OpenLDAP 2.4.40

コンパイル時の注意点

--enable-cryptと--enable-lmpasswdを同時に有効にすると矛盾が生じます のでどちらかにします。
--enable-perlはSolarisにperlの64bitライブラリがないためリンクに失敗 します。よって64bitでperlをコンパイルしてインストールするか有効にし ないようにします。

コンパイル

以下のようなスクリプトを実行します。

  #!/bin/sh

  if [ $# -eq 1 ]; then
    . ../setup-pre.sh $1
  else
    . ../setup-pre.sh
  fi

  LIBS="-ldb"; export LIBS

  ./configure $CONFDIRS \
    --localstatedir=/var \
    --libexecdir=/usr/local/libexec/$ISA \
    --mandir=/usr/local/share/man \
    --enable-dynamic \
    --enable-crypt \
    --enable-spasswd \
    --enable-modules \
    --enable-slp \
    --enable-backends=mod \
    --enable-sql=no \
    --enable-ndb=no \
    --enable-perl=no \
    --enable-overlays=mod
% ./setup.sh [sparcv9|sparcv8plus|i386|amd64]

makeしてインストールします。

% gmake depend
% gmake
# gmake install

ISA自動起動リンクを作るために、以下のスクリプトを実行します。

#!/bin/sh
#
SBINPROG="slapacl slapauth slapdn slappasswd slaptest slapadd slapcat slapindex slapschema"
BINPROG="ldapadd ldapdelete ldapmodify ldappasswd ldapurl ldapcompare ldapexop ldapmodrdn ldapsearch ldapwhoami"
LIBEXECPROG="slapd"

SBINDIR="/usr/local/sbin"
BINDIR="/usr/local/bin"
LIBEXECDIR="/usr/local/libexec"

if [ "${SBINPROG}" != "" ]; then
  cd ${SBINDIR}
  for prog in ${SBINPROG}
  do
    rm -f $prog
    ln /usr/lib/isaexec $prog
    echo $prog
  done
fi

if [ "${BINPROG}" != "" ]; then
  cd ${BINDIR}
  for prog in ${BINPROG}
  do
    rm -f $prog
    ln /usr/lib/isaexec $prog
    echo $prog
  done
fi

if [ "${LIBEXECPROG}" != "" ]; then
  cd ${LIBEXECDIR}
  for prog in ${LIBEXECPROG}
  do
    rm -f $prog
    ln /usr/lib/isaexec $prog
    echo $prog
  done
fi

設定

# groupadd -g 389 ldap
# useradd -u 389 -g 389 -d /noexistent -s /bin/false -c "OpenLDAP Server" ldap
# mkdir /var/openldap-data
# mkdir /etc/openldap
# chown ldap:ldap /var/openldap-data
# chown ldap:ldap /etc/openldap/slapd.conf
# chmod 700 /var/openldap-data
# chmod 600 /etc/openldap/slapd.conf

Solaris 10 SMF

/var/svc/manifest/network/ldap/server.xml

<?xml version="1.0"?>
<!DOCTYPE service_bundle SYSTEM
	  "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<!--
        $Id: openldap24.html,v 1.1 2014/11/12 00:54:56 hiraga Exp $

        Service manifest for the OpenLDAP slapd service.
-->

<service_bundle type='manifest' name='slapd'>

<service
        name='network/ldap/server'
        type='service'
        version='1'>

        <create_default_instance enabled='false' />

        <single_instance />

        <dependency
            name='fs-local'
            grouping='require_all'
            restart_on='none'
            type='service'>
                <service_fmri value='svc:/system/filesystem/local' />
        </dependency>

        <dependency
            name='network-service'
            grouping='require_all'
            restart_on='none'
            type='service'>
                <service_fmri value='svc:/network/service' />
        </dependency>

        <dependency
            name='system-log'
            grouping='optional_all'
            restart_on='none'
            type='service'>
                <service_fmri value='svc:/system/system-log' />
        </dependency>

        <dependency name='config_data'
                grouping='require_all'
                restart_on='restart'
                type='path'>
                <service_fmri
                        value='file://localhost/etc/openldap/slapd.conf'
                />
        </dependency>

        <exec_method
                 type='method'
                 name='start'
                 exec='/lib/svc/method/slapd start'
                 timeout_seconds='-1'>
        </exec_method>

        <exec_method
                 type='method'
                 name='stop'
                 exec='/lib/svc/method/slapd stop'
                 timeout_seconds='-1'>
        </exec_method>

        <exec_method
                 type='method'
                 name='restart'
                 exec='/lib/svc/method/slapd restart'
                 timeout_seconds='-1'>
        </exec_method>

        <template>
                <common_name>
                        <loctext xml:lang='C'>
slapd, OpenLDAP LDAP server.
                        </loctext>
                </common_name>
                <documentation>
                        <manpage title='slapd' section='1M'
                                manpath='/usr/local/man' />
                </documentation>
        </template>
</service>

</service_bundle>

/lib/svc/method/slapd

#!/sbin/sh
#
# OpenLDAP LDAP server
# $Id: openldap24.html,v 1.1 2014/11/12 00:54:56 hiraga Exp $
#

. /lib/svc/share/smf_include.sh

UID=ldap
GID=ldap
URI="ldapi:/// ldap:/// ldaps:///"
SLAPD=/usr/local/libexec/slapd
CONF=/etc/openldap/slapd.conf
RUNDIR=/var/run/openldap
PIDFILE=$RUNDIR/slapd.pid

case "$1" in
start)
        if [ ! -d ${RUNDIR} ]; then
                mkdir ${RUNDIR}
        fi
        if [ -d ${RUNDIR} ]; then
                chown ${UID}:${GID} ${RUNDIR}
        fi

        [ -f "${CONF}" ] && [ -f "${SLAPD}" ] || exit 0
        ${SLAPD} -f ${CONF} -u ${UID} -g ${GID} -h "${URI}" 2>&1 &
        ;;

stop)
        /usr/bin/pkill slapd
        if [ -d ${RUNDIR} ]; then
                rmdir ${RUNDIR}
        fi
        ;;

restart)
        stop
        while /usr/bin/pgrep slapd > /dev/null
        do
                sleep 5
        done
        start
        ;;

*)
        echo "Usage: $0 { start | stop }"
        exit 1
        ;;
esac
exit 0

manifestのimport

# chown root:bin /lib/svc/method/slapd
# chmod 555 /lib/svc/method/slapd
# chown root:sys /var/svc/manifest/network/ldap/server.xml
# chmod 444 /var/svc/manifest/network/ldap/server.xml
# /usr/sbin/svccfg validate /var/svc/manifest/network/ldap/server.xml
# /usr/sbin/svccfg -v import /var/svc/manifest/network/ldap/server.xml

有効化

# svcadm enable svc:/network/ldap/server

Solaris 8/9

/etc/init.d/slapd:
#!/sbin/sh
#

UID=ldap
GID=ldap
SLAPD=/usr/local/libexec/slapd
URI="ldap:/// ldaps:///"
RUN=/var/run/openldap
CONF=/etc/openldap/slapd.conf

case "$1" in
start)
        if [ ! -d $RUN ]; then
                mkdir $RUN
                chown ${UID}:${GID} $RUN
        fi

        [ -f "$CONF" ] && [ -f "$SLAPD" ] || exit 0
        $SLAPD -f $CONF -h "$URI" 2>&1 &
        ;;

stop)
        [ -f "$SLAPD" ] && pkill slapd
        ;;

*)
        echo "Usage: $0 { start | stop }"
        exit 1
        ;;

esac
exit 0

hiraga@next-hop.net
Last modified: $Date: 2014/11/12 00:54:56 $
Apache