diff --git a/ldap.init b/ldap.init index 6d1eff2..300f14d 100644 --- a/ldap.init +++ b/ldap.init @@ -19,9 +19,13 @@ if [ -r /etc/sysconfig/network ] ; then [ ${NETWORKING} = "no" ] && exit 1 fi -# Source an auxiliary options file if we have one, and pick up OPTIONS, -# SLAPD_OPTIONS, SLURPD_OPTIONS, SLAPD_LDAPS, SLAPD_LDAPI, and maybe -# KRB5_KTNAME. +# Define default values of options allowed in /etc/sysconfig/ldap +SLAPD_LDAP="yes" +SLAPD_LDAPI="no" +SLAPD_LDAPS="no" +# OPTIONS, SLAPD_OPTIONS, SLURPD_OPTIONS and KTB5_KTNAME are not defined + +# Source an auxiliary options file if we have one if [ -r /etc/sysconfig/ldap ] ; then . /etc/sysconfig/ldap fi @@ -149,8 +153,11 @@ function start() { # Define a couple of local variables which we'll need. Maybe. user=ldap prog=`basename ${slapd}` - harg="ldap:///" - if grep -q ^TLS /etc/openldap/slapd.conf || test x$SLAPD_LDAPS = xyes ; then + harg="" + if test x$LDAPD_LDAP = xyes ; then + harg="ldap:///" + fi + if test x$SLAPD_LDAPS = xyes ; then harg="$harg ldaps:///" fi if test x$SLAPD_LDAPI = xyes ; then @@ -170,7 +177,7 @@ function start() { if [ "$replogfile" != "replogfile" ] then echo -n $"Starting $prog: " - daemon ${slurpd} -r $replogfile -n $i + daemon ${slurpd} -r $replogfile -n $i $SLURPD_OPTIONS # make the return value nozero if any of the slurpd failed RET=$? if [ $RET -ne 0 ] ; then diff --git a/ldap.sysconfig b/ldap.sysconfig new file mode 100644 index 0000000..6e3a86b --- /dev/null +++ b/ldap.sysconfig @@ -0,0 +1,18 @@ +# options of slapd (see man slapd) +#SLAPD_OPTIONS= + +# options of slurpd (see man slurpd) +# +#SLURPD_OPTIONS= + +# run slapd with -h "... ldap:/// ..." +# yes/no, default: yes +#SLAPD_LDAP=yes + +# run slapd with -h "... ldapi:/// ..." +# yes/no, default: no +#SLAPD_LDAPI=no + +# run slapd with -h "... ldaps:/// ..." +# yes/no, default: no +#SLAPD_LDAPS=no diff --git a/openldap.spec b/openldap.spec index 1734211..1af5457 100644 --- a/openldap.spec +++ b/openldap.spec @@ -25,6 +25,7 @@ Source6: autofs.schema Source7: README.upgrading Source8: http://www.OpenLDAP.org/doc/admin/guide.html Source9: README.evolution +Source10: ldap.sysconfig # Patches that are still valid for 2.3 Patch0: openldap-2.3.34-config.patch @@ -455,6 +456,10 @@ rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/schema/*.default mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d install -m 755 $RPM_SOURCE_DIR/ldap.init $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/ldap +# Install syconfig/ldap +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig +install -m 644 $RPM_SOURCE_DIR/ldap.sysconfig $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/ldap + # Add some more schema for the sake of migration scripts. install -d -m755 $RPM_BUILD_ROOT%{_sysconfdir}/openldap/schema/redhat install -m644 \ @@ -616,7 +621,9 @@ fi %doc openldap-%{version_23}/doc/guide/admin/*.gif %ghost %config %{_sysconfdir}/pki/tls/certs/slapd.pem %attr(0755,root,root) %config %{_sysconfdir}/rc.d/init.d/ldap +%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/ldap*.conf %attr(0640,root,ldap) %config(noreplace) %{_sysconfdir}/openldap/slapd.conf +%attr(0640,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/ldap %attr(0640,root,ldap) %{_sysconfdir}/openldap/DB_CONFIG.example %attr(0755,root,root) %dir %{_sysconfdir}/openldap/schema %attr(0644,root,root) %dir %{_sysconfdir}/openldap/schema/README* @@ -669,6 +676,11 @@ fi %attr(0644,root,root) %{evolution_connector_libdir}/*.a %changelog +* Mon Sep 17 2007 Jan Safranek 2.3.38-2%{?dist} +- skeleton /etc/sysconfig/ldap added +- new SLAPD_LDAP option to turn off listening on ldap:/// (#292591) +- fixed checking of SSL (#292611) + * Thu Sep 6 2007 Jan Safranek 2.3.38-1%{?dist} - new upstream version - added images to the guide.html (#273581)