ldap-server: Run backups as root and share them via sftp

roles/ldap-server/files/ldap-backup.sh

@@ -4,8 +4,8 @@ umask 027
 
 PATH="/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin"
 
-if [ "$(whoami)" != "ldap" ]; then
-    echo "ERR: Script needs to be run as ldap user" 1>&2
+if [ "$(whoami)" != "root" ]; then
+    echo "ERR: Script needs to be run as root user" 1>&2
     exit 1
 fi
 
@@ -18,12 +18,12 @@ ldapsearch -LLL -x -H ldapi:// -s base -b 'cn=Databases,cn=Monitor' \
     '(objectClass=*)' namingContexts | \
     sed -n 's/^namingContexts: \(.*\)/\1/p' | while read db ; do
         [ "${db}" = "cn=config" ] && continue
-        slapcat -f /etc/openldap/slapd.conf -b "${db}" 2> /dev/null | gzip > \
-            "${BACKUPDIR}/${db}.${DATE}.gz"
-        if [ $? -ne 0 ]; then
+        if ! slapcat -f /etc/openldap/slapd.conf -b "${db}" 2> /dev/null | \
+            gzip > "${BACKUPDIR}/${db}.${DATE}.gz" ; then
             echo "ERR: Failed to backup database ${db}" 1>&2
             continue
         fi
+	chgrp backup "${BACKUPDIR}/${db}.${DATE}.gz"
 done
 
 cd ${BACKUPDIR} && {