/[smeserver]/rpms/openldap/sme9/ldap.init
ViewVC logotype

Contents of /rpms/openldap/sme9/ldap.init

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Tue Nov 11 00:46:15 2014 UTC (10 years ago) by vip-ire
Branch: MAIN
CVS Tags: openldap-2_4_39-8_el6_sme, HEAD
Import openldap

1 #!/bin/bash
2 #
3 # slapd This shell script takes care of starting and stopping
4 # ldap servers (slapd).
5 #
6 # chkconfig: - 27 73
7 # description: LDAP stands for Lightweight Directory Access Protocol, used \
8 # for implementing the industry standard directory services.
9 # processname: slapd
10 # config: /etc/openldap/slapd.conf
11 # pidfile: /var/run/slapd.pid
12
13 ### BEGIN INIT INFO
14 # Provides: slapd
15 # Required-Start: $network $local_fs
16 # Required-Stop: $network $local_fs
17 # Should-Start:
18 # Should-Stop:
19 # Default-Start:
20 # Default-Stop:
21 # Short-Description: starts and stopd OpenLDAP server daemon
22 # Description: LDAP stands for Lightweight Directory Access Protocol, used
23 # for implementing the industry standard directory services.
24 ### END INIT INFO
25
26 # Source function library.
27 . /etc/init.d/functions
28
29 # Define default values of options allowed in /etc/sysconfig/ldap
30 SLAPD_LDAP="yes"
31 SLAPD_LDAPI="no"
32 SLAPD_LDAPS="no"
33 SLAPD_URLS=""
34 SLAPD_SHUTDOWN_TIMEOUT=3
35 # OPTIONS, SLAPD_OPTIONS and KTB5_KTNAME are not defined
36
37 # Source an auxiliary options file if we have one
38 if [ -r /etc/sysconfig/ldap ] ; then
39 . /etc/sysconfig/ldap
40 fi
41
42 slapd=/usr/sbin/slapd
43 slaptest=/usr/sbin/slaptest
44 lockfile=/var/lock/subsys/slapd
45 configdir=/etc/openldap/slapd.d/
46 configfile=/etc/openldap/slapd.conf
47 pidfile=/var/run/slapd.pid
48 slapd_pidfile=/var/run/openldap/slapd.pid
49
50 RETVAL=0
51
52 #
53 # Pass commands given in $2 and later to "test" run as user given in $1.
54 #
55 function testasuser() {
56 local user= cmd=
57 user="$1"
58 shift
59 cmd="$@"
60 if test x"$user" != x ; then
61 if test x"$cmd" != x ; then
62 /sbin/runuser -f -m -s /bin/sh -c "test $cmd" -- "$user"
63 else
64 false
65 fi
66 else
67 false
68 fi
69 }
70
71 #
72 # Check for read-access errors for the user given in $1 for a service named $2.
73 # If $3 is specified, the command is run if "klist" can't be found.
74 #
75 function checkkeytab() {
76 local user= service= klist= default=
77 user="$1"
78 service="$2"
79 default="${3:-false}"
80 if test -x /usr/kerberos/bin/klist ; then
81 klist=/usr/kerberos/bin/klist
82 elif test -x /usr/bin/klist ; then
83 klist=/usr/bin/klist
84 fi
85 KRB5_KTNAME="${KRB5_KTNAME:-/etc/krb5.keytab}"
86 export KRB5_KTNAME
87 if test -s "$KRB5_KTNAME" ; then
88 if test x"$klist" != x ; then
89 if LANG=C $klist -k "$KRB5_KTNAME" | tail -n 4 | awk '{print $2}' | grep -q ^"$service"/ ; then
90 if ! testasuser "$user" -r ${KRB5_KTNAME:-/etc/krb5.keytab} ; then
91 true
92 else
93 false
94 fi
95 else
96 false
97 fi
98 else
99 $default
100 fi
101 else
102 false
103 fi
104 }
105
106 function configtest() {
107 local user= ldapuid= dbdir= file=
108 # Check for simple-but-common errors.
109 user=ldap
110 prog=`basename ${slapd}`
111 ldapuid=`id -u $user`
112 # Unaccessible database files.
113 dbdirs=""
114 if [ -d $configdir ]; then
115 for configfile in `ls -1 $configdir/cn\=config/olcDatabase*.ldif`; do
116 dbdirs=$dbdirs"
117 "`LANG=C egrep '^olcDbDirectory[[:space:]]*:[[:space:]]+[[:print:]]+$' $configfile | sed 's,^olcDbDirectory: ,,'`
118 done
119 elif [ -f $configfile ]; then
120 dbdirs=`LANG=C egrep '^directory[[:space:]]+' $configfile | sed 's,^directory[[:space:]]*,,' | tr -d \"`
121 else
122 exit 6
123 fi
124 for dbdir in $dbdirs; do
125 if [ ! -d $dbdir ]; then
126 exit 6
127 fi
128 for file in `find ${dbdir}/ -not -uid $ldapuid -and \( -name "*.dbb" -or -name "*.gdbm" -or -name "*.bdb" -or -name "__db.*" -or -name "log.*" -or -name alock \)` ; do
129 echo -n $"$file is not owned by \"$user\"" ; warning ; echo
130 done
131 if test -f "${dbdir}/DB_CONFIG"; then
132 if ! testasuser $user -r "${dbdir}/DB_CONFIG"; then
133 file=DB_CONFIG
134 echo -n $"$file is not readable by \"$user\"" ; warning ; echo
135 fi
136 fi
137 done
138 # Unaccessible keytab with an "ldap" key.
139 if checkkeytab $user ldap ; then
140 file=${KRB5_KTNAME:-/etc/krb5.keytab}
141 echo -n $"$file is not readable by \"$user\"" ; warning ; echo
142 fi
143 # Check the configuration file.
144 slaptestout=`/sbin/runuser -m -s "$slaptest" -- "$user" "-u" 2>&1`
145 slaptestexit=$?
146 # slaptestout=`echo $slaptestout 2>/dev/null | grep -v "config file testing succeeded"`
147 # print warning if slaptest passed but reports some problems
148 if test $slaptestexit == 0 ; then
149 if echo "$slaptestout" | grep -v "config file testing succeeded" >/dev/null ; then
150 echo -n $"Checking configuration files for $prog: " ; warning ; echo
151 echo "$slaptestout"
152 fi
153 fi
154 # report error if configuration file is wrong
155 if test $slaptestexit != 0 ; then
156 echo -n $"Checking configuration files for $prog: " ; failure ; echo
157 echo "$slaptestout"
158 if /sbin/runuser -m -s "$slaptest" -- "$user" "-u" > /dev/null 2> /dev/null ; then
159 #dirs=`LANG=C egrep '^directory[[:space:]]+[[:print:]]+$' $configfile | awk '{print $2}'`
160 for directory in $dbdirs ; do
161 if test -r $directory/__db.001 ; then
162 echo -n $"stale lock files may be present in $directory" ; warning ; echo
163 fi
164 done
165 fi
166 exit 6
167 fi
168 }
169
170 function start() {
171 [ -x $slapd ] || exit 5
172 [ `id -u` -eq 0 ] || exit 4
173 configtest
174 # Define a couple of local variables which we'll need. Maybe.
175 user=ldap
176 prog=`basename ${slapd}`
177 harg="$SLAPD_URLS"
178 if test x$SLAPD_LDAP = xyes ; then
179 harg="$harg ldap:///"
180 fi
181 if test x$SLAPD_LDAPS = xyes ; then
182 harg="$harg ldaps:///"
183 fi
184 if test x$SLAPD_LDAPI = xyes ; then
185 harg="$harg ldapi:///"
186 fi
187 # System resources limit.
188 if [ -n "$SLAPD_ULIMIT_SETTINGS" ]; then
189 ulimit="ulimit $SLAPD_ULIMIT_SETTINGS &>/dev/null;"
190 else
191 ulimit=""
192 fi
193 # Release reserverd port
194 [ -x /sbin/portrelease ] && /sbin/portrelease slapd &>/dev/null || :
195 # Start daemons.
196 echo -n $"Starting $prog: "
197 daemon --pidfile=$pidfile --check=$prog $ulimit ${slapd} -h "\"$harg\"" -u ${user} $OPTIONS $SLAPD_OPTIONS
198 RETVAL=$?
199 if [ $RETVAL -eq 0 ]; then
200 touch $lockfile
201 ln $slapd_pidfile $pidfile
202 fi
203 echo
204 return $RETVAL
205 }
206
207 function stop() {
208 # Stop daemons.
209 prog=`basename ${slapd}`
210 [ `id -u` -eq 0 ] || exit 4
211 echo -n $"Stopping $prog: "
212
213 # This will remove pid and args files from /var/run/openldap
214 killproc -p $slapd_pidfile -d $SLAPD_SHUTDOWN_TIMEOUT ${slapd}
215 RETVAL=$?
216
217 # Now we want to remove lock file and hardlink of pid file
218 [ $RETVAL -eq 0 ] && rm -f $pidfile $lockfile
219 echo
220 return $RETVAL
221 }
222
223 # See how we were called.
224 case "$1" in
225 configtest)
226 configtest
227 ;;
228 start)
229 start
230 RETVAL=$?
231 ;;
232 stop)
233 stop
234 RETVAL=$?
235 ;;
236 status)
237 status -p $pidfile ${slapd}
238 RETVAL=$?
239 ;;
240 restart|force-reload)
241 stop
242 start
243 RETVAL=$?
244 ;;
245 condrestart|try-restart)
246 status -p $pidfile ${slapd} > /dev/null 2>&1 || exit 0
247 stop
248 start
249 ;;
250 usage)
251 echo $"Usage: $0 {start|stop|restart|force-reload|status|condrestart|try-restart|configtest|usage}"
252 RETVAL=0
253 ;;
254 *)
255 echo $"Usage: $0 {start|stop|restart|force-reload|status|condrestart|try-restart|configtest|usage}"
256 RETVAL=2
257 esac
258
259 exit $RETVAL

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed