From: Thomas Reim <reimth@xxxxxxxxx>
v2:
- autofs-5.1.8 - improve debug logging of SASL binds:
- Declarations moved to the top of code block
- Removed brackets from single-line target code blocks
- autofs-5.1.8 - internal SASL logging only in debug log mode:
- Removed brackets from single-line target code blocks
automounter only provides very limited (debug) information when binding
to LDAP directoiry services using OpenLDAP and Cyrus SASL library. LDAP
based directory services are currently all improving their communication
security. This leads to failed authentication binds because of security
policy violations. Current logging capabilities of automounter make it
difficult for system administrators to find the root cause of failed
authentication binds in their networks.
The following patch series is the result of the development and test
activities to solve issue "Missing Support of SASL Sign or Seal using Data
Security Layer" (see previous e-mails). Debug option -d of automounter has
been extended to enable OpenLDAP libldap debugging by specifying a proper
LDAP debug level (e. g. -d5). In addition, option -d now provides for
a more comprehensive logging of SASL security settings.
Please review and provide your comments or suggestions.
Thomas Reim (4):
autofs-5.1.8 - improve debug logging of LDAP binds
autofs-5.1.8 - improve debug logging of SASL binds
autofs-5.1.8 - internal SASL logging only in debug log mode
autofs-5.1.8 - more comprehensive verbose logging for LDAP maps
daemon/automount.c | 31 ++++++++++++++++++++++++++-----
daemon/lookup.c | 20 ++++++++++----------
include/log.h | 6 +++++-
lib/log.c | 19 ++++++++++++++++++-
man/automount.8 | 9 +++++++--
modules/cyrus-sasl.c | 33 ++++++++++++++++++++++++++++++---
modules/lookup_ldap.c | 41 +++++++++++++++++++++++++++++++++++++++--
7 files changed, 135 insertions(+), 24 deletions(-)
--
2.37.1
