Changeset 1674 for branches/fc13-dev/server
- Timestamp:
- Sep 26, 2010, 3:23:31 PM (14 years ago)
- Location:
- branches/fc13-dev
- Files:
-
- 9 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/fc13-dev
- Property svn:mergeinfo changed
/trunk removed
- Property svn:mergeinfo changed
-
branches/fc13-dev/server/common/oursrc/execsys/execsys-binfmt
- Property svn:mergeinfo changed
/trunk/server/common/oursrc/execsys/execsys-binfmt removed
- Property svn:mergeinfo changed
-
branches/fc13-dev/server/common/oursrc/php_scripts/php_scripts-config.m4
- Property svn:mergeinfo changed
/trunk/server/common/oursrc/php_scripts/php_scripts-config.m4 removed
- Property svn:mergeinfo changed
-
branches/fc13-dev/server/doc/install-ldap
r1673 r1674 6 6 root# env NSS_NONLOCAL_IGNORE=1 useradd -r -d /var/lib/dirsrv fedora-ds 7 7 - root# yum install -y policycoreutils-python 8 - Temporarily move away the existing slapd-scripts folder9 root# mv /etc/dirsrv/slapd-scripts{,.bak}10 8 - root# /usr/sbin/setup-ds.pl 11 9 - Choose a typical install … … 16 14 - Input directory manager password 17 15 (this can be found in ~/.ldapvirc) 18 - Move the schema back 19 root# cp -R /etc/dirsrv/slapd-scripts.bak/{.svn,*} /etc/dirsrv/slapd-scripts 20 root# rm -Rf /etc/dirsrv/slapd-scripts.bak 16 [XXX: Got error: sh: semanage: command not found; turns out this is in 17 policycoreutils-python. Don't know if this will cause problems.] 21 18 - yum install ldapvi 22 19 - Check if dirsrv starts: /sbin/service dirsrv start 23 then turn it back off: service dirsrv stop24 20 - Apply the following configuration changes. If you're editing 25 21 dse.ldif, you don't want dirsrv to be on, otherwise it will … … 45 41 nsSaslMapFilterTemplate: (objectClass=posixAccount) 46 42 43 - /sbin/service dirsrv stop 44 - Add the scripts schemas to /var/lib/dirsrv/slapd-scripts [XXX: I don't 45 know how to do this, but placing them in /etc might be sufficient?] 47 46 - Put LDAP keytab (ldap/hostname.mit.edu) in /etc/dirsrv/keytab. Make 48 47 sure you chown/chgrp it to be readable by fedora-ds 49 48 - Uncomment and modify in /etc/sysconfig/dirsrv: KRB5_KTNAME=/etc/dirsrv/keytab ; export KRB5_KTNAME 49 - mkdir -p /var/run/dirsrv 50 50 - chown fedora-ds:fedora-ds /var/run/dirsrv 51 51 - chmod 755 /var/run/dirsrv 52 - /sbin/service dirsrv start53 - Use ldapvi -b cn=config to add these indexes (8 of them):52 - /sbin/service dirsrv restart 53 - Use ldapvi -b cn=config to add these indexes: 54 54 55 55 add cn=apacheServerName, cn=index, cn=userRoot, cn=ldbm database, cn=plugins, cn=config … … 191 191 nsDS5ReplicaBindDN: uid=ldap/whole-enchilada.mit.edu,ou=People,dc=scripts,dc=mit,dc=edu 192 192 nsDS5ReplicaBindDN: uid=ldap/real-mccoy.mit.edu,ou=People,dc=scripts,dc=mit,dc=edu 193 nsDS5ReplicaBindDN: uid=ldap/better-mousetrap.mit.edu,ou=People,dc=scripts,dc=mit,dc=edu194 nsDS5ReplicaBindDN: uid=ldap/old-faithful.mit.edu,ou=People,dc=scripts,dc=mit,dc=edu195 193 # ADD SERVERS HERE AS YOU ADD NEW SERVERS 196 194 nsds5ReplicaPurgeDelay: 604800 … … 202 200 weren't we going to replicate from only one server? That is 203 201 correct, however, simply binding won't mean we will receive 204 updates; we have to setup the $MASTER to send data $S LAVE.202 updates; we have to setup the $MASTER to send data $SALVE. 205 203 206 204 3. Although we allowed those uids to bind, that user information … … 242 240 nsDS5ReplicaTimeout: 120 243 241 244 4. Reboot the server `service dirsrv restart`, then run the 245 replication. (Don't fold this into the previous step! You might 246 nuke your database!) 242 4. Run the replication. (you could fold this into the previous step) 247 243 248 244 # under cn="GSSAPI Replication to $SLAVE", cn=replica, cn="dc=scripts,dc=mit,dc=edu", cn=mapping tree, cn=config -
branches/fc13-dev/server/fedora/config/etc/hosts
r1673 r1674 10 10 18.181.0.229 scripts-test.mit.edu scripts-test 11 11 12 18.181.0.53 old-faithful.mit.edu old-faithful scripts2.mit.edu scripts2 12 13 18.181.0.57 better-mousetrap.mit.edu better-mousetrap scripts1.mit.edu scripts1 13 18.181.0.53 old-faithful.mit.edu old-faithful scripts2.mit.edu scripts214 14 18.181.0.167 bees-knees.mit.edu bees-knees sx-blade-4.mit.edu sx-blade-4 scripts3.mit.edu scripts3 15 15 18.181.0.228 cats-whiskers.mit.edu cats-whiskers scripts4.mit.edu scripts4 16 18.181.0.236 whole-enchilada.mit.edu whole-enchilada scripts5.mit.edu scripts517 16 18.181.0.237 pancake-bunny.mit.edu pancake-bunny scripts6.mit.edu scripts6 18 17 18.181.0.234 busy-beaver.mit.edu busy-beaver scripts7.mit.edu scripts7 19 18 18.181.0.235 real-mccoy.mit.edu real-mccoy scripts8.mit.edu scripts8 20 19 20 172.21.0.53 old-faithful.mit.edu 21 21 172.21.0.57 better-mousetrap.mit.edu 22 172.21.0.53 old-faithful.mit.edu23 22 172.21.0.167 bees-knees.mit.edu 24 23 172.21.0.228 cats-whiskers.mit.edu 25 172.21.0.236 whole-enchilada.mit.edu26 24 172.21.0.237 pancake-bunny.mit.edu 27 25 172.21.0.234 busy-beaver.mit.edu -
branches/fc13-dev/server/fedora/config/etc/nagios/check_ldap_mmr.real
r1673 r1674 6 6 use Net::LDAP; 7 7 use strict; 8 9 my $nl = $ENV{'USE_NEWLINES'} ? "\n" : "";10 my $tab = $ENV{'USE_NEWLINES'} ? " " : "";11 8 12 9 # Nagios codes … … 28 25 my $replicaErrors = 0; 29 26 my $conflictErrors = 0; 30 my $errorstring = "Replication error(s): $nl";27 my $errorstring = "Replication error(s): "; 31 28 foreach my $entr ( @entries ) { 32 29 my $servername=$entr->get_value($server); … … 38 35 $serverlaststart =~ s/(....)(..)(..)(..)(..)(..)./$1-$2-$3\ $4:$5:$6/; 39 36 $serverlastend =~ s/(....)(..)(..)(..)(..)(..)./$1-$2-$3\ $4:$5:$6/; 40 print "Replication to $servername last operation $serverlaststart $nl";41 print $tab . "Status: $serverstatus. $nl";37 print "Replication to $servername last operation $serverlaststart "; 38 print "Status: $serverstatus. "; 42 39 if ($statuscode) { 43 40 $replicaErrors++; … … 45 42 } 46 43 } 47 print "$nl";48 44 49 45 $result=LDAPSearch($ldap,"nsds5ReplConflict=*",["nsds5ReplConflict"],$replicatedBase); … … 52 48 my $conflictingDN=$entr->dn(); 53 49 my $conflictDesc=$entr->get_value("nsds5ReplConflict"); 54 print "Conflict found for DN $conflictingDN $nl";55 print $tab . "Reason: $conflictDesc. $nl";50 print "Conflict found for DN $conflictingDN "; 51 print "Reason: $conflictDesc. "; 56 52 $conflictErrors++; 57 53 $errorstring = $errorstring . $conflictDesc . ", "; 58 54 } 59 print "$nl";60 55 61 56 if ($conflictErrors > 0) { -
branches/fc13-dev/server/fedora/config/etc/sudoers
r1673 r1674 56 56 Defaults env_keep += "LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE" 57 57 Defaults env_keep += "LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY" 58 Defaults env_keep += "USE_NEWLINES"59 58 60 59 ## Next comes the main part: which users can run what software on -
branches/fc13-dev/server/fedora/config/etc/sysconfig/network-scripts/route-eth1
r1673 r1674 2 2 18.181.0.56 via 172.21.0.56 3 3 18.181.0.52 via 172.21.0.52 4 18.181.0.53 via 172.21.0.53 4 5 18.181.0.57 via 172.21.0.57 5 18.181.0.53 via 172.21.0.536 6 18.181.0.167 via 172.21.0.167 7 7 18.181.0.228 via 172.21.0.228 8 18.181.0.236 via 172.21.0.2369 18.181.0.237 via 172.21.0.23710 8 18.181.0.234 via 172.21.0.234 11 9 18.181.0.235 via 172.21.0.235 10 18.181.0.237 via 172.21.0.237 -
branches/fc13-dev/server/fedora/config/etc/syslog-ng/d_zroot.pl
r1673 r1674 101 101 } elsif ($message =~ m|^Postponed keyboard-interactive|) { 102 102 } elsif ($message =~ m|^Failed keyboard-interactive/pam|) { 103 } elsif ($message =~ m|^Did not receive identification string from|) {104 103 } elsif ($message =~ m|^fatal: Read from socket failed: Connection reset by peer$|) { 105 104 } elsif ($message =~ m|^reverse mapping checking getaddrinfo|) {
Note: See TracChangeset
for help on using the changeset viewer.