Re: (ITS#6960) Out of memory erro occurs when running LDAP
by hyc@symas.com
ArunPrasathSevugan(a)oracle.com wrote:
> Full_Name: Arun Prasath
> Version: 3
> OS: Window Xp
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (220.225.129.57)
>
>
> Hi,
>
> We have a tool integrated with LDAP to load all the users in Cognos reporting.
> There are about 5000+ users and while running LDAPCONFIG we have been getting
> out of memory exception issue.
>
> In the task manage I could see the LDAP is using memory of around 3 GB and
> finally errors out.
>
> Please help us to load the 5000+ users.
It doesn't sound like you're using OpenLDAP. We have no LDAPCONFIG to run and
we have no "Version 3" of our software. Please try contacting the actual
vendor of your LDAP software. Closing this ITS.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
12 years, 6 months
Re: (ITS#6864) delta-sync - contextCSN not updating on provider
by hyc@symas.com
yuribank(a)gmail.com wrote:
> Full_Name: Yuri Bank
> Version: 2.4.23-24
> OS: Linux Ubuntu 10.10
> URL: http://yuri.easytospell.net/consumer.provider.txt
> Submission from: (NULL) (67.180.182.165)
>
>
> This issue exists in both versions 2.4.23 and 2.4.24
>
> I've found an interesting problem with delta-sync replication in which the
> ContextCSN on my consumers is higher than the contextCSN on my provider. This is
> because the Provider does not properly update its contextCSN for its base suffix
> (dc=test,dc=com) when changes are made to group membership. Of couse, if it so
> happens that the last change in my database was not a group membership change,
> then the contextCSNs will be consistent between my consumers and provider.
Sounds like this bug was introduced by patches for ITS#6766 or #6329. Both of
those patches have been reverted for ITS#6915. This bug should be fixed in the
current git HEAD.
>
>
> I use the following command to check the ContextCSN on each consumer:
>
> Consumer: 1
> root@neteng1.oak:/etc/ldap# ldapsearch -Y EXTERNAL -H ldapi:/// -s base -b
> "dc=test,dc=com" contextCSN dn: dc=test,dc=com
> dn: dc=test,dc=com
> contextCSN: 20110313041653.752098Z#000000#000#000000
>
> Consumer: 2
> ybank@neteng1.iad:~$ ldapsearch -Y EXTERNAL -H ldapi:/// -s base -b
> "dc=test,dc=com" contextCSN dn: dc=test,dc=com
> dn: dc=test,dc=com
> contextCSN: 20110313041653.752098Z#000000#000#000000
>
> So we can see that the two consumers have matching contextCSNs:
> ContextCSN. 20110313041653.752098Z#000000#000#000000
>
> Lets check the Provider now.
>
> Provider:
> root@neteng0.iad:~# ldapsearch -Y EXTERNAL -H ldapi:/// -s base -b
> "dc=test,dc=com" ContextCSN dn: dc=test,dc=com
> dn: dc=test,dc=com
> contextCSN: 20110313041653.709140Z#000000#000#000000
>
> The providers CSN is smaller!?
>
> Lets take a closer look and search cn=accesslog
>
> These are the last two entries: ( first the user was added, and then the user
> was added to a group)
>
> # 20110313041653.000003Z, accesslog
> dn: reqStart=20110313041653.000003Z,cn=accesslog
> objectClass: auditAdd
> reqStart: 20110313041653.000003Z
> reqEnd: 20110313041653.000004Z
> reqType: add
> reqSession: 34633
> reqAuthzID: cn=admin,dc=test,dc=com
> reqDN: cn=Bank\2C Yuri(banky),o=UserAccounts,dc=test,dc=com
> reqResult: 0
> reqMod: sn:+ Bank
> reqMod: userPassword:+ {SASL}banky
> reqMod: uid:+ banky
> reqMod: objectClass:+ top
> reqMod: objectClass:+ person
> reqMod: objectClass:+ shadowAccount
> reqMod: structuralObjectClass:+ person
> reqMod: cn:+ Bank, Yuri(banky)
> reqMod: entryUUID:+ 78a75ef6-e174-102f-9571-ffecbfef68e5
> reqMod: creatorsName:+ cn=admin,dc=test,dc=com
> reqMod: createTimestamp:+ 20110313041653Z
> reqMod: entryCSN:+ 20110313041653.709140Z#000000#000#000000
> reqMod: modifiersName:+ cn=admin,dc=test,dc=com
> reqMod: modifyTimestamp:+ 20110313041653Z
>
> # 20110313041653.000006Z, accesslog
> dn: reqStart=20110313041653.000006Z,cn=accesslog
> objectClass: auditModify
> reqStart: 20110313041653.000006Z
> reqEnd: 20110313041653.000007Z
> reqType: modify
> reqSession: 34633
> reqAuthzID: cn=admin,dc=test,dc=com
> reqDN: cn=SSLVPN,o=Groups,dc=test,dc=com
> reqResult: 0
> reqMod: member:+ cn=Bank\2C Yuri(banky),o=UserAccounts,dc=test,dc=com
> reqMod: entryCSN:= 20110313041653.752098Z#000000#000#000000
> reqMod: modifiersName:= cn=admin,dc=test,dc=com
> reqMod: modifyTimestamp:= 20110313041653Z
>
> You can see that the consumers have the latest entryCSN (20110313041653.752098Z)
> as their contextCSN, but the provider has the entryCSN (20110313041653.709140Z)
> before that as its contextCSN:
>
> If I search the contextCSN on -s base -b cn=accesslog it yields correctly, the
> same result as the consumers:
> 20110313041653.752098Z#000000#000#000000
>
>
> As you can see, the provider is not using the latest entryCSN as its ContextCSN,
> where as the consumer nodes are. Also notice that the last modification was to
> group membership. This problem only seems to exist when Adding/Removing users
> from a group.
>
> A side effect of this issue causes brand new consumers to get stuck in an
> infinite loop while syncing for the first time.
>
> A work around is to make a random change to a User/Person, such as injecting a
> random number into their description field AFTER making a change to a group
> membership. Such a change will: A. cause the Provider to correctly update its
> contextCSN, B. provider and all consumer[s] will have the same contextCSN C.
> brand new consumers can be added without getting stuck in an infinite loop when
> syncing the database. ( they seem to get stuck on the last entry which makes
> sense if the last entry has a higher entryCSN than that of the Providers
> contextCSN? )
>
> Confgiuration: ( See URL )
> http://yuri.easytospell.net/consumer.provider.txt
>
> Overlays:
> syncprov
> accesslog
> memberof
>
>
> Please feel free to email me about reproducing this problem. I have a lab with
> various configurations and would be happy to give access to anyone interested.
>
> - Yuri Bank
>
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
12 years, 6 months
Re: (ITS#6962) Download down?
by h.b.furuseth@usit.uio.no
demian.djrn(a)gmail.com writes:
> all mirrors are down, i can't download the program.
The mirror list needs to be updated. These are down or obsolete:
Costa Rica: No /openldap directory.
Italy: Unknown host it.openldap.org.
Korea: No route to host ftp.holywar.net; TTL exceeded.
Portugal: Last update was in 2008.
The others work for me.
--
Hallvard
12 years, 6 months
Re: (ITS#6883) Improved Makefiles for contrib modules
by bgmilne@staff.telkomsa.net
--Boundary-00=_50J6N9eQwpy3uQe
Content-Type: Text/Plain;
charset="iso-8859-15"
Content-Transfer-Encoding: 7bit
On Tuesday, 29 March 2011 21:20:53 quanah(a)zimbra.com wrote:
> --On Tuesday, March 29, 2011 3:25 PM +0000 bgmilne(a)staff.telkomsa.net wrote:
> > Full_Name: Buchan Milne
> > Version: 2.4.25
> > OS: Linux
> > URL: ftp://ftp.openldap.org/incoming/
> > Submission from: (NULL) (196.25.124.16)
> >
> >
> > While the code in contrib is not supported, some overlays provide make
> > files, some don't, and there were variations in a lot of the make files
> > (e.g. use of DESTDIR or not).
> >
> > In order to add make files for overlays that don't have them, improve the
> > consistency of the make files between overlays that had them, and to
> > provide some basic sanity testing in a 'test' target, I have created the
> > patch at:
> > http://svn.mandriva.com/cgi-bin/viewvc.cgi/packages/cooker/openldap/curre
> > nt/SOURCES/openldap-2.4.25-contrib-makefiles-with-tests.patch?revision=64
> > 8744&view=markup
> >
> > The patch is against 2.4.25, but should apply to master (except that
> > there two additional overlays are present in master). Where feasible I
> > have retained the majority of an existing make file, in other cases,
> > where modifications would exceed the original content, I have replaced
> > existing make files wholesale.
> >
> > The attached patch file is derived from OpenLDAP Software. All of the
> > modifications to OpenLDAP Software represented in the following patch(es)
> > were developed by Buchan Milne (bgmilne(a)staff.telkomsa.net). I have not
> > assigned rights and/or interest in this work to any party.
>
> Hi Buchan,
>
> Can you make the patch available via git-format-patch?
Please find it attached.
