Fix LDAP support for openSUSE
Closes-Bug: #1227651
Change-Id: I1c55fbb2f65f882a0ae2bcf4767c0a3e0f0f47e7
diff --git a/files/ldap/base-config.ldif b/files/ldap/base-config.ldif
new file mode 100644
index 0000000..026d8bc
--- /dev/null
+++ b/files/ldap/base-config.ldif
@@ -0,0 +1,19 @@
+dn: cn=config
+objectClass: olcGlobal
+cn: config
+olcArgsFile: /var/run/slapd/slapd.args
+olcAuthzRegexp: {0}gidNumber=0\+uidNumber=0,cn=peercred,cn=external,cn=auth dn
+ :cn=config
+olcPidFile: /var/run/slapd/slapd.pid
+olcSizeLimit: 10000
+
+dn: cn=schema,cn=config
+objectClass: olcSchemaConfig
+cn: schema
+
+include: file:///etc/openldap/schema/core.ldif
+
+dn: olcDatabase={1}hdb,cn=config
+objectClass: olcHdbConfig
+olcDbDirectory: /var/lib/ldap
+olcSuffix: dc=openstack,dc=org
diff --git a/lib/ldap b/lib/ldap
index 89b31b2..2a24ccd 100644
--- a/lib/ldap
+++ b/lib/ldap
@@ -8,6 +8,7 @@
XTRACE=$(set +o | grep xtrace)
set +o xtrace
+LDAP_SERVICE_NAME=slapd
# Functions
# ---------
@@ -24,10 +25,19 @@
LDAP_ROOTPW_COMMAND=replace
sudo DEBIAN_FRONTEND=noninteractive apt-get install slapd ldap-utils
#automatically starts LDAP on ubuntu so no need to call start_ldap
- elif is_fedora || is_suse; then
+ elif is_fedora; then
LDAP_OLCDB_NUMBER=2
LDAP_ROOTPW_COMMAND=add
start_ldap
+ elif is_suse; then
+ LDAP_OLCDB_NUMBER=1
+ LDAP_ROOTPW_COMMAND=add
+ LDAP_SERVICE_NAME=ldap
+ # SUSE has slappasswd in /usr/sbin/
+ PATH=$PATH:/usr/sbin/
+ sudo slapadd -F /etc/openldap/slapd.d/ -bcn=config -l $FILES/ldap/base-config.ldif
+ sudo sed -i '/^OPENLDAP_START_LDAPI=/s/"no"/"yes"/g' /etc/sysconfig/openldap
+ start_ldap
fi
printf "generate password file"
@@ -42,7 +52,7 @@
sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f $TMP_MGR_DIFF_FILE
# On fedora we need to manually add cosine and inetorgperson schemas
- if is_fedora; then
+ if is_fedora || is_suse; then
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif
fi
@@ -64,13 +74,13 @@
# start_ldap() - Start LDAP
function start_ldap() {
- sudo service slapd restart
+ sudo service $LDAP_SERVICE_NAME restart
}
# stop_ldap() - Stop LDAP
function stop_ldap() {
- sudo service slapd stop
+ sudo service $LDAP_SERVICE_NAME stop
}
# clear_ldap_state() - Clear LDAP State