[PC-BSD Commits] r18397 - in pcbsd/current/src-sh/pc-adctl: rc scripts

svn at pcbsd.org svn at pcbsd.org
Fri Aug 10 15:49:40 PDT 2012


Author: johnh
Date: 2012-08-10 22:49:40 +0000 (Fri, 10 Aug 2012)
New Revision: 18397

Added:
   pcbsd/current/src-sh/pc-adctl/scripts/pc-ldapctl
   pcbsd/current/src-sh/pc-adctl/scripts/pc-nssldap
Modified:
   pcbsd/current/src-sh/pc-adctl/rc/rc.activedirectory
   pcbsd/current/src-sh/pc-adctl/rc/rc.ldap
   pcbsd/current/src-sh/pc-adctl/scripts/Makefile
   pcbsd/current/src-sh/pc-adctl/scripts/pc-ldap
   pcbsd/current/src-sh/pc-adctl/scripts/pc-nsswitch
   pcbsd/current/src-sh/pc-adctl/scripts/pc-pam
   pcbsd/current/src-sh/pc-adctl/scripts/pc-samba
Log:
wire things up to understand both activedirectory and ldap



Modified: pcbsd/current/src-sh/pc-adctl/rc/rc.activedirectory
===================================================================
--- pcbsd/current/src-sh/pc-adctl/rc/rc.activedirectory	2012-08-10 19:52:40 UTC (rev 18396)
+++ pcbsd/current/src-sh/pc-adctl/rc/rc.activedirectory	2012-08-10 22:49:40 UTC (rev 18397)
@@ -209,12 +209,12 @@
 	rm "${tmpfile}"
 }
 
-__escape()
+__AD_escape()
 {
 	printf "${1}" | sed -Ee 's|\\|\\\\|g' -Ee 's|[^a-zA-Z0-9]|\\&|g'
 }
 
-__unescape()
+__AD_unescape()
 {
 	printf "${1}" | sed -Ee 's|\\([^a-zA-Z0-9])|\1|g' -Ee 's|\\\\|\\|g'
 }
@@ -226,7 +226,7 @@
 	local var=\$$(printf "${prefix}${name}")
 	local val=$(eval "printf ${var}")
 
-	__unescape "${val}"
+	__AD_unescape "${val}"
 }
 
 AD_get()
@@ -244,7 +244,7 @@
 {
 	local prefix="${1}"
 	local var="${2}"
-	local val=$(__escape "${3}")
+	local val=$(__AD_escape "${3}")
 	local pair="${var}=${val}"
 
 	eval "${prefix}${pair}"

Modified: pcbsd/current/src-sh/pc-adctl/rc/rc.ldap
===================================================================
--- pcbsd/current/src-sh/pc-adctl/rc/rc.ldap	2012-08-10 19:52:40 UTC (rev 18396)
+++ pcbsd/current/src-sh/pc-adctl/rc/rc.ldap	2012-08-10 22:49:40 UTC (rev 18397)
@@ -6,12 +6,12 @@
 : ${PC_LDAP_CONF:="/usr/local/etc/pc-ldap.conf"}
 
 
-__escape()
+__ldap_escape()
 {
 	echo "${1}" | sed -Ee 's|\\|\\\\|g' -Ee 's|[^a-zA-Z0-9]|\\&|g'
 }
 
-__unescape()
+__ldap_unescape()
 {
 	echo "${1}" | sed -Ee 's|\\([^a-zA-Z0-9])|\1|g' -Ee 's|\\\\|\\|g'
 }
@@ -23,7 +23,7 @@
 	local var=\$$(echo "${prefix}${name}")
 	local val="$(eval "echo ${var}")"
 
-	__unescape "${val}"
+	__ldap_unescape "${val}"
 }
 
 ldap_get()
@@ -53,7 +53,7 @@
 {
 	local prefix="${1}"
 	local var="${2}"
-	local val="$(__escape "${3}")"
+	local val="$(__ldap_escape "${3}")"
 	local pair="${var}=${val}"
 
 	export eval "${prefix}${pair}"

Modified: pcbsd/current/src-sh/pc-adctl/scripts/Makefile
===================================================================
--- pcbsd/current/src-sh/pc-adctl/scripts/Makefile	2012-08-10 19:52:40 UTC (rev 18396)
+++ pcbsd/current/src-sh/pc-adctl/scripts/Makefile	2012-08-10 22:49:40 UTC (rev 18397)
@@ -1,5 +1,5 @@
 FILES=pc-activedirectory pc-kerberos pc-kinit pc-nsswitch pc-pam \
-	pc-samba pc-adctl pc-ldap
+	pc-samba pc-adctl pc-ldap pc-nssldap
 
 FILESMODE=0555
 FILESDIR=/usr/local/etc/rc.d

Modified: pcbsd/current/src-sh/pc-adctl/scripts/pc-ldap
===================================================================
--- pcbsd/current/src-sh/pc-adctl/scripts/pc-ldap	2012-08-10 19:52:40 UTC (rev 18396)
+++ pcbsd/current/src-sh/pc-adctl/scripts/pc-ldap	2012-08-10 22:49:40 UTC (rev 18397)
@@ -9,14 +9,8 @@
 
 . /usr/local/etc/rc.ldap
     
-: ${NSS_LDAP_CONF:="/usr/local/etc/nss_ldap.conf"}
-: ${NSS_LDAP_SECRET:="/usr/local/etc/nss_ldap.secret"}
 : ${OPENLDAP_CONF:="/usr/local/etc/openldap/ldap.conf"}
-
-: ${CERT_FILE:="/usr/local/etc/certs/cacert.crt"}
-
 : ${LDAPCONF:="/usr/local/bin/ldapconf"}
-: ${NSSLDAPCONF:="/usr/local/bin/nssldapconf"}
 
 
 backup_openldap_conf()
@@ -49,36 +43,6 @@
 }
 
 
-backup_nss_ldap_conf()
-{
-	local conf="${NSS_LDAP_CONF}"
-	local backup="${conf}.bak"
-
-	if [ -f "${conf}" ]
-	then
-		cp "${conf}" "${backup}"
-		return $?
-	fi
-
-	return 0
-}
-
-
-restore_nss_ldap_conf()
-{
-	local conf="${NSS_LDAP_CONF}"
-	local backup="${conf}.bak"
-
-	if [ -f "${backup}" ]
-	then
-		cp "${backup}" "${conf}"
-		return $?
-	fi
-
-	return 0
-}
-
-
 safe_save()
 {
 	local src="${1}"
@@ -165,177 +129,6 @@
 	return 0
 }
 
