summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRich Megginson <rmeggins@redhat.com>2007-07-13 18:35:33 +0000
committerRich Megginson <rmeggins@redhat.com>2007-07-13 18:35:33 +0000
commitcd0220f611d38f47c6414a3a976c85800eddce52 (patch)
treee82b94785469c6dfbb269fdb4a4d05c8a04ea7bc
parent44ee32bb2f39712b8c0f5628d5c17109c48772d7 (diff)
downloadds-cd0220f611d38f47c6414a3a976c85800eddce52.tar.gz
ds-cd0220f611d38f47c6414a3a976c85800eddce52.tar.xz
ds-cd0220f611d38f47c6414a3a976c85800eddce52.zip
Resolves: bug 248145
Bug Description: Replace ds_newinst binary with perl script Reviewed by: nhosoi (Thanks!) Fix Description: The time has come. We can finally get rid of the instance creation C code once and for all. I've created a DSCreate module that has all of the functionality of the old create_instance.c code, along with a few items from ldap/admin/lib. The way it works is this: it first creates the dse.ldif file using template-dse.ldif and the suffix-db template to create the initial db and suffix. It then adds additional optional configuration depending on what optional features have been enabled. It creates other config files and copies in the schema. It then initializes the database. It uses a template file based on the type of entry implied by the suffix, then adds the default ACIs. If the user chose to do so, it will also create the ou=people, ou=groups, etc. entries. The user can also supply an LDIF file which will be used to populate the initial database, in which case none of the default entries or ACIs will be used. It then starts the server (if desired). I had to create a function makePaths that works like mkdir -p except that it will chown, chgrp, and chmod all paths created. I had to change the other places where instance creation was called to use the new calling semantics. ds_create changed quite a bit, since it can just use an Inf to pass in the information instead of calling ds_newinst as a CGI program. I had to change FileConn to add support for namingContexts (i.e. entries with no parent), and to have it write each change each time, and to return copies of entries when searching, to avoid modifying the tree in place. This makes it act much more like LDAP. I found and fixed a few bugs in Migration along the way that were revealed while integrating the new DSCreate code. Platforms tested: RHEL4, FC6 Flag Day: Yes. New instance creation code and autotool changes. Doc impact: no
Diffstat
-rw-r--r--Makefile.am42
-rw-r--r--Makefile.in44
-rwxr-xr-xconfigure24
-rw-r--r--configure.ac2
-rw-r--r--ldap/admin/src/scripts/DSCreate.pm.in799
-rw-r--r--ldap/admin/src/scripts/DSMigration.pm.in64
-rw-r--r--ldap/admin/src/scripts/FileConn.pm66
-rw-r--r--ldap/admin/src/scripts/Migration.pm.in2
-rw-r--r--ldap/admin/src/scripts/Util.pm.in134
-rw-r--r--ldap/admin/src/scripts/dscreate.map.in67
-rw-r--r--ldap/admin/src/scripts/dsorgentries.map.in50
-rw-r--r--ldap/admin/src/scripts/migrate-ds.pl.in14
-rw-r--r--ldap/admin/src/scripts/migrate-ds.res3
-rw-r--r--ldap/admin/src/scripts/setup-ds.pl.in12
-rw-r--r--ldap/admin/src/scripts/setup-ds.res.in21
-rw-r--r--ldap/admin/src/scripts/template-restart-slapd.in25
-rw-r--r--ldap/ldif/template-baseacis.ldif.in5
-rw-r--r--ldap/ldif/template-country.ldif.in4
-rw-r--r--ldap/ldif/template-domain.ldif.in4
-rw-r--r--ldap/ldif/template-dse.ldif.in6
-rw-r--r--ldap/ldif/template-locality.ldif.in4
-rw-r--r--ldap/ldif/template-org.ldif.in4
-rw-r--r--ldap/ldif/template-orgunit.ldif.in4
-rw-r--r--ldap/ldif/template-state.ldif.in4
-rw-r--r--ldap/ldif/template.ldif34
-rw-r--r--m4/fhs.m41
26 files changed, 1321 insertions, 118 deletions
diff --git a/Makefile.am b/Makefile.am
index 236041a3..8740967a 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -98,13 +98,16 @@ server_LTLIBRARIES = libslapd.la libds_admin.la libns-dshttpd.la
# this is how to add optional plugins
if enable_pam_passthru
LIBPAM_PASSTHRU_PLUGIN = libpam-passthru-plugin.la
+enable_pam_passthru = 1
endif
if enable_dna
LIBDNA_PLUGIN = libdna-plugin.la
+enable_dna = 1
endif
if enable_bitwise
LIBBITWISE_PLUGIN = libbitwise-plugin.la
+enable_bitwise = 1
endif
serverplugin_LTLIBRARIES = libacl-plugin.la libattr-unique-plugin.la \
@@ -145,6 +148,14 @@ sampledata_DATA = $(srcdir)/ldap/ldif/Ace.ldif \
ldap/ldif/template-pampta.ldif \
ldap/ldif/template-dnaplugin.ldif \
ldap/ldif/template-bitwise.ldif \
+ ldap/ldif/template-dse.ldif \
+ ldap/ldif/template-org.ldif \
+ ldap/ldif/template-domain.ldif \
+ ldap/ldif/template-state.ldif \
+ ldap/ldif/template-locality.ldif \
+ ldap/ldif/template-country.ldif \
+ ldap/ldif/template-orgunit.ldif \
+ ldap/ldif/template-baseacis.ldif \
$(srcdir)/ldap/servers/slapd/tools/rsearch/scripts/dbgen-FamilyNames \
$(srcdir)/ldap/servers/slapd/tools/rsearch/scripts/dbgen-GivenNames \
$(srcdir)/ldap/servers/slapd/tools/rsearch/scripts/dbgen-OrgUnits
@@ -201,7 +212,8 @@ perl_SCRIPTS = ldap/admin/src/scripts/SetupLog.pm \
ldap/admin/src/scripts/Setup.pm \
ldap/admin/src/scripts/Migration.pm \
ldap/admin/src/scripts/DSMigration.pm \
- ldap/admin/src/scripts/FileConn.pm
+ ldap/admin/src/scripts/FileConn.pm \
+ ldap/admin/src/scripts/DSCreate.pm
property_DATA = ldap/admin/src/scripts/setup-ds.res \
ldap/admin/src/scripts/migrate-ds.res
@@ -217,6 +229,7 @@ task_SCRIPTS = ldap/admin/src/scripts/template-bak2db \
ldap/admin/src/scripts/template-saveconfig \
ldap/admin/src/scripts/template-start-slapd \
ldap/admin/src/scripts/template-stop-slapd \
+ ldap/admin/src/scripts/template-restart-slapd \
ldap/admin/src/scripts/template-suffix2instance \
ldap/admin/src/scripts/template-vlvindex \
ldap/admin/src/scripts/template-bak2db.pl \
@@ -236,7 +249,9 @@ task_SCRIPTS = ldap/admin/src/scripts/template-bak2db \
init_SCRIPTS = wrappers/$(PACKAGE_NAME)
-inf_DATA = ldap/admin/src/slapd.inf
+inf_DATA = ldap/admin/src/slapd.inf \
+ ldap/admin/src/scripts/dscreate.map \
+ ldap/admin/src/scripts/dsorgentries.map
#////////////////////////////////////////////////////////////////
#
@@ -938,6 +953,7 @@ mmldif_bin_LDADD = libslapd.la $(NSPR_LINK) $(NSS_LINK) $(SVRCORE_LINK) $(LDAPSD
#------------------------
if enable_ldapi
GETSOCKETPEER=ldap/servers/slapd/getsocketpeer.c
+ enable_ldapi = 1
endif
ns_slapd_SOURCES = ldap/servers/slapd/abandon.c \
@@ -1034,20 +1050,29 @@ fixupcmd = sed \
-e 's,@configdir\@,$(configdir),g' \
-e 's,@sysconfdir\@,$(sysconfdir),g' \
-e 's,@localstatedir\@,$(localstatedir),g' \
+ -e 's,@infdir\@,$(infdir),g' \
+ -e 's,@templatedir\@,$(sampledatadir),g' \
-e 's,@package_name\@,$(PACKAGE_NAME),g' \
-e 's,@instconfigdir\@,$(instconfigdir),g' \
+ -e 's,@enable_ldapi\@,$(enable_ldapi),g' \
+ -e 's,@enable_pam_passthru\@,$(enable_pam_passthru),g' \
+ -e 's,@enable_bitwise\@,$(enable_bitwise),g' \
+ -e 's,@enable_dna\@,$(enable_dna),g' \
+ -e 's,@enable_autobind\@,$(enable_autobind),g' \
-e 's,@ECHO_N\@,$(ECHO_N),g' \
-e 's,@ECHO_C\@,$(ECHO_C),g' \
-e 's,@brand\@,$(brand),g' \
-e 's,@capbrand\@,$(capbrand),g' \
-e 's,@vendor\@,$(vendor),g' \
+ -e 's,@PACKAGE_NAME\@,$(PACKAGE_NAME),g' \
-e 's,@PACKAGE_VERSION\@,$(PACKAGE_VERSION),g' \
-e 's,@PACKAGE_BASE_VERSION\@,$(PACKAGE_BASE_VERSION),g' \
-e 's,@BUILDNUM\@,$(BUILDNUM),g' \
-e 's,@NQBUILD_NUM\@,$(NQBUILDNUM),g' \
-e 's,@perldir\@,$(perldir),g' \
-e 's,@defaultuser\@,$(defaultuser),g' \
- -e 's,@defaultgroup\@,$(defaultgroup),g'
+ -e 's,@defaultgroup\@,$(defaultgroup),g' \
+ -e 's,@with_fhs_opt\@,@with_fhs_opt@,g'
else
fixupcmd = sed \
-e 's,@bindir\@,$(bindir),g' \
@@ -1070,20 +1095,29 @@ fixupcmd = sed \
-e 's,@configdir\@,$(configdir),g' \
-e 's,@sysconfdir\@,$(sysconfdir),g' \
-e 's,@localstatedir\@,$(localstatedir),g' \
+ -e 's,@infdir\@,$(infdir),g' \
+ -e 's,@templatedir\@,$(sampledatadir),g' \
-e 's,@package_name\@,$(PACKAGE_NAME),g' \
-e 's,@instconfigdir\@,$(instconfigdir),g' \
+ -e 's,@enable_ldapi\@,$(enable_ldapi),g' \
+ -e 's,@enable_pam_passthru\@,$(enable_pam_passthru),g' \
+ -e 's,@enable_bitwise\@,$(enable_bitwise),g' \
+ -e 's,@enable_dna\@,$(enable_dna),g' \
+ -e 's,@enable_autobind\@,$(enable_autobind),g' \
-e 's,@ECHO_N\@,$(ECHO_N),g' \
-e 's,@ECHO_C\@,$(ECHO_C),g' \
-e 's,@brand\@,$(brand),g' \
-e 's,@capbrand\@,$(capbrand),g' \
-e 's,@vendor\@,$(vendor),g' \
+ -e 's,@PACKAGE_NAME\@,$(PACKAGE_NAME),g' \
-e 's,@PACKAGE_VERSION\@,$(PACKAGE_VERSION),g' \
-e 's,@PACKAGE_BASE_VERSION\@,$(PACKAGE_BASE_VERSION),g' \
-e 's,@BUILDNUM\@,$(BUILDNUM),g' \
-e 's,@NQBUILD_NUM\@,$(NQBUILDNUM),g' \
-e 's,@perldir\@,$(perldir),g' \
-e 's,@defaultuser\@,$(defaultuser),g' \
- -e 's,@defaultgroup\@,$(defaultgroup),g'
+ -e 's,@defaultgroup\@,$(defaultgroup),g' \
+ -e 's,@with_fhs_opt\@,@with_fhs_opt@,g'
endif
%: %.in
diff --git a/Makefile.in b/Makefile.in
index abb30db3..7cd50bc8 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -986,6 +986,7 @@ svrcore_lib = @svrcore_lib@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
vendor = @vendor@
+with_fhs_opt = @with_fhs_opt@
# look for included m4 files in the ./m4/ directory
ACLOCAL_AMFLAGS = -I m4
@@ -1045,8 +1046,11 @@ server_LTLIBRARIES = libslapd.la libds_admin.la libns-dshttpd.la
# this is how to add optional plugins
@enable_pam_passthru_TRUE@LIBPAM_PASSTHRU_PLUGIN = libpam-passthru-plugin.la
+@enable_pam_passthru_TRUE@enable_pam_passthru = 1
@enable_dna_TRUE@LIBDNA_PLUGIN = libdna-plugin.la
+@enable_dna_TRUE@enable_dna = 1
@enable_bitwise_TRUE@LIBBITWISE_PLUGIN = libbitwise-plugin.la
+@enable_bitwise_TRUE@enable_bitwise = 1
serverplugin_LTLIBRARIES = libacl-plugin.la libattr-unique-plugin.la \
libback-ldbm.la libchainingdb-plugin.la libcos-plugin.la libdes-plugin.la \
libdistrib-plugin.la libhttp-client-plugin.la libcollation-plugin.la \
@@ -1082,6 +1086,14 @@ sampledata_DATA = $(srcdir)/ldap/ldif/Ace.ldif \
ldap/ldif/template-pampta.ldif \
ldap/ldif/template-dnaplugin.ldif \
ldap/ldif/template-bitwise.ldif \
+ ldap/ldif/template-dse.ldif \
+ ldap/ldif/template-org.ldif \
+ ldap/ldif/template-domain.ldif \
+ ldap/ldif/template-state.ldif \
+ ldap/ldif/template-locality.ldif \
+ ldap/ldif/template-country.ldif \
+ ldap/ldif/template-orgunit.ldif \
+ ldap/ldif/template-baseacis.ldif \
$(srcdir)/ldap/servers/slapd/tools/rsearch/scripts/dbgen-FamilyNames \
$(srcdir)/ldap/servers/slapd/tools/rsearch/scripts/dbgen-GivenNames \
$(srcdir)/ldap/servers/slapd/tools/rsearch/scripts/dbgen-OrgUnits
@@ -1138,7 +1150,8 @@ perl_SCRIPTS = ldap/admin/src/scripts/SetupLog.pm \
ldap/admin/src/scripts/Setup.pm \
ldap/admin/src/scripts/Migration.pm \
ldap/admin/src/scripts/DSMigration.pm \
- ldap/admin/src/scripts/FileConn.pm
+ ldap/admin/src/scripts/FileConn.pm \
+ ldap/admin/src/scripts/DSCreate.pm
property_DATA = ldap/admin/src/scripts/setup-ds.res \
ldap/admin/src/scripts/migrate-ds.res
@@ -1154,6 +1167,7 @@ task_SCRIPTS = ldap/admin/src/scripts/template-bak2db \
ldap/admin/src/scripts/template-saveconfig \
ldap/admin/src/scripts/template-start-slapd \
ldap/admin/src/scripts/template-stop-slapd \
+ ldap/admin/src/scripts/template-restart-slapd \
ldap/admin/src/scripts/template-suffix2instance \
ldap/admin/src/scripts/template-vlvindex \
ldap/admin/src/scripts/template-bak2db.pl \
@@ -1172,7 +1186,10 @@ task_SCRIPTS = ldap/admin/src/scripts/template-bak2db \
$(srcdir)/ldap/admin/src/scripts/template-migrateTo7
init_SCRIPTS = wrappers/$(PACKAGE_NAME)
-inf_DATA = ldap/admin/src/slapd.inf
+inf_DATA = ldap/admin/src/slapd.inf \
+ ldap/admin/src/scripts/dscreate.map \
+ ldap/admin/src/scripts/dsorgentries.map
+
#////////////////////////////////////////////////////////////////
#
@@ -1847,6 +1864,7 @@ mmldif_bin_LDADD = libslapd.la $(NSPR_LINK) $(NSS_LINK) $(SVRCORE_LINK) $(LDAPSD
# ns-slapd
#------------------------
@enable_ldapi_TRUE@GETSOCKETPEER = ldap/servers/slapd/getsocketpeer.c
+@enable_ldapi_TRUE@enable_ldapi = 1
ns_slapd_SOURCES = ldap/servers/slapd/abandon.c \
ldap/servers/slapd/auth.c \
ldap/servers/slapd/bind.c \
@@ -1931,20 +1949,29 @@ rsearch_bin_LDADD = $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK) $(LIBS
@BUNDLE_FALSE@ -e 's,@configdir\@,$(configdir),g' \
@BUNDLE_FALSE@ -e 's,@sysconfdir\@,$(sysconfdir),g' \
@BUNDLE_FALSE@ -e 's,@localstatedir\@,$(localstatedir),g' \
+@BUNDLE_FALSE@ -e 's,@infdir\@,$(infdir),g' \
+@BUNDLE_FALSE@ -e 's,@templatedir\@,$(sampledatadir),g' \
@BUNDLE_FALSE@ -e 's,@package_name\@,$(PACKAGE_NAME),g' \
@BUNDLE_FALSE@ -e 's,@instconfigdir\@,$(instconfigdir),g' \
+@BUNDLE_FALSE@ -e 's,@enable_ldapi\@,$(enable_ldapi),g' \
+@BUNDLE_FALSE@ -e 's,@enable_pam_passthru\@,$(enable_pam_passthru),g' \
+@BUNDLE_FALSE@ -e 's,@enable_bitwise\@,$(enable_bitwise),g' \
+@BUNDLE_FALSE@ -e 's,@enable_dna\@,$(enable_dna),g' \
+@BUNDLE_FALSE@ -e 's,@enable_autobind\@,$(enable_autobind),g' \
@BUNDLE_FALSE@ -e 's,@ECHO_N\@,$(ECHO_N),g' \
@BUNDLE_FALSE@ -e 's,@ECHO_C\@,$(ECHO_C),g' \
@BUNDLE_FALSE@ -e 's,@brand\@,$(brand),g' \
@BUNDLE_FALSE@ -e 's,@capbrand\@,$(capbrand),g' \
@BUNDLE_FALSE@ -e 's,@vendor\@,$(vendor),g' \
+@BUNDLE_FALSE@ -e 's,@PACKAGE_NAME\@,$(PACKAGE_NAME),g' \
@BUNDLE_FALSE@ -e 's,@PACKAGE_VERSION\@,$(PACKAGE_VERSION),g' \
@BUNDLE_FALSE@ -e 's,@PACKAGE_BASE_VERSION\@,$(PACKAGE_BASE_VERSION),g' \
@BUNDLE_FALSE@ -e 's,@BUILDNUM\@,$(BUILDNUM),g' \
@BUNDLE_FALSE@ -e 's,@NQBUILD_NUM\@,$(NQBUILDNUM),g' \
@BUNDLE_FALSE@ -e 's,@perldir\@,$(perldir),g' \
@BUNDLE_FALSE@ -e 's,@defaultuser\@,$(defaultuser),g' \
-@BUNDLE_FALSE@ -e 's,@defaultgroup\@,$(defaultgroup),g'
+@BUNDLE_FALSE@ -e 's,@defaultgroup\@,$(defaultgroup),g' \
+@BUNDLE_FALSE@ -e 's,@with_fhs_opt\@,@with_fhs_opt@,g'
# these are for the config files and scripts that we need to generate and replace
@@ -1974,20 +2001,29 @@ rsearch_bin_LDADD = $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK) $(LIBS
@BUNDLE_TRUE@ -e 's,@configdir\@,$(configdir),g' \
@BUNDLE_TRUE@ -e 's,@sysconfdir\@,$(sysconfdir),g' \
@BUNDLE_TRUE@ -e 's,@localstatedir\@,$(localstatedir),g' \
+@BUNDLE_TRUE@ -e 's,@infdir\@,$(infdir),g' \
+@BUNDLE_TRUE@ -e 's,@templatedir\@,$(sampledatadir),g' \
@BUNDLE_TRUE@ -e 's,@package_name\@,$(PACKAGE_NAME),g' \
@BUNDLE_TRUE@ -e 's,@instconfigdir\@,$(instconfigdir),g' \
+@BUNDLE_TRUE@ -e 's,@enable_ldapi\@,$(enable_ldapi),g' \
+@BUNDLE_TRUE@ -e 's,@enable_pam_passthru\@,$(enable_pam_passthru),g' \
+@BUNDLE_TRUE@ -e 's,@enable_bitwise\@,$(enable_bitwise),g' \
+@BUNDLE_TRUE@ -e 's,@enable_dna\@,$(enable_dna),g' \
+@BUNDLE_TRUE@ -e 's,@enable_autobind\@,$(enable_autobind),g' \
@BUNDLE_TRUE@ -e 's,@ECHO_N\@,$(ECHO_N),g' \
@BUNDLE_TRUE@ -e 's,@ECHO_C\@,$(ECHO_C),g' \
@BUNDLE_TRUE@ -e 's,@brand\@,$(brand),g' \
@BUNDLE_TRUE@ -e 's,@capbrand\@,$(capbrand),g' \
@BUNDLE_TRUE@ -e 's,@vendor\@,$(vendor),g' \
+@BUNDLE_TRUE@ -e 's,@PACKAGE_NAME\@,$(PACKAGE_NAME),g' \
@BUNDLE_TRUE@ -e 's,@PACKAGE_VERSION\@,$(PACKAGE_VERSION),g' \
@BUNDLE_TRUE@ -e 's,@PACKAGE_BASE_VERSION\@,$(PACKAGE_BASE_VERSION),g' \
@BUNDLE_TRUE@ -e 's,@BUILDNUM\@,$(BUILDNUM),g' \
@BUNDLE_TRUE@ -e 's,@NQBUILD_NUM\@,$(NQBUILDNUM),g' \
@BUNDLE_TRUE@ -e 's,@perldir\@,$(perldir),g' \
@BUNDLE_TRUE@ -e 's,@defaultuser\@,$(defaultuser),g' \
-@BUNDLE_TRUE@ -e 's,@defaultgroup\@,$(defaultgroup),g'
+@BUNDLE_TRUE@ -e 's,@defaultgroup\@,$(defaultgroup),g' \
+@BUNDLE_TRUE@ -e 's,@with_fhs_opt\@,@with_fhs_opt@,g'
all: $(BUILT_SOURCES) config.h
$(MAKE) $(AM_MAKEFLAGS) all-am
diff --git a/configure b/configure
index 21acdfe5..c7f94a06 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.59 for fedora-ds 1.1.0a3.
+# Generated by GNU Autoconf 2.59 for fedora-ds 1.1.0a4.
#
# Report bugs to <http://bugzilla.redhat.com/>.
#
@@ -423,8 +423,8 @@ SHELL=${CONFIG_SHELL-/bin/sh}
# Identity of this package.
PACKAGE_NAME='fedora-ds'
PACKAGE_TARNAME='fedora-ds'
-PACKAGE_VERSION='1.1.0a3'
-PACKAGE_STRING='fedora-ds 1.1.0a3'
+PACKAGE_VERSION='1.1.0a4'
+PACKAGE_STRING='fedora-ds 1.1.0a4'
PACKAGE_BUGREPORT='http://bugzilla.redhat.com/'
# Factoring default headers for most tests.
@@ -465,7 +465,7 @@ ac_includes_default="\
#endif"
ac_default_prefix=/opt/$PACKAGE_NAME
-ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT build build_cpu build_vendor build_os host host_cpu host_vendor host_os CXX CXXFLAGS LDFLAGS CPPFLAGS ac_ct_CXX EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CXXDEPMODE am__fastdepCXX_TRUE am__fastdepCXX_FALSE CC CFLAGS ac_ct_CC CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE SED EGREP LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB CPP CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL LIBOBJS debug_defs BUNDLE_TRUE BUNDLE_FALSE enable_pam_passthru_TRUE enable_pam_passthru_FALSE enable_dna_TRUE enable_dna_FALSE enable_ldapi_TRUE enable_ldapi_FALSE enable_bitwise_TRUE enable_bitwise_FALSE configdir sampledatadir propertydir schemadir serverdir serverplugindir scripttemplatedir perldir infdir defaultuser defaultgroup instconfigdir WINNT_TRUE WINNT_FALSE LIBSOCKET LIBNSL LIBDL LIBCSTD LIBCRUN initdir HPUX_TRUE HPUX_FALSE SOLARIS_TRUE SOLARIS_FALSE PKG_CONFIG ICU_CONFIG NETSNMP_CONFIG PACKAGE_BASE_VERSION nspr_inc nspr_lib nspr_libdir nss_inc nss_lib nss_libdir ldapsdk_inc ldapsdk_lib ldapsdk_libdir ldapsdk_bindir db_inc db_incdir db_lib db_libdir db_bindir db_libver sasl_inc sasl_lib sasl_libdir svrcore_inc svrcore_lib icu_lib icu_inc icu_bin netsnmp_inc netsnmp_lib netsnmp_libdir netsnmp_link brand capbrand vendor LTLIBOBJS'
+ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT build build_cpu build_vendor build_os host host_cpu host_vendor host_os CXX CXXFLAGS LDFLAGS CPPFLAGS ac_ct_CXX EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CXXDEPMODE am__fastdepCXX_TRUE am__fastdepCXX_FALSE CC CFLAGS ac_ct_CC CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE SED EGREP LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB CPP CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL LIBOBJS debug_defs BUNDLE_TRUE BUNDLE_FALSE enable_pam_passthru_TRUE enable_pam_passthru_FALSE enable_dna_TRUE enable_dna_FALSE enable_ldapi_TRUE enable_ldapi_FALSE enable_bitwise_TRUE enable_bitwise_FALSE with_fhs_opt configdir sampledatadir propertydir schemadir serverdir serverplugindir scripttemplatedir perldir infdir defaultuser defaultgroup instconfigdir WINNT_TRUE WINNT_FALSE LIBSOCKET LIBNSL LIBDL LIBCSTD LIBCRUN initdir HPUX_TRUE HPUX_FALSE SOLARIS_TRUE SOLARIS_FALSE PKG_CONFIG ICU_CONFIG NETSNMP_CONFIG PACKAGE_BASE_VERSION nspr_inc nspr_lib nspr_libdir nss_inc nss_lib nss_libdir ldapsdk_inc ldapsdk_lib ldapsdk_libdir ldapsdk_bindir db_inc db_incdir db_lib db_libdir db_bindir db_libver sasl_inc sasl_lib sasl_libdir svrcore_inc svrcore_lib icu_lib icu_inc icu_bin netsnmp_inc netsnmp_lib netsnmp_libdir netsnmp_link brand capbrand vendor LTLIBOBJS'
ac_subst_files=''
# Initialize some variables set by options.
@@ -954,7 +954,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures fedora-ds 1.1.0a3 to adapt to many kinds of systems.
+\`configure' configures fedora-ds 1.1.0a4 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1020,7 +1020,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of fedora-ds 1.1.0a3:";;
+ short | recursive ) echo "Configuration of fedora-ds 1.1.0a4:";;
esac
cat <<\_ACEOF
@@ -1201,7 +1201,7 @@ fi
test -n "$ac_init_help" && exit 0
if $ac_init_version; then
cat <<\_ACEOF
-fedora-ds configure 1.1.0a3
+fedora-ds configure 1.1.0a4
generated by GNU Autoconf 2.59
Copyright (C) 2003 Free Software Foundation, Inc.
@@ -1215,7 +1215,7 @@ cat >&5 <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by fedora-ds $as_me 1.1.0a3, which was
+It was created by fedora-ds $as_me 1.1.0a4, which was
generated by GNU Autoconf 2.59. Invocation command line was
$ $0 $@
@@ -1861,7 +1861,7 @@ fi
# Define the identity of the package.
PACKAGE='fedora-ds'
- VERSION='1.1.0a3'
+ VERSION='1.1.0a4'
cat >>confdefs.h <<_ACEOF
@@ -23119,6 +23119,7 @@ if test "${with_fhs_opt+set}" = set; then
echo "$as_me:$LINENO: result: yes" >&5
echo "${ECHO_T}yes" >&6
+
else
echo "$as_me:$LINENO: result: no" >&5
echo "${ECHO_T}no" >&6
@@ -25680,7 +25681,7 @@ _ASBOX
} >&5
cat >&5 <<_CSEOF
-This file was extended by fedora-ds $as_me 1.1.0a3, which was
+This file was extended by fedora-ds $as_me 1.1.0a4, which was
generated by GNU Autoconf 2.59. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -25743,7 +25744,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-fedora-ds config.status 1.1.0a3
+fedora-ds config.status 1.1.0a4
configured by $0, generated by GNU Autoconf 2.59,
with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\"
@@ -26022,6 +26023,7 @@ s,@enable_ldapi_TRUE@,$enable_ldapi_TRUE,;t t
s,@enable_ldapi_FALSE@,$enable_ldapi_FALSE,;t t
s,@enable_bitwise_TRUE@,$enable_bitwise_TRUE,;t t
s,@enable_bitwise_FALSE@,$enable_bitwise_FALSE,;t t
+s,@with_fhs_opt@,$with_fhs_opt,;t t
s,@configdir@,$configdir,;t t
s,@sampledatadir@,$sampledatadir,;t t
s,@propertydir@,$propertydir,;t t
diff --git a/configure.ac b/configure.ac
index 54eb5473..b93155a5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.59)
# This version is the version returned by ns-slapd -v
-AC_INIT([fedora-ds], [1.1.0a3], [http://bugzilla.redhat.com/])
+AC_INIT([fedora-ds], [1.1.0a4], [http://bugzilla.redhat.com/])
# AC_CONFIG_HEADER must be called right after AC_INIT.
AC_CONFIG_HEADERS([config.h])
AM_INIT_AUTOMAKE([1.9 foreign subdir-objects])
diff --git a/ldap/admin/src/scripts/DSCreate.pm.in b/ldap/admin/src/scripts/DSCreate.pm.in
new file mode 100644
index 00000000..62cbf8ea
--- /dev/null
+++ b/ldap/admin/src/scripts/DSCreate.pm.in
@@ -0,0 +1,799 @@
+# BEGIN COPYRIGHT BLOCK
+# This Program is free software; you can redistribute it and/or modify it under
+# the terms of the GNU General Public License as published by the Free Software
+# Foundation; version 2 of the License.
+#
+# This Program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with
+# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
+# Place, Suite 330, Boston, MA 02111-1307 USA.
+#
+# In addition, as a special exception, Red Hat, Inc. gives You the additional
+# right to link the code of this Program with code not covered under the GNU
+# General Public License ("Non-GPL Code") and to distribute linked combinations
+# including the two, subject to the limitations in this paragraph. Non-GPL Code
+# permitted under this exception must only link to the code of this Program
+# through those well defined interfaces identified in the file named EXCEPTION
+# found in the source code files (the "Approved Interfaces"). The files of
+# Non-GPL Code may instantiate templates or use macros or inline functions from
+# the Approved Interfaces without causing the resulting work to be covered by
+# the GNU General Public License. Only Red Hat, Inc. may make changes or
+# additions to the list of Approved Interfaces. You must obey the GNU General
+# Public License in all respects for all of the Program code and other code used
+# in conjunction with the Program except the Non-GPL Code covered by this
+# exception. If you modify this file, you may extend this exception to your
+# version of the file, but you are not obligated to do so. If you do not wish to
+# provide this exception without modification, you must delete this exception
+# statement from your version and license this file solely under the GPL without
+# exception.
+#
+#
+# Copyright (C) 2007 Red Hat, Inc.
+# All rights reserved.
+# END COPYRIGHT BLOCK
+#
+
+###########################
+#
+# This perl module provides a way to create a new instance of
+# directory server.
+#
+##########################
+
+package DSCreate;
+use Util;
+use Inf;
+use FileConn;
+
+use Net::Domain qw(hostfqdn);
+# tempfiles
+use File::Temp qw(tempfile tempdir);
+use File::Path;
+use File::Copy;
+use File::Basename qw(basename);
+
+# load perldap
+use Mozilla::LDAP::Conn;
+use Mozilla::LDAP::Utils qw(normalizeDN);
+use Mozilla::LDAP::API qw(ldap_explode_dn);
+use Mozilla::LDAP::LDIF;
+
+use Exporter;
+@ISA = qw(Exporter);
+@EXPORT = qw(createDSInstance);
+@EXPORT_OK = qw(createDSInstance);
+
+use strict;
+
+use SetupLog;
+
+sub checkPort {
+ my $inf = shift;
+
+ # allow port 0 if ldapi is used
+ if ("@enable_ldapi@") {
+ if ($inf->{slapd}->{ldapifilepath} &&
+ ($inf->{slapd}->{ServerPort} == 0)) {
+ return ();
+ }
+ }
+
+ if (!portAvailable($inf->{slapd}->{ServerPort})) {
+ return ('error_port_available', $inf->{slapd}->{ServerPort}, $!);
+ }
+
+ return ();
+}
+
+# checks the parameters in $inf to make sure the supplied values
+# are valid
+# returns null if successful, or an error string for use with getText()
+sub sanityCheckParams {
+ my $inf = shift;
+ my @errs = ();
+
+ # if we don't need to start the server right away, we can skip the
+ # port number checks
+ if (!defined($inf->{slapd}->{start_server}) or
+ ($inf->{slapd}->{start_server} == 1)) {
+
+ if (@errs = checkPort($inf)) {
+ return @errs;
+ }
+ }
+
+ if (!isValidServerID($inf->{slapd}->{ServerIdentifier})) {
+ return ('error_invalid_serverid', $inf->{slapd}->{ServerIdentifier});
+ } elsif (-d $inf->{slapd}->{config_dir}) {
+ return ('error_server_already_exists', $inf->{slapd}->{config_dir});
+ }
+
+ if (@errs = isValidUser($inf->{General}->{SuiteSpotUserID})) {
+ return @errs;
+ }
+
+ if (!isValidDN($inf->{slapd}->{Suffix})) {
+ return ('dialog_dssuffix_error', $inf->{slapd}->{Suffix});
+ }
+
+ if (!isValidDN($inf->{slapd}->{RootDN})) {
+ return ('dialog_dsrootdn_error', $inf->{slapd}->{RootDN});
+ }
+
+ if ($inf->{slapd}->{RootDNPwd} =~ /\{\w+\}.+/) {
+ debug(1, "The root password is already hashed - no checking will be performed\n");
+ } elsif (length($inf->{slapd}->{RootDNPwd}) < 8) {
+ debug(0, "WARNING: The root password is less than 8 characters long. You should choose a longer one.\n");
+ }
+
+ return ();
+}
+
+sub getMode {
+ my $inf = shift;
+ my $mode = shift;
+ if (defined($inf->{General}->{SuiteSpotGroup})) {
+ $mode = "0" . $mode . $mode . "0";
+ } else {
+ $mode = "0" . $mode . "00";
+ }
+
+ return oct($mode);
+}
+
+# This is used to change the ownership and permissions of files and directories
+# The mode is just a single digit octal number (e.g. 4 6 7)
+# If there is a group, the ownership and permissions will allow group access
+# otherwise, only the owner will be allowed access
+sub changeOwnerMode {
+ my $inf = shift;
+ my $mode = shift;
+ my $it = shift;
+
+ my $uid = getpwnam $inf->{General}->{SuiteSpotUserID};
+ my $gid = -1; # default to leave it alone
+
+ if (defined($inf->{General}->{SuiteSpotGroup})) {
+ $gid = getgrnam $inf->{General}->{SuiteSpotGroup};
+ }
+
+ $mode = getMode($inf, $mode);
+ $! = 0; # clear errno
+ chmod $mode, $it;
+ if ($!) {
+ return ('error_chmoding_file', $it, $!);
+ }
+ $! = 0; # clear errno
+ chown $uid, $gid, $it;
+ if ($!) {
+ return ('error_chowning_file', $it, $inf->{General}->{SuiteSpotUserID}, $!);
+ }
+
+ return ();
+}
+
+sub makeDSDirs {
+ my $inf = shift;
+ my $verbose = ($Util::debuglevel > 0);
+ my $mode = getMode($inf, 7);
+ my @errs;
+
+ # These paths are owned by the SuiteSpotGroup
+ # This allows the admin server to run as a different,
+ # more privileged user than the directory server, but
+ # still allows the admin server to manage directory
+ # server files/dirs without being root
+ for (qw(inst_dir config_dir schema_dir log_dir lock_dir run_dir tmp_dir
+ cert_dir db_dir ldif_dir bak_dir)) {
+ my $dir = $inf->{slapd}->{$_};
+ @errs = makePaths($dir, $mode, $inf->{General}->{SuiteSpotUserID},
+ $inf->{General}->{SuiteSpotGroup});
+ if (@errs) {
+ return @errs;
+ }
+ }
+
+ return @errs;
+}
+
+sub createInstanceScripts {
+ my $inf = shift;
+ my $myperl = "!/usr/bin/env perl";
+ my $mydevnull = (-f "/dev/null" ? " /dev/null " : " NUL ");
+ my %maptable = (
+ "DS-ROOT" => $inf->{General}->{prefix},
+ "SEP" => "/", # works on all platforms
+ "SERVER-NAME" => $inf->{General}->{FullMachineName},
+ "SERVER-PORT" => $inf->{slapd}->{ServerPort},
+ "PERL-EXEC" => $myperl,
+ "DEV-NULL" => $mydevnull,
+ "ROOT-DN" => $inf->{slapd}->{RootDN},
+ "LDIF-DIR" => $inf->{slapd}->{ldif_dir},
+ "SERV-ID" => $inf->{slapd}->{ServerIdentifier},
+ "BAK-DIR" => $inf->{slapd}->{bak_dir},
+ "SERVER-DIR" => $inf->{General}->{ServerRoot},
+ "CONFIG-DIR" => $inf->{slapd}->{config_dir},
+ "RUN-DIR" => $inf->{slapd}->{run_dir},
+ "PRODUCT-NAME" => "slapd",
+ "SERVERBIN-DIR" => $inf->{slapd}->{sbindir},
+ "DB-DIR" => $inf->{slapd}->{db_dir}
+ );
+
+ my $dir = "$inf->{General}->{prefix}@taskdir@";
+ for (glob("$dir/template-*")) {
+ my $basename = $_;
+ $basename =~ s/^.*template-//;
+ my $destfile = "$inf->{slapd}->{inst_dir}/$basename";
+ if (!open(SRC, "< $_")) {
+ return ("error_opening_scripttmpl", $_, $!);
+ }
+ if (!open(DEST, "> $destfile")) {
+ return ("error_opening_scripttmpl", $destfile, $!);
+ }
+ my $contents; # slurp entire file into memory
+ read SRC, $contents, int(-s $_);
+ close(SRC);
+ while (my ($key, $val) = each %maptable) {
+ $contents =~ s/\{\{$key\}\}/$val/g;
+ }
+ print DEST $contents;
+ close(DEST);
+ my @errs = changeOwnerMode($inf, 5, $destfile);
+ if (@errs) {
+ return @errs;
+ }
+ }
+
+ return ();
+}
+
+sub createConfigFile {
+ my $inf = shift;
+ my $conffile = "$inf->{slapd}->{config_dir}/dse.ldif";
+ my $conn = new FileConn;
+ my @errs;
+
+ # first, create the basic config
+ my $mapper = new Inf("$inf->{General}->{prefix}@infdir@/dscreate.map");
+ my $dsinf = new Inf("$inf->{General}->{prefix}@infdir@/slapd.inf");
+ if (!$inf->{slapd}->{ds_bename}) {
+ $inf->{slapd}->{ds_bename} = "userRoot"; # for suffix-db
+ }
+ $mapper = process_maptbl($mapper, \@errs, $inf, $dsinf);
+ if (!$mapper or @errs) {
+ $conn->close();
+ if (!@errs) {
+ @errs = ('error_creating_file', $conffile, $!);
+ }
+ return @errs;
+ }
+
+ my @ldiffiles = ("$inf->{General}->{prefix}@templatedir@/template-dse.ldif",
+ "$inf->{General}->{prefix}@templatedir@/template-suffix-db.ldif");
+ if ("@enable_pam_passthru@") {
+ push @ldiffiles, "$inf->{General}->{prefix}@templatedir@/template-pampta.ldif";
+ }
+ if ("@enable_bitwise@") {
+ push @ldiffiles, "$inf->{General}->{prefix}@templatedir@/template-bitwise.ldif";
+ }
+ if ("@enable_dna@") {
+ push @ldiffiles, "$inf->{General}->{prefix}@templatedir@/template-dnaplugin.ldif";
+ }
+
+ getMappedEntries($mapper, \@ldiffiles, \@errs, \&check_and_add_entry,
+ [$conn]);
+
+ if (@errs) {
+ $conn->close();
+ return @errs;
+ }
+
+ if ("@enable_ldapi@") {
+ my $ent = $conn->search("cn=config", "base", "(objectclass=*)");
+ if (defined($inf->{slapd}->{ldapifilepath})) {
+ $ent->setValues("nsslapd-ldapifilepath", $inf->{slapd}->{ldapifilepath});
+ $ent->setValues("nsslapd-ldapilisten", "on");
+ } else {
+ $ent->setValues("nsslapd-ldapifilepath",
+ "$inf->{slapd}->{run_dir}/slapd-$inf->{slapd}->{ServerIdentifier}.socket");
+ $ent->setValues("nsslapd-ldapilisten", "off");
+ }
+ if ("@enable_autobind@") {
+ $ent->setValues("nsslapd-ldapiautobind", "on");
+ }
+ $ent->setValues("nsslapd-ldapimaprootdn", $inf->{slapd}->{RootDN});
+ $ent->setValues("nsslapd-ldapimaptoentries", "off");
+ $ent->setValues("nsslapd-ldapiuidnumbertype", "uidNumber");
+ $ent->setValues("nsslapd-ldapigidnumbertype", "gidNumber");
+ $ent->setValues("nsslapd-ldapientrysearchbase", "dc=example, dc=com");
+ $ent->setValues("nsslapd-ldapiautodnsuffix", "cn=peercred,cn=external,cn=auth");
+ if (!$conn->update($ent)) {
+ $conn->close();
+ return ("error_enabling_feature", "ldapi", $conn->getErrorString());
+ }
+ }
+
+ if ($inf->{slapd}->{sasl_path}) {
+ my $ent = $conn->search("cn=config", "base", "(objectclass=*)");
+ $ent->setValues("nsslapd-saslpath", $inf->{slapd}->{sasl_path});
+ if (!$conn->update($ent)) {
+ $conn->close();
+ return ("error_enabling_feature", "sasl_path", $conn->getErrorString());
+ }
+ }
+
+ $conn->write($conffile);
+ $conn->close();
+
+ if (@errs = changeOwnerMode($inf, 6, $conffile)) {
+ return @errs;
+ }
+ # make a copy
+ my $origconf = "$inf->{slapd}->{config_dir}/dse_original.ldif";
+ $! = 0; # clear errno
+ copy($conffile, $origconf);
+ if ($!) {
+ return ('error_copying_file', $conffile, $origconf, $!);
+ }
+ if (@errs = changeOwnerMode($inf, 4, $origconf)) {
+ return @errs;
+ }
+
+ return @errs;
+}
+
+sub makeOtherConfigFiles {
+ my $inf = shift;
+ my @errs;
+ # install certmap.conf at <configdir>
+ my $src = "$inf->{General}->{prefix}@configdir@/certmap.conf";
+ my $dest = "$inf->{slapd}->{config_dir}/certmap.conf";
+ $! = 0; # clear errno
+ copy($src, $dest);
+ if ($!) {
+ return ('error_copying_file', $src, $dest, $!);
+ }
+ if (@errs = changeOwnerMode($inf, 4, $dest)) {
+ return @errs;
+ }
+
+ $src = "$inf->{General}->{prefix}@configdir@/slapd-collations.conf";
+ $dest = "$inf->{slapd}->{config_dir}/slapd-collations.conf";
+ $! = 0; # clear errno
+ copy($src, $dest);
+ if ($!) {
+ return ('error_copying_file', $src, $dest, $!);
+ }
+ if (@errs = changeOwnerMode($inf, 4, $dest)) {
+ return @errs;
+ }
+
+ return ();
+}
+
+sub installSchema {
+ my $inf = shift;
+ my @errs;
+ my @schemafiles = ();
+ if (!defined($inf->{slapd}->{install_full_schema}) or
+ $inf->{slapd}->{install_full_schema}) {
+ push @schemafiles, glob("$inf->{General}->{prefix}@schemadir@/*");
+ } else {
+ push @schemafiles, "$inf->{General}->{prefix}@schemadir@/00core.ldif";
+ }
+ for (@schemafiles) {
+ my $src = $_;
+ my $basename = basename($src);
+ my $dest = "$inf->{slapd}->{schema_dir}/$basename";
+ $! = 0; # clear errno
+ copy($src, $dest);
+ if ($!) {
+ return ('error_copying_file', $src, $dest, $!);
+ }
+ my $mode = 4; # default read only
+ if ($basename eq "99user.ldif") {
+ $mode = 6; # read write
+ }
+ if (@errs = changeOwnerMode($inf, $mode, $dest)) {
+ return @errs;
+ }
+ }
+
+ return ();
+}
+
+# maps the suffix attr to the filename to use
+my %suffixTable = (
+ 'o' => "@templatedir@/template-org.ldif",
+ 'dc' => "@templatedir@/template-domain.ldif",
+ 'ou' => "@templatedir@/template-orgunit.ldif",
+ 'st' => "@templatedir@/template-state.ldif",
+ 'l' => "@templatedir@/template-locality.ldif",
+ 'c' => "@templatedir@/template-country.ldif"
+);
+
+sub initDatabase {
+ my $inf = shift;
+ # If the user has specified an LDIF file to use to initialize the database,
+ # load it now
+ my $ldiffile = $inf->{slapd}->{InstallLdifFile};
+ if ($ldiffile && -f $ldiffile) {
+ debug(1, "Loading initial ldif file $ldiffile\n");
+ } elsif (($inf->{slapd}->{Suffix} =~ /^(.*?)=/) && $suffixTable{$1}) {
+ my @errs;
+ my $template = $inf->{General}->{prefix} . $suffixTable{$1};
+ my $mapper = new Inf("$inf->{General}->{prefix}@infdir@/dsorgentries.map");
+ my $dsinf = new Inf("$inf->{General}->{prefix}@infdir@/slapd.inf");
+ my @rdns = ldap_explode_dn($inf->{slapd}->{Suffix}, 1);
+ $inf->{slapd}->{naming_value} = $rdns[0];
+ $mapper = process_maptbl($mapper, \@errs, $inf, $dsinf);
+ if (!$mapper or @errs) {
+ return @errs;
+ }
+
+ my @ldiffiles = ($template, "$inf->{General}->{prefix}@templatedir@/template-baseacis.ldif");
+ if (exists($inf->{slapd}->{InstallLdifFile}) and
+ ($inf->{slapd}->{InstallLdifFile} =~ /suggest/i)) {
+ push @ldiffiles, "$inf->{General}->{prefix}@templatedir@/template.ldif";
+ }
+
+ my ($fh, $templdif) = tempfile("ldifXXXXXX", SUFFIX => ".ldif", OPEN => 0,
+ DIR => File::Spec->tmpdir);
+ my $conn = new FileConn;
+ $conn->setNamingContext($inf->{slapd}->{Suffix});
+ getMappedEntries($mapper, \@ldiffiles, \@errs, \&check_and_add_entry,
+ [$conn]);
+ $conn->write($templdif);
+ $conn->close();
+ if (@errs) {
+ return @errs;
+ }
+ # $templdif now contains the ldif to import
+ $ldiffile = $templdif;
+ }
+ if (!$ldiffile) {
+ return ();
+ }
+
+ my $cmd = "$inf->{slapd}->{inst_dir}/ldif2db -n userRoot -i \'$ldiffile\'";
+ $? = 0; # clear error condition
+ my $output = `$cmd 2>&1`;
+ if ($?) {
+ return ('error_importing_ldif', $ldiffile, $?, $output);
+ }
+
+ debug(1, $output);
+
+ return ();
+}
+
+sub startServer {
+ my $inf = shift;
+ return () if (defined($inf->{slapd}->{start_server}) && !$inf->{slapd}->{start_server});
+
+ my @errs;
+ # get error log
+ my $errLog = "$inf->{slapd}->{log_dir}/errors";
+ my $startcmd = "$inf->{slapd}->{inst_dir}/start-slapd";
+
+ # emulate tail -f
+ # if the last line we see does not contain "slapd started", try again
+ my $done = 0;
+ my $started = 0;
+ my $code = 0;
+ my $lastLine = "";
+ my $cmdPat = 'slapd started\.';
+ my $timeout = $inf->{slapd}->{startup_timeout};
+
+ $timeout = $timeout?$timeout:600; # default is 10 minutes
+ $timeout = time + $timeout;
+
+ debug(1, "Starting the server: $startcmd\n");
+ $? = 0; # clear error condition
+ my $output = `$startcmd 2>&1`;
+ $code = $?;
+ debug(1, "Started the server: code $code\n");
+ if ($code) {
+ debug(0, $output);
+ } else {
+ debug(1, $output);
+ }
+
+ # try to open the server error log
+ my $ii = 0;
+ while (time < $timeout) {
+ if (open(IN, $errLog)) {
+ last;
+ }
+ sleep(1);
+ if (!($ii % 10)) {
+ debug(0, "Attempting to obtain server status . . .\n");
+ }
+ ++$ii;
+ }
+
+ if (! -f $errLog) {
+ debug(0, "Error: Could not read error log $errLog to get server startup status. Error: $!\n");
+ return ('error_starting_server', $startcmd, "no status", $!);
+ }
+ if (time >= $timeout) {
+ debug(0, "Error: timed out waiting for the server to start and write to $errLog");
+ return ('error_starting_server', $startcmd, "timeout", 0);
+ }
+
+ my $pos = tell(IN);
+ while (($done == 0) && (time < $timeout)) {
+ for (; ($done == 0) && ($_ = <IN>); $pos = tell(IN)) {
+ $lastLine = $_;
+ debug(1, $_);
+ if (/$cmdPat/) {
+ $done = 1;
+ $started = 1;
+ } elsif (/Initialization Failed/) {
+ debug(1, "Server failed to start, retrying . . .\n");
+ $code = system($startcmd);
+ } elsif (/exiting\./) {
+ debug(1, "Server failed to start, retrying . . .\n");
+ $code = system($startcmd);
+ }
+ }
+ if ($lastLine =~ /PR_Bind/) {
+ # server port conflicts with another one, just report and punt
+ debug(0, $lastLine);
+ @errs = ('error_port_available', $inf->{slapd}->{ServerPort}, $!);
+ $done = 1;
+ }
+ if ($done == 0) {
+ # rest a bit, then . . .
