sub slapd_start($$)
{
my ($conf, $uri) = @_;
+ # running slapd in the background means it stays in the same process group, so it can be
+ # killed by timelimit
if (defined($ENV{FEDORA_DS_PREFIX})) {
- system("$ENV{FEDORA_DS_PREFIX}/lib/fedora-ds/ds_newinst.pl $ENV{FEDORA_DS_INF}") or die("Unable to provision fedora ds ldapd");
+ system("$ENV{FEDORA_DS_PREFIX}/sbin/ns-slapd -D $ENV{FEDORA_DS_DIR} -d0 &");
} else {
my $oldpath = $ENV{PATH};
$ENV{PATH} = "/usr/local/sbin:/usr/sbin:/sbin:$ENV{PATH}";
- # running slapd in the background means it stays in the same process group, so it can be
- # killed by timelimit
system("slapd -d0 -f $conf -h $uri &");
$ENV{PATH} = $oldpath;
}
- return $? >> 8;
+ return 1;
}
sub slapd_stop()
sub provision_ldap($$)
{
my ($bindir, $setupdir) = @_;
- system("$bindir/smbscript $setupdir/provision $ENV{PROVISION_OPTIONS} \"$ENV{PROVISION_ACI}\" --ldap-backend=$ENV{LDAPI}") or
- die("LDAP PROVISIONING failed: $bindir/smbscript $setupdir/provision $ENV{PROVISION_OPTIONS} \"$ENV{PROVISION_ACI}\" --ldap-backend=$ENV{LDAPI}");
+ system("$bindir/smbscript $setupdir/provision $ENV{PROVISION_OPTIONS} \"$ENV{PROVISION_ACI}\" --ldap-backend=$ENV{LDAP_URI}") and
+ die("LDAP PROVISIONING failed: $bindir/smbscript $setupdir/provision $ENV{PROVISION_OPTIONS} \"$ENV{PROVISION_ACI}\" --ldap-backend=$ENV{LDAP_URI}");
}
1;
FEDORA_DS_INF=$LDAPDIR/fedorads.inf
-export FEDORA_DS_INF
FEDORA_DS_INITIAL_LDIF=$LDAPDIR/fedorads-initial.ldif
#Make the subdirectory be as fedora DS would expect
FEDORA_DS_DIR=$LDAPDIR/slapd-samba4
+echo FEDORA_DS_DIR=$FEDORA_DS_DIR
cat >$FEDORA_DS_INF <<EOF
[General]
$srcdir/bin/ad2oLschema $CONFIGURATION -H $PRIVATEDIR/sam.ldb --option=convert:target=fedora-ds -I $srcdir/setup/schema-map-fedora-ds-1.0 -O $FEDORA_DS_DIR/schema/99_ad.ldif >&2
-LDAP_URI_ESCAPE=$LDAP_URI;
+LDAP_URI_ESCAPE="ldapi://"`echo $LDAPDIR/ldapi | sed 's|/|%2F|g'`
+
PROVISION_OPTIONS="$PROVISION_OPTIONS --ldap-module=nsuniqueid"
#it is easier to base64 encode this than correctly escape it:
# (targetattr = "*") (version 3.0;acl "full access to all by all";allow (all)(userdn = "ldap:///anyone");)
set_tmp_dir $LDAPDIR/db/tmp
EOF
-LDAP_URI="ldapi://$LDAPDIR/ldapi"
-LDAP_URI_ESCAPE="ldapi://"`echo $LDAPDIR/ldapi | sed 's|/|%2F|g'`
-export LDAP_URI
-export LDAP_URI_ESCAPE
-
#This uses the provision we just did, to read out the schema
$srcdir/bin/ad2oLschema $CONFIGURATION -H $PRIVATEDIR/sam.ldb -I $srcdir/setup/schema-map-openldap-2.3 -O $LDAPDIR/ad.schema >&2
PROVISION_OPTIONS="$PROVISION_OPTIONS --simple-bind-dn=cn=Manager,$BASEDN --password=$PASSWORD --root=$ROOT"
$srcdir/bin/smbscript $srcdir/setup/provision $PROVISION_OPTIONS >&2
+LDAP_URI="ldapi://$LDAPDIR/ldapi"
+LDAP_URI_ESCAPE="ldapi://"`echo $LDAPDIR/ldapi | sed 's|/|%2F|g'`
+
. `dirname $0`/mk-openldap.sh
test -z "$FEDORA_DS_PREFIX" || {
echo "NETBIOSNAME=$NETBIOSNAME"
echo "LDAP_URI=$LDAP_URI"
echo "LDAP_URI_ESCAPE=$LDAP_URI_ESCAPE"
-echo "FEDORA_DS_INF=$FEDORA_DS_INF"
echo "DOMAIN=$DOMAIN"
echo "USERNAME=$USERNAME"
echo "REALM=$REALM"
echo "PREFIX=$PREFIX"
echo "SMBD_LOGLEVEL=$SMBD_LOGLEVEL"
echo "LDAPDIR=$LDAPDIR"
+echo "PROVISION_OPTIONS=$PROVISION_OPTIONS"
+echo "PROVISION_ACI=$PROVISION_ACI"
\ No newline at end of file
# Start slapd before smbd
if ($ldap) {
- Samba4::slapd_start($ENV{SLAPD_CONF}, $ENV{LDAPI_ESCAPE}) or die("couldn't start slapd");
+ Samba4::slapd_start($ENV{SLAPD_CONF}, $ENV{LDAP_URI_ESCAPE}) or die("couldn't start slapd");
print "LDAP PROVISIONING...";
Samba4::provision_ldap($bindir, $setupdir);