aboutsummaryrefslogtreecommitdiffstats
path: root/net/openldap24-server/files/slapd.sh.in
blob: 1af8eee71a5ff33d6e65d169d1cc0be6427dc1e0 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
#!/bin/sh
#
# $FreeBSD$
#

# PROVIDE: slapd
# REQUIRE: NETWORKING SERVERS
# BEFORE: securelevel
# KEYWORD: shutdown

#
# Add the following lines to /etc/rc.conf to enable slapd:
#
#slapd_enable="YES"
#slapd_flags='-h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0/"'
#slapd_sockets="/var/run/openldap/ldapi"
#
# See slapd(8) for more flags
#
# The `-u' and `-g' flags are automatically extracted from slapd_owner,
# by default slapd runs under the non-privileged user id `ldap'. If you
# want to run slapd as root, override this in /etc/rc.conf with
#
#slapd_owner="DEFAULT"
#

. "%%RC_SUBR%%"

name="slapd"
rcvar=`set_rcvar`

command="%%PREFIX%%/libexec/slapd"
pidfile="%%LDAP_RUN_DIR%%/slapd.pid"
required_dirs="%%LDAP_RUN_DIR%%"
required_files="%%PREFIX%%/etc/openldap/slapd.conf"

start_precmd=start_precmd
start_postcmd=start_postcmd

# extract user and group, adjust ownership of directories and database

DATABASEDIR=`awk '$1 == "directory" {print $2}' "%%PREFIX%%/etc/openldap/slapd.conf"`

start_precmd()
{
  local slapd_ownername slapd_groupname

  case "$slapd_owner" in
  ""|[Nn][Oo][Nn][Ee]|[Dd][Ee][Ff][Aa][Uu][Ll][Tt])
    ;;
  *)
    local DBDIR
    for DBDIR in ${DATABASEDIR}; do
       if [ ! -d "${DBDIR}" ]; then
          mkdir -p "${DBDIR}"
          cp "%%PREFIX%%/etc/openldap/DB_CONFIG.example" "${DBDIR}/DB_CONFIG"
       fi
       chown -RL "$slapd_owner" "${DBDIR}"
       chmod 700 "${DBDIR}"
    done
    chown "$slapd_owner" "%%LDAP_RUN_DIR%%"
    chown "$slapd_owner" "%%PREFIX%%/etc/openldap/slapd.conf"

    slapd_ownername="${slapd_owner%:*}"
    slapd_groupname="${slapd_owner#*:}"

    if [ -n "$slapd_ownername" ]; then
      rc_flags="$rc_flags -u $slapd_ownername"
    fi
    if [ -n "$slapd_groupname" ]; then
      rc_flags="$rc_flags -g $slapd_groupname"
    fi
    ;;
  esac
}

# adjust ownership of created unix sockets

start_postcmd()
{
  local socket seconds

  for socket in $slapd_sockets; do
    for seconds in 1 2 3 4 5; do
      [ -e "$socket" ] && break
      sleep 1
    done
    if [ -S "$socket" ]; then
      case "$slapd_owner" in
      ""|[Nn][Oo][Nn][Ee]|[Dd][Ee][Ff][Aa][Uu][Ll][Tt])
        ;;
      *)
        chown "$slapd_owner" "$socket"
        ;;
      esac
      chmod "$slapd_sockets_mode" "$socket"
    else
      warn "slapd: Can't find socket $socket"
    fi
  done
}

# read settings, set defaults
load_rc_config $name
: ${slapd_enable="NO"}
if [ -n "${slapd_args+set}" ]; then
  warn "slapd_args is deprecated, use slapd_flags"
  : ${slapd_flags="$slapd_args"}
else
  : ${slapd_flags=""}
fi
: ${slapd_owner="ldap:ldap"}
: ${slapd_sockets=""}
: ${slapd_sockets_mode="666"}

run_rc_command "$1"