-generate_nss_ldap_conf()
-{
-	local tmp
-	local conf="${NSS_LDAP_CONF}"
-	local secret="${NSS_LDAP_SECRET}"
-
-	local host=$(ldap_get hostname)
-	local basedn=$(ldap_get basedn)
-	local rootbasedn=$(ldap_get rootbasedn)
-	local rootbindpw=$(ldap_get rootbindpw)
-	local anonbind=$(ldap_get anonbind)
-	local pwencryption=$(ldap_get pwencryption)
-	local usersuffix=$(ldap_get usersuffix)
-	local groupsuffix=$(ldap_get groupsuffix)
-	local passwordsuffix=$(ldap_get passwordsuffix)
-	local machinesuffix=$(ldap_get machinesuffix)
-	local encryption_mode=$(ldap_get encryption_mode)
-	local certfile=$(ldap_get tls_cacertfile)
-	local options="$(ldap_get_options)"
-
-	local cmd="${NSSLDAPCONF}"
-	if [ -f "${conf}" ]
-	then
-		cmd="${NSSLDAPCONF} -f ${conf}"
-	fi
-
-	tmp=$(mktemp /tmp/tmp.XXXXXX)
-	${cmd} \
-		-c -m "^host=${hostname}" \
-		-c -m "^base=${basedn}" \
-		-c -m "^rootbinddn=${rootbasedn}" \
-		-c -m "^pam_password=${pwencryption}" \
-		-c -t "^nss_override_attribute_value=loginShell=/bin/sh" \
-		-o "${tmp}"
-	if [ "$?" != "0" ]
-	then
-		return 1
-	fi
-	if ! safe_save "${tmp}" "${conf}"
-	then
-		return 1
-	fi
-
-	cmd="${NSSLDAPCONF} -f ${conf}"
-
-	tmp=$(mktemp /tmp/tmp.XXXXXX)
-	if [ -z "${usersuffix}" ]
-	then
-		${cmd} -c -m "^nss_base_passwd=${basedn}" -o "${tmp}"
-	else
-		${cmd} -c -m "^nss_base_passwd=${usersuffix},${basedn}" -o "${tmp}"
-	fi
-	if [ "$?" != "0" ]
-	then
-		return 1
-	fi
-	if ! safe_save "${tmp}" "${conf}"
-	then
-		return 1
-	fi
-
-	tmp=$(mktemp /tmp/tmp.XXXXXX)
-	if [ -z "${groupsuffix}" ]
-	then
-		${cmd} -c -m "^nss_base_group=${basedn}" -o "${tmp}"
-	else
-		${cmd} -c -m "^nss_base_group=${groupsuffix},${basedn}" -o "${tmp}"
-	fi
-	if [ "$?" != "0" ]
-	then
-		return 1
-	fi
-	if ! safe_save "${tmp}" "${conf}"
-	then
-		return 1
-	fi
-
-	if [ "${encryption_mode}" = "start_tls" ]
-	then
-		tmp=$(mktemp /tmp/tmp.XXXXXX)
-		${cmd} \
-			-c -m "^ssl=${encryption_mode}" \
-			-c -m "^tls_cacertfile=${certfile}" \
-			-o "${tmp}"
-		if [ "$?" != "0" ]
-		then
-			return 1
-		fi
-		if ! safe_save "${tmp}" "${conf}"
-		then
-			return 1
-		fi
-
-	elif [ "${encryption_mode}" = "on" ]
-	then
-		tmp=$(mktemp /tmp/tmp.XXXXXX)
-		${cmd} \
-			-c -m "^uri=ldaps://${hostname}" \
-			-c -m "^ssl=${encryption_mode}" \
-			-c -m "^tls_cacertfile=${certfile}" \
-			-o "${tmp}"
-		if [ "$?" != "0" ]
-		then
-			return 1
-		fi
-		if ! safe_save "${tmp}" "${conf}"
-		then
-			return 1
-		fi
-	fi
-		
-	for opt in ${options}
-	do
-		local var val tv n=0
-
-		var=$(echo "${opt}" | sed -E 's|^opt_||')
-		val=$(ldap_get ${opt})
-
-		tv=""
-		for v in ${val}
-		do
-			n=$((n + 1))
-			tv="${tv}${v}="
-		done
-
-		if [ "${n}" = "1" ]
-		then
-			tmp=$(mktemp /tmp/tmp.XXXXXX)
-
-			${cmd} -c -m "^${var}=${val}" -o "${tmp}"
-			if [ "$?" != "0" ]
-			then
-				return 1
-			fi
-			if ! safe_save "${tmp}" "${conf}"
-			then
-				return 1
-			fi
-
-		elif [ "${n}" -gt "1" ]
-		then
-			tmp=$(mktemp /tmp/tmp.XXXXXX)
-
-			tv=$(echo "${tv}"|sed -E 's|=$||')
-
-			${cmd} -c -t "^${var}=${tv}" -o "${tmp}"
-			if [ "$?" != "0" ]
-			then
-				return 1
-			fi
-			if ! safe_save "${tmp}" "${conf}"
-			then
-				return 1
-			fi
-		fi
-
-	done
-
-	if [ "${anonbind}" != "1" ]
-	then
-		printf "${rootbindpw}" > "${secret}"
-		chmod 600 "${secret}"
-	fi
-
-	ln -sf ${conf} "$(dirname ${conf})/ldap.conf"
-	if [ "$ldap_anonbind" != 1 ]
-	then
-		ln -sf ${secret} "$(dirname ${secret})/ldap.secret"
-	fi
-}
-
 ldap_status()
 {
 	local ret=0
@@ -401,12 +194,8 @@
 	if checkyesno ldapclient_enable 2>/dev/null
 	then
 		ldap_init
-
 		backup_openldap_conf
 		generate_openldap_conf
-
-		backup_nss_ldap_conf
-		generate_nss_ldap_conf
 	fi
 }
 
@@ -414,7 +203,6 @@
 {
 	if  checkyesno ldapclient_enable 2>/dev/null
 	then
-		restore_nss_ldap_conf
 		restore_openldap_conf
 	fi
 }

Modified: pcbsd/current/src-sh/pc-adctl/scripts/pc-nsswitch
===================================================================
--- pcbsd/current/src-sh/pc-adctl/scripts/pc-nsswitch	2012-08-10 19:52:40 UTC (rev 18396)
+++ pcbsd/current/src-sh/pc-adctl/scripts/pc-nsswitch	2012-08-10 22:49:40 UTC (rev 18397)
@@ -7,20 +7,41 @@
 # REQUIRE: root
 # BEFORE: nsswitch
 
