summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--Makefile.am42
-rw-r--r--Makefile.in44
-rwxr-xr-xconfigure24
-rw-r--r--configure.ac2
-rw-r--r--ldap/admin/src/scripts/DSCreate.pm.in799
-rw-r--r--ldap/admin/src/scripts/DSMigration.pm.in64
-rw-r--r--ldap/admin/src/scripts/FileConn.pm66
-rw-r--r--ldap/admin/src/scripts/Migration.pm.in2
-rw-r--r--ldap/admin/src/scripts/Util.pm.in134
-rw-r--r--ldap/admin/src/scripts/dscreate.map.in67
-rw-r--r--ldap/admin/src/scripts/dsorgentries.map.in50
-rw-r--r--ldap/admin/src/scripts/migrate-ds.pl.in14
-rw-r--r--ldap/admin/src/scripts/migrate-ds.res3
-rw-r--r--ldap/admin/src/scripts/setup-ds.pl.in12
-rw-r--r--ldap/admin/src/scripts/setup-ds.res.in21
-rw-r--r--ldap/admin/src/scripts/template-restart-slapd.in25
-rw-r--r--ldap/ldif/template-baseacis.ldif.in5
-rw-r--r--ldap/ldif/template-country.ldif.in4
-rw-r--r--ldap/ldif/template-domain.ldif.in4
-rw-r--r--ldap/ldif/template-dse.ldif.in6
-rw-r--r--ldap/ldif/template-locality.ldif.in4
-rw-r--r--ldap/ldif/template-org.ldif.in4
-rw-r--r--ldap/ldif/template-orgunit.ldif.in4
-rw-r--r--ldap/ldif/template-state.ldif.in4
-rw-r--r--ldap/ldif/template.ldif34
-rw-r--r--m4/fhs.m41
26 files changed, 1321 insertions, 118 deletions
diff --git a/Makefile.am b/Makefile.am
index 236041a3..8740967a 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -98,13 +98,16 @@ server_LTLIBRARIES = libslapd.la libds_admin.la libns-dshttpd.la
# this is how to add optional plugins
if enable_pam_passthru
LIBPAM_PASSTHRU_PLUGIN = libpam-passthru-plugin.la
+enable_pam_passthru = 1
endif
if enable_dna
LIBDNA_PLUGIN = libdna-plugin.la
+enable_dna = 1
endif
if enable_bitwise
LIBBITWISE_PLUGIN = libbitwise-plugin.la
+enable_bitwise = 1
endif
serverplugin_LTLIBRARIES = libacl-plugin.la libattr-unique-plugin.la \
@@ -145,6 +148,14 @@ sampledata_DATA = $(srcdir)/ldap/ldif/Ace.ldif \
ldap/ldif/template-pampta.ldif \
ldap/ldif/template-dnaplugin.ldif \
ldap/ldif/template-bitwise.ldif \
+ ldap/ldif/template-dse.ldif \
+ ldap/ldif/template-org.ldif \
+ ldap/ldif/template-domain.ldif \
+ ldap/ldif/template-state.ldif \
+ ldap/ldif/template-locality.ldif \
+ ldap/ldif/template-country.ldif \
+ ldap/ldif/template-orgunit.ldif \
+ ldap/ldif/template-baseacis.ldif \
$(srcdir)/ldap/servers/slapd/tools/rsearch/scripts/dbgen-FamilyNames \
$(srcdir)/ldap/servers/slapd/tools/rsearch/scripts/dbgen-GivenNames \
$(srcdir)/ldap/servers/slapd/tools/rsearch/scripts/dbgen-OrgUnits
@@ -201,7 +212,8 @@ perl_SCRIPTS = ldap/admin/src/scripts/SetupLog.pm \
ldap/admin/src/scripts/Setup.pm \
ldap/admin/src/scripts/Migration.pm \
ldap/admin/src/scripts/DSMigration.pm \
- ldap/admin/src/scripts/FileConn.pm
+ ldap/admin/src/scripts/FileConn.pm \
+ ldap/admin/src/scripts/DSCreate.pm
property_DATA = ldap/admin/src/scripts/setup-ds.res \
ldap/admin/src/scripts/migrate-ds.res
@@ -217,6 +229,7 @@ task_SCRIPTS = ldap/admin/src/scripts/template-bak2db \
ldap/admin/src/scripts/template-saveconfig \
ldap/admin/src/scripts/template-start-slapd \
ldap/admin/src/scripts/template-stop-slapd \
+ ldap/admin/src/scripts/template-restart-slapd \
ldap/admin/src/scripts/template-suffix2instance \
ldap/admin/src/scripts/template-vlvindex \
ldap/admin/src/scripts/template-bak2db.pl \
@@ -236,7 +249,9 @@ task_SCRIPTS = ldap/admin/src/scripts/template-bak2db \
init_SCRIPTS = wrappers/$(PACKAGE_NAME)
-inf_DATA = ldap/admin/src/slapd.inf
+inf_DATA = ldap/admin/src/slapd.inf \
+ ldap/admin/src/scripts/dscreate.map \
+ ldap/admin/src/scripts/dsorgentries.map
#////////////////////////////////////////////////////////////////
#
@@ -938,6 +953,7 @@ mmldif_bin_LDADD = libslapd.la $(NSPR_LINK) $(NSS_LINK) $(SVRCORE_LINK) $(LDAPSD
#------------------------
if enable_ldapi
GETSOCKETPEER=ldap/servers/slapd/getsocketpeer.c
+ enable_ldapi = 1
endif
ns_slapd_SOURCES = ldap/servers/slapd/abandon.c \
@@ -1034,20 +1050,29 @@ fixupcmd = sed \
-e 's,@configdir\@,$(configdir),g' \
-e 's,@sysconfdir\@,$(sysconfdir),g' \
-e 's,@localstatedir\@,$(localstatedir),g' \
+ -e 's,@infdir\@,$(infdir),g' \
+ -e 's,@templatedir\@,$(sampledatadir),g' \
-e 's,@package_name\@,$(PACKAGE_NAME),g' \
-e 's,@instconfigdir\@,$(instconfigdir),g' \
+ -e 's,@enable_ldapi\@,$(enable_ldapi),g' \
+ -e 's,@enable_pam_passthru\@,$(enable_pam_passthru),g' \
+ -e 's,@enable_bitwise\@,$(enable_bitwise),g' \
+ -e 's,@enable_dna\@,$(enable_dna),g' \
+ -e 's,@enable_autobind\@,$(enable_autobind),g' \
-e 's,@ECHO_N\@,$(ECHO_N),g' \
-e 's,@ECHO_C\@,$(ECHO_C),g' \
-e 's,@brand\@,$(brand),g' \
-e 's,@capbrand\@,$(capbrand),g' \
-e 's,@vendor\@,$(vendor),g' \
+ -e 's,@PACKAGE_NAME\@,$(PACKAGE_NAME),g' \
-e 's,@PACKAGE_VERSION\@,$(PACKAGE_VERSION),g' \
-e 's,@PACKAGE_BASE_VERSION\@,$(PACKAGE_BASE_VERSION),g' \
-e 's,@BUILDNUM\@,$(BUILDNUM),g' \
-e 's,@NQBUILD_NUM\@,$(NQBUILDNUM),g' \
-e 's,@perldir\@,$(perldir),g' \
-e 's,@defaultuser\@,$(defaultuser),g' \
- -e 's,@defaultgroup\@,$(defaultgroup),g'
+ -e 's,@defaultgroup\@,$(defaultgroup),g' \
+ -e 's,@with_fhs_opt\@,@with_fhs_opt@,g'
else
fixupcmd = sed \
-e 's,@bindir\@,$(bindir),g' \
@@ -1070,20 +1095,29 @@ fixupcmd = sed \
-e 's,@configdir\@,$(configdir),g' \
-e 's,@sysconfdir\@,$(sysconfdir),g' \
-e 's,@localstatedir\@,$(localstatedir),g' \
+ -e 's,@infdir\@,$(infdir),g' \
+ -e 's,@templatedir\@,$(sampledatadir),g' \
-e 's,@package_name\@,$(PACKAGE_NAME),g' \
-e 's,@instconfigdir\@,$(instconfigdir),g' \
+ -e 's,@enable_ldapi\@,$(enable_ldapi),g' \
+ -e 's,@enable_pam_passthru\@,$(enable_pam_passthru),g' \
+ -e 's,@enable_bitwise\@,$(enable_bitwise),g' \
+ -e 's,@enable_dna\@,$(enable_dna),g' \
+ -e 's,@enable_autobind\@,$(enable_autobind),g' \
-e 's,@ECHO_N\@,$(ECHO_N),g' \
-e 's,@ECHO_C\@,$(ECHO_C),g' \
-e 's,@brand\@,$(brand),g' \
-e 's,@capbrand\@,$(capbrand),g' \
-e 's,@vendor\@,$(vendor),g' \
+ -e 's,@PACKAGE_NAME\@,$(PACKAGE_NAME),g' \
-e 's,@PACKAGE_VERSION\@,$(PACKAGE_VERSION),g' \
-e 's,@PACKAGE_BASE_VERSION\@,$(PACKAGE_BASE_VERSION),g' \
-e 's,@BUILDNUM\@,$(BUILDNUM),g' \
-e 's,@NQBUILD_NUM\@,$(NQBUILDNUM),g' \
-e 's,@perldir\@,$(perldir),g' \
-e 's,@defaultuser\@,$(defaultuser),g' \
- -e 's,@defaultgroup\@,$(defaultgroup),g'
+ -e 's,@defaultgroup\@,$(defaultgroup),g' \
+ -e 's,@with_fhs_opt\@,@with_fhs_opt@,g'
endif
%: %.in
diff --git a/Makefile.in b/Makefile.in
index abb30db3..7cd50bc8 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -986,6 +986,7 @@ svrcore_lib = @svrcore_lib@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
vendor = @vendor@
+with_fhs_opt = @with_fhs_opt@
# look for included m4 files in the ./m4/ directory
ACLOCAL_AMFLAGS = -I m4
@@ -1045,8 +1046,11 @@ server_LTLIBRARIES = libslapd.la libds_admin.la libns-dshttpd.la
# this is how to add optional plugins
@enable_pam_passthru_TRUE@LIBPAM_PASSTHRU_PLUGIN = libpam-passthru-plugin.la
+@enable_pam_passthru_TRUE@enable_pam_passthru = 1
@enable_dna_TRUE@LIBDNA_PLUGIN = libdna-plugin.la
+@enable_dna_TRUE@enable_dna = 1
@enable_bitwise_TRUE@LIBBITWISE_PLUGIN = libbitwise-plugin.la
+@enable_bitwise_TRUE@enable_bitwise = 1
serverplugin_LTLIBRARIES = libacl-plugin.la libattr-unique-plugin.la \
libback-ldbm.la libchainingdb-plugin.la libcos-plugin.la libdes-plugin.la \
libdistrib-plugin.la libhttp-client-plugin.la libcollation-plugin.la \
@@ -1082,6 +1086,14 @@ sampledata_DATA = $(srcdir)/ldap/ldif/Ace.ldif \
ldap/ldif/template-pampta.ldif \
ldap/ldif/template-dnaplugin.ldif \
ldap/ldif/template-bitwise.ldif \
+ ldap/ldif/template-dse.ldif \
+ ldap/ldif/template-org.ldif \
+ ldap/ldif/template-domain.ldif \
+ ldap/ldif/template-state.ldif \
+ ldap/ldif/template-locality.ldif \
+ ldap/ldif/template-country.ldif \
+ ldap/ldif/template-orgunit.ldif \
+ ldap/ldif/template-baseacis.ldif \
$(srcdir)/ldap/servers/slapd/tools/rsearch/scripts/dbgen-FamilyNames \
$(srcdir)/ldap/servers/slapd/tools/rsearch/scripts/dbgen-GivenNames \
$(srcdir)/ldap/servers/slapd/tools/rsearch/scripts/dbgen-OrgUnits
@@ -1138,7 +1150,8 @@ perl_SCRIPTS = ldap/admin/src/scripts/SetupLog.pm \
ldap/admin/src/scripts/Setup.pm \
ldap/admin/src/scripts/Migration.pm \
ldap/admin/src/scripts/DSMigration.pm \
- ldap/admin/src/scripts/FileConn.pm
+ ldap/admin/src/scripts/FileConn.pm \
+ ldap/admin/src/scripts/DSCreate.pm
property_DATA = ldap/admin/src/scripts/setup-ds.res \
ldap/admin/src/scripts/migrate-ds.res
@@ -1154,6 +1167,7 @@ task_SCRIPTS = ldap/admin/src/scripts/template-bak2db \
ldap/admin/src/scripts/template-saveconfig \
ldap/admin/src/scripts/template-start-slapd \
ldap/admin/src/scripts/template-stop-slapd \
+ ldap/admin/src/scripts/template-restart-slapd \
ldap/admin/src/scripts/template-suffix2instance \
ldap/admin/src/scripts/template-vlvindex \
ldap/admin/src/scripts/template-bak2db.pl \
@@ -1172,7 +1186,10 @@ task_SCRIPTS = ldap/admin/src/scripts/template-bak2db \
$(srcdir)/ldap/admin/src/scripts/template-migrateTo7
init_SCRIPTS = wrappers/$(PACKAGE_NAME)
-inf_DATA = ldap/admin/src/slapd.inf
+inf_DATA = ldap/admin/src/slapd.inf \
+ ldap/admin/src/scripts/dscreate.map \
+ ldap/admin/src/scripts/dsorgentries.map
+
#////////////////////////////////////////////////////////////////
#
@@ -1847,6 +1864,7 @@ mmldif_bin_LDADD = libslapd.la $(NSPR_LINK) $(NSS_LINK) $(SVRCORE_LINK) $(LDAPSD
# ns-slapd
#------------------------
@enable_ldapi_TRUE@GETSOCKETPEER = ldap/servers/slapd/getsocketpeer.c
+@enable_ldapi_TRUE@enable_ldapi = 1
ns_slapd_SOURCES = ldap/servers/slapd/abandon.c \
ldap/servers/slapd/auth.c \
ldap/servers/slapd/bind.c \
@@ -1931,20 +1949,29 @@ rsearch_bin_LDADD = $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK) $(LIBS
@BUNDLE_FALSE@ -e 's,@configdir\@,$(configdir),g' \
@BUNDLE_FALSE@ -e 's,@sysconfdir\@,$(sysconfdir),g' \
@BUNDLE_FALSE@ -e 's,@localstatedir\@,$(localstatedir),g' \
+@BUNDLE_FALSE@ -e 's,@infdir\@,$(infdir),g' \
+@BUNDLE_FALSE@ -e 's,@templatedir\@,$(sampledatadir),g' \
@BUNDLE_FALSE@ -e 's,@package_name\@,$(PACKAGE_NAME),g' \
@BUNDLE_FALSE@ -e 's,@instconfigdir\@,$(instconfigdir),g' \
+@BUNDLE_FALSE@ -e 's,@enable_ldapi\@,$(enable_ldapi),g' \
+@BUNDLE_FALSE@ -e 's,@enable_pam_passthru\@,$(enable_pam_passthru),g' \
+@BUNDLE_FALSE@ -e 's,@enable_bitwise\@,$(enable_bitwise),g' \
+@BUNDLE_FALSE@ -e 's,@enable_dna\@,$(enable_dna),g' \
+@BUNDLE_FALSE@ -e 's,@enable_autobind\@,$(enable_autobind),g' \
@BUNDLE_FALSE@ -e 's,@ECHO_N\@,$(ECHO_N),g' \
@BUNDLE_FALSE@ -e 's,@ECHO_C\@,$(ECHO_C),g' \
@BUNDLE_FALSE@ -e 's,@brand\@,$(brand),g' \
@BUNDLE_FALSE@ -e 's,@capbrand\@,$(capbrand),g' \
@BUNDLE_FALSE@ -e 's,@vendor\@,$(vendor),g' \
+@BUNDLE_FALSE@ -e 's,@PACKAGE_NAME\@,$(PACKAGE_NAME),g' \
@BUNDLE_FALSE@ -e 's,@PACKAGE_VERSION\@,$(PACKAGE_VERSION),g' \
@BUNDLE_FALSE@ -e 's,@PACKAGE_BASE_VERSION\@,$(PACKAGE_BASE_VERSION),g' \
@BUNDLE_FALSE@ -e 's,@BUILDNUM\@,$(BUILDNUM),g' \
@BUNDLE_FALSE@ -e 's,@NQBUILD_NUM\@,$(NQBUILDNUM),g' \
@BUNDLE_FALSE@ -e 's,@perldir\@,$(perldir),g' \
@BUNDLE_FALSE@ -e 's,@defaultuser\@,$(defaultuser),g' \
-@BUNDLE_FALSE@ -e 's,@defaultgroup\@,$(defaultgroup),g'
+@BUNDLE_FALSE@ -e 's,@defaultgroup\@,$(defaultgroup),g' \
+@BUNDLE_FALSE@ -e 's,@with_fhs_opt\@,@with_fhs_opt@,g'
# these are for the config files and scripts that we need to generate and replace
@@ -1974,20 +2001,29 @@ rsearch_bin_LDADD = $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK) $(LIBS
@BUNDLE_TRUE@ -e 's,@configdir\@,$(configdir),g' \
@BUNDLE_TRUE@ -e 's,@sysconfdir\@,$(sysconfdir),g' \
@BUNDLE_TRUE@ -e 's,@localstatedir\@,$(localstatedir),g' \
+@BUNDLE_TRUE@ -e 's,@infdir\@,$(infdir),g' \
+@BUNDLE_TRUE@ -e 's,@templatedir\@,$(sampledatadir),g' \
@BUNDLE_TRUE@ -e 's,@package_name\@,$(PACKAGE_NAME),g' \
@BUNDLE_TRUE@ -e 's,@instconfigdir\@,$(instconfigdir),g' \
+@BUNDLE_TRUE@ -e 's,@enable_ldapi\@,$(enable_ldapi),g' \
+@BUNDLE_TRUE@ -e 's,@enable_pam_passthru\@,$(enable_pam_passthru),g' \
+@BUNDLE_TRUE@ -e 's,@enable_bitwise\@,$(enable_bitwise),g' \
+@BUNDLE_TRUE@ -e 's,@enable_dna\@,$(enable_dna),g' \
+@BUNDLE_TRUE@ -e 's,@enable_autobind\@,$(enable_autobind),g' \
@BUNDLE_TRUE@ -e 's,@ECHO_N\@,$(ECHO_N),g' \
@BUNDLE_TRUE@ -e 's,@ECHO_C\@,$(ECHO_C),g' \
@BUNDLE_TRUE@ -e 's,@brand\@,$(brand),g' \
@BUNDLE_TRUE@ -e 's,@capbrand\@,$(capbrand),g' \
@BUNDLE_TRUE@ -e 's,@vendor\@,$(vendor),g' \
+@BUNDLE_TRUE@ -e 's,@PACKAGE_NAME\@,$(PACKAGE_NAME),g' \
@BUNDLE_TRUE@ -e 's,@PACKAGE_VERSION\@,$(PACKAGE_VERSION),g' \
@BUNDLE_TRUE@ -e 's,@PACKAGE_BASE_VERSION\@,$(PACKAGE_BASE_VERSION),g' \
@BUNDLE_TRUE@ -e 's,@BUILDNUM\@,$(BUILDNUM),g' \
@BUNDLE_TRUE@ -e 's,@NQBUILD_NUM\@,$(NQBUILDNUM),g' \
@BUNDLE_TRUE@ -e 's,@perldir\@,$(perldir),g' \
@BUNDLE_TRUE@ -e 's,@defaultuser\@,$(defaultuser),g' \
-@BUNDLE_TRUE@ -e 's,@defaultgroup\@,$(defaultgroup),g'
+@BUNDLE_TRUE@ -e 's,@defaultgroup\@,$(defaultgroup),g' \
+@BUNDLE_TRUE@ -e 's,@with_fhs_opt\@,@with_fhs_opt@,g'
all: $(BUILT_SOURCES) config.h
$(MAKE) $(AM_MAKEFLAGS) all-am
diff --git a/configure b/configure
index 21acdfe5..c7f94a06 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.59 for fedora-ds 1.1.0a3.
+# Generated by GNU Autoconf 2.59 for fedora-ds 1.1.0a4.
#
# Report bugs to <http://bugzilla.redhat.com/>.
#
@@ -423,8 +423,8 @@ SHELL=${CONFIG_SHELL-/bin/sh}
# Identity of this package.
PACKAGE_NAME='fedora-ds'
PACKAGE_TARNAME='fedora-ds'
-PACKAGE_VERSION='1.1.0a3'
-PACKAGE_STRING='fedora-ds 1.1.0a3'
+PACKAGE_VERSION='1.1.0a4'
+PACKAGE_STRING='fedora-ds 1.1.0a4'
PACKAGE_BUGREPORT='http://bugzilla.redhat.com/'
# Factoring default headers for most tests.
@@ -465,7 +465,7 @@ ac_includes_default="\
#endif"
ac_default_prefix=/opt/$PACKAGE_NAME
-ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT build build_cpu build_vendor build_os host host_cpu host_vendor host_os CXX CXXFLAGS LDFLAGS CPPFLAGS ac_ct_CXX EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CXXDEPMODE am__fastdepCXX_TRUE am__fastdepCXX_FALSE CC CFLAGS ac_ct_CC CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE SED EGREP LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB CPP CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL LIBOBJS debug_defs BUNDLE_TRUE BUNDLE_FALSE enable_pam_passthru_TRUE enable_pam_passthru_FALSE enable_dna_TRUE enable_dna_FALSE enable_ldapi_TRUE enable_ldapi_FALSE enable_bitwise_TRUE enable_bitwise_FALSE configdir sampledatadir propertydir schemadir serverdir serverplugindir scripttemplatedir perldir infdir defaultuser defaultgroup instconfigdir WINNT_TRUE WINNT_FALSE LIBSOCKET LIBNSL LIBDL LIBCSTD LIBCRUN initdir HPUX_TRUE HPUX_FALSE SOLARIS_TRUE SOLARIS_FALSE PKG_CONFIG ICU_CONFIG NETSNMP_CONFIG PACKAGE_BASE_VERSION nspr_inc nspr_lib nspr_libdir nss_inc nss_lib nss_libdir ldapsdk_inc ldapsdk_lib ldapsdk_libdir ldapsdk_bindir db_inc db_incdir db_lib db_libdir db_bindir db_libver sasl_inc sasl_lib sasl_libdir svrcore_inc svrcore_lib icu_lib icu_inc icu_bin netsnmp_inc netsnmp_lib netsnmp_libdir netsnmp_link brand capbrand vendor LTLIBOBJS'
+ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT build build_cpu build_vendor build_os host host_cpu host_vendor host_os CXX CXXFLAGS LDFLAGS CPPFLAGS ac_ct_CXX EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CXXDEPMODE am__fastdepCXX_TRUE am__fastdepCXX_FALSE CC CFLAGS ac_ct_CC CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE SED EGREP LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB CPP CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL LIBOBJS debug_defs BUNDLE_TRUE BUNDLE_FALSE enable_pam_passthru_TRUE enable_pam_passthru_FALSE enable_dna_TRUE enable_dna_FALSE enable_ldapi_TRUE enable_ldapi_FALSE enable_bitwise_TRUE enable_bitwise_FALSE with_fhs_opt configdir sampledatadir propertydir schemadir serverdir serverplugindir scripttemplatedir perldir infdir defaultuser defaultgroup instconfigdir WINNT_TRUE WINNT_FALSE LIBSOCKET LIBNSL LIBDL LIBCSTD LIBCRUN initdir HPUX_TRUE HPUX_FALSE SOLARIS_TRUE SOLARIS_FALSE PKG_CONFIG ICU_CONFIG NETSNMP_CONFIG PACKAGE_BASE_VERSION nspr_inc nspr_lib nspr_libdir nss_inc nss_lib nss_libdir ldapsdk_inc ldapsdk_lib ldapsdk_libdir ldapsdk_bindir db_inc db_incdir db_lib db_libdir db_bindir db_libver sasl_inc sasl_lib sasl_libdir svrcore_inc svrcore_lib icu_lib icu_inc icu_bin netsnmp_inc netsnmp_lib netsnmp_libdir netsnmp_link brand capbrand vendor LTLIBOBJS'
ac_subst_files=''
# Initialize some variables set by options.
@@ -954,7 +954,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures fedora-ds 1.1.0a3 to adapt to many kinds of systems.
+\`configure' configures fedora-ds 1.1.0a4 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1020,7 +1020,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of fedora-ds 1.1.0a3:";;
+ short | recursive ) echo "Configuration of fedora-ds 1.1.0a4:";;
esac
cat <<\_ACEOF
@@ -1201,7 +1201,7 @@ fi
test -n "$ac_init_help" && exit 0
if $ac_init_version; then
cat <<\_ACEOF
-fedora-ds configure 1.1.0a3
+fedora-ds configure 1.1.0a4
generated by GNU Autoconf 2.59
Copyright (C) 2003 Free Software Foundation, Inc.
@@ -1215,7 +1215,7 @@ cat >&5 <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by fedora-ds $as_me 1.1.0a3, which was
+It was created by fedora-ds $as_me 1.1.0a4, which was
generated by GNU Autoconf 2.59. Invocation command line was
$ $0 $@
@@ -1861,7 +1861,7 @@ fi
# Define the identity of the package.
PACKAGE='fedora-ds'
- VERSION='1.1.0a3'
+ VERSION='1.1.0a4'
cat >>confdefs.h <<_ACEOF
@@ -23119,6 +23119,7 @@ if test "${with_fhs_opt+set}" = set; then
echo "$as_me:$LINENO: result: yes" >&5
echo "${ECHO_T}yes" >&6
+
else
echo "$as_me:$LINENO: result: no" >&5
echo "${ECHO_T}no" >&6
@@ -25680,7 +25681,7 @@ _ASBOX
} >&5
cat >&5 <<_CSEOF
-This file was extended by fedora-ds $as_me 1.1.0a3, which was
+This file was extended by fedora-ds $as_me 1.1.0a4, which was
generated by GNU Autoconf 2.59. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -25743,7 +25744,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-fedora-ds config.status 1.1.0a3
+fedora-ds config.status 1.1.0a4
configured by $0, generated by GNU Autoconf 2.59,
with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\"
@@ -26022,6 +26023,7 @@ s,@enable_ldapi_TRUE@,$enable_ldapi_TRUE,;t t
s,@enable_ldapi_FALSE@,$enable_ldapi_FALSE,;t t
s,@enable_bitwise_TRUE@,$enable_bitwise_TRUE,;t t
s,@enable_bitwise_FALSE@,$enable_bitwise_FALSE,;t t
+s,@with_fhs_opt@,$with_fhs_opt,;t t
s,@configdir@,$configdir,;t t
s,@sampledatadir@,$sampledatadir,;t t
s,@propertydir@,$propertydir,;t t
diff --git a/configure.ac b/configure.ac
index 54eb5473..b93155a5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.59)
# This version is the version returned by ns-slapd -v
-AC_INIT([fedora-ds], [1.1.0a3], [http://bugzilla.redhat.com/])
+AC_INIT([fedora-ds], [1.1.0a4], [http://bugzilla.redhat.com/])
# AC_CONFIG_HEADER must be called right after AC_INIT.
AC_CONFIG_HEADERS([config.h])
AM_INIT_AUTOMAKE([1.9 foreign subdir-objects])
diff --git a/ldap/admin/src/scripts/DSCreate.pm.in b/ldap/admin/src/scripts/DSCreate.pm.in
new file mode 100644
index 00000000..62cbf8ea
--- /dev/null
+++ b/ldap/admin/src/scripts/DSCreate.pm.in
@@ -0,0 +1,799 @@
+# BEGIN COPYRIGHT BLOCK
+# This Program is free software; you can redistribute it and/or modify it under
+# the terms of the GNU General Public License as published by the Free Software
+# Foundation; version 2 of the License.
+#
+# This Program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with
+# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
+# Place, Suite 330, Boston, MA 02111-1307 USA.
+#
+# In addition, as a special exception, Red Hat, Inc. gives You the additional
+# right to link the code of this Program with code not covered under the GNU
+# General Public License ("Non-GPL Code") and to distribute linked combinations
+# including the two, subject to the limitations in this paragraph. Non-GPL Code
+# permitted under this exception must only link to the code of this Program
+# through those well defined interfaces identified in the file named EXCEPTION
+# found in the source code files (the "Approved Interfaces"). The files of
+# Non-GPL Code may instantiate templates or use macros or inline functions from
+# the Approved Interfaces without causing the resulting work to be covered by
+# the GNU General Public License. Only Red Hat, Inc. may make changes or
+# additions to the list of Approved Interfaces. You must obey the GNU General
+# Public License in all respects for all of the Program code and other code used
+# in conjunction with the Program except the Non-GPL Code covered by this
+# exception. If you modify this file, you may extend this exception to your
+# version of the file, but you are not obligated to do so. If you do not wish to
+# provide this exception without modification, you must delete this exception
+# statement from your version and license this file solely under the GPL without
+# exception.
+#
+#
+# Copyright (C) 2007 Red Hat, Inc.
+# All rights reserved.
+# END COPYRIGHT BLOCK
+#
+
+###########################
+#
+# This perl module provides a way to create a new instance of
+# directory server.
+#
+##########################
+
+package DSCreate;
+use Util;
+use Inf;
+use FileConn;
+
+use Net::Domain qw(hostfqdn);
+# tempfiles
+use File::Temp qw(tempfile tempdir);
+use File::Path;
+use File::Copy;
+use File::Basename qw(basename);
+
+# load perldap
+use Mozilla::LDAP::Conn;
+use Mozilla::LDAP::Utils qw(normalizeDN);
+use Mozilla::LDAP::API qw(ldap_explode_dn);
+use Mozilla::LDAP::LDIF;
+
+use Exporter;
+@ISA = qw(Exporter);
+@EXPORT = qw(createDSInstance);
+@EXPORT_OK = qw(createDSInstance);
+
+use strict;
+
+use SetupLog;
+
+sub checkPort {
+ my $inf = shift;
+
+ # allow port 0 if ldapi is used
+ if ("@enable_ldapi@") {
+ if ($inf->{slapd}->{ldapifilepath} &&
+ ($inf->{slapd}->{ServerPort} == 0)) {
+ return ();
+ }
+ }
+
+ if (!portAvailable($inf->{slapd}->{ServerPort})) {
+ return ('error_port_available', $inf->{slapd}->{ServerPort}, $!);
+ }
+
+ return ();
+}
+
+# checks the parameters in $inf to make sure the supplied values
+# are valid
+# returns null if successful, or an error string for use with getText()
+sub sanityCheckParams {
+ my $inf = shift;
+ my @errs = ();
+
+ # if we don't need to start the server right away, we can skip the
+ # port number checks
+ if (!defined($inf->{slapd}->{start_server}) or
+ ($inf->{slapd}->{start_server} == 1)) {
+
+ if (@errs = checkPort($inf)) {
+ return @errs;
+ }
+ }
+
+ if (!isValidServerID($inf->{slapd}->{ServerIdentifier})) {
+ return ('error_invalid_serverid', $inf->{slapd}->{ServerIdentifier});
+ } elsif (-d $inf->{slapd}->{config_dir}) {
+ return ('error_server_already_exists', $inf->{slapd}->{config_dir});
+ }
+
+ if (@errs = isValidUser($inf->{General}->{SuiteSpotUserID})) {
+ return @errs;
+ }
+
+ if (!isValidDN($inf->{slapd}->{Suffix})) {
+ return ('dialog_dssuffix_error', $inf->{slapd}->{Suffix});
+ }
+
+ if (!isValidDN($inf->{slapd}->{RootDN})) {
+ return ('dialog_dsrootdn_error', $inf->{slapd}->{RootDN});
+ }
+
+ if ($inf->{slapd}->{RootDNPwd} =~ /\{\w+\}.+/) {
+ debug(1, "The root password is already hashed - no checking will be performed\n");
+ } elsif (length($inf->{slapd}->{RootDNPwd}) < 8) {
+ debug(0, "WARNING: The root password is less than 8 characters long. You should choose a longer one.\n");
+ }
+
+ return ();
+}
+
+sub getMode {
+ my $inf = shift;
+ my $mode = shift;
+ if (defined($inf->{General}->{SuiteSpotGroup})) {
+ $mode = "0" . $mode . $mode . "0";
+ } else {
+ $mode = "0" . $mode . "00";
+ }
+
+ return oct($mode);
+}
+
+# This is used to change the ownership and permissions of files and directories
+# The mode is just a single digit octal number (e.g. 4 6 7)
+# If there is a group, the ownership and permissions will allow group access
+# otherwise, only the owner will be allowed access
+sub changeOwnerMode {
+ my $inf = shift;
+ my $mode = shift;
+ my $it = shift;
+
+ my $uid = getpwnam $inf->{General}->{SuiteSpotUserID};
+ my $gid = -1; # default to leave it alone
+
+ if (defined($inf->{General}->{SuiteSpotGroup})) {
+ $gid = getgrnam $inf->{General}->{SuiteSpotGroup};
+ }
+
+ $mode = getMode($inf, $mode);
+ $! = 0; # clear errno
+ chmod $mode, $it;
+ if ($!) {
+ return ('error_chmoding_file', $it, $!);
+ }
+ $! = 0; # clear errno
+ chown $uid, $gid, $it;
+ if ($!) {
+ return ('error_chowning_file', $it, $inf->{General}->{SuiteSpotUserID}, $!);
+ }
+
+ return ();
+}
+
+sub makeDSDirs {
+ my $inf = shift;
+ my $verbose = ($Util::debuglevel > 0);
+ my $mode = getMode($inf, 7);
+ my @errs;
+
+ # These paths are owned by the SuiteSpotGroup
+ # This allows the admin server to run as a different,
+ # more privileged user than the directory server, but
+ # still allows the admin server to manage directory
+ # server files/dirs without being root
+ for (qw(inst_dir config_dir schema_dir log_dir lock_dir run_dir tmp_dir
+ cert_dir db_dir ldif_dir bak_dir)) {
+ my $dir = $inf->{slapd}->{$_};
+ @errs = makePaths($dir, $mode, $inf->{General}->{SuiteSpotUserID},
+ $inf->{General}->{SuiteSpotGroup});
+ if (@errs) {
+ return @errs;
+ }
+ }
+
+ return @errs;
+}
+
+sub createInstanceScripts {
+ my $inf = shift;
+ my $myperl = "!/usr/bin/env perl";
+ my $mydevnull = (-f "/dev/null" ? " /dev/null " : " NUL ");
+ my %maptable = (
+ "DS-ROOT" => $inf->{General}->{prefix},
+ "SEP" => "/", # works on all platforms
+ "SERVER-NAME" => $inf->{General}->{FullMachineName},
+ "SERVER-PORT" => $inf->{slapd}->{ServerPort},
+ "PERL-EXEC" => $myperl,
+ "DEV-NULL" => $mydevnull,
+ "ROOT-DN" => $inf->{slapd}->{RootDN},
+ "LDIF-DIR" => $inf->{slapd}->{ldif_dir},
+ "SERV-ID" => $inf->{slapd}->{ServerIdentifier},
+ "BAK-DIR" => $inf->{slapd}->{bak_dir},
+ "SERVER-DIR" => $inf->{General}->{ServerRoot},
+ "CONFIG-DIR" => $inf->{slapd}->{config_dir},
+ "RUN-DIR" => $inf->{slapd}->{run_dir},
+ "PRODUCT-NAME" => "slapd",
+ "SERVERBIN-DIR" => $inf->{slapd}->{sbindir},
+ "DB-DIR" => $inf->{slapd}->{db_dir}
+ );
+
+ my $dir = "$inf->{General}->{prefix}@taskdir@";
+ for (glob("$dir/template-*")) {
+ my $basename = $_;
+ $basename =~ s/^.*template-//;
+ my $destfile = "$inf->{slapd}->{inst_dir}/$basename";
+ if (!open(SRC, "< $_")) {
+ return ("error_opening_scripttmpl", $_, $!);
+ }
+ if (!open(DEST, "> $destfile")) {
+ return ("error_opening_scripttmpl", $destfile, $!);
+ }
+ my $contents; # slurp entire file into memory
+ read SRC, $contents, int(-s $_);
+ close(SRC);
+ while (my ($key, $val) = each %maptable) {
+ $contents =~ s/\{\{$key\}\}/$val/g;
+ }
+ print DEST $contents;
+ close(DEST);
+ my @errs = changeOwnerMode($inf, 5, $destfile);
+ if (@errs) {
+ return @errs;
+ }
+ }
+
+ return ();
+}
+
+sub createConfigFile {
+ my $inf = shift;
+ my $conffile = "$inf->{slapd}->{config_dir}/dse.ldif";
+ my $conn = new FileConn;
+ my @errs;
+
+ # first, create the basic config
+ my $mapper = new Inf("$inf->{General}->{prefix}@infdir@/dscreate.map");
+ my $dsinf = new Inf("$inf->{General}->{prefix}@infdir@/slapd.inf");
+ if (!$inf->{slapd}->{ds_bename}) {
+ $inf->{slapd}->{ds_bename} = "userRoot"; # for suffix-db
+ }
+ $mapper = process_maptbl($mapper, \@errs, $inf, $dsinf);
+ if (!$mapper or @errs) {
+ $conn->close();
+ if (!@errs) {
+ @errs = ('error_creating_file', $conffile, $!);
+ }
+ return @errs;
+ }
+
+ my @ldiffiles = ("$inf->{General}->{prefix}@templatedir@/template-dse.ldif",
+ "$inf->{General}->{prefix}@templatedir@/template-suffix-db.ldif");
+ if ("@enable_pam_passthru@") {
+ push @ldiffiles, "$inf->{General}->{prefix}@templatedir@/template-pampta.ldif";
+ }
+ if ("@enable_bitwise@") {
+ push @ldiffiles, "$inf->{General}->{prefix}@templatedir@/template-bitwise.ldif";
+ }
+ if ("@enable_dna@") {
+ push @ldiffiles, "$inf->{General}->{prefix}@templatedir@/template-dnaplugin.ldif";
+ }
+
+ getMappedEntries($mapper, \@ldiffiles, \@errs, \&check_and_add_entry,
+ [$conn]);
+
+ if (@errs) {
+ $conn->close();
+ return @errs;
+ }
+
+ if ("@enable_ldapi@") {
+ my $ent = $conn->search("cn=config", "base", "(objectclass=*)");
+ if (defined($inf->{slapd}->{ldapifilepath})) {
+ $ent->setValues("nsslapd-ldapifilepath", $inf->{slapd}->{ldapifilepath});
+ $ent->setValues("nsslapd-ldapilisten", "on");
+ } else {
+ $ent->setValues("nsslapd-ldapifilepath",
+ "$inf->{slapd}->{run_dir}/slapd-$inf->{slapd}->{ServerIdentifier}.socket");
+ $ent->setValues("nsslapd-ldapilisten", "off");
+ }
+ if ("@enable_autobind@") {
+ $ent->setValues("nsslapd-ldapiautobind", "on");
+ }
+ $ent->setValues("nsslapd-ldapimaprootdn", $inf->{slapd}->{RootDN});
+ $ent->setValues("nsslapd-ldapimaptoentries", "off");
+ $ent->setValues("nsslapd-ldapiuidnumbertype", "uidNumber");
+ $ent->setValues("nsslapd-ldapigidnumbertype", "gidNumber");
+ $ent->setValues("nsslapd-ldapientrysearchbase", "dc=example, dc=com");
+ $ent->setValues("nsslapd-ldapiautodnsuffix", "cn=peercred,cn=external,cn=auth");
+ if (!$conn->update($ent)) {
+ $conn->close();
+ return ("error_enabling_feature", "ldapi", $conn->getErrorString());
+ }
+ }
+
+ if ($inf->{slapd}->{sasl_path}) {
+ my $ent = $conn->search("cn=config", "base", "(objectclass=*)");
+ $ent->setValues("nsslapd-saslpath", $inf->{slapd}->{sasl_path});
+ if (!$conn->update($ent)) {
+ $conn->close();
+ return ("error_enabling_feature", "sasl_path", $conn->getErrorString());
+ }
+ }
+
+ $conn->write($conffile);
+ $conn->close();
+
+ if (@errs = changeOwnerMode($inf, 6, $conffile)) {
+ return @errs;
+ }
+ # make a copy
+ my $origconf = "$inf->{slapd}->{config_dir}/dse_original.ldif";
+ $! = 0; # clear errno
+ copy($conffile, $origconf);
+ if ($!) {
+ return ('error_copying_file', $conffile, $origconf, $!);
+ }
+ if (@errs = changeOwnerMode($inf, 4, $origconf)) {
+ return @errs;
+ }
+
+ return @errs;
+}
+
+sub makeOtherConfigFiles {
+ my $inf = shift;
+ my @errs;
+ # install certmap.conf at <configdir>
+ my $src = "$inf->{General}->{prefix}@configdir@/certmap.conf";
+ my $dest = "$inf->{slapd}->{config_dir}/certmap.conf";
+ $! = 0; # clear errno
+ copy($src, $dest);
+ if ($!) {
+ return ('error_copying_file', $src, $dest, $!);
+ }
+ if (@errs = changeOwnerMode($inf, 4, $dest)) {
+ return @errs;
+ }
+
+ $src = "$inf->{General}->{prefix}@configdir@/slapd-collations.conf";
+ $dest = "$inf->{slapd}->{config_dir}/slapd-collations.conf";
+ $! = 0; # clear errno
+ copy($src, $dest);
+ if ($!) {
+ return ('error_copying_file', $src, $dest, $!);
+ }
+ if (@errs = changeOwnerMode($inf, 4, $dest)) {
+ return @errs;
+ }
+
+ return ();
+}
+
+sub installSchema {
+ my $inf = shift;
+ my @errs;
+ my @schemafiles = ();
+ if (!defined($inf->{slapd}->{install_full_schema}) or
+ $inf->{slapd}->{install_full_schema}) {
+ push @schemafiles, glob("$inf->{General}->{prefix}@schemadir@/*");
+ } else {
+ push @schemafiles, "$inf->{General}->{prefix}@schemadir@/00core.ldif";
+ }
+ for (@schemafiles) {
+ my $src = $_;
+ my $basename = basename($src);
+ my $dest = "$inf->{slapd}->{schema_dir}/$basename";
+ $! = 0; # clear errno
+ copy($src, $dest);
+ if ($!) {
+ return ('error_copying_file', $src, $dest, $!);
+ }
+ my $mode = 4; # default read only
+ if ($basename eq "99user.ldif") {
+ $mode = 6; # read write
+ }
+ if (@errs = changeOwnerMode($inf, $mode, $dest)) {
+ return @errs;
+ }
+ }
+
+ return ();
+}
+
+# maps the suffix attr to the filename to use
+my %suffixTable = (
+ 'o' => "@templatedir@/template-org.ldif",
+ 'dc' => "@templatedir@/template-domain.ldif",
+ 'ou' => "@templatedir@/template-orgunit.ldif",
+ 'st' => "@templatedir@/template-state.ldif",
+ 'l' => "@templatedir@/template-locality.ldif",
+ 'c' => "@templatedir@/template-country.ldif"
+);
+
+sub initDatabase {
+ my $inf = shift;
+ # If the user has specified an LDIF file to use to initialize the database,
+ # load it now
+ my $ldiffile = $inf->{slapd}->{InstallLdifFile};
+ if ($ldiffile && -f $ldiffile) {
+ debug(1, "Loading initial ldif file $ldiffile\n");
+ } elsif (($inf->{slapd}->{Suffix} =~ /^(.*?)=/) && $suffixTable{$1}) {
+ my @errs;
+ my $template = $inf->{General}->{prefix} . $suffixTable{$1};
+ my $mapper = new Inf("$inf->{General}->{prefix}@infdir@/dsorgentries.map");
+ my $dsinf = new Inf("$inf->{General}->{prefix}@infdir@/slapd.inf");
+ my @rdns = ldap_explode_dn($inf->{slapd}->{Suffix}, 1);
+ $inf->{slapd}->{naming_value} = $rdns[0];
+ $mapper = process_maptbl($mapper, \@errs, $inf, $dsinf);
+ if (!$mapper or @errs) {
+ return @errs;
+ }
+
+ my @ldiffiles = ($template, "$inf->{General}->{prefix}@templatedir@/template-baseacis.ldif");
+ if (exists($inf->{slapd}->{InstallLdifFile}) and
+ ($inf->{slapd}->{InstallLdifFile} =~ /suggest/i)) {
+ push @ldiffiles, "$inf->{General}->{prefix}@templatedir@/template.ldif";
+ }
+
+ my ($fh, $templdif) = tempfile("ldifXXXXXX", SUFFIX => ".ldif", OPEN => 0,
+ DIR => File::Spec->tmpdir);
+ my $conn = new FileConn;
+ $conn->setNamingContext($inf->{slapd}->{Suffix});
+ getMappedEntries($mapper, \@ldiffiles, \@errs, \&check_and_add_entry,
+ [$conn]);
+ $conn->write($templdif);
+ $conn->close();
+ if (@errs) {
+ return @errs;
+ }
+ # $templdif now contains the ldif to import
+ $ldiffile = $templdif;
+ }
+ if (!$ldiffile) {
+ return ();
+ }
+
+ my $cmd = "$inf->{slapd}->{inst_dir}/ldif2db -n userRoot -i \'$ldiffile\'";
+ $? = 0; # clear error condition
+ my $output = `$cmd 2>&1`;
+ if ($?) {
+ return ('error_importing_ldif', $ldiffile, $?, $output);
+ }
+
+ debug(1, $output);
+
+ return ();
+}
+
+sub startServer {
+ my $inf = shift;
+ return () if (defined($inf->{slapd}->{start_server}) && !$inf->{slapd}->{start_server});
+
+ my @errs;
+ # get error log
+ my $errLog = "$inf->{slapd}->{log_dir}/errors";
+ my $startcmd = "$inf->{slapd}->{inst_dir}/start-slapd";
+
+ # emulate tail -f
+ # if the last line we see does not contain "slapd started", try again
+ my $done = 0;
+ my $started = 0;
+ my $code = 0;
+ my $lastLine = "";
+ my $cmdPat = 'slapd started\.';
+ my $timeout = $inf->{slapd}->{startup_timeout};
+
+ $timeout = $timeout?$timeout:600; # default is 10 minutes
+ $timeout = time + $timeout;
+
+ debug(1, "Starting the server: $startcmd\n");
+ $? = 0; # clear error condition
+ my $output = `$startcmd 2>&1`;
+ $code = $?;
+ debug(1, "Started the server: code $code\n");
+ if ($code) {
+ debug(0, $output);
+ } else {
+ debug(1, $output);
+ }
+
+ # try to open the server error log
+ my $ii = 0;
+ while (time < $timeout) {
+ if (open(IN, $errLog)) {
+ last;
+ }
+ sleep(1);
+ if (!($ii % 10)) {
+ debug(0, "Attempting to obtain server status . . .\n");
+ }
+ ++$ii;
+ }
+
+ if (! -f $errLog) {
+ debug(0, "Error: Could not read error log $errLog to get server startup status. Error: $!\n");
+ return ('error_starting_server', $startcmd, "no status", $!);
+ }
+ if (time >= $timeout) {
+ debug(0, "Error: timed out waiting for the server to start and write to $errLog");
+ return ('error_starting_server', $startcmd, "timeout", 0);
+ }
+
+ my $pos = tell(IN);
+ while (($done == 0) && (time < $timeout)) {
+ for (; ($done == 0) && ($_ = <IN>); $pos = tell(IN)) {
+ $lastLine = $_;
+ debug(1, $_);
+ if (/$cmdPat/) {
+ $done = 1;
+ $started = 1;
+ } elsif (/Initialization Failed/) {
+ debug(1, "Server failed to start, retrying . . .\n");
+ $code = system($startcmd);
+ } elsif (/exiting\./) {
+ debug(1, "Server failed to start, retrying . . .\n");
+ $code = system($startcmd);
+ }
+ }
+ if ($lastLine =~ /PR_Bind/) {
+ # server port conflicts with another one, just report and punt
+ debug(0, $lastLine);
+ @errs = ('error_port_available', $inf->{slapd}->{ServerPort}, $!);
+ $done = 1;
+ }
+ if ($done == 0) {
+ # rest a bit, then . . .
