|
 |
8e731f |
From ec3c397cf50ace03f920502f34bca612f62333bf Mon Sep 17 00:00:00 2001
|
|
|
8e731f |
From: Andrew Austin <aaustin@one.verizon.com>
|
|
|
8e731f |
Date: Sun, 17 Apr 2016 12:17:04 -0500
|
|
|
8e731f |
Subject: [PATCH 1/3] Support manually setting computer name
|
|
|
8e731f |
|
|
|
8e731f |
This change adds a computer-name option to the realm configuration.
|
|
|
8e731f |
When set, the computer-name string will be used in place of either the
|
|
|
8e731f |
system's hostname or an automatically truncated netbios name when joining
|
|
|
8e731f |
an active directory domain.
|
|
|
8e731f |
|
|
|
8e731f |
https://bugs.freedesktop.org/show_bug.cgi?id=93739
|
|
|
8e731f |
|
|
|
8e731f |
Signed-off-by: Stef Walter <stefw@redhat.com>
|
|
|
8e731f |
* Squashed fixup patch
|
|
|
8e731f |
---
|
|
|
8e731f |
dbus/realm-dbus-constants.h | 1 +
|
|
|
8e731f |
service/realm-adcli-enroll.c | 11 +++++++++--
|
|
|
8e731f |
service/realm-options.c | 21 +++++++++++++++++++++
|
|
|
8e731f |
service/realm-options.h | 3 +++
|
|
|
8e731f |
service/realm-samba-enroll.c | 26 ++++++++++++++++++++------
|
|
|
8e731f |
service/realm-samba.c | 10 +++++++++-
|
|
|
8e731f |
service/realm-sssd-ad.c | 9 ++++++---
|
|
|
8e731f |
7 files changed, 69 insertions(+), 12 deletions(-)
|
|
|
8e731f |
|
|
|
8e731f |
diff --git a/dbus/realm-dbus-constants.h b/dbus/realm-dbus-constants.h
|
|
|
8e731f |
index c68e958..3a67a00 100644
|
|
|
8e731f |
--- a/dbus/realm-dbus-constants.h
|
|
|
8e731f |
+++ b/dbus/realm-dbus-constants.h
|
|
|
8e731f |
@@ -66,6 +66,7 @@ G_BEGIN_DECLS
|
|
|
8e731f |
#define REALM_DBUS_OPTION_MEMBERSHIP_SOFTWARE "membership-software"
|
|
|
8e731f |
#define REALM_DBUS_OPTION_USER_PRINCIPAL "user-principal"
|
|
|
8e731f |
#define REALM_DBUS_OPTION_MANAGE_SYSTEM "manage-system"
|
|
|
8e731f |
+#define REALM_DBUS_OPTION_COMPUTER_NAME "computer-name"
|
|
|
8e731f |
|
|
|
8e731f |
#define REALM_DBUS_IDENTIFIER_ACTIVE_DIRECTORY "active-directory"
|
|
|
8e731f |
#define REALM_DBUS_IDENTIFIER_WINBIND "winbind"
|
|
|
8e731f |
diff --git a/service/realm-adcli-enroll.c b/service/realm-adcli-enroll.c
|
|
|
8e731f |
index ef1b563..0c506f9 100644
|
|
|
8e731f |
--- a/service/realm-adcli-enroll.c
|
|
|
8e731f |
+++ b/service/realm-adcli-enroll.c
|
|
|
8e731f |
@@ -84,6 +84,7 @@ realm_adcli_enroll_join_async (RealmDisco *disco,
|
|
|
8e731f |
gchar *upn_arg = NULL;
|
|
|
8e731f |
gchar *server_arg = NULL;
|
|
|
8e731f |
gchar *ou_arg = NULL;
|
|
|
8e731f |
+ const gchar *computer_name = NULL;
|
|
|
8e731f |
|
|
|
8e731f |
g_return_if_fail (cred != NULL);
|
|
|
8e731f |
g_return_if_fail (disco != NULL);
|
|
|
8e731f |
@@ -114,7 +115,14 @@ realm_adcli_enroll_join_async (RealmDisco *disco,
|
|
|
8e731f |
g_ptr_array_add (args, (gpointer)disco->explicit_server);
|
|
|
8e731f |
}
|
|
|
8e731f |
|
|
|
8e731f |
- if (disco->explicit_netbios) {
|
|
|
8e731f |
+ /* Pass manually configured or truncated computer name to adcli */
|
|
|
8e731f |
+ computer_name = realm_options_computer_name (options, disco->domain_name);
|
|
|
8e731f |
+ if (computer_name != NULL) {
|
|
|
8e731f |
+ realm_diagnostics_info (invocation, "Joining using a manual netbios name: %s",
|
|
|
8e731f |
+ computer_name);
|
|
|
8e731f |
+ g_ptr_array_add (args, "--computer-name");
|
|
|
8e731f |
+ g_ptr_array_add (args, (gpointer)computer_name);
