', 'pass2', 20, ['user1', 'user2', 'user3']) + cache.store('group3', 'pass3', 30, []) + cache.store('group4', 'pass4', 40, ['user2', ]) + self.cache = cache + + def test_by_name(self): + self.assertItemsEqual(self.cache.retrieve(dict(cn='group1')), [ + ['group1', 'pass1', 10, ['user1', 'user2']], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(cn='group3')), [ + ['group3', 'pass3', 30, []], + ]) + + def test_by_gid(self): + self.assertItemsEqual(self.cache.retrieve(dict(gidNumber=10)), [ + ['group1', 'pass1', 10, ['user1', 'user2']], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(gidNumber=40)), [ + ['group4', 'pass4', 40, ['user2']], + ]) + + def test_all(self): + self.assertItemsEqual(self.cache.retrieve({}), [ + ['group1', 'pass1', 10, ['user1', 'user2']], + ['group2', 'pass2', 20, ['user1', 'user2', 'user3']], + ['group3', 'pass3', 30, []], + ['group4', 'pass4', 40, ['user2']], + ]) + + def test_bymember(self): + self.assertItemsEqual(self.cache.retrieve(dict(memberUid='user1')), [ + ['group1', 'pass1', 10, ['user1', 'user2']], + ['group2', 'pass2', 20, ['user1', 'user2', 'user3']], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(memberUid='user2')), [ + ['group1', 'pass1', 10, ['user1', 'user2']], + ['group2', 'pass2', 20, ['user1', 'user2', 'user3']], + ['group4', 'pass4', 40, ['user2']], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(memberUid='user3')), [ + ['group2', 'pass2', 20, ['user1', 'user2', 'user3']], + ]) + + +class TestHost(unittest.TestCase): + + def setUp(self): + import host + cache = host.Cache() + cache.store('hostname1', [], ['127.0.0.1', ]) + cache.store('hostname2', ['alias1', 'alias2'], ['127.0.0.2', '127.0.0.3']) + self.cache = cache + + def test_by_name(self): + self.assertItemsEqual(self.cache.retrieve(dict(cn='hostname1')), [ + ['hostname1', [], ['127.0.0.1']], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(cn='hostname2')), [ + ['hostname2', ['alias1', 'alias2'], ['127.0.0.2', '127.0.0.3']], + ]) + + def test_by_alias(self): + self.assertItemsEqual(self.cache.retrieve(dict(cn='alias1')), [ + ['hostname2', ['alias1', 'alias2'], ['127.0.0.2', '127.0.0.3']], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(cn='alias2')), [ + ['hostname2', ['alias1', 'alias2'], ['127.0.0.2', '127.0.0.3']], + ]) + + def test_by_address(self): + self.assertItemsEqual(self.cache.retrieve(dict(ipHostNumber='127.0.0.3')), [ + ['hostname2', ['alias1', 'alias2'], ['127.0.0.2', '127.0.0.3']], + ]) + + +class TestNetgroup(unittest.TestCase): + + def setUp(self): + import netgroup + cache = netgroup.Cache() + cache.store('netgroup1', ['(host1, user1,)', '(host1, user2,)', '(host2, user1,)'], ['netgroup2', ]) + cache.store('netgroup2', ['(host3, user1,)', '(host3, user3,)'], []) + self.cache = cache + + def test_by_name(self): + self.assertItemsEqual(self.cache.retrieve(dict(cn='netgroup1')), [ + ['netgroup1', ['(host1, user1,)', '(host1, user2,)', '(host2, user1,)'], ['netgroup2', ]], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(cn='netgroup2')), [ + ['netgroup2', ['(host3, user1,)', '(host3, user3,)'], []], + ]) + + +class TestNetwork(unittest.TestCase): + + def setUp(self): + import network + cache = network.Cache() + cache.store('networkname1', [], ['127.0.0.1', ]) + cache.store('networkname2', ['alias1', 'alias2'], ['127.0.0.2', '127.0.0.3']) + self.cache = cache + + def test_by_name(self): + self.assertItemsEqual(self.cache.retrieve(dict(cn='networkname1')), [ + ['networkname1', [], ['127.0.0.1']], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(cn='networkname2')), [ + ['networkname2', ['alias1', 'alias2'], ['127.0.0.2', '127.0.0.3']], + ]) + + def test_by_alias(self): + self.assertItemsEqual(self.cache.retrieve(dict(cn='alias1')), [ + ['networkname2', ['alias1', 'alias2'], ['127.0.0.2', '127.0.0.3']], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(cn='alias2')), [ + ['networkname2', ['alias1', 'alias2'], ['127.0.0.2', '127.0.0.3']], + ]) + + def test_by_address(self): + self.assertItemsEqual(self.cache.retrieve(dict(ipNetworkNumber='127.0.0.3')), [ + ['networkname2', ['alias1', 'alias2'], ['127.0.0.2', '127.0.0.3']], + ]) + + +class TestPasswd(unittest.TestCase): + + def setUp(self): + import passwd + cache = passwd.Cache() + cache.store('name', 'passwd', 100, 200, 'gecos', '/home/user', '/bin/bash') + cache.store('name2', 'passwd2', 101, 202, 'gecos2', '/home/user2', '/bin/bash') + self.cache = cache + + def test_by_name(self): + self.assertItemsEqual(self.cache.retrieve(dict(uid='name')), [ + [u'name', u'passwd', 100, 200, u'gecos', u'/home/user', u'/bin/bash'], + ]) + + def test_by_unknown_name(self): + self.assertItemsEqual(self.cache.retrieve(dict(uid='notfound')), []) + + def test_by_number(self): + self.assertItemsEqual(self.cache.retrieve(dict(uidNumber=100)), [ + [u'name', u'passwd', 100, 200, u'gecos', u'/home/user', u'/bin/bash'], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(uidNumber=101)), [ + ['name2', 'passwd2', 101, 202, 'gecos2', '/home/user2', '/bin/bash'], + ]) + + def test_all(self): + self.assertItemsEqual(self.cache.retrieve({}), [ + [u'name', u'passwd', 100, 200, u'gecos', u'/home/user', u'/bin/bash'], + [u'name2', u'passwd2', 101, 202, u'gecos2', u'/home/user2', u'/bin/bash'], + ]) + + +class TestProtocol(unittest.TestCase): + + def setUp(self): + import protocol + cache = protocol.Cache() + cache.store('protocol1', ['alias1', 'alias2'], 100) + cache.store('protocol2', ['alias3', ], 200) + cache.store('protocol3', [], 300) + self.cache = cache + + def test_by_name(self): + self.assertItemsEqual(self.cache.retrieve(dict(cn='protocol1')), [ + ['protocol1', ['alias1', 'alias2'], 100], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(cn='protocol2')), [ + ['protocol2', ['alias3', ], 200], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(cn='protocol3')), [ + ['protocol3', [], 300], + ]) + + def test_by_unknown_name(self): + self.assertItemsEqual(self.cache.retrieve(dict(cn='notfound')), []) + + def test_by_number(self): + self.assertItemsEqual(self.cache.retrieve(dict(ipProtocolNumber=100)), [ + ['protocol1', ['alias1', 'alias2'], 100], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(ipProtocolNumber=200)), [ + ['protocol2', ['alias3', ], 200], + ]) + + def test_by_alias(self): + self.assertItemsEqual(self.cache.retrieve(dict(cn='alias1')), [ + ['protocol1', ['alias1', 'alias2'], 100], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(cn='alias3')), [ + ['protocol2', ['alias3', ], 200], + ]) + + def test_all(self): + self.assertItemsEqual(self.cache.retrieve({}), [ + ['protocol1', ['alias1', 'alias2'], 100], + ['protocol2', ['alias3'], 200], + ['protocol3', [], 300], + ]) + + +class TestRpc(unittest.TestCase): + + def setUp(self): + import rpc + cache = rpc.Cache() + cache.store('rpc1', ['alias1', 'alias2'], 100) + cache.store('rpc2', ['alias3', ], 200) + cache.store('rpc3', [], 300) + self.cache = cache + + def test_by_name(self): + self.assertItemsEqual(self.cache.retrieve(dict(cn='rpc1')), [ + ['rpc1', ['alias1', 'alias2'], 100], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(cn='rpc2')), [ + ['rpc2', ['alias3', ], 200], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(cn='rpc3')), [ + ['rpc3', [], 300], + ]) + + def test_by_unknown_name(self): + self.assertItemsEqual(self.cache.retrieve(dict(cn='notfound')), []) + + def test_by_number(self): + self.assertItemsEqual(self.cache.retrieve(dict(oncRpcNumber=100)), [ + ['rpc1', ['alias1', 'alias2'], 100], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(oncRpcNumber=200)), [ + ['rpc2', ['alias3', ], 200], + ]) + + def test_by_alias(self): + self.assertItemsEqual(self.cache.retrieve(dict(cn='alias1')), [ + ['rpc1', ['alias1', 'alias2'], 100], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(cn='alias3')), [ + ['rpc2', ['alias3', ], 200], + ]) + + def test_all(self): + self.assertItemsEqual(self.cache.retrieve({}), [ + ['rpc1', ['alias1', 'alias2'], 100], + ['rpc2', ['alias3'], 200], + ['rpc3', [], 300], + ]) + + +class TestService(unittest.TestCase): + + def setUp(self): + import service + cache = service.Cache() + cache.store('service1', ['alias1', 'alias2'], 100, 'tcp') + cache.store('service1', ['alias1', 'alias2'], 100, 'udp') + cache.store('service2', ['alias3', ], 200, 'udp') + cache.store('service3', [], 300, 'udp') + self.cache = cache + + def test_by_name(self): + self.assertItemsEqual(self.cache.retrieve(dict(cn='service1')), [ + ['service1', ['alias1', 'alias2'], 100, 'tcp'], + ['service1', ['alias1', 'alias2'], 100, 'udp'], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(cn='service2')), [ + ['service2', ['alias3', ], 200, 'udp'], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(cn='service3')), [ + ['service3', [], 300, 'udp'], + ]) + + def test_by_name_and_protocol(self): + self.assertItemsEqual(self.cache.retrieve(dict(cn='service1', ipServiceProtocol='udp')), [ + ['service1', ['alias1', 'alias2'], 100, 'udp'], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(cn='service1', ipServiceProtocol='tcp')), [ + ['service1', ['alias1', 'alias2'], 100, 'tcp'], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(cn='service2', ipServiceProtocol='udp')), [ + ['service2', ['alias3', ], 200, 'udp'], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(cn='service2', ipServiceProtocol='tcp')), [ + ]) + + def test_by_unknown_name(self): + self.assertItemsEqual(self.cache.retrieve(dict(cn='notfound')), []) + + def test_by_number(self): + self.assertItemsEqual(self.cache.retrieve(dict(ipServicePort=100)), [ + ['service1', ['alias1', 'alias2'], 100, 'tcp'], + ['service1', ['alias1', 'alias2'], 100, 'udp'], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(ipServicePort=200)), [ + ['service2', ['alias3', ], 200, 'udp'], + ]) + + def test_by_number_and_protocol(self): + self.assertItemsEqual(self.cache.retrieve(dict(ipServicePort=100, ipServiceProtocol='udp')), [ + ['service1', ['alias1', 'alias2'], 100, 'udp'], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(ipServicePort=100, ipServiceProtocol='tcp')), [ + ['service1', ['alias1', 'alias2'], 100, 'tcp'], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(ipServicePort=200, ipServiceProtocol='udp')), [ + ['service2', ['alias3', ], 200, 'udp'], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(ipServicePort=200, ipServiceProtocol='tcp')), [ + ]) + + def test_by_alias(self): + self.assertItemsEqual(self.cache.retrieve(dict(cn='alias1')), [ + ['service1', ['alias1', 'alias2'], 100, 'udp'], + ['service1', ['alias1', 'alias2'], 100, 'tcp'], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(cn='alias3')), [ + ['service2', ['alias3', ], 200, 'udp'], + ]) + + def test_all(self): + self.assertItemsEqual(self.cache.retrieve({}), [ + ['service1', ['alias1', 'alias2'], 100, 'tcp'], + ['service1', ['alias1', 'alias2'], 100, 'udp'], + ['service2', ['alias3', ], 200, 'udp'], + ['service3', [], 300, 'udp'], + ]) + + +class Testshadow(unittest.TestCase): + + def setUp(self): + import shadow + cache = shadow.Cache() + cache.store('name', 'passwd', 15639, 0, 7, -1, -1, -1, 0) + cache.store('name2', 'passwd2', 15639, 0, 7, -1, -1, -1, 0) + self.cache = cache + + def test_by_name(self): + self.assertItemsEqual(self.cache.retrieve(dict(uid='name')), [ + [u'name', u'passwd', 15639, 0, 7, -1, -1, -1, 0], + ]) + self.assertItemsEqual(self.cache.retrieve(dict(uid='name2')), [ + [u'name2', u'passwd2', 15639, 0, 7, -1, -1, -1, 0], + ]) + + def test_by_unknown_name(self): + self.assertItemsEqual(self.cache.retrieve(dict(uid='notfound')), []) + + def test_all(self): + self.assertItemsEqual(self.cache.retrieve({}), [ + [u'name', u'passwd', 15639, 0, 7, -1, -1, -1, 0], + [u'name2', u'passwd2', 15639, 0, 7, -1, -1, -1, 0], + ]) + + +if __name__ == '__main__': + unittest.main() diff --git a/tests/test_set.c b/tests/test_set.c new file mode 100644 index 0000000..c68e9c9 --- /dev/null +++ b/tests/test_set.c @@ -0,0 +1,85 @@ +/* + test_set.c - simple test for the set module + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2008-2014 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include + +#include "common/set.h" +#include "compat/attrs.h" + +static int isknownvalue(const char *value) +{ + return value != NULL && ( + (strcmp(value, "key1") == 0) || (strcmp(value, "key2") == 0) || + (strcmp(value, "key3") == 0)); +} + +/* the main program... */ +int main(int UNUSED(argc), char UNUSED(*argv[])) +{ + SET *set; + const char **list; + int i; + const char *v; + + /* initialize */ + set = set_new(); + + /* store some entries */ + set_add(set, "key1"); + set_add(set, "key2"); + set_add(set, "key3"); + set_add(set, "key2"); + + /* check set contents */ + assert(set_contains(set, "key1")); + assert(set_contains(set, "key2")); + assert(set_contains(set, "key3")); + assert(!set_contains(set, "key4")); + assert(!set_contains(set, "KEY1")); + + /* loop over set contents */ + list = set_tolist(set); + for (i = 0; list[i] != NULL; i++) + { + assert(isknownvalue(list[i])); + } + + /* remove keys from the set */ + assert(isknownvalue(v = set_pop(set))); + free((void *)v); + assert(isknownvalue(v = set_pop(set))); + free((void *)v); + assert(isknownvalue(v = set_pop(set))); + free((void *)v); + assert(set_pop(set) == NULL); + + /* free set */ + set_free(set); + free(list); + + return 0; +} diff --git a/tests/test_tio.c b/tests/test_tio.c new file mode 100644 index 0000000..a89381a --- /dev/null +++ b/tests/test_tio.c @@ -0,0 +1,373 @@ +/* + test_tio.c - simple test for the tio module + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2007, 2008, 2011, 2012, 2013 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#include +#include +#ifdef HAVE_STDINT_H +#include +#endif /* HAVE_STDINT_H */ +#include +#include +#include +#include + +#include "common.h" + +#include "common/tio.h" + +/* for platforms that don't have ETIME use ETIMEDOUT */ +#ifndef ETIME +#define ETIME ETIMEDOUT +#endif /* ETIME */ + +/* structure for passing arguments to helper (is a thread) */ +struct helper_args { + int fd; + size_t blocksize; + size_t blocks; + int timeout; +}; + +static void *help_tiowriter(void *arg) +{ + TFILE *fp; + size_t i, j, k; + uint8_t *buf; + struct helper_args *hargs = (struct helper_args *)arg; + /* allocate the buffer */ + buf = (uint8_t *)malloc(hargs->blocksize); + assert(buf != NULL); + /* open the file */ + fp = tio_fdopen(hargs->fd, hargs->timeout * 1000, hargs->timeout * 1000, + 4 * 1024, 8 * 1024, 4 * 1024, 8 * 1024); + assertok(fp != NULL); + /* write the blocks */ + i = 0; + for (k = 0; k < hargs->blocks; k++) + { + /* fill the buffer */ + for (j = 0; j < hargs->blocksize; j++) + buf[j] = i++; + assertok(tio_write(fp, buf, hargs->blocksize) == 0); + } + /* close the file flushing the buffer */ + assertok(tio_close(fp) == 0); + /* we're done */ + free(buf); + return NULL; +} + +static void *help_tioreader(void *arg) +{ + TFILE *fp; + size_t i, j, k; + uint8_t *buf; + struct helper_args *hargs = (struct helper_args *)arg; + /* allocate the buffer */ + buf = (uint8_t *)malloc(hargs->blocksize); + assert(buf != NULL); + /* open the file */ + fp = tio_fdopen(hargs->fd, hargs->timeout * 1000, hargs->timeout * 1000, + 4 * 1024, 8 * 1024, 4 * 1024, 8 * 1024); + assertok(fp != NULL); + /* read the blocks */ + i = 0; + for (k = 0; k < hargs->blocks; k++) + { + assertok(tio_read(fp, buf, hargs->blocksize) == 0); + /* check the buffer */ + for (j = 0; j < hargs->blocksize; j++) + assert(buf[j] == (uint8_t)(i++)); + } + /* close the file */ + assertok(tio_close(fp) == 0); + /* we're done */ + free(buf); + return NULL; +} + +static void *help_normwriter(void *arg) +{ + FILE *fp; + size_t i, j, k; + uint8_t *buf; + struct helper_args *hargs = (struct helper_args *)arg; + /* allocate the buffer */ + buf = (uint8_t *)malloc(hargs->blocksize); + assert(buf != NULL); + /* open the file */ + fp = fdopen(hargs->fd, "wb"); + assertok(fp != NULL); + /* write the blocks */ + i = 0; + for (k = 0; k < hargs->blocks; k++) + { + /* fill the buffer */ + for (j = 0; j < hargs->blocksize; j++) + buf[j] = i++; + assertok(fwrite(buf, hargs->blocksize, 1, fp) == 1); + } + /* close the file flushing the buffer */ + assertok(fclose(fp) == 0); + /* we're done */ + free(buf); + return NULL; +} + +static void *help_normreader(void *arg) +{ + FILE *fp; + size_t i, j, k; + struct helper_args *hargs = (struct helper_args *)arg; + /* open the file */ + fp = fdopen(hargs->fd, "rb"); + assertok(fp != NULL); + /* read the blocks */ + i = 0; + for (k = 0; k < hargs->blocks; k++) + { + /* check the buffer */ + for (j = 0; j < hargs->blocksize; j++) + assertok(fgetc(fp) == (uint8_t)(i++)); + } + /* close the file */ + assertok(fclose(fp) == 0); + return NULL; +} + +/* +TODO: test timeout +TODO: test whether a simple request/response works +*/ + +static int test_blocks(size_t wbs, size_t wbl, size_t rbs, size_t rbl) +{ + int sp[2]; + pthread_t wthread, rthread; + struct helper_args wargs, rargs; + /* set up the socket pair */ + assertok(socketpair(AF_UNIX, SOCK_STREAM, 0, sp) == 0); + /* log */ + printf("test_tio: writing %d blocks of %d bytes (%d total)\n", + (int)wbl, (int)wbs, (int)(wbl * wbs)); + printf("test_tio: reading %d blocks of %d bytes (%d total)\n", + (int)rbl, (int)rbs, (int)(rbl * rbs)); + /* start the writer thread */ + wargs.fd = sp[0]; + wargs.blocksize = wbs; + wargs.blocks = wbl; + wargs.timeout = 2; + assertok(pthread_create(&wthread, NULL, help_tiowriter, &wargs) == 0); +/* sleep(1); */ + /* start the reader thread */ + rargs.fd = sp[1]; + rargs.blocksize = rbs; + rargs.blocks = rbl; + rargs.timeout = 2; + assertok(pthread_create(&rthread, NULL, help_tioreader, &rargs) == 0); + /* wait for all threads to die */ + assertok(pthread_join(wthread, NULL) == 0); + assertok(pthread_join(rthread, NULL) == 0); + /* we're done */ + return 0; +} + +static void test_reset(void) +{ + int sp[2]; + pthread_t wthread; + struct helper_args wargs; + TFILE *fp; + size_t i, j, k, save; + uint8_t buf[20]; + /* set up the socket pair */ + assertok(socketpair(AF_UNIX, SOCK_STREAM, 0, sp) == 0); + /* start the writer thread */ + wargs.fd = sp[0]; + wargs.blocksize = 4 * 1024; + wargs.blocks = 10; + wargs.timeout = 2; + assertok(pthread_create(&wthread, NULL, help_normwriter, &wargs) == 0); + /* set up read handle */ + fp = tio_fdopen(sp[1], 2000, 2000, 2 * 1024, 4 * 1024, 2 * 1024, 4 * 1024); + assertok(fp != NULL); + /* perform 20 reads */ + i = 0; + for (k = 0; k < 20; k++) + { + assertok(tio_read(fp, buf, sizeof(buf)) == 0); + /* check the buffer */ + for (j = 0; j < sizeof(buf); j++) + assert(buf[j] == (uint8_t)(i++)); + } + /* mark and perform another 2 reads */ + tio_mark(fp); + save = i; + for (k = 20; k < 22; k++) + { + assertok(tio_read(fp, buf, sizeof(buf)) == 0); + /* check the buffer */ + for (j = 0; j < sizeof(buf); j++) + assert(buf[j] == (uint8_t)(i++)); + } + /* check that we can reset */ + assertok(tio_reset(fp) == 0); + /* perform 204 reads (partially the same as before) */ + i = save; + for (k = 20; k < 224; k++) + { + assert(tio_read(fp, buf, sizeof(buf)) == 0); + /* check the buffer */ + for (j = 0; j < sizeof(buf); j++) + assert(buf[j] == (uint8_t)(i++)); + } + /* check that we can reset */ + assertok(tio_reset(fp) == 0); + /* perform 502 reads (partially the same) */ + i = save; + for (k = 20; k < 522; k++) + { + assert(tio_read(fp, buf, sizeof(buf)) == 0); + /* check the buffer */ + for (j = 0; j < sizeof(buf); j++) + assert(buf[j] == (uint8_t)(i++)); + } + /* check that reset is no longer possible */ + assertok(tio_reset(fp) != 0); + /* read the remainder of the data 1526 reads */ + for (k = 522; k < 2048; k++) + { + assertok(tio_read(fp, buf, sizeof(buf)) == 0); + /* check the buffer */ + for (j = 0; j < sizeof(buf); j++) + assert(buf[j] == (uint8_t)(i++)); + } + /* close the file */ + assertok(tio_close(fp) == 0); + /* wait for the writer thread to die */ + assertok(pthread_join(wthread, NULL) == 0); +} + +/* this test starts a reader and writer and does not write for a while */ +static void test_timeout_reader(void) +{ + int sp[2]; + TFILE *rfp; + FILE *wfp; + uint8_t buf[20]; + time_t start, end; + int saved_errno; + /* set up the socket pair */ + assertok(socketpair(AF_UNIX, SOCK_STREAM, 0, sp) == 0); + /* open the writer */ + assertok((wfp = fdopen(sp[0], "wb")) != NULL); + /* open the reader */ + assertok((rfp = tio_fdopen(sp[1], 1100, 1100, 2 * 1024, 4 * 1024, 2 * 1024, 4 * 1024)) != NULL); + printf("test_tio: test_timeout_reader: trying to read a block of %d bytes\n", + (int)sizeof(buf)); + /* perform a read */ + start = time(NULL); + errno = 0; + assertok(tio_read(rfp, buf, sizeof(buf)) != 0); + saved_errno = errno; + end = time(NULL); + printf("test_tio: test_timeout_reader: read 0 blocks of %d bytes in %d second(s) (%s)\n", + (int)sizeof(buf), (int)(end - start), strerror(saved_errno)); + /* since the read timeout is more than a second end time should be bigger + than start time */ + assert(end > start); + /* the error should be timeout */ + assert(saved_errno == ETIME); + /* close the files */ + assertok(tio_close(rfp) == 0); + assertok(fclose(wfp) == 0); +} + +/* this test starts a writer and an idle reader */ +static void test_timeout_writer(void) +{ + int sp[2]; + FILE *rfp; + TFILE *wfp; + int i; + uint8_t buf[20]; + time_t start, end; + int numblocks = 10000; + int saved_errno; + /* set up the socket pair */ + assertok(socketpair(AF_UNIX, SOCK_STREAM, 0, sp) == 0); + /* open the reader */ + assertok((rfp = fdopen(sp[0], "rb")) != NULL); + /* open the writer */ + assertok((wfp = tio_fdopen(sp[1], 1100, 1100, 2 * 1024, 4 * 1024, + 2 * sizeof(buf), 4 * sizeof(buf) + 1)) != NULL); + printf("test_tio: test_timeout_writer: trying to write %d blocks of %d bytes\n", + numblocks, (int)sizeof(buf)); + /* we perform a number of writes to the stream to see if they are buffered */ + start = time(NULL); + errno = 0; + for (i = 0; (i < numblocks) && (tio_write(wfp, buf, sizeof(buf)) == 0); i++) + /* nothing */ ; + saved_errno = errno; + end = time(NULL); + printf("test_tio: test_timeout_writer: written %d blocks of %d bytes in %d second(s) (%s)\n", + i, (int)sizeof(buf), (int)(end - start), strerror(saved_errno)); + /* at the very least 4 writes should be OK because they filled the tio buffer */ + assert(i >= 4); + /* but at a certain point the writes should have failed */ + assert(i < numblocks); + /* since the write timeout is more than a second end time should be bigger + than start time */ + assert(end > start); + /* the error should be timeout */ + assert(saved_errno == ETIME); + /* close the files */ + assertok(tio_close(wfp) != 0); /* fails because of bufferred data */ + assertok(fclose(rfp) == 0); +} + +/* the main program... */ +int main(int UNUSED(argc), char UNUSED(*argv[])) +{ + /* normal read-writes */ + test_blocks(400, 11, 11, 400); + test_blocks(10 * 1024, 11, 10 * 11, 1024); + test_blocks(5 * 1023, 20, 20 * 1023, 5); + /* reader closes file sooner */ +/* test_blocks(2 * 6 * 1023, 20, 20 * 1023, 5); */ +/* test_blocks(10, 10, 10, 9); */ + /* writer closes file sooner */ +/* test_blocks(4 * 1023, 20, 20 * 1023, 5); */ +/* test_blocks(10, 9, 10, 10); */ + /* set tio_mark() and tio_reset() functions */ + test_reset(); + /* test timeout functionality */ + test_timeout_reader(); + test_timeout_writer(); + return 0; +} diff --git a/tests/test_tio_timeout.c b/tests/test_tio_timeout.c new file mode 100644 index 0000000..18d8d4f --- /dev/null +++ b/tests/test_tio_timeout.c @@ -0,0 +1,50 @@ +/* + test_tio_timeout.c - tests for tio deadline calculations + This file is part of the nss-pam-ldapd library. + + Copyright (C) 2013 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +/* we include the source because we want to test static methods */ +#include "../common/tio.c" + +#include + +int main(int UNUSED(argc), char UNUSED(*argv[])) +{ + struct timespec deadline = {0, 0}; + int timeout = 100 * 1000; + int sleeptime = 1000; + int low = -100; + int high = 200; + int res; + int ok; + /* initialise deadline */ + assert(tio_time_remaining(&deadline, timeout) == timeout); + /* wait one second */ + sleep(sleeptime / 1000); + /* re-calculate the deadline */ + res = tio_time_remaining(&deadline, timeout); + /* it should be timeout - sleeptime */ + res = timeout - sleeptime - res; + ok = (res > low) && (res < high); + printf("%s: %d msec difference (%swithin %d...%d msec)\n", + ok ? "OK" : "FAIL", res, ok ? "" : "NOT ", + low, high); + return !ok; +} diff --git a/tests/testenv.sh b/tests/testenv.sh new file mode 100755 index 0000000..9a0a866 --- /dev/null +++ b/tests/testenv.sh @@ -0,0 +1,220 @@ +#!/bin/sh + +# testenv.sh - script to check test environment +# +# Copyright (C) 2011-2017 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +set -e + +# get the script name +script="`basename "$0"`" + +# find source and build directory (used for finding auxiliary files) +srcdir="${srcdir-`dirname "$0"`}" +builddir="${builddir-`dirname "$0"`}" + +# location of nslcd configuration file +nslcd_cfg="${nslcd_cfg-/etc/nslcd.conf}" + +# the configured module name (usually ldap) +if [ -f "$builddir"/../config.h ] +then + module_name=`sed -n 's/^#define MODULE_NAME "\(.*\)"$/\1/p' "$builddir"/../config.h` +fi +module_name="${module_name-ldap}" + +# find the names of services that are configured to use LDAP +nss_list_configured() +{ + sed -n 's/^[ \t]*\([a-z]*\)[ \t]*:.*[ \t]'$module_name'.*$/\1/p' /etc/nsswitch.conf \ + | xargs +} + +# check whether the name is configure to do lookups through LDAP +nss_is_enabled() +{ + name="$1" + grep '^[ \t]*'$name'[ \t]*:.*'$module_name'.*' /etc/nsswitch.conf > /dev/null +} + +# check to see if name is configured to do lookups through +# LDAP and enable if not +nss_enable() +{ + name="$1" + if nss_is_enabled "$name" + then + : + else + echo "$script: /etc/nsswitch.conf: enable LDAP lookups for $name" >&2 + if grep -q '^[ \t]*'$name'[ \t]*:' /etc/nsswitch.conf + then + # modify an existing entry by just adding ldap to the end + sed -i 's/^\([ \t]*'$name'[ \t]*:.*[^ \t]\)[ \t]*$/\1 '$module_name'/' /etc/nsswitch.conf + else + # append a new line + printf '%-15s '$module_name'\n' $name':' >> /etc/nsswitch.conf + fi + # invalidate nscd cache + nscd -i "$name" > /dev/null 2>&1 || true + fi + # we're done + return 0 +} + +# check nsswitch.conf to see if dbs use ldap +check_nsswitch() { + required="${1:-passwd group}" + if [ -r /etc/nsswitch.conf ] + then + : + else + echo "$script: ERROR: /etc/nsswitch.conf: not found" >&2 + return 1 + fi + enabled=`nss_list_configured` + if [ -z "$enabled" ] + then + echo "$script: ERROR: /etc/nsswitch.conf: no LDAP maps configured" >&2 + return 1 + fi + for x in $required + do + if nss_is_enabled "$x" + then + : + else + echo "$script: ERROR: /etc/nsswitch.conf: $x not using ldap" >&2 + return 1 + fi + done + echo "$script: nsswitch.conf configured for $enabled" + return 0 +} + +# check PAM stack +check_pam() { + # TODO: implement some tests + return 0 +} + +# perform an LDAP search +do_ldap_search() { + uri="$1" + base="$2" + host=`echo "$uri/" | sed -n 's|:368||;s|ldap://\([^/]*\)/.*$|\1|p'` + ldapsearch -b "$base" -s base -x -H "$uri" '(objectClass=*)' 2> /dev/null || \ + ([ -n "$host" ] && LDAPSASL_MECH=none ldapsearch -b "$base" -s base -h "$host" '(objectClass=*)' 2> /dev/null) || \ + true +} + +# check whether the LDAP server is available +check_ldap_server() { + # see if we can find ldapsearch + [ -x "`which ldapsearch 2> /dev/null || true`" ] || { + echo "$script: ERROR: ldapsearch not found" >&2 + return 1 + } + # get first URI from config + uri="${1:-`sed -n 's/^uri *//p' "$nslcd_cfg" 2>/dev/null | head -n 1`}" + uri="${uri:-`sed -n 's/^uri *//p' "$srcdir"/nslcd-test.conf 2>/dev/null | head -n 1`}" + uri="${uri:-ldap://127.0.0.1}" + base="${2:-dc=test,dc=tld}" + # try to fetch the base DN + if do_ldap_search "$uri" "$base" < /dev/null | grep "^dn: $base\$" > /dev/null + then + echo "$script: LDAP server $uri providing $base" + return 0 + fi + echo "$script: ERROR: LDAP server $uri not available for $base" >&2 + return 1 +} + +# check nslcd.conf file for presence and correct configuration +check_nslcd_conf() { + # check if file is present + [ -r "$nslcd_cfg" ] || { + echo "$script: ERROR: $nslcd_cfg: not found" >&2 + return 1 + } + # TODO: more tests... + return 0 +} + +# basic check to see if nslcd is running +check_nslcd_running() { + if [ -r /var/run/nslcd/socket ] && \ + [ -f /var/run/nslcd/nslcd.pid ] && \ + kill -0 `cat /var/run/nslcd/nslcd.pid` > /dev/null 2>&1 + then + echo "$script: nslcd running (pid `cat /var/run/nslcd/nslcd.pid`)" >&2 + return 0 + fi + echo "$script: ERROR: nslcd not running" >&2 + return 1 +} + +case "$1" in + nss_enable) + # modify /etc/nsswitch.conf to enable ldap for db + shift + while [ $# -gt 0 ] + do + nss_enable "$1" + shift + done + exit 0 + ;; + check) + # perform all tests for test environment + res=0 + check_nsswitch || res=1 + check_pam || res=1 + check_ldap_server || res=1 + check_nslcd_conf || res=1 + check_nslcd_running || res=1 + [ $res -eq 0 ] && echo "$script: test environment OK" || true + exit $res + ;; + check_nss) + # check nsswitch.conf to see if dbs use ldap + shift + check_nsswitch "$*" || exit 1 + exit 0 + ;; + check_ldap) + # check availability of LDAP server + # (optional URI and BASE arguments) + shift + check_ldap_server "$@" || exit 1 + exit 0 + ;; + check_nslcd) + # check nslcd availability + res=0 + check_ldap_server || res=1 + check_nslcd_conf || res=1 + check_nslcd_running || res=1 + [ $res -eq 0 ] && echo "$script: test environment OK" || true + exit $res + ;; + *) + echo "Usage: $0 {nss_enable|check|check_nss|check_ldap}" >&2 + exit 1 + ;; +esac diff --git a/tests/usernames.txt b/tests/usernames.txt new file mode 100644 index 0000000..a948983 --- /dev/null +++ b/tests/usernames.txt @@ -0,0 +1,2500 @@ +wworf +kwinterling +timbier +nroh +bmatrejek +scombass +dstubby +prigney +iherrarte +imayette +oport +waristizabal +etunby +wschmeisser +cpinela +ascheno +lcavez +skuntz +rmcghay +cdrumm +sguenison +fculleton +cbarlup +vglow +greiff +gmoen +nfrancesconi +apastor +hmagsby +ocornelison +tmalecki +obailly +ygoldson +uhuysman +dcaltabiano +aschmider +yureta +fgrashot +rramirez +pwutzke +kfetters +redling +rworkowski +istruzik +ktriblett +atollefsrud +phalter +wvakil +jarango +apliska +cbambace +ipaquette +nvantassel +adesgroseillie +psundeen +puzzell +ihernan +clarusso +jvillaire +ndepina +fbalagtas +mcattrell +jscavotto +emehta +wprosienski +ideveyra +ncermeno +eengelman +istarring +mautullo +osaber +osarao +tplatko +npopwell +mkoelle +hmaresco +uhayakawa +vlajoie +umenlove +mwalkington +pvlcek +skever +ndelmore +htsuha +ctenny +fmahler +jherkenratt +emargulis +lnagata +uchalender +ihudspeth +crieck +enuffer +hriech +ikacher +cdudziak +eflury +riler +ncradduck +fmarchi +lvaleriano +hsadiq +fnader +mcattrell +igrimmer +mswogger +fsplinter +zwoolfrey +bphou +ikuboushek +leberhardt +vhargers +omarples +fgeris +vhaverill +ogoldthwaite +ckondo +dfollman +floparco +xlantey +tethelbert +dlanois +amccroskey +kseisler +gfaire +pahles +hsalvucci +xrahaim +alienhard +lpitek +kgiacalone +pquanstrum +gthorson +mtelford +tvehrs +mkibler +ivanschaack +lbruscino +gdreitzler +vhaverill +bmadamba +mjeon +nmastronardi +dcarsey +ykimbel +dasiedu +pgaudet +cduba +saycock +vwokwicz +wcreggett +vmalandrino +fbeatrice +svogler +ipen +wmendell +gmassi +yszumigala +dmellady +smccaie +wconstantino +phalkett +rgriffies +gsantella +canichini +lnooman +ndesautels +vlajoie +rbillingsly +szachariades +gwaldbauer +dciviello +bkoopmann +mredd +pfertitta +lchaudoin +inobrega +vcrofton +lchaudoin +mdedon +ktuner +bwiggins +opizzuti +fvinal +bdominga +lbenito +aarellano +inarain +ucarlino +nsnaders +zpoirier +ndrumgole +gspicer +kvanderbie +kbramblett +apastor +opuglisi +hcrowden +dgiacomazzi +wbrettschneide +vpridgeon +ktorrent +dsmykowski +pbeckerdite +tsepulueda +rgrigorov +fsunderland +ccuozzo +ofugere +malleruzzo +ckurkjian +faleo +esodachanh +kcomparoni +utircuit +vrodick +emcindoe +zkurokawa +wborde +agordner +lcarratala +pbrentano +mconsolini +wclokecloak +pdossous +yvdberg +shoitt +wganther +tquilindrino +jbjorkman +jgobble +pkoblick +broher +myokoyama +dcaltabiano +obenton +werrick +iyorgey +psabado +xdittrick +ykriegel +isowder +rgothro +nciucci +cfleurantin +gwethern +cmanno +imakofsky +dloubier +umosser +hsadiq +cpentreath +ojerabek +tmelland +ktapanes +mcasida +mvanpelt +fthein +jhenkensiefken +ubrumett +ysturino +ilamberth +tpaa +yolivier +rfangman +tguinnip +hhagee +ibyles +lsingletary +vpoitevin +kmcardle +gettl +vmaynard +mrydelek +hhardan +dwittlinger +lmuehlberger +cpencil +lhutsler +jguzzetta +tmurata +nreistetter +rgothro +ysantoscoy +llarmore +pbrohawn +hwoodert +gdeyarmond +mallmand +rcabler +gmackinder +bconour +ycerasoli +jskafec +bmarszalek +dphou +sdebry +nwehnes +psiroky +dgreenlun +gdaub +dnoneman +iambrosino +tmalecki +hskowronek +fkeef +jjumalon +gvollrath +kbrancati +rcabler +dsumaran +jmingo +lcoulon +emele +chosteller +dpallesen +emongelli +zcervenak +nvyhnal +xlantey +hhydrick +mfitzherbert +dsteever +rhujer +cpatrich +mstoffey +khartness +iquero +rpitter +oosterhouse +hfiebig +kmallach +ieagon +cwinney +thynson +fsavela +leberhardt +aponcedeleon +sshearon +cdewoody +olincicum +lgutenberg +hkarney +pminnis +ksparling +ajaquess +ttorregrossa +mleggio +vfohl +kgiacalone +uransford +fbeatrice +wtumaneng +kfend +udatu +dprestia +vkilburn +ncapuchin +cdonnick +nrabsatt +cchriswell +omullner +charriman +sskyers +ndesautels +bamaker +iroiger +dnegri +hrenart +odarity +dflore +gkerens +mfeil +svongal +tsteve +jreigh +achhor +cbandel +mpizzaro +satkins +asivley +phyers +gclapham +tmccaffity +prowena +cpentreath +zinsko +kgiacalone +mkarels +ocrabbs +mrydelek +zkeitsock +cgaudette +emathwich +ndepina +lemling +ibowdle +dledenbach +tbattista +ssarabando +ugreenberg +bfishbeck +wmellott +eberkman +alamour +mtelford +ugerpheide +hschoepfer +draymundo +moller +aborycz +rainsley +wenglander +lspielvogel +jbergseng +gbareis +nrufus +fagro +ibuzo +gmings +uwalpole +tvrooman +jwinterton +ilacourse +htomlinson +ihaub +fgoben +ekeuper +klurie +dbissen +fkrasnow +jbielicki +ascheno +nwatkinson +ljomes +asellberg +rboelk +qhanly +alat +lcanestrini +cdonnick +lgab +pslisz +wgidaro +ovasiliou +hbukovsky +joligee +uholecek +rtooker +atimenez +mwatt +twillets +vwabasha +hschoepfer +barenales +hmaly +salexandria +ecolden +dlablue +ewismer +kschlicker +jarango +mbaldyga +hhagee +cbartnick +ubuscombe +cbrunsting +yverbeke +ckistenmacher +amusemeche +fmilsaps +ghermie +esproull +laksamit +cklem +nmesser +psalesky +ckleis +omounts +gmings +xcilva +jyeater +omontross +daubert +dmccoyle +tguinnip +ddeguire +kottomaniello +mlenning +hsabol +nhayer +lpavick +gcukaj +isteinlicht +pwhitmire +nchrisman +sgefroh +trofkahr +kkennett +hmatonak +ecelestin +vfeigel +mtintle +plabrum +svandewalle +ikrise +mciaccia +dbye +zwoolfrey +iracey +szachariades +bleaks +wdovey +dgivliani +mdoering +vgaseoma +aarietta +ofelcher +ishuckhart +cflenner +wleiva +fplayfair +dgiacomazzi +npremer +jappleyard +poakland +wcagney +hchaviano +psharits +oshough +vwisinger +kmeester +swoodie +hgreuel +dnoneman +kconkey +gbumpaus +pshina +mhowat +cpaccione +ithum +dmccoyle +lkonicki +edack +ysnock +edufford +vlubic +ihimmelwright +ccrape +bhelverson +dscheurer +kkarmo +swolfertz +epeterson +lpondexter +dcoffer +ileaman +nfilipek +purquilla +cmcanulty +iaskin +sbrabyn +ekurter +saben +pgreviston +vdains +mzoulek +bzieba +plenix +kcofrancesco +lmcgeary +mbosten +gradish +hgranelli +lhenrey +cheinecke +wboroff +dflore +joconor +iiffert +ploegering +kdecock +jmatty +tcampman +sherzberg +lautovino +rginer +kalguire +ktaus +kmisove +aduffie +gmilian +dsmykowski +tcuenca +gbrihm +dpintor +aantuna +hlindemann +rsimonton +wdagrella +hseidt +gchounlapane +sstough +cnagode +ptoenjes +fmeola +bgavagan +bguthary +akraskouskas +mtuma +gdeadwyler +ehathcock +gjundt +lhuggler +wkhazaleh +jeidem +ohove +badair +sgraney +obache +ssorce +rkraszewski +moser +ecordas +aesbensen +bcuez +bwaymon +dpfeiffer +tkhora +tsingeltary +lbuchtel +smccastle +testusr2 +nrybij +lmohn +isuro +bdurkins +pkillingworth +lgadomski +jyslava +ebascle +kgarced +akrishna +cbelardo +dtashjian +nramones +sdefrain +epoinelli +imatherly +gstorrer +venfort +ikadar +eselvig +rcianciolo +cpaccione +bouten +mbrannin +ekenady +pschrayter +hsumrell +tmarcom +hlemon +fblow +dfirpo +nasmar +ewilund +stiry +hwestermark +dgorka +rdubs +tnaillon +nnocella +igurwell +mcook +fsinkovich +amanganelli +rcheshier +stiry +vhussien +sspagnuolo +nkempon +ssarabando +jholzmiller +omatula +glablanc +ghelderman +vtresch +nschmig +obirkline +kcofrancesco +tcrissinger +vexler +charriman +pvirelli +limbrogno +obenallack +pthornberry +mstirn +zosollo +lcallender +vnery +pquiller +tlietzke +pbenik +dbarretto +hgalavis +pshumski +cmiramon +lhutsler +zculp +hkohlmeyer +wbarcellos +gtkach +djosselyn +wharpel +rgoonez +ichewning +nchafins +ivoetmann +ekurter +bnicoletti +mberson +cabare +hbinker +teliades +hschlesser +nbuford +ncrissler +skuang +kadamczyk +planzi +rpastorin +dbarriball +dkopczyk +estockwin +ldettmann +ipaquette +zgitlewski +gvachula +sjankauskas +ywhittingham +dsantander +wschemm +jpidcock +ugowans +hpenick +cbrunsting +adesgroseillie +cweiss +oduba +gmackinder +lcorbridge +bmoling +gbolay +ninnella +kbrevitz +kdomke +bflexer +djosselyn +farquette +nquann +otanon +pdech +okave +cbotdorf +jcurson +zanderlik +cereth +ycobetto +lhurtado +tmontesi +rlambertus +mvedder +ktopoian +bwinterton +vmcilwraith +fdivers +rfassinger +ohoffert +dciullo +nreistetter +glemler +tsenemounnarat +zvagt +elozier +aspiess +ediga +gdrilling +baigner +iogasawara +ienglert +wpander +phyer +yversluis +ihalford +mespinel +zratti +vdolan +mfritsche +mjeon +ddeguire +bgjelaj +wrott +nkubley +lleagjeld +agarbett +xmcnerney +tgelen +kganesvoort +mwaltemath +tlietzke +ralspach +dpallesen +jfay +ncaballero +nspolar +uvanmatre +vareias +ikulbida +jschedler +mkumar +pgrybel +emiss +meconomides +cmiramon +nspolar +tlana +gishii +zboulding +vnooman +sherzberg +fkrasnow +gcubbison +cdeckard +nrajewski +hmagsby +pgermershausen +yeike +akrishna +lmccosh +phaye +lpaglialunga +ebattee +jmcgartland +mvas +cdegravelle +moller +tmorr +hhires +yfrymoyer +njordon +thaycraft +bluellen +sgurski +hvannette +nobregon +zneeb +hhysong +fnottage +ahandy +wzausch +lfichtner +yautin +fdechellis +sgarriss +garchambeault +bouten +wselim +kswirsky +fspiess +eziebert +gjundt +gdusen +jquicksall +sgunder +isorhaindo +lkimel +uneice +ebusk +gclapham +eshanon +wpoudrier +zborgmeyer +kwinterling +gcrossfield +jlianes +ctenny +bbeckfield +hfenk +creins +olilyblade +choeger +pzaccaria +ltegtmeier +ycerasoli +jcourtwright +kgillim +ycurtis +tfalconeri +faquilar +jeuresti +sstazenski +gpomerance +pmineo +ocornelison +hschrank +kfetters +wmolin +akravetz +hmachesky +shaith +ppeper +ldreckman +lbartimeus +tpin +dlongbotham +oclunes +vbaldasaro +bmatrejek +pcornn +nroepke +myokoyama +cbelardo +rsilberman +bpinedo +gdeblasio +nphan +istarring +sstuemke +tmagel +mcidre +pphuaphes +jwatah +ipeick +khembrey +hgreuel +nkempon +shoitt +slaudeman +hcalvaruso +hdumpert +nbugtong +hsweezer +cmcgoey +ngata +bcolorado +vballina +tmurata +sjarvi +esonia +ycostaneda +hriech +kmandolfo +ghumbles +ngrowney +ipuccio +ssilbert +hrapisura +mdanos +teliades +hmitchusson +ckugler +lmadruga +psantorella +ggillim +dstreich +emiss +ksoberanes +lshilling +ohearl +fberra +hderrig +nevan +xdittrick +obeaufait +mfinigan +fsirianni +bhelscher +fberyman +sgropper +mcashett +ecordts +bharnois +gkirchberg +wcarthon +dmccoyle +cnoriego +mblanchet +dhendon +kshippy +emori +mgoodenough +testusr3 +sdenina +lhutsler +uednilao +omcdaid +afeinen +tsearle +lnagata +aziernicki +jmarugg +sscheiern +hpaek +panello +fsapien +ykisak +msweezer +cheinecke +dhannam +maustine +vrapin +svielle +rcandy +tmysinger +hpalmquist +swilken +jnehls +ckondo +uweyand +ewuitschick +wschmuck +mlinak +pzutell +vchevalier +tabelman +cbrunsting +xmcnerney +tliekhus +klundsten +slaningham +deshmon +nmoren +askimehorn +rpinilla +mcaram +thoofard +dprestia +iquero +nrysavy +mvanbergen +ascheno +ulanigan +jeidem +gloebs +mdellavalle +tsingeltary +lwedner +mcoch +mneubacher +khathway +syurkovich +psherfy +fvallian +jlunney +wdovey +jjumalon +umcsparin +zfarler +bdevera +zeddins +mbroglie +adurol +dcastillion +ncaver +naquas +cmellberg +mswed +bluellen +rtrichell +cfasone +hderrig +hstanczyk +enastasi +adevenney +gcobane +psemple +ggehrke +mberson +ndrumgole +khoffstetter +ggase +iromie +mquigg +iyorgey +emargulis +imarungo +lrandall +kmalas +tvisitacion +imcbay +hbraskey +ymudie +tkuchem +rfauerbach +ctewari +gstallion +hcianciolo +jsegundo +tfetherston +mjuris +ualway +ideshon +lmadruga +aashbach +erostad +hludeman +wconces +tmarkus +eturpiano +pcaposole +lburmester +mcook +osarao +spolmer +isalm +gshelhorse +iwoldt +pvlcek +arosel +obache +jseen +kjhonson +vdesir +rrodberg +wtruman +mfornes +mfaruolo +iyorks +tairth +cstidstone +cfilippello +vwaltmann +pbenik +fhalon +ctetteh +hzagami +pheisdorffer +lelsaesser +ghann +fcunard +afallert +efobes +srees +sackles +uspittler +mcampagnone +gfaire +dhannam +kgleichweit +rmcdonnel +akomsthoeft +gjankowiak +glafontaine +mmylott +kgourd +lbatra +lparrish +snotari +oreiss +lringuette +ymursko +ekonick +rmandril +cfredericksen +fminecci +lbassin +mgavet +gshadle +cpalmios +vrunyon +cpalmios +ueriks +kstraughn +gconver +vburton +fplayfair +opeet +bwalega +mkonow +lschenkelberg +creddrick +ubieniek +wgwaltney +sanderegg +jchancy +ibyles +klover +hbickford +fsymmonds +nlemma +pgaudet +lparrish +rpenhale +fwidhalm +mvas +rlatessa +oscarpello +pzaccaria +zclendennen +seastridge +iweibe +wmenucci +pfreiberger +cswayze +fmulac +mviverette +tvallow +wborenstein +lhoerr +sstuemke +mconsolini +ndashem +lmauracher +mpark +thelfritz +ckehl +tbagne +jamber +walbrecht +diller +zgingrich +dzurek +nllewlyn +sbloise +lyoula +vkouns +dblazejewski +ashuey +eathey +kdevincent +kwidrick +mmcchristian +ebeachem +ckugler +tfowlkes +lnorseworthy +nerbach +phyer +gfedewa +ngrowney +pwademan +lkhubba +ktoni +craddle +rhickok +smarksberry +bwynes +bromano +dmarchizano +ewall +mxiong +fratner +tstalworth +omounts +vpender +tpownell +osaines +jlebouf +szachariades +omatice +nspanbauer +sdaignault +svielle +blovig +nlaizure +lsous +ademosthenes +speppin +mmangiamele +kmoesch +nhuckstadt +isudweeks +hsnarr +abeen +amccroskey +nkraker +rcandy +ocalleo +owhitelow +mrizer +cmafnas +jzych +tsann +abortignon +prowena +mfaeth +nridinger +ctuzzo +rcheshier +gshrode +vstirman +pheathcock +bdevera +mdimaio +pbeckerdite +amcgraw +nousdahl +zbuscaglia +ldettmann +ihegener +hbetterman +dlargo +ewilles +ngaler +ptomopoulos +lvanconant +jbiber +vglidden +nmajera +vnery +lseehafer +hiddings +kwirght +imensah +dmahapatra +osanthuff +mmanozca +hbrandow +zbracamonte +gguardia +lschenkelberg +ymichna +klover +hliverman +tmccannon +hnoblitt +pbascom +dherard +jscheitlin +lgadomski +mpilon +mstirn +fwollner +ashrigley +dlanois +seroh +vschaedler +mherlihy +vbonder +okveton +gmalave +hhardan +fkosiba +ccyganiewicz +vemily +omasone +cgalinol +jrees +tmcmickle +akertzman +ngoshen +tkeala +hpimpare +dtornow +jdodge +ldigman +vrunyon +jenfort +akilburn +lchaudoin +clapenta +kmedcaf +fparness +owhelchel +egalleta +yeven +bhaislett +critchie +lbramel +ppiccillo +ahalleck +gearnshaw +nhelfinstine +hhaffey +eyounglas +ksharma +gwethern +fhovermale +eklunder +emottillo +mdanos +isuro +pphuaphes +wvalcin +pduitscher +yhenriques +mjeon +areid +gbrimmer +rdubuisson +mvanpelt +dstubby +ksauler +cmiramon +cbrom +gparkersmith +gdivalerio +awhitt +slerew +mpanahon +kmanin +igeltz +awoytowich +llampier +lslavis +hsweezer +cbarrigan +afredin +slaforge +ycostaneda +hsabol +bhelscher +cnabzdyk +wharpel +cbrom +hbarrale +tmoskos +lnibler +mkassabian +saben +twedel +eleyton +mpark +mferandez +utrezize +ihanneman +behrke +tarre +hhartranft +eyounglas +ehindbaugh +ichewning +smayorca +pcorson +bcuez +isplonskowski +ediga +ivanschaack +ewicks +icalamari +bmicklos +lgandee +iwininger +pmurdoch +gkrasner +uazatyan +kbordwine +speppin +hwoodert +mmoskop +mferrier +ygoldson +cpatrich +ktuccio +vchevalier +cduffer +lringrose +dhomma +prepasky +mmattu +rbillingsly +kepps +fcha +lgodlove +rasrari +hpolich +garchambeault +nwrobbel +lsobrino +aagel +eneighbor +hbuttolph +umcsparin +oconerly +sschoeman +mtanzi +usoltes +skuntz +fhain +smullowney +okveton +showe +vrunyon +fschafer +yschmuff +olilyblade +hlynema +xhorvitz +hschrank +jsweezy +jrimando +dpintor +gshelhorse +dsharr +hmuscaro +ihashbarger +kmalas +mdyce +kschlicker +svielle +pwetherwax +tgraen +ecathers +fwaychowsky +mgoldhahn +tblackgoat +uoblinski +gwachowiak +thoch +bwiggins +tdonathan +dpfeiffer +arthur +mfaeth +bscadden +eorofino +imariello +hcouillard +uslavinski +guresti +bzaeske +rmagnone +rbloomstrand +klurie +csteinbrecher +tbattista +gpiatt +pspradling +ckerska +obercier +mdecourcey +senrico +rheinzmann +eprosper +jsenavanh +cklem +fcarvosso +pdziuban +gdrilling +vdelnegro +lschollmeier +mpatty +gapkin +eshurtliff +ghaworth +cdrumm +zpero +psharits +smillian +tnaillon +mdoering +mmedlar +fvascones +kmoesch +akravetz +ilacourse +umanske +cgalinol +kaanerud +tmcmickle +pcassaro +kkinnick +adesgroseillie +ssilbert +kleardi +pfloerke +hfiebig +greagey +wpeckler +ckreidler +vtrumpp +imillin +kkozik +bstrede +txayavong +aferge +kgarced +ycerasoli +dblazejewski +usherraden +vbigalow +khinckson +gallanson +pmalachi +cbrechbill +rfauerbach +jglotzbecker +chuxman +skoegler +lbartimeus +hstreitnatter +mviverette +emottillo +hbukovsky +edurick +pbiggart +sshilo +bsibal +pzieglen +bhelscher +kshippy +gcacatian +puniacke +nlatchaw +ohatto +rhollmann +sansari +swallberg +gportolese +plabrum +obenton +mbumbalough +ckleis +rschkade +fverfaille +ukins +bwhang +tmohmed +krahman +nlinarez +nwiker +gcarlini +sarndt +cmafnas +dgosser +phyers +hspackman +ireeser +bjolly +mhollings +ctenny +uschweyen +cgaler +zkampmann +svielle +kwidrick +omalvaez +aminari +khathway +mdickinson +kbradbury +cvote +cspilis +cschimke +ibreitbart +imcconkey +amayorga +gmeece +iroiger +wmailey +kthede +testusr2 +hbraim +eklunder +fgarron +cklem +kbarnthouse +khovanesian +cwank +dwideman +istoff +dlancey +mlinardi +tlorona +yeike +dfirpo +mcontreras +mlantieri +wschmeisser +dhammontree +hmogush +kfetters +achhor +bgjelaj +lsivic +eparham +nradican +thomme +lcoller +ncermeno +zkutchera +lgradilla +pvlcek +cdouthett +znightingale +jkimpton +owager +zbains +slaudeman +sczubia +jcaroll +pslisz +fdarakjian +dhindsman +zhaulk +mground +mkoelle +mmatise +gzuhlke +cjuntunen +mferandez +uholecek +tnitzel +fsumrall +jmartha +hboreland +eserrett +csalkeld +fburrough +jchipp +lfelan +hpotucek +pheathcock +dsgambati +kpuebla +agimm +csarjeant +fvinal +nglathar +beon +bsteinbrecher +rchevrette +cbleimehl +dminozzi +hfludd +wworf +jbjorkman +bzaeske +nglaspy +gdamour +etunby +hcintron +sdrawec +dtuholski +ochasten +pvierthaler +ekalfas +rzilahi +joligee +rhoffschneider +ckistenmacher +ksparling +zmeeker +asabin +mkrauser +umarbury +dpallesen +nblum +showe +fberyman +phardung +hkinderknecht +dgreenlun +gsusoev +tdembinski +lseabold +hbastidos +ohoffert +aesbensen +tmill +sbonnie +ohedlund +ewilund +tsowells +ilevian +btheim +wschemm +csoomaroo +ilawbaugh +jdeaville +lswanton +faleo +mcrise +fblow +amckinney +eklein +rginer +ndepina +vtowell +ploegering +lpintor +jfreuden +cjuntunen +lmichaud +hzinda +mwesberry +wsteinkuehler +mwalkington +nendicott +brodgerson +opoch +nnickel +rwinchell +ibeto +cboecker +lcocherell +fbakaler +wottesen +cbelardo +skanjirathinga +dsahota +nedgin +nhija +sestergard +imicthell +upater +sskone +ncrafford +gmalekan +dbertels +kbartolet +fsaeli +vbon +usoltes +vdelnegro +lversage +bvanscooter +ppedraja +clouder +bveeneman +hspiry +ckodish +hmatonak +owager +lgunnett +mfritsche +espangenberg +zvanwagoner +bswantak +lcoy +dciviello +bnibbs +esheehan +ptraweek +hdyner +wstjean +kmosko +nrajewski +brepka +hmerle +loganyan +hholyfield +nhayer +npopwell +rfassinger +sbettridge +tvrooman +ddobrowski +mjacox +enicoles +emanikowski +iseipel +emargulis +kgremminger +dauer +wgwaltney +ebascle +nnamanworth +mtoves +jlathen +lpeagler +mprim +wdelbalso +tabdelal +yhahne +uvazzana +csever +fbuzzi +nscharler +tchemin +kfaure +dpolashek +jcourtwright +sdehoyos +mlaverde +owero +bbabst +ewilles +ablackstock +kthornes +cbourek +tnitzel +pcoburn +redling +lfarraj +gwaud +sgraney +hmateer +csever +jchipp +klitehiser +oalthouse +hsabol +sduplechain +mdoering +wbryar +lbarban +hcusta +glebold +nmoren +cfronduti +pwohlenhaus +mpilbin +jgobble +nbolon +emanikowski +sdenina +mdoering +ilambino +vmigliori +kklavetter +krahman +eyslava +hschelb +adishaw +ghiland +nmccolm +zgingrich +rkraszewski +lsobrino +habby +mmuscarella +vnazzal +wzappa +pgreenier +phyer +pziesmer +cmundel +enuffer +vpiraino +kordahl +bmoldan +mgayden +craddle +jspohn +nhattman +iyorks +hloftis +lcarratala +ncermeno +mkawai +ascovel +hkohlmeyer +mvashaw +vrunyon +ihegener +srubenfield +rmagnone +ikaus +ngiesler +jknight +hhamburg +vlajoie +kheadlon +dpallesen +wdeluccia +vgieringer +hpascarella +egrago +aramsdale +hdula +hwoodert +rdubuisson +upellam +sratledge +rmcstay +hkippes +kgelhar +vmedici +gdeyarmond +zwinterbottom +htilzer +apancoast +yszumigala +mmatise +zscammahorn +jroman +pzorens +pfertitta +vkilburn +ngullett +gbueche +rrasual +mmerriwether +wcolbenson +splumlee +egospatrick +ykello +ejuedes +nsiemonsma +cnabzdyk +cpalmios +mruppel +cpentreath +vpeairs +cghianni +ohatto +kbattershell +pfavolise +kmcguire +nagerton +lseabold +jherkenratt +brucky +wboylston +mpatty +dnoneman +lnormand +miglesia +ieckhardt +lschnorbus +kgumbs +gcervantez +rkoonz +wkappen +wvermeulen +lcremer +kmayoras +gbitar +atonkin +dbissett +canichini +swolfertz +mhack +mskeele +hlemon +denriquez +fhalon +lkahre +eneighbor +dsherard +wmenucci +oreynero +imillin +smosses +uhayakawa +ilacourse +ahalcom +bdadds +tronald +carguellez +mstorto +isteinlicht +esonia +fberyman +fbielecki +rguinane +wtio +istallcup +bmednick +sscheiern +uwalpole +ipeick +icoard +amaslyn +rpikes +ebumbrey +gnordmark +wbillotte +jeverton +vweissmann +wlucken +ewicks +mcolehour +dslade +dhomma +pzorens +hyuscak +wkirkegaard +atilley +zrenderos +efudala +nforti +ubynum +ihashbarger +ganes +tredfearn +jwatah +wdevenish +apurdon +satkins +eorsten +zkeitsock +uazatyan +tcacal +wknipe +hcarrizal +dscialpi +jspohn +hpolk +lbanco +vemily +huber +oolivarez +ggaytan +dclardy +mpellew +bkiang +ksheeler +atopick +tgraen +cjody +ovibbert +ideveyra +eshurtliff +mtintle +clewicki +cdarensbourg +hdula +oduba +espyies +bmooe +emoradian +kpalka +rpinilla +xeppley +tgindhart +rlosinger +hdecristofaro +ycobetto +pdischinger +cwank +rtrichell +asivley +kjoslyn +hcafourek +gkerens +emcquiddy +crile +asticher +spolfer +mjennings +hskowronek +ddobrowski +ueriks +wgorton +mallmand +btempel +tcossa +jspeh +tboxx +nchrisman +ppeper +mpester +asundholm +kgiacalone +nlainhart +nslaby +ekalil +gpelyo +dliehr +eengelman +pdauterman +ddigerolamo +lvittum +tharr +bdaughenbaugh +tpownell +enastasi +dlancey +hcowles +amozier +pdulac +rfidel +klape +cswigert +nlohmiller +smazzara +hharian +llarmore +kcheyney +wbryar +cscullion +tmelland +flehenbauer +nwescott +pvierthaler +enoguera +jasplund +ploegering +tsowells +hpolintan +ahalcom +nscharler +bsolecki +yduft +obihl +lbove +ikulbida +volejarski +dfacenda +kwirght +dsherard +istruzik +sfaure +smosakowski +vkrug +oosterhouse +pquiller +msweezer +ecann +imuehl +xlantey +fpybus +mfornes +ssandine +ulanigan +bjolly +rtole +mkofoed +mkarels +xstrawbridge +dmcgillen +esonia +llaneaux +nbethany +rbernhagen +bwoolever +mbeagley +peickhorst +pwashuk +ktolontino +njordon +pquiller +glocascio +ashrigley +eyslava +tmagel +lvanconant +ghanauer +ajudkins +rcolindres +tfowlkes +kmarzili +llasher +ejeppesen +irenick +vsefcovic +uflander +uschweyen +esthill +ebartylla +udelashmit +pziesmer +rhollmann +dholdaway +irenick +hlemon +gjankowiak +gportolese +osanthuff +lkimel +fcoak +nchafins +ecolden +daveado +pzaccaria +wlynch +tmorr +mluft +ztukuafa +igeltz +ksiering +nfunchess +hboyette +qaloan +mbixby +werrick +nblum +mbodley +wnunziata +jarango +ipaquette +ocalleo +planzi +pbondroff +ofelcher +seroh +cpaccione +moser +bbrenton +gschaumburg +ugammell +cpluid +mgoldhahn +tboock +dphou +usevera +tmusemeche +ktriblett +gcurnutt +ischnitzer +bbertao +jwelliver +dborneman +eflanner +dtryba +hmiazga +pgiegerich +fcopley +zkampmann +vleyton +vbracey +oahyou +ihoa +amccolgan +hbrehmer +nherschelman +bbuhoveckey +pmailhiot +pgrybel +vbonder +nranck +cmiramon +zweide +bluppino +nschiele +hdoiel +dsmykowski +rgramby +mweiss +afuchs +kkottenstette +dtornow +fmcnaught +swallberg +cparee +kpenale +alichtenwalter +frumbo +kolexa +rkrallis +hkinderknecht +fburrough +cpinela +tsablea +msturrup +fluthe +igizzi +ksiering +wesguerra +tdonathan +kmisove +nriofrio +bnicoletti +ameisinger +hdohring +hstoute +nbouras +cdegravelle +ashrigley +rborjas +mheilbrun +trofkahr +cblumstein +swede +bmarlin +maustine +lgadomski +nmajette +kpannunzio +rlagrone +hstoute +kgillim +istruzik +wottesen +erathert +ygockel +ibyles +wcreggett +vmaynard +sestabillo +egivliani +mbravata +wtruman +jmarugg +oellerbee +pdauterman +pzutell +kbrugal +cordorica +wclokecloak +blittman +habby +scocuzza +ptomopoulos +hloftis +mjacox +lcaudell +ffigert +msweezer +sgirsh +hveader +wbarcellos +pirby +rnordby +mpytko +dpebbles +otrevor +nforti +dpintor +mdedon +svincenzo +pbrohawn +blatona +tlowers +hharian +mground +akraskouskas +lwedner +kvidra +nsilveria +cbandel +hkohlmeyer +sbemo +oebrani +waustad +asemons +ndipanfilo +adenicola +tstokey +mdecourcey +mruppel +kmuros +rbrisby +hgoodin +mkeedah +kpantoja +myokoyama +jkopko +gcummer +telman +mbrar +fprado +mdoering +owhelchel +bcoletta +hlauchaire +gvollrath +wstjean +rmarsee +fparness +zgitlewski +ipiontek +tyounglas +bcatholic +lgutenberg +mzoulek +fnollora +vduffel +mgolder +kgelhar +edrinkwater +tkelly +mmesidor +lloukota +pviviani +ihudspeth +obelloso +wkahoun +cdickes +jroden +zwoolfrey +sansari +tmccamish +jtetzlaff +hlichota +urosentrance +vglow +ubenken +mpizzaro +nsytsma +psowa +hboreland +astrunk +pdurando +nquann +aspiess +ikacher +wbrill +senrico +ishuckhart +hzinda +mpanahon +veisenhardt +eaguire +jkressin +pcourneya +tschnepel +osaines +dciullo +gtinnel +walbrecht +ksollitto +kstachurski +nbugtong +mdimaio +bdominga +farquette diff --git a/utils/Makefile.am b/utils/Makefile.am new file mode 100644 index 0000000..7b1f9df --- /dev/null +++ b/utils/Makefile.am @@ -0,0 +1,42 @@ +# Makefile.am - use automake to generate Makefile.in +# +# Copyright (C) 2013-2016 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +utilsdir = $(datadir)/nslcd-utils + +utils_PYTHON = cmdline.py nslcd.py getent.py chsh.py shells.py users.py +nodist_utils_PYTHON = constants.py +CLEANFILES = $(nodist_utils_PYTHON) + +all-local: $(nodist_utils_PYTHON) + +# clean up locally created compiled Python files +clean-local: + rm -f *.pyc *.pyo + +# copy constants module +constants.py: ../pynslcd/constants.py + cp ../pynslcd/constants.py . + +# create symbolic links to the commands and fix permissions +install-data-hook: + $(MKDIR_P) $(DESTDIR)$(bindir) + set -ex; for cmd in getent chsh ; do \ + chmod a+rx $(DESTDIR)$(utilsdir)/$$cmd.py ; \ + [ -L $(DESTDIR)$(bindir)/$$cmd.$(MODULE_NAME) ] || $(LN_S) $(utilsdir)/$$cmd.py $(DESTDIR)$(bindir)/$$cmd.$(MODULE_NAME) ; \ + done diff --git a/utils/Makefile.in b/utils/Makefile.in new file mode 100644 index 0000000..f3358c5 --- /dev/null +++ b/utils/Makefile.in @@ -0,0 +1,626 @@ +# Makefile.in generated by automake 1.15.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2017 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# Makefile.am - use automake to generate Makefile.in +# +# Copyright (C) 2013-2016 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA +VPATH = @srcdir@ +am__is_gnu_make = { \ + if test -z '$(MAKELEVEL)'; then \ + false; \ + elif test -n '$(MAKE_HOST)'; then \ + true; \ + elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ + true; \ + else \ + false; \ + fi; \ +} +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +target_triplet = @target@ +subdir = utils +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_pthread.m4 \ + $(top_srcdir)/m4/ax_python_module.m4 \ + $(top_srcdir)/m4/ax_tls.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am $(utils_PYTHON) $(am__DIST_COMMON) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +SOURCES = +DIST_SOURCES = +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__uninstall_files_from_dir = { \ + test -z "$$files" \ + || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ + || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ + $(am__cd) "$$dir" && rm -f $$files; }; \ + } +am__py_compile = PYTHON=$(PYTHON) $(SHELL) $(py_compile) +am__installdirs = "$(DESTDIR)$(utilsdir)" "$(DESTDIR)$(utilsdir)" +am__pep3147_tweak = \ + sed -e 's|\.py$$||' -e 's|[^/]*$$|__pycache__/&.*.py|' +py_compile = $(top_srcdir)/py-compile +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/mkinstalldirs \ + $(top_srcdir)/py-compile +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DOCBOOK2X_MAN = @DOCBOOK2X_MAN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ +MODULE_NAME = @MODULE_NAME@ +NSLCD_BINDPW_PATH = @NSLCD_BINDPW_PATH@ +NSLCD_CONF_PATH = @NSLCD_CONF_PATH@ +NSLCD_PIDFILE = @NSLCD_PIDFILE@ +NSLCD_SOCKET = @NSLCD_SOCKET@ +NSS_FLAVOUR = @NSS_FLAVOUR@ +NSS_LDAP_SONAME = @NSS_LDAP_SONAME@ +NSS_MODULE_OBJS = @NSS_MODULE_OBJS@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PAM_LDAP_SONAME = @PAM_LDAP_SONAME@ +PAM_SECLIB_DIR = @PAM_SECLIB_DIR@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PIC_CFLAGS = @PIC_CFLAGS@ +PTHREAD_CC = @PTHREAD_CC@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LIBS = @PTHREAD_LIBS@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ +RANLIB = @RANLIB@ +RELEASE_MONTH = @RELEASE_MONTH@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +ax_pthread_config = @ax_pthread_config@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +nslcd_LIBS = @nslcd_LIBS@ +nss_ldap_so_LDFLAGS = @nss_ldap_so_LDFLAGS@ +nss_ldap_so_LINK = @nss_ldap_so_LINK@ +oldincludedir = @oldincludedir@ +pam_ldap_so_LDFLAGS = @pam_ldap_so_LDFLAGS@ +pam_ldap_so_LINK = @pam_ldap_so_LINK@ +pdfdir = @pdfdir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ +runstatedir = @runstatedir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target = @target@ +target_alias = @target_alias@ +target_cpu = @target_cpu@ +target_os = @target_os@ +target_vendor = @target_vendor@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +utilsdir = $(datadir)/nslcd-utils +utils_PYTHON = cmdline.py nslcd.py getent.py chsh.py shells.py users.py +nodist_utils_PYTHON = constants.py +CLEANFILES = $(nodist_utils_PYTHON) +all: all-am + +.SUFFIXES: +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu utils/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu utils/Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): +install-nodist_utilsPYTHON: $(nodist_utils_PYTHON) + @$(NORMAL_INSTALL) + @list='$(nodist_utils_PYTHON)'; dlist=; list2=; test -n "$(utilsdir)" || list=; \ + if test -n "$$list"; then \ + echo " $(MKDIR_P) '$(DESTDIR)$(utilsdir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(utilsdir)" || exit 1; \ + fi; \ + for p in $$list; do \ + if test -f "$$p"; then b=; else b="$(srcdir)/"; fi; \ + if test -f $$b$$p; then \ + $(am__strip_dir) \ + dlist="$$dlist $$f"; \ + list2="$$list2 $$b$$p"; \ + else :; fi; \ + done; \ + for file in $$list2; do echo $$file; done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(utilsdir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(utilsdir)" || exit $$?; \ + done || exit $$?; \ + if test -n "$$dlist"; then \ + $(am__py_compile) --destdir "$(DESTDIR)" \ + --basedir "$(utilsdir)" $$dlist; \ + else :; fi + +uninstall-nodist_utilsPYTHON: + @$(NORMAL_UNINSTALL) + @list='$(nodist_utils_PYTHON)'; test -n "$(utilsdir)" || list=; \ + py_files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$py_files" || exit 0; \ + dir='$(DESTDIR)$(utilsdir)'; \ + pyc_files=`echo "$$py_files" | sed 's|$$|c|'`; \ + pyo_files=`echo "$$py_files" | sed 's|$$|o|'`; \ + py_files_pep3147=`echo "$$py_files" | $(am__pep3147_tweak)`; \ + echo "$$py_files_pep3147";\ + pyc_files_pep3147=`echo "$$py_files_pep3147" | sed 's|$$|c|'`; \ + pyo_files_pep3147=`echo "$$py_files_pep3147" | sed 's|$$|o|'`; \ + st=0; \ + for files in \ + "$$py_files" \ + "$$pyc_files" \ + "$$pyo_files" \ + "$$pyc_files_pep3147" \ + "$$pyo_files_pep3147" \ + ; do \ + $(am__uninstall_files_from_dir) || st=$$?; \ + done; \ + exit $$st +install-utilsPYTHON: $(utils_PYTHON) + @$(NORMAL_INSTALL) + @list='$(utils_PYTHON)'; dlist=; list2=; test -n "$(utilsdir)" || list=; \ + if test -n "$$list"; then \ + echo " $(MKDIR_P) '$(DESTDIR)$(utilsdir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(utilsdir)" || exit 1; \ + fi; \ + for p in $$list; do \ + if test -f "$$p"; then b=; else b="$(srcdir)/"; fi; \ + if test -f $$b$$p; then \ + $(am__strip_dir) \ + dlist="$$dlist $$f"; \ + list2="$$list2 $$b$$p"; \ + else :; fi; \ + done; \ + for file in $$list2; do echo $$file; done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(utilsdir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(utilsdir)" || exit $$?; \ + done || exit $$?; \ + if test -n "$$dlist"; then \ + $(am__py_compile) --destdir "$(DESTDIR)" \ + --basedir "$(utilsdir)" $$dlist; \ + else :; fi + +uninstall-utilsPYTHON: + @$(NORMAL_UNINSTALL) + @list='$(utils_PYTHON)'; test -n "$(utilsdir)" || list=; \ + py_files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$py_files" || exit 0; \ + dir='$(DESTDIR)$(utilsdir)'; \ + pyc_files=`echo "$$py_files" | sed 's|$$|c|'`; \ + pyo_files=`echo "$$py_files" | sed 's|$$|o|'`; \ + py_files_pep3147=`echo "$$py_files" | $(am__pep3147_tweak)`; \ + echo "$$py_files_pep3147";\ + pyc_files_pep3147=`echo "$$py_files_pep3147" | sed 's|$$|c|'`; \ + pyo_files_pep3147=`echo "$$py_files_pep3147" | sed 's|$$|o|'`; \ + st=0; \ + for files in \ + "$$py_files" \ + "$$pyc_files" \ + "$$pyo_files" \ + "$$pyc_files_pep3147" \ + "$$pyo_files_pep3147" \ + ; do \ + $(am__uninstall_files_from_dir) || st=$$?; \ + done; \ + exit $$st +tags TAGS: + +ctags CTAGS: + +cscope cscopelist: + + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile all-local +installdirs: + for dir in "$(DESTDIR)$(utilsdir)" "$(DESTDIR)$(utilsdir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-local mostlyclean-am + +distclean: distclean-am + -rm -f Makefile +distclean-am: clean-am distclean-generic + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: install-nodist_utilsPYTHON install-utilsPYTHON + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-data-hook +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-generic + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-nodist_utilsPYTHON uninstall-utilsPYTHON + +.MAKE: install-am install-data-am install-strip + +.PHONY: all all-am all-local check check-am clean clean-generic \ + clean-local cscopelist-am ctags-am distclean distclean-generic \ + distdir dvi dvi-am html html-am info info-am install \ + install-am install-data install-data-am install-data-hook \ + install-dvi install-dvi-am install-exec install-exec-am \ + install-html install-html-am install-info install-info-am \ + install-man install-nodist_utilsPYTHON install-pdf \ + install-pdf-am install-ps install-ps-am install-strip \ + install-utilsPYTHON installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-generic pdf pdf-am ps ps-am tags-am uninstall \ + uninstall-am uninstall-nodist_utilsPYTHON \ + uninstall-utilsPYTHON + +.PRECIOUS: Makefile + + +all-local: $(nodist_utils_PYTHON) + +# clean up locally created compiled Python files +clean-local: + rm -f *.pyc *.pyo + +# copy constants module +constants.py: ../pynslcd/constants.py + cp ../pynslcd/constants.py . + +# create symbolic links to the commands and fix permissions +install-data-hook: + $(MKDIR_P) $(DESTDIR)$(bindir) + set -ex; for cmd in getent chsh ; do \ + chmod a+rx $(DESTDIR)$(utilsdir)/$$cmd.py ; \ + [ -L $(DESTDIR)$(bindir)/$$cmd.$(MODULE_NAME) ] || $(LN_S) $(utilsdir)/$$cmd.py $(DESTDIR)$(bindir)/$$cmd.$(MODULE_NAME) ; \ + done + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/utils/chsh.py b/utils/chsh.py new file mode 100755 index 0000000..c48459d --- /dev/null +++ b/utils/chsh.py @@ -0,0 +1,71 @@ +#!