+ sleep(2);
+ # . . . reset the EOF status of the file desc
+ seek(IN, $pos, 0);
+ }
+ }
+ close(IN);
+
+ if (!$started) {
+ $! = $code;
+ my $now = time;
+ if ($now > $timeout) {
+ debug(0, "Possible timeout starting server: timeout=$timeout now=$now\n");
+ }
+ @errs = ('error_starting_server', $startcmd, $lastLine, $!);
+ } else {
+ debug(1, "Your new directory server has been started.\n");
+ }
+
+ return @errs;
+}
+
+sub set_path_attribute {
+ my $val = shift;
+ my $defaultval = shift;
+ my $prefix = shift;
+
+ if ($val) {
+ return "$prefix" . "$val";
+ } else {
+ return "$prefix" . "$defaultval";
+ }
+}
+
+sub setDefaults {
+ my $inf = shift;
+ # set default values
+
+ # this turns off the warnings
+ if (!defined($inf->{General}->{prefix})) {
+ $inf->{General}->{prefix} = "";
+ }
+
+ if (!$inf->{General}->{FullMachineName}) {
+ $inf->{General}->{FullMachineName} = hostfqdn;
+ }
+
+ if (!$inf->{General}->{SuiteSpotUserID}) {
+ if ($> != 0) { # if not root, use the user's uid
+ $inf->{General}->{SuiteSpotUserID} = getlogin;
+ }
+ # otherwise, the uid must be specified
+ }
+
+ if (!$inf->{slapd}->{RootDN}) {
+ $inf->{slapd}->{RootDN} = "cn=Directory Manager";
+ }
+
+ if (!$inf->{slapd}->{Suffix}) {
+ my $suffix = $inf->{General}->{FullMachineName};
+ # convert fqdn to dc= domain components
+ $suffix =~ s/^[^\.]*\.//; # just the domain part
+ $suffix = "dc=$suffix";
+ $suffix =~ s/\./, dc=/g;
+ $inf->{slapd}->{Suffix} = $suffix;
+ }
+
+ if (!$inf->{slapd}->{ServerIdentifier}) {
+ my $servid = $inf->{General}->{FullMachineName};
+ # strip out the leftmost domain component
+ $servid =~ s/\..*$//;
+ $inf->{slapd}->{ServerIdentifier} = $servid;
+ }
+
+ if ("@with_fhs_opt@") {
+ $inf->{General}->{ServerRoot} = "$inf->{General}->{prefix}/opt/@PACKAGE_NAME@";
+ } else {
+ $inf->{General}->{ServerRoot} = "$inf->{General}->{prefix}@serverdir@";
+ }
+
+ if (!defined($inf->{slapd}->{sasl_path})) {
+ if ($ ne "linux") {
+ $inf->{slapd}->{sasl_path} = "$inf->{General}->{prefix}@libdir@/sasl2";
+ }
+ }
+
+ if (!defined($inf->{slapd}->{ServerPort}) and
+ !defined($inf->{slapd}->{ldapifilepath})) {
+ if ("@enable_ldapi@") {
+ return ('error_missing_port_and_ldapi');
+ } else {
+ return ('error_missing_port');
+ }
+ }
+
+ if (!defined($inf->{slapd}->{ServerPort})) {
+ $inf->{slapd}->{ServerPort} = 0;
+ }
+
+ $inf->{slapd}->{HashedRootDNPwd} = getHashedPassword($inf->{slapd}->{RootDNPwd});
+
+ $inf->{slapd}->{localstatedir} = set_path_attribute($inf->{slapd}->{localstatedir},
+ "@localstatedir@",
+ $inf->{General}->{prefix});
+ my $localstatedir = $inf->{slapd}->{localstatedir};
+ my $servid = $inf->{slapd}->{ServerIdentifier};
+ $inf->{slapd}->{sysconfdir} = set_path_attribute($inf->{slapd}->{sysconfdir},
+ "@sysconfdir@",
+ $inf->{General}->{prefix});
+ my $sysconfdir = $inf->{slapd}->{sysconfdir};
+ $inf->{slapd}->{bindir} = set_path_attribute($inf->{slapd}->{bindir},
+ "@bindir@",
+ $inf->{General}->{prefix});
+ $inf->{slapd}->{sbindir} = set_path_attribute($inf->{slapd}->{sbindir},
+ "@sbindir@",
+ $inf->{General}->{prefix});
+ $inf->{slapd}->{datadir} = set_path_attribute($inf->{slapd}->{datadir},
+ "@datadir@",
+ $inf->{General}->{prefix});
+
+ if (!defined($inf->{slapd}->{inst_dir})) {
+ $inf->{slapd}->{inst_dir} = "$inf->{General}->{ServerRoot}/slapd-$servid";
+ }
+
+ if (!defined($inf->{slapd}->{config_dir})) {
+ $inf->{slapd}->{config_dir} = "$inf->{General}->{prefix}@instconfigdir@/slapd-$servid";
+ }
+ $ENV{DS_CONFIG_DIR} = $inf->{slapd}->{config_dir};
+
+ if (!defined($inf->{slapd}->{schema_dir})) {
+ $inf->{slapd}->{schema_dir} = "$sysconfdir/@PACKAGE_NAME@/slapd-$servid/schema";
+ }
+
+ if (!defined($inf->{slapd}->{lock_dir})) {
+ if ("@with_fhs_opt@") {
+ $inf->{slapd}->{lock_dir} = "$localstatedir/@PACKAGE_NAME@/slapd-$servid/lock";
+ } else {
+ $inf->{slapd}->{lock_dir} = "$localstatedir/lock/@PACKAGE_NAME@/slapd-$servid";
+ }
+ }
+
+ if (!defined($inf->{slapd}->{log_dir})) {
+ if ("@with_fhs_opt@") {
+ $inf->{slapd}->{log_dir} = "$localstatedir/@PACKAGE_NAME@/slapd-$servid/log";
+ } else {
+ $inf->{slapd}->{log_dir} = "$localstatedir/log/@PACKAGE_NAME@/slapd-$servid";
+ }
+ }
+
+ if (!defined($inf->{slapd}->{run_dir})) {
+ if ("@with_fhs_opt@") {
+ $inf->{slapd}->{run_dir} = "$localstatedir/@PACKAGE_NAME@/slapd-$servid/run";
+ } else {
+ $inf->{slapd}->{run_dir} = "$localstatedir/run/@PACKAGE_NAME@";
+ }
+ }
+ $ENV{DS_RUN_DIR} = $inf->{slapd}->{run_dir};
+
+ if (!defined($inf->{slapd}->{db_dir})) {
+ if ("@with_fhs_opt@") {
+ $inf->{slapd}->{db_dir} = "$localstatedir/@PACKAGE_NAME@/slapd-$servid/db";
+ } else {
+ $inf->{slapd}->{db_dir} = "$localstatedir/lib/@PACKAGE_NAME@/slapd-$servid/db";
+ }
+ }
+
+ if (!defined($inf->{slapd}->{bak_dir})) {
+ if ("@with_fhs_opt@") {
+ $inf->{slapd}->{bak_dir} = "$localstatedir/@PACKAGE_NAME@/slapd-$servid/bak";
+ } else {
+ $inf->{slapd}->{bak_dir} = "$localstatedir/lib/@PACKAGE_NAME@/slapd-$servid/bak";
+ }
+ }
+ $ENV{DS_BAK_DIR} = $inf->{slapd}->{bak_dir};
+
+ if (!defined($inf->{slapd}->{ldif_dir})) {
+ if ("@with_fhs_opt@") {
+ $inf->{slapd}->{ldif_dir} = "$localstatedir/@PACKAGE_NAME@/slapd-$servid/ldif";
+ } else {
+ $inf->{slapd}->{ldif_dir} = "$localstatedir/lib/@PACKAGE_NAME@/slapd-$servid/ldif";
+ }
+ }
+
+ if (!defined($inf->{slapd}->{tmp_dir})) {
+ if ("@with_fhs_opt@") {
+ $inf->{slapd}->{tmp_dir} = "$localstatedir/@PACKAGE_NAME@/slapd-$servid/tmp";
+ } else {
+ $inf->{slapd}->{tmp_dir} = "$localstatedir/tmp/@PACKAGE_NAME@/slapd-$servid";
+ }
+ }
+ $ENV{DS_TMP_DIR} = $inf->{slapd}->{tmp_dir};
+
+ if (!defined($inf->{slapd}->{cert_dir})) {
+ $inf->{slapd}->{cert_dir} = $inf->{slapd}->{config_dir};
+ }
+
+ return ();
+}
+
+sub createDSInstance {
+ my $inf = shift;
+ my @errs;
+
+ if (@errs = setDefaults($inf)) {
+ return @errs;
+ }
+
+ if (@errs = sanityCheckParams($inf)) {
+ return @errs;
+ }
+
+ if (@errs = makeDSDirs($inf)) {
+ return @errs;
+ }
+
+ if (@errs = createConfigFile($inf)) {
+ return @errs;
+ }
+
+ if (@errs = makeOtherConfigFiles($inf)) {
+ return @errs;
+ }
+
+ if (@errs = createInstanceScripts($inf)) {
+ return @errs;
+ }
+
+ if (@errs = installSchema($inf)) {
+ return @errs;
+ }
+
+ if (@errs = initDatabase($inf)) {
+ return @errs;
+ }
+
+ if (@errs = startServer($inf)) {
+ return @errs;
+ }
+
+ return @errs;
+}
+
+1;
+
+# emacs settings
+# Local Variables:
+# mode:perl
+# indent-tabs-mode: nil
+# tab-width: 4
+# End:
diff --git a/ldap/admin/src/scripts/DSMigration.pm.in b/ldap/admin/src/scripts/DSMigration.pm.in
index 070c909b..09f0e034 100644
--- a/ldap/admin/src/scripts/DSMigration.pm.in
+++ b/ldap/admin/src/scripts/DSMigration.pm.in
@@ -50,6 +50,7 @@ package DSMigration;
use Migration;
use Util;
use Inf;
+use DSCreate;
# tempfiles
use File::Temp qw(tempfile tempdir);
@@ -91,6 +92,7 @@ my %ignoreOld =
'nsslapd-certdir' => 'nsslapd-certdir',
'nsslapd-ldifdir' => 'nsslapd-ldifdir',
'nsslapd-bakdir' => 'nsslapd-bakdir',
+ 'nsslapd-instancedir' => 'nsslapd-instancedir',
'nsslapd-ldapifilepath' => 'nsslapd-ldapifilepath',
'nsslapd-ldapilisten' => 'nsslapd-ldapilisten',
'nsslapd-ldapiautobind' => 'nsslapd-ldapiautobind',
@@ -187,19 +189,28 @@ sub copyDatabaseDirs {
return ("error_dbsrcdir_not_exist", $srcdir);
} else {
debug(1, "The destination directory $destdir already exists, copying files/dirs individually\n");
+ $! = 0;
+ debug(1, "Removing any existing db files in $destdir\n");
+ unlink glob("$destdir/*");
+ if ($!) {
+ return ("error_removing_temp_db_files", $destdir, $!);
+ }
foreach my $file (glob("$srcdir/*")) {
- debug(3, "Copying $file to $destdir\n");
if (-f $file) {
+ debug(3, "Copying $file to $destdir\n");
if (system ("cp -p $file $destdir")) {
return ('error_copying_dbfile', $file, $destdir, $?);
}
} elsif (-d $file && !$filesonly) {
+ debug(3, "Copying $file to $destdir\n");
if (system ("cp -p -r $file $destdir")) {
return ('error_copying_dbdir', $file, $destdir, $?);
}
}
}
}
+
+ return ();
}
# migrate all of the databases in an instance
@@ -216,11 +227,14 @@ sub migrateDatabases {
my $foundldif;
for (glob("$mig->{oldsroot}/$inst/db/*.ldif")) {
my $dbname = basename($_, '.ldif');
- my @cmd = ("@serverdir@/$inst/ldif2db", "-n", $dbname, "-i", $_);
- debug(1, "migrateDatabases: executing command ", @cmd);
- if (system(@cmd)) {
- return ('error_importing_migrated_db', $_, $?);
+ my $cmd = "@serverdir@/$inst/ldif2db -n \"$dbname\" -i \"$_\"";
+ debug(1, "migrateDatabases: executing command $cmd\n");
+ $? = 0; # clear error condition
+ my $output = `$cmd 2>&1`;
+ if ($?) {
+ return ('error_importing_migrated_db', $_, $?, $output);
}
+ debug(1, $output);
$foundldif = 1;
}
@@ -284,13 +298,13 @@ sub migrateDatabases {
my $srcdir = $dir || "$olddefault/db/$cn";
my $newent = $dest->search($ent->getDN(), "base", "(objectclass=*)");
my $newdbdir = $newent->getValues('nsslapd-directory') ||
- "@localstatedir@/lib/$mig->{pkgname}/$inst/db";
+ "@localstatedir@/lib/$mig->{pkgname}/$inst/db/$cn";
if (-d $srcdir and ($srcdir !~ /^$olddefault/)) {
debug(2, "Not copying database indexes from [$srcdir]\n");
} else {
# replace the old sroot value with the actual physical location on the target/dest
$srcdir =~ s/^$mig->{actualsroot}/$mig->{oldsroot}/;
- if (@errs = copyDatabaseDirs($srcdir, "$newdbdir/$cn")) {
+ if (@errs = copyDatabaseDirs($srcdir, "$newdbdir")) {
return @errs;
}
}
@@ -317,9 +331,14 @@ sub migrateChangelogs {
# replace the old sroot value with the actual physical location on the target/dest
$oldcldir =~ s/^$mig->{actualsroot}/$mig->{oldsroot}/;
my $newcldir = $newent->getValues('nsslapd-changelogdir');
- copyDatabaseDirs($oldcldir, $newcldir);
+ my @errs = copyDatabaseDirs($oldcldir, $newcldir);
+ if (@errs) {
+ return @errs;
+ }
}
}
+
+ return ();
}
sub fixAttrsInEntry {
@@ -358,27 +377,37 @@ sub mergeEntries {
# iterate through the attr lists
my $cn = lc $new->getValues("cn");
foreach my $attr (keys %inoldonly, keys %innewonly, @attrs) {
+ debug(3, "mergeEntries: merging entry ", $old->getDN(), " attr $attr\n");
my $lcattr = lc $attr;
if ($ignoreOld{$lcattr}) {
+ debug(3, "mergeEntries: ignoring old invalid or obsolete attr $attr\n");
next; # use new value or just omit if attr is obsolete
} elsif ($transformAttr{$lcattr}) {
# only transform if the value is in the old entry
if (!$innewonly{$attr}) {
- $new->setValues($attr, &{$transformAttr{$lcattr}}($old, $attr, $mig, $inst));
+ my $oldval = $old->getValues($attr);
+ my $newval = &{$transformAttr{$lcattr}}($old, $attr, $mig, $inst);
+ $new->setValues($attr, $newval);
+ debug(3, "mergeEntries: transformed old value $oldval to $newval\n");
}
} elsif ($cn eq "internationalization plugin" and $lcattr eq "nsslapd-pluginarg0") {
+ debug(3, "mergeEntries: using new value of internationalization plugin nsslapd-pluginarg0\n");
next; # use the new value of this path name
} elsif ($cn eq "referential integrity postoperation" and $lcattr eq "nsslapd-pluginarg1") {
+ debug(3, "mergeEntries: using new value of referential integrity postoperation nsslapd-pluginarg1\n");
next; # use the new value of this path name
} elsif ($innewonly{$attr}) {
+ debug(3, "mergeEntries: removing attr $attr from new entry\n");
$new->remove($attr); # in new but not old - just remove it
} else {
+ my $oldval = $old->getValues($attr);
+ my $newval = $new->getValues($attr);
$new->setValues($attr, $old->getValues($attr)); # use old value
+ debug(3, "mergeEntries: using old val $oldval instead of new val $newval\n");
}
}
}
-
my @allattrlist = ('*', 'aci', 'createTimestamp', 'creatorsName',
'modifyTimestamp', 'modifiersName');
@@ -598,14 +627,14 @@ sub migrateDS {
}
# create the new instance
- my ($rc, $output) = createDSInstance($inf, \@errs);
+ @errs = createDSInstance($inf);
unlink($inf->{filename});
- if ($rc) {
+ if (@errs) {
$mig->msg(@errs);
- $mig->msg($FATAL, 'error_creating_dsinstance', $rc, $output);
+ $mig->msg($FATAL, 'error_creating_dsinstance', $inst);
return 0;
} else {
- $mig->msg('created_dsinstance', $output);
+ $mig->msg('created_dsinstance', $inst);
}
my $src = new FileConn("$oldconfigdir/dse.ldif", 1); # read-only
@@ -627,3 +656,10 @@ sub migrateDS {
# Mandatory TRUE return value.
#
1;
+
+# emacs settings
+# Local Variables:
+# mode:perl
+# indent-tabs-mode: nil
+# tab-width: 4
+# End:
diff --git a/ldap/admin/src/scripts/FileConn.pm b/ldap/admin/src/scripts/FileConn.pm
index ea68d41f..7e62d8b2 100644
--- a/ldap/admin/src/scripts/FileConn.pm
+++ b/ldap/admin/src/scripts/FileConn.pm
@@ -46,6 +46,8 @@ use Mozilla::LDAP::API qw(:constant ldap_explode_dn ldap_err2string); # Direct a
use Mozilla::LDAP::Utils qw(normalizeDN);
use Mozilla::LDAP::LDIF;
+use Carp;
+
require Exporter;
@ISA = qw(Exporter Mozilla::LDAP::Conn);
@EXPORT = qw();
@@ -55,11 +57,16 @@ sub new {
my $class = shift;
my $filename = shift;
my $readonly = shift;
+ my @namingContexts = @_;
my $self = {};
$self = bless $self, $class;
$self->{readonly} = $readonly;
+ for (@namingContexts) {
+ $self->setNamingContext($_);
+ }
+ $self->setNamingContext(""); # root DSE
$self->read($filename);
return $self;
@@ -86,16 +93,31 @@ sub read {
return;
}
- open( MYLDIF, "$filename" ) || die "Can't open $filename: $!";
+ open( MYLDIF, "$filename" ) || confess "Can't open $filename: $!";
my $in = new Mozilla::LDAP::LDIF(*MYLDIF);
+ $self->{reading} = 1;
while ($ent = readOneEntry $in) {
if (!$self->add($ent)) {
- die "Error: could not add entry ", $ent->getDN(), ":", $self->getErrorString();
+ confess "Error: could not add entry ", $ent->getDN(), ":", $self->getErrorString();
}
}
+ delete $self->{reading};
close( MYLDIF );
}
+sub setNamingContext {
+ my $self = shift;
+ my $nc = shift;
+ my $ndn = normalizeDN($nc);
+ $self->{namingContexts}->{$ndn} = $ndn;
+}
+
+sub isNamingContext {
+ my $self = shift;
+ my $ndn = shift;
+ return exists($self->{namingContexts}->{$ndn});
+}
+
# return all nodes below the given node
sub iterate {
my $self = shift;
@@ -152,12 +174,16 @@ sub write {
$filename = $self->{filename};
}
- if (!$self->{filename} or $self->{readonly}) {
+ if (!$self->{filename} or $self->{readonly} or $self->{reading}) {
return;
}
- open( MYLDIF, ">$filename" ) || die "Can't write $filename: $!";
+ open( MYLDIF, ">$filename" ) || confess "Can't write $filename: $!";
$self->iterate("", LDAP_SCOPE_SUBTREE, \&writecb, \*MYLDIF);
+ for (keys %{$self->{namingContexts}}) {
+ next if (!$_); # skip "" - we already did that
+ $self->iterate($_, LDAP_SCOPE_SUBTREE, \&writecb, \*MYLDIF);
+ }
close( MYLDIF );
}
@@ -307,9 +333,30 @@ sub search {
return $self->nextEntry();
}
+sub cloneEntry {
+ my $src = shift;
+ if (!$src) {
+ return undef;
+ }
+ my $dest = new Mozilla::LDAP::Entry();
+ $dest->setDN($src->getDN());
+ for (keys %{$src}) {
+ if (ref($src->{$_})) {
+ my @copyary = @{$src->{$_}};
+ $dest->{$_} = [ @copyary ]; # make a deep copy
+ } else {
+ $dest->{$_} = $src->{$_};
+ }
+ }
+
+ return $dest;
+}
+
+# have to return a copy of the entry - disallow inplace updates
sub nextEntry {
my $self = shift;
- return shift @{$self->{entries}};
+ my $ent = shift @{$self->{entries}};
+ return cloneEntry($ent);
}
sub add {
@@ -320,10 +367,9 @@ sub add {
my $parentdn = getParentDN($dn);
my $nparentdn = normalizeDN($parentdn);
-
$self->setErrorCode(0);
- # special case of root DSE
- if (!$ndn and exists($self->{$ndn}) and
+ # special case of naming context - has no parent
+ if ($self->isNamingContext($ndn) and
!exists($self->{$ndn}->{data})) {
$self->{$ndn}->{data} = $entry;
$self->write();
@@ -357,6 +403,8 @@ sub update {
my $dn = $entry->getDN();
my $ndn = normalizeDN($dn);
+ confess "Attempt to modify read only $self->{filename} entry $dn" if ($self->{readonly});
+
$self->setErrorCode(0);
if (!exists($self->{$ndn})) {
$self->setErrorCode(LDAP_NO_SUCH_OBJECT);
@@ -373,6 +421,8 @@ sub delete {
my $self = shift;
my $dn = shift;
+ confess "Attempt to modify read only $self->{filename} entry $dn" if ($self->{readonly});
+
if (ref($dn)) {
$dn = $dn->getDN(); # an Entry
}
diff --git a/ldap/admin/src/scripts/Migration.pm.in b/ldap/admin/src/scripts/Migration.pm.in
index 21122709..8bd2e344 100644
--- a/ldap/admin/src/scripts/Migration.pm.in
+++ b/ldap/admin/src/scripts/Migration.pm.in
@@ -217,7 +217,7 @@ sub init {
$self->{pkgname} = $pkgname;
$self->{oldsroot} = $oldsroot || "/opt/$oldpkgname";
- $self->{actualsroot} = $actualsroot || $oldsroot;
+ $self->{actualsroot} = $actualsroot || $self->{oldsroot};
$self->{silent} = $silent;
$self->{inffile} = $inffile;
$self->{keep} = $keep;
diff --git a/ldap/admin/src/scripts/Util.pm.in b/ldap/admin/src/scripts/Util.pm.in
index 364e9115..ce20bfb3 100644
--- a/ldap/admin/src/scripts/Util.pm.in
+++ b/ldap/admin/src/scripts/Util.pm.in
@@ -47,18 +47,19 @@ require Exporter;
@ISA = qw(Exporter);
@EXPORT = qw(portAvailable getAvailablePort isValidDN addSuffix getMappedEntries
process_maptbl check_and_add_entry getMappedEntries
- getHashedPassword debug createDSInstance createInfFromConfig
- isValidServerID);
+ getHashedPassword debug createInfFromConfig
+ isValidServerID isValidUser makePaths);
@EXPORT_OK = qw(portAvailable getAvailablePort isValidDN addSuffix getMappedEntries
process_maptbl check_and_add_entry getMappedEntries
- getHashedPassword debug createDSInstance createInfFromConfig
- isValidServerID);
+ getHashedPassword debug createInfFromConfig
+ isValidServerID isValidUser makePaths);
use strict;
use Socket;
use File::Temp qw(tempfile tempdir);
+use File::Basename qw(dirname);
$Util::debuglevel = 0;
# use like this:
@@ -131,7 +132,7 @@ sub isValidUser {
return ("dialog_ssuser_error", $user);
}
if (!$nuid) {
- return ("dialog_ssuser_root_warning");
+ debug(0, "Warning: using root as the server user id. You are strongly encouraged to use a non-root user.\n");
}
}
@@ -367,13 +368,17 @@ sub check_and_add_entry
my $attr;
foreach $attr ( @addtypes )
{
- debug(3, "Adding attr=$attr values=" . $aentry->getValues($attr) . " to entry $aentry->{dn}\n");
- $sentry->addValue( $attr, $aentry->getValues($attr) );
+ foreach my $val ($aentry->getValues($attr))
+ {
+ debug(3, "Adding attr=$attr value=$val to entry $aentry->{dn}\n");
+ $sentry->addValue( $attr, $val );
+ }
}
foreach $attr ( @reptypes )
{
+ my @vals = $aentry->getValues($attr);
debug(3, "Replacing attr=$attr values=" . $aentry->getValues($attr) . " to entry $aentry->{dn}\n");
- $sentry->setValues($attr, $aentry->getValues($attr));
+ $sentry->setValues($attr, @vals);
}
foreach $attr ( @deltypes )
{
@@ -761,23 +766,6 @@ sub getHashedPassword {
return $hashedpwd;
}
-sub createDSInstance {
- my $inf = shift;
- my $errs = shift; # unused for now
-# find ds_newinst.pl - in same directory as this script or in PATH
- my $ds_newinst;
- ($ds_newinst = $0) =~ s|/[^/]+$|/ds_newinst.pl|;
- if (! -x $ds_newinst) {
- $ds_newinst = "@bindir@/ds_newinst.pl";
- }
- if (! -x $ds_newinst) {
- $ds_newinst = "ds_newinst.pl"; # just get from path
- }
- $? = 0; # clear error condition
- my $output = `$ds_newinst $inf->{filename}`;
- return ($?, $output);
-}
-
# this creates an Inf suitable for passing to createDSInstance
# except that it has a bogus suffix
sub createInfFromConfig {
@@ -787,35 +775,93 @@ sub createInfFromConfig {
my $fname = "$configdir/dse.ldif";
my $id;
($id = $inst) =~ s/^slapd-//;
- if (!open( DSELDIF, "$fname" )) {
+ if (! -f $fname) {
+ push @{$errs}, "error_opening_dseldif", $fname, $!;
+ return 0;
+ }
+ my $conn = new FileConn($fname, 1);
+
+ my $ent = $conn->search("cn=config", "base", "(objectclass=*)");
+ if (!$ent) {
push @{$errs}, "error_opening_dseldif", $fname, $!;
return 0;
}
+
my ($outfh, $inffile) = tempfile(SUFFIX => '.inf');
- my $in = new Mozilla::LDAP::LDIF(*DSELDIF) ;
- while (my $ent = readOneEntry $in) {
- my $dn = $ent->getDN();
- if ($dn =~ /cn=config/) {
- print $outfh "[General]\n";
- print $outfh "FullMachineName = ", $ent->getValues('nsslapd-localhost'), "\n";
- print $outfh "SuiteSpotUserID = ", $ent->getValues('nsslapd-localuser'), "\n";
- print $outfh "ServerRoot = @serverdir@\n";
- print $outfh "[slapd]\n";
- print $outfh "RootDN = ", $ent->getValues('nsslapd-rootdn'), "\n";
- print $outfh "RootDNPwd = ", $ent->getValues('nsslapd-rootpw'), "\n";
- print $outfh "ServerPort = ", $ent->getValues('nsslapd-port'), "\n";
- print $outfh "ServerIdentifier = $id\n";
- print $outfh "Suffix = o=deleteAfterMigration\n";
- print $outfh "start_server= 0\n";
- last;
- }
+ print $outfh "[General]\n";
+ print $outfh "FullMachineName = ", $ent->getValues('nsslapd-localhost'), "\n";
+ print $outfh "SuiteSpotUserID = ", $ent->getValues('nsslapd-localuser'), "\n";
+ print $outfh "[slapd]\n";
+ print $outfh "RootDN = ", $ent->getValues('nsslapd-rootdn'), "\n";
+ print $outfh "RootDNPwd = ", $ent->getValues('nsslapd-rootpw'), "\n";
+ print $outfh "ServerPort = ", $ent->getValues('nsslapd-port'), "\n";
+ print $outfh "ServerIdentifier = $id\n";
+ print $outfh "start_server= 0\n";
+
+ my $suffix;
+ my $ent = $conn->search("cn=ldbm database,cn=plugins,cn=config",
+ "one", "(objectclass=*)");
+ if (!$ent) {
+ push @{$errs}, "error_opening_dseldif", $fname, $!;
+ close $outfh;
+ $conn->close();
+ return 0;
}
+ # use the userRoot suffix if available
+ while ($ent) {
+ $suffix = $ent->getValues('nsslapd-suffix');
+ last if ($ent->hasValue('cn', 'userRoot', 1));
+ $ent = $conn->nextEntry();
+ }
+ $conn->close();
+
+ print $outfh "Suffix = $suffix\n";
close $outfh;
- close DSELDIF;
my $inf = new Inf($inffile);
return $inf;
}
+# like File::Path mkpath, except we can set the owner and perm
+# of each new path and parent path created
+sub makePaths {
+ my ($path, $mode, $user, $group) = @_;
+ my $uid = getpwnam $user;
+ my $gid = -1; # default to leave it alone
+
+ if ($group) {
+ $gid = getgrnam $group;
+ }
+ my @dirnames = ($path);
+ my $parent = $path;
+ for ($parent = dirname($parent);
+ $parent and ($parent ne "/");
+ $parent = dirname($parent)) {
+ unshift @dirnames, $parent;
+ }
+ for (@dirnames) {
+ next if (-d $_);
+ $! = 0; # clear
+ mkdir $_, $mode;
+ if ($!) {
+ return ('error_creating_directory', $_, $!);
+ }
+ chown $uid, $gid, $_;
+ if ($!) {
+ return ('error_chowning_directory', $_, $!);
+ }
+ debug(1, "makePaths: created directory $_ mode $mode user $user group $group\n");
+ }
+
+ return ();
+}
+
1;
+
+# emacs settings
+# Local Variables:
+# mode:perl
+# indent-tabs-mode: nil
+# tab-width: 4
+# End:
diff --git a/ldap/admin/src/scripts/dscreate.map.in b/ldap/admin/src/scripts/dscreate.map.in
new file mode 100644
index 00000000..a475416a
--- /dev/null
+++ b/ldap/admin/src/scripts/dscreate.map.in
@@ -0,0 +1,67 @@
+# BEGIN COPYRIGHT BLOCK
+# This Program is free software; you can redistribute it and/or modify it under
+# the terms of the GNU General Public License as published by the Free Software
+# Foundation; version 2 of the License.
+#
+# This Program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with
+# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
+# Place, Suite 330, Boston, MA 02111-1307 USA.
+#
+# In addition, as a special exception, Red Hat, Inc. gives You the additional
+# right to link the code of this Program with code not covered under the GNU
+# General Public License ("Non-GPL Code") and to distribute linked combinations
+# including the two, subject to the limitations in this paragraph. Non-GPL Code
+# permitted under this exception must only link to the code of this Program
+# through those well defined interfaces identified in the file named EXCEPTION
+# found in the source code files (the "Approved Interfaces"). The files of
+# Non-GPL Code may instantiate templates or use macros or inline functions from
+# the Approved Interfaces without causing the resulting work to be covered by
+# the GNU General Public License. Only Red Hat, Inc. may make changes or
+# additions to the list of Approved Interfaces. You must obey the GNU General
+# Public License in all respects for all of the Program code and other code used
+# in conjunction with the Program except the Non-GPL Code covered by this
+# exception. If you modify this file, you may extend this exception to your
+# version of the file, but you are not obligated to do so. If you do not wish to
+# provide this exception without modification, you must delete this exception
+# statement from your version and license this file solely under the GPL without
+# exception.
+#
+#
+# Copyright (C) 2007 Red Hat, Inc.
+# All rights reserved.
+# END COPYRIGHT BLOCK
+#
+# [Parameter resolution rules]
+# * If the right-hand value is in ` (backquote), the value is eval'ed by perl.
+# The output should be stored in $returnvalue to pass to the internal hash.
+# * If the right-hand value is in " (doublequote), the value is passed as is.
+# * If the right-hand value is not in any quote, the value should be found
+# in either of the setup inf file (static) or the install inf file (dynamic).
+# * Variables surrounded by @ (e.g., @configdir@) are replaced with the
+# system path at the compile time.
+# * The right-hand value can contain variables surrounded by % (e.g., %asid%)
+# which refers the right-hand value (key) of this map file.
+#
+fqdn = FullMachineName
+dsid = ServerIdentifier
+ds_user = SuiteSpotUserID
+ds_port = ServerPort
+rootdn = RootDN
+ds_suffix = Suffix
+ds_bename = ds_bename
+ds_passwd = HashedRootDNPwd
+
+schema_dir = schema_dir
+lock_dir = lock_dir
+tmp_dir = tmp_dir
+cert_dir = cert_dir
+ldif_dir = ldif_dir
+bak_dir = bak_dir
+inst_dir = inst_dir
+log_dir = log_dir
+config_dir = config_dir
+db_dir = db_dir
diff --git a/ldap/admin/src/scripts/dsorgentries.map.in b/ldap/admin/src/scripts/dsorgentries.map.in
new file mode 100644
index 00000000..2d59c226
--- /dev/null
+++ b/ldap/admin/src/scripts/dsorgentries.map.in
@@ -0,0 +1,50 @@
+# BEGIN COPYRIGHT BLOCK
+# This Program is free software; you can redistribute it and/or modify it under
+# the terms of the GNU General Public License as published by the Free Software
+# Foundation; version 2 of the License.
+#
+# This Program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with
+# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
+# Place, Suite 330, Boston, MA 02111-1307 USA.
+#
+# In addition, as a special exception, Red Hat, Inc. gives You the additional
+# right to link the code of this Program with code not covered under the GNU
+# General Public License ("Non-GPL Code") and to distribute linked combinations
+# including the two, subject to the limitations in this paragraph. Non-GPL Code
+# permitted under this exception must only link to the code of this Program
+# through those well defined interfaces identified in the file named EXCEPTION
+# found in the source code files (the "Approved Interfaces"). The files of
+# Non-GPL Code may instantiate templates or use macros or inline functions from
+# the Approved Interfaces without causing the resulting work to be covered by
+# the GNU General Public License. Only Red Hat, Inc. may make changes or
+# additions to the list of Approved Interfaces. You must obey the GNU General
+# Public License in all respects for all of the Program code and other code used
+# in conjunction with the Program except the Non-GPL Code covered by this
+# exception. If you modify this file, you may extend this exception to your
+# version of the file, but you are not obligated to do so. If you do not wish to
+# provide this exception without modification, you must delete this exception
+# statement from your version and license this file solely under the GPL without
+# exception.
+#
+#
+# Copyright (C) 2007 Red Hat, Inc.
+# All rights reserved.
+# END COPYRIGHT BLOCK
+#
+# [Parameter resolution rules]
+# * If the right-hand value is in ` (backquote), the value is eval'ed by perl.
+# The output should be stored in $returnvalue to pass to the internal hash.
+# * If the right-hand value is in " (doublequote), the value is passed as is.
+# * If the right-hand value is not in any quote, the value should be found
+# in either of the setup inf file (static) or the install inf file (dynamic).
+# * Variables surrounded by @ (e.g., @configdir@) are replaced with the
+# system path at the compile time.
+# * The right-hand value can contain variables surrounded by % (e.g., %asid%)
+# which refers the right-hand value (key) of this map file.
+#
+ds_suffix = Suffix
+naming_value = naming_value
diff --git a/ldap/admin/src/scripts/migrate-ds.pl.in b/ldap/admin/src/scripts/migrate-ds.pl.in
index e11d810c..7c5ea83d 100644
--- a/ldap/admin/src/scripts/migrate-ds.pl.in
+++ b/ldap/admin/src/scripts/migrate-ds.pl.in
@@ -61,5 +61,17 @@ my $res = new Resource("@propertydir@/migrate-ds.res",
my $mig = new Migration($res);
$mig->msg('begin_ds_migration', $mig->{oldsroot});
-migrateDS($mig);
+if (!migrateDS($mig)) {
+ exit 1;
+}
$mig->msg('end_ds_migration');
+
+END {
+ if ($mig) {
+ if (!$mig->{keep}) {
+ unlink $mig->{inffile};
+ }
+
+ $mig->doExit();
+ }
+}
diff --git a/ldap/admin/src/scripts/migrate-ds.res b/ldap/admin/src/scripts/migrate-ds.res
index f5cfef15..b98e0943 100644
--- a/ldap/admin/src/scripts/migrate-ds.res
+++ b/ldap/admin/src/scripts/migrate-ds.res
@@ -4,10 +4,11 @@ migration_exiting = Exiting . . .\nLog file is '%s'\n\n
instance_already_exists = The target directory server instance already exists at %s. Skipping migration. Note that if you want to migrate the old instance you will have to first remove the new one of the same name.\n\n
error_reading_entry = Could not read the entry '%s'. Error: %s\n
error_updating_merge_entry = Could not %s the migrated entry '%s' in the target directory server. Error: %s\n
-error_importing_migrated_db = Could not import the LDIF file '%s' for the migrated database. Error: %s. Please check the directory server error log for more details.\n
+error_importing_migrated_db = Could not import the LDIF file '%s' for the migrated database. Error: %s. Output: %s\n
error_reading_olddbconfig = Could not read the old database configuration information. Error: %s\n
error_migrating_schema = Could not copy old schema file '%s'. Error: %s\n
error_copying_dbdir = Could not copy database directory '%s' to '%s'. Error: %s\n
error_copying_dbfile = Could not copy database file '%s' to '%s'. Error: %s\n
error_dbsrcdir_not_exist = Could not copy from the database source directory '%s' because it does not exist. Please check your configuration.\n
error_no_instances = Could not find any instances in the old directory '%s' to migrate.\n
+error_removing_temp_db_files = Could not remove the temporary db files in '%s' to clear the directory in preparation for the migrated db files. Error: %s\n
diff --git a/ldap/admin/src/scripts/setup-ds.pl.in b/ldap/admin/src/scripts/setup-ds.pl.in
index b455a579..99969a22 100644
--- a/ldap/admin/src/scripts/setup-ds.pl.in
+++ b/ldap/admin/src/scripts/setup-ds.pl.in
@@ -47,6 +47,7 @@ use Inf;
use Resource;
use DialogManager;
use Util;
+use DSCreate;
my $res = new Resource("@propertydir@/setup-ds.res");
@@ -70,13 +71,14 @@ if (!$setup->{silent}) {
$setup->{inf}->write();
}
-my @errs;
-my ($rc, $output) = createDSInstance($setup->{inf}, \@errs);
-if ($rc) {
+my @errs = createDSInstance($setup->{inf});
+if (@errs) {
$setup->msg(@errs);
- $setup->msg($FATAL, 'error_creating_dsinstance', $rc, $output);
+ $setup->msg($FATAL, 'error_creating_dsinstance',
+ $setup->{inf}->{slapd}->{ServerIdentifier});
} else {
- $setup->msg('created_dsinstance', $output);
+ $setup->msg('created_dsinstance',
+ $setup->{inf}->{slapd}->{ServerIdentifier});
}
END {
diff --git a/ldap/admin/src/scripts/setup-ds.res.in b/ldap/admin/src/scripts/setup-ds.res.in
index 329a7c24..5d2cdd89 100644
--- a/ldap/admin/src/scripts/setup-ds.res.in
+++ b/ldap/admin/src/scripts/setup-ds.res.in
@@ -87,8 +87,8 @@ error_creating_suffix_backend = Could not create the suffix '%s'. There was an
error_creating_suffix = Could not create the suffix '%s'. Error: %s\n\n
setup_exiting = Exiting . . .\nLog file is '%s'\n\n
-error_creating_dsinstance = Error: Could not create directory server instance. Error code %s. Output:\n%s\n
-created_dsinstance = Your new DS instance was successfully created. Output:\n%s\n
+error_creating_dsinstance = Error: Could not create directory server instance '%s'.\n
+created_dsinstance = Your new DS instance '%s' was successfully created.\n
no_mapvalue_for_key = The map value '%s' for key '%s' did not map to a value in any of the given information files.\n
error_opening_ldiftmpl = Could not open the LDIF template file '%s'. Error: %s\n
error_mapping_token_ldiftmpl = The entry '%s' in LDIF file '%s' contains a token '%s' for which there is no mapper.\nPlease check the file and your mapper to make sure all tokens are handled correctly.\n
@@ -96,7 +96,6 @@ error_deleteall_entries = Error deleting entry '%s' and all children. Error: %s
error_adding_entry = Error adding entry '%s'. Error: %s\n
error_updating_entry = Error updating entry '%s'. Error: %s\n
-
error_invalid_param = The parameter '%s' has an invalid value '%s'.\n
error_port_available = The port number '%s' is not available for use. This may be due to an\
invalid port number, or the port already being in use by another\
@@ -104,3 +103,19 @@ program, or low port restriction. Please choose another value for\
ServerPort. Error: $!\n
error_invalid_serverid = The ServerIdentifier '%s' contains invalid characters. It must\
contain only alphanumeric characters and the following: #%,.:@_-\n
+error_opening_scripttmpl = Could not open the script template file '%s'. Error: %s\n
+error_creating_directory = Could not create directory '%s'. Error: %s\n
+error_chowning_directory = Could not change ownership of directory '%s' to userid '%s': Error: %s\n
+error_chowning_file = Could not change ownership of '%s' to userid '%s': Error: %s\n
+error_chmoding_file = Could not change permissions of '%s': Error: %s\n
+error_chgrping_directory = Could not change group of directory '%s' to group '%s': Error: %s\n
+error_creating_file = Could not create file '%s'. Error: %s\n
+error_copying_file = Could not copy file '%s' to '%s'. Error: %s\n
+error_enabling_feature = Could not enable the directory server feature '%s'. Error: %s\n
+error_importing_ldif = Could not import LDIF file '%s'. Error: %s. Output: %s\n
+error_starting_server = Could not start the directory server using command '%s'. The last line from the error log was '%s'. Error: %s\n
+error_missing_port_and_ldapi = Either ServerPort or ldapifilepath must be specified. The server must listen to something.\n
+error_missing_port = No ServerPort specified. The server must have a port number to listen to (default 389).\n
+error_server_already_exists = Error: the server already exists at '%s'\
+Please remove it first if you really want to recreate it,\
+or use a different ServerIdentifier to create another instance.\n
diff --git a/ldap/admin/src/scripts/template-restart-slapd.in b/ldap/admin/src/scripts/template-restart-slapd.in
new file mode 100644
index 00000000..6f5c0c89
--- /dev/null
+++ b/ldap/admin/src/scripts/template-restart-slapd.in
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+# Script that restarts the ns-slapd server.
+# Exit status can be:
+# 0: Server restarted successfully
+# 1: Server could not be started
+# 2: Server started successfully (was not running)
+# 3: Server could not be stopped
+
+server_already_stopped=0
+{{INST-DIR}}/stop-slapd
+status=$?
+if [ $status -eq 1 ] ; then
+ exit 3;
+else
+ if [ $status -eq 2 ] ; then
+ server_already_stopped=1
+ fi
+fi
+{{INST-DIR}}/start-slapd
+status=$?
+if [ $server_already_stopped -eq 1 ] && [ $status -eq 0 ] ; then
+ exit 2;
+fi
+exit $status
diff --git a/ldap/ldif/template-baseacis.ldif.in b/ldap/ldif/template-baseacis.ldif.in
new file mode 100644
index 00000000..7eb8c40c
--- /dev/null
+++ b/ldap/ldif/template-baseacis.ldif.in
@@ -0,0 +1,5 @@
+dn: %ds_suffix%
+changetype: modify
+add: aci
+aci: (targetattr!="userPassword")(version 3.0; acl "Enable anonymous access"; allow (read, search, compare) userdn="ldap:///anyone";)
+aci: (targetattr="carLicense || description || displayName || facsimileTelephoneNumber || homePhone || homePostalAddress || initials || jpegPhoto || labeledURL || mail || mobile || pager || photo || postOfficeBox || postalAddress || postalCode || preferredDeliveryMethod || preferredLanguage || registeredAddress || roomNumber || secretary || seeAlso || st || street || telephoneNumber || telexNumber || title || userCertificate || userPassword || userSMIMECertificate || x500UniqueIdentifier")(version 3.0; acl "Enable self write for common attributes"; allow (write) userdn="ldap:///self";)
diff --git a/ldap/ldif/template-country.ldif.in b/ldap/ldif/template-country.ldif.in
new file mode 100644
index 00000000..cc37997e
--- /dev/null
+++ b/ldap/ldif/template-country.ldif.in
@@ -0,0 +1,4 @@
+dn: %ds_suffix%
+objectclass: top
+objectclass: country
+c: %naming_value%
diff --git a/ldap/ldif/template-domain.ldif.in b/ldap/ldif/template-domain.ldif.in
new file mode 100644
index 00000000..4085c50e
--- /dev/null
+++ b/ldap/ldif/template-domain.ldif.in
@@ -0,0 +1,4 @@
+dn: %ds_suffix%
+objectclass: top
+objectclass: domain
+dc: %naming_value%
diff --git a/ldap/ldif/template-dse.ldif.in b/ldap/ldif/template-dse.ldif.in
index 805bcb8b..5d9aec85 100644
--- a/ldap/ldif/template-dse.ldif.in
+++ b/ldap/ldif/template-dse.ldif.in
@@ -9,7 +9,7 @@ nsslapd-tmpdir: %tmp_dir%
nsslapd-certdir: %cert_dir%
nsslapd-ldifdir: %ldif_dir%
nsslapd-bakdir: %bak_dir%
-nsslapd-saslpath: %sasl_path%
+nsslapd-instancedir: %inst_dir%
nsslapd-accesslog-logging-enabled: on
nsslapd-accesslog-maxlogsperdir: 10
nsslapd-accesslog-mode: 600
@@ -22,7 +22,7 @@ nsslapd-accesslog-logrotationsyncmin: 0
nsslapd-accesslog: %log_dir%/access
nsslapd-enquote-sup-oc: off
nsslapd-localhost: %fqdn%
-nsslapd-schemacheck: 1
+nsslapd-schemacheck: on
nsslapd-rewrite-rfc1274: off
nsslapd-return-exact-case: on
nsslapd-ssl-check-hostname: on
@@ -493,7 +493,7 @@ nsslapd-pluginpath: libcollation-plugin
nsslapd-plugininitfunc: orderingRule_init
nsslapd-plugintype: matchingRule
nsslapd-pluginenabled: on
-nsslapd-pluginarg0: @configdir@/slapd-collations.conf
+nsslapd-pluginarg0: %config_dir%/slapd-collations.conf
dn: cn=HTTP Client,cn=plugins,cn=config
objectclass: top
diff --git a/ldap/ldif/template-locality.ldif.in b/ldap/ldif/template-locality.ldif.in
new file mode 100644
index 00000000..c7185269
--- /dev/null
+++ b/ldap/ldif/template-locality.ldif.in
@@ -0,0 +1,4 @@
+dn: %ds_suffix%
+objectclass: top
+objectclass: locality
+l: %naming_value%
diff --git a/ldap/ldif/template-org.ldif.in b/ldap/ldif/template-org.ldif.in
new file mode 100644
index 00000000..e649c323
--- /dev/null
+++ b/ldap/ldif/template-org.ldif.in
@@ -0,0 +1,4 @@
+dn: %ds_suffix%
+objectclass: top
+objectclass: organization
+o: %naming_value%
diff --git a/ldap/ldif/template-orgunit.ldif.in b/ldap/ldif/template-orgunit.ldif.in
new file mode 100644
index 00000000..97982e57
--- /dev/null
+++ b/ldap/ldif/template-orgunit.ldif.in
@@ -0,0 +1,4 @@
+dn: %ds_suffix%
+objectclass: top
+objectclass: organizationalUnit
+ou: %naming_value%
diff --git a/ldap/ldif/template-state.ldif.in b/ldap/ldif/template-state.ldif.in
new file mode 100644
index 00000000..f4fdfe7e
--- /dev/null
+++ b/ldap/ldif/template-state.ldif.in
@@ -0,0 +1,4 @@
+dn: %ds_suffix%
+objectclass: top
+objectclass: locality
+st: %naming_value%
diff --git a/ldap/ldif/template.ldif b/ldap/ldif/template.ldif
index a0ab7914..6c083449 100644
--- a/ldap/ldif/template.ldif
+++ b/ldap/ldif/template.ldif
@@ -37,26 +37,24 @@
# All rights reserved.
# END COPYRIGHT BLOCK
#
-dn: %%%SUFFIX%%%
-objectclass: top
-aci: (targetattr ="*")(version 3.0;
- acl "Configuration Administrators Group";allow (all) (groupdn = "ldap:///
- cn=Configuration Administrators, ou=Groups, ou=TopologyManagement, o=NetscapeRoot");)
+dn: %ds_suffix%
+changetype: modify
+add: aci
aci: (targetattr ="*")(version 3.0;
acl "Directory Administrators Group";allow (all) (groupdn = "ldap:///
- cn=Directory Administrators, %%%SUFFIX%%%");)
+ cn=Directory Administrators, %ds_suffix%");)
-dn: cn=Directory Administrators, %%%SUFFIX%%%
+dn: cn=Directory Administrators, %ds_suffix%
objectClass: top
objectClass: groupofuniquenames
cn: Directory Administrators
-dn: ou=Groups, %%%SUFFIX%%%
+dn: ou=Groups, %ds_suffix%
objectclass: top
objectclass: organizationalunit
ou: Groups
-dn: ou=People, %%%SUFFIX%%%
+dn: ou=People, %ds_suffix%
objectclass: top
objectclass: organizationalunit
ou: People
@@ -66,48 +64,48 @@ aci: (targetattr ="userpassword || te
aci: (targetattr !="cn || sn || uid")(t
argetfilter ="(ou=Accounting)")(version 3.0;acl "Accounting Managers G
roup Permissions";allow (write)(groupdn = "ldap:///cn=Accounting Managers,ou
- =groups,%%%SUFFIX%%%");)
+ =groups,%ds_suffix%");)
aci: (targetattr !="cn || sn || uid")(t
argetfilter ="(ou=Human Resources)")(version 3.0;acl "HR Group Permiss
- ions";allow (write)(groupdn = "ldap:///cn=HR Managers,ou=groups,%%%SUFFIX%%%
+ ions";allow (write)(groupdn = "ldap:///cn=HR Managers,ou=groups,%ds_suffix%
");)
aci: (targetattr !="cn ||sn || uid")(t
argetfilter ="(ou=Product Testing)")(version 3.0;acl "QA Group Permiss
- ions";allow (write)(groupdn = "ldap:///cn=QA Managers,ou=groups,%%%SUFFIX%%%
+ ions";allow (write)(groupdn = "ldap:///cn=QA Managers,ou=groups,%ds_suffix%
");)
aci: (targetattr !="cn || sn || uid")(t
argetfilter ="(ou=Product Development)")(version 3.0;acl "Engineering
Group Permissions";allow (write)(groupdn = "ldap:///cn=PD Managers,ou=groups
- ,%%%SUFFIX%%%");)
+ ,%ds_suffix%");)
-dn: ou=Special Users,%%%SUFFIX%%%
+dn: ou=Special Users,%ds_suffix%
objectclass: top
objectclass: organizationalUnit
ou: Special Users
description: Special Administrative Accounts
-dn: cn=Accounting Managers,ou=groups,%%%SUFFIX%%%
+dn: cn=Accounting Managers,ou=groups,%ds_suffix%
objectclass: top
objectclass: groupOfUniqueNames
cn: Accounting Managers
ou: groups
description: People who can manage accounting entries
-dn: cn=HR Managers,ou=groups,%%%SUFFIX%%%
+dn: cn=HR Managers,ou=groups,%ds_suffix%
objectclass: top
objectclass: groupOfUniqueNames
cn: HR Managers
ou: groups
description: People who can manage HR entries
-dn: cn=QA Managers,ou=groups,%%%SUFFIX%%%
+dn: cn=QA Managers,ou=groups,%ds_suffix%
objectclass: top
objectclass: groupOfUniqueNames
cn: QA Managers
ou: groups
description: People who can manage QA entries
-dn: cn=PD Managers,ou=groups,%%%SUFFIX%%%
+dn: cn=PD Managers,ou=groups,%ds_suffix%
objectclass: top
objectclass: groupOfUniqueNames
cn: PD Managers
diff --git a/m4/fhs.m4 b/m4/fhs.m4
index e550cc5a..479a76d6 100644
--- a/m4/fhs.m4
+++ b/m4/fhs.m4
@@ -39,6 +39,7 @@ AC_ARG_WITH(fhs-opt, [ --with-fhs-opt Use FHS optional layout],
[
with_fhs_opt=yes
AC_MSG_RESULT(yes)
+ AC_SUBST(with_fhs_opt)
],
AC_MSG_RESULT(no))
generated by cgit (git 2.34.1) at 2024-06-19 06:12:56 +0000