debian-edu-config 1.702 / etc / cfengine / debian-edu / cf.ldapserver

This file is indexed.

/etc/cfengine/debian-edu/cf.ldapserver is in debian-edu-config 1.702.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
#
# Configure LDAP server and communication with the LDAP server
#
links:

  debian.server.installation::
    /etc/ldap/slapd.conf ->! /etc/ldap/slapd-squeeze_debian-edu.conf

editfiles:
  debian.server.installation::
    { /etc/default/slapd
        BeginGroupIfNoSuchLine 'SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"'
           HashCommentLinesStarting "SLAPD_SERVICES"
           LocateLineMatching '# SLAPD_SERVICES=.*'
           InsertLine 'SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"'
        EndGroup

        BeginGroupIfNoSuchLine 'KRB5_KTNAME=/etc/krb5.keytab.ldap; export KRB5_KTNAME'
           HashCommentLinesStarting "KRB5_KTNAME="
           HashCommentLinesStarting "export KRB5_KTNAME"
           LocateLineMatching '#.*export KRB5_KTNAME=.*'
           InsertLine 'KRB5_KTNAME=/etc/krb5.keytab.ldap; export KRB5_KTNAME'
        EndGroup

        BeginGroupIfNoSuchLine 'SLAPD_OPTIONS="-4"'
           HashCommentLinesStarting "SLAPD_OPTIONS"
           LocateLineMatching '# SLAPD_OPTIONS=.*'
           InsertLine 'SLAPD_OPTIONS="-4"'
        EndGroup

        # Multiply LDAP server limit by 8 from 1024 to 32768 to handle
        # more clients.  With a limit on 1024, less then 150 clients can
        # can connect.
        AppendIfNoSuchLine 'ulimit -n 32768'
    }

directories:
  debian.server::
        /var/run/slapd mode=755 owner=openldap group=openldap  

files:
  debian.server::
        /var/lib/ldap r=2 owner=openldap group=openldap act=fixall
        /etc/ldap/ssl r=2 owner=openldap group=openldap act=fixall

shellcommands:
  debian.server.installation.thirdpass::
    # Generating TLS certificates
    "/usr/bin/mkslapdcert"
    # Setting correct permisions to run ldap as the user openldap 
    # need to run them here, since shellscripts is after files
    "/bin/chown openldap\:openldap /etc/ldap/ssl"
    "/bin/chown openldap\:openldap /etc/ldap/ssl/slapd-cert.cnf"
    # Need load the initial LDAP database, using the new slapd.conf.
    # The Kerberos KDC is set up within this script too.  Need to
    # run after the apache ssl certs are copied to /etc/skel/ to
    # make sure the new LDAP user have the certificate overrides.
    "/usr/bin/ldap-debian-edu-install"

APT Browse - Built by Thomas Orozco.