Regards,
Buchan
--Boundary-00=_50J6N9eQwpy3uQe
Content-Type: text/x-patch;
charset="UTF-8";
name="0001-Fix-contrib-Makefiles-to-use-libtool-and-be-consiste.patch"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
filename="0001-Fix-contrib-Makefiles-to-use-libtool-and-be-consiste.patch"
=46rom 168ed0544cfd529c8bdff1e5366c1bc60477b1cb Mon Sep 17 00:00:00 2001
=46rom: Buchan Milne <bgmilne(a)staff.telkomsa.net>
Date: Fri, 3 Jun 2011 10:18:39 +0200
Subject: [PATCH] Fix contrib Makefiles to use libtool and be consistent (IT=
S#6883)
This makes existing Makefiles provided with contrib modules more
consistent, using libtool for compiling and linking. A trivial
test target has also been added, which tests that the module can
be loaded. Existing Makefiles were consulted, but were mainly copied
from the first working/tested Makefile. As such, any pre-existing
copyright notices have been replaced.
Makefiles are also provided for all the contrib modules that did not
have Makefiles.
=2D--
contrib/slapd-modules/acl/Makefile | 48 +++++++++++++++
contrib/slapd-modules/addpartial/Makefile | 50 ++++++++++++++---
contrib/slapd-modules/allop/Makefile | 47 +++++++++++++++
contrib/slapd-modules/allowed/Makefile | 58 ++++++++++---------
contrib/slapd-modules/autogroup/Makefile | 36 +++++++++---
contrib/slapd-modules/cloak/Makefile | 43 ++++++++++++--
contrib/slapd-modules/denyop/Makefile | 48 +++++++++++++++
contrib/slapd-modules/dsaschema/Makefile | 47 +++++++++++++++
contrib/slapd-modules/dupent/Makefile | 58 +++++++++----------
contrib/slapd-modules/kinit/Makefile | 47 +++++++++++++++
contrib/slapd-modules/lastbind/Makefile | 32 +++++++---
contrib/slapd-modules/lastmod/Makefile | 48 +++++++++++++++
contrib/slapd-modules/noopsrch/Makefile | 58 +++++++++----------
contrib/slapd-modules/nops/Makefile | 47 ++++++++++++----
contrib/slapd-modules/nssov/Makefile | 13 ++++-
contrib/slapd-modules/passwd/Makefile | 86 +++++++++++++++---------=
=2D---
contrib/slapd-modules/passwd/sha2/Makefile | 48 +++++++++++++---
contrib/slapd-modules/trace/Makefile | 48 +++++++++++++++
18 files changed, 680 insertions(+), 182 deletions(-)
create mode 100644 contrib/slapd-modules/acl/Makefile
create mode 100644 contrib/slapd-modules/allop/Makefile
create mode 100644 contrib/slapd-modules/denyop/Makefile
create mode 100644 contrib/slapd-modules/dsaschema/Makefile
create mode 100644 contrib/slapd-modules/kinit/Makefile
create mode 100644 contrib/slapd-modules/lastmod/Makefile
create mode 100644 contrib/slapd-modules/trace/Makefile
diff --git a/contrib/slapd-modules/acl/Makefile b/contrib/slapd-modules/acl=
/Makefile
new file mode 100644
index 0000000..9f48c0d
=2D-- /dev/null
+++ b/contrib/slapd-modules/acl/Makefile
@@ -0,0 +1,48 @@
+# $OpenLDAP$
+# Copyright 2011 Buchan Milne <bgmilne(a)staff.telkomsa.net>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted only as authorized by the OpenLDAP
+# Public License.
+#
+# A copy of this license is available in the file LICENSE in the
+# top-level directory of the distribution or, alternatively, at
+# <http://www.OpenLDAP.org/license.html>.
+
+CPPFLAGS+=3D-I../../../include -I../../../servers/slapd=20
+CPPFLAGS+=3D-DSLAPD_OVER_ACL=3DSLAPD_MOD_DYNAMIC
+LIBTOOL=3D../../../libtool
+
+ldap_subdir =3D openldap
+prefix=3D/usr/local
+exec_prefix =3D $(prefix)
+libdir =3D $(exec_prefix)/lib
+libexecdir =3D $(exec_prefix)/libexec
+moduledir =3D $(exec_prefix)/libexec/$(ldap_subdir)
+slapd=3D../../../servers/slapd/slapd
+
+all: posixgroup.la
+
+%.lo: %.c
+ $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $<
+
+%.la: %.lo
+ $(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
+ -rpath $(moduledir) -module -o $@ $<
+
+clean:
+ rm -rf *.lo *.la *.o .libs/
+
+install: posixgroup.la
+ mkdir -p $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --mode=3Dinstall cp $? $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --finish $(DESTDIR)$(moduledir)
+
+test: posixgroup.la
+ @for i in $?;do \
+ echo "Testing loading module $$i"; \
+ echo "modulepath ." > test-slapd.conf; \
+ echo "moduleload $$i" >> test-slapd.conf; \
+ $(slapd) -T test -f test-slapd.conf && rm -f test-slapd.conf; \
+ done
diff --git a/contrib/slapd-modules/addpartial/Makefile b/contrib/slapd-modu=
les/addpartial/Makefile
index 3b68815..2f1fd31 100644
=2D-- a/contrib/slapd-modules/addpartial/Makefile
+++ b/contrib/slapd-modules/addpartial/Makefile
@@ -1,13 +1,47 @@
# $OpenLDAP$
=2DOPENLDAP_SRC=3D../../..
=2DOPENLDAP_BLD=3D../../..
=2DCPPFLAGS+=3D-I${OPENLDAP_SRC}/include -I${OPENLDAP_SRC}/servers/slapd -I=
${OPENLDAP_BLD}/include
=2DCC=3Dgcc
+# Copyright 2011 Buchan Milne <bgmilne(a)staff.telkomsa.net>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted only as authorized by the OpenLDAP
+# Public License.
+#
+# A copy of this license is available in the file LICENSE in the
+# top-level directory of the distribution or, alternatively, at
+# <http://www.OpenLDAP.org/license.html>.
=20
=2Dall: addpartial-overlay.so
+CPPFLAGS+=3D-I../../../include -I../../../servers/slapd=20
+LIBTOOL=3D../../../libtool
=20
=2Daddpartial-overlay.so: addpartial-overlay.c
=2D $(CC) -shared $(CPPFLAGS) $(LDFLAGS) -Wall -o $@ $?
+ldap_subdir =3D openldap
+prefix=3D/usr/local
+exec_prefix =3D $(prefix)
+libdir =3D $(exec_prefix)/lib
+libexecdir =3D $(exec_prefix)/libexec
+moduledir =3D $(exec_prefix)/libexec/$(ldap_subdir)
+slapd=3D../../../servers/slapd/slapd
+
+all: addpartial.la
+
+%.lo: addpartial-overlay.c
+ $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $< -o addpartial.lo
+
+%.la: %.lo
+ $(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
+ -rpath $(moduledir) -module -o $@ $<
=20
clean:
=2D rm addpartial-overlay.so
+ rm -rf *.lo *.la *.o .libs/
+
+install: addpartial.la
+ mkdir -p $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --mode=3Dinstall cp $? $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --finish $(DESTDIR)$(moduledir)
+
+test: addpartial.la
+ @for i in $?;do \
+ echo "Testing loading module $$i"; \
+ echo "modulepath ." > test-slapd.conf; \
+ echo "moduleload $$i" >> test-slapd.conf; \
+ $(slapd) -T test -f test-slapd.conf && rm -f test-slapd.conf; \
+ done
diff --git a/contrib/slapd-modules/allop/Makefile b/contrib/slapd-modules/a=
llop/Makefile
new file mode 100644
index 0000000..a995e61
=2D-- /dev/null
+++ b/contrib/slapd-modules/allop/Makefile
@@ -0,0 +1,47 @@
+# $OpenLDAP$
+# Copyright 2011 Buchan Milne <bgmilne(a)staff.telkomsa.net>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted only as authorized by the OpenLDAP
+# Public License.
+#
+# A copy of this license is available in the file LICENSE in the
+# top-level directory of the distribution or, alternatively, at
+# <http://www.OpenLDAP.org/license.html>.
+
+CPPFLAGS+=3D-I../../../include -I../../../servers/slapd=20
+LIBTOOL=3D../../../libtool
+
+ldap_subdir =3D openldap
+prefix=3D/usr/local
+exec_prefix =3D $(prefix)
+libdir =3D $(exec_prefix)/lib
+libexecdir =3D $(exec_prefix)/libexec
+moduledir =3D $(exec_prefix)/libexec/$(ldap_subdir)
+slapd=3D../../../servers/slapd/slapd
+
+all: allop.la
+
+%.lo: %.c
+ $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $<
+
+%.la: %.lo
+ $(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
+ -rpath $(moduledir) -module -o $@ $<
+
+clean:
+ rm -rf *.lo *.la *.o .libs/
+
+install: allop.la
+ mkdir -p $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --mode=3Dinstall cp $? $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --finish $(DESTDIR)$(moduledir)
+
+test: allop.la
+ @for i in $?;do \
+ echo "Testing loading module $$i"; \
+ echo "modulepath ." > test-slapd.conf; \
+ echo "moduleload $$i" >> test-slapd.conf; \
+ $(slapd) -T test -f test-slapd.conf && rm -f test-slapd.conf; \
+ done
diff --git a/contrib/slapd-modules/allowed/Makefile b/contrib/slapd-modules=
/allowed/Makefile
index 8f5be91..75e63c1 100644
=2D-- a/contrib/slapd-modules/allowed/Makefile
+++ b/contrib/slapd-modules/allowed/Makefile
@@ -1,8 +1,6 @@
=2D# $OpenLDAP$
=2D# This work is part of OpenLDAP Software <http://www.openldap.org/>.
