This Patch adds an example LDB module "univention_machine_secret" to the source package ldb.
Below you find an example script that can be used to register the module with /var/tmp/secrets.ldb.
------------------------------------------------------------
#!/bin/sh
LDB_FILE='/var/tmp/secrets.ldb'
ADDITIONAL_MODULE='univention_machine_secret'
# Order matters: the samba_secrets module must come last
current_modules=$(ldbsearch -H "$LDB_FILE" -b '@MODULES' -s base @LIST | sed -n 's/@LIST: \(.*\)/\1/p')
ldif() {
echo "dn: @MODULES"
echo "changetype: modify"
echo "replace: @LIST"
echo "@LIST: $ADDITIONAL_MODULE"
for module in $current_modules; do
echo "@LIST: $module"
done
}
ldif | ldbmodify -H "$LDB_FILE"
------------------------------------------------------------
diff -Nuar ldb-1.1.2.orig/modules/univention_machine_secret.c ldb-1.1.2/modules/univention_machine_secret.c
--- ldb-1.1.2.orig/modules/univention_machine_secret.c 1970-01-01 01:00:00.000000000 +0100
+++ ldb-1.1.2/modules/univention_machine_secret.c 2011-10-20 23:51:04.000000000 +0200
@@ -0,0 +1,151 @@
+/*
+ * Samba LDB module univention_machine_secret
+ * sample LDB Module for storing /tmp/machine.secret
+ *
+ * Copyright 2011-2012 Univention GmbH
+ *
+ * http://www.univention.de/
+ *
+ * All rights reserved.
+ *
+ * The source code of this program is made available
+ * under the terms of the GNU Affero General Public License version 3
+ * (GNU AGPL V3) as published by the Free Software Foundation.
+ *
+ * Binary versions of this program provided by Univention to you as
+ * well as other copyrighted, protected or trademarked materials like
+ * Logos, graphics, fonts, specific documentations and configurations,
+ * cryptographic keys etc. are subject to a license agreement between
+ * you and Univention and not subject to the GNU AGPL V3.
+ *
+ * In the case you use this program under the terms of the GNU AGPL V3,
+ * the program is provided in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License with the Debian GNU/Linux or Univention distribution in file
+ * /usr/share/common-licenses/AGPL-3; if not, see
+ * .
+ */
+
+/* univention_machine_secret was derived from the tests/sample_module
+
+ Unix SMB/CIFS implementation.
+ Samba utility functions
+ Copyright (C) Jelmer Vernooij 2007
+
+ ** NOTE! The following LGPL license applies to the ldb
+ ** library. This does NOT imply that all of Samba is released
+ ** under the LGPL
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 3 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, see .
+*/
+
+#include "ldb_module.h"
+#include
+#include
+
+static int univention_machine_secret_add(struct ldb_module *module, struct ldb_request *req)
+{
+ struct ldb_message_element *attribute;
+ struct ldb_context *ldb;
+ TALLOC_CTX *tmp_ctx;
+ char hostname[256];
+ struct ldb_result *res = NULL;
+ int fd;
+ int ret;
+ ldb = ldb_module_get_ctx(module);
+ ldb_debug(ldb, LDB_DEBUG_TRACE, ("LDB_univention_machine_secret: ldb_add\n"));
+
+ ret = ldb_next_request(module, req);
+
+ if ( ret == LDB_SUCCESS ) {
+ attribute = ldb_msg_find_element(req->op.add.message, "secret");
+ if (attribute) {
+ ldb = ldb_module_get_ctx(module);
