jengelh/openldap2
SHA256
1
0
Fork 2
forked from pool/openldap2
Code Pull Requests Activity

Accepting request 600701 from home:zkalmar:branches:network:ldap

Browse Source 
- bsc#1085064 Packaging issues have been discovered around the
  openldap_update_modules_path.sh which has been corrected:
  - the spec file was wrongly configured, therefore the script has
  never been called
  - the script should create the symlinks first, as slapcat is
  useless on a system which is already affected.

OBS-URL: https://build.opensuse.org/request/show/600701
OBS-URL: https://build.opensuse.org/package/show/network:ldap/openldap2?expand=0&rev=209
This commit is contained in:
Michael Ströder 2018-04-25 14:46:31 +00:00 committed by Git OBS Bridge
parent 1d9e87d5de
commit 8fa23b1e6f
3 changed files with 70 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
openldap2.changes
View File

@ -1,3 +1,13 @@
-------------------------------------------------------------------
Tue Apr 24 16:35:09 UTC 2018 - zsolt.kalmar@suse.com
- bsc#1085064 Packaging issues have been discovered around the
openldap_update_modules_path.sh which has been corrected:
- the spec file was wrongly configured, therefore the script has
never been called
- the script should create the symlinks first, as slapcat is
useless on a system which is already affected.
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Apr 6 11:29:22 UTC 2018 - zsolt.kalmar@suse.com Fri Apr 6 11:29:22 UTC 2018 - zsolt.kalmar@suse.com

2
openldap2.spec
View File

@ -445,7 +445,7 @@ if [ ${1:-0} -gt 1 ] && [ -f %{_libdir}/sasl2/slapd.conf ] ; then
cp %{_libdir}/sasl2/slapd.conf /etc/sasl2/slapd.conf cp %{_libdir}/sasl2/slapd.conf /etc/sasl2/slapd.conf
fi fi
if [ ${1:-0} -gt 1 ! -e /var/adm/openldap_modules_path_updated ] ; then if [ ${1:-0} -gt 1 ] && [ ! -f /var/adm/openldap_modules_path_updated ] ; then
/usr/sbin/openldap_update_modules_path.sh /usr/sbin/openldap_update_modules_path.sh
fi fi
%{fillup_only -n openldap ldap} %{fillup_only -n openldap ldap}

