|
Packit Service |
a5bc9c |
# Author: Jan Vcelak <jvcelak@redhat.com>
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
SLAPD_USER=
|
|
Packit Service |
a5bc9c |
SLAPD_CONFIG_FILE=
|
|
Packit Service |
a5bc9c |
SLAPD_CONFIG_DIR=
|
|
Packit Service |
a5bc9c |
SLAPD_CONFIG_CUSTOM=
|
|
Packit Service |
a5bc9c |
SLAPD_GLOBAL_OPTIONS=
|
|
Packit Service |
a5bc9c |
SLAPD_SYSCONFIG_FILE=
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
function default_config()
|
|
Packit Service |
a5bc9c |
{
|
|
Packit Service |
a5bc9c |
SLAPD_USER=ldap
|
|
Packit Service |
a5bc9c |
SLAPD_CONFIG_FILE=/etc/openldap/slapd.conf
|
|
Packit Service |
a5bc9c |
SLAPD_CONFIG_DIR=/etc/openldap/slapd.d
|
|
Packit Service |
a5bc9c |
SLAPD_CONFIG_CUSTOM=
|
|
Packit Service |
a5bc9c |
SLAPD_GLOBAL_OPTIONS=
|
|
Packit Service |
a5bc9c |
SLAPD_SYSCONFIG_FILE=/etc/sysconfig/slapd
|
|
Packit Service |
a5bc9c |
}
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
function parse_config_options()
|
|
Packit Service |
a5bc9c |
{
|
|
Packit Service |
a5bc9c |
user=
|
|
Packit Service |
a5bc9c |
config_file=
|
|
Packit Service |
a5bc9c |
config_dir=
|
|
Packit Service |
a5bc9c |
while getopts :u:f:F: opt; do
|
|
Packit Service |
a5bc9c |
case "$opt" in
|
|
Packit Service |
a5bc9c |
u)
|
|
Packit Service |
a5bc9c |
user="$OPTARG"
|
|
Packit Service |
a5bc9c |
;;
|
|
Packit Service |
a5bc9c |
f)
|
|
Packit Service |
a5bc9c |
config_file="$OPTARG"
|
|
Packit Service |
a5bc9c |
;;
|
|
Packit Service |
a5bc9c |
F)
|
|
Packit Service |
a5bc9c |
config_dir="$OPTARG"
|
|
Packit Service |
a5bc9c |
;;
|
|
Packit Service |
a5bc9c |
esac
|
|
Packit Service |
a5bc9c |
done
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
if [ -n "$user" ]; then
|
|
Packit Service |
a5bc9c |
SLAPD_USER="$user"
|
|
Packit Service |
a5bc9c |
fi
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
if [ -n "$config_dir" ]; then
|
|
Packit Service |
a5bc9c |
SLAPD_CONFIG_DIR="$config_dir"
|
|
Packit Service |
a5bc9c |
SLAPD_CONFIG_FILE=
|
|
Packit Service |
a5bc9c |
SLAPD_CONFIG_CUSTOM=1
|
|
Packit Service |
a5bc9c |
SLAPD_GLOBAL_OPTIONS="-F '$config_dir'"
|
|
Packit Service |
a5bc9c |
elif [ -n "$config_file" ]; then
|
|
Packit Service |
a5bc9c |
SLAPD_CONFIG_DIR=
|
|
Packit Service |
a5bc9c |
SLAPD_CONFIG_FILE="$config_file"
|
|
Packit Service |
a5bc9c |
SLAPD_CONFIG_CUSTOM=1
|
|
Packit Service |
a5bc9c |
SLAPD_GLOBAL_OPTIONS="-f '$config_file'"
|
|
Packit Service |
a5bc9c |
fi
|
|
Packit Service |
a5bc9c |
}
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
function uses_new_config()
|
|
Packit Service |
a5bc9c |
{
|
|
Packit Service |
a5bc9c |
[ -n "$SLAPD_CONFIG_DIR" ]
|
|
Packit Service |
a5bc9c |
return $?
|
|
Packit Service |
a5bc9c |
}
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
function run_as_ldap()
|
|
Packit Service |
a5bc9c |
{
|
|
Packit Service |
a5bc9c |
/sbin/runuser --shell /bin/sh --session-command "$1" "$SLAPD_USER"
|
|
Packit Service |
a5bc9c |
return $?