/usr/bin/env python +# coding: utf-8 + +# chsh.py - program for changing the login shell using nslcd +# +# Copyright (C) 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import argparse + +from cmdline import VersionAction, ListShellsAction +import constants +import nslcd +import shells +import users + + +# set up command line parser +parser = argparse.ArgumentParser( + description='Change the user login shell in LDAP.', + epilog='Report bugs to <%s>.' % constants.PACKAGE_BUGREPORT) +parser.add_argument('-V', '--version', action=VersionAction) +parser.add_argument('-s', '--shell', help='login shell for the user account') +parser.add_argument('-l', '--list-shells', action=ListShellsAction) +parser.add_argument('username', metavar='USER', nargs='?', + help="the user who's shell to change") + + +def ask_shell(oldshell): + """Ask the user to provide a shell.""" + shell = raw_input(' Login Shell [%s]: ' % oldshell) + return shell or oldshell + + +if __name__ == '__main__': + # parse arguments + args = parser.parse_args() + # check username part + user = users.User(args.username) + user.check() + # check the command line shell if one was provided (to fail early) + shell = args.shell + if shell is not None: + shells.check(shell, user.asroot) + # prompt for a password if required + password = user.get_passwd() + # prompt for a shell if it was not specified on the command line + if shell is None: + print('Enter the new value, or press ENTER for the default') + shell = ask_shell(user.shell) + shells.check(shell, user.asroot) + # perform the modification + result = nslcd.usermod( + user.username, user.asroot, password, { + constants.NSLCD_USERMOD_SHELL: shell, + }) + # TODO: print proper response diff --git a/utils/cmdline.py b/utils/cmdline.py new file mode 100644 index 0000000..7283875 --- /dev/null +++ b/utils/cmdline.py @@ -0,0 +1,68 @@ +# coding: utf-8 + +# cmdline.py - functions for handling command-line options +# +# Copyright (C) 2013-2017 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import argparse + +import constants + + +version_string = ''' +%s +Written by Arthur de Jong. + +Copyright (C) 2013-2017 Arthur de Jong +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +'''.strip() % constants.PACKAGE_STRING + + +class VersionAction(argparse.Action): + + def __init__(self, option_strings, dest, + help='output version information and exit'): + super(VersionAction, self).__init__( + option_strings=option_strings, + dest=argparse.SUPPRESS, + default=argparse.SUPPRESS, + nargs=0, + help=help) + + def __call__(self, parser, namespace, values, option_string=None): + print(version_string) + parser.exit() + + +class ListShellsAction(argparse.Action): + + def __init__(self, option_strings, dest, + help='list the shells found in /etc/shells'): + super(ListShellsAction, self).__init__( + option_strings=option_strings, + dest=argparse.SUPPRESS, + default=argparse.SUPPRESS, + nargs=0, + help=help) + + def __call__(self, parser, namespace, values, option_string=None): + import shells + for shell in shells.list_shells(): + print(shell) + parser.exit() diff --git a/utils/getent.py b/utils/getent.py new file mode 100755 index 0000000..ae00c5e --- /dev/null +++ b/utils/getent.py @@ -0,0 +1,419 @@ +#!/usr/bin/env python +# coding: utf-8 + +# getent.py - program for querying nslcd +# +# Copyright (C) 2013-2017 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import argparse +import re +import socket +import struct +import sys + +from cmdline import VersionAction +from nslcd import NslcdClient +import constants + + +epilog = ''' +supported databases: + aliases, ethers, group, group.bymember, hosts, hostsv4, hostsv6, + netgroup, netgroup.norec, networks, networksv4, networksv6, passwd, + protocols, rpc, services, shadow + +Report bugs to <%s>. +'''.strip() % constants.PACKAGE_BUGREPORT + +# set up command line parser +parser = argparse.ArgumentParser( + formatter_class=argparse.RawDescriptionHelpFormatter, + description='Query information in %s via nslcd.' % + constants.MODULE_NAME.upper(), + epilog=epilog) +parser.add_argument('-V', '--version', action=VersionAction) +parser.add_argument('database', metavar='DATABASE', + help='any database supported by nslcd') +parser.add_argument('keys', metavar='KEY', nargs='*', + help='filter returned database values by key') + + +def write_aliases(con): + while con.get_response() == constants.NSLCD_RESULT_BEGIN: + print('%-16s%s' % ( + con.read_string() + ': ', + ', '.join(con.read_stringlist()), + )) + + +def getent_aliases(database, keys=None): + if not keys: + write_aliases(NslcdClient(constants.NSLCD_ACTION_ALIAS_ALL)) + return + for key in keys: + con = NslcdClient(constants.NSLCD_ACTION_ALIAS_BYNAME) + con.write_string(key) + write_aliases(con) + + +def write_ethers(con): + while con.get_response() == constants.NSLCD_RESULT_BEGIN: + name = con.read_string() + ether = con.read_ether() + print('%s %s' % (ether, name)) + + +def getent_ethers(database, keys=None): + if not keys: + write_ethers(NslcdClient(constants.NSLCD_ACTION_ETHER_ALL)) + return + for key in keys: + if re.match('^[0-9a-fA-F]{1,2}(:[0-9a-fA-F]{1,2}){5}$', key): + con = NslcdClient(constants.NSLCD_ACTION_ETHER_BYETHER) + con.write_ether(key) + else: + con = NslcdClient(constants.NSLCD_ACTION_ETHER_BYNAME) + con.write_string(key) + write_ethers(con) + + +def write_group(con): + while con.get_response() == constants.NSLCD_RESULT_BEGIN: + print('%s:%s:%d:%s' % ( + con.read_string(), + con.read_string(), + con.read_int32(), + ','.join(con.read_stringlist()), + )) + + +def getent_group(database, keys=None): + if not keys: + write_group(NslcdClient(constants.NSLCD_ACTION_GROUP_ALL)) + return + for key in keys: + if database == 'group.bymember': + con = NslcdClient(constants.NSLCD_ACTION_GROUP_BYMEMBER) + con.write_string(key) + elif re.match('^\d+$', key): + con = NslcdClient(constants.NSLCD_ACTION_GROUP_BYGID) + con.write_int32(int(key)) + else: + con = NslcdClient(constants.NSLCD_ACTION_GROUP_BYNAME) + con.write_string(key) + write_group(con) + + +def _get_ipv4(value): + try: + return socket.inet_pton(socket.AF_INET, value) + except socket.error: + return None + + +def _get_ipv6(value): + try: + return socket.inet_pton(socket.AF_INET6, value) + except socket.error: + return None + + +def _get_af(database): + if database.endswith('v4'): + return socket.AF_INET + elif database.endswith('v6'): + return socket.AF_INET6 + else: + return None + + +def write_hosts(con, db_af): + while con.get_response() == constants.NSLCD_RESULT_BEGIN: + names = ' '.join([con.read_string()] + con.read_stringlist()) + for af, address in con.read_addresslist(): + if db_af in (af, None): + print('%-15s %s' % (address, names)) + + +def getent_hosts(database, keys=None): + db_af = _get_af(database) + if not keys: + write_hosts(NslcdClient(constants.NSLCD_ACTION_HOST_ALL), db_af) + return + for key in keys: + ipv4_addr = _get_ipv4(key) + ipv6_addr = _get_ipv6(key) + if ipv4_addr and db_af in (socket.AF_INET, None): + con = NslcdClient(constants.NSLCD_ACTION_HOST_BYADDR) + con.write_address(socket.AF_INET, ipv4_addr) + elif ipv6_addr and db_af in (socket.AF_INET6, None): + con = NslcdClient(constants.NSLCD_ACTION_HOST_BYADDR) + con.write_address(socket.AF_INET6, ipv6_addr) + else: + con = NslcdClient(constants.NSLCD_ACTION_HOST_BYNAME) + con.write_string(key) + write_hosts(con, db_af) + + +def _read_netgroup(con): + """Read netgroup name, members and tripples from stream.""" + name = con.read_string() + members = [] + tripples = [] + while True: + member_type = con.read_int32() + if member_type == constants.NSLCD_NETGROUP_TYPE_NETGROUP: + members.append(con.read_string()) + elif member_type == constants.NSLCD_NETGROUP_TYPE_TRIPLE: + tripples.append(( + con.read_string(), con.read_string(), + con.read_string() + )) + else: + break + return name, members, tripples + + +def _get_getgroups(con, recurse, netgroups=None): + if netgroups is None: + netgroups = {} + while con.get_response() == constants.NSLCD_RESULT_BEGIN: + name, members, tripples = _read_netgroup(con) + if not recurse: + yield (name, members, tripples) + else: + netgroups[name] = None + for netgroup in members: + if netgroup not in netgroups: + con2 = NslcdClient(constants.NSLCD_ACTION_NETGROUP_BYNAME) + con2.write_string(netgroup) + all(_get_getgroups(con2, recurse, netgroups)) + if netgroups.get(netgroup, None) is not None: + tripples += netgroups[netgroup][1] + netgroups[name] = (members, tripples) + yield (name, [], tripples) + + +def write_netgroup(con, recurse): + for name, members, tripples in _get_getgroups(con, recurse): + print('%-15s %s' % (name, ' '.join( + members + + ['(%s, %s, %s)' % (host, user, domain) + for host, user, domain in tripples] + ))) + + +def getent_netgroup(database, keys=None): + recurse = database == 'netgroup' + if not keys: + write_netgroup( + NslcdClient(constants.NSLCD_ACTION_NETGROUP_ALL), recurse) + return + for key in keys: + con = NslcdClient(constants.NSLCD_ACTION_NETGROUP_BYNAME) + con.write_string(key) + write_netgroup(con, recurse) + + +def write_networks(con, db_af): + while con.get_response() == constants.NSLCD_RESULT_BEGIN: + names = ' '.join([con.read_string()] + con.read_stringlist()) + for af, address in con.read_addresslist(): + if db_af in (af, None): + print('%-22s %s' % (names, address)) + + +def getent_networks(database, keys=None): + db_af = _get_af(database) + if not keys: + write_networks(NslcdClient(constants.NSLCD_ACTION_NETWORK_ALL), db_af) + return + for key in keys: + ipv4_addr = _get_ipv4(key) + ipv6_addr = _get_ipv6(key) + if ipv4_addr and db_af in (socket.AF_INET, None): + con = NslcdClient(constants.NSLCD_ACTION_NETWORK_BYADDR) + con.write_address(socket.AF_INET, ipv4_addr) + elif ipv6_addr and db_af in (socket.AF_INET6, None): + con = NslcdClient(constants.NSLCD_ACTION_NETWORK_BYADDR) + con.write_address(socket.AF_INET6, ipv6_addr) + else: + con = NslcdClient(constants.NSLCD_ACTION_NETWORK_BYNAME) + con.write_string(key) + write_networks(con, db_af) + + +def write_passwd(con): + while con.get_response() == constants.NSLCD_RESULT_BEGIN: + print('%s:%s:%d:%d:%s:%s:%s' % ( + con.read_string(), + con.read_string(), + con.read_int32(), + con.read_int32(), + con.read_string(), + con.read_string(), + con.read_string(), + )) + + +def getent_passwd(database, keys=None): + if not keys: + write_passwd(NslcdClient(constants.NSLCD_ACTION_PASSWD_ALL)) + return + for key in keys: + if re.match('^\d+$', key): + con = NslcdClient(constants.NSLCD_ACTION_PASSWD_BYUID) + con.write_int32(int(key)) + else: + con = NslcdClient(constants.NSLCD_ACTION_PASSWD_BYNAME) + con.write_string(key) + write_passwd(con) + + +def