#!/bin/sh # # ldap This shell script takes care of starting and stopping # ldap servers (slapd and slurpd). # # chkconfig: 345 39 61 # description: LDAP stands for Lightweight Directory Access Protocol, used \ # for implementing the industry standard directory services. # processname: slapd # config: /etc/openldap/slapd.conf # pidfile: /var/run/ldap/slapd.pid # # Created by Christian Zoffoli <czoffoli@linux-mandrake.com> # Version 0.1b 2001-05-23 # # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. [ ${NETWORKING} = "no" ] && exit 0 # define gprintf for distros without it: gprintf() { printf -- "$@" } # Source function library. if [ -f /etc/init.d/functions ] ; then . /etc/init.d/functions elif [ -f /etc/rc.d/init.d/functions ] ; then . /etc/rc.d/init.d/functions else exit 0 fi SLAPDCONF=/etc/openldap/slapd.conf LDAPUSER=ldap LDAPGROUP=ldap # Source an auxiliary options file if we have one, and pick up OPTIONS, # SLAPD_OPTIONS, and SLURPD_OPTIONS. if [ -r /etc/sysconfig/ldap ] ; then . /etc/sysconfig/ldap fi slapd=/usr/sbin/slapd slurpd=/usr/sbin/slurpd [ -x ${slapd} ] || exit 0 [ -x ${slurpd} ] || exit 0 export TMPDIR=/var/tmp check_slurpd() { if grep -Eq "^[[:space:]]*replica[[:space:]]+(host|uri)" $SLAPDCONF then STARTSLURPD="${STARTSLURPD:-yes}" fi if [ "${STARTSLURPD:-no}" == "yes" ] then return 0 fi return 1 } start() { local RETVAL=0 local RETVAL2=0 local ARGS="" # Start daemons. ARGS="-u $LDAPUSER -g $LDAPGROUP" # Syslog if [ -n "$SLAPDSYSLOGLOCALUSER" ] ; then ARGS="$ARGS -l $SLAPDSYSLOGLOCALUSER" if [ -n "$SLAPDSYSLOGLEVEL" ] ; then ARGS="$ARGS -s $SLAPDSYSLOGLEVEL" fi fi if [ "$SLAPDCONF" != "/etc/openldap/slapd.conf" ] then ARGS="$ARGS -f $SLAPDCONF" fi OUT="ldap" if [ -n "$SLAPDURLLIST" ] ; then if grep -q "^[[:space:]]*TLS" $SLAPDCONF then OUT="ldap + ldaps" else SLAPDURLLIST=$( echo $SLAPDURLLIST | sed 's#ldaps:[^ ]*##g') fi ARGS="$ARGS -h \"$SLAPDURLLIST \"" else if grep -q "^[[:space:]]*TLS" $SLAPDCONF then ARGS="$ARGS -h ldap:/// ldaps:///" && OUT="ldap + ldaps" else ARGS="$ARGS -h ldap:/// " fi fi gprintf "Starting %s: " "slapd ($OUT)" daemon ${slapd} $ARGS RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/ldap if [ $RETVAL -eq 0 ]; then if check_slurpd ; then gprintf "Starting %s: " slurpd daemon su "$LDAPUSER" -c \"${slurpd}\" -s /bin/sh RETVAL2=$? echo [ $RETVAL2 -eq 0 ] && touch /var/lock/subsys/ldapr fi fi [ $RETVAL -eq 0 -a $RETVAL2 -eq 0 ] || RETVAL=1 return $RETVAL } stop() { local RETVAL=0 local RETVAL2=0 # Stop daemons. gprintf "Stopping %s: " slapd killproc ${slapd} 2>/dev/null RETVAL=$? echo if [ -e /var/lock/subsys/ldapr ]; then gprintf "Stopping %s: " slurpd killproc ${slurpd} 2>/dev/null RETVAL2=$? echo [ $RETVAL2 -eq 0 ] && rm -f /var/lock/subsys/ldapr fi [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/ldap /var/run/ldap/slapd.args [ $RETVAL -eq 0 -a $RETVAL2 -eq 0 ] || RETVAL=1 return $RETVAL } dbtool () { local DO_RECOVER DO_PERMS while [ $# -ne 0 ] do case $1 in recover) DO_RECOVER=yes;; fixperms) DO_PERMS=yes;; esac shift done # For bdb backends we want to recover the transaction logs: dbdirs=`awk 'BEGIN {OFS=":"} /[:space:]*^database[:space:]*\w*/ {db=$2;suf="";dir=""}; /^[:space:]*suffix[:space:]*\w*/ {suf=$2;if((db=="bdb"||db=="ldbm"||db=="hdb")&&(suf!=""&&dir!="")) print dir};/^[:space:]*directory[:space:]*\w*/ {dir=$2; if((db=="bdb"||db=="ldbm"||db="hdb")&&(suf!=""&&dir!="")) print dir};' "$SLAPDCONF" $(awk '/^[[:blank:]]*include[[:blank:]]*/ {print $2}' "$SLAPDCONF")|sed -e 's/"//g'` if [ "$DO_RECOVER" == "yes" ] then # Find a db_recover local DBRECOVER if [ -x /usr/bin/slapd_db_recover ] then # private db_recover is the best choice DBRECOVER=/usr/bin/slapd_db_recover elif [ -x /usr/bin/db_recover ] then DBRECOVER=/usr/bin/db_recover else DBRECOVER="" fi fi for dbdir in $dbdirs do # Ensure the ldap user owns all database directories if [ "$DO_PERMS" == "yes" -a "$FIXPERMS" != "no" ] then chown -R $LDAPUSER:$LDAPGROUP $dbdir fi if [ "$DO_RECOVER" -a -n "`find ${dbdir}/*.bdb 2>&-`" -a "$AUTORECOVER" != "no" ] then if [ -n "$DBRECOVER" ] then gprintf "Running %s on %s\n" "$DBRECOVER" "${dbdir}" su $LDAPUSER -s /bin/bash -c "$DBRECOVER -h "${dbdir}" 2>&1 >/dev/null" if [ -f "${dbdir}/alock" ] then gprintf "removing ${dbdir}/alock\n" rm -f "${dbdir}/alock" fi else gprintf "Warning: no %s available for %s\n" db_recover "${dbdir}" fi fi done } # See how we were called. case "$1" in start) dbtool fixperms start RETVAL=$? ;; stop) stop RETVAL=$? ;; status) status ${slapd} RETVAL=$? if check_slurpd ; then status ${slurpd} RETVAL=$? fi ;; restart) stop dbtool fixperms start RETVAL=$? ;; reload) killall -HUP ${slapd} RETVAL=$? if [ $RETVAL -eq 0 ]; then if check_slurpd ; then killall -HUP ${slurpd} RETVAL=$? fi fi ;; condrestart) RETVAL=0 if [ -f /var/lock/subsys/ldap ] ; then stop start RETVAL=$? fi ;; recover) RETVAL=0 if [ -f /var/lock/subsys/ldap ] then if stop then dbtool recover fixperms start else gprintf "Failed to stop\n" fi else dbtool recover fixperms fi RETVAL=$? ;; *) gprintf "Usage: %s\n" "$0 {start|stop|restart|status|condrestart|recover}" RETVAL=1 ;; esac exit $RETVAL