Re: *****SPAM***** openLDAP replication and trigger a script or exec binary

[Quanah Gibson-Mount <quanah@stanford.edu>]

--On Saturday, March 10, 2007 3:02 AM +0800 "Ivan R. Sy Jr." 
<isy@infoweapons.com> wrote:

> Hi list!
>
> I seem can't find a way to allow OpenLDAP to execute a shell script or
> exec binary whenever it gets modified by slurpd.
>
> My agenda is to have master->slave LDAP replication and when the slave is
> modified via slurpd, it will then execute something (shell
> script/binary/anything) from the system and then resumes normal operation
> (returning success code to slurpd)
>
>
> Here's what i understand with openLDAP replication:
>
> Step 1: An LDAP client starts up and connects to a master /slapd/.
> Step 2: The LDAP client submits an LDAP modify operation to the master
> /slapd/.
> Step 4: The master /slapd/ performs the modify operation, writes out the
> change to its replication log file and returns a success code to the
> client.
> Step 5: The /slurpd/ process notices that a new entry has been appended
> to the replication log file, reads the replication log entry, and sends
> the change to the slave /slapd/ via LDAP.
> Step 6: The slave /slapd/ performs the modify operation and returns a
> success code to the /slurpd/ process.
>
> in step6, is there a way that slapd performs the modify operation... and
> "execute a shell script or binary and when it exists", it returns a
> success code to slurpd process?
>
> maybe a patch somewhere? or a clue where to set this hook? or any light
> on this?

I would use OpenLDAP 2.3, set up an accesslog for the database, and then 
have a process that "listens" to changes made to the accesslog, that can do 
whatever it is you want done when changes are made.

--Quanah


--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html