solaris-desktop/patches/ldap_user.dif

10139N/A--- rc.ldap 2002/08/26 16:35:24 1.1
10139N/A+++ rc.ldap 2002/08/26 17:35:01
10139N/A@@ -60,6 +60,11 @@
10139N/A     esac
10139N/A }
10139N/A
10139N/A+USER_CMD=""
10139N/A+GROUP_CMD=""
10139N/A+[ ! "x$OPENLDAP_USER" = "x" ] && USER_CMD="-u $OPENLDAP_USER"
10139N/A+[ ! "x$OPENLDAP_GROUP" = "x" ] && GROUP_CMD="-g $OPENLDAP_GROUP"
10139N/A+
10139N/A # Return values acc. to LSB for all commands but status:
10139N/A # 0 - success
10139N/A # 1 - generic or unspecified error
10139N/A@@ -77,18 +82,33 @@
10139N/A
10139N/A case "$1" in
10139N/A     start)
10139N/A+   # chown backend directories if OPENLDAP_CHOWN_DIRS ist set
10139N/A+   if [ "$(echo "$OPENLDAP_CHOWN_DIRS" | tr 'A-Z' 'a-z')" == "yes" ]; then
10139N/A+       if [ -n "$OPENLDAP_USER" -o -n "$OPENLDAP_GROUP" ]; then
10139N/A+       ldapdir=`grep ^directory /etc/openldap/slapd.conf | awk '{print $2}'`
10139N/A+       # could be more than one
10139N/A+       for n in $ldapdir; do
10139N/A+           [ -d "$n" ] && [ -n "$OPENLDAP_USER" ] && \
10139N/A+               chown -R $OPENLDAP_USER $n 2>/dev/null
10139N/A+           [ -d "$n" ] && [ -n "$OPENLDAP_GROUP" ] && \
10139N/A+               chgrp -R $OPENLDAP_GROUP $n 2>/dev/null
10139N/A+       done
10139N/A+       chgrp $OPENLDAP_GROUP /etc/openldap/slapd.conf 2>/dev/null
10139N/A+       chmod 640 /etc/openldap/slapd.conf 2>/dev/null
10139N/A+       fi
10139N/A+   fi
10139N/A         ldaps_check_tls_options || \
10139N/A             echo -e "TLSCertificateFile of TLSCertificateKeyFile options missing." \
10139N/A                  "\nDisabling SSL support. Check your /etc/openldap/slapd.conf."
10139N/A         echo -n "Starting ldap-server"
10139N/A-        /sbin/startproc $SLAPD_BIN -h "$SLAPD_URLS"
10139N/A+        /sbin/startproc -p /var/run/slapd/slapd.pid $SLAPD_BIN -h "$SLAPD_URLS" $USER_CMD $GROUP_CMD
10139N/A    # Remember status and be verbose
10139N/A    rc_status -v
10139N/A
10139N/A         ;;
10139N/A     stop)
10139N/A         echo -n "Shutting down ldap-server"
10139N/A-        /sbin/killproc -TERM $SLAPD_BIN
10139N/A+        /sbin/killproc -TERM -p /var/run/slapd/slapd.pid $SLAPD_BIN
10139N/A    # Remember status and be verbose
10139N/A    rc_status -v
10139N/A
10139N/A@@ -153,7 +173,7 @@
10139N/A
10139N/A    # NOTE: checkproc returns LSB compliant status values.
10139N/A
10139N/A-        checkproc $SLAPD_BIN
10139N/A+        checkproc -p /var/run/slapd/slapd.pid $SLAPD_BIN
10139N/A    rc_status -v
10139N/A
10139N/A         ;;
10139N/A--- sysconfig.openldap  2002/08/26 16:35:24 1.1
10139N/A+++ sysconfig.openldap  2002/08/26 16:35:47
10139N/A@@ -8,3 +8,22 @@
10139N/A #       file
10139N/A #
10139N/A OPENLDAP_START_LDAPS="no"
10139N/A+
10139N/A+#
10139N/A+# specifies a user, as which the openldap server should be executed
10139N/A+# Default: ldap
10139N/A+#
10139N/A+OPENLDAP_USER="ldap"
10139N/A+
10139N/A+#
10139N/A+# specifies a group, as which the openldap server should be executed
10139N/A+# Default: ldap
10139N/A+#
10139N/A+OPENLDAP_GROUP="ldap"
10139N/A+
10139N/A+#
10139N/A+# If set to "yes" the init scripts will change the owner/group of the
10139N/A+# different backend database directories (e.g. /var/lib/ldap) to the
10139N/A+# user/group specified above
10139N/A+#
10139N/A+OPENLDAP_CHOWN_DIRS="yes"