Install @sample /var/openldap-* as owned by unpriviledged user _openldap, and

add a pkg/MESSAGE-server teaching the user how to launch slapd in rc.local as _openldap user. english 'looks fine' jmc@, and ok ajacoutot@ mbalmer@ (maintainer)
2008-02-13 09:45:54 +00:00 · 2008-02-13 09:45:54 +00:00 · 897eaf2c75
commit 897eaf2c75
parent 3cfc70432a
4 changed files with 37 additions and 7 deletions
--- a/databases/openldap/Makefile
+++ b/databases/openldap/Makefile
@ -1,11 +1,11 @@
-# $OpenBSD: Makefile,v 1.81 2008/01/09 11:06:08 mbalmer Exp $
+# $OpenBSD: Makefile,v 1.82 2008/02/13 09:45:54 landry Exp $

 COMMENT-main=	Open source LDAP software (client)
 COMMENT-server=	Open source LDAP software (server)

 DISTNAME=		openldap-2.3.39
 FULLPKGNAME-main=	${DISTNAME:S/-/-client-/}
-PKGNAME-server=		${DISTNAME:S/-/-server-/}
+PKGNAME-server=		${DISTNAME:S/-/-server-/}p0

 SHARED_LIBS +=	lber                 9.1      # .2.15
 SHARED_LIBS +=	ldap                 9.1      # .2.15
--- a/databases/openldap/patches/patch-servers_slapd_slapd_conf
+++ b/databases/openldap/patches/patch-servers_slapd_slapd_conf
@ -0,0 +1,14 @@
+$OpenBSD: patch-servers_slapd_slapd_conf,v 1.1 2008/02/13 09:45:54 landry Exp $
+--- servers/slapd/slapd.conf.orig	Tue Feb 12 09:23:24 2008
+++ servers/slapd/slapd.conf	Tue Feb 12 09:24:11 2008
+@@ -10,8 +10,8 @@ include		%SYSCONFDIR%/schema/core.schema
+ # service AND an understanding of referrals.
+ #referral	ldap://root.openldap.org
+ 
+-pidfile		%LOCALSTATEDIR%/run/slapd.pid
+-argsfile	%LOCALSTATEDIR%/run/slapd.args
+pidfile		%LOCALSTATEDIR%/run/openldap/slapd.pid
+argsfile	%LOCALSTATEDIR%/run/openldap/slapd.args
+ 
+ # Load dynamic backend modules:
+ # modulepath	%MODULEDIR%
--- a/databases/openldap/pkg/MESSAGE-server
+++ b/databases/openldap/pkg/MESSAGE-server
@ -0,0 +1,13 @@
+To start slapd, configure it in ${SYSCONFDIR}/openldap/slapd.conf then add
+the following line to /etc/rc.conf.local:
+
+slapd_flags="-u _openldap"
+
+and to /etc/rc.local (be sure to start it _before_ any daemon that may
+need it):
+
+if [ "$slapd_flags" != "NO" -a -x ${PREFIX}/libexec/slapd ]; then
+    install -d -o _openldap /var/run/openldap
+    ${PREFIX}/libexec/slapd $slapd_flags
+    echo -n ' slapd'
+fi
--- a/databases/openldap/pkg/PLIST-server
+++ b/databases/openldap/pkg/PLIST-server
@ -1,4 +1,4 @@
-@comment $OpenBSD: PLIST-server,v 1.15 2007/01/23 12:57:32 mbalmer Exp $
+@comment $OpenBSD: PLIST-server,v 1.16 2008/02/13 09:45:54 landry Exp $
@conflict openldap-client->=2.3.11,<=2.3.11p3
@newgroup _openldap:544
@newuser _openldap:544:_openldap:daemon:OpenLDAP Account:/nonexistent:/sbin/nologin
@ -41,10 +41,6 @@ sbin/slapdn
 sbin/slapindex
 sbin/slappasswd
 sbin/slaptest
-@sample /var/openldap-data/
-@sample /var/openldap-slurp/
-share/examples/openldap/DB_CONFIG
-@sample /var/openldap-data/DB_CONFIG
 share/examples/openldap/schema/
@sample ${SYSCONFDIR}/openldap/schema/
 share/examples/openldap/schema/corba.schema
@ -69,3 +65,10 @@ share/examples/openldap/schema/ppolicy.schema
@sample ${SYSCONFDIR}/openldap/schema/ppolicy.schema
 share/examples/openldap/slapd.conf
@sample ${SYSCONFDIR}/openldap/slapd.conf
+@mode 700
+@owner _openldap
+@group _openldap
+@sample /var/openldap-data/
+@sample /var/openldap-slurp/
+share/examples/openldap/DB_CONFIG
+@sample /var/openldap-data/DB_CONFIG