svn commit: samba r23189 - in branches/SAMBA_4_0/source: script scripting/libjs selftest setup

abartlet at samba.org abartlet at samba.org
Tue May 29 12:18:42 GMT 2007 

Author: abartlet
Date: 2007-05-29 12:18:41 +0000 (Tue, 29 May 2007)
New Revision: 23189

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=23189

Log:
Work towards a totally scripted setup of LDAP backends, so others can
easily try this out.

I also intend to use this for the selftest, but I'm chasing issues
with the OpenlDAP (but not Fedora DS) backend.

Andrew Bartlett

Modified:
   branches/SAMBA_4_0/source/script/installmisc.sh
   branches/SAMBA_4_0/source/scripting/libjs/provision.js
   branches/SAMBA_4_0/source/selftest/Samba4.pm
   branches/SAMBA_4_0/source/setup/fedorads-partitions.ldif
   branches/SAMBA_4_0/source/setup/fedorads.inf
   branches/SAMBA_4_0/source/setup/provision
   branches/SAMBA_4_0/source/setup/provision-backend
   branches/SAMBA_4_0/source/setup/slapd.conf


Changeset:
Modified: branches/SAMBA_4_0/source/script/installmisc.sh
===================================================================
--- branches/SAMBA_4_0/source/script/installmisc.sh	2007-05-29 11:13:07 UTC (rev 23188)
+++ branches/SAMBA_4_0/source/script/installmisc.sh	2007-05-29 12:18:41 UTC (rev 23189)
@@ -15,6 +15,7 @@
 echo "Installing setup templates"
 mkdir -p $SETUPDIR || exit 1
 cp setup/schema-map-* $SETUPDIR || exit 1
+cp setup/DB_CONFIG $SETUPDIR || exit 1
 cp setup/*.inf $SETUPDIR || exit 1
 cp setup/*.ldif $SETUPDIR || exit 1
 cp setup/*.zone $SETUPDIR || exit 1

Modified: branches/SAMBA_4_0/source/scripting/libjs/provision.js
===================================================================
--- branches/SAMBA_4_0/source/scripting/libjs/provision.js	2007-05-29 11:13:07 UTC (rev 23188)
+++ branches/SAMBA_4_0/source/scripting/libjs/provision.js	2007-05-29 12:18:41 UTC (rev 23189)
@@ -385,10 +385,10 @@
 	paths.keytab = "secrets.keytab";
 	paths.dns = lp.get("private dir") + "/" + subobj.DNSDOMAIN + ".zone";
 	paths.winsdb = "wins.ldb";
-	paths.ldap_basedn_ldif = lp.get("private dir") + "/" + subobj.DNSDOMAIN + ".ldif";
-	paths.ldap_config_basedn_ldif = lp.get("private dir") + "/" + subobj.DNSDOMAIN + "-config.ldif";
-	paths.ldap_schema_basedn_ldif = lp.get("private dir") + "/" + subobj.DNSDOMAIN + "-schema.ldif";
 	paths.ldapdir = lp.get("private dir") + "/ldap";
+	paths.ldap_basedn_ldif = paths.ldapdir + "/" + subobj.DNSDOMAIN + ".ldif";
+	paths.ldap_config_basedn_ldif = paths.ldapdir + "/" + subobj.DNSDOMAIN + "-config.ldif";
+	paths.ldap_schema_basedn_ldif = paths.ldapdir + "/" + subobj.DNSDOMAIN + "-schema.ldif";
 	return paths;
 }
 
@@ -793,6 +793,8 @@
 
 	subobj.RDN_DC = substr(rdns[0], strlen("DC="));
 
+	sys.mkdir(paths.ldapdir, 0700);
+
 	setup_file("provision_basedn.ldif", 
 		   message, paths.ldap_basedn_ldif, 
 		   subobj);
@@ -805,7 +807,6 @@
 		   message, paths.ldap_schema_basedn_ldif, 
 		   subobj);
 
