[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Installing Openldap from a tarball



> Hello All!
>
> Im trying to install openldap with BerkeleyDB support, but im geting errors.
> Im using FreeBSD 5.3, and i dont want to use the ports.
>
> Scenario:
>

This is long for the purpose of the list archive.

Here is what I do to install from source on FreeBSD 5.4.

1.  Install BerkeleyDB

4.2.52 w/ 4 patches from sleepycat and 1 patch from openldap
 tar xvfz db-4.2.54.tar.gz
 cd db-4.2.52.NC
 patch -p0 < ../patch.4.2.52.1
 patch -p0 < ../patch.4.2.52.2
 patch -p0 < ../patch.4.2.52.3
 patch -p0 < ../patch.4.2.52.4
 patch -p0 < ../ldap/build/BerkeleyDB42.patch (this is in openldap source)

Both 4.2 and 4.3
 cd pathtodbsource/build_unix
 ../dist/configure
 make
 make install

 *this installs in /usr/local/BerkeleyDB.4.x

2.  Install openldap

 cd into ldap source (change .x to the version, such as 4.3)
 export CPPFLAGS="-I/usr/local/BerkeleyDB.4.x/include"
 export LDFLAGS="-L/usr/local/BerkeleyDB.4.x/lib"
 export LD_LIBRARY_PATH="/usr/local/BerkeleyDB.4.x/lib"
 ./configure --prefix="pathto/whereyouwantit"

 *prefix is optional, but if your installing this way you may like to
keep everything in its own directory structure.

 make depend
 make test
 make install
 cd /usr/local/lib
 ln -s /usr/local/BerkeleyDB.4.x/lib/libdb-4.x.so
 ldconfig

 adduser
Username: ldap
Full name: ldap
Uid (Leave empty for default): 389
Login group [ldap]:
Login group is ldap. Invite ldap into other groups? []:
Login class [default]:
Shell (sh csh tcsh bash nologin) [sh]: nologin
Home directory [/home/ldap]: /nonexistent
Use password-based authentication? [yes]: no
Lock out the account after creation? [no]: no

 vi /etc/syslog.conf (add line below)
local4.*	/var/log/ldap.log

 touch /var/log/ldap.log
 /etc/rc.d/syslog stop;/etc/rc.d/syslog start

My startup script in /usr/local/etc/rc.d/slapd.sh
 *note: if you want to use slapd.d configuration structure create the
slapd.d directory in your etc/openldap dir and uncomment the chown line
below for slapd.d.  This is modified to use --prefix, so change slapd_path
to your path to slapd or modify all the paths to point where you want.

-----slapd.sh start (this is stolen from the freebsd port-----
. "/etc/rc.subr"

name="slapd"
rcvar=`set_rcvar`
slapd_path="/usr/local/openldap23"

command="${slapd_path}/libexec/slapd"
pidfile="${slapd_path}/var/run/slapd.pid"
required_dirs="${slapd_path}/var/run"
required_files="${slapd_path}/etc/openldap/slapd.conf"

start_precmd=start_precmd
start_postcmd=start_postcmd

# extract user and group, adjust ownership of directories and database

start_precmd()
{
  local slapd_ownername slapd_groupname

  case x"$slapd_owner" in
  ""|[Nn][Oo][Nn][Ee]|[Dd][Ee][Ff][Aa][Uu][Ll][Tt])
    ;;
  *)
    chown "$slapd_owner" "${slapd_path}/var/run"
    chown -RL "$slapd_owner" "${slapd_path}/var/openldap-data"
    chown "$slapd_owner" "${slapd_path}/etc/openldap/slapd.conf"
    #chown -RL "$slapd_owner" "${slapd_path}/etc/openldap/slapd.d"

    slapd_ownername=`expr //"$slapd_owner" : //'\([^:]*\)'`
    slapd_groupname=`expr //"$slapd_owner" : //'.*:\([^:]*\)'`

    if [ -n "$slapd_ownername" ]; then
      rc_flags="$rc_flags -u $slapd_ownername"
    fi
    if [ -n "$slapd_groupname" ]; then
      rc_flags="$rc_flags -g $slapd_groupname"
    fi
    ;;
  esac
}

# adjust ownership of created unix sockets

start_postcmd()
{
  local socket seconds

  for socket in $slapd_sockets; do
    for seconds in 1 2 3 4 5; do
      [ -e "$socket" ] && break
      sleep 1
    done
    if [ -S "$socket" ]; then
      case "$slapd_owner" in
      ""|[Nn][Oo][Nn][Ee]|[Dd][Ee][Ff][Aa][Uu][Ll][Tt])
        ;;
      *)
        chown "$slapd_owner" "$socket"
        ;;
      esac
      chmod "$slapd_sockets_mode" "$socket"
    else
      warn "slapd: Can't find socket $socket"
    fi
  done
}

# read settings, set defaults
load_rc_config $name
: ${slapd_enable="NO"}
if [ -n "${slapd_args+set}" ]; then
  warn "slapd_args is deprecated, use slapd_flags"
  : ${slapd_flags="$slapd_args"}
else
  : ${slapd_flags=""}
fi
: ${slapd_owner="ldap:ldap"}
: ${slapd_sockets=""}
: ${slapd_sockets_mode="666"}

run_rc_command "$1"

----end slapd.sh----

 Now, edit rc.conf to say to start slapd with what you want.  Change the
path to your /var/run path.  Note that slapd_flags is really one line with
a space between ldapi/ and ldap://

vi /etc/rc.conf
slapd_enable="YES"
slapd_flags='-h "ldapi://%2fusr%sflocal%2fopenldap23%2fvar%2frun%2fldapi/
ldap://0.0.0.0/";'
slapd_sockets="/usr/local/openldap23/var/run/ldapi"

Now, you can control slapd with /usr/local/etc/rc.d/slapd.sh start/stop
and it will be automatically started when you reboot with the startup
script.

Hope that is helpful

-Dusty Doris