+. /usr/local/etc/rc.ldap
 . /usr/local/etc/rc.activedirectory
 
 : ${PATH_NS_CONF:="/etc/nsswitch.conf"}
 : ${NSSCONF:="/usr/local/bin/nssconf"}
 
-ad_nsswitch_conf_start()
+nsswitch_conf_start()
 {
+	local doconf=0
+	local conftype
+	local cmd="${NSSCONF}"
+
 	if checkyesno activedirectory_enable 2>/dev/null
 	then
+		conftype='winbind'
+		doconf=1
+
+	elif checkyesno ldapclient_enable 2>/dev/null
+	then
+		conftype='ldap'
+		doconf=1
+	fi
+
+	if [ -f "${PATH_NS_CONF}" ]
+	then
+		cmd="${NSSCONF} -f ${PATH_NS_CONF}"
+	fi
+
+	if [ "${doconf}" = "1" ]
+	then
 		local tmp=$(mktemp /tmp/ns.XXXXXX)
 
-		${NSSCONF} -f "${PATH_NS_CONF}" \
-			-d group -r -s "+files" -s "+winbind" \
-			-d passwd -r -s "+files" -s "+winbind" \
+		${cmd} \
+			-d group -r -s "+files" -s "+${conftype}" \
+			-d passwd -r -s "+files" -s "+${conftype}" \
 			-o "${tmp}"
 
 		if [ "$?" = "0" -a -s "${tmp}" ]
@@ -35,15 +56,35 @@
 	return 0
 }
 
-ad_nsswitch_conf_stop()
+nsswitch_conf_stop()
 {
+	local doconf=0
+	local conftype
+	local cmd="${NSSCONF}"
+
 	if checkyesno activedirectory_enable 2>/dev/null
 	then
+		conftype='winbind'
+		doconf=1
+
+	elif checkyesno ldapclient_enable 2>/dev/null
+	then
+		conftype='ldap'
+		doconf=1
+	fi
+
+	if [ -f "${PATH_NS_CONF}" ]
+	then
+		cmd="${NSSCONF} -f ${PATH_NS_CONF}"
+	fi
+
+	if [ "${doconf}" = "1" ]
+	then
 		local tmp=$(mktemp /tmp/ns.XXXXXX)
 
-		${NSSCONF} -f "${PATH_NS_CONF}" \
-			-d group -s "-winbind" \
-			-d passwd -s "-winbind" \
+		${cmd} \
+			-d group -s "-${conftype}" \
+			-d passwd -s "-${conftype}" \
 			-o "${tmp}"
 
 		if [ "$?" = "0" -a -s "${tmp}" ]
@@ -58,9 +99,10 @@
 	return 0
 }
 
+
 name="pc-nsswitch"
-start_cmd='ad_nsswitch_conf_start'
-stop_cmd='ad_nsswitch_conf_stop'
+start_cmd='nsswitch_conf_start'
+stop_cmd='nsswitch_conf_stop'
         
 load_rc_config $name
 run_rc_command "$1"

Modified: pcbsd/current/src-sh/pc-adctl/scripts/pc-pam
===================================================================
--- pcbsd/current/src-sh/pc-adctl/scripts/pc-pam	2012-08-10 19:52:40 UTC (rev 18396)
+++ pcbsd/current/src-sh/pc-adctl/scripts/pc-pam	2012-08-10 22:49:40 UTC (rev 18397)
@@ -8,32 +8,57 @@
 # REQUIRE: pc-nsswitch
 # BEFORE: NETWORK
 
+. /usr/local/etc/rc.ldap
 . /usr/local/etc/rc.activedirectory
 
 : ${DEFAULT_PAM_SERVICES:="ftp login passwd sshd su telnetd"}
 : ${PAMDIR:="/etc/pam.d"}
 : ${PAMCONF:="/usr/local/bin/pamconf"}
 
-: ${active_directory_pam_services:="${DEFAULT_PAM_SERVICES}"}
+: ${activedirectory_pam_services:="${DEFAULT_PAM_SERVICES}"}
+: ${ldapclient_pam_services:="${DEFAULT_PAM_SERVICES}"}
 
