From dfc24baea5d7a68e3f63d0290ae68cd5658d64d9 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Fri, 28 Nov 2014 18:28:12 +0100 Subject: [PATCH] =?UTF-8?q?Initialise=20le=20DIT=20ou=3Dmeta=20lors=20d'un?= =?UTF-8?q?e=20r=C3=A9initialisation?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lib/reset | 11 +++++++++-- share/config-meta.ldif | 9 +++++++++ share/meta.ldif | 4 ++++ 3 files changed, 22 insertions(+), 2 deletions(-) create mode 100644 share/config-meta.ldif create mode 100644 share/meta.ldif diff --git a/lib/reset b/lib/reset index 934931d..aecbc96 100755 --- a/lib/reset +++ b/lib/reset @@ -30,7 +30,7 @@ rm -rf /var/lib/ldap/* echo "ok" mkdir -p /etc/ldap/slapd.d -mkdir /var/lib/ldap/config-accesslog/ +mkdir /var/lib/ldap/config-accesslog/ /var/lib/ldap/meta/ if [ ! -f /var/lib/ldap/ssl.pem -a ! -f /var/lib/ssl.key ]; then echo -n "Installation des certificats SSL par défaut .." @@ -40,14 +40,21 @@ fi echo -n "Installation de la nouvelle configuration .. " slapadd -n0 -F/etc/ldap/slapd.d -l${LDIFDIR}/config.ldif +echo "ok" -echo "Installation des schémas .." +echo -n "Installation des schémas .. " slapadd -n0 -F/etc/ldap/slapd.d -l/etc/ldap/schema/core.ldif slapadd -n0 -F/etc/ldap/slapd.d -l/etc/ldap/schema/cosine.ldif slapadd -n0 -F/etc/ldap/slapd.d -l/etc/ldap/schema/inetorgperson.ldif slapadd -n0 -F/etc/ldap/slapd.d -l${LDIFDIR}/supann-2009.ldif slapadd -n0 -F/etc/ldap/slapd.d -l${LDIFDIR}/eduperson.ldif slapadd -n0 -F/etc/ldap/slapd.d -l${LDIFDIR}/eduorg-200210-openldap.ldif +echo "ok" + +echo "Installation de la racine du méta-annuaire .. " +slapadd -n0 -F/etc/ldap/slapd.d -l${LDIFDIR}/config-meta.ldif +slapadd -n2 -F/etc/ldap/slapd.d -l${LDIFDIR}/meta.ldif +echo "ok" chown -R openldap:openldap /etc/ldap/slapd.d /var/lib/ldap diff --git a/share/config-meta.ldif b/share/config-meta.ldif new file mode 100644 index 0000000..866ee72 --- /dev/null +++ b/share/config-meta.ldif @@ -0,0 +1,9 @@ +dn: olcDatabase={2}mdb,cn=config +objectClass: olcDatabaseConfig +objectClass: olcMdbConfig +olcSuffix: o=psl-meta +olcDbDirectory: /var/lib/ldap/meta/ +# Allow reading accesslog only by root +olcAccess: {0}to * + by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read + by * break diff --git a/share/meta.ldif b/share/meta.ldif new file mode 100644 index 0000000..31992cf --- /dev/null +++ b/share/meta.ldif @@ -0,0 +1,4 @@ +dn: o=psl-meta +objectClass: organization +o: psl-meta +description: méta-annuaire supann PSL