LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 08-04-2015, 11:20 AM   #91
esternin
LQ Newbie
 
Registered: Aug 2015
Posts: 5

Rep: Reputation: Disabled

Can we return back to the PAM/LDAP and leave copyright discussion for now?

I just found http://karellen.blogspot.ca/2014/03/...slackware.html and followed it closely on a clean 14.1 64-bit install. It worked very well, with only a small handful of builds required, far fewer than here. Where it did fail, and where I see no activity in this project as well, is the absence of sssd.

In my existing environment (AD) pam_sss.so is a module that is required in quite a few places in pam configurations, but I seem unable to find any Slack build files or a pre-compiled package or even compileable sources. Trying to follow the source, as in https://fedorahosted.org/sssd/wiki/DevelTutorials, but there is a chain of dependencies, so before I start chasing them down... has anybody already done this?

Does anybody have sssd compiled for Slackware?

Last edited by esternin; 08-04-2015 at 02:59 PM.
 
Old 08-04-2015, 08:44 PM   #92
chris.willing
Member
 
Registered: Jun 2014
Location: Brisbane, Australia
Distribution: Slackware,LFS
Posts: 914

Rep: Reputation: 619Reputation: 619Reputation: 619Reputation: 619Reputation: 619Reputation: 619
Quote:
Originally Posted by esternin View Post
[snip]

In my existing environment (AD) pam_sss.so is a module that is required in quite a few places in pam configurations, but I seem unable to find any Slack build files or a pre-compiled package or even compileable sources. Trying to follow the source, as in https://fedorahosted.org/sssd/wiki/DevelTutorials, but there is a chain of dependencies, so before I start chasing them down... has anybody already done this?

Does anybody have sssd compiled for Slackware?
When building sssd, the first hurdle you'll encounter is a missing tevent package. Its actually already installed as part of samba - most other distros package tevent separately. However the inclusion of tevent in Slackware's samba is incomplete (e.g. no tevent.pc, nor tevent.h). I have made a patch to fix the problem which I just sent to Patrick, having previously posted to the "desired updates to -current" thread. Since then I found "ldb" component of samba also incomplete - the patch for samba is talloc_tevent.diff.txt, while the updated samba.SlackBuild.txt incorporates the patch and removes some copying of files which is now not needed (because the samba build system now does it itself).

You'll also need the ding-libs package which isn't part of Slackware or at SBo. You can roll your own or use: https://github.com/cwilling/slackbui...arty/ding-libs

From SBo, you'll need krb5. To build sssd, I used:
Code:
PATH=/usr/kerberos/bin:$PATH CFLAGS="-I/usr/include/samba-4.0 -I/usr/kerberos/include" \
  ./configure --prefix=/usr --libdir=/usr/lib64 --docdir=/usr/doc/sssd-1.13.0 \
    --disable-cifs-idmap-plugin --without-nfsv4-idmapd-plugin --disable-config-lib \
    --with-selinux=no --with-semanage=no
although you may want to play around with the idmap options and the config-lib option.

chris
 
Old 08-05-2015, 10:20 AM   #93
esternin
LQ Newbie
 
Registered: Aug 2015
Posts: 5

Rep: Reputation: Disabled
Thanks, Chris.Willing. I'll wait a bit, just in case someone else pipes up with a ready-made sssd, but it looks like your work will get me going if I have to do it myself.

(I had already discovered tevent, and was mystified by its relationship with samba, thanks for clarifying).
 
Old 08-05-2015, 01:37 PM   #94
esternin
LQ Newbie
 
Registered: Aug 2015
Posts: 5

Rep: Reputation: Disabled
Status update:

patched up samba-4.2.1, rebuilt and installed. There was one

WARNING: zero length file usr/lib64/python2.7/site-packages/samba/external/__init__.py

and samba does, indeed, fail at this:

samba-tool dbcheck
ERROR(<type 'exceptions.ValueError'>): uncaught exception - unable to parse dn string
File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py", line 175, in _run
return self.run(*args, **kwargs)
...
but I do not care, as I do not need samba.

In sssd:

CFLAGS="-I/usr/include/samba-4.0 -I/usr/include/krb5" ./configure --prefix=/usr \
--libdir=/usr/lib64 \
--disable-cifs-idmap-plugin \
--without-nfsv4-idmapd-plugin \
--disable-config-lib \
--with-selinux=no \
--with-semanage=no \
--without-python3-bindings

(had to installpkg c-ares, bind, and could not find python3, only 2.7.10, so added the last flag)

This builds sssd-1.13.0. It places ONLY pam_sss.* into /usr/lib64/security (as requested) while everything else of pam_* is in /lib64/security, do not know yet if this is an issue.

