[Date Prev][Date Next] [Chronological] [Thread] [Top]

Installing openldap 2.2.19 on RHEL 3



These are the steps that I used for installing openldap 2.2.19 on RHEL
ES-3 system. It was easy enough for unlearned and unwashed such as me
though it would have been nice to have these steps written down for
me ;-)

objectives were to leave openldap/db4/sasl stuff alone from RHEL install
and completely build in /usr/local

reference Quanah Gibson-Mount web page (invaluable)
<http://www.stanford.edu/services/directory/openldap/configuration/>

This info is created mostly from history though I have edited it for
clarity (and to eliminate all of my missteps) - YMMV

Comments anyone?

cd /opt
mkdir build-openldap
cd build-openldap/

wget http://www.openssl.org/source/openssl-0.9.7e.tar.gz
wget ftp://ftp.pdc.kth.se/pub/heimdal/src/heimdal-0.6.3.tar.gz
wget http://www.stanford.edu/services/directory/openldap/configuration/patches/heimdal/libfix.diff
wget ftp://sleepycat1.inetu.net/releases/db-4.2.52.tar.gz
wget http://www.sleepycat.com/update/4.2.52/patch.4.2.52.1
wget http://www.sleepycat.com/update/4.2.52/patch.4.2.52.2
wget http://www.stanford.edu/services/directory/openldap/configuration/patches/db/transactions.diff
wget http://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.20.tar.gz
wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.2.19.tgz

tar zxvf openssl-0.9.7e.tar.gz 
tar zxvf heimdal-0.6.3.tar.gz 
tar zxvf db-4.2.52.tar.gz 
tar zxvf cyrus-sasl-2.1.20.tar.gz 
tar zxvf openldap-2.2.19.tgz 
rm db-4.2.52.NC.tar.gz 

cd openssl-0.9.7e
emacs Config  #See Config.openssl
chmod u+x Config 
./Config
make
make test
make install
cd ../

cd heimdal-0.6.3.tar.gz
patch -i ../libfix.diff 
emacs Config  #See Config.heimdal
chmod u+x Config 
./Config
make
make test
make install
cd ..

cd db-4.2.52
patch -i ../patch.4.2.52.1
patch -i ../patch.4.2.52.2
patch -i ../transactions.diff 
cd build_unix/
emacs Config  #See Config.sleepycat
chmod u+x Config 
./Config
make
make install
cd ../..

cd cyrus-sasl-2.1.20
emacs Config  #See Config.cyrus-sasl
chmod u+x Config
./Config  
make
make test
make install

cd ..
cd openldap-2.2.19
emacs Config  #See Config.openldap
./Config
make depend
make
make test
make install

Other Important notes...
I created a new sysv script for this setup (leaving the other intact)
emacs /etc/rc.d/init.d/ldap-new  # see below - Once this was created, 
#chkconfig ldap off
#chkconfig ldap-new on  

also
config files /usr/local/etc/openldap
data files /usr/local/var/openldap-data

I added
allow   bind_v2        #postfix needed this I think
allow   bind_anon_dn   #this may not be necessary 

to slapd.conf

Extremely valuable info on tuning bdb
<http://www.openldap.org/lists/openldap-software/200412/msg00461.html>

File contents

Config.openssl
#!/bin/sh
env CC=gcc LDFLAGS="-L/usr/local/lib -R/usr/local/lib" \
PERL=/usr/bin/perl
LD_RUN_PATH=/usr/local/lib \
./config \
        --prefix=/usr/local \
        --openssldir=/usr/local/openssl \
        shared linux

Config.heimdal
#!/bin/sh
CFLAGS='-O2'
CXXFLAGS='-O2'
CCFLAGS="-O2 -D_REENTRANT"
./configure \
        --prefix=/usr/local \
        --sysconfdir=/etc/leland \
        CCFLAGS="-O2 -D_REENTRANT" \
        --enable-shared \
        --with-krb4=/usr/local \
        --with-openssl=/usr/local \
        --without-readline \
        --without-openldap \
        --without-hesiod \
        --disable-berkeley-db \
        --without-ipv6

Config.sleepycat
#!/bin/sh
CFLAGS='-O2'
CXXFLAGS='-O2'
../dist/configure \
        --prefix=/usr/local \
        --enable-compat185

