Initialise le DIT ou=meta lors d'une réinitialisation

lib/reset

@@ -30,7 +30,7 @@ rm -rf /var/lib/ldap/*
 echo "ok"
 
 mkdir -p /etc/ldap/slapd.d
-mkdir /var/lib/ldap/config-accesslog/
+mkdir /var/lib/ldap/config-accesslog/ /var/lib/ldap/meta/
 
 if [ ! -f /var/lib/ldap/ssl.pem -a ! -f /var/lib/ssl.key ]; then
 	echo -n "Installation des certificats SSL par défaut .."
@@ -40,14 +40,20 @@ fi
 
 echo -n "Installation de la nouvelle configuration .. "
 slapadd -n0 -F/etc/ldap/slapd.d -l${LDIFDIR}/config.ldif
+echo "ok"
 
-echo "Installation des schémas .."
+echo -n "Installation des schémas .. "
 slapadd -n0 -F/etc/ldap/slapd.d -l/etc/ldap/schema/core.ldif
 slapadd -n0 -F/etc/ldap/slapd.d -l/etc/ldap/schema/cosine.ldif
 slapadd -n0 -F/etc/ldap/slapd.d -l/etc/ldap/schema/inetorgperson.ldif
 slapadd -n0 -F/etc/ldap/slapd.d -l${LDIFDIR}/supann-2009.ldif
 slapadd -n0 -F/etc/ldap/slapd.d -l${LDIFDIR}/eduperson.ldif
 slapadd -n0 -F/etc/ldap/slapd.d -l${LDIFDIR}/eduorg-200210-openldap.ldif
+echo "ok"
+
+echo "Installation de la racine du méta-annuaire .. "
+slapadd -n2 -F/etc/ldap/slapd.d -l${LDIFDIR}/meta.ldif
+echo "ok"
 
 chown -R openldap:openldap /etc/ldap/slapd.d /var/lib/ldap
 

share/config.ldif

@@ -76,3 +76,13 @@ olcAccessLogOps: writes
 # log are conserved one year and purged every day
 olcAccessLogPurge: 365+00:00 1+00:00
 olcAccessLogOld: objectClass=olcConfig
+
+dn: olcDatabase={2}mdb,cn=config
+objectClass: olcDatabaseConfig
+objectClass: olcMdbConfig
+olcSuffix: ou=meta
+olcDbDirectory: /var/lib/ldap/meta/
+# Allow reading accesslog only by root
+olcAccess: {0}to *
+   by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read
+   by * break

share/meta.ldif

@@ -0,0 +1,3 @@
+dn: ou=meta
+ou: meta
+description: méta-annuaire supann