82
openldap_update_modules_path.sh
View File

@ -1,5 +1,4 @@
#!/bin/bash s script has been created to update the OpenLDAP modules path in cn=config
# This script has been created to update the OpenLDAP modules path in cn=config
# For details of changing the configuration items' location read these: # For details of changing the configuration items' location read these:
# https://www.openldap.org/lists/openldap-software/200812/msg00080.html # https://www.openldap.org/lists/openldap-software/200812/msg00080.html
# This script writes over the config entry of backend databases location, which files are necessary to run LDAP. The procedure has been created upon this description: # This script writes over the config entry of backend databases location, which files are necessary to run LDAP. The procedure has been created upon this description:
@ -7,29 +6,61 @@
# Author: Zsolt KALMAR (SUSE Linux GmbH) zkalmar@suse.com # Author: Zsolt KALMAR (SUSE Linux GmbH) zkalmar@suse.com
# define variables
conf_dir='/etc/openldap/slapd.d' conf_dir='/etc/openldap/slapd.d'
if [ ! -d ${conf_dir} ] || [ ! -f ${conf_dir}/cn=config.ldif ]
then
exit 0
fi
tmp_file='/tmp/ldap_conf_tmp.ldif' tmp_file='/tmp/ldap_conf_tmp.ldif'
backup='/tmp/slapd.d' backup='/tmp/slapd.d'
res=0 res=0
# common functions
create_symlinks () {
if [ ! -f /usr/lib/openldap/back_bdb.so ]; then ln -s /usr/lib64/openldap/back_bdb.so /usr/lib/openldap/back_bdb.so; fi
if [ ! -f /usr/lib/openldap/back_hdb.so ]; then ln -s /usr/lib64/openldap/back_hdb.so /usr/lib/openldap/back_hdb.so; fi
if [ ! -f /usr/lib/openldap/back_mdb.so ]; then ln -s /usr/lib64/openldap/back_mdb.so /usr/lib/openldap/back_mdb.so; fi
if [ ! -f /usr/lib/openldap/syncprov.so ]; then ln -s /usr/lib64/openldap/syncprov.so /usr/lib/openldap/syncprov.so; fi
#logger -p user.info "Update openLDAP: symlinks have been created."
}
cleanup () {
rm -f /usr/lib/openldap/back_bdb.so
rm -f /usr/lib/openldap/back_hdb.so
rm -f /usr/lib/openldap/back_mdb.so
rm -f /usr/lib/openldap/syncprov.so
rm -f ${tmp_file}
#logger -p user.info "Update openLDAP: symlinks have been removed."
}
rm -f ${tmp_file} rm -f ${tmp_file}
# Check if the configuration is containing the inappropriate entry # Check if the configuration is containing the inappropriate entry
create_symlinks
/usr/sbin/slapcat -n0 -F ${conf_dir} -l ${tmp_file} -o ldif-wrap=no res=0
res=$? if [ -f /usr/sbin/slapcat ]
then
/usr/sbin/slapcat -n0 -F ${conf_dir} -l ${tmp_file} -o ldif-wrap=no
res=$?
fi
if [ $res -ne 0 ] if [ $res -ne 0 ]
then then
logger -p user.error "Creating ${tmp_file} has failed." #logger -p user.error "LDAP Update script: Creating ${tmp_file} has failed during the search of faulty openLDAP entry."
exit 1 exit 1
#else
#logger -p user.info "LDAP Update script: ${tmp_file} has been created."
fi fi
entry_cnt=`cat ${tmp_file} | grep ^[^#\;] | grep olcModulePath | wc -l` entry_cnt=`cat ${tmp_file} | grep ^[^#\;] | grep olcModulePath | wc -l`
if [ $entry_cnt -eq 0 ] if [ $entry_cnt -eq 0 ]
then then
logger -p user.info "The current LDAP configuration does not contain the wrong item. Stop applying this script. Bye." #logger -p user.info "LDAP Update script: The current LDAP configuration does not contain the wrong item. Stop applying this script. Bye."
cleanup
exit 0 exit 0
fi fi
@ -37,20 +68,23 @@ rm -rf ${tmp_file}
# Make sure the LDAP is not running: # Make sure the LDAP is not running:
/usr/bin/systemctl stop slapd.service /usr/bin/systemctl stop slapd.service
#logger -p user.info "LDAP Update script: openLDAP has been stopped."
# Creating symlinks for the modules required for the slapcat and slapadd # Creating symlinks for the modules required for the slapcat and slapadd
ln -s /usr/lib64/openldap/back_bdb.so /usr/lib/openldap/back_bdb.so create_symlinks
ln -s /usr/lib64/openldap/back_hdb.so /usr/lib/openldap/back_hdb.so
ln -s /usr/lib64/openldap/back_mdb.so /usr/lib/openldap/back_mdb.so
ln -s /usr/lib64/openldap/syncprov.so /usr/lib/openldap/syncprov.so
# Export the config to a text # Export the config to a text
/usr/sbin/slapcat -n0 -F ${conf_dir} -l ${tmp_file} -o ldif-wrap=no res=0
res=$? if [ -f /usr/sbin/slapcat ]
then
/usr/sbin/slapcat -n0 -F ${conf_dir} -l ${tmp_file} -o ldif-wrap=no
res=$?
fi
if [ $res -ne 0 ] if [ $res -ne 0 ]
then then
logger -p user.error "Creating ${tmp_file} has failed." #logger -p user.error "LDAP Update script: Creating ${tmp_file} has failed."
cleanup
exit 1 exit 1
fi fi
@ -61,8 +95,10 @@ res=$?
if [ $res -ne 0 ] if [ $res -ne 0 ]
then then
logger -p user.error "LDAP Update script: Backing up ${conf_dir} has failed." #logger -p user.error "LDAP Update script: Backing up ${conf_dir} has failed."
exit 1 exit 1
#else
#logger -p user.info "LDAP Update script: Back up has been created of openLDAP configuration."
fi fi
# Remove the configuration item "olcModulePath" # Remove the configuration item "olcModulePath"
@ -71,8 +107,10 @@ res=$?
if [ $res -ne 0 ] if [ $res -ne 0 ]
then then
logger -p user.error "LDAP Update script: Removing of entry in ${tmp_file} has failed." #logger -p user.error "LDAP Update script: Removing of entry in ${tmp_file} has failed."
exit 1 exit 1
#else
#logger -p user.info "LDAP Update script: olcModulesPath entry has been removed."
fi fi
# Remove the current configuration # Remove the current configuration
@ -85,14 +123,11 @@ res=$?
# Catch result code of slapadd # Catch result code of slapadd
if [ $res -ne 0 ] if [ $res -ne 0 ]
then then
logger -p user.error "LDAP Update script: Implementing new configuration has failed." #logger -p user.error "LDAP Update script: Implementing new configuration has failed."
exit 1 exit 1
else else
# Remove temporary symlinks #logger -p user.info "LDAP Update script: Implementing new configuration has been succeeded."
rm -rf /usr/lib/openldap/back_bdb.so cleanup
rm -rf /usr/lib/openldap/back_hdb.so
rm -rf /usr/lib/openldap/back_mdb.so
rm -rf /usr/lib/openldap/syncprov.so
fi fi
# Start the SLAPD with the new configuration # Start the SLAPD with the new configuration
@ -101,9 +136,10 @@ res=$?
if [ $res -ne 0 ] if [ $res -ne 0 ]
then then
logger -p user.error "LDAP Update script: Starting updated LDAP server has been failed." #logger -p user.error "LDAP Update script: Starting updated LDAP server has been failed."
exit 1 exit 1
else else
#logger -p user.info "LDAP Update script: Updated LDAP server has been successfully started."
# Remove backups # Remove backups
rm -rf ${backup} rm -rf ${backup}
rm -rf ${tmp_file} rm -rf ${tmp_file}