From e9118049c9d66e880e1d7e14cb5089c3b420c32e Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Wed, 5 Aug 2009 14:45:14 -0400
Subject: [PATCH] Make socket paths a compile-time option

Previously, we had hardcoded the paths for the NSS, PAM and
private PAM sockets to /var/lib/sss/pipes. With this patch, we
will specify the sockets as $(localstatedir)/lib/sss/pipes.
---
 server/Makefile.am                  |    3 +++
 server/providers/data_provider_be.c |    1 -
 server/providers/krb5/krb5_auth.c   |    1 -
 server/providers/proxy.c            |    1 -
 server/responder/nss/nsssrv.h       |    1 -
 server/responder/pam/pamsrv.c       |    1 -
 sss_client/Makefile.am              |    5 ++++-
 sss_client/sss_cli.h                |    6 ------
 sssd.spec.in                        |    8 ++++----
 9 files changed, 11 insertions(+), 16 deletions(-)

diff --git a/server/Makefile.am b/server/Makefile.am
index 055272f..1eaf792 100644
--- a/server/Makefile.am
+++ b/server/Makefile.am
@@ -117,6 +117,9 @@ AM_CPPFLAGS = -Wall \
     -DSHADOW_UTILS_PATH=\"$(shadow_utils_path)\" \
     -DSSSD_INTROSPECT_PATH=\"$(dbusinstropectdir)\" \
     -DSSSD_CONF_DIR=\"$(sssdconfdir)\" \
+    -DSSS_NSS_SOCKET_NAME=\"$(localstatedir)/lib/sss/pipes/nss\" \
+    -DSSS_PAM_SOCKET_NAME=\"$(localstatedir)/lib/sss/pipes/pam\" \
+    -DSSS_PAM_PRIV_SOCKET_NAME=\"$(localstatedir)/lib/sss/pipes/private/pam\" \
     -DUSE_MMAP=1 \
     -DLOCALEDIR=\"\$(localedir)\"
 
diff --git a/server/providers/data_provider_be.c b/server/providers/data_provider_be.c
index 2e0c1cf..8ee4975 100644
--- a/server/providers/data_provider_be.c
+++ b/server/providers/data_provider_be.c
@@ -50,7 +50,6 @@
 #include "providers/dp_sbus.h"
 #include "monitor/monitor_sbus.h"
 #include "monitor/monitor_interfaces.h"
-#include "../sss_client/sss_cli.h"
 
 #define BE_CONF_ENTRY "config/domains/%s"
 
diff --git a/server/providers/krb5/krb5_auth.c b/server/providers/krb5/krb5_auth.c
index 24250b9..ffbfd7b 100644
--- a/server/providers/krb5/krb5_auth.c
+++ b/server/providers/krb5/krb5_auth.c
@@ -37,7 +37,6 @@
 #include "util/util.h"
 #include "providers/dp_backend.h"
 #include "db/sysdb.h"
-#include "../sss_client/sss_cli.h"
 #include "krb5_plugin/sssd_krb5_locator_plugin.h"
 #include "providers/krb5/krb5_auth.h"
 
diff --git a/server/providers/proxy.c b/server/providers/proxy.c
index 106530f..2aee533 100644
--- a/server/providers/proxy.c
+++ b/server/providers/proxy.c
@@ -31,7 +31,6 @@
 #include "util/util.h"
 #include "providers/dp_backend.h"
 #include "db/sysdb.h"
-#include "../sss_client/sss_cli.h"
 
 struct proxy_nss_ops {
     enum nss_status (*getpwnam_r)(const char *name, struct passwd *result,
diff --git a/server/responder/nss/nsssrv.h b/server/responder/nss/nsssrv.h
index cbbb9cc..ad6492f 100644
--- a/server/responder/nss/nsssrv.h
+++ b/server/responder/nss/nsssrv.h
@@ -28,7 +28,6 @@
 #include "talloc.h"
 #include "tevent.h"
 #include "ldb.h"
-#include "../sss_client/sss_cli.h"
 #include "dbus/dbus.h"
 #include "sbus/sssd_dbus.h"
 #include "responder/common/responder_packet.h"
diff --git a/server/responder/pam/pamsrv.c b/server/responder/pam/pamsrv.c
index ef01e97..eca835b 100644
--- a/server/responder/pam/pamsrv.c
+++ b/server/responder/pam/pamsrv.c
@@ -49,7 +49,6 @@
 #include "monitor/monitor_interfaces.h"
 #include "sbus/sbus_client.h"
 #include "responder/pam/pamsrv.h"
-#include "../sss_client/sss_cli.h"
 
 #define PAM_SBUS_SERVICE_VERSION 0x0001
 #define PAM_SBUS_SERVICE_NAME "pam"
diff --git a/sss_client/Makefile.am b/sss_client/Makefile.am
index 4552720..7ae77c7 100644
--- a/sss_client/Makefile.am
+++ b/sss_client/Makefile.am
@@ -3,7 +3,10 @@ SUBDIRS = po
 topdir=.
 AM_CPPFLAGS = \
     -I$(topdir) \
-    -DLOCALEDIR=\"\$(localedir)\"
+    -DLOCALEDIR=\"\$(localedir)\" \
+    -DSSS_NSS_SOCKET_NAME=\"$(localstatedir)/lib/sss/pipes/nss\" \
+    -DSSS_PAM_SOCKET_NAME=\"$(localstatedir)/lib/sss/pipes/pam\" \
+    -DSSS_PAM_PRIV_SOCKET_NAME=\"$(localstatedir)/lib/sss/pipes/private/pam\"
 ACLOCAL_AMFLAGS = -I m4
 
 AM_CFLAGS =
diff --git a/sss_client/sss_cli.h b/sss_client/sss_cli.h
index 63daf7b..f1ccba9 100644
--- a/sss_client/sss_cli.h
+++ b/sss_client/sss_cli.h
@@ -15,12 +15,6 @@
 #include <pwd.h>
 #include <grp.h>
 
-/* SELinux will have a better way to regulate access if they are seprate
- * Also a change in one of the pipes will not affect the others */
-#define SSS_NSS_SOCKET_NAME "/var/lib/sss/pipes/nss"
-#define SSS_PAM_SOCKET_NAME "/var/lib/sss/pipes/pam"
-#define SSS_PAM_PRIV_SOCKET_NAME "/var/lib/sss/pipes/private/pam"
-
 #define SSS_NSS_PROTOCOL_VERSION 1
 #define SSS_PAM_PROTOCOL_VERSION 2
 
diff --git a/sssd.spec.in b/sssd.spec.in
index aa284ff..06db2eb 100644
--- a/sssd.spec.in
+++ b/sssd.spec.in
@@ -100,10 +100,10 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/%{name}/
 %{_libdir}/ldb/memberof.so
 %{_libdir}/krb5/plugins/libkrb5/*
-%dir %{_sharedstatedir}/sss/
-%attr(700,root,root) %dir %{_sharedstatedir}/sss/db
-%dir %{_sharedstatedir}/sss/pipes
-%attr(700,root,root) %dir %{_sharedstatedir}/sss/pipes/private
+%dir %{_localstatedir}/lib/sss/
+%attr(700,root,root) %dir %{_localstatedir}/lib/sss/db
+%dir %{_localstatedir}/lib/sss/pipes
+%attr(700,root,root) %dir %{_localstatedir}/lib/sss/pipes/private
 %dir %{_sysconfdir}/sssd
 %config(noreplace) %{_sysconfdir}/sssd/sssd.conf
 /%{_lib}/libnss_sss.so.2
-- 
1.6.2.5