=2D#
=2D# Copyright 1998-2011 The OpenLDAP Foundation.
=2D# Copyright 2004 Howard Chu, Symas Corp. All Rights Reserved.
+# $$
+# Copyright 2011 Buchan Milne <bgmilne(a)staff.telkomsa.net>
+# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted only as authorized by the OpenLDAP
@@ -12,35 +10,39 @@
# top-level directory of the distribution or, alternatively, at
# <http://www.OpenLDAP.org/license.html>.
=20
=2DPREFIX=3D/opt/openldap-HEAD
=2D
+CPPFLAGS+=3D-I../../../include -I../../../servers/slapd=20
+CPPFLAGS+=3D-DSLAPD_OVER_ALLOWED=3DSLAPD_MOD_DYNAMIC
LIBTOOL=3D../../../libtool
=2DOPT=3D-g -O2
=2DCC=3Dgcc
=2D
=2DDEFS=3D-DSLAPD_OVER_ALLOWED=3DSLAPD_MOD_DYNAMIC
=2D
=2DLDAP_INC=3D-I../../../include -I../../../servers/slapd
=2DINCS=3D$(LDAP_INC)
=2D
=2DLDAP_LIB=3D-lldap_r -llber -L../../../lib
=2DLDAP_LIB=3D
=2DLIBS=3D$(LDAP_LIB)
=20
=2Dall: allowed.la
+ldap_subdir =3D openldap
+prefix=3D/usr/local
+exec_prefix =3D $(prefix)
+libdir =3D $(exec_prefix)/lib
+libexecdir =3D $(exec_prefix)/libexec
+moduledir =3D $(exec_prefix)/libexec/$(ldap_subdir)
+slapd=3D../../../servers/slapd/slapd
=20
+all: allowed.la
=20
=2Dallowed.lo: allowed.c
=2D $(LIBTOOL) --mode=3Dcompile $(CC) $(OPT) $(DEFS) $(INCS) -c $?
+%.lo: %.c
+ $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $<
=20
=2Dallowed.la: allowed.lo
=2D $(LIBTOOL) --mode=3Dlink $(CC) $(OPT) -version-info 0:0:0 \
=2D -rpath $(PREFIX)/lib -module -o $@ $? $(LIBS)
+%.la: %.lo
+ $(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
+ -rpath $(moduledir) -module -o $@ $<
=20
clean:
=2D rm -f allowed.o allowed.lo allowed.la
+ rm -rf *.lo *.la *.o .libs/
=20
install: allowed.la
=2D mkdir -p $(PREFIX)/libexec/openldap
=2D $(LIBTOOL) --mode=3Dinstall cp allowed.la $(PREFIX)/libexec/openldap
=2D $(LIBTOOL) --finish $(PREFIX)/libexec/openldap
+ mkdir -p $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --mode=3Dinstall cp $? $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --finish $(DESTDIR)$(moduledir)
+
+test: allowed.la
+ @for i in $?;do \
+ echo "Testing loading module $$i"; \
+ echo "modulepath ." > test-slapd.conf; \
+ echo "moduleload $$i" >> test-slapd.conf; \
+ $(slapd) -T test -f test-slapd.conf && rm -f test-slapd.conf; \
+ done
diff --git a/contrib/slapd-modules/autogroup/Makefile b/contrib/slapd-modul=
es/autogroup/Makefile
index 70146ac..4438cbf 100644
=2D-- a/contrib/slapd-modules/autogroup/Makefile
+++ b/contrib/slapd-modules/autogroup/Makefile
@@ -1,6 +1,17 @@
=2DLIBTOOL=3D../../../libtool
+# $OpenLDAP$
+# Copyright 2011 Buchan Milne <bgmilne(a)staff.telkomsa.net>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted only as authorized by the OpenLDAP
+# Public License.
+#
+# A copy of this license is available in the file LICENSE in the
+# top-level directory of the distribution or, alternatively, at
+# <http://www.OpenLDAP.org/license.html>.
=20
=2DCPPFLAGS+=3D-I../../../include -I../../../servers/slapd
+CPPFLAGS+=3D-I../../../include -I../../../servers/slapd=20
+LIBTOOL=3D../../../libtool
=20
ldap_subdir =3D openldap
prefix=3D/usr/local
@@ -8,20 +19,29 @@ exec_prefix =3D $(prefix)
libdir =3D $(exec_prefix)/lib
libexecdir =3D $(exec_prefix)/libexec
moduledir =3D $(exec_prefix)/libexec/$(ldap_subdir)
+slapd=3D../../../servers/slapd/slapd
=20
all: autogroup.la
=20
=2Dautogroup.lo: autogroup.c
=2D $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $?
+%.lo: %.c
+ $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $<
=20
=2Dautogroup.la: autogroup.lo
+%.la: %.lo
$(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
=2D -rpath $(libdir) -module -o $@ $?=20
+ -rpath $(moduledir) -module -o $@ $<
=20
clean:
=2D rm -f autogroup.lo autogroup.la
+ rm -rf *.lo *.la *.o .libs/
=20
install: autogroup.la
mkdir -p $(DESTDIR)$(moduledir)
=2D $(LIBTOOL) --mode=3Dinstall cp autogroup.la $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --mode=3Dinstall cp $? $(DESTDIR)$(moduledir)
$(LIBTOOL) --finish $(DESTDIR)$(moduledir)
+
+test: autogroup.la
+ @for i in $?;do \
+ echo "Testing loading module $$i"; \
+ echo "modulepath ." > test-slapd.conf; \
+ echo "moduleload $$i" >> test-slapd.conf; \
+ $(slapd) -T test -f test-slapd.conf && rm -f test-slapd.conf; \
+ done
diff --git a/contrib/slapd-modules/cloak/Makefile b/contrib/slapd-modules/c=
loak/Makefile
index 4562fcb..d92ff8b 100644
=2D-- a/contrib/slapd-modules/cloak/Makefile
+++ b/contrib/slapd-modules/cloak/Makefile
@@ -1,17 +1,48 @@
# $OpenLDAP$
+# Copyright 2011 Buchan Milne <bgmilne(a)staff.telkomsa.net>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted only as authorized by the OpenLDAP
+# Public License.
+#
+# A copy of this license is available in the file LICENSE in the
+# top-level directory of the distribution or, alternatively, at
+# <http://www.OpenLDAP.org/license.html>.
+
CPPFLAGS+=3D-I../../../include -I../../../servers/slapd=20
CPPFLAGS+=3D-DSLAPD_OVER_CLOAK=3DSLAPD_MOD_DYNAMIC
=2DLIBS=3D-lldap_r -llber -lcrypto
LIBTOOL=3D../../../libtool
=20
+ldap_subdir =3D openldap
+prefix=3D/usr/local
+exec_prefix =3D $(prefix)
+libdir =3D $(exec_prefix)/lib
+libexecdir =3D $(exec_prefix)/libexec
+moduledir =3D $(exec_prefix)/libexec/$(ldap_subdir)
+slapd=3D../../../servers/slapd/slapd
+
all: cloak.la
=20
=2Dcloak.lo: cloak.c
=2D $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -c $?
+%.lo: %.c
+ $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $<
=20
=2Dcloak.la: cloak.lo
+%.la: %.lo
$(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
=2D -rpath $(PREFIX)/lib -module -o $@ $? $(LIBS)
+ -rpath $(moduledir) -module -o $@ $<
=20
clean:
=2D rm cloak.lo cloak.la
+ rm -rf *.lo *.la *.o .libs/
+
+install: cloak.la
+ mkdir -p $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --mode=3Dinstall cp $? $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --finish $(DESTDIR)$(moduledir)
+
+test: cloak.la
+ @for i in $?;do \
+ echo "Testing loading module $$i"; \
+ echo "modulepath ." > test-slapd.conf; \
+ echo "moduleload $$i" >> test-slapd.conf; \
+ $(slapd) -T test -f test-slapd.conf && rm -f test-slapd.conf; \
+ done
diff --git a/contrib/slapd-modules/denyop/Makefile b/contrib/slapd-modules/=
denyop/Makefile
new file mode 100644
index 0000000..711eee7
=2D-- /dev/null
+++ b/contrib/slapd-modules/denyop/Makefile
@@ -0,0 +1,48 @@
+# $OpenLDAP$
+# Copyright 2011 Buchan Milne <bgmilne(a)staff.telkomsa.net>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted only as authorized by the OpenLDAP
+# Public License.
+#
+# A copy of this license is available in the file LICENSE in the
+# top-level directory of the distribution or, alternatively, at
+# <http://www.OpenLDAP.org/license.html>.
