svn commit: samba r23189 - in branches/SAMBA_4_0/source: script
scripting/libjs selftest setup
abartlet at samba.org
abartlet at samba.org
Tue May 29 12:18:42 GMT 2007
Author: abartlet
Date: 2007-05-29 12:18:41 +0000 (Tue, 29 May 2007)
New Revision: 23189
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=23189
Log:
Work towards a totally scripted setup of LDAP backends, so others can
easily try this out.
I also intend to use this for the selftest, but I'm chasing issues
with the OpenlDAP (but not Fedora DS) backend.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/script/installmisc.sh
branches/SAMBA_4_0/source/scripting/libjs/provision.js
branches/SAMBA_4_0/source/selftest/Samba4.pm
branches/SAMBA_4_0/source/setup/fedorads-partitions.ldif
branches/SAMBA_4_0/source/setup/fedorads.inf
branches/SAMBA_4_0/source/setup/provision
branches/SAMBA_4_0/source/setup/provision-backend
branches/SAMBA_4_0/source/setup/slapd.conf
Changeset:
Modified: branches/SAMBA_4_0/source/script/installmisc.sh
===================================================================
--- branches/SAMBA_4_0/source/script/installmisc.sh 2007-05-29 11:13:07 UTC (rev 23188)
+++ branches/SAMBA_4_0/source/script/installmisc.sh 2007-05-29 12:18:41 UTC (rev 23189)
@@ -15,6 +15,7 @@
echo "Installing setup templates"
mkdir -p $SETUPDIR || exit 1
cp setup/schema-map-* $SETUPDIR || exit 1
+cp setup/DB_CONFIG $SETUPDIR || exit 1
cp setup/*.inf $SETUPDIR || exit 1
cp setup/*.ldif $SETUPDIR || exit 1
cp setup/*.zone $SETUPDIR || exit 1
Modified: branches/SAMBA_4_0/source/scripting/libjs/provision.js
===================================================================
--- branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-05-29 11:13:07 UTC (rev 23188)
+++ branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-05-29 12:18:41 UTC (rev 23189)
@@ -385,10 +385,10 @@
paths.keytab = "secrets.keytab";
paths.dns = lp.get("private dir") + "/" + subobj.DNSDOMAIN + ".zone";
paths.winsdb = "wins.ldb";
- paths.ldap_basedn_ldif = lp.get("private dir") + "/" + subobj.DNSDOMAIN + ".ldif";
- paths.ldap_config_basedn_ldif = lp.get("private dir") + "/" + subobj.DNSDOMAIN + "-config.ldif";
- paths.ldap_schema_basedn_ldif = lp.get("private dir") + "/" + subobj.DNSDOMAIN + "-schema.ldif";
paths.ldapdir = lp.get("private dir") + "/ldap";
+ paths.ldap_basedn_ldif = paths.ldapdir + "/" + subobj.DNSDOMAIN + ".ldif";
+ paths.ldap_config_basedn_ldif = paths.ldapdir + "/" + subobj.DNSDOMAIN + "-config.ldif";
+ paths.ldap_schema_basedn_ldif = paths.ldapdir + "/" + subobj.DNSDOMAIN + "-schema.ldif";
return paths;
}
@@ -793,6 +793,8 @@
subobj.RDN_DC = substr(rdns[0], strlen("DC="));
+ sys.mkdir(paths.ldapdir, 0700);
+
setup_file("provision_basedn.ldif",
message, paths.ldap_basedn_ldif,
subobj);
@@ -805,7 +807,6 @@
message, paths.ldap_schema_basedn_ldif,
subobj);
- message("Please install the LDIF located in " + paths.ldap_basedn_ldif + ", " + paths.ldap_config_basedn_ldif + " and " + paths.ldap_schema_basedn_ldif + " into your LDAP server, and re-run with --ldap-backend=ldap://my.ldap.server\n");
}
Modified: branches/SAMBA_4_0/source/selftest/Samba4.pm
===================================================================
--- branches/SAMBA_4_0/source/selftest/Samba4.pm 2007-05-29 11:13:07 UTC (rev 23188)
+++ branches/SAMBA_4_0/source/selftest/Samba4.pm 2007-05-29 12:18:41 UTC (rev 23189)
@@ -422,8 +422,8 @@
}
system("slaptest -u -f $slapd_conf") == 0 or die("slaptest still fails after adding modules");
- system("slapadd -b cn=Configuration,$basedn -f $slapd_conf -l $privatedir/$dnsname-config.ldif >/dev/null") == 0 or die("slapadd failed");
- system("slapadd -b cn=Schema,cn=Configuration,$basedn -f $slapd_conf -l $privatedir/$dnsname-schema.ldif >/dev/null") == 0 or die("slapadd failed");