Will report later if login works, will need to play with PAM configs, where I depend on the goodwill of the campus administrator.

Thanks for helping me get this far!
 
Old 08-05-2015, 06:11 PM   #95
chris.willing
Member
 
Registered: Jun 2014
Location: Brisbane, Australia
Distribution: Slackware,LFS
Posts: 914

Rep: Reputation: 619Reputation: 619Reputation: 619Reputation: 619Reputation: 619Reputation: 619
Quote:
Originally Posted by esternin View Post
Status update:

patched up samba-4.2.1, rebuilt and installed. There was one

WARNING: zero length file usr/lib64/python2.7/site-packages/samba/external/__init__.py
That is not a problem - its a warning from tar when producing your package file. The __init__.py files are a python convention to signal that the contents of a directory constitute a python package - they often have no content at all.

Quote:
and samba does, indeed, fail at this:

samba-tool dbcheck
ERROR(<type 'exceptions.ValueError'>): uncaught exception - unable to parse dn string
File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py", line 175, in _run
return self.run(*args, **kwargs)
...
but I do not care, as I do not need samba.
That is probably not an error to worry about either. That particular command is trying to read information from /etc/samba/private/sam.ldb which is probably empty in a new installation. I also saw somewhere that that particular command is for "checking LDAP installation on a full blown Active Directory Samba installation. The tool is NOT FOR USE on a stand alone Samba server" (see http://ubuntuforums.org/showthread.php?t=2221527).

Quote:
In sssd:

CFLAGS="-I/usr/include/samba-4.0 -I/usr/include/krb5" ./configure --prefix=/usr \
--libdir=/usr/lib64 \
--disable-cifs-idmap-plugin \
--without-nfsv4-idmapd-plugin \
--disable-config-lib \
--with-selinux=no \
--with-semanage=no \
--without-python3-bindings

(had to installpkg c-ares, bind, and could not find python3, only 2.7.10, so added the last flag)
Right - I already had c-ares and python3 installed for other things on my system so the configure script didn't raise any error/warnings about them. However bind is a stock Slackware package - it should have been installed already.

chris
 
Old 08-05-2015, 10:46 PM   #96
ivandi
Member
 
Registered: Jul 2009
Location: Québec, Canada
Distribution: CRUX, Debian
Posts: 528

Original Poster
Rep: Reputation: 866Reputation: 866Reputation: 866Reputation: 866Reputation: 866Reputation: 866Reputation: 866
Quote:
Originally Posted by esternin View Post
Can we return back to the PAM/LDAP and leave copyright discussion for now?

I just found http://karellen.blogspot.ca/2014/03/...slackware.html and followed it closely on a clean 14.1 64-bit install. It worked very well, with only a small handful of builds required, far fewer than here. Where it did fail, and where I see no activity in this project as well, is the absence of sssd.

In my existing environment (AD) pam_sss.so is a module that is required in quite a few places in pam configurations, but I seem unable to find any Slack build files or a pre-compiled package or even compileable sources. Trying to follow the source, as in https://fedorahosted.org/sssd/wiki/DevelTutorials, but there is a chain of dependencies, so before I start chasing them down... has anybody already done this?

Does anybody have sssd compiled for Slackware?
If I got it right you need to join and authenticate against the AD at your campus. Take a look at this setup and README. It doesn't use sssd. I don't use it because as I already said it resembles too much another RH/Fedora s...d. You only need Samba to join the AD and PAM to authenticate using pam_winbind. I am not sure about krb5 for your case because Samba has its internal heimdal. The samba.conf.ads includes everything you need to join the AD, connect to shares and use usershares. The other packages are not required. Some are needed to support LDAP and NFSv4 and others are recompiled Slackware packages to support PAM or Kerberos or both. So compile only what you need.

Cheers
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Managing multiple kerberos/ADS realms edgood1 Linux - Software 0 06-09-2009 02:44 PM
ADS / winbind / samba / kerberos HELP!!! jsheffie Red Hat 5 08-16-2006 09:01 AM
Samba, Kerberos and ADS problems deadlock Linux - Networking 0 01-26-2006 11:27 AM
suse9.1client W2k ADS kerberos and pam fatcake Linux - Networking 1 06-09-2005 01:27 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 03:35 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration