[Pkg-openldap-devel] [openldap] 04/14: r425 at pulsar: torsten | 2005-02-25 19:08:59 +0100 * debian/slapd.postinst: Code cleanup and reading, unused and duplicate code removed. Main body still needs fixing.
Timo Aaltonen
tjaalton-guest at alioth.debian.org
Thu Oct 10 05:34:28 UTC 2013
This is an automated email from the git hooks/post-receive script.
tjaalton-guest pushed a commit to annotated tag 2.2.23-0.pre3
in repository openldap.
commit 6e3c760013b104b28d0bd0e1324e4b2e23114ee4
Author: Torsten Landschoff <torsten at debian.org>
Date: Fri Feb 25 23:13:31 2005 +0000
r425 at pulsar: torsten | 2005-02-25 19:08:59 +0100
* debian/slapd.postinst: Code cleanup and reading, unused and duplicate
code removed. Main body still needs fixing.
---
debian/changelog | 2 +
debian/slapd.postinst | 624 +++++++++++++++++++++++++++----------------------
2 files changed, 349 insertions(+), 277 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 75bc26b..5343c83 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -7,6 +7,8 @@ openldap2.2 (2.2.23-0.pre3) experimental; urgency=low
insulated to not make a difference when not used.
* .../Makefile.in: Remove -s option from install invocations and let
dh_strip handle stripping binaries (closes: #264448).
+ * debian/slapd.postinst: Code cleanup and reading, unused and duplicate
+ code removed. Main body still needs fixing.
--
diff --git a/debian/slapd.postinst b/debian/slapd.postinst
index 61b4781..c89326e 100644
--- a/debian/slapd.postinst
+++ b/debian/slapd.postinst
@@ -6,327 +6,397 @@ set -e
# various helper functions and $OLD_VERSION and $SLAPD_CONF
#SCRIPTSCOMMON#
+compute_backup_path() { # {{{
+# Compute the path to backup a database directory
+# Usage: compute_backup_path <dir> <basedn>
+
+# XXX: should ask the user via debconf
+
+ local dirname basedn
+ dirname="$1"
+ basedn="$2"
+
+ echo -n "/var/backups/slapd-$OLD_VERSION"
+ if [ "$basedn" ]; then
+ echo -n "$basedn"
+ fi
+}
+# }}}
+move_old_database_away() { # {{{
# Move the old database away if it is still there
-move_old_database_away() {
- if ! is_empty_dir /var/lib/ldap; then
- db_get slapd/move_old_database
- if [ "$RET" = true ]; then
- target=/var/backups/var_lib_ldap-`date +%Y%m%d`
- echo -n " Moving /var/lib/ldap/* to $target... "
- mkdir -p $target
- mv /var/lib/ldap/* $target
- echo done
- else
- cat <<EOF
-There are leftover files in /var/lib/ldap. This will probably break
-creating the initial directory. If that's the case please move away
-stuff in there and retry the configuration.
+#
+# In fact this function makes sure that the database directory is empty
+# and can be populated with a new database. If something is in the way
+# it is moved to a backup directory if the user accepted the debconf
+# option slapd/move_old_database. Otherwise we output a warning and let
+# the user fix it himself.
+# Usage: move_old_database_away <dbdir> [<basedn>]
+
+ local databasedir backupdir
+ databasedir="$1"
+ suffix="$2"
+ backupdir=`compute_backup_path "$databasedir" "$suffix"`
+
+ if is_empty_dir "$databasedir"; then
+ return
+ fi
+
+ # Note that we can't just move the database dir as it might be
+ # a mount point. Instead me move the content which might
+ # include mount points as well anyway, but it's much less likely.
+ db_get slapd/move_old_database
+ if [ "$RET" = true ]; then
+ echo -n " Moving $databasedir/* to $backupdir... " >&2
+ mkdir -p "$backupdir"
+ mv "$databasedir"/* "$backupdir"/
+ echo done >&2
+ else
+ cat >&2 <<EOF
+ There are leftover files in $databasedir. This will probably break
+ creating the initial directory. If that's the case please move away
+ stuff in there and retry the configuration.
