Factorize the actual slapd regeneration

2024-09-03 20:06:10 +02:00 · 2020-05-27 21:53:21 +02:00 · 2020-05-27 21:53:21 +02:00 · 2bbff1d264
commit 2bbff1d264
parent a179e9107a
1 changed files with 14 additions and 22 deletions
--- a/data/hooks/conf_regen/06-slapd
+++ b/data/hooks/conf_regen/06-slapd
@ -13,6 +13,18 @@ do_init_regen() {
  do_pre_regen ""

  systemctl daemon-reload
+  
+  _regenerate_slapd_conf
+
+   # Enforce permissions
+  chown root:openldap /etc/ldap/slapd.ldif
+  chown -R openldap:openldap /etc/ldap/schema/
+  usermod -aG ssl-cert openldap
+
+  service slapd restart
+}
+
+_regenerate_slapd_conf() {

  # Validate the new slapd config
  # To do so, we have to use the .ldif to generate the config directory
@ -28,13 +40,7 @@ do_init_regen() {
  rm -Rf /etc/ldap/slapd.d
  mv /etc/ldap/slapd_new.d /etc/ldap/slapd.d

-  # Enforce permissions
-  chown root:openldap /etc/ldap/slapd.ldif
-  chown -R openldap:openldap /etc/ldap/schema/
  chown -R openldap:openldap /etc/ldap/slapd.d/
-  usermod -aG ssl-cert openldap
-
-  service slapd restart
 }

 do_pre_regen() {
@ -49,8 +55,7 @@ do_pre_regen() {
     [ $curr_backend != 'mdb' ]; then
    backup_dir="/var/backups/dc=yunohost,dc=org-${curr_backend}-$(date +%s)"
    mkdir -p "$backup_dir"
-    slapcat -b dc=yunohost,dc=org \
-      -l "${backup_dir}/dc=yunohost-dc=org.ldif"
+    slapcat -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif"
    echo "$backup_dir" > "$tmp_backup_dir_file"
  fi

@ -101,20 +106,7 @@ do_post_regen() {

  # regenerate LDAP config directory from slapd.conf
  echo "Regenerate LDAP config directory from slapd.ldif"
-
-  # Validate the new slapd config
-  # To do so, we have to use the .ldif to generate the config directory
-  # so we use a temporary directory slapd_new.d
-  rm -Rf /etc/ldap/slapd_new.d
-  mkdir /etc/ldap/slapd_new.d
-  slapadd -n0 -l /etc/ldap/slapd.ldif -F /etc/ldap/slapd_new.d/ 2>&1
-  # Actual validation (-Q is for quiet, -u is for dry-run)
-  slaptest -Q -u -F /etc/ldap/slapd_new.d
-
-  # Move to the new config
-  rm -Rf /etc/ldap/slapd.d
-  mv /etc/ldap/slapd_new.d /etc/ldap/slapd.d
-  chown -R openldap:openldap /etc/ldap/slapd.d/
+  _regenerate_slapd_conf

  if [[ -n "$backup_dir" && -f "${backup_dir}/dc=yunohost-dc=org.ldif" ]]; then
      # regenerate LDAP config directory and import database as root