<freiburg config> Add nslcd startup

3 files changed, 10 insertions, 7 deletions

diff --git a/server/modules/pam-freiburg/etc/ldap/ldap.conf b/server/modules/pam-freiburg/etc/ldap/ldap.conf
index 809065cc..6050948a 100644..120000
--- a/server/modules/pam-freiburg/etc/ldap/ldap.conf
+++ b/server/modules/pam-freiburg/etc/ldap/ldap.conf
@@ -1,7 +1 @@
-URI ldaps://bv1.ruf.uni-freiburg.de ldaps://bv2.ruf.uni-freiburg.de ldaps://bv3.ruf.uni-freiburg.de
-BASE ou=people,dc=uni-freiburg,dc=de
-TLS_REQCERT allow
-nss_base_passwd        ou=people,dc=uni-freiburg,dc=de?one?rufdienst=ldap*)(&(rufclienthome=*)(rufstatus=enabled)
-nss_base_group         ou=group,dc=uni-freiburg,dc=de?one
-nss_map_attribute      homeDirectory rufClientHome
-
+../ldap.conf
\ No newline at end of file
diff --git a/server/modules/pam-freiburg/etc/nslcd.conf b/server/modules/pam-freiburg/etc/nslcd.conf
new file mode 100644
index 00000000..e98e1675
--- /dev/null
+++ b/server/modules/pam-freiburg/etc/nslcd.conf
@@ -0,0 +1,8 @@
+# Cannot be a symlink to ldap.conf, as nslcd refuses to start if there are unknown options in this file...
+URI ldaps://bv1.ruf.uni-freiburg.de ldaps://bv2.ruf.uni-freiburg.de ldaps://bv3.ruf.uni-freiburg.de
+BASE ou=people,dc=uni-freiburg,dc=de
+BIND_TIMELIMIT 5
+TIMELIMIT 10
+TLS_REQCERT allow
+
+nss_initgroups_ignoreusers avahi,avahi-autoipd,backup,bin,colord,daemon,distccd,games,git,gnats,hplip,irc,kdm,kernoops,libuuid,lightdm,list,lp,mail,man,messagebus,news,ntp,proxy,pulse,root,rtkit,saned,speech-dispatcher,sshd,statd,sync,sys,syslog,usbmux,uucp,whoopsie,www-data
diff --git a/server/modules/pam-freiburg/etc/systemd/system/getty.target.wants/nslcd.service b/server/modules/pam-freiburg/etc/systemd/system/getty.target.wants/nslcd.service
new file mode 120000
index 00000000..17c13d96
--- /dev/null
+++ b/server/modules/pam-freiburg/etc/systemd/system/getty.target.wants/nslcd.service
@@ -0,0 +1 @@
+../nslcd.service
\ No newline at end of file