|
|
Packit Service |
a5bc9c |
}
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
function ldif_unbreak()
|
|
Packit Service |
a5bc9c |
{
|
|
Packit Service |
a5bc9c |
sed ':a;N;s/\n //;ta;P;D'
|
|
Packit Service |
a5bc9c |
}
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
function ldif_value()
|
|
Packit Service |
a5bc9c |
{
|
|
Packit Service |
a5bc9c |
sed 's/^[^:]*: //'
|
|
Packit Service |
a5bc9c |
}
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
function databases_new()
|
|
Packit Service |
a5bc9c |
{
|
|
Packit Service |
a5bc9c |
slapcat $SLAPD_GLOBAL_OPTIONS -c \
|
|
Packit Service |
a5bc9c |
-H 'ldap:///cn=config???(|(objectClass=olcBdbConfig)(objectClass=olcHdbConfig))' 2>/dev/null | \
|
|
Packit Service |
a5bc9c |
ldif_unbreak | \
|
|
Packit Service |
a5bc9c |
grep '^olcDbDirectory: ' | \
|
|
Packit Service |
a5bc9c |
ldif_value
|
|
Packit Service |
a5bc9c |
}
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
function databases_old()
|
|
Packit Service |
a5bc9c |
{
|
|
Packit Service |
a5bc9c |
awk 'begin { database="" }
|
|
Packit Service |
a5bc9c |
$1 == "database" { database=$2 }
|
|
Packit Service |
a5bc9c |
$1 == "directory" { if (database == "bdb" || database == "hdb") print $2}' \
|
|
Packit Service |
a5bc9c |
"$SLAPD_CONFIG_FILE"
|
|
Packit Service |
a5bc9c |
}
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
function certificates_new()
|
|
Packit Service |
a5bc9c |
{
|
|
Packit Service |
a5bc9c |
slapcat $SLAPD_GLOBAL_OPTIONS -c -H 'ldap:///cn=config???(cn=config)' 2>/dev/null | \
|
|
Packit Service |
a5bc9c |
ldif_unbreak | \
|
|
Packit Service |
a5bc9c |
grep '^olcTLS\(CACertificateFile\|CACertificatePath\|CertificateFile\|CertificateKeyFile\): ' | \
|
|
Packit Service |
a5bc9c |
ldif_value
|
|
Packit Service |
a5bc9c |
}
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
function certificates_old()
|
|
Packit Service |
a5bc9c |
{
|
|
Packit Service |
a5bc9c |
awk '$1 ~ "^TLS(CACertificate(File|Path)|CertificateFile|CertificateKeyFile)$" { print $2 } ' \
|
|
Packit Service |
a5bc9c |
"$SLAPD_CONFIG_FILE"
|
|
Packit Service |
a5bc9c |
}
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
function certificates()
|
|
Packit Service |
a5bc9c |
{
|
|
Packit Service |
a5bc9c |
uses_new_config && certificates_new || certificates_old
|
|
Packit Service |
a5bc9c |
}
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
function databases()
|
|
Packit Service |
a5bc9c |
{
|
|
Packit Service |
a5bc9c |
uses_new_config && databases_new || databases_old
|
|
Packit Service |
a5bc9c |
}
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
function error()
|
|
Packit Service |
a5bc9c |
{
|
|
Packit Service |
a5bc9c |
format="$1\n"; shift
|
|
Packit Service |
a5bc9c |
printf "$format" $@ >&2
|
|
Packit Service |
a5bc9c |
}
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
function load_sysconfig()
|
|
Packit Service |
a5bc9c |
{
|
|
Packit Service |
a5bc9c |
[ -r "$SLAPD_SYSCONFIG_FILE" ] || return
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
. "$SLAPD_SYSCONFIG_FILE"
|
|
Packit Service |
a5bc9c |
[ -n "$SLAPD_OPTIONS" ] && parse_config_options $SLAPD_OPTIONS
|
|
Packit Service |
a5bc9c |
}
|
|
Packit Service |
a5bc9c |
|
|
Packit Service |
a5bc9c |
default_config
|