[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Installing Openldap from a tarball
> Hello All!
>
> Im trying to install openldap with BerkeleyDB support, but im geting errors.
> Im using FreeBSD 5.3, and i dont want to use the ports.
>
> Scenario:
>
This is long for the purpose of the list archive.
Here is what I do to install from source on FreeBSD 5.4.
1. Install BerkeleyDB
4.2.52 w/ 4 patches from sleepycat and 1 patch from openldap
tar xvfz db-4.2.54.tar.gz
cd db-4.2.52.NC
patch -p0 < ../patch.4.2.52.1
patch -p0 < ../patch.4.2.52.2
patch -p0 < ../patch.4.2.52.3
patch -p0 < ../patch.4.2.52.4
patch -p0 < ../ldap/build/BerkeleyDB42.patch (this is in openldap source)
Both 4.2 and 4.3
cd pathtodbsource/build_unix
../dist/configure
make
make install
*this installs in /usr/local/BerkeleyDB.4.x
2. Install openldap
cd into ldap source (change .x to the version, such as 4.3)
export CPPFLAGS="-I/usr/local/BerkeleyDB.4.x/include"
export LDFLAGS="-L/usr/local/BerkeleyDB.4.x/lib"
export LD_LIBRARY_PATH="/usr/local/BerkeleyDB.4.x/lib"
./configure --prefix="pathto/whereyouwantit"
*prefix is optional, but if your installing this way you may like to
keep everything in its own directory structure.
make depend
make test
make install
cd /usr/local/lib
ln -s /usr/local/BerkeleyDB.4.x/lib/libdb-4.x.so
ldconfig
adduser
Username: ldap
Full name: ldap
Uid (Leave empty for default): 389
Login group [ldap]:
Login group is ldap. Invite ldap into other groups? []:
Login class [default]:
Shell (sh csh tcsh bash nologin) [sh]: nologin
Home directory [/home/ldap]: /nonexistent
Use password-based authentication? [yes]: no
Lock out the account after creation? [no]: no
vi /etc/syslog.conf (add line below)
local4.* /var/log/ldap.log
touch /var/log/ldap.log
/etc/rc.d/syslog stop;/etc/rc.d/syslog start
My startup script in /usr/local/etc/rc.d/slapd.sh
*note: if you want to use slapd.d configuration structure create the
slapd.d directory in your etc/openldap dir and uncomment the chown line
below for slapd.d. This is modified to use --prefix, so change slapd_path
to your path to slapd or modify all the paths to point where you want.
-----slapd.sh start (this is stolen from the freebsd port-----
. "/etc/rc.subr"
name="slapd"
rcvar=`set_rcvar`
slapd_path="/usr/local/openldap23"
command="${slapd_path}/libexec/slapd"
pidfile="${slapd_path}/var/run/slapd.pid"
required_dirs="${slapd_path}/var/run"
required_files="${slapd_path}/etc/openldap/slapd.conf"
start_precmd=start_precmd
start_postcmd=start_postcmd
# extract user and group, adjust ownership of directories and database
start_precmd()
{
local slapd_ownername slapd_groupname
case x"$slapd_owner" in
""|[Nn][Oo][Nn][Ee]|[Dd][Ee][Ff][Aa][Uu][Ll][Tt])
;;
*)
chown "$slapd_owner" "${slapd_path}/var/run"
chown -RL "$slapd_owner" "${slapd_path}/var/openldap-data"
chown "$slapd_owner" "${slapd_path}/etc/openldap/slapd.conf"
#chown -RL "$slapd_owner" "${slapd_path}/etc/openldap/slapd.d"
slapd_ownername=`expr //"$slapd_owner" : //'\([^:]*\)'`
slapd_groupname=`expr //"$slapd_owner" : //'.*:\([^:]*\)'`
if [ -n "$slapd_ownername" ]; then
rc_flags="$rc_flags -u $slapd_ownername"
fi
if [ -n "$slapd_groupname" ]; then
rc_flags="$rc_flags -g $slapd_groupname"
fi
;;
esac
}
# adjust ownership of created unix sockets
start_postcmd()
{
local socket seconds
for socket in $slapd_sockets; do
for seconds in 1 2 3 4 5; do
[ -e "$socket" ] && break
sleep 1
done
if [ -S "$socket" ]; then
case "$slapd_owner" in
""|[Nn][Oo][Nn][Ee]|[Dd][Ee][Ff][Aa][Uu][Ll][Tt])
;;
*)
chown "$slapd_owner" "$socket"
;;
esac
chmod "$slapd_sockets_mode" "$socket"
else
warn "slapd: Can't find socket $socket"
fi
done
}
# read settings, set defaults
load_rc_config $name
: ${slapd_enable="NO"}
if [ -n "${slapd_args+set}" ]; then
warn "slapd_args is deprecated, use slapd_flags"
: ${slapd_flags="$slapd_args"}
else
: ${slapd_flags=""}
fi
: ${slapd_owner="ldap:ldap"}
: ${slapd_sockets=""}
: ${slapd_sockets_mode="666"}
run_rc_command "$1"
----end slapd.sh----
Now, edit rc.conf to say to start slapd with what you want. Change the
path to your /var/run path. Note that slapd_flags is really one line with
a space between ldapi/ and ldap://
vi /etc/rc.conf
slapd_enable="YES"
slapd_flags='-h "ldapi://%2fusr%sflocal%2fopenldap23%2fvar%2frun%2fldapi/
ldap://0.0.0.0/"'
slapd_sockets="/usr/local/openldap23/var/run/ldapi"
Now, you can control slapd with /usr/local/etc/rc.d/slapd.sh start/stop
and it will be automatically started when you reboot with the startup
script.
Hope that is helpful
-Dusty Doris