+ system("slapadd -b cn=Configuration,$basedn -f $slapd_conf -l $ldapdir/$dnsname-config.ldif >/dev/null") == 0 or die("slapadd failed");
+ system("slapadd -b cn=Schema,cn=Configuration,$basedn -f $slapd_conf -l $ldapdir/$dnsname-schema.ldif >/dev/null") == 0 or die("slapadd failed");
system("slaptest -u -f $slapd_conf >/dev/null") == 0 or
die ("slaptest after database load failed");
@@ -458,7 +458,7 @@
my $winbindd_socket_dir = "$prefix_abs/winbind_socket";
my $configuration = "--configfile=$conffile";
- my $ldapdir = "$prefix_abs/ldap";
+ my $ldapdir = "$privatedir/ldap";
my $tlsdir = "$privatedir/tls";
Modified: branches/SAMBA_4_0/source/setup/fedorads-partitions.ldif
===================================================================
--- branches/SAMBA_4_0/source/setup/fedorads-partitions.ldif 2007-05-29 11:13:07 UTC (rev 23188)
+++ branches/SAMBA_4_0/source/setup/fedorads-partitions.ldif 2007-05-29 12:18:41 UTC (rev 23189)
@@ -1,4 +1,4 @@
-dn: cn=\"${CONFIGDN}\",cn=mapping tree,cn=config
+dn: cn="${CONFIGDN}",cn=mapping tree,cn=config
objectclass: top
objectclass: extensibleObject
objectclass: nsMappingTree
@@ -12,7 +12,7 @@
nsslapd-suffix: ${CONFIGDN}
cn: configData
-dn: cn=\"${SCHEMADN}\",cn=mapping tree,cn=config
+dn: cn="${SCHEMADN}",cn=mapping tree,cn=config
objectclass: top
objectclass: extensibleObject
objectclass: nsMappingTree
Modified: branches/SAMBA_4_0/source/setup/fedorads.inf
===================================================================
--- branches/SAMBA_4_0/source/setup/fedorads.inf 2007-05-29 11:13:07 UTC (rev 23188)
+++ branches/SAMBA_4_0/source/setup/fedorads.inf 2007-05-29 12:18:41 UTC (rev 23189)
@@ -9,6 +9,7 @@
RootDN= cn=Manager,${DOMAINDN}
RootDNPwd= ${LDAPMANAGERPASS}
ServerIdentifier= samba4
+${SERVERPORT}
inst_dir= ${LDAPDIR}/slapd-samba4
config_dir= ${LDAPDIR}/slapd-samba4
Modified: branches/SAMBA_4_0/source/setup/provision
===================================================================
--- branches/SAMBA_4_0/source/setup/provision 2007-05-29 11:13:07 UTC (rev 23188)
+++ branches/SAMBA_4_0/source/setup/provision 2007-05-29 12:18:41 UTC (rev 23189)
@@ -150,6 +150,7 @@
message("Using administrator password: %s\n", subobj.ADMINPASS);
if (ldapbase) {
provision_ldapbase(subobj, message, paths);
+ message("Please install the LDIF located in " + paths.ldap_basedn_ldif + ", " + paths.ldap_config_basedn_ldif + " and " + paths.ldap_schema_basedn_ldif + " into your LDAP server, and re-run with --ldap-backend=ldap://my.ldap.server\n");
} else if (partitions_only) {
provision_become_dc(subobj, message, false, paths, system_session);
} else {
Modified: branches/SAMBA_4_0/source/setup/provision-backend
===================================================================
--- branches/SAMBA_4_0/source/setup/provision-backend 2007-05-29 11:13:07 UTC (rev 23188)
+++ branches/SAMBA_4_0/source/setup/provision-backend 2007-05-29 12:18:41 UTC (rev 23189)
@@ -16,7 +16,8 @@
'ldap-manager-pass=s',
'root=s',
'quiet',
- 'ldap-backend-type=s');
+ 'ldap-backend-type=s',
+ 'ldap-backend-port=i');
if (options == undefined) {
println("Failed to parse options");
@@ -52,8 +53,8 @@
--ldap-manager-pass PASSWORD choose LDAP Manager password (otherwise random)
--root USERNAME choose 'root' unix username
--quiet Be quiet
- --ldap-backend-type LDAPSERVER Select either \"openldap\" or \"fedora-ds\" as a target to configure
- --ldap-module= MODULE LDB mapping module to use for the LDAP backend
+ --ldap-backend-type LDAPSERVER Select either \"openldap\" or \"fedora-ds\" as a target to configure
+ --ldap-backend-port PORT Select the TCP port (if any) that the LDAP backend should listen on (Fedora DS only)
You must provide at least a realm and ldap-backend-type
");