+
+CPPFLAGS+=3D-I../../../include -I../../../servers/slapd=20
+CPPFLAGS+=3D-DSLAPD_OVER_DENYOP=3DSLAPD_MOD_DYNAMIC
+LIBTOOL=3D../../../libtool
+
+ldap_subdir =3D openldap
+prefix=3D/usr/local
+exec_prefix =3D $(prefix)
+libdir =3D $(exec_prefix)/lib
+libexecdir =3D $(exec_prefix)/libexec
+moduledir =3D $(exec_prefix)/libexec/$(ldap_subdir)
+slapd=3D../../../servers/slapd/slapd
+
+all: denyop.la
+
+%.lo: %.c
+ $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $<
+
+%.la: %.lo
+ $(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
+ -rpath $(moduledir) -module -o $@ $<
+
+clean:
+ rm -rf *.lo *.la *.o .libs/
+
+install: denyop.la
+ mkdir -p $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --mode=3Dinstall cp $? $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --finish $(DESTDIR)$(moduledir)
+
+test: denyop.la
+ @for i in $?;do \
+ echo "Testing loading module $$i"; \
+ echo "modulepath ." > test-slapd.conf; \
+ echo "moduleload $$i" >> test-slapd.conf; \
+ $(slapd) -T test -f test-slapd.conf && rm -f test-slapd.conf; \
+ done
diff --git a/contrib/slapd-modules/dsaschema/Makefile b/contrib/slapd-modul=
es/dsaschema/Makefile
new file mode 100644
index 0000000..90f711e
=2D-- /dev/null
+++ b/contrib/slapd-modules/dsaschema/Makefile
@@ -0,0 +1,47 @@
+# $OpenLDAP$
+# Copyright 2011 Buchan Milne <bgmilne(a)staff.telkomsa.net>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted only as authorized by the OpenLDAP
+# Public License.
+#
+# A copy of this license is available in the file LICENSE in the
+# top-level directory of the distribution or, alternatively, at
+# <http://www.OpenLDAP.org/license.html>.
+
+CPPFLAGS+=3D-I../../../include -I../../../servers/slapd=20
+LIBTOOL=3D../../../libtool
+
+ldap_subdir =3D openldap
+prefix=3D/usr/local
+exec_prefix =3D $(prefix)
+libdir =3D $(exec_prefix)/lib
+libexecdir =3D $(exec_prefix)/libexec
+moduledir =3D $(exec_prefix)/libexec/$(ldap_subdir)
+slapd=3D../../../servers/slapd/slapd
+
+all: dsaschema.la
+
+%.lo: %.c
+ $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $<
+
+%.la: %.lo
+ $(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
+ -rpath $(moduledir) -module -o $@ $<
+
+clean:
+ rm -rf *.lo *.la *.o .libs/
+
+install: dsaschema.la
+ mkdir -p $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --mode=3Dinstall cp $? $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --finish $(DESTDIR)$(moduledir)
+
+test: dsaschema.la
+ @for i in $?;do \
+ echo "Testing loading module $$i"; \
+ echo "modulepath ." > test-slapd.conf; \
+ echo "moduleload $$i" >> test-slapd.conf; \
+ $(slapd) -T test -f test-slapd.conf && rm -f test-slapd.conf; \
+ done
diff --git a/contrib/slapd-modules/dupent/Makefile b/contrib/slapd-modules/=
dupent/Makefile
index 54a69ce..c1e8997 100644
=2D-- a/contrib/slapd-modules/dupent/Makefile
+++ b/contrib/slapd-modules/dupent/Makefile
@@ -1,8 +1,6 @@
# $OpenLDAP$
=2D# This work is part of OpenLDAP Software <http://www.openldap.org/>.
=2D#
=2D# Copyright 1998-2011 The OpenLDAP Foundation.
=2D# Copyright 2004 Howard Chu, Symas Corp. All Rights Reserved.
+# Copyright 2011 Buchan Milne <bgmilne(a)staff.telkomsa.net>
+# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted only as authorized by the OpenLDAP
@@ -12,41 +10,39 @@
# top-level directory of the distribution or, alternatively, at
# <http://www.OpenLDAP.org/license.html>.
=20
+CPPFLAGS+=3D-I../../../include -I../../../servers/slapd=20
+CPPFLAGS+=3D-DSLAPD_OVER_DUPENT=3DSLAPD_MOD_DYNAMIC -g -O2
LIBTOOL=3D../../../libtool
=2DOPT=3D-DSLAPD_OVER_DUPENT=3D2 -g -O2
=2D#LIBTOOL=3D../../../../ldap-devel/libtool
=2D#OPT=3D-DSLAPD_OVER_DUPENT=3D2 -g -O0
=2DCC=3Dgcc
=2D
=2DLDAP_INC=3D-I../../../include -I../../../servers/slapd
=2D#LDAP_INC=3D-I../../../include -I../../../servers/slapd -I../../../../ld=
ap-devel/include
=2DINCS=3D$(LDAP_INC)
=2D
=2DLDAP_LIB=3D-lldap_r -llber
=2DLIBS=3D$(LDAP_LIB)
=20
+ldap_subdir =3D openldap
prefix=3D/usr/local
=2Dexec_prefix=3D$(prefix)
=2Dldap_subdir=3D/openldap
+exec_prefix =3D $(prefix)
+libdir =3D $(exec_prefix)/lib
+libexecdir =3D $(exec_prefix)/libexec
+moduledir =3D $(exec_prefix)/libexec/$(ldap_subdir)
+slapd=3D../../../servers/slapd/slapd
=20
=2Dlibdir=3D$(exec_prefix)/lib
=2Dlibexecdir=3D$(exec_prefix)/libexec
=2Dmoduledir =3D $(libexecdir)$(ldap_subdir)
+all: dupent.la
=20
=2Dall: dupent.la
+%.lo: %.c
+ $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $<
=20
=2D
=2Ddupent.lo: dupent.c
=2D $(LIBTOOL) --mode=3Dcompile $(CC) $(OPT) $(DEFS) $(INCS) -c $?
=2D
=2Ddupent.la: dupent.lo
=2D $(LIBTOOL) --mode=3Dlink $(CC) $(OPT) -version-info 0:0:0 \
=2D -rpath $(moduledir) -module -o $@ $? $(LIBS)
+%.la: %.lo
+ $(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
+ -rpath $(moduledir) -module -o $@ $<
=20
clean:
=2D rm -f dupent.lo dupent.la
+ rm -rf *.lo *.la *.o .libs/
=20
install: dupent.la
mkdir -p $(DESTDIR)$(moduledir)
=2D $(LIBTOOL) --mode=3Dinstall cp dupent.la $(DESTDIR)$(moduledir)
=2D
+ $(LIBTOOL) --mode=3Dinstall cp $? $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --finish $(DESTDIR)$(moduledir)
+
+test: dupent.la
+ @for i in $?;do \
+ echo "Testing loading module $$i"; \
+ echo "modulepath ." > test-slapd.conf; \
+ echo "moduleload $$i" >> test-slapd.conf; \
+ $(slapd) -T test -f test-slapd.conf && rm -f test-slapd.conf; \
+ done
diff --git a/contrib/slapd-modules/kinit/Makefile b/contrib/slapd-modules/k=
init/Makefile
new file mode 100644
index 0000000..750c7b9
=2D-- /dev/null
+++ b/contrib/slapd-modules/kinit/Makefile
@@ -0,0 +1,47 @@
+# $OpenLDAP$
+# Copyright 2011 Buchan Milne <bgmilne(a)staff.telkomsa.net>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted only as authorized by the OpenLDAP
+# Public License.
+#
+# A copy of this license is available in the file LICENSE in the
+# top-level directory of the distribution or, alternatively, at
+# <http://www.OpenLDAP.org/license.html>.
+
+CPPFLAGS+=3D-I../../../include -I../../../servers/slapd=20
+LIBTOOL=3D../../../libtool
+
+ldap_subdir =3D openldap
+prefix=3D/usr/local
+exec_prefix =3D $(prefix)
+libdir =3D $(exec_prefix)/lib
+libexecdir =3D $(exec_prefix)/libexec
+moduledir =3D $(exec_prefix)/libexec/$(ldap_subdir)
+slapd=3D../../../servers/slapd/slapd
+
+all: kinit.la
+
+%.lo: %.c
+ $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $<
+
+%.la: %.lo
+ $(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
+ -rpath $(moduledir) -module -o $@ $< -lkrb5
+
+clean:
+ rm -rf *.lo *.la *.o .libs/
+
+install: kinit.la
+ mkdir -p $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --mode=3Dinstall cp $? $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --finish $(DESTDIR)$(moduledir)
+
+test: kinit.la
+ @for i in $?;do \
+ echo "Testing loading module $$i"; \
+ echo "modulepath ." > test-slapd.conf; \
+ echo "moduleload $$i" >> test-slapd.conf; \
+ $(slapd) -T test -f test-slapd.conf && rm -f test-slapd.conf; \
+ done
diff --git a/contrib/slapd-modules/lastbind/Makefile b/contrib/slapd-module=
s/lastbind/Makefile
index ecc9ed1..643b0c1 100644
=2D-- a/contrib/slapd-modules/lastbind/Makefile
+++ b/contrib/slapd-modules/lastbind/Makefile
@@ -1,5 +1,5 @@
# $OpenLDAP$
=2D# Copyright 2009 Jonathan Clarke <jonathan(a)phillipoux.net>.
+# Copyright 2011 Buchan Milne <bgmilne(a)staff.telkomsa.net>
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
@@ -12,23 +12,37 @@
=20
CPPFLAGS+=3D-I../../../include -I../../../servers/slapd=20
CPPFLAGS+=3D-DSLAPD_OVER_LASTBIND=3DSLAPD_MOD_DYNAMIC
=2D#LIBTOOL=3Dlibtool
LIBTOOL=3D../../../libtool
=20
+ldap_subdir =3D openldap
prefix=3D/usr/local
+exec_prefix =3D $(prefix)
+libdir =3D $(exec_prefix)/lib
+libexecdir =3D $(exec_prefix)/libexec
+moduledir =3D $(exec_prefix)/libexec/$(ldap_subdir)
+slapd=3D../../../servers/slapd/slapd
=20
all: lastbind.la
=20
=2Dlastbind.lo: lastbind.c
=2D $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $?
