Changeset 1294


Ignore:
Timestamp:
Aug 10, 2009, 8:54:28 PM (15 years ago)
Author:
mitchb
Message:
We got nss-ldapd into Fedora!  Stop building it from OpenSuSE.
Location:
trunk/server
Files:
2 deleted
3 edited

Legend:

Unmodified
Added
Removed

  • trunk/server/doc/install-howto.sh

    r1259 r1294  
    8686    service named start
    8787    chkconfig named on
    88 
    89 # XXX: This sometimes doesn't exist, but it really sucks if it
    90 # does exist. So check for it.
    91 # yum remove nss_ldap, because nss-ldapd conflicts with it
    9288
    9389# In the case of the Kerberos libraries, you'll be told that

  • trunk/server/fedora/Makefile

    r1289 r1294  
    2121upstream_yum    = krb5 httpd openssh php
    2222upstream        = openafs $(upstream_yum)
    23 oursrc          = execsys tokensys accountadm httpdmods logview sql-signup nss_nonlocal nss_nonlocal.i586 whoisd mit-zephyr nss-ldapd nss-ldapd.i586 athrun php_scripts scripts-base
     23oursrc          = execsys tokensys accountadm httpdmods logview sql-signup nss_nonlocal nss_nonlocal.i586 whoisd mit-zephyr athrun php_scripts scripts-base
    2424allsrc          = $(upstream) $(oursrc)
    2525oursrcdir       = ${PWD}/../common/oursrc
     
    3939server_arch     = "fedora.stable"
    4040openafs_url     = "http://dl.openafs.org/dl/openafs/1.4.11/openafs-1.4.11-1.1.1.src.rpm"
    41 nss_ldapd_url   = "http://download.opensuse.org/repositories/network:/ldap/openSUSE_Factory/src/nss-ldapd-0.6.10-6.5.src.rpm"
    4241
    4342.PHONY: minimal-clean
     
    6463        #wget -qO- -nv $(server_url)/$(server_arch) | xargs make
    6564        cd $(dload) && yumdownloader --source $(upstream_yum)
    66         wget -P $(dload) $(nss_ldapd_url)
    6765        wget -P $(dload) $(openafs_url)
    6866        touch download_stamp

  • trunk/server/fedora/config/etc/nss-ldapd.conf

    r910 r1294  
    66
    77# The uri pointing to the LDAP server to use for name lookups.
    8 # Mulitple entries may be specified. The address that is used
     8# Multiple entries may be specified. The address that is used
    99# here should be resolvable without using LDAP (obviously).
    1010#uri ldap://127.0.0.1/
     
    1212#uri ldapi://%2fvar%2frun%2fldapi_sock/
    1313# Note: %2f encodes the '/' used as directory separator
    14 uri ldapi://%2fvar%2frun%2fdirsrv%2fslapd-scripts.socket/
     14# uri ldap://127.0.0.1/
    1515
    1616# The LDAP version to use (defaults to 3
     
    1919
    2020# The distinguished name of the search base.
    21 base dc=scripts,dc=mit,dc=edu
     21# base dc=example,dc=com
    2222
    2323# The distinguished name to bind to the server with.
    2424# Optional: default is to bind anonymously.
    25 #binddn cn=proxyuser,dc=padl,dc=com
     25#binddn cn=proxyuser,dc=example,dc=com
    2626
    2727# The credentials to bind with.
    2828# Optional: default is no credentials.
     29# Note that if you set a bindpw you should check the permissions of this file.
    2930#bindpw secret
    3031
     
    3536
    3637# Customize certain database lookups.
    37 base   group  ou=Groups,dc=scripts,dc=mit,dc=edu
    38 base   passwd ou=People,dc=scripts,dc=mit,dc=edu
    39 #base   shadow ou=People,dc=example,dc=net
     38#base   group  ou=Groups,dc=example,dc=com
     39#base   passwd ou=People,dc=example,dc=com
     40#base   shadow ou=People,dc=example,dc=com
    4041#scope  group  onelevel
    4142#scope  hosts  sub
    4243
    4344# Bind/connect timelimit.
    44 bind_timelimit 120
     45#bind_timelimit 30
    4546
    4647# Search timelimit.
    47 timelimit 120
     48#timelimit 30
    4849
    4950# Idle timelimit. nslcd will close connections if the
    5051# server has not been contacted for the number of seconds.
    51 idle_timelimit 3600
     52#idle_timelimit 3600
    5253
    53 # Netscape SDK LDAPS
    54 #ssl on
    55 
    56 # Netscape SDK SSL options
    57 #sslpath /etc/ssl/certs
    58 
    59 # OpenLDAP SSL mechanism
    60 # start_tls mechanism uses the normal LDAP port, LDAPS typically 636
     54# Use StartTLS without verifying the server certificate.
    6155#ssl start_tls
    62 #ssl on
    63 
    64 # OpenLDAP SSL options
    65 # Require and verify server certificate (yes/no)
    66 # Default is to use libldap's default behavior, which can be configured in
    67 # /etc/openldap/ldap.conf using the TLS_REQCERT setting.  The default for
    68 # OpenLDAP 2.0 and earlier is "no", for 2.1 and later is "yes".
    69 #tls_checkpeer yes
     56#tls_reqcert never
    7057
    7158# CA certificates for server certificate verification
    72 # At least one of these are required if tls_checkpeer is "yes"
    7359#tls_cacertdir /etc/ssl/certs
    7460#tls_cacertfile /etc/ssl/ca.cert
     
    137123#map    group  uniqueMember     member
    138124#map    group  gidNumber        gid
     125uid nslcd
     126gid ldap
     127# This comment prevents repeated auto-migration of settings from /etc/ldap.conf.
     128uri ldapi://%2fvar%2frun%2fdirsrv%2fslapd-scripts.socket/
     129base dc=scripts,dc=mit,dc=edu
     130timelimit 120
     131bind_timelimit 120
     132idle_timelimit 3600
     133base   group  ou=Groups,dc=scripts,dc=mit,dc=edu
     134base   passwd ou=People,dc=scripts,dc=mit,dc=edu
Note: See TracChangeset for help on using the changeset viewer.