skeleton /etc/sysconfig/ldap added

new SLAPD_LDAP option to turn off listening on ldap:/// fixed checking of SSL Resolves: #292591, #273581
2007-09-17 12:26:02 +00:00 · 2007-09-17 12:26:02 +00:00 · ba2e4625b7
commit ba2e4625b7
parent d384c93bc3
3 changed files with 43 additions and 6 deletions
--- a/ldap.init
+++ b/ldap.init
@ -19,9 +19,13 @@ if [ -r /etc/sysconfig/network ] ; then
 	[ ${NETWORKING} = "no" ] && exit 1
 fi

-# Source an auxiliary options file if we have one, and pick up OPTIONS,
-# SLAPD_OPTIONS, SLURPD_OPTIONS, SLAPD_LDAPS, SLAPD_LDAPI, and maybe
-# KRB5_KTNAME.
+# Define default values of options allowed in /etc/sysconfig/ldap
+SLAPD_LDAP="yes"
+SLAPD_LDAPI="no"
+SLAPD_LDAPS="no"
+# OPTIONS, SLAPD_OPTIONS, SLURPD_OPTIONS and KTB5_KTNAME are not defined
+
+# Source an auxiliary options file if we have one
 if [ -r /etc/sysconfig/ldap ] ; then
 	. /etc/sysconfig/ldap
 fi
@ -149,8 +153,11 @@ function start() {
 	# Define a couple of local variables which we'll need. Maybe.
 	user=ldap
 	prog=`basename ${slapd}`
-	harg="ldap:///"
-	if grep -q ^TLS /etc/openldap/slapd.conf || test x$SLAPD_LDAPS = xyes ; then
+	harg=""
+	if test x$LDAPD_LDAP = xyes ; then
+	    harg="ldap:///"
+	fi
+	if test x$SLAPD_LDAPS = xyes ; then
 	    harg="$harg ldaps:///"
 	fi
 	if test x$SLAPD_LDAPI = xyes ; then
@ -170,7 +177,7 @@ function start() {
 		    if [ "$replogfile" != "replogfile" ]
 		    then
 			echo -n $"Starting $prog: "
-			daemon ${slurpd} -r $replogfile -n $i
+			daemon ${slurpd} -r $replogfile -n $i $SLURPD_OPTIONS
 			# make the return value nozero if any of the slurpd failed
 			RET=$?
 			if [ $RET -ne 0 ] ; then
--- a/ldap.sysconfig
+++ b/ldap.sysconfig
@ -0,0 +1,18 @@
+# options of slapd (see man slapd)
+#SLAPD_OPTIONS=
+
+# options of slurpd (see man slurpd)
+#   
+#SLURPD_OPTIONS=
+
+# run slapd with -h "... ldap:/// ..."
+#   yes/no, default: yes
+#SLAPD_LDAP=yes
+
+# run slapd with -h "... ldapi:/// ..."
+#   yes/no, default: no
+#SLAPD_LDAPI=no
+
+# run slapd with -h "... ldaps:/// ..."
+#   yes/no, default: no
+#SLAPD_LDAPS=no
--- a/openldap.spec
+++ b/openldap.spec
@ -25,6 +25,7 @@ Source6: autofs.schema
 Source7: README.upgrading
 Source8: http://www.OpenLDAP.org/doc/admin/guide.html
 Source9: README.evolution
+Source10: ldap.sysconfig

 # Patches that are still valid for 2.3
 Patch0: openldap-2.3.34-config.patch
@ -455,6 +456,10 @@ rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/schema/*.default
 mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d
 install -m 755 $RPM_SOURCE_DIR/ldap.init $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/ldap

+# Install syconfig/ldap
+mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig
+install -m 644 $RPM_SOURCE_DIR/ldap.sysconfig $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/ldap
+
 # Add some more schema for the sake of migration scripts.
 install -d -m755 $RPM_BUILD_ROOT%{_sysconfdir}/openldap/schema/redhat
 install -m644 \
@ -616,7 +621,9 @@ fi
 %doc openldap-%{version_23}/doc/guide/admin/*.gif
 %ghost %config %{_sysconfdir}/pki/tls/certs/slapd.pem
 %attr(0755,root,root) %config %{_sysconfdir}/rc.d/init.d/ldap
+%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/ldap*.conf
 %attr(0640,root,ldap) %config(noreplace) %{_sysconfdir}/openldap/slapd.conf
+%attr(0640,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/ldap
 %attr(0640,root,ldap) %{_sysconfdir}/openldap/DB_CONFIG.example
 %attr(0755,root,root) %dir %{_sysconfdir}/openldap/schema
 %attr(0644,root,root) %dir %{_sysconfdir}/openldap/schema/README*
@ -669,6 +676,11 @@ fi
 %attr(0644,root,root)      %{evolution_connector_libdir}/*.a

 %changelog
+* Mon Sep 17 2007 Jan Safranek <jsafranek@redhat.com> 2.3.38-2%{?dist}
+- skeleton /etc/sysconfig/ldap added
+- new SLAPD_LDAP option to turn off listening on ldap:/// (#292591)
+- fixed checking of SSL (#292611)
+
 * Thu Sep  6 2007 Jan Safranek <jsafranek@redhat.com> 2.3.38-1%{?dist}
 - new upstream version
 - added images to the guide.html (#273581)