|
 |
5b30ee |
From a49994ab4ac36ff39a1e24a228e57a5269bf8fdf Mon Sep 17 00:00:00 2001
|
|
|
5b30ee |
From: Sumit Bose <sbose@redhat.com>
|
|
|
5b30ee |
Date: Wed, 12 Aug 2020 12:58:27 +0200
|
|
|
5b30ee |
Subject: [PATCH] service: use 'additional dns hostnames' with net ads join
|
|
|
5b30ee |
|
|
|
5b30ee |
With newer versions of Samba the net ads join does not add services
|
|
|
5b30ee |
principals with the configured host name anymore but added the new
|
|
|
5b30ee |
option 'additional dns hostnames' for this.
|
|
|
5b30ee |
|
|
|
5b30ee |
realmd will try to figure out a fully-qualified host name and use it
|
|
|
5b30ee |
with the new option if it is from a different domain.
|
|
|
5b30ee |
|
|
|
5b30ee |
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1867912
|
|
|
5b30ee |
---
|
|
|
5b30ee |
service/realm-disco.c | 1 +
|
|
|
5b30ee |
service/realm-disco.h | 1 +
|
|
|
5b30ee |
service/realm-samba-enroll.c | 57 +++++++++++++++++++++++++++++++++++-
|
|
|
5b30ee |
service/realm-samba.c | 6 ++++
|
|
|
5b30ee |
4 files changed, 64 insertions(+), 1 deletion(-)
|
|
|
5b30ee |
|
|
|
5b30ee |
diff --git a/service/realm-disco.c b/service/realm-disco.c
|
|
|
5b30ee |
index ab06939..a12be50 100644
|
|
|
5b30ee |
--- a/service/realm-disco.c
|
|
|
5b30ee |
+++ b/service/realm-disco.c
|
|
|
5b30ee |
@@ -62,6 +62,7 @@ realm_disco_unref (gpointer data)
|
|
|
5b30ee |
g_free (disco->explicit_netbios);
|
|
|
5b30ee |
g_free (disco->kerberos_realm);
|
|
|
5b30ee |
g_free (disco->workgroup);
|
|
|
5b30ee |
+ g_free (disco->dns_fqdn);
|
|
|
5b30ee |
if (disco->server_address)
|
|
|
5b30ee |
g_object_unref (disco->server_address);
|
|
|
5b30ee |
g_free (disco);
|
|
|
5b30ee |
diff --git a/service/realm-disco.h b/service/realm-disco.h
|
|
|
5b30ee |
index 5f3e5e9..35532d2 100644
|
|
|
5b30ee |
--- a/service/realm-disco.h
|
|
|
5b30ee |
+++ b/service/realm-disco.h
|
|
|
5b30ee |
@@ -30,6 +30,7 @@ typedef struct {
|
|
|
5b30ee |
gchar *explicit_server;
|
|
|
5b30ee |
gchar *explicit_netbios;
|
|
|
5b30ee |
GSocketAddress *server_address;
|
|
|
5b30ee |
+ gchar *dns_fqdn;
|
|
|
5b30ee |
} RealmDisco;
|
|
|
5b30ee |
|
|
|
5b30ee |
#define REALM_TYPE_DISCO (realm_disco_get_type ())
|
|
|
5b30ee |
diff --git a/service/realm-samba-enroll.c b/service/realm-samba-enroll.c
|
|
|
5b30ee |
index 3f86c51..5624a08 100644
|
|
|
5b30ee |
--- a/service/realm-samba-enroll.c
|
|
|
5b30ee |
+++ b/service/realm-samba-enroll.c
|
|
|
5b30ee |
@@ -33,6 +33,9 @@
|
|
|
5b30ee |
#include <errno.h>
|
|
|
5b30ee |
#include <fcntl.h>
|
|
|
5b30ee |
#include <string.h>
|
|
|
5b30ee |