+ sleep(2);
+ # . . . reset the EOF status of the file desc
+ seek(IN, $pos, 0);
+ }
+ }
+ close(IN);
+
+ if (!$started) {
+ $! = $code;
+ my $now = time;
+ if ($now > $timeout) {
+ debug(0, "Possible timeout starting server: timeout=$timeout now=$now\n");
+ }
+ @errs = ('error_starting_server', $startcmd, $lastLine, $!);
+ } else {
+ debug(1, "Your new directory server has been started.\n");
+ }
+
+ return @errs;
+}
+
+sub set_path_attribute {
+ my $val = shift;
+ my $defaultval = shift;
+ my $prefix = shift;
+
+ if ($val) {
+ return "$prefix" . "$val";
+ } else {
+ return "$prefix" . "$defaultval";
+ }
+}
+
+sub setDefaults {
+ my $inf = shift;
+ # set default values
+
+ # this turns off the warnings
+ if (!defined($inf->{General}->{prefix})) {
+ $inf->{General}->{prefix} = "";
+ }
+
+ if (!$inf->{General}->{FullMachineName}) {
+ $inf->{General}->{FullMachineName} = hostfqdn;
+ }
+
+ if (!$inf->{General}->{SuiteSpotUserID}) {
+ if ($> != 0) { # if not root, use the user's uid
+ $inf->{General}->{SuiteSpotUserID} = getlogin;
+ }
+ # otherwise, the uid must be specified
+ }
+
+ if (!$inf->{slapd}->{RootDN}) {
+ $inf->{slapd}->{RootDN} = "cn=Directory Manager";
+ }
+
+ if (!$inf->{slapd}->{Suffix}) {
+ my $suffix = $inf->{General}->{FullMachineName};
+ # convert fqdn to dc= domain components
+ $suffix =~ s/^[^\.]*\.//; # just the domain part
+ $suffix = "dc=$suffix";
+ $suffix =~ s/\./, dc=/g;
+ $inf->{slapd}->{Suffix} = $suffix;
+ }
+
+ if (!$inf->{slapd}->{ServerIdentifier}) {
+ my $servid = $inf->{General}->{FullMachineName};
+ # strip out the leftmost domain component
+ $servid =~ s/\..*$//;
+ $inf->{slapd}->{ServerIdentifier} = $servid;
+ }
+
+ if ("@with_fhs_opt@") {
+ $inf->{General}->{ServerRoot} = "$inf->{General}->{prefix}/opt/@PACKAGE_NAME@";
+ } else {
+ $inf->{General}->{ServerRoot} = "$inf->{General}->{prefix}@serverdir@";
+ }
+
+ if (!defined($inf->{slapd}->{sasl_path})) {
+ if ($ ne "linux") {
+ $inf->{slapd}->{sasl_path} = "$inf->{General}->{prefix}@libdir@/sasl2";
+ }
+ }
+
+ if (!defined($inf->{slapd}->{ServerPort}) and
+ !defined($inf->{slapd}->{ldapifilepath})) {
+ if ("@enable_ldapi@") {
+ return ('error_missing_port_and_ldapi');
+ } else {
+ return ('error_missing_port');
+ }
+ }
+
+ if (!defined($inf->{slapd}->{ServerPort})) {
+ $inf->{slapd}->{ServerPort} = 0;
+ }
+
+ $inf->{slapd}->{HashedRootDNPwd} = getHashedPassword($inf->{slapd}->{RootDNPwd});
+
+ $inf->{slapd}->{localstatedir} = set_path_attribute($inf->{slapd}->{localstatedir},
+ "@localstatedir@",
+ $inf->{General}->{prefix});
+ my $localstatedir = $inf->{slapd}->{localstatedir};
+ my $servid = $inf->{slapd}->{ServerIdentifier};
+ $inf->{slapd}->{sysconfdir} = set_path_attribute($inf->{slapd}->{sysconfdir},
+ "@sysconfdir@",
+ $inf->{General}->{prefix});
+ my $sysconfdir = $inf->{slapd}->{sysconfdir};
+ $inf->{slapd}->{bindir} = set_path_attribute($inf->{slapd}->{bindir},
+ "@bindir@",
+ $inf->{General}->{prefix});
+ $inf->{slapd}->{sbindir} = set_path_attribute($inf->{slapd}->{sbindir},
+ "@sbindir@",
+ $inf->{General}->{prefix});
+ $inf->{slapd}->{datadir} = set_path_attribute($inf->{slapd}->{datadir},
+ "@datadir@",
+ $inf->{General}->{prefix});
+
+ if (!defined($inf->{slapd}->{inst_dir})) {
+ $inf->{slapd}->{inst_dir} = "$inf->{General}->{ServerRoot}/slapd-$servid";
+ }
+
+ if (!defined($inf->{slapd}->{config_dir})) {
+ $inf->{slapd}->{config_dir} = "$inf->{General}->{prefix}@instconfigdir@/slapd-$servid";
+ }
+ $ENV{DS_CONFIG_DIR} = $inf->{slapd}->{config_dir};
+
+ if (!defined($inf->{slapd}->{schema_dir})) {
+ $inf->{slapd}->{schema_dir} = "$sysconfdir/@PACKAGE_NAME@/slapd-$servid/schema";
+ }
+
+ if (!defined($inf->{slapd}->{lock_dir})) {
+ if ("@with_fhs_opt@") {
+ $inf->{slapd}->{lock_dir} = "$localstatedir/@PACKAGE_NAME@/slapd-$servid/lock";
+ } else {
+ $inf->{slapd}->{lock_dir} = "$localstatedir/lock/@PACKAGE_NAME@/slapd-$servid";
+ }
+ }
+
+ if (!defined($inf->{slapd}->{log_dir})) {
+ if ("@with_fhs_opt@") {
+ $inf->{slapd}->{log_dir} = "$localstatedir/@PACKAGE_NAME@/slapd-$servid/log";
+ } else {
+ $inf->{slapd}->{log_dir} = "$localstatedir/log/@PACKAGE_NAME@/slapd-$servid";
+ }
+ }
+
+ if (!defined($inf->{slapd}->{run_dir})) {
+ if ("@with_fhs_opt@") {
+ $inf->{slapd}->{run_dir} = "$localstatedir/@PACKAGE_NAME@/slapd-$servid/run";
+ } else {
+ $inf->{slapd}->{run_dir} = "$localstatedir/run/@PACKAGE_NAME@";
+ }
+ }
+ $ENV{DS_RUN_DIR} = $inf->{slapd}->{run_dir};
+
+ if (!defined($inf->{slapd}->{db_dir})) {
+ if ("@with_fhs_opt@") {
+ $inf->{slapd}->{db_dir} = "$localstatedir/@PACKAGE_NAME@/slapd-$servid/db";
+ } else {
+ $inf->{slapd}->{db_dir} = "$localstatedir/lib/@PACKAGE_NAME@/slapd-$servid/db";
+ }
+ }
+
+ if (!defined($inf->{slapd}->{bak_dir})) {
+ if ("@with_fhs_opt@") {
+ $inf->{slapd}->{bak_dir} = "$localstatedir/@PACKAGE_NAME@/slapd-$servid/bak";
+ } else {
+ $inf->{slapd}->{bak_dir} = "$localstatedir/lib/@PACKAGE_NAME@/slapd-$servid/bak";
+ }
+ }
+ $ENV{DS_BAK_DIR} = $inf->{slapd}->{bak_dir};
+
+ if (!defined($inf->{slapd}->{ldif_dir})) {
+ if ("@with_fhs_opt@") {
+ $inf->{slapd}->{ldif_dir} = "$localstatedir/@PACKAGE_NAME@/slapd-$servid/ldif";
+ } else {
+ $inf->{slapd}->{ldif_dir} = "$localstatedir/lib/@PACKAGE_NAME@/slapd-$servid/ldif";
+ }
+ }
+
+ if (!defined($inf->{slapd}->{tmp_dir})) {
+ if ("@with_fhs_opt@") {
+ $inf->{slapd}->{tmp_dir} = "$localstatedir/@PACKAGE_NAME@/slapd-$servid/tmp";
+ } else {
+ $inf->{slapd}->{tmp_dir} = "$localstatedir/tmp/@PACKAGE_NAME@/slapd-$servid";
+ }
+ }
+ $ENV{DS_TMP_DIR} = $inf->{slapd}->{tmp_dir};
+
+ if (!defined($inf->{slapd}->{cert_dir})) {
+ $inf->{slapd}->{cert_dir} = $inf->{slapd}->{config_dir};
+ }
+
+ return ();
+}
+
+sub createDSInstance {
+ my $inf = shift;
+ my @errs;
+
+ if (@errs = setDefaults($inf)) {
+ return @errs;
+ }
+
+ if (@errs = sanityCheckParams($inf)) {
+ return @errs;
+ }
+
+ if (@errs = makeDSDirs($inf)) {
+ return @errs;
+ }
+
+ if (@errs = createConfigFile($inf)) {
+ return @errs;
+ }
+
+ if (@errs = makeOtherConfigFiles($inf)) {
+ return @errs;
+ }
+
+ if (@errs = createInstanceScripts($inf)) {
+ return @errs;
+ }
+
+ if (@errs = installSchema($inf)) {
+ return @errs;
+ }
+
+ if (@errs = initDatabase($inf)) {
+ return @errs;
+ }
+
+ if (@errs = startServer($inf)) {
+ return @errs;
+ }
+
+ return @errs;
+}
+
+1;
+
+# emacs settings
+# Local Variables:
+# mode:perl
+# indent-tabs-mode: nil
+# tab-width: 4
+# End:
diff --git a/ldap/admin/src/scripts/DSMigration.pm.in b/ldap/admin/src/scripts/DSMigration.pm.in
index 070c909b..09f0e034 100644
--- a/ldap/admin/src/scripts/DSMigration.pm.in
+++ b/ldap/admin/src/scripts/DSMigration.pm.in
@@ -50,6 +50,7 @@ package DSMigration;
use Migration;
use Util;
use Inf;
+use DSCreate;
# tempfiles
use File::Temp qw(tempfile tempdir);
@@ -91,6 +92,7 @@ my %ignoreOld =
'nsslapd-certdir' => 'nsslapd-certdir',
'nsslapd-ldifdir' => 'nsslapd-ldifdir',
'nsslapd-bakdir' => 'nsslapd-bakdir',
+ 'nsslapd-instancedir' => 'nsslapd-instancedir',
'nsslapd-ldapifilepath' => 'nsslapd-ldapifilepath',
'nsslapd-ldapilisten' => 'nsslapd-ldapilisten',
'nsslapd-ldapiautobind' => 'nsslapd-ldapiautobind',
@@ -187,19 +189,28 @@ sub copyDatabaseDirs {
return ("error_dbsrcdir_not_exist", $srcdir);
} else {
debug(1, "The destination directory $destdir already exists, copying files/dirs individually\n");
+ $! = 0;
+ debug(1, "Removing any existing db files in $destdir\n");
+ unlink glob("$destdir/*");
+ if ($!) {
+ return ("error_removing_temp_db_files", $destdir, $!);
+ }
foreach my $file (glob("$srcdir/*")) {
- debug(3, "Copying $file to $destdir\n");
if (-f $file) {
+ debug(3, "Copying $file to $destdir\n");
if (system ("cp -p $file $destdir")) {
return ('error_copying_dbfile', $file, $destdir, $?);
}
} elsif (-d $file && !$filesonly) {
+ debug(3, "Copying $file to $destdir\n");
if (system ("cp -p -r $file $destdir")) {
return ('error_copying_dbdir', $file, $destdir, $?);
}
}
}
}
+
+ return ();
}
# migrate all of the databases in an instance
@@ -216,11 +227,14 @@ sub migrateDatabases {
my $foundldif;
for (glob("$mig->{oldsroot}/$inst/db/*.ldif")) {
my $dbname = basename($_, '.ldif');
- my @cmd = ("@serverdir@/$inst/ldif2db", "-n", $dbname, "-i", $_);
- debug(1, "migrateDatabases: executing command ", @cmd);
- if (system(@cmd)) {
- return ('error_importing_migrated_db', $_, $?);
+ my $cmd = "@serverdir@/$inst/ldif2db -n \"$dbname\" -i \"$_\"";
+ debug(1, "migrateDatabases: executing command $cmd\n");
+ $? = 0; # clear error condition
+ my $output = `$cmd 2>&1`;
+ if ($?) {
+ return ('error_importing_migrated_db', $_, $?, $output);
}
+ debug(1, $output);
$foundldif = 1;
}
@@ -284,13 +298,13 @@ sub migrateDatabases {
my $srcdir = $dir || "$olddefault/db/$cn";
my $newent = $dest->search($ent->getDN(), "base", "(objectclass=*)");
my $newdbdir = $newent->getValues('nsslapd-directory') ||
- "@localstatedir@/lib/$mig->{pkgname}/$inst/db";
+ "@localstatedir@/lib/$mig->{pkgname}/$inst/db/$cn";
if (-d $srcdir and ($srcdir !~ /^$olddefault/)) {
debug(2, "Not copying database indexes from [$srcdir]\n");
} else {
# replace the old sroot value with the actual physical location on the target/dest
$srcdir =~ s/^$mig->{actualsroot}/$mig->{oldsroot}/;
- if (@errs = copyDatabaseDirs($srcdir, "$newdbdir/$cn")) {
+ if (@errs = copyDatabaseDirs($srcdir, "$newdbdir")) {
return @errs;
}
}
@@ -317,9 +331,14 @@ sub migrateChangelogs {
# replace the old sroot value with the actual physical location on the target/dest
$oldcldir =~ s/^$mig->{actualsroot}/$mig->{oldsroot}/;
my $newcldir = $newent->getValues('nsslapd-changelogdir');
- copyDatabaseDirs($oldcldir, $newcldir);
+ my @errs = copyDatabaseDirs($oldcldir, $newcldir);
+ if (@errs) {
+ return @errs;
+ }
}
}
+
+ return ();
}
sub fixAttrsInEntry {
@@ -358,27 +377,37 @@ sub mergeEntries {
# iterate through the attr lists
my $cn = lc $new->getValues("cn");
foreach my $attr (keys %inoldonly, keys %innewonly, @attrs) {
+ debug(3, "mergeEntries: merging entry ", $old->getDN(), " attr $attr\n");
my $lcattr = lc $attr;
if ($ignoreOld{$lcattr}) {
+ debug(3, "mergeEntries: ignoring old invalid or obsolete attr $attr\n");
next; # use new value or just omit if attr is obsolete
} elsif ($transformAttr{$lcattr}) {
# only transform if the value is in the old entry
if (!$innewonly{$attr}) {
- $new->setValues($attr, &{$transformAttr{$lcattr}}($old, $attr, $mig, $inst));
+ my $oldval = $old->getValues($attr);
+ my $newval = &{$transformAttr{$lcattr}}($old, $attr, $mig, $inst);
+ $new->setValues($attr, $newval);
+ debug(3, "mergeEntries: transformed old value $oldval to $newval\n");
}
} elsif ($cn eq "internationalization plugin" and $lcattr eq "nsslapd-pluginarg0") {
+ debug(3, "mergeEntries: using new value of internationalization plugin nsslapd-pluginarg0\n");
next; # use the new value of this path name
} elsif ($cn eq "referential integrity postoperation" and $lcattr eq "nsslapd-pluginarg1") {
+ debug(3, "mergeEntries: using new value of referential integrity postoperation nsslapd-pluginarg1\n");
next; # use the new value of this path name
} elsif ($innewonly{$attr}) {
+ debug(3, "mergeEntries: removing attr $attr from new entry\n");
$new->remove($attr); # in new but not old - just remove it
} else {
+ my $oldval = $old->getValues($attr);
+ my $newval = $new->getValues($attr);
$new->setValues($attr, $old->getValues($attr)); # use old value
+ debug(3, "mergeEntries: using old val $oldval instead of new val $newval\n");
}
}
}
-
my @allattrlist = ('*', 'aci', 'createTimestamp', 'creatorsName',
'modifyTimestamp', 'modifiersName');
@@ -598,14 +627,14 @@ sub migrateDS {
}
# create the new instance
- my ($rc, $output) = createDSInstance($inf, \@errs);
+ @errs = createDSInstance($inf);
unlink($inf->{filename});
- if ($rc) {
+ if (@errs) {
$mig->msg(@errs);
- $mig->msg($FATAL, 'error_creating_dsinstance', $rc, $output);
+ $mig->msg($FATAL, 'error_creating_dsinstance', $inst);
return 0;
} else {
- $mig->msg('created_dsinstance', $output);
+ $mig->msg('created_dsinstance', $inst);