EOF
- fi
- fi
+ fi
}
-
-# Check if the user wants to configure everything himself
-manual_configuration_wanted() {
- db_get slapd/no_configuration
- if [ "$RET" = "true" ]; then
- return 0
- else
- return 1
- fi
+# }}}
+manual_configuration_wanted() { # {{{
+# Check if the user wants to configure everything himself (queries debconf)
+# Returns success if yes.
+
+ db_get slapd/no_configuration
+ if [ "$RET" = "true" ]; then
+ return 0
+ else
+ return 1
+ fi
}
-
+# }}}
+create_new_configuration() { # {{{
# Create a new configuration and directory
-create_new_configuration() {
- db_get slapd/domain
- # For the domain really.argh.org we create the basedn
- # dc=really,dc=argh,dc=org with the dc entry dc: really
- basedn="dc=`echo $RET|sed 's/\./,dc=/g'`"
- dc="`echo $RET|sed 's/\..*$//'`"
-
- db_get slapd/backend
- backend="`echo $RET|tr A-Z a-z`"
-
- # Make sure the daemon is shut down when doing
- # a reconfigure. No daemon should be running
- # during an initial install.
- if [ "$1" = reconfigure ] || [ "$DEBCONF_RECONFIGURE" ]; then
- invoke-rc.d slapd stop
- fi
-
- move_old_database_away
- create_new_slapd_conf "$basedn" "$backend"
- create_new_directory "$basedn" "$dc"
-}
-# Creates a new slapd.conf for the suffix given
-create_new_slapd_conf() {
- basedn=$1
- backend=$2
- checkpoint=""
-
- if [ "$backend" = "bdb" ]; then
- checkpoint="checkpoint 512 30"
- fi
-
- TMPFILE=`mktemp -q ${SLAPD_CONF}.XXXXXX`
- echo -n "Creating initial slapd configuration... "
- sed -e "s/@SUFFIX@/$basedn/g" -e "s/@ADMIN@/cn=admin,$basedn/g" \
- -e "s/@CHECKPOINT@/$checkpoint/g" \
- -e "s/@BACKEND@/$backend/g" </usr/share/slapd/slapd.conf >$TMPFILE
- mv $TMPFILE $SLAPD_CONF
- echo "done"
+ local basedn dc backend
+
+ # For the domain really.argh.org we create the basedn
+ # dc=really,dc=argh,dc=org with the dc entry dc: really
+ db_get slapd/domain
+ local basedn="dc=`echo $RET|sed 's/\./,dc=/g'`"
+ dc="`echo $RET|sed 's/\..*$//'`"
+
+ db_get slapd/backend
+ backend="`echo $RET|tr A-Z a-z`"
+
+ # Make sure the daemon is shut down when doing a reconfigure. No
+ # daemon should be running during an initial install.
+ # XXX: Shouldn't we stop and start slapd at the outer level?
+ if [ "$1" = reconfigure ] || [ "$DEBCONF_RECONFIGURE" ]; then
+ invoke-rc.d slapd stop
+ fi
+
+ move_old_database_away /var/lib/ldap
+ create_new_slapd_conf "$basedn" "$backend"
+ create_new_directory "$basedn" "$dc"
}
+# }}}
+create_new_slapd_conf() { # {{{
+# Creates a new slapd.conf for the suffix given
+# Usage: create_new_slapd_conf <basedn> <backend>
+
+ local basedn backend checkpoint conf_new conf_template
+
+ basedn="$1"
+ backend="$2"
+ checkpoint=""
+ conf_template=""
+
+ # Checkpoint if using the BDB backend
+ if [ "$backend" = "bdb" ]; then
+ checkpoint="checkpoint 512 30"
+ fi
+ conf_new=`mktemp -q ${SLAPD_CONF}.XXXXXX`
+ echo -n " Creating initial slapd configuration... " >&2
+ sed <"$conf_template" >"$conf_new" \
+ -e "s/@SUFFIX@/$basedn/g" \
+ -e "s/@ADMIN@/cn=admin,$basedn/g" \
+ -e "s/@CHECKPOINT@/$checkpoint/g" \
+ -e "s/@BACKEND@/$backend/g"
+ mv $conf_new $SLAPD_CONF
+ echo "done" >&2
+}
+# }}}
+create_new_directory() { # {{{
# Create a new directory. Takes the basedn and the dc value of that entry.
# Other information is extracted from debconf.
-create_new_directory() {
- basedn=$1
- dc=$2
-
- db_get shared/organization
- organization="$RET"
- db_get slapd/internal/adminpw
- adminpass="$RET"
+# Usage: create_new_directory <basedn> <dc>
+
+ local basedn dc organization adminpass
+ basedn="$1"
+ dc="$2"
+
+ db_get shared/organization
+ organization="$RET"
+ db_get slapd/internal/adminpw
+ adminpass="$RET"
- echo -n "Creating initial LDAP directory... "
- touch /var/lib/slapd/suffix_change
-
- cat <<EOF | slapadd
-dn: $basedn
-objectClass: top
-objectClass: dcObject
-objectClass: organization
-o: $organization
-dc: $dc
-
-dn: cn=admin,$basedn
-objectClass: simpleSecurityObject
-objectClass: organizationalRole
-cn: admin
-description: LDAP administrator
-userPassword: {crypt}$adminpass
+ echo -n " Creating initial LDAP directory... " >&2
+ touch /var/lib/slapd/suffix_change
+
+ cat <<-EOF | slapadd
+ dn: $basedn
+ objectClass: top
+ objectClass: dcObject
+ objectClass: organization
+ o: $organization
+ dc: $dc
+
+ dn: cn=admin,$basedn
+ objectClass: simpleSecurityObject
+ objectClass: organizationalRole
+ cn: admin
+ description: LDAP administrator
+ userPassword: {crypt}$adminpass
+ EOF
+
+ echo "done" >&2
+}
+# }}}
+autoconfigure_modules() { # {{{
+# On upgrades from pre-2.1 we might have to update the configuration
+# file for loading the backend modules. This function tries to figure out
+# the needed changes automatically.
+# This function should probably go away some time after sarge release.
-EOF
+ local new_conf
- echo "done"
-}
+ # Without a configuration we have nothing to update
+ if [ ! -e "$SLAPD_CONF" ]; then
+ echo " Did not find slapd.conf to update modules" >&2
+ return 0
+ fi
-# On upgrades from pre-2.1 we might have to update the configuration
-# file for loading the backend modules.
-autoconfigure_modules() {
- # If the modulepath directive is already used in slapd.conf we assume
- # that the configuration was already adjusted
- if grep -q ^modulepath $SLAPD_CONF; then return 0; fi
-
- # If the user does not want us to do the module config we bail out
- db_get slapd/autoconf_modules || true
- if [ "$RET" != "true" ]; then return 0; fi
-
- # We really are allowed to update...
- echo -n "Updating config for dynamic backends... "
- TMPFILE=`mktemp -q ${SLAPD_CONF}.XXXXXX`
- chmod --reference=$SLAPD_CONF $TMPFILE
- cat <<EOF >$TMPFILE
-# Loading of backend modules - automatically generated
-
-modulepath /usr/lib/ldap
-EOF
- read_slapd_conf < $SLAPD_CONF | \
- sed -n 's/^database[[:space:]]\+\([a-z]\+\)/moduleload back_\1/p' \
- >>$TMPFILE
- echo >>$TMPFILE
- cat $SLAPD_CONF >>$TMPFILE
- mv $TMPFILE $SLAPD_CONF
- echo done
+ # If the modulepath directive is already used in slapd.conf we assume
+ # that the configuration was already adjusted
+ if grep -q ^modulepath $SLAPD_CONF; then return 0; fi
+
+ # If the user does not want us to do the module config we bail out
+ db_get slapd/autoconf_modules || true
+ if [ "$RET" != "true" ]; then return 0; fi
+
+ echo -n " Updating config for dynamic backends... " >&2
+ new_conf=`mktemp -q ${SLAPD_CONF}.XXXXXX`
+ chmod --reference=$SLAPD_CONF $new_conf
+ cat <<-EOF >$new_conf
+ # Loading of backend modules - automatically generated
+
+ modulepath /usr/lib/ldap
+ EOF
+ read_slapd_conf < $SLAPD_CONF | sed -n >>"$new_conf" \
+ 's/^database[[:space:]]\+\([a-z]\+\)/moduleload back_\1/p'
+ echo >>$new_conf
+ cat $SLAPD_CONF >>$new_conf
+ mv $new_conf $SLAPD_CONF
+ echo done >&2
}
-
-
+# }}}
+configure_v2_protocol_support() { # {{{
# Adds the "allow bind_v2" directive to the configuration if the user decided
# he wants to have ldap v2 enabled.
-configure_v2_protocol_support() {
- db_get slapd/allow_ldap_v2
- if [ "$RET" != "true" ]; then
- return 0
- fi
-
- echo -n "Enabling LDAPv2 support... "
-
- # Check if already enabled
- if read_slapd_conf < $SLAPD_CONF | \
- grep -q -E '^allow[[:space:]][^#]*bind_v2'; then
- echo "already enabled"
- return 0
- fi
-
- # Create a temporary file for the new config
- TMPFILE=`mktemp -q ${SLAPD_CONF}.XXXXXX`
- chmod --reference=$SLAPD_CONF $TMPFILE
-
- # If there is an existing global allow command, add our option
- if extend_existing_allow_directive < $SLAPD_CONF > $TMPFILE; then
- # Succeeded
- echo "updated existing allow line."
- else
- # That failed, so we have to add a new line for it
- echo '# Allow LDAPv2 binds' > $TMPFILE
- echo 'allow bind_v2' >> $TMPFILE
- echo >> $TMPFILE
- cat $SLAPD_CONF >> $TMPFILE
- echo "done"
