3 # UPDATE LDAP FROM GFORGE DATABASE
4 # Copy and Past Coding from install-ldap.sh
8 # This is purely for compatibility, and will be removed sometime
9 if [ "$DEBSFDEBUG" = 1 ] ; then
13 if [ "$GFORGEDEBUG" != 1 ] ; then
14 DEVNULL12="> /dev/null 2>&1"
15 DEVNULL2="2> /dev/null"
20 if [ $(id -u) != 0 -a "x$1" != "xlist" ] ; then
21 echo "You must be root to run this, please enter passwd"
28 ldap_host=$(grep ^ldap_host= /etc/fusionforge/fusionforge.conf | cut -d= -f2-)
30 gforge_base_dn=$(grep ^ldap_base_dn= /etc/fusionforge/fusionforge.conf | cut -d= -f2-)
31 gforge_admin_dn="cn=admin,$gforge_base_dn"
32 slapd_base_dn=$(grep ^suffix /etc/ldap/slapd.conf | cut -d\" -f2)
33 slapd_admin_dn="cn=admin,$slapd_base_dn"
34 robot_dn="cn=SF_robot,$gforge_base_dn"
36 robot_passwd=$(grep ^ldap_web_add_password= /etc/fusionforge/fusionforge.conf | cut -d= -f2-)
37 admin_passwd=$(grep ^admin_password= /etc/fusionforge/fusionforge.conf | cut -d= -f2-)
38 robot_cryptedpasswd=`slappasswd -s "$robot_passwd" -h {CRYPT}`
39 # TODO: ask the user for the main (slapd) password
40 # Probably only do that when needed (when inserting the robot account)
41 [ -f /etc/ldap.secret ] && slapd_admin_passwd=$(cat /etc/ldap.secret) || slapd_admin_passwd=$robot_passwd
43 cryptedpasswd=`slappasswd -s "$slapd_admin_passwd" -h {CRYPT}`
45 tmpfile_pattern=/tmp/$(basename $0).XXXXXX
51 nr=$(ldapsearch -LLL -x -b "$my_dn" -s base '' dn 2> /dev/null | grep ^dn: | wc -l)
52 echo "$nr:${PIPESTATUS[0]}"
55 nr=$(echo $r | cut -d: -f1)
56 p=$(echo $r | cut -d: -f2)
57 if [ $p == 32 ] || [ $nr = 0 ] ; then
66 answer=$(eval "ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts $DEVNULL2" | grep "namingContexts:" | cut -d" " -f2)
67 if [ "x$answer" == "x" ] ; then
68 eval "invoke-rc.d slapd restart $DEVNULL12" && sleep 5
69 answer=$(eval "ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts $DEVNULL2" \
70 | grep "namingContexts:" \
73 if [ "x$answer" == "x" ] ; then
74 echo "LDAP Server dead"
77 # echo "LDAP Server OK: suffix=$answer"
83 # Load ldap database from gforge database
85 sys_ldap_base_dn="dc=fb14srv1,dc=hpi,dc=uni-potsdam,dc=de";
87 # First, let's make sure our base DN exists
88 if ! exists_dn $gforge_base_dn ; then
89 tmpldif=$(mktemp $tmpfile_pattern)
90 tmpldifadd=$(mktemp $tmpfile_pattern)
91 tmpldifmod=$(mktemp $tmpfile_pattern)
92 dc=$(echo $gforge_base_dn | cut -d, -f1 | cut -d= -f2)
98 objectClass: domainRelatedObject
99 associatedDomain: $sys_default_domain
101 # echo "Filling LDAP with database"
102 if ! eval "ldapadd -r -c -D '$robot_dn' -x -w'$robot_passwd' -f $tmpldif > $tmpldifadd 2>&1" ; then
103 # Some entries could not be added (already there?)
104 # Therefore, we try to modify them
105 if ! eval "ldapmodify -r -c -D '$robot_dn' -x -w'$robot_passwd' -f $tmpldif > $tmpldifmod 2>&1" ; then
106 echo "WARNING WARNING WARNING Something wrong happened in ldapmodify"
107 echo "please check and report following error"
108 echo ========================================================================================
109 cat $tmpldifmod | perl -pi -e 's/^\n//' | perl -pi -e 's/modifying.*\"\n//'
110 echo ========================================================================================
111 echo SEE ALSO result of ldapadd in:
113 echo AND result of ldapmodify in:
115 echo AND ldif file in:
117 echo ========================================================================================
121 rm -f $tmpldif $tmpldifadd $tmpldifmod
124 # CLEANUP: should be done with the robot
125 # This loads the ldap database
126 # echo "Our base DN is $gforge_base_dn"
127 # echo "Creating ldif file from database"
128 tmpladd=$(mktemp $tmpfile_pattern)
129 tmplmod=$(mktemp $tmpfile_pattern)
130 tmpldifadd=$(mktemp $tmpfile_pattern)
131 tmpldifmod=$(mktemp $tmpfile_pattern)
132 dc=$(echo $gforge_base_dn | cut -d, -f1 | cut -d= -f2)
133 su -s /bin/sh gforge -c /usr/lib/gforge/bin/sql2ldifmod.pl >> $tmplmod
134 su -s /bin/sh gforge -c /usr/lib/gforge/bin/sql2ldifadd.pl >> $tmpladd
135 # echo "Filling LDAP with database"
136 if ! eval "ldapadd -r -c -D '$slapd_admin_dn' -x -w'$admin_passwd' -f $tmpladd > $tmpldifadd 2>&1" ; then
137 # Some entries could not be added (already there)
138 # Therefore, we have to modify them
139 if ! eval "ldapmodify -r -c -D '$slapd_admin_dn' -x -w'$admin_passwd' -f $tmplmod > $tmpldifmod 2>&1" ; then
140 echo "WARNING WARNING WARNING Something wrong happened in ldapmodify"
141 echo "please check and report following error"
142 echo ========================================================================================
143 cat $tmpldifmod | perl -pi -e 's/^\n//' | perl -pi -e 's/modifying.*\"\n//'
144 echo ========================================================================================
145 echo SEE ALSO result of ldapadd in:
147 echo AND result of ldapmodify in:
149 echo AND ldif file in:
151 echo ========================================================================================
155 rm -f $tmpldif $tmpldifadd $tmpldifmod $tmpladd $tmplmod
158 print_ldif_default(){
159 dc=`echo $slapd_base_dn | sed 's/dc=\(.[^,]*\),.*/\1/'`
163 objectClass: dcObject
166 dn: cn=admin,$slapd_base_dn
167 objectClass: organizationalRole
168 objectClass: simpleSecurityObject
170 userPassword: $cryptedpasswd
171 description: LDAP administrator
173 dn: ou=People,$slapd_base_dn
174 objectClass: organizationalUnit
177 dn: ou=Roaming,$slapd_base_dn
178 objectCLass: organizationalUnit