sync/ports
1
0
Fork 0
mirror of https://git.freebsd.org/ports.git synced 2025-07-13 15:29:15 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
ports/net/openldap24-server/files/slapd.in
Cy Schubert 4c2c02bc06 Ensure that slapd starts before kdc, as the kdc may be configured to 
require LDAP services. If it is configured to require LDAP and the
slapd server is not yet started, the kdc will fail to start.

PR:		229939
Approved by:	delphij@ (maintainer)
MFH:		2018Q3
Differential Revision:	https://reviews.freebsd.org/D16602
2018-08-10 02:57:05 +00:00

141 lines
3.5 KiB
Bash
Raw Blame History

#!/bin/sh
#
# $FreeBSD$
#
# PROVIDE: slapd
# REQUIRE: FILESYSTEMS ldconfig netif
# BEFORE: SERVERS kdc
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf to enable slapd:
#
#slapd_enable="YES"
#slapd_flags='-h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0/"'
#slapd_sockets="/var/run/openldap/ldapi"
#
# See slapd(8) for more flags
#
# The `-u' and `-g' flags are automatically extracted from slapd_owner,
# by default slapd runs under the non-privileged user id `ldap'. If you
# want to run slapd as root, override this in /etc/rc.conf with
#
#slapd_owner="DEFAULT"
#
# To use the cn=config style configuration add the following
# line to /etc/rc.conf:
#
#slapd_cn_config="YES"
#
# To specify alternative Kerberos 5 Key Table, add the following
# rc.conf(5) configuration:
#
#slapd_krb5_ktname="/path/to/ldap.keytab"
#
. /etc/rc.subr
name="slapd"
rcvar=slapd_enable
# read settings, set defaults
load_rc_config ${name}
: ${slapd_enable="NO"}
if [ -n "${slapd_args+set}" ]; then
warn "slapd_args is deprecated, use slapd_flags"
: ${slapd_flags="$slapd_args"}
fi
: ${slapd_owner="%%LDAP_USER%%:%%LDAP_GROUP%%"}
: ${slapd_sockets_mode="666"}
: ${slapd_cn_config="NO"}
command="%%PREFIX%%/libexec/slapd"
pidfile="%%LDAP_RUN_DIR%%/slapd.pid"
# set required_dirs, required_files and DATABASEDIR
if checkyesno slapd_cn_config; then
required_dirs="%%PREFIX%%/etc/openldap/slapd.d"
required_files="%%PREFIX%%/etc/openldap/slapd.d/cn=config.ldif"
DATABASEDIR=`grep olcDbDirectory %%PREFIX%%/etc/openldap/slapd.d/cn=config/olcDatabase=* | awk '{ print $2 }'`
else
required_files="%%PREFIX%%/etc/openldap/slapd.conf"
DATABASEDIR=`awk '$1 == "directory" { print $2 }' "%%PREFIX%%/etc/openldap/slapd.conf" 2>&1 /dev/null`
fi
start_precmd=start_precmd
start_postcmd=start_postcmd
# extract user and group, adjust ownership of directories and database
start_precmd()
{
local slapd_ownername slapd_groupname
mkdir -p %%LDAP_RUN_DIR%%
case "$slapd_owner" in
""|[Nn][Oo][Nn][Ee]|[Dd][Ee][Ff][Aa][Uu][Ll][Tt])
;;
*)
local DBDIR
for DBDIR in ${DATABASEDIR}; do
if [ ! -d "${DBDIR}" ]; then
mkdir -p "${DBDIR}"
[ -f "%%PREFIX%%/etc/openldap/DB_CONFIG.example" ] && cp "%%PREFIX%%/etc/openldap/DB_CONFIG.example" "${DBDIR}/DB_CONFIG"
fi
chown -RL "$slapd_owner" "${DBDIR}"
chmod 700 "${DBDIR}"
done
chown "$slapd_owner" "%%LDAP_RUN_DIR%%"
if checkyesno slapd_cn_config; then
chown -R $slapd_owner "%%PREFIX%%/etc/openldap/slapd.d"
else
chown $slapd_owner "%%PREFIX%%/etc/openldap/slapd.conf"
fi
slapd_ownername="${slapd_owner%:*}"
slapd_groupname="${slapd_owner#*:}"
if [ -n "$slapd_ownername" ]; then
rc_flags="$rc_flags -u $slapd_ownername"
fi
if [ -n "$slapd_groupname" ]; then
rc_flags="$rc_flags -g $slapd_groupname"
fi
if [ -n "${slapd_krb5_ktname}" ]; then
export KRB5_KTNAME=${slapd_krb5_ktname}
fi
;;
esac
}
# adjust ownership of created unix sockets
start_postcmd()
{
local socket seconds
for socket in $slapd_sockets; do
for seconds in 1 2 3 4 5; do
[ -e "$socket" ] && break
sleep 1
done
if [ -S "$socket" ]; then
case "$slapd_owner" in
""|[Nn][Oo][Nn][Ee]|[Dd][Ee][Ff][Aa][Uu][Ll][Tt])
;;
*)
chown "$slapd_owner" "$socket"
;;
esac
chmod "$slapd_sockets_mode" "$socket"
else
warn "slapd: Can't find socket $socket"
fi
done
}
run_rc_command "$1"
Reference in a new issue View git blame Copy permalink