|
|
|
8e731f |
+ } else if (disco->explicit_netbios) {
|
|
|
8e731f |
realm_diagnostics_info (invocation, "Joining using a truncated netbios name: %s",
|
|
|
8e731f |
disco->explicit_netbios);
|
|
|
8e731f |
g_ptr_array_add (args, "--computer-name");
|
|
|
8e731f |
@@ -192,7 +200,6 @@ realm_adcli_enroll_join_async (RealmDisco *disco,
|
|
|
8e731f |
|
|
|
8e731f |
if (input)
|
|
|
8e731f |
g_bytes_unref (input);
|
|
|
8e731f |
-
|
|
|
8e731f |
free (ccache_arg);
|
|
|
8e731f |
free (upn_arg);
|
|
|
8e731f |
free (server_arg);
|
|
|
8e731f |
diff --git a/service/realm-options.c b/service/realm-options.c
|
|
|
8e731f |
index bba3ee4..b9f59c6 100644
|
|
|
8e731f |
--- a/service/realm-options.c
|
|
|
8e731f |
+++ b/service/realm-options.c
|
|
|
8e731f |
@@ -159,3 +159,24 @@ realm_options_check_domain_name (const gchar *name)
|
|
|
8e731f |
|
|
|
8e731f |
return TRUE;
|
|
|
8e731f |
}
|
|
|
8e731f |
+
|
|
|
8e731f |
+const gchar *
|
|
|
8e731f |
+realm_options_computer_name (GVariant *options,
|
|
|
8e731f |
+ const gchar *realm_name)
|
|
|
8e731f |
+{
|
|
|
8e731f |
+ const gchar *computer_name = NULL;
|
|
|
8e731f |
+ gchar *section;
|
|
|
8e731f |
+
|
|
|
8e731f |
+ if (options) {
|
|
|
8e731f |
+ if (!g_variant_lookup (options, REALM_DBUS_OPTION_COMPUTER_NAME, "&s", &computer_name))
|
|
|
8e731f |
+ computer_name = NULL;
|
|
|
8e731f |
+ }
|
|
|
8e731f |
+
|
|
|
8e731f |
+ if (realm_name && !computer_name) {
|
|
|
8e731f |
+ section = g_utf8_casefold (realm_name, -1);
|
|
|
8e731f |
+ computer_name = realm_settings_value (section, REALM_DBUS_OPTION_COMPUTER_NAME);
|
|
|
8e731f |
+ g_free (section);
|
|
|
8e731f |
+ }
|
|
|
8e731f |
+
|
|
|
8e731f |
+ return g_strdup (computer_name);
|
|
|
8e731f |
+}
|
|
|
8e731f |
diff --git a/service/realm-options.h b/service/realm-options.h
|
|
|
8e731f |
index 4890cba..e31cddc 100644
|
|
|
8e731f |
--- a/service/realm-options.h
|
|
|
8e731f |
+++ b/service/realm-options.h
|
|
|
8e731f |
@@ -41,6 +41,9 @@ gboolean realm_options_qualify_names (const gchar *realm_name);
|
|
|
8e731f |
|
|
|
8e731f |
gboolean realm_options_check_domain_name (const gchar *domain_name);
|
|
|
8e731f |
|
|
|
8e731f |
+const gchar * realm_options_computer_name (GVariant *options,
|
|
|
8e731f |
+ const gchar *realm_name);
|
|
|
8e731f |
+
|
|
|
8e731f |
G_END_DECLS
|
|
|
8e731f |
|
|
|
8e731f |
#endif /* __REALM_OPTIONS_H__ */
|
|
|
8e731f |
diff --git a/service/realm-samba-enroll.c b/service/realm-samba-enroll.c
|
|
|
8e731f |
index e749764..f2392a9 100644
|
|
|
8e731f |
--- a/service/realm-samba-enroll.c
|
|
|
8e731f |
+++ b/service/realm-samba-enroll.c
|
|
|
8e731f |
@@ -84,27 +84,37 @@ fallback_workgroup (const gchar *realm)
|
|
|
8e731f |
static JoinClosure *
|
|
|
8e731f |
join_closure_init (GTask *task,
|
|
|
8e731f |
RealmDisco *disco,
|
|
|
8e731f |
+ GVariant *options,
|
|
|
8e731f |
GDBusMethodInvocation *invocation)
|
|
|
8e731f |
{
|
|
|
8e731f |
JoinClosure *join;
|
|
|
8e731f |
gchar *workgroup;
|
|
|
8e731f |
GError *error = NULL;
|
|
|
8e731f |
int temp_fd;
|
|
|
8e731f |
+ const gchar *explicit_computer_name = NULL;
|
|
|
8e731f |
+ const gchar *authid = NULL;
|
|
|
8e731f |
|
|
|
8e731f |
join = g_new0 (JoinClosure, 1);
|
|
|
8e731f |
join->disco = realm_disco_ref (disco);
|
|
|
8e731f |
join->invocation = invocation ? g_object_ref (invocation) : NULL;
|
|
|
8e731f |
g_task_set_task_data (task, join, join_closure_free);
|
|
|
8e731f |
|
|
|
8e731f |
+ explicit_computer_name = realm_options_computer_name (options, disco->domain_name);
|
|
|
8e731f |
+ /* Set netbios name to explicit or truncated name if available */
|
|
|
8e731f |
+ if (explicit_computer_name != NULL)
|
|
|
8e731f |
+ authid = explicit_computer_name;
|
|
|
8e731f |
+ else if (disco->explicit_netbios)
|
|
|
8e731f |
+ authid = disco->explicit_netbios;
|
|
|
8e731f |
+
|
|
|
8e731f |
join->config = realm_ini_config_new (REALM_INI_NO_WATCH | REALM_INI_PRIVATE);
|
|
|
8e731f |
realm_ini_config_set (join->config, REALM_SAMBA_CONFIG_GLOBAL,
|
|
|
8e731f |
"security", "ads",
|
|
|
8e731f |
"kerberos method", "system keytab",
|
|
|
8e731f |
"realm", disco->kerberos_realm,
|
|
|
8e731f |
- "netbios name", disco->explicit_netbios,
|
|
|
8e731f |
+ "netbios name", authid,
|
|
|
8e731f |
NULL);
|
|
|
8e731f |
|
|
|
8e731f |
- /*
|
|
|
8e731f |
+ /*
|
|
|
8e731f |
* Samba complains if we don't set a 'workgroup' setting for the realm we're
|
|
|
8e731f |
* going to join. If we didn't yet manage to lookup the workgroup, then go ahead
|
|
|
8e731f |
* and assume that the first domain component is the workgroup name.
|
|
|
8e731f |
@@ -377,14 +387,18 @@ realm_samba_enroll_join_async (RealmDisco *disco,
|
|
|
8e731f |
{
|
|
|
8e731f |
GTask *task;
|
|
|
8e731f |
JoinClosure *join;
|
|
|
8e731f |
+ const gchar *explicit_computer_name;
|
|
|
8e731f |
|
|
|
8e731f |
g_return_if_fail (disco != NULL);
|
|
|
8e731f |
g_return_if_fail (cred != NULL);
|
|
|
8e731f |
|
|
|
8e731f |
task = g_task_new (NULL, NULL, callback, user_data);
|
|
|
8e731f |
- join = join_closure_init (task, disco, invocation);
|
|
|
8e731f |
-
|
|
|
8e731f |
- if (disco->explicit_netbios) {
|
|
|
8e731f |
+ join = join_closure_init (task, disco, options, invocation);
|
|
|
8e731f |
+ explicit_computer_name = realm_options_computer_name (options, disco->domain_name);
|
|
|
8e731f |
+ if (explicit_computer_name != NULL) {
|
|
|
8e731f |
+ realm_diagnostics_info (invocation, "Joining using a manual netbios name: %s",
|
|
|
8e731f |
+ explicit_computer_name);
|
|
|
8e731f |
+ } else if (disco->explicit_netbios) {
|
|
|
8e731f |
realm_diagnostics_info (invocation, "Joining using a truncated netbios name: %s",
|
|
|
8e731f |
disco->explicit_netbios);
|
|
|
8e731f |
}
|
|
|
8e731f |
@@ -448,7 +462,7 @@ realm_samba_enroll_leave_async (RealmDisco *disco,
|
|
|
8e731f |
JoinClosure *join;
|
|
|
8e731f |
|
|
|
8e731f |
task = g_task_new (NULL, NULL, callback, user_data);
|
|
|
8e731f |
- join = join_closure_init (task, disco, invocation);
|
|
|
8e731f |
+ join = join_closure_init (task, disco, options, invocation);
|
|
|
8e731f |
|
|
|
8e731f |
switch (cred->type) {
|
|
|
8e731f |
case REALM_CREDENTIAL_PASSWORD:
|
|
|
8e731f |
diff --git a/service/realm-samba.c b/service/realm-samba.c
|
|
|
8e731f |
index eca65aa..5cf2aa8 100644
|
|
|
8e731f |
--- a/service/realm-samba.c
|
|
|
8e731f |
+++ b/service/realm-samba.c
|
|
|
8e731f |
@@ -183,6 +183,13 @@ on_join_do_winbind (GObject *source,
|
|
|
8e731f |
GHashTable *settings = NULL;
|
|
|
8e731f |
GError *error = NULL;
|
|
|
8e731f |
const gchar *name;
|
|
|
8e731f |
+ const gchar *computer_name;
|
|
|
8e731f |
+
|
|
|
8e731f |
+ computer_name = realm_options_computer_name (enroll->options, enroll->disco->domain_name);
|
|
|
8e731f |
+ /* Use truncated name if set and explicit name is not available */
|
|
|
8e731f |
+ if (enroll->disco->explicit_netbios && computer_name == NULL)
|
|
|
8e731f |
+ computer_name = enroll->disco->explicit_netbios;
|
|
|
8e731f |
+
|
|
|
8e731f |
|
|
|
8e731f |
realm_samba_enroll_join_finish (result, &error);
|
|
|
8e731f |
if (error == NULL) {
|
|
|
8e731f |
@@ -192,12 +199,13 @@ on_join_do_winbind (GObject *source,
|
|
|
8e731f |
"workgroup", enroll->disco->workgroup,
|
|
|
8e731f |
"template homedir", realm_settings_string ("users", "default-home"),
|
|
|
8e731f |
"template shell", realm_settings_string ("users", "default-shell"),
|
|
|
8e731f |
- "netbios name", enroll->disco->explicit_netbios,
|
|
|
8e731f |
+ "netbios name", computer_name,
|
|
|
8e731f |
"password server", enroll->disco->explicit_server,
|
|
|
8e731f |
"kerberos method", "system keytab",
|
|
|
8e731f |
NULL);
|
|
|
8e731f |
}
|
|
|
8e731f |
|
|
|
8e731f |
+
|
|
|
8e731f |
if (error == NULL) {
|
|
|
8e731f |
name = realm_kerberos_get_name (REALM_KERBEROS (self));
|
|
|
8e731f |
realm_samba_winbind_configure_async (self->config, name, enroll->options,
|
|
|
8e731f |
diff --git a/service/realm-sssd-ad.c b/service/realm-sssd-ad.c
|
|
|
8e731f |
index c7ffe8a..5ed384d 100644
|
|
|
8e731f |
--- a/service/realm-sssd-ad.c
|
|
|
8e731f |
+++ b/service/realm-sssd-ad.c
|
|
|
8e731f |
@@ -163,6 +163,7 @@ configure_sssd_for_domain (RealmIniConfig *config,
|
|
|
8e731f |
GString *realmd_tags;
|
|
|
8e731f |
const gchar *access_provider;
|
|
|
8e731f |
const gchar *shell;
|
|
|
8e731f |
+ const gchar *explicit_computer_name;
|
|
|
8e731f |
gchar *authid = NULL;
|
|
|
8e731f |
gboolean qualify;
|
|
|
8e731f |
gboolean ret;
|
|
|
8e731f |
@@ -172,17 +173,19 @@ configure_sssd_for_domain (RealmIniConfig *config,
|
|
|
8e731f |
home = realm_sssd_build_default_home (realm_settings_string ("users", "default-home"));
|
|
|
8e731f |
qualify = realm_options_qualify_names (disco->domain_name);
|
|
|
8e731f |
shell = realm_settings_string ("users", "default-shell");
|
|
|
8e731f |
-
|
|
|
8e731f |
+ explicit_computer_name = realm_options_computer_name (options, disco->domain_name);
|
|
|
8e731f |
realmd_tags = g_string_new ("");
|
|
|
8e731f |
if (realm_options_manage_system (options, disco->domain_name))
|
|
|
8e731f |
g_string_append (realmd_tags, "manages-system ");
|
|
|
8e731f |
g_string_append (realmd_tags, use_adcli ? "joined-with-adcli " : "joined-with-samba ");
|
|
|
8e731f |
|
|
|
8e731f |
/*
|
|
|
8e731f |
- * Explicitly set the netbios authid for sssd to use in this case, since
|
|
|
8e731f |
+ * Explicitly set the netbios authid for sssd to use in these cases, since
|
|
|
8e731f |
* otherwise sssd won't know which kerberos principal to use
|
|
|
8e731f |
*/
|
|
|
8e731f |
- if (disco->explicit_netbios)
|
|
|
8e731f |
+ if (explicit_computer_name != NULL)
|
|
|
8e731f |
+ authid = g_strdup_printf ("%s$", explicit_computer_name);
|
|
|
8e731f |
+ else if (disco->explicit_netbios)
|
|
|
8e731f |
authid = g_strdup_printf ("%s$", disco->explicit_netbios);
|
|
|
8e731f |
|
|
|
8e731f |
ret = realm_sssd_config_add_domain (config, disco->domain_name, error,
|
|
|
8e731f |
--
|
|
|
8e731f |
2.7.4
|
|
|
8e731f |
|