[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Installing openldap 2.2.19 on RHEL 3
These are the steps that I used for installing openldap 2.2.19 on RHEL
ES-3 system. It was easy enough for unlearned and unwashed such as me
though it would have been nice to have these steps written down for
me ;-)
objectives were to leave openldap/db4/sasl stuff alone from RHEL install
and completely build in /usr/local
reference Quanah Gibson-Mount web page (invaluable)
<http://www.stanford.edu/services/directory/openldap/configuration/>
This info is created mostly from history though I have edited it for
clarity (and to eliminate all of my missteps) - YMMV
Comments anyone?
cd /opt
mkdir build-openldap
cd build-openldap/
wget http://www.openssl.org/source/openssl-0.9.7e.tar.gz
wget ftp://ftp.pdc.kth.se/pub/heimdal/src/heimdal-0.6.3.tar.gz
wget http://www.stanford.edu/services/directory/openldap/configuration/patches/heimdal/libfix.diff
wget ftp://sleepycat1.inetu.net/releases/db-4.2.52.tar.gz
wget http://www.sleepycat.com/update/4.2.52/patch.4.2.52.1
wget http://www.sleepycat.com/update/4.2.52/patch.4.2.52.2
wget http://www.stanford.edu/services/directory/openldap/configuration/patches/db/transactions.diff
wget http://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.20.tar.gz
wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.2.19.tgz
tar zxvf openssl-0.9.7e.tar.gz
tar zxvf heimdal-0.6.3.tar.gz
tar zxvf db-4.2.52.tar.gz
tar zxvf cyrus-sasl-2.1.20.tar.gz
tar zxvf openldap-2.2.19.tgz
rm db-4.2.52.NC.tar.gz
cd openssl-0.9.7e
emacs Config #See Config.openssl
chmod u+x Config
./Config
make
make test
make install
cd ../
cd heimdal-0.6.3.tar.gz
patch -i ../libfix.diff
emacs Config #See Config.heimdal
chmod u+x Config
./Config
make
make test
make install
cd ..
cd db-4.2.52
patch -i ../patch.4.2.52.1
patch -i ../patch.4.2.52.2
patch -i ../transactions.diff
cd build_unix/
emacs Config #See Config.sleepycat
chmod u+x Config
./Config
make
make install
cd ../..
cd cyrus-sasl-2.1.20
emacs Config #See Config.cyrus-sasl
chmod u+x Config
./Config
make
make test
make install
cd ..
cd openldap-2.2.19
emacs Config #See Config.openldap
./Config
make depend
make
make test
make install
Other Important notes...
I created a new sysv script for this setup (leaving the other intact)
emacs /etc/rc.d/init.d/ldap-new # see below - Once this was created,
#chkconfig ldap off
#chkconfig ldap-new on
also
config files /usr/local/etc/openldap
data files /usr/local/var/openldap-data
I added
allow bind_v2 #postfix needed this I think
allow bind_anon_dn #this may not be necessary
to slapd.conf
Extremely valuable info on tuning bdb
<http://www.openldap.org/lists/openldap-software/200412/msg00461.html>
File contents
Config.openssl
#!/bin/sh
env CC=gcc LDFLAGS="-L/usr/local/lib -R/usr/local/lib" \
PERL=/usr/bin/perl
LD_RUN_PATH=/usr/local/lib \
./config \
--prefix=/usr/local \
--openssldir=/usr/local/openssl \
shared linux
Config.heimdal
#!/bin/sh
CFLAGS='-O2'
CXXFLAGS='-O2'
CCFLAGS="-O2 -D_REENTRANT"
./configure \
--prefix=/usr/local \
--sysconfdir=/etc/leland \
CCFLAGS="-O2 -D_REENTRANT" \
--enable-shared \
--with-krb4=/usr/local \
--with-openssl=/usr/local \
--without-readline \
--without-openldap \
--without-hesiod \
--disable-berkeley-db \
--without-ipv6
Config.sleepycat
#!/bin/sh
