On Wed, 2012-08-01 at 18:18 +0200, Pieter Baele wrote:
Mmm. No problem. I use LDAP as a Puppet External Node Classifier. Adding device with an IP number to a node configuration is then a logical move.
Always interesting in adding it myself however.
If you're interested in adding it yourself, you will need to implement the following features:
1) A new set of entry points in the libnss_sss sss_client: /* HOSTS database NSS interface */ enum nss_status _nss_sss_gethostbyname_r(const char *name, struct hostent *result, char *buffer, size_t buflen, int *errnop, int *h_errnop); enum nss_status _nss_sss_gethostbyname2_r(const char *name, int af, struct hostent *result, char *buffer, size_t buflen, int *errnop, int *h_errnop); enum nss_status _nss_sss_gethostbyaddr_r(const void *addr, socklen_t len, int af, struct hostent *result, char *buffer, size_t buflen, int *errnop, int *h_errnop); enum nss_status _nss_sss_sethostent(void); enum nss_status _nss_sss_gethostent_r(struct hostent *result, char *buffer, size_t buflen, int *errnop, int *h_errnop); enum nss_status _nss_sss_endhostent(void);
2) A new set of routines to check the cache in the NSS responder, as well as a wire protocol between the responder and sss_client.
3) A data provider implementation for the LDAP and (ideally) Proxy providers.
Please read https://fedorahosted.org/sssd/wiki/DevelTutorials and join #sssd on irc.freenode.net if you want to tackle this. We'll help you get started.