[debian-edu-commits] [Git][debian-edu/debian-edu-config][master] Remove etc/ldap/slapd-debian-edu.conf from Git

Wolfgang Schweer (@schweer-guest) gitlab at salsa.debian.org
Sun Oct 3 10:16:53 BST 2021 


Wolfgang Schweer pushed to branch master at Debian Edu / debian-edu-config


Commits:
f9659d43 by Wolfgang Schweer at 2021-10-03T11:14:03+02:00
Remove etc/ldap/slapd-debian-edu.conf from Git

This file is obsolete since d-e-c 2.12.1, not shipped since then in the binary package.

Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>

- - - - -


1 changed file:

- − etc/ldap/slapd-debian-edu.conf


Changes:

=====================================
etc/ldap/slapd-debian-edu.conf deleted
=====================================
@@ -1,182 +0,0 @@
-# Allow LDAPv2 binds
-allow bind_v2
-
-# The skolelinux slapd configuration file
-
-# Schema and objectClass definitions
-include         /etc/ldap/schema/core.schema
-include         /etc/ldap/schema/cosine.schema
-include         /etc/ldap/schema/nis.schema
-include         /etc/ldap/schema/autofs-debian-edu.schema
-include		/etc/ldap/schema/inetorgperson.schema
-include		/etc/ldap/schema/gosa/dhcp.schema
-include		/etc/ldap/schema/gosa/dnszone.schema
-include		/etc/ldap/schema/kerberos.schema
-include		/etc/ldap/schema/ltspclientaux.schema
-
-## gosa:
-include         /etc/ldap/schema/gosa/samba3.schema
-include         /etc/ldap/schema/gosa/trust.schema
-include         /etc/ldap/schema/gosa/gosystem.schema
-include         /etc/ldap/schema/gosa/gofon.schema
-include         /etc/ldap/schema/gosa/goto.schema
-include         /etc/ldap/schema/gosa/gosa-samba3.schema
-include         /etc/ldap/schema/gosa/gofax.schema
-include         /etc/ldap/schema/gosa/goserver.schema
-include         /etc/ldap/schema/gosa/goto-mime.schema
-include         /etc/ldap/schema/gosa/sudo.schema
-
-# Where the pid file is put. The init.d script
-# will not stop the server if you change this.
-pidfile		/var/run/slapd/slapd.pid
-
-# Read slapd.conf(5) for possible values
-#loglevel	65535
-loglevel	none
-
-rootDSE                 /etc/ldap/rootDSE-debian-edu.ldif
-
-# TLS/SSL
-TLSCACertificateFile    /etc/ssl/certs/Debian-Edu_rootCA.crt
-TLSCertificateKeyFile   /etc/ssl/private/debian-edu-server.key
-TLSCertificateFile      /etc/ssl/certs/debian-edu-server.crt
-
-modulepath	/usr/lib/ldap
-moduleload	back_bdb
-moduleload	back_monitor
-
-defaultsearchbase "dc=skole,dc=skolelinux,dc=no"
-security update_ssf=128  simple_bind=128
-
-# Access via ldapi/unix socket is assumed to have 128 bit encryption.
-# This is required to allow the kerberos and powerdns daemon to
-# connect.
-localssf 128
-
-backend		bdb
-backend		monitor
-
-#######################################################################
-# ldbm database definitions
-#######################################################################
-
-# The backend type, ldbm, is the default standard
-
-database	bdb
-# Set the database in memory cache size.
-#
-cachesize   4000
-#dbnosync
-sizelimit 4000
-
-# First database
-suffix		"dc=skole,dc=skolelinux,dc=no"
-rootdn		"cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no"
-# Where the database file are physically stored
-directory	"/var/lib/ldap"
-
-# Indices to maintain
-index           objectClass     pres,eq
-index           cn,sn,ou        pres,eq,sub
-index           uid             pres,eq,sub
-index           krbPrincipalName pres,eq,sub
-index           uidNumber       eq
-index           gidNumber       eq
-index           memberUid       eq
-index           default         eq
-#for some clients, even if not used
-index		givenname	eq
