PREIN
/bin/sh
grep -q ldap /etc/passwd && (
/usr/sbin/userdel ldap 1>&2 || :
)
grep -q ldap /etc/group && (
/usr/sbin/groupdel ldap 1>&2 || :
)
/usr/sbin/groupadd -g 93 -r -f ldap 1>&2 || :
/usr/sbin/useradd -M -o -r -u 93 -g ldap -c "OpenLDAP server" -d /var/lib/ldap ldap 1>&2 || :
# allowing slapd to read hosts.allow and hosts.deny
/usr/bin/gpasswd -a ldap adm 1>&2 > /dev/null || :
PREUN
/bin/sh
if [ $1 = 0 ]; then service ldap stop > /dev/null 2>/dev/null || :; /sbin/chkconfig --del ldap; fi;
POSTIN
/bin/sh
# Setup log facility for OpenLDAP
if [ -f /etc/syslog.conf ] ;then
# clean syslog
perl -pi -e "s|^.*ldap.*\n||g" /etc/syslog.conf
typeset -i cntlog
cntlog=0
# probe free local-users
while [ `grep -c local${cntlog} /etc/syslog.conf` -gt 0 ]
do
cntlog=${cntlog}+1
done
if [ ${cntlog} -le 9 ];then
echo "# added by openldap-2.0.21 r""pm $(date)" >> /etc/syslog.conf
echo "local${cntlog}.* /var/log/ldap/ldap.log" >> /etc/syslog.conf
# reset syslog daemon
if [ -f /var/lock/subsys/syslog ]; then
service syslog restart > /dev/null 2>/dev/null || :
fi
else
echo "I can't set syslog local-user!"
fi
# set syslog local-user in /etc/sysconfig/ldap
perl -pi -e "s|^.*SLAPDSYSLOGLOCALUSER.*|SLAPDSYSLOGLOCALUSER=\"LOCAL${cntlog}\"|g" /etc/sysconfig/ldap
fi
# Reset right permissions
for i in /var/lib/ldap/* ; do
if [ -f $i ]; then
chmod 0600 $i
chown ldap.ldap $i
fi
done
pushd /etc/openldap/ > /dev/null
for i in slapd.conf slapd.access.conf ldap.pem ; do
if [ -f $i ]; then
chmod 0640 $i
chown root.ldap $i
fi
done
popd > /dev/null
if [ $1 = 1 ]; then /sbin/chkconfig --add ldap; else if [ -f /var/lock/subsys/ldap ]; then service ldap restart > /dev/null 2>/dev/null || : ; fi; fi;
# nscd reset
if [ -f /var/lock/subsys/nscd ]; then
service nscd restart > /dev/null 2>/dev/null || :
fi
POSTUN
/bin/sh
if [ $1 = 0 ]; then
# remove ldap entry
perl -pi -e "s|^.*ldap.*\n||g" /etc/syslog.conf
# reset syslog daemon
if [ -f /var/lock/subsys/syslog ]; then
service syslog restart > /dev/null 2>/dev/null || :
fi
fi