}
my $src = new FileConn("$oldconfigdir/dse.ldif", 1); # read-only
@@ -627,3 +656,10 @@ sub migrateDS {
# Mandatory TRUE return value.
#
1;
+
+# emacs settings
+# Local Variables:
+# mode:perl
+# indent-tabs-mode: nil
+# tab-width: 4
+# End:
diff --git a/ldap/admin/src/scripts/FileConn.pm b/ldap/admin/src/scripts/FileConn.pm
index ea68d41f..7e62d8b2 100644
--- a/ldap/admin/src/scripts/FileConn.pm
+++ b/ldap/admin/src/scripts/FileConn.pm
@@ -46,6 +46,8 @@ use Mozilla::LDAP::API qw(:constant ldap_explode_dn ldap_err2string); # Direct a
use Mozilla::LDAP::Utils qw(normalizeDN);
use Mozilla::LDAP::LDIF;
+use Carp;
+
require Exporter;
@ISA = qw(Exporter Mozilla::LDAP::Conn);
@EXPORT = qw();
@@ -55,11 +57,16 @@ sub new {
my $class = shift;
my $filename = shift;
my $readonly = shift;
+ my @namingContexts = @_;
my $self = {};
$self = bless $self, $class;
$self->{readonly} = $readonly;
+ for (@namingContexts) {
+ $self->setNamingContext($_);
+ }
+ $self->setNamingContext(""); # root DSE
$self->read($filename);
return $self;
@@ -86,16 +93,31 @@ sub read {
return;
}
- open( MYLDIF, "$filename" ) || die "Can't open $filename: $!";
+ open( MYLDIF, "$filename" ) || confess "Can't open $filename: $!";
my $in = new Mozilla::LDAP::LDIF(*MYLDIF);
+ $self->{reading} = 1;
while ($ent = readOneEntry $in) {
if (!$self->add($ent)) {
- die "Error: could not add entry ", $ent->getDN(), ":", $self->getErrorString();
+ confess "Error: could not add entry ", $ent->getDN(), ":", $self->getErrorString();
}
}
+ delete $self->{reading};
close( MYLDIF );
}
+sub setNamingContext {
+ my $self = shift;
+ my $nc = shift;
+ my $ndn = normalizeDN($nc);
+ $self->{namingContexts}->{$ndn} = $ndn;
+}
+
+sub isNamingContext {
+ my $self = shift;
+ my $ndn = shift;
+ return exists($self->{namingContexts}->{$ndn});
+}
+
# return all nodes below the given node
sub iterate {
my $self = shift;
@@ -152,12 +174,16 @@ sub write {
$filename = $self->{filename};
}
- if (!$self->{filename} or $self->{readonly}) {
+ if (!$self->{filename} or $self->{readonly} or $self->{reading}) {
return;
}
- open( MYLDIF, ">$filename" ) || die "Can't write $filename: $!";
+ open( MYLDIF, ">$filename" ) || confess "Can't write $filename: $!";
$self->iterate("", LDAP_SCOPE_SUBTREE, \&writecb, \*MYLDIF);
+ for (keys %{$self->{namingContexts}}) {
+ next if (!$_); # skip "" - we already did that
+ $self->iterate($_, LDAP_SCOPE_SUBTREE, \&writecb, \*MYLDIF);
+ }
close( MYLDIF );
}
@@ -307,9 +333,30 @@ sub search {
return $self->nextEntry();
}
+sub cloneEntry {
+ my $src = shift;
+ if (!$src) {
+ return undef;
+ }
+ my $dest = new Mozilla::LDAP::Entry();
+ $dest->setDN($src->getDN());
+ for (keys %{$src}) {
+ if (ref($src->{$_})) {
+ my @copyary = @{$src->{$_}};
+ $dest->{$_} = [ @copyary ]; # make a deep copy
+ } else {
+ $dest->{$_} = $src->{$_};
+ }
+ }
+
+ return $dest;
+}
+
+# have to return a copy of the entry - disallow inplace updates
sub nextEntry {
my $self = shift;
- return shift @{$self->{entries}};
+ my $ent = shift @{$self->{entries}};
+ return cloneEntry($ent);
}
sub add {
@@ -320,10 +367,9 @@ sub add {
my $parentdn = getParentDN($dn);
my $nparentdn = normalizeDN($parentdn);
-
$self->setErrorCode(0);
- # special case of root DSE
- if (!$ndn and exists($self->{$ndn}) and
+ # special case of naming context - has no parent
+ if ($self->isNamingContext($ndn) and
!exists($self->{$ndn}->{data})) {
$self->{$ndn}->{data} = $entry;
$self->write();
@@ -357,6 +403,8 @@ sub update {
my $dn = $entry->getDN();
my $ndn = normalizeDN($dn);
+ confess "Attempt to modify read only $self->{filename} entry $dn" if ($self->{readonly});
+
$self->setErrorCode(0);
if (!exists($self->{$ndn})) {
$self->setErrorCode(LDAP_NO_SUCH_OBJECT);
@@ -373,6 +421,8 @@ sub delete {
my $self = shift;
my $dn = shift;
+ confess "Attempt to modify read only $self->{filename} entry $dn" if ($self->{readonly});
+
if (ref($dn)) {
$dn = $dn->getDN(); # an Entry
}
diff --git a/ldap/admin/src/scripts/Migration.pm.in b/ldap/admin/src/scripts/Migration.pm.in
index 21122709..8bd2e344 100644
--- a/ldap/admin/src/scripts/Migration.pm.in
+++ b/ldap/admin/src/scripts/Migration.pm.in
@@ -217,7 +217,7 @@ sub init {
$self->{pkgname} = $pkgname;
$self->{oldsroot} = $oldsroot || "/opt/$oldpkgname";
- $self->{actualsroot} = $actualsroot || $oldsroot;
+ $self->{actualsroot} = $actualsroot || $self->{oldsroot};
$self->{silent} = $silent;
$self->{inffile} = $inffile;
$self->{keep} = $keep;
diff --git a/ldap/admin/src/scripts/Util.pm.in b/ldap/admin/src/scripts/Util.pm.in
index 364e9115..ce20bfb3 100644
--- a/ldap/admin/src/scripts/Util.pm.in
+++ b/ldap/admin/src/scripts/Util.pm.in
@@ -47,18 +47,19 @@ require Exporter;
@ISA = qw(Exporter);
@EXPORT = qw(portAvailable getAvailablePort isValidDN addSuffix getMappedEntries
process_maptbl check_and_add_entry getMappedEntries
- getHashedPassword debug createDSInstance createInfFromConfig
- isValidServerID);
+ getHashedPassword debug createInfFromConfig
+ isValidServerID isValidUser makePaths);
@EXPORT_OK = qw(portAvailable getAvailablePort isValidDN addSuffix getMappedEntries
process_maptbl check_and_add_entry getMappedEntries
- getHashedPassword debug createDSInstance createInfFromConfig
- isValidServerID);
+ getHashedPassword debug createInfFromConfig
+ isValidServerID isValidUser makePaths);
use strict;
use Socket;
use File::Temp qw(tempfile tempdir);
+use File::Basename qw(dirname);
$Util::debuglevel = 0;
# use like this:
@@ -131,7 +132,7 @@ sub isValidUser {
return ("dialog_ssuser_error", $user);
}
if (!$nuid) {
- return ("dialog_ssuser_root_warning");
+ debug(0, "Warning: using root as the server user id. You are strongly encouraged to use a non-root user.\n");
}
}
@@ -367,13 +368,17 @@ sub check_and_add_entry
my $attr;
foreach $attr ( @addtypes )
{
- debug(3, "Adding attr=$attr values=" . $aentry->getValues($attr) . " to entry $aentry->{dn}\n");
- $sentry->addValue( $attr, $aentry->getValues($attr) );
+ foreach my $val ($aentry->getValues($attr))
+ {
+ debug(3, "Adding attr=$attr value=$val to entry $aentry->{dn}\n");
+ $sentry->addValue( $attr, $val );
+ }
}
foreach $attr ( @reptypes )
{
+ my @vals = $aentry->getValues($attr);
debug(3, "Replacing attr=$attr values=" . $aentry->getValues($attr) . " to entry $aentry->{dn}\n");
- $sentry->setValues($attr, $aentry->getValues($attr));
+ $sentry->setValues($attr, @vals);
}
foreach $attr ( @deltypes )
{
@@ -761,23 +766,6 @@ sub getHashedPassword {
return $hashedpwd;
}
-sub createDSInstance {
- my $inf = shift;
- my $errs = shift; # unused for now
-# find ds_newinst.pl - in same directory as this script or in PATH
- my $ds_newinst;
- ($ds_newinst = $0) =~ s|/[^/]+$|/ds_newinst.pl|;
- if (! -x $ds_newinst) {
- $ds_newinst = "@bindir@/ds_newinst.pl";
- }
- if (! -x $ds_newinst) {
- $ds_newinst = "ds_newinst.pl"; # just get from path
- }
- $? = 0; # clear error condition
- my $output = `$ds_newinst $inf->{filename}`;
- return ($?, $output);
-}
-
# this creates an Inf suitable for passing to createDSInstance
# except that it has a bogus suffix
sub createInfFromConfig {
@@ -787,35 +775,93 @@ sub createInfFromConfig {
my $fname = "$configdir/dse.ldif";
my $id;
($id = $inst) =~ s/^slapd-//;
- if (!open( DSELDIF, "$fname" )) {
+ if (! -f $fname) {
+ push @{$errs}, "error_opening_dseldif", $fname, $!;
+ return 0;
+ }
+ my $conn = new FileConn($fname, 1);
+
+ my $ent = $conn->search("cn=config", "base", "(objectclass=*)");
+ if (!$ent) {
push @{$errs}, "error_opening_dseldif", $fname, $!;
return 0;
}
+
my ($outfh, $inffile) = tempfile(SUFFIX => '.inf');
- my $in = new Mozilla::LDAP::LDIF(*DSELDIF) ;
- while (my $ent = readOneEntry $in) {
- my $dn = $ent->getDN();
- if ($dn =~ /cn=config/) {
- print $outfh "[General]\n";
- print $outfh "FullMachineName = ", $ent->getValues('nsslapd-localhost'), "\n";
- print $outfh "SuiteSpotUserID = ", $ent->getValues('nsslapd-localuser'), "\n";
- print $outfh "ServerRoot = @serverdir@\n";
- print $outfh "[slapd]\n";
- print $outfh "RootDN = ", $ent->getValues('nsslapd-rootdn'), "\n";
- print $outfh "RootDNPwd = ", $ent->getValues('nsslapd-rootpw'), "\n";
- print $outfh "ServerPort = ", $ent->getValues('nsslapd-port'), "\n";
- print $outfh "ServerIdentifier = $id\n";
- print $outfh "Suffix = o=deleteAfterMigration\n";
- print $outfh "start_server= 0\n";
- last;
- }
+ print $outfh "[General]\n";
+ print $outfh "FullMachineName = ", $ent->getValues('nsslapd-localhost'), "\n";
+ print $outfh "SuiteSpotUserID = ", $ent->getValues('nsslapd-localuser'), "\n";
+ print $outfh "[slapd]\n";
+ print $outfh "RootDN = ", $ent->getValues('nsslapd-rootdn'), "\n";
+ print $outfh "RootDNPwd = ", $ent->getValues('nsslapd-rootpw'), "\n";
+ print $outfh "ServerPort = ", $ent->getValues('nsslapd-port'), "\n";
+ print $outfh "ServerIdentifier = $id\n";
+ print $outfh "start_server= 0\n";
+
+ my $suffix;
+ my $ent = $conn->search("cn=ldbm database,cn=plugins,cn=config",
+ "one", "(objectclass=*)");
+ if (!$ent) {
+ push @{$errs}, "error_opening_dseldif", $fname, $!;
+ close $outfh;
+ $conn->close();
+ return 0;
}
+ # use the userRoot suffix if available
+ while ($ent) {
+ $suffix = $ent->getValues('nsslapd-suffix');
+ last if ($ent->hasValue('cn', 'userRoot', 1));
+ $ent = $conn->nextEntry();
+ }
+ $conn->close();
+
+ print $outfh "Suffix = $suffix\n";
close $outfh;
- close DSELDIF;
my $inf = new Inf($inffile);
return $inf;
}
+# like File::Path mkpath, except we can set the owner and perm
+# of each new path and parent path created
+sub makePaths {
+ my ($path, $mode, $user, $group) = @_;
+ my $uid = getpwnam $user;
+ my $gid = -1; # default to leave it alone
+
+ if ($group) {
+ $gid = getgrnam $group;
+ }
+ my @dirnames = ($path);
+ my $parent = $path;
+ for ($parent = dirname($parent);
+ $parent and ($parent ne "/");
+ $parent = dirname($parent)) {
+ unshift @dirnames, $parent;
+ }
+ for (@dirnames) {
+ next if (-d $_);
+ $! = 0; # clear
+ mkdir $_, $mode;
+ if ($!) {
+ return ('error_creating_directory', $_, $!);
+ }
+ chown $uid, $gid, $_;
+ if ($!) {
+ return ('error_chowning_directory', $_, $!);
+ }
+ debug(1, "makePaths: created directory $_ mode $mode user $user group $group\n");
+ }
+
+ return ();
+}
+
1;
+
+# emacs settings
+# Local Variables:
+# mode:perl
+# indent-tabs-mode: nil
+# tab-width: 4
+# End:
diff --git a/ldap/admin/src/scripts/dscreate.map.in b/ldap/admin/src/scripts/dscreate.map.in
new file mode 100644
index 00000000..a475416a
--- /dev/null
+++ b/ldap/admin/src/scripts/dscreate.map.in
@@ -0,0 +1,67 @@
+# BEGIN COPYRIGHT BLOCK
+# This Program is free software; you can redistribute it and/or modify it under
+# the terms of the GNU General Public License as published by the Free Software
+# Foundation; version 2 of the License.