+#include <sys/types.h>
|
|
|
5b30ee |
+#include <sys/socket.h>
|
|
|
5b30ee |
+#include <netdb.h>
|
|
|
5b30ee |
|
|
|
5b30ee |
typedef struct {
|
|
|
5b30ee |
GDBusMethodInvocation *invocation;
|
|
|
5b30ee |
@@ -81,6 +84,44 @@ fallback_workgroup (const gchar *realm)
|
|
|
5b30ee |
return g_utf8_strup (realm, pos - realm);
|
|
|
5b30ee |
}
|
|
|
5b30ee |
|
|
|
5b30ee |
+static char *
|
|
|
5b30ee |
+try_to_get_fqdn (void)
|
|
|
5b30ee |
+{
|
|
|
5b30ee |
+ char hostname[HOST_NAME_MAX + 1];
|
|
|
5b30ee |
+ gchar *fqdn = NULL;
|
|
|
5b30ee |
+ int ret;
|
|
|
5b30ee |
+ struct addrinfo *res;
|
|
|
5b30ee |
+ struct addrinfo hints;
|
|
|
5b30ee |
+
|
|
|
5b30ee |
+ ret = gethostname (hostname, sizeof (hostname));
|
|
|
5b30ee |
+ if (ret < 0) {
|
|
|
5b30ee |
+ return NULL;
|
|
|
5b30ee |
+ }
|
|
|
5b30ee |
+
|
|
|
5b30ee |
+ if (strchr (hostname, '.') == NULL) {
|
|
|
5b30ee |
+ memset (&hints, 0, sizeof (struct addrinfo));
|
|
|
5b30ee |
+ hints.ai_socktype = SOCK_DGRAM;
|
|
|
5b30ee |
+ hints.ai_flags = AI_CANONNAME;
|
|
|
5b30ee |
+
|
|
|
5b30ee |
+ ret = getaddrinfo (hostname, NULL, &hints, &res;;
|
|
|
5b30ee |
+ if (ret != 0) {
|
|
|
5b30ee |
+ return NULL;
|
|
|
5b30ee |
+ }
|
|
|
5b30ee |
+
|
|
|
5b30ee |
+ /* Only use a fully-qualified name */
|
|
|
5b30ee |
+ if (strchr (res->ai_canonname, '.') != NULL) {
|
|
|
5b30ee |
+ fqdn = g_strdup (res->ai_canonname);
|
|
|
5b30ee |
+ }
|
|
|
5b30ee |
+
|
|
|
5b30ee |
+ freeaddrinfo (res);
|
|
|
5b30ee |
+
|
|
|
5b30ee |
+ } else {
|
|
|
5b30ee |
+ fqdn = g_strdup (hostname);
|
|
|
5b30ee |
+ }
|
|
|
5b30ee |
+
|
|
|
5b30ee |
+ return fqdn;
|
|
|
5b30ee |
+}
|
|
|
5b30ee |
+
|
|
|
5b30ee |
static JoinClosure *
|
|
|
5b30ee |
join_closure_init (GTask *task,
|
|
|
5b30ee |
RealmDisco *disco,
|
|
|
5b30ee |
@@ -95,5 +136,7 @@ join_closure_init (GTask *task,
|
|
|
5b30ee |
const gchar *explicit_computer_name = NULL;
|
|
|
5b30ee |
const gchar *authid = NULL;
|
|
|
5b30ee |
+ gchar *fqdn = NULL;
|
|
|
5b30ee |
+ gchar *fqdn_dom = NULL;
|
|
|
5b30ee |
|
|
|
5b30ee |
join = g_new0 (JoinClosure, 1);
|
|
|
5b30ee |
join->disco = realm_disco_ref (disco);
|
|
|
5b30ee |
@@ -124,7 +167,7 @@ join_closure_init (GTask *task,
|
|
|
5b30ee |
"netbios name", authid,
|
|
|
5b30ee |
NULL);
|
|
|
5b30ee |
|
|
|
5b30ee |
- /*
|
|
|
5b30ee |
+ /*
|
|
|
5b30ee |
* Samba complains if we don't set a 'workgroup' setting for the realm we're
|
|
|
5b30ee |
* going to join. If we didn't yet manage to lookup the workgroup, then go ahead
|
|
|
5b30ee |
* and assume that the first domain component is the workgroup name.