-index		displayName	eq
-#index		telephoneNumber	eq
-
-#samba index
-index sambaSID                          eq
-index sambaPrimaryGroupSID              eq
-index sambaDomainName                   eq
-index sambaGroupType                    eq
-index sambaSIDList                      eq
-
-# PowerDNS index
-index associatedDomain         pres,eq,sub
-index aRecord                      pres,eq
-
-# ldap2zone index
-index zoneName                          eq
-index relativeDomainName                eq
-
-# Sudo
-index sudoUser                      eq,sub
-
-# LTSP configuration index (dhcpHWAddress also used by dhcpd)
-index macAddress                        eq
-index dhcpHWAddress                     eq
-
-# libnss-ldapd look for this one.  Make sure it is indexed to avoid
-# lots of log messages.
-index uniqueMember                      eq
-
-# lwat cron job uses this
-index createTimestamp                   eq
-
-# Save the time that the entry gets modified
-lastmod on
-
-# Webmin-ldap-skolelinux use TLS, and PAM authentication use SSL
-# The ssf=128 option is to be used when SL bug 213 and 404 are closed.
-#
-
-## map authentication via gssapi on user dn:
-authz-regexp "uid=([^,]*),cn=gssapi,cn=auth"
-        "ldap:///dc=skole,dc=skolelinux,dc=no??sub?(uid=$1)"
-
-## default: no access, but allow members of the ldap-admins group full
-## access.
-access to *
-        by group.exact="cn=ldap-admins,ou=ldap-access,dc=skole,dc=skolelinux,dc=no" manage
-        by * none break
-
-access to attrs=userPassword
-	by self      =wx
-	by anonymous auth
-	by set="[cn=admins,ou=group,dc=skole,dc=skolelinux,dc=no]/member & this" none
-	by * none
-
-access to attrs=shadowLastChange
-	by self      ssf=128 =w
-	by set="[cn=admins,ou=group,dc=skole,dc=skolelinux,dc=no]/member & this" none
-	by * none
-
-access to dn.subtree="dc=skole,dc=skolelinux,dc=no"
-	attrs=children,entry
-	by * none break
-
-# Control access to kerberos attributes
-access to attrs=krbPrincipalKey,krbExtraData
-       by dn.exact="cn=kdc-service,cn=kerberos,dc=skole,dc=skolelinux,dc=no"  read
-       by dn.exact="cn=kadmin-service,cn=kerberos,dc=skole,dc=skolelinux,dc=no"  write
-       by self read
-       by * auth
-
-access to attrs=krbPrincipalName,krbLastPwdChange
-       by dn.exact="cn=kdc-service,cn=kerberos,dc=skole,dc=skolelinux,dc=no"  read
-       by dn.exact="cn=kadmin-service,cn=kerberos,dc=skole,dc=skolelinux,dc=no"  write
-       by * auth
-       by * read
-
-# Limit access to kerberos data in cn=kerberos.  Allow everyone to
-# see the objects, as long as the attributes
-# krbPrincipalKey,krbLastPwdChange and krbExtraData are hidden.
-access to dn.subtree="cn=kerberos,dc=skole,dc=skolelinux,dc=no"
-       by dn.exact="cn=kdc-service,cn=kerberos,dc=skole,dc=skolelinux,dc=no" read
-       by dn.exact="cn=kadmin-service,cn=kerberos,dc=skole,dc=skolelinux,dc=no" write
-       by * read
-
-# Default access; kadmin needs full access:
-access to *
-       by dn.exact="cn=kadmin-service,cn=kerberos,dc=skole,dc=skolelinux,dc=no" write
-       by * read
-
-# Last database.. back-monitor is nice to have. Use 'cn=monitor' as base
-database monitor
-
-# End of ldapd configuration file



View it on GitLab: https://salsa.debian.org/debian-edu/debian-edu-config/-/commit/f9659d4319472fb5df4e3955889204db0b3dcd0d

-- 
View it on GitLab: https://salsa.debian.org/debian-edu/debian-edu-config/-/commit/f9659d4319472fb5df4e3955889204db0b3dcd0d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-edu-commits/attachments/20211003/505930bc/attachment-0001.htm>

More information about the debian-edu-commits mailing list