Config.cyrus-sasl
#!/bin/sh
CFLAGS='-O2'
CXXFLAGS='-O2'
./configure \
        --disable-sample \
        --without-dblib \
        --without-pam \
        --without-des \
        --disable-des \
        --with-openssl=/usr/local \
        --without-saslauthd \
        --disable-checkapop \
        --disable-cram --disable-digest --disable-otp --disable-anon \
        --enable-plain --enable-login \
        --enable-gssapi=/usr/local \
        --with-plugindir=/usr/local/lib/sasl2

Config.openldap
#!/bin/sh
export LDFLAGS="-L/usr/local/lib -R/usr/local/lib"
export CPPFLAGS="-I/usr/local/ssl/include"
export LD_LIBRARY_PATH=/usr/local/lib
export LD_RUN_PATH=/usr/local/lib
export LANG=en_US
./configure \
    --prefix=/usr/local \
    --disable-ipv6 \
    --with-cyrus-sasl \
    --with-kerberos \
    --with-tls \
    --enable-monitor \
    --enable-dynamic \
    --enable-phonetic \
    --enable-slapd \
    --enable-spasswd \
    --enable-rlookups \
    --enable-wrappers \
    --enable-crypt \
    --enable-hdb \
    --with-dyngroup=yes \
    --with-proxycache=yes


ldap-new sysv script
#!/bin/bash
#
# ldap  This shell script takes care of starting and stopping
#       ldap servers (slapd and slurpd).
#
# chkconfig: - 39 61
# description: LDAP stands for Lightweight Directory Access Protocol, used \
#              for implementing the industry standard directory services.
# processname: slapd
# config: /etc/openldap/slapd.conf
# pidfile: /var/run/slapd.pid
#config:=/usr/local/etc/openldap/slapd.conf
#pidfile:/usr/local/var/run/slapd.pid

# Source function library.
. /etc/init.d/functions

# Source networking configuration and check that networking is up.
if [ -r /etc/sysconfig/network ] ; then
        . /etc/sysconfig/network
        [ ${NETWORKING} = "no" ] && exit 0
fi

# Source an auxiliary options file if we have one, and pick up OPTIONS,
# SLAPD_OPTIONS, and SLURPD_OPTIONS.
if [ -r /etc/sysconfig/ldap ] ; then
        . /etc/sysconfig/ldap
fi

slapd=/usr/local/libexec/slapd
slurpd=/usr/local/libexec/slurpd
[ -x ${slapd} ] || exit 0
[ -x ${slurpd} ] || exit 0

RETVAL=0

function start() {
        # Start daemons.
        prog=`basename ${slapd}`
        echo -n $"Starting $prog: "
        if grep -q ^TLS /usr/local/etc/openldap/slapd.conf ; then
            daemon ${slapd} -u ldap -h '"ldap:/// ldaps:///"' $OPTIONS $SLAPD_OPTIONS
            RETVAL=$?
        else
            daemon ${slapd} -u ldap $OPTIONS $SLAPD_OPTIONS
            RETVAL=$?
        fi
        echo
        if [ $RETVAL -eq 0 ]; then
            if grep -q "^replogfile" /etc/openldap/slapd.conf; then
                prog=`basename ${slurpd}`
                echo -n $"Starting $prog: "
                daemon ${slurpd} $OPTIONS $SLURPD_OPTIONS
                RETVAL=$?
                echo
            fi
        fi
        [ $RETVAL -eq 0 ] && touch /var/lock/subsys/ldap
        return $RETVAL
}

function stop() {
        # Stop daemons.
        prog=`basename ${slapd}`
        echo -n $"Stopping $prog: "
        killproc ${slapd}
        RETVAL=$?
        echo
        if [ $RETVAL -eq 0 ]; then
            if grep -q "^replogfile" /usr/local/etc/openldap/slapd.conf; then
                prog=`basename ${slurpd}`
                echo -n $"Stopping $prog: "
                killproc ${slurpd}
                RETVAL=$?
                echo
            fi
        fi
        [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/ldap /var/run/slapd.args
        return $RETVAL
}

# See how we were called.
case "$1" in
    start)
        start
        ;;
    stop)
        stop
        ;;
    status)
        status ${slapd}
        if grep -q "^replogfile" /usr/local/etc/openldap/slapd.conf ; then
            status ${slurpd}
        fi
        ;;
    restart)
        stop
        start
        ;;
    condrestart)
        if [ -f /var/lock/subsys/ldap ] ; then
            stop
            start
        fi
        ;;
    *)
        echo $"Usage: $0 {start|stop|restart|status|condrestart}"
        RETVAL=1
esac

exit $RETVAL