|
|
|
5b30ee |
@@ -144,6 +187,18 @@ join_closure_init (GTask *task,
|
|
|
5b30ee |
g_free (workgroup);
|
|
|
5b30ee |
}
|
|
|
5b30ee |
|
|
|
5b30ee |
+ /* Add the fully-qualified DNS hostname as additional name if it is from
|
|
|
5b30ee |
+ * a different domain. */
|
|
|
5b30ee |
+ fqdn = try_to_get_fqdn ();
|
|
|
5b30ee |
+ if (fqdn != NULL && join->disco->domain_name != NULL
|
|
|
5b30ee |
+ && (fqdn_dom = strchr (fqdn, '.')) != NULL
|
|
|
5b30ee |
+ && g_ascii_strcasecmp (fqdn_dom + 1, join->disco->domain_name) != 0 ) {
|
|
|
5b30ee |
+ disco->dns_fqdn = g_strdup (fqdn);
|
|
|
5b30ee |
+ realm_ini_config_set (join->config, REALM_SAMBA_CONFIG_GLOBAL,
|
|
|
5b30ee |
+ "additional dns hostnames", disco->dns_fqdn, NULL);
|
|
|
5b30ee |
+ }
|
|
|
5b30ee |
+ g_free (fqdn);
|
|
|
5b30ee |
+
|
|
|
5b30ee |
/* Write out the config file for use by various net commands */
|
|
|
5b30ee |
join->custom_smb_conf = g_build_filename (g_get_tmp_dir (), "realmd-smb-conf.XXXXXX", NULL);
|
|
|
5b30ee |
temp_fd = g_mkstemp_full (join->custom_smb_conf, O_WRONLY, S_IRUSR | S_IWUSR);
|
|
|
5b30ee |
diff --git a/service/realm-samba.c b/service/realm-samba.c
|
|
|
5b30ee |
index 4940b38..fe33600 100644
|
|
|
5b30ee |
--- a/service/realm-samba.c
|
|
|
5b30ee |
+++ b/service/realm-samba.c
|
|
|
5b30ee |
@@ -204,6 +204,11 @@ on_join_do_winbind (GObject *source,
|
|
|
5b30ee |
NULL);
|
|
|
5b30ee |
}
|
|
|
5b30ee |
|
|
|
5b30ee |
+ if (error == NULL && enroll->disco->dns_fqdn != NULL) {
|
|
|
5b30ee |
+ realm_ini_config_change (self->config, REALM_SAMBA_CONFIG_GLOBAL, &error,
|
|
|
5b30ee |
+ "additional dns hostnames", enroll->disco->dns_fqdn,
|
|
|
5b30ee |
+ NULL);
|
|
|
5b30ee |
+ }
|
|
|
5b30ee |
|
|
|
5b30ee |
if (error == NULL) {
|
|
|
5b30ee |
name = realm_kerberos_get_name (REALM_KERBEROS (self));
|
|
|
5b30ee |
@@ -364,6 +369,7 @@ leave_deconfigure_begin (RealmSamba *self,
|
|
|
5b30ee |
if (!realm_ini_config_change (self->config, REALM_SAMBA_CONFIG_GLOBAL, &error,
|
|
|
5b30ee |
"workgroup", NULL,
|
|
|
5b30ee |
"realm", NULL,
|
|
|
5b30ee |
+ "additional dns hostnames", NULL,
|
|
|
5b30ee |
"security", "user",
|
|
|
5b30ee |
NULL)) {
|
|
|
5b30ee |
g_task_return_error (task, error);
|
|
|
5b30ee |
--
|
|
|
5b30ee |
2.26.2
|
|
|
5b30ee |
|