Skip to content

Commit 0abd796

Browse files
mtoddmtodd
committed
Add OpenLDAP installer, seed/config fixtures
1 parent 9ee2730 commit 0abd796

File tree

4 files changed

+518
-0
lines changed

4 files changed

+518
-0
lines changed

script/install-openldap

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,44 @@
1+
#!/usr/bin/env sh
2+
set -e
3+
set -x
4+
5+
BASE_PATH="$( cd `dirname $0`/../test/fixtures/openldap && pwd )"
6+
SEED_PATH="$( cd `dirname $0`/../test/fixtures && pwd )"
7+
8+
DEBIAN_FRONTEND=noninteractive sudo -E apt-get install -y --force-yes slapd time ldap-utils
9+
10+
sudo /etc/init.d/slapd stop
11+
12+
TMPDIR=$(mktemp -d)
13+
cd $TMPDIR
14+
15+
# Delete data and reconfigure.
16+
sudo cp -v /var/lib/ldap/DB_CONFIG ./DB_CONFIG
17+
sudo rm -rf /etc/ldap/slapd.d/*
18+
sudo rm -rf /var/lib/ldap/*
19+
sudo cp -v ./DB_CONFIG /var/lib/ldap/DB_CONFIG
20+
sudo slapadd -F /etc/ldap/slapd.d -b "cn=config" -l $BASE_PATH/slapd.conf.ldif
21+
# Load memberof and ref-int overlays and configure them.
22+
sudo slapadd -F /etc/ldap/slapd.d -b "cn=config" -l $BASE_PATH/memberof.ldif
23+
24+
# Add base domain.
25+
sudo slapadd -F /etc/ldap/slapd.d <<EOM
26+
dn: dc=rubyldap,dc=com
27+
objectClass: top
28+
objectClass: domain
29+
dc: rubyldap
30+
EOM
31+
32+
sudo chown -R openldap.openldap /etc/ldap/slapd.d
33+
sudo chown -R openldap.openldap /var/lib/ldap
34+
35+
sudo /etc/init.d/slapd start
36+
37+
# Import seed data.
38+
# NOTE: use ldapadd in order for memberOf and refint to apply, instead of:
39+
# cat $SEED_PATH/seed.ldif | sudo slapadd -F /etc/ldap/slapd.d
40+
/usr/bin/time sudo ldapadd -x -D "cn=admin,dc=rubyldap,dc=com" -w passworD1 \
41+
-h localhost -p 389 \
42+
-f $SEED_PATH/seed.ldif
43+
44+
sudo rm -rf $TMPDIR

test/fixtures/openldap/memberof.ldif

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,33 @@
1+
dn: cn=module,cn=config
2+
cn: module
3+
objectClass: olcModuleList
4+
objectClass: top
5+
olcModulePath: /usr/lib/ldap
6+
olcModuleLoad: memberof.la
7+
8+
dn: olcOverlay={0}memberof,olcDatabase={1}hdb,cn=config
9+
objectClass: olcConfig
10+
objectClass: olcMemberOf
11+
objectClass: olcOverlayConfig
12+
objectClass: top
13+
olcOverlay: memberof
14+
olcMemberOfDangling: ignore
15+
olcMemberOfRefInt: TRUE
16+
olcMemberOfGroupOC: groupOfNames
17+
olcMemberOfMemberAD: member
18+
olcMemberOfMemberOfAD: memberOf
19+
20+
dn: cn=module,cn=config
21+
cn: module
22+
objectclass: olcModuleList
23+
objectclass: top
24+
olcmoduleload: refint.la
25+
olcmodulepath: /usr/lib/ldap
26+
27+
dn: olcOverlay={1}refint,olcDatabase={1}hdb,cn=config
28+
objectClass: olcConfig
29+
objectClass: olcOverlayConfig
30+
objectClass: olcRefintConfig
31+
objectClass: top
32+
olcOverlay: {1}refint
33+
olcRefintAttribute: memberof member manager owner

test/fixtures/openldap/slapd.conf.ldif

Lines changed: 67 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,67 @@
1+
dn: cn=config
2+
objectClass: olcGlobal
3+
cn: config
4+
olcPidFile: /var/run/slapd/slapd.pid
5+
olcArgsFile: /var/run/slapd/slapd.args
6+
olcLogLevel: none
7+
olcToolThreads: 1
8+
9+
dn: olcDatabase={-1}frontend,cn=config
10+
objectClass: olcDatabaseConfig
11+
objectClass: olcFrontendConfig
12+
olcDatabase: {-1}frontend
13+
olcSizeLimit: 500
14+
olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break
15+
olcAccess: {1}to dn.exact="" by * read
16+
olcAccess: {2}to dn.base="cn=Subschema" by * read
17+
18+
dn: olcDatabase=config,cn=config
19+
objectClass: olcDatabaseConfig
20+
olcDatabase: config
21+
olcAccess: to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break
22+
23+
dn: cn=schema,cn=config
24+
objectClass: olcSchemaConfig
25+
cn: schema
26+
27+
include: file:///etc/ldap/schema/core.ldif
28+
include: file:///etc/ldap/schema/cosine.ldif
29+
include: file:///etc/ldap/schema/nis.ldif
30+
include: file:///etc/ldap/schema/inetorgperson.ldif
31+
32+
dn: cn=module{0},cn=config
33+
objectClass: olcModuleList
34+
cn: module{0}
35+
olcModulePath: /usr/lib/ldap
36+
olcModuleLoad: back_hdb
37+
38+
dn: olcBackend=hdb,cn=config
39+
objectClass: olcBackendConfig
40+
olcBackend: hdb
41+
42+
dn: olcDatabase=hdb,cn=config
43+
objectClass: olcDatabaseConfig
44+
objectClass: olcHdbConfig
45+
olcDatabase: hdb
46+
olcDbCheckpoint: 512 30
47+
olcDbConfig: set_cachesize 1 0 0
48+
olcDbConfig: set_lk_max_objects 1500
49+
olcDbConfig: set_lk_max_locks 1500
50+
olcDbConfig: set_lk_max_lockers 1500
51+
olcLastMod: TRUE
52+
olcSuffix: dc=rubyldap,dc=com
53+
olcDbDirectory: /var/lib/ldap
54+
olcRootDN: cn=admin,dc=rubyldap,dc=com
55+
# admin's password: "passworD1"
56+
olcRootPW: {SHA}LFSkM9eegU6j3PeGG7UuHrT/KZM=
57+
olcDbIndex: objectClass eq
58+
olcAccess: to attrs=userPassword,shadowLastChange
59+
by self write
60+
by anonymous auth
61+
by dn="cn=admin,dc=rubyldap,dc=com" write
62+
by * none
63+
olcAccess: to dn.base="" by * read
64+
olcAccess: to *
65+
by self write
66+
by dn="cn=admin,dc=rubyldap,dc=com" write
67+
by * read

0 commit comments

Comments
 (0)