- fi
-
- # Activate the new configuration file
- mv $TMPFILE $SLAPD_CONF
-}
+ local new_conf
+
+ db_get slapd/allow_ldap_v2
+ if [ "$RET" != "true" ]; then return 0; fi
+
+ echo -n "Enabling LDAPv2 support... " >&2
+
+ # Check if already enabled
+ if read_slapd_conf < $SLAPD_CONF | \
+ grep -q -E '^allow[[:space:]][^#]*bind_v2'; then
+ echo "already enabled" >&2
+ return 0
+ fi
+
+ # Create a temporary file for the new config
+ new_conf=`mktemp -q ${SLAPD_CONF}.XXXXXX`
+ chmod --reference=$SLAPD_CONF $new_conf
+
+ # If there is an existing global allow command, add our option
+ if extend_existing_allow_directive < $SLAPD_CONF > $new_conf; then
+ # Succeeded
+ echo -n "updated existing allow line" >&2
+ else
+ # That failed, so we have to add a new line for it
+ echo '# Allow LDAPv2 binds' > $new_conf
+ echo 'allow bind_v2' >> $new_conf
+ echo >> $new_conf
+ cat $SLAPD_CONF >> $new_conf
+ echo -n "done" >&2
+ fi
+
+ # Activate the new configuration file
+ mv $new_conf $SLAPD_CONF
+ echo . >&2
+}
+# }}}
+extend_existing_allow_directive() { # {{{
# Filter the config file for an allow directive and add "bind_v2" to it
# if found.
-extend_existing_allow_directive() {
- script='
- $done = 0;
- while (<>) {
- $done = 1 if s/^allow/allow bind_v2/;
- last if m/^database/;
- print;
- }
- exit ! $done;'
-
- if perl -e "$script"; then
- return 0
- else
- return 1
- fi
-}
-# Check if the preinst slapcat worked or not, if not, go ahead and
-# attempt to slapcat here with the new version of slapcat
-export_database() {
- suffix="$1"
- location="$2"
-
- if [ ! -e "$location" ]; then
- echo -n " Dumping directory to $location with new slapcat... "
- slapcat -b "$suffix" > "$location" || SLAPCAT_FAIL=1
- if [ "$SLAPCAT_FAIL" = "1" ]; then
- echo "failed"
- rm -f "$location"
- db_input high slapd/upgrade_slapcat_failure || true
- else
- echo "done"
- fi
- fi
+ local script
+ script='
+ $done = 0;
+ while (<>) {
+ $done = 1 if s/^allow/allow bind_v2/;
+ last if m/^database/;
+ print;
+ }
+ exit ! $done;'
+
+ perl -e "$script" || return 1
}
+# }}}
+alert_user() { # {{{
+# Tell the user that something went miserably wrong.
+# Usage: alert_user <key>
+# Currently key can be upgrade_slapcat_failure
+
+ local dc_failed key
+ key="$1"
+ dc_failed=
+
+ db_input high slapd/$key || dc_failed=1
+ db_go || dc_failed=1
+
+ if [ "$dc_failed" -a "$key" = "upgrade_slapcat_failure" ]; then
+ cat <<EOF
+When attempting to upgrade your LDAP directory there was an error.
+This error occured when performing the 'slapcat' which attempts to
+extract your LDAP directory. This failure could be because of an
+incorrect config file. For example, if the appropriate moduleload
+lines for your backend database type are missing. This failure
+will cause 'slapadd' later to fail too. The old database files are
+about to be moved to /var/backups. If you want to try this upgrade
+again then move the old database files back into place, fix whatever
+caused slapcat to fail, and run:
+slapcat | /usr/share/slapd/fix_ldif -w -o "$organization" > $location
+Move the database files back to a backup area and then try and
+slapadd from $location.
+EOF
+ elif [ "$dc_failed" -a "$key" = "upgrade_slapadd_failure" ]; then
+ cat <<EOF
+ When attempting to upgrade your LDAP directory there was an error.
+ This error occured when performing the 'slapadd' which attempts to
+ populate an empty new LDAP directory using the information from your
+ original LDAP directory. Your original LDAP directory files have
+ been saved in /var/backups. The results of the attempted upgrade
+ is the ldif file in /var/backups. slapadd may have failed due to
+ a configuration problem (in which case slapcat would have failed
+ too) or due to a problem in the ldif. If the problem was with the
+ ldif then you may be able to fix it and attempt the slapadd again.
+EOF
+ fi
+ exit 1
+}
+# }}}
+fix_ldif() { # {{{
# Fix the directory when upgrading from before 2.1 and the root
# dn has no structural objectclass
-fix_ldif() {
- location="$1"
- fixed_location="$2"
-
- # We should now have a valid ldif file, created either in the
- # preinst or above. If we don't, then the user has been
- # notified and just give up.
-
- if [ -e "$location" ]; then
- db_get shared/organization
- organization="$RET"
- if [ -z "$organization" ]; then organization=Unknown; fi
- /usr/share/slapd/fix_ldif -w -o "$organization" < "$location" > "$fixed_location"
- fi
+# Usage: fix_ldif <old-ldif-file> <new-ldif-file>
+
+ local location fixed_location
+ location="$1"
+ fixed_location="$2"
+
+ db_get shared/organization
+ organization="$RET"
+ if [ -z "$organization" ]; then organization=Unknown; fi
+
+ /usr/share/slapd/fix_ldif -w -o "$organization" \
+ < "$location" > "$fixed_location"
}
-
-move_old_database_directory_away() {
- suffix=$1
- directory=$2
-
- if [ -n "$directory" ]; then
- echo -n " Moving old database files to /var/backups/ldap/$OLD_VERSION/... "
- mkdir -p "/var/backups/ldap/$OLD_VERSION/$suffix"
- mv "$directory"/* "/var/backups/ldap/$OLD_VERSION/$suffix/"
- echo "done"
- fi
-}
-
-# If a dump file from the old version exists we want to recreate the
-# directory from it
-import_database() {
- suffix="$1"
- location="$2"
-
- if [ -e "$location" ]; then
- echo -n " Recreating directory from $location... "
- SLAPADD_FAIL=0
- slapadd -b "$suffix" -u -l "$location" || SLAPADD_FAIL=1
- if [ "$SLAPADD_FAIL" = "1" ]; then
- echo "failed"
- db_input high slapd/upgrade_slapadd_failure || true
- else
- slapadd -b "$suffix" -l "$location"
- echo "done"
- fi
- fi
+# }}}
+import_database() { # {{{
+# Import a database from an ldif dump
+# Usage: import_database <basedn> <ldif-file>
+
+ local suffix location failure
+
+ suffix="$1"
+ location="$2"
+ failure=
+
+ echo -n " Loading $suffix from $location... " >&2
+ slapadd -b "$suffix" -l "$location" || failure=1
+ if [ "$failure" ]; then
+ echo "failed." >&2
+ alert_user upgrade_slapadd_failure
+ else
+ echo "done." >&2
+ fi
}
+# }}}
-# MAIN
-
. /usr/share/debconf/confmodule
+# Initial configuration {{{
+
if is_initial_configuration "$@"; then
- if manual_configuration_wanted; then
- echo "Omitting slapd configuration as requested."
