From 28bcdf5266f75ef835fd3cbb353aadb782a1f27c Mon Sep 17 00:00:00 2001 From: Oliver Liebel Date: Mon, 10 Aug 2009 09:45:01 +1000 Subject: s4:provision Rework and further automate setup of OpenLDAP backend heres the summary of all changes/extensions: - Andrew Bartlett's patch to generate indext - Howard Chu's idea to use nosync on the DB included, but made optional - slaptest-path is not needed any more (slapd -Ttest is used instead) and is therefore removed. slapd-path is now recommended when openldap-backend is chosen. its also used for olc-conversion - slapd-detection is now always done by ldapsearch (ldb module), looking anonymous for objectClass: OpenLDAProotDSE via our ldapi_uri. - if ldapsearch was not successfull, (no slapd listening on our socket) slapd is started via special generated slapdcommand_prov (ldapi_uri only) - slapd-"provision-process" startup is done via pythons subprocess. - the slapd-provision-pid is stored under paths.ldapdir/slapd_provision_pid. - after provision-backend is finished: --- slapd.pid is compared with our stored slapd_provision_pid. if the are unique, slapd.pid will be read out, and the slapd "provison"-process will be shut down. --- proper slapd-shutdown is verified again with ldb-search -> ldapi_uri -> rootDSE. --- if the pids are different or one of the pid-files is missing, slapd will not be shut down, instead an error message is displayed to locate slapd manually --- extended help-messages (relevant to slapd) are always displayed, e.g. the commandline with which slapd has to be started when everythings finished (slapd-commandline is stored under paths.ldapdir/slapd_command_file.txt)) - upgraded the content of the mini-howto (howto-ol-backend-s4.txt) --- source4/setup/provision-backend | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'source4/setup/provision-backend') diff --git a/source4/setup/provision-backend b/source4/setup/provision-backend index 28e73ae302..5cf0f8bf6d 100755 --- a/source4/setup/provision-backend +++ b/source4/setup/provision-backend @@ -55,6 +55,7 @@ parser.add_option("--ldap-admin-pass", type="string", metavar="PASSWORD", parser.add_option("--root", type="string", metavar="USERNAME", help="choose 'root' unix username") parser.add_option("--quiet", help="Be quiet", action="store_true") +parser.add_option("--nosync", help="Configure LDAP backend not to call fsync() (for performance in test environments)", action="store_true") parser.add_option("--ldap-backend-type", type="choice", metavar="LDAP-BACKEND-TYPE", help="LDB mapping module to use for the LDAP backend", choices=["fedora-ds", "openldap"]) @@ -66,12 +67,12 @@ parser.add_option("--server-role", type="choice", metavar="ROLE", parser.add_option("--targetdir", type="string", metavar="DIR", help="Set target directory") parser.add_option("--ol-mmr-urls", type="string", metavar="LDAPSERVER", - help="List of LDAP-URLS [ ldap://:/ (where has to be different from 389!) ] separated with whitespaces for use with OpenLDAP-MMR (Multi-Master-Replication)") + help="List of LDAP-URLS [ ldap://:/ (where has to be different than 389!) ] separated with whitespaces for use with OpenLDAP-MMR (Multi-Master-Replication)") parser.add_option("--ol-olc", type="choice", metavar="OPENLDAP-OLC", - help="To setup OpenLDAP-Backend with Online-Configuration [slapd.d] choose 'yes'. Note: Only OpenLDAP-Versions greater or equal 2.4.15 should be used!", + help="To setup OpenLDAP-Backend with Online-Configuration [slapd.d] choose 'yes'.", choices=["yes", "no"]) -parser.add_option("--ol-slaptest", type="string", metavar="SLAPTEST-PATH", - help="Path to slaptest-binary [e.g.:'/usr/local/sbin']. Only for use with --ol-olc='yes'") +parser.add_option("--ol-slapd", type="string", metavar="SLAPD-PATH", + help="Path to OpenLDAP-Daemon (slapd) [e.g.:'/usr/local/libexec']. Recommended for Setup with OpenLDAP-Backend. OpenLDAP Version >= 2.4.17 should be used.") opts = parser.parse_args()[0] @@ -110,5 +111,5 @@ provision_backend(setup_dir=setup_dir, message=message, smbconf=smbconf, targetd ldap_backend_port=opts.ldap_backend_port, ol_mmr_urls=opts.ol_mmr_urls, ol_olc=opts.ol_olc, - ol_slaptest=opts.ol_slaptest) - + ol_slapd=opts.ol_slapd, + nosync=opts.nosync) -- cgit