OpenSolaris: Difference between revisions
(→LDAP) |
(→LDAP) |
||
Line 25: | Line 25: | ||
CFLAGS=-I/opt/csc/openldap/include LDFLAGS=-L/opt/csc/openldap/lib\ -R/opt/csc/openldap/lib \ |
CFLAGS=-I/opt/csc/openldap/include LDFLAGS=-L/opt/csc/openldap/lib\ -R/opt/csc/openldap/lib \ |
||
./configure --with-ldap-conf-file=/etc/libnss-ldap.conf --prefix=/opt/csc/nss_ldap |
./configure --with-ldap-conf-file=/etc/libnss-ldap.conf --prefix=/opt/csc/nss_ldap |
||
Comment out the '#define HAVE_SASL_SASL_H' line in config.h. |
Comment out the '#define HAVE_SASL_SASL_H' line in config.h.<br/> |
||
In Makefile, change 'LIBS = -lldap...' to 'LIBS = $(LDFLAGS) -lldap...' |
In Makefile, change 'LIBS = -lldap...' to 'LIBS = $(LDFLAGS) -lldap...' |
||
make; make install |
make; make install |
Revision as of 20:58, 19 January 2008
Solaris is drugs; avoid it at all cost.
pkg-get
pkgadd -d http://www.blastwave.org/pkg_get.pkg
/opt/csw/bin/pkg-get -i gnupg vim
PATH
export PATH=/opt/csw/bin:/usr/sfw/bin:$PATH
Build Tools
You need to insert the Solaris 10 DVD; it should get auto-mounted in /cdrom/sol*. Then ls to /cdrom/sol*/Solaris\ 10/Products and install some packages:
pkgadd -d . SUNWgcc SUNWbinutils SUNWgmake
LDAP
Build openldap:
./configure --disable-slapd --prefix=/opt/csc/openldap --sysconfdir=/etc/ldap make depend; make; make install
Build nss_ldap:
CFLAGS=-I/opt/csc/openldap/include LDFLAGS=-L/opt/csc/openldap/lib\ -R/opt/csc/openldap/lib \ ./configure --with-ldap-conf-file=/etc/libnss-ldap.conf --prefix=/opt/csc/nss_ldap
Comment out the '#define HAVE_SASL_SASL_H' line in config.h.
In Makefile, change 'LIBS = -lldap...' to 'LIBS = $(LDFLAGS) -lldap...'
make; make install
Install nss_ldap.so:
rm /usr/lib/nss_ldap.so.1 ln -s /opt/csc/nss_ldap/lib/nss_ldap.so /usr/lib/nss_ldap.so.1
Modify /etc/nsswitch.conf to use ldap and then install libnss-ldap.conf and ldap.conf:
scp caffeine:/etc/ldap/ldap.conf /etc/ldap/ldap.conf scp caffeine:/etc/libnss-ldap.conf /etc/libnss-ldap.conf
Kerberos
scp caffeine:/etc/krb5.conf /etc/krb5/krb5.conf
In /etc/pam.conf, after
other auth required pam_unix_cred.so.1
add
other auth sufficient pam_krb5.so.1
You might want to also do this for 'login'.
You need to create /etc/krb5/krb5.keytab containing host/FQDN@CSCLUB.UWATERLOO.CA where FQDN = the fully qualified domain name of the host.
External Links
https://www.cs.uwaterloo.ca/twiki/view/CF/ADAddSolaris10 http://ashtech.net/~syntax/blog/archives/50-Solaris-10-Partitioning,-RAID,-and-ZFS.html