write_protocols(con): + while con.get_response() == constants.NSLCD_RESULT_BEGIN: + name = con.read_string() + aliases = con.read_stringlist() + number = con.read_int32() + print('%-21s %d %s' % (name, number, ' '.join(aliases))) + + +def getent_protocols(database, keys=None): + if not keys: + write_protocols(NslcdClient(constants.NSLCD_ACTION_PROTOCOL_ALL)) + return + for key in keys: + if re.match('^\d+$', key): + con = NslcdClient(constants.NSLCD_ACTION_PROTOCOL_BYNUMBER) + con.write_int32(int(key)) + else: + con = NslcdClient(constants.NSLCD_ACTION_PROTOCOL_BYNAME) + con.write_string(key) + write_protocols(con) + + +def write_rpc(con): + while con.get_response() == constants.NSLCD_RESULT_BEGIN: + name = con.read_string() + aliases = con.read_stringlist() + number = con.read_int32() + print('%-15s %d %s' % (name, number, ' '.join(aliases))) + + +def getent_rpc(database, keys=None): + if not keys: + write_rpc(NslcdClient(constants.NSLCD_ACTION_RPC_ALL)) + return + for key in keys: + if re.match('^\d+$', key): + con = NslcdClient(constants.NSLCD_ACTION_RPC_BYNUMBER) + con.write_int32(int(key)) + else: + con = NslcdClient(constants.NSLCD_ACTION_RPC_BYNAME) + con.write_string(key) + write_rpc(con) + + +def write_services(con): + while con.get_response() == constants.NSLCD_RESULT_BEGIN: + name = con.read_string() + aliases = con.read_stringlist() + number = con.read_int32() + protocol = con.read_string() + print('%-21s %d/%s %s' % (name, number, protocol, ' '.join(aliases))) + + +def getent_services(database, keys=None): + if not keys: + write_services(NslcdClient(constants.NSLCD_ACTION_SERVICE_ALL)) + return + for key in keys: + value = key + protocol = '' + if '/' in value: + value, protocol = value.split('/', 1) + if re.match('^\d+$', value): + con = NslcdClient(constants.NSLCD_ACTION_SERVICE_BYNUMBER) + con.write_int32(int(value)) + con.write_string(protocol) + else: + con = NslcdClient(constants.NSLCD_ACTION_SERVICE_BYNAME) + con.write_string(value) + con.write_string(protocol) + write_services(con) + + +def _shadow_value2str(number): + return str(number) if number != -1 else '' + + +def write_shadow(con): + while con.get_response() == constants.NSLCD_RESULT_BEGIN: + print('%s:%s:%s:%s:%s:%s:%s:%s:%s' % ( + con.read_string(), + con.read_string(), + _shadow_value2str(con.read_int32()), + _shadow_value2str(con.read_int32()), + _shadow_value2str(con.read_int32()), + _shadow_value2str(con.read_int32()), + _shadow_value2str(con.read_int32()), + _shadow_value2str(con.read_int32()), + _shadow_value2str(con.read_int32()), + )) + + +def getent_shadow(database, keys=None): + if not keys: + write_shadow(NslcdClient(constants.NSLCD_ACTION_SHADOW_ALL)) + return + for key in keys: + con = NslcdClient(constants.NSLCD_ACTION_SHADOW_BYNAME) + con.write_string(key) + write_shadow(con) + + +if __name__ == '__main__': + args = parser.parse_args() + try: + if args.database == 'aliases': + getent_aliases(args.database, args.keys) + elif args.database == 'ethers': + getent_ethers(args.database, args.keys) + elif args.database in ('group', 'group.bymember'): + getent_group(args.database, args.keys) + elif args.database in ('hosts', 'hostsv4', 'hostsv6'): + getent_hosts(args.database, args.keys) + elif args.database in ('netgroup', 'netgroup.norec'): + getent_netgroup(args.database, args.keys) + elif args.database in ('networks', 'networksv4', 'networksv6'): + getent_networks(args.database, args.keys) + elif args.database == 'passwd': + getent_passwd(args.database, args.keys) + elif args.database == 'protocols': + getent_protocols(args.database, args.keys) + elif args.database == 'rpc': + getent_rpc(args.database, args.keys) + elif args.database == 'services': + getent_services(args.database, args.keys) + elif args.database == 'shadow': + getent_shadow(args.database, args.keys) + else: + parser.error('Unknown database: %s' % args.database) + except struct.error: + print('Problem communicating with nslcd') + sys.exit(1) diff --git a/utils/nslcd.py b/utils/nslcd.py new file mode 100644 index 0000000..bb720a3 --- /dev/null +++ b/utils/nslcd.py @@ -0,0 +1,157 @@ +# coding: utf-8 + +# nslcd.py - functions for doing nslcd requests +# +# Copyright (C) 2013-2017 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import fcntl +import os +import socket +import struct +import sys + +import constants + + +# definition for reading and writing INT32 values +_int32 = struct.Struct('!i') + + +class NslcdClient(object): + + def __init__(self, action): + # set up the socket (store in class to avoid closing it) + self.sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) + fcntl.fcntl(self.sock, fcntl.F_SETFD, fcntl.FD_CLOEXEC) + # connect to nslcd + self.sock.connect(constants.NSLCD_SOCKET) + #self.sock.setblocking(1) + self.fp = os.fdopen(self.sock.fileno(), 'r+b', 0) + # write a request header with a request code + self.action = action + self.write_int32(constants.NSLCD_VERSION) + self.write_int32(action) + + def write(self, value): + self.fp.write(value) + + def write_int32(self, value): + self.write(_int32.pack(value)) + + def write_bytes(self, value): + self.write_int32(len(value)) + self.write(value) + + def write_string(self, value): + if sys.version_info[0] >= 3: + value = value.encode('utf-8') + self.write_bytes(value.encode('utf-8')) + + def write_ether(self, value): + value = struct.pack('BBBBBB', *(int(x, 16) for x in value.split(':'))) + self.write(value) + + def write_address(self, af, value): + self.write_int32(af) + self.write_bytes(value) + + def read(self, size): + value = b'' + while len(value) < size: + data = self.fp.read(size - len(value)) + if not data: + raise IOError('NSLCD protocol cut short') + value += data + return value + + def read_int32(self): + return _int32.unpack(self.read(_int32.size))[0] + + def read_bytes(self): + return self.read(self.read_int32()) + + def read_string(self): + value = self.read_bytes() + if sys.version_info[0] >= 3: + value = value.decode('utf-8') + return value + + def read_stringlist(self): + num = self.read_int32() + return [self.read_string() for x in range(num)] + + def read_ether(self): + value = self.fp.read(6) + return ':'.join('%x' % x for x in struct.unpack('6B', value)) + + def read_address(self): + af = self.read_int32() + return af, socket.inet_ntop(af, self.read_bytes()) + + def read_addresslist(self): + num = self.read_int32() + return [self.read_address() for x in range(num)] + + def get_response(self): + # complete the request if required and check response header + if self.action: + # flush the stream + self.fp.flush() + # read and check response version number + if self.read_int32() != constants.NSLCD_VERSION: + raise IOError('NSLCD protocol error') + if self.read_int32() != self.action: + raise IOError('NSLCD protocol error') + # reset action to ensure that it is only the first time + self.action = None + # get the NSLCD_RESULT_* marker and return it + return self.read_int32() + + def close(self): + if hasattr(self, 'fp'): + try: + self.fp.close() + except IOError: + pass + + def __del__(self): + self.close() + + +def usermod(username, asroot=False, password=None, args=None): + # open a connection to nslcd + con = NslcdClient(constants.NSLCD_ACTION_USERMOD) + # write the request information + con.write_string(username) + con.write_int32(1 if asroot else 0) + con.write_string(password) + for k, v in args.items(): + con.write_int32(k) + con.write_string(v) + con.write_int32(constants.NSLCD_USERMOD_END) + # read the response + if con.get_response() != constants.NSLCD_RESULT_BEGIN: + raise IOError('NSLCD protocol error') + response = {} + while True: + key = con.read_int32() + if key == constants.NSLCD_USERMOD_END: + break + response[key] = con.read_string() + # return the response + return response diff --git a/utils/shells.py b/utils/shells.py new file mode 100644 index 0000000..dcabfaf --- /dev/null +++ b/utils/shells.py @@ -0,0 +1,64 @@ +# coding: utf-8 + +# shells.py - functions for validating user shells +# +# Copyright (C) 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import ctypes +import ctypes.util +import os +import sys + + +def list_shells(): + """List the shells from /etc/shells.""" + libc = ctypes.CDLL(ctypes.util.find_library("c")) + libc.setusershell() + while True: + shell = ctypes.c_char_p(libc.getusershell()).value + if not shell: + break + yield shell + libc.endusershell() + + +def shellexists(shell): + """Check if the provided shell exists and is executable.""" + return os.path.isfile(shell) and os.access(shell, os.X_OK) + + +def check(shell, asroot=False): + """Check if the specified shell is valid and exit if it isn't.""" + # if the shell is listed in /etc/shells, everything should be OK + if shell in list_shells(): + return + # if we are not root, bail out + if not asroot: + if not shell: + # FIXME: print to stderr + print('%s: empty shell not allowed' % sys.argv[0]) + else: + # FIXME: print to stderr + print('%s: %s is an invalid shell' % (sys.argv[0], shell)) + sys.exit(1) + # warn if something seems wrong + if not shell: + # FIXME: print to stderr + print('%s: Warning: setting empty shell' % sys.argv[0]) + elif not shellexists(shell): + print('%s: Warning: %s does not exist' % (sys.argv[0], shell)) diff --git a/utils/users.py b/utils/users.py new file mode 100644 index 0000000..25fb9da --- /dev/null +++ b/utils/users.py @@ -0,0 +1,60 @@ +# coding: utf-8 + +# users.py - functions for validating the user to change information for +# +# Copyright (C) 2013 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +import getpass +import os +import pwd +import sys + + +class User(object): + + def __init__(self, username): + self.myuid = os.getuid() + if username: + userinfo = pwd.getpwnam(username) + else: + self.asroot = False + userinfo = pwd.getpwuid(self.myuid) + (self.username, self.password, self.uid, self.gid, self.gecos, + self.homedir, self.shell) = userinfo + # if we are trying to modify another user we should be root + self.asroot = self.myuid != self.uid + + def check(self): + """Check if the user we want to modify is an LDAP user and whether + we may modify the user information.""" + if self.asroot and self.myuid != 0: + print("%s: you may not modify user '%s'.\n" % + (sys.argv[0], self.username)) + sys.exit(1) + # FIXME: check if the user is an LDAP user + + def get_passwd(self): + """Ask and return a password that is required to change the user.""" + # FIXME: only ask the password if we require it + # (e.g. when root and nslcd has userpwmoddn we don't need to) + return getpass.getpass( + 'LDAP administrator password: ' + if self.asroot else + 'LDAP password for %s: ' % self.username + ) + # FIXME: check if the provided password is valid