+%.lo: %.c
+ $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $<
=20
=2Dlastbind.la: lastbind.lo
+%.la: %.lo
$(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
=2D -rpath $(prefix)/lib -module -o $@ $?
+ -rpath $(moduledir) -module -o $@ $<
=20
clean:
=2D rm -rf lastbind.lo lastbind.la lastbind.o .libs/
+ rm -rf *.lo *.la *.o .libs/
=20
install: lastbind.la
=2D mkdir -p $(prefix)/libexec/openldap
=2D $(LIBTOOL) --mode=3Dinstall cp lastbind.la $(prefix)/libexec/openldap
+ mkdir -p $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --mode=3Dinstall cp $? $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --finish $(DESTDIR)$(moduledir)
+
+test: lastbind.la
+ @for i in $?;do \
+ echo "Testing loading module $$i"; \
+ echo "modulepath ." > test-slapd.conf; \
+ echo "moduleload $$i" >> test-slapd.conf; \
+ $(slapd) -T test -f test-slapd.conf && rm -f test-slapd.conf; \
+ done
diff --git a/contrib/slapd-modules/lastmod/Makefile b/contrib/slapd-modules=
/lastmod/Makefile
new file mode 100644
index 0000000..e9f0408
=2D-- /dev/null
+++ b/contrib/slapd-modules/lastmod/Makefile
@@ -0,0 +1,48 @@
+# $OpenLDAP$
+# Copyright 2011 Buchan Milne <bgmilne(a)staff.telkomsa.net>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted only as authorized by the OpenLDAP
+# Public License.
+#
+# A copy of this license is available in the file LICENSE in the
+# top-level directory of the distribution or, alternatively, at
+# <http://www.OpenLDAP.org/license.html>.
+
+CPPFLAGS+=3D-I../../../include -I../../../servers/slapd=20
+CPPFLAGS+=3D-DSLAPD_OVER_LASTMOD=3DSLAPD_MOD_DYNAMIC
+LIBTOOL=3D../../../libtool
+
+ldap_subdir =3D openldap
+prefix=3D/usr/local
+exec_prefix =3D $(prefix)
+libdir =3D $(exec_prefix)/lib
+libexecdir =3D $(exec_prefix)/libexec
+moduledir =3D $(exec_prefix)/libexec/$(ldap_subdir)
+slapd=3D../../../servers/slapd/slapd
+
+all: lastmod.la
+
+%.lo: %.c
+ $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $<
+
+%.la: %.lo
+ $(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
+ -rpath $(moduledir) -module -o $@ $<
+
+clean:
+ rm -rf *.lo *.la *.o .libs/
+
+install: lastmod.la
+ mkdir -p $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --mode=3Dinstall cp $? $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --finish $(DESTDIR)$(moduledir)
+
+test: lastmod.la
+ @for i in $?;do \
+ echo "Testing loading module $$i"; \
+ echo "modulepath ." > test-slapd.conf; \
+ echo "moduleload $$i" >> test-slapd.conf; \
+ $(slapd) -T test -f test-slapd.conf && rm -f test-slapd.conf; \
+ done
diff --git a/contrib/slapd-modules/noopsrch/Makefile b/contrib/slapd-module=
s/noopsrch/Makefile
index d90bc59..7227582 100644
=2D-- a/contrib/slapd-modules/noopsrch/Makefile
+++ b/contrib/slapd-modules/noopsrch/Makefile
@@ -1,8 +1,6 @@
# $OpenLDAP$
=2D# This work is part of OpenLDAP Software <http://www.openldap.org/>.
=2D#
=2D# Copyright 1998-2011 The OpenLDAP Foundation.
=2D# Copyright 2004 Howard Chu, Symas Corp. All Rights Reserved.
+# Copyright 2011 Buchan Milne <bgmilne(a)staff.telkomsa.net>
+# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted only as authorized by the OpenLDAP
@@ -12,41 +10,39 @@
# top-level directory of the distribution or, alternatively, at
# <http://www.OpenLDAP.org/license.html>.
=20
+CPPFLAGS+=3D-I../../../include -I../../../servers/slapd=20
+CPPFLAGS+=3D-DSLAPD_OVER_NOOPSRCH=3DSLAPD_MOD_DYNAMIC -g -O2
LIBTOOL=3D../../../libtool
=2DOPT=3D-DSLAPD_OVER_NOOPSRCH=3D2 -g -O2
=2D#LIBTOOL=3D../../../../ldap-devel/libtool
=2D#OPT=3D-DSLAPD_OVER_NOOPSRCH=3D2 -g -O0
=2DCC=3Dgcc
=2D
=2DLDAP_INC=3D-I../../../include -I../../../servers/slapd
=2D#LDAP_INC=3D-I../../../include -I../../../servers/slapd -I../../../../ld=
ap-devel/include
=2DINCS=3D$(LDAP_INC)
=2D
=2DLDAP_LIB=3D-lldap_r -llber
=2DLIBS=3D$(LDAP_LIB)
=20
+ldap_subdir =3D openldap
prefix=3D/usr/local
=2Dexec_prefix=3D$(prefix)
=2Dldap_subdir=3D/openldap
+exec_prefix =3D $(prefix)
+libdir =3D $(exec_prefix)/lib
+libexecdir =3D $(exec_prefix)/libexec
+moduledir =3D $(exec_prefix)/libexec/$(ldap_subdir)
+slapd=3D../../../servers/slapd/slapd
=20
=2Dlibdir=3D$(exec_prefix)/lib
=2Dlibexecdir=3D$(exec_prefix)/libexec
=2Dmoduledir =3D $(libexecdir)$(ldap_subdir)
+all: noopsrch.la
=20
=2Dall: noopsrch.la
+%.lo: %.c
+ $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $<
=20
=2D
=2Dnoopsrch.lo: noopsrch.c
=2D $(LIBTOOL) --mode=3Dcompile $(CC) $(OPT) $(DEFS) $(INCS) -c $?
=2D
=2Dnoopsrch.la: noopsrch.lo
=2D $(LIBTOOL) --mode=3Dlink $(CC) $(OPT) -version-info 0:0:0 \
=2D -rpath $(moduledir) -module -o $@ $? $(LIBS)
+%.la: %.lo
+ $(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
+ -rpath $(moduledir) -module -o $@ $<
=20
clean:
=2D rm -f noopsrch.lo noopsrch.la
+ rm -rf *.lo *.la *.o .libs/
=20
install: noopsrch.la
mkdir -p $(DESTDIR)$(moduledir)
=2D $(LIBTOOL) --mode=3Dinstall cp noopsrch.la $(DESTDIR)$(moduledir)
=2D
+ $(LIBTOOL) --mode=3Dinstall cp $? $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --finish $(DESTDIR)$(moduledir)
+
+test: noopsrch.la
+ @for i in $?;do \
+ echo "Testing loading module $$i"; \
+ echo "modulepath ." > test-slapd.conf; \
+ echo "moduleload $$i" >> test-slapd.conf; \
+ $(slapd) -T test -f test-slapd.conf && rm -f test-slapd.conf; \
+ done
diff --git a/contrib/slapd-modules/nops/Makefile b/contrib/slapd-modules/no=
ps/Makefile
index fce44e0..6da5cd0 100644
=2D-- a/contrib/slapd-modules/nops/Makefile
+++ b/contrib/slapd-modules/nops/Makefile
@@ -1,23 +1,48 @@
# $OpenLDAP$
+# Copyright 2011 Buchan Milne <bgmilne(a)staff.telkomsa.net>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted only as authorized by the OpenLDAP
+# Public License.
+#
+# A copy of this license is available in the file LICENSE in the
+# top-level directory of the distribution or, alternatively, at
+# <http://www.OpenLDAP.org/license.html>.
+
CPPFLAGS+=3D-I../../../include -I../../../servers/slapd=20
CPPFLAGS+=3D-DSLAPD_OVER_NOPS=3DSLAPD_MOD_DYNAMIC
=2DLIBS=3D-L$(PREFIX)/lib -lldap_r -llber -lcrypto
+LIBTOOL=3D../../../libtool
+
+ldap_subdir =3D openldap
+prefix=3D/usr/local
+exec_prefix =3D $(prefix)
+libdir =3D $(exec_prefix)/lib
+libexecdir =3D $(exec_prefix)/libexec
+moduledir =3D $(exec_prefix)/libexec/$(ldap_subdir)
+slapd=3D../../../servers/slapd/slapd
=20
all: nops.la
=20
=2Dnops.lo: nops.c
=2D $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -c $?
+%.lo: %.c
+ $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $<
=20
=2Dnops.la: nops.lo
+%.la: %.lo
$(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
=2D -rpath $(PREFIX)/lib -module -o $@ $? $(LIBS)
+ -rpath $(moduledir) -module -o $@ $<
=20
clean:
=2D rm -f nops.lo nops.la
+ rm -rf *.lo *.la *.o .libs/
=20
install: nops.la
=2D mkdir -p $(PREFIX)/lib/openldap=20
=2D mkdir -p $(PREFIX)/man/man5
=2D $(LIBTOOL) --mode=3Dinstall cp nops.la $(PREFIX)/lib/openldap
=2D $(LIBTOOL) --finish $(PREFIX)/lib
=2D cp nops.5 $(PREFIX)/man/man5
+ mkdir -p $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --mode=3Dinstall cp $? $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --finish $(DESTDIR)$(moduledir)
+
+test: nops.la
+ @for i in $?;do \
+ echo "Testing loading module $$i"; \
+ echo "modulepath ." > test-slapd.conf; \
+ echo "moduleload $$i" >> test-slapd.conf; \
+ $(slapd) -T test -f test-slapd.conf && rm -f test-slapd.conf; \
+ done
diff --git a/contrib/slapd-modules/nssov/Makefile b/contrib/slapd-modules/n=
ssov/Makefile
index 322fcdd..f1ec793 100644
=2D-- a/contrib/slapd-modules/nssov/Makefile
+++ b/contrib/slapd-modules/nssov/Makefile
@@ -28,7 +28,7 @@ NLDAPD_INC=3D-Inss-pam-ldapd
INCS=3D$(LDAP_INC) $(NLDAPD_INC)
=20
LDAP_LIB=3D-lldap_r -llber
=2DLIBS=3D$(LDAP_LIB)
+LIBS=3D-L../../../libraries/liblber -L../../../libraries/libldap_r $(LDAP_=
LIB)
=20
prefix=3D/usr/local
exec_prefix=3D$(prefix)
@@ -39,6 +39,7 @@ libexecdir=3D$(exec_prefix)/libexec
moduledir =3D $(libexecdir)$(ldap_subdir)
sysconfdir =3D $(prefix)/etc$(ldap_subdir)
schemadir =3D $(sysconfdir)/schema
+slapd=3D../../../servers/slapd/slapd
=20
all: nssov.la
=20
@@ -59,7 +60,7 @@ $(OBJS): nssov.h
=20
nssov.la: $(OBJS) $(XOBJS)
$(LIBTOOL) --mode=3Dlink $(CC) $(OPT) -version-info 0:0:0 \
=2D -rpath $(libdir) -module -o $@ $(OBJS) $(XOBJS) $(LIBS)
+ -rpath $(moduledir) -module -o $@ $(OBJS) $(XOBJS) $(LIBS)
=20
install: nssov.la
mkdir -p $(DESTDIR)$(moduledir)
@@ -69,3 +70,11 @@ install: nssov.la
clean:
rm -f *.*o *.la .libs/*
rm -rf .libs
+
+test: nssov.la
+ @for i in $?;do \
+ echo "Testing loading module $$i"; \
+ echo "modulepath ." > test-slapd.conf; \
+ echo "moduleload $$i" >> test-slapd.conf; \
+ $(slapd) -T test -f test-slapd.conf && rm -f test-slapd.conf; \
+ done
diff --git a/contrib/slapd-modules/passwd/Makefile b/contrib/slapd-modules/=
passwd/Makefile
index 1e49e6a..748b4ce 100644
=2D-- a/contrib/slapd-modules/passwd/Makefile
+++ b/contrib/slapd-modules/passwd/Makefile
@@ -1,46 +1,52 @@
# $OpenLDAP$
=2DCPPFLAGS+=3D-I../../../include -I../../../servers/slapd
=2D
=2Dall: kerberos.la netscape.la radius.la apr1.la
=2D
=2Dkerberos.lo: kerberos.c
=2D $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -DHAVE_KRB5 -Wall -c $?
=2D
=2Dkerberos.la: kerberos.lo
=2D $(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
=2D -rpath $(PREFIX)/lib -module -o $@ $? -lkrb5
=2D
=2Dnetscape.lo: netscape.c
=2D $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $?
=2D
=2Dnetscape.la: netscape.lo
+# Copyright 2011 Buchan Milne <bgmilne(a)staff.telkomsa.net>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted only as authorized by the OpenLDAP
+# Public License.
+#
+# A copy of this license is available in the file LICENSE in the
+# top-level directory of the distribution or, alternatively, at
+# <http://www.OpenLDAP.org/license.html>.
+
+CPPFLAGS+=3D-I../../../include -I../../../servers/slapd=20
+LIBTOOL=3D../../../libtool
+SUBDIRS =3D sha2
+
+ldap_subdir =3D openldap
+prefix=3D/usr/local
+exec_prefix =3D $(prefix)
+libdir =3D $(exec_prefix)/lib
+libexecdir =3D $(exec_prefix)/libexec
+moduledir =3D $(exec_prefix)/libexec/$(ldap_subdir)
+slapd=3D../../../servers/slapd/slapd
+
+all: kerberos.la netscape.la radius.la
+
+%.lo: %.c
+ $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $<
+
+kerberos.la: kerberos.lo
$(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
=2D -rpath $(PREFIX)/lib -module -o $@ $?=20
=2D
=2Dradius.lo: radius.c
=2D $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $?
=2D
=2Dradius.la: radius.lo
=2D $(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
=2D -rpath $(PREFIX)/lib -module -o $@ $? -lradius
=2D
=2Dapr1.lo: apr1.c
=2D $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $?
+ -rpath $(moduledir) -module -o $@ $< -lkrb5
=20
=2Dapr1.la: apr1.lo
+%.la: %.lo
$(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
=2D -rpath $(PREFIX)/lib -module -o $@ $?=20
+ -rpath $(moduledir) -module -o $@ $<
=20
clean:
=2D rm -f kerberos.lo kerberos.la
=2D rm -f netscape.lo netscape.la
=2D rm -f radius.lo radius.la
=2D rm -f apr1.lo apr1.la
=2D
=2Dinstall: kerberos.la netscape.la radius.la apr1.la
=2D mkdir -p $(PREFIX)/lib/openldap
=2D $(LIBTOOL) --mode=3Dinstall cp kerberos.la $(PREFIX)/lib/openldap
=2D $(LIBTOOL) --mode=3Dinstall cp netscape.la $(PREFIX)/lib/openldap
=2D $(LIBTOOL) --mode=3Dinstall cp radius.la $(PREFIX)/lib/openldap
=2D $(LIBTOOL) --mode=3Dinstall cp apr1.la $(PREFIX)/lib/openldap
=2D $(LIBTOOL) --finish $(PREFIX)/lib
+ rm -rf *.lo *.la *.o .libs/
+
+install: kerberos.la netscape.la radius.la
+ mkdir -p $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --mode=3Dinstall cp $? $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --finish $(DESTDIR)$(moduledir)
+
+test: kerberos.la netscape.la radius.la
+ @for i in $?;do \
+ echo "Testing loading module $$i"; \
+ echo "modulepath ." > test-slapd.conf; \
+ echo "moduleload $$i" >> test-slapd.conf; \
+ $(slapd) -T test -f test-slapd.conf && rm -f test-slapd.conf; \
+ done
diff --git a/contrib/slapd-modules/passwd/sha2/Makefile b/contrib/slapd-mod=
ules/passwd/sha2/Makefile
index 5dcb1db..d03297d 100644
=2D-- a/contrib/slapd-modules/passwd/sha2/Makefile
+++ b/contrib/slapd-modules/passwd/sha2/Makefile
@@ -1,15 +1,47 @@
# $OpenLDAP$
+# Copyright 2011 Buchan Milne <bgmilne(a)staff.telkomsa.net>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted only as authorized by the OpenLDAP
+# Public License.
+#
+# A copy of this license is available in the file LICENSE in the
+# top-level directory of the distribution or, alternatively, at
+# <http://www.OpenLDAP.org/license.html>.
=20
=2DOPENLDAP :=3D ../../../..
+CPPFLAGS+=3D-I../../../../include -I../../../../servers/slapd=20
+LIBTOOL=3D../../../../libtool
=20
=2D#CCFLAGS =3D -Wall -g -DSLAPD_SHA2_DEBUG
=2DCCFLAGS =3D -Wall -g
+ldap_subdir =3D openldap
+prefix=3D/usr/local
+exec_prefix =3D $(prefix)
+libdir =3D $(exec_prefix)/lib
+libexecdir =3D $(exec_prefix)/libexec
+moduledir =3D $(exec_prefix)/libexec/$(ldap_subdir)
+slapd=3D../../../../servers/slapd/slapd
=20
=2Dslapd-sha2.so: slapd-sha2.o sha2.o
=2D $(CC) -I$(OPENLDAP)/include -shared -Wall -g $^ -o $@
+all: sha2.la
=20
=2D%.o: %.c
=2D $(CC) -I$(OPENLDAP)/include $(CCFLAGS) -c $<
+%.lo: slapd-sha2.c sha2.c
+ $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $<
+
+%.la: slapd-sha2.lo sha2.lo
+ $(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
+ -rpath $(moduledir) -module -o $@ $<
=20
clean:
=2D @rm -f slapd-sha2.so *.o
+ rm -rf *.lo *.la *.o .libs/
+
+install: sha2.la
+ mkdir -p $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --mode=3Dinstall cp $? $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --finish $(DESTDIR)$(moduledir)
+
+test: sha2.la
+ @for i in $?;do \
+ echo "Testing loading module $$i"; \
+ echo "modulepath ." > test-slapd.conf; \
+ echo "moduleload $$i" >> test-slapd.conf; \
+ $(slapd) -T test -f test-slapd.conf && rm -f test-slapd.conf; \
+ done
diff --git a/contrib/slapd-modules/trace/Makefile b/contrib/slapd-modules/t=
race/Makefile
new file mode 100644
index 0000000..948ffef
=2D-- /dev/null
+++ b/contrib/slapd-modules/trace/Makefile
@@ -0,0 +1,48 @@
+# $OpenLDAP$
+# Copyright 2011 Buchan Milne <bgmilne(a)staff.telkomsa.net>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted only as authorized by the OpenLDAP
+# Public License.
