openstack/devstack
Code Issues Proposed changes
bc7f643bb7
devstack/lib/ldap
Adam Spiers 6a5aa7c6a2 Fix some Markdown formatting issues 
Address miscellaneous issues with Markdown formatting in comments which
are consumed by shocco when generating the online documentation.

Change-Id: I953075cdbddbf1f119c6c7e35f039e2e54b79078
2013-10-24 17:38:19 +01:00

99 lines
3.2 KiB
Plaintext
Raw Blame History

# lib/ldap
# Functions to control the installation and configuration of **ldap**
# ``lib/keystone`` calls the entry points in this order:
#
# - install_ldap()
# Save trace setting
XTRACE=$(set +o | grep xtrace)
set +o xtrace
LDAP_SERVICE_NAME=slapd
# Functions
# ---------
# install_ldap
# install_ldap() - Collect source and prepare
function install_ldap() {
echo "Installing LDAP inside function"
echo "LDAP_PASSWORD is $LDAP_PASSWORD"
echo "os_VENDOR is $os_VENDOR"
printf "installing"
if is_ubuntu; then
LDAP_OLCDB_NUMBER=1
LDAP_ROOTPW_COMMAND=replace
sudo DEBIAN_FRONTEND=noninteractive apt-get install slapd ldap-utils
#automatically starts LDAP on ubuntu so no need to call start_ldap
elif is_fedora; then
LDAP_OLCDB_NUMBER=2
LDAP_ROOTPW_COMMAND=add
start_ldap
elif is_suse; then
LDAP_OLCDB_NUMBER=1
LDAP_ROOTPW_COMMAND=add
LDAP_SERVICE_NAME=ldap
# SUSE has slappasswd in /usr/sbin/
PATH=$PATH:/usr/sbin/
sudo slapadd -F /etc/openldap/slapd.d/ -bcn=config -l $FILES/ldap/base-config.ldif
sudo sed -i '/^OPENLDAP_START_LDAPI=/s/"no"/"yes"/g' /etc/sysconfig/openldap
start_ldap
fi
printf "generate password file"
SLAPPASS=`slappasswd -s $LDAP_PASSWORD`
printf "secret is $SLAPPASS\n"
#create manager.ldif
TMP_MGR_DIFF_FILE=`mktemp -t manager_ldiff.$$.XXXXXXXXXX.ldif`
sed -e "s|\${LDAP_OLCDB_NUMBER}|$LDAP_OLCDB_NUMBER|" -e "s|\${SLAPPASS}|$SLAPPASS|" -e "s|\${LDAP_ROOTPW_COMMAND}|$LDAP_ROOTPW_COMMAND|" $FILES/ldap/manager.ldif.in >> $TMP_MGR_DIFF_FILE
#update ldap olcdb
sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f $TMP_MGR_DIFF_FILE
# On fedora we need to manually add cosine and inetorgperson schemas
if is_fedora || is_suse; then
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif
fi
# add our top level ldap nodes
if ldapsearch -x -w $LDAP_PASSWORD -H ldap://localhost -D dc=Manager,dc=openstack,dc=org -x -b dc=openstack,dc=org | grep -q "Success"; then
printf "LDAP already configured for OpenStack\n"
if [[ "$KEYSTONE_CLEAR_LDAP" == "yes" ]]; then
# clear LDAP state
clear_ldap_state
# reconfigure LDAP for OpenStack
ldapadd -c -x -H ldap://localhost -D dc=Manager,dc=openstack,dc=org -w $LDAP_PASSWORD -f $FILES/ldap/openstack.ldif
fi
else
printf "Configuring LDAP for OpenStack\n"
ldapadd -c -x -H ldap://localhost -D dc=Manager,dc=openstack,dc=org -w $LDAP_PASSWORD -f $FILES/ldap/openstack.ldif
fi
}
# start_ldap() - Start LDAP
function start_ldap() {
sudo service $LDAP_SERVICE_NAME restart
}
# stop_ldap() - Stop LDAP
function stop_ldap() {
sudo service $LDAP_SERVICE_NAME stop
}
# clear_ldap_state() - Clear LDAP State
function clear_ldap_state() {
ldapdelete -x -w $LDAP_PASSWORD -H ldap://localhost -D dc=Manager,dc=openstack,dc=org -x -r "dc=openstack,dc=org"
}
# Restore xtrace
$XTRACE
# Tell emacs to use shell-script-mode
## Local variables:
## mode: shell-script
## End:
View Git Blame Copy Permalink