Blame - lib/ldap - devstack

blob: 53f68377b5a577a5309d81272d372e297460c0fb [file] [log] [blame]

Brad Topol	f127e2f	2013-01-22 10:17:50 -0600	[diff] [blame]	1	# lib/ldap
				2	# Functions to control the installation and configuration of ldap
				3
				4	# ``stack.sh`` calls the entry points in this order:
				5	#
				6
				7	# Save trace setting
				8	XTRACE=$(set +o \| grep xtrace)
				9	set +o xtrace
				10
				11	# install_ldap
				12	# install_ldap() - Collect source and prepare
				13	function install_ldap() {
				14	echo "Installing LDAP inside function"
				15	echo "LDAP_PASSWORD is $LDAP_PASSWORD"
				16	echo "os_VENDOR is $os_VENDOR"
				17	printf "installing"
				18	if is_ubuntu; then
Brad Topol	f127e2f	2013-01-22 10:17:50 -0600	[diff] [blame]	19	LDAP_OLCDB_NUMBER=1
				20	LDAP_ROOTPW_COMMAND=replace
				21	sudo DEBIAN_FRONTEND=noninteractive apt-get install slapd ldap-utils
				22	#automatically starts LDAP on ubuntu so no need to call start_ldap
Vincent Untz	3f34d9a	2013-03-12 17:57:36 +0100	[diff] [blame]	23	elif is_fedora \|\| is_suse; then
Brad Topol	f127e2f	2013-01-22 10:17:50 -0600	[diff] [blame]	24	LDAP_OLCDB_NUMBER=2
				25	LDAP_ROOTPW_COMMAND=add
				26	start_ldap
				27	fi
				28
				29	printf "generate password file"
				30	SLAPPASS=`slappasswd -s $LDAP_PASSWORD`
				31
				32	printf "secret is $SLAPPASS\n"
				33	#create manager.ldif
				34	TMP_MGR_DIFF_FILE=`mktemp -t manager_ldiff.$$.XXXXXXXXXX.ldif`
				35	sed -e "s\|\${LDAP_OLCDB_NUMBER}\|$LDAP_OLCDB_NUMBER\|" -e "s\|\${SLAPPASS}\|$SLAPPASS\|" -e "s\|\${LDAP_ROOTPW_COMMAND}\|$LDAP_ROOTPW_COMMAND\|" $FILES/ldap/manager.ldif.in >> $TMP_MGR_DIFF_FILE
				36
				37	#update ldap olcdb
				38	sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f $TMP_MGR_DIFF_FILE
				39
Brad Topol	0c2c3fc	2013-03-19 03:01:30 -0500	[diff] [blame]	40	# On fedora we need to manually add cosine and inetorgperson schemas
				41	if is_fedora; then
				42	sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif
				43	sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif
				44	fi
				45
Brad Topol	f127e2f	2013-01-22 10:17:50 -0600	[diff] [blame]	46	# add our top level ldap nodes
				47	if ldapsearch -x -w $LDAP_PASSWORD -H ldap://localhost -D dc=Manager,dc=openstack,dc=org -x -b dc=openstack,dc=org \| grep -q "Success" ; then
				48	printf "LDAP already configured for OpenStack\n"
				49	if [[ "$KEYSTONE_CLEAR_LDAP" == "yes" ]]; then
				50	# clear LDAP state
				51	clear_ldap_state
				52	# reconfigure LDAP for OpenStack
				53	ldapadd -c -x -H ldap://localhost -D dc=Manager,dc=openstack,dc=org -w $LDAP_PASSWORD -f $FILES/ldap/openstack.ldif
				54	fi
				55	else
				56	printf "Configuring LDAP for OpenStack\n"
				57	ldapadd -c -x -H ldap://localhost -D dc=Manager,dc=openstack,dc=org -w $LDAP_PASSWORD -f $FILES/ldap/openstack.ldif
				58	fi
				59	}
				60
				61	# start_ldap() - Start LDAP
				62	function start_ldap() {
				63	sudo service slapd restart
				64	}
				65
				66
				67	# stop_ldap() - Stop LDAP
				68	function stop_ldap() {
				69	sudo service slapd stop
				70	}
				71
				72	# clear_ldap_state() - Clear LDAP State
				73	function clear_ldap_state() {
				74	ldapdelete -x -w $LDAP_PASSWORD -H ldap://localhost -D dc=Manager,dc=openstack,dc=org -x -r "dc=openstack,dc=org"
				75	}
				76
				77	# Restore xtrace
				78	$XTRACE
Sean Dague	584d90e	2013-03-29 14:34:53 -0400	[diff] [blame]	79
				80	# Local variables:
				81	# mode: shell-script
				82	# End: