You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by sm...@apache.org on 2022/03/01 15:34:19 UTC
[directory-fortress-core] 01/01: FC-308 - Symas OpenLDAP 2.5 Support

This is an automated email from the ASF dual-hosted git repository.

smckinney pushed a commit to branch openldap-install
in repository https://gitbox.apache.org/repos/asf/directory-fortress-core.git

commit 16e1c31a763c9c64da85753f5f8729a39031fa7f
Author: Shawn McKinney <sm...@symas.com>
AuthorDate: Tue Mar 1 09:34:13 2022 -0600

    FC-308 - Symas OpenLDAP 2.5 Support
---
 README-QUICKSTART-SLAPD.md | 58 ++++++++++++++++++----------------------------
 build-config.xml           |  1 -
 ldap/slapd.conf.src        |  7 +-----
 slapd.properties.example   | 40 +++++++++++---------------------
 4 files changed, 38 insertions(+), 68 deletions(-)

diff --git a/README-QUICKSTART-SLAPD.md b/README-QUICKSTART-SLAPD.md
index 97cf931..315c426 100644
--- a/README-QUICKSTART-SLAPD.md
+++ b/README-QUICKSTART-SLAPD.md
@@ -75,44 +75,30 @@ ________________________________________________________________________________
  * Learn more about how the config works: [README-CONFIG](README-CONFIG.md).
  * Learn more about what properties there are: [README-PROPERTIES](README-PROPERTIES.md).
 
-3. Download the latest OpenLDAP binaries for your platform:
- [Symas OpenLDAP Silver Edition](https://downloads.symas.com/products/symas-openldap-directory-silver-edition/)
+3. Setup your Debian or Rehat repos for Symas OpenLDAP packages:
+ [Symas OpenLDAP 2.5](https://repo.symas.com/soldap/)
 
-4. Place either a centos or debian package under the folder named *ldap* : [fortress-core-[VERSION]/ldap](./ldap)
-
-5. Edit the *slapd.properties* file:
+4. Edit the *slapd.properties* file:
 
  ```
  vi slapd.properties
  ```
 
-6. Update the *slapd.properties* file *slapd.install* statement with a reference to the openldap file install downloaded earlier.
+5. Choose which package to install Debian or Redhat:
 
- a. For Debian installs:
-  ```
-  slapd.install=dpkg -i symas-openldap-silver.version.platform.deb
-  ```
+```
+#Debian:
+slapd.install=apt install symas-openldap-clients symas-openldap-server -y
+slapd.uninstall=apt remove symas-openldap-clients symas-openldap-server -y
 
- b. For Centos:
-  ```
-  slapd.install=rpm -i symas-openldap-silver.version.platform.rpm
-  ```
+# Or:
 
-7. Specify whether you want to enable the slapo-rbac overlay:
+# Redhat:
+slapd.install=yum install symas-openldap-servers, symas-openldap-clients -y
+slapd.uninstall=yum remove symas-openldap-servers, symas-openldap-clients -y
+```
 
- a. Yes, I want to enable slapo-rbac:
-  ```
-  rbac.accelerator=true
-  ```
-
- *To use this option, symas-openldap version 2.4.43++ is required.*
-
- b. No, I don't want to enable slapo-rbac:
-  ```
-  rbac.accelerator=false
-  ```
-
-8. (optional) Specify whether you want to communicate over SSL using LDAPS:
+6. (optional) Specify whether you want to communicate over SSL using LDAPS:
 
  a. Place .pem files for ca-certificate, server certificate and private key in folder named *certs* : [fortress-core-[VERSION]/src/test/resources/certs](./src/test/resources/certs)
 
@@ -152,9 +138,9 @@ ________________________________________________________________________________
   - the truststore may be found on the classpath or as a fully qualified file name determined by trust.store.onclasspath.
   - The LDAP URIs are used by the server listener during startup.
 
-9. Save and exit
+7. Save and exit
 
-10. Prepare your terminal for execution of maven commands.
+8. Prepare your terminal for execution of maven commands.
 
  ```
  #!/bin/sh
@@ -163,7 +149,7 @@ ________________________________________________________________________________
  export PATH=$PATH:$M2_HOME/bin
  ```
 
-11. Run the maven install:
+9. Run the maven install:
 
 a. Java 8 target
 
@@ -173,25 +159,27 @@ a. Java 8 target
 
 -- OR --
 
-b. Java 11 target
+b. Java 11++ target
 
  ```
  mvn clean install -Djava.version=11
  ```
 
-12. Install, configure and load the slapd server:
+Where -Djava.version matches the version of Java
+
+10. Install, configure and load the slapd server:
 
   ```
   mvn test -Pinit-slapd
   ```
 
-13. To start the slapd process:
+11. To start the slapd process:
 
   ```
   mvn test -Pstart-slapd
   ```
 
-14. To stop the slapd process:
+12. To stop the slapd process:
 
   ```
   mvn test -Pstop-slapd
diff --git a/build-config.xml b/build-config.xml
index 3cf2916..1b27a96 100644
--- a/build-config.xml
+++ b/build-config.xml
@@ -149,7 +149,6 @@
          <replace file="${target.slapd.conf}" token="@LOG_RDRS@" value="${log.rdrs}"/>
          <replace file="${target.slapd.conf}" token="@LOG_SIZE@" value="${log.size}"/>
          <replace file="${target.slapd.conf}" token="@LOG_BDB_CACHE_SIZE@" value="${log.bdb.cache.size}"/>
-         <replace file="${target.slapd.conf}" token="@DFLT_RDRS@" value="${dflt.rdrs}"/>
          <replace file="${target.slapd.conf}" token="@DFLT_SIZE@" value="${dflt.size}"/>
          <replace file="${target.slapd.conf}" token="@DFLT_BDB_CACHE_SIZE@" value="${dflt.bdb.cache.size}"/>
          <replace file="${target.slapd.conf}" token="@DFLT_BDB_CACHE_IDLE_SIZE@" value="${dflt.bdb.cache.idle.size}"/>
diff --git a/ldap/slapd.conf.src b/ldap/slapd.conf.src
index f29bcd6..2c20952 100755
--- a/ldap/slapd.conf.src
+++ b/ldap/slapd.conf.src
@@ -21,7 +21,7 @@
 # Note: Directives that begin with '@' are substitution parms that get automatically replaced.
 
 include		@SCHEMA_PATH@/core.schema
-include		@SCHEMA_PATH@/ppolicy.schema
+#include	@SCHEMA_PATH@/ppolicy.schema
 include		@SCHEMA_PATH@/cosine.schema
 include		@SCHEMA_PATH@/inetorgperson.schema
 include		@SCHEMA_PATH@/rfc2307bis.schema
@@ -66,7 +66,6 @@ password-hash {SSHA}
 # Access Log DB Settings
 #######################################################################
 database	 @DB_TYPE@
-@LOG_RDRS@
 @LOG_SIZE@
 suffix		"@LOG_SUFFIX@"
 rootdn      "@LOG_ROOT_DN@"
@@ -78,7 +77,6 @@ index reqDN,reqAuthzID,reqAttr,reqMod,reqResult eq
 directory	"@HISTORY_DB_PATH@"
 @LOG_DBNOSYNCH@
 @LOG_CHECKPOINT@
-@LOG_BDB_CACHE_SIZE@
 
 # Accesslog is readable by replicator and fortress:
 access to dn.subtree="@LOG_SUFFIX@"
@@ -90,7 +88,6 @@ access to dn.subtree="@LOG_SUFFIX@"
 # Default DB Settings
 #######################################################################
 database	@DB_TYPE@
-@DFLT_RDRS@
 @DFLT_SIZE@
 suffix      "@SUFFIX@"
 rootdn      "@ROOT_DN@"
@@ -107,8 +104,6 @@ overlay accesslog
 logdb   "@LOG_SUFFIX@"
 @DFLT_DBNOSYNCH@
 @DFLT_CHECKPOINT@
-@DFLT_BDB_CACHE_SIZE@
-@DFLT_BDB_CACHE_IDLE_SIZE@
 
 # The fortress admin needs write access to the whole DIT
 access to dn.subtree="@SUFFIX@"
diff --git a/slapd.properties.example b/slapd.properties.example
index f36430e..2d8333e 100644
--- a/slapd.properties.example
+++ b/slapd.properties.example
@@ -159,23 +159,18 @@ rfc2307=false
 
 # OpenLDAP MDB Backend config is default setting for Fortress::
 db.type=mdb
-dflt.rdrs=maxreaders 64
 dflt.size=maxsize 1000000000
-log.rdrs=maxreaders 64
 log.size=maxsize 1000000000
-dflt.bdb.cache.size=
-dflt.bdb.cache.idle.size=
-log.bdb.cache.size=
 
 # These next params used by 'init-slapd' target to install OpenLDAP to target machine.  Do not change any params below this line unless you know what you are doing:
 
 ## Symas OpenLDAP on NIX section:
 openldap.install.artifact.dir=./ldap
-db.root=/var/openldap
+db.root=/var/symas/openldap-data
 openldap.root=/opt/symas
 slapd.dir=${openldap.root}/etc/openldap
 # to start:
-pid.dir=/var/openldap
+pid.dir=/var/symas/run
 db.dir=${db.root}/dflt
 db.hist.dir=${db.root}/hist
 db.bak.dir=${db.root}/backup/dflt
@@ -187,25 +182,18 @@ dflt.dbnosynch=dbnosync
 log.checkpoint=checkpoint   64 5
 dflt.checkpoint=checkpoint    64 5
 
-# Each of the options are used for a particular Symas-OpenLDAP platform.Debian 64-bit Silver:
-
-#Debian 64-bit Silver:
-#platform=Debian-Silver-x86-64
-# Note: for Ubuntu installs, remove the file /opt/symas/etc/openldap/symas-openldap.conf before installing new package, to prevent automatic startup after the installation.
-#slapd.install=dpkg -i symas-openldap-silver.64_2.4.43-20151204_amd64.deb
-#slapd.uninstall=dpkg -r symas-openldap-silver
-#install.image.dir=/home/smckinn/archives/debian64
-#slapd.module.dir=${openldap.root}/lib64/openldap
-#slapd.start=${openldap.root}/lib64/slapd -h ldap://${ldap.host}:${ldap.port} -f ${openldap.root}/etc/openldap/slapd.conf -F ${openldap.root}/etc/openldap
-
-# Redhat 64-bit Silver:
-platform=Redhat-Silver-x86-64
-slapd.install=rpm -i symas-openldap-silver.x86_64-2.4.43-1.rpm
-slapd.uninstall=rpm -e symas-openldap-silver
-slapd.module.dir=${openldap.root}/lib64/openldap
-# use the symas openldap startup script:
-slapd.start=${openldap.root}/etc/solserver start -f ${openldap.root}/etc/openldap/slapd.conf -F ${openldap.root}/etc/openldap
-#slapd.start=${openldap.root}/lib64/slapd -h ldap://${ldap.host}:${ldap.port} -f ${openldap.root}/etc/openldap/slapd.conf -F ${openldap.root}/etc/openldap
+# Symas-OpenLDAP Configurations:
+platform=symas-openldap
+slapd.module.dir=${openldap.root}/lib/openldap
+slapd.start=${openldap.root}/lib/slapd -h ldap://${ldap.host}:${ldap.port} -f ${openldap.root}/etc/openldap/slapd.conf
+
+#Debian:
+#slapd.install=apt install symas-openldap-clients symas-openldap-server -y
+#slapd.uninstall=apt remove symas-openldap-clients symas-openldap-server -y
+
+# Redhat:
+slapd.install=yum install symas-openldap-servers, symas-openldap-clients -y
+slapd.uninstall=yum remove symas-openldap-servers, symas-openldap-clients -y
 
 ########################################################################
 # 6. RBAC ACCELERATOR OVERLAY PROPS