Revert to previous LDAP patch.
This commit is contained in:
parent
ab30f48028
commit
2993a2a507
@ -1,2 +1 @@
|
|||||||
dhcp-3.0.5.tar.gz
|
dhcp-3.0.5.tar.gz
|
||||||
dhcp-3.0.5-ldap-patch
|
|
||||||
|
157
README.ldap
Normal file
157
README.ldap
Normal file
@ -0,0 +1,157 @@
|
|||||||
|
LDAP Support in DHCP
|
||||||
|
Brian Masney <masneyb@ntelos.net>
|
||||||
|
Last updated 8/16/2002
|
||||||
|
|
||||||
|
This document describes setting up the DHCP server to read it's configuration
|
||||||
|
from LDAP. This work is based on the IETF document
|
||||||
|
draft-ietf-dhc-ldap-schema-01.txt included in the doc directory. For the latest
|
||||||
|
version of this document, please see http://home.ntelos.net/~masneyb.
|
||||||
|
|
||||||
|
First question on most people's mind is "Why do I want to store my
|
||||||
|
configuration in LDAP?" If you run a small DHCP server, and the configuration
|
||||||
|
on it rarely changes, then you won't need to store your configuration in LDAP.
|
||||||
|
But, if you have several DHCP servers, and you want an easy way to manage your
|
||||||
|
configuration, this can be a solution.
|
||||||
|
|
||||||
|
The first step will be to setup your LDAP server. I am using OpenLDAP from
|
||||||
|
www.openldap.org. Building and installing OpenLDAP is beyond the scope of this
|
||||||
|
document. There is plenty of documentation out there about this. Once you have
|
||||||
|
OpenLDAP installed, you will have to edit your slapd.conf file. I added the
|
||||||
|
following 2 lines to my configuration file:
|
||||||
|
|
||||||
|
include /etc/ldap/schema/dhcp.schema
|
||||||
|
index dhcpHWAddress eq
|
||||||
|
index dhcpClassData eq
|
||||||
|
|
||||||
|
The first line tells it to include the dhcp schema file. You will find this
|
||||||
|
file under the contrib directory in this distribution. You will need to copy
|
||||||
|
this file to where your other schema files are (maybe
|
||||||
|
/usr/local/openldap/etc/openldap/schema/). The second line sets up
|
||||||
|
an index for the dhcpHWAddress parameter. The third parameter is for reading
|
||||||
|
subclasses from LDAP every time a DHCP request comes in. Make sure you run the
|
||||||
|
slapindex command and restart slapd to have these changes to into effect.
|
||||||
|
|
||||||
|
Now that you have LDAP setup, you should be able to use gq (http://biot.com/gq/)
|
||||||
|
to verify that the dhcp schema file is loaded into LDAP. Pull up gq, and click
|
||||||
|
on the Schema tab. Go under objectClasses, and you should see at least the
|
||||||
|
following object classes listed: dhcpClass, dhcpGroup, dhcpHost, dhcpOptions,
|
||||||
|
dhcpPool, dhcpServer, dhcpService, dhcpSharedNetwork, dhcpSubClass, and
|
||||||
|
dhcpSubnet. If you do not see these, you need to check over your LDAP
|
||||||
|
configuration before you go any further.
|
||||||
|
|
||||||
|
You should be ready to build DHCP. Edit the includes/site.h file and uncomment
|
||||||
|
the #define LDAP_CONFIGURATION. Now run configure in the base source directory.
|
||||||
|
Edit the work.os/server/Makefile and add -lldap to the LIBS= line. (replace os
|
||||||
|
with your operating system, linux-2.2 on my machine). You should be able to
|
||||||
|
type make to build your DHCP server.
|
||||||
|
|
||||||
|
Once you have DHCP installed, you will need to setup your initial plaintext
|
||||||
|
config file. In my /etc/dhcpd.conf file, I have:
|
||||||
|
|
||||||
|
ldap-server "localhost";
|
||||||
|
ldap-port 389;
|
||||||
|
ldap-username "cn=DHCP User, dc=ntelos, dc=net";
|
||||||
|
ldap-password "blah";
|
||||||
|
ldap-base-dn "dc=ntelos, dc=net";
|
||||||
|
ldap-method dynamic;
|
||||||
|
|
||||||
|
All of these parameters should be self explanatory except for the ldap-method.
