[Pkg-openldap-devel] r945 - openldap/trunk/debian

Russ Allbery rra at alioth.debian.org
Fri Dec 21 08:34:45 UTC 2007 

Author: rra
Date: 2007-12-21 08:34:45 +0000 (Fri, 21 Dec 2007)
New Revision: 945

Modified:
   openldap/trunk/debian/slapd.scripts-common
Log:
Apply the bare minimum of safeguards so that we don't do something dumb
when $SLAPD_CONF is a directory (for users of cn=config).  Eventually,
we should actually fix the configuration in this case too when we can.

Fix the test for the mode and owner of slapd.conf.


Modified: openldap/trunk/debian/slapd.scripts-common
===================================================================
--- openldap/trunk/debian/slapd.scripts-common	2007-12-21 08:33:33 UTC (rev 944)
+++ openldap/trunk/debian/slapd.scripts-common	2007-12-21 08:34:45 UTC (rev 945)
@@ -1,3 +1,4 @@
+# -*- sh -*-
 # This file can be included with #SCRIPTSCOMMON#
 
 
@@ -21,7 +22,7 @@
 # to the more stable and better maintained BDB backend.
 # Usage: configure_ldbm_to_bdb_migration
 
-	if [ -e "$SLAPD_CONF" ] && grep -qE \
+	if [ -f "$SLAPD_CONF" ] && grep -qE \
 			-e '^moduleload[[:space:]]+back_ldbm' \
 			-e '^(database|backend)[[:space:]]+ldbm' \
 			"$SLAPD_CONF"; then
@@ -34,7 +35,7 @@
 }
 # }}}
 break_on_ldbm_to_bdb_migration_disagree() { # {{{
-  if [ -e "$SLAPD_CONF" ] && grep -qE \
+  if [ -f "$SLAPD_CONF" ] && grep -qE \
       -e '^moduleload[[:space:]]+back_ldbm' \
       -e '^(database|backend)[[:space:]]+ldbm' \
       "$SLAPD_CONF"; then
@@ -142,7 +143,9 @@
 	if [ -n "$SLAPD_USER" ] && [ -n "$SLAPD_GROUP" ] ; then
 		if perl -e '
 			($o, $m) = (stat $ARGV[0])[4,2];
-			exit 1 if ($o == 0 && ($m & 040) == 0);
+			exit 1 unless defined $o;
+			exit 0 if ($o == 0 && ($m & 040) == 0);
+			exit 1;
 		' "$SLAPD_CONF"; then
 			chgrp "$SLAPD_GROUP" "$SLAPD_CONF"
 			chmod g+r "$SLAPD_CONF"
@@ -721,6 +724,10 @@
 
 # }}}
 update_path_argsfile_pidfile() {	# {{{
+	# If $SLAPD_CONF is a directory, the user is using cn=config.  Assume
+	# they know what they're doing.
+	if [ -d "$SLAPD_CONF" ]; then return 0; fi
+
 	write_slapd_conf "$SLAPD_CONF" 's|^(argsfile\s+).*|$1/var/run/slapd/slapd.args|'
 	write_slapd_conf "$SLAPD_CONF" 's|^(pidfile\s+).*|$1/var/run/slapd/slapd.pid|'
 }
@@ -734,6 +741,10 @@
 	db_get slapd/allow_ldap_v2
 	if [ "$RET" != "true" ]; then return 0; fi
 
+	# If $SLAPD_CONF is a directory, the user is using cn=config.  Assume
+	# they know what they're doing.
+	if [ -d "$SLAPD_CONF" ]; then return 0; fi
+
 	echo -n "  Enabling LDAPv2 support... " >&2
 
 	# Check if already enabled

More information about the Pkg-openldap-devel mailing list