ldap: Fix ldap server on CentOS 7

2015-09-12 01:00:52 +03:00 · 2015-09-12 01:00:52 +03:00 · 0f5bb01b48
commit 0f5bb01b48
parent 0a387884fd
2 changed files with 30 additions and 5 deletions
--- a/ldap/manifests/init.pp
+++ b/ldap/manifests/init.pp
@ -396,12 +396,12 @@ class ldap::server {
            $user = "ldap"
            $group = "ldap"
            $package_name = $::operatingsystemrelease ? {
-                /^5/ => [ "openldap-servers", "openldap-servers-overlays" ],
-                /^6/ => "openldap-servers",
+                /^5/    => [ "openldap-servers", "openldap-servers-overlays" ],
+                default => "openldap-servers",
            }
            $service_name = $::operatingsystemrelease ? {
-                /^5/ => "ldap",
-                /^6/ => "slapd",
+                /^5/    => "ldap",
+                default => "slapd",
            }
            $config = "/etc/openldap"
            $modulepath = $architecture ? {
@ -473,7 +473,17 @@ class ldap::server {

    case $::operatingsystem {
        "centos","redhat": {
-            if $::operatinsystemrelease !~ /^5\./ {
+            if versioncmp($::operatingsystemrelease, "7") > 0 {
+                file { "/etc/sysconfig/slapd":
+                    ensure  => present,
+                    content => template("ldap/slapd.sysconfig.erb"),
+                    mode    => "0644",
+                    owner   => "root",
+                    group   => "root",
+                    notify  => Exec["slaptest"],
+                    require => Package["openldap-server"],
+                }
+            } elsif versioncmp($::operatingsystemrelease, "6") > 0 {
                file { "/etc/sysconfig/ldap":
                    ensure  => present,
                    content => template("ldap/ldap.sysconfig.erb"),
--- a/ldap/templates/slapd.sysconfig.erb
+++ b/ldap/templates/slapd.sysconfig.erb
@ -0,0 +1,15 @@
+# OpenLDAP server configuration
+# see 'man slapd' for additional information
+
+# Where the server will run (-h option)
+# - ldapi:/// is required for on-the-fly configuration using client tools
+#   (use SASL with EXTERNAL mechanism for authentication)
+# - default: ldapi:/// ldap:///
+# - example: ldapi:/// ldap://127.0.0.1/ ldap://10.0.0.1:1389/ ldaps:///
+SLAPD_URLS="ldapi:/// ldap:/// ldaps:///"
+
+# Any custom options
+SLAPD_OPTIONS="-f /etc/openldap/slapd.conf<% if @ipv6enabled == 'false' %> -4<% end %>"
+
+# Keytab location for GSSAPI Kerberos authentication
+KRB5_KTNAME="FILE:/etc/openldap/ldap.keytab"