|
||||||
|
You can set this to static or dynamic. If you set it to static, the
|
||||||
|
configuration is read once on startup, and LDAP isn't used anymore. But, if you
|
||||||
|
set this to dynamic, the configuration is read once on startup, and the
|
||||||
|
hosts that are stored in LDAP are looked up every time a DHCP request comes in.
|
||||||
|
|
||||||
|
The next step is to set up your LDAP tree. Here is an example config that will
|
||||||
|
give a 10.100.0.x address to machines that have a host entry in LDAP.
|
||||||
|
Otherwise, it will give a 10.200.0.x address to them. (NOTE: replace
|
||||||
|
dc=ntelos, dc=net with your base dn). If you would like to convert your
|
||||||
|
existing dhcpd.conf file to LDIF format, there is a script
|
||||||
|
contrib/dhcpd-conf-to-ldap.pl that will convert it for you.
|
||||||
|
|
||||||
|
# You must specify the server's host name in LDAP that you are going to run
|
||||||
|
# DHCP on and point it to which config tree you want to use. Whenever DHCP
|
||||||
|
# first starts up, it will do a search for this entry to find out which
|
||||||
|
# config to use
|
||||||
|
dn: cn=brian.ntelos.net, dc=ntelos, dc=net
|
||||||
|
objectClass: top
|
||||||
|
objectClass: dhcpServer
|
||||||
|
cn: brian.ntelos.net
|
||||||
|
dhcpServiceDN: cn=DHCP Service Config, dc=ntelos, dc=net
|
||||||
|
|
||||||
|
# Here is the config tree that brian.ntelos.net points to.
|
||||||
|
dn: cn=DHCP Service Config, dc=ntelos, dc=net
|
||||||
|
cn: DHCP Service Config
|
||||||
|
objectClass: top
|
||||||
|
objectClass: dhcpService
|
||||||
|
dhcpPrimaryDN: dc=ntelos, dc=net
|
||||||
|
dhcpStatements: ddns-update-style ad-hoc
|
||||||
|
dhcpStatements: default-lease-time 600
|
||||||
|
dhcpStatements: max-lease-time 7200
|
||||||
|
|
||||||
|
# Set up a shared network segment
|
||||||
|
dn: cn=WV Test, cn=DHCP Service Config, dc=ntelos, dc=net
|
||||||
|
cn: WV
|
||||||
|
objectClass: top
|
||||||
|
objectClass: dhcpSharedNetwork
|
||||||
|
|
||||||
|
# Set up a subnet declaration with a pool statement. Also note that we have
|
||||||
|
# a dhcpOptions object with this entry
|
||||||
|
dn: cn=10.100.0.0, cn=WV Test, cn=DHCP Service Config, dc=ntelos, dc=net
|
||||||
|
cn: 10.100.0.0
|
||||||
|
objectClass: top
|
||||||
|
objectClass: dhcpSubnet
|
||||||
|
objectClass: dhcpOptions
|
||||||
|
dhcpOption: domain-name-servers 10.100.0.2
|
||||||
|
dhcpOption: routers 10.100.0.1
|
||||||
|
dhcpOption: subnet-mask 255.255.255.0
|
||||||
|
dhcpOption: broadcast-address 10.100.0.255
|
||||||
|
dhcpNetMask: 24
|
||||||
|
|
||||||
|
# Set up a pool for this subnet. Only known hosts will get these IPs
|
||||||
|
dn: cn=Known Pool, cn=10.100.0.0, cn=WV Test, cn=DHCP Service Config, dc=ntelos, dc=net
|
||||||
|
cn: Known Pool
|
||||||
|
objectClass: top
|
||||||
|
objectClass: dhcpPool
|
||||||
|
dhcpRange: 10.100.0.3 10.100.0.254
|
||||||
|
dhcpPermitList: deny unknown-clients
|
||||||
|
|
||||||
|
# Set up another subnet declaration with a pool statement
|
||||||
|
dn: cn=10.200.0.0, cn=WV Test, cn=DHCP Service Config, dc=ntelos, dc=net
|
||||||
|
cn: 10.200.0.0
|
||||||
|
objectClass: top
|
||||||
|
objectClass: dhcpSubnet
|
||||||
|
objectClass: dhcpOptions
|
||||||
|
dhcpOption: domain-name-servers 10.200.0.2
|
||||||
|
dhcpOption: routers 10.200.0.1
|
||||||
|
dhcpOption: subnet-mask 255.255.255.0
|
||||||
|
dhcpOption: broadcast-address 10.200.0.255
|
||||||
|
