Accepting request 354705 from home:stroeder:branches:network:ldap

Compared to my obsoleted request #339745: 1. sysconfdir now correctly is /etc/openldap 2. slapd starts with default configuration file (tested on openSUSE 13.2 and Tumbleweed) 3. added Recommends: cyrus-sasl 4. replaced README.dynamic-overlays by README.module-loading with updated text 5. added patch for OpenLDAP ITS#8336 OBS-URL: https://build.opensuse.org/request/show/354705 OBS-URL: https://build.opensuse.org/package/show/network:ldap/openldap2?expand=0&rev=146
2016-01-21 13:36:42 +00:00
parent 429b456698
commit 605d80a7bb
24 changed files with 1919 additions and 392 deletions
--- a/208
+++ b/208
@@ -0,0 +1,208 @@
+#! /bin/sh
+# Copyright (c) 1997-2000 SuSE GmbH Nuernberg, Germany.
+# Copyright (c) 2002 SuSE Linux AG Nuernberg, Germany.
+# Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany.
+#
+# Author: Carsten Hoeger
+#         Ralf Haferkamp
+#
+# /etc/init.d/ldap
+#
+### BEGIN INIT INFO
+# Provides:       ldap
+# Required-Start: $network $remote_fs
+# Required-Stop: $network $remote_fs
+# Default-Start:  3 5
+# Default-Stop:   0 1 2 6
+# Short-Description: OpenLDAP Server (slapd)
+# Description: Start and Stop the OpenLDAP Server (slapd) to
+#      provide LDAP directory services.
+### END INIT INFO
+
+# Determine the base and follow a runlevel link name.
+base=${0##*/}
+link=${base#*[SK][0-9][0-9]}
+
+test -f /etc/sysconfig/openldap && . /etc/sysconfig/openldap
+
+SLAPD_BIN=/usr/sbin/slapd
+LDAP_URLS=""
+LDAPS_URLS=""
+LDAPI_URLS=""
+SLAPD_CONFIG_ARG="-F /etc/openldap/slapd.d"
+SLAPD_PID_DIR="/var/run/slapd/"
+
+test -x $SLAPD_BIN || exit 5
+
+# Shell functions sourced from /etc/rc.status:
+#      rc_check         check and set local and overall rc status
+#      rc_status        check and set local and overall rc status
+#      rc_status -v     ditto but be verbose in local rc status
+#      rc_status -v -r  ditto and clear the local rc status
+#      rc_failed        set local and overall rc status to failed
+#      rc_failed <num>  set local and overall rc status to <num><num>
+#      rc_reset         clear local rc status (overall remains)
+#      rc_exit          exit appropriate to overall rc status
+. /etc/rc.status
+
+# First reset status of this service
+rc_reset
+
+function init_ldap_listener_urls(){
+    case "$OPENLDAP_START_LDAP" in
+        [Yy][Ee][Ss])
+            if [ -n "$OPENLDAP_LDAP_INTERFACES" ]
+            then
+                for iface in $OPENLDAP_LDAP_INTERFACES ;do
+                    LDAP_URLS="$LDAP_URLS ldap://$iface"
+                done
+            else
+                LDAP_URLS="ldap:///"
+            fi
+        ;;
+    esac
+}
+
+function init_ldapi_listener_urls(){
+    case "$OPENLDAP_START_LDAPI" in
+        [Yy][Ee][Ss])
+            if [ -n "$OPENLDAP_LDAPI_INTERFACES" ]
+            then
+                for iface in $OPENLDAP_LDAPI_INTERFACES ;do
+                    esc_iface=`echo "$iface" | sed -e s'/\\//\\%2f/'g`
+                    LDAPI_URLS="$LDAPI_URLS ldapi://$esc_iface"
+                done
+            else
+                LDAPI_URLS="ldapi:///"
+            fi
+        ;;
+    esac
+}
+
+function init_ldaps_listener_urls(){
+    case "$OPENLDAP_START_LDAPS" in
+        [Yy][Ee][Ss])
+            if [ -n "$OPENLDAP_LDAPS_INTERFACES" ]
+            then
+                for iface in $OPENLDAP_LDAPS_INTERFACES ;do
+                    LDAPS_URLS="$LDAPS_URLS ldaps://$iface"
+                done
+            else
+                LDAPS_URLS="ldaps:///"
+            fi
+        ;;
+    esac
+}
+
+function check_connection(){
+        SLAPD_TIMEOUT=10
+        START=$( date +%s)
+        while [ $(( $( date +%s) - ${START} )) -lt ${SLAPD_TIMEOUT} ]; do
+                ldapsearch -x -H "$LDAP_URLS $LDAPI_URLS $LDAPS_URLS" -b "" -s base &>/dev/null
+                LDAPSEARCH_RC=$?
