Project

General

Profile

Download (1.98 KB) Statistics
| Branch: | Tag: | Revision:

root / lib / reset-slapd @ 17f6c75c

1
#!/bin/sh
2
# initial configuration of slapd
3

    
4
set -e
5

    
6
LDIFDIR=/usr/share/u-auth
7
SERVICE="/usr/sbin/service slapd"
8

    
9
echo ""
10
echo "  *************"
11
echo "  *           *   La configuration et toutes les données"
12
echo "  * ATTENTION *   de l'annuaire LDAP vont être définitivement"
13
echo "  *           *   effacées. Avez-vous fait un backup ?"
14
echo "  *************"
15

    
16
echo ""
17
echo "Confirmez la MISE A ZÉRO COMPLÈTE de l'annuaire LDAP."
18
echo ""
19
echo -n "Tapez oui en toutes lettres : "
20
read ok
21
if [ "x$ok" != "xoui" ]; then
22
	exit 3
23
fi
24

    
25
${SERVICE} stop || true
26

    
27

    
28
BACKUPDIR="/var/backup/reset-ldap-`date +%Y%m%dT%H:%M:%S`"
29
mkdir -p "$BACKUPDIR"
30
echo Old configuration saved in $BACKUPDIR
31
cp -R /var/lib/ldap /etc/ldap/slapd.d/ "$BACKUPDIR"
32

    
33
echo -n "Effacement de la configuration"
34
rm -rf /etc/ldap/slapd.d/*
35
echo -n " et des données .."
36
rm -rf /var/lib/ldap/*
37
echo "ok"
38

    
39
if ! grep "^\s*profile\s\+config\s*$" /etc/ldapvi.conf > /dev/null 2>&1; then
40
        echo "(ajout du 'profile config' dans /etc/ldapvi.conf)"
41
        cat << EOLDAPVI >> /etc/ldapvi.conf
42

    
43
profile config
44
host: ldapi://
45
sasl-mech: EXTERNAL
46
base: cn=config
47

    
48
EOLDAPVI
49
fi
50

    
51

    
52

    
53
mkdir /var/lib/ldap/config-accesslog/
54

    
55
echo "Installation de la nouvelle configuration .. "
56
slapadd -n0 -F/etc/ldap/slapd.d -l${LDIFDIR}/config.ldif
57
echo "ok"
58

    
59
echo "Installation des schémas .. "
60
slapadd -n0 -F/etc/ldap/slapd.d -l/etc/ldap/schema/core.ldif
61
slapadd -n0 -F/etc/ldap/slapd.d -l/etc/ldap/schema/cosine.ldif
62
slapadd -n0 -F/etc/ldap/slapd.d -l/etc/ldap/schema/inetorgperson.ldif
63
echo "ok"
64

    
65
chown -R openldap:openldap /etc/ldap/slapd.d /var/lib/ldap
66

    
67
if [ ! -s /etc/ldap/ssl/slapd.pem -o ! -s /etc/ldap/ssl/slapd.key ]; then
68
	echo "Pose de certificats SSL par défaut (invalides)"
69
	mkdir -p /etc/ldap/ssl
70
	cp -v ${LDIFDIR}/ssl.pem /etc/ldap/ssl/slapd.pem
71
	cp -v ${LDIFDIR}/ssl.key /etc/ldap/ssl/slapd.key
72
	chown -R root:openldap /etc/ldap/ssl
73
	chmod 0755 /etc/ldap/ssl
74
	chmod 0644 /etc/ldap/ssl/slapd.pem
75
	chmod 0640 /etc/ldap/ssl/slapd.key
76
	echo "ok"
77
fi
78

    
79
${SERVICE} start
80

    
(1-1/7)