solaris-desktop/patches/ldap_user.dif

--- rc.ldap 2002/08/26 16:35:24 1.1
+++ rc.ldap 2002/08/26 17:35:01
@@ -60,6 +60,11 @@
     esac
 }

+USER_CMD=""
+GROUP_CMD=""
+[ ! "x$OPENLDAP_USER" = "x" ] && USER_CMD="-u $OPENLDAP_USER"
+[ ! "x$OPENLDAP_GROUP" = "x" ] && GROUP_CMD="-g $OPENLDAP_GROUP"
+
 # Return values acc. to LSB for all commands but status:
 # 0 - success
 # 1 - generic or unspecified error
@@ -77,18 +82,33 @@

 case "$1" in
     start)
+   # chown backend directories if OPENLDAP_CHOWN_DIRS ist set
+   if [ "$(echo "$OPENLDAP_CHOWN_DIRS" | tr 'A-Z' 'a-z')" == "yes" ]; then
+       if [ -n "$OPENLDAP_USER" -o -n "$OPENLDAP_GROUP" ]; then
+       ldapdir=`grep ^directory /etc/openldap/slapd.conf | awk '{print $2}'`
+       # could be more than one
+       for n in $ldapdir; do
+           [ -d "$n" ] && [ -n "$OPENLDAP_USER" ] && \
+               chown -R $OPENLDAP_USER $n 2>/dev/null
+           [ -d "$n" ] && [ -n "$OPENLDAP_GROUP" ] && \
+               chgrp -R $OPENLDAP_GROUP $n 2>/dev/null
+       done
+       chgrp $OPENLDAP_GROUP /etc/openldap/slapd.conf 2>/dev/null
+       chmod 640 /etc/openldap/slapd.conf 2>/dev/null
+       fi
+   fi
         ldaps_check_tls_options || \
             echo -e "TLSCertificateFile of TLSCertificateKeyFile options missing." \
                  "\nDisabling SSL support. Check your /etc/openldap/slapd.conf."
         echo -n "Starting ldap-server"
-        /sbin/startproc $SLAPD_BIN -h "$SLAPD_URLS"
+        /sbin/startproc -p /var/run/slapd/slapd.pid $SLAPD_BIN -h "$SLAPD_URLS" $USER_CMD $GROUP_CMD
    # Remember status and be verbose
    rc_status -v

         ;;
     stop)
         echo -n "Shutting down ldap-server"
-        /sbin/killproc -TERM $SLAPD_BIN
+        /sbin/killproc -TERM -p /var/run/slapd/slapd.pid $SLAPD_BIN
    # Remember status and be verbose
    rc_status -v

@@ -153,7 +173,7 @@

    # NOTE: checkproc returns LSB compliant status values.

-        checkproc $SLAPD_BIN
+        checkproc -p /var/run/slapd/slapd.pid $SLAPD_BIN
    rc_status -v

         ;;
--- sysconfig.openldap  2002/08/26 16:35:24 1.1
+++ sysconfig.openldap  2002/08/26 16:35:47
@@ -8,3 +8,22 @@
 #       file
 #
 OPENLDAP_START_LDAPS="no"
+
+#
+# specifies a user, as which the openldap server should be executed
+# Default: ldap
+#
+OPENLDAP_USER="ldap"
+
+#
+# specifies a group, as which the openldap server should be executed
+# Default: ldap
+#
+OPENLDAP_GROUP="ldap"
+
+#
+# If set to "yes" the init scripts will change the owner/group of the
+# different backend database directories (e.g. /var/lib/ldap) to the
+# user/group specified above
+#
+OPENLDAP_CHOWN_DIRS="yes"