From 24c74198234a58291ef51c122b09a6f80e2aa3f3 Mon Sep 17 00:00:00 2001 From: Michael Scherer Date: Tue, 9 Nov 2010 02:21:57 +0000 Subject: - replace hardcoded domain by a variable, to ease reuse of the module --- modules/openldap/templates/slapd.conf | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/modules/openldap/templates/slapd.conf b/modules/openldap/templates/slapd.conf index ab97aacd..faf46dba 100644 --- a/modules/openldap/templates/slapd.conf +++ b/modules/openldap/templates/slapd.conf @@ -1,3 +1,9 @@ +<% +dc_suffix = 'dc=' + domain.gsub('.',',dc=') +path_module_directory = "/usr/lib" + ( architecture == "x86_64" ? '64' : '') + "/openldap" + +%> + # slapd.conf template include /usr/share/openldap/schema/core.schema include /usr/share/openldap/schema/cosine.schema @@ -26,10 +32,6 @@ include /usr/share/openldap/schema/openssh-lpk_openldap.schema pidfile /var/run/ldap/slapd.pid argsfile /var/run/ldap/slapd.args -<% -path_module_directory = "/usr/lib" + ( architecture == "x86_64" ? '64' : '') + "/openldap" -%> - modulepath <%= path_module_directory %> moduleload back_monitor.la moduleload syncprov.la @@ -51,9 +53,9 @@ security ssf=56 loglevel 256 database bdb -suffix "dc=mageia,dc=org" +suffix "<%= dc_suffix %>" directory /var/lib/ldap -rootdn "cn=manager,dc=mageia,dc=org" +rootdn "cn=manager,<%= dc_suffix %>" checkpoint 256 5 # 32Mbytes, can hold about 10k posixAccount entries @@ -81,7 +83,7 @@ syncprov-checkpoint 100 10 syncprov-sessionlog 100 overlay ppolicy -ppolicy_default "cn=default,ou=Password Policies,dc=mageia,dc=org" +ppolicy_default "cn=default,ou=Password Policies,<%= dc_suffix %>" ppolicy_hash_cleartext yes ppolicy_use_lockout yes @@ -94,15 +96,15 @@ ppolicy_use_lockout yes #refint_nothing "uid=LDAP Admin,ou=System Accounts,dc=example,dc=com" authz-regexp "gidNumber=0\\\+uidNumber=0,cn=peercred,cn=external,cn=auth" - "uid=Account Admin,ou=System Accounts,dc=mageia,dc=org" -authz-regexp ^uid=([^,]+),cn=[^,]+,cn=auth$ uid=$1,ou=People,dc=mageia,dc=org + "uid=Account Admin,ou=System Accounts,<%= dc_suffix %>" +authz-regexp ^uid=([^,]+),cn=[^,]+,cn=auth$ uid=$1,ou=People,<%= dc_suffix %> include /etc/openldap/mandriva-dit-access.conf database monitor access to dn.subtree="cn=Monitor" - by group.exact="cn=LDAP Monitors,ou=System Groups,dc=mageia,dc=org" read - by group.exact="cn=LDAP Admins,ou=System Groups,dc=mageia,dc=org" read + by group.exact="cn=LDAP Monitors,ou=System Groups,<%= dc_suffix %>" read + by group.exact="cn=LDAP Admins,ou=System Groups,<%= dc_suffix %>" read by * none -- cgit v1.2.1