CFLAGS='-O2'
CXXFLAGS='-O2'
../dist/configure \
--prefix=/usr/local \
--enable-compat185
Config.cyrus-sasl
#!/bin/sh
CFLAGS='-O2'
CXXFLAGS='-O2'
./configure \
--disable-sample \
--without-dblib \
--without-pam \
--without-des \
--disable-des \
--with-openssl=/usr/local \
--without-saslauthd \
--disable-checkapop \
--disable-cram --disable-digest --disable-otp --disable-anon \
--enable-plain --enable-login \
--enable-gssapi=/usr/local \
--with-plugindir=/usr/local/lib/sasl2
Config.openldap
#!/bin/sh
export LDFLAGS="-L/usr/local/lib -R/usr/local/lib"
export CPPFLAGS="-I/usr/local/ssl/include"
export LD_LIBRARY_PATH=/usr/local/lib
export LD_RUN_PATH=/usr/local/lib
export LANG=en_US
./configure \
--prefix=/usr/local \
--disable-ipv6 \
--with-cyrus-sasl \
--with-kerberos \
--with-tls \
--enable-monitor \
--enable-dynamic \
--enable-phonetic \
--enable-slapd \
--enable-spasswd \
--enable-rlookups \
--enable-wrappers \
--enable-crypt \
--enable-hdb \
--with-dyngroup=yes \
--with-proxycache=yes
ldap-new sysv script
#!/bin/bash
#
# ldap This shell script takes care of starting and stopping
# ldap servers (slapd and slurpd).
#
# chkconfig: - 39 61
# description: LDAP stands for Lightweight Directory Access Protocol, used \
# for implementing the industry standard directory services.
# processname: slapd
# config: /etc/openldap/slapd.conf
# pidfile: /var/run/slapd.pid
#config:=/usr/local/etc/openldap/slapd.conf
#pidfile:/usr/local/var/run/slapd.pid
# Source function library.
. /etc/init.d/functions
# Source networking configuration and check that networking is up.
if [ -r /etc/sysconfig/network ] ; then
. /etc/sysconfig/network
[ ${NETWORKING} = "no" ] && exit 0
fi
# Source an auxiliary options file if we have one, and pick up OPTIONS,
# SLAPD_OPTIONS, and SLURPD_OPTIONS.
if [ -r /etc/sysconfig/ldap ] ; then
. /etc/sysconfig/ldap
fi
slapd=/usr/local/libexec/slapd
slurpd=/usr/local/libexec/slurpd
[ -x ${slapd} ] || exit 0
[ -x ${slurpd} ] || exit 0
RETVAL=0
function start() {
# Start daemons.
prog=`basename ${slapd}`
echo -n $"Starting $prog: "
if grep -q ^TLS /usr/local/etc/openldap/slapd.conf ; then
daemon ${slapd} -u ldap -h '"ldap:/// ldaps:///"' $OPTIONS $SLAPD_OPTIONS
RETVAL=$?
else
daemon ${slapd} -u ldap $OPTIONS $SLAPD_OPTIONS
RETVAL=$?
fi
echo
if [ $RETVAL -eq 0 ]; then
if grep -q "^replogfile" /etc/openldap/slapd.conf; then
prog=`basename ${slurpd}`
echo -n $"Starting $prog: "
daemon ${slurpd} $OPTIONS $SLURPD_OPTIONS
RETVAL=$?
echo
fi
fi
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/ldap
return $RETVAL
}
function stop() {
# Stop daemons.
prog=`basename ${slapd}`
echo -n $"Stopping $prog: "
killproc ${slapd}
RETVAL=$?
echo
if [ $RETVAL -eq 0 ]; then
if grep -q "^replogfile" /usr/local/etc/openldap/slapd.conf; then
prog=`basename ${slurpd}`
echo -n $"Stopping $prog: "
killproc ${slurpd}
RETVAL=$?
echo
fi
fi
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/ldap /var/run/slapd.args
return $RETVAL
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status ${slapd}
if grep -q "^replogfile" /usr/local/etc/openldap/slapd.conf ; then
status ${slurpd}
fi
;;
restart)
stop
start
;;
condrestart)
if [ -f /var/lock/subsys/ldap ] ; then
stop
start
fi
;;
*)
echo $"Usage: $0 {start|stop|restart|status|condrestart}"
RETVAL=1
esac
exit $RETVAL