1. devstack
  2. Blame
lib/ldap
f127e2f3 
 # lib/ldap
 # Functions to control the installation and configuration of **ldap**
cc6b4435 
 # ``lib/keystone`` calls the entry points in this order:
 # install_ldap()
f127e2f3 
 
 # Save trace setting
 XTRACE=$(set +o | grep xtrace)
 set +o xtrace
cc6b4435 
 
 # Functions
 # ---------
f127e2f3 
 # install_ldap
 # install_ldap() - Collect source and prepare
 function install_ldap() {
     echo "Installing LDAP inside function"
     echo "LDAP_PASSWORD is $LDAP_PASSWORD"
     echo "os_VENDOR is $os_VENDOR"
     printf "installing"
     if is_ubuntu; then
         LDAP_OLCDB_NUMBER=1
         LDAP_ROOTPW_COMMAND=replace
         sudo DEBIAN_FRONTEND=noninteractive apt-get install slapd ldap-utils
         #automatically starts LDAP on ubuntu so no need to call start_ldap
3f34d9af 
     elif is_fedora || is_suse; then
f127e2f3 
         LDAP_OLCDB_NUMBER=2
         LDAP_ROOTPW_COMMAND=add
         start_ldap
     fi
 
     printf "generate password file"
     SLAPPASS=`slappasswd -s $LDAP_PASSWORD`
 
     printf "secret is $SLAPPASS\n"
     #create manager.ldif
     TMP_MGR_DIFF_FILE=`mktemp -t manager_ldiff.$$.XXXXXXXXXX.ldif`
     sed -e "s|\${LDAP_OLCDB_NUMBER}|$LDAP_OLCDB_NUMBER|" -e "s|\${SLAPPASS}|$SLAPPASS|" -e "s|\${LDAP_ROOTPW_COMMAND}|$LDAP_ROOTPW_COMMAND|" $FILES/ldap/manager.ldif.in >> $TMP_MGR_DIFF_FILE
 
     #update ldap olcdb
     sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f $TMP_MGR_DIFF_FILE
0c2c3fc2 
     # On fedora we need to manually add cosine and inetorgperson schemas
     if is_fedora; then
         sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif
         sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif
     fi
f127e2f3 
     # add our top level ldap nodes
cc6b4435 
     if ldapsearch -x -w $LDAP_PASSWORD -H ldap://localhost -D dc=Manager,dc=openstack,dc=org -x -b dc=openstack,dc=org | grep -q "Success"; then
f127e2f3 
         printf "LDAP already configured for OpenStack\n"
         if [[ "$KEYSTONE_CLEAR_LDAP" == "yes" ]]; then
             # clear LDAP state
             clear_ldap_state
             # reconfigure LDAP for OpenStack
             ldapadd -c -x -H ldap://localhost -D dc=Manager,dc=openstack,dc=org -w $LDAP_PASSWORD -f  $FILES/ldap/openstack.ldif
         fi
     else
         printf "Configuring LDAP for OpenStack\n"
         ldapadd -c -x -H ldap://localhost -D dc=Manager,dc=openstack,dc=org -w $LDAP_PASSWORD -f  $FILES/ldap/openstack.ldif
     fi
 }
 
 # start_ldap() - Start LDAP
 function start_ldap() {
     sudo service slapd restart
 }
 
 
 # stop_ldap() - Stop LDAP
 function stop_ldap() {
     sudo service slapd stop
 }
 
 # clear_ldap_state() - Clear LDAP State
 function clear_ldap_state() {
     ldapdelete -x -w $LDAP_PASSWORD -H ldap://localhost -D dc=Manager,dc=openstack,dc=org -x -r "dc=openstack,dc=org"
 }
 
 # Restore xtrace
 $XTRACE
584d90ec 
 
 # Local variables:
 # mode: shell-script
 # End: