You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
134 lines
2.4 KiB
134 lines
2.4 KiB
# Author: Jan Vcelak <jvcelak@redhat.com> |
|
|
|
SLAPD_USER= |
|
SLAPD_CONFIG_FILE= |
|
SLAPD_CONFIG_DIR= |
|
SLAPD_CONFIG_CUSTOM= |
|
SLAPD_GLOBAL_OPTIONS= |
|
SLAPD_SYSCONFIG_FILE= |
|
|
|
function default_config() |
|
{ |
|
SLAPD_USER=ldap |
|
SLAPD_CONFIG_FILE=/etc/openldap/slapd.conf |
|
SLAPD_CONFIG_DIR=/etc/openldap/slapd.d |
|
SLAPD_CONFIG_CUSTOM= |
|
SLAPD_GLOBAL_OPTIONS= |
|
SLAPD_SYSCONFIG_FILE=/etc/sysconfig/slapd |
|
} |
|
|
|
function parse_config_options() |
|
{ |
|
user= |
|
config_file= |
|
config_dir= |
|
while getopts :u:f:F: opt; do |
|
case "$opt" in |
|
u) |
|
user="$OPTARG" |
|
;; |
|
f) |
|
config_file="$OPTARG" |
|
;; |
|
F) |
|
config_dir="$OPTARG" |
|
;; |
|
esac |
|
done |
|
|
|
if [ -n "$user" ]; then |
|
SLAPD_USER="$user" |
|
fi |
|
|
|
if [ -n "$config_dir" ]; then |
|
SLAPD_CONFIG_DIR="$config_dir" |
|
SLAPD_CONFIG_FILE= |
|
SLAPD_CONFIG_CUSTOM=1 |
|
SLAPD_GLOBAL_OPTIONS="-F '$config_dir'" |
|
elif [ -n "$config_file" ]; then |
|
SLAPD_CONFIG_DIR= |
|
SLAPD_CONFIG_FILE="$config_file" |
|
SLAPD_CONFIG_CUSTOM=1 |
|
SLAPD_GLOBAL_OPTIONS="-f '$config_file'" |
|
fi |
|
} |
|
|
|
function uses_new_config() |
|
{ |
|
[ -n "$SLAPD_CONFIG_DIR" ] |
|
return $? |
|
} |
|
|
|
function run_as_ldap() |
|
{ |
|
/sbin/runuser --shell /bin/sh --session-command "$1" "$SLAPD_USER" |
|
return $? |
|
} |
|
|
|
function ldif_unbreak() |
|
{ |
|
sed ':a;N;s/\n //;ta;P;D' |
|
} |
|
|
|
function ldif_value() |
|
{ |
|
sed 's/^[^:]*: //' |
|
} |
|
|
|
function databases_new() |
|
{ |
|
slapcat $SLAPD_GLOBAL_OPTIONS -c \ |
|
-H 'ldap:///cn=config???(|(objectClass=olcBdbConfig)(objectClass=olcHdbConfig))' 2>/dev/null | \ |
|
ldif_unbreak | \ |
|
grep '^olcDbDirectory: ' | \ |
|
ldif_value |
|
} |
|
|
|
function databases_old() |
|
{ |
|
awk 'begin { database="" } |
|
$1 == "database" { database=$2 } |
|
$1 == "directory" { if (database == "bdb" || database == "hdb") print $2}' \ |
|
"$SLAPD_CONFIG_FILE" |
|
} |
|
|
|
function certificates_new() |
|
{ |
|
slapcat $SLAPD_GLOBAL_OPTIONS -c -H 'ldap:///cn=config???(cn=config)' 2>/dev/null | \ |
|
ldif_unbreak | \ |
|
grep '^olcTLS\(CACertificateFile\|CACertificatePath\|CertificateFile\|CertificateKeyFile\): ' | \ |
|
ldif_value |
|
} |
|
|
|
function certificates_old() |
|
{ |
|
awk '$1 ~ "^TLS(CACertificate(File|Path)|CertificateFile|CertificateKeyFile)$" { print $2 } ' \ |
|
"$SLAPD_CONFIG_FILE" |
|
} |
|
|
|
function certificates() |
|
{ |
|
uses_new_config && certificates_new || certificates_old |
|
} |
|
|
|
function databases() |
|
{ |
|
uses_new_config && databases_new || databases_old |
|
} |
|
|
|
|
|
function error() |
|
{ |
|
format="$1\n"; shift |
|
printf "$format" $@ >&2 |
|
} |
|
|
|
function load_sysconfig() |
|
{ |
|
[ -r "$SLAPD_SYSCONFIG_FILE" ] || return |
|
|
|
. "$SLAPD_SYSCONFIG_FILE" |
|
[ -n "$SLAPD_OPTIONS" ] && parse_config_options $SLAPD_OPTIONS |
|
} |
|
|
|
default_config
|
|
|