+#
+# A copy of this license is available in the file LICENSE in the
+# top-level directory of the distribution or, alternatively, at
+# <http://www.OpenLDAP.org/license.html>.
+
+CPPFLAGS+=3D-I../../../include -I../../../servers/slapd=20
+CPPFLAGS+=3D-DSLAPD_OVER_TRACE=3DSLAPD_MOD_DYNAMIC
+LIBTOOL=3D../../../libtool
+
+ldap_subdir =3D openldap
+prefix=3D/usr/local
+exec_prefix =3D $(prefix)
+libdir =3D $(exec_prefix)/lib
+libexecdir =3D $(exec_prefix)/libexec
+moduledir =3D $(exec_prefix)/libexec/$(ldap_subdir)
+slapd=3D../../../servers/slapd/slapd
+
+all: trace.la
+
+%.lo: %.c
+ $(LIBTOOL) --mode=3Dcompile $(CC) $(CPPFLAGS) -Wall -c $<
+
+%.la: %.lo
+ $(LIBTOOL) --mode=3Dlink $(CC) -version-info 0:0:0 \
+ -rpath $(moduledir) -module -o $@ $<
+
+clean:
+ rm -rf *.lo *.la *.o .libs/
+
+install: trace.la
+ mkdir -p $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --mode=3Dinstall cp $? $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --finish $(DESTDIR)$(moduledir)
+
+test: trace.la
+ @for i in $?;do \
+ echo "Testing loading module $$i"; \
+ echo "modulepath ." > test-slapd.conf; \
+ echo "moduleload $$i" >> test-slapd.conf; \
+ $(slapd) -T test -f test-slapd.conf && rm -f test-slapd.conf; \
+ done
=2D-=20
1.7.1
--Boundary-00=_50J6N9eQwpy3uQe--
12 years, 6 months
Re: (ITS#6915) memberof+accesslog duplicate reqStart
by subbarao@computer.org
On 06/01/2011 07:36 PM, Yuri Bank wrote:
> Do you think this could be related to:
> http://www.openldap.org/its/index.cgi?findid=6864
>
> I've been having similar issues with MemberOf and Accesslog overlays
> used together.
I've occasionally experienced similar things that you describe but
haven't captured the detailed data to be able to correlate that with
this issue.
> In your fix, is the memberof overlay enabled on your consumer nodes?
No, it is disabled everywhere.
-Kartik
12 years, 6 months
Re: (ITS#6915) memberof+accesslog duplicate reqStart
by yuribank@gmail.com
--bcaec520e733d305e204a4aefc06
Content-Type: text/plain; charset=ISO-8859-1
Do you think this could be related to:
http://www.openldap.org/its/index.cgi?findid=6864
I've been having similar issues with MemberOf and Accesslog overlays used
together.
In your fix, is the memberof overlay enabled on your consumer nodes?
-Yuri
On Wed, Jun 1, 2011 at 1:00 PM, <subbarao(a)computer.org> wrote:
> This is a multi-part message in MIME format.
> --------------050703040907090602090901
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> Content-Transfer-Encoding: 7bit
>
> I figured I would share a workaround that I'm currently using for this
> issue which may be of help to others. I've disabled the memberOf overlay
> in slapd, and use an external script to populate memberOf on the master
> server, which then replicates to the consumer servers. I currently run
> this every 5 minutes from cron as follows:
>
> memberof.pl --ldap
>
> Regards,
>
> -Kartik
>
> --------------050703040907090602090901
> Content-Type: application/x-perl;
> name="memberof.pl"
> Content-Transfer-Encoding: 7bit
> Content-Disposition: attachment;
> filename="memberof.pl"
>
> #! /usr/bin/perl
>
> # Implements memberOf reverse mapping attributes -- workaround for when
> # memberOf overlay isn't available
>
> use Net::LDAP;
> use Net::LDAP::LDIF;
> use Authen::SASL;
> use Fcntl qw(LOCK_EX LOCK_NB);
> use Getopt::Long;
>
> use strict;
>
> my $basedn = "dc=example,dc=com";
>
> my @attrs = qw(member manager);
> # Note -- this filter properly excludes dynamic groupOfURLs groups
> my $attrfilter = '(|' . join("", map { "($_=*)" } @attrs) . ')';
> my %revattrs = (member => 'memberOf', manager => 'directReports');
> my %fwattrs = reverse %revattrs;
> my $revattrfilter = '(|' . join("", map { "($_=*)" } values %revattrs) .
> ')';
> my (%entries, %reventries);
>
> # Prevent multiple instances from running at the same time
> open(LOCKFH, $0); flock(LOCKFH, LOCK_EX|LOCK_NB) or exit 1;
>
> my ($generate_ldif, $update_ldap);
> GetOptions('ldif' => \$generate_ldif, 'ldap' => \$update_ldap);
>
> my $ldifout = Net::LDAP::LDIF->new('-', 'w');
> $ldifout->{change} = 1;
> my $ldap = Net::LDAP->new('ldapi://') or die "ldapi: $@\n";
> my $sasl = Authen::SASL->new(mechanism => 'EXTERNAL');
> my $sasl_client = $sasl->client_new('ldap', 'localhost');
> $ldap->bind(undef, sasl => $sasl_client);
>
> # Build %entries and %reventries maps
> my $mesg = $ldap->search(base => $basedn,
> filter => $attrfilter,
> attrs => \@attrs);
> $mesg->code && die($mesg->error . "\n");
> foreach my $entry ($mesg->all_entries) {$entries{lc $entry->dn} = $entry }
>
> $mesg = $ldap->search(base => $basedn,
> filter => $revattrfilter,
> attrs => [values
> %revattrs]);
> $mesg->code && die($mesg->error . "\n");
> foreach my $entry ($mesg->all_entries) { $reventries{lc $entry->dn} =
> $entry }
>
> # Go through and generate updates for the reverse mapping attributes
> my ($dn, $entry);
> while (($dn, $entry) = each %entries) {
> foreach my $attr (@attrs) {
> my $revattr = $revattrs{$attr};
> foreach my $val ($entry->get_value($attr)) {
> $val = lc $val;
> if (!$reventries{$val}) {
> $reventries{$val} = Net::LDAP::Entry->new;
> $reventries{$val}->dn($val);
> $reventries{$val}->changetype('modify');
> }
> $reventries{$val}->add($revattr => $entry->dn)
> unless grep({ lc $_ eq $dn }
>
> $reventries{$val}->get_value($revattr));
> }
> }
> }
> while (($dn, $entry) = each %reventries) {
> foreach my $revattr (values %revattrs) {
> foreach my $val ($entry->get_value($revattr)) {
> $val = lc $val;
> $reventries{$dn}->delete($revattr => $val)
> if !exists($entries{$val})
> || !grep({ lc $_ eq $dn }
>
> $entries{$val}->get_value($fwattrs{$revattr}));
>
> }
> }
> if ($entry->changes) {
> $ldifout->write_entry($entry) if $generate_ldif;
> if ($update_ldap) {
> my $modmesg = $entry->update($ldap);
> $modmesg->code && die("LDAP: " .$modmesg->error .