dhcpNetMask: 24
|
||||||
|
|
||||||
|
# Set up a pool for this subnet. Only unknown hosts will get these IPs
|
||||||
|
dn: cn=Known Pool, cn=10.200.0.0, cn=WV Test, cn=DHCP Service Config, dc=ntelos, dc=net
|
||||||
|
cn: Known Pool
|
||||||
|
objectClass: top
|
||||||
|
objectClass: dhcpPool
|
||||||
|
dhcpRange: 10.200.0.3 10.200.0.254
|
||||||
|
dhcpPermitList: deny known clients
|
||||||
|
|
||||||
|
# Set aside a group for all of our known MAC addresses
|
||||||
|
dn: cn=Customers, cn=DHCP Service Config, dc=ntelos, dc=net
|
||||||
|
objectClass: top
|
||||||
|
objectClass: dhcpGroup
|
||||||
|
cn: Customers
|
||||||
|
|
||||||
|
# Host entry for my laptop
|
||||||
|
dn: cn=brianlaptop, cn=Customers, cn=DHCP Service Config, dc=ntelos, dc=net
|
||||||
|
objectClass: top
|
||||||
|
objectClass: dhcpHost
|
||||||
|
cn: brianlaptop
|
||||||
|
dhcpHWAddress: ethernet 00:00:00:00:00:00
|
||||||
|
|
||||||
|
You can use the command slapadd to load all of these entries into your LDAP
|
||||||
|
server. After you load this, you should be able to start up DHCP. If you run
|
||||||
|
into problems reading the configuration, try running dhcpd with the -d flag.
|
||||||
|
If you still have problems, edit the site.conf file in the DHCP source and
|
||||||
|
add the line: COPTS= -DDEBUG_LDAP and recompile DHCP. (make sure you run make
|
||||||
|
clean and rerun configure before you rebuild).
|
||||||
|
|
1489
dhcp-3.0.5-ldap-configuration.patch
Normal file
1489
dhcp-3.0.5-ldap-configuration.patch
Normal file
File diff suppressed because it is too large
Load Diff
34
dhcp.spec
34
dhcp.spec
@ -10,7 +10,7 @@
|
|||||||
Summary: DHCP (Dynamic Host Configuration Protocol) server and relay agent
|
Summary: DHCP (Dynamic Host Configuration Protocol) server and relay agent
|
||||||
Name: dhcp
|
Name: dhcp
|
||||||
Version: 3.0.5
|
Version: 3.0.5
|
||||||
Release: 26%{?dist}
|
Release: 25%{?dist}
|
||||||
Epoch: 12
|
Epoch: 12
|
||||||
License: ISC
|
License: ISC
|
||||||
Group: System Environment/Daemons
|
Group: System Environment/Daemons
|
||||||
@ -21,8 +21,10 @@ Source2: dhcpd.init
|
|||||||
Source3: dhcrelay.init
|
Source3: dhcrelay.init
|
||||||
Source4: dhcpd.conf
|
Source4: dhcpd.conf
|
||||||
Source5: libdhcp4client.pc
|
Source5: libdhcp4client.pc
|
||||||
Source6: linux.dbus-example
|
Source6: README.ldap
|
||||||
Source7: http://home.ntelos.net/~masneyb/%{name}-%{version}-ldap-patch
|
Source7: draft-ietf-dhc-ldap-schema-01.txt
|
||||||
|
Source8: dhcpd-conf-to-ldap.pl
|
||||||
|
Source9: linux.dbus-example
|
||||||
|
|
||||||
Patch0: dhcp-3.0.5-extended-new-option-info.patch
|
Patch0: dhcp-3.0.5-extended-new-option-info.patch
|
||||||
Patch1: dhcp-3.0.5-Makefile.patch
|
Patch1: dhcp-3.0.5-Makefile.patch
|
||||||
@ -38,7 +40,8 @@ Patch10: dhcp-3.0.5-server.patch
|
|||||||
Patch11: dhcp-3.0.5-timeouts.patch
|
Patch11: dhcp-3.0.5-timeouts.patch
|
||||||
Patch12: dhcp-3.0.5-fix-warnings.patch
|
Patch12: dhcp-3.0.5-fix-warnings.patch
|
||||||
Patch13: dhcp-3.0.5-xen-checksum.patch
|
Patch13: dhcp-3.0.5-xen-checksum.patch
|
||||||
Patch14: dhcp-3.0.5-no-win32.patch
|
Patch14: dhcp-3.0.5-ldap-configuration.patch
|
||||||
|
Patch15: dhcp-3.0.5-no-win32.patch
|
||||||
|
|
||||||
# adds libdhcp4client to the ISC code base
|
# adds libdhcp4client to the ISC code base
|
||||||
Patch50: dhcp-3.0.5-libdhcp4client.patch
|
Patch50: dhcp-3.0.5-libdhcp4client.patch
|
||||||
@ -152,25 +155,27 @@ client library .