@@ -84,13 +85,12 @@
subobj[key] = options[r];
}
-var ldapbackend = (options["ldap-backend-type"] != undefined);
+
var paths = provision_default_paths(subobj);
provision_fix_subobj(subobj, message, paths);
message("Provisioning LDAP backend for %s in realm %s into %s\n", subobj.HOSTNAME, subobj.REALM, subobj.LDAPDIR);
message("Using LDAP Manager password: %s\n", subobj.LDAPMANAGERPASS);
-
var tmp_schema_ldb = subobj.LDAPDIR + "/schema-tmp.ldb";
sys.mkdir(subobj.LDAPDIR, 0700);
@@ -101,12 +101,40 @@
if (options["ldap-backend-type"] == "fedora-ds") {
mapping = "schema-map-fedora-ds-1.0";
ext = "ldif";
+ if (options["ldap-backend-port"] != undefined) {
+ message("Will listen on TCP port " + options["ldap-backend-port"] + "\n");
+ subobj.SERVERPORT="ServerPort = " + options["ldap-backend-port"];
+ } else {
+ message("Will listen on LDAPI only\n");
+ subobj.SERVERPORT="";
+ }
setup_file("fedorads.inf", message, subobj.LDAPDIR + "/fedorads.inf", subobj);
setup_file("fedorads-partitions.ldif", message, subobj.LDAPDIR + "/fedorads-partitions.ldif", subobj);
} else if (options["ldap-backend-type"] == "openldap") {
+ provision_ldapbase(subobj, message, paths);
mapping = "schema-map-openldap-2.3";
ext = "schema";
setup_file("slapd.conf", message, subobj.LDAPDIR + "/slapd.conf", subobj);
+ setup_file("modules.conf", message, subobj.LDAPDIR + "/modules.conf", subobj);
+ sys.mkdir(subobj.LDAPDIR + "/db", 0700);
+ subobj.LDAPDBDIR = subobj.LDAPDIR + "/db/user";
+ sys.mkdir(subobj.LDAPDBDIR, 0700);
+ sys.mkdir(subobj.LDAPDBDIR + "/bdb-logs", 0700);
+ sys.mkdir(subobj.LDAPDBDIR + "/tmp", 0700);
+ setup_file("DB_CONFIG", message, subobj.LDAPDBDIR + "/DB_CONFIG", subobj);
+ subobj.LDAPDBDIR = subobj.LDAPDIR + "/db/config";
+ sys.mkdir(subobj.LDAPDBDIR, 0700);
+ sys.mkdir(subobj.LDAPDBDIR + "/bdb-logs", 0700);
+ sys.mkdir(subobj.LDAPDBDIR + "/tmp", 0700);
+ setup_file("DB_CONFIG", message, subobj.LDAPDBDIR + "/DB_CONFIG", subobj);
+ subobj.LDAPDBDIR = subobj.LDAPDIR + "/db/schema";
+ sys.mkdir(subobj.LDAPDBDIR, 0700);
+ sys.mkdir(subobj.LDAPDBDIR + "/tmp", 0700);
+ sys.mkdir(subobj.LDAPDBDIR + "/bdb-logs", 0700);
+ setup_file("DB_CONFIG", message, subobj.LDAPDBDIR + "/DB_CONFIG", subobj);
+ if (options["ldap-backend-port"] != undefined) {
+ message("NOTE: OpenLDAP TCP ports are controlled on the command line, not in the generated config file\n");
+ }
}
message("ad2oLschema --option=convert:target=" + options["ldap-backend-type"] + " -I " + lp.get("setup directory") + "/" + mapping + " -H tdb://" + tmp_schema_ldb + " -O " + subobj.LDAPDIR + "/backend-schema." + ext + "\n");
Modified: branches/SAMBA_4_0/source/setup/slapd.conf
===================================================================
--- branches/SAMBA_4_0/source/setup/slapd.conf 2007-05-29 11:13:07 UTC (rev 23188)
+++ branches/SAMBA_4_0/source/setup/slapd.conf 2007-05-29 12:18:41 UTC (rev 23189)
@@ -17,13 +17,13 @@
uid=([^,]*),cn=([^,]*),cn=digest-md5,cn=auth
ldap:///${DOMAINDN}??sub?(samAccountName=\$1)
-include $modconf
+include ${LDAPDIR}/modules.conf
-defaultsearchbase \"${DOMAINDN}\"
+defaultsearchbase ${DOMAINDN}
backend bdb
database bdb
-suffix \"cn=Schema,cn=Configuration,${DOMAINDN}\"
+suffix ${SCHEMADN}
directory ${LDAPDIR}/db/schema
index objectClass eq
index samAccountName eq
@@ -33,7 +33,7 @@
index subClassOf eq
database bdb
-suffix \"cn=Configuration,${DOMAINDN}\"
+suffix ${CONFIGDN}
directory ${LDAPDIR}/db/config
index objectClass eq
index samAccountName eq
@@ -46,8 +46,8 @@
index nETBIOSName eq pres
database bdb
-suffix \"${DOMAINDN}\"
-rootdn \"cn=Manager,${DOMAINDN}\"
+suffix ${DOMAINDN}
+rootdn cn=Manager,${DOMAINDN}
rootpw ${LDAPMANAGERPASS}
directory ${LDAPDIR}/db/user
index objectClass eq
More information about the samba-cvs
mailing list