-ad_pam_start()
+pam_start()
 {
+	local auth
+	local account
+	local session
+	local password
+	local doconf=0
+
 	if checkyesno activedirectory_enable 2>/dev/null
 	then
+		doconf=1
+		auth="+2auth:sufficient:/usr/local/lib/pam_winbind.so:silent:try_first_pass:krb5_auth:krb5_ccache_type=FILE"
+		account="+2account:sufficient:/usr/local/lib/pam_winbind.so:krb5_auth:krb5_ccache_type=FILE"
+		session="+session:required:/usr/local/lib/pam_mkhomedir.so"
+		password="+0password:sufficient:/usr/local/lib/pam_winbind.so:try_first_pass:krb5_auth krb5_ccache_type=FILE"
+
+	elif checkyesno ldapclient_enable 2>/dev/null
+	then
+		doconf=1
+		auth="+2auth:sufficient:/usr/local/lib/pam_ldap.so:silent:no_warn:try_first_pass"
+		account="+2account:sufficient:/usr/local/lib/pam_ldap.so:ignore_authinfo_unavail"
+		session="+session:required:/usr/local/lib/pam_mkhomedir.so"
+		password="+0password:sufficient:/usr/local/lib/pam_ldap.so:try_first_pass"
+	fi
+
+	if [ "${doconf}" = "1" ]
+	then
 		local tmpdir=$(mktemp -d /tmp/pam.XXXXXX)
 		local errors=0
 
-		for s in ${active_directory_pam_services}
+		for s in ${activedirectory_pam_services}
 		do
 			local tmp="${tmpdir}/${s}"
 			local sfile="${PAMDIR}/${s}"
 
 			cp "${sfile}" "${tmpdir}/${s}.orig"
 			${PAMCONF} -f "${sfile}" \
-				-m "+2auth:sufficient:/usr/local/lib/pam_winbind.so:silent:try_first_pass:krb5_auth:krb5_ccache_type=FILE" \
-				-m "+2account:sufficient:/usr/local/lib/pam_winbind.so:krb5_auth:krb5_ccache_type=FILE" \
-				-m "+session:required:/usr/local/lib/pam_mkhomedir.so" \
-				-m "+0password:sufficient:/usr/local/lib/pam_winbind.so:try_first_pass:krb5_auth krb5_ccache_type=FILE" \
+				-m "${auth}" \
+				-m "${account}" \
+				-m "${session}" \
+				-m "${password}" \
 				-o "${tmp}"
 
 				if [ "$?" != "0" -o ! -s "${tmp}" ]
@@ -79,24 +104,47 @@
 	return 0
 }
 
-ad_pam_stop()
+pam_stop()
 {
+	local auth
+	local account
+	local session
+	local password
+	local doconf=0
+
 	if checkyesno activedirectory_enable 2>/dev/null
 	then
+		doconf=1
+		auth='-auth:sufficient:/usr/local/lib/pam_winbind.so'
+		account='-account:sufficient:/usr/local/lib/pam_winbind.so'
+		session='-session:required:/usr/local/lib/pam_mkhomedir.so'
+		password='-password:sufficient:/usr/local/lib/pam_winbind.so'
+
+	elif checkyesno ldapclient_enable 2>/dev/null
+	then
+		doconf=1
+		auth='-auth:sufficient:/usr/local/lib/pam_ldap.so'
+		account='-account:sufficient:/usr/local/lib/pam_ldap.so'
+		session='-session:required:/usr/local/lib/pam_mkhomedir.so'
+		password='-password:sufficient:/usr/local/lib/pam_ldap.so'
+	fi
+
+	if [ "${doconf}" = "1" ]
+	then
 		local tmpdir=$(mktemp -d /tmp/pam.XXXXXX)
 		local errors=0
 
-		for s in ${active_directory_pam_services}
+		for s in ${activedirectory_pam_services}
 		do
 			local tmp="${tmpdir}/${s}"
 			local sfile="${PAMDIR}/${s}"
 
 			cp "${sfile}" "${tmpdir}/${s}.orig"
 			${PAMCONF} -f "${sfile}" \
-				-m '-auth:sufficient:/usr/local/lib/pam_winbind.so' \
-				-m '-account:sufficient:/usr/local/lib/pam_winbind.so' \
-				-m '-session:required:/usr/local/lib/pam_mkhomedir.so' \
-				-m '-password:sufficient:/usr/local/lib/pam_winbind.so' \
+				-m "${auth}" \
+				-m "${account}" \
+				-m "${session}" \
+				-m "${password}" \
 				-o "${tmp}"
 
 				if [ "$?" != "0" -o ! -s "${tmp}" ]
@@ -143,8 +191,8 @@
 }
 
 name="pc-pam"
-start_cmd='ad_pam_start'
-stop_cmd='ad_pam_stop'
+start_cmd='pam_start'
+stop_cmd='pam_stop'
         
 load_rc_config $name
 run_rc_command "$1"

Modified: pcbsd/current/src-sh/pc-adctl/scripts/pc-samba
===================================================================
--- pcbsd/current/src-sh/pc-adctl/scripts/pc-samba	2012-08-10 19:52:40 UTC (rev 18396)
+++ pcbsd/current/src-sh/pc-adctl/scripts/pc-samba	2012-08-10 22:49:40 UTC (rev 18397)
@@ -8,6 +8,7 @@
 # REQUIRE: pc-pam
 # BEFORE: smbd
 
+. /usr/local/etc/rc.ldap
 . /usr/local/etc/rc.activedirectory
 
 : ${SMB_CONF:="/usr/local/etc/smb.conf"}
@@ -60,32 +61,117 @@
 			-w -m "+global: template homedir=/home/%U" \
 			-o "${tmp}"
 
-			if [ "$?" = "0" -a -s "${tmp}" ]
+		if [ "$?" = "0" -a -s "${tmp}" ]
+		then
+			mv "${tmp}" "${SMB_CONF}"
+			return $?
+		fi
+
+		return 1
+	fi
+
+	return 0
+}
+
+ldap_smbconf_start()
+{
+	local cmd="${SAMBACONF}"
+	if [ -f "${SMB_CONF}" ]
+	then
+		cmd="${SAMBACONF} -f ${SMB_CONF}"
+	fi
+
+	if checkyesno ldapclient_enable 2>/dev/null
+	then
+		local tmp=$(mktemp /tmp/samba.XXXXXX)
+
+		ldap_init	
+
+		local ssl="off"
+		local encryption_mode=$(ldap_get encryption_mode)
+		if [ "${encryption_mode}" = "start_tls" ]
+		then
+			ssl="start tls"
+		fi
+
+		cp "${SMB_CONF}" "${SMB_CONF}.orig" >/dev/null 2>&1
+		${cmd} \
+			-w -m "+global:security=user" \
+			-w -m "+global:passdb backend=ldapsam:ldap://$(ldap_get hostname)" \
+			-w -m "+global:ldap admin dn=$(ldap_get rootbasedn)" \
+			-w -m "+global:ldap suffix=$(ldap_get basedn)" \
+			-w -m "+global:ldap user suffix=$(ldap_get usersuffix)" \
+			-w -m "+global:ldap group suffix=$(ldap_get groupsuffix)" \
+			-w -m "+global:ldap machine suffix=$(ldap_get machinesuffix)" \
+			-w -m "+global:ldap ssl=${ssl}" \
+			-w -m "+global:ldap replication sleep=1000" \
+			-w -m "+global:ldap passwd sync=yes" \
+			-w -m "+global:ldapsam:trusted=yes" \
+			-w -m "+global:idmap uid=10000-39999" \
+			-w -m "+global:idmap gid=10000-39999" \
+			-o "${tmp}"
+
+		if [ "$?" = "0" -a -s "${tmp}" ]
+		then
+			local rootbindpw=$(ldap_get rootbindpw)
+
+			mv "${tmp}" "${SMB_CONF}"
+			if [ "$?" != "0" ]
 			then
-				mv "${tmp}" "${SMB_CONF}"
+				return 1
+			fi
+
+			if [ -n "${rootbindpw}" ]
+			then
+				/usr/local/bin/smbpasswd -w "${rootbindpw}" >/dev/null 2>&1
 				return $?
 			fi
 
-			return 1
+			return 0
+		fi
+
+		return 1
+
 	fi
 
 	return 0
 }
 
-ad_smbconf_stop()
+smbconf_start()
 {
 	if checkyesno activedirectory_enable 2>/dev/null
 	then
+		ad_smbconf_start
+		return $?
+
+	elif checkyesno ldapclient_enable 2>/dev/null
+	then
+		ldap_smbconf_start
+		return $?
+	fi
+
+	return 0
+}
+
+smbconf_stop()
+{
+	if checkyesno activedirectory_enable 2>/dev/null
+	then
 		cp "${SMB_CONF}.orig" "${SMB_CONF}"
 		return $?
+
+	elif checkyesno ldapclient_enable 2>/dev/null
+	then
+		cp "${SMB_CONF}.orig" "${SMB_CONF}"
+		return $?
 	fi
 
 	return 0
 }
 
 name="pc-samba"
-start_cmd='ad_smbconf_start'
-stop_cmd='ad_smbconf_stop'
+start_cmd='smbconf_start'
+stop_cmd='smbconf_stop'
 
 load_rc_config $name
 run_rc_command "$1"



More information about the Commits mailing list