+                if [ ${LDAPSEARCH_RC} -ge 0 ] && [ ${LDAPSEARCH_RC} -le 80 ] ; then break
+                else sleep 1
+                fi
+        done
+}
+
+depth=0;
+
+function chown_database_dirs_bconfig() {
+        ldapdir=$(find $1 -type f -name "olcDatabase*" | xargs grep -i olcdbdirectory | awk '{print $2}')
+        for dir in $ldapdir; do
+                [ -d "$dir" ] && [ -n "$OPENLDAP_USER" ] && \
+                        chown -R $OPENLDAP_USER $dir 2>/dev/null
+                [ -d "$dir" ] && [ -n "$OPENLDAP_GROUP" ] && \
+                        chgrp -R $OPENLDAP_GROUP $dir 2>/dev/null
+        done
+}
+
+function chown_database_dirs() {
+        ldapdir=`grep ^directory $1 | awk '{print $2}'`
+        for dir in $ldapdir; do
+                [ -d "$dir" ] && [ -n "$OPENLDAP_USER" ] && \
+                        chown -R $OPENLDAP_USER $dir 2>/dev/null
+                [ -d "$dir" ] && [ -n "$OPENLDAP_GROUP" ] && \
+                        chgrp -R $OPENLDAP_GROUP $dir 2>/dev/null
+        done
+        includes=`grep ^include $1 | awk '{print $2}'`
+        if [ $depth -le 50 ]; then
+                depth=$(( $depth + 1 ));
+                for i in $includes; do
+                        chown_database_dirs "$i" ;
+                done
+        fi
+}
+
+USER_CMD=""
+GROUP_CMD=""
+[ ! "x$OPENLDAP_USER" = "x" ] && USER_CMD="-u $OPENLDAP_USER"
+[ ! "x$OPENLDAP_GROUP" = "x" ] && GROUP_CMD="-g $OPENLDAP_GROUP"
+[ ! "x$OPENLDAP_CONFIG_BACKEND" = "xldap" ] && SLAPD_CONFIG_ARG="-f /etc/openldap/slapd.conf"
+
+
+if [ -f /etc/openldap/UPDATE_NEEDED ]; then
+    rc_failed 6
+    echo "  The configuration of your LDAP server needs to be updated."
+    echo "  Please see /usr/share/doc/packages/openldap2/README.update"
+    echo "  for details."
+    echo "  After the update please remove the file:"
+    echo "    /etc/openldap/UPDATE_NEEDED"
+    rc_status -v
+    exit
+fi
+# chown backend directories if OPENLDAP_CHOWN_DIRS ist set
+if [ "$(echo "$OPENLDAP_CHOWN_DIRS" | tr 'A-Z' 'a-z')" = "yes" ]; then
+    if [ -n "$OPENLDAP_USER" -o -n "$OPENLDAP_GROUP" ]; then
+        if [ -n "$OPENLDAP_CONFIG_BACKEND" -a "$OPENLDAP_CONFIG_BACKEND" = "ldap" ]; then
+            chown -R $OPENLDAP_USER /etc/openldap/slapd.d 2>/dev/null
+            chgrp -R $OPENLDAP_GROUP /etc/openldap/slapd.d 2>/dev/null
+            chown_database_dirs_bconfig "/etc/openldap/slapd.d"
+        # assume back-config usage if slapd.conf is not present but slapd.d is
+        elif [ ! -f /etc/openldap/slapd.conf -a /etc/openldap/slapd.d ]; then
+            chown -R $OPENLDAP_USER /etc/openldap/slapd.d 2>/dev/null
+            chgrp -R $OPENLDAP_GROUP /etc/openldap/slapd.d 2>/dev/null
+            chown_database_dirs_bconfig "/etc/openldap/slapd.d"
+        else
+            chown_database_dirs "/etc/openldap/slapd.conf"
+            chgrp $OPENLDAP_GROUP /etc/openldap/slapd.conf 2>/dev/null
+        fi
+        if test -f /etc/sasl2/slapd.conf ; then
+        chgrp $OPENLDAP_GROUP /etc/sasl2/slapd.conf 2>/dev/null
+        chmod 640 /etc/sasl2/slapd.conf 2>/dev/null
+        fi
+        if [ -n "$OPENLDAP_KRB5_KEYTAB" ]; then
+            keytabfile=${OPENLDAP_KRB5_KEYTAB/#FILE:/}
+            if test -f $keytabfile ; then
+                chgrp $OPENLDAP_GROUP $keytabfile 2>/dev/null
+                chmod g+r $keytabfile 2>/dev/null
+            fi
+        fi
+    fi
+fi
+if [ -n "$OPENLDAP_KRB5_KEYTAB" ]; then
+    export KRB5_KTNAME=$OPENLDAP_KRB5_KEYTAB
+fi
+case "$OPENLDAP_REGISTER_SLP" in
+    [Yy][Ee][Ss])
+        SLAPD_SLP_REG="-o slp=on"
+        ;;
+    *)
+        SLAPD_SLP_REG="-o slp=off"
+        ;;
+esac
+
+init_ldap_listener_urls
+init_ldapi_listener_urls
+init_ldaps_listener_urls
+
+if [ ! -d $SLAPD_PID_DIR ]; then
+    mkdir -p $SLAPD_PID_DIR
+    chown ldap:ldap $SLAPD_PID_DIR
+fi
+echo -n "Starting ldap-server"
+exec $SLAPD_BIN  -h "$LDAP_URLS $LDAPS_URLS $LDAPI_URLS" \
+        $SLAPD_CONFIG_ARG $USER_CMD $GROUP_CMD \
+        $OPENLDAP_SLAPD_PARAMS $SLAPD_SLP_REG
+