+#
+# This Program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with
+# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
+# Place, Suite 330, Boston, MA 02111-1307 USA.
+#
+# In addition, as a special exception, Red Hat, Inc. gives You the additional
+# right to link the code of this Program with code not covered under the GNU
+# General Public License ("Non-GPL Code") and to distribute linked combinations
+# including the two, subject to the limitations in this paragraph. Non-GPL Code
+# permitted under this exception must only link to the code of this Program
+# through those well defined interfaces identified in the file named EXCEPTION
+# found in the source code files (the "Approved Interfaces"). The files of
+# Non-GPL Code may instantiate templates or use macros or inline functions from
+# the Approved Interfaces without causing the resulting work to be covered by
+# the GNU General Public License. Only Red Hat, Inc. may make changes or
+# additions to the list of Approved Interfaces. You must obey the GNU General
+# Public License in all respects for all of the Program code and other code used
+# in conjunction with the Program except the Non-GPL Code covered by this
+# exception. If you modify this file, you may extend this exception to your
+# version of the file, but you are not obligated to do so. If you do not wish to
+# provide this exception without modification, you must delete this exception
+# statement from your version and license this file solely under the GPL without
+# exception.
+#
+#
+# Copyright (C) 2007 Red Hat, Inc.
+# All rights reserved.
+# END COPYRIGHT BLOCK
+#
+# [Parameter resolution rules]
+# * If the right-hand value is in ` (backquote), the value is eval'ed by perl.
+# The output should be stored in $returnvalue to pass to the internal hash.
+# * If the right-hand value is in " (doublequote), the value is passed as is.
+# * If the right-hand value is not in any quote, the value should be found
+# in either of the setup inf file (static) or the install inf file (dynamic).
+# * Variables surrounded by @ (e.g., @configdir@) are replaced with the
+# system path at the compile time.
+# * The right-hand value can contain variables surrounded by % (e.g., %asid%)
+# which refers the right-hand value (key) of this map file.
+#
+fqdn = FullMachineName
+dsid = ServerIdentifier
+ds_user = SuiteSpotUserID
+ds_port = ServerPort
+rootdn = RootDN
+ds_suffix = Suffix
+ds_bename = ds_bename
+ds_passwd = HashedRootDNPwd
+
+schema_dir = schema_dir
+lock_dir = lock_dir
+tmp_dir = tmp_dir
+cert_dir = cert_dir
+ldif_dir = ldif_dir
+bak_dir = bak_dir
+inst_dir = inst_dir
+log_dir = log_dir
+config_dir = config_dir
+db_dir = db_dir
diff --git a/ldap/admin/src/scripts/dsorgentries.map.in b/ldap/admin/src/scripts/dsorgentries.map.in
new file mode 100644
index 00000000..2d59c226
--- /dev/null
+++ b/ldap/admin/src/scripts/dsorgentries.map.in
@@ -0,0 +1,50 @@
+# BEGIN COPYRIGHT BLOCK
+# This Program is free software; you can redistribute it and/or modify it under
+# the terms of the GNU General Public License as published by the Free Software
+# Foundation; version 2 of the License.
+#
+# This Program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with
+# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
+# Place, Suite 330, Boston, MA 02111-1307 USA.
+#
+# In addition, as a special exception, Red Hat, Inc. gives You the additional
+# right to link the code of this Program with code not covered under the GNU
+# General Public License ("Non-GPL Code") and to distribute linked combinations
+# including the two, subject to the limitations in this paragraph. Non-GPL Code
+# permitted under this exception must only link to the code of this Program
+# through those well defined interfaces identified in the file named EXCEPTION
+# found in the source code files (the "Approved Interfaces"). The files of
+# Non-GPL Code may instantiate templates or use macros or inline functions from
+# the Approved Interfaces without causing the resulting work to be covered by
+# the GNU General Public License. Only Red Hat, Inc. may make changes or
+# additions to the list of Approved Interfaces. You must obey the GNU General
+# Public License in all respects for all of the Program code and other code used
+# in conjunction with the Program except the Non-GPL Code covered by this
+# exception. If you modify this file, you may extend this exception to your
+# version of the file, but you are not obligated to do so. If you do not wish to
+# provide this exception without modification, you must delete this exception
+# statement from your version and license this file solely under the GPL without
+# exception.
+#
+#
+# Copyright (C) 2007 Red Hat, Inc.
+# All rights reserved.
+# END COPYRIGHT BLOCK
+#
+# [Parameter resolution rules]
+# * If the right-hand value is in ` (backquote), the value is eval'ed by perl.
+# The output should be stored in $returnvalue to pass to the internal hash.
+# * If the right-hand value is in " (doublequote), the value is passed as is.
+# * If the right-hand value is not in any quote, the value should be found
+# in either of the setup inf file (static) or the install inf file (dynamic).
+# * Variables surrounded by @ (e.g., @configdir@) are replaced with the
+# system path at the compile time.
+# * The right-hand value can contain variables surrounded by % (e.g., %asid%)
+# which refers the right-hand value (key) of this map file.
+#
+ds_suffix = Suffix
+naming_value = naming_value
diff --git a/ldap/admin/src/scripts/migrate-ds.pl.in b/ldap/admin/src/scripts/migrate-ds.pl.in
index e11d810c..7c5ea83d 100644
--- a/ldap/admin/src/scripts/migrate-ds.pl.in
+++ b/ldap/admin/src/scripts/migrate-ds.pl.in
@@ -61,5 +61,17 @@ my $res = new Resource("@propertydir@/migrate-ds.res",
my $mig = new Migration($res);
$mig->msg('begin_ds_migration', $mig->{oldsroot});
-migrateDS($mig);
+if (!migrateDS($mig)) {
+ exit 1;
+}
$mig->msg('end_ds_migration');
+
+END {
+ if ($mig) {
+ if (!$mig->{keep}) {
+ unlink $mig->{inffile};
+ }
+
+ $mig->doExit();
+ }
+}
diff --git a/ldap/admin/src/scripts/migrate-ds.res b/ldap/admin/src/scripts/migrate-ds.res
index f5cfef15..b98e0943 100644
--- a/ldap/admin/src/scripts/migrate-ds.res
+++ b/ldap/admin/src/scripts/migrate-ds.res
@@ -4,10 +4,11 @@ migration_exiting = Exiting . . .\nLog file is '%s'\n\n
instance_already_exists = The target directory server instance already exists at %s. Skipping migration. Note that if you want to migrate the old instance you will have to first remove the new one of the same name.\n\n
error_reading_entry = Could not read the entry '%s'. Error: %s\n
error_updating_merge_entry = Could not %s the migrated entry '%s' in the target directory server. Error: %s\n
-error_importing_migrated_db = Could not import the LDIF file '%s' for the migrated database. Error: %s. Please check the directory server error log for more details.\n
+error_importing_migrated_db = Could not import the LDIF file '%s' for the migrated database. Error: %s. Output: %s\n
error_reading_olddbconfig = Could not read the old database configuration information. Error: %s\n
error_migrating_schema = Could not copy old schema file '%s'. Error: %s\n
error_copying_dbdir = Could not copy database directory '%s' to '%s'. Error: %s\n
error_copying_dbfile = Could not copy database file '%s' to '%s'. Error: %s\n
error_dbsrcdir_not_exist = Could not copy from the database source directory '%s' because it does not exist. Please check your configuration.\n
error_no_instances = Could not find any instances in the old directory '%s' to migrate.\n
+error_removing_temp_db_files = Could not remove the temporary db files in '%s' to clear the directory in preparation for the migrated db files. Error: %s\n
diff --git a/ldap/admin/src/scripts/setup-ds.pl.in b/ldap/admin/src/scripts/setup-ds.pl.in
index b455a579..99969a22 100644
--- a/ldap/admin/src/scripts/setup-ds.pl.in
+++ b/ldap/admin/src/scripts/setup-ds.pl.in
@@ -47,6 +47,7 @@ use Inf;
use Resource;
use DialogManager;
use Util;
+use DSCreate;
my $res = new Resource("@propertydir@/setup-ds.res");
@@ -70,13 +71,14 @@ if (!$setup->{silent}) {
$setup->{inf}->write();
}
-my @errs;
-my ($rc, $output) = createDSInstance($setup->{inf}, \@errs);
-if ($rc) {
+my @errs = createDSInstance($setup->{inf});
+if (@errs) {
$setup->msg(@errs);
- $setup->msg($FATAL, 'error_creating_dsinstance', $rc, $output);
+ $setup->msg($FATAL, 'error_creating_dsinstance',
+ $setup->{inf}->{slapd}->{ServerIdentifier});
} else {
- $setup->msg('created_dsinstance', $output);
+ $setup->msg('created_dsinstance',
+ $setup->{inf}->{slapd}->{ServerIdentifier});
}
END {
diff --git a/ldap/admin/src/scripts/setup-ds.res.in b/ldap/admin/src/scripts/setup-ds.res.in
index 329a7c24..5d2cdd89 100644
--- a/ldap/admin/src/scripts/setup-ds.res.in
+++ b/ldap/admin/src/scripts/setup-ds.res.in
@@ -87,8 +87,8 @@ error_creating_suffix_backend = Could not create the suffix '%s'. There was an
error_creating_suffix = Could not create the suffix '%s'. Error: %s\n\n
setup_exiting = Exiting . . .\nLog file is '%s'\n\n
-error_creating_dsinstance = Error: Could not create directory server instance. Error code %s. Output:\n%s\n
-created_dsinstance = Your new DS instance was successfully created. Output:\n%s\n
+error_creating_dsinstance = Error: Could not create directory server instance '%s'.\n
+created_dsinstance = Your new DS instance '%s' was successfully created.\n
no_mapvalue_for_key = The map value '%s' for key '%s' did not map to a value in any of the given information files.\n
error_opening_ldiftmpl = Could not open the LDIF template file '%s'. Error: %s\n
error_mapping_token_ldiftmpl = The entry '%s' in LDIF file '%s' contains a token '%s' for which there is no mapper.\nPlease check the file and your mapper to make sure all tokens are handled correctly.\n
@@ -96,7 +96,6 @@ error_deleteall_entries = Error deleting entry '%s' and all children. Error: %s
error_adding_entry = Error adding entry '%s'. Error: %s\n
error_updating_entry = Error updating entry '%s'. Error: %s\n
-
error_invalid_param = The parameter '%s' has an invalid value '%s'.\n
error_port_available = The port number '%s' is not available for use. This may be due to an\
invalid port number, or the port already being in use by another\
@@ -104,3 +103,19 @@ program, or low port restriction. Please choose another value for\
ServerPort. Error: $!\n
error_invalid_serverid = The ServerIdentifier '%s' contains invalid characters. It must\
contain only alphanumeric characters and the following: #%,.:@_-\n
+error_opening_scripttmpl = Could not open the script template file '%s'. Error: %s\n
+error_creating_directory = Could not create directory '%s'. Error: %s\n
+error_chowning_directory = Could not change ownership of directory '%s' to userid '%s': Error: %s\n
+error_chowning_file = Could not change ownership of '%s' to userid '%s': Error: %s\n
+error_chmoding_file = Could not change permissions of '%s': Error: %s\n
+error_chgrping_directory = Could not change group of directory '%s' to group '%s': Error: %s\n
+error_creating_file = Could not create file '%s'. Error: %s\n
+error_copying_file = Could not copy file '%s' to '%s'. Error: %s\n
+error_enabling_feature = Could not enable the directory server feature '%s'. Error: %s\n
+error_importing_ldif = Could not import LDIF file '%s'. Error: %s. Output: %s\n
+error_starting_server = Could not start the directory server using command '%s'. The last line from the error log was '%s'. Error: %s\n
+error_missing_port_and_ldapi = Either ServerPort or ldapifilepath must be specified. The server must listen to something.\n
+error_missing_port = No ServerPort specified. The server must have a port number to listen to (default 389).\n
+error_server_already_exists = Error: the server already exists at '%s'\
+Please remove it first if you really want to recreate it,\
+or use a different ServerIdentifier to create another instance.\n
diff --git a/ldap/admin/src/scripts/template-restart-slapd.in b/ldap/admin/src/scripts/template-restart-slapd.in
new file mode 100644
index 00000000..6f5c0c89
--- /dev/null
+++ b/ldap/admin/src/scripts/template-restart-slapd.in
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+# Script that restarts the ns-slapd server.