-	message("Please install the LDIF located in " + paths.ldap_basedn_ldif + ", " + paths.ldap_config_basedn_ldif + " and " + paths.ldap_schema_basedn_ldif + " into your LDAP server, and re-run with --ldap-backend=ldap://my.ldap.server\n");
 }
 
 

Modified: branches/SAMBA_4_0/source/selftest/Samba4.pm
===================================================================
--- branches/SAMBA_4_0/source/selftest/Samba4.pm	2007-05-29 11:13:07 UTC (rev 23188)
+++ branches/SAMBA_4_0/source/selftest/Samba4.pm	2007-05-29 12:18:41 UTC (rev 23189)
@@ -422,8 +422,8 @@
 	}
 
 	system("slaptest -u -f $slapd_conf") == 0 or die("slaptest still fails after adding modules");
-	system("slapadd -b cn=Configuration,$basedn -f $slapd_conf -l $privatedir/$dnsname-config.ldif >/dev/null") == 0 or die("slapadd failed");
-	system("slapadd -b cn=Schema,cn=Configuration,$basedn -f $slapd_conf -l $privatedir/$dnsname-schema.ldif >/dev/null") == 0 or die("slapadd failed");
+	system("slapadd -b cn=Configuration,$basedn -f $slapd_conf -l $ldapdir/$dnsname-config.ldif >/dev/null") == 0 or die("slapadd failed");
+	system("slapadd -b cn=Schema,cn=Configuration,$basedn -f $slapd_conf -l $ldapdir/$dnsname-schema.ldif >/dev/null") == 0 or die("slapadd failed");
 
     system("slaptest -u -f $slapd_conf >/dev/null") == 0 or 
 		die ("slaptest after database load failed");
@@ -458,7 +458,7 @@
 	my $winbindd_socket_dir = "$prefix_abs/winbind_socket";
 
 	my $configuration = "--configfile=$conffile";
-	my $ldapdir = "$prefix_abs/ldap";
+	my $ldapdir = "$privatedir/ldap";
 
 	my $tlsdir = "$privatedir/tls";
 

Modified: branches/SAMBA_4_0/source/setup/fedorads-partitions.ldif
===================================================================
--- branches/SAMBA_4_0/source/setup/fedorads-partitions.ldif	2007-05-29 11:13:07 UTC (rev 23188)
+++ branches/SAMBA_4_0/source/setup/fedorads-partitions.ldif	2007-05-29 12:18:41 UTC (rev 23189)
@@ -1,4 +1,4 @@
-dn: cn=\"${CONFIGDN}\",cn=mapping tree,cn=config
+dn: cn="${CONFIGDN}",cn=mapping tree,cn=config
 objectclass: top
 objectclass: extensibleObject
 objectclass: nsMappingTree
@@ -12,7 +12,7 @@
 nsslapd-suffix: ${CONFIGDN}
 cn: configData
 
-dn: cn=\"${SCHEMADN}\",cn=mapping tree,cn=config
+dn: cn="${SCHEMADN}",cn=mapping tree,cn=config
 objectclass: top
 objectclass: extensibleObject
 objectclass: nsMappingTree

Modified: branches/SAMBA_4_0/source/setup/fedorads.inf
===================================================================
--- branches/SAMBA_4_0/source/setup/fedorads.inf	2007-05-29 11:13:07 UTC (rev 23188)
+++ branches/SAMBA_4_0/source/setup/fedorads.inf	2007-05-29 12:18:41 UTC (rev 23189)
@@ -9,6 +9,7 @@
 RootDN= cn=Manager,${DOMAINDN}
 RootDNPwd= ${LDAPMANAGERPASS}
 ServerIdentifier= samba4
+${SERVERPORT}
 