+ tmp_ctx = talloc_new(module);
+ hostname[255] = '\0';
+ gethostname(hostname, 255);
+ static const char * const attrs[] = { "dn", NULL };
+ ret = ldb_search(ldb, tmp_ctx, &res, req->op.mod.message->dn, LDB_SCOPE_BASE, attrs, "samAccountName=%s$", hostname);
+ if ( ret == LDB_SUCCESS && attribute->num_values == 1 ) {
+ ldb_debug(ldb, LDB_DEBUG_TRACE, ("LDB_univention_machine_secret: ldb_add: secret modified: %s\n", (const char *)attribute->values[0].data));
+ fd = open("/tmp/machine.secret", O_WRONLY |O_CREAT |O_TRUNC);
+ if (fd != -1) {
+ write(fd, (const char *)attribute->values[0].data, attribute->values[0].length);
+ close(fd);
+ } else {
+ ldb_debug(ldb, LDB_DEBUG_ERROR, ("LDB_univention_machine_secret: error opening file /tmp/machine.secret\n"));
+ }
+ }
+ talloc_free(tmp_ctx);
+ }
+ }
+
+ return ret;
+}
+
+static int univention_machine_secret_modify(struct ldb_module *module, struct ldb_request *req)
+{
+ struct ldb_message_element *attribute;
+ struct ldb_context *ldb;
+ TALLOC_CTX *tmp_ctx;
+ char hostname[256];
+ struct ldb_result *res = NULL;
+ int fd;
+ int ret;
+ ldb = ldb_module_get_ctx(module);
+ ldb_debug(ldb, LDB_DEBUG_TRACE, ("LDB_univention_machine_secret: ldb_modify\n"));
+
+ ret = ldb_next_request(module, req);
+
+ if ( ret == LDB_SUCCESS ) {
+ attribute = ldb_msg_find_element(req->op.mod.message, "secret");
+ if (attribute) {
+ ldb = ldb_module_get_ctx(module);
+ tmp_ctx = talloc_new(module);
+ hostname[255] = '\0';
+ gethostname(hostname, 255);
+ static const char * const attrs[] = { "dn", NULL };
+ ret = ldb_search(ldb, tmp_ctx, &res, req->op.mod.message->dn, LDB_SCOPE_BASE, attrs, "samAccountName=%s$", hostname);
+ if ( ret == LDB_SUCCESS && attribute->num_values == 1 ) {
+ ldb_debug(ldb, LDB_DEBUG_TRACE, ("LDB_univention_machine_secret: ldb_modify: secret modified: %s\n", (const char *)attribute->values[0].data));
+ fd = open("/tmp/machine.secret", O_WRONLY |O_CREAT |O_TRUNC);
+ if (fd != -1) {
+ write(fd, (const char *)attribute->values[0].data, attribute->values[0].length);
+ close(fd);
+ } else {
+ ldb_debug(ldb, LDB_DEBUG_ERROR, ("LDB_univention_machine_secret: error opening file /tmp/machine.secret\n"));
+ }
+ }
+ talloc_free(tmp_ctx);
+ }
+ }
+
+ return ret;
+}
+
+static struct ldb_module_ops ldb_univention_machine_secret_module_ops = {
+ .name = "univention_machine_secret",
+ .add = univention_machine_secret_add,
+ .modify = univention_machine_secret_modify,
+};
+
+int ldb_univention_machine_secret_init(const char *version)
+{
+ LDB_MODULE_CHECK_VERSION(version);
+ return ldb_register_module(&ldb_univention_machine_secret_module_ops);
+}
diff -Nuar ldb-1.1.2.orig/wscript ldb-1.1.2/wscript
--- ldb-1.1.2.orig/wscript 2011-10-20 23:43:33.000000000 +0200
+++ ldb-1.1.2/wscript 2011-10-20 23:40:39.000000000 +0200
@@ -204,6 +204,14 @@
deps='ldb',
subsystem='ldb')
+ bld.SAMBA_MODULE('ldb_univention_machine_secret',
+ 'modules/univention_machine_secret.c',
+ init_function='ldb_univention_machine_secret_init',
+ internal_module=False,
+ module_init_name='ldb_init_module',
+ deps='ldb',
+ subsystem='ldb')
+
bld.SAMBA_MODULE('ldb_sample',
'tests/sample_module.c',
init_function='ldb_sample_init',