aboutsummaryrefslogtreecommitdiffstats
path: root/modules/openldap
diff options
context:
space:
mode:
authorMichael Scherer <misc@mageia.org>2012-01-22 16:15:58 +0000
committerMichael Scherer <misc@mageia.org>2012-01-22 16:15:58 +0000
commite96b71026f10d86e245ccf32840f875e0096ca96 (patch)
treed0b7f761fd1c950e3a83e5c36359585df3676cfd /modules/openldap
parent3e0399d0dbbc101e870602b5e5574ec8e823102f (diff)
downloadpuppet-e96b71026f10d86e245ccf32840f875e0096ca96.tar
puppet-e96b71026f10d86e245ccf32840f875e0096ca96.tar.gz
puppet-e96b71026f10d86e245ccf32840f875e0096ca96.tar.bz2
puppet-e96b71026f10d86e245ccf32840f875e0096ca96.tar.xz
puppet-e96b71026f10d86e245ccf32840f875e0096ca96.zip
automatically fill the ldap on test vm ( denoted by the environment variable
set to test )
Diffstat (limited to 'modules/openldap')
-rw-r--r--modules/openldap/manifests/init.pp14
-rw-r--r--modules/openldap/templates/init_ldap.sh25
-rw-r--r--modules/openldap/templates/slapd.conf4
3 files changed, 42 insertions, 1 deletions
diff --git a/modules/openldap/manifests/init.pp b/modules/openldap/manifests/init.pp
index d3f344cb..df8452b3 100644
--- a/modules/openldap/manifests/init.pp
+++ b/modules/openldap/manifests/init.pp
@@ -57,6 +57,20 @@ class openldap {
Openldap::Config['/etc/sysconfig/ldap'] {
content => template("openldap/ldap.sysconfig"),
}
+
+ if $environment == "test" {
+ # if we ae in a test vm, we need to fill the directory
+ # with data
+ local_script { "init_ldap.sh":
+ content => template('openldap/init_ldap.sh'),
+ }
+
+ exec { "init_ldap.sh":
+ # taken arbirtrary among all possible file
+ create => "/var/lib/ldap/objectClass.bdb",
+ require => Local_script["init_ldap.sh"],
+ }
+ }
}
# TODO create the user for sync in ldap
diff --git a/modules/openldap/templates/init_ldap.sh b/modules/openldap/templates/init_ldap.sh
new file mode 100644
index 00000000..8f703fb0
--- /dev/null
+++ b/modules/openldap/templates/init_ldap.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+
+ldapadd -Y EXTERNAL -H ldapi:/// <<EOF
+dn: <%= dc_suffix %>
+dc: <%= dc_suffix.split(',')[0].split('=')[1] %>
+objectClass: domain
+objectClass: domainRelatedObject
+associatedDomain: <%= domain %>
+
+dn: ou=People,<%= dc_suffix %>
+ou: People
+objectClass: organizationalUnit
+
+dn: ou=Group,<%= dc_suffix %>
+ou: Group
+objectClass: organizationalUnit
+
+dn: cn=mga-packagers,ou=Group,<%= dc_suffix %>
+objectClass: groupOfNames
+objectClass: posixGroup
+cn: mga-packagers
+gidNumber: 5003
+member: cn=manager,<%= dc_suffix %>
+
+EOF
diff --git a/modules/openldap/templates/slapd.conf b/modules/openldap/templates/slapd.conf
index 13f69a27..57e5cbab 100644
--- a/modules/openldap/templates/slapd.conf
+++ b/modules/openldap/templates/slapd.conf
@@ -113,9 +113,11 @@ constraint_attribute sshPublicKey regex "^ssh-[rd]sa [[:graph:]]+ [[:graph:]]+$"
#refint_attributes member
#refint_nothing "uid=LDAP Admin,ou=System Accounts,dc=example,dc=com"
+<% if environment == "test" %>
authz-regexp "gidNumber=0\\\+uidNumber=0,cn=peercred,cn=external,cn=auth"
- "uid=Account Admin,ou=System Accounts,<%= dc_suffix %>"
+ "cn=manager,<%= dc_suffix %>"
authz-regexp ^uid=([^,]+),cn=[^,]+,cn=auth$ uid=$1,ou=People,<%= dc_suffix %>
+<% end %>
include /etc/openldap/mandriva-dit-access.conf