- else
- create_new_configuration
- fi
+ if manual_configuration_wanted; then
+ echo " Omitting slapd configuration as requested." >&2
+ else
+ create_new_configuration
+ fi
fi
+# }}}
+# Update configuration files for new features {{{
configure_v2_protocol_support
-
if upgrading_version_pre21; then
- autoconfigure_modules
+ autoconfigure_modules
fi
+# }}}
+
+# BROKEN - please fix the following mess!! -- Torsten
+
+# Dump and reload the database if file format changed # {{{
if database_might_need_reload; then
- get_database_list | while read backend suffix directory
- do
- suffix=`eval echo $suffix`
- directory=`eval echo $directory`
- location=`ldif_dump_location "$suffix"`
-
- if ! test -e "$location"; then
- continue
- fi
+ get_database_list | while read backend suffix directory
+ do
+ suffix=`eval echo $suffix`
+ directory=`eval echo $directory`
+ location=`ldif_dump_location "$suffix"`
+
+ if ! test -e "$location"; then
+ continue
+ fi
- echo "Processing directory $suffix..."
-
- # XXX: to be truly idempotent, we should make sure we don't try to
- # overwrite this ldif file on a second pass after already having
- # moved some of the files aside below.
-
- if [ ! -f "/var/lib/slapd/upgrade-$suffix" ]; then
- if database_needs_reload "$backend" || database_needs_fixing; then
- export_database "$suffix" "$location"
- if database_needs_fixing; then
- fix_ldif "$location" "${location}.new"
- else
- cp -a "$location" "$location.new"
- fi
- move_old_database_directory_away "$suffix" "$directory"
- touch "/var/lib/slapd/upgrade-$suffix"
- fi
- fi
- import_database "$suffix" "${location}.new"
-
- # Since this is actually a subshell, we need to explicitly
- # call exit: otherwise, the errors won't be caught, and the rm command
- # below gets run!
- done || exit $?
+ # XXX: to be truly idempotent, we should make sure we don't try
+ # to overwrite this ldif file on a second pass after already
+ # having moved some of the files aside below.
+ database_needs_reload "$backend" || database_needs_fixing \
+ || continue
+
+ if database_needs_fixing; then
+ fix_ldif "$location" "${location}.new"
+ else
+ cp -al "$location" "$location.new"
+ fi
+ move_old_database_directory_away "$directory" "$suffix"
+ import_database "$suffix" "${location}.new"
+
+ # Since this is actually a subshell, we need to explicitly call
+ # exit: otherwise, the errors won't be caught, and the rm
+ # command below gets run!
+ done || exit $?
fi
+# }}}
db_stop || true
#DEBHELPER#
-rm -f /var/lib/slapd/upgrade-*
+# vim: set sw=8 foldmethod=marker:
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-openldap/openldap.git
More information about the Pkg-openldap-devel
mailing list