From b5e66b7ea2ff74d847ac6efd75b44a14244eb11d Mon Sep 17 00:00:00 2001 From: Jan Vcelak Date: Tue, 14 Feb 2012 13:48:40 +0100 Subject: [PATCH] remove obsoleted slapd.conf --- openldap.spec | 7 +-- slapd.conf.obsolete | 147 -------------------------------------------- 2 files changed, 3 insertions(+), 151 deletions(-) delete mode 100644 slapd.conf.obsolete diff --git a/openldap.spec b/openldap.spec index 0cac08b..7bac71f 100644 --- a/openldap.spec +++ b/openldap.spec @@ -15,9 +15,8 @@ Source0: ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/openldap-%{version Source1: slapd.service Source2: slapd.sysconfig Source3: slapd.tmpfiles -Source4: slapd.conf.obsolete -Source5: slapd.ldif -Source6: ldap.conf +Source4: slapd.ldif +Source5: ldap.conf Source50: libexec-functions Source51: libexec-convert-config.sh Source52: libexec-check-config.sh @@ -369,7 +368,7 @@ chmod 0644 %{buildroot}%{_libdir}/lib*.*a # new configuration will be generated in %%post mkdir -p %{buildroot}%{_datadir} install -m 0755 -d %{buildroot}%{_datadir}/openldap-servers -install -m 0644 %SOURCE5 %{buildroot}%{_datadir}/openldap-servers/slapd.ldif +install -m 0644 %SOURCE4 %{buildroot}%{_datadir}/openldap-servers/slapd.ldif install -m 0700 -d %{buildroot}%{_sysconfdir}/openldap/slapd.d rm -f %{buildroot}%{_sysconfdir}/openldap/slapd.conf rm -f %{buildroot}%{_sysconfdir}/openldap/slapd.ldif diff --git a/slapd.conf.obsolete b/slapd.conf.obsolete deleted file mode 100644 index d8220b5..0000000 --- a/slapd.conf.obsolete +++ /dev/null @@ -1,147 +0,0 @@ -# -# See slapd.conf(5) for details on configuration options. -# This file should NOT be world readable. -# - -include /etc/openldap/schema/corba.schema -include /etc/openldap/schema/core.schema -include /etc/openldap/schema/cosine.schema -include /etc/openldap/schema/duaconf.schema -include /etc/openldap/schema/dyngroup.schema -include /etc/openldap/schema/inetorgperson.schema -include /etc/openldap/schema/java.schema -include /etc/openldap/schema/misc.schema -include /etc/openldap/schema/nis.schema -include /etc/openldap/schema/openldap.schema -include /etc/openldap/schema/ppolicy.schema -include /etc/openldap/schema/collective.schema - -# Allow LDAPv2 client connections. This is NOT the default. -allow bind_v2 - -# Do not enable referrals until AFTER you have a working directory -# service AND an understanding of referrals. -#referral ldap://root.openldap.org - -pidfile /var/run/openldap/slapd.pid -argsfile /var/run/openldap/slapd.args - -# Load dynamic backend modules -# - modulepath is architecture dependent value (32/64-bit system) -# - back_sql.la overlay requires openldap-server-sql package -# - dyngroup.la and dynlist.la cannot be used at the same time - -# modulepath /usr/lib/openldap -# modulepath /usr/lib64/openldap - -# moduleload accesslog.la -# moduleload auditlog.la -# moduleload back_dnssrv.la -# moduleload back_ldap.la -# moduleload back_mdb.la -# moduleload back_meta.la -# moduleload back_null.la -# moduleload back_passwd.la -# moduleload back_relay.la -# moduleload back_shell.la -# moduleload back_sock.la -# moduleload collect.la -# moduleload constraint.la -# moduleload dds.la -# moduleload deref.la -# moduleload dyngroup.la -# moduleload dynlist.la -# moduleload memberof.la -# moduleload pcache.la -# moduleload ppolicy.la -# moduleload refint.la -# moduleload retcode.la -# moduleload rwm.la -# moduleload seqmod.la -# moduleload smbk5pwd.la -# moduleload sssvlv.la -# moduleload syncprov.la -# moduleload translucent.la -# moduleload unique.la -# moduleload valsort.la - -# The next three lines allow use of TLS for encrypting connections using a -# dummy test certificate which you can generate by changing to -# /etc/pki/tls/certs, running "make slapd.pem", and fixing permissions on -# slapd.pem so that the ldap user or group can read it. Your client software -# may balk at self-signed certificates, however. -# TLSCACertificateFile /etc/pki/tls/certs/ca-bundle.crt -# TLSCertificateFile /etc/pki/tls/certs/slapd.pem -# TLSCertificateKeyFile /etc/pki/tls/certs/slapd.pem - -# Sample security restrictions -# Require integrity protection (prevent hijacking) -# Require 112-bit (3DES or better) encryption for updates -# Require 63-bit encryption for simple bind -# security ssf=1 update_ssf=112 simple_bind=64 - -# Sample access control policy: -# Root DSE: allow anyone to read it -# Subschema (sub)entry DSE: allow anyone to read it -# Other DSEs: -# Allow self write access -# Allow authenticated users read access -# Allow anonymous users to authenticate -# Directives needed to implement policy: -# access to dn.base="" by * read -# access to dn.base="cn=Subschema" by * read -# access to * -# by self write -# by users read -# by anonymous auth -# -# if no access controls are present, the default policy -# allows anyone and everyone to read anything but restricts -# updates to rootdn. (e.g., "access to * by * read") -# -# rootdn can always read and write EVERYTHING! - -# enable on-the-fly configuration (cn=config) -database config -access to * - by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage - by * none - -# enable server status monitoring (cn=monitor) -database monitor -access to * - by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read - by dn.exact="cn=Manager,dc=my-domain,dc=com" read - by * none - -####################################################################### -# database definitions -####################################################################### - -database hdb -suffix "dc=my-domain,dc=com" -checkpoint 1024 15 -rootdn "cn=Manager,dc=my-domain,dc=com" -# Cleartext passwords, especially for the rootdn, should -# be avoided. See slappasswd(8) and slapd.conf(5) for details. -# Use of strong authentication encouraged. -# rootpw secret -# rootpw {crypt}ijFYNcSNctBYg - -# The database directory MUST exist prior to running slapd AND -# should only be accessible by the slapd and slap tools. -# Mode 700 recommended. -directory /var/lib/ldap - -# Indices to maintain for this database -index objectClass eq,pres -index ou,cn,mail,surname,givenname eq,pres,sub -index uidNumber,gidNumber,loginShell eq,pres -index uid,memberUid eq,pres,sub -index nisMapName,nisMapEntry eq,pres,sub - -# Replicas of this database -#replogfile /var/lib/ldap/openldap-master-replog -#replica host=ldap-1.example.com:389 starttls=critical -# bindmethod=sasl saslmech=GSSAPI -# authcId=host/ldap-master.example.com@EXAMPLE.COM