blob: 1af8eee71a5ff33d6e65d169d1cc0be6427dc1e0 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
#!/bin/sh
#
# $FreeBSD$
#
# PROVIDE: slapd
# REQUIRE: NETWORKING SERVERS
# BEFORE: securelevel
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf to enable slapd:
#
#slapd_enable="YES"
#slapd_flags='-h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0/"'
#slapd_sockets="/var/run/openldap/ldapi"
#
# See slapd(8) for more flags
#
# The `-u' and `-g' flags are automatically extracted from slapd_owner,
# by default slapd runs under the non-privileged user id `ldap'. If you
# want to run slapd as root, override this in /etc/rc.conf with
#
#slapd_owner="DEFAULT"
#
. "%%RC_SUBR%%"
name="slapd"
rcvar=`set_rcvar`
command="%%PREFIX%%/libexec/slapd"
pidfile="%%LDAP_RUN_DIR%%/slapd.pid"
required_dirs="%%LDAP_RUN_DIR%%"
required_files="%%PREFIX%%/etc/openldap/slapd.conf"
start_precmd=start_precmd
start_postcmd=start_postcmd
# extract user and group, adjust ownership of directories and database
DATABASEDIR=`awk '$1 == "directory" {print $2}' "%%PREFIX%%/etc/openldap/slapd.conf"`
start_precmd()
{
local slapd_ownername slapd_groupname
case "$slapd_owner" in
""|[Nn][Oo][Nn][Ee]|[Dd][Ee][Ff][Aa][Uu][Ll][Tt])
;;
*)
local DBDIR
for DBDIR in ${DATABASEDIR}; do
if [ ! -d "${DBDIR}" ]; then
mkdir -p "${DBDIR}"
cp "%%PREFIX%%/etc/openldap/DB_CONFIG.example" "${DBDIR}/DB_CONFIG"
fi
chown -RL "$slapd_owner" "${DBDIR}"
chmod 700 "${DBDIR}"
done
chown "$slapd_owner" "%%LDAP_RUN_DIR%%"
chown "$slapd_owner" "%%PREFIX%%/etc/openldap/slapd.conf"
slapd_ownername="${slapd_owner%:*}"
slapd_groupname="${slapd_owner#*:}"
if [ -n "$slapd_ownername" ]; then
rc_flags="$rc_flags -u $slapd_ownername"
fi
if [ -n "$slapd_groupname" ]; then
rc_flags="$rc_flags -g $slapd_groupname"
fi
;;
esac
}
# adjust ownership of created unix sockets
start_postcmd()
{
local socket seconds
for socket in $slapd_sockets; do
for seconds in 1 2 3 4 5; do
[ -e "$socket" ] && break
sleep 1
done
if [ -S "$socket" ]; then
case "$slapd_owner" in
""|[Nn][Oo][Nn][Ee]|[Dd][Ee][Ff][Aa][Uu][Ll][Tt])
;;
*)
chown "$slapd_owner" "$socket"
;;
esac
chmod "$slapd_sockets_mode" "$socket"
else
warn "slapd: Can't find socket $socket"
fi
done
}
# read settings, set defaults
load_rc_config $name
: ${slapd_enable="NO"}
if [ -n "${slapd_args+set}" ]; then
warn "slapd_args is deprecated, use slapd_flags"
: ${slapd_flags="$slapd_args"}
else
: ${slapd_flags=""}
fi
: ${slapd_owner="ldap:ldap"}
: ${slapd_sockets=""}
: ${slapd_sockets_mode="666"}
run_rc_command "$1"
|