aboutsummaryrefslogtreecommitdiffstats
path: root/ldap/Makefile
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem.moulin@fripost.org>2012-08-20 01:53:16 +0200
committerGuilhem Moulin <guilhem.moulin@fripost.org>2012-08-20 01:53:16 +0200
commitded29bf9eb3fa40c56eb9ace365d13e6348e215c (patch)
tree328d4a3fc3b9fd5e9d696df601bb193204565d8f /ldap/Makefile
parentd7173895fa7c31b033c2bffd2fb43d1ffbe2159b (diff)
A little test suite for LDAP ACLs.
Diffstat (limited to 'ldap/Makefile')
-rw-r--r--ldap/Makefile88
1 files changed, 88 insertions, 0 deletions
diff --git a/ldap/Makefile b/ldap/Makefile
new file mode 100644
index 0000000..8d6868f
--- /dev/null
+++ b/ldap/Makefile
@@ -0,0 +1,88 @@
+DIR := $(shell grep -i '^olcDbDirectory: ' database.ldif | sed -e 's/^olcDbDirectory: //')
+SUFFIX := $(shell grep -i '^olcSuffix: ' database.ldif | sed -e 's/^olcSuffix: //')
+TMPSLAPD := /tmp/$(shell mktemp -u slapd.d-XXXXXX)
+BACKUPDB := /tmp/$(shell mktemp -u db-XXXXXX.ldif)
+BACKUPCONFIG := /tmp/$(shell mktemp -u config-XXXXXX.ldif)
+NUM := $(shell ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b "cn=config" "olcSuffix=$(SUFFIX)" dn | sed -e '/^$$/d' -e 's/^dn: //')
+SCHEMA := $(shell grep -i '^dn: ' fripost.ldif | sed -re 's/^dn: cn=([^,]+),.*/\1/')
+
+all:
+ @echo "make install-schema: install the LDAP schema"
+ @echo "make install-db: install the database"
+ @echo "make install-mx: "
+
+
+init:
+ @echo "Suffix: \`$(SUFFIX)\'"
+ @echo "Location: \`$(DIR)\'"
+ @test -e "$(DIR)" && (echo "Error: \`$(DIR)' exists." ; false); true
+ @mkdir -m 0700 "$(DIR)"
+ @chown openldap:openldap "$(DIR)"
+ @ldapadd -Q -Y EXTERNAL -H ldapi:/// -f database.ldif
+# @if test -d "$(SUFFIX)" ; then echo nop ; fi
+
+
+install-mx:
+
+ rm -f -- "$(BACKUPDB)" "$(BACKUPCONFIG)"
+ @mkdir -m 0700 "$(BACKUPSLAPD)"
+
+ @rmdir "$(BACKUPSLAPD)"
+
+
+install-schema:
+ @ldapadd -Q -Y EXTERNAL -H ldapi:/// -f fripost.ldif
+
+
+install-acl:
+ @sed "s/^dn: olcDatabase={.*}hdb,cn=config$$/dn: $(NUM)/" acl.ldif | ldapmodify -Q -Y EXTERNAL -H ldapi:///
+
+
+uninstall:
+ @echo "The database - suffix \"$(SUFFIX)\" - will be saved into \`$(BACKUPDB)' (if non-empty), and then *cleared* (but not deleted)."
+ @echo "Also, its ACLs and indexes will be cleared as well, if there are any."
+ @echo "Global configuration will be saved into \`$(BACKUPCONFIG)'."
+ @echo "slapd will be offline for a moment - at best."
+ @/bin/echo -n "Are you sure you want to continue [y/N] "
+ @read A && if [ "x$$A" = "xY" -o "x$$A" = "xy" ]; then true; else echo Aborted; false; fi
+#
+ @if slapcat -b "$(SUFFIX)" 2>/dev/null | grep -q '.'; then \
+ echo "Saving database" && slapcat -b "$(SUFFIX)" -l "$(BACKUPDB)" && echo "Clearing database" && ldapdelete -Q -Y EXTERNAL -H ldapi:/// -r "$(SUFFIX)" \
+ ;else \
+ echo "Empty database, not saving anything." \
+ ;fi
+#
+ @echo "Saving configuration"; slapcat -n0 -l "$(BACKUPCONFIG)"
+#
+ @if (ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -s base -b "$(NUM)" "(olcAccess=*)" | grep -q '^dn: '); then \
+ echo "Removing ACLs" && /bin/echo -e "dn: $(NUM)\nchangetype: modify\ndelete: olcAccess" | ldapmodify -Q -Y EXTERNAL -H ldapi:/// >/dev/null \
+ ;else \
+ echo "No ACLs to remove" \
+ ;fi
+#
+ @if (ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -s base -b "$(NUM)" "(olcDbIndex=*)" | grep -q '^dn: '); then \
+ echo "Removing indexes" && /bin/echo -e "dn: $(NUM)\nchangetype: modify\ndelete: olcDbIndex" | ldapmodify -Q -Y EXTERNAL -H ldapi:/// >/dev/null \
+ ;else \
+ echo "No indexes to remove" \
+ ;fi
+
+ @echo "Making a new configuration directory at \`$(TMPSLAPD)'"
+ @mkdir -m0700 "$(TMPSLAPD)" && slapcat -n0 | slapadd -F "$(TMPSLAPD)" -n0 && chown -R 'openldap:openldap' "$(TMPSLAPD)"
+
+ @echo "Deleting schema \"cn=$(SCHEMA),cn=config\"" && find "$(TMPSLAPD)" -name "cn={*}$(SCHEMA).ldif" -delete
+#
+ @/etc/init.d/slapd stop
+#
+ @echo "Replacing the old \`slapd.d'"
+ rm -rf /etc/ldap/slapd.d/ && mv "$(TMPSLAPD)" /etc/ldap/slapd.d/
+#
+ @/etc/init.d/slapd start
+#
+ @echo "Don't forget to repopulate the database (if non-empty) from \`$(BACKUPDB)'"
+
+
+
+
+
+
+.PHONY: all backup-db backup-config