1
0
forked from pool/openldap2
openldap2/openldap_update_modules_path.sh

114 lines
3.1 KiB
Bash
Raw Normal View History

#!/bin/bash
# This script has been created to update the OpenLDAP modules path in cn=config
# For details of changing the configuration items' location read these:
# https://www.openldap.org/lists/openldap-software/200812/msg00080.html
# This script writes over the config entry of backend databases location, which files are necessary to run LDAP. The procedure has been created upon this description:
# https://serverfault.com/questions/863274/modify-openldap-cn-config-without-slapd-running
# Author: Zsolt KALMAR (SUSE Linux GmbH) zkalmar@suse.com
conf_dir='/etc/openldap/slapd.d'
tmp_file='/tmp/ldap_conf_tmp.ldif'
backup='/tmp/slapd.d'
res=0
rm -f ${tmp_file}
# Check if the configuration is containing the inappropriate entry
/usr/sbin/slapcat -n0 -F ${conf_dir} -l ${tmp_file} -o ldif-wrap=no
res=$?
if [ $res -ne 0 ]
then
logger -p user.error "Creating ${tmp_file} has failed."
exit 1
fi
entry_cnt=`cat ${tmp_file} | grep ^[^#\;] | grep olcModulePath | wc -l`
if [ $entry_cnt -eq 0 ]
then
logger -p user.info "The current LDAP configuration does not contain the wrong item. Stop applying this script. Bye."
exit 0
fi
rm -rf ${tmp_file}
# Make sure the LDAP is not running:
/usr/bin/systemctl stop slapd.service
# Creating symlinks for the modules required for the slapcat and slapadd
ln -s /usr/lib64/openldap/back_bdb.so /usr/lib/openldap/back_bdb.so
ln -s /usr/lib64/openldap/back_hdb.so /usr/lib/openldap/back_hdb.so
ln -s /usr/lib64/openldap/back_mdb.so /usr/lib/openldap/back_mdb.so
ln -s /usr/lib64/openldap/syncprov.so /usr/lib/openldap/syncprov.so
# Export the config to a text
/usr/sbin/slapcat -n0 -F ${conf_dir} -l ${tmp_file} -o ldif-wrap=no
res=$?
if [ $res -ne 0 ]
then
logger -p user.error "Creating ${tmp_file} has failed."
exit 1
fi
# Create a backup of LDAP config
mkdir ${backup}
cp -r ${conf_dir}/* ${backup}/
res=$?
if [ $res -ne 0 ]
then
logger -p user.error "LDAP Update script: Backing up ${conf_dir} has failed."
exit 1
fi
# Remove the configuration item "olcModulePath"
sed -n -i '/olcModulePath/!p' ${tmp_file}
res=$?
if [ $res -ne 0 ]
then
logger -p user.error "LDAP Update script: Removing of entry in ${tmp_file} has failed."
exit 1
fi
# Remove the current configuration
rm -rf ${conf_dir}/*
# Load the modified configuration
/usr/sbin/slapadd -n0 -F ${conf_dir} -l ${tmp_file}
res=$?
# Catch result code of slapadd
if [ $res -ne 0 ]
then
logger -p user.error "LDAP Update script: Implementing new configuration has failed."
exit 1
else
# Remove temporary symlinks
rm -rf /usr/lib/openldap/back_bdb.so
rm -rf /usr/lib/openldap/back_hdb.so
rm -rf /usr/lib/openldap/back_mdb.so
rm -rf /usr/lib/openldap/syncprov.so
fi
# Start the SLAPD with the new configuration
/usr/bin/systemctl start slapd.service
res=$?
if [ $res -ne 0 ]
then
logger -p user.error "LDAP Update script: Starting updated LDAP server has been failed."
exit 1
else
# Remove backups
rm -rf ${backup}
rm -rf ${tmp_file}
# Create "/var/adm/openldap_update_modules"
touch /var/adm/openldap_update_modules
exit 0
fi