 inst_dir= ${LDAPDIR}/slapd-samba4
 config_dir= ${LDAPDIR}/slapd-samba4

Modified: branches/SAMBA_4_0/source/setup/provision
===================================================================
--- branches/SAMBA_4_0/source/setup/provision	2007-05-29 11:13:07 UTC (rev 23188)
+++ branches/SAMBA_4_0/source/setup/provision	2007-05-29 12:18:41 UTC (rev 23189)
@@ -150,6 +150,7 @@
 message("Using administrator password: %s\n", subobj.ADMINPASS);
 if (ldapbase) {
 	provision_ldapbase(subobj, message, paths);
+	message("Please install the LDIF located in " + paths.ldap_basedn_ldif + ", " + paths.ldap_config_basedn_ldif + " and " + paths.ldap_schema_basedn_ldif + " into your LDAP server, and re-run with --ldap-backend=ldap://my.ldap.server\n");
 } else if (partitions_only) {
 	provision_become_dc(subobj, message, false, paths, system_session);
 } else {

Modified: branches/SAMBA_4_0/source/setup/provision-backend
===================================================================
--- branches/SAMBA_4_0/source/setup/provision-backend	2007-05-29 11:13:07 UTC (rev 23188)
+++ branches/SAMBA_4_0/source/setup/provision-backend	2007-05-29 12:18:41 UTC (rev 23189)
@@ -16,7 +16,8 @@
 		'ldap-manager-pass=s',
 		'root=s',
 		'quiet',
-		'ldap-backend-type=s');
+		'ldap-backend-type=s',
+                'ldap-backend-port=i');
 
 if (options == undefined) {
    println("Failed to parse options");
@@ -52,8 +53,8 @@
  --ldap-manager-pass	PASSWORD	choose LDAP Manager password (otherwise random)
  --root         USERNAME	choose 'root' unix username
  --quiet			Be quiet
- --ldap-backend-type LDAPSERVER     Select either \"openldap\" or \"fedora-ds\" as a target to configure
- --ldap-module= MODULE          LDB mapping module to use for the LDAP backend
+ --ldap-backend-type LDAPSERVER Select either \"openldap\" or \"fedora-ds\" as a target to configure
+ --ldap-backend-port PORT       Select the TCP port (if any) that the LDAP backend should listen on (Fedora DS only)
 You must provide at least a realm and ldap-backend-type
 
 ");
@@ -84,13 +85,12 @@
 	subobj[key] = options[r];
 }
 
-var ldapbackend = (options["ldap-backend-type"] != undefined);
 
+
 var paths = provision_default_paths(subobj);
 provision_fix_subobj(subobj, message, paths);
 message("Provisioning LDAP backend for %s in realm %s into %s\n", subobj.HOSTNAME, subobj.REALM, subobj.LDAPDIR);
 message("Using LDAP Manager password: %s\n", subobj.LDAPMANAGERPASS);
-
 var tmp_schema_ldb = subobj.LDAPDIR + "/schema-tmp.ldb";
 sys.mkdir(subobj.LDAPDIR, 0700);
 