+# Exit status can be:
+# 0: Server restarted successfully
+# 1: Server could not be started
+# 2: Server started successfully (was not running)
+# 3: Server could not be stopped
+
+server_already_stopped=0
+{{INST-DIR}}/stop-slapd
+status=$?
+if [ $status -eq 1 ] ; then
+ exit 3;
+else
+ if [ $status -eq 2 ] ; then
+ server_already_stopped=1
+ fi
+fi
+{{INST-DIR}}/start-slapd
+status=$?
+if [ $server_already_stopped -eq 1 ] && [ $status -eq 0 ] ; then
+ exit 2;
+fi
+exit $status
diff --git a/ldap/ldif/template-baseacis.ldif.in b/ldap/ldif/template-baseacis.ldif.in
new file mode 100644
index 00000000..7eb8c40c
--- /dev/null
+++ b/ldap/ldif/template-baseacis.ldif.in
@@ -0,0 +1,5 @@
+dn: %ds_suffix%
+changetype: modify
+add: aci
+aci: (targetattr!="userPassword")(version 3.0; acl "Enable anonymous access"; allow (read, search, compare) userdn="ldap:///anyone";)
+aci: (targetattr="carLicense || description || displayName || facsimileTelephoneNumber || homePhone || homePostalAddress || initials || jpegPhoto || labeledURL || mail || mobile || pager || photo || postOfficeBox || postalAddress || postalCode || preferredDeliveryMethod || preferredLanguage || registeredAddress || roomNumber || secretary || seeAlso || st || street || telephoneNumber || telexNumber || title || userCertificate || userPassword || userSMIMECertificate || x500UniqueIdentifier")(version 3.0; acl "Enable self write for common attributes"; allow (write) userdn="ldap:///self";)
diff --git a/ldap/ldif/template-country.ldif.in b/ldap/ldif/template-country.ldif.in
new file mode 100644
index 00000000..cc37997e
--- /dev/null
+++ b/ldap/ldif/template-country.ldif.in
@@ -0,0 +1,4 @@
+dn: %ds_suffix%
+objectclass: top
+objectclass: country
+c: %naming_value%
diff --git a/ldap/ldif/template-domain.ldif.in b/ldap/ldif/template-domain.ldif.in
new file mode 100644
index 00000000..4085c50e
--- /dev/null
+++ b/ldap/ldif/template-domain.ldif.in
@@ -0,0 +1,4 @@
+dn: %ds_suffix%
+objectclass: top
+objectclass: domain
+dc: %naming_value%
diff --git a/ldap/ldif/template-dse.ldif.in b/ldap/ldif/template-dse.ldif.in
index 805bcb8b..5d9aec85 100644
--- a/ldap/ldif/template-dse.ldif.in
+++ b/ldap/ldif/template-dse.ldif.in
@@ -9,7 +9,7 @@ nsslapd-tmpdir: %tmp_dir%
nsslapd-certdir: %cert_dir%
nsslapd-ldifdir: %ldif_dir%
nsslapd-bakdir: %bak_dir%
-nsslapd-saslpath: %sasl_path%
+nsslapd-instancedir: %inst_dir%
nsslapd-accesslog-logging-enabled: on
nsslapd-accesslog-maxlogsperdir: 10
nsslapd-accesslog-mode: 600
@@ -22,7 +22,7 @@ nsslapd-accesslog-logrotationsyncmin: 0
nsslapd-accesslog: %log_dir%/access
nsslapd-enquote-sup-oc: off
nsslapd-localhost: %fqdn%
-nsslapd-schemacheck: 1
+nsslapd-schemacheck: on
nsslapd-rewrite-rfc1274: off
nsslapd-return-exact-case: on
nsslapd-ssl-check-hostname: on
@@ -493,7 +493,7 @@ nsslapd-pluginpath: libcollation-plugin
nsslapd-plugininitfunc: orderingRule_init
nsslapd-plugintype: matchingRule
nsslapd-pluginenabled: on
-nsslapd-pluginarg0: @configdir@/slapd-collations.conf
+nsslapd-pluginarg0: %config_dir%/slapd-collations.conf
dn: cn=HTTP Client,cn=plugins,cn=config
objectclass: top
diff --git a/ldap/ldif/template-locality.ldif.in b/ldap/ldif/template-locality.ldif.in
new file mode 100644
index 00000000..c7185269
--- /dev/null
+++ b/ldap/ldif/template-locality.ldif.in
@@ -0,0 +1,4 @@
+dn: %ds_suffix%
+objectclass: top
+objectclass: locality
+l: %naming_value%
diff --git a/ldap/ldif/template-org.ldif.in b/ldap/ldif/template-org.ldif.in
new file mode 100644
index 00000000..e649c323
--- /dev/null
+++ b/ldap/ldif/template-org.ldif.in
@@ -0,0 +1,4 @@
+dn: %ds_suffix%
+objectclass: top
+objectclass: organization
+o: %naming_value%
diff --git a/ldap/ldif/template-orgunit.ldif.in b/ldap/ldif/template-orgunit.ldif.in
new file mode 100644
index 00000000..97982e57
--- /dev/null
+++ b/ldap/ldif/template-orgunit.ldif.in
@@ -0,0 +1,4 @@
+dn: %ds_suffix%
+objectclass: top
+objectclass: organizationalUnit
+ou: %naming_value%
diff --git a/ldap/ldif/template-state.ldif.in b/ldap/ldif/template-state.ldif.in
new file mode 100644
index 00000000..f4fdfe7e
--- /dev/null
+++ b/ldap/ldif/template-state.ldif.in
@@ -0,0 +1,4 @@
+dn: %ds_suffix%
+objectclass: top
+objectclass: locality
+st: %naming_value%
diff --git a/ldap/ldif/template.ldif b/ldap/ldif/template.ldif
index a0ab7914..6c083449 100644
--- a/ldap/ldif/template.ldif
+++ b/ldap/ldif/template.ldif
@@ -37,26 +37,24 @@
# All rights reserved.
# END COPYRIGHT BLOCK
#
-dn: %%%SUFFIX%%%
-objectclass: top
-aci: (targetattr ="*")(version 3.0;
- acl "Configuration Administrators Group";allow (all) (groupdn = "ldap:///
- cn=Configuration Administrators, ou=Groups, ou=TopologyManagement, o=NetscapeRoot");)
+dn: %ds_suffix%
+changetype: modify
+add: aci
aci: (targetattr ="*")(version 3.0;
acl "Directory Administrators Group";allow (all) (groupdn = "ldap:///
- cn=Directory Administrators, %%%SUFFIX%%%");)
+ cn=Directory Administrators, %ds_suffix%");)
-dn: cn=Directory Administrators, %%%SUFFIX%%%
+dn: cn=Directory Administrators, %ds_suffix%
objectClass: top
objectClass: groupofuniquenames
cn: Directory Administrators
-dn: ou=Groups, %%%SUFFIX%%%
+dn: ou=Groups, %ds_suffix%
objectclass: top
objectclass: organizationalunit
ou: Groups
-dn: ou=People, %%%SUFFIX%%%
+dn: ou=People, %ds_suffix%
objectclass: top
objectclass: organizationalunit
ou: People
@@ -66,48 +64,48 @@ aci: (targetattr ="userpassword || te
aci: (targetattr !="cn || sn || uid")(t
argetfilter ="(ou=Accounting)")(version 3.0;acl "Accounting Managers G
roup Permissions";allow (write)(groupdn = "ldap:///cn=Accounting Managers,ou
- =groups,%%%SUFFIX%%%");)
+ =groups,%ds_suffix%");)
aci: (targetattr !="cn || sn || uid")(t
argetfilter ="(ou=Human Resources)")(version 3.0;acl "HR Group Permiss
- ions";allow (write)(groupdn = "ldap:///cn=HR Managers,ou=groups,%%%SUFFIX%%%
+ ions";allow (write)(groupdn = "ldap:///cn=HR Managers,ou=groups,%ds_suffix%
");)
aci: (targetattr !="cn ||sn || uid")(t
argetfilter ="(ou=Product Testing)")(version 3.0;acl "QA Group Permiss
- ions";allow (write)(groupdn = "ldap:///cn=QA Managers,ou=groups,%%%SUFFIX%%%
+ ions";allow (write)(groupdn = "ldap:///cn=QA Managers,ou=groups,%ds_suffix%
");)
aci: (targetattr !="cn || sn || uid")(t
argetfilter ="(ou=Product Development)")(version 3.0;acl "Engineering
Group Permissions";allow (write)(groupdn = "ldap:///cn=PD Managers,ou=groups
- ,%%%SUFFIX%%%");)
+ ,%ds_suffix%");)
-dn: ou=Special Users,%%%SUFFIX%%%
+dn: ou=Special Users,%ds_suffix%
objectclass: top
objectclass: organizationalUnit
ou: Special Users
description: Special Administrative Accounts
-dn: cn=Accounting Managers,ou=groups,%%%SUFFIX%%%
+dn: cn=Accounting Managers,ou=groups,%ds_suffix%
objectclass: top
objectclass: groupOfUniqueNames
cn: Accounting Managers
ou: groups
description: People who can manage accounting entries
-dn: cn=HR Managers,ou=groups,%%%SUFFIX%%%
+dn: cn=HR Managers,ou=groups,%ds_suffix%
objectclass: top
objectclass: groupOfUniqueNames
cn: HR Managers
ou: groups
description: People who can manage HR entries
-dn: cn=QA Managers,ou=groups,%%%SUFFIX%%%
+dn: cn=QA Managers,ou=groups,%ds_suffix%
objectclass: top
objectclass: groupOfUniqueNames
cn: QA Managers
ou: groups
description: People who can manage QA entries
-dn: cn=PD Managers,ou=groups,%%%SUFFIX%%%
+dn: cn=PD Managers,ou=groups,%ds_suffix%
objectclass: top
objectclass: groupOfUniqueNames
cn: PD Managers
diff --git a/m4/fhs.m4 b/m4/fhs.m4
index e550cc5a..479a76d6 100644
--- a/m4/fhs.m4
+++ b/m4/fhs.m4
@@ -39,6 +39,7 @@ AC_ARG_WITH(fhs-opt, [ --with-fhs-opt Use FHS optional layout],
[
with_fhs_opt=yes
AC_MSG_RESULT(yes)
+ AC_SUBST(with_fhs_opt)
],
AC_MSG_RESULT(no))
generated by cgit (git 2.34.1) at 2024-06-08 22:46:50 +0000