> "\n");
> }
> }
> }
>
> --------------050703040907090602090901--
>
>
>
--bcaec520e733d305e204a4aefc06
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Do you think this could be related to: <a href=3D"http://www.openldap.org/i=
ts/index.cgi?findid=3D6864">http://www.openldap.org/its/index.cgi?findid=3D=
6864</a>=A0 <br><br>I've been having similar issues with MemberOf and A=
ccesslog overlays used together.<br>
<br><br>In your fix, is the memberof overlay enabled on your consumer nodes=
?<br><br>-Yuri<br><br><div class=3D"gmail_quote">On Wed, Jun 1, 2011 at 1:0=
0 PM, <span dir=3D"ltr"><<a href=3D"mailto:subbarao@computer.org">subba=
rao(a)computer.org</a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex;">This is a multi-part message in MIME format=
.<br>
--------------050703040907090602090901<br>
Content-Type: text/plain; charset=3DISO-8859-1; format=3Dflowed<br>
Content-Transfer-Encoding: 7bit<br>
<br>
I figured I would share a workaround that I'm currently using for this<=
br>
issue which may be of help to others. I've disabled the memberOf overla=
y<br>
in slapd, and use an external script to populate memberOf on the master<br>
server, which then replicates to the consumer servers. I currently run<br>
this every 5 minutes from cron as follows:<br>
<br>
<a href=3D"http://memberof.pl" target=3D"_blank">memberof.pl</a> --ldap<br>
<br>
Regards,<br>
<br>
=A0 =A0 =A0 =A0-Kartik<br>
<br>
--------------050703040907090602090901<br>
Content-Type: application/x-perl;<br>
=A0name=3D"<a href=3D"http://memberof.pl" target=3D"_blank">memberof.p=
l</a>"<br>
Content-Transfer-Encoding: 7bit<br>
Content-Disposition: attachment;<br>
=A0filename=3D"<a href=3D"http://memberof.pl" target=3D"_blank">member=
of.pl</a>"<br>
<br>
#! /usr/bin/perl<br>
<br>
# Implements memberOf reverse mapping attributes -- workaround for when<br>
# memberOf overlay isn't available<br>
<br>
use Net::LDAP;<br>
use Net::LDAP::LDIF;<br>
use Authen::SASL;<br>
use Fcntl qw(LOCK_EX LOCK_NB);<br>
use Getopt::Long;<br>
<br>
use strict;<br>
<br>
my $basedn =3D "dc=3Dexample,dc=3Dcom";<br>
<br>
my @attrs =3D qw(member manager);<br>
# Note -- this filter properly excludes dynamic groupOfURLs groups<br>
my $attrfilter =3D '(|' . join("", map { "($_=3D*)&q=
uot; } @attrs) . ')';<br>
my %revattrs =3D (member =3D> 'memberOf', manager =3D> 'd=
irectReports');<br>
my %fwattrs =3D reverse %revattrs;<br>
my $revattrfilter =3D '(|' . join("", map { "($_=3D*=
)" } values %revattrs) . ')';<br>
my (%entries, %reventries);<br>
<br>
# Prevent multiple instances from running at the same time<br>
open(LOCKFH, $0); flock(LOCKFH, LOCK_EX|LOCK_NB) or exit 1;<br>
<br>
my ($generate_ldif, $update_ldap);<br>
GetOptions('ldif' =3D> \$generate_ldif, 'ldap' =3D> \=
$update_ldap);<br>
<br>
my $ldifout =3D Net::LDAP::LDIF->new('-', 'w');<br>
$ldifout->{change} =3D 1;<br>
my $ldap =3D Net::LDAP->new('ldapi://') or die "ldapi: $@\n=
";<br>
my $sasl =3D Authen::SASL->new(mechanism =3D> 'EXTERNAL');<br=
>
my $sasl_client =3D $sasl->client_new('ldap', 'localhost'=
;);<br>
$ldap->bind(undef, sasl =3D> $sasl_client);<br>
<br>
# Build %entries and %reventries maps<br>
my $mesg =3D $ldap->search(base =3D> $basedn,<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =
=A0 =A0 =A0 =A0 =A0 =A0 filter =3D> $attrfilter,<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =
=A0 =A0 =A0 =A0 =A0 =A0 attrs =3D> \@attrs);<br>
$mesg->code && die($mesg->error . "\n");<br>
foreach my $entry ($mesg->all_entries) {$entries{lc $entry->dn} =3D $=
entry }<br>
<br>
$mesg =3D $ldap->search(base =3D> $basedn,<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =
=A0 =A0 =A0 =A0 =A0 =A0 filter =3D> $revattrfilter,<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =
=A0 =A0 =A0 =A0 =A0 =A0 attrs =3D> [values %revattrs]);<br>
$mesg->code && die($mesg->error . "\n");<br>
foreach my $entry ($mesg->all_entries) { $reventries{lc $entry->dn} =
=3D $entry }<br>
<br>
# Go through and generate updates for the reverse mapping attributes<br>
my ($dn, $entry);<br>
while (($dn, $entry) =3D each %entries) {<br>
=A0 =A0 =A0 =A0foreach my $attr (@attrs) {<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0my $revattr =3D $revattrs{$attr};<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0foreach my $val ($entry->get_value($attr=
)) {<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0$val =3D lc $val;<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0if (!$reventries{$val}) {<b=
r>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0$reventries=
{$val} =3D Net::LDAP::Entry->new;<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0$reventries=
{$val}->dn($val);<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0$reventries=
{$val}->changetype('modify');<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0}<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0$reventries{$val}->add($=
revattr =3D> $entry->dn)<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0unless grep=
({ lc $_ eq $dn }<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0$reventries{$val}->get_value($rev=
attr));<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0}<br>
=A0 =A0 =A0 =A0}<br>
}<br>
while (($dn, $entry) =3D each %reventries) {<br>
=A0 =A0 =A0 =A0foreach my $revattr (values %revattrs) {<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0foreach my $val ($entry->get_value($reva=
ttr)) {<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0$val =3D lc $val;<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0$reventries{$dn}->delete=
($revattr =3D> $val)<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0if !exists(=
$entries{$val})<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0|| !grep({ =
lc $_ eq $dn }<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =
=A0 =A0 =A0 =A0 =A0 =A0 $entries{$val}->get_value($fwattrs{$revattr}));<=
br>
<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0}<br>
=A0 =A0 =A0 =A0}<br>
=A0 =A0 =A0 =A0if ($entry->changes) {<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0$ldifout->write_entry($entry) if $genera=
te_ldif;<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0if ($update_ldap) {<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0my $modmesg =3D $entry->=
update($ldap);<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0$modmesg->code &&=
; die("LDAP: " .$modmesg->error . =A0"\n");<br>
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0}<br>
=A0 =A0 =A0 =A0}<br>
}<br>
<br>
--------------050703040907090602090901--<br>
<br>
<br>
</blockquote></div><br>
--bcaec520e733d305e204a4aefc06--
12 years, 6 months
Re: (ITS#6915) memberof+accesslog duplicate reqStart
by subbarao@computer.org
This is a multi-part message in MIME format.
--------------050703040907090602090901
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
I figured I would share a workaround that I'm currently using for this
issue which may be of help to others. I've disabled the memberOf overlay
in slapd, and use an external script to populate memberOf on the master
server, which then replicates to the consumer servers. I currently run
this every 5 minutes from cron as follows:
memberof.pl --ldap
Regards,
-Kartik
--------------050703040907090602090901
Content-Type: application/x-perl;
name="memberof.pl"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename="memberof.pl"
#! /usr/bin/perl
# Implements memberOf reverse mapping attributes -- workaround for when
# memberOf overlay isn't available
use Net::LDAP;
use Net::LDAP::LDIF;
use Authen::SASL;
use Fcntl qw(LOCK_EX LOCK_NB);
use Getopt::Long;
use strict;
my $basedn = "dc=example,dc=com";
my @attrs = qw(member manager);
# Note -- this filter properly excludes dynamic groupOfURLs groups
my $attrfilter = '(|' . join("", map { "($_=*)" } @attrs) . ')';
my %revattrs = (member => 'memberOf', manager => 'directReports');
my %fwattrs = reverse %revattrs;
my $revattrfilter = '(|' . join("", map { "($_=*)" } values %revattrs) . ')';
my (%entries, %reventries);
# Prevent multiple instances from running at the same time
open(LOCKFH, $0); flock(LOCKFH, LOCK_EX|LOCK_NB) or exit 1;
my ($generate_ldif, $update_ldap);
GetOptions('ldif' => \$generate_ldif, 'ldap' => \$update_ldap);
my $ldifout = Net::LDAP::LDIF->new('-', 'w');
$ldifout->{change} = 1;
my $ldap = Net::LDAP->new('ldapi://') or die "ldapi: $@\n";
my $sasl = Authen::SASL->new(mechanism => 'EXTERNAL');
my $sasl_client = $sasl->client_new('ldap', 'localhost');
$ldap->bind(undef, sasl => $sasl_client);
# Build %entries and %reventries maps
my $mesg = $ldap->search(base => $basedn,
filter => $attrfilter,
attrs => \@attrs);
$mesg->code && die($mesg->error . "\n");
foreach my $entry ($mesg->all_entries) {$entries{lc $entry->dn} = $entry }
$mesg = $ldap->search(base => $basedn,
filter => $revattrfilter,
attrs => [values %revattrs]);
$mesg->code && die($mesg->error . "\n");
foreach my $entry ($mesg->all_entries) { $reventries{lc $entry->dn} = $entry }
# Go through and generate updates for the reverse mapping attributes
my ($dn, $entry);
while (($dn, $entry) = each %entries) {
foreach my $attr (@attrs) {
my $revattr = $revattrs{$attr};
foreach my $val ($entry->get_value($attr)) {
$val = lc $val;
if (!$reventries{$val}) {
$reventries{$val} = Net::LDAP::Entry->new;
$reventries{$val}->dn($val);
$reventries{$val}->changetype('modify');
}
$reventries{$val}->add($revattr => $entry->dn)
unless grep({ lc $_ eq $dn }
$reventries{$val}->get_value($revattr));
}
}
}
while (($dn, $entry) = each %reventries) {
foreach my $revattr (values %revattrs) {
foreach my $val ($entry->get_value($revattr)) {
$val = lc $val;
$reventries{$dn}->delete($revattr => $val)
if !exists($entries{$val})
|| !grep({ lc $_ eq $dn }
$entries{$val}->get_value($fwattrs{$revattr}));
}
}
if ($entry->changes) {
$ldifout->write_entry($entry) if $generate_ldif;
if ($update_ldap) {
my $modmesg = $entry->update($ldap);
$modmesg->code && die("LDAP: " .$modmesg->error . "\n");
}
}
}
--------------050703040907090602090901--
12 years, 6 months
RE: Re: (ITS#6952)
by quanah@zimbra.com
--On Friday, May 27, 2011 4:47 AM +0000 Srinivas.Kondamadugu(a)mphasis.com
wrote:
> Any help here?
The ITS system is for reporting bugs, not for asking for help. If you need
help, use the openldap-technical(a)openldap.org mailing list.
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration
12 years, 6 months