|
|||||||
# Fix Xen host networking problems (partial checksums)
|
# Fix Xen host networking problems (partial checksums)
|
||||||
#%patch13 -p1 -b .xen
|
#%patch13 -p1 -b .xen
|
||||||
|
|
||||||
|
# Add support for dhcpd.conf data in LDAP
|
||||||
|
%patch14 -p1 -b .ldap
|
||||||
|
|
||||||
# The contrib/ms2isc/Registry.pm file requires Win32API::Registry, which is
|
# The contrib/ms2isc/Registry.pm file requires Win32API::Registry, which is
|
||||||
# not part of Fedora by default. We comment out this use line in the script
|
# not part of Fedora by default. We comment out this use line in the script
|
||||||
# so that RPM doesn't automatically add perl(Win32API::Registry) dependency.
|
# so that RPM doesn't automatically add perl(Win32API::Registry) dependency.
|
||||||
# The patch puts a comment in the script telling the user which perl module
|
# The patch puts a comment in the script telling the user which perl module
|
||||||
# should be installed to use the Registry.pm contrib file.
|
# should be installed to use the Registry.pm contrib file.
|
||||||
%patch14 -p1 -b .no-win32
|
%patch15 -p1 -b .no-win32
|
||||||
|
|
||||||
# Add support for dhcpd.conf data in LDAP. This patch is from an upstream
|
# Add the libdhcp4client target (library version of dhclient)
|
||||||
# location, so we refer to the source file here and manually invoke the
|
|
||||||
# patch command.
|
|
||||||
%{__patch} -p1 -b -z .ldap < %SOURCE7
|
|
||||||
|
|
||||||
# Add the libdhcp4client target (library version of dhclient). This must be
|
|
||||||
# the last patch applied to the source tree.
|
|
||||||
%patch50 -p1 -b .libdhcp4client
|
%patch50 -p1 -b .libdhcp4client
|
||||||
|
|
||||||
|
# Copy in documentation and example scripts for LDAP patch to dhcpd
|
||||||
|
%{__cp} -p %SOURCE6 .
|
||||||
|
%{__cp} -p %SOURCE7 doc
|
||||||
|
%{__cp} -p %SOURCE8 contrib
|
||||||
|
|
||||||
# Copy in example dhclient script for use with D-BUS (requires extended
|
# Copy in example dhclient script for use with D-BUS (requires extended
|
||||||
# new option info patch too)
|
# new option info patch too)
|
||||||
%{__cp} -p %SOURCE6 client/scripts
|
%{__cp} -p %SOURCE9 client/scripts
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%{__cp} %SOURCE1 .
|
%{__cp} %SOURCE1 .
|
||||||
@ -330,9 +335,6 @@ exit 0
|
|||||||
%{_libdir}/libdhcp4client.so
|
%{_libdir}/libdhcp4client.so
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Mon Mar 05 2007 David Cantrell <dcantrell@redhat.com> - 12:3.0.5-26
|
|
||||||
- Use better upstream version of the LDAP configuration patch (#225691)
|
|
||||||
|
|
||||||
* Mon Mar 05 2007 David Cantrell <dcantrell@redhat.com> - 12:3.0.5-25
|
* Mon Mar 05 2007 David Cantrell <dcantrell@redhat.com> - 12:3.0.5-25
|
||||||
- Man pages need 0644 permissions (#222572)
|
- Man pages need 0644 permissions (#222572)
|
||||||
|
|
||||||
|
1089
draft-ietf-dhc-ldap-schema-01.txt
Normal file
1089
draft-ietf-dhc-ldap-schema-01.txt
Normal file
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user