@@ -101,12 +101,40 @@
 if (options["ldap-backend-type"] == "fedora-ds") {
 	mapping = "schema-map-fedora-ds-1.0";
 	ext = "ldif";
+	if (options["ldap-backend-port"] != undefined) {
+		message("Will listen on TCP port " + options["ldap-backend-port"] + "\n");
+		subobj.SERVERPORT="ServerPort = " + options["ldap-backend-port"];
+	} else {
+		message("Will listen on LDAPI only\n");
+		subobj.SERVERPORT="";
+	}
 	setup_file("fedorads.inf", message, subobj.LDAPDIR + "/fedorads.inf", subobj);
 	setup_file("fedorads-partitions.ldif", message, subobj.LDAPDIR + "/fedorads-partitions.ldif", subobj);
 } else if (options["ldap-backend-type"] == "openldap") {
+	provision_ldapbase(subobj, message, paths);
 	mapping = "schema-map-openldap-2.3";
 	ext = "schema";
 	setup_file("slapd.conf", message, subobj.LDAPDIR + "/slapd.conf", subobj);
+	setup_file("modules.conf", message, subobj.LDAPDIR + "/modules.conf", subobj);
+	sys.mkdir(subobj.LDAPDIR + "/db", 0700);
+	subobj.LDAPDBDIR = subobj.LDAPDIR + "/db/user";
+	sys.mkdir(subobj.LDAPDBDIR, 0700);
+	sys.mkdir(subobj.LDAPDBDIR + "/bdb-logs", 0700);
+	sys.mkdir(subobj.LDAPDBDIR + "/tmp", 0700);
+	setup_file("DB_CONFIG", message, subobj.LDAPDBDIR + "/DB_CONFIG", subobj);
+	subobj.LDAPDBDIR = subobj.LDAPDIR + "/db/config";
+	sys.mkdir(subobj.LDAPDBDIR, 0700);
+	sys.mkdir(subobj.LDAPDBDIR + "/bdb-logs", 0700);
+	sys.mkdir(subobj.LDAPDBDIR + "/tmp", 0700);
+	setup_file("DB_CONFIG", message, subobj.LDAPDBDIR + "/DB_CONFIG", subobj);
+	subobj.LDAPDBDIR = subobj.LDAPDIR + "/db/schema";
+	sys.mkdir(subobj.LDAPDBDIR, 0700);
+	sys.mkdir(subobj.LDAPDBDIR + "/tmp", 0700);
+	sys.mkdir(subobj.LDAPDBDIR + "/bdb-logs", 0700);
+	setup_file("DB_CONFIG", message, subobj.LDAPDBDIR + "/DB_CONFIG", subobj);
+	if (options["ldap-backend-port"] != undefined) {
+		message("NOTE: OpenLDAP TCP ports are controlled on the command line, not in the generated config file\n");
+	}
 }
 message("ad2oLschema --option=convert:target=" + options["ldap-backend-type"] + " -I " + lp.get("setup directory") + "/" + mapping + " -H tdb://" + tmp_schema_ldb + " -O " + subobj.LDAPDIR + "/backend-schema." + ext + "\n");
 

Modified: branches/SAMBA_4_0/source/setup/slapd.conf
===================================================================
--- branches/SAMBA_4_0/source/setup/slapd.conf	2007-05-29 11:13:07 UTC (rev 23188)
+++ branches/SAMBA_4_0/source/setup/slapd.conf	2007-05-29 12:18:41 UTC (rev 23189)
@@ -17,13 +17,13 @@
           uid=([^,]*),cn=([^,]*),cn=digest-md5,cn=auth
           ldap:///${DOMAINDN}??sub?(samAccountName=\$1)
 
-include $modconf
+include ${LDAPDIR}/modules.conf
 
-defaultsearchbase \"${DOMAINDN}\"
+defaultsearchbase ${DOMAINDN}
 
 backend		bdb
 database        bdb
-suffix		\"cn=Schema,cn=Configuration,${DOMAINDN}\"
+suffix		${SCHEMADN}
 directory	${LDAPDIR}/db/schema
 index           objectClass eq
 index           samAccountName eq
@@ -33,7 +33,7 @@
 index subClassOf eq
 
 database        bdb
-suffix		\"cn=Configuration,${DOMAINDN}\"
+suffix		${CONFIGDN}
 directory	${LDAPDIR}/db/config
 index           objectClass eq
 index           samAccountName eq
@@ -46,8 +46,8 @@
 index nETBIOSName eq pres
 
 database        bdb
-suffix		\"${DOMAINDN}\"
-rootdn          \"cn=Manager,${DOMAINDN}\"
+suffix		${DOMAINDN}
+rootdn          cn=Manager,${DOMAINDN}
 rootpw          ${LDAPMANAGERPASS}
 directory	${LDAPDIR}/db/user
 index           objectClass eq

More information about the samba-cvs mailing list