FusionForge

Configuration/NSS

From FusionForge Wiki
Revision as of 13:19, 11 January 2010 by Evertlammerts (talk | contribs)

Jump to: navigation, search

FusionForge provides native security services by coupling your Postgresql database with the Name Service Switch (NSS). To use this functionality you need to compile, install and configure a NSS module that will handle communication with your database.

This module is called libnss_pgsql, and is available from [1]. At the time of writing, the latest version is 1.4.0, which is used in this document and available for download here. Note that different versions might have different compilation and configuration requirements.

In this document we assume you are logged in as root on your server. We have successfully installed the module on CENTOS 5.0, but on different UNIX based systems the process should work in a similar way.

Preparation

First we need to download and unpack the library, and set up our installation directory. Note that we use the /opt directory.

$ cd /opt
$ wget http://pgfoundry.org/frs/download.php/605/libnss-pgsql-1.4.0.tgz
$ tar -xvvf libnss-pgsql-1.4.0.tgz
$ mkdir libnss_pgsql

Compilation and Installation

We start by compiling the library, using our installation directory as prefix and explicitly naming the directory where the configuration file will be stored. The latter needs to be done explicitly, since the library's defaults are not intuitive - at least in our case they weren't.

$ cd /opt/libnss-pgsql-1.4.0
$ ./configure --prefix=/opt/libnss_pgsql --sysconfdir=/etc
$ make
$ make install
$ make distclean

Since we have installed the library in /opt/libnss_pgsql, we'll have to adjust the global library path to make sure the system can find our module. This is generally done in the loader-deamon's configuration, found at /etc/ld.so.conf.

Include the following on the first line of this file:

/opt/libnss_pgsql/lib

After this we need to rebuild the loader-deamon's cache file by running:

$ ldconfig