--enable-cryptと--enable-lmpasswdを同時に有効にすると矛盾が生じます
のでどちらかにします。
--enable-perlはSolarisにperlの64bitライブラリがないためリンクに失敗
します。よって64bitでperlをコンパイルしてインストールするか有効にし
ないようにします。
以下のようなスクリプトを実行します。
#!/bin/sh if [ $# -eq 1 ]; then . ../setup-pre.sh $1 else . ../setup-pre.sh fi LIBS="-ldb"; export LIBS ./configure $CONFDIRS \ --localstatedir=/var \ --libexecdir=/usr/local/libexec/$ISA \ --mandir=/usr/local/share/man \ --enable-dynamic \ --enable-crypt \ --enable-spasswd \ --enable-modules \ --enable-slp \ --enable-backends=mod \ --enable-sql=no \ --enable-ndb=no \ --enable-perl=no \ --enable-overlays=mod
% ./setup.sh [sparcv9|sparcv8plus|i386|amd64]
makeしてインストールします。
% gmake depend % gmake # gmake install
ISA自動起動リンクを作るために、以下のスクリプトを実行します。
#!/bin/sh # SBINPROG="slapacl slapauth slapdn slappasswd slaptest slapadd slapcat slapindex slapschema" BINPROG="ldapadd ldapdelete ldapmodify ldappasswd ldapurl ldapcompare ldapexop ldapmodrdn ldapsearch ldapwhoami" LIBEXECPROG="slapd" SBINDIR="/usr/local/sbin" BINDIR="/usr/local/bin" LIBEXECDIR="/usr/local/libexec" if [ "${SBINPROG}" != "" ]; then cd ${SBINDIR} for prog in ${SBINPROG} do rm -f $prog ln /usr/lib/isaexec $prog echo $prog done fi if [ "${BINPROG}" != "" ]; then cd ${BINDIR} for prog in ${BINPROG} do rm -f $prog ln /usr/lib/isaexec $prog echo $prog done fi if [ "${LIBEXECPROG}" != "" ]; then cd ${LIBEXECDIR} for prog in ${LIBEXECPROG} do rm -f $prog ln /usr/lib/isaexec $prog echo $prog done fi
# groupadd -g 389 ldap # useradd -u 389 -g 389 -d /noexistent -s /bin/false -c "OpenLDAP Server" ldap # mkdir /var/openldap-data # mkdir /etc/openldap # chown ldap:ldap /var/openldap-data # chown ldap:ldap /etc/openldap/slapd.conf # chmod 700 /var/openldap-data # chmod 600 /etc/openldap/slapd.conf
/var/svc/manifest/network/ldap/server.xml
<?xml version="1.0"?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <!-- $Id: openldap24.html,v 1.1 2014/11/12 00:54:56 hiraga Exp $ Service manifest for the OpenLDAP slapd service. --> <service_bundle type='manifest' name='slapd'> <service name='network/ldap/server' type='service' version='1'> <create_default_instance enabled='false' /> <single_instance /> <dependency name='fs-local' grouping='require_all' restart_on='none' type='service'> <service_fmri value='svc:/system/filesystem/local' /> </dependency> <dependency name='network-service' grouping='require_all' restart_on='none' type='service'> <service_fmri value='svc:/network/service' /> </dependency> <dependency name='system-log' grouping='optional_all' restart_on='none' type='service'> <service_fmri value='svc:/system/system-log' /> </dependency> <dependency name='config_data' grouping='require_all' restart_on='restart' type='path'> <service_fmri value='file://localhost/etc/openldap/slapd.conf' /> </dependency> <exec_method type='method' name='start' exec='/lib/svc/method/slapd start' timeout_seconds='-1'> </exec_method> <exec_method type='method' name='stop' exec='/lib/svc/method/slapd stop' timeout_seconds='-1'> </exec_method> <exec_method type='method' name='restart' exec='/lib/svc/method/slapd restart' timeout_seconds='-1'> </exec_method> <template> <common_name> <loctext xml:lang='C'> slapd, OpenLDAP LDAP server. </loctext> </common_name> <documentation> <manpage title='slapd' section='1M' manpath='/usr/local/man' /> </documentation> </template> </service> </service_bundle>
/lib/svc/method/slapd
#!/sbin/sh # # OpenLDAP LDAP server # $Id: openldap24.html,v 1.1 2014/11/12 00:54:56 hiraga Exp $ # . /lib/svc/share/smf_include.sh UID=ldap GID=ldap URI="ldapi:/// ldap:/// ldaps:///" SLAPD=/usr/local/libexec/slapd CONF=/etc/openldap/slapd.conf RUNDIR=/var/run/openldap PIDFILE=$RUNDIR/slapd.pid case "$1" in start) if [ ! -d ${RUNDIR} ]; then mkdir ${RUNDIR} fi if [ -d ${RUNDIR} ]; then chown ${UID}:${GID} ${RUNDIR} fi [ -f "${CONF}" ] && [ -f "${SLAPD}" ] || exit 0 ${SLAPD} -f ${CONF} -u ${UID} -g ${GID} -h "${URI}" 2>&1 & ;; stop) /usr/bin/pkill slapd if [ -d ${RUNDIR} ]; then rmdir ${RUNDIR} fi ;; restart) stop while /usr/bin/pgrep slapd > /dev/null do sleep 5 done start ;; *) echo "Usage: $0 { start | stop }" exit 1 ;; esac exit 0
manifestのimport
# chown root:bin /lib/svc/method/slapd # chmod 555 /lib/svc/method/slapd # chown root:sys /var/svc/manifest/network/ldap/server.xml # chmod 444 /var/svc/manifest/network/ldap/server.xml # /usr/sbin/svccfg validate /var/svc/manifest/network/ldap/server.xml # /usr/sbin/svccfg -v import /var/svc/manifest/network/ldap/server.xml
有効化
# svcadm enable svc:/network/ldap/server
#!/sbin/sh # UID=ldap GID=ldap SLAPD=/usr/local/libexec/slapd URI="ldap:/// ldaps:///" RUN=/var/run/openldap CONF=/etc/openldap/slapd.conf case "$1" in start) if [ ! -d $RUN ]; then mkdir $RUN chown ${UID}:${GID} $RUN fi [ -f "$CONF" ] && [ -f "$SLAPD" ] || exit 0 $SLAPD -f $CONF -h "$URI" 2>&1 & ;; stop) [ -f "$SLAPD" ] && pkill slapd ;; *) echo "Usage: $0 { start | stop }" exit 1 ;; esac exit 0