diff options
author | Michael Scherer <misc@mageia.org> | 2012-01-22 16:15:58 +0000 |
---|---|---|
committer | Michael Scherer <misc@mageia.org> | 2012-01-22 16:15:58 +0000 |
commit | e96b71026f10d86e245ccf32840f875e0096ca96 (patch) | |
tree | d0b7f761fd1c950e3a83e5c36359585df3676cfd /modules/openldap | |
parent | 3e0399d0dbbc101e870602b5e5574ec8e823102f (diff) | |
download | puppet-e96b71026f10d86e245ccf32840f875e0096ca96.tar puppet-e96b71026f10d86e245ccf32840f875e0096ca96.tar.gz puppet-e96b71026f10d86e245ccf32840f875e0096ca96.tar.bz2 puppet-e96b71026f10d86e245ccf32840f875e0096ca96.tar.xz puppet-e96b71026f10d86e245ccf32840f875e0096ca96.zip |
automatically fill the ldap on test vm ( denoted by the environment variable
set to test )
Diffstat (limited to 'modules/openldap')
-rw-r--r-- | modules/openldap/manifests/init.pp | 14 | ||||
-rw-r--r-- | modules/openldap/templates/init_ldap.sh | 25 | ||||
-rw-r--r-- | modules/openldap/templates/slapd.conf | 4 |
3 files changed, 42 insertions, 1 deletions
diff --git a/modules/openldap/manifests/init.pp b/modules/openldap/manifests/init.pp index d3f344cb..df8452b3 100644 --- a/modules/openldap/manifests/init.pp +++ b/modules/openldap/manifests/init.pp @@ -57,6 +57,20 @@ class openldap { Openldap::Config['/etc/sysconfig/ldap'] { content => template("openldap/ldap.sysconfig"), } + + if $environment == "test" { + # if we ae in a test vm, we need to fill the directory + # with data + local_script { "init_ldap.sh": + content => template('openldap/init_ldap.sh'), + } + + exec { "init_ldap.sh": + # taken arbirtrary among all possible file + create => "/var/lib/ldap/objectClass.bdb", + require => Local_script["init_ldap.sh"], + } + } } # TODO create the user for sync in ldap diff --git a/modules/openldap/templates/init_ldap.sh b/modules/openldap/templates/init_ldap.sh new file mode 100644 index 00000000..8f703fb0 --- /dev/null +++ b/modules/openldap/templates/init_ldap.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +ldapadd -Y EXTERNAL -H ldapi:/// <<EOF +dn: <%= dc_suffix %> +dc: <%= dc_suffix.split(',')[0].split('=')[1] %> +objectClass: domain +objectClass: domainRelatedObject +associatedDomain: <%= domain %> + +dn: ou=People,<%= dc_suffix %> +ou: People +objectClass: organizationalUnit + +dn: ou=Group,<%= dc_suffix %> +ou: Group +objectClass: organizationalUnit + +dn: cn=mga-packagers,ou=Group,<%= dc_suffix %> +objectClass: groupOfNames +objectClass: posixGroup +cn: mga-packagers +gidNumber: 5003 +member: cn=manager,<%= dc_suffix %> + +EOF diff --git a/modules/openldap/templates/slapd.conf b/modules/openldap/templates/slapd.conf index 13f69a27..57e5cbab 100644 --- a/modules/openldap/templates/slapd.conf +++ b/modules/openldap/templates/slapd.conf @@ -113,9 +113,11 @@ constraint_attribute sshPublicKey regex "^ssh-[rd]sa [[:graph:]]+ [[:graph:]]+$" #refint_attributes member #refint_nothing "uid=LDAP Admin,ou=System Accounts,dc=example,dc=com" +<% if environment == "test" %> authz-regexp "gidNumber=0\\\+uidNumber=0,cn=peercred,cn=external,cn=auth" - "uid=Account Admin,ou=System Accounts,<%= dc_suffix %>" + "cn=manager,<%= dc_suffix %>" authz-regexp ^uid=([^,]+),cn=[^,]+,cn=auth$ uid=$1,ou=People,<%= dc_suffix %> +<% end %> include /etc/openldap/mandriva-dit-access.conf |